CN114710560A - Data processing method and system, proxy equipment and terminal equipment - Google Patents
Data processing method and system, proxy equipment and terminal equipment Download PDFInfo
- Publication number
- CN114710560A CN114710560A CN202210247850.6A CN202210247850A CN114710560A CN 114710560 A CN114710560 A CN 114710560A CN 202210247850 A CN202210247850 A CN 202210247850A CN 114710560 A CN114710560 A CN 114710560A
- Authority
- CN
- China
- Prior art keywords
- domain name
- terminal
- address
- name server
- name resolution
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000003672 processing method Methods 0.000 title claims abstract description 26
- 238000000034 method Methods 0.000 claims abstract description 27
- 238000012545 processing Methods 0.000 claims abstract description 17
- 230000004044 response Effects 0.000 claims description 32
- 238000004590 computer program Methods 0.000 claims description 14
- 238000004458 analytical method Methods 0.000 abstract 1
- 238000010586 diagram Methods 0.000 description 11
- 238000013507 mapping Methods 0.000 description 10
- 230000006870 function Effects 0.000 description 8
- 230000008569 process Effects 0.000 description 8
- 238000012544 monitoring process Methods 0.000 description 4
- 238000005516 engineering process Methods 0.000 description 3
- 238000004891 communication Methods 0.000 description 2
- 238000013500 data storage Methods 0.000 description 2
- 230000003993 interaction Effects 0.000 description 2
- 238000007726 management method Methods 0.000 description 2
- 230000003287 optical effect Effects 0.000 description 2
- 239000004984 smart glass Substances 0.000 description 2
- 235000008694 Humulus lupulus Nutrition 0.000 description 1
- 238000007796 conventional method Methods 0.000 description 1
- 230000003247 decreasing effect Effects 0.000 description 1
- 238000001514 detection method Methods 0.000 description 1
- 238000005538 encapsulation Methods 0.000 description 1
- 230000014509 gene expression Effects 0.000 description 1
- 230000002452 interceptive effect Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000008520 organization Effects 0.000 description 1
- 230000009467 reduction Effects 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 230000001960 triggered effect Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/46—Interconnection of networks
- H04L12/4641—Virtual LANs, VLANs, e.g. virtual private networks [VPN]
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The embodiment of the application provides a data processing method, a data processing system, proxy equipment and terminal equipment. Wherein the method comprises the following steps: configuring parameters corresponding to a terminal to realize that domain name resolution requests initiated by the terminal are all directed to a virtual network card of the terminal to be sent out after the terminal accesses a virtual private network; intercepting the domain name resolution request sent by the virtual network card; and sending the domain name resolution request to a corresponding domain name server according to preset corresponding relation information of the parameters and the domain name server address. By adopting the technical scheme provided by the embodiment of the application, the problem that the domain name is wrongly analyzed can be effectively avoided, so that the accuracy of domain name analysis is ensured.
Description
Technical Field
The present application relates to the field of computer technologies, and in particular, to a data processing method and system, a proxy device, and a terminal device.
Background
Domain name resolution, which refers to the process of converting a domain name into an IP (Internet Protocol) address, is usually performed by a DNS server (i.e., a domain name server). After a terminal accesses a VPN Network, when accessing a VPN intranet resource, a Virtual Network card in the terminal generally sends a DNS request (i.e., a domain name resolution request) to an intranet DNS server configured in the terminal, and the intranet DNS server resolves an NPV intranet domain name to be resolved into an intranet IP address and feeds the intranet IP address back to the terminal, so that the terminal can access the intranet resource through the intranet IP address.
However, because the operating system of some terminals has limitations, the network card sending the DNS request cannot be set, and the priority of the physical network card in the terminal is higher than that of the virtual network card by default, which results in that the DNS request for the VPN intranet domain name is sent to the configured public network DNS server by the physical network card for resolution, so that the intranet domain name cannot be resolved or erroneously resolved into a public network IP address, thereby causing the terminal to fail to access the intranet resource correctly.
Disclosure of Invention
The present application provides a data processing method, system, proxy device, and terminal device that solve the above problems, or at least partially solve the above problems.
In one embodiment of the present application, a data processing method is provided. The method comprises the following steps:
configuring parameters corresponding to a terminal to realize that domain name resolution requests initiated by the terminal are all directed to a virtual network card of the terminal to be sent out after the terminal accesses a virtual private network;
intercepting the domain name resolution request sent by the virtual network card;
and sending the domain name resolution request to a corresponding domain name server according to preset corresponding relation information of the parameters and the domain name server address.
In another embodiment of the present application, a data processing method is also provided. The method comprises the following steps:
establishing network connection with a virtual private network;
according to the parameters configured for the proxy equipment, directing the domain name resolution request initiated by the proxy equipment to a virtual network card in the proxy equipment;
sending the domain name resolution request through the virtual network card so that the proxy equipment intercepts and captures the domain name resolution request and sends the domain name resolution request to a corresponding domain name server according to preset corresponding relation information of the parameters and the address of the domain name server.
In yet another embodiment of the present application, a data processing system is also provided. The system comprises:
the proxy equipment is used for configuring parameters corresponding to the terminal so as to realize that after the terminal equipment is accessed into a virtual private network, domain name resolution requests initiated by the terminal equipment are all directed to a virtual network card of the terminal equipment to be sent out; intercepting the domain name resolution request sent by the virtual network card; sending the domain name resolution request to a corresponding domain name server according to preset corresponding relation information of the parameters and the domain name server address;
the terminal equipment is used for establishing network connection with the virtual private network; and directing the domain name resolution request initiated by the proxy equipment to a virtual network card in the proxy equipment for sending according to the parameters configured for the proxy equipment.
In yet another embodiment of the present application, a proxy device is also provided. The proxy device includes: a memory and a processor, wherein the memory is to store one or more computer programs; the processor, coupled to the memory, is configured to execute the one or more computer programs stored in the memory, so as to implement the steps in the data processing method provided in the first embodiment of the present application.
In another embodiment of the present application, a terminal device is also provided. The terminal device includes: a memory and a processor, wherein the memory is to store one or more computer programs; the processor, coupled to the memory, is configured to execute the one or more computer programs stored in the memory, so as to implement the steps in the data processing method provided in the second embodiment of the present application.
According to the technical scheme provided by each embodiment of the application, the proxy equipment can configure parameters corresponding to the terminal, so that after the terminal is accessed to the virtual private network, domain name resolution requests initiated by the terminal are all directed to the virtual network card of the terminal to be sent out; further, the agent device can intercept a domain name resolution request sent by a virtual network card of the terminal, and send the domain name resolution request to a corresponding domain name server for resolution according to the corresponding relation information of the preset parameters and the domain name server address. The scheme can effectively avoid the problem that the domain name is wrongly resolved, thereby ensuring the correctness of domain name resolution, and the whole scheme is simple and easy to realize, and has stronger compatibility and wide application range.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings required to be utilized in the description of the embodiments or the prior art are briefly introduced below, and it is obvious that the drawings in the following description are some embodiments of the present application, and other drawings can be obtained according to the drawings without creative efforts for those skilled in the art.
FIG. 1 is a schematic diagram of a prior art DNS request;
fig. 2 is a schematic flowchart of a data processing method according to an embodiment of the present application;
fig. 3 is a schematic diagram of a DNS request provided in an embodiment of the present application;
fig. 4a is a schematic diagram of a data packet format corresponding to a DNS request and a DNS response according to an embodiment of the present application;
fig. 4b is a schematic diagram of a format of a flag field according to an embodiment of the present application;
fig. 5 is a schematic flowchart of a data processing method according to another embodiment of the present application;
fig. 6 is a block diagram of a data processing apparatus according to an embodiment of the present application;
fig. 7 is a block diagram of a data processing apparatus according to another embodiment of the present application;
fig. 8 is a block diagram of a proxy device according to an embodiment of the present application.
Detailed Description
Before describing the technical solutions provided in the embodiments of the present application, some terms referred to in the present application will be described.
The DNS (Domain Name System) is a distributed database on the internet as a mapping between Domain names and IP addresses, and enables users to access the internet directly using meaningful Domain names that are easy to remember, without remembering IP strings that can be read directly by machines. DNS generally adopts a "client/server" architecture mode, and the mapping from a domain name to an IP address is generally stored in a DNS server (a domain name server, i.e. a server providing domain name resolution), and a process of determining an IP address corresponding to a specified domain name through the mapping in the DNS server is domain name resolution. In the above, the domain name is the name of a certain computer or a group of computers on the internet, which is composed of a string of words or abbreviations separated by dots, and is used to identify the orientation of the computer when data is transmitted. Each domain name corresponds to a unique IP address.
The DNS protocol is an application layer protocol established on top of the UDP protocol (or TCP protocol), and is mainly responsible for converting a domain name into an IP address recognizable by a machine, and a port 53 is used by default, and once the port 53 is blocked, domain name resolution cannot be performed, which may result in that the domain name cannot be used to access a network.
A DNS proxy is used to forward DNS requests (i.e. domain name resolution requests) and domain name resolution responses (also called reply messages) between the DNS client and the DNS server. For a detailed description of the forwarding function of the DNS proxy, see the relevant description below. The DNS client refers to any device that needs to resolve a domain name, for example, the DNS client may be a terminal device used by a user, such as a PC (personal computer), a smart phone, a tablet computer, and the like.
VPN (Virtual Private Network) belongs to a remote access technology, and refers to a data communication Network established in a public Network by means of ISP (Internet service provider) and other NSP (Network service provider). In a virtual private network, the connection between any two nodes does not have the end-to-end physical link required by a traditional private network, but is dynamically composed by using the resources of some public network. The virtual private network can realize the interconnection among the components and resources of different networks, can create a tunnel for a user by using the infrastructure of the Internet or other public internetworks, and provides the same security and function guarantee as the enabled network.
In order to make the technical solutions better understood by those skilled in the art, the technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application.
In some of the flows described in the specification, claims, and above-described figures of the present application, a number of operations are included that occur in a particular order, and these operations may be performed out of order or in parallel as they occur herein. The sequence numbers of the operations, e.g., 101, 102, etc., are used merely to distinguish between the various operations, and do not represent any order of execution per se. Additionally, the flows may include more or fewer operations, and the operations may be performed sequentially or in parallel. It should be noted that, the descriptions of "first", "second", etc. in this document are used for distinguishing different messages, devices, modules, etc., and do not represent a sequential order, nor limit the types of "first" and "second" to be different. In the present application, the term "or/and" is only one kind of association relationship describing the associated object, and means that three relationships may exist, for example: a or/and B, which means that A can exist independently, A and B can exist simultaneously, and B can exist independently; the "/" character in this application generally indicates that the objects associated with each other are in an "or" relationship. It is also noted that the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a good or system that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such good or system. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other like elements in a commodity or system that includes the element. In addition, the embodiments described below are only a part of the embodiments of the present application, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
Currently, when a user accesses internet resources through a DNS client, a domain name system may directly input a domain name (e.g., www.example.com) that is convenient to remember, and then a DNS server in a network resolves the domain name into a correct IP address, and then obtains the internet resources according to the IP address resolved by the DNS server. Specifically, the specific interaction between the DNS client and the DNS server is: the DNS client side sends a DNS request carrying a domain name to be resolved to a DNS server to obtain an IP address corresponding to the domain name, and the DNS server searches for the domain name according to the DNS request after receiving the DNS request and sometimes needs to request a superior DNS server; after finally obtaining the IP address corresponding to the domain name requested by the DNS client, the DNS server feeds the corresponding IP address back to the DNS client in the DNS response, so that the DNS client can request network service from the IP address after obtaining the IP address. And under the condition that the DNS proxy is arranged, the DNS client does not directly send a DNS request to the DNS server, but takes the DNS proxy as the DNS server, sends the DNS request to the DNS proxy, and acquires a corresponding IP address through interaction of the DNS proxy and the DNS server. After the DNS proxy is used, when the address of the DNS server changes, only the configuration on the DNS proxy needs to be changed, and the configuration of each DNS client in the local area network does not need to be changed, so that the network management is simplified.
In the above-described domain name resolution process, when a DNS client accesses a VPN network and uses the VPN to access an intranet resource, in order to ensure correct resolution of a domain name, an intranet DNS server may be generally configured for a corresponding virtual network card in the DNS client and a priority of the virtual network card is set, so that when a DNS terminal accesses the VPN intranet resource, a DNS request is first sent to the configured intranet DNS server through the virtual network card, and the intranet DNS server resolves an intranet domain name to be resolved in the DNS request into a corresponding intranet IP address and feeds the corresponding intranet IP address back to the DNS client. However, as shown in fig. 1, if a part of DNS clients accessing the VPN network does not allow setting of priority of the network card due to limitations of an operating system, and the priority of a physical network card in the DNS client is higher than that of the virtual network card by default, which will cause that a domain name to be resolved by the DNS client, whether it is a VPN intranet domain name or a public network domain name, is resolved by sending a domain name resolution request to a configured public network DNS server by the physical network card. The public network DNS server generally does not store the mapping relationship between the VPN intranet IP address and the domain name, and therefore the intranet IP address corresponding to the intranet domain name cannot be resolved or the intranet domain name cannot be resolved into the public network IP address, which causes the failure of resolving the VPN intranet domain name and the failure of the DNS client to normally access the intranet resource. In the existing scheme, when the above problems are solved, the priority of the physical network card of the DNS client is mainly modified by modifying the registry, modifying the number of network card hops, and the like, so that the DNS request for the VPN intranet domain name is preferentially resolved by using the intranet DNS server. However, the above conventional scheme has a problem of complex configuration, and in practical applications, the priority of the physical network card cannot be modified even by using the above conventional method due to limitations of an operating system.
In order to solve the above problems, the present application provides a data processing technical solution. In the data processing scheme provided by the application, a VPN client (namely, a virtual private network client) is used as a DNS proxy, a physical network card in the DNS client and a DNS server address corresponding to the virtual network card are configured as a same false address through the VPN client, a route pointing to the virtual network card is set for the false address, and the route is added to a routing table of the DNS client when the DNS client accesses a VPN network. Through the configuration of the DNS client, the DNS client can send the DNS request to the false address, and the DNS requests are processed and sent out through the virtual network card according to the route set for the false address. The VPN client can intercept a DNS request sent by the virtual network card, and sends the DNS request to a corresponding domain name server for domain name resolution according to the corresponding relation between a preset false address and a real domain name server address in the DNS request, so that a domain name in the DNS request can be correctly resolved.
The following describes in detail a data processing solution provided in each embodiment of the present application.
Fig. 2 is a schematic flowchart illustrating a data processing method according to an embodiment of the present application. The data processing method is applied to the proxy device, the proxy device is a VPN client, and the VPN client can refer to client software for providing VPN access service for users, such as a web client or an APP application. In specific implementation, the VPN client may be built in the terminal, or may be placed in another external device and connected to the terminal in a wired or wireless manner, or may even be partially built in the terminal, and the other portion is placed in another external device and connected to the terminal device. For a description of the terminal, reference is made to the following description. As shown in fig. 2, the data processing method includes the steps of:
101. configuring parameters corresponding to a terminal to realize that domain name resolution requests initiated by the terminal are all directed to a virtual network card of the terminal to be sent out after the terminal accesses a virtual private network;
102. intercepting the domain name resolution request sent by the virtual network card;
103. and sending the domain name resolution request to a corresponding domain name server according to preset corresponding relation information of the parameters and the domain name server address.
In the foregoing 101, the terminal is the above-mentioned DNS client, and only different expressions are adopted in different description scenarios. The terminal can be any equipment needing to resolve the domain name, and can access intranet service after the terminal is accessed into a virtual private network (namely a VPN network); the intranet may be a set local area network, for example, an enterprise intranet, a school intranet, or an intranet of a government organization, and the intranet services may include a domain name resolution service and an application service, which are provided by an intranet domain name server and an intranet source station server respectively disposed in the intranet. The above-described VPN network may be implemented based on, but not limited to, SD-WAN (Software Defined WAN) technology. In specific implementation, the terminal may be any electronic device having a network access function, and more specifically, any electronic device capable of accessing a VPN network and accessing intranet resources, for example, the terminal may be, but is not limited to, a smart phone, a tablet computer, a notebook computer, a desktop computer, an intelligent wearable device (e.g., a smart watch, smart glasses), and the like.
In this embodiment, in order to simplify network management, when the terminal accesses the VPN network to access the intranet resource, the VPN client is used as a proxy to forward data (such as a DNS request and a domain name resolution response) between the terminal and the DNS server. However, in practical applications, if a terminal accesses a VPN network, a public network DNS server and an internal network DNS server are usually configured for a physical network card and a virtual network card in the terminal, and the public network DNS server stores a mapping relationship between a public network IP address and a domain name, and the internal network DNS server only stores the mapping relationship between the internal network IP address and the domain name. However, as can be seen from the above description, under the condition that the operating system of the terminal has limitations, the DNS request sent by the terminal, whether for the VPN intranet domain name or the public network domain name, is sent by the physical network card to the configured public network DNS server for resolution, so that the VPN intranet domain name resolution is prone to fail, and the terminal cannot normally access intranet resources. In order to solve the above problem, referring to fig. 3, the VPN client in this embodiment has a function of configuring corresponding parameters of the terminal in addition to a data forwarding function, so that after the terminal accesses the VPN network, domain name resolution requests initiated by the terminal are all directed to the virtual network card of the terminal to be sent out. Specifically, the VPN client may configure the respective domain name server addresses corresponding to the physical network card and the virtual network card of the terminal as the same false address, and set a route corresponding to the false address to point to the virtual network card, so as to implement that the destination addresses of all DNS requests sent by the terminal are the false addresses, and the terminal sends out the DNS request through the virtual network card therein according to the route corresponding to the false address, and the subsequent VPN client may send out the DNS request through the virtual network card of the terminal, and forward the DNS request to the corresponding DNS server for resolution, thereby ensuring that the domain name to be resolved can be correctly resolved. On the basis of this, it is possible to provide,
that is, in a specific implementation solution, the "configuring parameters corresponding to the terminal" in the foregoing 101 may include the following steps:
1011. configuring the addresses of the domain name servers corresponding to the physical network card and the virtual network card in the terminal into the same false address;
1012. setting a designated route for the false address; the specified route is used for directing a domain name resolution request with a destination address as the false address to the virtual network card;
1013. and when the terminal accesses the virtual private network, adding the specified route to a route table of the terminal.
In the above 1011, the same false addresses configured for the respective domain name server addresses corresponding to the physical network card and the virtual network card in the terminal can be flexibly set according to the actual situation, as long as the IP address format is met. For example, the dummy address may be 1.2.3.4. In the process of configuring the false address, the false address may be triggered and completed manually by an administrator or automatically by the VPN client, which is not limited herein. For example, in a specific example, after the VPN client is started, a corresponding computer program stored in the VPN client may be immediately invoked to reconfigure domain name server addresses corresponding to a physical network card and a virtual network card in the terminal, so as to configure the addresses to be the same virtual address (e.g. 1.2.3.4).
In 1012-1013, after the configuration of the addresses of the domain name servers corresponding to the physical network card and the virtual network card of the terminal is completed in step 1011, when the terminal accesses the network resource, the destination address carried in the DNS request is the false address no matter the DNS request is sent for the intranet domain name or the public network domain name. In this case, in order to send the DNS request through the virtual network card, a designated route pointing to the virtual network card of the terminal may be set for the virtual address, and the routing table of the terminal is modified when the terminal accesses the VPN network to add the designated route to the routing table of the terminal, so that when the terminal initiates the DNS request carrying the destination address as the false address, the DNS request is directed to the virtual network card of the terminal to be sent according to the designated route corresponding to the virtual address in the routing table. For a specific implementation of setting a specific route of a virtual network card pointing to a terminal for a virtual address, reference is made to the existing contents.
It should be noted that the DNS request initiated by the terminal may specifically be generated by an application running on the terminal, such as a browser. The format of the data packet corresponding to the DNS request (or DNS response) can be seen in the format shown in fig. 4 a. As shown in fig. 4a, the message is composed of a header of 12 bytes and 4 fields with variable length; wherein the flag field in 12 bytes is 16 bits (bit) and is divided into several sub-fields as shown in fig. 4 b. In the fields shown in fig. 4b, QR is a 1-bit field, which defines whether the packet is a request or a response, and indicates a request when QR is 0 and indicates a response when QR is 1. Reference is made to the prior art with regard to the other field meanings in the data formats shown in fig. 4a and 4 b.
It should be further added that, after the terminal accesses the VPN network, it does not mean that the terminal only can access intranet resources, and in some embodiments, a user can enable the terminal accessing the VPN network to access intranet resources without affecting access of public network resources by setting the terminal, that is, in a case that the terminal accesses the VPN network, the terminal may initiate a DNS request for an intranet domain name or a public network domain name, which is not limited in this embodiment. However, after the above-described configuration of the VPN client to the corresponding parameters of the terminal, the DNS request initiated by the terminal, whether for the intranet domain or the public domain, is processed by the virtual network card directed to the terminal and sent out.
After a DNS request initiated by a terminal is directed to a virtual network card of the terminal, the virtual network card encapsulates the DNS request to generate a corresponding encapsulated data packet before sending out the received DNS request, and then sends out the generated encapsulated data packet to a domain name resolution port (also called a source port) of the terminal. In the above, the encapsulation process for the DNS request may be implemented based on, but not limited to, UDP protocol, and the domain name resolution port of the terminal is usually number 53 port. Based on this, in the above 102, the VPN client may monitor that the virtual network cards of the terminal all send DNS requests by monitoring the port number 53 of the terminal, and intercept the DNS request sent by the virtual network card of the terminal when monitoring that the virtual network card of the terminal sends the DNS request. That is, one implementation technical solution of the above-mentioned 102 "intercepting the domain name resolution request sent by the virtual network card" is as follows:
1021. monitoring a domain name resolution port of the terminal to determine whether the virtual network card sends a domain name resolution request according to a monitoring result;
1022. and when determining that the virtual network card sends a domain name resolution request, intercepting the domain name resolution request sent by the virtual network card.
In specific implementation, the domain name resolution port of the terminal is monitored according to the same virtual address configured for the physical network card and the virtual network card of the terminal and the port number corresponding to the domain name resolution port, so that the DNS request sent by the virtual network card of the terminal is intercepted. For example, assuming the above example, that the virtual address is 1.2.3.4 and the domain name resolution port is port number 53, the VPN client may pass through "1.2.3.4: 53 "to intercept DNS requests issued by the virtual network card of the terminal. It should be noted that: because the virtual network card sends out the DNS request after encapsulating the DNS request, for this reason, the intercepted DNS request is the encapsulated DNS request which is the encapsulated data packet; the encapsulated packet includes, but is not limited to, a source port (e.g., port number 53), a protocol version (e.g., UDP protocol), a source address (i.e., an address of a terminal), a destination address (i.e., a dummy address), and the like, and a specific data format of the encapsulated packet may refer to the existing content and is not described herein in detail.
Referring to fig. 3, in order to ensure that the VPN client can forward the intercepted DNS request to the corresponding domain name server for correct resolution, in the technical scheme provided in this embodiment, the VPN client is preset with correspondence information between parameters and addresses of the domain name servers (real domain name server addresses), specifically, with correspondence information between virtual addresses and addresses of the domain name servers, and after the VPN client intercepts a DNS request sent by a virtual network card of a terminal, the DNS request can be forwarded to the corresponding DNS server for domain name resolution based on the correspondence information preset in the VPN client. In the foregoing, the correspondence information includes a correspondence between a virtual address and at least one domain name server address and a priority of the at least one domain name server, and the VPN client may select a domain name server address from the at least one domain name server as a target domain name server address according to the priority of the at least one domain name server address on the basis of determining the at least one domain name server address corresponding to the virtual address according to the correspondence in the correspondence information, so as to send the intercepted DNS request to the domain name server corresponding to the target domain name server address for resolution. That is, the correspondence information in the above 103 includes a correspondence between a virtual address and at least one domain name server address, and a priority of at least one domain name server; correspondingly, the step 103 of sending the domain name resolution request to the corresponding domain name server according to the preset information of the correspondence between the parameters and the addresses of the domain name servers may specifically include:
1031. determining at least one domain name server address corresponding to the virtual address based on the correspondence;
1032. selecting a domain name server address from the at least one domain name server address as a target domain name server address according to the priority;
1033. and sending the domain name resolution request to a domain name server corresponding to the target domain name server address.
In specific implementation, as can be seen from the above content related to step 101, through the configuration of the VPN client to the corresponding parameters of the terminal, the DNS request initiated by the terminal, whether for an intranet domain or a public domain, is directed to the virtual network card of the terminal and is sent out. Generally, the intranet DNS server stores the mapping relationship between the intranet IP address and the domain name, and also stores the mapping relationship between most of the public network IP addresses and the domain name, and based on this, in some embodiments, the domain name server type corresponding to at least one domain name server address in the correspondence information preset in the VPN client may be all the intranet DNS server. Of course, in some other embodiments, the type of the domain name server corresponding to at least one domain name server address may be a partial intranet DNS server and a partial public DNS server. The present embodiment does not specifically limit the type of the domain name server corresponding to at least one domain name server address, as long as it can be ensured that the domain name server corresponding to at least one domain name server address can correctly resolve the DNS request of the type of the terminal. However, considering that the terminal has multiple access to the intranet resources when the terminal accesses the VPN network, in the case where the domain name server type corresponding to the at least one domain name server address includes both the intranet DNS server and the public DNS server, the priority of the domain name server address corresponding to the intranet DNS server may be higher than that of the domain name server address corresponding to the public DNS server.
In the process of selecting one domain name server address from the at least one domain name server address as the target domain name server address according to the priority of the at least one domain name server address, the domain name server address with the highest priority can be used as the target domain name server address. That is to say, 1032 "selecting a domain name server address from the at least one domain name server address as the target domain name server address according to the priority" may specifically be implemented by:
10321. and selecting a domain name server address with the highest priority from the at least one domain name server address according to the priority as a target domain name server address.
After the address of the target domain name server is determined, as shown in fig. 3, the VPN client may also forward the intercepted DNS request to the domain name server corresponding to the address of the target domain name server for resolution. While forwarding, the VPN client may further record a source port (i.e., port No. 53) corresponding to the DNS request, so that after receiving a DNS response fed back by the domain name server in the subsequent process, the VPN client sends the DNS response to the source port of the DNS request cached by the terminal, thereby implementing that the DNS response is fed back to the terminal through the source port, and enabling the terminal to access a corresponding network resource based on an IP address carried in the DNS response.
After the DNS request is forwarded to the domain name server corresponding to the target domain name server address, considering that if the domain name server stores the mapping relation between the corresponding domain name and the IP address, the corresponding DNS response is generally quickly made and fed back to the VPN client; on the contrary, if the mapping relationship between the corresponding domain name and the IP address is not stored, the VPN client cannot receive the corresponding DNS response even after a long time of waiting, and this may also cause the rate of the terminal accessing the network resources to decrease. In order to avoid that the VPN client end is unnecessarily waited for a long time, which results in a reduction of the rate of the terminal accessing network resources, in this embodiment, a set time is set, and if the VPN client end detects that a DNS response fed back by a domain name server corresponding to a target domain name server address is not received within the set time, a new domain name server address is selected from the at least one domain name server address as the target server address according to the priority of the at least one domain name server address, and the DNS request is retransmitted to a domain name server corresponding to the newly selected domain name server address for resolution. That is, in the technical solution provided in this embodiment, the step 103 may further include the following steps:
1034. detecting whether a domain name resolution response fed back by a domain name server corresponding to the target domain name server address is received within a set time;
1035. if the domain name resolution response is not received, returning to execute the step of selecting one domain name server address from the at least one domain name server address as a target domain name server address according to the priority; and if the domain name resolution response is received, sending the domain name resolution response to the terminal.
In specific implementation, the setting time may be flexibly set according to actual situations, for example, the setting time may be 1 second, 3 seconds, 4 seconds, and the like, which is not limited herein. If the corresponding DNS response is not received within the set time, according to the priority of at least one domain name resolution server address, taking a domain name server address of which the priority is only lower than the last selected domain name server address in the at least one domain name resolution server address as a new target domain name resolution server address, and retransmitting the DNS request to a domain name server corresponding to the new target domain name server address for resolution. And if the DNS response capable of responding is received within the set time, forwarding the DNS response to the terminal. Specific implementations regarding forwarding DNS responses to terminals can be found above.
In connection with the description related to the above 103, as an example, it is assumed that the domain name server address 1, the domain name server address 2, the domain name server address 3, and the domain name server address 1 have a corresponding relationship with a virtual address (e.g. 1.2.3.4). For convenience of description, the four domain name server addresses are respectively referred to as address 1, address 2, address 3 and address 4, and the priorities of address 1, address 2, address 3 and address 4 are gradually decreased in sequence. And the VPN client forwards the intercepted DNS request to a domain name resolution server corresponding to the address 1 with the highest priority for resolution according to the priorities of the address 1, the address 2, the address 3 and the address 4, and if the corresponding DNS response is not received within the set time, the DNS request is forwarded to a domain name resolution server corresponding to the address 2 with the priority only lower than that of the address 1 again for resolution, and the like until the corresponding DNS response is received.
The technical contents provided by the above embodiment can be summarized as the interactive process of the terminal, the VPN client and the DNS server shown in fig. 3. That is, in this embodiment, while serving as a DNS proxy, the VPN client may configure parameters corresponding to the terminal, so that all DNS requests initiated by the terminal are processed and sent out through the virtual network card of the terminal; the VPN client can intercept DNS requests sent by a virtual network card of the terminal, and can determine the priority order of forwarding the DNS requests to the corresponding DNS server when forwarding the intercepted DNS requests.
In summary, in the technical solution provided in this embodiment, after the terminal accesses the virtual private network, the domain name resolution request initiated by the terminal is directed to the virtual network card of the terminal to be sent out by configuring the parameter corresponding to the terminal; furthermore, the domain name resolution request sent by the virtual network card of the terminal can be intercepted, and the domain name resolution request is sent to the corresponding domain name server according to the corresponding relation information of the preset parameters and the domain name server address. By adopting the scheme, the problem that the domain name is wrongly resolved can be effectively avoided, so that the correctness of domain name resolution is ensured, and the whole scheme is simple and easy to implement. In addition, the scheme also has strong compatibility and wide application range, and can support most platforms, specifically supportable platforms including but not limited to Windows, MacOS, Linux, iOS, Android and the like.
Another embodiment of the present application further provides a data processing method. The data processing method is as shown in a flowchart of fig. 5, and an execution subject of the method is a terminal device (i.e., the DNS client described above). In specific implementation, the terminal device may be any electronic device having a network access function, and more specifically, any electronic device capable of accessing a VPN network and accessing intranet resources, for example, the terminal may be, but is not limited to, a smart phone, a tablet computer, a notebook computer, a desktop computer, an intelligent wearable device (e.g., a smart watch, smart glasses), and the like. For a detailed description of the terminal device, reference is made to the above related contents. As shown in fig. 5, the data processing method provided in this embodiment includes the following steps:
201. establishing network connection with a virtual private network;
202. according to the parameters configured for the proxy equipment, directing the domain name resolution request initiated by the proxy equipment to a virtual network card in the proxy equipment;
203. sending the domain name resolution request through the virtual network card so that the proxy equipment intercepts and captures the domain name resolution request and sends the domain name resolution request to a corresponding domain name server according to preset corresponding relation information of the parameters and the address of the domain name server.
In the above 201, reference may be made to the existing content for a specific method for the terminal device to establish a network connection with a Virtual Private Network (VPN), which is not described in detail herein.
In the above 202, the proxy device is a virtual private network client (i.e. VPN client), and the detailed description about the VPN client can be referred to above. In addition, the specific implementation of the above 202 to 203 can also refer to the above related contents, and the detailed description thereof is also omitted.
Further, one implementation technical solution of the aforementioned 203 that "sends out the domain name resolution request through the virtual network card" is as follows:
2031. and sending out the domain name resolution request after encapsulating the domain name resolution request through the virtual network card.
For a specific implementation of 2031, see above for related matter.
An embodiment of the application also provides a data processing system. The structure of the data processing system is as shown in fig. 3. Specifically, the data processing system includes: the agent device 200 and the terminal device 100; wherein,
the proxy device 200 is configured to configure parameters corresponding to a terminal, so that after the terminal device accesses a virtual private network, domain name resolution requests initiated by the terminal device are all directed to a virtual network card of the terminal device to be sent out; intercepting the domain name resolution request sent by the virtual network card; sending the domain name resolution request to a corresponding domain name server according to preset corresponding relation information of the parameters and the domain name server address;
a terminal device 100 for establishing a network connection with a virtual private network; and directing the domain name resolution request initiated by the proxy equipment to a virtual network card in the proxy equipment for sending according to the parameters configured for the proxy equipment.
The proxy equipment is a virtual private network client (namely VPN client)
Here, it should be noted that: the data processing system provided in the foregoing embodiments may implement the technical solutions described in the foregoing method embodiments, and the specific implementation principle of each module or unit may refer to the corresponding content in the foregoing corresponding method embodiments, which is not described herein again.
Fig. 6 shows a schematic structural diagram of a data processing apparatus according to an embodiment of the present application. As shown in fig. 6, the apparatus includes: configuration module 31, interception module 32 and sending module 33. Wherein,
the configuration module 31 is configured to configure parameters corresponding to a terminal, so as to implement that after the terminal accesses a virtual private network, domain name resolution requests initiated by the terminal are all directed to a virtual network card of the terminal to be sent out;
an intercepting module 32, configured to intercept the domain name resolution request sent by the virtual network card;
the sending module 33 is configured to send the domain name resolution request to a corresponding domain name server according to preset information about correspondence between the parameters and addresses of the domain name servers.
Further, the configuration module 31, when configured to configure the parameters corresponding to the terminal, is specifically configured to: configuring the addresses of the domain name servers corresponding to the physical network card and the virtual network card in the terminal into the same false address; setting a designated route for the false address; the designated route is used for directing a domain name resolution request with a destination address as the false address to the virtual network card; and when the terminal accesses the virtual private network, adding the specified route to a route table of the terminal.
Further, the correspondence information includes a correspondence between the false address and at least one domain name server address, and a priority of the at least one domain name server address; correspondingly, when the sending module 33 is configured to send the domain name resolution request to a corresponding domain name server according to the preset information about the correspondence between the parameters and the addresses of the domain name resolution servers, the sending module is specifically configured to: determining at least one domain name server address corresponding to the virtual address based on the corresponding relation; selecting a domain name server address from the at least one domain name server address as a target domain name server address according to the priority; and sending the domain name resolution request to a domain name server corresponding to the target domain name server address.
Further, when the sending module 33 is configured to select a domain name server address from the at least one domain name server address as a target domain name server address according to the priority, specifically, the sending module is configured to: and selecting a domain name server address with the highest priority from the at least one domain name server address according to the priority as a target domain name server address.
Further, the apparatus provided in this embodiment further includes:
the detection module is used for detecting whether a domain name resolution response fed back by the domain name server corresponding to the target domain name server address is received within set time;
the execution sending module is used for returning to execute the step of selecting one domain name server address from the at least one domain name server address as the target domain name server address according to the priority if the domain name resolution response is not received; and if the domain name resolution response is received, sending the domain name resolution response to the terminal.
Further, before sending out the domain name resolution request, the virtual network card of the terminal encapsulates the domain name resolution request.
Here, it should be noted that: the data processing apparatus provided in the foregoing embodiment may implement the technical solution described in the foregoing data processing method embodiment shown in fig. 2, and the specific implementation principle of each module or unit may refer to the corresponding content in the foregoing data processing method embodiment shown in fig. 2, and is not described herein again.
Fig. 7 shows a schematic structural diagram of a data processing apparatus according to another embodiment of the present application. As shown in fig. 7, the apparatus includes: a setup module 41, an orientation module 42, and an issue module 43. Wherein,
an establishing module 41, configured to establish a network connection with a virtual private network;
the orientation module 42 is configured to orient the domain name resolution request initiated by the proxy device to a virtual network card in the proxy device according to the parameters configured by the proxy device;
the sending module 43 is configured to send the domain name resolution request through the virtual network card, so that the proxy device intercepts the domain name resolution request, and sends the domain name resolution request to a corresponding domain name server according to the preset information about the correspondence between the parameters and the address of the domain name server.
Further, the sending module 43, when configured to send the domain name resolution request through the virtual network card, is specifically configured to: and sending out the domain name resolution request after encapsulating the domain name resolution request through the virtual network card.
Further, the proxy device is a virtual private network client.
Here, it should be noted that: the data processing apparatus provided in the foregoing embodiment may implement the technical solution described in the data processing method embodiment shown in fig. 5, and the specific implementation principle of each module or unit may refer to the corresponding content in the data processing method embodiment shown in fig. 5, which is not described herein again.
Fig. 8 shows a schematic structural diagram of a proxy device according to an embodiment of the present application. The proxy device includes a memory 51 and a processor 52. Wherein the memory 51 is configured to store one or more computer instructions, and the processor 52, coupled to the memory 51, is configured to execute one or more computer instructions (e.g., computer instructions for implementing data storage logic) for implementing the steps in the data processing method embodiment shown in fig. 2.
The memory 51 may be implemented by any type or combination of volatile or non-volatile memory devices, such as Static Random Access Memory (SRAM), electrically erasable programmable read-only memory (EEPROM), erasable programmable read-only memory (EPROM), programmable read-only memory (PROM), read-only memory (ROM), magnetic memory, flash memory, magnetic or optical disks.
Further, as shown in fig. 8, the proxy device further includes: communication components 53, power components 54, and audio components 55. Only some of the components are schematically shown in fig. 8, and it is not intended that the proxy apparatus includes only the components shown in fig. 8.
Another embodiment of the present application further provides a terminal device, where the structure of the terminal device is similar to the schematic structural diagram of the proxy device shown in fig. 8. Specifically, the terminal device comprises a memory and a processor. Wherein the memory is configured to store one or more computer instructions; the processor, coupled to the memory, is configured to execute the at least one or more computer instructions (e.g., computer instructions implementing data storage logic) to implement the steps or functions in the data processing method illustrated in fig. 5. It should be noted that the terminal device includes, in addition to the components shown in fig. 5, a physical network card, a virtual network card, and other components not shown in fig. 5.
Yet another embodiment of the present application provides a computer program product (not shown in any figure of the drawings). The computer program product comprises computer programs or instructions which, when executed by a processor, cause the processor to implement the steps in the roaming processing method provided by the above embodiments.
Accordingly, embodiments of the present application also provide a computer-readable storage medium storing a computer program, where the computer program can implement the steps or functions of the roaming processing method provided in the foregoing embodiments when executed by a computer.
Through the above description of the embodiments, those skilled in the art will clearly understand that each embodiment can be implemented by software plus a necessary general hardware platform, and certainly can also be implemented by hardware. With this understanding in mind, the above-described technical solutions may be embodied in the form of a software product, which can be stored in a computer-readable storage medium such as ROM/RAM, magnetic disk, optical disk, etc., and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) to execute the methods described in the embodiments or some parts of the embodiments.
Finally, it should be noted that: the above embodiments are only used to illustrate the technical solutions of the present application, and not to limit the same; although the present application has been described in detail with reference to the foregoing embodiments, it should be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; and such modifications or substitutions do not depart from the spirit and scope of the corresponding technical solutions of the embodiments of the present application.
Claims (13)
1. A data processing method, comprising:
configuring parameters corresponding to a terminal to realize that domain name resolution requests initiated by the terminal are all directed to a virtual network card of the terminal to be sent out after the terminal accesses a virtual private network;
intercepting the domain name resolution request sent by the virtual network card;
and sending the domain name resolution request to a corresponding domain name server according to preset corresponding relation information of the parameters and the domain name server address.
2. The method of claim 1, wherein configuring parameters corresponding to the terminal comprises:
configuring the addresses of the domain name servers corresponding to the physical network card and the virtual network card in the terminal into the same false address;
setting a designated route for the false address; the designated route is used for directing a domain name resolution request with a destination address as the false address to the virtual network card;
and when the terminal accesses the virtual private network, adding the specified route to a route table of the terminal.
3. The method according to claim 2, wherein the correspondence information includes a correspondence of the false address with at least one domain name server address, a priority of the at least one domain name server address;
and sending the domain name resolution request to a corresponding domain name server according to preset corresponding relation information of the parameters and the address of the domain name resolution server, wherein the method comprises the following steps:
determining at least one domain name server address corresponding to the virtual address based on the correspondence;
selecting a domain name server address from the at least one domain name server address as a target domain name server address according to the priority;
and sending the domain name resolution request to a domain name server corresponding to the target domain name server address.
4. The method of claim 3, wherein selecting a domain name server address from the at least one domain name server address as a target domain name server address according to the priority comprises:
and selecting a domain name server address with the highest priority from the at least one domain name server address according to the priority as a target domain name server address.
5. The method of claim 3, further comprising:
detecting whether a domain name resolution response fed back by a domain name server corresponding to the target domain name server address is received within a set time;
if the domain name resolution response is not received, returning to execute the step of selecting one domain name server address from the at least one domain name server address as a target domain name server address according to the priority; and if the domain name resolution response is received, sending the domain name resolution response to the terminal.
6. The method according to any one of claims 1 to 5, wherein the virtual network card of the terminal encapsulates the domain name resolution request before sending out the domain name resolution request.
7. A method of data processing, comprising:
establishing network connection with a virtual private network;
according to the parameters configured for the proxy equipment, directing the domain name resolution request initiated by the proxy equipment to a virtual network card in the proxy equipment;
sending the domain name resolution request through the virtual network card so that the proxy equipment can intercept the domain name resolution request and send the domain name resolution request to a corresponding domain name server according to the preset corresponding relation information of the parameters and the address of the domain name server.
8. The method according to claim 7, wherein sending out the domain name resolution request through the virtual network card comprises:
and sending out the domain name resolution request after encapsulating the domain name resolution request through the virtual network card.
9. The method of claim 7, wherein the proxy device is a virtual private network client.
10. A data processing system, comprising:
the proxy equipment is used for configuring parameters corresponding to the terminal so as to realize that all domain name resolution requests initiated by the terminal equipment are directed to a virtual network card of the terminal equipment to be sent out after the terminal equipment is accessed into a virtual private network; intercepting the domain name resolution request sent by the virtual network card; sending the domain name resolution request to a corresponding domain name server according to preset corresponding relation information of the parameters and the domain name server address;
the terminal equipment is used for establishing network connection with the virtual private network; and directing the domain name resolution request initiated by the proxy equipment to a virtual network card in the proxy equipment for sending according to the parameters configured for the proxy equipment.
11. The system of claim 10, wherein the proxy device is a virtual private network client.
12. A proxy device, comprising: a memory and a processor, wherein,
the memory for storing one or more computer programs;
the processor, coupled with the memory, configured to execute the one or more computer programs stored in the memory for implementing the steps of the method of any of the preceding claims 1 to 6.
13. A terminal device, comprising: a virtual network card, a memory, and a processor, wherein,
the memory for storing one or more computer programs;
the processor, coupled with the memory, configured to execute the one or more computer programs stored in the memory for implementing the steps of the method of any of the preceding claims 7 to 9.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210247850.6A CN114710560A (en) | 2022-03-14 | 2022-03-14 | Data processing method and system, proxy equipment and terminal equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210247850.6A CN114710560A (en) | 2022-03-14 | 2022-03-14 | Data processing method and system, proxy equipment and terminal equipment |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN114710560A true CN114710560A (en) | 2022-07-05 |
Family
ID=82169798
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210247850.6A Pending CN114710560A (en) | 2022-03-14 | 2022-03-14 | Data processing method and system, proxy equipment and terminal equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114710560A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115460172A (en) * | 2022-08-22 | 2022-12-09 | 曙光信息产业股份有限公司 | Device address allocation method, device, computer device, medium, and program product |
| CN117715150A (en) * | 2023-05-31 | 2024-03-15 | 荣耀终端有限公司 | Network connection method and related device |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103685583A (en) * | 2012-09-05 | 2014-03-26 | 阿里巴巴集团控股有限公司 | Method and system for resolving domain names |
| CN108093098A (en) * | 2018-01-31 | 2018-05-29 | 杭州迪普科技股份有限公司 | A kind of domain name mapping request sending method and device |
| US20200092252A1 (en) * | 2018-09-19 | 2020-03-19 | Amazon Technologies, Inc. | Domain name system operations implemented using scalable virtual traffic hub |
| CN111314499A (en) * | 2020-02-17 | 2020-06-19 | 深信服科技股份有限公司 | Domain name proxy method, device, equipment and readable storage medium |
| CN112887444A (en) * | 2021-01-19 | 2021-06-01 | 网宿科技股份有限公司 | VPN (virtual private network) request processing method, client device and system |
| CN113364781A (en) * | 2021-06-09 | 2021-09-07 | 北京华耀科技有限公司 | Request processing method and system |
-
2022
- 2022-03-14 CN CN202210247850.6A patent/CN114710560A/en active Pending
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103685583A (en) * | 2012-09-05 | 2014-03-26 | 阿里巴巴集团控股有限公司 | Method and system for resolving domain names |
| CN108093098A (en) * | 2018-01-31 | 2018-05-29 | 杭州迪普科技股份有限公司 | A kind of domain name mapping request sending method and device |
| US20200092252A1 (en) * | 2018-09-19 | 2020-03-19 | Amazon Technologies, Inc. | Domain name system operations implemented using scalable virtual traffic hub |
| CN111314499A (en) * | 2020-02-17 | 2020-06-19 | 深信服科技股份有限公司 | Domain name proxy method, device, equipment and readable storage medium |
| CN112887444A (en) * | 2021-01-19 | 2021-06-01 | 网宿科技股份有限公司 | VPN (virtual private network) request processing method, client device and system |
| CN113364781A (en) * | 2021-06-09 | 2021-09-07 | 北京华耀科技有限公司 | Request processing method and system |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115460172A (en) * | 2022-08-22 | 2022-12-09 | 曙光信息产业股份有限公司 | Device address allocation method, device, computer device, medium, and program product |
| CN115460172B (en) * | 2022-08-22 | 2023-12-05 | 曙光信息产业股份有限公司 | Device address allocation method, device, computer device, medium and program product |
| CN117715150A (en) * | 2023-05-31 | 2024-03-15 | 荣耀终端有限公司 | Network connection method and related device |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10003576B2 (en) | Rule-based routing to resources through a network | |
| EP2499787B1 (en) | Smart client routing | |
| US7257817B2 (en) | Virtual network with adaptive dispatcher | |
| CN102790808B (en) | A kind of domain name analytic method and system, a kind of client | |
| US9231908B2 (en) | Ensuring symmetric routing to private network | |
| US20160226815A1 (en) | System and method for communicating in an ssl vpn | |
| US20220086121A1 (en) | Transparently proxying connections based on hostnames | |
| EP2262185A1 (en) | Method and system for forwarding data among private networks | |
| CN114710560A (en) | Data processing method and system, proxy equipment and terminal equipment | |
| CN112702425B (en) | WEB application access proxy method, device and storage medium based on domain name extensive resolution | |
| US9467416B2 (en) | Methods and systems for dynamic domain name system (DDNS) | |
| CN112437127A (en) | Message processing method and device, load balancer and server | |
| CN101902482A (en) | Method and system for realizing terminal security admission control based on IPv6 (Internet Protocol Version 6) automatic configuration | |
| CN107995321A (en) | A kind of VPN client acts on behalf of the method and device of DNS | |
| US7151780B1 (en) | Arrangement for automated teller machine communications based on bisync to IP conversion | |
| US11134117B1 (en) | Network request intercepting framework for compliance monitoring | |
| CN110995763B (en) | Data processing method and device, electronic equipment and computer storage medium | |
| CN102780584B (en) | Method and device for quickly accessing network management system of Ethernet equipment | |
| US9929951B1 (en) | Techniques for using mappings to manage network traffic | |
| CN107078941B (en) | Method for transmitting IP data packet to IP address, processing device and mobile equipment | |
| CN111405639B (en) | Wireless network connection method and device, readable storage medium and computer equipment | |
| EP3185510B1 (en) | Method for data packet inspection, related device and computer-program product | |
| CN113676540B (en) | Connection establishment method and device | |
| RU2690752C1 (en) | Method, apparatus, computer-readable information media and a system for building connections between a client and a destination device or terminal | |
| US11652781B2 (en) | Data processing method based on MEC platform, device, and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |