CN109495596A - A kind of method and device for realizing address conversion - Google Patents

A kind of method and device for realizing address conversion Download PDF

Info

Publication number
CN109495596A
CN109495596A CN201710822932.8A CN201710822932A CN109495596A CN 109495596 A CN109495596 A CN 109495596A CN 201710822932 A CN201710822932 A CN 201710822932A CN 109495596 A CN109495596 A CN 109495596A
Authority
CN
China
Prior art keywords
address
message
stationary exit
network
tunnel
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201710822932.8A
Other languages
Chinese (zh)
Other versions
CN109495596B (en
Inventor
原万万
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Alibaba Group Holding Ltd
Original Assignee
Alibaba Group Holding Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Alibaba Group Holding Ltd filed Critical Alibaba Group Holding Ltd
Priority to CN201710822932.8A priority Critical patent/CN109495596B/en
Publication of CN109495596A publication Critical patent/CN109495596A/en
Application granted granted Critical
Publication of CN109495596B publication Critical patent/CN109495596B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/25Mapping addresses of the same type
    • H04L61/2503Translation of Internet protocol [IP] addresses
    • H04L61/2592Translation of Internet protocol [IP] addresses using tunnelling or encapsulation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/25Mapping addresses of the same type
    • H04L61/2503Translation of Internet protocol [IP] addresses
    • H04L61/2521Translation architectures other than single NAT servers
    • H04L61/2532Clique of NAT servers

Abstract

This application discloses a kind of method and devices for realizing address conversion, which comprises for each NAT in cluster, the IP address information of stationary exit IP operation is arranged;NAT detection outgoing packet is the IP tunnel message for accessing the stationary exit IP operation of public network, and the IP tunnel message finds the IP address information of the stationary exit IP operation of NAT setting;Source address conversion is carried out to the IP tunnel message using the IP address information of the stationary exit IP operation found and establishes session, sends the message by NAT conversion to NSW.

Description

A kind of method and device for realizing address conversion
Technical field
This application involves computer technology, espespecially a kind of method and device for realizing address conversion.
Background technique
Network address translation (NAT, Network Address Translation) is to convert private address to legal IP The switch technology of address is applied in various types Internet access way and various types of networks.With active-standby mode Ah In for NAT (ANAT, Alibaba NAT), ANAT is based on DPDK (Intel Data Plane Development Kit) The high performance NAT host of exploitation, runs on general X86 platform, has strong etc. the feature of high-performance, customizability.It is main Although standby Mode A NAT cluster can satisfy existing business demand in performance, there are some disadvantages, such as redundancy Higher cost caused by relatively poor, stacking etc..
NAT conversion basic principle generally comprises: the request message in the direction OUT (i.e. the direction of Intranet to public network) actively accesses Public network, when flow passes through NAT host (also referred to as network address translater), the source IP address of message is converted to address by NAT host The IP address configured in pond is converted (SNAT:Source Network Address to the source address in data packet Translation), session (session) is established after completing NAT conversion, and sends public network for message;The direction IN (i.e. public network To the direction of Intranet) response message when passing through NAT host, the destination IP of message is restored according to the session established before For the source IP of previous Request message, i.e., (DNAT, Destination Network is converted to the destination address in data packet Address Translation), and give to intranet host.
Summary of the invention
The application provides a kind of method and device for realizing address conversion, and the address for being capable of handling stationary exit IP operation turns Change problem.
The application provides a kind of method for realizing address conversion, comprising:
For each network address translater in cluster, the IP address information of stationary exit IP operation is set;
Network address translater detects the IP tunnel message for the stationary exit IP operation that outgoing packet is access public network, and the IP Tunnel packet finds the IP address information of the stationary exit IP operation of network address translater setting;
Source address conversion is carried out to the IP tunnel message using the IP address information of the stationary exit IP operation found and is built Vertical session sends the message by network address translater conversion to the network switch;
Wherein, stationary exit IP operation is when accessing multiple purpose IP address, using fixed source IP address Business.
Optionally, before the method further include:
Different routing priority is configured to each network address translater, and routing priority is advertised to institute State the network switch.
Optionally, if detecting that the message is the non-IP tunnel message for accessing public network, but the network address is found The IP address information of the stationary exit IP operation of converter binding, the method also includes:
Using the IP address information for the stationary exit IP operation being arranged in the network address translater as neotectonics The destination address of IP tunnel message, and the original non-IP tunnel message is encapsulated into the data of the IP tunnel message of neotectonics The network switch is sent to behind part.
Optionally, described pair of IP tunnel message progress source address, which is converted, includes:
With replacing with the corresponding IP of stationary exit IP operation found by the source IP address in the IP tunnel message Location.
Optionally, the method also includes:
When the network address translater receives the response message of the IP tunnel message, according to the session of the foundation, Purpose IP address in response message is reduced to the source IP address of IP tunnel message.
The application provides a kind of method for realizing address conversion again, comprising:
For at least one network address translater in cluster, the IP address information of stationary exit IP operation is set;
Network address translater detects the IP tunnel message for the stationary exit IP operation that outgoing packet is access public network, and the IP Tunnel packet finds the IP address information of the stationary exit IP operation of network address translater setting;
Source address conversion is carried out to the IP tunnel message using the IP address information of the stationary exit IP operation found and is built Vertical session sends the message by network address translater conversion to the network switch;
Wherein, stationary exit IP operation is when accessing multiple purpose IP address, using fixed source IP address Business.
The application provides a kind of device for realizing address conversion again, including setup module, first processing module, at second Manage module;Wherein,
Setup module, for the IP address information of stationary exit IP operation to be arranged;
First processing module is the IP tunnel message for accessing the stationary exit IP operation of public network for detecting outgoing packet, and The IP tunnel message finds the IP address information of the stationary exit IP operation of setting;
Second processing module, for using the IP address information of stationary exit IP operation found to the IP tunnel message into Session is converted and established to row source address, sends the message by network address translater conversion to the network switch;
Wherein, stationary exit IP operation is when accessing multiple purpose IP address, using fixed source IP address Business.
Optionally, the setup module is also used to: configuration routing priority;
Described device further includes announcement module, for the routing priority of setting to be advertised to the NSW.
Optionally, the first processing module is also used to: detection outgoing packet is the non-IP tunnel message for accessing public network, but is looked for To the IP address information of the stationary exit IP operation of setting;
The Second processing module is also used to: using the IP address information of the stationary exit IP operation of the setting as new The destination address of the IP tunnel message of construction, and the original non-IP tunnel message is encapsulated into the IP tunnel report of the neotectonics The network switch is sent to after the data portion of text.
Present invention also provides a kind of devices for realizing address conversion, including one or more processors;And one or Multiple machine readable medias for being stored with multiple instruction, when multiple instruction is executed by one or more processors, so that device For: the IP address information of setting stationary exit IP operation;Detection outgoing packet is the IP for accessing the stationary exit IP operation of public network Tunnel packet, and the IP tunnel message finds the IP address information of the stationary exit IP operation of network address translater setting;Benefit Source address conversion is carried out to the IP tunnel message with the IP address information of the stationary exit IP operation found and establishes session, is sent Message by network address translater conversion is to the network switch;Wherein, stationary exit IP operation is to access multiple purposes When IP address, using the business of a fixed source IP address.
The application handles the address translation problem of stationary exit IP operation by the NAT process run on NAT host, and one Aspect does not need dynamic configuration interchanger, avoids a possibility that other business are unable to operate normally on interchanger;Another party Face may be implemented automation O&M completely on O&M, be greatly reduced fortune since NAT host is a common server Tie up difficulty.
Detailed description of the invention
Attached drawing is used to provide to further understand technical scheme, and constitutes part of specification, with this The embodiment of application is used to explain the technical solution of the application together, does not constitute the limitation to technical scheme.
Fig. 1 is signal of the application according to the networking embodiment of the NAT cluster based on BGP of the one aspect of the application Figure;
Fig. 2 is the flow diagram according to the method for the realization address conversion of the one aspect of the application;
Fig. 3 is the flow diagram according to the embodiment of the method for the realization address conversion of the one aspect of the application;
Fig. 4 is the composed structure schematic diagram according to the device of the realization address conversion of the one aspect of the application;
Fig. 5 is the composed structure schematic diagram according to the device of the realization address conversion of further aspect of the application.
Specific embodiment
For the purposes, technical schemes and advantages of the application are more clearly understood, below in conjunction with attached drawing to the application Embodiment be described in detail.It should be noted that in the absence of conflict, in the embodiment and embodiment in the application Feature can mutual any combination.
In a typical configuration of this application, calculating equipment includes one or more processors (CPU), input/output Interface, network interface and memory.
Memory may include the non-volatile memory in computer-readable medium, random access memory (RAM) and/or The forms such as Nonvolatile memory, such as read-only memory (ROM) or flash memory (flash RAM).Memory is computer-readable medium Example.
Computer-readable medium includes permanent and non-permanent, removable and non-removable media can be by any method Or technology come realize information store.Information can be computer readable instructions, data structure, the module of program or other data. The example of the storage medium of computer includes, but are not limited to phase change memory (PRAM), static random access memory (SRAM), moves State random access memory (DRAM), other kinds of random access memory (RAM), read-only memory (ROM), electric erasable Programmable read only memory (EEPROM), flash memory or other memory techniques, read-only disc read only memory (CD-ROM) (CD-ROM), Digital versatile disc (DVD) or other optical storage, magnetic cassettes, tape magnetic disk storage or other magnetic storage devices Or any other non-transmission medium, can be used for storage can be accessed by a computing device information.As defined in this article, it calculates Machine readable medium does not include non-temporary computer readable media (transitory media), such as the data-signal and carrier wave of modulation.
Step shown in the flowchart of the accompanying drawings can be in a computer system such as a set of computer executable instructions It executes.Also, although logical order is shown in flow charts, and it in some cases, can be to be different from herein suitable Sequence executes shown or described step.
In order to meet the needs of harshness such as production environment high-performance, high reliability, load balancing, present inventor is proposed It is solved with the NAT of the main features such as high-performance, high reliability, load balancing that Border Gateway Protocol (BGP) is group scheme Scheme.This NAT cluster realized based on BGP, on the one hand, since there are more NAT in cluster, a NAT occurs wherein When failure, there can be more standby N AT, compared to the reliability that active-standby mode increases NAT conversion;On the other hand, in cluster More NAT can work at the same time, compared to can only a NAT work active-standby mode, based on BGP realize NAT cluster mention High efficiency;In another aspect, also achieving load balancing based on the BGP NAT cluster realized, active-standby mode has been well solved The problem of NAT cluster.
Fig. 1 is signal of the application according to the networking embodiment of the NAT cluster based on BGP of the one aspect of the application Figure, as shown in Figure 1, include tetra- address-translating devices of NAT1, NAT2, NAT3 and NAT4 in the NAT cluster based on BGP, with Illustrate the course of work of the NAT cluster based on BGP for the direction OUT:
Firstly, each network switch (NSW) notices the priority of respective default route, the present embodiment to its upstream switches In, it is assumed that the routing priority of NSW1 notice is high, and the routing priority of NSW2 notice is low, in this way, NSW upstream switches extremely On the path NSW, it is high that all flows (SIP is identical with DIP) can be drained into same NSW i.e. priority by the upstream switches of NSW NSW1;Wherein, SIP is source (Source) IP address, (Destination) IP address for the purpose of DIP.Then, in NSW1 Portion carries out Hash (hash) based on binary group (SIP+DIP) and calculates, by same stream hash to same NAT host, in this way Processing, has both achieved the purpose that load balancing, has also ensured homologous chummage;Here, four NAT hosts in cluster can notice phase The VIP of same priority is routed to NSW.Then, NAT carries out source address conversion, since the address in an address pool is to assign to On each NAT host, therefore, the realization of the address in the address pool being locally configured always is can be used to the NAT of source address in NAT Conversion;After completing to the address conversion of source IP address, NSW is forwarded the message to by default route.Finally, NSW passes through strategy Routing forwards the traffic to downstream switch.
When carrying out NAT conversion to source address, there is a kind of special business demand, that is, is accessing multiple purpose IP address When, only allow using a fixed source IP address, that is to say, that Mr. Yu's specific transactions (also referred to as stationary exit IP industry Business), present inventor's discovery, if by strategy of the addition for the flow of stationary exit IP on switches, Ke Yibao The flow for demonstrate,proving stationary exit IP realizes that homologous chummage drains always on the same device.On the one hand, repeatedly to interchanger Operation is likely to result in other business on interchanger and is unable to operate normally;On the other hand, the automation O&M of interchanger is current It is still a problem, therefore, the difficulty of O&M can be increased significantly.Therefore, the application is for stationary exit IP under BGP NAT cluster Flow the problem of bringing propose a kind of technical solution for realizing address conversion.
Fig. 2 be according to the flow diagram of the method for the realization address conversion of the one aspect of the application, as shown in Fig. 2, Group-network construction based on NAT cluster shown in FIG. 1, wherein NAT can be the one group of process of operation on the server, at least wrap It includes:
As shown in block 200, for each NAT in cluster, the IP address information of stationary exit IP operation is set.
It is alternatively possible to which the IP address setting (also referred to as binding) of stationary exit IP operation is arrived as unit of address pool In every NAT host in cluster.That is, with being equipped with the corresponding IP of stationary exit IP operation on every NAT host Location.
As shown in box 201, NAT detection outgoing packet is the IP tunnel (IP for accessing the stationary exit IP operation of public network Tunnel) message, and the IP address information of the stationary exit IP operation of IP tunnel message hit NAT binding.
NAT process on the direction OUT, NAT host can be distinguished by service identification flow through NAT message whether be Stationary exit IP operation message.
As shown in block 202, using the IP address information for the stationary exit IP operation for finding and (also referred to as hitting) to the IP Tunnel message carries out source address conversion and establishes session, sends the message by NAT conversion to NSW.
Wherein, NSW refers both to the interchanger of carry ANAT.
Optionally, carrying out source address conversion to the IP tunnel message may include: by the source in IP tunnel message IP address replaces with the corresponding IP address of stationary exit IP operation of hit.
Optionally, establishing session may include: the source IP address for establishing the IP tunnel message and the IP of hit Corresponding relationship between location.
The application handles the address translation problem of stationary exit IP operation by the NAT process run on NAT host, and one Aspect does not need dynamic configuration interchanger, avoids a possibility that other business are unable to operate normally on interchanger;Another party Face may be implemented automation O&M completely on O&M, be greatly reduced fortune since NAT host is a common server Tie up difficulty.
Address translation problem of the application based on IP tunnel processing stationary exit IP operation on NAT, will not be to original The performance and stability of NAT have an impact.
Before the application method further include: configure different routing priority to each NAT, and routing priority is led to It accuses to NSW.
IP tunnel message is transmitted to priority most by the routing priority that NSW is noticed according to NAT host each in cluster High NAT host.
Table 1 shows the profile instance of a stationary exit IP address and routing priority.
Table 1
It is shown the IP address of stationary exit IP operation in table 1 as unit of address pool (i.e. in table 1 192.168.1.1 it) being tied on all NAT hosts, the address pool of stationary exit IP operation is provided with corresponding matching strategy, this In, the address of only hit matching strategy can just select the corresponding address pool of stationary exit IP;Matching strategy and stationary exit IP There are multipair 1 relationship between the address pool of address, matching strategy is such as based on destination address matching;
The priority of IP address need to be advertised to NSW with different priority by every NAT, i.e., each IP address need to be to NSW The routing of different priorities is noticed, as shown in table 1, the NAT in cluster is always divided into 4 priority, and priority is by AS_PATH's Value distinguishes;
Optionally,
If detection outgoing packet is the non-IP tunnel message for accessing public network, but hits the stationary exit IP industry of NAT binding The IP address information of business, the method also includes:
Using the IP address information for the stationary exit IP operation bound in NAT as the IP tunnel message of neotectonics Destination address, and original non-IP tunnel message is encapsulated into the neotectonics IP tunnel message data portion after send out Give NSW (interchanger connecting with NAT).
Optionally, the method provided by the present application for realizing address conversion can also include:
In the direction IN, when NAT receives the response message of IP tunnel message, according to the session established before, will ring The purpose IP address in message is answered to be reduced to the source IP address of IP tunnel message.
Fig. 3 is according to the flow diagram of the embodiment of the method for the realization address conversion of the one aspect of the application, knot Close aggregated structure figure shown in FIG. 1, it is assumed that there is the message of an access stationary exit IP operation to pass through in the data packet in the direction OUT It is forwarded to NAT1 after the Hash operation of NSW, as shown in Figure 3, comprising:
As shown in box 300,304~box of box 307, the NAT process on NAT1 receives the message, finds the data packet It is the i.e. non-IP tunnel packet of a common IP packet, and finds that the message matching has arrived stationary exit IP operation after treatment Corresponding address pool, that is to say, that the corresponding address pool of hit stationary exit IP operation, then, NAT1 takes out from address pool IP address, and using the IP address as the purpose IP address of the IP tunnel message of neotectonics, and original message is encapsulated into this NSW is sent to after the data portion of the IP tunnel message of neotectonics;The routing priority that NSW is noticed according to 4 NAT hosts, The IP tunnel message is transmitted to that NAT host of highest priority, such as: assuming that highest priority is NAT2, then The IP tunnel message is transmitted to NAT2;
As shown in 300~box of box 303, NAT2 determines that the message is an IP tunnel report after receiving message Text, then, NAT2 decapsulates to obtain original message to the IP tunnel message received;Original message is handled, life is used In address pool in IP address carry out source NAT conversion so that the IP address replacement original message in the address pool of hit Source IP address, and establish after Session and original message is sent to NSW, so as to NSW according to routing policy forward the packet to Downstream switch.
Fig. 4 is according to the composed structure schematic diagram of the device of the realization address conversion of the one aspect of the application, such as Fig. 4 institute Show, includes at least setup module, first processing module, Second processing module;Wherein,
Setup module, for binding the IP address information of stationary exit IP operation;
First processing module is the IP tunnel (IP for accessing the stationary exit IP operation of public network for detecting outgoing packet Tunnel) message, and the IP address information of the stationary exit IP operation of IP tunnel message hit binding;
Second processing module, the IP address information for the stationary exit IP operation using hit report the IP tunnel Text carries out source address conversion and establishes session, sends the message by NAT conversion to NSW.
Optionally, setup module is also used to: configuration routing priority;Correspondingly, the application device further includes announcement module, For the routing priority of setting to be advertised to NSW.
Optionally,
First processing module is also used to: detection outgoing packet is the non-IP tunnel message for accessing public network, but hits binding The IP address information of stationary exit IP operation;
Second processing module is also used to: using the IP address information of the stationary exit IP operation of binding as the IP of neotectonics The destination address of tunnel message, and original non-IP tunnel message is encapsulated into the IP tunnel message of the neotectonics NSW is sent to after data portion.
Optionally,
Second processing module is also used to: when receiving the response message of IP tunnel message, according to what is established before Purpose IP address in response message is reduced to the source IP address of IP tunnel message by session.
Fig. 5 is the exemplary diagram according to a device of different embodiments.Device may include one or more processors 500, coupling System storage 503, the coupling for being connected at least system control logic 501 of a processor 500, being coupled to system control logic 501 It is connected to nonvolatile storage (NVM, Non-Volatile Memory)/memory 504 and the coupling of system control logic 501 In the network interface 505 of system control logic 501.
Processor 500 may include the processor of one or more single cores or multi-core.Processor 500 may include general place Manage any of device, graphics processor and application specific processor (for example, graphics processor, application processor, Baseband processor etc.) Combination.When host or virtual machine of the device shown in Fig. 5 as virtual machine, processor 500 be can be configured to according to not With embodiment execute embodiment as shown in Figure 2 or Figure 3.
In one embodiment, system control logic 501 may include one or more Memory Controllers to provide an interface To system storage 503.System storage 503 can be used to load and store to Fig. 5 shown device system data and/ Or instruction.In one embodiment, system storage 503 may include any appropriate volatile memory, for example, such as dynamic Random access memory (DRAM).
Nonvolatile storage/memory 504 may include one or more tangible, non-instantaneous computer-readable media, lift For example, for storing data and/or instruction.Nonvolatile storage/memory 504 may include any appropriate non-volatile deposits Reservoir, such as flash memory, and/or may include any appropriate Nonvolatile memory device, such as one or more rigid disk drivings Device (HDDs), one or more CD (CD) machines, and/or one or more optical digital disk (DVD) machines.
Nonvolatile storage/memory 504 may include a storage resource, physically be one of device shown in fig. 5 Part or its can be accessed by device shown in fig. 5 but some of device shown in fig. 5 need not be set to.For example, non-volatile Memory/memory 504 can be by network interface 505 by a network access.
System storage 503 and nonvolatile storage/memory 504 can respectively include: timeliness and duration Instruction 507 copy.When the instruction that instruction 507 includes is executed by an at least processor 500, device shown in fig. 5 can lead to Implement the method as described in Fig. 2 or Fig. 3.In different embodiments, instruction 507 or its hardware, solid, and/or software part, Can extraly/be alternatively placed in system control logic 501, network interface 505, and/or processor 500.
Network interface 505 can have a transceiver to provide a radio interface to device shown in fig. 5 via one Or it multiple network communications and/or is communicated with other any devices appropriate.Network interface 505 may include any appropriate hardware And/or solid.Network interface 505 may include mutiple antennas to provide the radio interface of a multiple-input and multiple-output.Implement one In example, network interface 505 may include: network connector, wireless network connection device, telephone modem, and/or wireless tune Modulator-demodulator.
In one embodiment, at least one of processor 500 can be encapsulated together with logic to system control logic 501 One or more controllers.In one embodiment, at least one of processor 500 can be controlled by encapsulating together with logic to system One or more controllers of logic 501, to form a system in package (SiP).In one embodiment, processor 500 is at least One can be incorporated into together on an identical chip to one or more controllers of system control logic 501 with logic.One In embodiment, at least one of processor 500 can be incorporated into together on an identical chip to system control logic with logic 501 one or more controllers, to form a systemonchip (SoC).
Device shown in fig. 5 can further comprise input/output (I/O) device 732.Input/output device 506 can wrap Include: be designed to allow user can with the user interface of device interactive shown in fig. 5, be designed to enable circumferential component and Fig. 5 institute The circumferential component interface of the device interactive shown, and/or it is designed to have to determine environmental aspect and/or with device shown in fig. 5 The sensor of the location information of pass.
In different embodiments, user interface can include but is not limited to: display is (for example, liquid crystal display, touch screen Display etc.), loudspeaker, microphone, one or more video camera (for example, camera and/or video recorder), flash lamp is (for example, hair Optical diode flashing light) and keyboard.
In different embodiments, circumferential component interface can include but is not limited to: nonvolatile storage port, audio are inserted Hole and power supply supply interface.
In different embodiments, sensor can include but is not limited to: gyro sensor, accelerometer, proximity sense Device, ambient light sensor and positioning unit.Positioning unit can also be some or and network interface of network interface 505 505 interactions with positioning network (such as global positioning system (GPS) satellite) to be communicated.
In different embodiments, device shown in fig. 5 can have more or less component and/or different structures.
The application also provides a kind of device for realizing address conversion, one or more processors;And one or more A machine readable media for being stored with multiple instruction, when multiple instruction is executed by one or more processors, so that device is used In: the IP address information of binding stationary exit IP operation;Detection outgoing packet is the IP for accessing the stationary exit IP operation of public network Tunnel message, and the IP address information of the stationary exit IP operation of IP tunnel message hit NAT binding;Utilize hit The IP address information of stationary exit IP operation the IP tunnel message is carried out source address conversion and to establish session, send Message by NAT conversion is to NSW.
Although embodiment disclosed by the application is as above, the content only for ease of understanding the application and use Embodiment is not limited to the application.Technical staff in any the application fields, is taken off not departing from the application Under the premise of the spirit and scope of dew, any modification and variation, but the application can be carried out in the form and details of implementation Scope of patent protection, still should be subject to the scope of the claims as defined in the appended claims.

Claims (10)

1. a kind of method for realizing address conversion characterized by comprising
For each network address translater in cluster, the IP address information of stationary exit IP operation is set;
Network address translater detects the IP tunnel message for the stationary exit IP operation that outgoing packet is access public network, and the IP tunnel Message finds the IP address information of the stationary exit IP operation of network address translater setting;
Source address conversion and the meeting of foundation are carried out to the IP tunnel message using the IP address information of the stationary exit IP operation found Words send the message by network address translater conversion to the network switch;
Wherein, stationary exit IP operation is when accessing multiple purpose IP address, using the business of a fixed source IP address.
2. the method according to claim 1, wherein before the method further include:
Different routing priority is configured to each network address translater, and routing priority is advertised to the net Network interchanger.
3. method according to claim 1 or 2, which is characterized in that if detecting that the message is the non-of access public network IP tunnel message, but find the IP address information of the stationary exit IP operation of the network address translater binding, the method Further include:
Using the IP address information for the stationary exit IP operation being arranged in the network address translater as the IP tunnel of neotectonics The destination address of road message, and the original non-IP tunnel message is encapsulated into the data portion of the IP tunnel message of neotectonics After be sent to the network switch.
4. according to the method described in claim 3, it is characterized in that, the described pair of IP tunnel message carries out source address conversion packet It includes:
Source IP address in the IP tunnel message is replaced with into the corresponding IP address of stationary exit IP operation found.
5. the method according to claim 1, wherein the method also includes:
When the network address translater receives the response message of the IP tunnel message, according to the session of the foundation, it will ring The purpose IP address in message is answered to be reduced to the source IP address of IP tunnel message.
6. a kind of method for realizing address conversion characterized by comprising
For at least one network address translater in cluster, the IP address information of stationary exit IP operation is set;
Network address translater detects the IP tunnel message for the stationary exit IP operation that outgoing packet is access public network, and the IP tunnel Message finds the IP address information of the stationary exit IP operation of network address translater setting;
Source address conversion and the meeting of foundation are carried out to the IP tunnel message using the IP address information of the stationary exit IP operation found Words send the message by network address translater conversion to the network switch;
Wherein, stationary exit IP operation is when accessing multiple purpose IP address, using the business of a fixed source IP address.
7. a kind of device for realizing address conversion, which is characterized in that including setup module, first processing module, second processing mould Block;Wherein,
Setup module, for the IP address information of stationary exit IP operation to be arranged;
First processing module, for detecting the IP tunnel message for the stationary exit IP operation that outgoing packet is access public network, and the IP Tunnel packet finds the IP address information of the stationary exit IP operation of setting;
Second processing module carries out source to the IP tunnel message for the IP address information using the stationary exit IP operation found Address conversion simultaneously establishes session, sends the message by network address translater conversion to the network switch;
Wherein, stationary exit IP operation is when accessing multiple purpose IP address, using the business of a fixed source IP address.
8. device according to claim 7, which is characterized in that the setup module is also used to: configuration routing priority;
Described device further includes announcement module, for the routing priority of setting to be advertised to the NSW.
9. device according to claim 7, which is characterized in that the first processing module is also used to: detection outgoing packet is The non-IP tunnel message of public network is accessed, but finds the IP address information of the stationary exit IP operation of setting;
The Second processing module is also used to: using the IP address information of the stationary exit IP operation of the setting as neotectonics IP tunnel message destination address, and the original non-IP tunnel message is encapsulated into the IP tunnel message of the neotectonics The network switch is sent to after data portion.
10. a kind of device for realizing address conversion, which is characterized in that including one or more processors;And it is one or more It is stored with the machine readable media of multiple instruction, when multiple instruction is executed by one or more processors, so that device is used for: The IP address information of stationary exit IP operation is set;Detection outgoing packet is the IP tunnel report for accessing the stationary exit IP operation of public network Text, and the IP tunnel message finds the IP address information of the stationary exit IP operation of network address translater setting;Using finding The IP address information of stationary exit IP operation source address conversion is carried out to the IP tunnel message and establishes session, send and pass through net The message of network address translator conversion is to the network switch;Wherein, stationary exit IP operation is to access multiple purpose IP address When, using the business of a fixed source IP address.
CN201710822932.8A 2017-09-13 2017-09-13 Method and device for realizing address conversion Active CN109495596B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710822932.8A CN109495596B (en) 2017-09-13 2017-09-13 Method and device for realizing address conversion

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710822932.8A CN109495596B (en) 2017-09-13 2017-09-13 Method and device for realizing address conversion

Publications (2)

Publication Number Publication Date
CN109495596A true CN109495596A (en) 2019-03-19
CN109495596B CN109495596B (en) 2022-04-05

Family

ID=65689024

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710822932.8A Active CN109495596B (en) 2017-09-13 2017-09-13 Method and device for realizing address conversion

Country Status (1)

Country Link
CN (1) CN109495596B (en)

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110650222A (en) * 2019-10-31 2020-01-03 北京奇艺世纪科技有限公司 Network access method and device
CN111314497A (en) * 2020-01-20 2020-06-19 广州芯德通信科技股份有限公司 Method and system for simultaneously supporting multiple NAT types to take effect
CN112272157A (en) * 2020-09-15 2021-01-26 杭州数梦工场科技有限公司 Host IP address conversion method and device, computer equipment and storage medium
CN112333135A (en) * 2020-07-16 2021-02-05 北京京东尚科信息技术有限公司 Gateway determination method, device, server, distributor, system and storage medium
CN112711465A (en) * 2021-03-23 2021-04-27 腾讯科技(深圳)有限公司 Data processing method and device based on cloud platform, electronic equipment and storage medium
CN113765801A (en) * 2020-07-16 2021-12-07 北京京东尚科信息技术有限公司 Message processing method and device applied to data center, electronic equipment and medium

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1471275A (en) * 2002-07-23 2004-01-28 ��Ϊ�������޹�˾ Enterprise external virtual special network system and method using virtual router structure
CN1859292A (en) * 2005-12-16 2006-11-08 华为技术有限公司 Household gateway and method for ensuring household network service terminal QoS
US8416711B1 (en) * 2009-08-31 2013-04-09 Skype Systems and methods for sharing availability status information between network nodes
CN103067292A (en) * 2012-12-26 2013-04-24 华为技术有限公司 Websocket-transmission-based load balancing method and device
CN103139189A (en) * 2011-12-05 2013-06-05 京信通信系统(中国)有限公司 Internet protocol security (IPSec) tunnel sharing method, IPSec tunnel sharing system and IPSec tunnel sharing equipment
CN103179226A (en) * 2013-03-20 2013-06-26 国家电网公司 Method for connecting power distribution terminal into scheduling data network through NAT (Network Address Translation) manner
CN104852832A (en) * 2015-06-03 2015-08-19 上海斐讯数据通信技术有限公司 Method and system for testing performance of stun server in socket cluster

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1471275A (en) * 2002-07-23 2004-01-28 ��Ϊ�������޹�˾ Enterprise external virtual special network system and method using virtual router structure
CN1859292A (en) * 2005-12-16 2006-11-08 华为技术有限公司 Household gateway and method for ensuring household network service terminal QoS
US8416711B1 (en) * 2009-08-31 2013-04-09 Skype Systems and methods for sharing availability status information between network nodes
CN103139189A (en) * 2011-12-05 2013-06-05 京信通信系统(中国)有限公司 Internet protocol security (IPSec) tunnel sharing method, IPSec tunnel sharing system and IPSec tunnel sharing equipment
CN103067292A (en) * 2012-12-26 2013-04-24 华为技术有限公司 Websocket-transmission-based load balancing method and device
CN103179226A (en) * 2013-03-20 2013-06-26 国家电网公司 Method for connecting power distribution terminal into scheduling data network through NAT (Network Address Translation) manner
CN104852832A (en) * 2015-06-03 2015-08-19 上海斐讯数据通信技术有限公司 Method and system for testing performance of stun server in socket cluster

Cited By (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110650222A (en) * 2019-10-31 2020-01-03 北京奇艺世纪科技有限公司 Network access method and device
CN111314497A (en) * 2020-01-20 2020-06-19 广州芯德通信科技股份有限公司 Method and system for simultaneously supporting multiple NAT types to take effect
CN111314497B (en) * 2020-01-20 2022-03-11 广州芯德通信科技股份有限公司 Method and system for simultaneously supporting multiple NAT types to take effect
CN112333135A (en) * 2020-07-16 2021-02-05 北京京东尚科信息技术有限公司 Gateway determination method, device, server, distributor, system and storage medium
CN113765801A (en) * 2020-07-16 2021-12-07 北京京东尚科信息技术有限公司 Message processing method and device applied to data center, electronic equipment and medium
CN113765801B (en) * 2020-07-16 2024-02-09 北京京东尚科信息技术有限公司 Message processing method and device applied to data center, electronic equipment and medium
CN112272157A (en) * 2020-09-15 2021-01-26 杭州数梦工场科技有限公司 Host IP address conversion method and device, computer equipment and storage medium
CN112272157B (en) * 2020-09-15 2022-07-26 杭州数梦工场科技有限公司 Method and device for converting host IP address, computer equipment and storage medium
CN112711465A (en) * 2021-03-23 2021-04-27 腾讯科技(深圳)有限公司 Data processing method and device based on cloud platform, electronic equipment and storage medium
CN112711465B (en) * 2021-03-23 2021-06-18 腾讯科技(深圳)有限公司 Data processing method and device based on cloud platform, electronic equipment and storage medium

Also Published As

Publication number Publication date
CN109495596B (en) 2022-04-05

Similar Documents

Publication Publication Date Title
CN109495596A (en) A kind of method and device for realizing address conversion
CN105264493B (en) Dynamic virtual machine migration on information centre's network
CN110012125B (en) Cluster network communication method, device, storage medium and equipment
US8730793B2 (en) Method and apparatus providing network redundancy and high availability to remote network nodes
US11765080B2 (en) Layer-2 networking span port in a virtualized cloud environment
US10904342B2 (en) Container networking using communication tunnels
CN105612722A (en) Virtual network routing
CN104518963A (en) Methods and apparatus for implementing connectivity between edge devices via a switch fabric
CN104995880A (en) Quantized congestion notification in a virtual networking system
US20150163072A1 (en) Virtual Port Extender
US11121969B2 (en) Routing between software defined networks and physical networks
CN112333135B (en) Gateway determination method, device, server, distributor, system and storage medium
US20220263793A1 (en) Cloud infrastructure resources for connecting a service provider private network to a customer private network
US20220255854A1 (en) Packet flow control in a header of a packet
CN102916897A (en) Method and equipment for realizing VRRP load sharing
US20240039847A1 (en) Highly-available host networking with active-active or active-backup traffic load-balancing
WO2022146589A1 (en) Layer-2 networking span port in a virtualized cloud environment
US20230370421A1 (en) Scaling ip addresses in overlay networks
US11637770B2 (en) Invalidating cached flow information in a cloud infrastructure
US20220166711A1 (en) System and method for routing traffic onto an mpls network
JP2024503318A (en) Layer 2 networking using access control lists in virtualized cloud environments
CN113973086B (en) Data transmission method, device and storage medium
US20230246956A1 (en) Invalidating cached flow information in a cloud infrastructure
US20230396579A1 (en) Cloud infrastructure resources for connecting a service provider private network to a customer private network
US20220417138A1 (en) Routing policies for graphical processing units

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant