CN111064804A - Network access method and device - Google Patents
Network access method and device Download PDFInfo
- Publication number
- CN111064804A CN111064804A CN201911394560.9A CN201911394560A CN111064804A CN 111064804 A CN111064804 A CN 111064804A CN 201911394560 A CN201911394560 A CN 201911394560A CN 111064804 A CN111064804 A CN 111064804A
- Authority
- CN
- China
- Prior art keywords
- protocol
- redirection information
- network
- response message
- response
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/50—Network services
- H04L67/60—Scheduling or organising the servicing of application requests, e.g. requests for application data transmissions using the analysis and optimisation of the required network resources
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
- H04L67/1001—Protocols in which an application is distributed across nodes in the network for accessing one among a plurality of replicated servers
- H04L67/1004—Server selection for load balancing
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/50—Network services
- H04L67/56—Provisioning of proxy services
- H04L67/563—Data redirection of data network streams
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L69/00—Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
- H04L69/08—Protocols for interworking; Protocol conversion
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/02—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
Abstract
The application provides a network access method and a network access device. The network access method is applied to network equipment arranged between a terminal and a server, and comprises the following steps: receiving a request message from a terminal, and forwarding the request message to the server when the request message is a message applied to a first protocol; receiving a first response message returned by the server, wherein the first response message is a message applied to a second protocol; when the first response message is determined to be converted according to the first network redirection information, the first response message is converted into a second response message, the second response message is applied to the first protocol, the second response message carries second network redirection information, and the second network redirection information is determined according to the first network redirection information; and sending the second response message to the terminal so that the terminal performs network access according to the second network redirection information.
Description
Technical Field
The present application relates to network communication technologies, and in particular, to a network access method and apparatus.
Background
With the development of the internet, the network service provided by a single server has been increasingly unable to meet the increasing access requirements. Based on this, the load balancing device is generated. The load balancing device can gather a plurality of servers and provide services for the servers uniformly, and the network addresses of the provided services are different from the network addresses of the plurality of servers. When the terminal accesses the load balancing device in an http mode, the load balancing device may send the access to a certain http server in an http mode, and the server returns the requested data to the user.
When the server cannot provide the data accessed by the terminal, the server sends a response message carrying the network redirection information to the terminal, so that the terminal can obtain the data by accessing the network redirection information. However, the address carried in the network redirection information is usually the address of the server, and the protocol identifier is also usually an http protocol identifier used between the load balancing device and the server. Therefore, when a plurality of servers are aggregated and serve outside uniformly by using the load balancing device, and the terminal communicates through https connection, the terminal fails to access network redirection information.
Disclosure of Invention
Methods and apparatus are provided.
The technical scheme provided by the application comprises the following steps:
according to a first aspect of the present application, there is provided a network access method applied to a network device disposed between a terminal and a server, including:
receiving a request message from a terminal, and forwarding the request message to the server when the request message is a message applied to a first protocol;
receiving a first response message returned by the server, wherein the first response message is a message applied to a second protocol; the first response message carries first network redirection information;
when the first response message is determined to be converted according to the first network redirection information, the first response message is converted into a second response message, the second response message is applied to the first protocol, the second response message carries second network redirection information, and the second network redirection information is determined according to the first network redirection information;
and sending the second response message to the terminal so that the terminal performs network access according to the second network redirection information.
According to a second aspect of the present application, there is provided a network access apparatus applied to a network device disposed between a terminal and a server, including:
a request receiving unit, configured to receive a request packet from a terminal, and forward the request packet to the server when the request packet is a packet applied to a first protocol;
a response receiving unit, configured to receive a first response packet returned by the server, where the first response packet is a packet applied to a second protocol; the first response message carries first network redirection information;
a conversion unit, configured to convert the first response packet into a second response packet when determining to convert the first response packet according to the first network redirection information, where the second response packet is applied to the first protocol and carries second network redirection information, and the second network redirection information is determined according to the first network redirection information;
and the sending unit is used for sending the second response message to the terminal so that the terminal can access the network according to the second network redirection information.
According to the technical scheme, when the first response message is determined to be converted according to the first network redirection information, the first network redirection information which is carried in the first response message and can cause the terminal access failure is converted into the second network redirection information which can be successfully accessed by the terminal, so that the terminal can successfully access the second network redirection information.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the present disclosure and together with the description, serve to explain the principles of the disclosure.
FIG. 1 is a diagram of an application scenario provided by the present application;
FIG. 2 is a flow chart of a method provided herein;
FIG. 3 is a flowchart illustrating an implementation of step 103 provided herein;
FIG. 4 is a flowchart of another implementation of step 103 provided herein;
FIG. 5 is a flowchart of another implementation of step 103 provided herein;
FIG. 6 is a schematic diagram of the apparatus provided herein;
fig. 7 is a schematic hardware structure diagram of the apparatus shown in fig. 6 provided in the present application.
Detailed Description
Reference will now be made in detail to the exemplary embodiments, examples of which are illustrated in the accompanying drawings. When the following description refers to the accompanying drawings, like numbers in different drawings represent the same or similar elements unless otherwise indicated. The embodiments described in the following exemplary embodiments do not represent all embodiments consistent with the present application. Rather, they are merely examples of apparatus and methods consistent with certain aspects of the present application, as detailed in the appended claims.
The terminology used herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the application. As used in this application and the appended claims, the singular forms "a", "an", and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. It should also be understood that the term "and/or" as used herein refers to and encompasses any and all possible combinations of one or more of the associated listed items.
It is to be understood that although the terms first, second, third, etc. may be used herein to describe various information, such information should not be limited to these terms. These terms are only used to distinguish one type of information from another. For example, first information may also be referred to as second information, and similarly, second information may also be referred to as first information, without departing from the scope of the present application. The word "if" as used herein may be interpreted as "at … …" or "when … …" or "in response to a determination", depending on the context.
Fig. 1 is a terminal-server network architecture provided with a load balancing device.
The terminal is used for sending an https request message to the load balancing equipment and receiving an https response message sent by the load balancing equipment. The number of the terminals can be one or more, and the terminals can be a notebook computer, a smart phone, a tablet computer and the like.
The load balancing equipment is used for interacting with the terminal and the server, converting an http request message sent by the terminal into an http request message, sending the http request message to the server determined by the load balancing algorithm, converting an http response message sent by the server into an http response message, and sending the http response message to the terminal.
The plurality of servers comprise a server A and a server B …, wherein the server N is used for receiving and processing an http request message sent by the load balancing equipment, and sending a processed http response message to the load balancing equipment. The same service may be deployed on multiple servers, or different services may be deployed.
When the existing network access technology is applied to the application scenario shown in fig. 1, a terminal accesses a load balancing device in an http manner, and the load balancing device can send the access to a certain http server in an http manner, so that the server returns data requested by the user to the user. For example, when the terminal wants to access the service provided by the server, the https request message with the applied protocol https, the destination IP address 2.2.2.2 of the load balancing device, and the destination port 443 of the load balancing device is sent to the load balancing device. And then, the load balancing equipment modifies the protocol applied by the https request message into http, modifies the destination IP address from the IP address 2.2.2.2 of the load balancing equipment into the IP address 3.3.3.3 of the corresponding server, modifies the destination port from the port 443 of the load balancing equipment into the port 80 of the server, and sends the modified destination IP address to the server. And then, when receiving an http response message of a server response, executing an operation corresponding to the operation, which is not described herein again.
However, when the server cannot provide the data accessed by the terminal, the server may send a response packet carrying the network redirection information to the terminal, so that the terminal accesses the network redirection information to obtain the data. However, the address carried in the network redirection information is usually the address of the server, and the protocol identifier is also usually an http protocol identifier used between the load balancing device and the server. Therefore, when a plurality of servers are aggregated and serve outside uniformly by using the load balancing device, and the terminal communicates through https connection, the terminal fails to access network redirection information. For example, when the server cannot provide response data, the server may send an http response carrying a location field to the terminal, where the content in the location field is assumed to be: http://3.3.3.3:80/index. html. After the terminal receives the http response message carrying the location field (the http response is converted into http:// 2.2.2:443/index. html when passing through the load balancing device), the terminal accesses the http://2.2.2.2:443/index. html, but the request is an http protocol and cannot be matched with the load balancing device for load balancing processing, so that the terminal fails to access the http:// 2.2.2:443/index. html.
Based on the application scenario shown in fig. 1, the application provides a network access method, so that when a first response message carrying first network redirection information is received, the first network redirection information that the terminal originally has access failure is converted into second network redirection information that can be successfully accessed, and the second network redirection information is sent to the terminal, so that the terminal performs network access according to the second network redirection information.
Fig. 2 is a flowchart of a method provided by an embodiment of the present application.
As an example, the process may be applied to a network device disposed between a terminal and a server, such as the load balancing device, the routing device or other message forwarding devices shown in fig. 1.
Referring to the embodiment shown in fig. 2, the following process may be included:
step 101, receiving a request message from a terminal, and forwarding the request message to a server when the request message is a message applied to a first protocol;
as an example, the device may establish a first protocol connection with the terminal, and when the request packet is not applied to the first protocol, the packet may be discarded or the terminal may be notified to send the request packet to the device in the first protocol.
As an example, the first protocol may be an https protocol to ensure security of message transmission between the terminal and the device.
As an example, when the device is a load balancing device, an existing load balancing algorithm may be used to determine a server from the connected servers, and forward the request packet to the server.
102, receiving a first response message returned by the server, wherein the first response message is a message applied to a second protocol; the first response message carries first network redirection information;
as an example, the second protocol may be an http protocol, so that the present device performs a corresponding message encryption/decryption operation, thereby saving server resources.
As an example, when the server cannot provide the data requested by the request packet, a first response packet carrying the first network redirection information may be returned. Here, the server and the device are connected by using a second protocol, namely, an http protocol. Therefore, when the first network redirection information is returned, the protocol identifier carried in the first network redirection information may also be an http protocol identifier. Meanwhile, when the first network redirection information includes information such as an IP address or a port, the information may also be server information. As a simple example, if the IP address of the server itself is 3.3.3.3 and the port is 80, the first network redirection information carried in the first response packet may be: http://3.3.3.3:80/index. html.
As an example, when the first response packet is an http packet, the first network redirection information may be carried in a location field of the first response packet.
103, when the first response message is determined to be converted according to the first network redirection information, converting the first response message into a second response message, wherein the second response message is applied to the first protocol and carries second network redirection information, and the second network redirection information is determined according to the first network redirection information;
as an example, when accessing the first network redirection information, the terminal may obtain a result of access failure. When the terminal accesses the second network redirection information, the terminal can obtain a page corresponding to the second network redirection information.
As an example, when determining to convert the first response packet according to the first network redirection information, there are various implementations for converting the first response packet into the second response packet. Three of which are shown in fig. 3 to 5, respectively, and will be described in detail later, and will not be described again here.
And 104, sending the second response message to the terminal so that the terminal performs network access according to the second network redirection information.
As an example, after the first response message is converted into the second response, the second response may be immediately sent to the terminal.
This completes the description of the embodiment shown in fig. 2.
According to the technical scheme, when the first response message is determined to be converted according to the first network redirection information, the first network redirection information which is carried in the first response message and can cause the terminal access failure is converted into the second network redirection information which can be successfully accessed by the terminal, so that the terminal can successfully access the second network redirection information.
In the following, how to convert the first response message into the second response message in step 103 is described with reference to the embodiments shown in fig. 3 to 5, respectively.
First, with reference to the embodiment shown in fig. 3, one implementation manner of converting the first response packet into the second response packet when it is determined in step 103 that the first response packet is converted according to the first network redirection information is described. As shown in the embodiment of fig. 3, the following process may be included:
step 1031, when the request message is a message applied to the first protocol, recording a protocol identifier of the first protocol and a destination IP address of the request message;
as an example, in order to subsequently modify the first network redirection information carried in the first response message, a protocol identifier of the first protocol and a destination IP address of the request message may be recorded in a memory, so as to be used when the first network redirection information needs to be modified. Of course, since the request message is a message sent to the device, the destination IP address carried in the request message is the IP address of the device, and if the IP address is not recorded, the IP address of the device may be modified after being queried when the IP address in the first network redirection information needs to be modified. Taking the application scenario shown in fig. 1 as an example, after the terminal sends the https request message to the load balancing device, the load balancing device records the destination IP address 2.2.2.2 of the https request message and the protocol identifier https of the first protocol.
As an example, when recording the protocol identifier of the first protocol and the destination IP address of the request message, the protocol identifier and the destination IP address may be recorded in a table form.
Step 1032, when the first network redirection information includes the IP address of the server and the protocol identifier of the second protocol, determining to convert the first response packet;
as an example, when receiving a first response message sent by a server, it checks whether a first network redirection message carried by the first response message carries an IP address and a protocol identifier. Then, the IP address is compared with the server IP address stored by the server IP address, and whether the IP address is the server IP address is determined. And simultaneously, the protocol identification is respectively connected with the protocol identification of the first protocol and the protocol identification of the second protocol, and then the protocol corresponding to the identification is identified. Taking the application scenario shown in fig. 1 as an example, after the server a sends an http response packet carrying http:// 3.3.3/url/index. html in a location field to the load balancing device, the load balancing device checks whether http://3.3.3.3/url/index. html in the location field carries an IP address and a protocol identifier, and checks whether the IP address 3.3.3.3 is a server IP address, and whether http corresponds to a first protocol or a second protocol. And when the server IP address is determined to be 3.3.3.3 and the http corresponds to the second protocol, determining that the http response message needs to be converted.
As an example, if the first network redirection information includes the IP address of the server and the protocol identifier of the second protocol, it indicates that the terminal may fail to access the first network redirection information, and therefore, the first response message needs to be converted.
Step 1033, according to the protocol identifier of the first protocol, converting the first response packet into a first response packet applied to the first protocol;
as an example, since the terminal and the present device communicate with each other through the first protocol, when the first response packet is a packet applied to the second protocol, the terminal cannot normally receive the first response packet. Taking the application scenario shown in fig. 1 as an example, after the server a sends the http response packet to the load balancing device, the load balancing device needs to convert the http response packet into an http response packet and send the http response packet to the terminal, so that the terminal can normally receive the http response packet.
Step 1034, the IP address and the protocol identifier in the first network redirection information in the first response message applied to the first protocol are modified into the recorded destination IP address of the request message and the protocol identifier of the first protocol, and a second response message carrying the second network redirection information is obtained.
As an example, in order to ensure that the terminal successfully accesses the data corresponding to the first network redirection information in the subsequent process, only the IP address and the protocol identifier in the first network redirection information are modified while the other parts are not modified. Still taking the application scenario shown in fig. 1 as an example, here, http://3.3.3.3/url/index. html in a location field in an http request message sent by a server is modified to https://2.2.2.2/url/index. html by using the destination IP address 2.2.2 of the https request message recorded in step 1031 and the protocol identifier https of the first protocol.
This completes the description of the embodiment shown in fig. 3.
Next, with reference to the embodiment shown in fig. 4, another implementation manner of converting the first response packet into the second response packet when it is determined in step 103 that the first response packet is converted according to the first network redirection information is described. As shown in fig. 4, the embodiment may include the following processes:
103a, when the request message is a message applied to a first protocol, recording a protocol identifier of the first protocol and a destination port of the request message;
as an example, when the request packet is identified as a packet applied to the first protocol, the protocol identifier of the first protocol and the destination port of the request packet may be recorded in the memory for use in subsequently modifying the first redirection information. Taking the application scenario shown in fig. 1 as an example, after the terminal sends the https request packet to the load balancing device, the load balancing device records the destination port 443 of the https request packet and the protocol identifier https of the first protocol.
103b, when the first network redirection information comprises a port of the server and a protocol identifier of the second protocol, determining to convert the first response message;
as an example, when the first network redirection information includes a port of a server, a domain name may be included accordingly. However, in the application scenario shown in fig. 1, the server does not use its own domain name to perform domain name registration on the DNS server, but only the device performs domain name registration on the DNS server by using the domain name of the server and the IP address of the device. Therefore, even if the first network redirection information carries the domain name of the server, the first network redirection information does not need to be modified.
As an example, when receiving a first response packet sent by a server, it checks whether a port and a protocol identifier are carried in first network redirection information carried by the first response packet. Then, the port is compared with the server port stored in the port, and whether the port is the server port is determined. And simultaneously, the protocol identification is respectively connected with the protocol identification of the first protocol and the protocol identification of the second protocol, and then the protocol corresponding to the identification is identified. Taking the application scenario shown in fig. 1 as an example, after the server a sends an http response packet carrying http:// www.yyyy.com:80/url/index. html in a location field to the load balancing device, the load balancing device checks whether http:// www.yyyy.com:80/url/index. html in the location field carries a port and a protocol identifier, and checks whether the port 80 is a server port, and whether http corresponds to a first protocol or a second protocol. When it is determined that the port 80 is a server port and http corresponds to the second protocol, it is determined that the http response packet needs to be converted.
Step 103c, converting the first response message into a first response message applied to the first protocol according to the protocol identifier of the first protocol;
as an example, reference may be made to the foregoing description of step 1033, which is not repeated here.
Step 103d, modifying the port and the protocol identifier in the first network redirection information in the first response message applied to the first protocol into the recorded destination port of the request message and the protocol identifier of the first protocol, and obtaining a second response message carrying second network redirection information.
As an example, in order to ensure that the terminal successfully accesses the data corresponding to the first network redirection information in the subsequent process, only the port and the protocol identifier in the first network redirection information are modified while the other parts are not modified. Still taking the application scenario shown in fig. 1 as an example, here, http:// www.yyyy.com:80/url/index. html in the location field in the http request message sent by the server is modified to https:// www.yyyy.com:443/url/index. html by using the destination port 443 of the https request message recorded in step 103a and the protocol identifier https of the first protocol.
This completes the description of the embodiment shown in fig. 4.
Finally, with reference to the embodiment shown in fig. 5, a third implementation manner of converting the first response packet into the second response packet when it is determined in step 103 that the first response packet is converted according to the first network redirection information is described. As shown in fig. 5, the embodiment may include the following processes:
103A, when the request message is a message applied to a first protocol, recording a protocol identifier of the first protocol, a destination IP address and a destination port of the request message;
step 103B, when the first network redirection information comprises the IP address and the port of the server and the protocol identification of the second protocol, determining to convert the first response message;
step 103C, converting the first response message into a first response message applied to the first protocol according to the protocol identifier of the first protocol;
step 103D, the IP address, the port and the protocol identifier in the first network redirection information in the first response message applied to the first protocol are modified into the recorded destination IP address and the destination port of the request message and the protocol identifier of the first protocol, so as to obtain a second response message carrying second network redirection information.
The embodiment shown in fig. 5 includes a process flow that is already covered by the embodiments shown in fig. 3 and 4. Therefore, reference may be made to the above description of the embodiments shown in fig. 3 and 4, which is not repeated herein.
This completes the description of the embodiment shown in fig. 5.
Corresponding to the embodiment of the network access method, the application also provides an embodiment of the network access device.
The embodiment of the network access device can be applied to network equipment. The device embodiments may be implemented by software, or by hardware, or by a combination of hardware and software. The software implementation is taken as an example, and is formed by reading corresponding computer program instructions in the nonvolatile memory into the memory for operation through the processor of the network device where the software implementation is located as a logical means. From a hardware aspect, as shown in fig. 7, the present application is a hardware structure diagram of a network device where a network access apparatus is located, where the network device where the apparatus is located in the embodiment may further include other hardware according to an actual function of the network device, in addition to the processor, the memory, the network interface, and the nonvolatile memory shown in fig. 7, and details of this are not repeated.
Referring to fig. 6, fig. 6 is a structural diagram of the apparatus provided in the present application. The device is applied to network equipment and comprises:
a request receiving unit 610, configured to receive a request packet from a terminal, and forward the request packet to a server when the request packet is a packet applied in a first protocol;
a response receiving unit 620, configured to receive a first response packet returned by the server, where the first response packet is a packet applied in the second protocol; the first response message carries first network redirection information;
a converting unit 630, configured to convert the first response packet into a second response packet when determining to convert the first response packet according to the first network redirection information, where the second response packet is applied to the first protocol and carries second network redirection information, and the second network redirection information is determined according to the first network redirection information;
the sending unit 640 is configured to send the second response packet to the terminal, so that the terminal performs network access according to the second network redirection information.
This completes the description of the apparatus shown in fig. 6.
As an example, the converting unit 630 is specifically configured to determine to convert the first response packet when the first network redirection information includes an IP address of the server and a protocol identifier of the second protocol;
the apparatus further comprises:
a recording unit (not shown in the figure) configured to record a protocol identifier of the first protocol and a destination IP address of the request message when the request message is a message applied to the first protocol;
the conversion unit 630 is specifically configured to convert the first response packet into a first response packet applied to the first protocol according to the protocol identifier of the first protocol; and modifying the IP address and the protocol identifier in the first network redirection information in the first response message applied to the first protocol into the recorded destination IP address of the request message and the protocol identifier of the first protocol to obtain a second response message carrying second network redirection information.
As an example, the converting unit 630 is specifically configured to determine to convert the first response packet when the first network redirection information includes an IP address and a port of the server and a protocol identifier of the second protocol;
the recording unit is specifically configured to record a protocol identifier of the first protocol, a destination IP address of the request message, and a destination port when the request message is a message applied to the first protocol;
the conversion unit 630 is specifically configured to convert the first response packet into a first response packet applied to the first protocol according to the protocol identifier of the first protocol; and modifying the IP address, the port and the protocol identifier in the first network redirection information in the first response message applied to the first protocol into the recorded destination IP address and the destination port of the request message and the protocol identifier of the first protocol to obtain a second response message carrying second network redirection information.
As an example, the converting unit 630 is specifically configured to determine to convert the first response packet when the first network redirection information includes a port of the server and a protocol identifier of the second protocol;
the recording unit is specifically configured to record a protocol identifier of the first protocol and a destination port of the request message when the request message is a message applied to the first protocol;
the conversion unit 630 is specifically configured to convert the first response packet into a first response packet applied to the first protocol according to the protocol identifier of the first protocol; and modifying the port and the protocol identifier in the first network redirection information in the first response message applied to the first protocol into the recorded destination port of the request message and the protocol identifier of the first protocol to obtain a second response message carrying second network redirection information.
As an example, the first protocol is the https protocol and the second protocol is the http protocol.
Referring to fig. 7, fig. 7 is a hardware structure diagram of a network device in which a network access apparatus according to the present application is located, where the hardware structure includes: a processor and a memory.
Wherein the memory is to store machine executable instructions;
the processor is configured to read and execute the machine executable instructions stored in the memory to implement the network access method shown in fig. 2.
For one embodiment, the memory may be any electronic, magnetic, optical, or other physical storage device that may contain or store information such as executable instructions, data, and the like. For example, the memory may be: volatile memory, non-volatile memory, or similar storage media. In particular, the Memory may be a RAM (random Access Memory), a flash Memory, a storage drive (e.g., a hard disk drive), a solid state disk, any type of storage disk (e.g., an optical disk, a DVD, etc.), or similar storage medium, or a combination thereof.
So far, the description of the apparatus shown in fig. 7 is completed.
The implementation process of the functions and actions of each unit in the above device is specifically described in the implementation process of the corresponding step in the above method, and is not described herein again.
For the device embodiments, since they substantially correspond to the method embodiments, reference may be made to the partial description of the method embodiments for relevant points. The above-described embodiments of the apparatus are merely illustrative, and the units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the modules can be selected according to actual needs to achieve the purpose of the scheme of the application. One of ordinary skill in the art can understand and implement it without inventive effort.
The above description is only exemplary of the present application and should not be taken as limiting the present application, as any modification, equivalent replacement, or improvement made within the spirit and principle of the present application should be included in the scope of protection of the present application.
Claims (10)
1. A network access method applied to a network device disposed between a terminal and a server, comprising:
receiving a request message from a terminal, and forwarding the request message to the server when the request message is a message applied to a first protocol;
receiving a first response message returned by the server, wherein the first response message is a message applied to a second protocol; the first response message carries first network redirection information;
when the first response message is determined to be converted according to the first network redirection information, the first response message is converted into a second response message, the second response message is applied to the first protocol, the second response message carries second network redirection information, and the second network redirection information is determined according to the first network redirection information;
and sending the second response message to the terminal so that the terminal performs network access according to the second network redirection information.
2. The method of claim 1, wherein determining to convert the first response packet based on the first network redirection information comprises:
when the first network redirection information comprises the IP address of the server and the protocol identification of the second protocol, determining to convert the first response message;
the method further comprises the following steps:
when the request message is a message applied to a first protocol, recording a protocol identifier of the first protocol and a destination IP address of the request message;
the converting the first response packet into the second response packet includes:
converting the first response message into a first response message applied to the first protocol according to the protocol identifier of the first protocol;
and modifying the IP address and the protocol identification in the first network redirection information in the first response message applied to the first protocol into the recorded destination IP address of the request message and the protocol identification of the first protocol to obtain a second response message carrying second network redirection information.
3. The method of claim 1, wherein determining to convert the first response packet based on the first network redirection information comprises:
when the first network redirection information comprises the IP address and the port of the server and the protocol identification of a second protocol, determining to convert the first response message;
the method further comprises the following steps:
when the request message is a message applied to a first protocol, recording a protocol identifier of the first protocol, a destination IP address and a destination port of the request message;
the converting the first response packet into the second response packet includes:
converting the first response message into a first response message applied to the first protocol according to the protocol identifier of the first protocol;
and modifying the IP address, the port and the protocol identifier in the first network redirection information in the first response message applied to the first protocol into the recorded destination IP address and destination port of the request message and the protocol identifier of the first protocol to obtain a second response message carrying second network redirection information.
4. The method of claim 1, wherein determining to convert the first response packet based on the first network redirection information comprises:
when the first network redirection information comprises a port of the server and a protocol identifier of a second protocol, determining to convert the first response message;
the method further comprises the following steps:
when the request message is a message applied to a first protocol, recording a protocol identifier of the first protocol and a destination port of the request message;
the converting the first response packet into the second response packet includes:
converting the first response message into a first response message applied to the first protocol according to the protocol identifier of the first protocol;
and modifying the port and the protocol identifier in the first network redirection information in the first response message applied to the first protocol into the recorded destination port of the request message and the protocol identifier of the first protocol to obtain a second response message carrying second network redirection information.
5. The method of claim 1, wherein the first protocol is an https protocol and the second protocol is an http protocol.
6. A network access apparatus applied to a network device provided between a terminal and a server, comprising:
a request receiving unit, configured to receive a request packet from a terminal, and forward the request packet to the server when the request packet is a packet applied to a first protocol;
a response receiving unit, configured to receive a first response packet returned by the server, where the first response packet is a packet applied to a second protocol; the first response message carries first network redirection information;
a conversion unit, configured to convert the first response packet into a second response packet when determining to convert the first response packet according to the first network redirection information, where the second response packet is applied to the first protocol and carries second network redirection information, and the second network redirection information is determined according to the first network redirection information;
and the sending unit is used for sending the second response message to the terminal so that the terminal can access the network according to the second network redirection information.
7. The apparatus of claim 6,
the conversion unit is specifically configured to determine to convert the first response packet when the first network redirection information includes the IP address of the server and a protocol identifier of a second protocol;
the apparatus further comprises:
a recording unit, configured to record a protocol identifier of a first protocol and a destination IP address of the request packet when the request packet is a packet applied to the first protocol;
the conversion unit is specifically configured to convert the first response packet into a first response packet applied to the first protocol according to the protocol identifier of the first protocol; and modifying the IP address and the protocol identification in the first network redirection information in the first response message applied to the first protocol into the recorded destination IP address of the request message and the protocol identification of the first protocol to obtain a second response message carrying second network redirection information.
8. The apparatus of claim 6, wherein the first protocol is an https protocol and the second protocol is an http protocol.
9. A network device, characterized in that the network device comprises: a processor and a machine-readable storage medium;
the machine-readable storage medium to store machine-executable instructions;
the processor is used for reading and executing machine executable instructions stored in a machine readable storage medium to realize the network access method according to any one of claims 1 to 5.
10. A machine-readable storage medium having stored therein machine-executable instructions for reading and execution by a processor to implement the network access method of any of claims 1 to 5.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911394560.9A CN111064804B (en) | 2019-12-30 | 2019-12-30 | Network access method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911394560.9A CN111064804B (en) | 2019-12-30 | 2019-12-30 | Network access method and device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111064804A true CN111064804A (en) | 2020-04-24 |
| CN111064804B CN111064804B (en) | 2022-09-30 |
Family
ID=70304680
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201911394560.9A Active CN111064804B (en) | 2019-12-30 | 2019-12-30 | Network access method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111064804B (en) |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111756847A (en) * | 2020-06-28 | 2020-10-09 | 北京百度网讯科技有限公司 | Method and device for supporting https protocol by website |
| CN112187801A (en) * | 2020-09-29 | 2021-01-05 | 杭州迪普科技股份有限公司 | Website access method, device and system |
| CN112492055A (en) * | 2020-11-11 | 2021-03-12 | 浪潮商用机器有限公司 | Method, device and equipment for redirecting transmission protocol and readable storage medium |
| CN114257390A (en) * | 2020-09-22 | 2022-03-29 | 华为技术有限公司 | Authentication method, network device, authentication server, user device, and storage medium |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104168316A (en) * | 2014-08-11 | 2014-11-26 | 北京星网锐捷网络技术有限公司 | Webpage access control method and gateway |
| CN105409280A (en) * | 2013-12-30 | 2016-03-16 | 华为技术有限公司 | Method, apparatus and device for accessing wireless local area network |
| WO2016100175A2 (en) * | 2014-12-18 | 2016-06-23 | Level 3 Communications, Llc | Route monitoring system for a communication network |
| CN105791451A (en) * | 2014-12-22 | 2016-07-20 | 华为技术有限公司 | Message response method and device |
| CN106878135A (en) * | 2016-12-21 | 2017-06-20 | 新华三技术有限公司 | A kind of connection method and device |
| CN107580349A (en) * | 2016-07-05 | 2018-01-12 | 中兴通讯股份有限公司 | A kind of reorientation method and device |
| CN110365793A (en) * | 2019-07-30 | 2019-10-22 | 北京华赛在线科技有限公司 | Illegal external connection monitoring method, device, system and storage medium |
-
2019
- 2019-12-30 CN CN201911394560.9A patent/CN111064804B/en active Active
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105409280A (en) * | 2013-12-30 | 2016-03-16 | 华为技术有限公司 | Method, apparatus and device for accessing wireless local area network |
| CN104168316A (en) * | 2014-08-11 | 2014-11-26 | 北京星网锐捷网络技术有限公司 | Webpage access control method and gateway |
| WO2016100175A2 (en) * | 2014-12-18 | 2016-06-23 | Level 3 Communications, Llc | Route monitoring system for a communication network |
| CN105791451A (en) * | 2014-12-22 | 2016-07-20 | 华为技术有限公司 | Message response method and device |
| CN107580349A (en) * | 2016-07-05 | 2018-01-12 | 中兴通讯股份有限公司 | A kind of reorientation method and device |
| CN106878135A (en) * | 2016-12-21 | 2017-06-20 | 新华三技术有限公司 | A kind of connection method and device |
| CN110365793A (en) * | 2019-07-30 | 2019-10-22 | 北京华赛在线科技有限公司 | Illegal external connection monitoring method, device, system and storage medium |
Non-Patent Citations (2)
| Title |
|---|
| JEBA SANGEETHA NADAR,JAYASHRI MITTAL: ""Authenticating_messages_in_wireless_sensor_networks"", 《2017 INTERNATIONAL CONFERENCE ON TRENDS IN ELECTRONICS AND INFORMATICS》 * |
| 魏绍普: ""无线网络重定向与关键节点的分析与实现"", 《中国优秀硕士学位论文全文数据库 信息科技辑》 * |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111756847A (en) * | 2020-06-28 | 2020-10-09 | 北京百度网讯科技有限公司 | Method and device for supporting https protocol by website |
| CN114257390A (en) * | 2020-09-22 | 2022-03-29 | 华为技术有限公司 | Authentication method, network device, authentication server, user device, and storage medium |
| CN112187801A (en) * | 2020-09-29 | 2021-01-05 | 杭州迪普科技股份有限公司 | Website access method, device and system |
| CN112492055A (en) * | 2020-11-11 | 2021-03-12 | 浪潮商用机器有限公司 | Method, device and equipment for redirecting transmission protocol and readable storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111064804B (en) | 2022-09-30 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111064804B (en) | Network access method and device | |
| JP6543714B2 (en) | Peripheral device, method for emulating by peripheral device | |
| CN109302498B (en) | Network resource access method and device | |
| CN104380278B (en) | Equipment, system and method for client-side management session continuity | |
| US9871850B1 (en) | Enhanced browsing using CDN routing capabilities | |
| CN102143243B (en) | Dynamic routing processing method and dynamic routing processing device and home gateway thereof | |
| CN111314450B (en) | Data transmission method and device, electronic equipment and computer storage medium | |
| US20170171147A1 (en) | Method and electronic device for implementing domain name system | |
| CN102035815A (en) | Data acquisition method, access node and data acquisition system | |
| JP5255035B2 (en) | Failover system, storage processing apparatus, and failover control method | |
| CN113507475B (en) | Cross-domain access method and device | |
| CN103109517A (en) | Double-stack terminal accessing service method, terminal and system | |
| US20170289243A1 (en) | Domain name resolution method and electronic device | |
| KR20220140833A (en) | Application detection method and device, and system | |
| CN105592083A (en) | Method and device for terminal to have access to server by using token | |
| CN102859970A (en) | Values represented as internet protocol addresses | |
| CN110213365B (en) | User access request processing method based on user partition and electronic equipment | |
| US8996607B1 (en) | Identity-based casting of network addresses | |
| CN115150829B (en) | Network access authority management method and device | |
| CN105144073A (en) | Removable storage device identity and configuration information | |
| CN114172853B (en) | Configuration method and device of traffic forwarding and bare computer server | |
| TWI546688B (en) | Method for processing url and associated server and non-transitory computer readable storage medium | |
| CN112040023B (en) | Object access method and device, electronic equipment and machine-readable storage medium | |
| US20160248596A1 (en) | Reflecting mdns packets | |
| CN110795030A (en) | Small file reading method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |