CN117478763B - ICMP agent UDP data transmission method, system and device - Google Patents
ICMP agent UDP data transmission method, system and device Download PDFInfo
- Publication number
- CN117478763B CN117478763B CN202311827780.2A CN202311827780A CN117478763B CN 117478763 B CN117478763 B CN 117478763B CN 202311827780 A CN202311827780 A CN 202311827780A CN 117478763 B CN117478763 B CN 117478763B
- Authority
- CN
- China
- Prior art keywords
- udp
- icmp
- message
- router
- udp message
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 230000005540 biological transmission Effects 0.000 title claims abstract description 42
- 238000000034 method Methods 0.000 title claims abstract description 27
- 238000005538 encapsulation Methods 0.000 claims abstract description 84
- 230000006854 communication Effects 0.000 claims abstract description 8
- 238000012986 modification Methods 0.000 claims description 16
- 230000004048 modification Effects 0.000 claims description 16
- 238000004806 packaging method and process Methods 0.000 claims description 8
- 230000007175 bidirectional communication Effects 0.000 claims description 3
- 230000000694 effects Effects 0.000 abstract description 12
- 238000004891 communication Methods 0.000 abstract description 5
- 230000001276 controlling effect Effects 0.000 description 12
- 238000010586 diagram Methods 0.000 description 4
- 238000012545 processing Methods 0.000 description 3
- 230000007547 defect Effects 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 241001391944 Commicarpus scandens Species 0.000 description 1
- 206010017577 Gait disturbance Diseases 0.000 description 1
- 241000208125 Nicotiana Species 0.000 description 1
- 235000002637 Nicotiana tabacum Nutrition 0.000 description 1
- 230000000903 blocking effect Effects 0.000 description 1
- 238000007796 conventional method Methods 0.000 description 1
- 230000002401 inhibitory effect Effects 0.000 description 1
- 238000013508 migration Methods 0.000 description 1
- 230000005012 migration Effects 0.000 description 1
- 230000008569 process Effects 0.000 description 1
- 230000001105 regulatory effect Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
- 230000009466 transformation Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L69/00—Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
- H04L69/16—Implementation or adaptation of Internet protocol [IP], of transmission control protocol [TCP] or of user datagram protocol [UDP]
- H04L69/161—Implementation details of TCP/IP or UDP/IP stack architecture; Specification of modified or new header fields
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
- H04L45/302—Route determination based on requested QoS
- H04L45/306—Route determination based on the nature of the carried application
- H04L45/3065—Route determination based on the nature of the carried application for real time traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L69/00—Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
- H04L69/22—Parsing or analysis of headers
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention relates to the technical field of network communication and discloses a data transmission method, a system and a device of an ICMP agent UDP. The method comprises the steps of sending an original UDP message from a data sending end to a first router through an Ethernet network; the first router is controlled to carry out ICMP encapsulation on the original UDP message to form a first UDP message with an ICMP header; transmitting the first UDP message to a second router through an Ethernet network; controlling a second router to decapsulate the first UDP message to obtain a second UDP message; and sending the second UDP message to the data receiving end through the local network card to finish data transmission. According to the invention, the firewall marks the UDP flow as the ICMP flow by simulating the ICMP header, so that QOS speed limit and interference of the firewall on the UDP flow are avoided, the speed and stability of UDP connection are effectively ensured and improved, and the user experience effect of the audio/video service is ensured.
Description
Technical Field
The present invention relates to the field of network communications technologies, and in particular, to a method, a system, and an apparatus for transmitting data by using an ICMP proxy UDP.
Background
In the digital transformation process of the tobacco industry, more and more services are being viewed by using audio and video communication and real-time video of a camera, and for the service transmission with low time delay requirements, the user datagram protocol (user datagram protocol, UDP) is basically utilized for transmission. Since the firewall of the tobacco center machine room is built by the previous project, cannot be replaced without reaching the service life, the supporting condition of using the UDP traffic for the emerging service is not ideal, the traffic of the UDP data faces the risk of limiting or intercepting the service quality (quality of service, qoS) of the old firewall in the network, and particularly, the limitation is represented by controlling the speed of the UDP traffic by configuring a bandwidth limiting rule on the network equipment, implementing a traffic regulating strategy, reducing or inhibiting the UDP traffic when the congestion is detected and managing the network traffic by using QoS technology, so that the priority of a key application program is ensured, which means that certain UDP traffic may be given higher priority and other traffic may be limited. Especially when the transmission bandwidth is low in the case of a peak network traffic, the traffic is easy to break or the traffic is suddenly dropped, so that the communication fails, and the user experience based on the UDP communication is affected.
Based on the above situation, the effect of using UDP as a four-layer transport protocol by a service system is often not guaranteed, and the following problems occur: 1, the UDP transmission effect is unstable, and the speed is stumbling; 2. the UDP is disconnected and cannot be connected after a period of time; 3. the normal connection can be restored after the disconnection lasts for a few minutes. At present, openVPN is generally adopted to load UDP on VPN or TCP proxy, so as to realize the effect of UDP traffic load on TCP protocol, but since OpenVPN and TCP proxy are network data forwarding realized based on traditional TCP service, requirements of TCP protocol transmission, such as reliability, congestion control, ordered data transmission and the like, must be followed, and defects of TCP are also caused: the method has the defects of ordered transmission, queue head blocking, slow connection release, network migration, reconnection requirement and the like.
Disclosure of Invention
The invention provides a data transmission method, a system and a device for an ICMP proxy UDP, which can avoid QOS speed limit and interference of a firewall to UDP flow, effectively ensure and improve UDP connection speed and stability and ensure user experience effect of audio and video service.
In order to solve the technical problem, the present invention provides a data transmission method of an ICMP proxy UDP, including:
transmitting an original UDP message from a data transmitting end to a first router through an Ethernet network;
the first router is controlled to carry out ICMP encapsulation on the original UDP message to form a first UDP message with an ICMP header;
the first UDP message is sent to a second router through an Ethernet network; a firewall is arranged between the first router and the second router;
controlling the second router to decapsulate the first UDP message to obtain a second UDP message;
and sending the second UDP message to a data receiving end through a local network card.
Further, the sending, by the ethernet network, the original UDP packet from the data sending end to the first router is specifically:
determining a source address of an original UDP message as a data transmitting end;
and determining the destination address of the original UDP message as a first router.
Further, the controlling the first router performs ICMP encapsulation on the original UDP packet to form a first UDP packet with an ICMP header, which specifically includes:
modifying the source address of the original UDP message from the data transmitting end to a first router;
modifying the destination address of the original UDP message from the first router to the second router;
and adding ICMP header encapsulation to the original UDP message to form a first UDP message with the ICMP header.
Further, the adding ICMP header encapsulation to the original UDP packet forms a first UDP packet with an ICMP header, which specifically includes:
setting the type of ICMP according to the message type of the original UDP message; the message type of the original UDP message comprises a request and a reply;
acquiring a UDP Header and UDP Data from the original UDP message, and determining the UDP Header and the UDP Data as ICMP Data;
generating ICMP head encapsulation according to the type of the ICMP and the ICMP Data;
and adding the ICMP header encapsulation to the original UDP message to form a first UDP message with the ICMP header.
Further, the setting of the ICMP type according to the message type of the original UDP message specifically includes:
when the message type of the original UDP message is a request, setting the type of ICMP as 8;
when the message type of the original UDP message is a reply, setting the type of the ICMP as 0.
Further, the controlling the second router decapsulates the first UDP packet to obtain a second UDP packet, specifically:
modifying the source address of the first UDP message from the first router to the second router;
modifying the destination address of the first UDP message from the second router to the data receiving end;
and determining the first UDP message with the modified source address and the modified destination address as a second UDP message.
The invention provides a data transmission method of ICMP agent UDP, which sends an original UDP message to a first router from a data sending end through an Ethernet network; the first router is controlled to carry out ICMP encapsulation on the original UDP message to form a first UDP message with an ICMP header; transmitting the first UDP message to a second router through an Ethernet network; controlling a second router to decapsulate the first UDP message to obtain a second UDP message; and sending the second UDP message to the data receiving end through the local network card to finish data transmission. According to the invention, the firewall marks the UDP flow as the ICMP flow by simulating the ICMP header, so that QOS speed limit and interference of the firewall on the UDP flow are avoided, the speed and stability of UDP connection are effectively ensured and improved, and the user experience effect of the audio/video service is ensured.
The invention provides a data transmission system of ICMP agent UDP, comprising: the system comprises a service client, an encapsulation router, a firewall, a decapsulation router and a service server;
the service client side and the service server side adopt UDP transmission protocol to carry out service bidirectional communication;
the communication process between the business client and the business server passes through a packaging router, a firewall and a deblocking router;
when the service client side sends a UDP message to the service server side, the encapsulation router is used for ICMP encapsulation of the UDP message, and the decapsulation router is used for decapsulating the UDP message;
when the service server side sends the UDP message to the service client side, the decapsulation router is used for performing ICMP encapsulation on the UDP message, and the encapsulation router is used for decapsulating the UDP message.
The invention provides a data transmission system of an ICMP proxy UDP, which is based on the organic combination among modules, and the firewall marks the UDP flow as the ICMP flow by simulating the ICMP header, so that QOS speed limit and interference of the firewall on the UDP flow are avoided, the UDP connection speed and stability are effectively ensured and improved, and the user experience effect of audio and video service is ensured.
The invention provides a data transmission device of ICMP agent UDP, comprising: the system comprises a first sending module, a packaging module, a second sending module, a deblocking module and a third sending module;
the first sending module is used for sending the original UDP message from the data sending end to the first router through the Ethernet network;
the encapsulation module is used for controlling the first router to carry out ICMP encapsulation on the original UDP message to form a first UDP message with an ICMP header;
the second sending module is used for sending the first UDP message to a second router through an Ethernet network; a firewall is arranged between the first router and the second router;
the decapsulation module is used for controlling the second router to decapsulate the first UDP message to obtain a second UDP message;
the third sending module is configured to send the second UDP packet to a data receiving end through a local network card.
Further, the package module includes: a first source address modification unit, a first destination address modification unit, and an addition unit;
the first source address modification unit is used for modifying the source address of the original UDP message from the data transmitting end to a first router;
the first destination address modification unit is used for modifying the destination address of the original UDP message from the first router to the second router;
the adding unit is used for adding ICMP header encapsulation to the original UDP message to form a first UDP message with the ICMP header.
Further, the adding unit includes: setting a subunit, a determining subunit, a generating subunit and a message forming subunit;
the setting subunit is used for setting the type of the ICMP according to the message type of the original UDP message; the message type of the original UDP message comprises a request and a reply;
the determining subunit is configured to obtain a UDP Header and UDP Data from the original UDP packet, and determine the UDP Header and UDP Data as ICMP Data;
the generating subunit is used for generating ICMP head encapsulation according to the type of the ICMP and the ICMP Data;
the message forming subunit is configured to add the ICMP header encapsulation to the original UDP message to form a first UDP message with an ICMP header.
The invention provides a data transmission device of ICMP agent UDP, based on the organic combination between modules, the original UDP message is sent from a data sending end to a first router through an Ethernet network; the first router is controlled to carry out ICMP encapsulation on the original UDP message to form a first UDP message with an ICMP header; transmitting the first UDP message to a second router through an Ethernet network; controlling a second router to decapsulate the first UDP message to obtain a second UDP message; and sending the second UDP message to the data receiving end through the local network card to finish data transmission. According to the invention, the firewall marks the UDP flow as the ICMP flow by simulating the ICMP header, so that QOS speed limit and interference of the firewall on the UDP flow are avoided, the speed and stability of UDP connection are effectively ensured and improved, and the user experience effect of the audio/video service is ensured.
Drawings
Fig. 1 is a schematic flow chart of an embodiment of a data transmission method of an ICMP proxy UDP provided by the present invention;
fig. 2 is a schematic structural diagram of an embodiment of a data transmission system of an ICMP proxy UDP according to the present invention;
FIG. 3 is a flow chart illustrating an embodiment of a UDP request and reply method according to the present invention;
FIG. 4 is a flowchart illustrating another embodiment of a UDP request and reply method according to the present invention;
fig. 5 is a schematic structural diagram of an embodiment of a data transmission device of an ICMP proxy UDP according to the present invention.
Detailed Description
The following description of the embodiments of the present invention will be made clearly and completely with reference to the accompanying drawings, in which it is apparent that the embodiments described are only some embodiments of the present invention, but not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
ICMP (Internet Control Message Protocol) Internet control message protocol. It is a sub-protocol of the TCP/IP protocol suite for passing control messages between IP hosts, routers. The control message refers to a message of the network itself such as a network is not connected, whether a host is reachable, whether a route is available, and the like. These control messages, although not transmitting user data, play an important role in the transfer of user data. Because the ICMP message can carry data, and the ICMP message is processed by the system kernel, the ICMP message does not occupy any port, and the traditional router does not limit the flow of the ICMP.
The invention makes the firewall mark UDP flow as ICMP flow by simulating ICMP header, adopts a method based on three layers of ICMP protocols of Ethernet, compared with TCP protocol message, ICMP message is processed by the system kernel, does not occupy any port, and has very fast kernel processing speed; the ICMP protocol message is simpler than the TCP protocol message, and is more friendly to developers in use; ICMP does not require three-way and four-way handshaking procedures like the TCP protocol, and the flow is simpler.
Example 1
Referring to fig. 1, a flow chart of an embodiment of a data transmission method of an ICMP proxy UDP provided by the present invention is shown, where the method includes steps 101 to 105, and the steps are specifically as follows:
step 101: the original UDP message is sent to the first router from the data sending end through the Ethernet network.
Further, in the first embodiment of the present invention, an original UDP packet is sent from a data sending end to a first router through an ethernet network, which specifically is:
determining a source address of an original UDP message as a data transmitting end;
and determining the destination address of the original UDP message as a first router.
In the first embodiment of the invention, unlike the conventional method of directly transmitting the UDP message from the data transmitting end to the data receiving end, the method of the invention transmits the UDP message from the data transmitting end to the first router to disguise the UDP message by adding ICMP encapsulation behavior, thereby avoiding the limitation of the firewall on UDP flow. Therefore, when the original UDP packet is transmitted, the source address needs to be set as the IP address of the data transmitting end, and the destination address needs to be set as the IP address of the first router.
The following table is a format of a UDP message, and the source address and destination address of the UDP message are stored in the ip header.
Step 102: and controlling the first router to carry out ICMP encapsulation on the original UDP message to form a first UDP message with an ICMP header.
Further, in the first embodiment of the present invention, the first router is controlled to perform ICMP encapsulation on the original UDP packet to form a first UDP packet with an ICMP header, which specifically is:
modifying the source address of the original UDP message from the data transmitting end to a first router;
modifying the destination address of the original UDP message from the first router to the second router;
and adding ICMP header encapsulation to the original UDP message to form a first UDP message with the ICMP header.
Further, in the first embodiment of the present invention, an ICMP header encapsulation is added to the original UDP packet to form a first UDP packet with an ICMP header, which specifically is:
setting the type of ICMP according to the message type of the original UDP message; the message type of the original UDP message comprises a request and a reply;
acquiring a UDP Header and UDP Data from the original UDP message, and determining the UDP Header and the UDP Data as ICMP Data;
generating ICMP head encapsulation according to the type of the ICMP and the ICMP Data;
and adding the ICMP header encapsulation to the original UDP message to form a first UDP message with the ICMP header.
Further, in the first embodiment of the present invention, according to the message type of the original UDP message, the type of the ICMP is set, specifically:
when the message type of the original UDP message is a request, setting the type of ICMP as 8;
when the message type of the original UDP message is a reply, setting the type of the ICMP as 0.
In the first embodiment of the invention, when the original UDP message is transmitted to the first router, the first router is utilized to carry out ICMP encapsulation on the original UDP message, disguise UDP traffic, and avoid the limitation of the firewall of the central machine room on UDP traffic. The ICMP encapsulation operation of the original UDP message comprises respectively modifying the source address and the destination address of the IP Header of the original UDP message to form the IP Header of the first UDP message; setting the type of ICMP according to the message type of the original UDP message, and combining the UDP Header and UDP Data of the original UDP message to form an ICMP Header package of the first UDP message; and adding the ICMP header encapsulation to the original UDP message to generate a first UDP message.
The following table is the format of a first UDP packet, where the source address and the destination address of the first UDP packet are stored in the IP Header, and the ICMP Data of the first UDP packet includes the UDP Header and the UDP Data of the original UDP packet.
Step 103: the first UDP message is sent to a second router through an Ethernet network; and a firewall is arranged between the first router and the second router.
In the first embodiment of the invention, after the original UDP message finishes ICMP encapsulation through the first router, the original UDP message is transmitted in the network with the firewall in the form of the first UDP message, so that the effect that the UDP protocol is not limited by the firewall of the central machine room can be achieved.
Step 104: and controlling the second router to decapsulate the first UDP message to obtain a second UDP message.
Further, in the first embodiment of the present invention, the second router is controlled to decapsulate the first UDP packet to obtain a second UDP packet, which is specifically:
modifying the source address of the first UDP message from the first router to the second router;
modifying the destination address of the first UDP message from the second router to the data receiving end;
and determining the first UDP message with the modified source address and the modified destination address as a second UDP message.
In the first embodiment of the invention, when the first UDP message is transmitted to the second router through the firewall, the second router is utilized to decapsulate the first UDP message and restore the original UDP message. The first UDP message is unpacked by modifying the source address and the destination address of the IP Header of the first UDP message to form the IP Header of the second UDP message; the source port of the first UDP message is modified to be a UDP source port used by the second router for sending, and the destination port is a destination port monitored by the data receiving end, so that the first UDP message is restored to be the second UDP message.
Step 105: and sending the second UDP message to a data receiving end through a local network card.
In the first embodiment of the invention, after the first UDP message is decapsulated by the second router, a second UDP message identical to the original UDP message can be formed, and the second UDP message is transmitted to the data receiving end, so that the safety and the integrity of the transmitted data can be ensured.
In summary, the first embodiment of the present invention provides a data transmission method of an ICMP proxy UDP, where an original UDP packet is sent from a data sending end to a first router through an ethernet network; the first router is controlled to carry out ICMP encapsulation on the original UDP message to form a first UDP message with an ICMP header; transmitting the first UDP message to a second router through an Ethernet network; controlling a second router to decapsulate the first UDP message to obtain a second UDP message; and sending the second UDP message to the data receiving end through the local network card to finish data transmission. According to the invention, the firewall marks the UDP flow as the ICMP flow by simulating the ICMP header, so that QOS speed limit and interference of the firewall on the UDP flow are avoided, the speed and stability of UDP connection are effectively ensured and improved, and the user experience effect of the audio/video service is ensured.
Example 2
Referring to fig. 2, a schematic structural diagram of an embodiment of an ICMP proxy UDP data transmission system provided by the present invention includes a service client, an encapsulation router, a firewall, a decapsulation router, and a service server;
the service client side and the service server side adopt UDP transmission protocol to carry out service bidirectional communication;
the communication process between the business client and the business server passes through a packaging router, a firewall and a deblocking router;
when the service client side sends a UDP message to the service server side, the encapsulation router is used for ICMP encapsulation of the UDP message, and the decapsulation router is used for decapsulating the UDP message;
when the service server side sends the UDP message to the service client side, the decapsulation router is used for performing ICMP encapsulation on the UDP message, and the encapsulation router is used for decapsulating the UDP message.
As an example of the second embodiment of the present invention, referring to fig. 3, a flowchart of an embodiment of the UDP request and reply method provided by the present invention is shown. When the service server actively initiates UDP request and reply to the service client, the specific flow is as follows: the service client sends UDP service message to the encapsulation router; the encapsulation router encapsulates the UDP message with the ICMP Header according to the configuration or starting parameters, and adds a corresponding ICMP Header, and the type of the UDP service message is a request at the moment, so that the type of the ICMP is set as 8, and an ICMP encapsulation message is generated; sending the ICMP encapsulation message to an decapsulation router through an Ethernet network; the deblocking router performs deblocking on the ICMP encapsulation message with the ICMP header to obtain an original UDP message, and routes and forwards the original UDP message through a local network card according to configuration or starting parameters, and sends the original UDP message to a service server; after receiving the UDP service message, the service server performs service processing on the application layer, performs UDP reply, and sends a reply UDP service message to the decapsulation router; the method comprises the steps that an deblocking router is utilized to carry out ICMP Header encapsulation on a reply UDP service message according to configuration or starting parameters, a corresponding ICMP Header is added, and the type of the UDP service message at the moment is reply, so that the type of the ICMP is set to be 0, and a reply message after ICMP encapsulation is generated; the reply UDP service message after ICMP encapsulation is sent to an encapsulation router through an Ethernet network; the encapsulation router decapsulates the reply UDP service message with the ICMP header to obtain an original reply UDP service message, and routes and forwards the reply UDP service message to the service client through the local network card according to configuration or starting parameters to complete UDP reply. It should be noted that, because the ICMP Header encapsulation needs to occupy the size of the protocol frame and the extension parameter of the Header of the ICMP, the MTU of the original traffic needs to be adjusted so as not to exceed the maximum limit value of the ethernet, so as to ensure that the large packet traffic of the original traffic can smoothly complete the ICMP Header encapsulation.
As an example of the second embodiment of the present invention, referring to fig. 4, a flow chart of another embodiment of a UDP request and reply method provided by the present invention is shown, where when a service client actively initiates a UDP request and reply to a service server, the specific flow is as follows: the service server sends UDP service message to the unpacking router; the deblocking router performs ICMP Header encapsulation on the UDP message according to the configuration or starting parameters, and adds a corresponding ICMP Header, and the type of the UDP service message at the moment is a request, so that the type of the ICMP is set as 8, and an ICMP encapsulation message is generated; sending the ICMP encapsulation message to an encapsulation router through an Ethernet network; the encapsulation router decapsulates the ICMP encapsulation message with the ICMP header to obtain an original UDP message, and routes the original UDP message through a local network card according to configuration or starting parameters to send the original UDP message to the service client; after receiving the UDP service message, the service client performs service processing on the application layer, performs UDP reply, and sends a reply UDP service message to the encapsulation router; the encapsulation router is utilized to carry out ICMP Header encapsulation on the reply UDP service message according to configuration or starting parameters, and corresponding ICMP Header is added, wherein the type of the UDP service message is reply at the moment, so that the type of the ICMP is set to be 0, and a reply message after ICMP encapsulation is generated; the reply UDP service message after ICMP encapsulation is sent to the decapsulation router through the Ethernet network; the decapsulation router decapsulates the reply UDP service message with the ICMP header to obtain an original reply UDP service message, and routes and forwards the reply UDP service message to the service server through the local network card according to configuration or starting parameters to complete UDP reply. It should be noted that, because the ICMP Header encapsulation needs to occupy the size of the protocol frame and the extension parameter of the Header of the ICMP, the MTU of the original traffic needs to be adjusted so as not to exceed the maximum limit value of the ethernet, so as to ensure that the large packet traffic of the original traffic can smoothly complete the ICMP Header encapsulation.
In summary, the second embodiment of the present invention provides an ICMP proxy UDP data transmission system, based on the organic combination between modules, by simulating an ICMP header, the firewall marks the UDP traffic as ICMP traffic, thereby avoiding QOS speed limitation and interference of the firewall on the UDP traffic, effectively ensuring and improving the speed and stability of UDP connection, and ensuring the user experience effect of the audio and video service.
Example 3
Referring to fig. 5, a schematic structural diagram of an embodiment of an ICMP proxy UDP data transmission apparatus according to the present invention is provided, where the apparatus includes a first sending module 201, an encapsulation module 202, a second sending module 203, an decapsulation module 204, and a third sending module 205;
the first sending module 201 is configured to send an original UDP packet from a data sending end to a first router through an ethernet network;
the encapsulation module 202 is configured to control the first router to perform ICMP encapsulation on the original UDP packet, so as to form a first UDP packet with an ICMP header;
the second sending module 203 is configured to send the first UDP packet to a second router through an ethernet network; a firewall is arranged between the first router and the second router;
the decapsulation module 204 is configured to control the second router to decapsulate the first UDP packet to obtain a second UDP packet;
the third sending module 205 is configured to send the second UDP packet to a data receiving end through a local network card.
Further, in the third embodiment of the present invention, the first transmitting module 201 includes: a source address determination unit and a destination address determination unit;
the source address determining unit is used for determining the source address of the original UDP message as a data transmitting end;
the destination address determining unit is used for determining the destination address of the original UDP message as the first router.
Further, in the third embodiment of the present invention, the package module 202 includes: a first source address modification unit, a first destination address modification unit, and an addition unit;
the first source address modification unit is used for modifying the source address of the original UDP message from the data transmitting end to the first router;
the first destination address modification unit is used for modifying the destination address of the original UDP message from the first router to the second router;
the adding unit is used for adding ICMP header encapsulation to the original UDP message to form a first UDP message with the ICMP header.
Further, in a third embodiment of the present invention, an adding unit includes: setting a subunit, a determining subunit, a generating subunit and a message forming subunit;
the setting subunit is used for setting the type of the ICMP according to the message type of the original UDP message; the message type of the original UDP message comprises a request and a reply;
the determining subunit is configured to obtain a UDP Header and UDP Data from the original UDP packet, and determine the UDP Header and UDP Data as ICMP Data;
the generating subunit is used for generating ICMP head encapsulation according to the type of the ICMP and the ICMP Data;
the message forming subunit is configured to add the ICMP header encapsulation to the original UDP message to form a first UDP message with an ICMP header.
Further, in the third embodiment of the present invention, according to the message type of the original UDP message, the type of the ICMP is set, specifically:
when the message type of the original UDP message is a request, setting the type of ICMP as 8;
when the message type of the original UDP message is a reply, setting the type of the ICMP as 0.
Further, in the third embodiment of the present invention, the decapsulation module 204 includes: the second source address modification unit, the second destination address modification unit and the message determination unit;
the second source address modification unit is used for modifying the source address of the first UDP message from the first router to the second router;
the second destination address modification unit is used for modifying the destination address of the first UDP message from the second router to the data receiving end;
the message determining unit is used for determining the first UDP message modified by the source address and the destination address as a second UDP message.
In summary, the third embodiment of the present invention provides a data transmission device of an ICMP proxy UDP, based on the organic combination between modules, sending an original UDP packet from a data sending end to a first router through an ethernet network; the first router is controlled to carry out ICMP encapsulation on the original UDP message to form a first UDP message with an ICMP header; transmitting the first UDP message to a second router through an Ethernet network; controlling a second router to decapsulate the first UDP message to obtain a second UDP message; and sending the second UDP message to the data receiving end through the local network card to finish data transmission. According to the invention, the firewall marks the UDP flow as the ICMP flow by simulating the ICMP header, so that QOS speed limit and interference of the firewall on the UDP flow are avoided, the speed and stability of UDP connection are effectively ensured and improved, and the user experience effect of the audio/video service is ensured.
The foregoing embodiments have been provided for the purpose of illustrating the general principles of the present invention, and are not to be construed as limiting the scope of the invention. It should be noted that any modifications, equivalent substitutions, improvements, etc. made by those skilled in the art without departing from the spirit and principles of the present invention are intended to be included in the scope of the present invention.
Claims (8)
1. A data transmission method of an ICMP proxy UDP, comprising:
transmitting an original UDP message from a data transmitting end to a first router through an Ethernet network;
the first router is controlled to carry out ICMP encapsulation on the original UDP message to form a first UDP message with an ICMP header;
the first UDP message is sent to a second router through an Ethernet network; a firewall is arranged between the first router and the second router;
controlling the second router to decapsulate the first UDP message to obtain a second UDP message;
the second UDP message is sent to a data receiving end through a local network card;
the first router is controlled to carry out ICMP encapsulation on the original UDP message to form a first UDP message with an ICMP header, specifically:
setting the type of ICMP according to the message type of the original UDP message; the message type of the original UDP message comprises a request and a reply;
acquiring a UDP Header and UDP Data from the original UDP message, and determining the UDP Header and the UDP Data as ICMP Data;
generating ICMP head encapsulation according to the type of the ICMP and the ICMP Data;
and adding the ICMP header encapsulation to the original UDP message to form a first UDP message with the ICMP header.
2. The ICMP proxy UDP data transmission method of claim 1, wherein the sending the original UDP message from the data sending end to the first router through the ethernet network comprises:
determining a source address of an original UDP message as a data transmitting end;
and determining the destination address of the original UDP message as a first router.
3. The ICMP proxy UDP data transmission method of claim 2, wherein said controlling the first router to perform ICMP encapsulation on the original UDP message to form a first UDP message with an ICMP header further comprises:
modifying the source address of the original UDP message from the data transmitting end to a first router;
and modifying the destination address of the original UDP message from the first router to the second router.
4. The ICMP proxy UDP data transmission method of claim 3, wherein the setting the ICMP type according to the message type of the original UDP message specifically includes:
when the message type of the original UDP message is a request, setting the type of ICMP as 8;
when the message type of the original UDP message is a reply, setting the type of the ICMP as 0.
5. The ICMP proxy UDP data transmission method of claim 4, wherein said controlling said second router decapsulates said first UDP message to obtain a second UDP message, specifically:
modifying the source address of the first UDP message from the first router to the second router;
modifying the destination address of the first UDP message from the second router to the data receiving end;
and determining the first UDP message with the modified source address and the modified destination address as a second UDP message.
6. A data transmission system of an ICMP proxy UDP comprising: the system comprises a service client, an encapsulation router, a firewall, a decapsulation router and a service server;
the service client side and the service server side adopt UDP transmission protocol to carry out service bidirectional communication;
the communication process between the business client and the business server passes through a packaging router, a firewall and a deblocking router;
when the service client side sends a UDP message to the service server side, the encapsulation router is used for ICMP encapsulation of the UDP message, and the decapsulation router is used for decapsulating the UDP message;
when the service server side sends a UDP message to the service client side, the unpacking router is used for ICMP packaging the UDP message, and the packaging router is used for unpacking the UDP message;
the ICMP encapsulation is carried out on the UDP message, specifically:
setting the type of ICMP according to the message type of the UDP message; the message type of the UDP message comprises a request and a reply;
acquiring UDP Header and UDP Data in the UDP message, and determining the UDP Header and UDP Data as ICMP Data;
generating ICMP head encapsulation according to the type of the ICMP and the ICMP Data;
and adding the ICMP header encapsulation to the UDP message to form a UDP message with the ICMP header.
7. A data transmission device of an ICMP proxy UDP, comprising: the system comprises a first sending module, a packaging module, a second sending module, a deblocking module and a third sending module;
the first sending module is used for sending the original UDP message from the data sending end to the first router through the Ethernet network;
the encapsulation module is used for controlling the first router to carry out ICMP encapsulation on the original UDP message to form a first UDP message with an ICMP header;
the second sending module is used for sending the first UDP message to a second router through an Ethernet network; a firewall is arranged between the first router and the second router;
the decapsulation module is used for controlling the second router to decapsulate the first UDP message to obtain a second UDP message;
the third sending module is used for sending the second UDP message to a data receiving end through a local network card;
the packaging module comprises an adding unit, wherein the adding unit comprises a setting subunit, a determining subunit, a generating subunit and a message forming subunit;
the setting subunit is used for setting the type of the ICMP according to the message type of the original UDP message; the message type of the original UDP message comprises a request and a reply;
the determining subunit is configured to obtain a UDP Header and UDP Data from the original UDP packet, and determine the UDP Header and UDP Data as ICMP Data;
the generating subunit is used for generating ICMP head encapsulation according to the type of the ICMP and the ICMP Data;
the message forming subunit is configured to add the ICMP header encapsulation to the original UDP message to form a first UDP message with an ICMP header.
8. The ICMP proxy UDP data transmission apparatus of claim 7, wherein the encapsulation module further comprises: a first source address modification unit and a first destination address modification unit;
the first source address modification unit is used for modifying the source address of the original UDP message from the data transmitting end to a first router;
the first destination address modifying unit is configured to modify a destination address of an original UDP packet from a first router to a second router.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311827780.2A CN117478763B (en) | 2023-12-28 | 2023-12-28 | ICMP agent UDP data transmission method, system and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311827780.2A CN117478763B (en) | 2023-12-28 | 2023-12-28 | ICMP agent UDP data transmission method, system and device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN117478763A CN117478763A (en) | 2024-01-30 |
| CN117478763B true CN117478763B (en) | 2024-04-05 |
Family
ID=89638301
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202311827780.2A Active CN117478763B (en) | 2023-12-28 | 2023-12-28 | ICMP agent UDP data transmission method, system and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN117478763B (en) |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113746715A (en) * | 2021-07-16 | 2021-12-03 | 北京华三通信技术有限公司 | Communication method and device |
| CN114268669A (en) * | 2022-03-01 | 2022-04-01 | 阿里云计算有限公司 | Access processing method and system |
Family Cites Families (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| IL141855A0 (en) * | 2001-03-07 | 2002-03-10 | Onetiercommunications Inc | A method and apparatus for providing an improved quality of service for data transfer over the internet |
| US7978716B2 (en) * | 2003-11-24 | 2011-07-12 | Citrix Systems, Inc. | Systems and methods for providing a VPN solution |
-
2023
- 2023-12-28 CN CN202311827780.2A patent/CN117478763B/en active Active
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113746715A (en) * | 2021-07-16 | 2021-12-03 | 北京华三通信技术有限公司 | Communication method and device |
| CN114268669A (en) * | 2022-03-01 | 2022-04-01 | 阿里云计算有限公司 | Access processing method and system |
Non-Patent Citations (2)
| Title |
|---|
| ICMP隐蔽通信之隧道;CN-SEC中文网;http://cn-sec.com/archives/426606.html;20211116;正文第1-8页 * |
| 用ICMP封装用户数据进行通信的方法及其实现;林洋, 李腊元;计算机工程与应用;20021201(23);全文 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN117478763A (en) | 2024-01-30 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11522790B2 (en) | Multipath data transmission processing method and network device | |
| EP3379806B1 (en) | Packet processing method, related apparatus and nvo3 network system | |
| US10085253B2 (en) | Methods and apparatus for controlling wireless access points | |
| US9231820B2 (en) | Methods and apparatus for controlling wireless access points | |
| US12040968B2 (en) | Flow modification including shared context | |
| US8250643B2 (en) | Communication device, communication system, communication method, and program | |
| WO2019134383A1 (en) | Method for controlling network congestion, access device, and computer readable storage medium | |
| WO2015143802A1 (en) | Service function chaining processing method and device | |
| US11502962B2 (en) | Method, apparatus, and system for implementing data transmission | |
| FI122516B (en) | A method and system for transferring a communication session between data sources | |
| US20150373135A1 (en) | Wide area network optimization | |
| WO2022021818A1 (en) | Method and device for processing data message, storage medium, and electronic device | |
| WO2024001701A1 (en) | Data processing method, apparatus and system | |
| CN117478763B (en) | ICMP agent UDP data transmission method, system and device | |
| EP1901497A1 (en) | Apparatus for low latency communications through an alternate path | |
| US20210084125A1 (en) | Managing layer two network extension communications using maximum segment size (mms) modifications | |
| JP2011114391A (en) | Packet processing apparatus, and network system | |
| WO2019196853A1 (en) | Tcp acceleration method and apparatus | |
| JP7293728B2 (en) | Packet encapsulation method and packet encapsulation device | |
| JP2007110654A (en) | Bridge device and control method thereof | |
| CN117640024A (en) | Message transmission method, device and system | |
| JP5752644B2 (en) | COMMUNICATION TERMINAL DEVICE, DATA SIZE DETERMINING METHOD, AND DATA SIZE DETERMINING PROGRAM | |
| WO2018103108A1 (en) | Routing method and device for data message | |
| JP2006217199A (en) | Routing table altering method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |