CN111953770A - Route forwarding method and device, route equipment and readable storage medium - Google Patents

Route forwarding method and device, route equipment and readable storage medium Download PDF

Info

Publication number
CN111953770A
CN111953770A CN202010798828.1A CN202010798828A CN111953770A CN 111953770 A CN111953770 A CN 111953770A CN 202010798828 A CN202010798828 A CN 202010798828A CN 111953770 A CN111953770 A CN 111953770A
Authority
CN
China
Prior art keywords
address
forwarding information
network interface
information table
destination
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202010798828.1A
Other languages
Chinese (zh)
Other versions
CN111953770B (en
Inventor
胡晓拯
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Ping An Technology Shenzhen Co Ltd
Original Assignee
Ping An Technology Shenzhen Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ping An Technology Shenzhen Co Ltd filed Critical Ping An Technology Shenzhen Co Ltd
Priority to CN202010798828.1A priority Critical patent/CN111953770B/en
Priority to PCT/CN2020/122445 priority patent/WO2021139311A1/en
Publication of CN111953770A publication Critical patent/CN111953770A/en
Application granted granted Critical
Publication of CN111953770B publication Critical patent/CN111953770B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/60Scheduling or organising the servicing of application requests, e.g. requests for application data transmissions using the analysis and optimisation of the required network resources
    • H04L67/63Routing a service request depending on the request content or context
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/74Address processing for routing
    • H04L45/745Address table lookup; Address filtering

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The embodiment of the application provides a route forwarding method, a device, a routing device and a readable storage medium, wherein the route forwarding method comprises the following steps: receiving a service request message sent by load balancing equipment, wherein the service request message carries an active Internet Protocol (IP) address, a first destination IP address and a source network interface; generating a forward forwarding information table entry comprising a first destination IP address and a reverse forwarding information table entry comprising the source IP address and a source network interface; determining the application server corresponding to the first destination IP address as a target application server according to the forward forwarding information table item, and forwarding the service request message to the target application server so that the target application server returns a response message; and receiving the response message, and forwarding the response message to the load balancing equipment through the source network interface acquired from the reverse forwarding information table entry. In this way, an efficient and easily managed route forwarding method is provided to make the back-and-forth paths consistent.

Description

Route forwarding method and device, route equipment and readable storage medium
Technical Field
The present application relates to the field of cloud transmission, and in particular, to a method and an apparatus for forwarding a route, a routing device, and a readable storage medium.
Background
With the development of network technology, a routing system usually adopts a mode of parallel deployment of a plurality of network interfaces to achieve the effect of increasing bandwidth, so that the routing system can support various complex network services. When the network service is a stateful service (e.g., WAF, IPS, IDS, NAT, LB, etc.), the data streams of the network service requests belonging to the same session need to pass through the same network interface, that is, the back-and-forth paths of the data streams of the network service requests belonging to the same session are consistent. Generally, a routing system can adopt a routing strategy or serially deploy network services to network interfaces to ensure consistent back-and-forth paths of data streams of network service requests of the same session. However, in some complex scenarios (for example, the server is used as both the server side of the network service and the client side of other network services), the complexity of management and maintenance is increased by adopting the routing policy, and the bandwidth of the service device and the network delay are increased by adopting the serial deployment of the network interfaces.
Therefore, how to provide an efficient routing method easy to manage and maintain to ensure consistent back and forth paths is an urgent problem to be solved.
Disclosure of Invention
The embodiment of the application provides a routing forwarding method, a routing forwarding device, a routing device and a readable storage medium.
In a first aspect, an embodiment of the present application provides a method for forwarding a route, where the method is applied to a routing device, the routing device includes a forwarding information table and at least one network interface, the routing device corresponds to at least one application server, and the method includes:
receiving a service request message sent by load balancing equipment, wherein the service request message carries an active Internet Protocol (IP) address, a first destination IP address and a source network interface;
generating a forward forwarding information entry comprising the first destination IP address and a reverse forwarding information entry comprising the source IP address and the source network interface;
determining a target application server from the at least one application server corresponding to the first destination IP address according to the forward forwarding information table entry, and forwarding the service request message to the target application server, so that the target application server returns a response message according to the service request message;
receiving the response message, and acquiring the source network interface from the reverse forwarding information table item;
and forwarding the response message to the load balancing equipment through the source network interface.
In a second aspect, an embodiment of the present application provides a routing forwarding apparatus, where the apparatus is configured in a routing device, the routing device includes a forwarding information table and at least one network interface, the routing device corresponds to at least one application server, and the apparatus includes:
the system comprises an acquisition module, a load balancing module and a control module, wherein the acquisition module is used for receiving a service request message sent by the load balancing equipment, and the service request message carries an active Internet Protocol (IP) address, a first destination IP address and a source network interface;
a processing module, configured to generate a forward forwarding information entry including the first destination IP address and a backward forwarding information entry including the source IP address and the source network interface;
the processing module is further configured to determine, according to the forward forwarding information entry, an application server corresponding to the first destination IP address in the at least one application server as a target application server, and forward the service request packet to the target application server, so that the target application server returns a response packet according to the service request packet;
the obtaining module is further configured to receive the response packet and obtain the source network interface from the backward forwarding information table entry;
and the output module is used for forwarding the response message to the load balancing equipment through the source network interface.
In a third aspect, an embodiment of the present application provides a routing device, where the routing device includes an input device and an output device, and the routing device further includes a processor, and is adapted to implement one or more instructions, where the one or more instructions are adapted to be loaded by the processor and execute the route forwarding method according to the first aspect.
In a fourth aspect, an embodiment of the present application provides a computer-readable storage medium, where instructions are stored in the computer-readable storage medium, and when the instructions are executed on a computer, the computer is caused to execute the route forwarding method according to the first aspect.
In this embodiment of the present application, a routing device receives a service request packet that is sent by a load balancing device and carries an active internet IP address, a first destination IP address, and a source network interface, and generates a forward forwarding information entry that includes the first destination IP address and a reverse forwarding information entry that includes the source IP address and the source network interface. The routing device receives the response message and obtains the source network interface from the backward forwarding information table entry, and further, the routing device can forward the response message to the load balancing device through the source network interface. By the method, an efficient and easily-managed route forwarding method is provided under the condition that the back-and-forth paths of the data streams of the same session are consistent.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present application, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts.
Fig. 1 is a schematic diagram of a data flow direction of route forwarding according to an embodiment of the present application;
fig. 2 is a schematic flowchart of a route forwarding method according to an embodiment of the present application;
fig. 3 is a schematic diagram of a forwarding information table provided in an embodiment of the present application;
fig. 4 is a schematic flowchart of another route forwarding method provided in an embodiment of the present application;
fig. 5 is a schematic diagram of a route forwarding scenario provided in an embodiment of the present application;
fig. 6 is a schematic structural diagram of a route forwarding apparatus according to an embodiment of the present application;
fig. 7 is a schematic structural diagram of a routing device according to an embodiment of the present application.
Detailed Description
The technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are only a part of the embodiments of the present application, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
Please refer to fig. 1, which is a schematic diagram of a data flow direction of route forwarding according to an embodiment of the present application, where a module 10 is a routing device, a module 11 is a load balancing device, a module 12 is an application server, and a module 13 is a client. Wherein, the module 10 has 3 corresponding network interfaces: network interface a, network interface B, and network interface C.
The client sends a network service request message to a load balancing device, the load balancing device forwards the network service request message to a routing device through a network interface A, the routing device receives the network service request message, obtains a source Internet IP address, a first destination IP address and a source network interface (network interface A) corresponding to the network service request message from the network service request message, and generates a forward forwarding information table item including the first destination IP address and a reverse forwarding information table item including the source IP address and the source network interface. The application server receives the network service request message and returns a response message through the network interface C. The routing device receives the response message, and obtains a source network interface (network interface a) from the backward forwarding information table entry, and further, the routing device can forward the response message to the load balancing device through the network interface a. By the method, an efficient and easily-managed route forwarding method is provided under the condition that the back-and-forth paths of the data streams of the same session are consistent.
It should be understood that the routing device mentioned in the embodiment of the present application is not limited to one routing device, and may also be a routing system composed of a plurality of routing devices. At least one of the embodiments mentioned in the present application is one or more.
Please refer to fig. 2, which is a flowchart illustrating a route forwarding method according to an embodiment of the present application, where the route forwarding method applies a routing device, the routing device includes a Forwarding Information Base (FIB) table and at least one network interface, the routing device corresponds to at least one application server, and the route forwarding method includes the following steps:
s201: receiving a service request message sent by a load balancing device, wherein the service request message carries an active Internet Protocol (IP) address, a first destination IP address and a source network interface.
The user accesses a request (namely a service request message) through the internet of the client, and the load balancing equipment receives the service request message and sends the service request message to the routing equipment. The routing device receives the service request message, parses and obtains a source IP address and a destination IP address (i.e. a first destination IP address) from the service request message, and records a source network interface of the service request message.
S202: a forward FIB entry including the first destination IP address and a reverse FIB entry including a source IP address and a source network interface are generated.
The routing equipment obtains a destination network interface corresponding to the first destination IP address according to the first destination IP address of the service request message, generates a forward FIB table item containing the first destination IP address and the destination network interface, and generates a reverse FIB table item according to the source network address and the source network interface.
Illustratively, the source IP address corresponding to the service request message is 6.6.6.6/32, the source network interface is network interface a, the first destination IP address is 192.168.0.0/24, the destination network interface corresponding to the first destination IP address is obtained by querying as network interface C, and a FIB table is generated as shown in fig. 3, where the module 30 is a forward FIB table entry containing the first destination IP address and the destination network interface (network interface C, i.e., PortC in fig. 3) generated according to the service request message, and the module 31 is a reverse FIB table entry containing the source IP address and the source network interface (network interface a, i.e., PortA in fig. 3) generated according to the service request message.
In one embodiment, the routing device includes at least one preset destination IP address, and before generating the forward FIB entry including the first destination IP address and the reverse FIB entry including the source IP address and the source network interface, the routing device may match the first destination IP address with the at least one preset destination IP address, and if the matching is unsuccessful, generate the forward FIB entry including the first destination IP address and the reverse FIB entry including the source IP address and the source network interface.
The preset destination IP address is set by a developer according to the type of a service request packet provided by the destination IP address (for example, a server corresponding to the destination IP address provides a system bug fixing patch service) or the number/frequency of service request packets corresponding to the destination IP address, and then corresponding adjustment can be performed according to a specific application scenario.
In an embodiment, if the first destination IP address is successfully matched with the at least one destination IP address, the reverse FIB entry including the source IP address and the source network interface is not generated, and the service request message is transmitted through a preset network interface corresponding to the preset destination IP address. By the method, the occupied space of the FIB table entry is saved. The preset network interface corresponds to the preset destination IP address one to one, and may be set by a developer according to a specific application scenario, which is not specifically limited herein.
In one scenario, a server with a preset destination IP address of 0.0.0.0 provides a system bug fixing patch service, and a corresponding preset network interface is a network interface B, in this case, when a host with a source IP address of 192.168.0.0 detects a system bug of the host, the host needs to obtain the system bug fixing patch by accessing the destination IP address of 0.0.0.0. And the routing equipment receives the service request message, matches the first destination IP address 0.0.0.0 in the service request message with a preset destination IP address, and does not generate a reverse FIB table item if the matching is successful. The application server receives the service request message and returns a response message. The router receives the response message and returns the response message to the host through a network interface B (a preset network interface).
In one embodiment, the source network interface includes enabling information, and before the routing device generates a forward FIB entry including the first destination IP address and a reverse FIB entry including the source IP address and the source network interface, the routing device may further determine whether to generate the reverse FIB entry according to the enabling information; and if the generation of the reverse FIB table item is determined according to the enabling information, generating a forward FIB table item comprising a first destination IP address and a reverse FIB table item comprising a source IP address and a source network interface. If the reverse FIB table item is determined not to be generated according to the enabling information, the routing equipment generates the reverse FIB table item which comprises the source IP address and the source network interface and does not generate the reverse FIB table item. In this way, occupation of FIB table entries can be saved.
The enabling information is used for representing whether the network interface needs to receive the response message. For example, the enabling information may be enabling function parameter information, and when the routing device detects that the service request packet carries the enabling function parameter information, it determines that the enabling function parameter information is valid, that is, the response packet does not pass through the network interface, and the routing device does not generate a reverse FIB entry including the source IP address and the source network interface. Otherwise, if the routing device does not detect that the service request message carries the enabling function parameter information, a reverse FIB table entry including the source IP address and the source network interface is generated.
In an application scenario, a router device is a single-arm router, a network security detection device is hung at an access network interface of the single-arm router, and the network security detection device is used for detecting a service request message and preventing an application server from being invaded by a virus or a hacker. In this case, the service request packet flows through the network security detection device, after the network security detection device passes the verification, the one-arm router receives the service request packet through the network interface a, further, the one-arm router detects the enabling information of the network interface a, determines the reverse FIB entry which should include the source IP address and the source network interface according to the enabling information, and after receiving the response packet, the one-arm router does not forward the response packet to the network security detection device, and forwards the response packet to the client by the one-arm router according to a conventional routing forwarding method. The conventional routing method can be referred to as a routing forwarding method in the prior art, and will not be described herein in too much detail.
S203: and determining an application server corresponding to the first destination IP address in at least one application server as a target application server according to the forward FIB table item, and forwarding the service request message to the target application server so that the target application server returns a response message according to the service request message.
And the routing equipment determines the application server corresponding to the first destination IP address as a target application server from at least one application server according to the first destination IP address in the forward FIB table item. And forwards the service request packet to the target application server. The target application server receives the service request message and returns a response message to the routing equipment.
S204: and receiving the response message and acquiring the source network interface from the reverse FIB table entry.
And the routing equipment receives the response message and acquires the source network interface of the service request message corresponding to the response message from the reverse FIB table item corresponding to the response message.
S205: and forwarding the response message to the load balancing equipment through the source network interface.
And the routing equipment forwards the response message to the load balancing equipment through the source network interface of the service request message corresponding to the response message.
In the embodiment of the application, the routing device receives a service request message which is sent by the load balancing device and carries an active internet IP address, a first destination IP address and a source network interface, and generates a forward FIB entry including the first destination IP address and a reverse FIB entry including the source IP address and the source network interface. And the routing equipment receives the response message and acquires a source network interface from the reverse FIB table entry, and further, the routing equipment can forward the response message to the load balancing equipment through the source network interface. By the method, an efficient and easily-managed route forwarding method is provided under the condition that the back-and-forth paths of the data streams of the same session are consistent.
Please refer to fig. 4, which is a flowchart illustrating another routing forwarding method according to an embodiment of the present application, where the routing forwarding method applies a routing device, the routing device includes a FIB table and at least one network interface, the routing device corresponds to at least one application server, and the routing forwarding method includes the following steps:
s401: receiving a service request message sent by a load balancing device, wherein the service request message carries an active Internet Protocol (IP) address, a first destination IP address and a source network interface.
S402: a forward FIB entry including the first destination IP address and a reverse FIB entry including a source IP address and a source network interface are generated.
S403: and determining an application server corresponding to the first destination IP address in at least one application server as a target application server according to the forward FIB table item, and forwarding the service request message to the target application server so that the target application server returns a response message according to the service request message.
The specific implementation of steps S401 to S403 may refer to the specific implementation of steps S201 to S203 in the foregoing embodiment, and redundant description is not repeated here.
S404: and receiving a response message returned by the target application server, wherein the response message carries the second destination IP address.
The second destination IP address refers to a source IP address of the service request packet corresponding to the response packet.
And after receiving the service request message, the target application server returns a response message according to the source IP address of the service request message, and then the router receives the response message returned by the target application server, and the IP address of the response message is regarded as a second target IP address.
S405: and determining a target reverse FIB table entry from the FIB table according to the second target IP address, and acquiring a source network interface from the target reverse FIB table entry.
The routing device obtains a target reverse FIB table entry corresponding to the second destination IP address by querying from the FIB table according to the second destination IP address, that is, a source IP address (a source IP address corresponding to the service request packet) included in the target reverse FIB table entry is the same as the second destination IP address, and obtains a source network interface corresponding to the target reverse FIB table entry.
In one embodiment, the routing device may match the second destination IP address with at least one reverse FIB entry in the FIB table, and determine a reverse FIB entry corresponding to a target source IP address matching the second destination IP address as a target reverse FIB entry.
Specifically, the routing device may match the reverse FIB entry in the FIB table according to a longest matching rule, that is, the routing device may perform bit-by-bit matching between the second destination IP address and the source IP address corresponding to each reverse FIB entry in the FIB table, obtain a bit-by-bit matching length between the second destination IP address and each source IP address, determine the source IP address entry having the longest bit-by-bit matching length as the target source IP address, and determine the reverse FIB entry corresponding to the target source IP address as the target reverse FIB entry.
Illustratively, the FIB table includes a reverse FIB table entry 1, a reverse FIB table entry 2, and a reverse FIB table entry 3, the routing device performs bit-by-bit matching on the second destination IP address acquired from the response packet and the source IP addresses in the reverse FIB table entry 1, the reverse FIB table entry 2, and the reverse FIB table entry 3, to obtain a bit-by-bit matching length with the reverse FIB table entry 1 of 8, a bit-by-bit matching length of the reverse FIB table entry 2 of 16, and a bit-by-bit matching length of the reverse FIB table entry 3 of 32, and then the routing device determines the reverse FIB table entry 3 with the longest bit-by-bit matching length as the target reverse.
S406: and forwarding the response message to the load balancing equipment through the source network interface.
And the routing equipment forwards the response message to the load balancing equipment through the source network interface of the service request message corresponding to the response message.
In an embodiment, the reverse FIB entry includes an effective duration, and the routing device may verify the effective duration corresponding to the reverse FIB entry, and delete the reverse FIB entry from the reverse FIB table if the verification of the effective duration fails. The effective duration is set by a developer according to the experimental scene measurement and calculation, and can be adjusted subsequently according to a specific application scene, which is not limited specifically herein. By adopting the method, the FIB table is dynamically managed, and invalid reverse FIB table entries are effectively deleted, so that FIB table entry resources are saved.
Specifically, the routing device may detect a call duration of the reverse FIB entry, where the call duration is a duration between a detection time and a last call time of the reverse FIB entry; and matching the calling time length with the effective time length, and determining that the effective time length fails to be verified if the calling time length is greater than or equal to the effective time length. And the last calling time refers to the time when the reverse FIB table entry is called to forward the response message at the last time closest to the detection time.
Illustratively, the effective duration corresponding to the reverse FIB table entry is set to 4 minutes, and the routing device is provided with a monitoring process for monitoring the call condition of the FIB table so as to manage the FIB table. In this case, the routing device generates a reverse FIB entry 1 based on the service request message, and if the routing device detects the last call time (the time of calling the reverse FIB entry to forward the response message last time) of the reverse FIB entry 1 and the detection time of each reverse FIB entry at this time, which are recorded by the monitoring process, the call time is 5 minutes. And removing the reverse FIB table item 1 from the FIB table because the calling time length of the reverse FIB table item 1 is greater than the effective time length.
In one application scenario, as shown in fig. 5, application server a and application server B are a client and a server of each other. In other words, the application server a sends a service request message 1 to the application server B, the application server B provides a service (i.e., returns a response message) to the application server a according to the service request message 1, the application server B sends a service request message 2 to the application server a, and the application server a provides a service (i.e., returns a response message) to the application server B according to the service request message 2. The routing equipment comprises a network interface A, a network interface B and a network interface C, wherein the network interface A deploys NAT gateway service, and the network interface B deploys LB gateway service. In this case, taking application server a as an example, application server a receives service request message 2 of application server B sent by routing device through network interface B (path 2 shown in fig. 5), and routing device generates reverse FIB entry 2 according to the source IP address (IP address of application server B) included in service request message 2. A service request message 1 sent by the application server a flows through a routing device (path 1 shown in fig. 5) via a network interface a, and the routing device generates a reverse FIB entry 1 according to a source IP address (IP address of the application server a) included in the service request message 1. When receiving the response message returned by the application server B, the routing device forwards the response message to the application server a according to the source network interface (network interface a) indicated in the table entry 1 of the reverse FIB 1. After receiving the service request message 2 through the network interface B, the application server a returns a response message 2 to the routing device through the network interface B. By the method, the session paths of the service request message 1 sent by the application server A and the received response message 1 can both pass through the network interface A. The session paths of the service request message 2 received by the application server and the returned response message 2 both pass through the network interface B.
In the embodiment of the application, a routing device receives a service request message sent by a load balancing device, where the service request message carries an active IP address, a first destination IP address, and a source network interface, and generates a forward FIB entry including the first destination IP address and a reverse FIB entry including the source IP address and the source network interface. Further, the routing device may determine a target application server from the at least one application server according to the forward FIB entry, and forward the service request packet to the target application server, so that the target application server returns a response packet according to the service request packet. Furthermore, the routing device receives a response message returned by the target application server, wherein the response message carries a second destination IP address, and a target reverse FIB table entry corresponding to the second destination IP address is matched from the FIB table according to the second destination IP address. By the route forwarding mode, the route equipment can be accurately matched with the reverse FIB table entry corresponding to the response message, and further, an efficient and easily managed route forwarding method can be provided under the condition of ensuring the consistency of the back-and-forth paths of the data streams of the same session.
Please refer to fig. 6, which is a schematic structural diagram of a routing forwarding apparatus according to an embodiment of the present application, where the apparatus is configured in a routing device, the routing device includes a forwarding information table and at least one network interface, the routing device corresponds to at least one application server, and the apparatus includes:
an obtaining module 60, configured to receive a service request packet sent by a load balancing device, where the service request packet carries an active internet protocol IP address, a first destination IP address, and a source network interface;
a processing module 61, configured to generate a forward forwarding information entry including the first destination IP address and a backward forwarding information entry including the source IP address and the source network interface;
the processing module 61 is further configured to determine, according to the forward forwarding information entry, an application server corresponding to the first destination IP address in the at least one application server as a target application server, and forward the service request packet to the target application server, so that the target application server returns a response packet according to the service request packet;
the obtaining module 60 is further configured to receive the response packet, and obtain the source network interface from the backward forwarding information entry;
and an output module 62, configured to forward the response packet to the load balancing device through the source network interface.
In an embodiment, the routing device includes at least one preset destination IP address, and the processing module 61 is further configured to: matching the first destination IP address with the at least one preset destination IP address; if the matching is unsuccessful, generating a forward forwarding information table entry comprising the first destination IP address and a backward forwarding information table entry comprising the source IP address and the source network interface.
In one embodiment, the source network interface includes enabling information, and the processing module 61 is further configured to: determining whether to generate a reverse forwarding information table item according to the enabling information; and if the generation of the reverse forwarding information table entry is determined according to the enabling information, generating a forward forwarding information table entry comprising the first destination IP address and a reverse forwarding information table entry comprising the source IP address and the source network interface.
In an embodiment, the obtaining module 60 is specifically configured to receive a response packet returned by the target application server, where the response packet carries a second destination IP address; the processing module 61 is specifically configured to determine a target reverse forwarding information entry from the forwarding information table according to the second destination IP address, and obtain the source network interface from the target reverse forwarding information entry.
In an embodiment, the processing module 61 is specifically configured to: matching the second destination IP address with at least one reverse forwarding information table item in the forwarding information table; and determining the reverse forwarding information table entry corresponding to the target source IP address matched with the second target IP address as a target reverse forwarding information table entry.
In an embodiment, the reverse forwarding information entry includes an effective duration, and the processing module 61 is further configured to: verifying the effective duration corresponding to the reverse forwarding information table entry; and if the validation of the effective duration fails, deleting the reverse forwarding information table entry from the reverse forwarding information table.
In an embodiment, the processing module 61 is specifically configured to: detecting the calling time of the reverse forwarding information table item, wherein the calling time is the time between the detection time and the last calling time of the reverse forwarding information table item; and matching the calling duration with the effective duration, and determining that the effective duration fails to be verified if the calling duration is greater than or equal to the effective duration.
It should be noted that the functions of each unit module of the route forwarding apparatus described in this embodiment of the present application may be specifically implemented according to the method in the method embodiment described in fig. 2 or fig. 4, and a specific implementation process thereof may refer to the description related to the method embodiment of fig. 2 or fig. 4, and is not described herein again.
Based on the description of the method embodiment and the apparatus item embodiment, the embodiment of the present application further provides a routing device. Referring to fig. 7, the routing device may include at least a processor 701, an input device 702, an output device 703, and a memory 704; the processor 701, the input device 702, the output device 703, and the memory 704 may be connected by a bus or other connection. The memory 704 may also include a computer-readable storage medium for storing a computer program comprising program instructions, the processor 701 being configured to execute the program instructions stored by the memory 704. The processor 701 (or CPU) is a computing core and a control core of the routing device, and is adapted to implement one or more instructions, and specifically, adapted to load and execute the one or more instructions so as to implement the corresponding method flow or the corresponding function in the data Processing method embodiment. Wherein the processor 701 is configured to call the program instruction to perform: receiving a service request message sent by load balancing equipment, wherein the service request message carries an active Internet Protocol (IP) address, a first destination IP address and a source network interface forwarding information table; generating a forward forwarding information entry comprising the first destination IP address and a reverse forwarding information entry comprising the source IP address and the source network interface; determining an application server corresponding to the first destination IP address in the at least one application server as a target application server according to the forward forwarding information table item, and forwarding the service request message to the target application server so that the target application server returns a response message according to the service request message; receiving the response message, and acquiring the source network interface from the reverse forwarding information table item; and forwarding the response message to the load balancing equipment through the source network interface.
In one embodiment, before the at least one preset destination IP address is included in the routing device, and before the forward forwarding information table entry including the first destination IP address and the reverse forwarding information table entry including the source IP address and the source network interface are generated, the processor 701 is further configured to: matching the first destination IP address with the at least one preset destination IP address; if the matching is unsuccessful, generating a forward forwarding information table entry comprising the first destination IP address and a backward forwarding information table entry comprising the source IP address and the source network interface.
In one embodiment, before the generating the forward forwarding information entry including the first destination IP address and the reverse forwarding information entry including the source IP address and the source network interface, the processor 701 is further configured to: determining whether to generate a reverse forwarding information table item according to the enabling information; and if the generation of the reverse forwarding information table entry is determined according to the enabling information, generating a forward forwarding information table entry comprising the first destination IP address and a reverse forwarding information table entry comprising the source IP address and the source network interface.
In an embodiment, the processor 701 is specifically configured to: receiving a response message returned by the target application server, wherein the response message carries a second target IP address; and determining a target reverse forwarding information table entry from the forwarding information table according to the second destination IP address, and acquiring the source network interface from the target reverse forwarding information table entry.
In an embodiment, the processor 701 is specifically configured to: matching the second destination IP address with at least one reverse forwarding information table item in the forwarding information table; and determining the reverse forwarding information table entry corresponding to the target source IP address matched with the second target IP address as a target reverse forwarding information table entry.
In an embodiment, the reverse forwarding information entry includes an effective duration, and the processor 701 is further specifically configured to: verifying the effective duration corresponding to the reverse forwarding information table entry; and if the validation of the effective duration fails, deleting the reverse forwarding information table entry from the reverse forwarding information table.
In an embodiment, the processor 701 is specifically configured to verify the validity duration of the backward forwarding information entry, where: detecting the calling time of the reverse forwarding information table item, wherein the calling time is the time between the detection time and the last calling time of the reverse forwarding information table item; and matching the calling duration with the effective duration, and determining that the effective duration fails to be verified if the calling duration is greater than or equal to the effective duration.
It should be understood that, in the embodiment of the present Application, the Processor 701 may be a Central Processing Unit (CPU), and the Processor 701 may also be other general-purpose processors, Digital Signal Processors (DSPs), Application Specific Integrated Circuits (ASICs), Field-Programmable Gate arrays (FPGAs) or other Programmable logic devices, discrete Gate or transistor logic devices, discrete a hardware components, and the like. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like.
The memory 704 may include both read-only memory and random-access memory, and provides instructions and data to the processor 701. A portion of the memory 704 may also include non-volatile random access memory. For example, the memory 704 may also store device type information. The input device 702 may include a touch pad, a fingerprint sensor (for collecting fingerprint information of a user), a microphone, a physical keyboard, etc., and the output device 703 may include a display (LCD, etc.), a speaker, etc.
In specific implementation, the processor 701, the memory 704, the input device 702, and the output device 703 described in this embodiment of the present application may perform the implementation described in the method embodiment described in fig. 2 or fig. 4 provided in this embodiment of the present application, and may also perform the implementation method of the route forwarding apparatus described in fig. 6 in this embodiment of the present application, which is not described herein again.
In another embodiment of the present application, a computer-readable storage medium is provided, which stores a computer program, where the computer program includes program instructions, and the program instructions, when executed by a processor, implement the implementation described in the method implementation in fig. 2 or fig. 4 provided in this application, where the computer-readable storage medium may be an internal storage unit of the routing device, such as a hard disk or a memory of the routing device, in any one of the foregoing embodiments. The computer readable storage medium may also be an external storage device of the routing device, such as a plug-in hard disk, a Smart Media Card (SMC), a Secure Digital (SD) Card, a Flash memory Card (Flash Card), etc. provided on the routing device. Further, the computer-readable storage medium may also include both an internal storage unit and an external storage device of the routing device. The computer-readable storage medium is used for storing the computer program and other programs and data required by the routing device. The computer readable storage medium may also be used to temporarily store data that has been output or is to be output.
It will be understood by those skilled in the art that all or part of the processes of the methods of the embodiments described above can be implemented by a computer program, which can be stored in a computer readable storage medium, and when executed, can include the processes of the embodiments of the methods described above.
The readable storage medium may be a magnetic disk, an optical disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), or the like.
While the present disclosure has been described with reference to particular embodiments, it will be understood by those skilled in the art that various changes in form and details may be made therein without departing from the spirit and scope of the present disclosure.

Claims (10)

1. A route forwarding method is applied to a routing device, the routing device comprises a forwarding information table and at least one network interface, the routing device corresponds to at least one application server, and the method comprises the following steps:
receiving a service request message sent by load balancing equipment, wherein the service request message carries an active Internet Protocol (IP) address, a first destination IP address and a source network interface forwarding information table;
generating a forward forwarding information entry comprising the first destination IP address and a reverse forwarding information entry comprising the source IP address and the source network interface;
determining an application server corresponding to the first destination IP address in the at least one application server as a target application server according to the forward forwarding information table item, and forwarding the service request message to the target application server so that the target application server returns a response message according to the service request message;
receiving the response message, and acquiring the source network interface from the reverse forwarding information table item;
and forwarding the response message to the load balancing equipment through the source network interface.
2. The method of claim 1, wherein the routing device includes at least one predetermined destination IP address therein, and wherein prior to generating the forward-forwarding information entry including the first destination IP address and the reverse-forwarding information entry including the source IP address and the source network interface, the method further comprises:
matching the first destination IP address with the at least one preset destination IP address;
if the matching is unsuccessful, generating a forward forwarding information table entry comprising the first destination IP address and a backward forwarding information table entry comprising the source IP address and the source network interface.
3. The method of claim 1, wherein the source network interface includes enabling information, and wherein prior to generating the forward forwarding information entry including the first destination IP address and the reverse forwarding information entry including the source IP address and the source network interface, the method further comprises:
determining whether to generate a reverse forwarding information table item according to the enabling information;
and if the generation of the reverse forwarding information table entry is determined according to the enabling information, generating a forward forwarding information table entry comprising the first destination IP address and a reverse forwarding information table entry comprising the source IP address and the source network interface.
4. The method according to any of claims 1-3, wherein said receiving said reply packet and obtaining said source network interface from said backward forwarding information table entry comprises:
receiving a response message returned by the target application server, wherein the response message carries a second target IP address;
and determining a target reverse forwarding information table entry from the forwarding information table according to the second destination IP address, and acquiring the source network interface from the target reverse forwarding information table entry.
5. The method of claim 4, wherein said determining a target reverse forwarding information entry from said forwarding information table based on said second destination IP address comprises:
matching the second destination IP address with at least one reverse forwarding information table item in the forwarding information table;
and determining the reverse forwarding information table entry corresponding to the target source IP address matched with the second target IP address as a target reverse forwarding information table entry.
6. The method of claim 5, wherein the reverse forwarding information entry comprises a validity duration, and wherein the method further comprises:
verifying the effective duration corresponding to the reverse forwarding information table entry;
and if the validation of the effective duration fails, deleting the reverse forwarding information table entry from the reverse forwarding information table.
7. The method of claim 6, wherein the verifying the validity duration of the reverse forwarding information entry comprises:
detecting the calling time of the reverse forwarding information table item, wherein the calling time is the time between the detection time and the last calling time of the reverse forwarding information table item;
and matching the calling duration with the effective duration, and determining that the effective duration fails to be verified if the calling duration is greater than or equal to the effective duration.
8. A routing forwarding apparatus, wherein the apparatus is configured in a routing forwarding device, the routing device includes a forwarding information table and at least one network interface, and the routing device corresponds to at least one application server, the apparatus comprising:
the system comprises an acquisition module, a load balancing module and a control module, wherein the acquisition module is used for receiving a service request message sent by the load balancing equipment, and the service request message carries an active Internet Protocol (IP) address, a first destination IP address and a source network interface;
a processing module, configured to generate a forward forwarding information entry including the first destination IP address and a backward forwarding information entry including the source IP address and the source network interface;
the processing module is further configured to determine, according to the forward forwarding information entry, an application server corresponding to the first destination IP address in the at least one application server as a target application server, and forward the service request packet to the target application server, so that the target application server returns a response packet according to the service request packet;
the obtaining module is further configured to receive the response packet and obtain the source network interface from the backward forwarding information table entry;
and the output module is used for forwarding the response message to the load balancing equipment through the source network interface.
9. A routing device comprising a processor and a memory, said processor and said memory being interconnected, wherein said memory is configured to store a computer program comprising program instructions, said processor being configured to invoke said program instructions to perform the method of any one of claims 1-7.
10. A computer-readable storage medium, characterized in that the computer-readable storage medium stores a computer program, which is executed by a processor to implement the method of any one of claims 1-7.
CN202010798828.1A 2020-08-07 2020-08-07 Route forwarding method and device, route equipment and readable storage medium Active CN111953770B (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN202010798828.1A CN111953770B (en) 2020-08-07 2020-08-07 Route forwarding method and device, route equipment and readable storage medium
PCT/CN2020/122445 WO2021139311A1 (en) 2020-08-07 2020-10-21 Routing forwarding method and apparatus, routing device and readable storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010798828.1A CN111953770B (en) 2020-08-07 2020-08-07 Route forwarding method and device, route equipment and readable storage medium

Publications (2)

Publication Number Publication Date
CN111953770A true CN111953770A (en) 2020-11-17
CN111953770B CN111953770B (en) 2022-11-25

Family

ID=73332015

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010798828.1A Active CN111953770B (en) 2020-08-07 2020-08-07 Route forwarding method and device, route equipment and readable storage medium

Country Status (2)

Country Link
CN (1) CN111953770B (en)
WO (1) WO2021139311A1 (en)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114124690A (en) * 2021-08-30 2022-03-01 济南浪潮数据技术有限公司 Alarm configuration method, system and related device for data center
CN113992583B (en) * 2021-10-26 2023-03-21 新华三信息安全技术有限公司 Table item maintenance method and device
CN115412308A (en) * 2022-08-09 2022-11-29 北京天融信网络安全技术有限公司 Message processing method and device and electronic equipment
CN116112435A (en) * 2023-02-14 2023-05-12 京东科技信息技术有限公司 Message transmission method, device, equipment and storage medium

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101217465A (en) * 2007-12-28 2008-07-09 北京锐安科技有限公司 A route selecting method for multi-exit server and router
CN101577676A (en) * 2009-06-10 2009-11-11 杭州华三通信技术有限公司 Method and device for realizing viscosity access
CN101594301A (en) * 2009-06-23 2009-12-02 杭州华三通信技术有限公司 A kind of message processing method and device
CN104168338A (en) * 2013-05-16 2014-11-26 杭州迪普科技有限公司 Network address conversion device and network address conversion method
CN106899474A (en) * 2016-12-07 2017-06-27 新华三技术有限公司 A kind of method and apparatus of message forwarding
US20170346730A1 (en) * 2016-05-31 2017-11-30 128 Technology, Inc. Reverse Forwarding Information Base Enforcement
CN110166570A (en) * 2019-06-04 2019-08-23 杭州迪普科技股份有限公司 Service conversation management method, device, electronic equipment

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101582904B (en) * 2009-06-17 2013-01-09 杭州华三通信技术有限公司 Implementation method of symmetry of multi-line access flow rate of data center, device and system
US8533285B2 (en) * 2010-12-01 2013-09-10 Cisco Technology, Inc. Directing data flows in data centers with clustering services
US10212071B2 (en) * 2016-12-21 2019-02-19 Nicira, Inc. Bypassing a load balancer in a return path of network traffic
CN108512714B (en) * 2017-02-28 2021-10-01 华为技术有限公司 Message transmission method, related equipment and system

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101217465A (en) * 2007-12-28 2008-07-09 北京锐安科技有限公司 A route selecting method for multi-exit server and router
CN101577676A (en) * 2009-06-10 2009-11-11 杭州华三通信技术有限公司 Method and device for realizing viscosity access
CN101594301A (en) * 2009-06-23 2009-12-02 杭州华三通信技术有限公司 A kind of message processing method and device
CN104168338A (en) * 2013-05-16 2014-11-26 杭州迪普科技有限公司 Network address conversion device and network address conversion method
US20170346730A1 (en) * 2016-05-31 2017-11-30 128 Technology, Inc. Reverse Forwarding Information Base Enforcement
CN106899474A (en) * 2016-12-07 2017-06-27 新华三技术有限公司 A kind of method and apparatus of message forwarding
CN110166570A (en) * 2019-06-04 2019-08-23 杭州迪普科技股份有限公司 Service conversation management method, device, electronic equipment

Also Published As

Publication number Publication date
CN111953770B (en) 2022-11-25
WO2021139311A1 (en) 2021-07-15

Similar Documents

Publication Publication Date Title
CN111953770B (en) Route forwarding method and device, route equipment and readable storage medium
WO2017097123A1 (en) Access request conversion method and device
CN110888838B (en) Request processing method, device, equipment and storage medium based on object storage
CN114025021B (en) Communication method, system, medium and electronic equipment crossing Kubernetes cluster
CN108429739B (en) Method, system and terminal equipment for identifying honeypots
WO2014000303A1 (en) Method for receiving message, and deep packet inspection device and system
CN112491776B (en) Security authentication method and related equipment
CN112261172A (en) Service addressing access method, device, system, equipment and medium
CN108683668A (en) Resource checksum method, apparatus, storage medium and equipment in content distributing network
JP7434504B2 (en) Route handling methods and network devices
CN110740163B (en) Idempotent control method, idempotent control device, electronic equipment and readable storage medium
CN113259479A (en) Data processing method and equipment
CN110177096B (en) Client authentication method, device, medium and computing equipment
CN111371811A (en) Resource calling method, resource calling device, client and service server
CN111416851A (en) Method for session synchronization among multiple load balancers and load balancer
CN112769863B (en) Method and device for processing service request message data, electronic equipment and readable storage medium
CN112217770B (en) Security detection method, security detection device, computer equipment and storage medium
CN113225348A (en) Request anti-replay verification method and device
CN109510816B (en) Service request validity verification method, client and server
CN112330366A (en) Redemption code redemption request verification method, apparatus, device and computer readable medium
CN110995756A (en) Method and device for calling service
CN113676540B (en) Connection establishment method and device
CN114124442B (en) Method and system for defending DDOS attack
CN113872953B (en) Access message processing method and device
GB2575016A (en) A technique for authenticating data transmitted over a cellular network

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant