CN110012118A - It is a kind of that the method and controller of network address translation NAT service are provided - Google Patents
It is a kind of that the method and controller of network address translation NAT service are provided Download PDFInfo
- Publication number
- CN110012118A CN110012118A CN201910178099.7A CN201910178099A CN110012118A CN 110012118 A CN110012118 A CN 110012118A CN 201910178099 A CN201910178099 A CN 201910178099A CN 110012118 A CN110012118 A CN 110012118A
- Authority
- CN
- China
- Prior art keywords
- home server
- controller
- nat
- message
- flow table
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 49
- 238000013519 translation Methods 0.000 title claims abstract description 21
- 238000004891 communication Methods 0.000 claims description 20
- 230000005540 biological transmission Effects 0.000 claims description 14
- 230000009466 transformation Effects 0.000 claims description 4
- 238000010586 diagram Methods 0.000 description 8
- 238000004590 computer program Methods 0.000 description 4
- 238000006243 chemical reaction Methods 0.000 description 3
- 238000005457 optimization Methods 0.000 description 3
- 238000005516 engineering process Methods 0.000 description 2
- 230000006870 function Effects 0.000 description 2
- 238000013507 mapping Methods 0.000 description 2
- 238000012545 processing Methods 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000004364 calculation method Methods 0.000 description 1
- 230000001419 dependent effect Effects 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000005192 partition Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
- H04L45/74—Address processing for routing
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements, protocols or services for addressing or naming
- H04L61/09—Mapping addresses
- H04L61/25—Mapping addresses of the same type
- H04L61/2503—Translation of Internet protocol [IP] addresses
- H04L61/2521—Translation architectures other than single NAT servers
- H04L61/2532—Clique of NAT servers
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
- H04L67/1001—Protocols in which an application is distributed across nodes in the network for accessing one among a plurality of replicated servers
- H04L67/1036—Load balancing of requests to servers for services different from user content provisioning, e.g. load balancing across domain name servers
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The embodiment of the present application discloses the method and controller of a kind of offer network address translation NAT service, this method comprises: controller is communicated with the foundation of multiple home servers, controller is that the first home server generates flow table, first home server is any one home server established in the multiple home servers communicated with the controller, the flow table includes multiple list items, and each list item has recorded a NAT forward rule in the multiple list item;The flow table is sent to first home server by the controller, and the flow table provides NAT service for first home server for the cloud host in first home server.The embodiment of the present application improves the efficiency of NAT service, while also eliminating the bottleneck point of NAT gateway.
Description
Technical field
This application involves field of communication technology more particularly to a kind of methods and control of offer network address translation NAT service
Device processed.
Background technique
Since public network address resource is limited in real network, gateway is usually using NAT (Network Address
Translation, network address translation) function realizes access of the Intranet to Internet, NAT is will be in IP datagram text head
IP address conversion be another IP address process, i.e. private net address in data is converted to public network address by NAT, to realize
Private network accesses public network, and NAT indicates more private net address by using a small amount of public network address, so as to slow down
The exhaustion of available address space.
Industry provides NAT service usually using the mode of NAT gateway example, and this example can be by the way of virtual machine
Deployment, can also be disposed with the mode of physical machine cluster, no matter which kind of method, be required traffic distribution to NAT gateway
Higher to the performance requirement of NAT gateway itself at example, once flow has been more than the UPS upper performance score of design, NAT gateway is easy to
As bottleneck point.
Summary of the invention
The embodiment of the present application provides the method and controller of a kind of offer network address translation NAT service, passes through control
NAT service is distributed in each calculate node by device, and each calculate node provides NAT service by way of flow table, to mention
The high efficiency of NAT service, while also eliminating the bottleneck point of NAT gateway.
In a first aspect, the embodiment of the present application provides a kind of method of offer network address translation NAT service, this method packet
It includes:
Controller is communicated with the foundation of multiple home servers;
The controller is that the first home server generates flow table, and first home server is to build with the controller
Any one home server in the multiple home server of vertical communication, the flow table includes multiple list items, described more
Each list item has recorded a NAT forward rule in a list item;
The flow table is sent to first home server by the controller, and the flow table is used for first host
Server provides NAT service for the cloud host in first home server.
NAT service is distributed in each calculate node by the embodiment of the present application by controller, and each calculate node passes through
The mode of flow table provides NAT service, to improve the efficiency of NAT service, while also eliminating the bottleneck point of NAT gateway.
With reference to first aspect, in the first possible embodiment of first aspect, the controller is by the flow table
It is sent to after first home server, further includes:
The controller receives the message that first home server is sent;
The controller determines the list item of the NAT forward rule comprising the message according to the message;
The list item of the NAT forward rule comprising the message is sent to first hosted service by the controller
The list item of device, the NAT forward rule comprising the message executes NAT to the message for first home server
Operation.
Using the embodiment of the present application, when the message that the cloud host that home server is itself carrying is sent is matched according to flow table
When list item fails, controller can generate for the message or select its corresponding list item from existing flow table and send out the list item
Home server is sent, so that home server successfully can provide NAT service for the message.
The possible embodiment of with reference to first aspect the first, in second of possible embodiment of first aspect
In, the controller receives the message that first home server is sent, comprising:
The controller receives the message that first home server is sent after for the failure of message matching list item.
With reference to first aspect, second of possible reality of the possible embodiment of the first of first aspect or first aspect
Mode is applied, in the third possible embodiment of first aspect, the controller is that the first home server generates flow table
Before, further includes:
The controller receives the NAT request instructions that first home server is sent, and the request instruction is used
It is that first home server generates the flow table in the request controller.
The present embodiment is that home server generates flow table by request instruction request controller, can make the money of controller
Source optimization and making in time to the NAT service request of home server accordingly further improves the treatment effeciency of NAT service.
With reference to first aspect, in the 4th kind of possible embodiment of first aspect, the NAT forward rule includes private
Transformation rule between net information and public network information, wherein the private network information include private network internet protocol address and
Private network port information, the public network information include the IP address and public network port information of public network, and the private network is first place
Dedicated network belonging to cloud host on primary server.
The embodiment of the present application provides the method and controller of a kind of offer network address translation NAT service, passes through control
NAT service is distributed in each calculate node by device, and each calculate node provides NAT service by way of flow table, to mention
The high efficiency of NAT service, while also eliminating the bottleneck point of NAT gateway.
Second aspect, the embodiment of the present application provide a kind of controller, which includes:
Configuration unit, for being communicated with the foundation of multiple home servers;
Generation unit, for generating flow table for the first home server, first home server is and the control
Device establishes any one home server in the multiple home server of communication, and the flow table includes multiple list items, institute
It states each list item in multiple list items and has recorded a NAT forward rule;
First transmission unit, for the flow table to be sent to first home server, the flow table is for described
First home server provides NAT service for the cloud host in first home server.
The embodiment of the present application provides the method and controller of a kind of offer network address translation NAT service, passes through control
NAT service is distributed in each calculate node by device, and each calculate node provides NAT service by way of flow table, to mention
The high efficiency of NAT service, while also eliminating the bottleneck point of NAT gateway.
In conjunction with second aspect, in the first possible embodiment of second aspect, the controller further includes first
Receiving unit, determination unit and the second transmission unit;Wherein:
First receiving unit takes for the flow table to be sent to first host in first transmission unit
The message that first home server is sent is received after business device;
The determination unit, for determining the list item of the NAT forward rule comprising the message according to the message;
Second transmission unit, it is described for the list item of the NAT forward rule comprising the message to be sent to
First home server, the list item of the NAT forward rule comprising the message is for first home server to institute
It states message and executes NAT operation.
Using the embodiment of the present application, when the message that the cloud host that home server is itself carrying is sent is matched according to flow table
When list item fails, controller can generate for the message or select its corresponding list item from existing flow table and send out the list item
Home server is sent, so that home server successfully can provide NAT service for the message.
In conjunction with the first possible embodiment of second aspect, in second of possible embodiment of second aspect
In, the receiving unit, the message sent for receiving first home server, specifically:
The message sent after for the failure of message matching list item for receiving first home server.
In conjunction with the first possible embodiment of second aspect, second aspect or second of possible reality of second aspect
Mode is applied, in the third possible embodiment of second aspect, the controller further include:
Second receiving unit, for being before the first home server generates flow table, described in reception in the generation unit
The NAT request instructions that first home server is sent, the request instruction are described first for requesting the controller
Home server generates the flow table.
The present embodiment is that home server generates flow table by request instruction request controller, can make the money of controller
Source optimization and making in time to the NAT service request of home server accordingly further improves the treatment effeciency of NAT service.
In conjunction with second aspect, in the 4th kind of possible embodiment of second aspect, the NAT forward rule includes private
Transformation rule between net information and public network information, wherein the private network information include private network internet protocol address and
Private network port information, the public network information include the IP address and public network port information of public network, and the private network is first place
Dedicated network belonging to cloud host on primary server.
The third aspect, the embodiment of the present application provide a kind of computer readable storage medium, the computer-readable storage
Media storage has computer program, and the computer program includes program instruction, and described program instructs when being executed by a processor
The processor is set to execute method described in above-mentioned first aspect.
Fourth aspect, the embodiment of the present application provide a kind of server, including processor, communication interface and computer-readable
Storage medium, the processor, communication interface and computer readable storage medium are connected with each other, wherein described computer-readable
For storage medium for storing application code, the processor is configured for calling the application code, in execution
State method described in first aspect.
In conclusion NAT service is distributed in each calculate node by the embodiment of the present application by controller, each calculating
Node provides NAT service by way of flow table, to improve the efficiency of NAT service, while also eliminating the bottle of NAT gateway
Neck point.
Detailed description of the invention
Attached drawing needed in the embodiment of the present application will be described below.
Fig. 1 is a kind of system architecture schematic diagram of method for providing NAT service provided by the embodiments of the present application;
Fig. 2 is a kind of flow diagram of method for providing NAT service provided by the embodiments of the present application;
Fig. 3 provides NAT clothes for home server provided by the embodiments of the present application for the message that the cloud host of its carrying is sent
The schematic diagram of business;
Fig. 4 is a kind of structural schematic diagram of controller provided by the embodiments of the present application;
Fig. 5 is a kind of structural schematic diagram of server provided by the embodiments of the present application.
Specific embodiment
This application provides the methods and controller of a kind of offer network address translation NAT service, by controller by NAT
Service is distributed in each calculate node, and each calculate node provides NAT service by way of flow table, to improve NAT
The efficiency of service, while also eliminating the bottleneck point of NAT gateway.
The term " includes " and " having " and their any changes occurred in present specification, claims and attached drawing
Shape, it is intended that cover and non-exclusive include.Such as contain the process, method of a series of steps or units, system, product or
Equipment is not limited to listed step or unit, but optionally further comprising the step of not listing or unit or optional
Ground further includes the other step or units intrinsic for these process, methods, product or equipment.In addition, term " first ", " the
Two " and " third " etc. are and to be not intended to describe specific sequence for distinguishing different objects.
In order to make those skilled in the art more fully understand application scheme, below in conjunction with attached in the embodiment of the present application
Figure, the technical scheme in the embodiment of the application is clearly and completely described, it is clear that described embodiment is only this
Apply for the embodiment of a part, instead of all the embodiments.Based on the embodiment in the application, those of ordinary skill in the art
Every other embodiment obtained without making creative work, shall fall within the protection scope of the present application.
It is described in detail separately below.
In order to better understand the method and control of a kind of offer network address translation NAT service provided by the embodiments of the present application
Device processed, below first to the embodiment of the present application be applicable in a kind of offer network address translation NAT service method system architecture into
Row description.Refering to fig. 1, Fig. 1 is a kind of system of the method for offer network address translation NAT service that this programme embodiment provides
Configuration diagram.As shown in Figure 1, system architecture may include a controller 101, one or more home server 102 with
And one or more cloud hosts 103.Controller 101 can be communicated with each other with home server 102, each home server 102
One or more cloud hosts 103 are carry, home server 102 and the cloud host 103 itself carried can communicate with each other.
It should be noted that a kind of system architecture of method for providing network address translation NAT service provided by the present application
It is not limited to system shown in Figure 1 framework.
The system architecture of method based on a kind of Fig. 1 offer network address translation NAT service provided, is provided below one kind
The network address translation NAT method of service, a kind of flow chart such as Fig. 2 for the method providing network address translation NAT service are provided
It is shown, it may comprise steps of:
Step S201: controller is communicated with the foundation of multiple home servers.
Specifically, the network address that multiple home server can be configured on the controller (can be in internet
Address, is also possible to the address in local area network or other are same as the address of communication), so that identification takes from multiple host
The data packet of business device, and pointedly data packet is sent to multiple home server;Correspondingly, multiple home server
On can also configure the network address of the controller, thus data packet of the identification from the controller, and pointedly to
The controller device sends data packet.In addition, can be by wired or wireless between the controller and multiple home server
Mode carry out data transmission.
S202, controller are that the first home server generates flow table.
Specifically, first home server is to establish appointing in the multiple home servers communicated with the controller
It anticipates a home server, the flow table includes multiple list items, and each list item has recorded a NAT forwarding in the multiple list item
Rule.
In a specific embodiment, when first home server is established for the first time with the controller to be communicated or
When first home server sends NAT request instructions to controller, the controller is first hosted service
Device generates corresponding flow table.It include multiple list items in the flow table, each list item has recorded a NAT forward rule.
In a kind of wherein possible embodiment, above-mentioned NAT forward rule may include private network information and public network information
Between transformation rule, wherein the private network information includes the internet protocol address of private network and the port information of private network, institute
Stating public network information includes the IP address of public network and the port information of public network, and the private network is the cloud in first home server
Dedicated network belonging to host.Specific NAT forward rule example can give NAT forward rule with reference table 1, table 1 and include
Information example, mainly private network access public network address and port mapping table.Private network IP address is 10.0.0.2, corresponding
The cloud host that port numbers are 1723 accesses public network, needs the private network IP address of the cloud host and port numbers with replacing with public network IP
The private network IP address of cloud host can be that 10.0.0.2 replaces with 131.107.0.1 according to table 1 by the port numbers of location and public network,
Port numbers 1723 replace with 4000, and cloud host is using new IP address and port numbers 131.107.0.1/4000 after the completion of replacement
It may have access to public network.
1 private network of table accesses address and the port mapping table of public network
| - | Private network IP address | Private network port numbers | Public network IP address | Public network port number |
| First list item | 10.0.0.2 | 1723 | 131.107.0.1 | 4000 |
| Second list item | 10.0.0.3 | 1723 | 131.107.0.1 | 4001 |
| Third list item | 10.0.0.4 | 1724 | 131.107.0.1 | 4002 |
In a kind of wherein possible embodiment, the controller is before the first home server generates flow table, also
It include: that the controller receives the NAT request instructions that first home server is sent, the request instruction is for asking
Seeking the controller is that first home server generates the flow table.
Specifically, the cloud host in the first home server needs to access public network, sent to first home server
Message, then the first home server sends NAT request instructions to controller according to message information, this request instruction is used for
Request controller is that first home server generates flow table, after controller receives request instruction, is according to request instruction
First home server generates corresponding flow table, and the flow table is then sent to the first home server.
The present embodiment is that home server generates flow table by request instruction request controller, can make the money of controller
Source optimization and making in time to the NAT service request of home server accordingly further improves the treatment effeciency of NAT service.
The flow table is sent to first home server by S203, the controller.
Specifically, the flow table is mentioned for first home server for the cloud host in first home server
It is serviced for NAT.In a particular embodiment, after the controller generates corresponding flow table for first home server,
The flow table is sent to the first home server.
S204, the first home server receive the flow table.
In a particular embodiment, after the first home server receives the flow table that the controller is sent, by the flow table
It is stored in local storage.When the cloud host in the first home server needs to access public network, to first home server
Message is sent, then the first home server calling is stored in local flow table, is message matching flow entry, matching according to the flow table
The private network IP address of message and private network port numbers are replaced with by public network IP address and public network end according to flow entry after to flow entry
Then the message that IP address and port is substituted is forwarded in public network by slogan.
In order to make it easy to understand, Fig. 3, which gives home server, provides NAT service for the message that the cloud host of its carrying is sent
Schematic diagram.Assuming that cloud host to access purpose IP address and port numbers are respectively the public network service of 202.99.160.2 and 80
Device, the private network IP address and port numbers of the cloud host are respectively 10.0.0.2 and 1723, which uses private network IP address not
The server of outer net can be accessed, thus needs to replace with its private network IP address the IP address of outer net, for outer net feedback information
When can be also required on accurate feedback to corresponding cloud host add upper corresponding port information.So Fig. 3 medium cloud host will carry
Private network IP address and the message of port numbers and purpose IP address and port numbers are sent to home server, home server root
It is the message matching flow entry according to flow table, specific list item can be matched to after flow entry according to flow entry with reference table 1 by message
Private network IP address and port numbers replace with 131.107.0.1/4000, and purpose IP address and port numbers are constant, the source of such message
IP address and source port number belong to the IP address and port numbers of public network, so that the accessible purpose IP address of cloud host and end
Slogan is respectively the public network server of 202.99.160.2 and 80.
In a kind of wherein possible embodiment, the flow table is sent to first hosted service by the controller
After device, further includes: the controller receives the message that first home server is sent;The controller is according to the report
Text determines the list item of the NAT forward rule comprising the message;The NAT comprising the message is forwarded rule by the controller
List item then is sent to first home server.
Specifically, the case where it is message matching flow entry failure that first home server is according to above-mentioned flow table
Under, which is sent to controller by first home server, and controller receives the message, is generated according to the message for it
Corresponding flow entry is used for first home server likewise, the list item contains the NAT forward rule of the message
NAT operation is executed to the message, then its flow entry is sent to the first home server, the first home server by controller
Receiving the flow entry is later that the message replaces IP address and port numbers according to the flow entry, then forwards the packet to public network
In.
Using the embodiment of the present application, when the message that the cloud host that home server is itself carrying is sent is matched according to flow table
When list item fails, controller can generate for the message or select its corresponding list item from existing flow table and send out the list item
Home server is sent, so that home server successfully can provide NAT service for the message.
Alternatively, controller receives first home server because of matching list item failure in the case where alternatively possible
And after the message sent, controller is the message matching flow entry from the flow table that the controller is safeguarded, it is determined that flow entry
Later, which is sent to the first home server, the first home server similarly receives the flow entry, according to the stream
List item is that the message replaces IP address and port numbers, is then forwarded the packet in public network.
Alternatively, controller receives first home server because matching list item in alternatively possible embodiment
Fail after the message of transmission, fail for the message matching list item, the controller will be message matching list item failure
Information return to the first home server, the first home server is by the packet loss.
In a kind of wherein possible embodiment, first home server according to above-mentioned flow table be the message
In the case where matching flow entry failure, directly by packet loss.
In conclusion NAT service is distributed in each calculate node by this method by controller, each calculate node is logical
The mode for crossing flow table provides NAT service, to improve the efficiency of NAT service, while also eliminating the bottleneck point of NAT gateway.
For the ease of better implementing the above scheme of the application, the embodiment of the present application also correspondence provides a kind of control
Device is described in detail with reference to the accompanying drawing:
Fig. 4 show a kind of structural schematic diagram of controller 400, and the controller 400 can be a kind of offer described in Fig. 1
Controller 101 in the system architecture of the method for network address translation NAT service, the controller 400 includes: configuration unit
401, generation unit 402 and the first transmission unit 403, in which:
Configuration unit 401, for being communicated with the foundation of multiple home servers;
Generation unit 402, for generating flow table for the first home server, first home server is and the control
Device processed establishes any one home server in the multiple home server of communication, and the flow table includes multiple list items,
Each list item has recorded a NAT forward rule in the multiple list item;
First transmission unit 403, for the flow table to be sent to first home server, the flow table is used for institute
It states the first home server and provides NAT service for the cloud host in first home server.
In a kind of wherein embodiment, controller 400 further includes that the first receiving unit, determination unit and the second transmission are single
Member, in which:
First receiving unit takes for the flow table to be sent to first host in first transmission unit
The message that first home server is sent is received after business device;
The determination unit, for determining the list item of the NAT forward rule comprising the message according to the message;
Second transmission unit, it is described for the list item of the NAT forward rule comprising the message to be sent to
First home server, the list item of the NAT forward rule comprising the message is for first home server to institute
It states message and executes NAT operation.
In a kind of wherein embodiment, the receiving unit is used to receive the report that first home server is sent
Text, specifically:
The message sent after for the failure of message matching list item for receiving first home server.
In a kind of wherein embodiment, controller 400 further include:
Second receiving unit, for being before the first home server generates flow table, described in reception in the generation unit
The NAT request instructions that first home server is sent, the request instruction are described first for requesting the controller
Home server generates the flow table.
In a kind of wherein embodiment, the NAT forward rule includes the conversion between private network information and public network information
Rule, wherein the private network information includes the internet protocol address and private network port information of private network, the public network packet
The IP address and public network port information of public network are included, the private network is dedicated belonging to the cloud host in first home server
Network.
The specific implementation of each unit and beneficial effect can be shown in Fig. 2 to should refer in server 400 shown in Fig. 4
Corresponding description in embodiment of the method, details are not described herein again.
Fig. 5 is referred to, Fig. 5 is a kind of server 500 provided by the embodiments of the present application, which includes processor
501, memory 502 (i.e. computer readable storage medium) and communication interface 503, the processor 501, memory 502 and logical
Letter interface 503 is connected with each other by bus 504.
Memory 502 include but is not limited to be random access memory (random access memory, RAM), it is read-only
Memory (read-only memory, ROM), Erasable Programmable Read Only Memory EPROM (erasable programmable
Read only memory, EPROM) or portable read-only memory (compact disc read-only memory, CD-
ROM), storage of the memory 502 for dependent instruction and data.Communication interface 503 is for sending and receiving data.
Processor 501 can be one or more central processing units (central processing unit, CPU), locate
In the case that reason device 501 is a CPU, which can be monokaryon CPU, be also possible to multi-core CPU.
Processor 501 in the server 500 for reading the program code stored in the memory 502, execute with
Lower operation:
Processor 501 is communicated with the foundation of multiple home servers;
Processor 501 is that the first home server generates flow table, and first home server is to build with the controller
Any one home server in the multiple home server of vertical communication, the flow table includes multiple list items, described more
Each list item has recorded a NAT forward rule in a list item;
The flow table is sent to first home server by communication interface 503 by processor 501, and the flow table is used
NAT service is provided in first home server for the cloud host in first home server.
In a kind of wherein embodiment, the flow table is sent to described first by communication interface 503 by processor 501
After home server, further includes:
Processor 501 receives the message that first home server is sent by communication interface 503;
Processor 501 determines the list item of the NAT forward rule comprising the message according to the message;
The list item of the NAT forward rule comprising the message is sent to institute by communication interface 503 by processor 501
The first home server is stated, the list item of the NAT forward rule comprising the message is used for first home server pair
The message executes NAT operation.
In a kind of wherein embodiment, processor 501 receives the first home server hair by communication interface 503
The message sent, specifically:
Processor 501 receives first home server after for the failure of message matching list item by communication interface 503
The message sent.
In a kind of wherein embodiment, before processor 501 is the first home server generation flow table, further includes:
Processor 501 receives the NAT request instructions that first home server is sent by communication interface 503,
The request instruction is that first home server generates the flow table for requesting the controller.
In a kind of wherein embodiment, the NAT forward rule includes the conversion between private network information and public network information
Rule, wherein the private network information includes the internet protocol address and private network port information of private network, the public network packet
The IP address and public network port information of public network are included, the private network is dedicated belonging to the cloud host in first home server
Network.
It should be noted that the realization of above-mentioned each operation can also be to the phase that should refer to embodiment of the method shown in Fig. 2
It should describe.
NAT service is distributed in each calculate node by the server 500 described in Fig. 5 by controller, Ge Geji
Operator node provides NAT service by way of flow table, to improve the efficiency of NAT service, while also eliminating NAT gateway
Bottleneck point.
The embodiment of the present application also provides a kind of computer readable storage medium, the computer storage medium is stored with meter
Calculation machine program, the computer program include program instruction, when described program instruction is executed by processor, side shown in Fig. 2
Method process is achieved.
In conclusion the embodiment of the present application provides the method and controller of a kind of offer network address translation NAT service,
NAT service is distributed in each calculate node by controller, each calculate node provides NAT clothes by way of flow table
Business to improve the efficiency of NAT service, while also eliminating the bottleneck point of NAT gateway.
Those of ordinary skill in the art will appreciate that realizing all or part of the process in above-described embodiment method, the process
Relevant hardware can be instructed to complete by computer program, which can be stored in computer-readable storage medium, should
Program is when being executed, it may include such as the process of above-mentioned each method embodiment.And storage medium above-mentioned includes: ROM or deposits at random
Store up the medium of the various program storage codes such as memory body RAM, magnetic or disk.
In several embodiments provided herein, it should be understood that disclosed device and method can pass through it
Its mode is realized.For example, the apparatus embodiments described above are merely exemplary, for example, the division of the unit, only
Only a kind of logical function partition, there may be another division manner in actual implementation, such as multiple units or components can be tied
Another system is closed or is desirably integrated into, or some features can be ignored or not executed.
Finally, it should be noted that the above various embodiments is only to illustrate the technical solution of the application, rather than its limitations;To the greatest extent
Pipe is described in detail the application referring to foregoing embodiments, those skilled in the art should understand that: its according to
So be possible to modify the technical solutions described in the foregoing embodiments, or to some or all of the technical features into
Row equivalent replacement;And these are modified or replaceed, each embodiment technology of the application that it does not separate the essence of the corresponding technical solution
The range of scheme.
Claims (10)
1. a kind of provide the network address translation NAT method of service characterized by comprising
Controller is communicated with the foundation of multiple home servers;
The controller is that the first home server generates flow table, and first home server is to establish to lead to the controller
Any one home server in the multiple home server of letter, the flow table includes multiple list items, the multiple table
Each list item has recorded a NAT forward rule in;
The flow table is sent to first home server by the controller, and the flow table is used for first hosted service
Device provides NAT service for the cloud host in first home server.
2. method according to claim 1, which is characterized in that the flow table is sent to first host by the controller
After server, further includes:
The controller receives the message that first home server is sent;
The controller determines the list item of the NAT forward rule comprising the message according to the message;
The list item of the NAT forward rule comprising the message is sent to first home server by the controller,
The list item of the NAT forward rule comprising the message executes NAT behaviour to the message for first home server
Make.
3. method according to claim 2, which is characterized in that the controller receives what first home server was sent
Message, comprising:
The controller receives the message that first home server is sent after for the failure of message matching list item.
4. any one of -3 the method according to claim 1, which is characterized in that the controller is the generation of the first home server
Before flow table, further includes:
The controller receives the NAT request instructions that first home server is sent, and the request instruction is for asking
Seeking the controller is that first home server generates the flow table.
5. method according to claim 1, which is characterized in that the NAT forward rule includes private network information and public network information
Between transformation rule, wherein the private network information includes the internet protocol address and private network port information of private network, described
Public network information includes the IP address and public network port information of public network, and the private network is the cloud host in first home server
Affiliated dedicated network.
6. a kind of controller characterized by comprising
Configuration unit, for being communicated with the foundation of multiple home servers;
Generation unit, for generating flow table for the first home server, first home server is to build with the controller
Any one home server in the multiple home server of vertical communication, the flow table includes multiple list items, described more
Each list item has recorded a NAT forward rule in a list item;
First transmission unit, for the flow table to be sent to first home server, the flow table is used for described first
Home server provides NAT service for the cloud host in first home server.
7. controller according to claim 6, which is characterized in that further include the first receiving unit, determination unit and the second hair
Send unit, in which:
First receiving unit, for the flow table to be sent to first home server in first transmission unit
The message that first home server is sent is received later;
The determination unit, for determining the list item of the NAT forward rule comprising the message according to the message;
Second transmission unit, for the list item of the NAT forward rule comprising the message to be sent to described first
Home server, the list item of the NAT forward rule comprising the message is for first home server to the report
Text executes NAT operation.
8. controller according to claim 7, which is characterized in that the receiving unit, for receiving the first host clothes
The message that business device is sent, specifically:
The message sent after for the failure of message matching list item for receiving first home server.
9. a kind of controller, which is characterized in that the controller includes that processor, computer readable storage medium and communication connect
Mouthful, wherein the computer readable storage medium is used for for storing program instruction, the communication interface in the processor
The lower operation that sends and receivees for executing data of control, the processor require 1- for calling described program instruction to carry out perform claim
6 described in any item methods.
10. a kind of computer readable storage medium, which is characterized in that the computer readable storage medium refers to for storing program
It enables, when described program instruction is run on a processor, realizes method described in any one of claims 1-6.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910178099.7A CN110012118B (en) | 2019-03-08 | 2019-03-08 | Method and controller for providing Network Address Translation (NAT) service |
| PCT/CN2019/103258 WO2020181735A1 (en) | 2019-03-08 | 2019-08-29 | Method for providing network address translation (nat) service and controller |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910178099.7A CN110012118B (en) | 2019-03-08 | 2019-03-08 | Method and controller for providing Network Address Translation (NAT) service |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN110012118A true CN110012118A (en) | 2019-07-12 |
| CN110012118B CN110012118B (en) | 2022-07-22 |
Family
ID=67166686
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910178099.7A Active CN110012118B (en) | 2019-03-08 | 2019-03-08 | Method and controller for providing Network Address Translation (NAT) service |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN110012118B (en) |
| WO (1) | WO2020181735A1 (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2020181735A1 (en) * | 2019-03-08 | 2020-09-17 | 平安科技(深圳)有限公司 | Method for providing network address translation (nat) service and controller |
| CN112333298A (en) * | 2020-12-01 | 2021-02-05 | 武汉绿色网络信息服务有限责任公司 | Message transmission method and device, computer equipment and storage medium |
| CN114710465A (en) * | 2022-04-07 | 2022-07-05 | 中国联合网络通信集团有限公司 | Network address conversion method, device, equipment and storage medium |
Families Citing this family (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113645188B (en) * | 2021-07-07 | 2023-05-09 | 中国电子科技集团公司第三十研究所 | A Fast Forwarding Method of Data Packet Based on Security Association |
| CN116032837B (en) * | 2022-12-22 | 2025-04-18 | 珠海星云智联科技有限公司 | A flow table unloading method and device |
| CN119892431B (en) * | 2024-12-30 | 2025-12-09 | 浙江吉利控股集团有限公司 | Method, device, equipment, medium and program product for accessing intranet equipment to extranet |
Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2011035528A1 (en) * | 2009-09-24 | 2011-03-31 | 日电(中国)有限公司 | Method, system and relay server for network address translation (nat) traversal by way of relay |
| CN103795805A (en) * | 2014-02-27 | 2014-05-14 | 中国科学技术大学苏州研究院 | Distributed server load balancing method based on SDN |
| CN104780232A (en) * | 2014-01-13 | 2015-07-15 | 华为技术有限公司 | A resource allocating method, controller and system |
| US20150281173A1 (en) * | 2014-03-25 | 2015-10-01 | Cisco Technology, Inc. | Dynamic service chain with network address translation detection |
| CN105554065A (en) * | 2015-12-03 | 2016-05-04 | 华为技术有限公司 | Method, conversion unit and application unit for message processing |
| JP2016092485A (en) * | 2014-10-30 | 2016-05-23 | 富士通株式会社 | Information processing system, management device and information processing system control method |
| US20180034769A1 (en) * | 2016-08-01 | 2018-02-01 | Big Switch Networks, Inc. | Systems and methods for network address translation |
| CN108040134A (en) * | 2017-12-06 | 2018-05-15 | 杭州迪普科技股份有限公司 | A kind of method and device of DNS Transparent Proxies |
Family Cites Families (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103581324B (en) * | 2013-11-11 | 2016-09-07 | 中国联合网络通信集团有限公司 | A kind of cloud computing resources cell system and implementation method thereof |
| CN104601738B (en) * | 2014-12-09 | 2018-04-10 | 国家计算机网络与信息安全管理中心 | A kind of distributed network address conversion system |
| CN104601432B (en) * | 2014-12-31 | 2018-03-13 | 新华三技术有限公司 | A kind of message transmitting method and equipment |
| WO2017032300A1 (en) * | 2015-08-25 | 2017-03-02 | 华为技术有限公司 | Data transmission method, virtual network management apparatus, and data transmission system |
| CN107172120B (en) * | 2017-03-27 | 2022-06-28 | 联想(北京)有限公司 | Information processing method, processing node and network node |
| CN110012118B (en) * | 2019-03-08 | 2022-07-22 | 平安科技(深圳)有限公司 | Method and controller for providing Network Address Translation (NAT) service |
-
2019
- 2019-03-08 CN CN201910178099.7A patent/CN110012118B/en active Active
- 2019-08-29 WO PCT/CN2019/103258 patent/WO2020181735A1/en not_active Ceased
Patent Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2011035528A1 (en) * | 2009-09-24 | 2011-03-31 | 日电(中国)有限公司 | Method, system and relay server for network address translation (nat) traversal by way of relay |
| CN104780232A (en) * | 2014-01-13 | 2015-07-15 | 华为技术有限公司 | A resource allocating method, controller and system |
| CN103795805A (en) * | 2014-02-27 | 2014-05-14 | 中国科学技术大学苏州研究院 | Distributed server load balancing method based on SDN |
| US20150281173A1 (en) * | 2014-03-25 | 2015-10-01 | Cisco Technology, Inc. | Dynamic service chain with network address translation detection |
| JP2016092485A (en) * | 2014-10-30 | 2016-05-23 | 富士通株式会社 | Information processing system, management device and information processing system control method |
| CN105554065A (en) * | 2015-12-03 | 2016-05-04 | 华为技术有限公司 | Method, conversion unit and application unit for message processing |
| US20180034769A1 (en) * | 2016-08-01 | 2018-02-01 | Big Switch Networks, Inc. | Systems and methods for network address translation |
| CN108040134A (en) * | 2017-12-06 | 2018-05-15 | 杭州迪普科技股份有限公司 | A kind of method and device of DNS Transparent Proxies |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2020181735A1 (en) * | 2019-03-08 | 2020-09-17 | 平安科技(深圳)有限公司 | Method for providing network address translation (nat) service and controller |
| CN112333298A (en) * | 2020-12-01 | 2021-02-05 | 武汉绿色网络信息服务有限责任公司 | Message transmission method and device, computer equipment and storage medium |
| CN114710465A (en) * | 2022-04-07 | 2022-07-05 | 中国联合网络通信集团有限公司 | Network address conversion method, device, equipment and storage medium |
| CN114710465B (en) * | 2022-04-07 | 2023-05-02 | 中国联合网络通信集团有限公司 | Network address translation method, device, equipment and storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN110012118B (en) | 2022-07-22 |
| WO2020181735A1 (en) | 2020-09-17 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110012118A (en) | It is a kind of that the method and controller of network address translation NAT service are provided | |
| CN107026890B (en) | A packet generation method and load balancer based on server cluster | |
| CN111917649B (en) | Virtual private cloud communication and configuration method and related device | |
| CN104704471B (en) | Virtual Machine Multicast/Broadcast in Virtual Network | |
| CN105577723B (en) | Virtualize the method and apparatus that load balancing is realized in network | |
| CN1754374B (en) | Network address translation with gateway load distribution | |
| US12242872B2 (en) | Systems and methods for providing availability to resources | |
| CN103685583B (en) | Domain name resolution method and system | |
| CN113014611B (en) | Load balancing method and related equipment | |
| CN109802985A (en) | Data transmission method, device, equipment and read/write memory medium | |
| CN111935752B (en) | Gateway access method, device, computer equipment and storage medium | |
| CN109525684B (en) | Message forwarding method and device | |
| CN107547242B (en) | The acquisition methods and device of VM configuration information | |
| US10608942B1 (en) | Reducing routes based on network traffic utilization | |
| CN105357322A (en) | Virtual machine distribution method based on topology partition | |
| CN113271260B (en) | Load balancing processing method, device, equipment and storage medium | |
| CN115225606A (en) | Domain name access method and system of cross-network protocol of container cloud platform | |
| CN115550316A (en) | Containerized network system, containerized IPV6 communication method and device, medium and equipment | |
| CN107547346A (en) | A kind of message transmitting method and device | |
| CN104811383B (en) | A kind of message forwarding method and equipment | |
| JPWO2014142258A1 (en) | COMMUNICATION SYSTEM, CONTROL DEVICE, ADDRESS ALLOCATION METHOD, AND PROGRAM | |
| CN109246024B (en) | Method, device, terminal equipment and storage medium for load sharing in networking | |
| CN109885336A (en) | A kind of off-line arrangement method and device of smart machine | |
| CN105208140A (en) | Method used for sending data, apparatus and system thereof | |
| CN104301446A (en) | Message processing method, switch device and system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |