CN114338784A

CN114338784A - Service processing method, device and storage medium

Info

Publication number: CN114338784A
Application number: CN202111485283.XA
Authority: CN
Inventors: 武成洁; 王光全; 王泽林; 刘千仞; 徐博华
Original assignee: China United Network Communications Group Co Ltd
Current assignee: China United Network Communications Group Co Ltd
Priority date: 2021-12-07
Filing date: 2021-12-07
Publication date: 2022-04-12

Abstract

The application provides a service processing method, a service processing device and a storage medium, relates to the technical field of communication, and is used for solving the technical problem that value-added services cannot be reasonably provided for network private lines. The method comprises the following steps: after receiving a request message sent by a request end for requesting to acquire service access information of a plurality of value added services, the service access information can be determined according to the equipment identifier and the service identifier of the target value added service, and the service access information is sent to the request end, so that the request end can acquire services provided by equipment for providing the plurality of value added services according to the service access information. The request message comprises a device identifier of a request end and a service identifier of a target value-added service. The target value added service is any one or more of a plurality of value added services. The service access information includes routing information of a device providing a plurality of value added services and service identifications of the plurality of value added services. The method and the device can reasonably provide the value-added service for the network private line.

Description

Service processing method, device and storage medium

Technical Field

The present application relates to the field of communications technologies, and in particular, to a service processing method, an apparatus, and a storage medium.

Background

At present, in order to meet high requirements of users (such as high and new technology enterprises, government offices, and the like) that open a network dedicated line on the service quality, security, and the like of a communication network, a network operator generally needs to deploy Firewall (FW), Intrusion Detection System (IDS), deep packet inspection technology (DPI), Network Address Translation (NAT), Load Balance (LB), distributed denial of service (DDOS), and other value-added services for the network dedicated line, so as to enhance and optimize the network dedicated line and improve user experience.

In the existing method, when the devices corresponding to the value added services are deployed, all the devices corresponding to the value added services are generally deployed between a request end and a service end of a network private line. That is, for any data stream between the request end and the service end of the network dedicated line, service processing needs to be performed through the devices corresponding to the value added services, which not only increases processing delay of the data stream, but also causes waste of network resources.

Disclosure of Invention

The application provides a service processing method, a service processing device and a storage medium, which are used for solving the problem that value-added services cannot be reasonably provided for network private lines.

In order to achieve the purpose, the technical scheme is as follows:

in a first aspect, a method for service processing is provided, including: after receiving a request message sent by a request end for requesting to acquire service access information of a plurality of value added services, the service access information can be determined according to the equipment identifier and the service identifier of the target value added service, and the service access information is sent to the request end, so that the request end acquires services provided by equipment for providing the plurality of value added services according to the service access information. The request message comprises a device identifier of a request end and a service identifier of a target value-added service. The target value added service is any one or more of a plurality of value added services. The service access information includes routing information of a device providing a plurality of value added services and service identifications of the plurality of value added services.

Optionally, the method for determining the service access information according to the device identifier and the service identifier of the target value-added service specifically includes: acquiring a network private line corresponding to the equipment identifier from a plurality of pre-stored network private lines, and determining the network private line as a request end attribution; acquiring first routing information and a first service identifier of a value added service deployed on a network private line to which a request terminal belongs; the first routing information is routing information of equipment providing deployed value added services; acquiring second routing information corresponding to the service identifier of the target value-added service from a plurality of pieces of routing information stored in advance; the second routing information is the routing information of the equipment providing the target value added service; and determining the first routing information and the second routing information as routing information of equipment providing a plurality of value added services, and determining the first service identification and the service identification of the target value added service as service identifications of the plurality of value added services.

Optionally, after sending the service access information to the request end, the service processing method further includes: receiving a service deletion message sent by a request end; the service deletion message is used for requesting to delete the routing information and the service identification of the value added service to be deleted in the service access information; the service deletion message comprises an equipment identifier and a service identifier of the value added service to be deleted; determining service access information after deleting the value added service to be deleted according to the equipment identifier and the service identifier of the value added service to be deleted; and sending the service access information after deleting the value added service to be deleted to the request terminal.

Optionally, before receiving the request message sent by the request end, the service processing method further includes: receiving a private line opening request message sent by a request end; the private line opening request message is used for requesting to open a network private line between a request terminal and at least one service terminal; responding to the private line opening request message, and authenticating a request end; when the authentication of the request terminal is successful, a private line opening response message is sent to the request terminal; the private line opening response message is used for indicating that the network private line between the request terminal and at least one service terminal is successfully opened.

In a second aspect, a service processing apparatus is provided, including: a receiving unit, a processing unit and a transmitting unit; the receiving unit is used for receiving a request message sent by a request end; the request message is used for requesting to acquire service access information for providing a plurality of value added services for a request end; the request message comprises a device identifier of a request end and a service identifier of a target value-added service; the target value added service is any one or more of the value added services; the processing unit is used for determining service access information according to the equipment identifier and the service identifier of the target value-added service; the service access information comprises routing information of equipment for providing a plurality of value added services and service identifications of the plurality of value added services; and the sending unit is used for sending the service access information to the request end so that the request end obtains the services provided by the equipment for providing the plurality of value added services according to the service access information.

Optionally, the processing unit is specifically configured to: acquiring a network private line corresponding to the equipment identifier from a plurality of pre-stored network private lines, and determining the network private line as a request end attribution; acquiring first routing information and a first service identifier of a value added service deployed on a network private line to which a request terminal belongs; the first routing information is routing information of equipment providing deployed value added services; acquiring second routing information corresponding to the service identifier of the target value-added service from a plurality of pieces of routing information stored in advance; the second routing information is the routing information of the equipment providing the target value added service; and determining the first routing information and the second routing information as routing information of equipment providing a plurality of value added services, and determining the first service identification and the service identification of the target value added service as service identifications of the plurality of value added services.

Optionally, the receiving unit is further configured to receive a service deletion message sent by the request end; the service deletion message is used for requesting to delete the routing information and the service identification of the value added service to be deleted in the service access information; the service deletion message comprises an equipment identifier and a service identifier of the value added service to be deleted; the processing unit is also used for determining service access information after the value added service to be deleted is deleted according to the equipment identifier and the service identifier of the value added service to be deleted; and the sending unit is also used for sending the service access information after the value added service to be deleted is deleted to the request terminal.

Optionally, the receiving unit is further configured to receive a dedicated line activation request message sent by the request end; the private line opening request message is used for requesting to open a network private line between a request terminal and at least one service terminal; the processing unit is also used for responding to the private line opening request message and authenticating the request terminal; the sending unit is also used for sending a private line opening response message to the request end when the authentication of the request end is successful; the private line opening response message is used for indicating that the network private line between the request terminal and at least one service terminal is successfully opened.

In a third aspect, a traffic processing apparatus is provided, which includes a memory and a processor; the memory is used for storing computer execution instructions, and the processor is connected with the memory through a bus; when the service processing apparatus is operating, the processor executes computer-executable instructions stored in the memory to cause the service processing apparatus to perform the service processing method as in the first aspect.

The service processing apparatus may be a network device, or may be a part of an apparatus in the network device, for example, a system on chip in the network device. The system on chip is configured to support the network device to implement the functions involved in the first aspect and any one of the possible implementations thereof, for example, to receive, determine, and offload data and/or information involved in the data processing method. The chip system includes a chip and may also include other discrete devices or circuit structures.

In a fourth aspect, a computer-readable storage medium is provided, wherein the computer-readable storage medium comprises computer-executable instructions, which when executed on a computer, cause the computer to perform the business process method of the first aspect.

It should be noted that all or part of the above computer instructions may be stored on the first computer readable storage medium. The first computer readable storage medium may be packaged together with the processor of the service processing apparatus, or may be packaged separately from the processor of the service processing apparatus, which is not limited in this application.

In the present application, the names of the service processing devices mentioned above do not limit the devices or the functional modules themselves, and in actual implementation, the devices or the functional modules may appear by other names. Insofar as the functions of the respective devices or functional modules are similar to those of the present application, they fall within the scope of the claims of the present application and their equivalents.

These and other aspects of the present application will be more readily apparent from the following description.

The technical scheme provided by the application at least brings the following beneficial effects: after receiving a request message (including a device identifier of the request end and a service identifier of a target value added service) sent by the request end for requesting service access information of a plurality of value added services, the service access information including routing information of devices providing the plurality of value added services and the service identifiers of the plurality of value added services can be determined according to the device identifier and the service identifier of the target value added service, and the service access information is sent to the request end, so that the request end can obtain services provided by the devices providing the plurality of value added services according to the service access information.

As can be seen from the above, since the service access information is the routing information and the service identifier of the value added service required by the request end, the value added service required by the request end can be selected to provide a service for the request end according to the actual requirement of the request end. Compared with the prior art, the method has the advantages that the data stream of the request end needs to be processed by the equipment corresponding to all the value-added services deployed on the network private line, the value-added service can be reasonably provided for the network private line, the processing time delay of the data stream is reduced, and the utilization rate of network resources is improved.

Drawings

Fig. 1A is a schematic structural diagram of a service processing system according to an embodiment of the present application;

fig. 1B is a schematic structural diagram of another service processing system provided in the embodiment of the present application;

fig. 2 is a schematic structural diagram of a network private line management system according to an embodiment of the present application;

fig. 3 is a schematic hardware structure diagram of a communication device according to an embodiment of the present disclosure;

fig. 4 is a schematic hardware structure diagram of a communication device according to an embodiment of the present disclosure;

fig. 5 is a first flowchart of a service processing method according to an embodiment of the present application;

fig. 6 is a second flowchart illustrating a service processing method according to an embodiment of the present application;

fig. 7 is a third schematic flowchart of a service processing method according to an embodiment of the present application;

fig. 8 is a fourth schematic flowchart of a service processing method according to an embodiment of the present application;

fig. 9 is a fifth flowchart of a service processing method according to an embodiment of the present application;

fig. 10 is a schematic structural diagram of a service processing apparatus according to an embodiment of the present application.

Detailed Description

The technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are only a part of the embodiments of the present application, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.

It should be noted that in the embodiments of the present application, words such as "exemplary" or "for example" are used to indicate examples, illustrations or explanations. Any embodiment or design described herein as "exemplary" or "e.g.," is not necessarily to be construed as preferred or advantageous over other embodiments or designs. Rather, use of the word "exemplary" or "such as" is intended to present concepts related in a concrete fashion.

For the convenience of clearly describing the technical solutions of the embodiments of the present application, in the embodiments of the present application, the terms "first" and "second" are used to distinguish the same items or similar items with basically the same functions and actions, and those skilled in the art can understand that the terms "first" and "second" are not used to limit the quantity and execution order.

Furthermore, the terms "comprising" and "having" in the description of the embodiments and claims of the present application and the drawings are not intended to be exclusive. For example, a process, method, system, article, or apparatus that comprises a list of steps or modules is not limited to only those steps or modules listed, but may include other steps or modules not listed.

As described in the background art, when deploying devices corresponding to value-added services such as FW, IDS, DPI, NAT, LB, and DDOS, the existing method generally deploys all the devices corresponding to the value-added services between a request end and a service end of a network dedicated line. That is, for any data stream between the request end and the service end of the network dedicated line, service processing needs to be performed through the devices corresponding to the value added services, which not only increases processing delay of the data stream, but also causes waste of network resources.

In view of the above problems, an embodiment of the present application provides a service processing method, and the technical solution provided by the present application at least brings the following beneficial effects: after receiving a request message (including a device identifier of the request end and a service identifier of a target value added service) sent by the request end for requesting service access information of a plurality of value added services, the service access information including routing information of devices providing the plurality of value added services and the service identifiers of the plurality of value added services can be determined according to the device identifier and the service identifier of the target value added service, and the service access information is sent to the request end, so that the request end can obtain services provided by the devices providing the plurality of value added services according to the service access information. The target value added service is any one or more of a plurality of value added services.

The service processing method is suitable for a service processing system. Fig. 1A shows one configuration of the business processing system 100. As shown in fig. 1A, the service processing system 100 includes: a request terminal 101 and a service processing device 102. The request end 101 and the service processing device 102 are connected in communication.

In practical applications, the service processing apparatus 102 in fig. 1 can be communicatively connected to a plurality of requesting terminals 101 at the same time.

For ease of understanding, the present application mainly takes the communication connection between the service processing apparatus 102 and one requesting end 101 as an example.

Optionally, the request end 101 in fig. 1A may be a terminal, or may be a gateway connected to the terminal.

When requesting end 101 in fig. 1A is a terminal, the terminal can be a device that provides voice and/or data connectivity to a user, a handheld device having wireless connection capability, or other processing device connected to a wireless modem. A wireless terminal may communicate with one or more core networks via a Radio Access Network (RAN). The wireless terminal may be a mobile terminal, such as a computer having a mobile terminal, or a portable, pocket, hand-held, computer-embedded mobile device, which exchanges language and/or data with a radio access network, for example, a mobile phone, a tablet computer, a notebook computer, a netbook, a Personal Digital Assistant (PDA). The embodiments of the present application do not set any limit to this.

When the request end 101 in fig. 1A is a gateway, the gateway is used to implement a communication connection between the service processing apparatus 102 and an electronic device at the opposite end. The electronic device at the opposite end may be an electronic device that performs data transmission based on a communication protocol, a data format, a language, or the like different from that of the service processing apparatus 102.

Optionally, the service processing apparatus 102 in fig. 1A may be a server, a terminal, or other electronic devices for processing a service.

When the service processing apparatus 102 is a server, the server may be a single server, or may be a server cluster composed of a plurality of servers. In some embodiments, the server cluster may also be a distributed cluster. The embodiments of the present application do not set any limit to this.

Optionally, with reference to fig. 1A, as shown in fig. 1B, the service processing apparatus 102 may be an electronic device in which functional modules corresponding to various types of virtual software are deployed. These functional modules may include modules such as a Network management module 201, a resource management module 202, a service control module 203, a Software Defined Network (SDN) control module 204, and a policy control module 205.

The network management module 201 may be used to manage a plurality of request terminals connected to the service processing apparatus 102, for example, add or delete one request terminal.

The resource management module 202 may be configured to store a plurality of device identifiers and network dedicated lines corresponding to the device identifiers one to one, may also be configured to store device information of the device identifiers (for example, a service level of the network dedicated line, a service type of the network dedicated line, a network access type, and the like), and may also be configured to store routing information and service identifiers of value added services deployed on the network dedicated lines and the network dedicated lines correspondingly, or store a plurality of value added services and routing information corresponding to the value added services.

The network-dedicated line service level may be used to indicate a transmission rate level corresponding to the network-dedicated line.

The network dedicated line service types may include point-to-point communication, point-to-multipoint communication, and the like.

The network access type may be a third generation mobile communication technology, a fourth generation mobile communication technology, and the like.

The service control module 203 may be configured to adjust any one or more value added services deployed on the network dedicated line, and generate information such as a logical link corresponding to the adjusted value added service deployed on the network dedicated line. The service control module may further send information such as the adjusted value added service deployed on the network dedicated line to the resource management module for storage, or send information such as a logical link corresponding to the adjusted value added service deployed on the network dedicated line to the SDN control module and the policy control module, so as to generate a routing path or a traffic policy corresponding to the logical link.

The SDN control module 204 specifies flexible packet processing specifications based on a protocol such as Open Flow (Open Flow), and may control and manage switching devices or routing devices connected thereto. In this embodiment of the application, the SDN control module 204 may be configured to generate information, such as a routing path of a logical link corresponding to the value added service deployed on the adjusted network dedicated line, so that a data flow on the network dedicated line may access a device corresponding to the required value added service.

The device corresponding to the value added service may be a server, or may be a functional module used for providing the value added service in the server. When the device corresponding to the value added service is a server, the server may perform data transmission with the service processing apparatus 102 through the router. When the device corresponding to the value added service is a functional module inside the server, the virtual software corresponding to the value added service may be deployed in the functional module inside the service processing apparatus 102. The policy control module 205 may be configured to generate information such as a traffic policy of a logical link corresponding to the adjusted value added service deployed on the dedicated network line (e.g., Access Control Lists (ACL) information corresponding to routing information of the value added service, etc.), so that a request end accessing the dedicated network line encapsulates the data packet according to the traffic policy.

Fig. 2 is a schematic structural diagram of a network private line management system. The network dedicated line management system includes 2 access routers (denoted as access router 301 and access router 302, respectively), a centralized control device 303, and a service server 304.

The network private line management system accesses at least two access routers for constructing the network private line at two ends of a backbone network formed by a Universal Transport Network (UTN) and an IP bearing network, and the at least two access routers establish tunnel communication based on the backbone network, so that when the network private line service between the at least two access routers is opened, the opening of the network private line can be completed by a centralized control device and a service server in the network private line management system, and the network private line can be opened more quickly and flexibly.

The access router 301 is connected to an access network UTN 1 of the access router 301, the access router 302 is connected to an access network UTN 2 of the access router 302, the UTN 1, the IP bearer a network, and the UNT 2 form a backbone network, and the backbone network is configured in advance. For example, the backbone network has reserved the bandwidth required for opening the dedicated network line, the public network (i.e. backbone network) IP address of each access router, and the like, and the network between the access router 301 and the access router 302 is reachable.

Tunnel communication has been established between access router 301 and access router 302. For example, access router 301 and access router 302 have been configured with respective IP addresses to each other and with the same tunneling protocol.

The access router 301 and the access router 302 in fig. 2 may establish tunneling communication by using Generic Routing Encapsulation (GRE) protocol. The GRE protocol is as follows: any one of other network layer protocols (e.g., Internet Control Message Protocol (ICMP)) may be encapsulated over any one of the network layer protocols (e.g., Internet Protocol (IP)). The tunnel Protocol may further include a Protocol such as IP in IP, IP Security (IPsec), and the like, and an appropriate tunnel Protocol may be selected and used according to an actual use requirement.

The tunnel in the tunnel technology can be understood as a point-to-point connection channel, and the essence of the tunnel technology is that a tunnel protocol is adopted, and a network layer protocol is used for transmitting another network layer protocol, so that the secure communication between two nodes is realized, that is, a data message is transmitted in a special tunnel on a public network. For example, a node (node 1) at one end of a Virtual Private Network (VPN) of an important customer re-encapsulates a data packet of another protocol into a data packet of another protocol by using a tunneling protocol, the re-encapsulated data packet may be transmitted to another node (node 2) of the VPN in a tunnel between the two nodes, and then, the node 2 de-encapsulates the received data packet by using the same tunneling protocol, thereby completing transmission of the data packet.

Optionally, in conjunction with fig. 1A, the access router 301 in fig. 2 may be the request end 101 in fig. 1A.

Alternatively, the centralized control device 303 in fig. 2 may be used to manage the dedicated network line between the access router 301 and the access router 302. For example, the centralized control device 303 may be configured to open a dedicated network line between a requesting end that establishes a communication connection with the access router 301 and at least one service end that establishes a communication connection with the access router 302.

Optionally, the business server 304 may be used to provide business services. For example, services such as ordering, authenticating a request end in communication connection with an access router, and charging a network private line.

Optionally, in conjunction with fig. 1A, the centralized control device 303 and the service server 304 in fig. 2 may be functional modules inside the service processing apparatus 102 in fig. 1A.

It is easily understood that, when the centralized control device 303 and the service server 304 are functional modules inside the service processing apparatus 102, the communication mode between the centralized control device 303 and the service server 304 is communication between the modules inside the service processing apparatus 102. In this case, the communication flow between the two is the same as the "communication flow between the centralized control device 303 and the service server 304 when they are independent devices".

The UTN is mainly located to carry mobile backhaul services such as a second Generation mobile phone communication technology specification (2G), a third Generation mobile communication technology (3rd-Generation, 3G), and a Long Term Evolution (LTE), the core convergence layer is mainly located to converge and forward edge traffic, the access layer is located at the edge of the network and is used to provide flexible Service access, and the UTN meets the construction requirements of a large video monitoring system by providing Quality of Service (QoS) guarantees for different services, with a high-Quality and high-reliability transmission effect and a flexible networking mode, and is suitable for a highway monitoring system with long distance, multiple services, multiple levels of networking, and hierarchical management.

The IP bearer network is a private network constructed by each operator by using IP technology, and is used for bearing services (such as soft switch, video, VPN, etc.) with high requirements on transmission quality, and the IP bearer network has the characteristics of low cost, good expansibility, flexible service bearer, and the like of the IP network, and simultaneously has high reliability and safety of a transmission system. The IP bearer network may comprise an IP bearer a network and an IP bearer B network.

The network special line is an independent network line for a certain organization, namely an independent local area network, such as military, bank and the like, so that data transmission of a user becomes reliable and credible, the network special line has the advantages of good safety and guaranteed QoS. The network private line comprises two channels: physical dedicated channels and virtual dedicated channels. The physical special channel is a special line laid between a service provider and a user, the line is only used independently by the user, and other data cannot enter the line; the virtual special channel reserves a certain bandwidth for users on a common channel, so that the users can share the bandwidth alone, like opening a channel on a common channel to be used only by corresponding users, and the data of the users are encrypted, thereby ensuring the reliability and the safety.

VPN refers to the establishment of a virtual private network over a public network (i.e., backbone) without regional equipment. The connection between any two devices in different areas does not have an end-to-end physical link required by a traditional private network, but is a logical network constructed on a network platform provided by a public network service provider, and user data is transmitted in the logical link. The data transmission among the devices in different areas can be realized by adopting a tunnel technology, an encryption and decryption technology, a key management technology and the like.

The basic hardware structures of the request end 101 and the service processing device 102 in the service processing system 100 are similar, and both include elements included in the communication device shown in fig. 3 or fig. 4. The hardware structures of the request terminal 101 and the service processing apparatus 102 will be described below by taking the communication apparatus shown in fig. 3 and 4 as an example.

Fig. 3 is a schematic diagram of a hardware structure of a communication device according to an embodiment of the present disclosure. The communication device comprises a processor 31, a memory 32, a communication interface 33, and a bus 34. The processor 31, the memory 32 and the communication interface 33 may be connected by a bus 34.

The processor 31 is a control center of the communication apparatus, and may be a single processor or a collective term for a plurality of processing elements. For example, the processor 31 may be a Central Processing Unit (CPU), other general-purpose processors, or the like. Wherein a general purpose processor may be a microprocessor or any conventional processor or the like.

For one embodiment, processor 31 may include one or more CPUs, such as CPU0 and CPU1 shown in FIG. 3.

The memory 32 may be, but is not limited to, a read-only memory (ROM) or other type of static storage device that may store static information and instructions, a Random Access Memory (RAM) or other type of dynamic storage device that may store information and instructions, an electrically erasable programmable read-only memory (EEPROM), a magnetic disk storage medium or other magnetic storage device, or any other medium that can be used to carry or store desired program code in the form of instructions or data structures and that can be accessed by a computer.

In a possible implementation, the memory 32 may exist separately from the processor 31, and the memory 32 may be connected to the processor 31 through a bus 34 for storing instructions or program codes. The processor 31 can implement the service processing method provided by the following embodiments of the present application when calling and executing the instructions or program codes stored in the memory 32.

In the embodiment of the present application, the software programs stored in the memory 32 are different for the requesting terminal 101 and the service processing apparatus 102, so that the functions implemented by the requesting terminal 101 and the service processing apparatus 102 are different. The functions performed by the devices will be described in connection with the following flow charts.

In another possible implementation, the memory 32 may also be integrated with the processor 31.

A communication interface 33, configured to connect the communication device with other devices through a communication network, where the communication network may be an ethernet, a radio access network, a Wireless Local Area Network (WLAN), or the like. The communication interface 33 may include a receiving unit for receiving data, and a transmitting unit for transmitting data.

The bus 34 may be an Industry Standard Architecture (ISA) bus, a Peripheral Component Interconnect (PCI) bus, an extended ISA (enhanced industry standard architecture) bus, or the like. The bus may be divided into an address bus, a data bus, a control bus, etc. For ease of illustration, only one thick line is shown in FIG. 3, but this does not mean only one bus or one type of bus.

It is noted that the configuration shown in fig. 3 does not constitute a limitation of the communication apparatus, which may comprise more or less components than those shown in fig. 3, or a combination of some components, or a different arrangement of components, in addition to those shown in fig. 3.

Fig. 4 shows another hardware configuration of the communication apparatus in the embodiment of the present application. As shown in fig. 4, the communication device may include a processor 41 and a communication interface 42. Processor 41 is coupled to communication interface 42.

The function of the processor 41 may refer to the description of the processor 31 above. The processor 41 also has a memory function and can function as the memory 32.

The communication interface 42 is used to provide data to the processor 41. The communication interface 42 may be an internal interface of the communication device, or may be an external interface (corresponding to the communication interface 33) of the communication device.

It is noted that the configuration shown in fig. 3 (or fig. 4) does not constitute a limitation of the communication apparatus, which may include more or less components than those shown in fig. 3 (or fig. 4), or combine some components, or a different arrangement of components, in addition to the components shown in fig. 3 (or fig. 4).

Fig. 5 is a schematic flow chart of a service processing method according to an embodiment of the present application. The service processing method is applied to a service processing device, and the service processing device belongs to the service processing system shown in fig. 1A. The service processing method comprises the following steps: S501-S503.

S501, the service processing device receives a request message sent by a request end.

Specifically, when the services provided by the plurality of value added services need to be acquired to perform corresponding enhancement and optimization on the dedicated network line, the request end may send a request message for requesting to acquire the service access information of the plurality of value added services to the service processing apparatus. Accordingly, the service processing device may receive the request message sent by the request end.

The request message is used for requesting to acquire service access information for providing a plurality of value added services for the request terminal. The request message comprises the equipment identification of the request end and the service identification of the target value-added service. The target value added service is any one or more of a plurality of value added services.

Optionally, the plurality of value added services may include any plurality of value added services such as FW, IDS, DPI, NAT, LB, and DDOS, and may also include other value added services for enhancing and optimizing the network dedicated line.

It is understood that the target value added service of the plurality of value added services may be an additional value added service that needs to be deployed on the network dedicated line corresponding to the device identifier. The value added service other than the target value added service in the plurality of value added services may be a value added service already deployed on a network dedicated line corresponding to the device identifier.

Illustratively, the value added services already deployed on the network private line a are preset to be FW and IDS, and when an additional DDOS needs to be deployed for the network private line, the request end may send a request message to the service processing apparatus for requesting to acquire service access information for providing the FW, the IDS, and the DDOS for a total of three value added services. Wherein, the target value added service is DDOS.

Optionally, the device identifier may be a Universal Unique Identifier (UUID) for uniquely identifying the identity information of the requesting end.

Alternatively, the service identifier may be identification information for indicating a service type of the value added service. The identification information may be a service name of the value added service, or may be other preset identification information corresponding to the service type of the value added service.

S502, the service processing device determines the service access information according to the equipment identifier and the service identifier of the target value-added service.

Specifically, after receiving the request message sent by the request end, the service processing device may parse the request message to determine the device identifier of the request end and the service identifier of the target value-added service. Subsequently, the service processing device may determine the network dedicated line corresponding to the request end according to the device identifier of the request end, determine the routing information and the service identifier of the value added service deployed on the network dedicated line, and determine the routing information of the target value added service according to the service identifier of the target value added service.

Then, the service processing device may determine the routing information and the service identifier of the value added service deployed on the network private line and the routing information and the service identifier of the target value added service as the routing information and the service identifier of the plurality of value added services, thereby obtaining the service access information providing the plurality of value added services.

The service access information may include routing information of a device providing a plurality of value added services and service identifiers of the plurality of value added services.

It can be understood that, after the service processing device determines the routing information and the service identifier of the value added service deployed on the network dedicated line and the routing information and the service identifier of the target value added service, the service processing device may determine, according to the network topology information in the network dedicated line, the sequence of the data stream passing through the device providing the deployed value added service and the device providing the target value added service, thereby obtaining the routing information and the service identifiers of the plurality of value added services.

Exemplarily, the existing value added services are respectively preset as FW, IDS, DPI and NAT, and the service identifier of the value added service FW is a, the service identifier of the value added service IDS is B, the service identifier of the value added service DPI is C, and the service identifier of the value added service NAT is D.

The existing routing information of the value added service is that the routing information corresponding to the service identity a of FW is that the first peer of the device providing FW is connected to the data flow ingress device and the second peer of the device providing FW is connected to the first peer of the device providing IDS.

The routing information corresponding to the traffic identity B of the IDS is a first peer connection of the device providing the IDS and the device providing FW, and a second peer connection of the device providing the IDS and the device providing DPI.

The routing information corresponding to the traffic identification C of the DPI is that the first end of the device providing the DPI is connected to the second end of the device providing the IDS, and the second end of the device providing the DPI is connected to the first end of the device providing the NAT.

The routing information corresponding to the traffic identification D of the NAT is the connection of the first end of the NAT-providing device and the second end of the DPI-providing device, and the connection of the second end of the NAT-providing device and the data flow outlet device.

If the value added services deployed on the network private line are FW and IDS, and the target value added service is NAT, the service processing apparatus may determine the routing information of the plurality of value added services as passing through the data flow inlet device, the device providing FW, the device providing IDS, the device providing NAT, and the data flow outlet device in sequence, and determine the service identifications of the plurality of value added services as A, B and D.

If the value added services deployed on the network private line are FW and NAT and the target value added service is DPI, the service processing apparatus may determine the routing information of the plurality of value added services as passing through the data flow inlet device, the device providing FW, the device providing DPI, the device providing NAT, and the data flow outlet device in sequence, and determine the service identifications of the plurality of value added services as A, C and D.

Optionally, the service processing device may further generate a plurality of logical links of the value added service according to the routing information and the service identifier of the value added service, and generate routing path information, traffic policy, and other information of the value added service according to the logical links of the value added service. Subsequently, when the service processing device sends the service access information to the request end, the service processing device can carry the routing path information, the traffic policy and other information of the plurality of value added services in the service access information.

The routing path information may be used to indicate a device that a request end corresponding to the device identifier sequentially accesses a plurality of value added services deployed on the network private line.

The traffic policy may include ACL information corresponding to the device identification, and the like. The traffic policy may be used to instruct the request end corresponding to the device identifier to encapsulate the data packet sent through the network dedicated line according to the traffic policy.

S503, the service processing device sends the service access information to the request end, so that the request end obtains the services provided by the equipment providing the plurality of value added services according to the service access information.

It can be understood that, after receiving the service access information from the service processing apparatus, the requesting end may parse the service access information to determine the routing information of the device providing the multiple value-added services and the service identifiers of the multiple value-added services.

Subsequently, the request end can configure the information in the service access information in the data message to be transmitted, so that the data message sequentially passes through the value added service equipment corresponding to the routing information, and when it is determined that the service identification corresponding to the value added service provided by the passed equipment is matched with the service identifications of the multiple value added services, the equipment processes the data message; otherwise, the device does not perform any processing on the data message and directly transmits the data message to the next node device. Therefore, the request end can acquire the services provided by the equipment of the plurality of value added services according to the service access message.

In an implementation manner, referring to fig. 5 and as shown in fig. 6, in the above S502, the method for determining the service access information by the service processing device according to the device identifier and the service identifier of the target value-added service specifically includes: S601-S604.

S601, the service processing device acquires the network private line corresponding to the equipment identifier from a plurality of pre-stored network private lines, and determines the network private line to which the request terminal belongs.

Optionally, the service processing apparatus may be configured with a resource management module. The resource management module may be configured to store a plurality of device identifiers and private line identifiers of a plurality of network private lines that are in one-to-one correspondence with the plurality of device identifiers.

After analyzing the request message sent by the request end and determining the device identifier of the request end, the service processing device may read the private line identifier corresponding to the device identifier from the resource management module, and determine the network private line corresponding to the private line identifier as the network private line to which the request end belongs.

Optionally, the resource management module may be further configured to store information, such as a network dedicated line service level, a network dedicated line service type, and a network access type of the network dedicated line corresponding to the device identifier.

S602, the service processing device obtains first routing information and a first service identifier of the value added service deployed on the network private line to which the request terminal belongs.

The first routing information is routing information of equipment providing deployed value added services. The first service identification is the service identification of the value added service deployed on the network private line.

Optionally, the resource management module configured on the service processing apparatus may be further configured to correspondingly store the private line identifiers of the multiple network private lines and the routing information and service identifiers of the value added services deployed on the multiple network private lines.

After reading the dedicated line identifier corresponding to the device identifier, the service processing apparatus may read, from the resource management module, the routing information and the service identifier of the value added service already deployed on the network dedicated line corresponding to the dedicated line identifier, and determine the routing information and the first service identifier as the first routing information and the first service identifier of the value added service already deployed on the network dedicated line.

Exemplarily, it is preset that the value added service deployed on the network dedicated line a to which the request end belongs includes FW, IDS and DPI, the first routing information may be that a data stream sent by the request end sequentially passes through a device providing FW, a device providing IDS, and a device providing DPI, and the first service identifier may be a service identifier of FW, a service identifier of IDS, and a service identifier of DPI.

S603, the service processing device acquires second routing information corresponding to the service identifier of the target value-added service from a plurality of pieces of routing information stored in advance.

And the second routing information is the routing information of the equipment providing the target value added service.

Optionally, the resource management module configured on the service processing device may be further configured to correspondingly store the service identifiers of the multiple value-added services and the multiple routing information.

After analyzing the request message sent by the request end and determining the service identifier of the target value-added service, the service processing device may read the routing information corresponding to the service identifier of the target value-added service from the resource management module and determine the routing information as the second routing information.

Illustratively, a resource management module configured on the preset service processing apparatus stores a service identifier of the value-added service FW, and the routing information corresponding to the service identifier of FW is used for connecting a first end of a device providing FW with a data flow inlet device and connecting a second end of the device providing FW with a first end of a device providing IDS; the service identification of the value added service IDS, and the routing information corresponding to the service identification of the IDS are that the first end of the device providing the IDS is connected with the second end of the device providing the FW, and the second end of the device providing the IDS is connected with the first end of the device providing the DPI; the service identification of the value added service, DPI, and the routing information corresponding to the service identification of the DPI are connected to a first end of the device providing DPI and a second end of the device providing IDS, and the second end of the device providing DPI is connected to the data flow outlet device.

When the value added service corresponding to the service identification of the target value added service is the DPI, the routing information of the target value added service is that the first end of the device providing the DPI is connected with the second end of the device providing the IDS, and the second end of the device providing the DPI is connected with the data flow outlet device.

The numbers of step S601 and step S603 are merely for convenience of description, and do not limit the actual execution order. For example, step S601 may be executed first, and then step S603 may be executed; step S603 may be executed first, and then step S601 may be executed; step S601 and step S603 may also be performed simultaneously.

S604, the service processing device determines the first routing information and the second routing information as routing information of devices providing multiple value-added services, and determines the first service identifier and the service identifier of the target value-added service as service identifiers of the multiple value-added services.

Illustratively, a first routing information is preset that a data flow sent by a request end sequentially passes through a device for providing FW, a device for providing IDS and a device for providing DPI, a first service identifier is a service identifier of FW, a service identifier of IDS and a service identifier of DPI, a second routing information is that the data flow sent by the request end needs to pass through the device for providing DDOS, and a second service identifier is a service identifier of DDOS.

The service processing apparatus may determine, as the routing information of the devices providing multiple value-added services, the data stream sent by the request end sequentially passes through the device providing FW, the device providing IDS, the device providing DPI, and the device providing DDOS, and determine the service identifier of FW, the service identifier of IDS, the service identifier of DPI, and the service identifier of DDOS as the service identifiers of multiple value-added services.

In an implementation manner, with reference to fig. 5, as shown in fig. 7, after the service processing apparatus sends the service access information to the request end, the service processing method further includes: S701-S703.

S701, the service processing device receives a service deletion message sent by the request end.

Specifically, when any one or more of the plurality of value added services deployed on the network dedicated line need to be deleted, for example, when the data flow on the network dedicated line no longer needs to be processed based on the DPI, that is, the DPI deployed on the network dedicated line needs to be deleted, the request end may send a service deletion message to the service processing apparatus. Accordingly, the service processing device may receive the service deletion message sent by the request end.

The service deleting message is used for requesting to delete the routing information and the service identification of the value added service to be deleted in the service access information. The service deleting message comprises the equipment identifier and the service identifier of the value added service to be deleted.

Exemplarily, FW, IDS and DPI are added to deployed value-added services on the network dedicated line a to which the preset request end belongs. When the DPI deployed on the network private line needs to be deleted, the request end may send a service deletion message for requesting deletion of the DPI to the traffic processing apparatus. In response to the service deletion message, the service processing apparatus may delete the deployed DPI on the dedicated network line a.

S702, the service processing device determines the service access information after deleting the value added service to be deleted according to the equipment identifier and the service identifier of the value added service to be deleted.

Specifically, after receiving the service deletion message sent by the request end, the service processing device may parse the service deletion message, and determine the device identifier and the service identifier of the value added service to be deleted.

Then, the service processing apparatus may determine a network dedicated line corresponding to the device identifier, and obtain first routing information and a first service identifier of the value added service deployed on the network dedicated line.

Then, the service processing device may delete the routing information and the service identifier of the value added service to be deleted from the first routing information and the first service identifier, and determine the routing information and the service identifier as the service access information after deleting the value added service to be deleted.

Illustratively, the preset service processing apparatus determines that a data stream sent by a request end by using first routing information of a deployed value-added service on a network dedicated line a corresponding to a device identifier sequentially passes through a device providing FW, a device providing IDS and a device providing DPI, the first service identifier is a service identifier of FW, a service identifier of IDS and a service identifier of DPI, and the value-added service corresponding to the service identifier of the value-added service to be deleted is DPI.

The service processing device may delete the routing information and the service identifier of the DPI from the first routing information and the first service identifier, and determine that the data stream sent by the request end sequentially passes through the device providing the FW and the device providing the IDS, and the service identifier of the FW and the service identifier of the IDS are the service access information after the value-added service to be deleted is deleted.

S703, the service processing device sends the service access information after deleting the value added service to be deleted to the request terminal.

Specifically, after determining the service access information after deleting the value added service to be deleted, the service processing device may send the service access information after deleting the value added service to the requesting end, so that the requesting end obtains, according to the service access information after deleting the value added service to be deleted, the service provided by the device which removes other value added services of the value added service to be deleted from the value added services deployed on the network dedicated line corresponding to the device identifier.

In an implementation manner, with reference to fig. 5, as shown in fig. 8, before the service processing apparatus receives the request message sent by the request end, the service processing method further includes: S801-S803.

S801, the service processing device receives a private line opening request message sent by a request end.

The private line opening request message is used for requesting to open a network private line between the request end and at least one service end.

The dedicated line provisioning request message may include a device identifier of the requesting end and identifier information of at least one service end.

Optionally, at least one service end may be other electronic equipment of the network dedicated user to which the request end belongs, or may be electronic equipment that is leased in advance by the network dedicated user and is used for providing the network dedicated service.

Alternatively, the service processing apparatus may be an integrated device that integrates the functions of the centralized control device and the service server in fig. 2. The requesting end may be communicatively coupled to access router 301 in fig. 2. At least one of the servers may be communicatively coupled to the access router 302 of fig. 2.

Alternatively, the backbone network in fig. 2 may be pre-configured with resources for establishing a dedicated network line (for example, a bandwidth required by the dedicated network line, an IP address of an access router, and the like), and a tunnel communication has been established between at least two access routers based on the backbone network, that is, the dedicated network line has been established.

Optionally, when the request terminal applies for provisioning of the network dedicated line between the request terminal and the at least one service terminal, the dedicated line provisioning request message may carry a network dedicated line requirement, that is, the dedicated line provisioning request message may further include bandwidth information of the network dedicated line between the request terminal and the at least one service terminal and a type of the network dedicated line.

The bandwidth information of the dedicated network line is the bandwidth of the dedicated network line requested to be opened by the request end, for example, the bandwidth of the dedicated network line requested to be opened by the request end is 5M.

The types of the network dedicated line may include an L2VPN (two-layer network dedicated line) and an L3VPN (three-layer network dedicated line), where the L2VPN refers to a two-layer forwarding manner (data forwarding based on an MAC address) between the request end and the at least one service end, and the L3VPN refers to a three-layer forwarding manner (data forwarding based on an IP address) between the request end and the at least one service end.

S802, the service processing device responds to the private line opening request message and authenticates the request terminal.

Specifically, after receiving the dedicated line provisioning request message sent by the request end, the service processing apparatus may analyze the dedicated line provisioning request message, and determine the device identifier of the request end and the identifier information of the at least one service end.

Optionally, the resource management module configured on the service processing apparatus may store, in advance, a plurality of device identifiers, a dedicated line identifier of a network dedicated line corresponding to the plurality of device identifiers one to one, and a correspondence between the dedicated line identifier of the network dedicated line and the identifier information of at least one server.

After receiving the dedicated line opening request message sent by the request end, the service processing device can determine whether the request end has the authority of opening the dedicated network line with at least one service end according to the dedicated network line information stored by the resource management module, thereby completing the authentication of the request end.

Optionally, when the authentication on the request end fails, the service processing apparatus may send a network dedicated line provisioning failure message to the request end, so that the request end checks whether the information in the dedicated line provisioning request message has a configuration error.

And S803, when the authentication of the request terminal is successful, the service processing device sends a private line opening response message to the request terminal.

The private line opening response message is used for indicating that the network private line between the request terminal and at least one service terminal is successfully opened.

In an implementation manner, with reference to fig. 1B, as shown in fig. 9, when each function module integrated by the service processing apparatus is an independent device, that is, the network management module 201 is a network management device, the resource management module 202 is a resource management device, the service control module 203 is a service control device, the SDN control module 204 is an SDN control device, and the policy control module 205 is a policy control device, the service processing method further includes: and S901-S911.

S901, the network management equipment receives a request message from a request end.

It should be understood that, for a specific implementation manner of S901, reference may be made to the description of S501, and details are not described here.

S902, the gateway device sends a request message to the resource management device.

Specifically, after receiving the request message from the request end, the network management device may parse the request message to confirm the message type of the request message, and may send the request message sent by the request end to the resource management device in response to the request message.

Optionally, the message type may be a message type for provisioning a value added service, a message type for provisioning a network dedicated line, or the like.

S903, responding to the request message, the resource management device determines the special line identifier, the first routing information, the first service identifier and the second routing information of the network special line corresponding to the device identifier.

Specifically, after receiving the request message from the network management device, the resource management device may parse the request message to determine the device identifier of the request end and the service identifier of the target value added service.

Optionally, the resource management device may be configured with a storage module. The storage module may be configured to store a plurality of device identifiers and network dedicated lines corresponding to the device identifiers one to one, may also be configured to store device information of the device identifiers (for example, a network dedicated line service level, a network dedicated line service type, a network access type, and the like), and may also be configured to store routing information and service identifiers of value added services deployed on the network dedicated lines and the network dedicated lines in a corresponding manner, or store a plurality of value added services and routing information corresponding to the value added services.

Optionally, the storage module may be further configured to store network dedicated line information corresponding to the device identifier. The network private line information may include information such as a network private line service level, a network private line service type, and a network access type.

After the device identifier of the request end is determined, the resource management device may read the private line identifier corresponding to the device identifier from the storage module, and determine the network private line corresponding to the private line identifier as the network private line to which the request end belongs.

Then, the resource management device may read, from the storage module, the routing information and the service identifier of the value added service already deployed on the network dedicated line corresponding to the dedicated line identifier, and determine the routing information and the first service identifier of the value added service already deployed on the network dedicated line.

After the service identifier of the target value-added service is determined, the resource management device may also read, from the storage module, routing information corresponding to the service identifier of the target value-added service, and determine the routing information as second routing information.

S904, the resource management device sends a first response message to the service control device.

Specifically, after determining the dedicated line identifier, the first routing information, the first service identifier, and the second routing information of the network dedicated line corresponding to the device identifier, the resource management device may send a first response message to the service control device in order to determine the routing information and the service identifiers of the multiple value added services.

The first response message may include a dedicated line identifier of a network dedicated line corresponding to the device identifier, the first routing information, the first service identifier, and the second routing information.

Optionally, the first response message may further include network dedicated line information corresponding to the device identifier.

S905, in response to the first response message, the service control device determines a logical link corresponding to the routing information and the service identifier of the multiple value added services.

Specifically, after receiving the first response message from the resource management device, the service control device may analyze the first response message, and determine a dedicated line identifier of the network dedicated line, the first routing information, the first service identifier, and the second routing information corresponding to the device identifier.

Then, the service control device may determine the first routing information and the second routing information as routing information of a device that provides a plurality of value added services, and determine the first service identifier and the service identifier of the target value added service as service identifiers of the plurality of value added services.

Then, the service control device may determine a logical link corresponding to the routing information and the service identifier of the multiple value-added service devices according to the routing information and the service identifier of the multiple value-added service devices.

S906, the service control device sends a second response message to the SDN control device.

The second response message comprises routing information of the devices of the plurality of value added services and a logical link corresponding to the service identifier.

S907, the service control device sends a second response message to the policy control device.

Optionally, when the first response message includes the network dedicated line information corresponding to the device identifier, the service control device may further cause the second response message to carry the network dedicated line information corresponding to the device identifier when sending the second response message to the policy control device.

The numbers of step S906 and step S907 are for convenience of description, and do not limit the actual execution order. For example, step S906 may be performed first, and then step S907 may be performed; step S907 may be executed first, and then step S906 may be executed; step S906 and step S907 may also be performed simultaneously.

S908, in response to the second response message, the SDN control device determines routing path information corresponding to the device identifier.

Specifically, after receiving the second response message from the resource management device, the SDN control device may parse the second response message to determine a logical link corresponding to the routing information and the service identifier of the multiple value-added service devices.

Then, the SDN control device may generate routing path information corresponding to the device identifier according to the routing information of the multiple value-added service devices and the logical link corresponding to the service identifier.

And S909, the SDN control device sends the routing path information to the policy control device.

The routing path information is used for indicating a request end corresponding to the equipment identifier to sequentially access a plurality of equipment of the value added service deployed on the network private line.

S910, the policy control device determines service access information according to the second response message and the routing path information.

Specifically, after receiving the second response message from the resource management device, the policy control device may parse the second response message to determine the logical link corresponding to the routing information and the service identifier of the multiple value added services and the network dedicated line information corresponding to the device identifier.

Then, the policy control device may generate a traffic policy corresponding to the device identifier according to the logical link corresponding to the routing information and the service identifier of the multiple value-added services, and the network dedicated line information corresponding to the device identifier.

Then, upon receiving the routing path information from the SDN control device, the policy control device may determine, as the service access information, the traffic policy and the routing path information corresponding to the device identifier.

Optionally, the traffic policy may include ACL information corresponding to the device identifier, and the like. The traffic policy may be used to instruct the request end corresponding to the device identifier to encapsulate the data packet sent through the network dedicated line according to the traffic policy.

S911, the strategy control device sends the service access information to the network management device.

S912, the network management equipment sends service access information to the request end.

Specifically, after receiving the service access information from the policy control device, the network management device may analyze the service access information to determine a device identifier corresponding to the service access information, that is, a destination address of the service access information.

Then, the network management device may send the service access information to the request end corresponding to the device identifier, so that the request end obtains the service provided by the device providing the plurality of value added services according to the service access information.

In the embodiment of the application, after receiving a request message (including a device identifier of a request end and a service identifier of a target value added service) sent by the request end and used for requesting service access information of a plurality of value added services, a service processing device may determine, according to the device identifier and the service identifier of the target value added service, service access information including routing information of devices providing the plurality of value added services and service identifiers of the plurality of value added services, and send the service access information to the request end, so that the request end may obtain, according to the service access information, services provided by the devices providing the plurality of value added services. The target value added service is any one or more of a plurality of value added services.

As can be seen from the above, since the service access information is the routing information and the service identifier of the value added service required by the request end, the value added service required by the request end can be selected to provide a service for the request end according to the actual requirement of the request end. Compared with the prior art, the method has the advantages that the data stream of the request end needs to be processed by the equipment corresponding to all the value-added services deployed on the network private line, in the embodiment of the application, the service processing device can reasonably provide the value-added services for the network private line, the processing time delay of the data stream is reduced, and the utilization rate of network resources is improved.

The scheme provided by the embodiment of the application is mainly introduced from the perspective of a method. To implement the above functions, it includes hardware structures and/or software modules for performing the respective functions. Those of skill in the art would readily appreciate that the various illustrative elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as hardware or combinations of hardware and computer software. Whether a function is performed as hardware or computer software drives hardware depends upon the particular application and design constraints imposed on the solution. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present application.

In the embodiment of the present application, the service processing apparatus may be divided into the functional modules according to the method example, for example, each functional module may be divided corresponding to each function, or two or more functions may be integrated into one processing module. The integrated module can be realized in a hardware mode, and can also be realized in a software functional module mode. Optionally, the division of the modules in the embodiment of the present application is schematic, and is only a logic function division, and there may be another division manner in actual implementation.

Fig. 10 is a schematic structural diagram of a service processing apparatus according to an embodiment of the present application. The service processing apparatus may be configured to execute the service processing method shown in fig. 5 to 9. The service processing apparatus shown in fig. 10 includes: receiving section 1001, processing section 1002, and transmitting section 1003.

A receiving unit 1001, configured to receive a request message sent by a requesting end. The request message is used for requesting to acquire service access information for providing a plurality of value added services for the request terminal. The request message comprises the equipment identification of the request end and the service identification of the target value-added service. The target value added service is any one or more of a plurality of value added services. For example, in conjunction with fig. 5, the receiving unit 1001 may be configured to perform S501.

The processing unit 1002 is configured to determine service access information according to the device identifier and the service identifier of the target value-added service. The service access information includes routing information of a device providing a plurality of value added services and service identifications of the plurality of value added services. For example, in conjunction with fig. 5, the processing unit 1002 may be configured to execute S502.

A sending unit 1003, configured to send the service access information to the requesting end, so that the requesting end obtains, according to the service access information, a service provided by a device that provides multiple value-added services. For example, in conjunction with fig. 5, the transmitting unit 1003 may be configured to execute S503.

Optionally, the processing unit 1002 is specifically configured to:

and acquiring the network private line corresponding to the equipment identifier from a plurality of pre-stored network private lines, and determining the network private line as the network private line to which the request terminal belongs. For example, in conjunction with fig. 6, the processing unit 1002 may be configured to execute S601.

The method comprises the steps of obtaining first routing information and a first service identification of a value added service deployed on a network private line to which a request end belongs. The first routing information is routing information of equipment providing deployed value added services. For example, in conjunction with fig. 6, the processing unit 1002 may be configured to perform S602.

And acquiring second routing information corresponding to the service identifier of the target value-added service from a plurality of pieces of routing information stored in advance. The second routing information is routing information of equipment providing the target value added service. For example, in conjunction with fig. 6, the processing unit 1002 may be configured to perform S603.

And determining the first routing information and the second routing information as routing information of equipment providing a plurality of value added services, and determining the first service identification and the service identification of the target value added service as service identifications of the plurality of value added services. For example, in conjunction with fig. 6, the processing unit 1002 may be configured to perform S604.

Optionally, the receiving unit 1001 is further configured to receive a service deletion message sent by the request end. The service deletion message is used for requesting to delete the routing information and the service identification of the value added service to be deleted in the service access information. The service deleting message comprises the equipment identifier and the service identifier of the value added service to be deleted. For example, in conjunction with fig. 7, the receiving unit 1001 may be configured to perform S701.

The processing unit 1002 is further configured to determine, according to the device identifier and the service identifier of the value added service to be deleted, service access information after the value added service to be deleted is deleted. For example, in conjunction with fig. 7, the processing unit 1002 may be configured to perform S702.

The sending unit 1003 is further configured to send, to the request end, service access information after the value-added service to be deleted is deleted. For example, in conjunction with fig. 7, the transmitting unit 1003 may be configured to execute S703.

Optionally, the receiving unit 1001 is further configured to receive a dedicated line opening request message sent by the request end. The private line opening request message is used for requesting to open a network private line between the request terminal and at least one service terminal. For example, in conjunction with fig. 8, the receiving unit 1001 may be configured to perform S801.

The processing unit 1002 is further configured to authenticate the requesting end in response to the dedicated line activation request message. For example, in conjunction with fig. 8, the processing unit 1002 may be configured to perform S802.

The sending unit 1003 is further configured to send a dedicated line activation response message to the requesting end when the requesting end is successfully authenticated. The private line opening response message is used for indicating that the network private line between the request terminal and at least one service terminal is successfully opened. For example, in connection with fig. 8, the transmitting unit 1003 may be configured to execute S803.

Those skilled in the art will recognize that in one or more of the examples described above, the functions described herein may be implemented in hardware, software, firmware, or any combination thereof. When implemented in software, the functions may be stored on or transmitted over as one or more instructions or code on a computer-readable medium. Computer-readable media includes both computer-readable storage media and communication media including any medium that facilitates transfer of a computer program from one place to another. A storage media may be any available media that can be accessed by a general purpose or special purpose computer.

Through the above description of the embodiments, it is clear to those skilled in the art that, for convenience and simplicity of description, the foregoing division of the functional modules is merely used as an example, and in practical applications, the above function distribution may be completed by different functional modules according to needs, that is, the internal structure of the device may be divided into different functional modules to complete all or part of the above described functions.

In the several embodiments provided in the present application, it should be understood that the disclosed apparatus and method may be implemented in other ways. For example, the above-described apparatus embodiments are merely illustrative, and for example, the division of the modules or units is only one logical function division, and there may be other division ways in actual implementation. For example, various elements or components may be combined or may be integrated into another device, or some features may be omitted, or not implemented. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, devices or units, and may be in an electrical, mechanical or other form. Units described as separate parts may or may not be physically separate, and parts displayed as units may be one physical unit or a plurality of physical units, may be located in one place, or may be distributed to a plurality of different places. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.

The above description is only for the specific embodiments of the present application, but the scope of the present application is not limited thereto, and any changes or substitutions that can be easily conceived by those skilled in the art within the technical scope of the present application should be covered within the scope of the present application. Therefore, the protection scope of the present application shall be subject to the protection scope of the claims.

Claims

1. A method for processing a service, comprising:

receiving a request message sent by a request end; the request message is used for requesting to acquire service access information for providing a plurality of value added services for the request terminal; the request message comprises the equipment identifier of the request end and the service identifier of the target value-added service; the target value added service is any one or more of the value added services;

determining the service access information according to the equipment identifier and the service identifier of the target value-added service; the service access information comprises routing information of equipment providing the plurality of value added services and service identifications of the plurality of value added services;

and sending the service access information to the request terminal so that the request terminal acquires the services provided by the equipment for providing the value added services according to the service access information.

2. The service processing method according to claim 1, wherein the determining the service access information according to the device identifier and the service identifier of the target value-added service includes:

acquiring a network private line corresponding to the equipment identifier from a plurality of pre-stored network private lines, and determining the network private line as the home network private line of the request terminal;

acquiring first routing information and a first service identifier of the value added service deployed on the network private line to which the request terminal belongs; the first routing information is routing information of the device providing the deployed value added service;

acquiring second routing information corresponding to the service identifier of the target value-added service from a plurality of pieces of routing information stored in advance; the second routing information is routing information of equipment providing the target value-added service;

and determining the first routing information and the second routing information as routing information of equipment providing the plurality of value added services, and determining the first service identification and the service identification of the target value added service as service identifications of the plurality of value added services.

3. The service processing method according to claim 1, further comprising, after sending the service access information to the requesting end:

receiving a service deletion message sent by the request end; the service deleting message is used for requesting to delete the routing information and the service identification of the value added service to be deleted in the service access information; the service deleting message comprises the equipment identifier and a service identifier of the value added service to be deleted;

determining service access information after the value added service to be deleted is deleted according to the equipment identifier and the service identifier of the value added service to be deleted;

and sending the service access information after the value added service to be deleted is deleted to the request terminal.

4. The service processing method according to claim 1, wherein before receiving the request message sent by the request end, the method further comprises:

receiving a private line opening request message sent by the request terminal; the private line opening request message is used for requesting to open a network private line between the request terminal and at least one service terminal;

responding to the private line opening request message, and authenticating the request terminal;

when the authentication of the request terminal is successful, a private line opening response message is sent to the request terminal; the private line opening response message is used for indicating that the network private line between the request terminal and the at least one service terminal is successfully opened.

5. A traffic processing apparatus, comprising: a receiving unit, a processing unit and a transmitting unit;

the receiving unit is used for receiving a request message sent by a request end; the request message is used for requesting to acquire service access information for providing a plurality of value added services for the request terminal; the request message comprises the equipment identifier of the request end and the service identifier of the target value-added service; the target value added service is any one or more of the value added services;

the processing unit is used for determining the service access information according to the equipment identifier and the service identifier of the target value-added service; the service access information comprises routing information of equipment providing the plurality of value added services and service identifications of the plurality of value added services;

the sending unit is configured to send the service access information to the request end, so that the request end obtains, according to the service access information, a service provided by the device that provides the multiple value-added services.

6. The service processing device according to claim 5, wherein the processing unit is specifically configured to:

7. The traffic processing apparatus according to claim 5,

the receiving unit is further configured to receive a service deletion message sent by the request end; the service deleting message is used for requesting to delete the routing information and the service identification of the value added service to be deleted in the service access information; the service deleting message comprises the equipment identifier and a service identifier of the value added service to be deleted;

the processing unit is further configured to determine, according to the device identifier and the service identifier of the value added service to be deleted, service access information after the value added service to be deleted is deleted;

the sending unit is further configured to send the service access information after the value added service to be deleted is deleted to the requesting end.

8. The traffic processing apparatus according to claim 5,

the receiving unit is further configured to receive a dedicated line provisioning request message sent by the request end; the private line opening request message is used for requesting to open a network private line between the request terminal and at least one service terminal;

the processing unit is also used for responding to the private line opening request message and authenticating the request terminal;

the sending unit is further configured to send a private line activation response message to the request terminal when the authentication of the request terminal is successful; the private line opening response message is used for indicating that the network private line between the request terminal and the at least one service terminal is successfully opened.

9. A traffic processing apparatus comprising a memory and a processor; the memory is used for storing computer execution instructions, and the processor is connected with the memory through a bus; the processor executes the computer-executable instructions stored by the memory to cause the business processing apparatus to perform the business processing method of any one of claims 1-4 when the business processing apparatus is running.

10. A computer-readable storage medium, comprising computer-executable instructions that, when executed on a computer, cause the computer to perform the business process method of any one of claims 1-4.