CN113259400B - Network interaction system, method and storage medium based on network protocol - Google Patents
Network interaction system, method and storage medium based on network protocol Download PDFInfo
- Publication number
- CN113259400B CN113259400B CN202110793208.3A CN202110793208A CN113259400B CN 113259400 B CN113259400 B CN 113259400B CN 202110793208 A CN202110793208 A CN 202110793208A CN 113259400 B CN113259400 B CN 113259400B
- Authority
- CN
- China
- Prior art keywords
- network
- protocol stack
- mode protocol
- interface
- kernel
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L69/00—Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
- H04L69/16—Implementation or adaptation of Internet protocol [IP], of transmission control protocol [TCP] or of user datagram protocol [UDP]
- H04L69/161—Implementation details of TCP/IP or UDP/IP stack architecture; Specification of modified or new header fields
- H04L69/162—Implementation details of TCP/IP or UDP/IP stack architecture; Specification of modified or new header fields involving adaptations of sockets based mechanisms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements, protocols or services for addressing or naming
- H04L61/09—Mapping addresses
- H04L61/25—Mapping addresses of the same type
- H04L61/2503—Translation of Internet protocol [IP] addresses
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The application discloses a network interaction system, a method and a storage medium based on a network protocol, wherein the network interaction system is applied to network equipment and comprises the following components: a user mode subsystem and a kernel mode subsystem; the user mode subsystem comprises: a user mode protocol stack, a network interface and a network application; the kernel-mode subsystem comprises: the device comprises a driving interface, a kernel mode protocol stack and an IO interface. The network interaction system, the method and the storage medium aim to solve the problem that in the prior art, when a user mode protocol stack takes over a network interface, a network application using socket programming cannot directly receive a network data message from an external network, so that the network application cannot be used and needs to be improved or redeveloped.
Description
Technical Field
The present application relates to the field of network technologies, and in particular, to a network interaction system, method and storage medium based on a network protocol.
Background
The Kernel-mode protocol stack (TCP/IP protocol stack) refers to a complete TCP/IP protocol stack provided by a network subsystem of Linux Kernel (a single core of an open-source Unix-like operating system). Since the kernel-mode protocol stack is open-source and standard, most network applications running in the Linux system use the kernel-mode protocol stack. The kernel mode protocol may take over network devices such as a network card, receive a network data packet in the kernel mode, complete routing forwarding on a non-local packet (in the case of a network card-enabled forwarding function), and deliver the local packet to a local application. The kernel mode protocol stack shields the implementation details of the network equipment level protocol stack for the network application and provides a general network solution for the network application.
The user mode protocol stack (TCP/IP protocol stack) generally means that a complete TCP/IP protocol stack operating in a user mode exists in a system, the user mode protocol stack takes over an external interface of a Linux system, and a network data message received by the external interface is directly processed by the user mode protocol stack without passing through a Linux Kernel protocol stack (i.e., a Kernel mode protocol stack). Compared with the kernel-mode protocol stack, the user-mode protocol stack has higher efficiency when processing the network data message, and has the characteristics of being friendly to develop and convenient to maintain and upgrade, so that the overall performance of the Linux system can be further improved. In addition, for some special devices, such as enterprise-level router devices that mainly function to forward and receive packets, a user-mode protocol stack is commonly used.
However, if the user mode protocol stack takes over an external interface to receive the network data packet, a large number of network applications programmed by a third party using sockets (sockets) cannot be normally used because the network applications cannot directly receive the network data packet from the external network, and thus the network applications need to be modified or redeveloped, which causes problems of increased development difficulty, long period, and the like.
Therefore, there is a need to address the problems of the prior art.
Disclosure of Invention
An object of the present application is to provide a network interaction system and method based on a network protocol, which aim to solve the problem in the prior art that when a user mode protocol stack takes over a network interface, a network application using socket programming cannot directly receive a network data packet from an external network, so that the network application cannot be normally used and needs to be improved or redeveloped.
According to an aspect of the present application, an embodiment of the present application provides a network interaction system based on a network protocol, which is applied to a network device, and the network interaction system includes: a user mode subsystem and a kernel mode subsystem; wherein the user-mode subsystem comprises: a user mode protocol stack and a network application; the user mode protocol stack is used for receiving a network data message sent from an external network, obtaining corresponding target flow information according to preset message characteristics, transmitting the target flow information to a driving interface in the kernel mode subsystem, receiving reply flow information returned by the network application through the driving interface, and packaging the reply flow information into a corresponding response message to be forwarded to the external network; the kernel-mode subsystem further comprises: the kernel mode protocol stack is used for redirecting to a local target address according to the target flow information received from the driving interface and forwarding the target flow information to the IO interface monitored by the corresponding network application process so as to provide the target flow information to the network application.
Optionally, the user mode subsystem further includes a network interface, the network interface is connected to the user mode protocol stack, and the network interface is configured to receive a network data packet sent from an external network, transmit the network data packet to the user mode protocol stack, and forward a response packet encapsulated by the user mode protocol stack to the external network.
Optionally, the user mode protocol stack is further configured to start a driver interface and obtain a device descriptor of the driver interface.
Optionally, the preset message feature is a TCP message feature.
Optionally, the protocols supported by the network application include a BGP protocol, an HTTP protocol, an HTTPs protocol, and a TELNET protocol.
Optionally, the kernel-mode protocol stack is further configured to redirect the target traffic information to a local target address by using a target address translation manner.
According to another aspect of the present application, there is provided a network interaction method based on a network protocol, where the network interaction system according to any embodiment of the present application is adopted, and the network interaction method includes: a user mode protocol stack receives a network data message sent from an external network; the user mode protocol stack identifies the received network data message according to the preset message characteristics to obtain corresponding target flow information; the user mode protocol stack transmits the target flow information to a driving interface; the kernel mode protocol stack redirects to a local target address according to the target flow information received from the driving interface; the kernel mode protocol stack forwards the target flow information to an IO interface monitored by a corresponding network application process so as to provide the target flow information to the network application; the network application returns corresponding reply flow information to the driving interface according to the obtained target flow information; and the user mode protocol stack encapsulates the received reply flow information into a corresponding response message and forwards the response message to the external network.
Optionally, before the step of receiving the network data packet sent from the external network, the user mode protocol stack includes: and configuring a driving interface in the kernel-mode subsystem.
Optionally, before the step of receiving the network data packet sent from the external network, the user mode protocol stack includes: the user mode protocol stack starts a driving interface; and the user mode protocol stack acquires the device descriptor of the driving interface.
Optionally, the step of transmitting the target traffic information to the driver interface by the user mode protocol stack includes: and the user mode protocol stack writes the target flow information into the device descriptor of the driving interface.
Optionally, the step of redirecting the kernel-mode protocol stack to a local target address according to the target traffic information received from the driver interface includes: the kernel mode protocol stack redirects the target traffic information to a local target address by using a target address translation mode.
Optionally, before the step of returning, by the network application, the corresponding reply traffic information to the driver interface according to the obtained target traffic information, the method includes: providing a routing table; configuring a default route in the routing table, wherein the default route points to the driver interface.
Optionally, the step of returning, by the network application, the corresponding reply traffic information to the driver interface according to the obtained target traffic information includes: the kernel mode protocol stack converts the source address in the reply traffic information into an original source address by using a network address conversion mode, wherein the original source address is a target address in the target traffic information.
Optionally, after the step of converting the source address in the reply traffic information into the original address by using a network address conversion method, the kernel-mode protocol stack includes: judging whether the version operated by the kernel mode protocol stack is later than a preset version or not; when the running version of the kernel-mode protocol stack is judged to be later than a preset version, controlling the reply traffic information to be routed to the driving interface according to a preset first routing strategy; and
and when the version operated by the kernel-mode protocol stack is judged to be prior to or the same as the preset version, controlling the reply flow information to be routed to the driving interface according to a preset second routing strategy.
According to yet another aspect of the present application, there is also provided a storage medium having a computer program stored thereon, which when executed by a processor, performs the steps of the network interaction method according to any of the embodiments of the present application.
The network interaction system, the method and the storage medium based on the network protocol provided by the embodiment of the application aim to solve the problem that in the prior art, when a user mode protocol stack takes over a network interface, a network application using socket programming cannot directly receive a network data message from an external network, so that the network application cannot be normally used and needs to be improved or re-developed, thereby realizing the network function of a kernel mode subsystem based on a driving interface, and the network application based on the socket can be executed in the user mode subsystem, and ensuring higher performance. Further, the application uses a target address translation (DNAT) mode to ensure that the kernel mode protocol stack can be correctly connected when the user mode protocol stack processes the protocol message, so that the traditional network application can also be used when the user mode protocol stack takes over the network port. In addition, the kernel-mode subsystem provides a routing strategy to ensure that the receiving and sending flow of the network application is normal.
Drawings
The technical solution and other advantages of the present application will become apparent from the detailed description of the embodiments of the present application with reference to the accompanying drawings.
Fig. 1 is a schematic structural diagram of a network interaction system based on a network protocol according to an embodiment of the present application.
Fig. 2 is a flowchart illustrating steps of a network interaction method based on a network protocol according to an embodiment of the present application.
Fig. 3 is a flowchart illustrating a procedure of the preamble of step S210 shown in fig. 2.
Fig. 4 is a flowchart illustrating the preamble of step S260 shown in fig. 2.
Detailed Description
The technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application. It is to be understood that the embodiments described are only a few embodiments of the present application and not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
The terms "first", "second" and "first" are used herein for descriptive purposes only and are not to be construed as indicating or implying relative importance or implicitly indicating the number of technical features indicated. Thus, features defined as "first", "second", may explicitly or implicitly include one or more of the described features. In the description of the present application, "a plurality" means two or more unless specifically limited otherwise.
In the description of the present application, it is to be noted that, unless otherwise explicitly specified or limited, the terms "mounted," "connected," and "connected" are to be construed broadly, e.g., as meaning either a fixed connection, a removable connection, or an integral connection; may be mechanically connected, may be electrically connected or may be in communication with each other; either directly or indirectly through intervening media, either internally or in any other relationship. The specific meaning of the above terms in the present application can be understood by those of ordinary skill in the art as appropriate.
The following disclosure provides many different embodiments or examples for implementing different features of the application. In order to simplify the disclosure of the present application, specific example components and arrangements are described below. Of course, they are merely examples and are not intended to limit the present application. Moreover, the present application may repeat reference numerals and/or letters in the various examples, such repetition is for the purpose of simplicity and clarity and does not in itself dictate a relationship between the various embodiments and/or configurations discussed.
Referring to fig. 1, an embodiment of the present application provides a network interaction system 100 based on a network protocol, which is applied to a network device. The network interaction system 100 includes: a user-mode subsystem 10 and a kernel-mode subsystem 20; wherein, the user state subsystem 10 includes: a user mode protocol stack 11 and a network application 13; the user mode protocol stack 11 is configured to receive a network data packet sent from an external network, obtain corresponding target traffic information (or called target packet, the same applies hereinafter) according to preset packet characteristics, transmit the target traffic information to a driver interface 21 located in the kernel mode subsystem 20, receive reply traffic information returned from the network application 13 via the driver interface 21, and encapsulate the reply traffic information into a corresponding response packet to forward the response packet to the external network; the kernel mode subsystem 20 further includes: the kernel mode protocol stack 22 is configured to redirect to a local target address according to the target traffic information received from the driver interface 21, and forward to the IO interface 23 monitored by the process of the corresponding network application 13, so as to provide the target traffic information to the network application 13.
The network interaction system 100 based on the network protocol provided in the embodiment of the present application aims to solve the problem that, in the prior art, when the user mode protocol stack takes over the network interface, the network application using socket programming cannot directly receive the network data packet from the external network, which results in abnormal use and further needs to be improved or redeveloped, so as to implement the network function of the kernel mode subsystem 20 based on the driver interface 21, and the network application 13 based on the socket can be executed in the user mode subsystem 10, and ensure higher performance. Further, the present application uses a target address translation manner to ensure that the kernel mode protocol stack 22 can be correctly connected when the user mode protocol stack 11 processes the protocol packet, so as to implement that the traditional network application can also be used when the user mode protocol stack takes over the network port.
The network interaction system 100 based on network protocols will be further described below.
In this context, the network protocol refers to a network protocol based on the TCP protocol. The network interactive system 100 is a system based on the Linux operating system. In this embodiment, the network device is a router, but is not limited thereto, and the network device may also be a switch, a network card, or the like.
The network interaction system 100 includes at least a user mode subsystem 10 and a kernel mode subsystem 20, as shown in fig. 1. The user state subsystem 10 comprises: a user mode protocol stack 11, a network application 13 and a network interface 12.
In particular, the network interface 12 is connected to the user mode protocol stack 11. It should be noted that the connection here refers to the communication interaction between the network interface 12 and the user mode protocol stack 11. The network interface 12 is configured to receive a network data packet sent from an external network, and transmit the network data packet to the user mode protocol stack 11, and forward a response packet encapsulated by the user mode protocol stack to the external network.
The user mode protocol stack 11 is configured to receive a network data packet sent from an external network, and obtain corresponding target traffic information according to preset packet characteristics. The preset message characteristics are preset TCP message characteristics, and the TCP message characteristics may include an IP address, a protocol number, and a port number. According to the characteristics, the received network data message can be identified, and target flow information can be obtained. For example, a network application processing the BGP protocol requires that a TCP packet feature has a target PORT number (hereinafter referred to as DST _ PORT) of 179. As another example, network applications that handle the HTTP protocol require TCP messages to be characterized by a destination port number of 80. As another example, a network application handling HTTPS protocol requires that the TCP packet feature be a destination port number of 443. Also for example, a network application that handles the TELNET protocol requires that the TCP message feature be a destination port number of 23. In other words, the protocols supported by the network application 13 described herein include the BGP protocol, the HTTP protocol, the HTTPs protocol, and the TELNET protocol. The network application 13 supports, in addition to the above-described TCP protocol, a TFTP protocol, a DNS protocol, a DHCP protocol, an SNMP protocol, an NFS protocol, and the like.
In addition, the user mode protocol stack 11 is further configured to start a driver interface and obtain a device descriptor of the driver interface. When the user mode protocol stack 11 recognizes the target traffic information, the target traffic information is transferred to the driver interface 21 located in the kernel mode subsystem 20. That is, the user mode protocol stack 11 writes the target traffic information to the device descriptor of the driver interface. It should be noted that the device descriptor represents the driver interface at the software level.
In the present embodiment, the driver interface 21 is created in the Linux system, i.e. the interface is owned by Linux itself, with type tun. As shown in fig. 1, the tun interface represents the driving interface 21. The tun interface needs to be driven by the network to function properly.
In addition, the user mode protocol stack 11 is further configured to receive reply traffic information returned from the network application 13 via the driver interface 21, and encapsulate the reply traffic information into a corresponding response packet to forward to the external network. In other words, the user mode protocol stack waits for the reply traffic information to be obtained from the obtained device descriptor and forwards the reply traffic information to the external network according to the target IP address in the response message. Wherein, the target IP address is the IP address of the requester for sending the network data message.
With continued reference to FIG. 1, the kernel mode subsystem 20 includes: a driver interface 21, a kernel mode protocol stack 22 and an IO interface 23. The driving interface 21 is as described above, and is not described herein again.
The kernel mode protocol stack 22 is configured to redirect to a local target address according to the target traffic information received from the driver interface 21, and forward to the IO interface 23 monitored by the process of the corresponding network application 13, so as to provide the target traffic information to the network application 13.
Since the user mode protocol stack takes over the network interface 12, in order to enable the user mode protocol stack 11 to be correctly connected when processing a network data packet, the kernel mode protocol stack 22 needs to redirect target traffic information received by the kernel mode protocol stack 22 from the driver interface 21 to a local target address. In this embodiment, the kernel-mode protocol stack 22 redirects target traffic information to a local target address by using a target address translation (DNAT) approach. Of course, in some other embodiments, TPROXY may also be used. Note that typically the local target address may be represented by 127.0.0.1, which by default represents the host itself. Host refers herein to a network device.
After redirecting the target traffic information to the local target address, the kernel mode protocol stack 22 starts the function of the kernel mode subsystem with the routing destination address of 127.0.0.1 traffic, so as to forward the target traffic to the target address (here, the target address is 127.0.0.1). In other words, the kernel-mode protocol stack 22 delivers the destination traffic information to the location with the destination address of 127.0.0.1. During the transmission, the destination address is 127.0.0.1, and the routing table is used to query the routing table to obtain the corresponding route, wherein the routing table is the default routing table.
The IO interface 23 is used for the process of the native network application to monitor the kernel-mode protocol stack 22. In the present embodiment, the IO interface 23 is a socket (socket) interface. Sockets refer to abstractions of endpoints that communicate bi-directionally between application processes on different hosts in a network. In terms of the position, the socket uplink application process and the socket downlink network protocol stack are interfaces through which the application program communicates through the network protocol, and are interfaces through which the application program interacts with the network protocol stack. It should be noted that, in this document, the native network application in the kernel-mode protocol stack 22 means that the network application runs on the user-mode subsystem 10, but the required network data packet (or traffic information) is obtained from the kernel-mode protocol stack 22. For example, the socket interface has a port number of 179, and is an IO interface of the kernel mode protocol stack, which is run in the user mode subsystem 10 and is monitored by a process of the network application that processes the BGP protocol. For another example, the port number of the socket interface is 23, which is an IO interface of the process monitoring kernel mode protocol stack running in the user mode subsystem 10 and processing the network application of the TELNET protocol, which is not an example here.
After processing the traffic information, the network application 13 running in the user mode subsystem 10 generates reply traffic information, and transmits the reply traffic information to the driver interface 21 through a route, so that the user mode protocol stack 11 obtains corresponding reply traffic information from the driver interface 21. The routing method will be further described below.
The user mode protocol stack 11 has the characteristics of high packet receiving and sending efficiency, friendly development and convenience in maintenance, and is suitable for network equipment, particularly network equipment mainly forwarding, such as a router. The kernel-mode protocol stack 22 is an open-source, standard, large-scale, open-source community-maintained network application that uses a kernel-mode protocol stack. Therefore, the present application configures a driver interface 21 in the kernel-mode subsystem 20 to forward the network data packet transmitted to the user-mode protocol stack to the kernel-mode protocol stack 22 and provide the network data packet to the corresponding network application 13 (running in the user-mode subsystem 10, whose required traffic information is obtained from the kernel-mode protocol stack 22), so as to avoid the problem that, in the prior art, when the user-mode protocol stack takes over the network interface, the network application programmed by using sockets cannot directly receive the network data packet from the external network, which results in that the network data packet cannot be normally used and thus needs to be improved or redeveloped. In addition, the network interaction system ensures that the system has higher performance through the correct connection of the user mode protocol stack and the kernel mode protocol stack.
Referring to fig. 2, an embodiment of the present application provides a network interaction method based on a network protocol, and a network interaction system according to any embodiment of the present application is adopted. The specific structure and function of the network interaction system are as described above, and are not described herein again.
The method comprises the following steps:
step S210: a user mode protocol stack receives a network data message sent from an external network;
step S220: the user mode protocol stack identifies the received network data message according to the preset message characteristics to obtain corresponding target flow information;
step S230: the user mode protocol stack transmits the target flow information to a driving interface;
step S240: the kernel mode protocol stack redirects to a local target address according to the target flow information received from the driving interface;
step S250: the kernel mode protocol stack forwards the target flow information to an IO interface monitored by a corresponding network application process so as to provide the target flow information to the network application;
step S260: the network application returns corresponding reply flow information to the driving interface according to the obtained target flow information;
step S270: and the user mode protocol stack encapsulates the received reply flow information into a corresponding response message and forwards the response message to the external network.
By executing the steps S210 to S270, the network interaction method based on the network protocol solves the problem that in the prior art, when the user mode protocol stack takes over the network interface, the network application using socket programming cannot directly receive the network data message from the external network, so that the network application cannot be normally used and needs to be improved or redeveloped, thereby realizing the network function of the kernel mode subsystem based on the driver interface, and the network application based on the socket can be executed in the user mode subsystem, and ensuring higher performance.
The network interaction method described in the present application will be further described with reference to fig. 2.
Step S210: the user mode protocol stack receives a network data message sent from an external network.
In this context, the network protocol refers to a network protocol based on the TCP protocol. The network interaction system is a system based on a Linux operating system. The network interaction system at least comprises a user mode subsystem and a kernel mode subsystem. Wherein the user-mode subsystem comprises: a user mode protocol stack, a network application, and a network interface. The kernel-mode subsystem comprises: the device comprises a driving interface, a kernel mode protocol stack and an IO interface.
In this step, the network interface receives a network data packet sent from the external network and passes through to the user mode protocol stack. Thus, the user mode protocol stack receives the network data packet.
Step S220: and the user mode protocol stack identifies the received network data message according to the preset message characteristics to obtain corresponding target flow information.
The preset message characteristic is a preset TCP message characteristic. The TCP message characteristics may include IP address, protocol number, port number. According to the characteristics, the received network data message can be identified, and target traffic information (or target message) is obtained. For example, network applications that handle the BGP protocol require that the TCP packet feature be at a destination port number of 179. As another example, network applications that handle the HTTP protocol require TCP messages to be characterized by a destination port number of 80. As another example, a network application handling HTTPS protocol requires that the TCP packet feature be a destination port number of 443. Also for example, a network application that handles the TELNET protocol requires that the TCP message feature be a destination port number of 23. In other words, the protocols supported by the network applications described herein include the BGP protocol, the HTTP protocol, the HTTPs protocol, and the TELNET protocol.
Step S230: and the user mode protocol stack transmits the target flow information to the driving interface.
Referring to fig. 3, before step S210, the method further includes: step S201: and configuring a driving interface in the kernel-mode subsystem. In the embodiment, the driver interface is created and configured in the Linux system, that is, the interface is self-contained in Linux and is of type tun. As shown in fig. 1, the tun interface represents a driving interface. The tun interface needs to be driven by the network to function properly.
Further, after step S201 and before step S210, the method further comprises: step S202, a user mode protocol stack starts a driving interface; step S203, the user mode protocol stack obtains the device descriptor of the driver interface.
In step S230, when the user mode protocol stack identifies the target traffic information, the target traffic information is transmitted to the driver interface. In other words, the user mode protocol stack writes the target traffic information to the device descriptor that drives the interface.
Step S240: and the kernel mode protocol stack redirects to a local target address according to the target flow information received from the driving interface.
Because the user mode protocol stack takes over the network interface, in order to enable the user mode protocol stack to be correctly connected when processing the network data packet, the kernel mode protocol stack needs to redirect the target traffic information received by the driver interface from the kernel mode protocol stack to the local target address.
Redirection (Redirect) refers to redirecting various network requests to other locations through various methods. In this embodiment, the kernel-mode protocol stack redirects target traffic information to a local target address by using a target address translation (DNAT) approach. Of course, in some other embodiments, TPROXY may also be used. Note that typically the local target address may be represented by 127.0.0.1, which by default represents the host itself.
After the kernel mode protocol stack redirects the target traffic information to a local target address, the kernel mode protocol stack opens the target traffic information with a kernel routing target address of 127.0.0.1. In other words, the kernel-mode protocol stack 22 delivers the destination traffic information to the location with the destination address of 127.0.0.1. During the transmission, the destination address is 127.0.0.1, and the routing table is used to query the routing table to obtain the corresponding route, wherein the routing table is the default routing table.
Step S250: and the kernel mode protocol stack forwards the target flow information to an IO interface monitored by the corresponding network application process so as to provide the target flow information to the network application.
The IO interface is used for monitoring a kernel protocol stack by the native network application. In this embodiment, the IO interface is a socket interface. Sockets refer to abstractions of endpoints that communicate bi-directionally between application processes on different hosts in a network. In terms of the position, the socket uplink application process and the socket downlink network protocol stack are interfaces through which the application program communicates through the network protocol, and are interfaces through which the application program interacts with the network protocol stack. It should be noted that, in this document, the native network application in the kernel-mode protocol stack means that the network application runs in the user-mode subsystem, but the network data packet (or traffic information) required by the native network application is obtained from the kernel-mode protocol stack. For example, the socket interface has a port number of 179, and is an IO interface of a kernel mode protocol stack, which is monitored by a process of a network application running in a user mode subsystem and processing the BGP protocol. For another example, the port number of the socket interface is 23, and the socket interface is an IO interface of a process listening kernel mode protocol stack of a network application running in the user mode subsystem and processing the TELNET protocol.
Step S260: and the network application returns corresponding reply flow information to the driving interface according to the obtained target flow information.
Referring to fig. 4, before step S260, the method further includes: step S251, providing a routing table; step S252, configure a default route in the routing table, wherein the default route points to the driver interface.
The kernel mode subsystem supports 255 routing tables, and besides the default routing table, an unused routing table, for example, No. 251 routing table, can be selected as the preferred routing table. And adding a default route in the preferred routing table, wherein the added default route points to the driving interface.
In step S260, the network application performs a correlation process based on the obtained target traffic information. The relevant processing is, for example, downloading the file via FTP, or remotely connecting the devices, for example, via telnet, or advertising the route, for example, via BGP protocol. After the network application obtains the target flow information, the related functions can be completed. After performing these functions, reply traffic information may be generated. The kernel mode protocol stack transmits the reply traffic information to the driver interface through the route obtained in the steps S251 to S252, so that the user mode protocol stack obtains the corresponding reply traffic information from the driver interface.
In the process that the kernel-mode protocol stack transmits the reply traffic to the driver interface in a routing manner, the kernel-mode protocol stack converts a source address in the reply traffic information into an original source address by using a network address conversion manner (for example, connection tracking of netfilter), wherein the original source address refers to a target address sent by the requester.
For example, the requestor is A and the host is B (where the web application described herein runs). The interaction flow of the two parties is as follows: a) the method comprises the steps that a requester A sends a network data message to a host B, wherein the network data message comprises IPSRC = IP1 and IPST = IP2, IP1 is an IP address of the requester A, and IP2 is an IP address of the host B, B) the host B receives the network data message, processes the network data message to obtain target traffic information, and performs target address translation (DNAT), IPST in the traffic information is 127.0.0.1, c) network application receives the traffic information, and generates reply traffic information after processing. In the reply traffic information, SRCIP = =127.0.0.1,
DSTIP = = IP1, d) reply traffic information is converted into network address (i.e. reverse DNAT), at this time, SRCIP = =127.0.0.1 is modified into IP2, e) kernel mode protocol stack looks up route according to IP2, and returns to user mode protocol stack from driver interface and forwards to requester a.
In addition, in the process that the kernel-mode protocol stack transmits the reply traffic to the driver interface in a routing manner, the method may further include the following steps: judging whether the version operated by the kernel mode protocol stack is later than a preset version or not; when the running version of the kernel-mode protocol stack is judged to be later than a preset version, controlling the reply traffic information to be routed to the driving interface according to a preset first routing strategy; and when the version operated by the kernel-mode protocol stack is judged to be prior to or the same as the preset version, controlling the reply flow information to be routed to the driving interface according to a preset second routing strategy.
In this embodiment, the preset version means that the Kernel (Kernel) version of Linux is 4.17. When it is determined that the version of the kernel mode protocol stack is later than the preset version, that is, the version of the kernel mode protocol stack is greater than 4.17, the kernel mode protocol stack may use a first routing policy, where the first routing policy is a routing policy supporting a TCP port number. Specifically, if the source port number in the reply traffic information is the same as the destination port number in the destination traffic information, the preferred routing table created in steps S251 to S252 is used, and the destination IP address in the reply traffic information is used to perform a lookup in the preferred routing table to obtain the routing information. And if the source port number in the reply traffic information is different from the target port number in the target traffic information, using a default routing table, and using the target IP address in the reply traffic information to perform query in the default routing table to obtain the routing information. And the reply traffic information is routed to the driving interface according to the routing information so as to be provided for the user mode protocol stack.
When the running version of the kernel-mode protocol stack is determined to be earlier than or equal to the preset version, namely the running version of the kernel-mode protocol stack is 4.17 or less than 4.17, the kernel-mode protocol stack can use the second routing strategy. Specifically, first, reply traffic information in which a source port number in the reply traffic information is the same as a target port number in the target traffic information is marked using a traffic marking (mark) function of netfilter. Next, a query is made in the preferred routing table created in steps S251 to S252 using the target IP address in the reply traffic information containing the tag to obtain the routing information. And the reply traffic information containing the mark is routed to the driving interface according to the routing information so as to be provided for the user mode protocol stack.
The kernel mode protocol stack can provide an optimal routing strategy through the implementation of the steps S250 to S260, so as to optimize the performance of network communication.
Step S270: and the user mode protocol stack encapsulates the received reply flow information into a corresponding response message and forwards the response message to the external network.
In this step, the user mode protocol stack encapsulates the received reply traffic information into a corresponding response packet, and forwards the response packet to the external network through the network interface.
Through the implementation of the above steps S210 to S270, in the network interactive system where the user mode protocol stack and the kernel mode protocol stack coexist, the network application monitoring the socket interface in the kernel mode subsystem may be used.
In addition, an embodiment of the present application further provides a computer-readable storage medium, which stores a plurality of computer programs, where the computer programs can be loaded by a processor to perform the steps of any one of the network protocol-based network interaction methods provided in the embodiments of the present application. For example, the computer program may perform the steps of:
a user mode protocol stack receives a network data message sent from an external network;
the user mode protocol stack identifies the received network data message according to the preset message characteristics to obtain corresponding target flow information;
the user mode protocol stack transmits the target flow information to a driving interface;
the kernel mode protocol stack redirects to a local target address according to the target flow information received from the driving interface;
the kernel mode protocol stack forwards the target flow information to an IO interface monitored by a corresponding network application process so as to provide the target flow information to the network application;
the network application returns corresponding reply flow information to the driving interface according to the obtained target flow information;
and the user mode protocol stack encapsulates the received reply flow information into a corresponding response message and forwards the response message to the external network.
The above operations can be implemented in the foregoing embodiments, and are not described in detail herein.
Wherein the storage medium may include: read Only Memory (ROM), Random Access Memory (RAM), magnetic or optical disks, and the like.
The network interaction system, the method and the storage medium based on the network protocol provided by the embodiment of the application aim to solve the problem that in the prior art, when a user mode protocol stack takes over a network interface, a network application using socket programming cannot directly receive a network data message from an external network, so that the network application cannot be normally used and needs to be improved or re-developed, thereby realizing the network function of a kernel mode subsystem based on a driving interface, and the network application based on the socket can be executed in the user mode subsystem, and ensuring higher performance. Further, the application uses a target address conversion mode to ensure that the kernel mode protocol stack can be correctly connected when the user mode protocol stack processes the protocol message, so that the traditional network application can also be used when the user mode protocol stack takes over the network port. In addition, the kernel-mode subsystem provides a routing strategy to ensure that the receiving and sending flow of the network application is normal.
In the foregoing embodiments, the descriptions of the respective embodiments have respective emphasis, and for parts that are not described in detail in a certain embodiment, reference may be made to related descriptions of other embodiments.
The network interaction system, the method and the storage medium based on the network protocol provided by the embodiment of the present application are introduced in detail, and a specific example is applied in the present application to explain the principle and the implementation of the present application, and the description of the above embodiment is only used to help understanding the technical scheme and the core idea of the present application; those of ordinary skill in the art will understand that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; such modifications or substitutions do not depart from the spirit and scope of the present disclosure as defined by the appended claims.
Claims (12)
1. A network interaction system based on network protocol is applied to network equipment, and is characterized in that the network interaction system comprises: a user mode subsystem and a kernel mode subsystem; wherein the user-mode subsystem comprises: a user mode protocol stack and a network application; the user mode protocol stack is used for receiving a network data message sent from an external network, obtaining corresponding target flow information according to preset message characteristics, transmitting the target flow information to a driving interface in the kernel mode subsystem, receiving reply flow information returned by the network application through the driving interface, and packaging the reply flow information into a corresponding response message to be forwarded to the external network; the kernel-mode subsystem further comprises: the kernel mode protocol stack is used for redirecting the target flow information to a local target address by using a target address conversion mode according to the target flow information received from the driving interface and forwarding the target flow information to the IO interface monitored by the corresponding network application process so as to provide the target flow information to the network application.
2. The network interaction system of claim 1, wherein the user mode subsystem further comprises a network interface, the network interface is connected to the user mode protocol stack, and the network interface is configured to receive a network data packet sent from an external network, pass through to the user mode protocol stack, and forward a response packet encapsulated by the user mode protocol stack to the external network.
3. The network interaction system of claim 1, wherein the user mode protocol stack is further configured to open a driver interface and obtain a device descriptor of the driver interface.
4. The network interaction system of claim 1, wherein the predetermined message characteristic is a TCP message characteristic.
5. The network interaction system of claim 1, wherein the protocols supported by the network application include BGP, HTTP, HTTPs, and TELNET protocols.
6. A network interaction method based on network protocol, which adopts the network interaction system of claim 1, wherein the network interaction method comprises:
a user mode protocol stack receives a network data message sent from an external network;
the user mode protocol stack identifies the received network data message according to the preset message characteristics to obtain corresponding target flow information;
the user mode protocol stack transmits the target flow information to a driving interface;
the kernel mode protocol stack redirects to a local target address according to the target flow information received from the driving interface; the step of redirecting the kernel mode protocol stack to a local target address according to the target traffic information received from the driver interface includes: the kernel mode protocol stack redirects the target traffic information to a local target address by using a target address conversion mode;
the kernel mode protocol stack forwards the target flow information to an IO interface monitored by a corresponding network application process so as to provide the target flow information to the network application;
the network application returns corresponding reply flow information to the driving interface according to the obtained target flow information; the step of returning the corresponding reply traffic information to the driving interface by the network application according to the obtained target traffic information includes: the kernel mode protocol stack converts a source address in the reply traffic information into an original source address by using a network address conversion mode, wherein the original source address is a target address in the target traffic information;
and the user mode protocol stack encapsulates the received reply flow information into a corresponding response message and forwards the response message to the external network.
7. The network interaction method according to claim 6, wherein the step of receiving the network data packet sent from the external network by the user mode protocol stack is preceded by:
and configuring a driving interface in the kernel-mode subsystem.
8. The network interaction method according to claim 6 or 7, wherein the step of receiving the network data packet sent from the external network by the user mode protocol stack is preceded by the steps of:
the user mode protocol stack starts a driving interface; and
and the user mode protocol stack acquires the device descriptor of the driving interface.
9. The network interaction method of claim 8, wherein the step of the user mode protocol stack transmitting the target traffic information to the driver interface comprises: and the user mode protocol stack writes the target flow information into the device descriptor of the driving interface.
10. The network interaction method according to claim 6, wherein before the step of the network application returning the corresponding reply traffic information to the driver interface according to the obtained target traffic information, the method comprises:
providing a routing table;
configuring a default route in the routing table, wherein the default route points to the driver interface.
11. The network interaction method according to claim 6, wherein after the step of converting the source address in the reply traffic information into the original address by using a network address conversion method, the kernel-mode protocol stack comprises:
judging whether the version operated by the kernel mode protocol stack is later than a preset version or not;
when the running version of the kernel-mode protocol stack is judged to be later than a preset version, controlling the reply traffic information to be routed to the driving interface according to a preset first routing strategy;
and when the version operated by the kernel-mode protocol stack is judged to be earlier than or equal to the preset version, controlling the reply traffic information to be routed to the driving interface according to a preset second routing strategy.
12. A storage medium having a computer program stored thereon, wherein the computer program, when executed by a processor, implements the steps of the network interaction method of any of claims 6 to 11.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110793208.3A CN113259400B (en) | 2021-07-14 | 2021-07-14 | Network interaction system, method and storage medium based on network protocol |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110793208.3A CN113259400B (en) | 2021-07-14 | 2021-07-14 | Network interaction system, method and storage medium based on network protocol |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN113259400A CN113259400A (en) | 2021-08-13 |
| CN113259400B true CN113259400B (en) | 2021-09-28 |
Family
ID=77191323
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110793208.3A Active CN113259400B (en) | 2021-07-14 | 2021-07-14 | Network interaction system, method and storage medium based on network protocol |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113259400B (en) |
Families Citing this family (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114710570B (en) * | 2022-03-16 | 2023-08-25 | 深圳市风云实业有限公司 | UDP data zero-copy transmission method based on kernel mode protocol stack |
| CN115460470B (en) * | 2022-08-19 | 2024-03-26 | 烽火通信科技股份有限公司 | Multicast data forwarding method, device, equipment and readable storage medium |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106302199A (en) * | 2016-08-10 | 2017-01-04 | 成都广达新网科技股份有限公司 | A kind of User space protocol stack realization method and system based on L3 Switching machine equipment |
| CN106534182A (en) * | 2016-12-10 | 2017-03-22 | 武汉白虹软件科技有限公司 | Traceless network evidence acquisition method based on user state protocol stack |
| CN110602262A (en) * | 2018-06-13 | 2019-12-20 | 网宿科技股份有限公司 | Router and method for processing data message thereof |
Family Cites Families (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7587510B1 (en) * | 2003-04-21 | 2009-09-08 | Charles Schwab & Co., Inc. | System and method for transferring data between a user space and a kernel space in a server associated with a distributed network environment |
| CN102662910B (en) * | 2012-03-23 | 2014-10-15 | 浙江大学 | Network interaction system based on embedded system and network interaction method |
| CN103312601B (en) * | 2013-05-31 | 2017-04-19 | 汉柏科技有限公司 | Data message processing method from user mode to kernel mode |
| CN106603376B (en) * | 2016-12-14 | 2019-09-13 | 东软集团股份有限公司 | Message processing method and Virtual Private Network SSLVPN server |
| CN110535813B (en) * | 2018-05-25 | 2022-04-22 | 网宿科技股份有限公司 | Method and device for processing coexistence of kernel mode protocol stack and user mode protocol stack |
| CN110851289B (en) * | 2019-10-23 | 2022-11-08 | 新华三信息安全技术有限公司 | Protocol message processing method and switch |
| CN111262784B (en) * | 2020-01-13 | 2022-05-17 | 杭州朗和科技有限公司 | Message forwarding method, message forwarding device, storage medium and electronic equipment |
| CN112883007A (en) * | 2021-02-20 | 2021-06-01 | 杭州迪普科技股份有限公司 | Native protocol message processing method and device for Linux system |
-
2021
- 2021-07-14 CN CN202110793208.3A patent/CN113259400B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106302199A (en) * | 2016-08-10 | 2017-01-04 | 成都广达新网科技股份有限公司 | A kind of User space protocol stack realization method and system based on L3 Switching machine equipment |
| CN106534182A (en) * | 2016-12-10 | 2017-03-22 | 武汉白虹软件科技有限公司 | Traceless network evidence acquisition method based on user state protocol stack |
| CN110602262A (en) * | 2018-06-13 | 2019-12-20 | 网宿科技股份有限公司 | Router and method for processing data message thereof |
Also Published As
| Publication number | Publication date |
|---|---|
| CN113259400A (en) | 2021-08-13 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN113259400B (en) | Network interaction system, method and storage medium based on network protocol | |
| US8861522B2 (en) | Method for providing an internal server with reduced IP addresses | |
| EP3225014B1 (en) | Source ip address transparency systems and methods | |
| EP3125476B1 (en) | Service function chaining processing method and device | |
| US7388829B2 (en) | Method and apparatus for detecting and recovering from faults associated with transport protocol connections across network address translators | |
| EP2360879A1 (en) | Data package forwarding method, system and device | |
| WO2020248963A1 (en) | Method and apparatus for establishing end-to-end network connection, and network system | |
| US20120144483A1 (en) | Method and apparatus for preventing network attack | |
| US20090138611A1 (en) | System And Method For Connection Of Hosts Behind NATs | |
| US8194683B2 (en) | Teredo connectivity between clients behind symmetric NATs | |
| CN112671938B (en) | Business service providing method and system and remote acceleration gateway | |
| US20140032782A1 (en) | Method and apparatus for route selection of host in multihoming site | |
| CN112671628A (en) | Business service providing method and system | |
| US9560141B2 (en) | Method and apparatus of performing peer-to-peer communication establishment | |
| JP4712481B2 (en) | Communication method and apparatus | |
| JP2015122556A (en) | Communication device, communication method, and communication system | |
| US7151780B1 (en) | Arrangement for automated teller machine communications based on bisync to IP conversion | |
| US11516110B2 (en) | Method and apparatus for obtaining cross-domain link | |
| US7693091B2 (en) | Teredo connectivity between clients behind symmetric NATs | |
| CN113765865A (en) | Message processing method, device and system | |
| US10505892B2 (en) | Method for transmitting at least one IP data packet, related system and computer program product | |
| TW202249466A (en) | System and method for performing pfcp session load balancer | |
| KR101124635B1 (en) | Connecting gateway with ipv4/ipv6 | |
| US20230231803A1 (en) | Session establishment method and network device | |
| JP3742390B2 (en) | Communication method, communication apparatus, and program using HTTP tunneling server |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| PE01 | Entry into force of the registration of the contract for pledge of patent right | ||
| PE01 | Entry into force of the registration of the contract for pledge of patent right |
Denomination of invention: Network interaction system, method and storage medium based on network protocol Effective date of registration: 20220509 Granted publication date: 20210928 Pledgee: Bank of China Limited by Share Ltd. Nanjing Jiangning branch Pledgor: Nanjing yiketeng Information Technology Co.,Ltd. Registration number: Y2022980005300 |
|
| PC01 | Cancellation of the registration of the contract for pledge of patent right | ||
| PC01 | Cancellation of the registration of the contract for pledge of patent right |
Date of cancellation: 20230418 Granted publication date: 20210928 Pledgee: Bank of China Limited by Share Ltd. Nanjing Jiangning branch Pledgor: Nanjing yiketeng Information Technology Co.,Ltd. Registration number: Y2022980005300 |
|
| PE01 | Entry into force of the registration of the contract for pledge of patent right | ||
| PE01 | Entry into force of the registration of the contract for pledge of patent right |
Denomination of invention: Network interaction system, method, and storage medium based on network protocols Effective date of registration: 20230427 Granted publication date: 20210928 Pledgee: Bank of China Limited by Share Ltd. Nanjing Jiangning branch Pledgor: Nanjing yiketeng Information Technology Co.,Ltd. Registration number: Y2023980039481 |