CN109474713A - Message forwarding method and device - Google Patents

Message forwarding method and device Download PDF

Info

Publication number
CN109474713A
CN109474713A CN201811343854.4A CN201811343854A CN109474713A CN 109474713 A CN109474713 A CN 109474713A CN 201811343854 A CN201811343854 A CN 201811343854A CN 109474713 A CN109474713 A CN 109474713A
Authority
CN
China
Prior art keywords
forwarding
message
request message
address
server
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201811343854.4A
Other languages
Chinese (zh)
Other versions
CN109474713B (en
Inventor
王世钰
李国帅
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hangzhou Dt Dream Technology Co Ltd
Original Assignee
Hangzhou Dt Dream Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hangzhou Dt Dream Technology Co Ltd filed Critical Hangzhou Dt Dream Technology Co Ltd
Priority to CN201811343854.4A priority Critical patent/CN109474713B/en
Publication of CN109474713A publication Critical patent/CN109474713A/en
Application granted granted Critical
Publication of CN109474713B publication Critical patent/CN109474713B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/25Mapping addresses of the same type
    • H04L61/2503Translation of Internet protocol [IP] addresses
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/74Address processing for routing
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L49/00Packet switching elements
    • H04L49/10Packet switching elements characterised by the switching fabric construction
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L49/00Packet switching elements
    • H04L49/35Switches specially adapted for specific applications
    • H04L49/354Switches specially adapted for specific applications for supporting virtual local area networks [VLAN]

Abstract

The application provides a kind of message forwarding method and device, is applied to forwarding device, the forwarding device includes multiple forwarding processes, which comprises is based on each forwarding process, receives the request message that client is sent respectively;Wherein, the purpose IP address of the request message is the corresponding virtual ip address of the forwarding process;Based on the purpose IP address of the request message, the corresponding VRF mark of the request message is determined;Corresponding forwarding-table item is identified based on the VRF, network address translation is carried out to the request message;Based on the forwarding process, the request message after conversion is transmitted to server-side, so that the server-side returns to the corresponding response message of request message after the conversion;Wherein, the IP address of the server-side is the purpose IP address of the request message after the conversion.Technical scheme can be to avoid unnecessary hardware resource consumption, while message forward efficiency can be improved.

Description

Message forwarding method and device
Technical field
This application involves field of communication technology more particularly to a kind of message forwarding methods and device.
Background technique
SLB (Server Load Balancing, server-side load balancing) is a kind of to be designed for cloud computing platform Network Load Balance Technology.In practical applications, client can based on SLB equipment VIP (Virtual IP Address, Virtual ip address) access request is sent to SLB equipment, then by SLB equipment based on certain forwarding strategy, by the visit of client Ask that request is transmitted to the corresponding business processing of server-side progress of rear end.As type of business gradually increases, business complexity It is continuously improved, it may be necessary to create different users for different business.In this case, how to processing different user The network of business be isolated, become urgent problem to be solved.
Summary of the invention
In view of this, the application provides a kind of message forwarding method and device.Specifically, the application is by following technology What scheme was realized:
In a first aspect, the application provides a kind of message forwarding method, the method is applied to forwarding device, and the forwarding is set Standby includes multiple forwarding processes, which comprises
Based on each forwarding process, the request message that client is sent is received respectively;Wherein, the purpose of the request message IP address is the corresponding virtual ip address of the forwarding process;
Based on the purpose IP address of the request message, the corresponding VRF mark of the request message is determined;
Corresponding forwarding-table item is identified based on the VRF, network address translation is carried out to the request message;
Based on the forwarding process, the request message after conversion is transmitted to server-side, so that the server-side returns to institute The corresponding response message of request message after stating conversion;Wherein, the IP address of the server-side is the request report after the conversion The purpose IP address of text.
Second aspect, the application provide a kind of apparatus for forwarding message, and described device is applied to forwarding device, and the forwarding is set Standby includes multiple forwarding processes, and described device includes:
First receiving module receives the request message that client is sent for being based on each forwarding process respectively;Wherein, The purpose IP address of the request message is the corresponding virtual ip address of the forwarding process;
Determining module determines the corresponding VRF mark of the request message for the purpose IP address based on the request message Know;
First conversion module carries out network to the request message for identifying corresponding forwarding-table item based on the VRF Address conversion;
First forwarding module, for based on the forwarding process, the request message after conversion to be transmitted to server-side, so that The server-side returns to the corresponding response message of request message after the conversion;Wherein, the IP address of the server-side is institute The purpose IP address of request message after stating conversion.
In the above-mentioned technical solutions, it is no longer necessary to create multiple virtual units in forwarding device, and can be based on turning Multiple forwarding processes in equipment are sent out, are realized to the data isolation between different users.Due to do not need for it is each forward into Journey distributes the hardware resources such as CPU and memory, therefore can be to avoid unnecessary hardware resource consumption, while message can be improved and turn Send out efficiency.
Detailed description of the invention
Fig. 1 is a kind of schematic diagram of message forwarding system in the related technology;
Fig. 2 is a kind of schematic diagram of message forwarding system shown in one exemplary embodiment of the application;
Fig. 3 is a kind of flow chart of message forwarding method shown in one exemplary embodiment of the application;
Fig. 4 is a kind of hardware structure diagram of apparatus for forwarding message place equipment shown in one exemplary embodiment of the application;
Fig. 5 is a kind of block diagram of apparatus for forwarding message shown in one exemplary embodiment of the application.
Specific embodiment
Example embodiments are described in detail here, and the example is illustrated in the accompanying drawings.Following description is related to When attached drawing, unless otherwise indicated, the same numbers in different drawings indicate the same or similar elements.Following exemplary embodiment Described in embodiment do not represent all embodiments consistent with the application.On the contrary, they be only with it is such as appended The example of the consistent device and method of some aspects be described in detail in claims, the application.
It is only to be not intended to be limiting the application merely for for the purpose of describing particular embodiments in term used in this application. It is also intended in the application and the "an" of singular used in the attached claims, " described " and "the" including majority Form, unless the context clearly indicates other meaning.It is also understood that term "and/or" used herein refers to and wraps It may be combined containing one or more associated any or all of project listed.
It will be appreciated that though various information, but this may be described using term first, second, third, etc. in the application A little information should not necessarily be limited by these terms.These terms are only used to for same type of information being distinguished from each other out.For example, not departing from In the case where the application range, the first information can also be referred to as the second information, and similarly, the second information can also be referred to as One information.Depending on context, word as used in this " if " can be construed to " ... when " or " when ... When " or " in response to determination ".
Referring to FIG. 1, Fig. 1 is a kind of schematic diagram of message forwarding system in the related technology.As shown in Figure 1, actually answering In, since server-side is typically deployed in private network, and client is then typically deployed in public network, and in order to guarantee business datum Safety, be generally not allowed client directly to be communicated with server-side, thus usually can client and server-side it Between dispose forwarding device, thus allow client by forwarding device access server-side, obtain server-side in business datum.
In the related technology, different users would generally use different clients, in this case, in order to guarantee difference User between data isolation, multiple virtual units can be created in forwarding device, and configure for different virtual units Different virtual ip address, the virtual ip address are private network IP address.Gateway can be disposed between forwarding device and client to set Standby, the same client used by a user by gateway and can be somebody's turn to do based on the virtual ip address of some virtual unit Virtual unit is communicated.
On the other hand, the server-side which can be needed to access, is added with the virtual unit To the same VLAN (Virtual Local Area Network, virtual LAN) or VXLAN (Virtual Extensible LAN, virtual extended local area network) in, thus the server-side for making the client used by a user need to access, with the virtual unit It can be communicated in the VLAN or VXLAN.In this way, the service for needing to access due to different client used by a user End can guarantee the data isolation between different users in different VLAN or VXLAN.
When creating virtual unit in forwarding device, need to distribute CPU (Central for each virtual unit of creation Processing Unit, central processing unit) and the hardware resources such as memory.However, if the hardware resource size of distribution does not conform to Reason, then will affect message forward efficiency, it is also possible to will lead to unnecessary hardware resource consumption.
To solve the above-mentioned problems, the application provides a kind of message forwarding method and device, to improve message forward efficiency, Hardware resource consumption is reduced simultaneously.
Referring to FIG. 2, Fig. 2 is a kind of schematic diagram of message forwarding system shown in one exemplary embodiment of the application.Such as Shown in Fig. 2, multiple forwarding processes can be run in the message forwarding system, in forwarding device, and can be different forwardings Process configures different virtual ip address.Wherein, one section of program generation that forwarding process can be for realizing message forwarding capability Code;The same forwarding process can be used for the message sent to the same client used by a user, or be sent to the use The message of client used in family is forwarded, i.e., the same client used by a user can by it is same forward into Journey accesses server-side.
It should be noted that the virtual ip address for the configuration of forwarding process can be public network IP address, the use same in this way Client used in family can directly be communicated with the virtual unit based on the virtual ip address of some virtual unit.Or Person, the virtual ip address for the configuration of forwarding process are also possible to private network IP address, the client used by a user same in this way It can be communicated by gateway with the virtual unit based on the virtual ip address of some virtual unit.
It on the other hand, can be the virtual ip address of the corresponding forwarding process of the client used by a user, creation pair The VRF (Virtual Routing Forwarding, VPN route forwarding table) answered, and configure one for the forwarding process and be used for The private network IP address communicated with server-side.It should be noted that all forwarding processes run on forwarding device can make It is communicated with an identical private network IP address from different server-sides, or different private network IP can also be used respectively Address is communicated from different server-sides, the application to this with no restriction.It is subsequent, it can by the private network IP of configuration Location and the client used by a user need the IP address of the server-side accessed to be added in the VRF, i.e., by the forwarding into Journey and the client used by a user need the server-side accessed to be added in the same VRF.
Referring to FIG. 3, Fig. 3 is a kind of flow chart of message forwarding method shown in one exemplary embodiment of the application.It should Method can be applied to forwarding device shown in Fig. 2, include the following steps:
Step 301: being based on each forwarding process, receive the request message that client is sent respectively;Wherein, the request report The purpose IP address of text is the corresponding virtual ip address of the forwarding process.
Step 302: the purpose IP address based on the request message determines the corresponding VRF mark of the request message.
Step 303: corresponding forwarding-table item being identified based on the VRF, network address translation is carried out to the request message.
Step 304: being based on the forwarding process, the request message after conversion is transmitted to server-side, so that the service End returns to the corresponding response message of request message after the conversion;Wherein, the IP address of the server-side is after the conversion Request message purpose IP address.
In the present embodiment, for the same client used by a user, which can be set by forwarding The same forwarding process of standby middle operation accesses server-side.
Specifically, which can send request message, and the source IP address of the request message is the IP of the client Location, the purpose IP address of the request message are then that (as the forwarding process configures the corresponding virtual ip address of forwarding process Virtual ip address).
Forwarding device can be based on the forwarding process, receive the request message of client transmission.
After receiving the request message, forwarding device can be first based on the purpose IP address of the request message, and determining should The corresponding VRF mark of request message.Wherein, a VRF mark can be used for characterizing a unique VRF, i.e. forwarding device can To be based on the corresponding virtual ip address of forwarding process, it is determined as the VRF of virtual ip address creation.
After the corresponding VRF mark of the request message has been determined, forwarding device can identify corresponding forwarding based on the VRF List item (i.e. the VRF of VRF mark characterization), carries out network address translation (Network Address to the request message Translation, NAT).Specifically, forwarding device the source IP address of the request message can be converted to the forwarding process with The IP address used when server-side is communicated, and the purpose IP address of the request message is converted into the client and needs to access Server-side IP address.
In a kind of embodiment shown, forwarding device can be SLB equipment, or be integrated with the net of SLB function Network equipment.
In this case, forwarding device can be marked after determining the corresponding VRF mark of the request message based on the VRF Know corresponding forwarding-table item, determines the IP address of the accessible server-side of the client.On the other hand, forwarding device can be with base In preset load balancing, a server-side is selected from these server-sides, and by the purpose IP address of the request message Be converted to the IP address of the server-side of selection.Wherein, load balancing can be preset by user.For example, turn Hair equipment can select the smallest server-side of present load from these server-sides, and the purpose IP address of the request message is turned It is changed to the IP address of the smallest server-side of present load.
In addition, forwarding device, which is also based on the VRF, identifies corresponding forwarding-table item, the outgoing interface of the request message is determined Equal forwarding informations.After completing to the network address translation of the request message, forwarding device can be based on the forwarding process, and The determining forwarding information, the request message after conversion is transmitted to corresponding server-side, and (i.e. IP address is the request message The server-side of purpose IP address).
The server-side can carry out phase based on the request message after the conversion when receiving the request message after the conversion The business processing answered, and the business datum obtained based on processing constructs response message.Subsequent, which can report the response Text returns to the client for sending the request message, to make the business datum in the available server-side of the client.
It should be noted that the server-side can be constructed when the business datum obtained based on processing constructs response message Source IP address is the IP address of the server-side, purpose IP address is the IP that uses when the forwarding process is communicated with server-side The response message of location, and return to the response message.
Similarly, forwarding device can be based on the forwarding process, receive the response message of server-side return.
In practical applications, forwarding process can be by establishing connection between socket and server-side, i.e. forwarding device can With the socket based on forwarding process, the request message after the conversion is transmitted to corresponding server-side, and receive server-side and return The response message returned.In such a case, it is possible to which respectively each forwarding process setting is corresponding for characterizing the forwarding process The attribute information of VRF, i.e. forwarding device receive the response message of server-side return in the socket based on some forwarding process When, the corresponding VRF of the response message can be determined based on the attribute information of the socket of the forwarding process.
After receiving the response message, forwarding device can first forwarding informations such as incoming interface based on the response message, It determines the corresponding VRF mark of the response message, may thereby determine that the VRF identifies corresponding forwarding-table item.It is subsequent, forwarding device It can be based on the forwarding-table item, reversed network address translation is carried out to the response message.Specifically, forwarding device can should The source IP address of response message is converted to the corresponding virtual ip address of forwarding process, and by the purpose IP address of the response message Be converted to the IP address for sending the client of the request message.
After completing to the reversed network address translation of the response message, forwarding device can be based on the forwarding process, Response message after conversion is transmitted to the client (the i.e. IP address destination IP that is the response message for sending the request message The client of address).
In practical applications, for server-side, the same client used by a user can be needed to access Server-side is added in the same VXLAN.In this case, forwarding device can be needed with the client used by a user The server-side of access is communicated in the VXLAN.In this way, the IP address of the server-side in different VXLAN can be it is identical 's.
Specifically, after the corresponding VRF mark of the request message has been determined, forwarding device can be based on VRF mark pair The forwarding-table item answered carries out network address translation to the request message.On the other hand, forwarding device can be based on the forwarding table , determine the corresponding VXLAN mark of the request message.Wherein, a VXLAN mark can be used for characterizing unique one VXLAN, i.e. forwarding device can be determined where the server-side for the purpose IP address that IP address is the request message after conversion The request message is forwarded in VXLAN (i.e. the VXLAN of VXLAN mark characterization).
Subsequent, forwarding device can be identified based on the VXLAN, and the request message after conversion is encapsulated as VXLAN message.This Outside, forwarding device is also based on the VRF and identifies corresponding forwarding-table item, determines that the forwardings such as the outgoing interface of the request message are believed Breath, therefore forwarding device can be based on the forwarding process, and the forwarding information determined, which is transmitted to this Corresponding server-side in the VXLAN of VXLAN mark characterization.
The server-side can first parse the VXLAN message, when receiving the VXLAN message to obtain the visitor The request message that family end is sent.Subsequent, which can carry out corresponding business processing based on the request message, and be based on Handle obtained business datum construction response message.The response message can be encapsulated as VXLAN message by the server-side, and be returned The VXLAN message.
Similarly, forwarding device can be based on the forwarding process, receive the VXLAN message of server-side return.
After receiving the VXLAN message, forwarding device can first be parsed the VXLAN message, to obtain the clothes The response message that business end returns.It is subsequent, forwarding device can the forwarding informations such as incoming interface first based on the VXLAN message, really Determine the corresponding VRF mark of the VXLAN message, may thereby determine that the VRF identifies corresponding forwarding-table item, then be based on the forwarding table , reversed network address translation is carried out to the response message.
After completing to the reversed network address translation of the response message, forwarding device can be based on the forwarding process, Response message after conversion is transmitted to the client for sending the request message.
In the above-mentioned technical solutions, it is no longer necessary to create multiple virtual units in forwarding device, and can be based on turning Multiple forwarding processes in equipment are sent out, are realized to the data isolation between different users.Due to do not need for it is each forward into Journey distributes the hardware resources such as CPU and memory, therefore can be to avoid unnecessary hardware resource consumption, while message can be improved and turn Send out efficiency.
Above-mentioned technical proposal is illustrated below.
With continued reference to FIG. 2, assuming in message forwarding system shown in Fig. 2, the IP of client 1 used in user 1 Address is 22.23.1.1, and the IP address of client 2 used in user 2 is 22.23.2.1;Operation has forwarding on forwarding device Process 1 and forwarding process 2, wherein the forwarding corresponding virtual ip address of process 1 is 22.20.1.1, and creates for forwarding process 1 VRF1, the forwarding corresponding virtual ip address of process 2 are 22.20.1.2, and create VRF2 for forwarding process 2, forward process 1 and turn Hair process 2 communicated respectively with server-side used in IP address be 100.0.0.1;Server-side 1 is that client 1 can visit The server-side asked, IP address 10.159.1.1, and be added in VXLAN1, server-side 2 is the accessible clothes of client 2 Business end, IP address is also 10.159.1.1, and is added in VXLAN2.
In one example, when user 1 accesses server-side 1 using client 1, client 1 can be with transmitting portion field Request message as shown in table 1 below:
Source IP address Purpose IP address
22.23.1.1 22.20.1.1
Table 1
Forwarding process 1 can be based on IP address 22.20.1.1, determine the request message when receiving the request message Corresponding VRF is VRF1.
Subsequent, forwarding process 1 can determine the IP address for handling the server-side of the request message, that is, service in VRF1 The IP address 10.159.1.1 at end 1, so as to which the purpose IP address of the request message is converted to 10.159.1.1.Another party Face, forwarding process 1 can be converted to the source IP address of the request message used in forwarding process 1 communicated with server-side IP address 100.0.0.1.
The part field of request message after conversion is as shown in table 2 below:
Source IP address Purpose IP address
100.0.0.1 10.159.1.1
Table 2
In addition, forwarding process 1 can determine the outgoing interface of the request message in VRF1.Subsequent, forwarding process 1 can be with By the outgoing interface, the request message after the conversion is transmitted to server-side 1.
Server-side 1 can carry out phase based on the request message after the conversion when receiving the request message after the conversion The business processing answered.Subsequent, the business datum that server-side 1 can be obtained based on processing constructs response message.
The part field of the response message constructed by server-side 1 is as shown in table 3 below:
Source IP address Purpose IP address
10.159.1.1 100.0.0.1
Table 3
Forwarding process 1 first can enter to connect when receiving the response message of the return of server-side 1 based on the response message Mouthful, determine that the corresponding VRF of the response message is VRF1.
Subsequent, forwarding process 1 can determine the IP address for receiving the client of the response message, i.e. client in VRF1 The IP address 22.23.1.1 at end 1, so as to which the purpose IP address of the response message is converted to 22.23.1.1.Another party The source IP address of the response message can be converted to the corresponding virtual ip address of forwarding process 1 by face, forwarding process 1 22.20.1.1。
The part field of response message after conversion is as shown in table 4 below:
Source IP address Purpose IP address
22.20.1.1 22.23.1.1
Table 4
Response message after the conversion can be transmitted to client 1 by forwarding process 1, to keep client 1 available Business datum in server-side 1.
When user 2 accesses server-side 2 using client 2, what client 2 can be as shown in table 5 below with transmitting portion field Request message:
Source IP address Purpose IP address
22.23.2.1 22.20.1.2
Table 5
Forwarding process 2 can be based on IP address 22.20.1.2, determine the request message when receiving the request message Corresponding VRF is VRF2.
Subsequent, forwarding process 2 can determine the IP address for handling the server-side of the request message, that is, service in VRF2 The IP address 10.159.1.1 at end 2, so as to which the purpose IP address of the request message is converted to 10.159.1.1.Another party Face, forwarding process 2 can be converted to the source IP address of the request message used in forwarding process 2 communicated with server-side IP address 100.0.0.1.
The part field of request message after conversion is as shown in table 2 below:
Source IP address Purpose IP address
100.0.0.1 10.159.1.1
Table 6
In addition, forwarding process 2 can determine the outgoing interface of the request message in VRF2.Subsequent, forwarding process 2 can be with By the outgoing interface, the request message after the conversion is transmitted to server-side 2.
Server-side 2 can carry out phase based on the request message after the conversion when receiving the request message after the conversion The business processing answered.Subsequent, the business datum that server-side 2 can be obtained based on processing constructs response message.
The part field of the response message constructed by server-side 2 is as shown in table 7 below:
Source IP address Purpose IP address
10.159.1.1 100.0.0.1
Table 7
Forwarding process 2 first can enter to connect when receiving the response message of the return of server-side 2 based on the response message Mouthful, determine that the corresponding VRF of the response message is VRF2.
Subsequent, forwarding process 2 can determine the IP address for receiving the client of the response message, i.e. client in VRF2 The IP address 22.23.2.1 at end 2, so as to which the purpose IP address of the response message is converted to 22.23.2.1.Another party The source IP address of the response message can be converted to the corresponding virtual ip address of forwarding process 2 by face, forwarding process 2 22.20.1.2。
The part field of response message after conversion is as shown in table 8 below:
Source IP address Purpose IP address
22.20.1.2 22.23.2.1
Table 8
Response message after the conversion can be transmitted to client 2 by forwarding process 2, to keep client 2 available Business datum in server-side 2.
In another example, when user 1 accesses server-side 1 using client 1, client 1 can be with transmitting portion word Section request message as shown in table 9 below:
Source IP address Purpose IP address
22.23.1.1 22.20.1.1
Table 9
Forwarding process 1 can be based on IP address 22.20.1.1, determine the request message when receiving the request message Corresponding VRF is VRF1.
Subsequent, forwarding process 1 can determine the IP address for handling the server-side of the request message, that is, service in VRF1 The IP address 10.159.1.1 at end 1, so as to which the purpose IP address of the request message is converted to 10.159.1.1.Another party Face, forwarding process 1 can be converted to the source IP address of the request message used in forwarding process 1 communicated with server-side IP address 100.0.0.1.
Further, since server-side 1 is in VXLAN1, therefore forward process 1 that can be encapsulated as the request message after conversion The VXLAN message for carrying VXLAN mark 1, forwards the VXLAN message to be characterized in VXLAN1.
The part field of the VXLAN message encapsulated by forwarding process 1 is as shown in the following table 10:
VXLAN mark Source IP address Purpose IP address
1 100.0.0.1 10.159.1.1
Table 10
Forwarding process 1 can determine the outgoing interface of the request message in VRF1.Subsequent, forwarding process 1 can be by this The VXLAN message is transmitted to server-side 1 by outgoing interface.
Server-side 1 can first parse the VXLAN message, when receiving the VXLAN message to obtain client 1 request message sent, and corresponding business processing is carried out based on the request message.Subsequent, server-side 1 can be asked based on this Message is asked to carry out corresponding business processing, and the business datum obtained based on processing constructs response message.Server-side 1 can should Response message is encapsulated as VXLAN message, and returns to the VXLAN message.
The part field of the VXLAN message encapsulated by server-side 1 is as shown in table 11 below:
VXLAN mark Source IP address Purpose IP address
1 10.159.1.1 100.0.0.1
Table 11
Forwarding process 1 can first solve the VXLAN message when receiving the VXLAN message of the return of server-side 1 Analysis determines that the response message is corresponding to obtain the response message of the return of server-side 1, and the incoming interface based on the response message VRF be VRF1.
Subsequent, forwarding process 1 can determine the IP address for receiving the client of the response message, i.e. client in VRF1 The IP address 10.159.1.1 at end 1, so as to which the purpose IP address of the response message is converted to 10.159.1.1.Another party The source IP address of the response message can be converted to the corresponding virtual ip address of forwarding process 1 by face, forwarding process 1 10.20.1.1。
The part field of response message after conversion is as shown in table 12 below:
Source IP address Purpose IP address
22.20.1.1 22.23.1.1
Table 12
Response message after conversion can be transmitted to client 1 by forwarding process 1, to make the available clothes of client 1 The business datum being engaged in end 1.
When user 2 accesses server-side 2 using client 2, what client 2 can be as shown in table 13 below with transmitting portion field Request message:
Source IP address Purpose IP address
22.23.2.1 22.20.1.2
Table 13
Forwarding process 2 can be based on IP address 10.20.1.2, determine the request message when receiving the request message Corresponding VRF is VRF2.
Subsequent, forwarding process 2 can determine the IP address for handling the server-side of the request message, that is, service in VRF2 The IP address 32.32.32.2 at end 2, so as to which the purpose IP address of the request message is converted to 32.32.32.2.Another party Face, forwarding process 2 can be converted to the source IP address of the request message used in forwarding process 2 communicated with server-side IP address 100.0.0.1.
Further, since server-side 2 is in VXLAN2, therefore forward process 2 that can be encapsulated as the request message after conversion The VXLAN message for carrying VXLAN mark 2, forwards the VXLAN message to be characterized in VXLAN2.
The part field of the VXLAN message encapsulated by forwarding process 2 is as shown in table 14 below:
VXLAN mark Source IP address Purpose IP address
2 100.0.0.1 10.159.1.1
Table 14
Forwarding process 2 can determine the outgoing interface of the request message in VRF2.Subsequent, forwarding process 2 can be by this The VXLAN message is transmitted to server-side 2 by outgoing interface.
Server-side 2 can first parse the VXLAN message, when receiving the VXLAN message to obtain client 2 request messages sent, and corresponding business processing is carried out based on the request message.Subsequent, server-side 2 can be asked based on this Message is asked to carry out corresponding business processing, and the business datum obtained based on processing constructs response message.Server-side 2 can should Response message is encapsulated as VXLAN message, and returns to the VXLAN message.
The part field of the VXLAN message encapsulated by server-side 2 is as shown in table 15 below:
VXLAN mark Source IP address Purpose IP address
2 10.159.1.1 100.0.0.1
Table 15
Forwarding process 2 can first solve the VXLAN message when receiving the VXLAN message of the return of server-side 2 Analysis determines that the response message is corresponding to obtain the response message of the return of server-side 2, and the incoming interface based on the response message VRF be VRF2.
Subsequent, forwarding process 2 can determine the IP address for receiving the client of the response message, i.e. client in VRF2 The IP address 10.159.2.1 at end 2, so as to which the purpose IP address of the response message is converted to 10.159.2.1.Another party The source IP address of the response message can be converted to the corresponding virtual ip address of forwarding process 2 by face, forwarding process 2 10.20.1.2。
The part field of response message after conversion is as shown in table 16 below:
Source IP address Purpose IP address
22.20.1.2 22.23.2.1
Table 16
Response message after conversion can be transmitted to client 2 by forwarding process 2, to make the available clothes of client 2 The business datum being engaged in end 2.
Corresponding with the embodiment of aforementioned message forwarding method, present invention also provides the embodiments of apparatus for forwarding message.
The embodiment of the application apparatus for forwarding message can be applied on forwarding device.Installation practice can pass through software It realizes, can also be realized by way of hardware or software and hardware combining.Taking software implementation as an example, as on a logical meaning Device, be in being read computer program instructions corresponding in nonvolatile memory by the processor of equipment where it Deposit what middle operation was formed.For hardware view, as shown in figure 4, for the one of the application apparatus for forwarding message place forwarding device Kind hardware structure diagram, other than processor shown in Fig. 4, memory, network interface and nonvolatile memory, embodiment The actual functional capability that forwarding device where middle device is forwarded generally according to the message can also include other hardware, no longer to this It repeats.
Referring to FIG. 5, Fig. 5 is a kind of block diagram of apparatus for forwarding message shown in one exemplary embodiment of the application.The dress Setting 500 can be applied to forwarding device shown in Fig. 4, comprising:
First receiving module 501 receives the request message that client is sent for being based on each forwarding process respectively;Its In, the purpose IP address of the request message is the corresponding virtual ip address of the forwarding process;
Determining module 502 determines that the request message is corresponding for the purpose IP address based on the request message VRF mark;
First conversion module 503 carries out the request message for identifying corresponding forwarding-table item based on the VRF Network address translation;
First forwarding module 504, for based on the forwarding process, the request message after conversion to be transmitted to server-side, So that the server-side returns to the corresponding response message of request message after the conversion;Wherein, the IP address of the server-side For the purpose IP address of the request message after the conversion.
In an alternative embodiment, first forwarding module 504 specifically can be used for:
Based on the forwarding-table item, the corresponding VXLAN mark of the request message is determined;
It is identified based on the VXLAN, the request message after conversion is encapsulated as VXLAN message;
Based on the forwarding process, the VXLAN message is transmitted to server-side.
In an alternative embodiment, described device 500 can also include:
Second receiving module 505 receives the response report that the server-side returns for being based on the forwarding process Text, and determine the corresponding VRF mark of the response message;
Second conversion module 506 carries out the response message for identifying corresponding forwarding-table item based on the VRF Reversed network address translation;
Response message after conversion is transmitted to the client for being based on the forwarding process by the second forwarding module 507 End.
In an alternative embodiment, second receiving module 505 specifically can be used for:
Based on the forwarding process, the VXLAN message that the server-side returns is received, and determines that the response message is corresponding VRF mark;
Second conversion module is specifically used for:
The VXLAN message is parsed, to obtain the response message that the server-side returns;
Corresponding forwarding-table item is identified based on the VRF, reversed network address translation is carried out to the response message.
In an alternative embodiment, first conversion module 503 specifically can be used for:
Identify corresponding forwarding-table item and preset load balancing based on the VRF, to the request message into Row network address translation.
The function of each unit and the realization process of effect are specifically detailed in the above method and correspond to step in above-mentioned apparatus Realization process, details are not described herein.
For device embodiment, since it corresponds essentially to embodiment of the method, so related place is referring to method reality Apply the part explanation of example.The apparatus embodiments described above are merely exemplary, wherein described be used as separation unit The unit of explanation may or may not be physically separated, and component shown as a unit can be or can also be with It is not physical unit, it can it is in one place, or may be distributed over multiple network units.It can be according to actual The purpose for needing to select some or all of the modules therein to realize application scheme.Those of ordinary skill in the art are not paying Out in the case where creative work, it can understand and implement.
The foregoing is merely the preferred embodiments of the application, not to limit the application, all essences in the application Within mind and principle, any modification, equivalent substitution, improvement and etc. done be should be included within the scope of the application protection.

Claims (10)

1. a kind of message forwarding method, which is characterized in that the method is applied to forwarding device, and the forwarding device includes multiple Forwarding process, which comprises
Based on each forwarding process, the request message that client is sent is received respectively;Wherein, the destination IP of the request message Location is the corresponding virtual ip address of the forwarding process;
Based on the purpose IP address of the request message, the corresponding VPN route forwarding table VRF mark of the request message is determined;
Corresponding forwarding-table item is identified based on the VRF, network address translation is carried out to the request message;
Based on the forwarding process, the request message after conversion is transmitted to server-side, so that the server-side returns to described turn The corresponding response message of request message after changing;Wherein, the IP address of the server-side is the request message after the conversion Purpose IP address.
2. the method according to claim 1, wherein described be based on the forwarding process, by the request after conversion Message is transmitted to server-side, comprising:
Based on the forwarding-table item, the corresponding virtual extended local area network VXLAN mark of the request message is determined;
It is identified based on the VXLAN, the request message after conversion is encapsulated as VXLAN message;
Based on the forwarding process, the VXLAN message is transmitted to server-side.
3. the method according to claim 1, wherein the method also includes:
Based on the forwarding process, the response message that the server-side returns is received, and determines that the response message is corresponding VRF mark;
Corresponding forwarding-table item is identified based on the VRF, reversed network address translation is carried out to the response message;
Based on the forwarding process, the response message after conversion is transmitted to the client.
4. according to the method described in claim 3, it is characterized in that, it is described be based on the forwarding process, receive the server-side The response message returned, and determine the corresponding VRF mark of the response message, comprising:
Based on the forwarding process, the VXLAN message that the server-side returns is received, and determines that the VXLAN message is corresponding VRF mark;
It is described that corresponding forwarding-table item is identified based on the VRF, reversed network address translation is carried out to the response message, is wrapped It includes:
The VXLAN message is parsed, to obtain the response message that the server-side returns;
Corresponding forwarding-table item is identified based on the VRF, reversed network address translation is carried out to the response message.
5. right the method according to claim 1, wherein described identify corresponding forwarding-table item based on the VRF The request message carries out network address translation, comprising:
Corresponding forwarding-table item and preset load balancing are identified based on the VRF, net is carried out to the request message Network address conversion.
6. a kind of apparatus for forwarding message, which is characterized in that described device is applied to forwarding device, and the forwarding device includes multiple Forwarding process, described device include:
First receiving module receives the request message that client is sent for being based on each forwarding process respectively;Wherein, described The purpose IP address of request message is the corresponding virtual ip address of the forwarding process;
Determining module determines the corresponding VRF mark of the request message for the purpose IP address based on the request message;
First conversion module carries out network address to the request message for identifying corresponding forwarding-table item based on the VRF Conversion;
Request message after conversion is transmitted to server-side, so that described for being based on the forwarding process by the first forwarding module Server-side returns to the corresponding response message of request message after the conversion;Wherein, the IP address of the server-side is described turns The purpose IP address of request message after changing.
7. device according to claim 6, which is characterized in that first forwarding module is specifically used for:
Based on the forwarding-table item, the corresponding VXLAN mark of the request message is determined;
It is identified based on the VXLAN, the request message after conversion is encapsulated as VXLAN message;
Based on the forwarding process, the VXLAN message is transmitted to server-side.
8. device according to claim 6, which is characterized in that described device further include:
Second receiving module receives the response message that the server-side returns, and determine for being based on the forwarding process The corresponding VRF mark of the response message;
Second conversion module carries out reversed net to the response message for identifying corresponding forwarding-table item based on the VRF Network address conversion;
Response message after conversion is transmitted to the client for being based on the forwarding process by the second forwarding module.
9. device according to claim 8, which is characterized in that second receiving module is specifically used for:
Based on the forwarding process, the VXLAN message that the server-side returns is received, and determines that the response message is corresponding VRF mark;
Second conversion module is specifically used for:
The VXLAN message is parsed, to obtain the response message that the server-side returns;
Corresponding forwarding-table item is identified based on the VRF, reversed network address translation is carried out to the response message.
10. device according to claim 6, which is characterized in that first conversion module is specifically used for:
Corresponding forwarding-table item and preset load balancing are identified based on the VRF, net is carried out to the request message Network address conversion.
CN201811343854.4A 2018-11-13 2018-11-13 Message forwarding method and device Active CN109474713B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201811343854.4A CN109474713B (en) 2018-11-13 2018-11-13 Message forwarding method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811343854.4A CN109474713B (en) 2018-11-13 2018-11-13 Message forwarding method and device

Publications (2)

Publication Number Publication Date
CN109474713A true CN109474713A (en) 2019-03-15
CN109474713B CN109474713B (en) 2021-12-24

Family

ID=65672121

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811343854.4A Active CN109474713B (en) 2018-11-13 2018-11-13 Message forwarding method and device

Country Status (1)

Country Link
CN (1) CN109474713B (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111131496A (en) * 2019-12-31 2020-05-08 易票联支付有限公司 Communication transfer method, system, device and medium based on identification information
CN113922972A (en) * 2021-12-10 2022-01-11 北京华云安信息技术有限公司 Data forwarding method and device based on MD5 identification code
CN115136561A (en) * 2020-02-24 2022-09-30 思科技术公司 VRF isolation for shared services in multi-architecture cloud networks
CN115334045A (en) * 2022-08-12 2022-11-11 迈普通信技术股份有限公司 Message forwarding method, device, gateway equipment and storage medium

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101159750A (en) * 2007-11-20 2008-04-09 杭州华三通信技术有限公司 Identification authenticating method and apparatus
CN101227376A (en) * 2008-02-04 2008-07-23 杭州华三通信技术有限公司 Equipment and method for virtual special-purpose network multi-case safe access
CN101599901A (en) * 2009-07-15 2009-12-09 杭州华三通信技术有限公司 The method of remotely accessing MPLS VPN, system and gateway
US8451837B1 (en) * 2010-06-16 2013-05-28 Cisco Technology, Inc. Discovery of MPLS VPN links
CN107659485A (en) * 2017-10-31 2018-02-02 新华三技术有限公司 A kind of method and device of equipment and server communication in VPN VPN

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101159750A (en) * 2007-11-20 2008-04-09 杭州华三通信技术有限公司 Identification authenticating method and apparatus
CN101227376A (en) * 2008-02-04 2008-07-23 杭州华三通信技术有限公司 Equipment and method for virtual special-purpose network multi-case safe access
CN101599901A (en) * 2009-07-15 2009-12-09 杭州华三通信技术有限公司 The method of remotely accessing MPLS VPN, system and gateway
US8451837B1 (en) * 2010-06-16 2013-05-28 Cisco Technology, Inc. Discovery of MPLS VPN links
CN107659485A (en) * 2017-10-31 2018-02-02 新华三技术有限公司 A kind of method and device of equipment and server communication in VPN VPN

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111131496A (en) * 2019-12-31 2020-05-08 易票联支付有限公司 Communication transfer method, system, device and medium based on identification information
CN115136561A (en) * 2020-02-24 2022-09-30 思科技术公司 VRF isolation for shared services in multi-architecture cloud networks
CN113922972A (en) * 2021-12-10 2022-01-11 北京华云安信息技术有限公司 Data forwarding method and device based on MD5 identification code
CN113922972B (en) * 2021-12-10 2022-03-08 北京华云安信息技术有限公司 Data forwarding method and device based on MD5 identification code
CN115334045A (en) * 2022-08-12 2022-11-11 迈普通信技术股份有限公司 Message forwarding method, device, gateway equipment and storage medium
CN115334045B (en) * 2022-08-12 2023-12-19 迈普通信技术股份有限公司 Message forwarding method, device, gateway equipment and storage medium

Also Published As

Publication number Publication date
CN109474713B (en) 2021-12-24

Similar Documents

Publication Publication Date Title
CN112470436B (en) Systems, methods, and computer-readable media for providing multi-cloud connectivity
US10547463B2 (en) Multicast helper to link virtual extensible LANs
US10412156B1 (en) Techniques for utilizing network destination identifiers simultaneously announced from multiple locations
JP5809696B2 (en) Distributed virtual network gateway
CN101252509B (en) Application of dual-NAT method in packet data processing and routing of dynamic virtual private network (VPN)
CN109474713A (en) Message forwarding method and device
CN105610632B (en) Virtual network equipment and related method
TWI524188B (en) Method, computer program product and system for providing virtual networks using multi-tenant relays
CN105553977B (en) Processing, sending method and the device of request message
US8353020B2 (en) Transparently extensible firewall cluster
CN110392108A (en) A kind of public cloud Network Load Balance system architecture and implementation method
US20220116323A1 (en) Techniques for high performant virtual routing capabilities
CN105721306A (en) Configuration information transmission method and device
CN109639557A (en) Methods, devices and systems for network communication
EP3588875B1 (en) Web services across virtual routing and forwarding
CN105939240B (en) Load-balancing method and device
CN111698346B (en) Private network address conversion method and device, private network gateway and storage medium
CN105554176B (en) Send the method, apparatus and communication system of message
CN105939267B (en) Outband management method and device
JP2020510938A (en) System and method for a compute node management protocol
CN109525684A (en) Message forwarding method and device
JP3666654B2 (en) Internet communication method {MethodforanInternetCommunication}
CN107659930A (en) A kind of AP connection control methods and device
CN109413224A (en) Message forwarding method and device
WO2017054469A1 (en) Mirroring processing method and apparatus for data stream

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant