CN110493095B - VPN service processing method, device, server and storage medium - Google Patents
VPN service processing method, device, server and storage medium Download PDFInfo
- Publication number
- CN110493095B CN110493095B CN201910684022.7A CN201910684022A CN110493095B CN 110493095 B CN110493095 B CN 110493095B CN 201910684022 A CN201910684022 A CN 201910684022A CN 110493095 B CN110493095 B CN 110493095B
- Authority
- CN
- China
- Prior art keywords
- vpn client
- vpn
- heartbeat
- time
- client
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/46—Interconnection of networks
- H04L12/4641—Virtual LANs, VLANs, e.g. virtual private networks [VPN]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/50—Network services
- H04L67/60—Scheduling or organising the servicing of application requests, e.g. requests for application data transmissions using the analysis and optimisation of the required network resources
- H04L67/63—Routing a service request depending on the request content or context
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The embodiment of the invention relates to a processing method, a device, a server and a storage medium of VPN service, wherein the method is used in the server, the server establishes long connection with a plurality of first VPN clients, and the method comprises the following steps: establishing a long connection with a second VPN client; receiving network configuration parameters sent by the second VPN client; distributing the first VPN client conforming to the network configuration parameters to the second VPN client as a target VPN client; receiving a service request sent by the second VPN client; and sending the service request to the target VPN client so as to execute the service request under the condition of the network configuration parameters. When the IP address is switched, the client of the proxy can be switched by appointing the network configuration parameters, and the installation cost of the client is lower than the cost of deploying the proxy server, so that the cost of switching the IP address is reduced.
Description
Technical Field
The present invention relates to the field of communications technologies, and in particular, to a method, an apparatus, a server, and a storage medium for processing a VPN service.
Background
A VPN (Virtual Private Network) is a Private Network established on a public Network to perform encrypted communication, and can be implemented in various ways such as a server, hardware, and software.
The VPN has wide application in enterprise networks, a VPN client can be accessed to a remote network through a VPN gateway, identity authentication is realized on the VPN gateway, and then the network is accessed through the VPN gateway, so that remote or off-site office is realized.
In some cases, when a VPN client switches an IP (Internet Protocol ) address, a proxy server needs to be deployed in a region to which the IP address belongs in advance, which is relatively high in cost.
Disclosure of Invention
The embodiment of the invention provides a processing method, a processing device, a server and a storage medium of a VPN service, and aims to solve the problem that cost is high because a proxy server needs to be deployed when an IP address is switched by a VPN.
In a first aspect, an embodiment of the present invention provides a method for processing a VPN service, where the method is applied in a server, and the server establishes long connections with multiple first VPN clients, where the method includes:
establishing a long connection with a second VPN client;
receiving network configuration parameters sent by the second VPN client;
distributing the first VPN client conforming to the network configuration parameters to the second VPN client as a target VPN client;
receiving a service request sent by the second VPN client;
and sending the service request to the target VPN client so as to execute the service request under the condition of the network configuration parameters.
Optionally, the network configuration parameter includes at least one of:
country, network type.
Optionally, the method further comprises:
receiving a service result which is sent by the target VPN client and obtained by executing the service request;
and sending the service result to the second VPN client.
Optionally, the receiving the service request sent by the second VPN client includes:
receiving a service request sent by the second VPN client through a virtual network card;
the sending the service result to the second VPN client includes:
and sending the service result to the virtual network card of the second VPN client.
Optionally, the method further comprises:
disconnecting the long connection with the second VPN client;
releasing the target VPN client for the second VPN client.
Optionally, the method further comprises:
determining a heartbeat time suitable for the first VPN client and/or the second VPN client;
and executing heartbeat operation with the first VPN client and/or the second VPN client at intervals of the heartbeat time.
Optionally, the determining a heartbeat time suitable for the first VPN client and/or the second VPN client comprises:
determining a first time value and a second time value, wherein the first time value is smaller than the second time value;
calculating an average value between the first time value and the second time value as a heartbeat time;
judging whether the difference value between the current heartbeat time and the previous heartbeat time is smaller than a preset threshold value or not;
if yes, determining that the current heartbeat time is valid;
if not, executing heartbeat operation with the first VPN client and/or the second VPN client according to the heartbeat time;
if the heartbeat packet sent by the first VPN client and/or the second VPN client is received before the heartbeat is overtime, setting the average value as a new first time value, and returning to execute the determination of the first time value and the second time value;
and if the heartbeat packet sent by the first VPN client and/or the second VPN client is not received before the heartbeat timeout, setting the average value as a new second time value, and returning to execute the determination of the first time value and the second time value.
In a second aspect, an embodiment of the present invention further provides a device for processing a VPN service, where the device is applied in a server, and the server establishes long connections with multiple first VPN clients, and the device includes:
the long connection establishing module is used for establishing long connection with the second VPN client;
a network configuration parameter receiving module, configured to receive the network configuration parameter sent by the second VPN client;
a client allocation module, configured to allocate a first VPN client that meets the network configuration parameter to a second VPN client as a target VPN client;
a service request receiving module, configured to receive a service request sent by the second VPN client;
and the service request sending module is used for sending the service request to the target VPN client so as to execute the service request under the condition of the network configuration parameters.
Optionally, the network configuration parameter includes at least one of:
country, network type.
Optionally, the method further comprises:
a service result receiving module, configured to receive a service result obtained by executing the service request and sent by the target VPN client;
and the service result sending module is used for sending the service result to the second VPN client.
Optionally, the service request receiving module is further configured to:
receiving a service request sent by the second VPN client through a virtual network card;
the service result receiving module is further configured to:
and sending the service result to the virtual network card of the second VPN client.
Optionally, the method further comprises:
a long connection disconnection module for disconnecting the long connection with the second VPN client;
a client release module for releasing the target VPN client for the second VPN client.
Optionally, the method further comprises:
a heartbeat time determination module for determining a heartbeat time suitable for the first VPN client and/or the second VPN client;
and the heartbeat operation execution module is used for executing heartbeat operation with the first VPN client and/or the second VPN client at intervals of the heartbeat time.
Optionally, the heartbeat time determination module is further configured to:
determining a first time value and a second time value, wherein the first time value is smaller than the second time value;
calculating an average value between the first time value and the second time value as a heartbeat time;
judging whether the difference value between the current heartbeat time and the previous heartbeat time is smaller than a preset threshold value or not;
if yes, determining that the current heartbeat time is valid;
if not, executing heartbeat operation with the first VPN client and/or the second VPN client according to the heartbeat time;
if the heartbeat packet sent by the first VPN client and/or the second VPN client is received before the heartbeat is overtime, setting the average value as a new first time value, and returning to execute the determination of the first time value and the second time value;
and if the heartbeat packet sent by the first VPN client and/or the second VPN client is not received before the heartbeat timeout, setting the average value as a new second time value, and returning to execute the determination of the first time value and the second time value.
In a third aspect, an embodiment of the present invention further provides a server, where the server includes:
one or more processors;
a memory for storing one or more programs;
when executed by the one or more processors, the one or more programs cause the one or more processors to implement the processing method for VPN traffic according to any of the first aspects.
In a fourth aspect, an embodiment of the present invention further provides a computer-readable storage medium, on which a computer program is stored, where the computer program, when executed by a processor, implements the processing method for the VPN service according to any one of the first aspects.
In the embodiment of the invention, the server establishes long connection with a plurality of first VPN clients, establishes long connection with a second VPN client, receives network configuration parameters sent by the second VPN client, distributes the first VPN clients meeting the network configuration parameters to the second VPN client as target VPN clients, receives a service request sent by the second VPN client, and sends the service request to the target VPN client so as to execute the service request under the condition of the network configuration parameters.
Drawings
Fig. 1 is a flowchart of a processing method for a VPN service according to an embodiment of the present invention;
fig. 2 is a flowchart of a processing method of a VPN service according to a second embodiment of the present invention;
fig. 3 is a schematic structural diagram of a processing apparatus of a VPN service according to a third embodiment of the present invention;
fig. 4 is a schematic structural diagram of a server according to a fourth embodiment of the present invention.
Detailed Description
The present invention will be described in further detail with reference to the accompanying drawings and examples. It is to be understood that the specific embodiments described herein are merely illustrative of the invention and are not limiting of the invention. It should be further noted that, for the convenience of description, only some of the structures related to the present invention are shown in the drawings, not all of the structures.
Example one
Fig. 1 is a flowchart of a processing method for a VPN service according to an embodiment of the present invention, where the present embodiment is applicable to a case where a network request is executed through a VPN client, and the method may be executed by a processing device for the VPN service, where the processing device for the VPN service may be implemented by software and/or hardware, and may be configured in a server of the VPN, and the method specifically includes the following steps:
s101, long connection is established with the second VPN client.
In a specific implementation, the method and the system can be applied to a server of the VPN, the server can establish long connection with a plurality of client sides applying the VPN, and a first VPN client side and a second VPN client side belong to the client sides in the embodiment of the invention.
The client may be installed in an operating system such as Android (Android), iOS, and the like, where Android is taken as an example, the client may refer to an SDK (Software Development Kit) jar package implemented by Java, and the client may access other applications, so as to proxy a service request of the application for a network service.
It should be noted that a certain client may serve as a first VPN client to proxy a service request of another client, and the client may also serve as a second VPN client to request another client to proxy a service request of the client.
A long connection means that a plurality of packets can be transmitted continuously over one connection, and if no packet is transmitted during the connection hold period, a link check packet needs to be transmitted in both directions.
Taking HTTP (Hyper Text Transport Protocol) as an example, HTTP belongs to an application layer Protocol, a TCP (Transmission Control Protocol) Protocol is used in a Transport layer, and an IP Protocol is used in a network layer. The IP protocol mainly solves the problems of network routing and addressing, and the TCP protocol mainly solves how to reliably transfer data packets above the IP layer, so that all packets sent by a sender are received by a receiver on the network, and the order is consistent with the sending order. The TCP protocol is reliable, connection-oriented.
In the case of using a long connection, after a communication interaction is completed, the TCP connection for transmitting HTTP data between the client and the server is not closed, and the client continues to use the established connection when accessing the server again.
In the embodiment of the invention, after the second VPN client is initialized, a connection request is sent to the server, and after the connection is successful, the second VPN client keeps long connection with the server so as to carry out communication.
And S102, receiving the network configuration parameters sent by the second VPN client.
In an embodiment of the invention, the second VPN client specifies to the server the required network configuration parameters, which may be used to represent the desired network environment.
In one example, the network configuration parameters include at least one of:
country (e.g., usa, brazil, etc.), network type (e.g., 5G, 4G, 3G, Wi-Fi, etc.).
Of course, the network configuration parameters are only examples, and when the embodiment of the present invention is implemented, other network configuration parameters, such as an operating system (e.g., Android, iOS, etc.), a device type (e.g., a mobile phone, a tablet, etc.), etc., may be set according to an actual situation, which is not limited in this embodiment of the present invention. In addition, besides the above network configuration parameters, those skilled in the art may also adopt other network configuration parameters according to actual needs, and the embodiment of the present invention is not limited thereto.
S103, the first VPN client conforming to the network configuration parameters is taken as a target VPN client and distributed to the second VPN client.
In the embodiment of the invention, after the application accessed to the first VPN client is initialized successfully, a connection request is initiated to the server, and after the connection is successful, the basic information of the first VPN client, such as the country, the network type, the operating system, the equipment type and the like, is reported to the server.
Therefore, the server establishes long connections with the plurality of first VPN clients, and stores the first VPN clients to the connection pool.
After the second VPN client specifies the network configuration parameters, the server screens out the first VPN client conforming to the network configuration parameters from the connection pool and informs the second VPN client that the matching is successful, and at the moment, the first VPN client can be regarded as a target VPN client.
And if the server does not find the first VPN client conforming to the network configuration parameters, the second VPN client is informed to wait until the first VPN client conforming to the specified network configuration parameters of the second VPN client appears.
And S104, receiving the service request sent by the second VPN client.
In a specific implementation, the second VPN client invokes a VPN service provided by the operating system to forward real network card data to the virtual network card, and implements TCP \ IP protocol analysis, thereby proxying a service request, such as an access web page, of the application demand network accessing the second VPN client.
In contrast, the server may receive a service request sent by the second VPN client through the virtual network card.
S105, sending the service request to the target VPN client so as to execute the service request under the condition of the network configuration parameters.
In a specific implementation, the server forwards the service request of the second VPN client to the target VPN client, and the target VPN client executes the service request by acting on the second VPN client under the condition of the network configuration parameter.
In the embodiment of the invention, the server establishes long connection with a plurality of first VPN clients, establishes long connection with a second VPN client, receives network configuration parameters sent by the second VPN client, distributes the first VPN clients meeting the network configuration parameters to the second VPN client as target VPN clients, receives a service request sent by the second VPN client, and sends the service request to the target VPN client so as to execute the service request under the condition of the network configuration parameters.
Example two
Fig. 2 is a flowchart of a processing method for VPN service according to a second embodiment of the present invention, where the present embodiment further adds a processing operation of adjusting heartbeat time by bisection based on the foregoing embodiment, and a server establishes long connections with multiple first VPN clients, where the method specifically includes the following steps:
s201, long connection is established with the second VPN client.
S202, receiving the network configuration parameters sent by the second VPN client.
S203, the first VPN client conforming to the network configuration parameters is taken as a target VPN client to be distributed to the second VPN client.
And S204, receiving a service request sent by the second VPN client.
S205, sending the service request to the target VPN client, so as to execute the service request under the condition of the network configuration parameter.
S206, receiving a service result which is sent by the target VPN client and obtained by executing the service request.
And S207, sending the service result to the second VPN client.
And after the target VPN client executes the service request of the required network, the obtained service result is sent back to the server, and the server analyzes the returned service result by the second VPN client and sends back to the virtual network card.
That is, the server may send the service result to the virtual network card of the second VPN client.
S208, determining a heartbeat time suitable for the first VPN client and/or the second VPN client.
In a specific implementation, the server may adaptively adjust a heartbeat time for performing a heartbeat operation with the first VPN client and/or the second VPN client according to a network connection condition with the first VPN client and/or the second VPN client.
The server automatically selects the optimal heartbeat time according to different devices and routes of the mobile terminal, stably maintains long connection, and can save electricity for applications accessed to the first VPN client and/or the second VPN client.
In one embodiment, the optimal heartbeat time may be determined by a reverse binary search.
Further, a first time value and a second time value are determined, the first time value is smaller than the second time value, the first time value is initially a default minimum time value, and the second time value is initially a default maximum time value.
And calculating the average value between the first time value and the second time value as the heartbeat time.
And judging whether the difference value between the current heartbeat time and the previous heartbeat time is smaller than a preset threshold value, such as 5 s.
And if so, determining that the current heartbeat time is effective and is the optimal heartbeat time.
And if not, executing heartbeat operation with the first VPN client and/or the second VPN client according to the heartbeat time.
If the heartbeat packet sent by the first VPN client and/or the second VPN client is received before the heartbeat is overtime, the heartbeat time may be extended, the average value is set as a new first time value, the determination of the first time value and the second time value is returned, and the probing is performed again.
And before the heartbeat is overtime, the heartbeat packet sent by the first VPN client and/or the second VPN client is not received, the heartbeat time can be shortened, the average value is set as a new second time value, the first time value and the second time value are determined by returning, and probing is carried out again.
And S209, executing heartbeat operation with the first VPN client and/or the second VPN client at intervals of the heartbeat time.
In a specific implementation, the heartbeat operation may refer to that the first VPN client and/or the second VPN client sends a heartbeat packet to the server every other heartbeat time, and the server replies the same heartbeat packet to the client after receiving the heartbeat packet.
If neither the server nor the client (first VPN client and/or second VPN client) receives any message including a heartbeat packet within a specified time (typically greater than the heartbeat time), i.e. a heartbeat timeout, it can be considered that the long connection between the server and the client (first VPN client and/or second VPN client) has been broken.
The server removes a first VPN client from the connection pool upon detecting a long connection disconnection with the first VPN client, and does not allocate the first VPN client to a second VPN client as a target VPN client.
S210, disconnecting the long connection with the second VPN client.
S211, releasing the target VPN client aiming at the second VPN client.
And when the second VPN client does not need to proxy any more, sending an instruction to the server, and enabling the server to carry out long connection between the second VPN clients, release the target VPN client and return the target VPN client to the connection pool.
It should be noted that, for simplicity of description, the method embodiments are described as a series of acts or combination of acts, but those skilled in the art will recognize that the present invention is not limited by the illustrated order of acts, as some steps may occur in other orders or concurrently in accordance with the embodiments of the present invention. Further, those skilled in the art will appreciate that the embodiments described in the specification are presently preferred and that no particular act is required to implement the invention.
EXAMPLE III
Fig. 3 is a schematic structural diagram of a processing apparatus for a VPN service according to a third embodiment of the present invention, which is applied to a server, where the server establishes long connections with multiple first VPN clients, and the apparatus may specifically include the following modules:
a long connection establishing module 301, configured to establish a long connection with a second VPN client;
a network configuration parameter receiving module 302, configured to receive a network configuration parameter sent by the second VPN client;
a client allocating module 303, configured to allocate the first VPN client that meets the network configuration parameter to the second VPN client as a target VPN client;
a service request receiving module 304, configured to receive a service request sent by the second VPN client;
a service request sending module 305, configured to send the service request to the target VPN client, so as to execute the service request under the condition of the network configuration parameter.
In a specific implementation, the network configuration parameter includes at least one of the following:
country, network type.
In a preferred embodiment of the present invention, the method further comprises:
a service result receiving module, configured to receive a service result obtained by executing the service request and sent by the target VPN client;
and the service result sending module is used for sending the service result to the second VPN client.
In a preferred embodiment of the present invention, the service request receiving module 304 is further configured to:
receiving a service request sent by the second VPN client through a virtual network card;
the service result receiving module is further configured to:
and sending the service result to the virtual network card of the second VPN client.
In a preferred embodiment of the present invention, the method further comprises:
a long connection disconnection module for disconnecting the long connection with the second VPN client;
a client release module for releasing the target VPN client for the second VPN client.
In a preferred embodiment of the present invention, the method further comprises:
a heartbeat time determination module for determining a heartbeat time suitable for the first VPN client and/or the second VPN client;
and the heartbeat operation execution module is used for executing heartbeat operation with the first VPN client and/or the second VPN client at intervals of the heartbeat time.
In a preferred embodiment of the present invention, the heartbeat time determination module is further configured to:
determining a first time value and a second time value, wherein the first time value is smaller than the second time value;
calculating an average value between the first time value and the second time value as a heartbeat time;
judging whether the difference value between the current heartbeat time and the previous heartbeat time is smaller than a preset threshold value or not;
if yes, determining that the current heartbeat time is valid;
if not, executing heartbeat operation with the first VPN client and/or the second VPN client according to the heartbeat time;
if the heartbeat packet sent by the first VPN client and/or the second VPN client is received before the heartbeat is overtime, setting the average value as a new first time value, and returning to execute the determination of the first time value and the second time value;
and if the heartbeat packet sent by the first VPN client and/or the second VPN client is not received before the heartbeat timeout, setting the average value as a new second time value, and returning to execute the determination of the first time value and the second time value.
The processing device of the VPN service provided by the embodiment of the invention can execute the processing method of the VPN service provided by any embodiment of the invention, and has corresponding functional modules and beneficial effects of the execution method.
Example four
Fig. 4 is a schematic structural diagram of a server according to a fourth embodiment of the present invention. The server 400 may vary significantly due to configuration or performance, and may include one or more Central Processing Units (CPUs) 422 (e.g., one or more processors) and memory 432, one or more storage media 430 (e.g., one or more mass storage devices) storing applications 442 or data 444. Wherein the memory 432 and storage medium 430 may be transient or persistent storage. The program stored on the storage medium 430 may include one or more modules (not shown), each of which may include a series of instruction operations for the server. Still further, the central processor 422 may be arranged to communicate with the storage medium 430, and execute a series of instruction operations in the storage medium 430 on the server 400.
The server 400 may also include one or more power supplies 426, one or more wired or wireless network interfaces 450, one or more input-output interfaces 458, one or more keyboards 456, and/or one or more operating systems 441, such as Windows Server, Mac OS XTM, UnixTM, LinuxTM, FreeBSDTM, and so forth.
The server provided in this embodiment may execute the processing method of the VPN service provided in any embodiment of the present invention, and specifically, corresponding functions and advantageous effects.
EXAMPLE five
An embodiment of the present invention further provides a computer-readable storage medium, in which a computer program is stored, and when the computer program is executed by a processor, the computer program implements a processing method for a VPN service, where the computer program is applied to a server, and the server establishes long connections with a plurality of first VPN clients, where the method includes:
establishing a long connection with a second VPN client;
receiving network configuration parameters sent by the second VPN client;
distributing the first VPN client conforming to the network configuration parameters to the second VPN client as a target VPN client;
receiving a service request sent by the second VPN client;
and sending the service request to the target VPN client so as to execute the service request under the condition of the network configuration parameters.
Of course, the computer program of the computer-readable storage medium provided in the embodiments of the present invention is not limited to the method operations described above, and may also perform related operations in the processing method of the VPN service provided in any embodiment of the present invention.
From the above description of the embodiments, it is obvious for those skilled in the art that the present invention can be implemented by software and necessary general hardware, and certainly, can also be implemented by hardware, but the former is a better embodiment in many cases. Based on such understanding, the technical solutions of the present invention may be embodied in the form of a software product, which can be stored in a computer-readable storage medium, such as a floppy disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a FLASH Memory (FLASH), a hard disk or an optical disk of a computer, and includes several instructions for enabling a computer device (which may be a personal computer, a server, or a network device) to execute the methods according to the embodiments of the present invention.
It should be noted that, in the embodiment of the processing apparatus for a VPN service, each unit and each module included in the processing apparatus are only divided according to functional logic, but are not limited to the above division, as long as the corresponding function can be implemented; in addition, specific names of the functional units are only for convenience of distinguishing from each other, and are not used for limiting the protection scope of the present invention.
It is to be noted that the foregoing is only illustrative of the preferred embodiments of the present invention and the technical principles employed. It will be understood by those skilled in the art that the present invention is not limited to the particular embodiments described herein, but is capable of various obvious changes, rearrangements and substitutions as will now become apparent to those skilled in the art without departing from the scope of the invention. Therefore, although the present invention has been described in greater detail by the above embodiments, the present invention is not limited to the above embodiments, and may include other equivalent embodiments without departing from the spirit of the present invention, and the scope of the present invention is determined by the scope of the appended claims.
Claims (7)
1. A processing method of VPN service is applied in a server, the server establishes long connections with a plurality of first VPN clients, the method comprises:
establishing a long connection with a second VPN client;
receiving network configuration parameters sent by the second VPN client, wherein the network configuration parameters comprise a country and a network type;
distributing a first VPN client conforming to the country and the network type to a second VPN client as a target VPN client;
receiving a service request sent by the second VPN client;
sending the service request to the target VPN client to execute the service request under the conditions of the country and the network type;
determining a heartbeat time suitable for the first VPN client and/or the second VPN client;
executing heartbeat operation with the first VPN client and/or the second VPN client at intervals of the heartbeat time;
said determining a heartbeat time suitable for said first VPN client and/or said second VPN client comprises:
determining a first time value and a second time value, wherein the first time value is smaller than the second time value;
calculating an average value between the first time value and the second time value as a heartbeat time;
judging whether the difference value between the current heartbeat time and the previous heartbeat time is smaller than a preset threshold value or not;
if yes, determining that the current heartbeat time is valid;
if not, executing heartbeat operation with the first VPN client and/or the second VPN client according to the heartbeat time;
if the heartbeat packet sent by the first VPN client and/or the second VPN client is received before the heartbeat is overtime, setting the average value as a new first time value, and returning to execute the determination of the first time value and the second time value;
and if the heartbeat packet sent by the first VPN client and/or the second VPN client is not received before the heartbeat timeout, setting the average value as a new second time value, and returning to execute the determination of the first time value and the second time value.
2. The method of claim 1, further comprising:
receiving a service result which is sent by the target VPN client and obtained by executing the service request;
and sending the service result to the second VPN client.
3. The method of claim 2,
the receiving of the service request sent by the second VPN client includes:
receiving a service request sent by the second VPN client through a virtual network card;
the sending the service result to the second VPN client includes:
and sending the service result to the virtual network card of the second VPN client.
4. The method of claim 2, further comprising:
disconnecting the long connection with the second VPN client;
releasing the target VPN client for the second VPN client.
5. A device for processing VPN traffic, the device being applied in a server, the server establishing long connections with a plurality of first VPN clients, the device comprising:
the long connection establishing module is used for establishing long connection with the second VPN client;
a network configuration parameter receiving module, configured to receive a network configuration parameter sent by the second VPN client, where the network configuration parameter includes a country and a network type;
a client allocation module, configured to allocate a first VPN client that conforms to the country and the network type to the second VPN client as a target VPN client;
a service request receiving module, configured to receive a service request sent by the second VPN client;
a service request sending module, configured to send the service request to the target VPN client, so as to execute the service request under the conditions of the country and the network type;
a heartbeat time determination module for determining a heartbeat time suitable for the first VPN client and/or the second VPN client, comprising:
determining a first time value and a second time value, wherein the first time value is smaller than the second time value;
calculating an average value between the first time value and the second time value as a heartbeat time;
judging whether the difference value between the current heartbeat time and the previous heartbeat time is smaller than a preset threshold value or not;
if yes, determining that the current heartbeat time is valid;
if not, executing heartbeat operation with the first VPN client and/or the second VPN client according to the heartbeat time;
if the heartbeat packet sent by the first VPN client and/or the second VPN client is received before the heartbeat is overtime, setting the average value as a new first time value, and returning to execute the determination of the first time value and the second time value;
before the heartbeat is overtime, the heartbeat packet sent by the first VPN client and/or the second VPN client is not received, the average value is set as a new second time value, and the first time value and the second time value are determined;
and the heartbeat operation execution module is used for executing heartbeat operation with the first VPN client and/or the second VPN client at intervals of the heartbeat time.
6. A server, characterized in that the server comprises:
one or more processors;
a memory for storing one or more programs;
when executed by the one or more processors, cause the one or more processors to implement a method of processing a VPN service according to any one of claims 1-4.
7. A computer-readable storage medium, on which a computer program is stored, which, when being executed by a processor, carries out a method of processing a VPN service according to any one of claims 1 to 4.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910684022.7A CN110493095B (en) | 2019-07-26 | 2019-07-26 | VPN service processing method, device, server and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910684022.7A CN110493095B (en) | 2019-07-26 | 2019-07-26 | VPN service processing method, device, server and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN110493095A CN110493095A (en) | 2019-11-22 |
| CN110493095B true CN110493095B (en) | 2021-12-03 |
Family
ID=68547611
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910684022.7A Active CN110493095B (en) | 2019-07-26 | 2019-07-26 | VPN service processing method, device, server and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN110493095B (en) |
Families Citing this family (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113645115B (en) * | 2020-04-27 | 2023-04-07 | 中国电信股份有限公司 | Virtual private network access method and system |
| CN114221828A (en) * | 2021-12-27 | 2022-03-22 | 上海贝锐信息科技股份有限公司 | Double-interface multicast broadcast forwarding method |
Family Cites Families (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101193035B (en) * | 2006-11-24 | 2011-04-20 | 中国电信股份有限公司 | A system and method for deploying virtual private network service based on IP secure protocol |
| US7852861B2 (en) * | 2006-12-14 | 2010-12-14 | Array Networks, Inc. | Dynamic system and method for virtual private network (VPN) application level content routing using dual-proxy method |
| CN102769603B (en) * | 2011-05-03 | 2016-06-22 | 中国移动通信集团公司 | The method of a kind of data transmission, system and equipment |
| CN103036774A (en) * | 2013-01-08 | 2013-04-10 | 北京融动科技有限公司 | Information interaction system and information interaction method |
| CN107360632B (en) * | 2016-05-10 | 2021-01-29 | 上海连尚网络科技有限公司 | Method and equipment for establishing long connection |
| CN106535309B (en) * | 2016-10-28 | 2019-11-15 | 珠海市魅族科技有限公司 | A kind of method and device keeping network connection |
| CN107911406B (en) * | 2017-09-30 | 2021-03-23 | 平安科技(深圳)有限公司 | Network-based task flow method, equipment and storage medium |
| CN108900575B (en) * | 2018-06-06 | 2021-07-20 | 深圳蓝贝科技有限公司 | Long connection hierarchical communication method and system based on mobile terminal |
-
2019
- 2019-07-26 CN CN201910684022.7A patent/CN110493095B/en active Active
Also Published As
| Publication number | Publication date |
|---|---|
| CN110493095A (en) | 2019-11-22 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN107637029B (en) | Communication system and communication method for providing wireless terminal with access to IP network | |
| CN106358245B (en) | Method and controller for sharing load of mobile edge computing application | |
| CN113596191B (en) | Data processing method, network element equipment and readable storage medium | |
| EP3435627A1 (en) | Method of controlling service traffic between data centers, device, and system | |
| CN108234522B (en) | Method and device for preventing Address Resolution Protocol (ARP) attack, computer equipment and storage medium | |
| KR20140135000A (en) | Service processing method and apparatus in software-defined networking system | |
| US20130311614A1 (en) | Method for retrieving content and wireless communication device for performing same | |
| EP3352431A1 (en) | Network load balance processing system, method, and apparatus | |
| CN107733808B (en) | Flow transmission method and device | |
| US11689646B2 (en) | Network packet processing method and apparatus and network server | |
| EP3926924A1 (en) | Method and system for providing edge service, and computing device | |
| CN110493095B (en) | VPN service processing method, device, server and storage medium | |
| EP2848080A1 (en) | System and method for reducing a call establishment time | |
| CN113572835B (en) | Data processing method, network element equipment and readable storage medium | |
| EP3142306A1 (en) | Openflow communication method, system, controller, and service gateway | |
| CN102960006A (en) | Processing method, device and management control system of internet of things | |
| CN113572864B (en) | Data processing method, network element equipment and readable storage medium | |
| KR20130112038A (en) | Method, gateway, proxy and system for implementing mobile internet services | |
| US20170251428A1 (en) | Methods and Nodes for M2M Communication | |
| EP2709337A1 (en) | Service data processing method, device and system | |
| CN110336793B (en) | Intranet access method and related device | |
| CN103067981A (en) | Content buffer memory bypass method and content buffer memory bypass system | |
| CN109194416B (en) | Information transmission method and device, computer equipment and storage medium | |
| CN112202780B (en) | Data transmission method, device, equipment and medium based on double sockets | |
| CN110324826B (en) | Intranet access method and related device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| PE01 | Entry into force of the registration of the contract for pledge of patent right |
Denomination of invention: A VPN service processing method, device, server and storage medium Effective date of registration: 20230222 Granted publication date: 20211203 Pledgee: Bank of China Limited by Share Ltd. Guangzhou Tianhe branch Pledgor: GUANGZHOU ZHIZHEN INFORMATION TECHNOLOGY Co.,Ltd. Registration number: Y2023980033104 |
|
| PE01 | Entry into force of the registration of the contract for pledge of patent right |