CN110460599B - Method for realizing one-way transmission based on multi-level cache and main/standby mechanism - Google Patents

Method for realizing one-way transmission based on multi-level cache and main/standby mechanism Download PDF

Info

Publication number
CN110460599B
CN110460599B CN201910742496.2A CN201910742496A CN110460599B CN 110460599 B CN110460599 B CN 110460599B CN 201910742496 A CN201910742496 A CN 201910742496A CN 110460599 B CN110460599 B CN 110460599B
Authority
CN
China
Prior art keywords
file
receiving
main
standby
data
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201910742496.2A
Other languages
Chinese (zh)
Other versions
CN110460599A (en
Inventor
孙涛
尹浩
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Changzhou Hualong Communication Technology Co ltd
Original Assignee
Changzhou Hualong Communication Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Changzhou Hualong Communication Technology Co ltd filed Critical Changzhou Hualong Communication Technology Co ltd
Priority to CN201910742496.2A priority Critical patent/CN110460599B/en
Publication of CN110460599A publication Critical patent/CN110460599A/en
Application granted granted Critical
Publication of CN110460599B publication Critical patent/CN110460599B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/06Management of faults, events, alarms or notifications
    • H04L41/0654Management of faults, events, alarms or notifications using network fault recovery
    • H04L41/0663Performing the actions predefined by failover planning, e.g. switching to standby network elements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/08Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters
    • H04L43/0805Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters by checking availability
    • H04L43/0817Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters by checking availability by checking functioning
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/10Active monitoring, e.g. heartbeat, ping or trace-route
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L49/00Packet switching elements
    • H04L49/90Buffering arrangements
    • H04L49/9015Buffering arrangements for supporting a linked list
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/16Implementation or adaptation of Internet protocol [IP], of transmission control protocol [TCP] or of user datagram protocol [UDP]
    • H04L69/164Adaptation or special uses of UDP protocol
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/104Peer-to-peer [P2P] networks
    • H04L67/1074Peer-to-peer [P2P] networks for supporting data block transmission mechanisms
    • H04L67/1078Resource delivery mechanisms
    • H04L67/108Resource delivery mechanisms characterised by resources being split in blocks or fragments

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Environmental & Geological Engineering (AREA)
  • Health & Medical Sciences (AREA)
  • Cardiology (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Security & Cryptography (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention relates to the technical field of data transmission, in particular to a method for realizing one-way transmission based on multi-level cache and a main and standby mechanism. According to the invention, on the basis of adopting a one-way transmission component, a multi-level memory caching mode is utilized, and a ferrying and proxy technology of a traditional safety isolation technology is combined, so that the information is transmitted and controlled in real time to the maximum extent while the one-way transmission of the information is ensured, a memory layout mode is optimized by utilizing a direct memory and combining technical means such as an array, a pointer, a hash, a linked list, a distributed mode, a main standby mode and the like, the problems of multi-thread random reading and overtime memory overflow are solved, and meanwhile, a distributed thread pool is used for filtering data, so that the data processing capacity is improved.

Description

Method for realizing one-way transmission based on multi-level cache and main/standby mechanism
Technical Field
The invention relates to the technical field of data transmission, in particular to a method for realizing one-way transmission based on a multi-level cache and a main/standby mechanism.
Background
With the rapid development of information technology, the life and working modes of people are greatly changed, the large-scale application of information networks greatly improves the office efficiency, China has built a digital network with a considerable scale after years of construction, but with the continuous popularization of networks, the security problems are increased day by day, the network and information security problems become major hidden dangers threatening the security of the country and the government, with the continuous understanding and understanding of the security problems, especially for the protection of secret-related information, China has already mentioned the information security construction to a considerable height, the connection of an internal secret-related network and an external public network brings serious security problems, such as virus destruction, hacker intrusion and the like, while the firewall, the proxy server, intrusion detection and other security products are realized by logical isolation based on software, and can not meet the physical isolation security requirements between a high-level network department and other networks, therefore, how to control the data flow from the physical layer becomes a problem to be solved urgently.
When data exchange is carried out between a high-security network and a low-security network, how to ensure the self-security of the high-security network and prevent information leakage is very important, when the one-way transmission function of a file is realized, gigabit network transmission and a UDP (user Datagram protocol) transmission protocol are generally used, because the UDP protocol is a connectionless protocol, the reliability is low, and through the traditional technical means, the mutual parameters are asymmetric due to the fact that the UDP protocol is excessively dependent on the conditions of network speed, hard disk speed, CPU dominant frequency and the like, so that the problems of data processing blockage, data loss and the like on one side can be caused.
Disclosure of Invention
Technical problem to be solved
Aiming at the defects of the prior art, the invention provides a method for realizing one-way transmission based on multi-level cache and a main/standby mechanism, which has the advantages of real-time transmission and controllability of information and solves the problems of data processing blockage and data loss on one part caused by asymmetry of parameters caused by excessive dependence on conditions such as network speed, hard disk speed, CPU (central processing unit) main frequency and the like in the traditional technical means.
(II) technical scheme
In order to realize the technical problem, the invention provides a method for realizing one-way transmission based on multi-level cache and a main and standby mechanism, which comprises a sending server and a main and standby receiving server, wherein the sending server divides a file into small sections, codes a section serial number, assembles each small section into a UDP data packet, fills a file name, a file MD5 value, a serial number and the total packet number, and respectively sends the file name, the file MD5 value, the serial number and the total packet number to the main and standby receiving servers through two network cards;
the processing flow of the main and standby receiving servers is as follows:
s1, the master and backup receiving server receives the data sent by the sending server;
s2, formatting main and standby receiving server memories, allocating 4G space memories to be used for caching by each server, formatting the 4G memory spaces according to a structure, and compiling a structure address, wherein the structure comprises a file name, a file MD5, a sequence number, the total packet number and time;
s3, creating a receiving process, wherein the main receiving server and the standby receiving server respectively create the receiving process for receiving data from the sending server;
s4, after receiving UDP data packets, according to the file MD5 value and packet sequence number of each packet, calculating a hash value, namely the corresponding address of the pre-formatted memory, if the address is used, using the next address, if 10 continuous addresses are used, creating a dynamic linked list on the 10 th address;
s5, the receiving process creates a thread after receiving the first data packet of each file;
s6, queue log processes are respectively started on two servers, work tasks are the same, contents are completely synchronous, the two processes judge the main process and the standby process in a heartbeat mode, when the main process is abnormal, the standby process immediately raises the main process, and unfinished work is continued;
and S7, after the file is accepted, firstly, checking whether the processed same file name and MD5 exist in the log, directly deleting the file name and the MD5, and writing the file name and the MD5 into the queue after the log is not written.
And S8, the two filtering thread pools are used for reading the file which is received and needs to be filtered by the de-queue log process, and writing the file into the region to be read after performing antivirus, keyword filtering, feature code matching and other work, so that the forwarding of one file is completed.
Further, in the process of step S4, when the corresponding memory receives data, the UDP buffer does not overflow, and the UDP buffer is directly expanded to a hundred megabytes or more.
Further, in step S5, the thread first creates a file, which has only the read/write permission of the designated user and no executable permission, and thus prevents unexpected execution. And the thread calculates the memory address according to the MD5 value and the sequence number of the file, receives the data packets one by one in sequence, and writes the data packets into the queue log process after all the data packets are completely received and the MD5 value is calculated to be correct. If one data packet is overtime, the file stops receiving, the thread exits, the resource is recycled, the data written into the memory is overtime, and the next writing is not influenced.
(III) advantageous effects
The invention provides a method for realizing one-way transmission based on a multi-level cache and a main/standby mechanism, which has the following beneficial effects:
1. according to the method for realizing the one-way transmission based on the multi-level cache and the main and standby mechanism, the requirement of one-way isolation can be met in the aspects of realizing one-way control, high efficiency, stability and economy in the aspect of optical fiber transmission, meanwhile, on the basis of adopting a one-way transmission component, the real-time transmission and the controllability of information are realized to the maximum extent while the one-way transmission of the information is ensured by utilizing a multi-level memory cache mode and combining a ferrying and proxy technology of the traditional safety isolation technology.
2. The method for realizing one-way transmission based on the multi-level cache and the main and standby mechanisms optimizes a memory layout mode by utilizing a direct memory and combining technical means such as an array, a pointer, a hash, a linked list, a distributed mode, a main and standby mode and the like, solves the problems of multithreading random reading and overtime memory overflow, increases the main and standby modes, reduces an emergency processing mechanism when unilateral faults and data are abnormal, filters data by using a distributed thread pool in the process, and improves the data processing capacity.
Drawings
FIG. 1 is a flow chart of the structure of the present invention;
FIG. 2 is a flow chart of the process of the primary/standby receiving server according to the present invention
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Referring to fig. 1-2, a method for implementing unidirectional transmission based on multi-level cache and a primary/secondary mechanism includes a sending server and a primary/secondary receiving server, where the sending server divides a file into segments, codes segment numbers, assembles each segment into a UDP packet, fills a file name, a file MD5 value, a sequence number, and a total packet number, and sends the UDP packet to the primary/secondary receiving server through two network cards.
The processing flow of the main and standby receiving servers is as follows:
and S1, the master receiving server receives the data sent by the sending server.
S2, formatting main and standby receiving server memories, allocating 4G space memories for caching by each server, formatting the 4G memory spaces according to a structure, and compiling a structure address, wherein the structure comprises a file name, a file MD5, a sequence number, the total packet number, time and related marks.
And S3, creating a receiving process, wherein the main receiving server and the standby receiving server respectively create the receiving process for receiving the data from the sending server.
S4, after receiving UDP data packets, according to the MD5 value and packet sequence number of each packet, calculating a hash value, namely the corresponding address of the pre-formatted memory, if the address is used, using the next address, if 10 continuous addresses are used, creating a dynamic linked list on the 10 th address, thus writing the data into the corresponding memory, avoiding overflow of UDP buffer, and directly expanding the UDP buffer area to more than hundred megabytes.
S5, the receiving process creates a thread after receiving the first data packet of each file, the thread first creates a file, the file only has the read-write permission of the designated user, but has no executable permission, and the accidental execution is prevented. And the thread calculates the memory address according to the MD5 value and the sequence number of the file, receives the data packets one by one in sequence, and writes the data packets into the queue log process after all the data packets are completely received and the MD5 value is calculated to be correct. If one data packet is overtime, the file stops receiving, the thread exits, the resource is recycled, the data written into the memory is overtime, and the next writing is not influenced.
And S6, the queue log processes are respectively started on the two servers, the work tasks are the same, the contents are completely synchronous, the two processes judge the main process and the standby process in a heartbeat mode, and when the main process is abnormal, the standby process immediately raises the main process and continues unfinished work.
And S7, after the file is accepted, firstly, checking whether the processed same file name and MD5 exist in the log, directly deleting the file name and the MD5, and writing the file name and the MD5 into the queue after the log is not written.
And S8, the two filtering thread pools are used for reading the file which is received and needs to be filtered by the de-queue log process, and writing the file into the region to be read after performing antivirus, keyword filtering, feature code matching and other work, so that the forwarding of one file is completed.
In summary, according to the method for realizing unidirectional transmission based on the multi-level cache and the main/standby mechanism, the optical fiber transmission can meet the requirement of unidirectional isolation in the aspects of realizing unidirectional control, high efficiency, stability and economy, and meanwhile, on the basis of adopting a unidirectional transmission component, the real-time transmission and the controllability of information are realized to the maximum extent while the unidirectional transmission of the information is ensured by utilizing a multi-level memory cache mode and combining a ferry-ferrying-plus-proxy technology of the traditional safety isolation technology.
The method for realizing one-way transmission based on the multi-level cache and the main and standby mechanisms optimizes a memory layout mode by utilizing a direct memory and combining technical means such as an array, a pointer, a hash, a linked list, a distributed mode, a main and standby mode and the like, solves the problems of multithreading random reading and overtime memory overflow, increases the main and standby modes, reduces an emergency processing mechanism when unilateral faults and data are abnormal, filters data by using a distributed thread pool in the process, and improves the data processing capacity.
It is noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus.
Although embodiments of the present invention have been shown and described, it will be appreciated by those skilled in the art that changes, modifications, substitutions and alterations can be made in these embodiments without departing from the principles and spirit of the invention, the scope of which is defined in the appended claims and their equivalents.

Claims (3)

1. A method for realizing one-way transmission based on multi-level cache and a main/standby mechanism is characterized in that: the method comprises the steps that a file is divided into small sections by the sending server, the serial numbers of the small sections are coded, each small section is assembled into a UDP data packet, the file name, the MD5 value, the serial numbers and the total packet number are filled, and the file name, the MD5 value, the serial numbers and the total packet number are respectively sent to the main receiving server and the standby receiving server through two network cards;
the processing flow of the main and standby receiving servers is as follows:
s1, the master and backup receiving server receives the data sent by the sending server;
s2, formatting main and standby receiving server memories, allocating 4G space memories to be used for caching by each server, formatting the 4G memory spaces according to a structure, and compiling a structure address, wherein the structure comprises a file name, a file MD5, a sequence number, the total packet number and time;
s3, creating a receiving process, wherein the main receiving server and the standby receiving server respectively create the receiving process for receiving data from the sending server;
s4, after receiving UDP data packets, according to the file MD5 value and packet sequence number of each data packet, calculating a hash value, namely the address of the corresponding pre-formatted memory, if the address is used, using the next address, if 10 continuous addresses are used, creating a dynamic linked list on the 10 th address;
s5, the receiving process creates a thread after receiving the first data packet of each file;
s6, queue log processes are respectively started on two servers, work tasks are the same, contents are completely synchronous, the two processes judge the main process and the standby process in a heartbeat mode, when the main process is abnormal, the standby process immediately raises the main process, and unfinished work is continued;
s7, after the file is received, firstly checking whether the processed same file name and MD5 exist in the log, if so, directly deleting the file name and MD5 without writing the log, and then writing the file into the queue;
and S8, two filtering thread pools, wherein the file which is received and needs to be filtered is taken by the de-queue log process, and the file is sterilized, filtered by key words, written into the region to be taken after the matching work of the feature codes, and the forwarding of one file is completed.
2. The method according to claim 1, wherein the method comprises: in the process of step S4, when the corresponding memory receives data, the UDP buffer does not overflow, and the UDP buffer is directly expanded to a hundred megabytes space.
3. The method according to claim 1, wherein the method comprises: in step S5, the thread first creates a file, which only has the read-write permission of the designated user and no executable permission, and prevents unexpected execution; the thread calculates the memory address according to the MD5 value and the serial number of the file, receives the data packets one by one in sequence, and writes the data packets into a queue log process after all the data packets are completely received and the MD5 value is calculated to be correct; if one data packet is overtime, the file stops receiving, the thread exits, the resource is recycled, the data written into the memory is overtime, and the next writing is not influenced.
CN201910742496.2A 2019-08-13 2019-08-13 Method for realizing one-way transmission based on multi-level cache and main/standby mechanism Active CN110460599B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910742496.2A CN110460599B (en) 2019-08-13 2019-08-13 Method for realizing one-way transmission based on multi-level cache and main/standby mechanism

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910742496.2A CN110460599B (en) 2019-08-13 2019-08-13 Method for realizing one-way transmission based on multi-level cache and main/standby mechanism

Publications (2)

Publication Number Publication Date
CN110460599A CN110460599A (en) 2019-11-15
CN110460599B true CN110460599B (en) 2021-11-09

Family

ID=68486132

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910742496.2A Active CN110460599B (en) 2019-08-13 2019-08-13 Method for realizing one-way transmission based on multi-level cache and main/standby mechanism

Country Status (1)

Country Link
CN (1) CN110460599B (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110912669A (en) * 2019-11-15 2020-03-24 珠海市新德汇信息技术有限公司 Two-channel data transmission method based on file stream and data stream
CN112003992A (en) * 2020-08-14 2020-11-27 迅镭智能(广州)科技有限公司 Transmission system and method based on scanning gun

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101989916A (en) * 2009-08-04 2011-03-23 西安交大捷普网络科技有限公司 Separating multi-stage buffer network content filtering system and method
CN102035843A (en) * 2010-12-17 2011-04-27 北京锐安科技有限公司 System and method for transmitting data in one direction
US8589953B1 (en) * 2010-08-06 2013-11-19 Open Invention Network, Llc System and method for transparent consistent application-replication of multi-process multi-threaded applications
CN105656902A (en) * 2016-01-15 2016-06-08 深圳市利谱信息技术有限公司 One-way reliable transmission and control system based on light transmission
CN106850156A (en) * 2016-11-28 2017-06-13 深圳市鑫之淼科技有限公司 No-feedback one-way data transmission set and transmission method based on network interface
CN106992856A (en) * 2017-03-29 2017-07-28 山西大学 The data coordinating method of extensive continuous variable quantum key distribution based on GPU

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101989916A (en) * 2009-08-04 2011-03-23 西安交大捷普网络科技有限公司 Separating multi-stage buffer network content filtering system and method
US8589953B1 (en) * 2010-08-06 2013-11-19 Open Invention Network, Llc System and method for transparent consistent application-replication of multi-process multi-threaded applications
CN102035843A (en) * 2010-12-17 2011-04-27 北京锐安科技有限公司 System and method for transmitting data in one direction
CN105656902A (en) * 2016-01-15 2016-06-08 深圳市利谱信息技术有限公司 One-way reliable transmission and control system based on light transmission
CN106850156A (en) * 2016-11-28 2017-06-13 深圳市鑫之淼科技有限公司 No-feedback one-way data transmission set and transmission method based on network interface
CN106992856A (en) * 2017-03-29 2017-07-28 山西大学 The data coordinating method of extensive continuous variable quantum key distribution based on GPU

Also Published As

Publication number Publication date
CN110460599A (en) 2019-11-15

Similar Documents

Publication Publication Date Title
KR102226257B1 (en) Method and device for writing service data to a blockchain system
US20200265009A1 (en) Blockchain-based data migration method and apparatus
CN107391628B (en) Data synchronization method and device
CN110460599B (en) Method for realizing one-way transmission based on multi-level cache and main/standby mechanism
CN107391758B (en) Database switching method, device and equipment
JP6170512B2 (en) Mediation of disk ownership in a storage pool
EP2863310B1 (en) Data processing method and apparatus, and shared storage device
WO2020038105A1 (en) Blockchain-based data storage method and apparatus
WO2015158194A1 (en) Dns security system and method thereof for processing a failure
TW201800967A (en) Method and device for processing distributed streaming data
EP4332870A1 (en) Transaction data processing method and apparatus, computer device and storage medium
WO2019160128A1 (en) Method for validating transaction in blockchain network and node for configuring same network
CN106155839B (en) A kind of method and apparatus for Backup Data
CN103685304A (en) Method and system for sharing session information
US20160026699A1 (en) Method for Synchronization of UGC Master and Backup and System Thereof, and Computer Storage Medium
CN110474870B (en) Block chain-based network active defense method and system and computer readable storage medium
WO2015149629A1 (en) Dns behavior processing method, device and system
WO2021012932A1 (en) Transaction rollback method and device, database, system, and computer storage medium
CN113568981B (en) Transaction data processing method, device, equipment and medium
KR20190130933A (en) Method and apparatus for constructing data based blockchain
CN111935211A (en) Method, equipment and medium for improving main chain performance by adopting side chain based on block chain
JP6467540B1 (en) Method for verifying transactions in a blockchain network and nodes for configuring the network
Wang et al. Data Security Storage Model of the Internet of Things Based on Blockchain.
CN112765137B (en) Block synchronization method based on block distributed block chain and electronic equipment
CN117591038A (en) Data access method, device, distributed storage system, equipment and medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant