CN109495596A - A kind of method and device for realizing address conversion - Google Patents
A kind of method and device for realizing address conversion Download PDFInfo
- Publication number
- CN109495596A CN109495596A CN201710822932.8A CN201710822932A CN109495596A CN 109495596 A CN109495596 A CN 109495596A CN 201710822932 A CN201710822932 A CN 201710822932A CN 109495596 A CN109495596 A CN 109495596A
- Authority
- CN
- China
- Prior art keywords
- address
- message
- stationary exit
- network
- tunnel
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements, protocols or services for addressing or naming
- H04L61/09—Mapping addresses
- H04L61/25—Mapping addresses of the same type
- H04L61/2503—Translation of Internet protocol [IP] addresses
- H04L61/2592—Translation of Internet protocol [IP] addresses using tunnelling or encapsulation
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements, protocols or services for addressing or naming
- H04L61/09—Mapping addresses
- H04L61/25—Mapping addresses of the same type
- H04L61/2503—Translation of Internet protocol [IP] addresses
- H04L61/2521—Translation architectures other than single NAT servers
- H04L61/2532—Clique of NAT servers
Abstract
This application discloses a kind of method and devices for realizing address conversion, which comprises for each NAT in cluster, the IP address information of stationary exit IP operation is arranged;NAT detection outgoing packet is the IP tunnel message for accessing the stationary exit IP operation of public network, and the IP tunnel message finds the IP address information of the stationary exit IP operation of NAT setting;Source address conversion is carried out to the IP tunnel message using the IP address information of the stationary exit IP operation found and establishes session, sends the message by NAT conversion to NSW.
Description
Technical field
This application involves computer technology, espespecially a kind of method and device for realizing address conversion.
Background technique
Network address translation (NAT, Network Address Translation) is to convert private address to legal IP
The switch technology of address is applied in various types Internet access way and various types of networks.With active-standby mode Ah
In for NAT (ANAT, Alibaba NAT), ANAT is based on DPDK (Intel Data Plane Development Kit)
The high performance NAT host of exploitation, runs on general X86 platform, has strong etc. the feature of high-performance, customizability.It is main
Although standby Mode A NAT cluster can satisfy existing business demand in performance, there are some disadvantages, such as redundancy
Higher cost caused by relatively poor, stacking etc..
NAT conversion basic principle generally comprises: the request message in the direction OUT (i.e. the direction of Intranet to public network) actively accesses
Public network, when flow passes through NAT host (also referred to as network address translater), the source IP address of message is converted to address by NAT host
The IP address configured in pond is converted (SNAT:Source Network Address to the source address in data packet
Translation), session (session) is established after completing NAT conversion, and sends public network for message;The direction IN (i.e. public network
To the direction of Intranet) response message when passing through NAT host, the destination IP of message is restored according to the session established before
For the source IP of previous Request message, i.e., (DNAT, Destination Network is converted to the destination address in data packet
Address Translation), and give to intranet host.
Summary of the invention
The application provides a kind of method and device for realizing address conversion, and the address for being capable of handling stationary exit IP operation turns
Change problem.
The application provides a kind of method for realizing address conversion, comprising:
For each network address translater in cluster, the IP address information of stationary exit IP operation is set;
Network address translater detects the IP tunnel message for the stationary exit IP operation that outgoing packet is access public network, and the IP
Tunnel packet finds the IP address information of the stationary exit IP operation of network address translater setting;
Source address conversion is carried out to the IP tunnel message using the IP address information of the stationary exit IP operation found and is built
Vertical session sends the message by network address translater conversion to the network switch;
Wherein, stationary exit IP operation is when accessing multiple purpose IP address, using fixed source IP address
Business.
Optionally, before the method further include:
Different routing priority is configured to each network address translater, and routing priority is advertised to institute
State the network switch.
Optionally, if detecting that the message is the non-IP tunnel message for accessing public network, but the network address is found
The IP address information of the stationary exit IP operation of converter binding, the method also includes:
Using the IP address information for the stationary exit IP operation being arranged in the network address translater as neotectonics
The destination address of IP tunnel message, and the original non-IP tunnel message is encapsulated into the data of the IP tunnel message of neotectonics
The network switch is sent to behind part.
Optionally, described pair of IP tunnel message progress source address, which is converted, includes:
With replacing with the corresponding IP of stationary exit IP operation found by the source IP address in the IP tunnel message
Location.
Optionally, the method also includes:
When the network address translater receives the response message of the IP tunnel message, according to the session of the foundation,
Purpose IP address in response message is reduced to the source IP address of IP tunnel message.
The application provides a kind of method for realizing address conversion again, comprising:
For at least one network address translater in cluster, the IP address information of stationary exit IP operation is set;
Network address translater detects the IP tunnel message for the stationary exit IP operation that outgoing packet is access public network, and the IP
Tunnel packet finds the IP address information of the stationary exit IP operation of network address translater setting;
Source address conversion is carried out to the IP tunnel message using the IP address information of the stationary exit IP operation found and is built
Vertical session sends the message by network address translater conversion to the network switch;
Wherein, stationary exit IP operation is when accessing multiple purpose IP address, using fixed source IP address
Business.
The application provides a kind of device for realizing address conversion again, including setup module, first processing module, at second
Manage module;Wherein,
Setup module, for the IP address information of stationary exit IP operation to be arranged;
First processing module is the IP tunnel message for accessing the stationary exit IP operation of public network for detecting outgoing packet, and
The IP tunnel message finds the IP address information of the stationary exit IP operation of setting;
Second processing module, for using the IP address information of stationary exit IP operation found to the IP tunnel message into
Session is converted and established to row source address, sends the message by network address translater conversion to the network switch;
Wherein, stationary exit IP operation is when accessing multiple purpose IP address, using fixed source IP address
Business.
Optionally, the setup module is also used to: configuration routing priority;
Described device further includes announcement module, for the routing priority of setting to be advertised to the NSW.
Optionally, the first processing module is also used to: detection outgoing packet is the non-IP tunnel message for accessing public network, but is looked for
To the IP address information of the stationary exit IP operation of setting;
The Second processing module is also used to: using the IP address information of the stationary exit IP operation of the setting as new
The destination address of the IP tunnel message of construction, and the original non-IP tunnel message is encapsulated into the IP tunnel report of the neotectonics
The network switch is sent to after the data portion of text.
Present invention also provides a kind of devices for realizing address conversion, including one or more processors;And one or
Multiple machine readable medias for being stored with multiple instruction, when multiple instruction is executed by one or more processors, so that device
For: the IP address information of setting stationary exit IP operation;Detection outgoing packet is the IP for accessing the stationary exit IP operation of public network
Tunnel packet, and the IP tunnel message finds the IP address information of the stationary exit IP operation of network address translater setting;Benefit
Source address conversion is carried out to the IP tunnel message with the IP address information of the stationary exit IP operation found and establishes session, is sent
Message by network address translater conversion is to the network switch;Wherein, stationary exit IP operation is to access multiple purposes
When IP address, using the business of a fixed source IP address.
The application handles the address translation problem of stationary exit IP operation by the NAT process run on NAT host, and one
Aspect does not need dynamic configuration interchanger, avoids a possibility that other business are unable to operate normally on interchanger;Another party
Face may be implemented automation O&M completely on O&M, be greatly reduced fortune since NAT host is a common server
Tie up difficulty.
Detailed description of the invention
Attached drawing is used to provide to further understand technical scheme, and constitutes part of specification, with this
The embodiment of application is used to explain the technical solution of the application together, does not constitute the limitation to technical scheme.
Fig. 1 is signal of the application according to the networking embodiment of the NAT cluster based on BGP of the one aspect of the application
Figure;
Fig. 2 is the flow diagram according to the method for the realization address conversion of the one aspect of the application;
Fig. 3 is the flow diagram according to the embodiment of the method for the realization address conversion of the one aspect of the application;
Fig. 4 is the composed structure schematic diagram according to the device of the realization address conversion of the one aspect of the application;
Fig. 5 is the composed structure schematic diagram according to the device of the realization address conversion of further aspect of the application.
Specific embodiment
For the purposes, technical schemes and advantages of the application are more clearly understood, below in conjunction with attached drawing to the application
Embodiment be described in detail.It should be noted that in the absence of conflict, in the embodiment and embodiment in the application
Feature can mutual any combination.
In a typical configuration of this application, calculating equipment includes one or more processors (CPU), input/output
Interface, network interface and memory.
Memory may include the non-volatile memory in computer-readable medium, random access memory (RAM) and/or
The forms such as Nonvolatile memory, such as read-only memory (ROM) or flash memory (flash RAM).Memory is computer-readable medium
Example.
Computer-readable medium includes permanent and non-permanent, removable and non-removable media can be by any method
Or technology come realize information store.Information can be computer readable instructions, data structure, the module of program or other data.
The example of the storage medium of computer includes, but are not limited to phase change memory (PRAM), static random access memory (SRAM), moves
State random access memory (DRAM), other kinds of random access memory (RAM), read-only memory (ROM), electric erasable
Programmable read only memory (EEPROM), flash memory or other memory techniques, read-only disc read only memory (CD-ROM) (CD-ROM),
Digital versatile disc (DVD) or other optical storage, magnetic cassettes, tape magnetic disk storage or other magnetic storage devices
Or any other non-transmission medium, can be used for storage can be accessed by a computing device information.As defined in this article, it calculates
Machine readable medium does not include non-temporary computer readable media (transitory media), such as the data-signal and carrier wave of modulation.
Step shown in the flowchart of the accompanying drawings can be in a computer system such as a set of computer executable instructions
It executes.Also, although logical order is shown in flow charts, and it in some cases, can be to be different from herein suitable
Sequence executes shown or described step.
In order to meet the needs of harshness such as production environment high-performance, high reliability, load balancing, present inventor is proposed
It is solved with the NAT of the main features such as high-performance, high reliability, load balancing that Border Gateway Protocol (BGP) is group scheme
Scheme.This NAT cluster realized based on BGP, on the one hand, since there are more NAT in cluster, a NAT occurs wherein
When failure, there can be more standby N AT, compared to the reliability that active-standby mode increases NAT conversion;On the other hand, in cluster
More NAT can work at the same time, compared to can only a NAT work active-standby mode, based on BGP realize NAT cluster mention
High efficiency;In another aspect, also achieving load balancing based on the BGP NAT cluster realized, active-standby mode has been well solved
The problem of NAT cluster.
Fig. 1 is signal of the application according to the networking embodiment of the NAT cluster based on BGP of the one aspect of the application
Figure, as shown in Figure 1, include tetra- address-translating devices of NAT1, NAT2, NAT3 and NAT4 in the NAT cluster based on BGP, with
Illustrate the course of work of the NAT cluster based on BGP for the direction OUT:
Firstly, each network switch (NSW) notices the priority of respective default route, the present embodiment to its upstream switches
In, it is assumed that the routing priority of NSW1 notice is high, and the routing priority of NSW2 notice is low, in this way, NSW upstream switches extremely
On the path NSW, it is high that all flows (SIP is identical with DIP) can be drained into same NSW i.e. priority by the upstream switches of NSW
NSW1;Wherein, SIP is source (Source) IP address, (Destination) IP address for the purpose of DIP.Then, in NSW1
Portion carries out Hash (hash) based on binary group (SIP+DIP) and calculates, by same stream hash to same NAT host, in this way
Processing, has both achieved the purpose that load balancing, has also ensured homologous chummage;Here, four NAT hosts in cluster can notice phase
The VIP of same priority is routed to NSW.Then, NAT carries out source address conversion, since the address in an address pool is to assign to
On each NAT host, therefore, the realization of the address in the address pool being locally configured always is can be used to the NAT of source address in NAT
Conversion;After completing to the address conversion of source IP address, NSW is forwarded the message to by default route.Finally, NSW passes through strategy
Routing forwards the traffic to downstream switch.
When carrying out NAT conversion to source address, there is a kind of special business demand, that is, is accessing multiple purpose IP address
When, only allow using a fixed source IP address, that is to say, that Mr. Yu's specific transactions (also referred to as stationary exit IP industry
Business), present inventor's discovery, if by strategy of the addition for the flow of stationary exit IP on switches, Ke Yibao
The flow for demonstrate,proving stationary exit IP realizes that homologous chummage drains always on the same device.On the one hand, repeatedly to interchanger
Operation is likely to result in other business on interchanger and is unable to operate normally;On the other hand, the automation O&M of interchanger is current
It is still a problem, therefore, the difficulty of O&M can be increased significantly.Therefore, the application is for stationary exit IP under BGP NAT cluster
Flow the problem of bringing propose a kind of technical solution for realizing address conversion.
Fig. 2 be according to the flow diagram of the method for the realization address conversion of the one aspect of the application, as shown in Fig. 2,
Group-network construction based on NAT cluster shown in FIG. 1, wherein NAT can be the one group of process of operation on the server, at least wrap
It includes:
As shown in block 200, for each NAT in cluster, the IP address information of stationary exit IP operation is set.
It is alternatively possible to which the IP address setting (also referred to as binding) of stationary exit IP operation is arrived as unit of address pool
In every NAT host in cluster.That is, with being equipped with the corresponding IP of stationary exit IP operation on every NAT host
Location.
As shown in box 201, NAT detection outgoing packet is the IP tunnel (IP for accessing the stationary exit IP operation of public network
Tunnel) message, and the IP address information of the stationary exit IP operation of IP tunnel message hit NAT binding.
NAT process on the direction OUT, NAT host can be distinguished by service identification flow through NAT message whether be
Stationary exit IP operation message.
As shown in block 202, using the IP address information for the stationary exit IP operation for finding and (also referred to as hitting) to the IP
Tunnel message carries out source address conversion and establishes session, sends the message by NAT conversion to NSW.
Wherein, NSW refers both to the interchanger of carry ANAT.
Optionally, carrying out source address conversion to the IP tunnel message may include: by the source in IP tunnel message
IP address replaces with the corresponding IP address of stationary exit IP operation of hit.
Optionally, establishing session may include: the source IP address for establishing the IP tunnel message and the IP of hit
Corresponding relationship between location.
The application handles the address translation problem of stationary exit IP operation by the NAT process run on NAT host, and one
Aspect does not need dynamic configuration interchanger, avoids a possibility that other business are unable to operate normally on interchanger;Another party
Face may be implemented automation O&M completely on O&M, be greatly reduced fortune since NAT host is a common server
Tie up difficulty.
Address translation problem of the application based on IP tunnel processing stationary exit IP operation on NAT, will not be to original
The performance and stability of NAT have an impact.
Before the application method further include: configure different routing priority to each NAT, and routing priority is led to
It accuses to NSW.
IP tunnel message is transmitted to priority most by the routing priority that NSW is noticed according to NAT host each in cluster
High NAT host.
Table 1 shows the profile instance of a stationary exit IP address and routing priority.
Table 1
It is shown the IP address of stationary exit IP operation in table 1 as unit of address pool (i.e. in table 1
192.168.1.1 it) being tied on all NAT hosts, the address pool of stationary exit IP operation is provided with corresponding matching strategy, this
In, the address of only hit matching strategy can just select the corresponding address pool of stationary exit IP;Matching strategy and stationary exit IP
There are multipair 1 relationship between the address pool of address, matching strategy is such as based on destination address matching;
The priority of IP address need to be advertised to NSW with different priority by every NAT, i.e., each IP address need to be to NSW
The routing of different priorities is noticed, as shown in table 1, the NAT in cluster is always divided into 4 priority, and priority is by AS_PATH's
Value distinguishes;
Optionally,
If detection outgoing packet is the non-IP tunnel message for accessing public network, but hits the stationary exit IP industry of NAT binding
The IP address information of business, the method also includes:
Using the IP address information for the stationary exit IP operation bound in NAT as the IP tunnel message of neotectonics
Destination address, and original non-IP tunnel message is encapsulated into the neotectonics IP tunnel message data portion after send out
Give NSW (interchanger connecting with NAT).
Optionally, the method provided by the present application for realizing address conversion can also include:
In the direction IN, when NAT receives the response message of IP tunnel message, according to the session established before, will ring
The purpose IP address in message is answered to be reduced to the source IP address of IP tunnel message.
Fig. 3 is according to the flow diagram of the embodiment of the method for the realization address conversion of the one aspect of the application, knot
Close aggregated structure figure shown in FIG. 1, it is assumed that there is the message of an access stationary exit IP operation to pass through in the data packet in the direction OUT
It is forwarded to NAT1 after the Hash operation of NSW, as shown in Figure 3, comprising:
As shown in box 300,304~box of box 307, the NAT process on NAT1 receives the message, finds the data packet
It is the i.e. non-IP tunnel packet of a common IP packet, and finds that the message matching has arrived stationary exit IP operation after treatment
Corresponding address pool, that is to say, that the corresponding address pool of hit stationary exit IP operation, then, NAT1 takes out from address pool
IP address, and using the IP address as the purpose IP address of the IP tunnel message of neotectonics, and original message is encapsulated into this
NSW is sent to after the data portion of the IP tunnel message of neotectonics;The routing priority that NSW is noticed according to 4 NAT hosts,
The IP tunnel message is transmitted to that NAT host of highest priority, such as: assuming that highest priority is NAT2, then
The IP tunnel message is transmitted to NAT2;
As shown in 300~box of box 303, NAT2 determines that the message is an IP tunnel report after receiving message
Text, then, NAT2 decapsulates to obtain original message to the IP tunnel message received;Original message is handled, life is used
In address pool in IP address carry out source NAT conversion so that the IP address replacement original message in the address pool of hit
Source IP address, and establish after Session and original message is sent to NSW, so as to NSW according to routing policy forward the packet to
Downstream switch.
Fig. 4 is according to the composed structure schematic diagram of the device of the realization address conversion of the one aspect of the application, such as Fig. 4 institute
Show, includes at least setup module, first processing module, Second processing module;Wherein,
Setup module, for binding the IP address information of stationary exit IP operation;
First processing module is the IP tunnel (IP for accessing the stationary exit IP operation of public network for detecting outgoing packet
Tunnel) message, and the IP address information of the stationary exit IP operation of IP tunnel message hit binding;
Second processing module, the IP address information for the stationary exit IP operation using hit report the IP tunnel
Text carries out source address conversion and establishes session, sends the message by NAT conversion to NSW.
Optionally, setup module is also used to: configuration routing priority;Correspondingly, the application device further includes announcement module,
For the routing priority of setting to be advertised to NSW.
Optionally,
First processing module is also used to: detection outgoing packet is the non-IP tunnel message for accessing public network, but hits binding
The IP address information of stationary exit IP operation;
Second processing module is also used to: using the IP address information of the stationary exit IP operation of binding as the IP of neotectonics
The destination address of tunnel message, and original non-IP tunnel message is encapsulated into the IP tunnel message of the neotectonics
NSW is sent to after data portion.
Optionally,
Second processing module is also used to: when receiving the response message of IP tunnel message, according to what is established before
Purpose IP address in response message is reduced to the source IP address of IP tunnel message by session.
Fig. 5 is the exemplary diagram according to a device of different embodiments.Device may include one or more processors 500, coupling
System storage 503, the coupling for being connected at least system control logic 501 of a processor 500, being coupled to system control logic 501
It is connected to nonvolatile storage (NVM, Non-Volatile Memory)/memory 504 and the coupling of system control logic 501
In the network interface 505 of system control logic 501.
Processor 500 may include the processor of one or more single cores or multi-core.Processor 500 may include general place
Manage any of device, graphics processor and application specific processor (for example, graphics processor, application processor, Baseband processor etc.)
Combination.When host or virtual machine of the device shown in Fig. 5 as virtual machine, processor 500 be can be configured to according to not
With embodiment execute embodiment as shown in Figure 2 or Figure 3.
In one embodiment, system control logic 501 may include one or more Memory Controllers to provide an interface
To system storage 503.System storage 503 can be used to load and store to Fig. 5 shown device system data and/
Or instruction.In one embodiment, system storage 503 may include any appropriate volatile memory, for example, such as dynamic
Random access memory (DRAM).
Nonvolatile storage/memory 504 may include one or more tangible, non-instantaneous computer-readable media, lift
For example, for storing data and/or instruction.Nonvolatile storage/memory 504 may include any appropriate non-volatile deposits
Reservoir, such as flash memory, and/or may include any appropriate Nonvolatile memory device, such as one or more rigid disk drivings
Device (HDDs), one or more CD (CD) machines, and/or one or more optical digital disk (DVD) machines.
Nonvolatile storage/memory 504 may include a storage resource, physically be one of device shown in fig. 5
Part or its can be accessed by device shown in fig. 5 but some of device shown in fig. 5 need not be set to.For example, non-volatile
Memory/memory 504 can be by network interface 505 by a network access.
System storage 503 and nonvolatile storage/memory 504 can respectively include: timeliness and duration
Instruction 507 copy.When the instruction that instruction 507 includes is executed by an at least processor 500, device shown in fig. 5 can lead to
Implement the method as described in Fig. 2 or Fig. 3.In different embodiments, instruction 507 or its hardware, solid, and/or software part,
Can extraly/be alternatively placed in system control logic 501, network interface 505, and/or processor 500.
Network interface 505 can have a transceiver to provide a radio interface to device shown in fig. 5 via one
Or it multiple network communications and/or is communicated with other any devices appropriate.Network interface 505 may include any appropriate hardware
And/or solid.Network interface 505 may include mutiple antennas to provide the radio interface of a multiple-input and multiple-output.Implement one
In example, network interface 505 may include: network connector, wireless network connection device, telephone modem, and/or wireless tune
Modulator-demodulator.
In one embodiment, at least one of processor 500 can be encapsulated together with logic to system control logic 501
One or more controllers.In one embodiment, at least one of processor 500 can be controlled by encapsulating together with logic to system
One or more controllers of logic 501, to form a system in package (SiP).In one embodiment, processor 500 is at least
One can be incorporated into together on an identical chip to one or more controllers of system control logic 501 with logic.One
In embodiment, at least one of processor 500 can be incorporated into together on an identical chip to system control logic with logic
501 one or more controllers, to form a systemonchip (SoC).
Device shown in fig. 5 can further comprise input/output (I/O) device 732.Input/output device 506 can wrap
Include: be designed to allow user can with the user interface of device interactive shown in fig. 5, be designed to enable circumferential component and Fig. 5 institute
The circumferential component interface of the device interactive shown, and/or it is designed to have to determine environmental aspect and/or with device shown in fig. 5
The sensor of the location information of pass.
In different embodiments, user interface can include but is not limited to: display is (for example, liquid crystal display, touch screen
Display etc.), loudspeaker, microphone, one or more video camera (for example, camera and/or video recorder), flash lamp is (for example, hair
Optical diode flashing light) and keyboard.
In different embodiments, circumferential component interface can include but is not limited to: nonvolatile storage port, audio are inserted
Hole and power supply supply interface.
In different embodiments, sensor can include but is not limited to: gyro sensor, accelerometer, proximity sense
Device, ambient light sensor and positioning unit.Positioning unit can also be some or and network interface of network interface 505
505 interactions with positioning network (such as global positioning system (GPS) satellite) to be communicated.
In different embodiments, device shown in fig. 5 can have more or less component and/or different structures.
The application also provides a kind of device for realizing address conversion, one or more processors;And one or more
A machine readable media for being stored with multiple instruction, when multiple instruction is executed by one or more processors, so that device is used
In: the IP address information of binding stationary exit IP operation;Detection outgoing packet is the IP for accessing the stationary exit IP operation of public network
Tunnel message, and the IP address information of the stationary exit IP operation of IP tunnel message hit NAT binding;Utilize hit
The IP address information of stationary exit IP operation the IP tunnel message is carried out source address conversion and to establish session, send
Message by NAT conversion is to NSW.
Although embodiment disclosed by the application is as above, the content only for ease of understanding the application and use
Embodiment is not limited to the application.Technical staff in any the application fields, is taken off not departing from the application
Under the premise of the spirit and scope of dew, any modification and variation, but the application can be carried out in the form and details of implementation
Scope of patent protection, still should be subject to the scope of the claims as defined in the appended claims.
Claims (10)
1. a kind of method for realizing address conversion characterized by comprising
For each network address translater in cluster, the IP address information of stationary exit IP operation is set;
Network address translater detects the IP tunnel message for the stationary exit IP operation that outgoing packet is access public network, and the IP tunnel
Message finds the IP address information of the stationary exit IP operation of network address translater setting;
Source address conversion and the meeting of foundation are carried out to the IP tunnel message using the IP address information of the stationary exit IP operation found
Words send the message by network address translater conversion to the network switch;
Wherein, stationary exit IP operation is when accessing multiple purpose IP address, using the business of a fixed source IP address.
2. the method according to claim 1, wherein before the method further include:
Different routing priority is configured to each network address translater, and routing priority is advertised to the net
Network interchanger.
3. method according to claim 1 or 2, which is characterized in that if detecting that the message is the non-of access public network
IP tunnel message, but find the IP address information of the stationary exit IP operation of the network address translater binding, the method
Further include:
Using the IP address information for the stationary exit IP operation being arranged in the network address translater as the IP tunnel of neotectonics
The destination address of road message, and the original non-IP tunnel message is encapsulated into the data portion of the IP tunnel message of neotectonics
After be sent to the network switch.
4. according to the method described in claim 3, it is characterized in that, the described pair of IP tunnel message carries out source address conversion packet
It includes:
Source IP address in the IP tunnel message is replaced with into the corresponding IP address of stationary exit IP operation found.
5. the method according to claim 1, wherein the method also includes:
When the network address translater receives the response message of the IP tunnel message, according to the session of the foundation, it will ring
The purpose IP address in message is answered to be reduced to the source IP address of IP tunnel message.
6. a kind of method for realizing address conversion characterized by comprising
For at least one network address translater in cluster, the IP address information of stationary exit IP operation is set;
Network address translater detects the IP tunnel message for the stationary exit IP operation that outgoing packet is access public network, and the IP tunnel
Message finds the IP address information of the stationary exit IP operation of network address translater setting;
Source address conversion and the meeting of foundation are carried out to the IP tunnel message using the IP address information of the stationary exit IP operation found
Words send the message by network address translater conversion to the network switch;
Wherein, stationary exit IP operation is when accessing multiple purpose IP address, using the business of a fixed source IP address.
7. a kind of device for realizing address conversion, which is characterized in that including setup module, first processing module, second processing mould
Block;Wherein,
Setup module, for the IP address information of stationary exit IP operation to be arranged;
First processing module, for detecting the IP tunnel message for the stationary exit IP operation that outgoing packet is access public network, and the IP
Tunnel packet finds the IP address information of the stationary exit IP operation of setting;
Second processing module carries out source to the IP tunnel message for the IP address information using the stationary exit IP operation found
Address conversion simultaneously establishes session, sends the message by network address translater conversion to the network switch;
Wherein, stationary exit IP operation is when accessing multiple purpose IP address, using the business of a fixed source IP address.
8. device according to claim 7, which is characterized in that the setup module is also used to: configuration routing priority;
Described device further includes announcement module, for the routing priority of setting to be advertised to the NSW.
9. device according to claim 7, which is characterized in that the first processing module is also used to: detection outgoing packet is
The non-IP tunnel message of public network is accessed, but finds the IP address information of the stationary exit IP operation of setting;
The Second processing module is also used to: using the IP address information of the stationary exit IP operation of the setting as neotectonics
IP tunnel message destination address, and the original non-IP tunnel message is encapsulated into the IP tunnel message of the neotectonics
The network switch is sent to after data portion.
10. a kind of device for realizing address conversion, which is characterized in that including one or more processors;And it is one or more
It is stored with the machine readable media of multiple instruction, when multiple instruction is executed by one or more processors, so that device is used for:
The IP address information of stationary exit IP operation is set;Detection outgoing packet is the IP tunnel report for accessing the stationary exit IP operation of public network
Text, and the IP tunnel message finds the IP address information of the stationary exit IP operation of network address translater setting;Using finding
The IP address information of stationary exit IP operation source address conversion is carried out to the IP tunnel message and establishes session, send and pass through net
The message of network address translator conversion is to the network switch;Wherein, stationary exit IP operation is to access multiple purpose IP address
When, using the business of a fixed source IP address.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710822932.8A CN109495596B (en) | 2017-09-13 | 2017-09-13 | Method and device for realizing address conversion |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710822932.8A CN109495596B (en) | 2017-09-13 | 2017-09-13 | Method and device for realizing address conversion |
Publications (2)
Publication Number | Publication Date |
---|---|
CN109495596A true CN109495596A (en) | 2019-03-19 |
CN109495596B CN109495596B (en) | 2022-04-05 |
Family
ID=65689024
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201710822932.8A Active CN109495596B (en) | 2017-09-13 | 2017-09-13 | Method and device for realizing address conversion |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN109495596B (en) |
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110650222A (en) * | 2019-10-31 | 2020-01-03 | 北京奇艺世纪科技有限公司 | Network access method and device |
CN111314497A (en) * | 2020-01-20 | 2020-06-19 | 广州芯德通信科技股份有限公司 | Method and system for simultaneously supporting multiple NAT types to take effect |
CN112272157A (en) * | 2020-09-15 | 2021-01-26 | 杭州数梦工场科技有限公司 | Host IP address conversion method and device, computer equipment and storage medium |
CN112333135A (en) * | 2020-07-16 | 2021-02-05 | 北京京东尚科信息技术有限公司 | Gateway determination method, device, server, distributor, system and storage medium |
CN112711465A (en) * | 2021-03-23 | 2021-04-27 | 腾讯科技(深圳)有限公司 | Data processing method and device based on cloud platform, electronic equipment and storage medium |
CN113765801A (en) * | 2020-07-16 | 2021-12-07 | 北京京东尚科信息技术有限公司 | Message processing method and device applied to data center, electronic equipment and medium |
Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1471275A (en) * | 2002-07-23 | 2004-01-28 | ��Ϊ��������˾ | Enterprise external virtual special network system and method using virtual router structure |
CN1859292A (en) * | 2005-12-16 | 2006-11-08 | 华为技术有限公司 | Household gateway and method for ensuring household network service terminal QoS |
US8416711B1 (en) * | 2009-08-31 | 2013-04-09 | Skype | Systems and methods for sharing availability status information between network nodes |
CN103067292A (en) * | 2012-12-26 | 2013-04-24 | 华为技术有限公司 | Websocket-transmission-based load balancing method and device |
CN103139189A (en) * | 2011-12-05 | 2013-06-05 | 京信通信系统(中国)有限公司 | Internet protocol security (IPSec) tunnel sharing method, IPSec tunnel sharing system and IPSec tunnel sharing equipment |
CN103179226A (en) * | 2013-03-20 | 2013-06-26 | 国家电网公司 | Method for connecting power distribution terminal into scheduling data network through NAT (Network Address Translation) manner |
CN104852832A (en) * | 2015-06-03 | 2015-08-19 | 上海斐讯数据通信技术有限公司 | Method and system for testing performance of stun server in socket cluster |
-
2017
- 2017-09-13 CN CN201710822932.8A patent/CN109495596B/en active Active
Patent Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1471275A (en) * | 2002-07-23 | 2004-01-28 | ��Ϊ��������˾ | Enterprise external virtual special network system and method using virtual router structure |
CN1859292A (en) * | 2005-12-16 | 2006-11-08 | 华为技术有限公司 | Household gateway and method for ensuring household network service terminal QoS |
US8416711B1 (en) * | 2009-08-31 | 2013-04-09 | Skype | Systems and methods for sharing availability status information between network nodes |
CN103139189A (en) * | 2011-12-05 | 2013-06-05 | 京信通信系统(中国)有限公司 | Internet protocol security (IPSec) tunnel sharing method, IPSec tunnel sharing system and IPSec tunnel sharing equipment |
CN103067292A (en) * | 2012-12-26 | 2013-04-24 | 华为技术有限公司 | Websocket-transmission-based load balancing method and device |
CN103179226A (en) * | 2013-03-20 | 2013-06-26 | 国家电网公司 | Method for connecting power distribution terminal into scheduling data network through NAT (Network Address Translation) manner |
CN104852832A (en) * | 2015-06-03 | 2015-08-19 | 上海斐讯数据通信技术有限公司 | Method and system for testing performance of stun server in socket cluster |
Cited By (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110650222A (en) * | 2019-10-31 | 2020-01-03 | 北京奇艺世纪科技有限公司 | Network access method and device |
CN111314497A (en) * | 2020-01-20 | 2020-06-19 | 广州芯德通信科技股份有限公司 | Method and system for simultaneously supporting multiple NAT types to take effect |
CN111314497B (en) * | 2020-01-20 | 2022-03-11 | 广州芯德通信科技股份有限公司 | Method and system for simultaneously supporting multiple NAT types to take effect |
CN112333135A (en) * | 2020-07-16 | 2021-02-05 | 北京京东尚科信息技术有限公司 | Gateway determination method, device, server, distributor, system and storage medium |
CN113765801A (en) * | 2020-07-16 | 2021-12-07 | 北京京东尚科信息技术有限公司 | Message processing method and device applied to data center, electronic equipment and medium |
CN113765801B (en) * | 2020-07-16 | 2024-02-09 | 北京京东尚科信息技术有限公司 | Message processing method and device applied to data center, electronic equipment and medium |
CN112272157A (en) * | 2020-09-15 | 2021-01-26 | 杭州数梦工场科技有限公司 | Host IP address conversion method and device, computer equipment and storage medium |
CN112272157B (en) * | 2020-09-15 | 2022-07-26 | 杭州数梦工场科技有限公司 | Method and device for converting host IP address, computer equipment and storage medium |
CN112711465A (en) * | 2021-03-23 | 2021-04-27 | 腾讯科技(深圳)有限公司 | Data processing method and device based on cloud platform, electronic equipment and storage medium |
CN112711465B (en) * | 2021-03-23 | 2021-06-18 | 腾讯科技(深圳)有限公司 | Data processing method and device based on cloud platform, electronic equipment and storage medium |
Also Published As
Publication number | Publication date |
---|---|
CN109495596B (en) | 2022-04-05 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN109495596A (en) | A kind of method and device for realizing address conversion | |
CN105264493B (en) | Dynamic virtual machine migration on information centre's network | |
CN110012125B (en) | Cluster network communication method, device, storage medium and equipment | |
US8730793B2 (en) | Method and apparatus providing network redundancy and high availability to remote network nodes | |
US11765080B2 (en) | Layer-2 networking span port in a virtualized cloud environment | |
US10904342B2 (en) | Container networking using communication tunnels | |
CN105612722A (en) | Virtual network routing | |
CN104518963A (en) | Methods and apparatus for implementing connectivity between edge devices via a switch fabric | |
CN104995880A (en) | Quantized congestion notification in a virtual networking system | |
US20150163072A1 (en) | Virtual Port Extender | |
US11121969B2 (en) | Routing between software defined networks and physical networks | |
CN112333135B (en) | Gateway determination method, device, server, distributor, system and storage medium | |
US20220263793A1 (en) | Cloud infrastructure resources for connecting a service provider private network to a customer private network | |
US20220255854A1 (en) | Packet flow control in a header of a packet | |
CN102916897A (en) | Method and equipment for realizing VRRP load sharing | |
US20240039847A1 (en) | Highly-available host networking with active-active or active-backup traffic load-balancing | |
WO2022146589A1 (en) | Layer-2 networking span port in a virtualized cloud environment | |
US20230370421A1 (en) | Scaling ip addresses in overlay networks | |
US11637770B2 (en) | Invalidating cached flow information in a cloud infrastructure | |
US20220166711A1 (en) | System and method for routing traffic onto an mpls network | |
JP2024503318A (en) | Layer 2 networking using access control lists in virtualized cloud environments | |
CN113973086B (en) | Data transmission method, device and storage medium | |
US20230246956A1 (en) | Invalidating cached flow information in a cloud infrastructure | |
US20230396579A1 (en) | Cloud infrastructure resources for connecting a service provider private network to a customer private network | |
US20220417138A1 (en) | Routing policies for graphical processing units |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |