CN112202668B - Local area network, wide area network fault transfer backup system and method thereof - Google Patents
Local area network, wide area network fault transfer backup system and method thereof Download PDFInfo
- Publication number
- CN112202668B CN112202668B CN202011203582.5A CN202011203582A CN112202668B CN 112202668 B CN112202668 B CN 112202668B CN 202011203582 A CN202011203582 A CN 202011203582A CN 112202668 B CN112202668 B CN 112202668B
- Authority
- CN
- China
- Prior art keywords
- message
- area network
- interface
- server
- lan
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
- H04L45/22—Alternate routing
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
- H04L45/28—Routing or path finding of packets in data switching networks using route fault recovery
Abstract
The invention provides a local area network, wide area network failover backup system and method, through obtaining the data packet whose target address is server; judging whether a Local Area Network (LAN) interface is available; if the LAN interface of the local area network is not available, using a WAN interface of the wide area network as a backup link to forward the message to a BATMAN node of a neighbor; if the LAN interface is available, the message is forwarded to the nearest routing node; and acquiring the forwarding message from the BATMAN node or the routing node, forwarding the message to the server, and returning a corresponding response packet. The present invention uses a Wide Area Network (WAN) as a backup interface by establishing a mesh network between WLAN nodes. The present invention can prevent data loss during data transmission, send data packets to the server through routing and IP data packet processing methods, and provide LAN failover backups to connect the LAN to the mesh network, so that stable connections can be established during LAN failover using the WAN.
Description
Technical Field
The invention relates to the technical field of network transmission, in particular to a local area network and wide area network fault transfer backup system and a method thereof.
Background
In complex systems, there are a number of lan connections to which failover is provided by a WAN mesh network. In a network setting having a plurality of local area networks LAN connected thereto, there is a problem such as data loss caused by a dedicated link interruption. To prevent this, various methods such as redundancy, backup networks, etc. may be employed. However, redundancy only increases the cost and reduces the use of available bandwidth, which results in reduced efficiency. Therefore, the present invention provides a backup method to prevent lost data transmission.
Disclosure of Invention
In view of the above-mentioned shortcomings of the prior art, it is an object of the present invention to provide a local area network, a wide area network failover backup system and a method thereof, which are used to solve the technical problems in the prior art.
In order to achieve the above and other related objects, the present invention provides a local area network and wide area network failover backup method, which includes the following steps:
acquiring a data packet with a server as a target address;
judging whether a Local Area Network (LAN) interface is available;
if the LAN interface of the local area network is not available, using a WAN interface of a wide area network as a backup link, and forwarding the message to a BATMAN node of a neighbor;
if the LAN interface is available, forwarding the message to the nearest routing node;
and acquiring a forwarding message from the BATMAN node or the routing node, forwarding the message to a server, and returning a corresponding response packet.
Optionally, if the LAN interface of the local area network is not available, the WAN interface of the wide area network is used as a backup link, and a specific process of outputting the data packet stream includes:
when the message reaches an OUTPUT chain of a WAN interface, judging whether the target address of the message is a server;
if the target address of the message is server, using DNAT mode to operate the message and sending to BATMAN network;
when the message reaches a PREROUTING chain of a neighbor BATMAN node, using a DNAT mode to operate the message and sending the message to the server;
when the data packet reaches the PREROUTING chain, using a MASQUEERADE mode to operate an export message, sending the export message to the server, and returning a corresponding response packet.
Optionally, if the destination address of the packet is not the server, the packet is sent to the optimal neighbor node, and the packet is sent to the server, and a corresponding response packet is returned.
Optionally, if the LAN interface of the local area network is available, the specific process of inputting the data packet flow includes:
when the message reaches a PREROUTING chain, judging whether the destination address of the message is a local address;
if the destination address of the message is not the local address, forwarding the message to a Local Area Network (LAN) interface, operating an export message in a MASQUERIADE mode, sending the export message to the server, and returning a corresponding response packet;
if the message destination address is a local address, the message is forwarded to the destination address of the local machine, so that the message reaches the INPUT chain, and a corresponding response packet is returned.
Optionally, the method further includes configuring load balancing in the network segment by using mwan3, and setting priorities for different network interfaces to carry corresponding network loads; in the event of a failure of any node's local area network LAN interface, the WAN interface operating in the BATMAN may forward the traffic to a neighboring node and then send it to the server.
Optionally, when mwan3 is used to configure load balance in a network segment, the method further includes adjusting the routing table using an "iptables" command and an "ip route" command; directing traffic to the server over a BATMAN or a Local Area Network (LAN) under different circumstances; wherein, the iptables and the IP route IP data packets from different network segments; iptables is used to manipulate the OUTPUT and PREROUTING chains.
Optionally, if the iptables command is used to implement load balancing in multiple network segments, a virtual interface is added to the BATMAN interface, and the virtual interface has the same network segment as other IPs.
The invention also provides a local area network and wide area network fault transfer backup system, which comprises:
the data packet acquisition module is used for acquiring a data packet of which the target address is server;
the judging module is used for judging whether the LAN interface is available;
the first forwarding unit is used for forwarding a message to a neighbor BATMAN node by using a WAN (Wide area network) interface as a backup link when the LAN interface is unavailable;
a second forwarding unit, configured to forward the packet to a nearest routing node when the LAN interface of the local area network is available;
and the message transmission module is used for acquiring a forwarding message from the BATMAN node or the routing node, forwarding the message to a server and returning a corresponding response packet.
Optionally, if the LAN interface of the local area network is not available, the WAN interface of the wide area network is used as a backup link, and a specific process of outputting the data packet stream includes:
when the message reaches an OUTPUT chain of a WAN interface, judging whether the target address of the message is a server;
if the target address of the message is server, using DNAT mode to operate the message and sending to BATMAN network; when the message reaches a PREROUTING chain of a neighbor BATMAN node, using a DNAT mode to operate the message and sending the message to the server; when the data packet reaches the PREROUTING chain, operating an outlet message in a MASQUEERADE mode, sending the outlet message to the server, and returning a corresponding response packet;
and if the target address of the message is not the server, sending the message to the optimal neighbor node, sending the message to the server, and returning a corresponding response packet.
Optionally, if the LAN interface is available, the specific process of inputting the packet flow includes:
when the message reaches a PREROUTING chain, judging whether the destination address of the message is a local address;
if the destination address of the message is not the local address, forwarding the message to a Local Area Network (LAN) interface, operating an export message in a MASQUERIADE mode, sending the export message to the server, and returning a corresponding response packet;
if the message destination address is a local address, the message is forwarded to the destination address of the local machine, so that the message reaches the INPUT chain, and a corresponding response packet is returned.
As described above, the present invention provides a local area network, a wide area network failover backup system and a method thereof, which have the following advantages: acquiring a data packet with a server as a target address; judging whether a Local Area Network (LAN) interface is available; if the LAN interface of the local area network is not available, using a WAN interface of the wide area network as a backup link to forward the message to a BATMAN node of a neighbor; if the LAN interface of the local area network is available, the message is forwarded to the nearest routing node; and acquiring the forwarding message from the BATMAN node or the routing node, forwarding the message to the server, and returning a corresponding response packet. The present invention uses a Wide Area Network (WAN) as a backup interface by establishing a mesh network between WLAN nodes. Thus, on a local area network LAN failover, the mesh network will carry traffic to. The present invention can prevent data loss during data transmission, send data packets to the server through routing and IP data packet processing methods, and provide LAN failover backups to connect the LAN to the mesh network, so that stable connections can be established during LAN failover using the WAN.
Drawings
Fig. 1 is a schematic flowchart of a local area network and wide area network failover backup method according to an embodiment;
fig. 2 is a diagram illustrating an exemplary flow of outgoing data packets without a LAN according to an embodiment;
FIG. 3 is a schematic diagram of an incoming data packet flow, according to an embodiment;
FIG. 4 is a diagram of a wide area network WAN configuration provided by an embodiment;
FIG. 5 is a schematic diagram of IP routing provided by an embodiment;
FIG. 6 is an ip table command to MASQUEREADE provided by one embodiment;
FIG. 7 is a diagram of iptables and corresponding links provided by an embodiment;
FIG. 8 is a diagram illustrating IP packet handling according to an embodiment;
fig. 9 is a schematic hardware structure diagram of a local area network and wide area network failover backup system according to an embodiment.
Detailed Description
The embodiments of the present invention are described below with reference to specific embodiments, and other advantages and effects of the present invention will be easily understood by those skilled in the art from the disclosure of the present specification. The invention is capable of other and different embodiments and of being practiced or of being carried out in various ways, and its several details are capable of modification in various respects, all without departing from the spirit and scope of the present invention. It is to be noted that the features in the following embodiments and examples may be combined with each other without conflict.
It should be noted that the drawings provided in the following embodiments are only for illustrating the basic idea of the present invention, and the components related to the present invention are only shown in the drawings rather than drawn according to the number, shape and size of the components in actual implementation, and the type, quantity and proportion of the components in actual implementation may be changed freely, and the layout of the components may be more complicated.
Referring to fig. 1, the present invention provides a local area network and wide area network failover backup method, which includes the following steps:
acquiring a data packet with a server as a target address;
judging whether a Local Area Network (LAN) interface is available;
if the LAN interface of the local area network is not available, using a WAN interface of a wide area network as a backup link, and forwarding the message to a BATMAN node of a neighbor;
if the LAN interface is available, forwarding the message to the nearest routing node;
and acquiring a forwarding message from the BATMAN node or the routing node, forwarding the message to a server, and returning a corresponding response packet.
The method uses a Wide Area Network (WAN) as a backup interface by establishing a mesh network between WLAN nodes. Thus, on a local area network LAN failover, the mesh network will carry traffic. The method can prevent data loss during data transmission, sends the data packet to the server through a routing and IP data packet processing method, provides a local area network LAN failover backup, and connects the local area network LAN to the mesh network, so that stable connection can be established during LAN failover using a wide area network WAN.
In an exemplary embodiment, as shown in fig. 2, if the LAN interface is not available, the WAN interface is used as a backup link, and the specific process of outputting the data packet stream includes:
when the message reaches an OUTPUT chain of a WAN interface of the wide area network, whether the target address of the message is a server is judged. If the target address of the message is server, using DNAT mode to operate the message and sending to BATMAN network; when the message reaches a PREROUTING chain of a neighbor BATMAN node, using a DNAT mode to operate the message and sending the message to the server; when the data packet reaches the PREROUTING chain, using a MASQUEERADE mode to operate an export message, sending the export message to the server, and returning a corresponding response packet. And if the target address of the message is not the server, sending the message to the optimal neighbor node, sending the message to the server, and returning a corresponding response packet.
In an exemplary embodiment, as shown in fig. 3, if the LAN interface is available, the specific process of inputting the packet flow includes:
when the message reaches a PREROUTING chain, judging whether the destination address of the message is a local address;
if the destination address of the message is not the local address, forwarding the message to a Local Area Network (LAN) interface, operating an export message in a MASQUERIADE mode, sending the export message to the server, and returning a corresponding response packet;
if the message destination address is a local address, the message is forwarded to the destination address of the local machine, so that the message reaches the INPUT chain, and a corresponding response packet is returned.
According to the above, in some exemplary embodiments, the method further includes configuring load balancing in the network segment using mwan3, and setting priorities for different network interfaces to carry corresponding network loads; in the event of a failure of any node's local area network LAN interface, the wide area network WAN interface operating in the BATMAN may forward the traffic to a neighboring node and then send it to the server. In particular, the method may use mwan3 configuration to accomplish load balancing in network segments. The mwan3 setting may be used to prioritize different network interfaces to carry network load. In the method, the local area network LAN interface should take the full load and transfer the data. When any node's local area network LAN interface fails, the wide area network WAN interface operating in the BATMAN may forward the traffic to a neighboring node and then send it to. By way of example, embodiments of the present application may create mwan3 settings for a particular interface by ensuring that the necessary IP is used to check the network status. An example configuration of the wide area network WAN is shown in fig. 4. Where the "track _ IP" list is used to determine network availability, the "availability" value may ensure the lowest IP connection that the network is deemed necessary. This interval determines the number of seconds between each test. In addition, we can configure "failure _ interval" and "recovery _ interval" to represent the minimum interval of network failure and network recovery, respectively. The "increase" and "decrease" counts determine the number of tests to be checked for presence and fracture, respectively. In the embodiments of the present application, these interfaces may be assigned "metric" and "weight" values, which may be used later to determine the priority/load sharing of the network interfaces. Two interfaces with the same "metric" will share the load based on the "weight". Otherwise, the interface with the lower "metric" will preferentially bear the network load. This metric weight segment is called a membership.
Wherein mwan3 is set as follows:
config interface‘lan’
option enabled‘1’
listtrack_ip‘192.168.1.52’
listtrack_ip‘192.168.1.72’
option family‘ipv4’
option reliability‘2’
option count‘1’
option timeout‘3’
option failure_latency‘10’
option recovery_latency‘15’
option failure_loss‘20’
option recovery_loss‘5’
option interval‘5’
option down‘3’
option up‘8’
config interface‘bat0’
option enabled‘1’
listtrack_ip‘162.31.112.10’
listtrack_ip‘192.168.1.72’
option family‘ipv4’
option reliability‘1’
option count‘1’
option timeout‘3’
option failure_latency‘10’
option recovery_latency‘15’
option failure_loss‘20’
option recovery_loss‘5’
option interval‘5’
option down‘3’
option up‘8’
config member‘eth_traf’
option interface‘lan’
option metric‘1’
option weight‘3’
config member‘bat_if’
option interface‘bat0’
option metric‘2’
option weight‘3’
configpolicy‘bat_bkp’
listuse_member‘eth_traf’
listuse_member‘bat_if’
config rule‘trial’
optionproto‘all’
option use_policy‘bat_bkp’
config rule‘default_rule’
option dest_ip‘0.0.0.0/0’
option use_policy‘bat_bkp’
as shown in fig. 5, since mwan3 can ensure load balancing during link failure, routing tables need to be adjusted to direct traffic to through the BATMAN/LAN under different circumstances. This may be performed using the "iptables" and "ip route" commands. Since it is required to operate the network on the same network segment, traffic from the LAN will normally be sent directly to it. But in a failover condition, information about the path needs to be communicated to the BATMAN interface. This is done using the commands as follows: ip route < server _ ip > via < neighbor _ bat _ if > devbat 0.
After routing the packet, the outgoing packet must be known to reply. Thus, the masquerading technique is used to change the sender's IP to the outgoing interface, eth0 IP. Thus, a reply to the outgoing interface is possible. This is done using the iptables command, which is as follows: iptables-t nat-A POSTROUTING-d < server _ ip > -j MASQUEREDE. With this command, after a routing decision is made, the sender ip of the packet will be changed before sending the interface, as shown in fig. 6.
According to the above description, in an exemplary embodiment, if the iptables command is used to implement load balancing in multiple network segments, a virtual interface is added to the BATMAN interface, and the virtual interface and other IPs have the same network segment. By way of example, iptables commands may be used to achieve load balancing across multiple network segments. The batman interface needs to add a virtual interface and has other IPs of the same network segment. For example, if batman is an 162.31.112.0/24 network segment, then the virtual interface should also be the same network segment. The virtual interface and corresponding IP should be implemented common in all mesh nodes. Thus, during the OUTPUT iptables rule, the data packet will be forwarded to the available batman node for transmission as an alternate link. As shown in fig. 7 and 8, the point of how to manipulate IP packets to a target IP is described.
Typically, for packets from the local host, the OUTPUT table is operated on. Therefore, the data packet sent to is subjected to DNAT processing by using the OUTPUT table and is sent to the neighbor node by using the BATMAN protocol. In the absence of a local area network. This is done using the following commands:
iptables-t nat-A OUTPUT-d<server_ip>-j DNAT--to-destination<destination_ip>。
in the embodiment of the present application, the packet sent to is changed to a virtual battman interface IP. The data packet is then routed to the neighboring node for delivery to the local interface.
After the local interface receives the data packet, the forwarding table is operated to change the target IP. To route the ACK packet back, the outgoing packet is spoofed. The following commands achieve the above object:
iptables-t nat-A PREROUTING-d<batman_vip>-j DNAT--to-destination<server_ip>
iptables-tnat-A POSTROUTING-d<server_ip>-j MASQUERADE。
the method comprises the steps of obtaining a data packet with a server as a target address; judging whether a Local Area Network (LAN) interface is available; if the LAN interface of the local area network is not available, using a WAN interface of the wide area network as a backup link to forward the message to a BATMAN node of a neighbor; if the LAN interface is available, the message is forwarded to the nearest routing node; and acquiring the forwarding message from the BATMAN node or the routing node, forwarding the message to the server, and returning a corresponding response packet. The method uses a Wide Area Network (WAN) as a backup interface by establishing a mesh network between WLAN nodes. Thus, on a local area network LAN failover, the mesh network will carry traffic to. The method can prevent data loss during data transmission, sends the data packet to the server through a routing and IP data packet processing method, provides a local area network LAN failover backup, and connects the local area network LAN to the mesh network, so that stable connection can be established during LAN failover using a wide area network WAN. The method uses the battman protocol to establish a mesh network and adds an additional virtual interface IP to all the BATMAN nodes in the existing network. The IP serves as a routing path to the local area network upon failure. The method is convenient for different network IPs to send data packets to, iptables is used for manipulating OUTPUT and PREROUTING chains. The method changes the target IP of the directed local original OUTPUT data packet into a BATMAN virtual interface IP. Once the packet arrives at the BATMAN virtual interface, the destination is changed using the forwarding chain. To ensure routing flow and reply to a known IP, outgoing packets directed toward are changed to the source IP using MASQUERADE techniques. This will establish a stable connection during LAN failover using the WAN grid.
As shown in fig. 9, the present invention further provides a local area network and wide area network failover backup system, which includes:
the data packet acquisition module is used for acquiring a data packet of which the target address is server;
the judging module is used for judging whether the LAN interface is available;
the first forwarding unit is used for forwarding a message to a neighbor BATMAN node by using a WAN (wide area network) interface as a backup link when the LAN interface is unavailable;
a second forwarding unit, configured to forward the packet to a nearest routing node when the LAN interface of the local area network is available;
and the message transmission module is used for acquiring a forwarding message from the BATMAN node or the routing node, forwarding the message to the server and returning a corresponding response packet.
The system uses a Wide Area Network (WAN) as a backup interface by establishing a mesh network between WLAN nodes. Thus, on a local area network LAN failover, the mesh network will carry traffic to. The system can prevent data loss during data transmission, send data packets to a server through a routing and IP packet processing system, and provide a local area network LAN failover backup connecting the local area network LAN to a mesh network so that a stable connection can be established during local area network LAN failover using a wide area network WAN.
In an exemplary embodiment, as shown in fig. 2, if the LAN interface is not available, the WAN interface is used as a backup link, and the specific process of outputting the data packet stream includes:
when the message reaches an OUTPUT link of a WAN (Wide area network) interface of the WAN, whether the target address of the message is a server is judged. If the target address of the message is server, using DNAT mode to operate the message and sending to BATMAN network; when the message reaches a PREROUTING chain of a neighbor BATMAN node, using a DNAT mode to operate the message and sending the message to the server; when the data packet reaches the PREROUTING chain, using a MASQUEERADE mode to operate an export message, sending the export message to the server, and returning a corresponding response packet. If the target address of the message is not the server, the message is sent to the optimal neighbor node, the message is sent to the server, and a corresponding response packet is returned.
In an exemplary embodiment, as shown in fig. 3, if the LAN interface is available, the specific process of inputting the packet flow includes:
when the message reaches a PREROUTING chain, judging whether the destination address of the message is a local address;
if the destination address of the message is not the local address, forwarding the message to a Local Area Network (LAN) interface, operating an export message in a MASQUERIADE mode, sending the export message to the server, and returning a corresponding response packet;
if the message destination address is a local address, the message is forwarded to the destination address of the local machine, so that the message reaches the INPUT chain, and a corresponding response packet is returned.
According to the above, in some exemplary embodiments, the method further includes configuring load balancing in the network segment using mwan3, and setting priorities for different network interfaces to carry corresponding network loads; in the event of a failure of the local area network LAN interface of any node, the wide area network WAN interface operating in the BATMAN may forward the traffic to the neighboring node and then send it to the server. In particular, the present system may use the mwan3 configuration to accomplish load balancing in network segments. The mwan3 setting may be used to prioritize different network interfaces to carry network load. In the present system, the local area network LAN interface should take the full load and transfer the data. When any node's local area network LAN interface fails, the wide area network WAN interface operating in the BATMAN may forward the traffic to a neighboring node and then send it to. By way of example, embodiments of the present application may create mwan3 settings for a particular interface by ensuring that the necessary IP is used to check the network status. An example configuration of the wide area network WAN is shown in fig. 4. Where the "track _ IP" list is used to determine network availability, the "availability" value may ensure the lowest IP connection that the network is deemed necessary. This interval determines the number of seconds between each test. In addition, we can configure "failure _ interval" and "recovery _ interval" to represent the minimum interval of network failure and network recovery, respectively. The "increase" and "decrease" counts determine the number of tests to be checked for presence and fracture, respectively. In the embodiments of the present application, these interfaces may be assigned "metric" and "weight" values, which may be used later to determine the priority/load sharing of the network interfaces. Two interfaces with the same "metric" will share the load based on the "weight". Otherwise, the interface with the lower "metric" will preferentially bear the network load. This metric weight segment is called a membership.
The mwan3 is set as described above, and is not described herein.
As shown in fig. 5, since mwan3 can ensure load balancing during link failure, the routing table needs to be adjusted to direct traffic to through the BATMAN/LAN under different circumstances. This may be performed using the "iptables" and "ip route" commands. Since it is required to operate the network on the same network segment, traffic from the LAN will normally be sent directly to it. But in a failover condition, information about the path needs to be communicated to the BATMAN interface. This is done using the commands as follows: ip route < server _ ip > via < neighbor _ bat _ if > devbat 0.
After routing the packet, the outgoing packet must be known to reply. Thus, the masquerading technique is used to change the sender's IP to the outgoing interface, eth0 IP. Thus, a reply to the outgoing interface is possible. This is done using the iptables command, which is as follows: iptables-t nat-A POSTROUTING-d < server _ ip > -j MASQUEREDE. With this command, after a routing decision is made, the sender ip of the packet will be changed before sending the interface, as shown in fig. 6.
According to the above description, in an exemplary embodiment, if the iptables command is used to implement load balancing in multiple network segments, a virtual interface is added to the BATMAN interface, and the virtual interface and other IPs have the same network segment. By way of example, iptables commands may be used to achieve load balancing across multiple network segments. The batman interface needs to add a virtual interface and has other IPs of the same network segment. For example, if batman is an 162.31.112.0/24 network segment, then the virtual interface should also be the same network segment. The virtual interface and corresponding IP should be implemented as common in all mesh nodes. Thus, during the OUTPUT iptables rule, the data packet will be forwarded to the available batman node for transmission as an alternate link. As shown in fig. 7 and 8, the point of how to manipulate IP packets to a target IP is described.
Typically, for packets from the local host, the OUTPUT table is operated on. Therefore, the data packet sent to is subjected to DNAT processing by using the OUTPUT table and is sent to the neighbor node by using the BATMAN protocol. Without a local area network. This is done using the following commands:
iptables-t nat-A OUTPUT-d<server_ip>-j DNAT--to-destination<destination_ip>。
in the embodiment of the present application, the packet sent to is changed to a virtual battman interface IP. The data packet is then routed to the neighboring node for delivery to the local interface.
After the local interface receives the data packet, the forwarding table is operated to change the target IP. To route the ACK packet back, the outgoing packet is spoofed. The following commands achieve the above object:
iptables-t nat-A PREROUTING-d<batman_vip>-j DNAT--to-destination<server_ip>
iptables-t nat-A POSTROUTING-d<server_ip>-j MASQUERADE。
the system acquires a data packet with a server as a target address; judging whether a Local Area Network (LAN) interface is available; if the LAN interface of the local area network is not available, using a WAN interface of the wide area network as a backup link to forward the message to a BATMAN node of a neighbor; if the LAN interface is available, the message is forwarded to the nearest routing node; and acquiring the forwarding message from the BATMAN node or the routing node, forwarding the message to the server, and returning a corresponding response packet. The system uses a Wide Area Network (WAN) as a backup interface by establishing a mesh network between WLAN nodes. Thus, on a local area network LAN failover, the mesh network will carry traffic to. The system can prevent data loss during data transmission, send data packets to a server through a routing and IP packet processing system, and provide a local area network LAN failover backup connecting the local area network LAN to a mesh network so that a stable connection can be established during local area network LAN failover using a wide area network WAN. The present system establishes a mesh network using the battman protocol and adds an additional virtual interface IP to all the BATMAN nodes in the existing network. The IP serves as a routing path to the local area network upon failure. The present system facilitates the transmission of packets to different network IPs, iptables is used to manipulate the OUTPUT and PREROUTING chains. The system changes the target IP of the directed local original OUTPUT data packet into a BATMAN virtual interface IP. Once the packet arrives at the BATMAN virtual interface, the destination is changed using the forwarding chain. To ensure routing flow and reply to a known IP, outgoing packets directed toward are changed to the source IP using MASQUERADE techniques. This will establish a stable connection during LAN failover using the WAN grid.
The foregoing embodiments are merely illustrative of the principles and utilities of the present invention and are not intended to limit the invention. Any person skilled in the art can modify or change the above-mentioned embodiments without departing from the spirit and scope of the present invention. Accordingly, it is intended that all equivalent modifications or changes which can be made by those skilled in the art without departing from the spirit and technical spirit of the present invention be covered by the claims of the present invention.
Claims (8)
1. A local area network and wide area network fault transfer backup method is characterized by comprising the following steps:
acquiring a data packet with a server as a target address;
judging whether a Local Area Network (LAN) interface is available;
if the LAN interface of the local area network is not available, using a WAN interface of a wide area network as a backup link, and forwarding the message to a BATMAN node of a neighbor;
if the LAN interface is available, forwarding the message to the nearest routing node;
acquiring a forwarding message from the BATMAN node or the routing node, forwarding the message to a server, and returning a corresponding response packet;
if the LAN interface is not available, using a WAN interface as a backup link, and the specific process of outputting the data packet stream comprises the following steps:
when the message reaches an OUTPUT chain of a WAN interface, judging whether the target address of the message is a server;
if the target address of the message is server, using DNAT mode to operate the message and sending to BATMAN network;
when the message reaches a PREROUTING chain of a neighbor BATMAN node, using a DNAT mode to operate the message and sending the message to the server;
when the data packet reaches the PREROUTING chain, using a MASQUEERADE mode to operate an export message, sending the export message to the server, and returning a corresponding response packet.
2. The local area network and wide area network failover backup method according to claim 1, wherein if the destination address of the packet is not server, sending the packet to an optimal neighbor node, sending the packet to the server, and returning a corresponding response packet.
3. The local area network/wide area network failover/backup method according to claim 1, wherein if the local area network LAN interface is available, the specific process of inputting a packet flow comprises:
when the message reaches a PREROUTING chain, judging whether the destination address of the message is a local address;
if the destination address of the message is not the local address, forwarding the message to a Local Area Network (LAN) interface, operating an export message in a MASQUERIADE mode, sending the export message to the server, and returning a corresponding response packet;
if the message destination address is a local address, the message is forwarded to the destination address of the local machine, so that the message reaches the INPUT chain, and a corresponding response packet is returned.
4. The LAN/WAN (local area network/wide area network) failover/backup method according to any one of claims 1 to 3, further comprising using mwan3 to configure load balance in network segments, setting priorities for different network interfaces to carry corresponding network loads; in the event of a failure of any node's local area network LAN interface, the WAN interface operating in the BATMAN may forward the traffic to a neighboring node and then send it to the server.
5. The local area network and wide area network failover backup method of claim 4, wherein when mwan3 is used to configure load balancing in a network segment, further comprising using an "iptables" command and an "ip route" command to adjust the routing table; directing traffic to the server over a BATMAN or a Local Area Network (LAN) under different circumstances; wherein, the iptables and the IP route IP data packets from different network segments; iptables is used to manipulate the OUTPUT and PREROUTING chains.
6. The LAN/WAN failover/backup method according to claim 5, wherein if the IPtables command is used to implement load balancing under multiple network segments, a virtual interface is added to the BATMAN interface, and the virtual interface has the same network segment as other IPs.
7. A local area network and wide area network failover backup system is characterized by comprising:
the data packet acquisition module is used for acquiring a data packet of which the target address is server;
the judging module is used for judging whether the LAN interface is available;
the first forwarding unit is used for forwarding a message to a neighbor BATMAN node by using a WAN (Wide area network) interface as a backup link when the LAN interface is unavailable;
a second forwarding unit, configured to forward the packet to a nearest routing node when the LAN interface of the local area network is available;
a message transmission module, configured to obtain a forwarding message from the BATMAN node or the routing node, forward the message to a server, and return a corresponding response packet;
if the LAN interface is not available, using a WAN interface as a backup link, and the specific process of outputting the data packet stream comprises the following steps:
when the message reaches an OUTPUT chain of a WAN interface, judging whether the target address of the message is a server;
if the target address of the message is server, using DNAT mode to operate the message and sending to BATMAN network; when the message reaches a PREROUTING chain of a neighbor BATMAN node, using a DNAT mode to operate the message and sending the message to the server; when the data packet reaches the PREROUTING chain, operating an outlet message in a MASQUEERADE mode, sending the outlet message to the server, and returning a corresponding response packet;
and if the target address of the message is not the server, sending the message to the optimal neighbor node, sending the message to the server, and returning a corresponding response packet.
8. The LAN/wan failover/backup system according to claim 7, wherein if the LAN interface is available, the specific process of entering a packet flow comprises:
when the message reaches a PREROUTING chain, judging whether the destination address of the message is a local address;
if the destination address of the message is not the local address, forwarding the message to a Local Area Network (LAN) interface, operating an export message in a MASQUERIADE mode, sending the export message to the server, and returning a corresponding response packet;
if the message destination address is a local address, the message is forwarded to the destination address of the local machine, so that the message reaches the INPUT chain, and a corresponding response packet is returned.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202011203582.5A CN112202668B (en) | 2020-11-02 | 2020-11-02 | Local area network, wide area network fault transfer backup system and method thereof |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202011203582.5A CN112202668B (en) | 2020-11-02 | 2020-11-02 | Local area network, wide area network fault transfer backup system and method thereof |
Publications (2)
Publication Number | Publication Date |
---|---|
CN112202668A CN112202668A (en) | 2021-01-08 |
CN112202668B true CN112202668B (en) | 2022-08-05 |
Family
ID=74011168
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202011203582.5A Active CN112202668B (en) | 2020-11-02 | 2020-11-02 | Local area network, wide area network fault transfer backup system and method thereof |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN112202668B (en) |
Families Citing this family (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN115002765A (en) * | 2021-03-01 | 2022-09-02 | 儒安物联科技集团有限公司 | Network system based on hash message authentication code and network security routing method |
Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7069328B1 (en) * | 1999-05-25 | 2006-06-27 | Conexant, Inc. | System and method to interface a local area network with a wide area network |
CN1812361A (en) * | 2006-01-23 | 2006-08-02 | 杭州华为三康技术有限公司 | Fast ring network protecting method and system |
CN1848841A (en) * | 2005-04-05 | 2006-10-18 | 华为技术有限公司 | Route equipment backup method |
CN101237343A (en) * | 2007-02-02 | 2008-08-06 | 华为技术有限公司 | Method for quick failure switching and quick switching system |
CN201821378U (en) * | 2010-08-19 | 2011-05-04 | 成都比亚迪科技有限公司 | Novel router |
CN104579736A (en) * | 2013-10-29 | 2015-04-29 | 华为技术有限公司 | Loop circuit data transmission method and node equipment |
CN105359469A (en) * | 2013-03-14 | 2016-02-24 | 诺玛迪克斯公司 | Hierarchical rule-based routing system |
CN110290567A (en) * | 2019-07-03 | 2019-09-27 | 深信服科技股份有限公司 | Virtual LAN switching method, device, terminal, system and storage medium |
Family Cites Families (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7411916B2 (en) * | 1998-02-26 | 2008-08-12 | Nortel Networks Limited | Data forwarding method and apparatus |
US7046671B2 (en) * | 2002-05-08 | 2006-05-16 | Sbc Knowledge Ventures, L.P. | Ethernet wide area network and method |
US20060274642A1 (en) * | 2005-06-01 | 2006-12-07 | Check Point Software Technologies Ltd. | Fail open high availability |
CN101079795A (en) * | 2007-07-27 | 2007-11-28 | 杭州华三通信技术有限公司 | Data forwarding method and forwarding device |
CN101141333A (en) * | 2007-10-12 | 2008-03-12 | 中兴通讯股份有限公司 | Ethernet system host node slave port fault processing method |
CN101415195B (en) * | 2008-11-24 | 2011-05-18 | 华为技术有限公司 | Communication method, apparatus and system |
-
2020
- 2020-11-02 CN CN202011203582.5A patent/CN112202668B/en active Active
Patent Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7069328B1 (en) * | 1999-05-25 | 2006-06-27 | Conexant, Inc. | System and method to interface a local area network with a wide area network |
CN1848841A (en) * | 2005-04-05 | 2006-10-18 | 华为技术有限公司 | Route equipment backup method |
CN1812361A (en) * | 2006-01-23 | 2006-08-02 | 杭州华为三康技术有限公司 | Fast ring network protecting method and system |
CN101237343A (en) * | 2007-02-02 | 2008-08-06 | 华为技术有限公司 | Method for quick failure switching and quick switching system |
CN201821378U (en) * | 2010-08-19 | 2011-05-04 | 成都比亚迪科技有限公司 | Novel router |
CN105359469A (en) * | 2013-03-14 | 2016-02-24 | 诺玛迪克斯公司 | Hierarchical rule-based routing system |
CN104579736A (en) * | 2013-10-29 | 2015-04-29 | 华为技术有限公司 | Loop circuit data transmission method and node equipment |
CN110290567A (en) * | 2019-07-03 | 2019-09-27 | 深信服科技股份有限公司 | Virtual LAN switching method, device, terminal, system and storage medium |
Also Published As
Publication number | Publication date |
---|---|
CN112202668A (en) | 2021-01-08 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US10594512B2 (en) | Access network dual path connectivity | |
US9729473B2 (en) | Network high availability using temporary re-routing | |
US8570857B2 (en) | Resilient IP ring protocol and architecture | |
EP2449735B1 (en) | Inter-node link aggregation method and node | |
EP1379038A1 (en) | Method for implementing router interface backup with virtual router redundancy protocol | |
JP5488979B2 (en) | Computer system, controller, switch, and communication method | |
CN101427549B (en) | Virtual inline configuration for a network device | |
US20070140235A1 (en) | Network visible inter-logical router links | |
CN110061915B (en) | Method and system for virtual link aggregation across multiple fabric switches | |
JP2015515809A (en) | System and method for virtual fabric link failure recovery | |
US11750440B2 (en) | Fast forwarding re-convergence of switch fabric multi-destination packets triggered by link failures | |
WO2020135339A1 (en) | Network path convergence method and related device | |
EP3614794A1 (en) | Multi-path access network | |
JP2001060956A (en) | Transport layer multi-link communication method | |
CN112202668B (en) | Local area network, wide area network fault transfer backup system and method thereof | |
WO2013173758A2 (en) | Highly scalable modular system with high reliability and low latency | |
TW202008756A (en) | Auto-backup method for a network and a network system thereof | |
KR20170000787A (en) | Method for link configuration between SFF and SF for ensuring stability of service function chaining | |
US20190268263A1 (en) | Flow cache based mechanism of packet redirection in multiple border routers for application awareness | |
US11552882B2 (en) | Efficient propagation of fault routing notifications | |
US11171863B2 (en) | System and method for lag performance improvements | |
KR20190136793A (en) | SDN switch in SDN environment, In-Band configuration of control channel and wired/wireless duplication using the same | |
WO2023078275A1 (en) | Message transmission method and apparatus, and device | |
WO2022257917A1 (en) | Path planning method and related device | |
US20240089198A1 (en) | Packet processing method and system, and network device |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |