CN112511404B - Network interconnection method and device and electronic equipment - Google Patents
Network interconnection method and device and electronic equipment Download PDFInfo
- Publication number
- CN112511404B CN112511404B CN202011483008.XA CN202011483008A CN112511404B CN 112511404 B CN112511404 B CN 112511404B CN 202011483008 A CN202011483008 A CN 202011483008A CN 112511404 B CN112511404 B CN 112511404B
- Authority
- CN
- China
- Prior art keywords
- network
- vpn
- vpc
- connection
- segment
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/46—Interconnection of networks
- H04L12/4641—Virtual LANs, VLANs, e.g. virtual private networks [VPN]
Abstract
The invention discloses a network interconnection method, a network interconnection device and electronic equipment, wherein the method comprises the following steps: the method comprises the steps that a VPN service end is built on a server in a VPC network, a routing table and a network segment of the VPN network are defined at the VPN service end, wherein connection information corresponding to the VPC network is stored in the routing table, and after a connection terminal receives the routing table and the network segment of the VPN network based on the VPN network, connection is built with the VPC network through the VPN network; the embodiment of the invention achieves the purpose that the connection terminal establishes connection and communicates with the VPC network through the network segment of the VPN network, thereby realizing the technical effects of low cost and low cost of connecting the VPC network, and further solving the technical problems that each office needs to handle a network special line of a fixed public network IP in each office when each office network is connected with the VPC network, the limitation is more and the cost is high.
Description
Technical Field
The invention relates to the technical field of networks, in particular to a network interconnection method, a network interconnection device and electronic equipment.
Background
In an office scenario, when a Virtual Private Cloud (VPC) Network of the aristoloc and a plurality of office networks in different places of a company are connected, the connection needs to be realized through a high-speed channel, a Virtual Private Network (VPN) gateway, a Cloud enterprise Network or an intelligent access gateway provided by the aristoloc. However, the 4 network connection modes provided by the Aliskiu require a network dedicated line for handling the IP of the fixed public network in each office, and have more limitations in all aspects and higher cost.
Disclosure of Invention
The invention mainly aims to provide a network interconnection method and a network interconnection device, which are used for solving the problems that in the prior art, when office networks of various places are connected with a VPC network, each office place needs to handle a network special line of a fixed public network IP, the limitation is more, and the cost is high.
In order to achieve the above object, a first aspect of the present invention provides a network interconnection method, including:
establishing a VPN (virtual private network) service end on a server in a VPC (virtual private network) network, and defining a routing table and a network segment of the VPN network at the VPN service end, wherein the routing table stores connection information corresponding to the VPC network;
and after the connection terminal receives the routing table and the network segment of the VPN network based on the VPN network, establishing connection with the VPC network through the VPN network.
Optionally, the defining a routing table at the VPN server and a network segment of a VPN network includes:
an intranet IP of a server in a VPC network is set in the routing table, and the connection information corresponding to the VPC network comprises the intranet IP and a network segment route of the VPC network;
and defining a network segment of the VPN network different from the network segment of the VPC network at the VPN service end.
Optionally, after the VPN server defines a routing table and a segment of a VPN network, the method further includes:
Controlling access authentication of a connection terminal through the VPN server side, and controlling connection of the connection terminal according to an encryption protocol;
and configuring a route distribution strategy on a Linux system of a server in the VPC network so as to designate the network segments of the VPN network to communicate through a gateway of the VPN network.
Optionally, the receiving, by the connection terminal, the routing table and the segment of the VPN network based on the VPN network includes:
the connection terminal comprises a mobile terminal of a foreign business trip mobile network and a router system of networks of office places;
the mobile terminal of the foreign business trip mobile network receives the routing table and the network segment of the VPN network based on the VPN network;
and the router systems of the office place networks receive the routing tables and the network segments of the VPN networks based on the VPN networks, wherein the router systems of the office place networks are connected with the fixed terminals in the office places.
Further, the establishing, by the connection terminal, a connection with the VPC network through the VPN network after receiving the routing table and the network segment of the VPN network based on the VPN network includes:
when a mobile terminal of a foreign business trip mobile network sets a network segment for accessing a VPN network, the mobile terminal communicates through a gateway of the VPN network and is in mobile connection with the VPC network through the VPN network;
When the router system of the office place networks in each place is provided with a network segment for accessing the VPN network, the network segment is communicated through a gateway of the VPN network and is fixedly connected with the VPC network through the VPN network, and the fixed sub-end in each office place is fixedly connected with the VPC network through the router system.
Further, the router system of each of the office networks, which receives the routing table and the segment of the VPN network based on the VPN network, includes:
starting a secure shell protocol in a router system of a network of office places in each region;
installing an openssl dependent component and a VPN client;
after installation is completed, the VPN configuration file and the key file are placed in a starting directory.
Further, after the installation is completed, the method further comprises:
writing a starting script to start the VPN client, and setting a network interface after the VPN client is started as a virtual interface.
A second aspect of the present invention provides a network interconnection apparatus, including:
the VPN service end is used for defining a routing table and a network segment of the VPN network, wherein the routing table stores connection information corresponding to the VPC network;
And the connection unit is used for establishing connection with the VPC network through the VPN network after the connection terminal receives the routing table and the network segment of the VPN network based on the VPN network.
A third aspect of the present invention provides a computer-readable storage medium storing computer instructions for causing a computer to perform the networking method provided by any one of the first aspects.
A fourth aspect of the present invention provides an electronic apparatus, comprising: at least one processor; and a memory communicatively coupled to the at least one processor; wherein the memory stores a computer program executable by the at least one processor, the computer program being executable by the at least one processor to cause the at least one processor to perform the method of networking provided by any one of the first aspect.
In the embodiment of the invention, a VPN service end is firstly established on a server in a VPC network, a routing table and a network segment of the VPN network are defined at the VPN service end, wherein the routing table stores connection information corresponding to the VPC network, and then a connection terminal establishes connection with the VPC network through the VPN network after receiving the routing table and the network segment of the VPN network based on the VPN network; the embodiment of the invention achieves the purpose that the connection terminal establishes connection and communicates with the VPC network through the network segment of the VPN network, thereby realizing the technical effects of low cost and low cost of connecting the VPC network, and further solving the technical problems that each office needs to handle a network special line of a fixed public network IP when each office network connects the VPC network, the limitation is more and the cost is high.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the embodiments or the prior art descriptions will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present invention, and other drawings can be obtained by those skilled in the art without creative efforts.
Fig. 1 is a schematic flowchart of a network interconnection method according to an embodiment of the present invention;
fig. 2 is a network architecture diagram of a network interconnection method according to an embodiment of the present invention;
fig. 3 is a block diagram of a network interconnection device according to an embodiment of the present invention;
fig. 4 is a block diagram of an electronic device according to an embodiment of the present invention.
Detailed Description
In order to make those skilled in the art better understand the technical solutions of the present invention, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be obtained by a person skilled in the art without making any creative effort based on the embodiments in the present invention, shall fall within the protection scope of the present invention.
It should be noted that the terms "first," "second," and the like in the description and claims of the present invention and in the drawings described above are used for distinguishing between similar elements and not necessarily for describing a particular sequential or chronological order. It should be understood that the data so used may be interchanged as appropriate in order to facilitate the embodiments of the invention described herein. Furthermore, the terms "comprises," "comprising," and "having," and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed, but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.
In the present invention, the terms "upper", "lower", "left", "right", "front", "rear", "top", "bottom", "inner", "outer", "center", "vertical", "horizontal", "lateral", "longitudinal", and the like indicate orientations or positional relationships based on the orientations or positional relationships shown in the drawings. These terms are used primarily to better describe the invention and its embodiments and are not intended to limit the indicated devices, elements or components to a particular orientation or to be constructed and operated in a particular orientation.
Moreover, some of the above terms may be used to indicate other meanings besides the orientation or positional relationship, for example, the term "on" may also be used to indicate some kind of attachment or connection relationship in some cases. The specific meanings of these terms in the present invention can be understood by those skilled in the art as appropriate.
Furthermore, the terms "mounted," "disposed," "provided," "connected," and "sleeved" are to be construed broadly. For example, it may be a fixed connection, a removable connection, or a unitary construction; can be a mechanical connection, or an electrical connection; may be directly connected, or indirectly connected through intervening media, or may be in internal communication between two devices, elements or components. The specific meanings of the above terms in the present invention can be understood by those of ordinary skill in the art according to specific situations.
It should be noted that the embodiments and features of the embodiments may be combined with each other without conflict. The present invention will be described in detail below with reference to the embodiments with reference to the attached drawings.
In an office scenario, when a Virtual Private Cloud (VPC) Network of the aristoloc and a plurality of office networks in different places of a company are connected, the connection needs to be realized through a high-speed channel, a Virtual Private Network (VPN) gateway, a Cloud enterprise Network or an intelligent access gateway provided by the aristoloc. However, the 4 network connection modes provided by the Aliskiu require a network dedicated line for handling the IP of the fixed public network in each office, and have more limitations in all aspects and higher cost.
In order to solve the above problem, an embodiment of the present invention provides a network interconnection method, as shown in fig. 1, the method includes the following steps S101 to S102:
step S101: establishing a VPN (virtual private network) service end on a server in a VPC (virtual private network) network, and defining a routing table and a network segment of the VPN network at the VPN service end, wherein the routing table stores connection information corresponding to the VPC network;
the method comprises the steps that any one server in a VPC network is used for building a VPN server side, a routing table and a network segment of the VPN network are defined at the VPN server side, connection information corresponding to the VPC network is stored in the routing table, then the VPN server side pushes the routing table and the network segment of the VPN network to a connection terminal, the connection terminal receives the routing table and the network segment of the VPN network based on the VPN network, and connection or communication is built with the VPC network according to the connection information corresponding to the VPC network stored in the routing table.
Step S102: and after the connection terminal receives the routing table and the network segment of the VPN network based on the VPN network, establishing connection with the VPC network through the VPN network.
And after receiving the routing table and the network segment of the VPN network, the connection terminal acquires the connection information corresponding to the VPC network stored in the routing table, and then the network segment of the VPN network establishes connection or communication with the VPC network through a gateway of the VPN network according to the connection information corresponding to the VPC network.
In the network interconnection method provided by the embodiment of the invention, the VPN server is built and the routing table and the network segment of the VPN network are defined, then the connection terminal establishes connection or communicates with the VPC network through the network segment of the VPN network and the connection information corresponding to the VPC network stored in the routing table, and network private lines of fixed public network IP do not need to be handled in each office where the connection terminal is located, so that the purposes of establishing connection and communicating between each office network and the VPC network are achieved, the technical effects of low cost and low cost of connecting the VPC network are realized, and the technical problems of more limitation and high cost caused by the fact that each office needs to handle the network private line of the fixed public network IP when each office network is connected with the VPC network are further solved.
Specifically, the defining a routing table at the VPN server and a network segment of the VPN network includes:
an intranet IP of a server in a VPC network is set in the routing table, and the connection information corresponding to the VPC network comprises the intranet IP and a network segment route of the VPC network; after the connection terminal is successfully connected with the VPC network, the connection terminal can directly communicate with the intranet of the server in the VPC network.
And defining a network segment of the VPN network different from the network segment of the VPC network at the VPN service end. The network segment of the defined VPN network is different from the VPC network in network segments, for example, an Arrecourse VPC network is taken as an example, the Arrecourse VPC network is generally default to 192.168.0.0 network segment or 172.16.0.0 network segment, so that the 144.144.0.0 network segment can be defined to be used by the VPN network, and the situation of network segment conflict is prevented.
Specifically, after the VPN server defines a routing table and a network segment of a VPN network, the method further includes:
controlling access authentication of a connection terminal through the VPN server side, and controlling connection of the connection terminal according to an encryption protocol; the VPN server side can control the connection between the connection terminal and the VPN network through an encryption protocol containing 2048 bit keys, and further control the connection between the connection terminal and the VPC network.
And configuring a route distribution strategy on a Linux system of a server in the VPC network so as to designate the network segments of the VPN network to communicate through a gateway of the VPN network. For example, when a segment 144.144.0.0 is defined for the VPN network at the VPN server, a route distribution policy is configured on the Linux system of the server in the VPC network, so that the segments of the VPN network communicate through the gateway of the VPN network, and other default routes still communicate from the gateway of the intranet of the arri cloud VPC network, thereby solving the problem of network delay.
Specifically, the receiving, by the connection terminal, the routing table and the segment of the VPN network based on the VPN network includes:
the connection terminal comprises a mobile terminal of a foreign business trip mobile network and a router system of networks of office places;
The mobile terminal of the extra-business trip mobile network receives the routing table and the network segment of the VPN network based on the VPN network, wherein the mobile terminal of the extra-business trip mobile network comprises a notebook, a mobile phone, an iPad and other devices;
the router system of each office network receives the routing table and the network segment of the VPN network based on the VPN network, wherein the router system of each office network is connected with a stator end in each office, and the stator end comprises a PC, an office computer and other equipment.
Further, after the connection terminal receives the routing table and the network segment of the VPN network based on a VPN network, establishing a connection with the VPC network through the VPN network includes:
when a mobile terminal of the extra business trip mobile network sets a network segment for accessing a VPN network, the mobile terminal communicates through a gateway of the VPN network and is in mobile connection with the VPC network through the VPN network;
when router systems of networks of office places in various places are provided with network segments for accessing a VPN network, the network segments communicate through a gateway of the VPN network and are fixedly connected with the VPC network through the VPN network, and fixed sub-terminals in the office places in various places are fixedly connected with the VPC network through the router systems;
Only when the connection terminal sets a network segment for accessing the VPN network, the communication is carried out through the gateway of the VPN network, and the network flow still goes away from the original gateway under other conditions, so that the communication of an optimal network path is realized.
A network architecture diagram of the network interconnection method provided in the embodiment of the present invention is shown in fig. 2, where a VPC network takes an arilocos VPC network as an example to explain the network interconnection method provided in the embodiment of the present invention:
firstly, a VPN service end is built on a server in an Alice cloud VPC network, a routing table and a network segment of the VPN network are defined at the VPN service end, the routing table and the network segment of the VPN network are pushed to a connection terminal, the connection terminal is controlled to access authentication through the VPN service end, and the connection of the connection terminal with the VPN network and the VPC network is controlled according to an encryption protocol; the connection terminal comprises a mobile terminal of a foreign business trip mobile network and a router system of networks of office places, an intranet IP of a server in the Arrecourse VPC network and a network segment route of the Arrecourse VPC network are stored in a route table, and a network segment of the VPN network is different from that of the Arrecourse VPC network, so that the situation of network segment conflict is prevented.
Then, a route distribution strategy is configured on a Linux system of a server in the Alice cloud VPC network so as to designate the network segments of the VPN network to communicate through a gateway of the VPN network, other default routes are still communicated from the Alice cloud intranet gateway, and the problem of network delay is solved.
Finally, the connection terminal receives the routing table and the network segment of the VPN network, when the connection terminal sets the network segment for accessing the VPN network, the connection terminal carries out communication through a gateway of the VPN network and is in mobile connection with the VPC network through the VPN network; and only when the connection terminal sets a network segment for accessing the VPN network, the communication is carried out through the gateway of the VPN network, and the network flow still goes away from the original gateway under other conditions, so that the communication of the optimal network path is realized.
Further, the router system of each of the office networks, which receives the routing table and the segment of the VPN network based on the VPN network, includes:
starting a Secure Shell protocol (SSH) in a router system of a network of each office place;
installing an openssl dependent component and a VPN client;
after installation is completed, the VPN configuration file and the key file are placed in the starting directory.
Specifically, after logging in the router system, "Enable SSH" is opened; after the SSH service is started, the router system can log in the router system like a Linux system, the VPN client software is compiled and installed on the router system, the openssl dependent component is installed firstly, and then the VPN client is installed; after installation, the VPN configuration file and the key file are placed in a starting directory.
Further, after the installation is completed, the method further comprises:
writing a starting script to start the VPN client, and setting a network interface after the VPN client is started as a virtual interface, wherein the name of the virtual interface can be customized.
From the above description, it can be seen that the present invention achieves the following technical effects:
1. the embodiment of the invention achieves the purpose that the connection terminal establishes connection and communicates with the VPC network through the network segment of the VPN network, thereby realizing the technical effects of low cost and low cost of connecting the VPC network, and further solving the technical problems that each office needs to handle a network special line of a fixed public network IP (Internet protocol) in each office when each office network is connected with the VPC network, the limitation is more and the cost is high;
2. the network segment of the VPN network defined at the VPN service end is different from the VPC network in network segments, so that the condition of network segment conflict is prevented;
3. a route distribution strategy is configured on a Linux system of a server in a VPC network, so that network segments of the VPN network communicate through a gateway of the VPN network, other default routes are still communicated from the gateway of an intranet of the VPC network, and the problem of network delay is solved;
4. only when the connection terminal sets a network segment for accessing the VPN network, the communication is carried out through the gateway of the VPN network, and the network flow still goes away from the original gateway under other conditions, so that the communication of an optimal network path is realized.
It should be noted that the steps illustrated in the flowcharts of the figures may be performed in a computer system such as a set of computer-executable instructions and that, although a logical order is illustrated in the flowcharts, in some cases, the steps illustrated or described may be performed in an order different than here.
An embodiment of the present invention further provides a network interconnection apparatus for implementing the network interconnection method, where as shown in fig. 3, the apparatus includes:
the virtual private network connection establishing device comprises a establishing unit 31, a network connection establishing unit and a network connection establishing unit, wherein the establishing unit is used for establishing a VPN (virtual private network) service end on a server in a VPC (virtual private network) network and defining a routing table and a network segment of the VPN network on the VPN service end, and the routing table stores connection information corresponding to the VPC network;
and the connection unit 32 is configured to establish connection with the VPC network through the VPN network after the connection terminal receives the routing table and the network segment of the VPN network based on the VPN network.
An embodiment of the present invention further provides an electronic device, as shown in fig. 4, the electronic device includes one or more processors 41 and a memory 42, where one processor 41 is taken as an example in fig. 4.
The controller may further include: an input device 43 and an output device 44.
The processor 41, the memory 42, the input device 43 and the output device 44 may be connected by a bus or other means, and the bus connection is exemplified in fig. 4.
The processor 41 may be a Central Processing Unit (CPU), the processor 41 may also be other general purpose processors, a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), a Field Programmable Gate Array (FPGA) or other programmable logic device, a discrete gate or transistor logic device, a discrete hardware component, or a combination of the above chips, and the general purpose processor may be a microprocessor or any conventional processor.
The memory 42, which is a non-transitory computer readable storage medium, may be used for storing non-transitory software programs, non-transitory computer executable programs, and modules, such as program instructions/modules corresponding to the control method in the embodiments of the present invention. The processor 41 executes various functional applications of the server and data processing, i.e., the network interconnection method implementing the above method embodiments, by running non-transitory software programs, instructions and modules stored in the memory 42.
The memory 42 may include a storage program area and a storage data area, wherein the storage program area may store an operating system, an application program required for at least one function; the storage data area may store data created according to use of a processing apparatus operated by the server, and the like. Further, the memory 42 may include high speed random access memory, and may also include non-transitory memory, such as at least one magnetic disk storage device, flash memory device, or other non-transitory solid state storage device. In some embodiments, memory 42 may optionally include memory located remotely from processor 41, which may be connected to a network connection device via a network. Examples of such networks include, but are not limited to, the internet, intranets, local area networks, mobile communication networks, and combinations thereof.
The input device 43 may receive input numeric or character information and generate key signal inputs related to user settings and function control of the processing device of the server. The output device 44 may include a display device such as a display screen.
One or more modules are stored in the memory 42, which when executed by the one or more processors 41, perform the method as shown in fig. 1.
Those skilled in the art will appreciate that all or part of the processes of the methods of the embodiments described above can be implemented by a computer program, which can be stored in a computer readable storage medium, and the computer program can include the processes of the embodiments of the motor control methods described above when executed. The storage medium may be a magnetic disk, an optical disk, a Read-only memory (ROM), a Random Access Memory (RAM), a Flash Memory (FM), a hard disk (hard disk drive, HDD), or a Solid State Drive (SSD); the storage medium may also comprise a combination of memories of the kind described above.
Although the embodiments of the present invention have been described in conjunction with the accompanying drawings, those skilled in the art may make various modifications and variations without departing from the spirit and scope of the invention, and such modifications and variations fall within the scope defined by the appended claims.
Claims (9)
1. A method for interconnecting networks, comprising:
establishing a VPN (virtual private network) service end on a server in a VPC (virtual private network) network, and defining a routing table and a network segment of the VPN network at the VPN service end, wherein the routing table stores connection information corresponding to the VPC network;
After a connection terminal receives the routing table and the network segment of the VPN network based on a VPN network, connection is established with the VPC network through the VPN network;
after the VPN server defines a routing table and segments of a VPN network, the method further comprises:
controlling access authentication of a connection terminal through the VPN server side, and controlling connection of the connection terminal according to an encryption protocol; the VPN server side controls the connection between the connection terminal and the VPN network through an encryption protocol containing a 2048-bit key, and further controls the connection between the connection terminal and the VPC network;
and configuring a route distribution strategy on a Linux system of a server in the VPC network so as to designate the network segments of the VPN network to communicate through a gateway of the VPN network, wherein other default routes still communicate through an intranet gateway of the VPC network.
2. The method of claim 1, wherein said defining a routing table at said VPN service and a segment of a VPN network comprises:
an intranet IP of a server in a VPC network is set in the routing table, and the connection information corresponding to the VPC network comprises the intranet IP and a network segment route of the VPC network;
and defining a network segment of the VPN network different from the network segment of the VPC network at the VPN service end.
3. The method of claim 1, wherein receiving, by the connection terminal, the routing table and the segment of the VPN network based on the VPN network comprises:
the connection terminal comprises a mobile terminal of a foreign business trip mobile network and a router system of networks of office places in various places;
the mobile terminal of the extra-business trip mobile network receives the routing table and the network segment of the VPN network based on the VPN network;
and the router systems of the networks of the office places receive the routing tables and the network segments of the VPN networks based on the VPN networks, wherein the router systems of the networks of the office places are connected with the fixed terminal ends in the office places.
4. The method of claim 3, wherein after the connection terminal receives the routing table and the segment of the VPN network based on a VPN network, the establishing a connection with the VPC network through the VPN network comprises:
when a mobile terminal of the extra business trip mobile network sets a network segment for accessing a VPN network, the mobile terminal communicates through a gateway of the VPN network and is in mobile connection with the VPC network through the VPN network;
when the router system of the office place networks in each place is set to access the network segment of the VPN network, the communication is carried out through the gateway of the VPN network, and the VPN network is fixedly connected with the VPC network, and the fixed sub-terminals in the office places in each place are fixedly connected with the VPC network through the router system.
5. The method as claimed in claim 3, wherein the router system of each of the plurality of office networks receiving the routing table and the segment of the VPN network based on the VPN network comprises:
starting a secure shell protocol in a router system of a network of office places in each region;
installing an openssl dependent component and a VPN client;
after installation is completed, the VPN configuration file and the key file are placed in a starting directory.
6. The method of claim 5, wherein after installation is complete, the method further comprises:
writing a starting script to start the VPN client, and setting a network interface after the VPN client is started as a virtual interface.
7. A network interconnection apparatus, comprising:
the VPN service end is used for defining a routing table and a network segment of the VPN network, wherein the routing table stores connection information corresponding to the VPC network;
the connection unit is used for establishing connection with the VPC network through the VPN network after the connection terminal receives the routing table and the network segment of the VPN network based on the VPN network;
After the VPN server defines a routing table and a network segment of a VPN network, the method further includes:
controlling access authentication of a connection terminal through the VPN server side, and controlling connection of the connection terminal according to an encryption protocol; the VPN server side controls the connection between the connection terminal and the VPN network through an encryption protocol containing a 2048-bit key, and further controls the connection between the connection terminal and the VPC network;
and configuring a route distribution strategy on a Linux system of a server in the VPC network so as to designate the network segments of the VPN network to communicate through a gateway of the VPN network, wherein other default routes still communicate through an intranet gateway of the VPC network.
8. A computer-readable storage medium storing computer instructions for causing a computer to perform the networking method of any one of claims 1 to 6.
9. An electronic device, characterized in that the electronic device comprises: at least one processor; and a memory communicatively coupled to the at least one processor; wherein the memory stores a computer program executable by the at least one processor, the computer program being executable by the at least one processor to cause the at least one processor to perform the networking method of any one of claims 1-6.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202011483008.XA CN112511404B (en) | 2020-12-15 | 2020-12-15 | Network interconnection method and device and electronic equipment |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202011483008.XA CN112511404B (en) | 2020-12-15 | 2020-12-15 | Network interconnection method and device and electronic equipment |
Publications (2)
Publication Number | Publication Date |
---|---|
CN112511404A CN112511404A (en) | 2021-03-16 |
CN112511404B true CN112511404B (en) | 2022-06-28 |
Family
ID=74973896
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202011483008.XA Active CN112511404B (en) | 2020-12-15 | 2020-12-15 | Network interconnection method and device and electronic equipment |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN112511404B (en) |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102882758A (en) * | 2011-07-12 | 2013-01-16 | 华为技术有限公司 | Method for accessing virtual private cloud to network, network-side equipment and data center equipment |
CN111698338A (en) * | 2019-03-15 | 2020-09-22 | 华为技术有限公司 | Data transmission method and computer system |
Family Cites Families (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR20150079236A (en) * | 2013-12-31 | 2015-07-08 | 한국전자통신연구원 | Virtual private network gateway and method for secure communication thereof |
US10560432B1 (en) * | 2017-06-09 | 2020-02-11 | Amazon Technologies, Inc. | Centralized management of remote endpoint devices |
US10505903B1 (en) * | 2017-07-14 | 2019-12-10 | EMC IP Holding Company LLC | System and method of obtaining data from private cloud behind enterprise firewall |
EP3750283B1 (en) * | 2018-02-20 | 2023-10-04 | Huawei Technologies Co., Ltd. | Stitching enterprise virtual private networks (vpns) with cloud virtual private clouds (vpcs) |
CN110768885A (en) * | 2018-07-27 | 2020-02-07 | 上海鋆锦信息科技有限公司 | Industrial VPN device based on private cloud and use method |
-
2020
- 2020-12-15 CN CN202011483008.XA patent/CN112511404B/en active Active
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102882758A (en) * | 2011-07-12 | 2013-01-16 | 华为技术有限公司 | Method for accessing virtual private cloud to network, network-side equipment and data center equipment |
CN111698338A (en) * | 2019-03-15 | 2020-09-22 | 华为技术有限公司 | Data transmission method and computer system |
Also Published As
Publication number | Publication date |
---|---|
CN112511404A (en) | 2021-03-16 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN107852604B (en) | System for providing Global Virtual Network (GVN) | |
US9843505B2 (en) | Differentiated quality of service using tunnels with security as a service | |
US11546444B2 (en) | Traffic forwarding and disambiguation by using local proxies and addresses | |
US20200106748A1 (en) | Enterprise mobility management and network micro-segmentation | |
US9854051B2 (en) | Using proxy devices as dynamic data relays | |
EP3588875B1 (en) | Web services across virtual routing and forwarding | |
CN109450905B (en) | Method, device and system for transmitting data | |
CN113206776A (en) | Hybrid cloud network connection method, system and controller | |
US20230093915A1 (en) | Cloud router platform for sdn networks | |
CN104967572A (en) | Network access method, apparatus and equipment | |
CN112511404B (en) | Network interconnection method and device and electronic equipment | |
US20230115656A1 (en) | Per-application network content filtering | |
CN107453930B (en) | Method for realizing multi-service customization on router | |
CN111884863A (en) | VPC service chain implementation method and system for cloud computing environment | |
CN112565048B (en) | Three-layer VPN (virtual private network) network creation method, three-layer VPN network data transmission method, three-layer VPN network creation device, three-layer VPN network data transmission device and electronic equipment | |
CN117650965B (en) | Method and device for realizing SD-WAN management network based on uCPE original ports | |
CN115174603B (en) | NAS service system, implementation method, electronic equipment and storage medium | |
US10708188B2 (en) | Application service virtual circuit | |
CN112994915B (en) | SD-WAN service arrangement method, system, equipment and storage medium | |
CN117478583A (en) | Network link switching method, device, equipment and storage medium | |
CN117560326A (en) | Edge network node intercommunication method, device, equipment and storage medium | |
CN113612813A (en) | Distributed cross-network access method, device, system and storage medium | |
CN117640488A (en) | Route configuration method, device, equipment and storage medium | |
CN116346536A (en) | Method, device, equipment and medium for virtual machine to access cloud platform management network | |
GB2609677A (en) | Private cloud routing server connection mechanism for use in a private communication architecture |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
PE01 | Entry into force of the registration of the contract for pledge of patent right | ||
PE01 | Entry into force of the registration of the contract for pledge of patent right |
Denomination of invention: Internetworking method, device and electronic equipment Effective date of registration: 20230417 Granted publication date: 20220628 Pledgee: Wuhu Prudential financing Company limited by guarantee Pledgor: Haiteng Insurance Agency Co.,Ltd. Registration number: Y2023980038247 |