CN110177110A - Contents access method, equipment and computer readable storage medium - Google Patents
Contents access method, equipment and computer readable storage medium Download PDFInfo
- Publication number
- CN110177110A CN110177110A CN201910482709.2A CN201910482709A CN110177110A CN 110177110 A CN110177110 A CN 110177110A CN 201910482709 A CN201910482709 A CN 201910482709A CN 110177110 A CN110177110 A CN 110177110A
- Authority
- CN
- China
- Prior art keywords
- end address
- request
- request end
- content
- access
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
- H04L67/1001—Protocols in which an application is distributed across nodes in the network for accessing one among a plurality of replicated servers
- H04L67/1004—Server selection for load balancing
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/50—Network services
- H04L67/60—Scheduling or organising the servicing of application requests, e.g. requests for application data transmissions using the analysis and optimisation of the required network resources
- H04L67/63—Routing a service request depending on the request content or context
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Power Engineering (AREA)
- Information Transfer Between Computers (AREA)
Abstract
The invention discloses a kind of contents access method, equipment and computer readable storage medium, method includes: to obtain the request end address for including when receiving the content access request of client transmission in the content access request;Detect whether the request end address is legitimate request end address;If the request end address determines object content distribution network CDN equipment according to preset scheduling strategy for legitimate request end address;The content access request is distributed to the object content distribution network CDN equipment.Through the invention, safety is improved, ensure that the normal operation of CDN system.
Description
Technical field
The present invention relates to field of communication technology more particularly to contents access methods, equipment and computer readable storage medium.
Background technique
CDN (Content Delivery Network, content distributing network) is one kind by placing section everywhere in network
One on the existing Internet basic layer intelligent virtual network that point server is constituted.CDN can be in real time according to net
The connection of network flow and each node, load state and to the integrated informations such as the distance of user and response time by the request of user
It re-directs on the service node nearest from user, the purpose is to the node from user's relative close can be selected to send to user
Content needed for user alleviates the situation of network congestion, improves the response speed of website.
Client only needs for content access request to be sent to CDN system, and system will be automatically by the request of client point
It is assigned to corresponding CDN equipment, so that corresponding data distributing will be requested to client.But due to depositing for some malicious clients
It can threaten safely to CDN system, affect the normal operation of CDN system.
Summary of the invention
The main purpose of the present invention is to provide a kind of contents access method, equipment and computer readable storage medium, purports
The technical issues of solving the presence due to some malicious clients, influencing the normal operation of CDN system.
To achieve the above object, the present invention provides a kind of contents access method, and the contents access method includes following step
It is rapid:
When receiving the content access request of client transmission, the request end for including in the content access request is obtained
Address;
Detect whether the request end address is legitimate request end address;
If the request end address is legitimate request end address, according to preset scheduling strategy, object content point is determined
Hairnet network CDN equipment;
The content access request is distributed to the object content distribution network CDN equipment.
Optionally, described to detect that the step of whether the request end address is legitimate request end address includes:
Detect whether the request end address is legitimate ip address;
If the request end address is legitimate ip address, the request end address corresponding visit in preset period of time is obtained
Ask request number of times;
Detect whether the access request number is greater than preset times;
If the access request number is less than or equal to preset times, it is determined that the request end address is legitimate request end
Address.
Optionally, described to detect that the step of whether the request end address is legitimate ip address includes:
It is four segment datas by the request end address dividing according to the separator in the request end address;
It detects in four segment data with the presence or absence of the data less than zero or greater than 255;
If determining the request end address there is no the data less than zero or greater than 255 in four segment data to close
Method IP address.
Optionally, if the content access request is legal content access request, according to preset scheduling strategy,
The step of determining object content distribution network CDN equipment include:
If the content access request is legal content access request, according to global load balancing GSLB strategy and locally
Load balancing SLB strategy, determines object content distribution network CDN equipment.
In addition, to achieve the above object, the present invention also provides a kind of content access device, the content access device packet
It includes: memory, processor and being stored in the access to content program that can be run on the memory and on the processor, it is described
The step of access to content program realizes contents access method as described above when being executed by processor.
In addition, to achieve the above object, it is described computer-readable the present invention also provides a kind of computer readable storage medium
Access to content program is stored on storage medium, the access to content program realizes content as described above when being executed by processor
The step of access method.
In the present invention, when receiving the content access request of client transmission, obtains and wrapped in the content access request
The request end address contained;Detect whether the request end address is legitimate request end address;If the request end address is legal
Request end address determines object content distribution network CDN equipment then according to preset scheduling strategy;The access to content is asked
Ask distribution to the object content distribution network CDN equipment.Through the invention, it is asked in the access to content for receiving client transmission
When asking, whether the request end address for including in detection content access request is legitimate request end address, is only detecting request
When end address is legitimate request end address, ability response contents access request improves safety, ensure that the normal of CDN system
Operation.
Detailed description of the invention
Fig. 1 is the content access device structural schematic diagram for the hardware running environment that the embodiment of the present invention is related to;
Fig. 2 is the flow diagram of the content of present invention access method first embodiment.
The embodiments will be further described with reference to the accompanying drawings for the realization, the function and the advantages of the object of the present invention.
Specific embodiment
It should be appreciated that the specific embodiments described herein are merely illustrative of the present invention, it is not intended to limit the present invention.
The content access device structure for the hardware running environment being related to as shown in FIG. 1, FIG. 1 is the embodiment of the present invention is shown
It is intended to.
As shown in Figure 1, the content access device may include: processor 1001, such as CPU, network interface 1004, user
Interface 1003, memory 1005, communication bus 1002.Wherein, communication bus 1002 is for realizing the connection between these components
Communication.User interface 1003 may include display screen (Display), input unit such as keyboard (Keyboard), optional user
Interface 1003 can also include standard wireline interface and wireless interface.Network interface 1004 optionally may include having for standard
Line interface, wireless interface (such as WI-FI interface).Memory 1005 can be high speed RAM memory, be also possible to stable storage
Device (non-volatile memory), such as magnetic disk storage.Memory 1005 optionally can also be independently of aforementioned processing
The storage device of device 1001.
It will be understood by those skilled in the art that content access device structure shown in Fig. 1 is not constituted to access to content
The restriction of equipment may include perhaps combining certain components or different component cloth than illustrating more or fewer components
It sets.
As shown in Figure 1, as may include that operating system, network are logical in a kind of memory 1005 of computer storage medium
Believe module, Subscriber Interface Module SIM and access to content program.
In content access device shown in Fig. 1, network interface 1004 is mainly used for connecting background server, takes with backstage
Business device carries out data communication;User interface 1003 is mainly used for connecting client (user terminal), carries out data communication with client;
And processor 1001 can be used for calling the access to content program stored in memory 1005, and execute following operation:
When receiving the content access request of client transmission, the request end for including in the content access request is obtained
Address;
Detect whether the request end address is legitimate request end address;
If the request end address is legitimate request end address, according to preset scheduling strategy, object content point is determined
Hairnet network CDN equipment;
The content access request is distributed to the object content distribution network CDN equipment.
Further, processor 1001 can call the access to content program stored in memory 1005, also execute following
Operation:
Detect whether the request end address is legitimate ip address;
If the request end address is legitimate ip address, the request end address corresponding visit in preset period of time is obtained
Ask request number of times;
Detect whether the access request number is greater than preset times;
If the access request number is less than or equal to preset times, it is determined that the request end address is legitimate request end
Address.
Further, processor 1001 can call the access to content program stored in memory 1005, also execute following
Operation:
It is four segment datas by the request end address dividing according to the separator in the request end address;
It detects in four segment data with the presence or absence of the data less than zero or greater than 255;
If determining the request end address there is no the data less than zero or greater than 255 in four segment data to close
Method IP address.
Further, processor 1001 can call the access to content program stored in memory 1005, also execute following
Operation:
If the content access request is legal content access request, according to global load balancing GSLB strategy and locally
Load balancing SLB strategy, determines object content distribution network CDN equipment.
It is the flow diagram of the content of present invention access method first embodiment referring to Fig. 2, Fig. 2.
In one embodiment, contents access method includes:
Step S10 is obtained in the content access request when receiving the content access request of client transmission and is included
Request end address;
In the present embodiment, when CDN system receives the content access request of client transmission, content access request is obtained
In include request end address.
Step S20 detects whether the request end address is legitimate request end address;
In the present embodiment, detect that the step of whether the request end address is legitimate request end address includes:
Detect whether the request end address is legitimate ip address;If the request end address is legitimate ip address, obtain
Take the request end address corresponding access request number in preset period of time;Detect the access request number whether be greater than it is pre-
If number;If the access request number is less than or equal to preset times, it is determined that the request end address is legitimate request end
Address.
In the present embodiment, detecting the step of whether the request end address is legitimate ip address includes: according to the request
The separator in address is held, is four segment datas by the request end address dividing;It detects in four segment data with the presence or absence of small
In zero or the data greater than 255;If the data less than zero or greater than 255 are not present in four segment data, asked described in judgement
Asking end address is legitimate ip address.
In the present embodiment, according to the regulation of IPv4 (being the fourth edition of Internet protocol Internet Protocol, IP):
The legal address IPv4 is divided into four section of three digit: * * * .***.***.***, and every section of three digits are no more than 255, are not less than 0.According to
The regulation can determine whether request end address is legal address.It is four sections by request end address dividing according to separator " "
Three digits are greater than 255 or the number less than 0 if existing in four section of three digit, which is illegal address;If four sections
There is no 255 or the number less than 0 is greater than in three digits, then the request end address is legal address.
Step S30, if the request end address determines mesh according to preset scheduling strategy for legitimate request end address
Mark content distributing network CDN equipment;
In the present embodiment, if content access request is legal content access request, determined first according to request end address
The CDN server set of CDN service can be provided for client, then then according to global load balancing GSLB strategy and local load
Balanced SLB strategy, determines object content distribution network CDN equipment from determining CDN server set.
Step S40 distributes the content access request to the object content distribution network CDN equipment.
In the present embodiment, after determining object content distribution network CDN equipment, just content access request is distributed to target
Content distributing network CDN equipment.
In the present embodiment, when receiving the content access request of client transmission, obtain in the content access request
The request end address for including;Detect whether the request end address is legitimate request end address;If the request end address is to close
Method request end address determines object content distribution network CDN equipment then according to preset scheduling strategy;By the access to content
Request is distributed to the object content distribution network CDN equipment.Through this embodiment, it is visited in the content for receiving client transmission
When asking request, whether the request end address for including in detection content access request is legitimate request end address, is only being detected
When request end address is legitimate request end address, ability response contents access request improves safety, ensure that CDN system
It operates normally.
In addition, the embodiment of the present invention also proposes a kind of computer readable storage medium, the computer readable storage medium
On be stored with access to content program, the access to content program realizes contents access method as above each reality when being executed by processor
The step of applying.
The specific embodiment of computer readable storage medium of the present invention and each embodiment base of above content access method
This is identical, and this will not be repeated here.
It should be noted that, in this document, the terms "include", "comprise" or its any other variant are intended to non-row
His property includes, so that the process, method, article or the system that include a series of elements not only include those elements, and
And further include other elements that are not explicitly listed, or further include for this process, method, article or system institute it is intrinsic
Element.In the absence of more restrictions, the element limited by sentence "including a ...", it is not excluded that including being somebody's turn to do
There is also other identical elements in the process, method of element, article or system.
The serial number of the above embodiments of the invention is only for description, does not represent the advantages or disadvantages of the embodiments.
Through the above description of the embodiments, those skilled in the art can be understood that above-described embodiment side
Method can be realized by means of software and necessary general hardware platform, naturally it is also possible to by hardware, but in many cases
The former is more preferably embodiment.Based on this understanding, technical solution of the present invention substantially in other words does the prior art
The part contributed out can be embodied in the form of software products, which is stored in one as described above
In storage medium (such as ROM/RAM, magnetic disk, CD), including some instructions are used so that terminal device (it can be mobile phone,
Computer, server, air conditioner or network equipment etc.) execute method described in each embodiment of the present invention.
The above is only a preferred embodiment of the present invention, is not intended to limit the scope of the invention, all to utilize this hair
Equivalent structure or equivalent flow shift made by bright specification and accompanying drawing content is applied directly or indirectly in other relevant skills
Art field, is included within the scope of the present invention.
Claims (9)
1. a kind of contents access method, which is characterized in that the contents access method the following steps are included:
When receiving the content access request of client transmission, with obtaining the request end for including in the content access request
Location;
Detect whether the request end address is legitimate request end address;
If the request end address is legitimate request end address, according to preset scheduling strategy, determine that object content distributes net
Network CDN equipment;
The content access request is distributed to the object content distribution network CDN equipment.
2. contents access method as described in claim 1, which is characterized in that whether the detection request end address is conjunction
The step of method request end address includes:
Detect whether the request end address is legitimate ip address;
If the request end address is legitimate ip address, obtains the request end address corresponding access in preset period of time and ask
Seek number;
Detect whether the access request number is greater than preset times;
If the access request number is less than or equal to preset times, it is determined that the request end address is for legitimate request end
Location.
3. contents access method as claimed in claim 2, which is characterized in that whether the detection request end address is conjunction
The step of method IP address includes:
It is four segment datas by the request end address dividing according to the separator in the request end address;
It detects in four segment data with the presence or absence of the data less than zero or greater than 255;
If determining that the request end address is legal IP there is no the data less than zero or greater than 255 in four segment data
Address.
4. contents access method as described in claim 1, which is characterized in that if the content access request is in legal
Hold access request, then according to preset scheduling strategy, the step of determining object content distribution network CDN equipment includes:
If the content access request is legal content access request, according to global load balancing GSLB strategy and local load
Balanced SLB strategy, determines object content distribution network CDN equipment.
5. a kind of content access device, which is characterized in that the content access device includes: memory, processor and is stored in
On the memory and the access to content program that can run on the processor, the access to content program is by the processor
Following steps are realized when execution:
When receiving the content access request of client transmission, with obtaining the request end for including in the content access request
Location;
Detect whether the request end address is legitimate request end address;
If the request end address is legitimate request end address, according to preset scheduling strategy, determine that object content distributes net
Network CDN equipment;
The content access request is distributed to the object content distribution network CDN equipment.
6. content access device as claimed in claim 5, which is characterized in that the access to content program is held by the processor
Following steps are also realized when row:
Detect whether the request end address is legitimate ip address;
If the request end address is legitimate ip address, obtains the request end address corresponding access in preset period of time and ask
Seek number;
Detect whether the access request number is greater than preset times;
If the access request number is less than or equal to preset times, it is determined that the request end address is for legitimate request end
Location.
7. content access device as claimed in claim 5, which is characterized in that the access to content program is held by the processor
Following steps are also realized when row:
It is four segment datas by the request end address dividing according to the separator in the request end address;
It detects in four segment data with the presence or absence of the data less than zero or greater than 255;
If determining that the request end address is legal IP there is no the data less than zero or greater than 255 in four segment data
Address.
8. content access device as claimed in claim 5, which is characterized in that the access to content program is held by the processor
Following steps are also realized when row:
If the content access request is legal content access request, according to global load balancing GSLB strategy and local load
Balanced SLB strategy, determines object content distribution network CDN equipment.
9. a kind of computer readable storage medium, which is characterized in that be stored with content visit on the computer readable storage medium
Ask that program, the access to content program realize access to content according to any one of claims 1 to 4 when being executed by processor
The step of method.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910482709.2A CN110177110A (en) | 2019-06-04 | 2019-06-04 | Contents access method, equipment and computer readable storage medium |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910482709.2A CN110177110A (en) | 2019-06-04 | 2019-06-04 | Contents access method, equipment and computer readable storage medium |
Publications (1)
Publication Number | Publication Date |
---|---|
CN110177110A true CN110177110A (en) | 2019-08-27 |
Family
ID=67697848
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201910482709.2A Pending CN110177110A (en) | 2019-06-04 | 2019-06-04 | Contents access method, equipment and computer readable storage medium |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN110177110A (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113973136A (en) * | 2020-07-07 | 2022-01-25 | 中国移动通信集团广东有限公司 | Traffic scheduling method, device and system |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101222424A (en) * | 2007-12-24 | 2008-07-16 | 中国电信股份有限公司 | Content distribution network and scheduling method based on content in the network |
KR20100129479A (en) * | 2009-06-01 | 2010-12-09 | 삼성에스디에스 주식회사 | Gslb server by domain delegation and cdn service system and method using the same |
CN102137111A (en) * | 2011-04-20 | 2011-07-27 | 北京蓝汛通信技术有限责任公司 | Method and device for preventing CC (Challenge Collapsar) attack and content delivery network server |
CN102932380A (en) * | 2012-11-30 | 2013-02-13 | 网宿科技股份有限公司 | Distributed method and distributed system for preventing malicious attacks based on content distribution network |
US20170366576A1 (en) * | 2016-06-16 | 2017-12-21 | Level 3 Communications, Llc | Systems and methods for preventing denial of service attacks utilizing a proxy server |
-
2019
- 2019-06-04 CN CN201910482709.2A patent/CN110177110A/en active Pending
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101222424A (en) * | 2007-12-24 | 2008-07-16 | 中国电信股份有限公司 | Content distribution network and scheduling method based on content in the network |
KR20100129479A (en) * | 2009-06-01 | 2010-12-09 | 삼성에스디에스 주식회사 | Gslb server by domain delegation and cdn service system and method using the same |
CN102137111A (en) * | 2011-04-20 | 2011-07-27 | 北京蓝汛通信技术有限责任公司 | Method and device for preventing CC (Challenge Collapsar) attack and content delivery network server |
CN102932380A (en) * | 2012-11-30 | 2013-02-13 | 网宿科技股份有限公司 | Distributed method and distributed system for preventing malicious attacks based on content distribution network |
US20170366576A1 (en) * | 2016-06-16 | 2017-12-21 | Level 3 Communications, Llc | Systems and methods for preventing denial of service attacks utilizing a proxy server |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113973136A (en) * | 2020-07-07 | 2022-01-25 | 中国移动通信集团广东有限公司 | Traffic scheduling method, device and system |
CN113973136B (en) * | 2020-07-07 | 2023-04-25 | 中国移动通信集团广东有限公司 | Traffic scheduling method, device and system |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US9122560B2 (en) | System and method of optimization for mobile apps | |
CN109525602B (en) | Method, mobile terminal and system for accessing network based on flow-free platform | |
CN104348798B (en) | A kind of method, apparatus, dispatch server and system for distributing network | |
JP2015508632A (en) | System and method for managing network connection usage | |
CN109462831B (en) | Method, distribution server and system for accessing network by application program in mobile terminal | |
CN109495467B (en) | Method and device for updating interception rule and computer readable storage medium | |
US20140115147A1 (en) | Adjusting quality of service in a cloud environment based on application usage | |
CN109088909B (en) | Service gray level publishing method and device based on merchant type | |
CN109669718A (en) | System permission configuration method, device, equipment and storage medium | |
CN110430205A (en) | Single-point logging method, device, equipment and computer readable storage medium | |
US20170149791A1 (en) | System and method for accessing a service | |
CN109962961A (en) | A kind of reorientation method and system of content distribution network CDN service node | |
CN105610869B (en) | Method and device for scheduling streaming media | |
CN110191186A (en) | CDN server dispatching method, equipment and computer readable storage medium | |
US9866587B2 (en) | Identifying suspicious activity in a load test | |
US20110035499A1 (en) | Discontinuous access management method using waiting ticket for resource allocation control, waiting ticket management method, and resource allocation control method | |
CN110324184A (en) | Service dilatation and moving method, device, system, equipment and readable storage medium storing program for executing | |
CN109729139A (en) | Access request retransmission method, device, equipment and readable storage medium storing program for executing | |
CN105763616B (en) | Resource downloading method and device | |
CN105763545B (en) | A kind of BYOD method and device | |
CN110177110A (en) | Contents access method, equipment and computer readable storage medium | |
CN111930505B (en) | Data resource management method and system for big data platform, server and medium | |
US20150302321A1 (en) | Unit-based licensing for event and digital content access | |
CN111597564A (en) | Data access and permission configuration method, device, terminal and storage medium | |
Totoy et al. | An extensible scheduler for the openlambda faas platform |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20190827 |
|
RJ01 | Rejection of invention patent application after publication |