CN115296848B - Multi-local area network environment-based fort system and fort access method - Google Patents
Multi-local area network environment-based fort system and fort access method Download PDFInfo
- Publication number
- CN115296848B CN115296848B CN202210790944.8A CN202210790944A CN115296848B CN 115296848 B CN115296848 B CN 115296848B CN 202210790944 A CN202210790944 A CN 202210790944A CN 115296848 B CN115296848 B CN 115296848B
- Authority
- CN
- China
- Prior art keywords
- user
- fort
- proxy gateway
- local area
- area network
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 22
- 238000005192 partition Methods 0.000 claims abstract description 22
- 230000005540 biological transmission Effects 0.000 claims abstract description 9
- 238000000638 solvent extraction Methods 0.000 claims abstract description 4
- 101100048435 Caenorhabditis elegans unc-18 gene Proteins 0.000 description 3
- 238000010586 diagram Methods 0.000 description 2
- 230000004888 barrier function Effects 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000008447 perception Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D30/00—Reducing energy consumption in communication networks
- Y02D30/50—Reducing energy consumption in communication networks in wire-line communication networks, e.g. low power modes or reduced link rate
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Information Transfer Between Computers (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention provides a fort system and a fort access method based on a multi-local area network environment, belonging to the field of network security. Setting a proxy gateway for each local area network, setting a single bastion machine for a multi-local area network environment, and connecting all proxy gateways with the bastion machines at the same time; setting a database in the fort machine corresponding to the proxy gateway, partitioning the database based on the host IP, and storing the associated information of the current host IP access user in the partition; after a user logs in the bastion system, the bastion system directly generates request data according to login information of the user and sends the request data to a corresponding proxy gateway according to the proxy gateway IP; the proxy gateway modifies the target IP in the TCP data packet message of the transmission layer into the target host IP, and modifies the source IP into the proxy gateway IP, so that the client of the user and the target host are directly connected to realize access. The invention reduces the hardware quantity, saves the cost and improves the network access speed.
Description
Technical Field
The invention belongs to the field of network security, and particularly relates to a fort system based on a multi-local area network environment and a fort access method.
Background
With the development of cloud computing, virtualization technology and network security, among different local area networks, hosts (virtual hosts or physical hosts) in a plurality of different networks (virtual networks or physical networks) need to be accessed through a fort machine, and for the local area networks, as each network is independent and is not communicated with each other, a fort machine system is deployed in each network independently in a traditional method. For example, it is necessary to access hosts in three different networks, as shown in fig. 1, where the three networks are isolated from each other (lan 1, lan2, and lan3, respectively), and there are several hosts (host 1, host 2, and host n, respectively) in each network, and one bastion machine, and because the networks are isolated from each other, that is, the host in lan1 cannot access the host in lan2, and cannot access the bastion machine in lan2, the user needs to log into the respective bastion machine systems in the different networks to access the host in the network, respectively.
In the prior art, with the development of services, the number of lans may be increased to hundreds or thousands, and the number of hosts in each lan may be increased to hundreds or thousands, however, there is a problem that a plurality of fort systems need to be deployed because one fort system needs to be deployed in each network. Firstly, hardware resources are wasted, the hardware cost is increased, and each set of bastion system needs to be specially deployed on a host; secondly, the management cost is increased, a user needs to manage and maintain a large number of fort systems at the same time, and particularly when the fort systems need to be upgraded, each fort system needs to be upgraded one by one independently, so that a large amount of time and labor are wasted; thirdly, the expansibility is poor, a set of fort system needs to be deployed again when one network is added, and if the fort system itself has loopholes, each fort system needs to be repaired one by one independently.
Disclosure of Invention
In view of the above-mentioned drawbacks or shortcomings in the prior art, an embodiment of the present invention is to provide a fort system and a fort access method based on a multi-lan environment, where a user finds a lan where a target host is located through a proxy gateway stored in a fort by sharing one fort system in the multi-lan environment, and finally reaches the target host, so that not only hardware resources are saved, but also network access speed is increased, traffic overhead is reduced, and host access efficiency is improved.
In order to achieve the above purpose, the embodiment of the present invention adopts the following technical scheme:
in a first aspect, an embodiment of the present invention provides a fort machine access method based on a multi-lan environment, including the following steps:
step S1, setting a proxy gateway and a corresponding IP address for each local area network, setting a single fort machine for a multi-local area network environment, and connecting all proxy gateways with the fort machines at the same time;
step S2, setting a database under the IP address of each proxy gateway in the fort machine, partitioning the database, wherein each partition corresponds to a host IP in a current local area network, and storing the associated information of the current host IP access user in the partition;
step S3, after a user logs in the fort system through a client, the fort system directly calls the associated information in the database according to the login information of the user to generate request data, wherein the request data at least comprises the associated information of the access user, the proxy gateway IP and the target host IP, and the request data is sent to the corresponding proxy gateway according to the proxy gateway IP;
and S4, the proxy gateway modifies the target IP in the TCP data packet of the transmission layer into the target host IP and modifies the source IP into the proxy gateway IP according to the received request data, and at the moment, the client of the user and the target host directly establish connection through the connection between the fort machine and the proxy gateway, so that the user realizes the access to the target host.
As a preferred embodiment of the present invention, the barrier machine has corresponding expansibility, and when the number of local area networks is increased, corresponding proxy gateway connection is directly added in the unique fort machine.
As a preferred embodiment of the present invention, the step S2 further includes: and storing the association information of the newly registered user.
As a preferred embodiment of the present invention, the storing the association information of the newly registered user specifically includes:
the user registers in the current fort system, and when the user registers, the user indicates the identity of the user, and simultaneously, the user confirms which local area network of the proxy gateway and which host under the local area network the user needs to access; after identity authentication, the bastion system adds the current user into the corresponding partition of the corresponding database.
As a preferred embodiment of the present invention, the association information includes identity authentication information of the access user and access rights.
As a preferred embodiment of the present invention, the generating request information in step S3 specifically includes: the fort machine directly invokes the stored associated information of the corresponding access user through the login information of the user, and generates request data according to the associated information and the storage path.
In a second aspect, an embodiment of the present invention further provides a bastion system based on a multi-lan environment, where the bastion system includes: a fort machine, proxy gateways with the same number as local area networks; wherein,,
each proxy gateway corresponds to a local area network, and sets a corresponding IP address for each proxy gateway, wherein each local area network comprises a plurality of hosts;
a plurality of databases are arranged in the fort machine, and each database corresponds to an IP address of a proxy gateway; each database is divided into a plurality of partitions, and each partition corresponds to a host IP in a local area network corresponding to the current proxy gateway; storing the associated information of the current host access user in the partition;
when a user accesses a target host in a multi-local area network environment through a fort system, the fort system executes the following procedures:
the fort system directly calls the associated information in the database according to the login information of the user to generate request data, wherein the request data at least comprises the associated information of the access user, the proxy gateway IP and the target host IP, and sends the request data to the corresponding proxy gateway according to the proxy gateway IP;
the proxy gateway modifies the target IP in the TCP data packet of the transmission layer into the target host IP and modifies the source IP into the proxy gateway IP according to the received request data, at this time, the client of the user and the target host directly establish connection through the connection between the fort machine and the proxy gateway, and the user realizes the access to the target host.
The technical scheme provided by the embodiment of the invention has the following beneficial effects:
according to the bastion system and the bastion access method based on the multi-local area network environment, the network deployment structure is readjusted, the traditional proxy gateway program is replaced, a plurality of bastion systems which are required to be deployed under a plurality of independent networks in the past are reduced to only one bastion system which is required to be deployed, only one hardware resource is required to be allocated to deploy and install the bastion, only one bastion system is required to be managed and maintained, and only one bastion system is required to be upgraded; meanwhile, when the vulnerability of the fort system occurs, only one fort system needs to be subjected to vulnerability repair, so that the hardware quantity is reduced, the hardware cost is saved, the management cost is reduced, the expansibility is increased, and secondly, the traditional proxy gateway needs to analyze a data protocol and transfer transmission data, needs to establish connection with a target host, and has low efficiency.
Of course, it is not necessary for any one product or method of practicing the invention to achieve all of the advantages set forth above at the same time.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings required for the description of the embodiments will be briefly described below, and it is apparent that the drawings in the following description are only some embodiments of the present invention, and other drawings may be obtained according to these drawings without inventive effort for a person of ordinary skill in the art.
FIG. 1 is a schematic diagram of a prior art network deployment architecture for a fort machine;
FIG. 2 is a flow chart of a method for accessing a fort based on a multi-LAN environment in accordance with an embodiment of the present invention;
FIG. 3 is a schematic diagram of a network deployment architecture of a fort system based on a multi-LAN environment in accordance with an embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present invention. It will be apparent that the described embodiments are only some, but not all, embodiments of the invention. The components of the embodiments of the present invention generally described and illustrated in the figures herein may be arranged and designed in a wide variety of different configurations. It should be noted that, in the case of no conflict, the embodiments of the present invention and features in the embodiments may also be combined with each other.
It should be noted that: like reference numerals and letters denote like items in the following figures, and thus once an item is defined in one figure, no further definition or explanation thereof is necessary in the following figures. In the description of the present invention, the terms "first," "second," "third," and the like are used merely to distinguish between descriptions and should not be construed as merely or implying relative importance.
Aiming at the problem that a plurality of bastion systems are required to be deployed in a complex network environment of a plurality of independent networks in the prior art, the invention provides a bastion system and a bastion access method based on a multi-local area network environment, a network deployment structure is readjusted, proxy gateways are arranged between a bastion machine and a plurality of different networks, host computer IP under each proxy gateway is stored in the bastion machine, database partitions are arranged for each corresponding host computer, and associated information of access users is stored in the database partitions; when a user accesses, the fort machine directly calls corresponding association information in the database and sends the association information to the proxy gateway, the proxy gateway directly connects the user with the target host through modifying the target IP of the TCP data packet, the proxy gateway does not need to establish connection with the target host, and the user can access different networks without perception, so that a fort machine system is shared by a plurality of local area networks. Only one bastion machine system hardware is needed, so that the number of hardware is reduced, and the cost is saved; when other local area networks are added, corresponding databases are added in the fort system, other hardware devices are not needed, and the expansion performance of the devices is improved; meanwhile, the fort machine is combined with the proxy gateway, and when a user accesses, the proxy gateway does not need to carry out protocol analysis, thereby accelerating the network access speed and reducing the traffic cost.
Referring to fig. 2, the fort machine access method based on the multi-lan environment provided by the embodiment of the present invention includes the following steps:
step S1, a proxy gateway and a corresponding IP address are set for each local area network, a single fort machine is set for a multi-local area network environment, and all proxy gateways are connected with the fort machines at the same time.
In this step, the security machine has a corresponding expansibility, and when the number of local area networks is increased, a corresponding proxy gateway connection can be added in the fort machine, without increasing the number of fort machines.
Meanwhile, the proxy gateway IP address corresponding to each local area network is unique; the IP address of the proxy gateway is an ingress address and does not include a specific host address therein.
Step S2, setting a database under the IP address of each proxy gateway in the fort machine, partitioning the database, wherein each partition corresponds to a host IP in a current local area network, and storing the associated information of the current host IP access user in the partition.
In this step, the storing of the association information of the current host IP access user may be performed when the user performs the first access or registration, or the association information may be directly imported, where the association information includes identity authentication information, authority, other registration information, and the like of the access user.
The step further includes storing association information for the newly registered user. When users register, the data created by each user are independent, namely, different users can only see the data created by themselves when logging in the system and store the data in the corresponding database partitions. When a user needs to be added, the user registers in the current fort system, and when the user registers, the user indicates the identity of the user, and meanwhile, the user definitely determines which proxy gateway local area network and which host under the local area network is to be accessed by the user; after identity authentication, the bastion system adds the current user into the corresponding partition of the corresponding database.
Step S3, after the user logs in the fort system through the client, the fort system directly calls the associated information in the database according to the login information of the user to generate request data, wherein the request data at least comprises the associated information of the access user, the proxy gateway IP and the target host IP, and the request data is sent to the corresponding proxy gateway according to the proxy gateway IP.
In this step, the request data generated by the fort machine also includes the authority information in the associated information. The bastion machine manages users in different networks through user authority control, and each user can only manage and check corresponding hosts under the local area network where the bastion machine is located. The fort machine directly invokes the stored associated information of the corresponding access user through the login information of the user, and directly generates request data according to the storage path of the associated information.
And S4, the proxy gateway modifies the target IP in the TCP data packet of the transmission layer into the target host IP and modifies the source IP into the proxy gateway IP according to the received request data, and at the moment, the client of the user and the target host directly establish connection through the connection between the fort machine and the proxy gateway, so that the user realizes the access to the target host.
In the step, the proxy gateway modifies the TCP data packet message of the transmission layer through the request data of the fort machine, and establishes a connection channel between the client of the user and the target host through the modification of the header of the OSI fourth layer protocol, so that the client does not need to independently establish connection with the proxy gateway and the proxy gateway does not need to independently establish connection with the target host; because the connection is not required to be established independently, and protocol analysis and data forwarding are not required, the client is directly connected with the target host, so that an intermediate link is omitted, the network access speed is increased, the traffic overhead is reduced, and the host access efficiency is improved by combining the fort machine with the proxy gateway.
The proxy gateway at this point acts as a proxy hop and these steps are all automatic so the proxy gateway address need not contain the target host address.
Based on the same idea, the embodiment of the invention also provides a bastion system based on a multi-local area network environment, referring to fig. 3, the bastion system comprises: each proxy gateway corresponds to one local area network, and sets a corresponding IP address for each proxy gateway, and each local area network comprises a plurality of hosts; a plurality of databases are arranged in the fort machine, and each database corresponds to an IP address of a proxy gateway; each database is divided into a plurality of partitions, and each partition corresponds to a host IP in a local area network corresponding to the current proxy gateway; and storing the associated information of the current host access user in the partition.
When a user accesses a target host in a multi-local area network environment through a fort system, the fort system executes the following procedures:
the fort system directly calls the associated information in the database according to the login information of the user to generate request data, wherein the request data at least comprises the associated information of the access user, the proxy gateway IP and the target host IP, and sends the request data to the corresponding proxy gateway according to the proxy gateway IP;
the proxy gateway modifies the target IP in the TCP data packet of the transmission layer into the target host IP and modifies the source IP into the proxy gateway IP according to the received request data, at this time, the client of the user and the target host are directly connected through the connection between the fort machine and the proxy gateway, and the user realizes the access to the target host.
According to the technical scheme, the method for sharing the fort machines in the multi-network environment provided by the embodiment of the invention has the advantages that the network deployment structure is readjusted, the number of fort machine systems which need to be deployed under a plurality of independent networks in the past is reduced to only one fort machine system, only one hardware resource is required to be allocated to deploy and install the fort machine, only one fort machine system is required to be managed and maintained, and only one fort machine system is required to be upgraded; meanwhile, when the bastion system itself has a bug, only one bastion system needs to be subjected to bug repair, so that the number of hardware is reduced, the hardware cost is saved, the management cost is reduced, and the expansibility of the bastion system is improved; meanwhile, the combination of the fort machine and the proxy gateway enables the client to directly establish connection with the target host, increases the network access speed, reduces the traffic overhead and improves the host access efficiency.
The above description is only of the preferred embodiments of the present invention and the description of the technical principles applied is not intended to limit the scope of the invention as claimed, but merely represents the preferred embodiments of the present invention. It will be appreciated by persons skilled in the art that the scope of the invention referred to in the present invention is not limited to the specific combinations of the technical features described above, but also covers other technical features formed by any combination of the technical features described above or their equivalents without departing from the inventive concept. All other embodiments, which can be made by a person skilled in the art without making any inventive effort, are intended to be within the scope of the present invention.
Claims (7)
1. The fort machine access method based on the multi-local area network environment is characterized by comprising the following steps:
step S1, setting a proxy gateway and a corresponding IP address for each local area network, setting a single fort machine for a multi-local area network environment, and connecting all proxy gateways with the fort machines at the same time;
step S2, setting a database under the IP address of each proxy gateway in the fort machine, partitioning the database, wherein each partition corresponds to a host IP in a current local area network, and storing the associated information of the current host IP access user in the partition;
step S3, after a user logs in the fort system through a client, the fort system directly calls the associated information in the database according to the login information of the user to generate request data, wherein the request data at least comprises the associated information of the access user, the proxy gateway IP and the target host IP, and the request data is sent to the corresponding proxy gateway according to the proxy gateway IP;
and S4, the proxy gateway modifies the target IP in the TCP data packet of the transmission layer into the target host IP and modifies the source IP into the proxy gateway IP according to the received request data, and at the moment, the client of the user and the target host directly establish connection through the connection between the fort machine and the proxy gateway, so that the user realizes the access to the target host.
2. The multi-lan environment based fort machine access method of claim 1, wherein the fort machines have corresponding extensibility, and when the number of lans is increased, corresponding proxy gateway connections are directly added to a unique fort machine.
3. The multi-lan environment-based fort machine access method of claim 1, wherein step S2 further comprises: and storing the association information of the newly registered user.
4. The multi-lan environment-based fort machine access method of claim 3, wherein said storing the association information of the newly registered user specifically comprises:
the user registers in the current fort system, and when the user registers, the user indicates the identity of the user, and simultaneously, the user confirms which local area network of the proxy gateway and which host under the local area network the user needs to access; after identity authentication, the bastion system adds the current user into the corresponding partition of the corresponding database.
5. The multi-lan environment based fort machine access method of any one of claims 1-4, wherein the association information includes identity authentication information of the accessing user, access rights.
6. The multi-lan environment-based fort machine access method according to claim 1, wherein the generating request information in step S3 specifically includes: the fort machine directly invokes the stored associated information of the corresponding access user through the login information of the user, and generates request data according to the associated information and the storage path.
7. A bastion system based on a multi-lan environment, the bastion system comprising: a fort machine, proxy gateways with the same number as local area networks; wherein,,
each proxy gateway corresponds to a local area network, and sets a corresponding IP address for each proxy gateway, wherein each local area network comprises a plurality of hosts;
a plurality of databases are arranged in the fort machine, and each database corresponds to an IP address of a proxy gateway; each database is divided into a plurality of partitions, and each partition corresponds to a host IP in a local area network corresponding to the current proxy gateway; storing the associated information of the current host access user in the partition;
when a user accesses a target host in a multi-local area network environment through a fort system, the fort system executes the following procedures:
the fort system directly calls the associated information in the database according to the login information of the user to generate request data, wherein the request data at least comprises the associated information of the access user, the proxy gateway IP and the target host IP, and sends the request data to the corresponding proxy gateway according to the proxy gateway IP;
the proxy gateway modifies the target IP in the TCP data packet of the transmission layer into the target host IP and modifies the source IP into the proxy gateway IP according to the received request data, at this time, the client of the user and the target host directly establish connection through the connection between the fort machine and the proxy gateway, and the user realizes the access to the target host.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210790944.8A CN115296848B (en) | 2022-07-05 | 2022-07-05 | Multi-local area network environment-based fort system and fort access method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210790944.8A CN115296848B (en) | 2022-07-05 | 2022-07-05 | Multi-local area network environment-based fort system and fort access method |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN115296848A CN115296848A (en) | 2022-11-04 |
| CN115296848B true CN115296848B (en) | 2023-08-25 |
Family
ID=83821585
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210790944.8A Active CN115296848B (en) | 2022-07-05 | 2022-07-05 | Multi-local area network environment-based fort system and fort access method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115296848B (en) |
Families Citing this family (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115941766A (en) * | 2022-11-22 | 2023-04-07 | 京东科技信息技术有限公司 | Operation and maintenance data processing method and device |
| CN116032611A (en) * | 2022-12-28 | 2023-04-28 | 北京深盾科技股份有限公司 | Login method, system and storage medium of network equipment |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US10511584B1 (en) * | 2016-09-29 | 2019-12-17 | Amazon Technologies, Inc. | Multi-tenant secure bastion |
| CN111490981A (en) * | 2020-04-01 | 2020-08-04 | 广州虎牙科技有限公司 | Access management method and device, bastion machine and readable storage medium |
| CN112769808A (en) * | 2020-12-31 | 2021-05-07 | 章和技术(广州)有限公司 | Mobile fort machine for industrial local area network, operation and maintenance method thereof and computer equipment |
| CN113645213A (en) * | 2021-08-03 | 2021-11-12 | 南方电网国际有限责任公司 | Multi-terminal network management monitoring system based on VPN technology |
| CN114244604A (en) * | 2021-12-16 | 2022-03-25 | 杭州乒乓智能技术有限公司 | Integrated authority management method and system suitable for bastion machine, electronic device and readable storage medium |
-
2022
- 2022-07-05 CN CN202210790944.8A patent/CN115296848B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US10511584B1 (en) * | 2016-09-29 | 2019-12-17 | Amazon Technologies, Inc. | Multi-tenant secure bastion |
| CN111490981A (en) * | 2020-04-01 | 2020-08-04 | 广州虎牙科技有限公司 | Access management method and device, bastion machine and readable storage medium |
| CN112769808A (en) * | 2020-12-31 | 2021-05-07 | 章和技术(广州)有限公司 | Mobile fort machine for industrial local area network, operation and maintenance method thereof and computer equipment |
| CN113645213A (en) * | 2021-08-03 | 2021-11-12 | 南方电网国际有限责任公司 | Multi-terminal network management monitoring system based on VPN technology |
| CN114244604A (en) * | 2021-12-16 | 2022-03-25 | 杭州乒乓智能技术有限公司 | Integrated authority management method and system suitable for bastion machine, electronic device and readable storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN115296848A (en) | 2022-11-04 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108650182B (en) | Network communication method, system, device, equipment and storage medium | |
| US11063819B2 (en) | Managing use of alternative intermediate destination computing nodes for provided computer networks | |
| US11563681B2 (en) | Managing communications using alternative packet addressing | |
| CN115296848B (en) | Multi-local area network environment-based fort system and fort access method | |
| US11171836B2 (en) | Providing virtual networking functionality for managed computer networks | |
| US20210344714A1 (en) | Cyber threat deception method and system, and forwarding device | |
| CN101257523B (en) | Method for supporting IP network interconnectivity between partitions in a virtualized environment | |
| US20180351904A1 (en) | Adaptive resolution of domain name requests in virtual private cloud network environments | |
| US20170257269A1 (en) | Network controller with integrated resource management capability | |
| US8429739B2 (en) | Authorizing communications between computing nodes | |
| US7643484B2 (en) | Network abstraction and isolation layer rules-based federation and masquerading | |
| US6600743B1 (en) | IP multicast interface | |
| US8458303B2 (en) | Utilizing a gateway for the assignment of internet protocol addresses to client devices in a shared subset | |
| US11252126B1 (en) | Domain name resolution in environment with interconnected virtual private clouds | |
| US7567573B2 (en) | Method for automatic traffic interception | |
| US20020075878A1 (en) | Ip multicast interface | |
| CN111756830A (en) | Internal network load balancing implementation method of public cloud network | |
| EP1701516B1 (en) | Method for facilitating application server functionality and access node comprising the same | |
| CN110336730B (en) | Network system and data transmission method | |
| CN113364741A (en) | Application access method and proxy server | |
| USH2065H1 (en) | Proxy server | |
| CN115955456A (en) | IPv 6-based enterprise campus network and networking method | |
| CN110851238A (en) | Implementation method of openstack fully-distributed dhcp service | |
| CN106790502B (en) | Load balancing system of IPv4 terminal and IPv6 service intercommunication service based on NAT64 prefix | |
| US10021066B2 (en) | Clustered server sharing |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |