CN113179268A - Router and router network abnormity redirection method - Google Patents

Router and router network abnormity redirection method Download PDF

Info

Publication number
CN113179268A
CN113179268A CN202110461364.XA CN202110461364A CN113179268A CN 113179268 A CN113179268 A CN 113179268A CN 202110461364 A CN202110461364 A CN 202110461364A CN 113179268 A CN113179268 A CN 113179268A
Authority
CN
China
Prior art keywords
access information
information
forwarding
router
converter
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202110461364.XA
Other languages
Chinese (zh)
Inventor
周振荣
郭中磊
邵长利
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hisense Broadband Multimedia Technology Co Ltd
Original Assignee
Hisense Broadband Multimedia Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hisense Broadband Multimedia Technology Co Ltd filed Critical Hisense Broadband Multimedia Technology Co Ltd
Priority to CN202110461364.XA priority Critical patent/CN113179268A/en
Publication of CN113179268A publication Critical patent/CN113179268A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/45Network directories; Name-to-address mapping
    • H04L61/4505Network directories; Name-to-address mapping using standardised directories; using standardised directory access protocols
    • H04L61/4511Network directories; Name-to-address mapping using standardised directories; using standardised directory access protocols using domain name system [DNS]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/02Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]

Abstract

The embodiment of the application provides a router and a method for redirecting the network exception of the router, wherein the router comprises the following components: and the LAN interface is connected with the user terminal and is used for receiving and forwarding the access information sent by the user terminal. And the data processor comprises a DNS forwarding judgment module and a converter. The DNS forwarding judgment module is connected with the LAN interface and used for receiving and forwarding the access information and the return information; the converter is connected with the DNS forwarding judgment module and used for converting the ciphertext type and the plaintext type of the received information; and the web http server is connected with the converter and used for receiving the decrypted access information, processing the decrypted access information according to the decrypted access information and sending return information. The converter is used for decrypting the access information and encrypting the returned information, and the redirection of the access information in the plaintext and the ciphertext formats is met.

Description

Router and router network abnormity redirection method
Technical Field
The present application relates to the field of communications technologies, and in particular, to a router and a method for redirecting an exception of a router network.
Background
The router is a device for connecting each local area network and wide area network in the internet, and automatically selects and sets a route according to the condition of a channel, and sends signals in a front-back sequence by using an optimal path.
For security reasons, most browsers and web servers currently use https requests for interaction. When the WAN interface of the household router is not connected with the network or the network is abnormal, any link on the browser is clicked, the login page of the router can be automatically jumped to, and the router can conveniently and directly enter a background management page of the router for processing.
Redirection is the redirection of various network requests to other locations by various methods. For the router with http and https requests, the current router uses two sets of web servers to respectively complete processing of the http request and the https request and redirection of the request. Therefore, the web server inside the router occupies a large space and a large memory, and the communication efficiency of the router is affected.
Disclosure of Invention
The application provides a router and a method for redirecting network abnormity of the router, which aim to solve the technical problem that a webpage server in the router occupies a large space.
In order to solve the technical problem, the embodiment of the application discloses the following technical scheme:
in a first aspect, an embodiment of the present application discloses a router, including:
the LAN interface is connected with the user terminal and is used for receiving and forwarding the access information sent by the user terminal;
the data processor comprises a DNS forwarding judgment module and a converter;
the DNS forwarding judgment module is used for receiving and forwarding access information and return information;
the converter is connected with the DNS forwarding judgment module and used for receiving the access information, decrypting the access information and generating decrypted access information;
the web http server is connected with the converter and used for receiving the decrypted access information, processing the decrypted access information and sending return information;
the converter is also used for receiving the return information, encrypting the return information, generating the encrypted return information, and sending the encrypted access information to the DNS forwarding judgment module.
An embodiment of the present application provides a router, including: and the LAN interface is connected with the user terminal and used for receiving and forwarding the access information sent by the user terminal. And the data processor comprises a DNS forwarding judgment module and a converter. The DNS forwarding judgment module is used for receiving and forwarding access information and return information; the converter is connected with the DNS forwarding judgment module and used for receiving the access information, decrypting the access information and generating decrypted access information; and the web http server is connected with the converter and used for receiving the decrypted access information, processing the decrypted access information according to the decrypted access information and sending return information. The converter is also used for receiving the return information, encrypting the return information, generating the encrypted return information, and sending the encrypted access information to the DNS forwarding judgment module. The converter is used for decrypting the access information and encrypting the returned information, and the redirection of the access information in the plaintext and the ciphertext formats is met. The functions of two sets of servers are realized by using the resources of one set of servers, the occupied space is small, and the occupied resources are small.
In a second aspect, an embodiment of the present application discloses a method for redirecting an exception of a router network, including: receiving access information sent by a user terminal;
forwarding and decrypting the access information to generate decrypted access information;
generating return information according to the decrypted access information;
encrypting the return information to generate encrypted return information;
and forwarding the encrypted return information to the user terminal.
Compared with the prior art, the beneficial effect of this application is:
the embodiment of the application provides a method for redirecting the network exception of a router, which comprises the following steps: receiving access information sent by a user terminal; forwarding and decrypting the access information to generate decrypted access information; generating return information according to the decrypted access information; encrypting the return information to generate encrypted return information; and forwarding the encrypted return information to the user terminal. By decrypting the access information and encrypting the returned information, the redirection of the access information in the plaintext and the ciphertext formats is met. The functions of two sets of servers are realized by using the resources of one set of servers, the occupied space is small, and the occupied resources are small.
It is to be understood that both the foregoing general description and the following detailed description are exemplary and explanatory only and are not restrictive of the application.
Drawings
In order to more clearly explain the technical solution of the present application, the drawings needed to be used in the embodiments will be briefly described below, and it is obvious to those skilled in the art that other drawings can be obtained according to the drawings without creative efforts.
Fig. 1 is a router application scenario provided in an embodiment of the present application;
fig. 2 is a schematic diagram illustrating forwarding of router information under a normal network connection condition in the embodiment of the present application;
fig. 3 is a schematic structural diagram of a router according to an embodiment of the present application;
fig. 4 is a schematic diagram illustrating a processing flow of router access information according to an embodiment of the present application;
fig. 5 is a schematic diagram of a process flow of a return message of a router according to an embodiment of the present application;
fig. 6 is a schematic flowchart of a method for redirecting an exception to a router network according to an embodiment of the present application.
Detailed Description
In order to make those skilled in the art better understand the technical solutions in the present application, the technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are only a part of the embodiments of the present application, and not all the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
Fig. 1 is a router application scenario provided in an embodiment of the present application. Fig. 2 is a schematic diagram illustrating forwarding of router information under a normal network connection condition in the embodiment of the present application. As shown in fig. 1 and 2, the user terminal 100 provides access information, and the router 200 determines a network address and selects an IP path based on the access information, and connects to the external server 300.
The external server 300 responds to the access information and sends out response information. The router 200 receives the response information and forwards the response information to the user terminal. In this embodiment, the access information provided by the user terminal includes an http request and an https request. The user terminal 100 may be a mobile phone, a personal computer, a television, or other common devices.
Fig. 3 is a schematic structural diagram of a router provided in an embodiment of the present application, and as shown in fig. 3, the router 200 includes: a LAN interface 210, a DNS forwarding decision module 220, and a WAN interface 230, which are communicatively connected in sequence.
And a LAN interface 210 communicatively connected to the user terminal 100 for receiving the access information. The DNS forwarding determination module 220 forwards the received access information to the WAN interface 230. The WAN interface 230 transmits the access information to the external server 300.
When the network connection is normal, the WAN interface 230 of the router may further receive response information returned by the external server 300, and send the response information to the DNS forwarding determination module 220, and the DNS forwarding determination module 220 sends the response information to the user terminal 100 through the LAN interface 210.
The router 200 further includes: and the web http server 240 is in communication connection with the DNS forwarding judgment module 220. The DNS forwarding determination module 220 determines whether the access information is a plaintext request or a ciphertext request, and selects a forwarding manner according to a message form in the access information.
Further, if the message in the access information is in an http format and the access information is a plaintext request, the DNS forwarding determination module 220 forwards the access information to the web http server 240. The web http server 240 is provided with a first sub-interface 241 for receiving the access information and sending feedback information of the web http server 240.
If the message in the access information is in https format and the access information is a ciphertext request, the DNS forwarding determination module 220 selects a forwarding manner according to the network connection state of the WAN interface 230.
In some embodiments of the present application, the DNS forwarding determining module 220 is configured to determine whether the network connection is normal, and forward the access information to different interfaces according to a determination result.
Further, the DNS forwarding determination module 220 retrieves ip information of the WAN interface, and determines whether the network connection is normal by determining whether the ip information includes an ip address. If the network connection is normal, the DNS forwarding determination module 220 forwards the received access information to the WAN interface 230. And if the network connection is abnormal, performing network redirection.
The forwarding judgment module 220 may also forward the https-formatted access information to the WAN interface, and judge whether the WAN interface network connection is normal according to whether the response information of the WAN interface is received; and different data forwarding paths are selected according to whether the WAN interface network connection is normal or not. If the network connection is normal, the DNS forwarding determination module 220 forwards the received access information to the WAN interface 230. And if the network connection is abnormal, performing network redirection.
If the WAN interface network connection is abnormal, the DNS forwarding determination module 220 forwards the access information to the web http server 240.
In order to solve the problem of network redirection of access information in https format under the condition that network connection is abnormal, an embodiment of the present application provides a router, further including: the converter 250 is connected to the DNS forwarding determining module 220, and is configured to receive the access information, where the access information is in https format. The converter 250 decrypts the http format access information and converts the http format access information into http access information. Meanwhile, the converter 250 is also connected to the web http server 240, and is configured to forward the decrypted access information to the web http server 240.
In the embodiment of the present application, the DNS forwarding determining module 220 and the converter 250 are functional components in the CPU.
Fig. 4 is a schematic view of a processing flow of access information of a router provided in an embodiment of the present application, and fig. 5 is a schematic view of a processing flow of return information of a router provided in an embodiment of the present application. As shown in fig. 4 and 5, for the ciphertext access request (https access request) in the case where the network connection is not normal, the processing procedure of the router 200 is: the LAN interface 210 receives the access information and transmits the access information to the DNS forwarding decision module 220. The DNS forwarding determination module 220 determines that the WAN interface network connection is not normal, and forwards the access information to the converter 250 according to the access information being a ciphertext request. The converter 250 decrypts the http formatted access information to convert the http formatted access information into http access information, and forwards the decrypted access information to the web http server 240. The web http server 240 processes the access information and sends out return information, where the return information is plaintext information. The converter 250 encrypts the return information after receiving the return information, generates ciphertext return information, and sends the ciphertext return information to the DNS forwarding determination module 220, and the DNS forwarding determination module 220 sends the ciphertext return information to the user terminal 100 through the LAN interface 210.
Further, the converter 250 includes: the second sub-interface 251 is configured to receive the access information in the https format sent by the DNS forwarding determination module 220, and forward the access information. Further, the second sub-interface 251 is 443 ports.
A data transmission module 252 connected to the second sub-interface 251 and configured to receive access information; the data transmission module 252 is further connected to the ciphertext processing module 253, and sends the access information to the ciphertext processing module 253; the ciphertext processing module 253 decrypts the access information to form plaintext access information, and sends the plaintext access information to the data transmission module 252.
And a third sub-interface 254 connected to the data transfer module 252. In some embodiments of the present application, the third sub-interface 254 is an 80-port.
The first sub-interface 241 is in communication connection with the third sub-interface 254, plaintext access information sent by the data transmission module 252 is transmitted to the first sub-interface 241 through the third sub-interface 254, and then transmitted to the web http server 240 through the first sub-interface 241, and after receiving the plaintext access information, the web http server 240 processes the plaintext access information and sends return information to the first sub-interface 241. The returned information is plaintext information at this time.
The third sub-interface 254 is further configured to receive the return information sent by the first sub-interface 241, and send the return information to the data transmission module 252; the data transmission module 252 transmits the acquired return information to the ciphertext processing module 253; the ciphertext processing module 253 encrypts the return information to form ciphertext return information; the data transmission module 252 obtains the ciphertext return information and sends the ciphertext return information to the DNS forwarding judgment module 220 through the second sub-interface 251.
In the embodiment of the present application, the converter 250 includes: the system comprises a data transmission module 252 and a ciphertext processing module 253, wherein the data transmission module 252 is respectively connected to the DNS forwarding judgment module 220 and the web http server 240 in a communication manner, and the data transmission module 252 is further connected to the ciphertext processing module 253.
The data transmission module 252 is configured to receive and forward data information, and the ciphertext processing module 253 is configured to convert plaintext and ciphertext of communication data. Specifically, the ciphertext processing module 253 is configured to decrypt the ciphertext access information to generate plaintext access information; and encrypting the plaintext return information to generate ciphertext return information. The data transmission module 252 is configured to receive the ciphertext access information, send the ciphertext access information to the ciphertext processing module 253, obtain plaintext access information, and send the plaintext access information to the web http server 240; the data transmission module 252 is further configured to receive plaintext return information and send the plaintext return information to the ciphertext processing module 253, obtain ciphertext access information, and send the ciphertext return information to the DNS forwarding determination module 220.
In order to realize that the data transmission module 252 is respectively in communication connection with the DNS forwarding judgment module 220 and the web http server 240, the data transmission module 252 is provided with a second sub-interface 251, and is in communication connection with the DNS forwarding judgment module 220, so that the data transmission module 252 is in communication connection with the DNS forwarding judgment module 220; the data transfer module 252 is further provided with a third sub-interface 254 communicatively coupled to the web http server 240. Wherein the second sub-interface 251 is 443 ports. The third sub-interface 254 is an 80-port.
The router provided in the embodiments of the present application may utilize one web http server 240 to simultaneously address redirection of http and http access information. Specifically, the method comprises the following steps: for the http access information, the LAN interface 210 receives the http access information sent by the user terminal 100, and sends the http access information to the DNS forwarding determination module 220. The DNS forwarding judgment module 220 judges the http access information as plaintext, and sends the http access information to the web http server 240 through the first sub-interface 241. The web http server 240 processes the received http access information, and sends http return information to the DNS forwarding determination module 220, and the DNS forwarding determination module 220 sends the http return information to the user terminal 100 through the LAN interface 210.
For https access information, the LAN interface 210 receives https access information sent by the user terminal 100, sends the https access information to the DNS forwarding determination module 220, and sends the https access information to the DNS forwarding determination module 220. The DNS forwarding determination module 220 determines that the https access information is a ciphertext and the WAN interface 230 is not normally connected to the network at this time, transmits the https access information to the converter 250 through the second sub-interface 251, and the converter 250 decrypts the https access information to generate http access information. And then sent to the web http server 240 through the third sub-interface 254 and the first sub-interface 241. The web http server 240 processes the received http access information, and sends out http return information to the converter 250 through the first sub-interface 241 and the third sub-interface 254. The converter 250 encrypts the http return information to generate http return information, and transmits the http return information to the DNS forwarding determination module 220 via the second sub-interface, and the DNS forwarding determination module 220 transmits the http return information to the LAN interface 210 and finally to the user terminal 100.
An embodiment of the present application provides a router, including: the system comprises a LAN interface 210, a DNS forwarding judgment module 220, a converter 250 and a web http server 240 which are sequentially connected in a communication mode, wherein the DNS forwarding judgment module 220 is further connected with a WAN interface. The LAN interface 210 is also communicatively connected to a user terminal. The LAN interface 210 receives access information transmitted from the user terminal and transmits the access information to the DNS forwarding determination module 220. The DNS forwarding determination module 220 selects a forwarding path according to the message format of the access information and the WAN interface network connection condition. If the message of the access information is a ciphertext and the WAN interface is not accessible, the DNS forwarding determination module 220 sends the access information to the converter 250, and the converter 250 decrypts the access information to generate plaintext access information and sends the plaintext access information to the web http server 240. The web http server 240 processes the plaintext access information to generate plaintext return information, and sends the plaintext return information to the converter 250, and the converter 250 encrypts the plaintext return information to generate ciphertext return information, and then sends the ciphertext return information to the DNS forwarding judgment module 220, and the DNS forwarding judgment module 220 sends the ciphertext return information to the LAN interface, and finally sends the ciphertext return information to the user terminal. According to the method and the device, through the arrangement of the converter and the web http server, under the condition that the two servers of the web http server and the web http server are not required to be arranged at the same time, the converter is used for encrypting or decrypting information, and the redirection of access information in plaintext and ciphertext formats can be met at the same time. The resources of one set of server realize the functions of two sets of servers, occupy small space and occupy few resources. Meanwhile, the newly-added converter does not influence the service processing of the original web http server, namely, the newly-added converter only needs to realize the function of the converter without modifying the original web http server, and is convenient and quick. After the router network is reconnected, the converter process can be ended, and the space and the resources are released; when the router network is abnormal, the translator process is pulled up again, and the translator process occupies fewer resources on average in the whole running process of the router.
Fig. 6 is a schematic flowchart of a method for redirecting an exception to a router network according to an embodiment of the present application. As shown in fig. 6, an embodiment of the present application provides a method for redirecting an exception to a router network, including: and receiving the access information, analyzing the received access information, and selecting a forwarding path according to the message type of the access information.
If the message type of the access information is a plaintext, forwarding the access information to a web http server; the web http server processes the access information to generate return information; and if the message type ciphertext of the access information is received, acquiring the network connection information and selecting a forwarding path according to the network connection information.
Further, the acquiring network connection information and selecting a forwarding path according to the network connection information includes: and if the network connection is normal, sending the access information to the WAN side to be connected with an external server. If the network connection is abnormal, decrypting the access information and sending the decrypted access information to a web http server; and receiving return information sent by the web http server, wherein the return information is in a plaintext type, and encrypting the return information to generate encrypted return information. And sending the return information to the user terminal.
Further, the access information is sent by the user terminal.
Further, the router 200 includes: a LAN interface 210, a DNS forwarding decision module 220, and a WAN interface 230, which are communicatively connected in sequence.
And a LAN interface 210 communicatively connected to the user terminal 100 for receiving the access information. The DNS forwarding determination module 220 forwards the received access information to the WAN interface 230. The WAN interface 230 transmits the access information to the external server 300.
When the network connection is normal, the WAN interface 230 of the router may further receive response information returned by the external server 300, and send the response information to the DNS forwarding determination module 220, and the DNS forwarding determination module 220 sends the response information to the user terminal 100 through the LAN interface 210.
The router 200 further includes: and the web http server 240 is in communication connection with the DNS forwarding judgment module 220. The DNS forwarding determination module 220 determines whether the access information is a plaintext request or a ciphertext request, and selects a forwarding manner according to a message form in the access information.
Further, if the message in the access information is in an http format and the access information is a plaintext request, the DNS forwarding determination module 220 forwards the access information to the web http server 240. The web http server 240 is provided with a first sub-interface 241 for receiving the access information and sending feedback information of the web http server 240.
If the message in the access information is in https format and the access information is a ciphertext request, the DNS forwarding determination module 220 selects a forwarding manner according to the network connection state of the WAN interface 230.
In some embodiments of the present application, the DNS forwarding determining module 220 is configured to determine whether the network connection is normal, and forward the access information to different interfaces according to a determination result.
Further, the DNS forwarding determination module 220 calls ip information of the WAN interface 230, and determines whether the network connection is normal by determining whether the ip information includes an ip address. If the network connection is normal, the DNS forwarding determination module 220 forwards the received access information to the WAN interface 230. And if the network connection is abnormal, performing network redirection.
The forwarding judgment module 220 may also forward the https-formatted access information to the WAN interface 230, and judge whether the WAN interface 230 is normally connected to the network according to whether the response information of the WAN interface 230 is received; and selects a different data forwarding path depending on whether the WAN interface 230 network connection is normal. If the network connection is normal, the DNS forwarding determination module 220 forwards the received access information to the WAN interface 230. And if the network connection is abnormal, performing network redirection.
If the network connection of the WAN interface 230 is abnormal, the DNS forwarding determination module 220 forwards the access information to the web http server 240.
The converter 250 is connected to the DNS forwarding determining module 220, and is configured to receive the access information, where the access information is in https format. The converter 250 decrypts the http format access information and converts the http format access information into http access information. Meanwhile, the converter 250 is also connected to the web http server 240, and is configured to forward the decrypted access information to the web http server 240.
Further, the converter 250 includes: the second sub-interface 251 is configured to receive the access information in the https format sent by the DNS forwarding determination module 220, and forward the access information. Further, the second sub-interface 251 is 443 ports.
A data transmission module 252 connected to the second sub-interface 251 and configured to receive access information; the data transmission module 252 is further connected to the ciphertext processing module 253, and sends the access information to the ciphertext processing module 253; the ciphertext processing module 253 decrypts the access information to form plaintext access information, and sends the plaintext access information to the data transmission module 252.
And a third sub-interface 254 connected to the data transfer module 252. In some embodiments of the present application, the third sub-interface 254 is an 80-port.
The first sub-interface 241 is in communication connection with the third sub-interface 254, plaintext access information sent by the data transmission module 252 is transmitted to the first sub-interface 241 through the third sub-interface 254, and then transmitted to the web http server 240 through the first sub-interface 241, and after receiving the plaintext access information, the web http server 240 processes the plaintext access information and sends return information to the first sub-interface 241. The returned information is plaintext information at this time.
The third sub-interface 254 is further configured to receive the return information sent by the first sub-interface 241, and send the return information to the data transmission module 252; the data transmission module 252 transmits the acquired return information to the ciphertext processing module 253; the ciphertext processing module 253 encrypts the return information to form ciphertext return information; the data transmission module 252 obtains the ciphertext return information and sends the ciphertext return information to the DNS forwarding judgment module 220 through the second sub-interface 251.
In the embodiment of the present application, the converter 250 includes: the system comprises a data transmission module 252 and a ciphertext processing module 253, wherein the data transmission module 252 is respectively connected to the DNS forwarding judgment module 220 and the web http server 240 in a communication manner, and the data transmission module 252 is further connected to the ciphertext processing module 253.
The data transmission module 252 is configured to receive and forward data information, and the ciphertext processing module 253 is configured to convert plaintext and ciphertext of communication data. Specifically, the ciphertext processing module 253 is configured to decrypt the ciphertext access information to generate plaintext access information; and encrypting the plaintext return information to generate ciphertext return information. The data transmission module 252 is configured to receive the ciphertext access information, send the ciphertext access information to the ciphertext processing module 253, obtain plaintext access information, and send the plaintext access information to the web http server 240; the data transmission module 252 is further configured to receive plaintext return information and send the plaintext return information to the ciphertext processing module 253, obtain ciphertext access information, and send the ciphertext return information to the DNS forwarding determination module 220.
In order to realize that the data transmission module 252 is respectively in communication connection with the DNS forwarding judgment module 220 and the web http server 240, the data transmission module 252 is provided with a second sub-interface 251, and is in communication connection with the DNS forwarding judgment module 220, so that the data transmission module 252 is in communication connection with the DNS forwarding judgment module 220; the data transfer module 252 is further provided with a third sub-interface 254 communicatively coupled to the web http server 240. Wherein the second sub-interface 251 is 443 ports. The third sub-interface 254 is an 80-port.
The embodiment of the application provides a method for redirecting the network exception of a router, which comprises the following steps: the DNS forwarding determination module 220 receives access information sent by the user terminal, analyzes the received access information, and selects a forwarding path according to a packet type of the access information.
If the message type of the access information is a plaintext, forwarding the access information to a web http server; the web http server processes the access information to generate return information; and if the message type ciphertext of the access information is received, acquiring the network connection information and selecting a forwarding path according to the network connection information.
Further, the step of the DNS forwarding determining module 220 obtaining the network connection information and selecting a forwarding path according to the network connection information includes: and if the network connection is normal, sending the access information to the WAN side to be connected with an external server. If the network connection is abnormal, decrypting the access information and sending the decrypted access information to a web http server; and receiving return information sent by the web http server, wherein the return information is in a plaintext type, and encrypting the return information to generate encrypted return information. And sending the return information to the user terminal.
The DNS forwarding determination module 220 may determine whether the network connection is normal by calling ip information of the WAN interface and determining whether the ip information includes an ip address. If the network connection is normal, the DNS forwarding determination module 220 forwards the received access information to the WAN interface 230. And if the network connection is abnormal, performing network redirection. The https-formatted access information may also be forwarded to the WAN interface 230, and whether the WAN interface 230 is normally connected to the network is determined according to whether the response information of the WAN interface 230 is received. If the DNS forwarding judgment module 220 can receive the response information of the WAN interface, it judges that the WAN interface 230 is connected to the network normally; if the DNS forwarding judgment module 220 can not receive the WAN interface response message, it judges that the WAN interface network connection is not normal.
If the network connection is not normal, the converter 250 decrypts the access information and sends the decrypted access information to the web http server 240; the converter 250 is further configured to receive the return information sent by the web http server 240, where the return information is of a plaintext type, and encrypt the return information to generate encrypted return information. Converter 250 sends the return information to DNS forwarding determination module 220, and DNS forwarding determination module 220 sends the return information to user terminal 100.
Therefore, an embodiment of the present application provides a method for redirecting an exception to a router network, including: and receiving the access information, and selecting a forwarding path according to the message type of the access information. And if the access information is plaintext, directly sending the access information to the web http server, and sending return information to the user terminal by the web http server according to the access information. And if the access information is the ciphertext, decrypting the access information, sending the decrypted access information to the web http server, and processing the access information by the web http server to generate return information. And receiving the return information, encrypting the returned information, and sending the encrypted return information to the user terminal. By decrypting the access information and encrypting the return information, the redirection of the access information in http and http forms is realized by using a web http server.
The embodiment of the application provides a router and a method for redirecting the router network abnormality, wherein a LAN interface 210 receives access information sent by a user terminal and transmits the access information to a DNS forwarding judgment module 220. The DNS forwarding determination module 220 selects a forwarding path according to the message format of the access information and the WAN interface network connection condition. If the message of the access information is a ciphertext and the WAN interface is not accessible, the DNS forwarding determination module 220 sends the access information to the converter 250, and the converter 250 decrypts the access information to generate plaintext access information and sends the plaintext access information to the web http server 240. The web http server 240 processes the plaintext access information to generate plaintext return information, and sends the plaintext return information to the converter 250, and the converter 250 encrypts the plaintext return information to generate ciphertext return information, and then sends the ciphertext return information to the DNS forwarding judgment module 220, and the DNS forwarding judgment module 220 sends the ciphertext return information to the LAN interface 210, and finally sends the ciphertext return information to the user terminal 100. According to the method and the device, through the arrangement of the converter and the web http server, under the condition that the two servers of the web http server and the web http server are not required to be arranged at the same time, the converter is used for encrypting or decrypting information, and the redirection of access information in plaintext and ciphertext formats can be met at the same time. The resources of one set of server realize the functions of two sets of servers, occupy small space and occupy few resources. Meanwhile, the newly-added converter does not influence the service processing of the original web http server, namely, the newly-added converter only needs to realize the function of the converter without modifying the original web http server, and is convenient and quick. After the router network is reconnected, the converter process can be ended, and the space and the resources are released; when the router network is abnormal, the translator process is pulled up again, and the translator process occupies fewer resources on average in the whole running process of the router.
Since the above embodiments are all described by referring to and combining with other embodiments, the same portions are provided between different embodiments, and the same and similar portions between the various embodiments in this specification may be referred to each other. And will not be described in detail herein.
It should be noted that, in the present specification, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a circuit structure, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such circuit structure, article, or apparatus. Without further limitation, the presence of an element identified by the phrase "comprising an … …" does not exclude the presence of other like elements in a circuit structure, article or device comprising the element.
The decrypted access information is plaintext access information, which can also be called http access information; the encrypted return information is ciphertext return information, which can also be called https return information.
Other embodiments of the present application will be apparent to those skilled in the art from consideration of the specification and practice of the disclosure herein. This application is intended to cover any variations, uses, or adaptations of the invention following, in general, the principles of the application and including such departures from the present disclosure as come within known or customary practice within the art to which the invention pertains. It is intended that the specification and examples be considered as exemplary only, with a true scope and spirit of the application being indicated by the following claims.
The above-described embodiments of the present application do not limit the scope of the present application.

Claims (10)

1. A router, comprising: the LAN interface is connected with the user terminal and is used for receiving and forwarding the access information sent by the user terminal;
the data processor comprises a DNS forwarding judgment module and a converter;
the DNS forwarding judgment module is used for receiving and forwarding access information and return information;
the converter is connected with the DNS forwarding judgment module and used for receiving the access information, decrypting the access information and generating decrypted access information;
the web http server is connected with the converter and used for receiving the decrypted access information, processing the decrypted access information and sending return information;
the converter is also used for receiving the return information, encrypting the return information, generating the encrypted return information, and sending the encrypted access information to the DNS forwarding judgment module.
2. The router according to claim 1, wherein the switch is provided with a second sub-interface, and the DNS forwarding determination module;
the converter is provided with a third sub-interface which is connected with the web http server;
the web http server is provided with a first sub-interface which is connected with the converter.
3. The router of claim 2, wherein the second subinterface is 443 ports, and wherein the first subinterface and the third subinterface are 80 ports.
4. The router of claim 1, wherein the converter comprises: the system comprises a ciphertext processing module and a data transmission module; the data transmission module is connected with the DNS forwarding judgment module and the web http server and is used for transmitting data; the data comprises the access information, the return information, the decrypted access information and the encrypted return information;
and the ciphertext processing module is connected with the data transmission module and is used for decrypting the access information and encrypting the return information.
5. The router according to claim 1, wherein the DNS forwarding decision module is further connected to the web http server, and configured to select a forwarding path according to the type of the access information and a network connection state.
6. A method for redirecting router network exceptions, comprising: receiving access information sent by a user terminal;
forwarding and decrypting the access information to generate decrypted access information;
generating return information according to the decrypted access information;
encrypting the return information to generate encrypted return information;
and forwarding the encrypted return information to the user terminal.
7. The method according to claim 6, wherein before forwarding and decrypting the access information and generating the decrypted access information, the method further comprises: and analyzing the message type of the access information, if the message type of the access information is a plaintext, processing the access information to generate return information, and sending the return information to the user terminal.
8. The method according to claim 6, wherein the packet type of the returned message is plaintext.
9. The method according to claim 6, wherein before forwarding and decrypting the access information and generating the decrypted access information, the method further comprises: and analyzing the network connection state, and if the network connection state is normal, sending the access information to an external server.
10. The method according to claim 6, wherein before forwarding and decrypting the access information and generating the decrypted access information, the method further comprises: and analyzing the message type and the network connection state of the access information, and if the message type of the access information is a ciphertext and the network connection state is abnormal, forwarding and decrypting the access information to generate decrypted access information.
CN202110461364.XA 2021-04-27 2021-04-27 Router and router network abnormity redirection method Pending CN113179268A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110461364.XA CN113179268A (en) 2021-04-27 2021-04-27 Router and router network abnormity redirection method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110461364.XA CN113179268A (en) 2021-04-27 2021-04-27 Router and router network abnormity redirection method

Publications (1)

Publication Number Publication Date
CN113179268A true CN113179268A (en) 2021-07-27

Family

ID=76926646

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110461364.XA Pending CN113179268A (en) 2021-04-27 2021-04-27 Router and router network abnormity redirection method

Country Status (1)

Country Link
CN (1) CN113179268A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114866374A (en) * 2022-05-11 2022-08-05 青岛海信日立空调系统有限公司 Intelligent home gateway equipment and intelligent home system

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105791451A (en) * 2014-12-22 2016-07-20 华为技术有限公司 Message response method and device
CN106603491A (en) * 2016-11-10 2017-04-26 上海斐讯数据通信技术有限公司 Portal authentication method based on https protocol, and router
CN107395582A (en) * 2017-07-14 2017-11-24 上海斐讯数据通信技术有限公司 Portal authentication devices and system
US20180109498A1 (en) * 2016-10-17 2018-04-19 Zscaler, Inc. Systems and methods for improving https security
CN109802925A (en) * 2017-11-17 2019-05-24 广州市动景计算机科技有限公司 A kind of authentication method and system of public WiFi access

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105791451A (en) * 2014-12-22 2016-07-20 华为技术有限公司 Message response method and device
US20180109498A1 (en) * 2016-10-17 2018-04-19 Zscaler, Inc. Systems and methods for improving https security
CN106603491A (en) * 2016-11-10 2017-04-26 上海斐讯数据通信技术有限公司 Portal authentication method based on https protocol, and router
CN107395582A (en) * 2017-07-14 2017-11-24 上海斐讯数据通信技术有限公司 Portal authentication devices and system
CN109802925A (en) * 2017-11-17 2019-05-24 广州市动景计算机科技有限公司 A kind of authentication method and system of public WiFi access

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114866374A (en) * 2022-05-11 2022-08-05 青岛海信日立空调系统有限公司 Intelligent home gateway equipment and intelligent home system
CN114866374B (en) * 2022-05-11 2024-01-16 青岛海信日立空调系统有限公司 Intelligent home gateway equipment and intelligent home system

Similar Documents

Publication Publication Date Title
EP3748908B1 (en) Method, system, network device, storage medium for creating a network slice
CN104967595B (en) The method and apparatus that equipment is registered in platform of internet of things
JP5143125B2 (en) Authentication method, system and apparatus for inter-domain information communication
US8130635B2 (en) Network access nodes
JP2000188616A (en) Communication system and communication method
EP3110081B1 (en) Methods for controlling service chain of service flow
US20090254628A1 (en) Method, System And Apparatus For Instant Messaging
US20120320835A1 (en) Methods, Devices, Systems, and Computer Program Products for Registration of Multi-Mode Communications Devices
CN109391704B (en) Cross-private-network access method and device for video monitoring equipment
US10637929B1 (en) Methods and apparatus for storing and/or retrieving session state information
US20170026481A1 (en) Technique for controlling the service request routing
US20220191664A1 (en) Optimization of services applied to data packet sessions
US20230156468A1 (en) Secure Communication Method, Related Apparatus, and System
US8064434B2 (en) Method for providing internet services to a telephone user
CN109474646B (en) Communication connection method, device, system and storage medium
US10158587B2 (en) Communication between a web application instance connected to a connection server and a calling entity other than said connection server
CN113179268A (en) Router and router network abnormity redirection method
CN112738217B (en) Secure interaction system and method
US20110149754A1 (en) Voice Quality Analysis Device and Method Thereof
JP2006221450A (en) Load distribution device, load distribution method and load distribution program
JP2009296333A (en) Communication control system and communication control method
US20100034209A1 (en) Communication system and home gateway
CN101868945A (en) Communication system, communication method, and communication session integration device
TWI608749B (en) Method for controlling a client device to access a network device, and associated control apparatus
WO2022012355A1 (en) Secure communication method, related apparatus, and system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20210727

RJ01 Rejection of invention patent application after publication