CN110430132B - Method and device for binding Socket and VRF - Google Patents
Method and device for binding Socket and VRF Download PDFInfo
- Publication number
- CN110430132B CN110430132B CN201910605300.5A CN201910605300A CN110430132B CN 110430132 B CN110430132 B CN 110430132B CN 201910605300 A CN201910605300 A CN 201910605300A CN 110430132 B CN110430132 B CN 110430132B
- Authority
- CN
- China
- Prior art keywords
- kernel
- vrf
- calling
- pid
- application program
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
- H04L45/54—Organization of routing tables
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
- H04L45/58—Association of routers
- H04L45/586—Association of routers of virtual routers
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L69/00—Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
- H04L69/16—Implementation or adaptation of Internet protocol [IP], of transmission control protocol [TCP] or of user datagram protocol [UDP]
- H04L69/161—Implementation details of TCP/IP or UDP/IP stack architecture; Specification of modified or new header fields
- H04L69/162—Implementation details of TCP/IP or UDP/IP stack architecture; Specification of modified or new header fields involving adaptations of sockets based mechanisms
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Stored Programmes (AREA)
Abstract
The application provides a method and a device for binding Socket and VRF, which are applied to network equipment, and the method comprises the following steps: after detecting that a management program in a user space receives a binding request carrying an application program name and a VRF name, calling a management process corresponding to the management program to create a sub-process; calling the subprocess to analyze the VRF ID corresponding to the VRF name, and calling the subprocess to send an adding request carrying the VRF ID and the PID of the subprocess to the kernel; calling a kernel to store the VRF ID and the PID in a kernel memory; calling the subprocess to analyze the application program identifier corresponding to the application program name, and calling the subprocess to start the application program in the user space corresponding to the application program identifier; calling an application program to send a Socket creating request carrying PID and Socket creating parameters to a kernel; and the calling kernel creates a Socket corresponding to the application program based on the Socket creating parameter and the PID, and returns a description file corresponding to the Socket to the application program. By applying the embodiment of the application, the development difficulty of the application program can be reduced.
Description
Technical Field
The application relates to the technical field of network communication, in particular to a method and a device for binding sockets (sockets) and Virtual Routing Forwarding (VRF).
Background
In some security-demanding scenarios, to achieve network isolation for different scenarios, multiple different VRFs are created on the network device, which by default are all network-isolated. Each VRF has an independent routing table and a physical interface, and generally, in order to reduce resource consumption such as memory, the application programs of the network devices do not implement network isolation based on different VRFs.
When the operating system of the network device is Linux/Unix, the operating system includes a user space and a kernel, a technician can start an application program through a management program, and the application program of the current network device needs to establish Socket for communication with the application programs of other network devices. Because different VRFs in the network device implement network isolation, that is, the network device may have the same routing and Internet Protocol (IP) addresses, the Socket of the application needs to specify the belonging VRF to implement communication between the application and applications of other network devices. Generally, it is necessary to bind, in the kernel, the VRF to which the Socket of the application belongs.
At present, a method for binding Socket and VRF is to call a management process corresponding to a hypervisor to create a sub-process after detecting that the hypervisor in a user space receives a binding request carrying an application name and a VRF name; calling the subprocess to analyze the application program identifier corresponding to the application program name and starting the application program in the user space corresponding to the application program identifier; calling an application program to analyze the VRF ID corresponding to the VRF name and sending an adding request carrying the VRF ID and the PID of the sub-process to a kernel; calling a kernel to store the VRF ID and the PID in a kernel memory; calling an application program to send a Socket creating request carrying PID and Socket creating parameters to a kernel; calling the kernel to create a Socket corresponding to the application program based on the Socket creation parameter and the PID, and returning a description file corresponding to the Socket to the application program; and then, forwarding the message between the application program and the application program of other network equipment based on the VRF corresponding to the VRF ID of the Socket.
In the method, the application program can communicate with the application programs of other network devices under the specified VRF based on the Socket only by supporting the analysis function of the VRF related parameters, and the VRF corresponding to the Socket is set after the Socket of the application program is established. With the development of network technology, more and more applications supporting communication based on Socket are supported by network equipment, so that more and more workload is brought to application developers, the consumption of human resources is increased, and the development difficulty of the applications is improved.
Disclosure of Invention
In view of this, the present application provides a method and an apparatus for binding Socket and VRF, so as to solve the problems of increasing human resource consumption and increasing difficulty in developing an application program in the related art.
Specifically, the method is realized through the following technical scheme:
a method for binding Socket and VRF is applied to network equipment, an operating system of the network equipment comprises a user space and a kernel, and the method comprises the following steps:
after detecting that a management program in the user space receives a binding request carrying an application program name and a virtual routing forwarding table (VRF) name, calling a management process corresponding to the management program to create a sub-process;
calling the sub-process to analyze the VRF identification ID corresponding to the VRF name, and calling the sub-process to send an adding request carrying the VRF ID and the PID of the sub-process to the kernel;
calling the kernel to store the VRF ID and the PID in a kernel memory;
calling the sub-process to analyze the application program identifier corresponding to the application program name, and calling the sub-process to start the application program in the user space corresponding to the application program identifier;
calling the application program to send a Socket creation request carrying the PID and Socket creation parameters to the kernel;
and calling the kernel to create a Socket corresponding to the application program based on the Socket creation parameter and the PID, and calling the kernel to return a description file corresponding to the Socket to the application program.
An apparatus for binding Socket and VRF, applied in a network device, an operating system of the network device including a user space and a kernel, the apparatus comprising:
the first calling module is used for calling a management process corresponding to a management program to create a sub-process after detecting that the management program in the user space receives a binding request carrying an application program name and a virtual routing forwarding table (VRF) name;
the second calling module is used for calling the subprocess to analyze the VRF identification ID corresponding to the VRF name and calling the subprocess to send an adding request carrying the VRF ID and the PID of the subprocess to the kernel;
the third calling module is used for calling the kernel to store the VRF ID and the PID in a kernel memory;
the fourth calling module is used for calling the sub-process to analyze the application program identifier corresponding to the application program name and calling the sub-process to start the application program in the user space corresponding to the application program identifier;
the fifth calling module is used for calling the application program to send a Socket creating request carrying the PID and the Socket creating parameter to the kernel;
and the sixth calling module is used for calling the kernel to create a Socket corresponding to the application program based on the Socket creation parameter and the PID, and calling the kernel to return a description file corresponding to the Socket to the application program.
According to the technical scheme provided by the application, the sub-process is directly called to analyze the VRF ID corresponding to the VRF name, the sub-process is called to send the adding request carrying the VRF ID and the PID of the sub-process to the kernel, and the kernel is called to store the VRF ID and the PID in the kernel memory, so that the network equipment can complete the analyzing function of the VRF name, and the application program is not needed to complete the analyzing function of the VRF, so that less and less workload is brought to application program developers, the human resource consumption is reduced, and the application program development difficulty is reduced.
Drawings
Fig. 1 is a flowchart illustrating a method for binding Socket and VRF according to the present application;
fig. 2 is a flowchart illustrating a method for unbinding a Socket and a VRF according to the present application;
fig. 3 is a schematic structural diagram of a device for binding Socket and VRF shown in this application.
Detailed Description
Reference will now be made in detail to the exemplary embodiments, examples of which are illustrated in the accompanying drawings. When the following description refers to the accompanying drawings, like numbers in different drawings represent the same or similar elements unless otherwise indicated. The embodiments described in the following exemplary embodiments do not represent all embodiments consistent with the present application. Rather, they are merely examples of apparatus and methods consistent with certain aspects of the present application, as detailed in the appended claims.
The terminology used herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the application. As used in this application and the appended claims, the singular forms "a", "an", and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. It should also be understood that the term "and/or" as used herein refers to and encompasses any and all possible combinations of one or more of the associated listed items.
It is to be understood that although the terms first, second, third, etc. may be used herein to describe various information, such information should not be limited to these terms. These terms are only used to distinguish one type of information from another. For example, first information may also be referred to as second information, and similarly, second information may also be referred to as first information, without departing from the scope of the present application. The word "if" as used herein may be interpreted as "at … …" or "when … …" or "in response to a determination", depending on the context.
In order to solve the above problem, embodiments of the present invention provide a method for binding Socket and VRF, so as to reduce human resource consumption and reduce difficulty in developing an application program. Referring to fig. 1, fig. 1 is a flowchart of a method for binding Socket and VRF shown in the present application, which is applied in a network device, an operating system of the network device may be, but is not limited to, Linux/Unix, and the following description takes the operating system as Linux/Unix as an example, where the operating system includes a user space and a kernel.
S11: and after detecting that a management program in the user space receives a binding request carrying an application program name and a virtual routing forwarding table (VRF) name, calling the management process corresponding to the management program to create a sub-process.
A program which needs to create a Socket for communication can be defined as an application program, and the application program can include, but is not limited to telnet, ping, ssh, tftp, ftp and the like; programs that can invoke applications to communicate under a specified VRF are defined as hypervisors, which may include, but are not limited to, command line servlets, web servlets, and the like. The program is run in the form of a process in the operating system, and the process corresponding to the hypervisor may be referred to as a management process.
When a technician needs to specify a VRF for an application, the application name and VRF name may be entered in the hypervisor, e.g., VRF1 may be specified for a ping, the application name is ping, and the VRF name is 1. After detecting that a binding request carrying an application program name and a VRF name is received by a management program in a user space, the network device can call a management process corresponding to the management program to create a sub-process.
S12: and calling the subprocess to analyze the VRF ID corresponding to the VRF name, and sending an adding request carrying the VRF ID and the PID of the subprocess to the kernel.
The VRF name is set for the convenience of technical personnel to identify, and the VRF ID is used in the network equipment, so that a subprocess is required to be called to analyze the VRF ID corresponding to the VRF name; each process has a unique ID, and the ID of a sub-process can be defined as a PID, and then the kernel is requested to add a VRF ID and the PID of the sub-process.
The specific implementation process of calling the subprocess to send the adding request carrying the VRF ID and the PID of the subprocess to the kernel is as follows: the calling sub-process sends the VRF ID and PID to the kernel through a first system call, which may be, but is not limited to, a syscall function.
S13: and calling the kernel to store the VRF ID and the PID in the kernel memory.
The specific implementation process is as follows: the calling kernel receives VRF ID and PID through first system calling; and calling the kernel to store the VRF and the PID in the kernel memory.
S14: and calling the subprocess to analyze the application program identifier corresponding to the application program name and to start the application program in the user space corresponding to the application program identifier.
The application program name is set for the convenience of technical personnel, and the application program identifier is used in the network equipment, so that the subprocess is required to be called firstly to analyze the application program identifier corresponding to the application program name, and then the subprocess is called to start the application program in the user space corresponding to the application program identifier.
The specific process of calling the subprocess to start the application program in the user space corresponding to the application program identifier is as follows: and calling the subprocess to start the corresponding application program through the exec family function.
S15: and calling the application program to send a Socket creating request carrying PID and Socket creating parameters to the kernel.
After the application program is started, a Socket needs to be created, and the application program can be called to send PID and Socket creating parameters to the kernel through a Socket function.
S16: and the calling kernel creates a Socket corresponding to the application program based on the Socket creating parameter and the PID, and returns a description file corresponding to the Socket to the application program.
The application program can then communicate with the application programs of other network devices based on the created Socket and the VRF corresponding to the Socket.
According to the technical scheme provided by the application, the sub-process is directly called to analyze the VRF ID corresponding to the VRF name, the sub-process is called to send the adding request carrying the VRF ID and the PID of the sub-process to the kernel, and the kernel is called to store the VRF ID and the PID in the kernel memory, so that the network equipment can complete the analyzing function of the VRF name, the application program is not needed to complete the analyzing function of the VRF, and therefore less and less workload is brought to application program developers, the human resource consumption is reduced, and the application program development difficulty is reduced.
Specifically, the invoking kernel in S16 creates a Socket corresponding to the application program based on the Socket creation parameter and the PID, and the implementation process specifically includes:
calling an inner core to create a Struck Socket structure based on Socket creation parameters, wherein the field value of a VRF ID field in the Struck Socket structure is default to zero;
calling a kernel to search PID from a kernel memory;
and calling the kernel to replace the field value of the VRF ID field in the Struck Sock structure with the found VRF ID corresponding to the PID.
Therefore, when the kernel is called to create a Socket corresponding to the application program based on the Socket creation parameters and the PID, the kernel is called to create the Struct Socket structure based on the Socket creation parameters, the field value of the VRF ID field in the Struct Socket structure is defaulted to zero, and then the kernel is called to replace the field value of the VRF ID field in the Struct Socket structure with the found VRF ID corresponding to the PID.
In the above, a method for binding Socket and VRF is introduced, and sometimes it is necessary to unbind a binding relationship between Socket and VRF, and please refer to fig. 2, where fig. 2 is a flowchart of a method for unbinding Socket and VRF shown in this application, and on the basis of fig. 1, the method further includes:
s17: and after detecting an exit instruction aiming at the application program, calling the subprocess to send a deletion request carrying the VRF ID and the PID to the kernel.
The specific process is as follows: the calling sub-process sends the VRF ID and PID to the kernel through a second system call.
S18: and calling the kernel to delete the VRF ID and the PID in the kernel memory.
The specific process is as follows: the calling kernel receives VRF ID and PID through second system calling; and calling the kernel to search and delete the VRF and the PID in the kernel memory.
After the application program exits, the established binding relationship between the Socket and the VRF does not need to be saved, and at this time, the binding relationship can be released through S17 and S18, so that the resources of the network device can be further saved.
Referring to fig. 3, fig. 3 is a schematic structural diagram of a device for binding Socket and VRF shown in this application, and is applied to a network device, where the device includes:
the first calling module 31 is configured to call a management process corresponding to a hypervisor to create a sub-process after detecting that the hypervisor in the user space receives a binding request carrying an application name and a virtual routing forwarding table VRF name;
the second calling module 32 is configured to call the sub-process to analyze the VRF identifier ID corresponding to the VRF name, and call the sub-process to send an addition request carrying the VRF ID and the PID of the sub-process to the kernel;
the third calling module 33 is used for calling the kernel to store the VRF ID and the PID in the kernel memory;
a fourth calling module 34, configured to call the sub-process to analyze the application identifier corresponding to the application name, and call the sub-process to start the application in the user space corresponding to the application identifier;
a fifth calling module 35, configured to call an application program to send a Socket creation request carrying PID and Socket creation parameters to the kernel;
and a sixth calling module 36, configured to call the kernel to create a Socket corresponding to the application program based on the Socket creation parameter and the PID, and call the kernel to return a description file corresponding to the Socket to the application program.
According to the technical scheme provided by the application, the sub-process is directly called to analyze the VRF ID corresponding to the VRF name, the sub-process is called to send the adding request carrying the VRF ID and the PID of the sub-process to the kernel, and the kernel is called to store the VRF ID and the PID in the kernel memory, so that the network equipment can complete the analyzing function of the VRF name, the application program is not needed to complete the analyzing function of the VRF, and therefore less and less workload is brought to application program developers, the human resource consumption is reduced, and the application program development difficulty is reduced.
Specifically, the second invoking module 32 is configured to invoke the sub-process to send an addition request carrying the VRF ID and the PID of the sub-process to the kernel, and specifically configured to:
the calling sub-process sends the VRF ID and PID to the kernel through the first system call.
Specifically, the third invoking module 33 is configured to invoke the kernel to store the VRF ID and the PID in the kernel memory, and specifically configured to:
the calling kernel receives VRF ID and PID through first system calling;
and calling the kernel to store the VRF and the PID in the kernel memory.
Specifically, the sixth calling module 36 is configured to call a kernel to create a Socket corresponding to the application program based on a Socket creation parameter and a PID, and specifically configured to:
calling an inner core to create a Struck Socket structure based on Socket creation parameters, wherein the field value of a VRF ID field in the Struck Socket structure is default to zero;
calling a kernel to search PID from a kernel memory;
and calling the kernel to replace the field value of the VRF ID field in the Struck Sock structure with the found VRF ID corresponding to the PID.
In an alternative embodiment, the apparatus further comprises:
the seventh calling module is used for calling the subprocess to send a deletion request carrying the VRF ID and the PID to the kernel after detecting an exit instruction aiming at the application program;
and the eighth calling module is used for calling the kernel to delete the VRF ID and the PID in the kernel memory.
Specifically, the seventh invoking module is configured to invoke the sub-process to send the deletion request carrying the VRF ID and the PID to the kernel, and is specifically configured to:
the calling sub-process sends the VRF ID and PID to the kernel through a second system call.
Specifically, the eighth invoking module is configured to invoke the kernel to delete the VRF ID and the PID in the kernel memory, and specifically is configured to:
the calling kernel receives VRF ID and PID through second system calling;
and calling the kernel to search and delete the VRF and the PID in the kernel memory.
For the device embodiments, since they substantially correspond to the method embodiments, reference may be made to the partial description of the method embodiments for relevant points. The above-described embodiments of the apparatus are merely illustrative, and the units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the modules can be selected according to actual needs to achieve the purpose of the scheme of the application. One of ordinary skill in the art can understand and implement it without inventive effort.
The above description is only exemplary of the present application and should not be taken as limiting the present application, as any modification, equivalent replacement, or improvement made within the spirit and principle of the present application should be included in the scope of protection of the present application.
Claims (12)
1. A method for binding Socket and VRF is applied to network equipment, an operating system of the network equipment comprises a user space and a kernel, and the method is characterized by comprising the following steps:
after detecting that a management program in the user space receives a binding request carrying an application program name and a virtual routing forwarding table (VRF) name, calling a management process corresponding to the management program to create a sub-process;
calling the sub-process to analyze the VRF identification ID corresponding to the VRF name, and calling the sub-process to send an adding request carrying the VRF ID and the PID of the sub-process to the kernel;
calling the kernel to store the VRF ID and the PID in a kernel memory;
calling the sub-process to analyze the application program identifier corresponding to the application program name, and calling the sub-process to start the application program in the user space corresponding to the application program identifier;
calling the application program to send a Socket creation request carrying the PID and Socket creation parameters to the kernel;
calling the kernel to create a Socket corresponding to the application program based on the Socket creation parameter and the PID, and calling the kernel to return a description file corresponding to the Socket to the application program;
the invoking the kernel creates a Socket corresponding to the application program based on the Socket creation parameter and the PID, and specifically includes:
calling the kernel to create a Struck Socket structure based on the Socket creation parameters, wherein the field value of the VRF ID field in the Struck Socket structure is default to zero;
calling the kernel to search the PID from the kernel memory;
and calling the kernel to replace the field value of the VRF ID field in the Struck Sock structure body with the found VRF ID corresponding to the PID.
2. The method according to claim 1, wherein invoking the sub-process to send an add request carrying the VRF ID and the PID of the sub-process to the kernel specifically includes:
and calling the sub-process to send the VRF ID and the PID to the kernel through a first system call.
3. The method according to claim 2, wherein invoking the kernel to store the VRF ID and the PID in a kernel memory specifically comprises:
invoking the kernel to receive the VRF ID and the PID via the first system call;
and calling the kernel to store the VRF and the PID in a kernel memory.
4. The method according to any one of claims 1-3, further comprising:
after an exit instruction for the application program is detected, calling the sub-process to send a deletion request carrying the VRF ID and the PID to the kernel;
and calling the kernel to delete the VRF ID and the PID in the kernel memory.
5. The method according to claim 4, wherein invoking the sub-process to send a delete request carrying the VRF ID and the PID to the kernel specifically includes:
and calling the subprocess to send the VRF ID and the PID to the kernel through a second system call.
6. The method according to claim 5, wherein invoking the kernel to delete the VRF ID and the PID in the kernel memory specifically comprises:
invoking the kernel to receive the VRF ID and the PID via the second system call;
and calling the kernel to search and delete the VRF and the PID in the kernel memory.
7. A device for binding Socket and VRF is applied to network equipment, an operating system of the network equipment comprises a user space and a kernel, and the device is characterized by comprising:
the first calling module is used for calling a management process corresponding to a management program to create a sub-process after detecting that the management program in the user space receives a binding request carrying an application program name and a virtual routing forwarding table (VRF) name;
the second calling module is used for calling the subprocess to analyze the VRF identification ID corresponding to the VRF name and calling the subprocess to send an adding request carrying the VRF ID and the PID of the subprocess to the kernel;
the third calling module is used for calling the kernel to store the VRF ID and the PID in a kernel memory;
the fourth calling module is used for calling the sub-process to analyze the application program identifier corresponding to the application program name and calling the sub-process to start the application program in the user space corresponding to the application program identifier;
the fifth calling module is used for calling the application program to send a Socket creating request carrying the PID and the Socket creating parameter to the kernel;
a sixth calling module, configured to call the kernel to create a Socket corresponding to the application program based on the Socket creation parameter and the PID, and call the kernel to return a description file corresponding to the Socket to the application program;
the sixth calling module is configured to call the kernel to create a Socket corresponding to the application program based on the Socket creation parameter and the PID, and specifically configured to:
calling the kernel to create a Struck Socket structure based on the Socket creation parameters, wherein the field value of the VRF ID field in the Struck Socket structure is default to zero;
calling the kernel to search the PID from the kernel memory;
and calling the kernel to replace the field value of the VRF ID field in the Struck Sock structure body with the found VRF ID corresponding to the PID.
8. The apparatus according to claim 7, wherein the second invoking module is configured to invoke the sub-process to send an add request carrying the VRF ID and the PID of the sub-process to the kernel, and is specifically configured to:
and calling the sub-process to send the VRF ID and the PID to the kernel through a first system call.
9. The apparatus according to claim 8, wherein the third invoking module is configured to invoke the kernel to store the VRF ID and the PID in a kernel memory, and is specifically configured to:
invoking the kernel to receive the VRF ID and the PID via the first system call;
and calling the kernel to store the VRF and the PID in a kernel memory.
10. The apparatus of any of claims 7-9, further comprising:
a seventh calling module, configured to call the sub-process to send a deletion request carrying the VRF ID and the PID to the kernel after detecting an exit instruction for the application program;
and the eighth calling module is used for calling the kernel to delete the VRF ID and the PID in the kernel memory.
11. The apparatus according to claim 10, wherein the seventh invoking module is configured to invoke the sub-process to send a delete request carrying the VRF ID and the PID to the kernel, and is specifically configured to:
and calling the subprocess to send the VRF ID and the PID to the kernel through a second system call.
12. The apparatus according to claim 11, wherein the eighth invoking module is configured to invoke the kernel to delete the VRF ID and the PID in the kernel memory, and is specifically configured to:
invoking the kernel to receive the VRF ID and the PID via the second system call;
and calling the kernel to search and delete the VRF and the PID in the kernel memory.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910605300.5A CN110430132B (en) | 2019-07-05 | 2019-07-05 | Method and device for binding Socket and VRF |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910605300.5A CN110430132B (en) | 2019-07-05 | 2019-07-05 | Method and device for binding Socket and VRF |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN110430132A CN110430132A (en) | 2019-11-08 |
| CN110430132B true CN110430132B (en) | 2021-04-27 |
Family
ID=68410287
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910605300.5A Active CN110430132B (en) | 2019-07-05 | 2019-07-05 | Method and device for binding Socket and VRF |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN110430132B (en) |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101977160A (en) * | 2010-11-30 | 2011-02-16 | 中国人民解放军信息工程大学 | Reconfigurable method for routing protocol software components in reconfigurable route switching platform |
| CN103209127A (en) * | 2012-01-17 | 2013-07-17 | 迈普通信技术股份有限公司 | Method and device for achieving virtual routing and forwarding on basis of Linux system |
| CN103797465A (en) * | 2011-09-14 | 2014-05-14 | 阿尔卡特朗讯 | Method and apparatus for providing isolated virtual space |
| CN104331329A (en) * | 2014-09-30 | 2015-02-04 | 上海斐讯数据通信技术有限公司 | Mobile office security system and method supporting domain management |
| CN109324908A (en) * | 2017-07-31 | 2019-02-12 | 华为技术有限公司 | The vessel isolation method and device of Netlink resource |
Family Cites Families (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8271784B2 (en) * | 2009-10-15 | 2012-09-18 | International Business Machines Corporation | Communication between key manager and storage subsystem kernel via management console |
| CN105939344B (en) * | 2016-04-18 | 2019-10-11 | 杭州迪普科技股份有限公司 | A kind of method for building up and device of TCP connection |
-
2019
- 2019-07-05 CN CN201910605300.5A patent/CN110430132B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101977160A (en) * | 2010-11-30 | 2011-02-16 | 中国人民解放军信息工程大学 | Reconfigurable method for routing protocol software components in reconfigurable route switching platform |
| CN103797465A (en) * | 2011-09-14 | 2014-05-14 | 阿尔卡特朗讯 | Method and apparatus for providing isolated virtual space |
| CN103209127A (en) * | 2012-01-17 | 2013-07-17 | 迈普通信技术股份有限公司 | Method and device for achieving virtual routing and forwarding on basis of Linux system |
| CN104331329A (en) * | 2014-09-30 | 2015-02-04 | 上海斐讯数据通信技术有限公司 | Mobile office security system and method supporting domain management |
| CN109324908A (en) * | 2017-07-31 | 2019-02-12 | 华为技术有限公司 | The vessel isolation method and device of Netlink resource |
Also Published As
| Publication number | Publication date |
|---|---|
| CN110430132A (en) | 2019-11-08 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11003480B2 (en) | Container deployment method, communication method between services, and related apparatus | |
| CN110535831B (en) | Kubernetes and network domain-based cluster security management method and device and storage medium | |
| CN104734931B (en) | Link establishing method and device between a kind of virtual network function | |
| CN104410672B (en) | Method, the method and device of forwarding service of network function virtualization applications upgrading | |
| US9183008B2 (en) | Method and system for starting application program in Linux container | |
| US11640315B2 (en) | Multi-site virtual infrastructure orchestration of network service in hybrid cloud environments | |
| WO2019184164A1 (en) | Method for automatically deploying kubernetes worker node, device, terminal apparatus, and readable storage medium | |
| US10673716B1 (en) | Graph-based generation of dependency-adherent execution plans for data center migrations | |
| CN112003961B (en) | Resource exposure method, system, equipment and medium in kubernets | |
| US11343161B2 (en) | Intelligent distributed multi-site application placement across hybrid infrastructure | |
| US20170373931A1 (en) | Method for updating network service descriptor nsd and apparatus | |
| CN109075986B (en) | Network function instance management method and related equipment | |
| CN113419815B (en) | Method, system, equipment and medium for pre-starting operation environment installation | |
| US10084652B2 (en) | Customizing network configuration of virtual machines using subnet mapping rules | |
| US20150089292A1 (en) | Virtual machine test system, virtual machine test method | |
| US12035231B2 (en) | Virtualization management method and apparatus | |
| US20180004563A1 (en) | Orchestrator apparatus, system, virtual machine creation method, and computer-readable recording medium | |
| US11755383B2 (en) | Hybrid inventory data summarization using various input schema across hybrid cloud infrastructure | |
| WO2020232887A1 (en) | Configuration modification method and apparatus for container application, and computer device and storage medium | |
| CN113810230A (en) | Method, device and system for carrying out network configuration on containers in container cluster | |
| CN113037891B (en) | Access method and device for stateful application in edge computing system and electronic equipment | |
| CN113110864A (en) | Application program updating method and device and storage medium | |
| CN112311669B (en) | Network service switching method, device, system and storage medium | |
| EP3439249A1 (en) | Network system, management method and device for same, and server | |
| US10652283B1 (en) | Deriving system architecture from security group relationships |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |