CN109474713A - Message forwarding method and device - Google Patents
Message forwarding method and device Download PDFInfo
- Publication number
- CN109474713A CN109474713A CN201811343854.4A CN201811343854A CN109474713A CN 109474713 A CN109474713 A CN 109474713A CN 201811343854 A CN201811343854 A CN 201811343854A CN 109474713 A CN109474713 A CN 109474713A
- Authority
- CN
- China
- Prior art keywords
- forwarding
- message
- request message
- address
- server
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements, protocols or services for addressing or naming
- H04L61/09—Mapping addresses
- H04L61/25—Mapping addresses of the same type
- H04L61/2503—Translation of Internet protocol [IP] addresses
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
- H04L45/74—Address processing for routing
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L49/00—Packet switching elements
- H04L49/10—Packet switching elements characterised by the switching fabric construction
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L49/00—Packet switching elements
- H04L49/35—Switches specially adapted for specific applications
- H04L49/354—Switches specially adapted for specific applications for supporting virtual local area networks [VLAN]
Abstract
The application provides a kind of message forwarding method and device, is applied to forwarding device, the forwarding device includes multiple forwarding processes, which comprises is based on each forwarding process, receives the request message that client is sent respectively;Wherein, the purpose IP address of the request message is the corresponding virtual ip address of the forwarding process;Based on the purpose IP address of the request message, the corresponding VRF mark of the request message is determined;Corresponding forwarding-table item is identified based on the VRF, network address translation is carried out to the request message;Based on the forwarding process, the request message after conversion is transmitted to server-side, so that the server-side returns to the corresponding response message of request message after the conversion;Wherein, the IP address of the server-side is the purpose IP address of the request message after the conversion.Technical scheme can be to avoid unnecessary hardware resource consumption, while message forward efficiency can be improved.
Description
Technical field
This application involves field of communication technology more particularly to a kind of message forwarding methods and device.
Background technique
SLB (Server Load Balancing, server-side load balancing) is a kind of to be designed for cloud computing platform
Network Load Balance Technology.In practical applications, client can based on SLB equipment VIP (Virtual IP Address,
Virtual ip address) access request is sent to SLB equipment, then by SLB equipment based on certain forwarding strategy, by the visit of client
Ask that request is transmitted to the corresponding business processing of server-side progress of rear end.As type of business gradually increases, business complexity
It is continuously improved, it may be necessary to create different users for different business.In this case, how to processing different user
The network of business be isolated, become urgent problem to be solved.
Summary of the invention
In view of this, the application provides a kind of message forwarding method and device.Specifically, the application is by following technology
What scheme was realized:
In a first aspect, the application provides a kind of message forwarding method, the method is applied to forwarding device, and the forwarding is set
Standby includes multiple forwarding processes, which comprises
Based on each forwarding process, the request message that client is sent is received respectively;Wherein, the purpose of the request message
IP address is the corresponding virtual ip address of the forwarding process;
Based on the purpose IP address of the request message, the corresponding VRF mark of the request message is determined;
Corresponding forwarding-table item is identified based on the VRF, network address translation is carried out to the request message;
Based on the forwarding process, the request message after conversion is transmitted to server-side, so that the server-side returns to institute
The corresponding response message of request message after stating conversion;Wherein, the IP address of the server-side is the request report after the conversion
The purpose IP address of text.
Second aspect, the application provide a kind of apparatus for forwarding message, and described device is applied to forwarding device, and the forwarding is set
Standby includes multiple forwarding processes, and described device includes:
First receiving module receives the request message that client is sent for being based on each forwarding process respectively;Wherein,
The purpose IP address of the request message is the corresponding virtual ip address of the forwarding process;
Determining module determines the corresponding VRF mark of the request message for the purpose IP address based on the request message
Know;
First conversion module carries out network to the request message for identifying corresponding forwarding-table item based on the VRF
Address conversion;
First forwarding module, for based on the forwarding process, the request message after conversion to be transmitted to server-side, so that
The server-side returns to the corresponding response message of request message after the conversion;Wherein, the IP address of the server-side is institute
The purpose IP address of request message after stating conversion.
In the above-mentioned technical solutions, it is no longer necessary to create multiple virtual units in forwarding device, and can be based on turning
Multiple forwarding processes in equipment are sent out, are realized to the data isolation between different users.Due to do not need for it is each forward into
Journey distributes the hardware resources such as CPU and memory, therefore can be to avoid unnecessary hardware resource consumption, while message can be improved and turn
Send out efficiency.
Detailed description of the invention
Fig. 1 is a kind of schematic diagram of message forwarding system in the related technology;
Fig. 2 is a kind of schematic diagram of message forwarding system shown in one exemplary embodiment of the application;
Fig. 3 is a kind of flow chart of message forwarding method shown in one exemplary embodiment of the application;
Fig. 4 is a kind of hardware structure diagram of apparatus for forwarding message place equipment shown in one exemplary embodiment of the application;
Fig. 5 is a kind of block diagram of apparatus for forwarding message shown in one exemplary embodiment of the application.
Specific embodiment
Example embodiments are described in detail here, and the example is illustrated in the accompanying drawings.Following description is related to
When attached drawing, unless otherwise indicated, the same numbers in different drawings indicate the same or similar elements.Following exemplary embodiment
Described in embodiment do not represent all embodiments consistent with the application.On the contrary, they be only with it is such as appended
The example of the consistent device and method of some aspects be described in detail in claims, the application.
It is only to be not intended to be limiting the application merely for for the purpose of describing particular embodiments in term used in this application.
It is also intended in the application and the "an" of singular used in the attached claims, " described " and "the" including majority
Form, unless the context clearly indicates other meaning.It is also understood that term "and/or" used herein refers to and wraps
It may be combined containing one or more associated any or all of project listed.
It will be appreciated that though various information, but this may be described using term first, second, third, etc. in the application
A little information should not necessarily be limited by these terms.These terms are only used to for same type of information being distinguished from each other out.For example, not departing from
In the case where the application range, the first information can also be referred to as the second information, and similarly, the second information can also be referred to as
One information.Depending on context, word as used in this " if " can be construed to " ... when " or " when ...
When " or " in response to determination ".
Referring to FIG. 1, Fig. 1 is a kind of schematic diagram of message forwarding system in the related technology.As shown in Figure 1, actually answering
In, since server-side is typically deployed in private network, and client is then typically deployed in public network, and in order to guarantee business datum
Safety, be generally not allowed client directly to be communicated with server-side, thus usually can client and server-side it
Between dispose forwarding device, thus allow client by forwarding device access server-side, obtain server-side in business datum.
In the related technology, different users would generally use different clients, in this case, in order to guarantee difference
User between data isolation, multiple virtual units can be created in forwarding device, and configure for different virtual units
Different virtual ip address, the virtual ip address are private network IP address.Gateway can be disposed between forwarding device and client to set
Standby, the same client used by a user by gateway and can be somebody's turn to do based on the virtual ip address of some virtual unit
Virtual unit is communicated.
On the other hand, the server-side which can be needed to access, is added with the virtual unit
To the same VLAN (Virtual Local Area Network, virtual LAN) or VXLAN (Virtual Extensible
LAN, virtual extended local area network) in, thus the server-side for making the client used by a user need to access, with the virtual unit
It can be communicated in the VLAN or VXLAN.In this way, the service for needing to access due to different client used by a user
End can guarantee the data isolation between different users in different VLAN or VXLAN.
When creating virtual unit in forwarding device, need to distribute CPU (Central for each virtual unit of creation
Processing Unit, central processing unit) and the hardware resources such as memory.However, if the hardware resource size of distribution does not conform to
Reason, then will affect message forward efficiency, it is also possible to will lead to unnecessary hardware resource consumption.
To solve the above-mentioned problems, the application provides a kind of message forwarding method and device, to improve message forward efficiency,
Hardware resource consumption is reduced simultaneously.
Referring to FIG. 2, Fig. 2 is a kind of schematic diagram of message forwarding system shown in one exemplary embodiment of the application.Such as
Shown in Fig. 2, multiple forwarding processes can be run in the message forwarding system, in forwarding device, and can be different forwardings
Process configures different virtual ip address.Wherein, one section of program generation that forwarding process can be for realizing message forwarding capability
Code;The same forwarding process can be used for the message sent to the same client used by a user, or be sent to the use
The message of client used in family is forwarded, i.e., the same client used by a user can by it is same forward into
Journey accesses server-side.
It should be noted that the virtual ip address for the configuration of forwarding process can be public network IP address, the use same in this way
Client used in family can directly be communicated with the virtual unit based on the virtual ip address of some virtual unit.Or
Person, the virtual ip address for the configuration of forwarding process are also possible to private network IP address, the client used by a user same in this way
It can be communicated by gateway with the virtual unit based on the virtual ip address of some virtual unit.
It on the other hand, can be the virtual ip address of the corresponding forwarding process of the client used by a user, creation pair
The VRF (Virtual Routing Forwarding, VPN route forwarding table) answered, and configure one for the forwarding process and be used for
The private network IP address communicated with server-side.It should be noted that all forwarding processes run on forwarding device can make
It is communicated with an identical private network IP address from different server-sides, or different private network IP can also be used respectively
Address is communicated from different server-sides, the application to this with no restriction.It is subsequent, it can by the private network IP of configuration
Location and the client used by a user need the IP address of the server-side accessed to be added in the VRF, i.e., by the forwarding into
Journey and the client used by a user need the server-side accessed to be added in the same VRF.
Referring to FIG. 3, Fig. 3 is a kind of flow chart of message forwarding method shown in one exemplary embodiment of the application.It should
Method can be applied to forwarding device shown in Fig. 2, include the following steps:
Step 301: being based on each forwarding process, receive the request message that client is sent respectively;Wherein, the request report
The purpose IP address of text is the corresponding virtual ip address of the forwarding process.
Step 302: the purpose IP address based on the request message determines the corresponding VRF mark of the request message.
Step 303: corresponding forwarding-table item being identified based on the VRF, network address translation is carried out to the request message.
Step 304: being based on the forwarding process, the request message after conversion is transmitted to server-side, so that the service
End returns to the corresponding response message of request message after the conversion;Wherein, the IP address of the server-side is after the conversion
Request message purpose IP address.
In the present embodiment, for the same client used by a user, which can be set by forwarding
The same forwarding process of standby middle operation accesses server-side.
Specifically, which can send request message, and the source IP address of the request message is the IP of the client
Location, the purpose IP address of the request message are then that (as the forwarding process configures the corresponding virtual ip address of forwarding process
Virtual ip address).
Forwarding device can be based on the forwarding process, receive the request message of client transmission.
After receiving the request message, forwarding device can be first based on the purpose IP address of the request message, and determining should
The corresponding VRF mark of request message.Wherein, a VRF mark can be used for characterizing a unique VRF, i.e. forwarding device can
To be based on the corresponding virtual ip address of forwarding process, it is determined as the VRF of virtual ip address creation.
After the corresponding VRF mark of the request message has been determined, forwarding device can identify corresponding forwarding based on the VRF
List item (i.e. the VRF of VRF mark characterization), carries out network address translation (Network Address to the request message
Translation, NAT).Specifically, forwarding device the source IP address of the request message can be converted to the forwarding process with
The IP address used when server-side is communicated, and the purpose IP address of the request message is converted into the client and needs to access
Server-side IP address.
In a kind of embodiment shown, forwarding device can be SLB equipment, or be integrated with the net of SLB function
Network equipment.
In this case, forwarding device can be marked after determining the corresponding VRF mark of the request message based on the VRF
Know corresponding forwarding-table item, determines the IP address of the accessible server-side of the client.On the other hand, forwarding device can be with base
In preset load balancing, a server-side is selected from these server-sides, and by the purpose IP address of the request message
Be converted to the IP address of the server-side of selection.Wherein, load balancing can be preset by user.For example, turn
Hair equipment can select the smallest server-side of present load from these server-sides, and the purpose IP address of the request message is turned
It is changed to the IP address of the smallest server-side of present load.
In addition, forwarding device, which is also based on the VRF, identifies corresponding forwarding-table item, the outgoing interface of the request message is determined
Equal forwarding informations.After completing to the network address translation of the request message, forwarding device can be based on the forwarding process, and
The determining forwarding information, the request message after conversion is transmitted to corresponding server-side, and (i.e. IP address is the request message
The server-side of purpose IP address).
The server-side can carry out phase based on the request message after the conversion when receiving the request message after the conversion
The business processing answered, and the business datum obtained based on processing constructs response message.Subsequent, which can report the response
Text returns to the client for sending the request message, to make the business datum in the available server-side of the client.
It should be noted that the server-side can be constructed when the business datum obtained based on processing constructs response message
Source IP address is the IP address of the server-side, purpose IP address is the IP that uses when the forwarding process is communicated with server-side
The response message of location, and return to the response message.
Similarly, forwarding device can be based on the forwarding process, receive the response message of server-side return.
In practical applications, forwarding process can be by establishing connection between socket and server-side, i.e. forwarding device can
With the socket based on forwarding process, the request message after the conversion is transmitted to corresponding server-side, and receive server-side and return
The response message returned.In such a case, it is possible to which respectively each forwarding process setting is corresponding for characterizing the forwarding process
The attribute information of VRF, i.e. forwarding device receive the response message of server-side return in the socket based on some forwarding process
When, the corresponding VRF of the response message can be determined based on the attribute information of the socket of the forwarding process.
After receiving the response message, forwarding device can first forwarding informations such as incoming interface based on the response message,
It determines the corresponding VRF mark of the response message, may thereby determine that the VRF identifies corresponding forwarding-table item.It is subsequent, forwarding device
It can be based on the forwarding-table item, reversed network address translation is carried out to the response message.Specifically, forwarding device can should
The source IP address of response message is converted to the corresponding virtual ip address of forwarding process, and by the purpose IP address of the response message
Be converted to the IP address for sending the client of the request message.
After completing to the reversed network address translation of the response message, forwarding device can be based on the forwarding process,
Response message after conversion is transmitted to the client (the i.e. IP address destination IP that is the response message for sending the request message
The client of address).
In practical applications, for server-side, the same client used by a user can be needed to access
Server-side is added in the same VXLAN.In this case, forwarding device can be needed with the client used by a user
The server-side of access is communicated in the VXLAN.In this way, the IP address of the server-side in different VXLAN can be it is identical
's.
Specifically, after the corresponding VRF mark of the request message has been determined, forwarding device can be based on VRF mark pair
The forwarding-table item answered carries out network address translation to the request message.On the other hand, forwarding device can be based on the forwarding table
, determine the corresponding VXLAN mark of the request message.Wherein, a VXLAN mark can be used for characterizing unique one
VXLAN, i.e. forwarding device can be determined where the server-side for the purpose IP address that IP address is the request message after conversion
The request message is forwarded in VXLAN (i.e. the VXLAN of VXLAN mark characterization).
Subsequent, forwarding device can be identified based on the VXLAN, and the request message after conversion is encapsulated as VXLAN message.This
Outside, forwarding device is also based on the VRF and identifies corresponding forwarding-table item, determines that the forwardings such as the outgoing interface of the request message are believed
Breath, therefore forwarding device can be based on the forwarding process, and the forwarding information determined, which is transmitted to this
Corresponding server-side in the VXLAN of VXLAN mark characterization.
The server-side can first parse the VXLAN message, when receiving the VXLAN message to obtain the visitor
The request message that family end is sent.Subsequent, which can carry out corresponding business processing based on the request message, and be based on
Handle obtained business datum construction response message.The response message can be encapsulated as VXLAN message by the server-side, and be returned
The VXLAN message.
Similarly, forwarding device can be based on the forwarding process, receive the VXLAN message of server-side return.
After receiving the VXLAN message, forwarding device can first be parsed the VXLAN message, to obtain the clothes
The response message that business end returns.It is subsequent, forwarding device can the forwarding informations such as incoming interface first based on the VXLAN message, really
Determine the corresponding VRF mark of the VXLAN message, may thereby determine that the VRF identifies corresponding forwarding-table item, then be based on the forwarding table
, reversed network address translation is carried out to the response message.
After completing to the reversed network address translation of the response message, forwarding device can be based on the forwarding process,
Response message after conversion is transmitted to the client for sending the request message.
In the above-mentioned technical solutions, it is no longer necessary to create multiple virtual units in forwarding device, and can be based on turning
Multiple forwarding processes in equipment are sent out, are realized to the data isolation between different users.Due to do not need for it is each forward into
Journey distributes the hardware resources such as CPU and memory, therefore can be to avoid unnecessary hardware resource consumption, while message can be improved and turn
Send out efficiency.
Above-mentioned technical proposal is illustrated below.
With continued reference to FIG. 2, assuming in message forwarding system shown in Fig. 2, the IP of client 1 used in user 1
Address is 22.23.1.1, and the IP address of client 2 used in user 2 is 22.23.2.1;Operation has forwarding on forwarding device
Process 1 and forwarding process 2, wherein the forwarding corresponding virtual ip address of process 1 is 22.20.1.1, and creates for forwarding process 1
VRF1, the forwarding corresponding virtual ip address of process 2 are 22.20.1.2, and create VRF2 for forwarding process 2, forward process 1 and turn
Hair process 2 communicated respectively with server-side used in IP address be 100.0.0.1;Server-side 1 is that client 1 can visit
The server-side asked, IP address 10.159.1.1, and be added in VXLAN1, server-side 2 is the accessible clothes of client 2
Business end, IP address is also 10.159.1.1, and is added in VXLAN2.
In one example, when user 1 accesses server-side 1 using client 1, client 1 can be with transmitting portion field
Request message as shown in table 1 below:
Source IP address | Purpose IP address |
22.23.1.1 | 22.20.1.1 |
Table 1
Forwarding process 1 can be based on IP address 22.20.1.1, determine the request message when receiving the request message
Corresponding VRF is VRF1.
Subsequent, forwarding process 1 can determine the IP address for handling the server-side of the request message, that is, service in VRF1
The IP address 10.159.1.1 at end 1, so as to which the purpose IP address of the request message is converted to 10.159.1.1.Another party
Face, forwarding process 1 can be converted to the source IP address of the request message used in forwarding process 1 communicated with server-side
IP address 100.0.0.1.
The part field of request message after conversion is as shown in table 2 below:
Source IP address | Purpose IP address |
100.0.0.1 | 10.159.1.1 |
Table 2
In addition, forwarding process 1 can determine the outgoing interface of the request message in VRF1.Subsequent, forwarding process 1 can be with
By the outgoing interface, the request message after the conversion is transmitted to server-side 1.
Server-side 1 can carry out phase based on the request message after the conversion when receiving the request message after the conversion
The business processing answered.Subsequent, the business datum that server-side 1 can be obtained based on processing constructs response message.
The part field of the response message constructed by server-side 1 is as shown in table 3 below:
Source IP address | Purpose IP address |
10.159.1.1 | 100.0.0.1 |
Table 3
Forwarding process 1 first can enter to connect when receiving the response message of the return of server-side 1 based on the response message
Mouthful, determine that the corresponding VRF of the response message is VRF1.
Subsequent, forwarding process 1 can determine the IP address for receiving the client of the response message, i.e. client in VRF1
The IP address 22.23.1.1 at end 1, so as to which the purpose IP address of the response message is converted to 22.23.1.1.Another party
The source IP address of the response message can be converted to the corresponding virtual ip address of forwarding process 1 by face, forwarding process 1
22.20.1.1。
The part field of response message after conversion is as shown in table 4 below:
Source IP address | Purpose IP address |
22.20.1.1 | 22.23.1.1 |
Table 4
Response message after the conversion can be transmitted to client 1 by forwarding process 1, to keep client 1 available
Business datum in server-side 1.
When user 2 accesses server-side 2 using client 2, what client 2 can be as shown in table 5 below with transmitting portion field
Request message:
Source IP address | Purpose IP address |
22.23.2.1 | 22.20.1.2 |
Table 5
Forwarding process 2 can be based on IP address 22.20.1.2, determine the request message when receiving the request message
Corresponding VRF is VRF2.
Subsequent, forwarding process 2 can determine the IP address for handling the server-side of the request message, that is, service in VRF2
The IP address 10.159.1.1 at end 2, so as to which the purpose IP address of the request message is converted to 10.159.1.1.Another party
Face, forwarding process 2 can be converted to the source IP address of the request message used in forwarding process 2 communicated with server-side
IP address 100.0.0.1.
The part field of request message after conversion is as shown in table 2 below:
Source IP address | Purpose IP address |
100.0.0.1 | 10.159.1.1 |
Table 6
In addition, forwarding process 2 can determine the outgoing interface of the request message in VRF2.Subsequent, forwarding process 2 can be with
By the outgoing interface, the request message after the conversion is transmitted to server-side 2.
Server-side 2 can carry out phase based on the request message after the conversion when receiving the request message after the conversion
The business processing answered.Subsequent, the business datum that server-side 2 can be obtained based on processing constructs response message.
The part field of the response message constructed by server-side 2 is as shown in table 7 below:
Source IP address | Purpose IP address |
10.159.1.1 | 100.0.0.1 |
Table 7
Forwarding process 2 first can enter to connect when receiving the response message of the return of server-side 2 based on the response message
Mouthful, determine that the corresponding VRF of the response message is VRF2.
Subsequent, forwarding process 2 can determine the IP address for receiving the client of the response message, i.e. client in VRF2
The IP address 22.23.2.1 at end 2, so as to which the purpose IP address of the response message is converted to 22.23.2.1.Another party
The source IP address of the response message can be converted to the corresponding virtual ip address of forwarding process 2 by face, forwarding process 2
22.20.1.2。
The part field of response message after conversion is as shown in table 8 below:
Source IP address | Purpose IP address |
22.20.1.2 | 22.23.2.1 |
Table 8
Response message after the conversion can be transmitted to client 2 by forwarding process 2, to keep client 2 available
Business datum in server-side 2.
In another example, when user 1 accesses server-side 1 using client 1, client 1 can be with transmitting portion word
Section request message as shown in table 9 below:
Source IP address | Purpose IP address |
22.23.1.1 | 22.20.1.1 |
Table 9
Forwarding process 1 can be based on IP address 22.20.1.1, determine the request message when receiving the request message
Corresponding VRF is VRF1.
Subsequent, forwarding process 1 can determine the IP address for handling the server-side of the request message, that is, service in VRF1
The IP address 10.159.1.1 at end 1, so as to which the purpose IP address of the request message is converted to 10.159.1.1.Another party
Face, forwarding process 1 can be converted to the source IP address of the request message used in forwarding process 1 communicated with server-side
IP address 100.0.0.1.
Further, since server-side 1 is in VXLAN1, therefore forward process 1 that can be encapsulated as the request message after conversion
The VXLAN message for carrying VXLAN mark 1, forwards the VXLAN message to be characterized in VXLAN1.
The part field of the VXLAN message encapsulated by forwarding process 1 is as shown in the following table 10:
VXLAN mark | Source IP address | Purpose IP address |
1 | 100.0.0.1 | 10.159.1.1 |
Table 10
Forwarding process 1 can determine the outgoing interface of the request message in VRF1.Subsequent, forwarding process 1 can be by this
The VXLAN message is transmitted to server-side 1 by outgoing interface.
Server-side 1 can first parse the VXLAN message, when receiving the VXLAN message to obtain client
1 request message sent, and corresponding business processing is carried out based on the request message.Subsequent, server-side 1 can be asked based on this
Message is asked to carry out corresponding business processing, and the business datum obtained based on processing constructs response message.Server-side 1 can should
Response message is encapsulated as VXLAN message, and returns to the VXLAN message.
The part field of the VXLAN message encapsulated by server-side 1 is as shown in table 11 below:
VXLAN mark | Source IP address | Purpose IP address |
1 | 10.159.1.1 | 100.0.0.1 |
Table 11
Forwarding process 1 can first solve the VXLAN message when receiving the VXLAN message of the return of server-side 1
Analysis determines that the response message is corresponding to obtain the response message of the return of server-side 1, and the incoming interface based on the response message
VRF be VRF1.
Subsequent, forwarding process 1 can determine the IP address for receiving the client of the response message, i.e. client in VRF1
The IP address 10.159.1.1 at end 1, so as to which the purpose IP address of the response message is converted to 10.159.1.1.Another party
The source IP address of the response message can be converted to the corresponding virtual ip address of forwarding process 1 by face, forwarding process 1
10.20.1.1。
The part field of response message after conversion is as shown in table 12 below:
Source IP address | Purpose IP address |
22.20.1.1 | 22.23.1.1 |
Table 12
Response message after conversion can be transmitted to client 1 by forwarding process 1, to make the available clothes of client 1
The business datum being engaged in end 1.
When user 2 accesses server-side 2 using client 2, what client 2 can be as shown in table 13 below with transmitting portion field
Request message:
Source IP address | Purpose IP address |
22.23.2.1 | 22.20.1.2 |
Table 13
Forwarding process 2 can be based on IP address 10.20.1.2, determine the request message when receiving the request message
Corresponding VRF is VRF2.
Subsequent, forwarding process 2 can determine the IP address for handling the server-side of the request message, that is, service in VRF2
The IP address 32.32.32.2 at end 2, so as to which the purpose IP address of the request message is converted to 32.32.32.2.Another party
Face, forwarding process 2 can be converted to the source IP address of the request message used in forwarding process 2 communicated with server-side
IP address 100.0.0.1.
Further, since server-side 2 is in VXLAN2, therefore forward process 2 that can be encapsulated as the request message after conversion
The VXLAN message for carrying VXLAN mark 2, forwards the VXLAN message to be characterized in VXLAN2.
The part field of the VXLAN message encapsulated by forwarding process 2 is as shown in table 14 below:
VXLAN mark | Source IP address | Purpose IP address |
2 | 100.0.0.1 | 10.159.1.1 |
Table 14
Forwarding process 2 can determine the outgoing interface of the request message in VRF2.Subsequent, forwarding process 2 can be by this
The VXLAN message is transmitted to server-side 2 by outgoing interface.
Server-side 2 can first parse the VXLAN message, when receiving the VXLAN message to obtain client
2 request messages sent, and corresponding business processing is carried out based on the request message.Subsequent, server-side 2 can be asked based on this
Message is asked to carry out corresponding business processing, and the business datum obtained based on processing constructs response message.Server-side 2 can should
Response message is encapsulated as VXLAN message, and returns to the VXLAN message.
The part field of the VXLAN message encapsulated by server-side 2 is as shown in table 15 below:
VXLAN mark | Source IP address | Purpose IP address |
2 | 10.159.1.1 | 100.0.0.1 |
Table 15
Forwarding process 2 can first solve the VXLAN message when receiving the VXLAN message of the return of server-side 2
Analysis determines that the response message is corresponding to obtain the response message of the return of server-side 2, and the incoming interface based on the response message
VRF be VRF2.
Subsequent, forwarding process 2 can determine the IP address for receiving the client of the response message, i.e. client in VRF2
The IP address 10.159.2.1 at end 2, so as to which the purpose IP address of the response message is converted to 10.159.2.1.Another party
The source IP address of the response message can be converted to the corresponding virtual ip address of forwarding process 2 by face, forwarding process 2
10.20.1.2。
The part field of response message after conversion is as shown in table 16 below:
Source IP address | Purpose IP address |
22.20.1.2 | 22.23.2.1 |
Table 16
Response message after conversion can be transmitted to client 2 by forwarding process 2, to make the available clothes of client 2
The business datum being engaged in end 2.
Corresponding with the embodiment of aforementioned message forwarding method, present invention also provides the embodiments of apparatus for forwarding message.
The embodiment of the application apparatus for forwarding message can be applied on forwarding device.Installation practice can pass through software
It realizes, can also be realized by way of hardware or software and hardware combining.Taking software implementation as an example, as on a logical meaning
Device, be in being read computer program instructions corresponding in nonvolatile memory by the processor of equipment where it
Deposit what middle operation was formed.For hardware view, as shown in figure 4, for the one of the application apparatus for forwarding message place forwarding device
Kind hardware structure diagram, other than processor shown in Fig. 4, memory, network interface and nonvolatile memory, embodiment
The actual functional capability that forwarding device where middle device is forwarded generally according to the message can also include other hardware, no longer to this
It repeats.
Referring to FIG. 5, Fig. 5 is a kind of block diagram of apparatus for forwarding message shown in one exemplary embodiment of the application.The dress
Setting 500 can be applied to forwarding device shown in Fig. 4, comprising:
First receiving module 501 receives the request message that client is sent for being based on each forwarding process respectively;Its
In, the purpose IP address of the request message is the corresponding virtual ip address of the forwarding process;
Determining module 502 determines that the request message is corresponding for the purpose IP address based on the request message
VRF mark;
First conversion module 503 carries out the request message for identifying corresponding forwarding-table item based on the VRF
Network address translation;
First forwarding module 504, for based on the forwarding process, the request message after conversion to be transmitted to server-side,
So that the server-side returns to the corresponding response message of request message after the conversion;Wherein, the IP address of the server-side
For the purpose IP address of the request message after the conversion.
In an alternative embodiment, first forwarding module 504 specifically can be used for:
Based on the forwarding-table item, the corresponding VXLAN mark of the request message is determined;
It is identified based on the VXLAN, the request message after conversion is encapsulated as VXLAN message;
Based on the forwarding process, the VXLAN message is transmitted to server-side.
In an alternative embodiment, described device 500 can also include:
Second receiving module 505 receives the response report that the server-side returns for being based on the forwarding process
Text, and determine the corresponding VRF mark of the response message;
Second conversion module 506 carries out the response message for identifying corresponding forwarding-table item based on the VRF
Reversed network address translation;
Response message after conversion is transmitted to the client for being based on the forwarding process by the second forwarding module 507
End.
In an alternative embodiment, second receiving module 505 specifically can be used for:
Based on the forwarding process, the VXLAN message that the server-side returns is received, and determines that the response message is corresponding
VRF mark;
Second conversion module is specifically used for:
The VXLAN message is parsed, to obtain the response message that the server-side returns;
Corresponding forwarding-table item is identified based on the VRF, reversed network address translation is carried out to the response message.
In an alternative embodiment, first conversion module 503 specifically can be used for:
Identify corresponding forwarding-table item and preset load balancing based on the VRF, to the request message into
Row network address translation.
The function of each unit and the realization process of effect are specifically detailed in the above method and correspond to step in above-mentioned apparatus
Realization process, details are not described herein.
For device embodiment, since it corresponds essentially to embodiment of the method, so related place is referring to method reality
Apply the part explanation of example.The apparatus embodiments described above are merely exemplary, wherein described be used as separation unit
The unit of explanation may or may not be physically separated, and component shown as a unit can be or can also be with
It is not physical unit, it can it is in one place, or may be distributed over multiple network units.It can be according to actual
The purpose for needing to select some or all of the modules therein to realize application scheme.Those of ordinary skill in the art are not paying
Out in the case where creative work, it can understand and implement.
The foregoing is merely the preferred embodiments of the application, not to limit the application, all essences in the application
Within mind and principle, any modification, equivalent substitution, improvement and etc. done be should be included within the scope of the application protection.
Claims (10)
1. a kind of message forwarding method, which is characterized in that the method is applied to forwarding device, and the forwarding device includes multiple
Forwarding process, which comprises
Based on each forwarding process, the request message that client is sent is received respectively;Wherein, the destination IP of the request message
Location is the corresponding virtual ip address of the forwarding process;
Based on the purpose IP address of the request message, the corresponding VPN route forwarding table VRF mark of the request message is determined;
Corresponding forwarding-table item is identified based on the VRF, network address translation is carried out to the request message;
Based on the forwarding process, the request message after conversion is transmitted to server-side, so that the server-side returns to described turn
The corresponding response message of request message after changing;Wherein, the IP address of the server-side is the request message after the conversion
Purpose IP address.
2. the method according to claim 1, wherein described be based on the forwarding process, by the request after conversion
Message is transmitted to server-side, comprising:
Based on the forwarding-table item, the corresponding virtual extended local area network VXLAN mark of the request message is determined;
It is identified based on the VXLAN, the request message after conversion is encapsulated as VXLAN message;
Based on the forwarding process, the VXLAN message is transmitted to server-side.
3. the method according to claim 1, wherein the method also includes:
Based on the forwarding process, the response message that the server-side returns is received, and determines that the response message is corresponding
VRF mark;
Corresponding forwarding-table item is identified based on the VRF, reversed network address translation is carried out to the response message;
Based on the forwarding process, the response message after conversion is transmitted to the client.
4. according to the method described in claim 3, it is characterized in that, it is described be based on the forwarding process, receive the server-side
The response message returned, and determine the corresponding VRF mark of the response message, comprising:
Based on the forwarding process, the VXLAN message that the server-side returns is received, and determines that the VXLAN message is corresponding
VRF mark;
It is described that corresponding forwarding-table item is identified based on the VRF, reversed network address translation is carried out to the response message, is wrapped
It includes:
The VXLAN message is parsed, to obtain the response message that the server-side returns;
Corresponding forwarding-table item is identified based on the VRF, reversed network address translation is carried out to the response message.
5. right the method according to claim 1, wherein described identify corresponding forwarding-table item based on the VRF
The request message carries out network address translation, comprising:
Corresponding forwarding-table item and preset load balancing are identified based on the VRF, net is carried out to the request message
Network address conversion.
6. a kind of apparatus for forwarding message, which is characterized in that described device is applied to forwarding device, and the forwarding device includes multiple
Forwarding process, described device include:
First receiving module receives the request message that client is sent for being based on each forwarding process respectively;Wherein, described
The purpose IP address of request message is the corresponding virtual ip address of the forwarding process;
Determining module determines the corresponding VRF mark of the request message for the purpose IP address based on the request message;
First conversion module carries out network address to the request message for identifying corresponding forwarding-table item based on the VRF
Conversion;
Request message after conversion is transmitted to server-side, so that described for being based on the forwarding process by the first forwarding module
Server-side returns to the corresponding response message of request message after the conversion;Wherein, the IP address of the server-side is described turns
The purpose IP address of request message after changing.
7. device according to claim 6, which is characterized in that first forwarding module is specifically used for:
Based on the forwarding-table item, the corresponding VXLAN mark of the request message is determined;
It is identified based on the VXLAN, the request message after conversion is encapsulated as VXLAN message;
Based on the forwarding process, the VXLAN message is transmitted to server-side.
8. device according to claim 6, which is characterized in that described device further include:
Second receiving module receives the response message that the server-side returns, and determine for being based on the forwarding process
The corresponding VRF mark of the response message;
Second conversion module carries out reversed net to the response message for identifying corresponding forwarding-table item based on the VRF
Network address conversion;
Response message after conversion is transmitted to the client for being based on the forwarding process by the second forwarding module.
9. device according to claim 8, which is characterized in that second receiving module is specifically used for:
Based on the forwarding process, the VXLAN message that the server-side returns is received, and determines that the response message is corresponding
VRF mark;
Second conversion module is specifically used for:
The VXLAN message is parsed, to obtain the response message that the server-side returns;
Corresponding forwarding-table item is identified based on the VRF, reversed network address translation is carried out to the response message.
10. device according to claim 6, which is characterized in that first conversion module is specifically used for:
Corresponding forwarding-table item and preset load balancing are identified based on the VRF, net is carried out to the request message
Network address conversion.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811343854.4A CN109474713B (en) | 2018-11-13 | 2018-11-13 | Message forwarding method and device |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811343854.4A CN109474713B (en) | 2018-11-13 | 2018-11-13 | Message forwarding method and device |
Publications (2)
Publication Number | Publication Date |
---|---|
CN109474713A true CN109474713A (en) | 2019-03-15 |
CN109474713B CN109474713B (en) | 2021-12-24 |
Family
ID=65672121
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201811343854.4A Active CN109474713B (en) | 2018-11-13 | 2018-11-13 | Message forwarding method and device |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN109474713B (en) |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111131496A (en) * | 2019-12-31 | 2020-05-08 | 易票联支付有限公司 | Communication transfer method, system, device and medium based on identification information |
CN113922972A (en) * | 2021-12-10 | 2022-01-11 | 北京华云安信息技术有限公司 | Data forwarding method and device based on MD5 identification code |
CN115136561A (en) * | 2020-02-24 | 2022-09-30 | 思科技术公司 | VRF isolation for shared services in multi-architecture cloud networks |
CN115334045A (en) * | 2022-08-12 | 2022-11-11 | 迈普通信技术股份有限公司 | Message forwarding method, device, gateway equipment and storage medium |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101159750A (en) * | 2007-11-20 | 2008-04-09 | 杭州华三通信技术有限公司 | Identification authenticating method and apparatus |
CN101227376A (en) * | 2008-02-04 | 2008-07-23 | 杭州华三通信技术有限公司 | Equipment and method for virtual special-purpose network multi-case safe access |
CN101599901A (en) * | 2009-07-15 | 2009-12-09 | 杭州华三通信技术有限公司 | The method of remotely accessing MPLS VPN, system and gateway |
US8451837B1 (en) * | 2010-06-16 | 2013-05-28 | Cisco Technology, Inc. | Discovery of MPLS VPN links |
CN107659485A (en) * | 2017-10-31 | 2018-02-02 | 新华三技术有限公司 | A kind of method and device of equipment and server communication in VPN VPN |
-
2018
- 2018-11-13 CN CN201811343854.4A patent/CN109474713B/en active Active
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101159750A (en) * | 2007-11-20 | 2008-04-09 | 杭州华三通信技术有限公司 | Identification authenticating method and apparatus |
CN101227376A (en) * | 2008-02-04 | 2008-07-23 | 杭州华三通信技术有限公司 | Equipment and method for virtual special-purpose network multi-case safe access |
CN101599901A (en) * | 2009-07-15 | 2009-12-09 | 杭州华三通信技术有限公司 | The method of remotely accessing MPLS VPN, system and gateway |
US8451837B1 (en) * | 2010-06-16 | 2013-05-28 | Cisco Technology, Inc. | Discovery of MPLS VPN links |
CN107659485A (en) * | 2017-10-31 | 2018-02-02 | 新华三技术有限公司 | A kind of method and device of equipment and server communication in VPN VPN |
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111131496A (en) * | 2019-12-31 | 2020-05-08 | 易票联支付有限公司 | Communication transfer method, system, device and medium based on identification information |
CN115136561A (en) * | 2020-02-24 | 2022-09-30 | 思科技术公司 | VRF isolation for shared services in multi-architecture cloud networks |
CN113922972A (en) * | 2021-12-10 | 2022-01-11 | 北京华云安信息技术有限公司 | Data forwarding method and device based on MD5 identification code |
CN113922972B (en) * | 2021-12-10 | 2022-03-08 | 北京华云安信息技术有限公司 | Data forwarding method and device based on MD5 identification code |
CN115334045A (en) * | 2022-08-12 | 2022-11-11 | 迈普通信技术股份有限公司 | Message forwarding method, device, gateway equipment and storage medium |
CN115334045B (en) * | 2022-08-12 | 2023-12-19 | 迈普通信技术股份有限公司 | Message forwarding method, device, gateway equipment and storage medium |
Also Published As
Publication number | Publication date |
---|---|
CN109474713B (en) | 2021-12-24 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN112470436B (en) | Systems, methods, and computer-readable media for providing multi-cloud connectivity | |
US10547463B2 (en) | Multicast helper to link virtual extensible LANs | |
US10412156B1 (en) | Techniques for utilizing network destination identifiers simultaneously announced from multiple locations | |
JP5809696B2 (en) | Distributed virtual network gateway | |
CN101252509B (en) | Application of dual-NAT method in packet data processing and routing of dynamic virtual private network (VPN) | |
CN109474713A (en) | Message forwarding method and device | |
CN105610632B (en) | Virtual network equipment and related method | |
TWI524188B (en) | Method, computer program product and system for providing virtual networks using multi-tenant relays | |
CN105553977B (en) | Processing, sending method and the device of request message | |
US8353020B2 (en) | Transparently extensible firewall cluster | |
CN110392108A (en) | A kind of public cloud Network Load Balance system architecture and implementation method | |
US20220116323A1 (en) | Techniques for high performant virtual routing capabilities | |
CN105721306A (en) | Configuration information transmission method and device | |
CN109639557A (en) | Methods, devices and systems for network communication | |
EP3588875B1 (en) | Web services across virtual routing and forwarding | |
CN105939240B (en) | Load-balancing method and device | |
CN111698346B (en) | Private network address conversion method and device, private network gateway and storage medium | |
CN105554176B (en) | Send the method, apparatus and communication system of message | |
CN105939267B (en) | Outband management method and device | |
JP2020510938A (en) | System and method for a compute node management protocol | |
CN109525684A (en) | Message forwarding method and device | |
JP3666654B2 (en) | Internet communication method {MethodforanInternetCommunication} | |
CN107659930A (en) | A kind of AP connection control methods and device | |
CN109413224A (en) | Message forwarding method and device | |
WO2017054469A1 (en) | Mirroring processing method and apparatus for data stream |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |