CN110177128B - Data transmission system and method for establishing VPN connection, terminal and VPN proxy thereof - Google Patents
Data transmission system and method for establishing VPN connection, terminal and VPN proxy thereof Download PDFInfo
- Publication number
- CN110177128B CN110177128B CN201910301355.7A CN201910301355A CN110177128B CN 110177128 B CN110177128 B CN 110177128B CN 201910301355 A CN201910301355 A CN 201910301355A CN 110177128 B CN110177128 B CN 110177128B
- Authority
- CN
- China
- Prior art keywords
- vpn
- http proxy
- terminal
- connection
- proxy client
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/46—Interconnection of networks
- H04L12/4641—Virtual LANs, VLANs, e.g. virtual private networks [VPN]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/14—Session management
- H04L67/141—Setup of application sessions
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/50—Network services
- H04L67/56—Provisioning of proxy services
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L69/00—Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
- H04L69/26—Special purpose or proprietary protocols or architectures
Abstract
The present disclosure relates to a data transmission system and a method, a terminal and a VPN agent for establishing VPN connection, wherein the data transmission system comprises: a terminal, a virtual private network, VPN, server, and a VPN agent for establishing a VPN connection between said terminal and said VPN server; the terminal comprises a first http proxy client supporting a QUIC protocol and used for establishing connection with the VPN proxy based on the QUIC protocol; the VPN agent is used for establishing connection with the VPN server based on a Transmission Control Protocol (TCP) protocol so as to establish VPN connection between the terminal and the VPN server. The method and the device are used for solving the technical problems that the efficiency of network data transmission by using a classical protocol is low and the upgrading difficulty is high in the related technology.
Description
Technical Field
The present disclosure relates to the field of data transmission technologies, and in particular, to a data transmission system, and a method, a terminal, and a VPN agent for establishing a VPN connection.
Background
With the rapid development of the mobile internet and the gradual rise of the internet of things, the network interaction scene is richer and richer, the content of network transmission is larger and larger, and the requirements of users on the network transmission efficiency and the response speed of world wide web (web) are higher and higher.
In the related technology, the classic protocols such as the TCP and the TLS are used in the application scene of the network transmission, the transmission efficiency of the classic protocols is low, and the requirement for high-efficiency network transmission is difficult to meet.
Disclosure of Invention
The invention aims to provide a data transmission system, a method for establishing VPN connection, a terminal and a VPN proxy thereof, which are used for solving the technical problems of low network data transmission efficiency and high upgrading difficulty in the related technology by using a classical protocol.
In order to achieve the above object, in a first aspect of the embodiments of the present disclosure, a data transmission system is provided, including:
a terminal, a virtual private network, VPN, server, and a VPN agent for establishing a VPN connection between said terminal and said VPN server;
the terminal comprises a first http proxy client supporting a QUIC protocol and used for establishing connection with the VPN proxy based on the QUIC protocol;
the VPN agent is used for establishing connection with the VPN server based on a Transmission Control Protocol (TCP) protocol so as to establish VPN connection between the terminal and the VPN server.
Optionally, the VPN agent includes an http proxy server supporting a QUIC protocol, and the terminal includes a configuration module, configured to obtain address information of the http proxy server included in the VPN agent, and configure the first http proxy client according to the address information.
Optionally, the terminal includes a second http proxy client supporting a TCP protocol;
the terminal is further used for determining whether the first http proxy client is in a starting state or not when receiving a VPN tunnel establishment instruction;
and if the first http proxy client is not in the enabled state, establishing connection with the VPN proxy based on the second http proxy client.
Optionally, the terminal is further configured to establish a TCP connection between the second http proxy client and the first http proxy client when the first http proxy client is in an enabled state, where the second http proxy client is configured to send data of a TCP protocol to the first http proxy client.
Optionally, the VPN agent is deployed on the same electronic device as the VPN server.
In a second aspect of the embodiments of the present disclosure, a VPN agent is provided, where the VPN agent is any one of the VPN agents in the first aspect.
In a third aspect of the embodiments of the present disclosure, a terminal is provided, where the terminal is the terminal in any one of the first aspect.
In a fourth aspect of the embodiments of the present disclosure, a method for establishing a VPN connection is provided, which is applied to a terminal, and includes:
when a VPN connection establishment instruction is received, determining whether a first http proxy client in the terminal is in a starting state or not, wherein the first http proxy client is an http proxy client supporting a QUIC protocol;
and if the first http proxy client is in an enabled state, establishing connection with a VPN proxy based on the first http proxy client, wherein the VPN proxy is used for establishing connection with a VPN server based on a TCP protocol so as to establish VPN connection between the terminal and the VPN server.
Optionally, before the establishing a connection with a VPN proxy based on the first http proxy client, the method includes:
and establishing a TCP connection between a second http proxy client in the terminal and the first http proxy client, wherein the second http proxy client is an http proxy client supporting a TCP protocol in the terminal.
Optionally, the method further comprises:
acquiring address information of an http proxy server supporting a QUIC protocol, wherein the VPN proxy server supports the QUIC protocol;
configuring the first http proxy client according to the address information;
the establishing of the connection with the VPN agent based on the first http agent client comprises the following steps:
and establishing connection with an http proxy server supporting a QUIC protocol and included in the VPN proxy according to the address information.
According to the technical scheme, the first http proxy client supporting the QUIC protocol and arranged on the terminal is connected with the VPN proxy on the basis of the QUIC protocol, the VPN proxy is connected with the VPN server on the basis of the TCP protocol, so that information acquired by the terminal can be transmitted to the VPN proxy on the basis of the QUIC protocol, the transmission rate of the QUIC protocol is high, the terminal does not depend on an operating system and intermediate equipment, and the requirement for high-efficiency network transmission in part of application scenes of network transmission can be met.
Additional features and advantages of the disclosure will be set forth in the detailed description which follows.
Drawings
The accompanying drawings, which are included to provide a further understanding of the disclosure and are incorporated in and constitute a part of this specification, illustrate embodiments of the disclosure and together with the description serve to explain the disclosure without limiting the disclosure. In the drawings:
FIG. 1 is a block diagram illustrating a data transmission system in accordance with an exemplary embodiment.
Fig. 2 is another block diagram illustrating a data transmission system in accordance with an example embodiment.
Fig. 3 is another block diagram illustrating a data transmission system in accordance with an example embodiment.
Fig. 4 is a flowchart illustrating a method of establishing a VPN connection according to an example embodiment.
Fig. 5 is another flow chart illustrating a method of establishing a VPN connection according to an example embodiment.
Fig. 6 is another flow chart illustrating a method of establishing a VPN connection according to an example embodiment.
Fig. 7 is a block diagram illustrating a terminal according to an example embodiment.
Detailed Description
The following detailed description of specific embodiments of the present disclosure is provided in connection with the accompanying drawings. It should be understood that the detailed description and specific examples, while indicating the present disclosure, are given by way of illustration and explanation only, not limitation.
Since the rise of the Internet in the 90 s of the 20 th century, most Internet data transmission uses some classical protocols, such as routing using IPV4(Internet Protocol version 4), flow Control using tcp (transmission Control Protocol) for link Layer, transmission security using tls (transport Layer security), and the like.
On the other hand, with the rapid development of the mobile internet and the gradual rise of the internet of things, the requirements of users on the network transmission efficiency and the WEB response speed are higher and higher, however, most internet data transmission still uses the classical protocol at present, the transmission rate of the classical protocol is difficult to meet the requirements of high-efficiency data transmission application scenarios, if a brand-new application layer protocol is implemented on the existing TCP and TLS protocols, the deployment cost is high, and the implementation difficulty is high depending on the support of an operating system and intermediate equipment.
In order to solve the above problem, an embodiment of the present disclosure provides a data transmission system, as shown in fig. 1, the system including:
a terminal 10, a virtual private network, VPN, server 30, and a VPN agent 20 for establishing a VPN connection between said terminal 10 and said VPN server 30;
wherein, said terminal 10 comprises a first http proxy client 110 supporting the QUIC protocol for establishing a connection with said VPN proxy 20 based on the QUIC protocol;
the VPN agent 20 is configured to establish a connection with the VPN server 30 based on a transmission control protocol TCP protocol to establish a VPN connection between the terminal 10 and the VPN server 30.
Compared with the HTTP/2.0 protocol and the TLS protocol which are widely used at present, the quic (quick UDPInternet connection) protocol is a protocol which uses UDP (user data protocol) to perform multi-path concurrent transmission, reduces three-way handshake of TCP and handshake time of TLS, and has high data transmission efficiency due to the use of UDP.
Specifically, the terminal 10 may be an electronic device used by a user, such as a computer, and the number of the terminals 10 may be one or more. The VPN agent 20 is a virtual module for constructing a VPN tunnel, which may be a module constructed based on OpenVPN software, for example. The first Http Proxy Client 110 is a Proxy Client supporting the QUIC protocol, and may be a module constructed based on OpenVPN software, such as a QUIC Http-Proxy Client module. A first http proxy client 110 is deployed at the terminal 10 for establishing a connection with said VPN agent 20 based on the QUIC protocol. In addition, the VPN agent 20 establishes a connection with the VPN server 30 based on the TCP protocol, wherein the VPN server 30 is an electronic device providing computation, and the number of the VPN servers 30 may be one or more.
As shown in fig. 1, in one possible embodiment, there are 2 terminals 10 and 2 VPN servers 30, and the VPN agent 20 is deployed in a separate server. A connection is established between the VPN agent 20 and each terminal 10 based on the QUIC protocol, and a connection is established between the VPN agent 20 and each VPN server 30 based on the TCP protocol. Further, when the terminal 10 needs to transmit data to the VPN server 30, the data may be transmitted to the VPN agent 20 based on the QUIC protocol, and then the VPN agent 20 may transmit the data to the VPN server 30 based on the TCP protocol. On the other hand, in the embodiment shown in fig. 1, since the VPN agent 20 and the VPN server 30 are deployed in the same IDC (Internet Data Center), and the improvement of the transmission rate due to the use of other protocols is not obvious, the TCP protocol is still used between the VPN agent 20 and the VPN server 30, and the VPN server 30 does not need to be modified, thereby reducing the difficulty in building the entire system. Moreover, the data transmission can be safer by using the VPN agent 20 to transmit data through the VPN tunnel, the terminal 10 only needs to be connected to the port corresponding to the VPN agent 20, and different terminals 10 can be connected to different VPN servers 30 through the VPN agent 20, so that the load balancing and the external port reduction can be achieved.
The first http proxy client 110 supporting the QUIC protocol included in the terminal 10 establishes a connection with the VPN proxy 20 based on the QUIC protocol, and the VPN proxy 20 establishes a connection with the VPN server 30 based on the TCP protocol, so that the information acquired by the terminal 10 can be transmitted to the VPN proxy 20 based on the QUIC protocol, and the transmission rate of the QUIC protocol is fast, and is not dependent on an operating system and intermediate equipment, and can meet the requirement for efficient network transmission in part of application scenarios of network transmission.
Optionally, as shown in fig. 2, the VPN agent 20 includes an http proxy server 210 supporting a QUIC protocol, and the terminal 10 includes a configuration module 130, configured to obtain address information of the http proxy server 210 included in the VPN agent 20, and configure the first http proxy client 110 according to the address information.
Specifically, the Http Proxy 210 may be a module established based on OpenVPN, such as a QUIC Http-Proxy Server module, and the configuration module 130 may be a module established based on OpenVPN. OpenVPN is a source opening software, is convenient to use and has high transformation performance. After acquiring the address information, such as the IP and the port, of the http proxy server 210 included in the VPN proxy 20, the configuration module 130 configures the first http proxy client 110 according to the acquired address information, so that the first http proxy client 110 establishes a connection with the http proxy server 210 in the VPN proxy 20.
Optionally, as shown in fig. 2, the terminal 10 includes a second http proxy client 120 supporting the TCP protocol;
the terminal 10 is further configured to, when receiving a VPN tunnel establishment instruction, determine whether the first http proxy client 110 is in an enabled state;
if the first http proxy client 110 is not in the enabled state, a connection is established with the VPN agent 20 based on the second http proxy client 120.
As shown in fig. 2, the second http proxy Client 120 may be an OpenVPNClient module established based on OpenVPN, and the OpenVPN Client module may establish a connection with the VPN proxy 20 based on a TCP protocol, or may establish a connection with the first http proxy Client 110 based on a TCP protocol. When receiving a VPN tunnel establishment instruction, detecting whether the first http proxy client 110 is in an enabled state, if the first http proxy client 110 is not in the enabled state, indicating that the terminal 10 cannot establish connection with the VPN proxy 20 based on a QUIC protocol, and further selecting to establish connection with the VPN proxy 20 based on the second http proxy client 120, so that the connection between the terminal 10 and the VPN proxy 20 is established based on a TCP protocol, and the establishment of the VPN tunnel is ensured to enable data to be transmitted, or selecting not to enable the first http proxy client 110 under the condition that the requirement on the data transmission efficiency is not high, and further providing multiple choices by using the TCP protocol to transmit data between the terminal 10 and the VPN proxy 20 based on the second http proxy client 120.
Optionally, the terminal 10 is further configured to, when the first http proxy client 110 is in an enabled state, establish a TCP connection between the second http proxy client 120 and the first http proxy client 110, where the second http proxy client 120 is configured to send data of a TCP protocol to the first http proxy client 110.
Specifically, when the first http proxy client 110 is detected to be in the enabled state, a TCP connection between the second http proxy client 120 and the first http proxy client 110 is established, so that data can be transmitted between the terminal 10 and the VPN agent 20 based on the QUIC protocol, and the transmission efficiency is high. For example, when the terminal 10 needs to transmit data to the VPN server 30, the second http proxy client 120 transmits the data to the first http proxy client 110 based on the TCP protocol, the first http proxy client 110 transmits the data to the VPN agent 20 based on the QUIC protocol, and finally the VPN agent 20 transmits the data to the VPN server 30 based on the TCP protocol, thereby completing the transmission of the data from the terminal 10 to the server. Most of the second http proxy Client 120 is an existing module, for example, an OpenVPN Client module in OpenVPN, so that only the second http proxy Client 120 needs to be added to establish a connection between the terminal 10 and the VPN proxy 20, which is easy to implement and low in modification cost.
Alternatively, as shown in fig. 3, the VPN agent 20 is deployed on the same electronic device 40 as the VPN server 30.
As shown in fig. 3, the VPN agent 20 is private to the VPN server 30, and compared to the VPN agent 20 connected to a plurality of VPN servers 30 (see fig. 1 or fig. 2), the load of the VPN agent 20 can be reduced, and the electronic device 40 where the VPN agent 20 is located can be prevented from being overloaded and down. The terminal 10 can establish a connection with the VPN server 30 directly based on the address information of the VPN server 30.
In addition, functional units in the embodiments of the present disclosure may be integrated into one processing unit, or each unit may be physically included alone, or two or more units may be integrated into one unit. The integrated unit can be realized in a form of hardware, or in a form of hardware plus a software functional unit.
In another aspect of the embodiments of the present disclosure, a VPN agent is further provided, where the VPN agent is configured as a VPN agent in any of the data transmission systems described above, for example, the VPN agent 20 in fig. 1, and reference may specifically be made to the description of fig. 1 in the above embodiments, and details are not repeated here.
In another aspect of the embodiments of the present disclosure, a terminal is further provided, where the terminal is configured as a terminal in any one of the data transmission systems described above, for example, the terminal 10 in fig. 1, and specific reference may be made to the description of fig. 1 in the above embodiments, and details are not repeated here.
As shown in fig. 4, an embodiment of the present disclosure further provides a method for establishing a VPN connection, which may be applied to the terminal 10 shown in fig. 1, where as shown in fig. 1, the method includes:
and S11, when receiving the VPN connection establishment instruction, determining whether a first http proxy client in the terminal is in a starting state.
The first http proxy client is an http proxy client supporting a QUIC protocol.
And S12, if the first http proxy client is in a starting state, establishing connection with a VPN proxy based on the first http proxy client, wherein the VPN proxy is used for establishing connection with a VPN server based on a TCP protocol so as to establish VPN connection between the terminal and the VPN server.
The method comprises the steps that when a terminal receives a VPN connection establishment instruction and determines that a first http proxy client in the terminal is in an enabled state, connection is established between the first http proxy client and a VPN proxy, information acquired by the terminal can be transmitted to the VPN proxy based on a QUIC protocol, the transmission rate of the QUIC protocol is high, and the method does not depend on an operating system and intermediate equipment, and can meet the requirement for high-efficiency network transmission in part of application scenes of network transmission.
Fig. 5 is another flowchart illustrating a method of establishing a VPN connection according to an exemplary embodiment, as shown in fig. 5, the method comprising:
and S21, when receiving the VPN connection establishment instruction, determining whether a first http proxy client in the terminal is in a starting state.
The first http proxy client is an http proxy client supporting a QUIC protocol.
S22, if the first http proxy client is in the enabled state, establishing a TCP connection between a second http proxy client in the terminal and the first http proxy client.
And the second http proxy client is an http proxy client supporting a TCP in the terminal.
And S23, establishing connection with a VPN proxy based on the first http proxy client, wherein the VPN proxy is used for establishing connection with a VPN server based on a TCP protocol so as to establish VPN connection between the terminal and the VPN server.
Fig. 6 is another flowchart illustrating a method of establishing a VPN connection according to an exemplary embodiment, as shown in fig. 6, the method including:
and S31, when receiving the VPN connection establishment instruction, determining whether a first http proxy client in the terminal is in a starting state.
The first http proxy client is an http proxy client supporting a QUIC protocol.
S32, if the first http proxy client is in the enabled state, establishing a TCP connection between a second http proxy client in the terminal and the first http proxy client.
And the second http proxy client is an http proxy client supporting a TCP in the terminal.
S33, acquiring the address information of the http proxy server which supports the QUIC protocol and is included in the VPN proxy.
And S34, configuring the first http proxy client according to the address information.
And S35, establishing connection with an http proxy server which supports QUIC protocol and is included in the VPN proxy according to the address information, wherein the VPN proxy is used for establishing connection with the VPN server based on TCP protocol so as to establish VPN connection between the terminal and the VPN server.
With regard to the method in the above-described embodiment, the respective steps have been described in detail in the related embodiment of the above-described data transmission system, and will not be elaborated herein.
Fig. 7 is a block diagram illustrating a terminal according to an example embodiment. As shown in fig. 7, the terminal 700 may include: a processor 701 and a memory 702. The terminal 700 can also include one or more of a multimedia component 703, an input/output (I/O) interface 704, and a communication component 705.
The processor 701 is configured to control the overall operation of the terminal 700, so as to complete all or part of the steps in the above-mentioned VPN connection establishment method. The memory 702 is used to store various types of data to support operation of the terminal 700, such as instructions for any application or method operating on the terminal 700 and application-related data, such as contact data, messaging, pictures, audio, video, and the like. The Memory 702 may be implemented by any type of volatile or non-volatile Memory device or combination thereof, such as Static Random Access Memory (SRAM), Electrically Erasable Programmable Read-Only Memory (EEPROM), Erasable Programmable Read-Only Memory (EPROM), Programmable Read-Only Memory (PROM), Read-Only Memory (ROM), magnetic Memory, flash Memory, magnetic disk, or optical disk. The multimedia components 703 may include screen and audio components. Wherein the screen may be, for example, a touch screen and the audio component is used for outputting and/or inputting audio signals. For example, the audio component may include a microphone for receiving external audio signals. The received audio signal may further be stored in the memory 702 or transmitted through the communication component 705. The audio assembly also includes at least one speaker for outputting audio signals. The I/O interface 704 provides an interface between the processor 701 and other interface modules, such as a keyboard, mouse, buttons, etc. These buttons may be virtual buttons or physical buttons. The communication component 705 is used for wired or wireless communication between the terminal 700 and other devices. Wireless Communication, such as Wi-Fi, bluetooth, Near Field Communication (NFC), 2G, 3G, 4G, NB-IOT, eMTC, or other 5G, etc., or a combination of one or more of them, which is not limited herein. The corresponding communication component 705 may thus include: Wi-Fi module, Bluetooth module, NFC module, etc.
In an exemplary embodiment, the terminal 700 may be implemented by one or more Application Specific Integrated Circuits (ASICs), Digital Signal Processors (DSPs), Digital Signal Processing Devices (DSPDs), Programmable Logic Devices (PLDs), Field Programmable Gate Arrays (FPGAs), controllers, microcontrollers, microprocessors or other electronic components for performing the above-mentioned VPN connection establishment method.
In another exemplary embodiment, a computer readable storage medium is also provided, which comprises program instructions, which when executed by a processor, implement the steps of the above-described VPN connection establishment method. For example, the computer readable storage medium may be the above-mentioned memory 702 including program instructions executable by the processor 701 of the terminal 700 to perform the above-mentioned VPN connection establishment method.
The preferred embodiments of the present disclosure are described in detail with reference to the accompanying drawings, however, the present disclosure is not limited to the specific details of the above embodiments, and various simple modifications may be made to the technical solution of the present disclosure within the technical idea of the present disclosure, and these simple modifications all belong to the protection scope of the present disclosure. Example (b)
It should be noted that, in the foregoing embodiments, various features described in the above embodiments may be combined in any suitable manner, and in order to avoid unnecessary repetition, various combinations that are possible in the present disclosure are not described again.
In addition, any combination of various embodiments of the present disclosure may be made, and the same should be considered as the disclosure of the present disclosure, as long as it does not depart from the spirit of the present disclosure.
Claims (9)
1. A data transmission system, comprising:
the VPN proxy and the VPN server are deployed in the same Internet data center, and the VPN proxy is connected with one or more terminals;
the terminal comprises a first http proxy client supporting a QUIC protocol and used for establishing connection with the VPN proxy based on the QUIC protocol;
the VPN agent is used for establishing connection with the VPN server based on a Transmission Control Protocol (TCP) protocol so as to establish VPN connection between the terminal and the VPN server.
2. The system according to claim 1, wherein said VPN agent comprises an http proxy server supporting a QUIC protocol, and said terminal comprises a configuration module configured to obtain address information of said http proxy server included in said VPN agent, and configure said first http proxy client according to said address information.
3. The system of claim 2, wherein the terminal comprises a second http proxy client supporting TCP protocol;
the terminal is further used for determining whether the first http proxy client is in a starting state or not when receiving a VPN tunnel establishment instruction;
and if the first http proxy client is not in the enabled state, establishing connection with the VPN proxy based on the second http proxy client.
4. The system according to claim 3, wherein the terminal is further configured to establish a TCP connection between the second http proxy client and the first http proxy client when the first http proxy client is in an enabled state, and the second http proxy client is configured to send data of a TCP protocol to the first http proxy client.
5. A VPN agent for establishing a VPN connection between a terminal and a VPN server, wherein said VPN agent is deployed in the same internet data centre as said VPN server, wherein said VPN agent is connected to one or more of said terminals, wherein said terminal comprises a first http proxy client supporting a QUIC protocol for establishing a connection to said VPN agent based on the QUIC protocol.
6. A terminal, characterized in that the terminal comprises a first http proxy client supporting a QUIC protocol for establishing a connection with a VPN agent based on the QUIC protocol, wherein the VPN agent is deployed in the same internet data center as a VPN server, and the VPN agent is connected to one or more of the terminals.
7. A VPN connection establishing method is applied to a terminal and comprises the following steps:
when a VPN connection establishment instruction is received, determining whether a first http proxy client in the terminal is in a starting state or not, wherein the first http proxy client is an http proxy client supporting a QUIC protocol;
if the first http proxy client is in an enabled state, connection is established between the first http proxy client and a VPN proxy based on the first http proxy client, the VPN proxy is used for establishing connection with a VPN server based on a TCP protocol so as to establish VPN connection between the terminal and the VPN server, the VPN proxy and the VPN server are deployed in the same Internet data center, and the VPN proxy is connected with one or more terminals.
8. The method according to claim 7, prior to said establishing a connection with a VPN proxy based on said first http proxy client, comprising:
and establishing a TCP connection between a second http proxy client in the terminal and the first http proxy client, wherein the second http proxy client is an http proxy client supporting a TCP protocol in the terminal.
9. The method according to claim 7 or 8, characterized in that the method further comprises:
acquiring address information of an http proxy server supporting a QUIC protocol, wherein the VPN proxy server supports the QUIC protocol;
configuring the first http proxy client according to the address information;
the establishing of the connection with the VPN agent based on the first http agent client comprises the following steps:
and establishing connection with an http proxy server supporting a QUIC protocol and included in the VPN proxy according to the address information.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910301355.7A CN110177128B (en) | 2019-04-15 | 2019-04-15 | Data transmission system and method for establishing VPN connection, terminal and VPN proxy thereof |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910301355.7A CN110177128B (en) | 2019-04-15 | 2019-04-15 | Data transmission system and method for establishing VPN connection, terminal and VPN proxy thereof |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN110177128A CN110177128A (en) | 2019-08-27 |
| CN110177128B true CN110177128B (en) | 2022-02-01 |
Family
ID=67689651
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910301355.7A Active CN110177128B (en) | 2019-04-15 | 2019-04-15 | Data transmission system and method for establishing VPN connection, terminal and VPN proxy thereof |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN110177128B (en) |
Families Citing this family (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110891008A (en) * | 2019-11-21 | 2020-03-17 | 成都云智天下科技股份有限公司 | IP proxy method based on L2TP/IPSEC |
| CN110838967B (en) * | 2019-11-22 | 2021-12-24 | 达闼机器人有限公司 | Virtual private network connection method, server, client and storage medium |
| CN111865940B (en) * | 2020-07-01 | 2022-10-11 | 四川速宝网络科技有限公司 | Transmission optimization method and device |
| CN111885093B (en) * | 2020-09-27 | 2021-03-26 | 腾讯科技(深圳)有限公司 | Event request transmission method and device, storage medium and electronic equipment |
| CN114979261A (en) * | 2021-02-24 | 2022-08-30 | 华为技术有限公司 | Service interaction method, terminal, server and system |
Citations (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101345741A (en) * | 2007-07-13 | 2009-01-14 | 盛大计算机(上海)有限公司 | Proxy system and proxy connecting method based on internet |
| CN103840994A (en) * | 2012-11-23 | 2014-06-04 | 华耀(中国)科技有限公司 | System and method for user side to access intranet through VPN |
| CN206313803U (en) * | 2016-12-16 | 2017-07-07 | 青岛蘑菇网络技术有限公司 | A kind of router for realizing network game acceleration |
| CN106973107A (en) * | 2017-03-29 | 2017-07-21 | 小沃科技有限公司 | A kind of mobile client orientation flow agency plant realized based on hook modes and method |
| CN107154865A (en) * | 2017-04-13 | 2017-09-12 | 上海寰创通信科技股份有限公司 | A kind of method based on outer net managing intranet equipment |
| WO2018087721A1 (en) * | 2016-11-11 | 2018-05-17 | Ologn Technologies Ag | Systems, apparatuses and methods for cooperating routers |
| CN108063714A (en) * | 2016-11-09 | 2018-05-22 | 北京国双科技有限公司 | A kind of processing method and processing device of network request |
| CN108650061A (en) * | 2018-04-24 | 2018-10-12 | 达闼科技(北京)有限公司 | VPN Proxy Methods, device, storage medium and system based on FEC |
| WO2018210428A1 (en) * | 2017-05-19 | 2018-11-22 | Telefonaktiebolaget Lm Ericsson (Publ) | Technique for enabling multipath transmission |
| CN109155744A (en) * | 2016-04-01 | 2019-01-04 | 诺基亚通信公司 | Dynamic experience management in communication |
| CN109309685A (en) * | 2018-10-31 | 2019-02-05 | 北京百度网讯科技有限公司 | Information transferring method and device |
| CN112586086A (en) * | 2018-08-22 | 2021-03-30 | 特萨雷斯股份有限公司 | Multi-path access network |
Family Cites Families (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2016107654A1 (en) * | 2014-12-30 | 2016-07-07 | Telefonaktiebolaget Lm Ericsson (Publ) | Technique for providing quality enhancements to an application residing on a user terminal |
| US10511521B2 (en) * | 2016-08-03 | 2019-12-17 | Anchorfree Inc. | System and method for virtual multipath data transport |
| CN106685956B (en) * | 2016-12-27 | 2019-10-11 | 上海斐讯数据通信技术有限公司 | A kind of the VPN network connection method and system of router |
| CN109547824B (en) * | 2018-11-27 | 2020-09-15 | 亦非云互联网技术(上海)有限公司 | Video service method and system, storage medium and VPN server |
-
2019
- 2019-04-15 CN CN201910301355.7A patent/CN110177128B/en active Active
Patent Citations (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101345741A (en) * | 2007-07-13 | 2009-01-14 | 盛大计算机(上海)有限公司 | Proxy system and proxy connecting method based on internet |
| CN103840994A (en) * | 2012-11-23 | 2014-06-04 | 华耀(中国)科技有限公司 | System and method for user side to access intranet through VPN |
| CN109155744A (en) * | 2016-04-01 | 2019-01-04 | 诺基亚通信公司 | Dynamic experience management in communication |
| CN108063714A (en) * | 2016-11-09 | 2018-05-22 | 北京国双科技有限公司 | A kind of processing method and processing device of network request |
| WO2018087721A1 (en) * | 2016-11-11 | 2018-05-17 | Ologn Technologies Ag | Systems, apparatuses and methods for cooperating routers |
| CN206313803U (en) * | 2016-12-16 | 2017-07-07 | 青岛蘑菇网络技术有限公司 | A kind of router for realizing network game acceleration |
| CN106973107A (en) * | 2017-03-29 | 2017-07-21 | 小沃科技有限公司 | A kind of mobile client orientation flow agency plant realized based on hook modes and method |
| CN107154865A (en) * | 2017-04-13 | 2017-09-12 | 上海寰创通信科技股份有限公司 | A kind of method based on outer net managing intranet equipment |
| WO2018210428A1 (en) * | 2017-05-19 | 2018-11-22 | Telefonaktiebolaget Lm Ericsson (Publ) | Technique for enabling multipath transmission |
| CN108650061A (en) * | 2018-04-24 | 2018-10-12 | 达闼科技(北京)有限公司 | VPN Proxy Methods, device, storage medium and system based on FEC |
| CN112586086A (en) * | 2018-08-22 | 2021-03-30 | 特萨雷斯股份有限公司 | Multi-path access network |
| CN109309685A (en) * | 2018-10-31 | 2019-02-05 | 北京百度网讯科技有限公司 | Information transferring method and device |
Non-Patent Citations (2)
| Title |
|---|
| QUIC 协议研究;陈振波;《电子测试》;20171231;全文 * |
| 加密流量测量与分析;程光等;《读秀》;20181231;全文 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN110177128A (en) | 2019-08-27 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110177128B (en) | Data transmission system and method for establishing VPN connection, terminal and VPN proxy thereof | |
| CN113261247B (en) | Method and client device for maintaining continuous network service | |
| US9843505B2 (en) | Differentiated quality of service using tunnels with security as a service | |
| KR20150003192A (en) | Enabling web clients to provide web services | |
| US10630739B2 (en) | Parallel peer to peer connection establishment in WebRTC conferencing | |
| CN109088799B (en) | Client access method, device, terminal and storage medium | |
| US9413560B2 (en) | Differentiated quality of service using security as a service | |
| US10419968B2 (en) | Dynamic selection of TCP congestion control for improved performances | |
| KR20150013860A (en) | Clientless cloud computing | |
| US20180091581A1 (en) | Method of switching download mode, control method thereof and control system thereof | |
| CN112165480B (en) | Information acquisition method and device and electronic equipment | |
| US20230179522A1 (en) | Executing workloads across multiple cloud service providers | |
| WO2023040380A1 (en) | Webrtc communication method and system | |
| CN115297164A (en) | Network proxy method, device, electronic equipment and computer readable storage medium | |
| CN108370500B (en) | Optimized settings for wireless devices | |
| US11277379B2 (en) | Modification of application-provided turn servers | |
| CN113810448B (en) | Cloud service method, deployment method, device, electronic equipment and storage medium | |
| CN114520780A (en) | Access method and device for proxy server | |
| CN112565458A (en) | Platform remote control method and device, storage medium and electronic equipment | |
| CN113810425B (en) | Parallel network transmission method, device, equipment and storage medium | |
| US20180288140A1 (en) | Communication device and a communication network | |
| CN115412599B (en) | Message data forwarding method, device and server | |
| CN113824808B (en) | Method and system for network address translation penetration using an intermediate meeting proxy | |
| CN112565048B (en) | Three-layer VPN (virtual private network) network creation method, three-layer VPN network data transmission method, three-layer VPN network creation device, three-layer VPN network data transmission device and electronic equipment | |
| CN111147520B (en) | Information processing method and device executed by firewall |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20210305 Address after: 201111 2nd floor, building 2, no.1508, Kunyang Road, Minhang District, Shanghai Applicant after: Dalu Robot Co.,Ltd. Address before: 518000 Room 201, building A, No. 1, Qian Wan Road, Qianhai Shenzhen Hong Kong cooperation zone, Shenzhen, Guangdong (Shenzhen Qianhai business secretary Co., Ltd.) Applicant before: Shenzhen Qianhaida Yunyun Intelligent Technology Co.,Ltd. |
|
| TA01 | Transfer of patent application right | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| CP03 | Change of name, title or address |
Address after: 201111 Building 8, No. 207, Zhongqing Road, Minhang District, Shanghai Patentee after: Dayu robot Co.,Ltd. Address before: 201111 2nd floor, building 2, no.1508, Kunyang Road, Minhang District, Shanghai Patentee before: Dalu Robot Co.,Ltd. |
|
| CP03 | Change of name, title or address |