CN115396399A - Domain name resource access method and device, electronic equipment and storage medium - Google Patents
Domain name resource access method and device, electronic equipment and storage medium Download PDFInfo
- Publication number
- CN115396399A CN115396399A CN202211018135.1A CN202211018135A CN115396399A CN 115396399 A CN115396399 A CN 115396399A CN 202211018135 A CN202211018135 A CN 202211018135A CN 115396399 A CN115396399 A CN 115396399A
- Authority
- CN
- China
- Prior art keywords
- address
- domain name
- proxy
- vpn
- resource access
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 49
- 238000013507 mapping Methods 0.000 claims abstract description 70
- 238000004590 computer program Methods 0.000 claims 2
- 238000004891 communication Methods 0.000 description 5
- 238000006243 chemical reaction Methods 0.000 description 4
- 238000010586 diagram Methods 0.000 description 4
- 230000008569 process Effects 0.000 description 4
- 230000004044 response Effects 0.000 description 4
- 230000008859 change Effects 0.000 description 3
- 230000006870 function Effects 0.000 description 3
- 238000005516 engineering process Methods 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000013500 data storage Methods 0.000 description 1
- 238000010295 mobile communication Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000002085 persistent effect Effects 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
- 230000008707 rearrangement Effects 0.000 description 1
- 238000007670 refining Methods 0.000 description 1
- 239000007787 solid Substances 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/46—Interconnection of networks
- H04L12/4641—Virtual LANs, VLANs, e.g. virtual private networks [VPN]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements, protocols or services for addressing or naming
- H04L61/09—Mapping addresses
- H04L61/25—Mapping addresses of the same type
- H04L61/2503—Translation of Internet protocol [IP] addresses
- H04L61/255—Maintenance or indexing of mapping tables
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The embodiment of the application discloses a domain name resource access method, a domain name resource access device, electronic equipment and a storage medium. Acquiring a VPN domain name request sent by a client; the VPN domain name request comprises a VPN domain name; determining an agent IP address corresponding to the VPN domain name request, and feeding back the agent IP address to the client; determining a target IP address corresponding to the VPN domain name, and establishing a latest mapping relation among the VPN domain name, the target IP address and the proxy IP address; responding to a resource access request generated by a client based on the proxy IP address, and determining a target IP address corresponding to the proxy IP address in the resource access request according to the latest mapping relation; and according to the target IP address, performing resource access on the VPN domain name corresponding to the proxy IP address. According to the embodiment of the application, the intranet domain name resources are accessed through the VPN.
Description
Technical Field
The embodiment of the application relates to communication technologies, and in particular, to a domain name resource access method and apparatus, an electronic device, and a storage medium.
Background
When enterprise employees need to access intranet resources, websites, or servers outside the enterprise, a VPN (Virtual Private Network) is usually used for remote access.
In the prior art, accessing intranet resources by using a domain name requires maintaining a relationship between the domain name resources and an IP Address (Internet Protocol Address) in an intranet system on a VPN server.
However, in a cloud environment, the intranet IP address corresponding to the domain name resource changes regularly, so that the intranet resource cannot be accessed through the VPN.
Disclosure of Invention
The application provides a domain name resource access method, a domain name resource access device, electronic equipment and a storage medium, so that access of intranet domain name resources is achieved through VPN.
In a first aspect, an embodiment of the present application provides a domain name resource access method, which is applied to a proxy server, and the domain name resource access method includes:
acquiring a Virtual Private Network (VPN) domain name request sent by a client; the VPN domain name request comprises a VPN domain name;
determining a proxy Internet Protocol (IP) address corresponding to the VPN domain name request, and feeding back the proxy IP address to the client;
determining a target IP address corresponding to the VPN domain name, and establishing a latest mapping relation among the VPN domain name, the target IP address and the proxy IP address;
responding to a resource access request generated by a client based on the proxy IP address, and determining a target IP address corresponding to the proxy IP address in the resource access request according to the latest mapping relation;
and according to the target IP address, performing resource access on the VPN domain name corresponding to the proxy IP address.
In a second aspect, an embodiment of the present application further provides a domain name resource access device, configured at a proxy server, where the domain name resource access device includes:
the VPN domain name request acquisition module is used for acquiring a virtual private network VPN domain name request sent by a client; the VPN domain name request comprises a VPN domain name;
the proxy IP address determining module is used for determining a proxy Internet protocol address IP address corresponding to the VPN domain name request and feeding back the proxy IP address to the client;
the target IP address determining module is used for determining a target IP address corresponding to the VPN domain name and establishing a latest mapping relation among the VPN domain name, the target IP address and the proxy IP address;
the mapping relation using module is used for responding to a resource access request generated by the client based on the proxy IP address and determining a target IP address corresponding to the proxy IP address in the resource access request according to the latest mapping relation;
and the domain name resource access module is used for performing resource access on the VPN domain name corresponding to the proxy IP address according to the target IP address.
In a third aspect, an embodiment of the present application further provides an electronic device, where the electronic device includes:
one or more processors;
storage means for storing one or more programs;
when the one or more programs are executed by the one or more processors, the one or more processors implement any one of the domain name resource access methods provided by the embodiments of the present application.
In a fourth aspect, embodiments of the present application further provide a storage medium including computer-executable instructions, which when executed by a computer processor, are configured to perform any one of the domain name resource access methods provided by the embodiments of the present application.
The method comprises the steps of obtaining a Virtual Private Network (VPN) domain name request sent by a client; the VPN domain name request comprises a VPN domain name; determining an agent Internet Protocol (IP) address corresponding to the VPN domain name request, and feeding back the agent IP address to the client, wherein the client can access domain name resources through the agent IP address; determining a target IP address corresponding to the VPN domain name, and establishing a latest mapping relation among the VPN domain name, the target IP address and the proxy IP address; responding to a resource access request generated by a client based on the proxy IP address, and determining a target IP address corresponding to the proxy IP address in the resource access request according to the latest mapping relation; according to the target IP address, resource access is carried out on the VPN domain name corresponding to the proxy IP address, the server side can realize conversion from the proxy IP address to the target IP address by obtaining the target IP address, resource access is carried out on the VPN domain name corresponding to the proxy IP address, and the target IP address corresponding to the VPN domain name can be updated in real time by establishing a latest mapping relation. Therefore, the technical scheme of the application solves the problem that in a cloud environment, the intranet IP address corresponding to the domain name resource can change regularly, so that the intranet resource cannot be accessed through the VPN. The access of intranet domain name resources through the VPN is realized.
Drawings
FIG. 1 is a flowchart of a domain name resource access method in a first embodiment of the present application;
FIG. 2 is a flowchart of a domain name resource access method in the second embodiment of the present application;
FIG. 3 is a flowchart of a domain name resource access method in the third embodiment of the present application;
fig. 4 is a schematic structural diagram of a domain name resource access device in a fourth embodiment of the present application;
fig. 5 is a schematic structural diagram of an electronic device in a fifth embodiment of the present application.
Detailed Description
In order to make the technical solutions better understood by those skilled in the art, the technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are only partial embodiments of the present application, but not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
It should be noted that the terms "first" and "second," and the like in the description and claims of the present application and in the above-described drawings are used for distinguishing between similar elements and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used is interchangeable under appropriate circumstances such that the embodiments of the application described herein are capable of operation in sequences other than those illustrated or described herein. Furthermore, the terms "comprises," "comprising," and "having," and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed, but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.
Example one
Fig. 1 is a flowchart of a domain name resource access method according to an embodiment of the present disclosure, where the present embodiment is applicable to a case where VPN access is performed through domain name resources in a cloud environment, and the method may be executed by a domain name resource access device, where the domain name resource access device may be implemented by software and/or hardware, and is specifically configured in a proxy server, for example, a server.
Referring to fig. 1, the domain name resource access method applied to a proxy server specifically includes the following steps:
s110, acquiring a VPN domain name request sent by a client; the VPN domain name request includes a VPN domain name.
VPN is a remote access that establishes a private network over a public network for encrypted communications. For example, if a company employee goes on business and goes out of business, if a server resource of an intranet is accessed, the access belongs to remote access. Specifically, the VPN gateway implements remote access by encrypting a packet and converting a destination address of the packet.
When the client terminal performs VPN connection through the domain name, the VPN connection can be performed only by acquiring the IP address corresponding to the domain name, so that the client terminal sends a VPN domain name request to the proxy server terminal, wherein the VPN domain name request comprises the VPN domain name and is used for indicating the proxy server terminal to return the IP address corresponding to the VPN domain name. Specifically, the VPN domain name in the VPN domain name request may be any one of an exact domain name and a wildcard domain name, which is not specifically limited in this application.
S120, determining the proxy IP address corresponding to the VPN domain name request, and feeding back the proxy IP address to the client.
The proxy IP address is a proxy IP address allocated by the proxy server for the VPN domain name, namely the IP address is not a real IP address corresponding to the domain name in an intranet, and is used for establishing connection between the client and the proxy server, and the client can establish a safe tunnel with the server according to the proxy IP address returned by the proxy server for communication. After receiving the VPN domain name request, the proxy server acquires the VPN domain name in the VPN domain name request based on a private user data packet protocol of the proxy server, determines a proxy IP address corresponding to the VPN domain name, and feeds the proxy IP address back to the client.
S130, determining a target IP address corresponding to the VPN domain name, and establishing a latest mapping relation among the VPN domain name, the target IP address and the proxy IP address.
The target IP address is a real IP address corresponding to the VPN domain name in the intranet. For example, in a cloud environment, IP addresses corresponding to domain names may change, that is, target IP addresses corresponding to the same VPN domain name at different times may be different. After the proxy server side obtains the VPN domain name, the IP address corresponding to the VPN domain name is obtained at the intranet server side and serves as a target IP address, and the latest mapping relation among the VPN domain name, the target IP address and the proxy IP address is established at the proxy server side.
S140, responding to a resource access request generated by the client based on the proxy IP address, and determining a target IP address corresponding to the proxy IP address in the resource access request according to the latest mapping relation.
After receiving the proxy IP address fed back by the proxy server, the client generates a resource access request based on the proxy IP address, wherein the resource access request is a VPN resource access request containing the proxy IP address. After receiving the resource access request of the client, the proxy server determines a target IP address corresponding to the proxy IP address in the resource access request according to the latest mapping relation, and the target IP address is used for converting the IP address, namely converting the proxy IP address into the corresponding target IP address.
S150, according to the target IP address, resource access is carried out on the VPN domain name corresponding to the proxy IP address.
The resource access is to access intranet resources corresponding to the VPN domain name. For example, the resource access may be access to a website or a server in an intranet, such as browsing a webpage, downloading or uploading data, and the like. And sending the resource access request of the client to a corresponding intranet for resource access according to the target IP address. Based on the mapping relation among the VPN domain name, the target IP address and the proxy IP address, the resource access of the VPN domain name corresponding to the proxy IP address can be realized according to the target IP address.
According to the technical scheme of the embodiment, a Virtual Private Network (VPN) domain name request sent by a client is acquired; the VPN domain name request comprises a VPN domain name; determining an agent Internet Protocol (IP) address corresponding to the VPN domain name request, and feeding back the agent IP address to the client, wherein the client can access domain name resources through the agent IP address; determining a target IP address corresponding to the VPN domain name, and establishing a latest mapping relation among the VPN domain name, the target IP address and the proxy IP address; responding to a resource access request generated by the client based on the proxy IP address, and determining a target IP address corresponding to the proxy IP address in the resource access request according to the latest mapping relation; according to the target IP address, resource access is carried out on the VPN domain name corresponding to the proxy IP address, the server side can achieve conversion from the proxy IP address to the target IP address by obtaining the target IP address, resource access is carried out on the VPN domain name corresponding to the proxy IP address, and the target IP address corresponding to the VPN domain name can be updated in real time by establishing a latest mapping relation. Therefore, the technical scheme of the application solves the problem that in a cloud environment, the intranet IP address corresponding to the domain name resource can change regularly, so that the intranet resource cannot be accessed through the VPN. The access to domain name resources is realized.
Example two
Fig. 2 is a flowchart of a flowchart method of a domain name resource access method provided in the second embodiment of the present application, and the technical solution of the present embodiment is further refined on the basis of the above technical solution.
Further, the method for determining the proxy IP address corresponding to the VPN domain name request is refined as follows: when the historical mapping relation corresponding to the VPN domain name is locally stored, the proxy IP address corresponding to the VPN domain name is locally acquired according to the historical mapping relation so as to quickly acquire the proxy IP address.
Further, the method comprises the step of determining the proxy IP address corresponding to the VPN domain name request, and the step of refining the proxy IP address into the step of selecting the proxy IP address from at least one candidate IP address when the historical mapping relation corresponding to the VPN domain name is not stored locally so as to select the proxy IP address for the new VPN domain name.
Further, the "determining a target IP address corresponding to the VPN domain name" is refined as follows: the method comprises the steps of obtaining a target IP address corresponding to a VPN domain name from an intranet DNS server so as to obtain the target IP address corresponding to the VPN domain name in the intranet.
Referring to fig. 2, a domain name resource access method includes:
s210, acquiring a Virtual Private Network (VPN) domain name request sent by a client; the VPN domain name request includes a VPN domain name.
S220, determining the proxy IP address corresponding to the VPN domain name request.
And determining the proxy IP address corresponding to the VPN domain name request by judging whether the proxy server locally stores the VPN domain name or not, namely whether the historical mapping relation corresponding to the VPN domain name is stored or not. Specifically, if the presence exists, the process proceeds to S221, and if the absence does not exist, the process proceeds to S222.
S221, when the historical mapping relation corresponding to the VPN domain name is locally stored, the proxy IP address corresponding to the VPN domain name is locally obtained according to the historical mapping relation.
The historical mapping relation is the mapping relation between the VPN domain name and the proxy IP address stored locally at the proxy server side. When the historical mapping relation corresponding to the VPN domain name is locally stored, namely when the mapping relation between the VPN domain name and the proxy IP address is locally stored in the proxy server, the proxy IP address corresponding to the VPN domain name in the locally stored historical mapping relation is used as the proxy IP address of the VPN domain name. The rate of acquiring proxy IP addresses is increased.
S222, when the historical mapping relation corresponding to the VPN domain name is not stored locally, selecting a proxy IP address from at least one candidate IP address.
The candidate IP addresses are a group of IP addresses pre-stored by the server for assigning a proxy IP address to the VPN domain name. When the historical mapping relation corresponding to the VPN domain name is not stored locally, namely when the mapping relation between the VPN domain name and the proxy IP address is not stored locally at the proxy server, one candidate IP address is selected from at least one candidate IP address to serve as the proxy IP address. Specifically, the selection mode for selecting the proxy IP address may be to select the candidate IP addresses sequentially or randomly, which is not specifically limited in this application.
And S230, feeding back the proxy IP address to the client.
S240, acquiring a target IP address corresponding to the VPN domain name from the intranet DNS server.
The intranet DNS server is a server in the intranet when performing VPN communication, and a mapping relationship between a domain name and an IP address corresponding to the domain name, that is, a mapping relationship between a VPN domain name and a target IP address corresponding to the VPN domain name, is stored in the server. And the proxy server acquires a corresponding IP address from the intranet DNS server according to the VPN domain name, and takes the IP address as a target IP address.
S250, establishing the latest mapping relation among the VPN domain name, the target IP address and the proxy IP address.
S260, responding to a resource access request generated by the client based on the proxy IP address, and determining a target IP address corresponding to the proxy IP address in the resource access request according to the latest mapping relation.
And S270, according to the target IP address, performing resource access on the VPN domain name corresponding to the proxy IP address.
According to the technical scheme of the embodiment, when the historical mapping relation corresponding to the VPN domain name is stored locally, the proxy IP address technology corresponding to the VPN domain name is locally obtained according to the historical mapping relation, so that the workload of distributing the proxy IP address is reduced, and the distribution rate is improved; when the historical mapping relation corresponding to the VPN domain name is not stored locally, the proxy IP address is selected from at least one candidate IP address, and the proxy IP address can be quickly acquired for the VPN domain name without the historical mapping relation. The target IP address corresponding to the VPN domain name is obtained from the intranet DNS server, the proxy IP address can be accurately converted into the target IP address, and the target IP address is updated in time when the target IP address changes, so that resource access is performed on the VPN domain name corresponding to the proxy IP address.
In an optional embodiment, the domain name resource access method further includes: determining an agent IP address corresponding to the target IP address according to the latest mapping relation; and feeding back resource access data corresponding to the resource access request to the client based on the proxy IP address.
When the access data of the response to the resource access of the client is acquired, the proxy IP address corresponding to the target IP address is determined according to the latest mapping relation, namely, the target IP address is converted into the proxy IP address. And feeding back resource access data corresponding to the resource access request to the client based on the proxy IP address.
And determining an agent IP address corresponding to the target IP address according to the latest mapping relation, forwarding the resource access data corresponding to the acquired resource access request to the client, completing the response to the client resource access request, and completing the VPN domain name resource access communication of the client once.
EXAMPLE III
Fig. 3 is a flowchart of a domain name resource access method provided in a third embodiment of the present application, which is a specific example of the foregoing embodiment.
When the client needs to access VPN domain name resources, the operating system of the client intercepts the domain name. The client is preset with an interception rule, intercepts certain domain names, for example, intercepts domain names in the form of' a.
And the proxy server analyzes the received domain name resolution request through a corresponding private UDP protocol. Specifically, whether the historical mapping relation of the domain name is stored or not is inquired at the proxy server, namely whether a proxy IP address is already allocated to the VPN domain name or not, and if yes, the inquired historical proxy IP address is returned to the client; if not, selecting one IP address from the candidate IP addresses as a proxy IP address to return to the client.
Meanwhile, the proxy server inquires a target IP address corresponding to the VPN domain name in the intranet at the intranet DNS server in real time, establishes a persistent storage association relation among the target IP address, the proxy IP address and the VPN domain name, and specifically stores the conversion relation from the proxy IP address to the target IP address into a firewall of the proxy server.
And the client receives the proxy IP address, forms a resource access request according to the proxy IP address and introduces and flows into the corresponding VPN tunnel according to the proxy IP address.
The proxy server receives the resource access request of the client, and the firewall of the proxy server converts the proxy IP address into the target IP address and sends the target IP address to the intranet service system. And after responding to the access request, the intranet service system returns corresponding data to the proxy server. The firewall of the proxy server converts the target IP address into the proxy IP address and sends the proxy IP address to the client.
The client-side leads the proxy IP address returned by the proxy server-side into the corresponding VPN tunnel without knowing the target IP address, so that the response efficiency of VPN domain name resource access can be improved. The proxy server can deal with the situation that the IP address corresponding to the domain name in the cloud environment changes by acquiring the target IP address in the intranet server in real time, and access to intranet domain name resources through the VPN is achieved.
Example four
Fig. 4 is a schematic structural diagram of a domain name resource access device according to a fourth embodiment of the present disclosure, where this embodiment is applicable to a case where a VPN access is performed through domain name resources in a cloud environment, and the method may be executed by the domain name resource access device and configured at a proxy server, and the specific structure of the domain name resource access device is as follows:
a VPN domain name request obtaining module 310, configured to obtain a virtual private network VPN domain name request sent by a client; the VPN domain name request comprises a VPN domain name;
the proxy IP address determining module 320 is configured to determine a proxy internet protocol address IP address corresponding to the VPN domain name request, and feed back the proxy IP address to the client;
a target IP address determining module 330, configured to determine a target IP address corresponding to the VPN domain name, and establish a latest mapping relationship between the VPN domain name, the target IP address, and the proxy IP address;
the mapping relation using module 340 is configured to, in response to a resource access request generated by the client based on the proxy IP address, determine, according to the latest mapping relation, a target IP address corresponding to the proxy IP address in the resource access request;
and a domain name resource access module 350, configured to perform resource access on the VPN domain name corresponding to the proxy IP address according to the target IP address.
According to the technical scheme of the embodiment, a VPN domain name request acquisition module acquires a VPN domain name request sent by a client; the VPN domain name request comprises a VPN domain name; determining a proxy Internet Protocol (IP) address corresponding to the VPN domain name request through a proxy IP address determining module, and feeding back the proxy IP address to the client; determining a target IP address corresponding to the VPN domain name through a target IP address determining module, and establishing a latest mapping relation among the VPN domain name, the target IP address and the proxy IP address; responding to a resource access request generated by a client based on an agent IP address through a mapping relation using module, and determining a target IP address corresponding to the agent IP address in the resource access request according to the latest mapping relation; the domain name resource access module is used for accessing resources to the VPN domain name corresponding to the proxy IP address according to the target IP address, the server side can realize the conversion from the proxy IP address to the target IP address by acquiring the target IP address, resource access to the VPN domain name corresponding to the proxy IP address is realized, and the target IP address corresponding to the VPN domain name can be updated in real time by establishing a latest mapping relation. Therefore, the technical scheme solves the problem that in a cloud environment, the intranet IP address corresponding to the domain name resource changes regularly, so that the intranet resource cannot be accessed through the VPN. The access of intranet domain name resources through the VPN is realized.
Optionally, the proxy IP address determining module 320 includes:
and the historical proxy IP address acquisition unit is used for locally acquiring the proxy IP address corresponding to the VPN domain name according to the historical mapping relation when the historical mapping relation corresponding to the VPN domain name is locally stored.
Optionally, the proxy IP address determining module 320 includes:
and the proxy IP address acquisition unit is used for selecting a proxy IP address from at least one candidate IP address when the historical mapping relation corresponding to the VPN domain name is not stored locally.
Optionally, the target IP address determining module 330 includes:
and the target IP address acquisition unit is used for acquiring a target IP address corresponding to the VPN domain name from the DNS server of the intranet domain name system.
Optionally, the apparatus for accessing a domain name resource further includes:
the proxy IP address acquisition module is used for determining a proxy IP address corresponding to the target IP address according to the latest mapping relation;
and the resource access request feedback module is used for feeding back resource access data corresponding to the resource access request to the client based on the proxy IP address.
The domain name resource access device provided by the embodiment of the application can execute the domain name resource access method provided by any embodiment of the application, and has the corresponding functional modules and beneficial effects of the execution method.
EXAMPLE five
Fig. 5 is a schematic structural diagram of an electronic device according to a fifth embodiment of the present disclosure, as shown in fig. 5, the electronic device includes a processor 410, a memory 420, an input device 430, and an output device 440; the number of the processors 410 in the electronic device may be one or more, and one processor 410 is taken as an example in fig. 5; the processor 410, the memory 420, the input device 430 and the output device 440 in the electronic apparatus may be connected by a bus or other means, and the connection by the bus is exemplified in fig. 5.
The memory 420 serves as a computer-readable storage medium, and can be used for storing software programs, computer-executable programs, and modules, such as program instructions/modules corresponding to the domain name resource accessing method in the embodiments of the present application (for example, the VPN domain name request acquiring module 310, the proxy IP address determining module 320, the target IP address determining module 330, the mapping relation using module 340, and the domain name resource accessing module 350). The processor 410 executes various functional applications and data processing of the electronic device by executing software programs, instructions and modules stored in the memory 420, that is, implements the above-described domain name resource access method.
The memory 420 may mainly include a program storage area and a data storage area, wherein the program storage area may store an operating system, an application program required for at least one function; the storage data area may store data created according to the use of the terminal, and the like. Further, the memory 420 may include high speed random access memory, and may also include non-volatile memory, such as at least one magnetic disk storage device, flash memory device, or other non-volatile solid state storage device. In some examples, memory 420 may further include memory located remotely from processor 410, which may be connected to an electronic device over a network. Examples of such networks include, but are not limited to, the internet, intranets, local area networks, mobile communication networks, and combinations thereof.
The input means 430 may be used to receive input character information and generate key signal inputs related to user settings and function control of the electronic device. The output device 440 may include a display device such as a display screen.
EXAMPLE six
A storage medium containing computer-executable instructions, which when executed by a computer processor, perform a method for domain name resource access, the method comprising: acquiring a Virtual Private Network (VPN) domain name request sent by a client; the VPN domain name request comprises a VPN domain name; determining a proxy Internet Protocol (IP) address corresponding to the VPN domain name request, and feeding back the proxy IP address to the client; determining a target IP address corresponding to the VPN domain name, and establishing a latest mapping relation among the VPN domain name, the target IP address and the proxy IP address; responding to a resource access request generated by a client based on the proxy IP address, and determining a target IP address corresponding to the proxy IP address in the resource access request according to the latest mapping relation; and according to the target IP address, performing resource access on the VPN domain name corresponding to the proxy IP address.
Of course, the storage medium provided in the embodiments of the present application contains computer-executable instructions, and the computer-executable instructions are not limited to the method operations described above, and may also perform related operations in the domain name resource access method provided in any embodiments of the present application.
From the above description of the embodiments, it is obvious for those skilled in the art that the present application can be implemented by software and necessary general hardware, and certainly can be implemented by hardware, but the former is a better embodiment in many cases. Based on such understanding, the technical solutions of the present application may be embodied in the form of a software product, which may be stored in a computer-readable storage medium, such as a floppy disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a FLASH Memory (FLASH), a hard disk or an optical disk of a computer, and includes several instructions for enabling an electronic device (which may be a personal computer, a server, or a network device) to execute the methods described in the embodiments of the present application.
It should be noted that, in the embodiment of the search apparatus, each included unit and each included module are merely divided according to functional logic, but are not limited to the above division, as long as corresponding functions can be implemented; in addition, specific names of the functional units are only used for distinguishing one functional unit from another, and are not used for limiting the protection scope of the application.
It is to be noted that the foregoing is only illustrative of the preferred embodiments of the present application and the technical principles employed. Those skilled in the art will appreciate that the present application is not limited to the particular embodiments described herein, but is capable of many obvious modifications, rearrangements and substitutions without departing from the scope of the application. Therefore, although the present application has been described in more detail with reference to the above embodiments, the present application is not limited to the above embodiments, and may include other equivalent embodiments without departing from the spirit of the present application, and the scope of the present application is determined by the scope of the appended claims.
Claims (10)
1. A domain name resource access method is applied to a proxy server and comprises the following steps:
acquiring a Virtual Private Network (VPN) domain name request sent by a client; the VPN domain name request comprises a VPN domain name;
determining a proxy Internet Protocol (IP) address corresponding to the VPN domain name request, and feeding back the proxy IP address to the client;
determining a target IP address corresponding to the VPN domain name, and establishing a latest mapping relation among the VPN domain name, the target IP address and the proxy IP address;
responding to a resource access request generated by the client based on the proxy IP address, and determining the target IP address corresponding to the proxy IP address in the resource access request according to the latest mapping relation;
and according to the target IP address, performing resource access on the VPN domain name corresponding to the proxy IP address.
2. The method of claim 1, wherein said determining the proxy IP address to which the VPN domain name request corresponds comprises:
and when the historical mapping relation corresponding to the VPN domain name is locally stored, locally acquiring the proxy IP address corresponding to the VPN domain name according to the historical mapping relation.
3. The method of claim 1, wherein said determining the proxy IP address to which the VPN domain name request corresponds comprises:
and when the historical mapping relation corresponding to the VPN domain name is not stored locally, selecting the proxy IP address from at least one candidate IP address.
4. The method according to any of claims 1-3, wherein said determining the target IP address corresponding to the VPN domain name comprises:
and acquiring the target IP address corresponding to the VPN domain name from an intranet Domain Name System (DNS) server.
5. The method according to any one of claims 1-3, further comprising:
determining the proxy IP address corresponding to the target IP address according to the latest mapping relation;
and feeding back resource access data corresponding to the resource access request to the client based on the proxy IP address.
6. A domain name resource access device, configured at a proxy server, comprising:
the VPN domain name request acquisition module is used for acquiring a virtual private network VPN domain name request sent by a client; the VPN domain name request comprises a VPN domain name;
the proxy IP address determining module is used for determining a proxy Internet protocol address IP address corresponding to the VPN domain name request and feeding back the proxy IP address to the client;
a target IP address determining module, configured to determine a target IP address corresponding to the VPN domain name, and establish a latest mapping relationship among the VPN domain name, the target IP address, and the proxy IP address;
the mapping relation using module is used for responding to a resource access request generated by the client based on the proxy IP address and determining the target IP address corresponding to the proxy IP address in the resource access request according to the latest mapping relation;
and the domain name resource access module is used for performing resource access on the VPN domain name corresponding to the proxy IP address according to the target IP address.
7. The method of claim 6, wherein the proxy IP address determination module comprises:
and the historical proxy IP address acquisition unit is used for locally acquiring the proxy IP address corresponding to the VPN domain name according to the historical mapping relation when the historical mapping relation corresponding to the VPN domain name is locally stored.
8. The method of claim 6, wherein the proxy IP address determination module comprises:
and the proxy IP address acquisition unit is used for selecting the proxy IP address from at least one candidate IP address when the historical mapping relation corresponding to the VPN domain name is not stored locally.
9. An electronic device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, wherein the processor implements the domain name resource access method according to any one of claims 1-5 when executing the program.
10. A computer-readable storage medium, on which a computer program is stored, which, when being executed by a processor, carries out a method for domain name resource access according to any one of claims 1 to 5.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211018135.1A CN115396399A (en) | 2022-08-24 | 2022-08-24 | Domain name resource access method and device, electronic equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211018135.1A CN115396399A (en) | 2022-08-24 | 2022-08-24 | Domain name resource access method and device, electronic equipment and storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN115396399A true CN115396399A (en) | 2022-11-25 |
Family
ID=84120649
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202211018135.1A Pending CN115396399A (en) | 2022-08-24 | 2022-08-24 | Domain name resource access method and device, electronic equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115396399A (en) |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112637346A (en) * | 2020-12-24 | 2021-04-09 | 北京知道创宇信息技术股份有限公司 | Proxy method, device, proxy server and storage medium |
| CN113691646A (en) * | 2021-08-18 | 2021-11-23 | 北京天融信网络安全技术有限公司 | Domain name service resource access method, device, electronic equipment and medium |
| CN114189393A (en) * | 2022-02-15 | 2022-03-15 | 北京指掌易科技有限公司 | Data processing method, device, equipment and storage medium |
-
2022
- 2022-08-24 CN CN202211018135.1A patent/CN115396399A/en active Pending
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112637346A (en) * | 2020-12-24 | 2021-04-09 | 北京知道创宇信息技术股份有限公司 | Proxy method, device, proxy server and storage medium |
| CN113691646A (en) * | 2021-08-18 | 2021-11-23 | 北京天融信网络安全技术有限公司 | Domain name service resource access method, device, electronic equipment and medium |
| CN114189393A (en) * | 2022-02-15 | 2022-03-15 | 北京指掌易科技有限公司 | Data processing method, device, equipment and storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11012459B2 (en) | Rule-based network-threat detection | |
| CN111460460B (en) | Task access method, device, proxy server and machine-readable storage medium | |
| CN107528862B (en) | Domain name resolution method and device | |
| CN103051740B (en) | Domain name analytic method, dns server and domain name analysis system | |
| US9294391B1 (en) | Managing network computing components utilizing request routing | |
| US9712422B2 (en) | Selection of service nodes for provision of services | |
| WO2019165468A4 (en) | Apparatus and methods for packetized content routing and delivery | |
| US11943297B2 (en) | Distributed network security system providing isolation of customer data | |
| CN107613037B (en) | Domain name redirection method and system | |
| US20090106453A1 (en) | Domain name system using dynamic dns and global address management method for dynamic dns server | |
| CN111324843A (en) | Front-end request processing method, device, equipment and readable storage medium | |
| CN104243627A (en) | Domain name resolution method, device and system | |
| CN102047243A (en) | Request routing based on class | |
| US20210092089A1 (en) | Intelligent redirector based on resolver transparency | |
| JP2016007054A (en) | Method for accessing content in network and system adapted to the same | |
| CN109729187B (en) | Proxy communication method, system, device and storage medium | |
| CN111711556B (en) | Routing method, device, system, equipment and storage medium of virtual private network | |
| US10079800B2 (en) | Client subnet efficiency by equivalence class aggregation | |
| WO2017177437A1 (en) | Domain name resolution method, device, and system | |
| CN109067936A (en) | A kind of method and device of domain name mapping | |
| CN110392069B (en) | CDN service scheduling processing method and CDN server | |
| JP2018533872A (en) | Resource acquisition method and apparatus | |
| US11297131B2 (en) | Method and apparatus for multi-vendor GTM fabric | |
| KR102131083B1 (en) | System and method for cloud based hosting service | |
| CN104079682A (en) | Address translation method and device based on domain name system (DNS) |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20221125 |
|
| RJ01 | Rejection of invention patent application after publication |