WO2012171427A1 - Processing method and centralized processing system for client/server application - Google Patents

Processing method and centralized processing system for client/server application Download PDF

Info

Publication number
WO2012171427A1
WO2012171427A1 PCT/CN2012/075678 CN2012075678W WO2012171427A1 WO 2012171427 A1 WO2012171427 A1 WO 2012171427A1 CN 2012075678 W CN2012075678 W CN 2012075678W WO 2012171427 A1 WO2012171427 A1 WO 2012171427A1
Authority
WO
WIPO (PCT)
Prior art keywords
processing
application
network
different
centralized
Prior art date
Application number
PCT/CN2012/075678
Other languages
French (fr)
Chinese (zh)
Inventor
顾忠禹
Original Assignee
中兴通讯股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中兴通讯股份有限公司 filed Critical 中兴通讯股份有限公司
Publication of WO2012171427A1 publication Critical patent/WO2012171427A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network

Definitions

  • the present invention relates to the field of communications, and in particular to a processing method and a centralized processing system for a client/server application.
  • a DHCP Dynamic Host Configuration Protocol
  • DNS Domain Name System
  • a DHCP Dynamic Host Configuration Protocol
  • DNS Domain Name System
  • FIG. 1 is a schematic diagram of a typical DHCP and DNS server deployed in a network. In each network (the enterprise network in the figure), DHCP and DNS servers are deployed due to ease of use and management.
  • IP address allocation schemes in different networks and the servers in different enterprise networks may adopt different addressing/naming schemes, DHCP and DNS servers have different databases, although their processing functions are the same, that is, This can be achieved by using the same software system.
  • the user's network is realized through the service provision of the operator, that is, the enterprise user no longer needs the enterprise user to purchase, deploy and Manage relevant network facilities and perform related network application function deployments, and directly obtain relevant network and some basic network application functions from service providers.
  • the operator in addition to providing the basic network connection of the user network, it is also necessary to provide separate DHCP and separate for each user network (customer network).
  • DNS function because the IP address planning of each user, and the domain name planning of some internal systems are very different, it is unlikely to be implemented through a system, and there is still a need for network security, which needs to be isolated from the network. .
  • the present invention provides a processing method and a centralized processing system for a client/server application to at least solve the problem of resource waste and management cost in the above client/server application.
  • a processing method of a C/S (Client/Server, Client/Server) application including: a centralized processing system receives C/S application messages from different customer networks; The C/S application message is processed and the result is returned to the corresponding customer network.
  • the centralized processing system includes: a processing subsystem configured to process the C/S application message; and a gateway configured to receive the C/S application message and return the processing result of the C/S application message to the corresponding The customer network, where the gateway connects different customer networks and processing subsystems, and realizes isolation between different customer networks; the management subsystem is set to perform performance monitoring and configuration management of the centralized processing system.
  • the processing subsystem is one of the following: a PC, a PC server, a blade server, a cluster system consisting of a PC/PC server/blade server, and a distributed system consisting of a PC/PC server/blade server.
  • the processing subsystem includes: a C/S centralized processing function module, including multiple C/S application processing instances, and different C/S application processing instances respectively implementing processing of C/S application messages from different customer networks.
  • the client network and the C/S application processing instance are associated with each other through a gateway; wherein, the multiple C/S application processing instances are independent C/S application processing processes or threads.
  • the configuration management of the management subsystem comprises: IP address configuration of the C/S processing instance and initialization of the data.
  • the gateway receives the C/S application message of the different customer network through different external physical interfaces or sub-interfaces, and implements the correspondence to the C/S processing instance through the internal interface; the internal interface is the physical interface of the gateway connection centralized processing system. Or a sub-interface, a physical interface, or a sub-interface is identified and distinguished by one of the following: VLAN Q-in-Q.
  • the gateway has an L3 switching function and/or an ACL function, and the L3 switching function includes: supporting a VLAN function and implementing a routing function between different VLANs.
  • the processing subsystem is a plurality of virtualized virtual machines, each virtual machine is divided into different customer networks, and the C/S application processing program is installed in the virtual machine to C/ of different customer networks.
  • S applies the message for processing.
  • the centralized processing system is located in an external network outside the customer network and has a public IP address; the customer network forwards the C/S application message to the centralized processing system through the relay or the proxy; the C/S application message carries There is network identification information for identifying the customer network; a centralized processing system, which implements processing of C/S applications of different customer networks through C/S application processing instances.
  • the C/S application comprises: a DHCP and/or a DNS application
  • the centralized processing system comprises: a DHCP and/or a DNS server
  • the customer network is an enterprise network or a subnet.
  • a centralized processing system comprising: a transceiver subsystem and a processing subsystem, wherein a transceiver subsystem is configured to receive C/S application messages from different customer networks; , configured to process the C/S application message, and return the processing result to the corresponding customer network through the transceiver subsystem.
  • the transceiver subsystem is a gateway, and the gateway connects different customer networks and processing subsystems, and implements isolation between different customer networks.
  • the centralized processing system further comprises: a management subsystem, configured to perform performance monitoring and configuration management of the centralized processing system.
  • the processing subsystem is one of the following: a PC, a PC server, a blade server, a cluster system consisting of a PC/PC server/blade server, and a distributed system consisting of a PC/PC server/blade server.
  • the processing subsystem includes: a C/S centralized processing function module, including multiple C/S application processing instances, and different C/S application processing instances respectively implementing processing of C/S application messages from different customer networks.
  • the configuration management of the management subsystem comprises: IP address configuration of the C/S processing instance and initialization of the data.
  • the gateway receives the C/S application message of the different customer network through different external physical interfaces or sub-interfaces, and implements the correspondence to the C/S processing instance through the internal interface; the internal interface is the physical interface of the gateway connection centralized processing system. Or a sub-interface, a physical interface, or a sub-interface is identified and distinguished by one of the following:
  • the gateway has an L3 switching function and/or an ACL function, and the L3 switching function includes: supporting a VLAN function and implementing a routing function between different VLANs.
  • the processing subsystem is a plurality of virtualized virtual machines, each virtual machine is divided into different customer networks, and the C/S application processing program is installed in the virtual machine to C/ of different customer networks. S applies the message for processing.
  • the centralized processing system is located in an external network outside the customer network and has a public IP address; the customer network forwards the C/S application message to the centralized processing system through the relay or the proxy; the C/S application message carries There is network identification information for identifying the customer network; a centralized processing system, which implements processing of C/S applications of different customer networks through C/S application processing instances.
  • the centralized processing of C/S applications from various customer networks solves the problem of waste of resources of the C/S application server, thereby achieving the effects of reducing management costs and improving management efficiency.
  • FIG. 1 is a schematic diagram of a DHCP and DNS server deployed in a network according to the related art
  • FIG. 2 is a flowchart of DHCP processing according to the related art
  • FIG. 3 is a C/S application according to a first embodiment of the present invention.
  • FIG. 4A is a network structure diagram of a C/S application according to Embodiment 2 of the present invention
  • FIG. 4B is a flowchart of DHCP processing of a C/S application according to Embodiment 2 of the present invention
  • FIG. 5 is a network structure diagram of a C/S application according to Embodiment 3 of the present invention
  • FIG. 6 is a centralized diagram according to Embodiment 4 of the present invention.
  • FIG. 7 is a schematic structural diagram of a centralized processing system according to Embodiment 5 of the present invention.
  • Step S302 The centralized processing system receives C/S application messages from different customer networks.
  • Step S304 the centralized processing system processes the received C/S application message.
  • Step S306 the centralized processing system returns the processing result to the corresponding customer network.
  • the customer network may be an enterprise network, or a network that needs to perform the C/S application processing, or a subnet (later).
  • the centralized processing system is located on the external network and is specified by using a public IP address.
  • the service agent uniformly sends the message about the C/S application to the centralized processing system.
  • C/S applications such as DNS
  • it can be directly processed through the underlying IP network without special proxy or relay mechanism, ie when there is an IP network connection between the customer network and centralized processing, ie The relevant processing can be implemented.
  • the service relay or the proxy in the enterprise network carries the network identifier information about the enterprise network in the sent C/S application packet.
  • the centralized processing system combines the egress IP address of the enterprise network and related attribute categories, such as DHCP Option 82, or the port number of the protocol, to distinguish different networks to implement different processing.
  • the centralized processing system may be one, or multiple/a group of PCs or PC servers, or a blade server, or a specially designed computer system, which may be a cluster system or a distributed system.
  • the centralized processing system can implement multiple C/S processing instances to implement the processing and management of the C/S applications of the relevant customer networks, while ensuring high availability of the system.
  • FIG. 4A is a network structure diagram of a C/S application according to Embodiment 2 of the present invention. As shown in FIG.
  • the network structure includes an enterprise network 1 and an enterprise network 2, and the enterprise network 1 and the enterprise network 2 are accessible.
  • ISP/INTERNET network a DHCP relay or proxy is set in the enterprise network 1 and the enterprise network 2 respectively (for the DNS application, since the implementation mechanism is different, the proxy setting is not required, and the packet is directly implemented through the underlying IP network mechanism.
  • the DHCP agent is connected to a centralized processing system, which includes a DHCP server and a DNS server.
  • the DHCP server and the DNS server may be one, or multiple PCs or PC servers, or blade servers, or specially designed computer systems, which may form a cluster system or a distributed system. This needs to be determined based on processing power and the size of the database in question.
  • the public IP address is allocated to the processing server in the centralized processing system.
  • the DHCP server receives the DHCP discovery message and performs The processing returns a DHCP providing information, and the PC selects one of the DHCP providing information, and selects one of them to send the DHCP request information, and obtains an IP address from the DHCP server. Since this processing flow is prior art, it will not be described in detail herein. In general, DHCP and DNS do not require much processing power in small and medium-sized networks.
  • Step S402 Configure a DHCP relay or proxy in the enterprise network, by DHCP.
  • Step S404 the DHCP relay or the proxy forwards the DHCP discovery message to the DHCP server of the external network.
  • the DHCP relay agent or the proxy carries the related attribute category in the sent DHCP discovery packet, for example, the DHCP Option 82o.
  • the work to be completed in the step S402 and the step S404 further includes: configuring a DHCP relay or proxy, configuring DHCP
  • the server IP address allows the DHCP relay or proxy to communicate with the DHCP server.
  • Step S406 the DHCP server provides information related to the DHCP server.
  • Step S408, the DHCP relay or the proxy forwards the DHCP providing information to the corresponding inside the enterprise network.
  • Step S410 to step S414, the PC selects one of the plurality of DHCP providing information that may be returned, and sends the DHCP request information, obtains an IP address from the DHCP proxy, and performs a service connection (if the DHCP relay function is used, Then the relay needs to forward the relevant DHCP request to the relevant DHCP server to obtain the IP address allocation, so the flow is slightly different from FIG. 4B. Since this process is similar to the prior art, it will not be described in detail herein. In a specific implementation, different servers and networks can be distinguished by different IP addresses. And each IP address corresponds to a PC/server to implement the relevant processing functions.
  • this method is the same as the case of deploying DHCP and DNS servers in different enterprise networks in the prior art, or using a separate computer for C/S application processing, and does not solve the problem of resource waste and sharing.
  • it brings further problems, such as the need for a large number of IP addresses, especially in the case of a large number of corporate networks.
  • further optimization can be done on this basis:
  • the same IP address can be used to correspond to the centralized processing system. This is the same as current load balancing, corresponding to an IP address, but its processing can be distributed to multiple computers. But there is a problem here, how to distinguish between different networks, because it is different from ordinary load balancing, here need to implement different processing for different user networks.
  • DHCP Option 82 can also be used to carry customer-related information about DHCP relay or proxy information. The DHCP server determines which enterprise the DHCP request comes from through the DHCP relay or proxy of the enterprise network and the information of the additional DHCP Option 82, and sends it to the corresponding processing process for processing, and returns the processing result.
  • DHCP processing requires virtualization of the processing process for different user processing requirements. Specifically, there are multiple copies of the DHCP processed function in the centralized processing system, or processing instances. Or there is a DHCP processing context (CONTEXT) for each enterprise network, including information about the initial configuration and related processing status, mainly the allocation information of the IP address, and related time information.
  • CONTEXT DHCP processing context
  • the specific functions include: on the one hand, the processing of the application is required, which is an external operation; at the same time, the management operation is also completed, for example, the time is refreshed, and at some critical time points, notification or refresh is required.
  • the transmission of messages, etc. are all conventional operations of DHPC processing and are prior art and will not be further described in the present invention.
  • the association between the specific customer network and the processing instance, the Option 82 information sent by the DHCP relay or the proxy, and the related IP address information, and the subscription information, etc. first realize the identification of the customer network, and further process the processing instance of the relevant customer network.
  • the centralized processing system realizes the related function processing by realizing the connection with the customer network through the IP network.
  • Centralized processing system provides some configuration management, statistics and planning tools, supports function planning and statistics, and provides related management tools to support centralized processing and related management tasks, such as configuring IP address for DHCP processing instances. And initialization of data, etc.
  • FIG. 5 is a network structure diagram of a C/S application according to Embodiment 3 of the present invention.
  • the centralized processing system is a network system composed of one or more PCs, or a PC server, or a blade server, connected by an Ethernet switch (or a network composed of multiple switches), and can be Further forming a PC Or server clusters or distributed systems to improve system reliability.
  • the centralized processing system also includes a gateway, which is configured to connect different customer networks, and a management subsystem to implement management of the centralized processing system.
  • a method of implementing centralized DHCP processing is provided in the second embodiment.
  • this is somewhat inconsistent with the general network deployment experience, that is, the internal network's DNS and DHCP servers should be deployed inside the network, using internal network addresses instead of being exposed to external networks.
  • another processing method is provided, which is similar to the prior art in which the related server is separately deployed in each enterprise network, and meets the experience requirements of the user network deployment and the security requirements of the network isolation.
  • the specific implementation method is: by virtualizing the computing resources in the centralized processing system into multiple virtual machines (VMs), and depending on the processing capability, it may also be an independent host.
  • VMs virtual machines
  • independent IP address configuration can be performed, and further divided into different subnets (corresponding to different customer networks), possibly including multiple VMs or hosts in one subnet, and the IP address is The address in the corresponding customer network.
  • This allows the client's network administrator to independently install and manage DHCP, and/or DNS servers.
  • the gateway further uses Q-in-Q (multi-layer VLAN) technology by centrally processing tunnels in the system network, such as VLANs (referred to as internal VLANs), or when 12-bit VLAN identification is insufficient.
  • VLANs referred to as internal VLANs
  • external VLANs external VLANs
  • the network forms a network to handle the processing of C/S functions.
  • the security function of the network can be enhanced by opening an ACL (Access Control List) function through a gateway or a device on the client network side connected to the gateway.
  • the gateway has: L3 switching function and / or ACL function.
  • the L3 switching functions include but are not limited to: VLAN functions and routing functions between different VLANs.
  • the planning of the processing power of a specific VM can be realized by a management subsystem in the centralized processing system. Specifically, the management subsystem can accept the processing requirements of the client's C/S application, including the number of VMs, the capabilities of the VM, the specific C/S functions, and the like; further, the management subsystem can check according to requirements. Centralize the processing power in the system to meet the demand, and return the result to the customer if the demand is met. Further, the association between the VM and the customer network can be realized through an automatic or manual configuration.
  • a centralized processing system running a set of soft The system, including the main program and different instances of DHCP and DNS processing, is handled by different processes, or threads. Different instances of different DHCP and DNS servers include related address allocation table information, as well as DNS mapping information. Due to the real-time nature of DHCP and DNS, it may not be very strong, or it may require relatively timely processing.
  • the processing capability and setting related processing performance parameters, such as the processing response time, may be appropriately configured.
  • different processing instances need to be differentiated according to the customer network of the service. Specifically, it can be distinguished by the names of different instances.
  • the specific processing example, the association with the customer network can be achieved through a specific network connection.
  • the customer network is connected to the physical interface of a specific computer system of the centralized processing system through the gateway and the internal interface of the gateway, and is associated with the corresponding processing instance through the interface, or further, may be a sub-interface, The interface or the packet sent from the sub-interface is forwarded to the corresponding processing instance. Process the results, returning to the customer network from the same path.
  • the management subsystem accepts the client's processing request and names it.
  • the management subsystem provides an interface interface to the client, and the client can perform further configuration through the interface, such as an IP address, data initialization of the C/S application, and the like.
  • the customer network can connect two gateways through two networks, and centrally process the computers in the system, connect two switches through two links, and so on, to achieve high network reliability. Sex.
  • high reliability implementation can be supported by VRRP (Virtual Router Redundancy Protocol).
  • the high reliability of the C/S application processing can be realized, for example, by backup of the VM or by performing hot backup of the C/S application processing instance.
  • FIG. 6 is a schematic structural diagram of a four-concentration processing system according to an embodiment of the present invention. As shown in FIG.
  • the transceiver subsystem 10 and the processing subsystem 20 are included, and the transceiver subsystem 10 and the processing subsystem 20 are connected.
  • the transceiver subsystem 10 is configured to receive C/S application messages from different customer networks.
  • the processing subsystem 20 is configured to process the C/S application message and return the processing result to the corresponding customer network through the transceiver subsystem 10.
  • the centralized processing system centrally processes the C/S application from each customer network, and solves the problem of waste of C/S application server resources, thereby achieving the effects of reducing management costs and improving management efficiency.
  • the customer network may be an enterprise network, and a service agent, such as a DHCP relay or proxy, is set in the enterprise network; the centralized processing system is located on the external network, and is specified by using a public IP address.
  • the service agent uniformly sends the message about the C/S application to the centralized processing system.
  • the service proxy in the enterprise network carries the network identifier information about the enterprise network in the C/S application packet that is sent.
  • the centralized processing system combines the egress IP address of the enterprise network and related attribute categories, such as DHCP Option 82, to distinguish different networks to implement different processing.
  • the centralized processing system can be a cluster system or a distributed system.
  • FIG. 7 is a schematic structural diagram of a centralized processing system according to Embodiment 5 of the present invention. As shown in FIG. 7, the centralized processing system includes a management subsystem 30 in addition to the transceiver subsystem 10 and the processing subsystem 20.
  • the management subsystem 30 is configured to perform performance monitoring and configuration management of the centralized processing system.
  • the configuration management of the management subsystem 30 includes: IP address configuration of the C/S processing instance and initialization of the data.
  • the transceiver subsystem can be a gateway that connects different customer networks and processing subsystems and implements isolation between different customer networks.
  • the gateway has L3 switching and/or ACL functions.
  • the L3 switching function includes: Supports VLAN functions and implements routing between different VLANs.
  • the processing subsystem is at least one or more PCs, PC servers, blade servers connected through a network, or further, a cluster system composed of the PC, a PC server, or a blade server, or a distributed system. .
  • the centralized processing of the client server application saves the server resources of the application processing, thereby reducing the overall cost, improving the implementation efficiency, and ensuring security.
  • the above modules or steps of the present invention can be implemented by a general-purpose computing device, which can be concentrated on a single computing device or distributed over a network composed of multiple computing devices. Alternatively, they may be implemented by program code executable by the computing device, such that they may be stored in the storage device by the computing device and, in some cases, may be different from the order herein.
  • the steps shown or described are performed, or they are separately fabricated into individual integrated circuit modules, or a plurality of modules or steps are fabricated as a single integrated circuit module.

Abstract

Provided are a processing method and a centralized processing system for a client/server application. The processing method includes: a centralized processing system receiving C/S application messages from various client networks; and the centralized processing system processing the C/S application messages and returning a result to a corresponding client network. In the present invention, the C/S applications from various client networks being processed in a centralized way solves the problem of waste of C/S application server resources, thus achieving the effects of reduced management costs and improved management efficiency.

Description

客户 /服务器应用的处理方法及集中处理系统 技术领域 本发明涉及通信领域, 具体而言, 涉及一种客户 /服务器应用的处理方法及集中处 理系统。 背景技术 在目前典型的 IP网络部署和应用中,为实现网络的方便应用,一般都部署有 DHCP (Dynamic Host Configuration Protocol, 动态主机配置协议) 服务器和 DNS (Domain Name System, 域名系统) 服务器, 分别实现 IP地址的自动分配, 以及域名的解析, 从而省却用户进行复杂的配置, 或者记忆一些不易记忆的网络地址。 一般而言, 每个 网络中,都需要进行这样的部署,只是在规模上有所区别。例如在 INTERNET网络中, 有多个 DNS根服务器, 是非常重要的网络功能部署, 需要采取高可靠性措施, 以保证 网络的高可用性。 而在一个小型企业网络中, 则可以是一台 PC服务器, 来实现有关 地址分配和解析的功能。 当然, 对 DNS解析可能是层次化的结构, 这里不做进一步的 考虑。 在用户网络是由用户单位自己进行规划、 部署、 以及管理的情况下, 这些功能, 完全由用户的网络管理员各自完成。 根据功能的需求, 以及性能的需求, 可以采用不 同的设备等级, 和相应的可靠性措施。 图 1是典型 DHCP和 DNS服务器在网络中部署应用示意图。 在每个网络 (图中 的企业网络) 中, 由于使用和管理方便的考虑, 都要部署有 DHCP和 DNS服务器。 用户计算机/ PC (—般需要在操作系统中做一些设置)在加电后, 首先需要自动获取 IP 地址,这一般是通过 DHCP来实现,然后通过 DNS服务器解析所需要的 URL(Uniform Resource Locator, 统一资源定位符) /域名的 IP地址, 通过 IP报文实现通信。 由于各 个网络中的 IP地址分配方案不同, 以及不同的企业网络中的服务器, 可能采取不同的 编址 /命名方案, 因此 DHCP和 DNS服务器, 有不同的数据库, 虽然其处理功能是一 样的, 即可以通过使用相同的软件系统加以实现。 但是, 在一种新的应用情况下, 特别是在云计算逐步普及的背景下, 用户的网络 是通过运营商的业务提供而实现的, 即企业用户不再需要企业用户自己去购买、 部署 和管理有关的网络设施, 并进行有关的网络应用功能部署, 而直接从业务提供商那里, 获得有关的网络和一些基本网络应用功能。 而从运营商的角度看, 在提供用户网络的 基本网络连接外, 还需要分别为每一个用户网络 (客户网络) 提供独立的 DHCP 和 DNS功能, 因为各个用户的 IP地址规划, 以及一些内部系统的域名规划是很不一样 的, 不太可能通过一套系统来进行实现, 而且进一步还有网络安全方面的需求, 需要 对网络进行隔离。 这样, 一个显然的, 也确实是可行的解决方案是, 分别为各个用户网络提供独立 的 DHCP和 DNS服务器, 来实现有关的功能, 就和客户自己实现网络的时候一样。 但是, 这种实现方案, 有其不合理的地方。 例如, 在目前网络部署实践的情况下, 需要大量的 PC/服务器来实现有关的功能, 因此在功能的匹配性上不合理, 往往是处 理能力远超过实际所需求的, 造成一定的资源浪费, 另外, 需要管理如此多的服务器 / 计算机 /PC, 管理成本也会比较高。 发明内容 本发明提供了一种客户 /服务器应用的处理方法及集中处理系统, 以至少解决上述 客户 /服务器应用中资源浪费和管理成本的问题。 根据本发明的一个方面, 提供了一种 C/S (Client/Server, 客户 /服务器)应用的处 理方法, 包括: 集中处理系统接收来自不同客户网络的 C/S应用报文; 集中处理系统 对 C/S应用报文进行处理并返回结果至对应的客户网络。 优选地, 集中处理系统包括: 处理子系统, 设置为对 C/S应用报文进行处理; 网 关, 设置为接收 C/S应用报文并将 C/S应用报文的处理结果返回至对应的客户网络, 其中, 网关将不同客户网络和处理子系统相连接, 并实现不同客户网络之间的隔离; 管理子系统, 设置为集中处理系统的性能监测和配置管理。 优选地, 处理子系统为以下之一: PC机、 PC服务器、 刀片服务器、 由 PC机/ PC 服务器 /刀片服务器组成的集群系统、 由 PC机 /PC服务器 /刀片服务器组成的分布式系 统。 优选地, 处理子系统包括: C/S集中处理功能模块, 包括多个 C/S应用处理实例, 不同的 C/S应用处理实例分别实现对来自不同客户网络的 C/S应用报文的处理, 不同 客户网络与 C/S应用处理实例之间通过网关进行关联; 其中, 多个 C/S应用处理实例 为独立的 C/S应用处理进程或者线程。 优选地, 管理子系统的配置管理包括: C/S处理实例的 IP地址配置和数据的初始 化。 优选地, 网关通过不同的外部物理接口或者子接口接收不同客户网络的 C/S应用 报文, 通过内部接口来实现到 C/S处理实例的对应; 内部接口为网关连接集中处理系 统的物理接口或者子接口, 物理接口或者子接口通过以下之一来进行标识和区分: VLAN Q-in-Q。 优选地, 网关具有 L3交换功能和 /或 ACL功能, L3交换功能包括: 支持 VLAN 功能和实现不同 VLAN间的路由功能。 优选地, 处理子系统为虚拟化的多个虚拟机, 每个虚拟机划分到不同的客户网络 中, 通过在所述虚拟机中安装所述 C/S应用处理程序对不同客户网络的 C/S应用报文 进行处理。 优选地, 集中处理系统位于客户网络之外的外部网络, 并且具有公用的 IP地址; 客户网络通过中继或者代理将 C/S应用报文转发至集中处理系统; C/S应用报文中携 带有用于标识客户网络的网络标识信息; 集中处理系统, 通过 C/S应用处理实例实现 对不同客户网络的 C/S应用的处理。 优选地, C/S应用包括: DHCP和 /或 DNS应用, 集中处理系统包括: DHCP和 / 或 DNS服务器; 客户网络为企业网络或者子网。 根据本发明的另一个方面, 提供了一种集中处理系统, 包括: 收发子系统和处理 子系统, 其中, 收发子系统, 设置为接收来自不同客户网络的 C/S应用报文; 处理子 系统, 设置为对 C/S应用报文进行处理, 并通过收发子系统将处理结果返回至对应的 客户网络。 优选地, 收发子系统为网关, 网关将不同客户网络和处理子系统相连接, 并实现 不同客户网络之间的隔离。 优选地, 集中处理系统还包括: 管理子系统, 设置为集中处理系统的性能监测和 配置管理。 优选地, 处理子系统为以下之一: PC机、 PC服务器、 刀片服务器、 由 PC机/ PC 服务器 /刀片服务器组成的集群系统、 由 PC机 /PC服务器 /刀片服务器组成的分布式系 统。 优选地, 处理子系统包括: C/S集中处理功能模块, 包括多个 C/S应用处理实例, 不同的 C/S应用处理实例分别实现对来自不同客户网络的 C/S应用报文的处理, 不同 客户网络与 C/S应用处理实例之间通过网关进行关联; 其中, 多个 C/S应用处理实例 为独立的 C/S应用处理进程或者线程。 优选地, 管理子系统的配置管理包括: C/S处理实例的 IP地址配置和数据的初始 化。 优选地, 网关通过不同的外部物理接口或者子接口接收不同客户网络的 C/S应用 报文, 通过内部接口来实现到 C/S处理实例的对应; 内部接口为网关连接集中处理系 统的物理接口或者子接口, 物理接口或者子接口通过以下之一来进行标识和区分:TECHNICAL FIELD The present invention relates to the field of communications, and in particular to a processing method and a centralized processing system for a client/server application. In a typical IP network deployment and application, a DHCP (Dynamic Host Configuration Protocol) server and a DNS (Domain Name System) server are generally deployed for the convenience of the network. Realize the automatic allocation of IP addresses and the resolution of domain names, thus eliminating the need for users to perform complex configurations or memorizing network addresses that are difficult to remember. In general, such a deployment is required in every network, but only in terms of scale. For example, in an INTERNET network, there are multiple DNS root servers, which are very important network function deployments and require high reliability measures to ensure high availability of the network. In a small business network, it can be a PC server to implement address allocation and parsing. Of course, DNS resolution may be a hierarchical structure, and no further consideration is given here. In the case where the user network is planned, deployed, and managed by the user unit itself, these functions are completely performed by the user's network administrator. Depending on the needs of the function and the performance requirements, different equipment levels and corresponding reliability measures can be used. Figure 1 is a schematic diagram of a typical DHCP and DNS server deployed in a network. In each network (the enterprise network in the figure), DHCP and DNS servers are deployed due to ease of use and management. User computer / PC (usually need to do some settings in the operating system) After power-on, you first need to obtain the IP address automatically, which is usually implemented by DHCP, and then parse the required URL through the DNS server (Uniform Resource Locator, Uniform Resource Locator) / IP address of the domain name, which communicates through IP packets. Since the IP address allocation schemes in different networks and the servers in different enterprise networks may adopt different addressing/naming schemes, DHCP and DNS servers have different databases, although their processing functions are the same, that is, This can be achieved by using the same software system. However, in a new application situation, especially in the context of the gradual popularization of cloud computing, the user's network is realized through the service provision of the operator, that is, the enterprise user no longer needs the enterprise user to purchase, deploy and Manage relevant network facilities and perform related network application function deployments, and directly obtain relevant network and some basic network application functions from service providers. From the perspective of the operator, in addition to providing the basic network connection of the user network, it is also necessary to provide separate DHCP and separate for each user network (customer network). DNS function, because the IP address planning of each user, and the domain name planning of some internal systems are very different, it is unlikely to be implemented through a system, and there is still a need for network security, which needs to be isolated from the network. . In this way, an obvious and indeed feasible solution is to provide separate DHCP and DNS servers for each user network to implement the relevant functions, just as the client implements the network itself. However, this kind of implementation has its unreasonable place. For example, in the current network deployment practice, a large number of PCs/servers are required to implement related functions, so that the matching of functions is unreasonable, and often the processing capability is far more than the actual demand, resulting in a certain waste of resources. In addition, the need to manage so many servers / computers / PCs, management costs will be higher. SUMMARY OF THE INVENTION The present invention provides a processing method and a centralized processing system for a client/server application to at least solve the problem of resource waste and management cost in the above client/server application. According to an aspect of the present invention, a processing method of a C/S (Client/Server, Client/Server) application is provided, including: a centralized processing system receives C/S application messages from different customer networks; The C/S application message is processed and the result is returned to the corresponding customer network. Preferably, the centralized processing system includes: a processing subsystem configured to process the C/S application message; and a gateway configured to receive the C/S application message and return the processing result of the C/S application message to the corresponding The customer network, where the gateway connects different customer networks and processing subsystems, and realizes isolation between different customer networks; the management subsystem is set to perform performance monitoring and configuration management of the centralized processing system. Preferably, the processing subsystem is one of the following: a PC, a PC server, a blade server, a cluster system consisting of a PC/PC server/blade server, and a distributed system consisting of a PC/PC server/blade server. Preferably, the processing subsystem includes: a C/S centralized processing function module, including multiple C/S application processing instances, and different C/S application processing instances respectively implementing processing of C/S application messages from different customer networks. The client network and the C/S application processing instance are associated with each other through a gateway; wherein, the multiple C/S application processing instances are independent C/S application processing processes or threads. Preferably, the configuration management of the management subsystem comprises: IP address configuration of the C/S processing instance and initialization of the data. Preferably, the gateway receives the C/S application message of the different customer network through different external physical interfaces or sub-interfaces, and implements the correspondence to the C/S processing instance through the internal interface; the internal interface is the physical interface of the gateway connection centralized processing system. Or a sub-interface, a physical interface, or a sub-interface is identified and distinguished by one of the following: VLAN Q-in-Q. Preferably, the gateway has an L3 switching function and/or an ACL function, and the L3 switching function includes: supporting a VLAN function and implementing a routing function between different VLANs. Preferably, the processing subsystem is a plurality of virtualized virtual machines, each virtual machine is divided into different customer networks, and the C/S application processing program is installed in the virtual machine to C/ of different customer networks. S applies the message for processing. Preferably, the centralized processing system is located in an external network outside the customer network and has a public IP address; the customer network forwards the C/S application message to the centralized processing system through the relay or the proxy; the C/S application message carries There is network identification information for identifying the customer network; a centralized processing system, which implements processing of C/S applications of different customer networks through C/S application processing instances. Preferably, the C/S application comprises: a DHCP and/or a DNS application, the centralized processing system comprises: a DHCP and/or a DNS server; and the customer network is an enterprise network or a subnet. According to another aspect of the present invention, a centralized processing system is provided, comprising: a transceiver subsystem and a processing subsystem, wherein a transceiver subsystem is configured to receive C/S application messages from different customer networks; , configured to process the C/S application message, and return the processing result to the corresponding customer network through the transceiver subsystem. Preferably, the transceiver subsystem is a gateway, and the gateway connects different customer networks and processing subsystems, and implements isolation between different customer networks. Preferably, the centralized processing system further comprises: a management subsystem, configured to perform performance monitoring and configuration management of the centralized processing system. Preferably, the processing subsystem is one of the following: a PC, a PC server, a blade server, a cluster system consisting of a PC/PC server/blade server, and a distributed system consisting of a PC/PC server/blade server. Preferably, the processing subsystem includes: a C/S centralized processing function module, including multiple C/S application processing instances, and different C/S application processing instances respectively implementing processing of C/S application messages from different customer networks. Different The client network and the C/S application processing instance are associated by a gateway; wherein, the multiple C/S application processing instances are independent C/S application processing processes or threads. Preferably, the configuration management of the management subsystem comprises: IP address configuration of the C/S processing instance and initialization of the data. Preferably, the gateway receives the C/S application message of the different customer network through different external physical interfaces or sub-interfaces, and implements the correspondence to the C/S processing instance through the internal interface; the internal interface is the physical interface of the gateway connection centralized processing system. Or a sub-interface, a physical interface, or a sub-interface is identified and distinguished by one of the following:
VLAN Q-in-Q。 优选地, 网关具有 L3交换功能和 /或 ACL功能, L3交换功能包括: 支持 VLAN 功能和实现不同 VLAN间的路由功能。 优选地, 处理子系统为虚拟化的多个虚拟机, 每个虚拟机划分到不同的客户网络 中, 通过在所述虚拟机中安装所述 C/S应用处理程序对不同客户网络的 C/S应用报文 进行处理。 优选地, 集中处理系统位于客户网络之外的外部网络, 并且具有公用的 IP地址; 客户网络通过中继或者代理将 C/S应用报文转发至集中处理系统; C/S应用报文中携 带有用于标识客户网络的网络标识信息; 集中处理系统, 通过 C/S应用处理实例实现 对不同客户网络的 C/S应用的处理。 通过本发明, 采用集中处理来自各个客户网络的 C/S应用, 解决了 C/S应用服务 器资源浪费的问题, 进而达到了降低管理成本、 提高管理效率的效果。 附图说明 此处所说明的附图用来提供对本发明的进一步理解, 构成本申请的一部分, 本发 明的示意性实施例及其说明用于解释本发明, 并不构成对本发明的不当限定。 在附图 中: 图 1是根据相关技术的 DHCP和 DNS服务器在网络中部署应用示意图; 图 2是根据相关技术的 DHCP处理流程图; 图 3是根据本发明实施例一的 C/S应用的处理流程图; 图 4A是根据本发明实施例二的 C/S应用的网络结构图; 图 4B是根据本发明实施例二的 C/S应用的 DHCP处理流程图; 图 5是根据本发明实施例三的 C/S应用的网络结构图; 图 6是根据本发明实施例四的集中处理系统结构示意图; 以及 图 7是根据本发明实施例五的集中处理系统结构示意图。 具体实施方式 下文中将参考附图并结合实施例来详细说明本发明。 需要说明的是, 在不冲突的 情况下, 本申请中的实施例及实施例中的特征可以相互组合。 实施例一 图 3是根据本发明实施例一的 C/S应用的处理流程图, 如图 3所示, 包括以下步 骤: 步骤 S302, 集中处理系统接收来自不同客户网络的 C/S应用报文。 步骤 S304, 集中处理系统对所接收的 C/S应用报文进行处理。 步骤 S306, 集中处理系统将处理结果返回至对应的客户网络。 在本实施例中, 通过集中处理来自各个客户网络的 C/S应用, 解决了 C/S应用服 务器资源浪费的问题, 进而达到了降低管理成本、 提高管理效率的效果。 其中, 客户网络可以为企业网络, 或者需要进行所述 C/S应用处理的网络, 或者 子网 (后同)。 在企业网络中设置业务中继或者代理, 例如 DHCP 中继或者代理; 集 中处理系统位于外部网络, 通过使用一个公用的 IP地址来进行指定。业务代理将有关 C/S应用的报文统一发送到集中处理系统。 而对其他的一些 C/S应用, 例如 DNS, 可 以通过底层的 IP网络进行直接处理, 而不需要特别的代理或者中继机制, 即在客户网 络和集中处理之间有 IP网络连接时, 即可以实现有关的处理。 其中, 企业网络中的业务中继或者代理在所发送的 C/S应用报文携带有关企业网 络的网络标识信息。集中处理系统结合企业网络的出口 IP地址,以及有关的属性类别, 例如 DHCP Option82, 或者协议的端口号等, 可以区分不同的网络, 以实现不同的处 理。 其中, 集中处理系统可以为一台, 或者多台 /一组 PC机或者 PC服务器, 或者刀 片服务器, 或则专门设计的计算机系统, 可以组成集群系统或者分布式系统。 集中处 理系统可实现多个 C/S处理实例, 分别实现相关客户网络的 C/S应用的处理和管理工 作, 同时保证系统的高可用性。 实施例二 图 4A是根据本发明实施例二的 C/S应用的网络结构图, 如图 4A所示, 该网络结 构包括企业网络 1和企业网络 2, 企业网络 1和企业网络 2可接入 ISP/INTERNET网 络。 其中, 在企业网络 1和企业网络 2中分别设置有一个 DHCP中继或者代理 (对 DNS应用, 由于实现机制的不同, 不需要进行代理设置, 而直接通过底层的 IP 网络 机制, 来实现报文的直接转发), DHCP代理连接至一个集中处理系统, 该集中处理系 统包括 DHCP服务器和 DNS服务器。 其中, DHCP服务器和 DNS服务器可以是一台, 或者多台 PC机或者 PC服务器, 或者刀片服务器, 或则专门设计的计算机系统, 可以组成集群系统或者分布式系统。, 这需要根据处理能力和有关数据库的大小来决定。 在本实施例中, 通过对集中处理系统中的处理服务器分配公用 IP 地址来实现VLAN Q-in-Q. Preferably, the gateway has an L3 switching function and/or an ACL function, and the L3 switching function includes: supporting a VLAN function and implementing a routing function between different VLANs. Preferably, the processing subsystem is a plurality of virtualized virtual machines, each virtual machine is divided into different customer networks, and the C/S application processing program is installed in the virtual machine to C/ of different customer networks. S applies the message for processing. Preferably, the centralized processing system is located in an external network outside the customer network and has a public IP address; the customer network forwards the C/S application message to the centralized processing system through the relay or the proxy; the C/S application message carries There is network identification information for identifying the customer network; a centralized processing system, which implements processing of C/S applications of different customer networks through C/S application processing instances. Through the invention, the centralized processing of C/S applications from various customer networks solves the problem of waste of resources of the C/S application server, thereby achieving the effects of reducing management costs and improving management efficiency. BRIEF DESCRIPTION OF THE DRAWINGS The accompanying drawings, which are set to illustrate,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,, In the drawings: FIG. 1 is a schematic diagram of a DHCP and DNS server deployed in a network according to the related art; FIG. 2 is a flowchart of DHCP processing according to the related art; FIG. 3 is a C/S application according to a first embodiment of the present invention. FIG. 4A is a network structure diagram of a C/S application according to Embodiment 2 of the present invention; FIG. 4B is a flowchart of DHCP processing of a C/S application according to Embodiment 2 of the present invention; FIG. 5 is a network structure diagram of a C/S application according to Embodiment 3 of the present invention; FIG. 6 is a centralized diagram according to Embodiment 4 of the present invention. A schematic diagram of a processing system structure; and FIG. 7 is a schematic structural diagram of a centralized processing system according to Embodiment 5 of the present invention. BEST MODE FOR CARRYING OUT THE INVENTION Hereinafter, the present invention will be described in detail with reference to the accompanying drawings. It should be noted that the embodiments in the present application and the features in the embodiments may be combined with each other without conflict. FIG. 3 is a flowchart of processing a C/S application according to the first embodiment of the present invention. As shown in FIG. 3, the method includes the following steps: Step S302: The centralized processing system receives C/S application messages from different customer networks. . Step S304, the centralized processing system processes the received C/S application message. Step S306, the centralized processing system returns the processing result to the corresponding customer network. In this embodiment, by centrally processing C/S applications from various customer networks, the problem of waste of resources of the C/S application server is solved, thereby achieving the effects of reducing management costs and improving management efficiency. The customer network may be an enterprise network, or a network that needs to perform the C/S application processing, or a subnet (later). Set up a service relay or proxy in the enterprise network, such as a DHCP relay or proxy; The centralized processing system is located on the external network and is specified by using a public IP address. The service agent uniformly sends the message about the C/S application to the centralized processing system. For other C/S applications, such as DNS, it can be directly processed through the underlying IP network without special proxy or relay mechanism, ie when there is an IP network connection between the customer network and centralized processing, ie The relevant processing can be implemented. The service relay or the proxy in the enterprise network carries the network identifier information about the enterprise network in the sent C/S application packet. The centralized processing system combines the egress IP address of the enterprise network and related attribute categories, such as DHCP Option 82, or the port number of the protocol, to distinguish different networks to implement different processing. The centralized processing system may be one, or multiple/a group of PCs or PC servers, or a blade server, or a specially designed computer system, which may be a cluster system or a distributed system. The centralized processing system can implement multiple C/S processing instances to implement the processing and management of the C/S applications of the relevant customer networks, while ensuring high availability of the system. Embodiment 2 FIG. 4A is a network structure diagram of a C/S application according to Embodiment 2 of the present invention. As shown in FIG. 4A, the network structure includes an enterprise network 1 and an enterprise network 2, and the enterprise network 1 and the enterprise network 2 are accessible. ISP/INTERNET network. Among them, a DHCP relay or proxy is set in the enterprise network 1 and the enterprise network 2 respectively (for the DNS application, since the implementation mechanism is different, the proxy setting is not required, and the packet is directly implemented through the underlying IP network mechanism. Direct forwarding), the DHCP agent is connected to a centralized processing system, which includes a DHCP server and a DNS server. The DHCP server and the DNS server may be one, or multiple PCs or PC servers, or blade servers, or specially designed computer systems, which may form a cluster system or a distributed system. This needs to be determined based on processing power and the size of the database in question. In this embodiment, the public IP address is allocated to the processing server in the centralized processing system.
DHCP的集中处理。 因为 PC在获得 IP地址前, 需要发出 DHCP发现 (广播) 报文, 现有技术中的 DHCP处理流程如图 2的步骤 S202至 210所示: DHCP服务器,收到该 DHCP发现报 文, 并进行处理返回一个 DHCP提供信息, PC根据可能返回的多个 DHCP提供信息, 选择其中的一个发送 DHCP请求信息, 从该 DHCP服务器中, 获得 IP地址。 因为此 处理流程为现有技术, 在此不做详细的说明。 一般而言, DHCP和 DNS在中小型网络中,并不需要太多的处理能力,也即是说, 以目前的 PC机的处理能力, 完全可能满足多个网络的 DHCP和 DNS的处理要求。而 可靠性方面的考虑, 由于可以通过部署多个 DHCP服务器, 以及主备 DNS服务器等 有关机制来加以实现。 但是, 由于各个网络的配置是不一样的, 另外由于安全方面的 考虑, 这个处理能力必须是隔离的, 不可以相互影响。 因此, 在网络共享实现的情况 下, 才可以集中处理, 且必须实现安全的隔离。 一种实现方案是, 通过运营商的公用 IP地址, 来配置实现 DHCP服务器。 这样, 就可以解决有关的网络隔离问题。 因为 DHCP服务器并不位于企业网络中, DHCP应用报文需要发送到外部网络中 去, 因此在集中处理的过程中, 有关流程需要做出改变。 图 4B 是根据本发明实施例 二的 C/S应用的 DHCP处理流程图, 如图 4B所示, 包括以下步骤: 步骤 S402, 在企业网络内部, 配置有关的 DHCP中继或者代理, 由 DHCP中继 或者代理来收集有关 DHCP发现报文。 步骤 S404,DHCP中继或者代理将 DHCP发现报文转发至外部网络的 DHCP服务 器。 其中, DHCP中继或者代理在所发送的 DHCP发现报文中携带有关的属性类别, 例如 DHCP Option82o 其中, 在步骤 S402和步骤 S404中需要完成的工作还包括: 配置 DHCP中继或者 代理, 配置 DHCP服务器 IP地址, 使得 DHCP中继或者代理可以和 DHCP服务器进 行通信。 步骤 S406, DHCP服务器相关的 DHCP提供信息。 步骤 S408, DHCP中继或者代理将 DHCP提供信息转发至企业网络内部的相应的Centralized processing of DHCP. Because the PC needs to send a DHCP discovery (broadcast) message before obtaining the IP address, the DHCP processing procedure in the prior art is as shown in steps S202 to 210 of FIG. 2: The DHCP server receives the DHCP discovery message and performs The processing returns a DHCP providing information, and the PC selects one of the DHCP providing information, and selects one of them to send the DHCP request information, and obtains an IP address from the DHCP server. Since this processing flow is prior art, it will not be described in detail herein. In general, DHCP and DNS do not require much processing power in small and medium-sized networks. That is to say, with the processing power of current PCs, it is possible to meet the processing requirements of DHCP and DNS of multiple networks. Reliability considerations can be achieved by deploying multiple DHCP servers, as well as active and standby DNS servers. However, since the configuration of each network is different, and due to security considerations, this processing capability must be isolated and cannot affect each other. Therefore, in the case of network sharing implementation, centralized processing is possible, and secure isolation must be achieved. One implementation is to implement a DHCP server through the carrier's public IP address. In this way, the related network isolation problem can be solved. Because the DHCP server is not located in the enterprise network, DHCP application messages need to be sent to the external network. Therefore, in the process of centralized processing, the relevant processes need to be changed. 4B is a flowchart of DHCP processing of a C/S application according to Embodiment 2 of the present invention. As shown in FIG. 4B, the method includes the following steps: Step S402: Configure a DHCP relay or proxy in the enterprise network, by DHCP. Follow the agent or agent to collect information about DHCP discovery. Step S404, the DHCP relay or the proxy forwards the DHCP discovery message to the DHCP server of the external network. The DHCP relay agent or the proxy carries the related attribute category in the sent DHCP discovery packet, for example, the DHCP Option 82o. The work to be completed in the step S402 and the step S404 further includes: configuring a DHCP relay or proxy, configuring DHCP The server IP address allows the DHCP relay or proxy to communicate with the DHCP server. Step S406, the DHCP server provides information related to the DHCP server. Step S408, the DHCP relay or the proxy forwards the DHCP providing information to the corresponding inside the enterprise network.
PC。 步骤 S410至步骤 S414, PC根据可能返回的多个 DHCP提供信息,选择其中的一 个并发送 DHCP请求信息, 从该 DHCP代理中获得 IP地址, 并进行业务连接 (如果 使用的是 DHCP中继功能,则中继需要将有关 DHCP请求转发到相关的 DHCP服务器, 获得 IP地址分配, 因而流程与图 4B也略有不同)。 因为该流程与现有技术类似, 在此 不作详细描述。 在具体的实现中, 可以通过不同的 IP地址, 来区分不同的服务器和网络。 并且每 一个 IP地址对应一台 PC/服务器, 以实现有关的处理功能。 但是, 这方法与现有技术 中的在不同企业网络部署 DHCP和 DNS服务器的情况一样, 还是使用独立的计算机 来进行 C/S应用处理, 并没有解决资源浪费而实现共享的问题。 同时, 还带来了进一 步的问题, 例如需要大量的 IP地址, 特别是在企业网络的数量巨大的情况下。 为此, 可以在此基础上做进一步的优化: 可以使用同一个 IP地址来对应集中处理 系统。 这就和目前的负载均衡一样, 对应一个 IP地址, 但是其处理可以分布到多台计 算机中去。 但是这里存在一个问题, 如何来进行不同网络的区分, 因为和普通的负载 均衡不一样, 这里需要针对不同的用户网络实现不同的处理。 为此, 在 DHCP中继或 者代理中, 需要加上有关企业的代码信息。 实际上, 可以通过不同的 IP地址, 来进行 网络的区分, 特别是在通过 NAT 之后。 并且, 需要做进一步的设置工作。 例如, 对 DHCP服务器, 业务提供商和用户需要一个签约, 这样不至于有假冒的发生, 同时, 也可以获得进一步的信息, 对用户进行身份认证。 也可以利用 DHCP Option82来携带有关 DHCP中继或者代理信息的客户相关的信 息。 DHCP服务器通过企业网络的 DHCP中继或者代理以及附加的 DHCP Option82的 信息来确定 DHCP请求来自哪个企业, 并送往对应的处理进程进行处理, 并返回处理 结果。 这样, 首先解决了有关网络区分, 即业务隔离的问题。 也可以进行加密传送, 以进一步获得比较高的安全性。 集中处理需要针对不同的用户的处理要求进行处理进程的虚拟化。 具体的, 集中 处理系统中有多个 DHCP处理的功能副本,或者处理实例。或者对每一个企业网络有一 个 DHCP处理的上下文(CONTEXT),包括有关初始的配置以及有关的处理状态信息, 主要是 IP地址的分配信息, 以及有关时间信息等。 具体的功能包括, 一方面需要进行 对申请的处理, 这是对外的操作; 同时, 也要完成管理方面的操作, 例如进行时间的 刷新,在一些关键的时间点上,需要进行通知,或者刷新消息的发送等,这些都是 DHPC 处理的常规操作, 是现有技术, 本发明中不做进一步描述。 而具体客户网络和处理实例的关联, 通过 DHCP 中继或者代理发送过来的 Option82信息,和或者有关 IP地址信息, 以及签约信息等,首先实现客户网络的识别, 并进一步和有关客户网络的处理实例关联起来。而集中处理系统, 通过 IP网络实现和 客户网络的连接, 即可实现有关的功能处理。 集中处理系统, 提供一些配置管理、 统计和规划工具, 支持进行功能的规划和统 计等工作并提供有关的管理工具,支持集中处理的实现和相关的管理工作,如对 DHCP 处理实例的 IP地址配置和数据的初始化等。 为保证处理功能的高可用性,集中处理系统可在高性能的 PC机,或者 PC服务器, 或者刀片服务器集群来实现, 当然, 也可以是具有高可靠性的分布式系统来实现, 进 一步可以通过对处理实例进行热备份, 而获得高的可用性。 实施例三 图 5是根据本发明实施例三的 C/S应用的网络结构图。 如图 5所示, 集中处理系 统是由一台或者多台 PC机,或者 PC服务器,或者刀片服务器,通过以太网交换机(或 者多台交换机组成的网络) 连接而组成的一个网络系统, 并且可以进一步组成 PC机 或服务器集群或者是分布式系统, 以提高系统的可靠性。 集中处理系统中, 还包括网 关, 设置为连接不同的客户网络, 以及管理子系统, 实现对集中处理系统的管理。 虽然在实施案例二中提供了一种实现 DHCP集中处理的方法。 但是, 这有点不太 符合一般的网络部署的经验, 即对内部网络的 DNS 以及 DHCP服务器, 应该部署在 网络的内部, 使用内部的网络地址, 而不是公开给外部网络。 为此, 在本实施例中, 提供了另一种处理方法, 其与现有技术中在每个企业网中单独部署有关服务器类似, 满足用户网络部署的经验要求以及网络隔离的安全性要求。 具体的实现方法为, 通过将集中处理系统中的计算资源虚拟化为多个虚拟机 (VM), 根据处理能力的需求, 也可以是独立的主机。 对每一个 VM, 或者主机, 可 以进行独立的 IP地址配置, 并且进一步划分到不同的子网 (对应不同的客户网络) 中 去,可能一个子网中包括多个 VM或者主机,并且 IP地址是对应的客户网络中的地址。 这样可以由客户的网络管理员来独立地进行 DHCP, 和 /或 DNS服务器的安装和管理。 具体的网络划分, 可以结合图 5, 在客户网络和网关之间, 建立独立的隧道, 例 如通过接口上的 VLAN配置 (称之为外部 VLAN), 来实现不同客户网络在网关上的 隔离。进一步,网关通过集中处理系统网络中的隧道,例如 VLAN(称之为内部 VLAN), 或者在 12位的 VLAN标识不够用的情况下, 进一步使用 Q-in-Q (多层 VLAN) 技术 (这同样也适用于外部 VLAN), 来实现和有关 VM的连接, 并将外部 VLAN和内部 VLAN关联起来, 这样就实现集中处理系统中的有关 VM和客户网络的关联, 实际上 是将有关 VM和客户网络组成一个网络, 从而实现有关 C/S功能的处理。 进一步, 可 以通过网关, 或者在和网关连接的客户网络侧的设备上开启 ACL (访问控制列表)功 能, 来加强网络的安全功能。 网关具有: L3交换功能和 /或 ACL功能。 述 L3交换功能包括但不限于: VLAN 功能以及不同 VLAN间的路由功能。 而对具体的 VM的处理能力的规划, 可以通过集中处理系统中的管理子系统来实 现。 具体的, 管理子系统, 可以接受客户的 C/S应用的处理需求, 包括 VM的数量, VM的能力, 具体的 C/S应该功能, 等等; 进一步, 管理子系统, 可以根据需求, 检 查集中处理系统中的处理能力, 是否满足需求, 在满足需求的情况下, 返回结果给客 户。 进一步, 可以通过自动, 或者手工配置的途径, 实现 VM和客户网络的关联。 在虚拟机的实现案例中, 由于集中处理系统的计算能力, 仍然被划分成一些独立 的计算机, 并被分配到各客户网络中去, 因此, 仍然可能有资源的浪费, 或者安装、 管理的开销比较大, 可以做进一步的优化。 具体的, 在集中处理系统中, 运行一套软 件系统, 包括主程序以及实现 DHCP和 DNS处理的不同实例, 通过不同的进程, 或 者线程来实现处理。 对不同的 DHCP和 DNS服务器的不同的实例中, 包括有关的地 址分配表信息, 以及 DNS映射信息。 由于 DHCP和 DNS的实时性,可能不一定很强, 或者需要比较及时的处理, 可以适当地配置处理能力和设定有关的处理性能参数, 例 如处理的反应时间等。 具体的, 对不同的处理实例, 需要根据服务的客户网络做不同的区分。 具体的, 可以通过不同的实例的名称来区分。 而具体处理实例, 和客户网络的关联, 可以通过 具体的网络连接来实现。 具体的, 客户网络通过网关, 以及网关的内部接口, 连接到 集中处理系统的某一个具体计算机系统的物理接口, 通过该接口, 或者进一步可能是 子接口, 和对应的处理实例进行关联, 即将从该接口, 或者子接口上来的报文转发给 对应的处理实例。 处理结果, 从同样的路径, 返回给客户网络。 在通过不同处理实例实现 C/S应用集中处理的情况下, 管理子系统, 接受客户的 处理请求, 并进行命名。 进一步, 管理子系统, 提供接口界面给客户, 客户可以通过 该界面, 进行进一步的配置, 例如 IP地址, C/S应用的数据初始化等操作。 需要进一步说明的是, 图 5中, 有关的网络连接, 可能存在单点故障的可能性。 这可以通过如下的途径加以克服, 即客户网络可以通过 2个网络连接 2台网关, 以及 集中处理系统中的计算机间, 通过 2条链路, 连接 2台交换机等措施, 来实现网络的 高可靠性。 进一步, 可以通过 VRRP (虚拟路由器冗余协议)来支持高可靠性的实现。 对 C/S应用处理的高可靠性, 例如可以通过 VM的备份, 或者对 C/S应用处理实例进 行热备份等加以实现。 同样, 对于安全性, 可以通过将处理实例安排在不同的进程和 地址空间中, 而获得隔离, 并不影响到其他实例的实现。 另外, 有关集中处理系统中 的计算机, 可以组成集群系统, 保证高可靠性。 上述有关技术, 都是现有技术, 可以 直接加以引用。 需要说明的是, DHCP和 DNS是典型的 C/S应用,且一般的 C/S应用具有和 DHCP 和 DNS类似的处理结构, 只是针对具体的 C/S应用其处理的数据对象不同, 因此本发 明的方法, 可以推广到普遍的 C/S应用。 实施例四 图 6是根据本发明实施例四集中处理系统结构示意图, 如图 6所示, 包括收发子 系统 10和处理子系统 20, 收发子系统 10和处理子系统 20相连接。 其中, 收发子系统 10设置为接收来自不同客户网络的 C/S应用报文。处理子系统 20设置为对 C/S应用报文进行处理, 并通过收发子系统 10将处理结果返回至对应的 客户网络。 在本实施例中, 通过集中处理系统集中处理来自各个客户网络的 C/S应用, 解决 了 C/S应用服务器资源浪费的问题,进而达到了降低管理成本、提高管理效率的效果。 其中, 客户网络可以为企业网络, 在企业网络中设置业务代理, 例如 DHCP中继 或者代理; 集中处理系统位于外部网络, 通过使用一个公用的 IP地址来进行指定。 业 务代理将有关 C/S应用的报文统一发送到集中处理系统。 其中, 企业网络中的业务代理在所发送的 C/S应用报文中携带有关企业网络的网 络标识信息。 集中处理系统结合企业网络的出口 IP地址, 以及有关的属性类别, 例如 DHCP Option82, 可以区分不同的网络, 以实现不同的处理。 其中, 集中处理系统可以为集群系统或者分布式系统, 在集中处理系统可实现多 个 C/S处理实例, 分别实现对不同客户网络的 C/S应用的处理和管理工作, 同时保证 系统的高可用性。 其中, 集中处理系统可以支持进行不同 IP地址和不同网络的配置, 并可以实现对 不同网络之间的隔离。 这样不同处理能力和功能, 可以被分配到不同的网络中去, 既 可以实现所需要的功能, 同时也实现了网络的隔离。 其中, 集中处理系统可提供有关规划、 管理和统计工具, 满足集中处理的管理和 应用处理。 实施例五 图 7是根据本发明实施例五的集中处理系统结构示意图, 如图 7所示, 该集中处 理系统除包括收发子系统 10和处理子系统 20外, 还包括管理子系统 30。 其中, 管理子系统 30 设置为集中处理系统的性能监测和配置管理。 管理子系统 30的配置管理包括: C/S处理实例的 IP地址配置和数据的初始化。 其中, 收发子系统可以为网关, 该网关将不同客户网络和处理子系统相连接, 并 实现不同客户网络之间的隔离。 网关具有 L3交换功能和 /或 ACL功能, L3交换功能 包括: 支持 VLAN功能和实现不同 VLAN间的路由功能。 其中, 处理子系统为至少一台或者多台通过网络连接的 PC机、 PC服务器、 刀片 服务器, 或进一步, 由所述 PC机、 PC服务器, 或者刀片服务器, 组成的集群系统, 或者分布式系统。 通过本发明的上述各实施例, 采用客户服务器应用的集中处理, 节省了应用处理 的服务器资源, 从而降低总体成本, 提高实现效率, 并可以保证安全性。 显然, 本领域的技术人员应该明白, 上述的本发明的各模块或各步骤可以用通用 的计算装置来实现, 它们可以集中在单个的计算装置上, 或者分布在多个计算装置所 组成的网络上, 可选地, 它们可以用计算装置可执行的程序代码来实现, 从而, 可以 将它们存储在存储装置中由计算装置来执行, 并且在某些情况下, 可以以不同于此处 的顺序执行所示出或描述的步骤, 或者将它们分别制作成各个集成电路模块, 或者将 它们中的多个模块或步骤制作成单个集成电路模块来实现。 这样, 本发明不限制于任 何特定的硬件和软件结合。 以上所述仅为本发明的优选实施例而已, 并不用于限制本发明, 对于本领域的技 术人员来说, 本发明可以有各种更改和变化。 凡在本发明的精神和原则之内, 所作的 任何修改、 等同替换、 改进等, 均应包含在本发明的保护范围之内。 PC. Step S410 to step S414, the PC selects one of the plurality of DHCP providing information that may be returned, and sends the DHCP request information, obtains an IP address from the DHCP proxy, and performs a service connection (if the DHCP relay function is used, Then the relay needs to forward the relevant DHCP request to the relevant DHCP server to obtain the IP address allocation, so the flow is slightly different from FIG. 4B. Since this process is similar to the prior art, it will not be described in detail herein. In a specific implementation, different servers and networks can be distinguished by different IP addresses. And each IP address corresponds to a PC/server to implement the relevant processing functions. However, this method is the same as the case of deploying DHCP and DNS servers in different enterprise networks in the prior art, or using a separate computer for C/S application processing, and does not solve the problem of resource waste and sharing. At the same time, it brings further problems, such as the need for a large number of IP addresses, especially in the case of a large number of corporate networks. To this end, further optimization can be done on this basis: The same IP address can be used to correspond to the centralized processing system. This is the same as current load balancing, corresponding to an IP address, but its processing can be distributed to multiple computers. But there is a problem here, how to distinguish between different networks, because it is different from ordinary load balancing, here need to implement different processing for different user networks. To do this, in the DHCP relay or proxy, you need to add code information about the enterprise. In fact, it can be done by different IP addresses. The distinction between networks, especially after passing NAT. Also, further setup work is required. For example, for a DHCP server, the service provider and the user need a contract, so that there is no counterfeiting, and further information can be obtained to authenticate the user. DHCP Option 82 can also be used to carry customer-related information about DHCP relay or proxy information. The DHCP server determines which enterprise the DHCP request comes from through the DHCP relay or proxy of the enterprise network and the information of the additional DHCP Option 82, and sends it to the corresponding processing process for processing, and returns the processing result. In this way, the problem of network differentiation, that is, service isolation, is first solved. Encrypted transmission can also be performed to further obtain higher security. Centralized processing requires virtualization of the processing process for different user processing requirements. Specifically, there are multiple copies of the DHCP processed function in the centralized processing system, or processing instances. Or there is a DHCP processing context (CONTEXT) for each enterprise network, including information about the initial configuration and related processing status, mainly the allocation information of the IP address, and related time information. The specific functions include: on the one hand, the processing of the application is required, which is an external operation; at the same time, the management operation is also completed, for example, the time is refreshed, and at some critical time points, notification or refresh is required. The transmission of messages, etc., are all conventional operations of DHPC processing and are prior art and will not be further described in the present invention. The association between the specific customer network and the processing instance, the Option 82 information sent by the DHCP relay or the proxy, and the related IP address information, and the subscription information, etc., first realize the identification of the customer network, and further process the processing instance of the relevant customer network. Linked up. The centralized processing system realizes the related function processing by realizing the connection with the customer network through the IP network. Centralized processing system, provides some configuration management, statistics and planning tools, supports function planning and statistics, and provides related management tools to support centralized processing and related management tasks, such as configuring IP address for DHCP processing instances. And initialization of data, etc. In order to ensure high availability of processing functions, the centralized processing system can be implemented in a high-performance PC, or a PC server, or a cluster of blade servers. Of course, it can also be implemented as a distributed system with high reliability, and further Process instances for hot backups for high availability. Embodiment 3 FIG. 5 is a network structure diagram of a C/S application according to Embodiment 3 of the present invention. As shown in FIG. 5, the centralized processing system is a network system composed of one or more PCs, or a PC server, or a blade server, connected by an Ethernet switch (or a network composed of multiple switches), and can be Further forming a PC Or server clusters or distributed systems to improve system reliability. The centralized processing system also includes a gateway, which is configured to connect different customer networks, and a management subsystem to implement management of the centralized processing system. Although a method of implementing centralized DHCP processing is provided in the second embodiment. However, this is somewhat inconsistent with the general network deployment experience, that is, the internal network's DNS and DHCP servers should be deployed inside the network, using internal network addresses instead of being exposed to external networks. To this end, in the present embodiment, another processing method is provided, which is similar to the prior art in which the related server is separately deployed in each enterprise network, and meets the experience requirements of the user network deployment and the security requirements of the network isolation. The specific implementation method is: by virtualizing the computing resources in the centralized processing system into multiple virtual machines (VMs), and depending on the processing capability, it may also be an independent host. For each VM, or host, independent IP address configuration can be performed, and further divided into different subnets (corresponding to different customer networks), possibly including multiple VMs or hosts in one subnet, and the IP address is The address in the corresponding customer network. This allows the client's network administrator to independently install and manage DHCP, and/or DNS servers. For specific network division, you can establish independent tunnels between the customer network and the gateway, for example, through VLAN configuration on the interface (called external VLAN) to isolate different customer networks on the gateway. Further, the gateway further uses Q-in-Q (multi-layer VLAN) technology by centrally processing tunnels in the system network, such as VLANs (referred to as internal VLANs), or when 12-bit VLAN identification is insufficient. The same applies to external VLANs) to connect to the VM and to associate the external VLAN with the internal VLAN. This enables the central processing of the association between the VM and the client network, which is actually related to the VM and the client. The network forms a network to handle the processing of C/S functions. Further, the security function of the network can be enhanced by opening an ACL (Access Control List) function through a gateway or a device on the client network side connected to the gateway. The gateway has: L3 switching function and / or ACL function. The L3 switching functions include but are not limited to: VLAN functions and routing functions between different VLANs. The planning of the processing power of a specific VM can be realized by a management subsystem in the centralized processing system. Specifically, the management subsystem can accept the processing requirements of the client's C/S application, including the number of VMs, the capabilities of the VM, the specific C/S functions, and the like; further, the management subsystem can check according to requirements. Centralize the processing power in the system to meet the demand, and return the result to the customer if the demand is met. Further, the association between the VM and the customer network can be realized through an automatic or manual configuration. In the virtual machine implementation case, due to the computing power of the centralized processing system, it is still divided into independent computers and distributed to each customer network. Therefore, there may still be waste of resources, or installation and management overhead. Larger, can be further optimized. Specifically, in a centralized processing system, running a set of soft The system, including the main program and different instances of DHCP and DNS processing, is handled by different processes, or threads. Different instances of different DHCP and DNS servers include related address allocation table information, as well as DNS mapping information. Due to the real-time nature of DHCP and DNS, it may not be very strong, or it may require relatively timely processing. The processing capability and setting related processing performance parameters, such as the processing response time, may be appropriately configured. Specifically, different processing instances need to be differentiated according to the customer network of the service. Specifically, it can be distinguished by the names of different instances. The specific processing example, the association with the customer network, can be achieved through a specific network connection. Specifically, the customer network is connected to the physical interface of a specific computer system of the centralized processing system through the gateway and the internal interface of the gateway, and is associated with the corresponding processing instance through the interface, or further, may be a sub-interface, The interface or the packet sent from the sub-interface is forwarded to the corresponding processing instance. Process the results, returning to the customer network from the same path. In the case of centralized processing of C/S applications through different processing instances, the management subsystem accepts the client's processing request and names it. Further, the management subsystem provides an interface interface to the client, and the client can perform further configuration through the interface, such as an IP address, data initialization of the C/S application, and the like. It should be further explained that, in Figure 5, there may be a possibility of a single point of failure for the relevant network connection. This can be overcome by the following methods: the customer network can connect two gateways through two networks, and centrally process the computers in the system, connect two switches through two links, and so on, to achieve high network reliability. Sex. Further, high reliability implementation can be supported by VRRP (Virtual Router Redundancy Protocol). The high reliability of the C/S application processing can be realized, for example, by backup of the VM or by performing hot backup of the C/S application processing instance. Similarly, for security, isolation can be achieved by arranging processing instances in different processes and address spaces without affecting the implementation of other instances. In addition, the computers in the centralized processing system can form a cluster system to ensure high reliability. The above related technologies are all prior art and can be directly cited. It should be noted that DHCP and DNS are typical C/S applications, and the general C/S application has a processing structure similar to that of DHCP and DNS, but the data objects processed by the specific C/S application are different, so this The inventive method can be extended to popular C/S applications. Embodiment 4 FIG. 6 is a schematic structural diagram of a four-concentration processing system according to an embodiment of the present invention. As shown in FIG. 6, the transceiver subsystem 10 and the processing subsystem 20 are included, and the transceiver subsystem 10 and the processing subsystem 20 are connected. The transceiver subsystem 10 is configured to receive C/S application messages from different customer networks. The processing subsystem 20 is configured to process the C/S application message and return the processing result to the corresponding customer network through the transceiver subsystem 10. In this embodiment, the centralized processing system centrally processes the C/S application from each customer network, and solves the problem of waste of C/S application server resources, thereby achieving the effects of reducing management costs and improving management efficiency. The customer network may be an enterprise network, and a service agent, such as a DHCP relay or proxy, is set in the enterprise network; the centralized processing system is located on the external network, and is specified by using a public IP address. The service agent uniformly sends the message about the C/S application to the centralized processing system. The service proxy in the enterprise network carries the network identifier information about the enterprise network in the C/S application packet that is sent. The centralized processing system combines the egress IP address of the enterprise network and related attribute categories, such as DHCP Option 82, to distinguish different networks to implement different processing. The centralized processing system can be a cluster system or a distributed system. In the centralized processing system, multiple C/S processing instances can be implemented to implement processing and management of C/S applications of different customer networks, and at the same time ensure high system. Availability. The centralized processing system can support different IP addresses and different network configurations, and can achieve isolation between different networks. Such different processing capabilities and functions can be assigned to different networks, which can achieve the required functions and also achieve network isolation. Among them, the centralized processing system can provide planning, management and statistical tools to meet the centralized management and application processing. Embodiment 5 FIG. 7 is a schematic structural diagram of a centralized processing system according to Embodiment 5 of the present invention. As shown in FIG. 7, the centralized processing system includes a management subsystem 30 in addition to the transceiver subsystem 10 and the processing subsystem 20. The management subsystem 30 is configured to perform performance monitoring and configuration management of the centralized processing system. The configuration management of the management subsystem 30 includes: IP address configuration of the C/S processing instance and initialization of the data. The transceiver subsystem can be a gateway that connects different customer networks and processing subsystems and implements isolation between different customer networks. The gateway has L3 switching and/or ACL functions. The L3 switching function includes: Supports VLAN functions and implements routing between different VLANs. The processing subsystem is at least one or more PCs, PC servers, blade servers connected through a network, or further, a cluster system composed of the PC, a PC server, or a blade server, or a distributed system. . Through the above embodiments of the present invention, the centralized processing of the client server application saves the server resources of the application processing, thereby reducing the overall cost, improving the implementation efficiency, and ensuring security. Obviously, those skilled in the art should understand that the above modules or steps of the present invention can be implemented by a general-purpose computing device, which can be concentrated on a single computing device or distributed over a network composed of multiple computing devices. Alternatively, they may be implemented by program code executable by the computing device, such that they may be stored in the storage device by the computing device and, in some cases, may be different from the order herein. The steps shown or described are performed, or they are separately fabricated into individual integrated circuit modules, or a plurality of modules or steps are fabricated as a single integrated circuit module. Thus, the invention is not limited to any specific combination of hardware and software. The above is only the preferred embodiment of the present invention, and is not intended to limit the present invention, and various modifications and changes can be made to the present invention. Any modifications, equivalent substitutions, improvements, etc. made within the spirit and scope of the present invention are intended to be included within the scope of the present invention.

Claims

权 利 要 求 书 Claim
1. 一种客户 /服务器 C/S应用的处理方法, 包括: 1. A client/server C/S application processing method, including:
集中处理系统接收来自不同客户网络的 C/S应用报文;  The centralized processing system receives C/S application messages from different customer networks;
所述集中处理系统对所述 C/S应用报文进行处理并返回结果至对应的所述 客户网络。  The centralized processing system processes the C/S application message and returns the result to the corresponding client network.
2. 根据权利要求 1所述的方法, 其中, 所述集中处理系统包括: 2. The method according to claim 1, wherein the centralized processing system comprises:
处理子系统, 设置为对所述 C/S应用报文进行处理;  Processing a subsystem, configured to process the C/S application message;
网关, 设置为接收所述 C/S应用报文并将所述 C/S应用报文的处理结果返 回至对应的所述客户网络, 其中, 所述网关将所述不同客户网络和所述处理子 系统相连接, 并实现所述不同客户网络之间的隔离;  a gateway, configured to receive the C/S application message and return the processing result of the C/S application message to the corresponding client network, where the gateway uses the different customer network and the processing The subsystems are connected and implement isolation between the different customer networks;
管理子系统, 设置为所述集中处理系统的性能监测和配置管理。  The management subsystem is set to perform performance monitoring and configuration management of the centralized processing system.
3. 根据权利要求 2所述的方法, 其中, 所述处理子系统为以下之一: 3. The method according to claim 2, wherein the processing subsystem is one of the following:
PC机、 PC服务器、 刀片服务器、 由 PC机/ PC服务器 /刀片服务器组成的 集群系统、 由 PC机/ PC服务器 /刀片服务器组成的分布式系统。  PC, PC server, blade server, cluster system consisting of PC/PC server/blade server, distributed system consisting of PC/PC server/blade server.
4. 根据权利要求 2所述的方法, 其中, 所述处理子系统包括: 4. The method according to claim 2, wherein the processing subsystem comprises:
C/S集中处理功能模块, 包括多个 C/S应用处理实例, 不同的所述 C/S应 用处理实例分别实现对来自不同客户网络的 C/S应用报文的处理, 所述不同客 户网络与所述 C/S应用处理实例之间通过所述网关进行关联; 其中, 所述多个 C/S应用处理实例为独立的 C/S应用处理进程或者线程。  The C/S centralized processing function module includes multiple C/S application processing instances, and the different C/S application processing instances respectively implement processing of C/S application messages from different customer networks, the different customer networks. Associated with the C/S application processing instance by the gateway; wherein the multiple C/S application processing instances are independent C/S application processing processes or threads.
5. 根据权利要求 2所述的方法, 其中, 所述管理子系统的配置管理包括: C/S处 理实例的 IP地址配置和数据的初始化。 The method according to claim 2, wherein the configuration management of the management subsystem comprises: an IP address configuration of the C/S processing instance and initialization of data.
6. 根据权利要求 4所述的方法, 其中, 所述网关通过不同的外部物理接口或者子 接口接收所述不同客户网络的 C/S应用报文, 通过内部接口来实现到 C/S处理 实例的对应; 所述内部接口为所述网关连接所述集中处理系统的物理接口或者 子接口, 所述物理接口或者子接口通过以下之一来进行标识和区分: The method according to claim 4, wherein the gateway receives the C/S application message of the different customer network through different external physical interfaces or sub-interfaces, and implements the C/S processing instance through the internal interface. Corresponding to: the internal interface is a physical interface or a sub-interface of the centralized processing system, and the physical interface or sub-interface is identified and distinguished by one of the following:
虚拟局域网 VLAN、 Q-in-Q。 Virtual LAN VLAN, Q-in-Q.
7. 根据权利要求 2所述的方法,其中,所述网关具有 L3交换功能和 /或 ACL功能, 所述 L3交换功能包括: 支持 VLAN功能和实现不同 VLAN间的路由功能。 The method according to claim 2, wherein the gateway has an L3 switching function and/or an ACL function, and the L3 switching function comprises: supporting a VLAN function and implementing a routing function between different VLANs.
8. 根据权利要求 2所述的方法, 其中, 所述处理子系统为虚拟化的多个虚拟机, 每个所述虚拟机划分到不同的所述客户网络中, 通过在所述虚拟机中安装所述 C/S应用处理程序对所述不同客户网络的 C/S应用报文进行处理。 8. The method according to claim 2, wherein the processing subsystem is a plurality of virtualized virtual machines, each of the virtual machines being divided into different customer networks, by being in the virtual machine The C/S application processing program is installed to process C/S application messages of the different customer networks.
9. 根据权利要求 1所述的方法, 其中, 所述集中处理系统位于所述客户网络之外 的外部网络, 并且具有公用的 IP地址; 所述客户网络通过中继或者代理将所述 C/S应用报文转发至所述集中处理系统; 所述 C/S应用报文中携带有用于标识 所述客户网络的网络标识信息; 所述集中处理系统, 通过 C/S应用处理实例实 现对所述不同客户网络的所述 C/S应用的处理。 9. The method according to claim 1, wherein the centralized processing system is located in an external network outside the customer network and has a public IP address; the customer network passes the C/ by relay or proxy The S application message is forwarded to the centralized processing system; the C/S application message carries network identification information for identifying the customer network; and the centralized processing system implements a solution through a C/S application processing instance. The processing of the C/S application of different customer networks.
10. 根据权利要求 1至 9任一项所述的方法, 其中, 所述 C/S应用包括: DHCP和 /DNS应用, 所述集中处理系统包括: DHCP和/ DNS服务器; 所述客户网络为 企业网络或者子网。 The method according to any one of claims 1 to 9, wherein the C/S application comprises: a DHCP and/or DNS application, the centralized processing system comprises: a DHCP and/or a DNS server; Enterprise network or subnet.
11. 一种集中处理系统, 包括收发子系统和处理子系统, 其中 11. A centralized processing system comprising a transceiver subsystem and a processing subsystem, wherein
所述收发子系统, 设置为接收来自不同客户网络的 C/S应用报文; 处理子系统, 设置为对所述 C/S应用报文进行处理, 并通过所述收发子系 统将处理结果返回至对应的所述客户网络。  The transceiver subsystem is configured to receive C/S application messages from different customer networks; the processing subsystem is configured to process the C/S application messages, and return the processing result through the transceiver subsystem To the corresponding customer network.
12. 根据权利要求 11所述的系统, 其中, 所述收发子系统为网关, 所述网关将所述 不同客户网络和所述处理子系统相连接,并实现所述不同客户网络之间的隔离。 12. The system according to claim 11, wherein the transceiver subsystem is a gateway, the gateway connects the different customer networks and the processing subsystem, and implements isolation between the different customer networks. .
13. 根据权利要求 12所述的系统, 其中, 还包括: 13. The system according to claim 12, further comprising:
管理子系统, 设置为所述集中处理系统的性能监测和配置管理。  The management subsystem is set to perform performance monitoring and configuration management of the centralized processing system.
14. 根据权利要求 12所述的系统, 其中, 所述处理子系统为以下之一: 14. The system of claim 12, wherein the processing subsystem is one of:
PC机、 PC服务器、 刀片服务器、 由 PC机/ PC服务器 /刀片服务器组成的 集群系统、 由 PC机/ PC服务器 /刀片服务器组成的分布式系统。  PC, PC server, blade server, cluster system consisting of PC/PC server/blade server, distributed system consisting of PC/PC server/blade server.
15. 根据权利要求 12所述的系统, 其中, 所述处理子系统包括: 15. The system of claim 12, wherein the processing subsystem comprises:
C/S集中处理功能模块, 包括多个 C/S应用处理实例, 不同的所述 C/S应 用处理实例分别实现对来自不同客户网络的 C/S应用报文的处理, 所述不同客 户网络与所述 C/S应用处理实例之间通过所述网关进行关联; 其中, 所述多个The C/S centralized processing function module includes a plurality of C/S application processing instances, and the different C/S application processing instances respectively implement processing of C/S application messages from different customer networks, where the different users The association between the user network and the C/S application processing instance is performed by the gateway; wherein, the multiple
C/S应用处理实例为独立的 C/S应用处理进程或者线程。 The C/S application processing instance is a separate C/S application processing process or thread.
16. 根据权利要求 13所述的系统, 其中, 所述管理子系统的配置管理包括: C/S处 理实例的 IP地址配置和数据的初始化。 16. The system according to claim 13, wherein the configuration management of the management subsystem comprises: an IP address configuration of the C/S processing instance and initialization of data.
17. 根据权利要求 15所述的系统,其中,所述网关通过不同的外部物理接口或者子 接口接收所述不同客户网络的 C/S应用报文, 通过内部接口来实现到 C/S处理 实例的对应; 所述内部接口为所述网关连接所述集中处理系统的物理接口或者 子接口, 所述物理接口或者子接口通过以下之一来进行标识和区分: The system according to claim 15, wherein the gateway receives C/S application messages of the different customer networks through different external physical interfaces or sub-interfaces, and implements a C/S processing instance through an internal interface. Corresponding to: the internal interface is a physical interface or a sub-interface of the centralized processing system, and the physical interface or sub-interface is identified and distinguished by one of the following:
VLAN Q-in-Q。  VLAN Q-in-Q.
18. 根据权利要求 12所述的系统, 其中, 所述网关具有 L3交换功能和 /或 ACL功 能,所述 L3交换功能包括:支持 VLAN功能和实现不同 VLAN间的路由功能。 The system according to claim 12, wherein the gateway has an L3 switching function and/or an ACL function, and the L3 switching function includes: supporting a VLAN function and implementing a routing function between different VLANs.
19. 根据权利要求 12所述的系统, 其中, 所述处理子系统为虚拟化的多个虚拟机, 每个所述虚拟机划分到不同的所述客户网络中, 通过在所述虚拟机中安装所述 C/S应用处理程序对所述不同客户网络的 C/S应用报文进行处理。 19. The system according to claim 12, wherein the processing subsystem is a plurality of virtualized virtual machines, each of the virtual machines being divided into different customer networks, by being in the virtual machine The C/S application processing program is installed to process C/S application messages of the different customer networks.
20. 根据权利要求 11所述的系统,其中,所述集中处理系统位于所述客户网络之外 的外部网络, 并且具有公用的 IP地址; 所述客户网络通过中继或者代理将所述 C/S应用报文转发至所述集中处理系统; 所述 C/S应用报文中携带有用于标识 所述客户网络的网络标识信息; 所述集中处理系统, 通过 C/S应用处理实例实 现对所述不同客户网络的所述 C/S应用的处理。 20. The system of claim 11, wherein the centralized processing system is located outside of the customer network and has a common IP address; the customer network relays the C/ by proxy or proxy The S application message is forwarded to the centralized processing system; the C/S application message carries network identification information for identifying the customer network; and the centralized processing system implements a solution through a C/S application processing instance. The processing of the C/S application of different customer networks.
PCT/CN2012/075678 2011-06-16 2012-05-17 Processing method and centralized processing system for client/server application WO2012171427A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201110162603.8A CN102833217B (en) 2011-06-16 2011-06-16 The processing method and centralized processing system of client/server application
CN201110162603.8 2011-06-16

Publications (1)

Publication Number Publication Date
WO2012171427A1 true WO2012171427A1 (en) 2012-12-20

Family

ID=47336190

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2012/075678 WO2012171427A1 (en) 2011-06-16 2012-05-17 Processing method and centralized processing system for client/server application

Country Status (2)

Country Link
CN (1) CN102833217B (en)
WO (1) WO2012171427A1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11233778B2 (en) * 2018-08-15 2022-01-25 Juniper Networks, Inc. Secure forwarding of tenant workloads in virtual networks
US11329966B2 (en) 2018-08-15 2022-05-10 Juniper Networks, Inc. System and method for transferring packets between kernel modules in different network stacks

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103475699A (en) * 2013-08-27 2013-12-25 北京创毅讯联科技股份有限公司 Enterprise network agent device and method for enterprise network to communicate with public network
CN104780017B (en) * 2014-01-10 2018-07-24 中国移动通信集团公司 A kind of data processing method and device
CN106354507A (en) * 2016-08-30 2017-01-25 江苏车置宝信息科技股份有限公司 Enterprise-level application management system and method for operating same

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1777156A (en) * 2005-11-30 2006-05-24 北京邮电大学 Gateway for next-generation network, dynamic extending, and open interface technology
CN101227428A (en) * 2008-01-30 2008-07-23 中兴通讯股份有限公司 Application server and remote control method thereof
CN101741850A (en) * 2009-12-25 2010-06-16 北京邮电大学 Multitask concurrent executive system and method for hybrid network service

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101527740B (en) * 2009-05-05 2011-08-03 杭州华三通信技术有限公司 Dynamic address allocation method, device and system thereof

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1777156A (en) * 2005-11-30 2006-05-24 北京邮电大学 Gateway for next-generation network, dynamic extending, and open interface technology
CN101227428A (en) * 2008-01-30 2008-07-23 中兴通讯股份有限公司 Application server and remote control method thereof
CN101741850A (en) * 2009-12-25 2010-06-16 北京邮电大学 Multitask concurrent executive system and method for hybrid network service

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11233778B2 (en) * 2018-08-15 2022-01-25 Juniper Networks, Inc. Secure forwarding of tenant workloads in virtual networks
US11329966B2 (en) 2018-08-15 2022-05-10 Juniper Networks, Inc. System and method for transferring packets between kernel modules in different network stacks

Also Published As

Publication number Publication date
CN102833217A (en) 2012-12-19
CN102833217B (en) 2017-09-15

Similar Documents

Publication Publication Date Title
US9614748B1 (en) Multitenant data center providing virtual computing services
US10148500B2 (en) User-configured on-demand virtual layer-2 network for Infrastructure-as-a-Service (IaaS) on a hybrid cloud network
US8331362B2 (en) Methods and apparatus for distributed dynamic network provisioning
US8565118B2 (en) Methods and apparatus for distributed dynamic network provisioning
US8335841B2 (en) Logical networks
US9485147B2 (en) Method and device thereof for automatically finding and configuring virtual network
JP5953421B2 (en) Management method of tenant network configuration in virtual server and non-virtual server mixed environment
US8959185B2 (en) Multitenant server for virtual networks within datacenter
EP2725737B1 (en) Network policy configuration method, management device and network management centre device
US8488446B1 (en) Managing failure behavior for computing nodes of provided computer networks
US20150058463A1 (en) Proxy methods for suppressing broadcast traffic in a network
US20100214949A1 (en) Distributed data center access switch
WO2015096737A1 (en) Method, apparatus and system for controlling auto-provisioning of network device
US20220200821A1 (en) Resilient zero touch provisioning
US10771309B1 (en) Border gateway protocol routing configuration
WO2015150756A1 (en) Data center networks
EP3788772B1 (en) On-node dhcp implementation for virtual machines
WO2012171427A1 (en) Processing method and centralized processing system for client/server application
Wolinsky et al. On the design of scalable, self-configuring virtual networks
US10924397B2 (en) Multi-VRF and multi-service insertion on edge gateway virtual machines
WO2012087263A1 (en) Dns forwarder for multi-core platforms
US20210352004A1 (en) Multi-vrf and multi-service insertion on edge gateway virtual machines
CA2736956C (en) Network management system using management addresses
JP2011239082A (en) Communication apparatus and address conversion method
Wolinsky et al. Towards a uniform self-configuring virtual private network for workstations and clusters in grid computing

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 12800668

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 12800668

Country of ref document: EP

Kind code of ref document: A1