WO2017054447A1 - Network communication method, device, and network attached storage device - Google Patents

Network communication method, device, and network attached storage device Download PDF

Info

Publication number
WO2017054447A1
WO2017054447A1 PCT/CN2016/080671 CN2016080671W WO2017054447A1 WO 2017054447 A1 WO2017054447 A1 WO 2017054447A1 CN 2016080671 W CN2016080671 W CN 2016080671W WO 2017054447 A1 WO2017054447 A1 WO 2017054447A1
Authority
WO
WIPO (PCT)
Prior art keywords
agent
communication party
data
application
communication
Prior art date
Application number
PCT/CN2016/080671
Other languages
French (fr)
Chinese (zh)
Inventor
张日和
陈冠波
Original Assignee
深圳市先河系统技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 深圳市先河系统技术有限公司 filed Critical 深圳市先河系统技术有限公司
Publication of WO2017054447A1 publication Critical patent/WO2017054447A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/104Peer-to-peer [P2P] networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L65/00Network arrangements, protocols or services for supporting real-time applications in data packet communication
    • H04L65/40Support for services or applications
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1097Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/14Session management

Definitions

  • the present invention relates to communication technologies, and in particular, to a network communication method, device, and network attached storage device.
  • P2P peer to Peer, peer-to-peer network technology makes full use of the capabilities of each computer in the network to provide services to each other.
  • Each computer can act as a requester for network services and respond to requests from other computers, providing resources and services.
  • the present invention proposes a network communication method.
  • the network communication method includes: establishing a P2P penetration connection between a first agent of the first communication party and a second agent of the second communication party; the first application of the first communication party sends the first data to the first a second agent of the second communicating party; the second agent of the second communicating party receives the first data, and sends the first data to the corresponding second application; wherein the first agent is independent of the first application, and the second agent is independent of the first agent
  • the second application, the first agent and the second agent are both transparent to the corresponding first application and the second application.
  • the step of the first application of the first communication party sending the first data to the second agent of the second communication party by using the first agent includes: sending, by the first application of the first communication party, the first data to the first communication party The first loopback port; the first agent of the first correspondent obtains the first data from the first loopback port and sends the first data to the second agent of the second party.
  • the step of the second agent of the second communication party receiving the first data and sending the first data to the corresponding second application comprises: after the second agent of the second communication party receives the first data, sending the first data Go to the second loopback port of the second correspondent party; the corresponding second application of the second correspondent party obtains the first data from the second loopback port.
  • the second application of the second communication party sends the second data to another second loopback port of the second communication party after obtaining the first data; the second proxy of the second communication party is from another second The loopback port obtains the second data and sends it to the first agent of the first correspondent party.
  • the step of establishing a P2P penetration connection between the first agent of the first communication party and the second agent of the second communication party means: setting the first agent and setting in the data link layer of the first communication party
  • a P2P penetration connection is established between the second agents of the data link layer of the two communicating parties.
  • the step of establishing a P2P penetration connection between the first agent of the first communication party and the second agent of the second communication party includes: the first agent of the first communication party sends a first connection request to the server, the first connection request The address and port information of the first communication party are further included, and the information of the second communication party that is the opposite end of the connection to be established is included; the server receives the first connection request, and sends the address and port information of the first communication party to the second communication party.
  • the second agent sends the address and port information of the second communication party to the first agent of the first communication party, and the address and port information of the first communication party and the second communication party are pre-stored in the server; the second communication The second agent of the party sends a second connection request to the first communication party by using the address and port information of the first communication party, and the second connection request is rejected by the network address translation NAT of the first communication party side, and the network of the second communication party side
  • the address translation saves the address and port of the first communication party; the first agent of the first communication party initiates a third connection request to the second communication party, and the network address translation root of the second communication party side And saving the first communication party's address and port to pass the third request; the second communication party's second agent receives the third connection request to establish the first agent of the first communication party and the second agent of the second communication party P2P penetration connection between.
  • the first communicating party is a private cloud server
  • the second communicating party is another network node outside the internal network where the private cloud server is located, or vice versa.
  • the present invention proposes a network communication method.
  • the network communication method includes: establishing a P2P penetration connection between a first agent of the first communication party and a second agent of the second communication party; the first application of the first communication party sends the first data to the first a second agent of the second communicating party, so that the second agent of the second communicating party receives the first data, and sends the first data to the corresponding second application; wherein the first agent is independent of the first application, the second agent Independent of the second application, the first agent and the second agent are both transparent to the corresponding first application and the second application.
  • the step of the first application of the first communication party sending the first data to the second agent of the second communication party by using the first agent includes: sending, by the first application of the first communication party, the first data to the first communication party The first loopback port; the first agent of the first correspondent obtains the first data from the first loopback port and sends the first data to the second agent of the second party.
  • the first agent of the first communicating party receives the second data sent from the second agent of the second communicating party; the first agent of the first communicating party sends the second data to the other first of the first communicating party Loopback port; the first application of the first correspondent obtains the second data from the other first loopback port.
  • the step of establishing a P2P penetration connection between the first agent of the first communication party and the second agent of the second communication party means: setting the first agent and setting in the data link layer of the first communication party
  • a P2P penetration connection is established between the second agents of the data link layer of the two communicating parties.
  • the step of establishing a P2P penetration connection between the first agent of the first communication party and the second agent of the second communication party includes: the first agent of the first communication party sends a first connection request to the server, the first connection request The address and port information of the first communication party are further included, and the information of the second communication party that is the opposite end of the connection to be established is included; the server receives the first connection request, and sends the address and port information of the first communication party to the second communication party.
  • the second agent sends the address and port information of the second communication party to the first agent of the first communication party, and the address and port information of the first communication party and the second communication party are pre-stored in the server; the second communication The second agent of the party sends a second connection request to the first communication party by using the address and port information of the first communication party, and the second connection request is rejected by the network address translation of the first communication party side, and the network address of the second communication party side
  • the conversion saves the address and port of the first communication party; the first agent of the first communication party initiates a third connection request to the second communication party, and the network address translation of the second communication party side is based on And storing a third connection request by the second agent of the second communication party; the second agent of the second communication party is configured to establish a first agent of the first communication party and a second agent of the second communication party P2P penetration connection between.
  • the first communication party is a private cloud server, or another network node outside the internal network where the private cloud server is located.
  • the present invention proposes an apparatus.
  • the device includes: a processor and a network communication circuit; the processor is configured to run the first agent to establish a P2P penetration connection between the network communication circuit and the second agent of the opposite end; the processor is further configured to run the first application to pass
  • the first agent outputs the first data to the network communication circuit, and the network communication circuit sends the first data to the second agent of the opposite end, so that the second agent of the opposite end receives the first data, and sends the first data to the corresponding first
  • the application is independent of the first application, the second agent is independent of the second application, and the first agent and the second agent are both transparent to the corresponding first application and the second application.
  • the processor is specifically configured to run the first application to send the first data to the first loopback port, and then run the first proxy to obtain the first data from the first loopback port, and output the data to the network communication circuit to implement
  • the first application is controlled to output the first data to the network communication circuit through the first agent.
  • processor is further configured to run the first agent to receive the second data sent from the second agent of the peer end through the network communication circuit, and then run the first agent to send the second data to the other first loopback port, The first application is then run to obtain second data from another first loopback port.
  • the device is a private cloud server or another network node outside the internal network where the private cloud server is located.
  • the network attached storage device includes: a processor, a hard disk, and a routing circuit, wherein the hard disk and the routing circuit are respectively connected to the processor; the processor is configured to run the first agent to establish a P2P penetration connection between the routing circuit and the second agent of the peer end; The processor is further configured to run the first application to output the first data to the routing circuit by using the first proxy, and the routing circuit sends the first data to the second proxy of the peer end, so that the second proxy of the peer end receives the first data, And sending the first data to the corresponding second application; wherein the first agent is independent of the first application, the second agent is independent of the second application, and the first agent and the second agent are both for the corresponding first application and the second Application transparency.
  • the invention has the beneficial effects that: P2P connections are established between devices running on different intranets through independently running agents, and applications on different devices send and receive data through the proxy, so that the application can establish with other network nodes through the proxy without modifying the code. P2P connection saves system resources.
  • FIG. 1 is a flow chart of implementing network communication in an embodiment of a network communication method according to the present invention
  • FIG. 2 is a flow chart of transmitting data by a second communication party in a first communication direction according to an embodiment of the network communication method of the present invention
  • FIG. 3 is a flow chart of transmitting data by a first communication party in a second communication direction according to an embodiment of the network communication method of the present invention
  • FIG. 4 is a schematic diagram of establishing a P2P penetration connection in an embodiment of a network communication method according to the present invention
  • Figure 5 is a schematic view of an embodiment of the apparatus of the present invention.
  • Figure 6 is a schematic illustration of the use of two loopback ports in one embodiment of the apparatus of the present invention.
  • FIG. 7 is a schematic structural diagram of an embodiment of a network attached storage device according to the present invention.
  • the first embodiment of the network communication method of the present invention includes:
  • the first agent is independent of the first application
  • the second agent is independent of the second application
  • the first agent and the second agent are both transparent to the corresponding first application and the second application.
  • the first agent and the second agent are independent running programs, which are bridges and mediations for P2P penetration between the various programs of the machine and other devices. Of course, it can also be understood as a communication interface.
  • the programs of the first agent and the second agent can be designed according to requirements, the local system environment, and the like.
  • the first agent and the second agent may be called by the native program to establish a P2P connection with the agent on the other device, and provide transparent data distribution and reception for the native application; the first communication party and the second communication party may be in two Different intranets can also be in the intranet and one on the public network.
  • Establishing a P2P connection means that different devices are connected and establish a peer-to-peer P2P network.
  • devices connected to each other are in an equal position, with no master or slave.
  • Each device in the network can act as both a requester for the network service and a request to other computers, providing resources, services, and content for direct access by other computers in the network without going through intermediate entities.
  • the first application of the first communication party sends the first data to the second agent of the second communication party by using the first proxy.
  • the first data may be a communication request, text information, a web page, an audio and video media, a file, etc., and the transfer between different devices is performed by an agent.
  • the second agent of the second communication party receives the first data, and sends the first data to the corresponding second application.
  • the second application of the second communication party receives the first data, and completes a process in which the first application of the first communication party sends the first data to the second application of the second communication party.
  • P2P connections are not established between devices of the same intranet through independently running agents, and applications on different devices send and receive data through the proxy, so that the application can pass the proxy and other devices without modifying the code.
  • P2P data transmission is performed to save system resources.
  • a second embodiment of the network communication method of the present invention includes:
  • the first agent of the first communication party establishes a P2P penetration connection with the second agent of the second communication party.
  • the first application of the first communication party sends the first data to the first loopback port of the first communication party.
  • the first agent of the first communication party obtains the first data from the first loopback port, and sends the first data to the second agent of the second communication party;
  • the second proxy of the second communication party After receiving the first data, the second proxy of the second communication party sends the first data to the second loopback port of the second communication party.
  • the corresponding second application of the second communication party obtains the first data from the second loopback port, and completes the first communication direction to send data to the second communication party.
  • the loopback port is a virtual port on the device.
  • the address range is 127.0.0.1 to 127.255.255.254.
  • the data sent to the loopback port does not pass through the external network interface.
  • the agent on each device completes the reception and transmission of data with the native application through the local loopback port.
  • the first application of the first communication party sends the first data to the corresponding second application of the second communication party (refer to the first embodiment or the second
  • the description of the embodiment includes the following steps:
  • the second application of the second communication party sends the second data to another second loopback port of the second communication party.
  • the second data may be feedback information, text information, audio and video media, files, etc., sent by the second application.
  • the second agent of the second communication party obtains the second data from another second loopback port, and sends the second data to the first agent of the first communication party;
  • Another second loopback port is used by the application of the second communication party to send data to the second agent, using an address different from the second loopback port address used by the application of the second party in the second embodiment to receive data in the second embodiment.
  • the first agent of the first communication party sends the second data and sends it to another first loopback port of the first communication party;
  • the other first loopback port is used by the application of the first correspondent party to receive data from the first proxy, using an address different from the first loopback port address used by the application of the first correspondent party in the second embodiment to transmit data.
  • the first application of the first communication party obtains the second data from another first loopback port.
  • the first application of the first communication party After the first application of the first communication party sends the first data to the second application of the second communication party, the first application of the second communication party receives the second data returned by the second application of the second communication party, and implements P2P data mutual data. transmission.
  • the address of the second loopback port and the second second loopback port used by the first communication party and the first loopback port used by the first communication party may be the same or different. If at least two applications of the first communication party are simultaneously connected to the application in the second communication party, each application sends data to the first proxy through the first loopback port, and from the first loopback port through the first The agent receives the data returned by the second communicating party and vice versa.
  • the first communication party can establish a P2P connection with multiple network nodes at the same time, each connection occupies two loopback ports for data reception and transmission between the application and the proxy, and the loopback port address used by different connections. Different.
  • the case where the second communication party establishes a P2P connection with multiple network nodes can be introduced.
  • the first agent is disposed at a data link layer of the first correspondent party and the second agent is disposed at a data link layer of the second correspondent party.
  • the first correspondent party is a private cloud server
  • the second correspondent party is another network node outside the intranet where the private cloud server is located; or vice versa.
  • NAS network attached storage
  • the network attached storage device includes a processor, a hard disk, and a routing circuit, wherein a separate operating system can be run in the processor.
  • the network attached storage device is used as a private cloud server.
  • the private cloud server is located in a gateway in the home network, and the computer in the home, the mobile terminal, etc. are connected to the private cloud server.
  • the private cloud server is located in the gateway of the home network, if the home network uses the cell shared broadband, the private cloud server is located in the intranet; even if broadband or dial-up networking is used, the IP address of the private cloud is generally dynamically allocated. Get the IP address directly. Therefore, when a user accesses a private cloud server on a network node outside the home network, it is still necessary to establish a P2P connection.
  • a private cloud server does not have its own public IP address, but is located on the same internal network as a computer or mobile terminal in the home. Therefore, when a user accesses a private cloud server on a network node other than the home network, a P2P connection needs to be established.
  • the private cloud server can also integrate smart home appliances to control home appliances.
  • the first communication party is a private cloud server
  • the second communication party is a terminal device outside the home network
  • the terminal device may have its own public network IP or may be located in another internal network.
  • the user can establish a P2P connection with the private cloud server through the proxy on the terminal device, so that the application in the terminal device and the program of the private cloud server transmit data, for example, accessing the smart home appliance in the private cloud server through an application in the terminal device. Controls to achieve remote control of the home appliances.
  • the first communication party is a terminal device located outside the home network
  • the second communication party is a private cloud server.
  • Network Address Translation (Network Address Translation, NAT) is a widely used network technology for isolating internal networks and external networks (Internet), protecting internal network security and addressing the problem of insufficient IPv4 addresses.
  • IPv4 addresses IP address Translation
  • the NAT device assigns it a unique port number.
  • NAT allows the information sent by the external host that has communicated with the internal host of the NAT to enter the internal network, and the information sent directly by the external host that has not communicated with the internal host is directly discarded. This protects the security of the internal network, but it also limits the security.
  • P2P application P2P application.
  • the first communication party 1 is located in the intranet of the NAT device A
  • the public network IP of A is 155.99.25.11
  • the second communication party 2 is located in the intranet of the NAT device B.
  • the network IP is 138.76.29.7.
  • the first communication party 1 sends a message to the server S, and the NAT device A assigns a port 62000 to the first communication party 1, and the server S records the address and port information of the first communication party 1, where the address and port are observed by the server S.
  • the public network IP of the first correspondent party 1 and the port assigned to it by the NAT device A that is, 155.99.25.1:62000, instead of the address of the first correspondent party 1 in the internal network.
  • the server S will record the address and port information of the second party 2, 138.76.29.7: 31000.
  • the first agent 101 of the first communication party 1 sends a first connection request to the server S, including the address and port information of the first communication party 1, and the information of the second communication party 2, which is the opposite end of the connection to be established; Receiving the first connection request, transmitting the recorded address and port information of the first communication party 1 (155.99.25.11:62000) to the second agent 201 of the second communication party 2, and the address and port of the second communication party 2
  • the information (138.76.29.7: 31000) is sent to the first agent 101 of the first correspondent party 1.
  • the second agent 201 of the second communication party 2 sends a second connection request to the first communication party 1 (155.99.25.11:62000), since the second communication party 2 is an external host that has not communicated with the internal host, the second connection request Rejected by NAT device A. Although the connection was not successful, the NAT device B saved the address and port information of the first correspondent 1 (155.99.25.11:62000) and the information that the second correspondent 2 in the intranet initiated the connection to it.
  • the first agent 101 of the first communication party 1 initiates a third connection request to the second communication party 2, because the NAT device B stores the address and port information of the first communication party 1 and the second communication party 2 to the first communication party 1 Initiating the connection request information, the first communication party 1 is regarded as an external host that has communicated with the NAT device B internal host (second communication party 2), and the third connection request is allowed to pass by the NAT device B.
  • the second agent 201 of the second communication party 2 accepts the third connection request and establishes a P2P penetration connection between the first agent 101 of the first communication party 1 and the second agent 201 of the second communication party 2.
  • the first communication party may directly send a request to establish a connection to the second communication party after obtaining the address of the second communication party.
  • the first communication direction server sends a connection request, and the server sends the address and port information of the first communication party to the second communication party, and the second communication direction is A communicating party requests to establish a connection, and the first communicating party accepts the request to establish a connection with the second communicating party.
  • a first embodiment of the apparatus of the present invention (as a first communication party), comprising a processor and a network communication circuit
  • the processor is connected to the network communication circuit;
  • the processor runs the first agent 30 to pass A P2P penetration connection is established between the network communication circuit and the second agent of the opposite end (second communication party);
  • the processor further runs the first application 40 to send the first data to the first loopback port 51, and the processor further Controlling the first agent 30 to obtain the first data from the first loopback port 51 and output it to the network communication circuit, the network communication circuit transmitting the first data to the second agent of the opposite end, so that the second agent of the opposite end receives the first Data, and the first data is sent to the corresponding second application;
  • the first agent 30 is independent of the first application 40
  • the second agent is independent of the second application
  • the first agent 30 and the second agent are both corresponding to the first An application 40 and a second application are transparent.
  • the local loopback port is a virtual port with an address range of 127.0.0.1 to 127.255.255.254.
  • the data sent to the loopback port does not pass through the network communication circuit.
  • the device establishes a P2P connection with other network nodes that are not in the same intranet through the independently running agent, and the application on the device transmits data through the agent and other network node applications, so that the application does not need to modify the code.
  • P2P data transmission can be performed through agents and other devices, saving system resources.
  • the processor further controls the first proxy 30 to receive the second data sent from the second proxy of the peer end through the network communication circuit, and send the second data to The other first loopback port 52, the processor further controls the first application 40 to obtain the second data from the other first loopback port 52, and completes the process of the first application 40 receiving data from the corresponding second application of the peer end.
  • the application on the device completes the sending and receiving of data with the agent through the local loopback port.
  • the address of the first loopback port 51 and the other first loopback port 52 are different, for example, 127.0.0.1 is used as the address of the first loopback port 51, and 127.0.0.10 is used as the address of the other first loopback port 52. . If at least two applications running in the device are simultaneously connected to the peer application, each application sends data to the first agent 30 through the first loopback port 51, and from the first agent 30 through the other first loopback port 52. Receive the data returned by the peer.
  • the connection with each network node uses two independent loopback ports as interfaces for data transmission and reception between the application and the first agent 30, and multiple used The addresses of the loopback ports are different.
  • the network attached storage device includes a processor, a hard disk, and a routing circuit, wherein a separate operating system can be run in the processor, and further, the network attached storage device is used as a private cloud server in the present invention.
  • the private cloud server is located in a gateway in the home network, and the computer in the home, the mobile terminal, etc. are connected to the private cloud server.
  • the private cloud server is located in the gateway of the home network, if the home network uses the cell shared broadband, the private cloud server is located in the intranet; even if broadband or dial-up networking is used, the IP address of the private cloud is generally dynamically allocated. Get the IP address directly. Therefore, when a user accesses a private cloud server on a network node outside the home network, it is still necessary to establish a P2P connection.
  • a private cloud server does not have its own public IP address, but is located on the same internal network as a computer or mobile terminal in the home. Therefore, when a user accesses a private cloud server on a network node other than the home network, a P2P connection needs to be established.
  • the private cloud server can also integrate smart home appliances to control home appliances.
  • the device is a private cloud server
  • the peer end is a terminal device outside the home network.
  • the peer end may have its own public network IP or may be located in another internal network.
  • the user can establish a P2P connection with the private cloud server through the proxy on the peer end, so that the application in the terminal device and the program of the private cloud server transmit data, for example, accessing the smart home appliance in the private cloud server through an application in the terminal device. Controls to achieve remote control of the home appliances.
  • the device is a terminal device located in another intranet outside the home network, and the peer end is a private cloud server.
  • the processor 710, the hard disk 720 and the routing circuit 730 are included, and the hard disk 720 and the routing circuit 730 are respectively connected to the processor 710.
  • the WAN interface of the routing circuit 730 is connected to the Internet, and the LAN interface is respectively connected to the intranet device, and the transmission of the data packet between the processor 710 and the corresponding interface is completed.
  • the processor 710 is configured to exchange routing information, look up a routing table, and forward a data packet, and cooperate with the routing circuit 730 to implement routing functions such as interconnection of a local area network and a wide area network, processing and distribution of data, and flow control.
  • the processor 710 is further configured to run a first proxy to establish a P2P penetration connection with the second proxy of the peer end, and the processor 710 is further configured to run the first application to output the first data to the routing circuit by using the first proxy 730, the routing circuit 730 sends the first data to the second proxy of the peer end, so that the second proxy of the peer end receives the first data, and sends the first data to the corresponding second application, where the first proxy is independent of the first
  • the second agent is independent of the second application
  • the first agent and the second agent are both transparent to the corresponding first application and the second application.
  • Network attached storage can act as a private cloud server in a home network.
  • the network attached storage establishes a P2P connection with other network nodes not on the same intranet through the independently running agent.
  • the application on the network attached storage transmits data through the agent and other network node applications, so that the application can pass the code without modifying the code.
  • the agent performs P2P data transmission with other devices to save system resources.

Abstract

Disclosed in the present invention is a network communication method, comprising: establishing a P2P penetration connection between a first agent of a first communicating party and a second agent of a second communicating party; by means of the first agent, a first application of the first communicating party sends first data to the second agent of the second communicating party; the second agent of the second communicating party receives the first data and sends the first data to a corresponding second application; the first agent is independent of the first application, the second agent is independent of the second application, and the first agent and the second agent are both transparent to the corresponding first application and the second application. Also disclosed in the present invention is a device.

Description

一种网络通信方法、设备及网络附属存储设备 Network communication method, device and network auxiliary storage device
【技术领域】[Technical Field]
本发明涉及通信技术,特别是涉及一种网络通信方法、设备及网络附属存储设备。The present invention relates to communication technologies, and in particular, to a network communication method, device, and network attached storage device.
【背景技术】 【Background technique】
P2P(peer to peer,对等网络)技术充分利用网络中的每一台计算机的能力,互相提供服务。每台计算机既能充当网络服务的请求者,又对其它计算机的请求作出响应,提供资源和服务。P2P(peer to Peer, peer-to-peer network technology makes full use of the capabilities of each computer in the network to provide services to each other. Each computer can act as a requester for network services and respond to requests from other computers, providing resources and services.
当计算机中的应用需要建立P2P连接时,一般而言是要在应用程序中加入建立P2P连接的代码,如果原有的应用程序中没有这部分代码则需要修改程序,这样操作复杂而且浪费资源。When an application in a computer needs to establish a P2P connection, it is generally necessary to add a code for establishing a P2P connection in the application. If the original application does not have this part of the code, the program needs to be modified, which is complicated and wastes resources.
【发明内容】 [Summary of the Invention]
为了至少部分解决以上问题,本发明提出了一种网络通信方法。该网络通信方法包括:第一通信方的第一代理与第二通信方的第二代理之间建立P2P穿透连接;第一通信方的第一应用通过第一代理将第一数据发给第二通信方的第二代理;第二通信方的第二代理接收第一数据,并将第一数据发给相应的第二应用;其中,第一代理独立于第一应用,第二代理独立于第二应用,第一代理与第二代理均对相应的第一应用、第二应用透明。In order to at least partially solve the above problems, the present invention proposes a network communication method. The network communication method includes: establishing a P2P penetration connection between a first agent of the first communication party and a second agent of the second communication party; the first application of the first communication party sends the first data to the first a second agent of the second communicating party; the second agent of the second communicating party receives the first data, and sends the first data to the corresponding second application; wherein the first agent is independent of the first application, and the second agent is independent of the first agent The second application, the first agent and the second agent are both transparent to the corresponding first application and the second application.
其中,第一通信方的第一应用通过第一代理将第一数据发给第二通信方的第二代理的步骤包括:第一通信方的第一应用将第一数据发给第一通信方的第一环回端口;第一通信方的第一代理从第一环回端口获得第一数据,并发给第二通信方的第二代理。The step of the first application of the first communication party sending the first data to the second agent of the second communication party by using the first agent includes: sending, by the first application of the first communication party, the first data to the first communication party The first loopback port; the first agent of the first correspondent obtains the first data from the first loopback port and sends the first data to the second agent of the second party.
其中,第二通信方的第二代理接收第一数据,并将第一数据发给相应的第二应用的步骤包括:第二通信方的第二代理接收第一数据后,将第一数据发送到第二通信方的第二环回端口;第二通信方的相应第二应用从第二环回端口中获得第一数据。The step of the second agent of the second communication party receiving the first data and sending the first data to the corresponding second application comprises: after the second agent of the second communication party receives the first data, sending the first data Go to the second loopback port of the second correspondent party; the corresponding second application of the second correspondent party obtains the first data from the second loopback port.
其中,第二通信方的相应第二应用在获得第一数据后,将第二数据发给第二通信方的另一第二环回端口;第二通信方的第二代理从另一第二环回端口获得第二数据,并发给第一通信方的第一代理。The second application of the second communication party sends the second data to another second loopback port of the second communication party after obtaining the first data; the second proxy of the second communication party is from another second The loopback port obtains the second data and sends it to the first agent of the first correspondent party.
其中,第一通信方的第一代理与第二通信方的第二代理之间建立P2P穿透连接的步骤是指:设置在第一通信方的数据链路层的第一代理与设置在第二通信方的数据链路层的第二代理之间建立P2P穿透连接。The step of establishing a P2P penetration connection between the first agent of the first communication party and the second agent of the second communication party means: setting the first agent and setting in the data link layer of the first communication party A P2P penetration connection is established between the second agents of the data link layer of the two communicating parties.
其中,第一通信方的第一代理与第二通信方的第二代理之间建立P2P穿透连接的步骤包括:第一通信方的第一代理向服务器发送第一连接请求,第一连接请求包括第一通信方的地址及端口信息,还包括所要建立连接的对端即第二通信方的信息;服务器接收第一连接请求,将第一通信方的地址及端口信息发给第二通信方的第二代理,并将第二通信方的地址及端口信息发给第一通信方的第一代理,服务器中预先保存有第一通信方和第二通信方的地址及端口信息;第二通信方的第二代理利用第一通信方的地址及端口信息向第一通信方发送第二连接请求,第二连接请求被第一通信方侧的网络地址转换NAT拒绝,第二通信方侧的网络地址转换保存了第一通信方的地址及端口;第一通信方的第一代理向第二通信方发起第三连接请求,第二通信方侧的网络地址转换根据保存的第一通信方的地址及端口而通过第三请求;第二通信方的第二代理接收第三连接请求,以建立第一通信方的第一代理与第二通信方的第二代理之间的P2P穿透连接。The step of establishing a P2P penetration connection between the first agent of the first communication party and the second agent of the second communication party includes: the first agent of the first communication party sends a first connection request to the server, the first connection request The address and port information of the first communication party are further included, and the information of the second communication party that is the opposite end of the connection to be established is included; the server receives the first connection request, and sends the address and port information of the first communication party to the second communication party. The second agent sends the address and port information of the second communication party to the first agent of the first communication party, and the address and port information of the first communication party and the second communication party are pre-stored in the server; the second communication The second agent of the party sends a second connection request to the first communication party by using the address and port information of the first communication party, and the second connection request is rejected by the network address translation NAT of the first communication party side, and the network of the second communication party side The address translation saves the address and port of the first communication party; the first agent of the first communication party initiates a third connection request to the second communication party, and the network address translation root of the second communication party side And saving the first communication party's address and port to pass the third request; the second communication party's second agent receives the third connection request to establish the first agent of the first communication party and the second agent of the second communication party P2P penetration connection between.
其中第一通信方是私有云服务器,第二通信方是私有云服务器所在内网之外的另一网络节点,或反过来。The first communicating party is a private cloud server, and the second communicating party is another network node outside the internal network where the private cloud server is located, or vice versa.
为了至少部分解决以上问题,本发明提出了一种网络通信方法。该网络通信方法包括:第一通信方的第一代理与第二通信方的第二代理之间建立P2P穿透连接;第一通信方的第一应用通过第一代理将第一数据发给第二通信方的第二代理,以使得第二通信方的第二代理接收第一数据,并将第一数据发给相应的第二应用;其中,第一代理独立于第一应用,第二代理独立于第二应用,第一代理与第二代理均对相应的第一应用、第二应用透明。In order to at least partially solve the above problems, the present invention proposes a network communication method. The network communication method includes: establishing a P2P penetration connection between a first agent of the first communication party and a second agent of the second communication party; the first application of the first communication party sends the first data to the first a second agent of the second communicating party, so that the second agent of the second communicating party receives the first data, and sends the first data to the corresponding second application; wherein the first agent is independent of the first application, the second agent Independent of the second application, the first agent and the second agent are both transparent to the corresponding first application and the second application.
其中,第一通信方的第一应用通过第一代理将第一数据发给第二通信方的第二代理的步骤包括:第一通信方的第一应用将第一数据发给第一通信方的第一环回端口;第一通信方的第一代理从第一环回端口获得第一数据,并发给第二通信方的第二代理。The step of the first application of the first communication party sending the first data to the second agent of the second communication party by using the first agent includes: sending, by the first application of the first communication party, the first data to the first communication party The first loopback port; the first agent of the first correspondent obtains the first data from the first loopback port and sends the first data to the second agent of the second party.
其中,第一通信方的第一代理接收从第二通信方的第二代理发来的第二数据;第一通信方的第一代理将第二数据发送到第一通信方的另一第一环回端口;第一通信方的第一应用从另一第一环回端口中获得第二数据。Wherein the first agent of the first communicating party receives the second data sent from the second agent of the second communicating party; the first agent of the first communicating party sends the second data to the other first of the first communicating party Loopback port; the first application of the first correspondent obtains the second data from the other first loopback port.
其中,第一通信方的第一代理与第二通信方的第二代理之间建立P2P穿透连接的步骤是指:设置在第一通信方的数据链路层的第一代理与设置在第二通信方的数据链路层的第二代理之间建立P2P穿透连接。The step of establishing a P2P penetration connection between the first agent of the first communication party and the second agent of the second communication party means: setting the first agent and setting in the data link layer of the first communication party A P2P penetration connection is established between the second agents of the data link layer of the two communicating parties.
其中,第一通信方的第一代理与第二通信方的第二代理之间建立P2P穿透连接的步骤包括:第一通信方的第一代理向服务器发送第一连接请求,第一连接请求包括第一通信方的地址及端口信息,还包括所要建立连接的对端即第二通信方的信息;服务器接收第一连接请求,将第一通信方的地址及端口信息发给第二通信方的第二代理,并将第二通信方的地址及端口信息发给第一通信方的第一代理,服务器中预先保存有第一通信方和第二通信方的地址及端口信息;第二通信方的第二代理利用第一通信方的地址及端口信息向第一通信方发送第二连接请求,第二连接请求被第一通信方侧的网络地址转换拒绝,第二通信方侧的网络地址转换保存了第一通信方的地址及端口;第一通信方的第一代理向第二通信方发起第三连接请求,第二通信方侧的网络地址转换根据保存的第一通信方的地址及端口而通过第三请求;第二通信方的第二代理接收第三连接请求,以建立第一通信方的第一代理与第二通信方的第二代理之间的P2P穿透连接。The step of establishing a P2P penetration connection between the first agent of the first communication party and the second agent of the second communication party includes: the first agent of the first communication party sends a first connection request to the server, the first connection request The address and port information of the first communication party are further included, and the information of the second communication party that is the opposite end of the connection to be established is included; the server receives the first connection request, and sends the address and port information of the first communication party to the second communication party. The second agent sends the address and port information of the second communication party to the first agent of the first communication party, and the address and port information of the first communication party and the second communication party are pre-stored in the server; the second communication The second agent of the party sends a second connection request to the first communication party by using the address and port information of the first communication party, and the second connection request is rejected by the network address translation of the first communication party side, and the network address of the second communication party side The conversion saves the address and port of the first communication party; the first agent of the first communication party initiates a third connection request to the second communication party, and the network address translation of the second communication party side is based on And storing a third connection request by the second agent of the second communication party; the second agent of the second communication party is configured to establish a first agent of the first communication party and a second agent of the second communication party P2P penetration connection between.
其中,第一通信方是私有云服务器,或者私有云服务器所在内网之外的另一网络节点。The first communication party is a private cloud server, or another network node outside the internal network where the private cloud server is located.
为了至少部分解决以上问题,本发明提出了一种设备。该设备包括:处理器和网络通信电路;处理器用于运行第一代理,以通过网络通信电路与对端的第二代理之间建立P2P穿透连接;处理器还用于运行第一应用,以通过第一代理将第一数据输出至网络通信电路,网络通信电路将第一数据发给对端的第二代理,以使得对端的第二代理接收第一数据,并将第一数据发给相应的第二应用;其中,第一代理独立于第一应用,第二代理独立于第二应用,第一代理与第二代理均对相应的第一应用、第二应用透明。In order to at least partially solve the above problems, the present invention proposes an apparatus. The device includes: a processor and a network communication circuit; the processor is configured to run the first agent to establish a P2P penetration connection between the network communication circuit and the second agent of the opposite end; the processor is further configured to run the first application to pass The first agent outputs the first data to the network communication circuit, and the network communication circuit sends the first data to the second agent of the opposite end, so that the second agent of the opposite end receives the first data, and sends the first data to the corresponding first The application is independent of the first application, the second agent is independent of the second application, and the first agent and the second agent are both transparent to the corresponding first application and the second application.
其中,处理器具体用于运行第一应用以将第一数据发给第一环回端口,然后运行第一代理以从第一环回端口获得第一数据,并输出至网络通信电路,以实现控制第一应用通过第一代理将第一数据输出至网络通信电路。The processor is specifically configured to run the first application to send the first data to the first loopback port, and then run the first proxy to obtain the first data from the first loopback port, and output the data to the network communication circuit to implement The first application is controlled to output the first data to the network communication circuit through the first agent.
其中,处理器还用于运行第一代理以通过网络通信电路接收从对端的第二代理发来的第二数据,然后运行第一代理以将第二数据发送到另一第一环回端口,然后运行第一应用以从另一第一环回端口中获得第二数据。Wherein the processor is further configured to run the first agent to receive the second data sent from the second agent of the peer end through the network communication circuit, and then run the first agent to send the second data to the other first loopback port, The first application is then run to obtain second data from another first loopback port.
其中,设备是私有云服务器,或者私有云服务器所在内网之外的另一网络节点。The device is a private cloud server or another network node outside the internal network where the private cloud server is located.
为了至少部分解决以上问题,本发明提出了一种网络附属存储设备。该网络附属存储设备包括:处理器、硬盘和路由电路,硬盘和路由电路分别连接处理器;处理器用于运行第一代理,以通过路由电路与对端的第二代理之间建立P2P穿透连接;处理器还用于运行第一应用,以通过第一代理将第一数据输出至路由电路,路由电路将第一数据发给对端的第二代理,以使得对端的第二代理接收第一数据,并将第一数据发给相应的第二应用;其中,第一代理独立于第一应用,第二代理独立于第二应用,第一代理与第二代理均对相应的第一应用、第二应用透明。In order to at least partially solve the above problems, the present invention proposes a network attached storage device. The network attached storage device includes: a processor, a hard disk, and a routing circuit, wherein the hard disk and the routing circuit are respectively connected to the processor; the processor is configured to run the first agent to establish a P2P penetration connection between the routing circuit and the second agent of the peer end; The processor is further configured to run the first application to output the first data to the routing circuit by using the first proxy, and the routing circuit sends the first data to the second proxy of the peer end, so that the second proxy of the peer end receives the first data, And sending the first data to the corresponding second application; wherein the first agent is independent of the first application, the second agent is independent of the second application, and the first agent and the second agent are both for the corresponding first application and the second Application transparency.
本发明的有益效果是:位于不同内网的设备之间通过独立运行的代理建立P2P连接,不同设备上的应用通过代理发送和接收数据,这样应用无须修改代码即可通过代理与其他网络节点建立P2P连接,节约系统资源。The invention has the beneficial effects that: P2P connections are established between devices running on different intranets through independently running agents, and applications on different devices send and receive data through the proxy, so that the application can establish with other network nodes through the proxy without modifying the code. P2P connection saves system resources.
【附图说明】 [Description of the Drawings]
图1是本发明网络通信方法一个实施例中实现网络通信的流程图;1 is a flow chart of implementing network communication in an embodiment of a network communication method according to the present invention;
图2是本发明网络通信方法一个实施例中第一通信方向第二通信方发送数据的流程图;2 is a flow chart of transmitting data by a second communication party in a first communication direction according to an embodiment of the network communication method of the present invention;
图3是本发明网络通信方法一个实施例中第二通信方向第一通信方发送数据的流程图;3 is a flow chart of transmitting data by a first communication party in a second communication direction according to an embodiment of the network communication method of the present invention;
图4是本发明网络通信方法一个实施例中建立P2P穿透连接的示意图;4 is a schematic diagram of establishing a P2P penetration connection in an embodiment of a network communication method according to the present invention;
图5是本发明设备一个实施例的示意图;Figure 5 is a schematic view of an embodiment of the apparatus of the present invention;
图6是本发明设备一个实施例中使用两个环回端口的示意图;Figure 6 is a schematic illustration of the use of two loopback ports in one embodiment of the apparatus of the present invention;
图7是本发明网络附属存储设备一个实施例的结构示意图。FIG. 7 is a schematic structural diagram of an embodiment of a network attached storage device according to the present invention.
【具体实施方式】【detailed description】
下面结合附图和实施例对本发明进行详细说明。The invention will now be described in detail in conjunction with the drawings and embodiments.
如图1所示,本发明网络通信方法的第一实施例包括:As shown in FIG. 1, the first embodiment of the network communication method of the present invention includes:
S110,第一通信方的第一代理与第二通信方的第二代理之间建立P2P穿透连接;S110. Establish a P2P penetration connection between the first agent of the first communication party and the second agent of the second communication party.
第一代理独立于第一应用,第二代理独立于第二应用,第一代理与第二代理均对相应的第一应用、第二应用透明。The first agent is independent of the first application, and the second agent is independent of the second application, and the first agent and the second agent are both transparent to the corresponding first application and the second application.
第一代理、第二代理均为独立运行的程序,是本机各个程序与其他设备之间进行P2P穿透连接的桥梁、中介,当然,也可以理解为一种通信接口。第一代理、第二代理的程序可以按照要求、本机系统环境等进行设计。第一代理、第二代理可以被本机程序调用与其他设备上的代理建立P2P连接,并为本机应用程序提供透明的数据分发和接收;第一通信方和第二通信方可以在两个不同的内网中,也可以一个在内网中,一个在公网上。The first agent and the second agent are independent running programs, which are bridges and mediations for P2P penetration between the various programs of the machine and other devices. Of course, it can also be understood as a communication interface. The programs of the first agent and the second agent can be designed according to requirements, the local system environment, and the like. The first agent and the second agent may be called by the native program to establish a P2P connection with the agent on the other device, and provide transparent data distribution and reception for the native application; the first communication party and the second communication party may be in two Different intranets can also be in the intranet and one on the public network.
建立P2P连接是指不同设备相连接并建立对等的P2P网络。在P2P网络中,彼此连接的设备之间都处于对等的地位,无主从之分。网络中的每一台设备既能充当网络服务的请求者,又对其它计算机的请求做出响应,提供资源、服务和内容,以供网络中的其它计算机直接访问而无需经过中间实体。Establishing a P2P connection means that different devices are connected and establish a peer-to-peer P2P network. In a P2P network, devices connected to each other are in an equal position, with no master or slave. Each device in the network can act as both a requester for the network service and a request to other computers, providing resources, services, and content for direct access by other computers in the network without going through intermediate entities.
S120,第一通信方的第一应用通过第一代理将第一数据发给第二通信方的第二代理;S120. The first application of the first communication party sends the first data to the second agent of the second communication party by using the first proxy.
第一数据可以为通信请求、文本信息、网页、音视频媒体、文件等,在不同设备之间的传输由代理程序完成。The first data may be a communication request, text information, a web page, an audio and video media, a file, etc., and the transfer between different devices is performed by an agent.
S130,第二通信方的第二代理接收第一数据,并将第一数据发给相应的第二应用;S130. The second agent of the second communication party receives the first data, and sends the first data to the corresponding second application.
第二通信方的第二应用接收了第一数据,完成了第一通信方的第一应用向第二通信方的第二应用发送第一数据的过程。The second application of the second communication party receives the first data, and completes a process in which the first application of the first communication party sends the first data to the second application of the second communication party.
通过上述实施例的实施,不在同一内网的设备之间通过独立运行的代理程序建立P2P连接,不同设备上的应用通过代理发送和接收数据,这样应用程序无须修改代码即可通过代理与其他设备进行P2P数据传输,节约系统资源。Through the implementation of the foregoing embodiment, P2P connections are not established between devices of the same intranet through independently running agents, and applications on different devices send and receive data through the proxy, so that the application can pass the proxy and other devices without modifying the code. P2P data transmission is performed to save system resources.
参考图2,在本发明网络通信方法的第二实施例包括:Referring to FIG. 2, a second embodiment of the network communication method of the present invention includes:
S210,第一通信方的第一代理与第二通信方的第二代理建立P2P穿透连接;S210. The first agent of the first communication party establishes a P2P penetration connection with the second agent of the second communication party.
S220,第一通信方的第一应用将第一数据发给第一通信方的第一环回端口;S220. The first application of the first communication party sends the first data to the first loopback port of the first communication party.
S230,第一通信方的第一代理从第一环回端口获得第一数据,并将其发给第二通信方的第二代理;S230, the first agent of the first communication party obtains the first data from the first loopback port, and sends the first data to the second agent of the second communication party;
S240,第二通信方的第二代理接收第一数据后,将第一数据发送到第二通信方的第二环回端口;S240. After receiving the first data, the second proxy of the second communication party sends the first data to the second loopback port of the second communication party.
S250,第二通信方的相应第二应用从第二环回端口中获得第一数据,完成第一通信方向第二通信方发送数据。S250. The corresponding second application of the second communication party obtains the first data from the second loopback port, and completes the first communication direction to send data to the second communication party.
环回端口是设备上的虚拟端口,地址范围为127.0.0.1至127.255.255.254,发送给环回端口的数据不会通过外部网络接口。每台设备上的代理通过本地环回端口完成与本机应用程序之间数据的接收和发送。The loopback port is a virtual port on the device. The address range is 127.0.0.1 to 127.255.255.254. The data sent to the loopback port does not pass through the external network interface. The agent on each device completes the reception and transmission of data with the native application through the local loopback port.
如图3所示,在本发明网络通信方法的第三实施例中,第一通信方的第一应用向第二通信方的相应第二应用发送第一数据(参考第一实施例或第二实施例的描述)之后的步骤包括:As shown in FIG. 3, in a third embodiment of the network communication method of the present invention, the first application of the first communication party sends the first data to the corresponding second application of the second communication party (refer to the first embodiment or the second The description of the embodiment) includes the following steps:
S310,第二通信方的第二应用将第二数据发给第二通信方的另一第二环回端口;S310. The second application of the second communication party sends the second data to another second loopback port of the second communication party.
第二数据可以为第二应用发出的反馈信息、文本信息,音视频媒体、文件等。The second data may be feedback information, text information, audio and video media, files, etc., sent by the second application.
S320,第二通信方的第二代理从另一第二环回端口获得第二数据,并将其发给第一通信方的第一代理;S320, the second agent of the second communication party obtains the second data from another second loopback port, and sends the second data to the first agent of the first communication party;
另一第二环回端口用于第二通信方的应用程序向第二代理发送数据,使用的地址与第二实施例中第二通信方的应用程序接收数据用的第二环回端口地址不同。Another second loopback port is used by the application of the second communication party to send data to the second agent, using an address different from the second loopback port address used by the application of the second party in the second embodiment to receive data in the second embodiment. .
S330,第一通信方的第一代理接收第二数据之后将其发送到第一通信方的另一第一环回端口;S330, the first agent of the first communication party sends the second data and sends it to another first loopback port of the first communication party;
另一第一环回端口用于第一通信方的应用程序从第一代理接收数据,使用的地址与第二实施例中第一通信方的应用发送数据用的第一环回端口地址不同。The other first loopback port is used by the application of the first correspondent party to receive data from the first proxy, using an address different from the first loopback port address used by the application of the first correspondent party in the second embodiment to transmit data.
S340,第一通信方的第一应用从另一第一环回端口获得第二数据;S340. The first application of the first communication party obtains the second data from another first loopback port.
完成第一通信方的第一应用从第二通信方的第二应用接收数据的过程。The process of receiving data from the second application of the second communication party by the first application of the first communication party is completed.
第一通信方的第一应用在调用独立运行的代理程序发送第一数据给第二通信方的第二应用之后,接收第二通信方的第二应用返回的第二数据,实现P2P的数据相互传输。After the first application of the first communication party sends the first data to the second application of the second communication party, the first application of the second communication party receives the second data returned by the second application of the second communication party, and implements P2P data mutual data. transmission.
对于第一通信方和第二通信方建立起的P2P连接,第一通信方使用的第二环回端口和另一第二环回端口的地址与第一通信方使用的第一环回端口和另一第一环回端口的地址可以相同,也可以不同。如果第一通信方中至少两个应用同时与第二通信方中的应用连接,每个应用都是通过第一环回端口向第一代理发送数据,通过另一第一环回端口从第一代理接收第二通信方返回的数据,反之亦然。For the P2P connection established by the first communication party and the second communication party, the address of the second loopback port and the second second loopback port used by the first communication party and the first loopback port used by the first communication party The address of the other first loopback port may be the same or different. If at least two applications of the first communication party are simultaneously connected to the application in the second communication party, each application sends data to the first proxy through the first loopback port, and from the first loopback port through the first The agent receives the data returned by the second communicating party and vice versa.
此外,第一通信方可以同时与多个网络节点建立P2P连接,每个连接都占用两个环回端口用于应用程序与代理之间的数据接收和发送,不同的连接使用的环回端口地址各不相同。同理可以推出第二通信方与多个网络节点建立P2P连接的情况。In addition, the first communication party can establish a P2P connection with multiple network nodes at the same time, each connection occupies two loopback ports for data reception and transmission between the application and the proxy, and the loopback port address used by different connections. Different. Similarly, the case where the second communication party establishes a P2P connection with multiple network nodes can be introduced.
在本发明的一个实施例中,第一代理设置在第一通信方的数据链路层,第二代理设置在第二通信方的数据链路层。In one embodiment of the invention, the first agent is disposed at a data link layer of the first correspondent party and the second agent is disposed at a data link layer of the second correspondent party.
在本发明的一个实施例中,第一通信方是私有云服务器,第二通信方是私有云服务器所在内网之外的另一网络节点;或反过来。在网络附属存储(NAS, network attached storage)设备上加装路由电路即可成为本发明设备的一种实施例。网络附属存储设备包括处理器、硬盘和路由电路,其中在处理器中可运行独立的操作系统,进而,在本发明中将网络附属存储设备作为私有云服务器。私有云服务器位于家庭网络中的网关,家庭中的电脑,移动终端等连接私有云服务器。私有云服务器虽然位于家庭网络中的网关,但是如果家庭网络是采用小区共享宽带,那么私有云服务器位于小区内网之中;即使使用宽带或者拨号联网,私有云的IP地址一般为动态分配,无法直接获知其IP地址。因此当用户在家庭网络之外的网络节点上访问私有云服务器时,仍需要建立P2P连接。In one embodiment of the invention, the first correspondent party is a private cloud server, and the second correspondent party is another network node outside the intranet where the private cloud server is located; or vice versa. In network attached storage (NAS, Network attached Adding a routing circuit to the device can be an embodiment of the device of the present invention. The network attached storage device includes a processor, a hard disk, and a routing circuit, wherein a separate operating system can be run in the processor. Further, in the present invention, the network attached storage device is used as a private cloud server. The private cloud server is located in a gateway in the home network, and the computer in the home, the mobile terminal, etc. are connected to the private cloud server. Although the private cloud server is located in the gateway of the home network, if the home network uses the cell shared broadband, the private cloud server is located in the intranet; even if broadband or dial-up networking is used, the IP address of the private cloud is generally dynamically allocated. Get the IP address directly. Therefore, when a user accesses a private cloud server on a network node outside the home network, it is still necessary to establish a P2P connection.
还可以在家庭网络中的路由器上加装处理器、硬盘和网络接口作为私有云服务器,其中处理器运行独立的操作系统,网络接口直接连接到路由器的一个LAN口。私有云服务器没有自己的公网IP,而是与家庭中的电脑,移动终端等位于同一内网,因此当用户在家庭网络之外的网络节点上访问私有云服务器时,需要建立P2P连接。It is also possible to add a processor, a hard disk, and a network interface as a private cloud server to a router in the home network, where the processor runs a separate operating system, and the network interface is directly connected to one LAN port of the router. A private cloud server does not have its own public IP address, but is located on the same internal network as a computer or mobile terminal in the home. Therefore, when a user accesses a private cloud server on a network node other than the home network, a P2P connection needs to be established.
私有云服务器除了提供传统的数据存储与共享和网页浏览服务之外,还可以集成智能家电控件,可以控制家庭中的家电。例如,第一通信方为私有云服务器,第二通信方为家庭网络外的终端设备,该终端设备可以具有自己的公网IP,也可以位于另一个内网之中。用户可以通过终端设备上的代理与私有云服务器建立P2P连接,使得终端设备中的应用程序与私有云服务器的程序之间传输数据,比如通过终端设备中的应用程序访问私有云服务器中的智能家电控件,实现远程遥控家中的电器。或者反过来,第一通信方为位于家庭网络之外的终端设备,第二通信方为私有云服务器。In addition to providing traditional data storage and sharing and web browsing services, the private cloud server can also integrate smart home appliances to control home appliances. For example, the first communication party is a private cloud server, and the second communication party is a terminal device outside the home network, and the terminal device may have its own public network IP or may be located in another internal network. The user can establish a P2P connection with the private cloud server through the proxy on the terminal device, so that the application in the terminal device and the program of the private cloud server transmit data, for example, accessing the smart home appliance in the private cloud server through an application in the terminal device. Controls to achieve remote control of the home appliances. Or conversely, the first communication party is a terminal device located outside the home network, and the second communication party is a private cloud server.
网络地址转换(Network Address Translation,NAT)是一种广泛应用的网络技术,用于隔离内部网络和外部网络(Internet),可以保护内部网络的安全并且解决IPv4地址不足的问题。当内部主机向外部主机发起连接时,NAT设备为它分配一个唯一的端口号。NAT允许已经与NAT内部主机通信过的外部主机发送的信息进入内网,而没有与内部主机通信过的外部主机直接发送的信息被直接丢弃掉,这样保护了内网的安全,但是也限制了P2P的应用。Network Address Translation (Network Address Translation, NAT) is a widely used network technology for isolating internal networks and external networks (Internet), protecting internal network security and addressing the problem of insufficient IPv4 addresses. When an internal host initiates a connection to an external host, the NAT device assigns it a unique port number. NAT allows the information sent by the external host that has communicated with the internal host of the NAT to enter the internal network, and the information sent directly by the external host that has not communicated with the internal host is directly discarded. This protects the security of the internal network, but it also limits the security. P2P application.
参考图4说明位于不同内网的两个节点通过服务器S建立P2P穿透连接的过程。在本发明的一个实施例中,第一通信方1位于NAT设备A的内网中,A的公网IP为155.99.25.11;第二通信方2位于NAT设备B的内网中,B的公网IP为138.76.29.7。Referring to FIG. 4, a process in which two nodes located in different intranets establish a P2P penetration connection through the server S is illustrated. In an embodiment of the present invention, the first communication party 1 is located in the intranet of the NAT device A, the public network IP of A is 155.99.25.11, and the second communication party 2 is located in the intranet of the NAT device B. The network IP is 138.76.29.7.
第一通信方1向服务器S发送消息,NAT设备A会给第一通信方1分配一个端口62000,服务器S记录下第一通信方1的地址和端口信息,此处地址和端口是服务器S观察到的第一通信方1的公网IP和NAT设备A分配给它的端口,即155.99.25.11:62000,而不是第一通信方1在内网中的地址。同理,服务器S会记录下第二通信方2的地址和端口信息,138.76.29.7:31000。The first communication party 1 sends a message to the server S, and the NAT device A assigns a port 62000 to the first communication party 1, and the server S records the address and port information of the first communication party 1, where the address and port are observed by the server S. The public network IP of the first correspondent party 1 and the port assigned to it by the NAT device A, that is, 155.99.25.1:62000, instead of the address of the first correspondent party 1 in the internal network. Similarly, the server S will record the address and port information of the second party 2, 138.76.29.7: 31000.
第一通信方1的第一代理101向服务器S发送第一连接请求,包括第一通信方1的地址及端口信息,还包括所要建立连接的对端即第二通信方2的信息;服务器S接收第一连接请求,将记录的第一通信方1的地址及端口信息(155.99.25.11:62000)发给第二通信方2的第二代理201,并将第二通信方2的地址及端口信息(138.76.29.7:31000)发给第一通信方1的第一代理101。The first agent 101 of the first communication party 1 sends a first connection request to the server S, including the address and port information of the first communication party 1, and the information of the second communication party 2, which is the opposite end of the connection to be established; Receiving the first connection request, transmitting the recorded address and port information of the first communication party 1 (155.99.25.11:62000) to the second agent 201 of the second communication party 2, and the address and port of the second communication party 2 The information (138.76.29.7: 31000) is sent to the first agent 101 of the first correspondent party 1.
第二通信方2的第二代理201向第一通信方1(155.99.25.11:62000)发送第二连接请求,由于第二通信方2是没有与内部主机通信过的外部主机,第二连接请求被NAT设备A拒绝。虽然连接没有成功,NAT设备B保存了第一通信方1的地址及端口信息(155.99.25.11:62000),以及内网中的第二通信方2曾向其发起连接这一信息。The second agent 201 of the second communication party 2 sends a second connection request to the first communication party 1 (155.99.25.11:62000), since the second communication party 2 is an external host that has not communicated with the internal host, the second connection request Rejected by NAT device A. Although the connection was not successful, the NAT device B saved the address and port information of the first correspondent 1 (155.99.25.11:62000) and the information that the second correspondent 2 in the intranet initiated the connection to it.
第一通信方1的第一代理101向第二通信方2发起第三连接请求,由于NAT设备B存有第一通信方1的地址及端口信息和第二通信方2向第一通信方1发起连接请求的信息,第一通信方1被视为曾经与NAT设备B内部主机(第二通信方2)通信过的外部主机,第三连接请求被NAT设备B允许通过。第二通信方2的第二代理201接受第三连接请求,建立第一通信方1的第一代理101与第二通信方2的第二代理201之间的P2P穿透连接。The first agent 101 of the first communication party 1 initiates a third connection request to the second communication party 2, because the NAT device B stores the address and port information of the first communication party 1 and the second communication party 2 to the first communication party 1 Initiating the connection request information, the first communication party 1 is regarded as an external host that has communicated with the NAT device B internal host (second communication party 2), and the third connection request is allowed to pass by the NAT device B. The second agent 201 of the second communication party 2 accepts the third connection request and establishes a P2P penetration connection between the first agent 101 of the first communication party 1 and the second agent 201 of the second communication party 2.
如果第一通信方位于内网中,第二通信方位于公网上时,第一通信方获得第二通信方的地址之后可以直接向第二通信方发送请求建立连接。如果第一通信方位于公网上,第二通信方位于内网中时,第一通信方向服务器发送连接请求,服务器向第二通信方发送第一通信方的地址和端口信息,第二通信方向第一通信方请求建立连接,第一通信方接受请求与第二通信方建立连接。If the first communication party is located in the internal network and the second communication party is located on the public network, the first communication party may directly send a request to establish a connection to the second communication party after obtaining the address of the second communication party. If the first communication party is located on the public network and the second communication party is located in the internal network, the first communication direction server sends a connection request, and the server sends the address and port information of the first communication party to the second communication party, and the second communication direction is A communicating party requests to establish a connection, and the first communicating party accepts the request to establish a connection with the second communicating party.
如图5所示,在本发明设备的第一实施例(作为第一通信方)中,,包括处理器和网络通信电路,处理器连接网络通信电路;处理器运行第一代理30,以通过网络通信电路与对端(第二通信方)的第二代理之间建立P2P穿透连接;处理器还运行第一应用40,以将第一数据发给第一环回端口51,处理器还控制第一代理30从第一环回端口51获得第一数据并将其输出至网络通信电路,网络通信电路将第一数据发给对端的第二代理,以使得对端的第二代理接收第一数据,并将第一数据发给相应的第二应用;其中,第一代理30独立于第一应用40,第二代理独立于第二应用,第一代理30与第二代理均对相应的第一应用40、第二应用透明。As shown in FIG. 5, in a first embodiment of the apparatus of the present invention (as a first communication party), comprising a processor and a network communication circuit, the processor is connected to the network communication circuit; the processor runs the first agent 30 to pass A P2P penetration connection is established between the network communication circuit and the second agent of the opposite end (second communication party); the processor further runs the first application 40 to send the first data to the first loopback port 51, and the processor further Controlling the first agent 30 to obtain the first data from the first loopback port 51 and output it to the network communication circuit, the network communication circuit transmitting the first data to the second agent of the opposite end, so that the second agent of the opposite end receives the first Data, and the first data is sent to the corresponding second application; wherein the first agent 30 is independent of the first application 40, the second agent is independent of the second application, and the first agent 30 and the second agent are both corresponding to the first An application 40 and a second application are transparent.
本地环回端口是虚拟端口,地址范围为127.0.0.1至127.255.255.254,发送给环回端口的数据不会通过网络通信电路。The local loopback port is a virtual port with an address range of 127.0.0.1 to 127.255.255.254. The data sent to the loopback port does not pass through the network communication circuit.
通过上述实施例的实施,设备通过独立运行的代理程序与其他不在同一内网的网络节点建立P2P连接,设备上的应用通过代理程序与其他网络节点的应用程序传输数据,这样应用程序无须修改代码即可通过代理与其他设备进行P2P数据传输,节约系统资源。Through the implementation of the foregoing embodiment, the device establishes a P2P connection with other network nodes that are not in the same intranet through the independently running agent, and the application on the device transmits data through the agent and other network node applications, so that the application does not need to modify the code. P2P data transmission can be performed through agents and other devices, saving system resources.
如图6所示,在本发明设备的第二实施例中,处理器还控制第一代理30通过网络通信电路接收从对端的第二代理发来的第二数据,并将第二数据发送到另一第一环回端口52,处理器还控制第一应用40从另一第一环回端口52获得第二数据,完成第一应用40从对端的相应第二应用接收数据的过程。As shown in FIG. 6, in the second embodiment of the apparatus of the present invention, the processor further controls the first proxy 30 to receive the second data sent from the second proxy of the peer end through the network communication circuit, and send the second data to The other first loopback port 52, the processor further controls the first application 40 to obtain the second data from the other first loopback port 52, and completes the process of the first application 40 receiving data from the corresponding second application of the peer end.
设备上的应用通过本地环回端口完成与代理程序之间数据的发送和接收。其中第一环回端口51和另一第一环回端口52的地址不同,例如说使用127.0.0.1作为第一环回端口51的地址,127.0.0.10作为另一第一环回端口52的地址。如果设备中运行有至少两个应用同时与对端的应用连接,每个应用都是通过第一环回端口51向第一代理30发送数据,通过另一第一环回端口52从第一代理30接收对端返回的数据。如果设备同时与多个网络节点分别建立P2P连接,与每个网络节点的连接都使用独立的两个环回端口作为应用与第一代理30之间数据发送和接收的接口,所使用的多个环回端口的地址各不相同。The application on the device completes the sending and receiving of data with the agent through the local loopback port. The address of the first loopback port 51 and the other first loopback port 52 are different, for example, 127.0.0.1 is used as the address of the first loopback port 51, and 127.0.0.10 is used as the address of the other first loopback port 52. . If at least two applications running in the device are simultaneously connected to the peer application, each application sends data to the first agent 30 through the first loopback port 51, and from the first agent 30 through the other first loopback port 52. Receive the data returned by the peer. If the device establishes a P2P connection with multiple network nodes at the same time, the connection with each network node uses two independent loopback ports as interfaces for data transmission and reception between the application and the first agent 30, and multiple used The addresses of the loopback ports are different.
在本发明设备的一个实施例中,网络附属存储设备包括处理器、硬盘和路由电路,其中在处理器中可运行独立的操作系统,进而,在本发明中将网络附属存储设备作为私有云服务器。私有云服务器位于家庭网络中的网关,家庭中的电脑,移动终端等连接私有云服务器。私有云服务器虽然位于家庭网络中的网关,但是如果家庭网络是采用小区共享宽带,那么私有云服务器位于小区内网之中;即使使用宽带或拨号联网,私有云的IP地址一般为动态分配,无法直接获知其IP地址。因此当用户在家庭网络之外的网络节点上访问私有云服务器时,仍需要建立P2P连接。In an embodiment of the apparatus of the present invention, the network attached storage device includes a processor, a hard disk, and a routing circuit, wherein a separate operating system can be run in the processor, and further, the network attached storage device is used as a private cloud server in the present invention. . The private cloud server is located in a gateway in the home network, and the computer in the home, the mobile terminal, etc. are connected to the private cloud server. Although the private cloud server is located in the gateway of the home network, if the home network uses the cell shared broadband, the private cloud server is located in the intranet; even if broadband or dial-up networking is used, the IP address of the private cloud is generally dynamically allocated. Get the IP address directly. Therefore, when a user accesses a private cloud server on a network node outside the home network, it is still necessary to establish a P2P connection.
还可以在家庭网络中的路由器上加装处理器、硬盘和网络接口作为私有云服务器,其中处理器运行独立的操作系统,网络接口直接连接到路由器的一个LAN口。私有云服务器没有自己的公网IP,而是与家庭中的电脑,移动终端等位于同一内网,因此当用户在家庭网络之外的网络节点上访问私有云服务器时,需要建立P2P连接。It is also possible to add a processor, a hard disk, and a network interface as a private cloud server to a router in the home network, where the processor runs a separate operating system, and the network interface is directly connected to one LAN port of the router. A private cloud server does not have its own public IP address, but is located on the same internal network as a computer or mobile terminal in the home. Therefore, when a user accesses a private cloud server on a network node other than the home network, a P2P connection needs to be established.
私有云服务器除了提供传统的数据存储与共享和网页浏览服务之外,还可以集成智能家电控件,可以控制家庭中的家电。例如,设备为私有云服务器,对端为家庭网络外的终端设备,对端可以具有自己的公网IP,也可以位于另一个内网之中。用户可以通过对端上的代理与私有云服务器建立P2P连接,使得终端设备中的应用程序与私有云服务器的程序之间传输数据,比如通过终端设备中的应用程序访问私有云服务器中的智能家电控件,实现远程遥控家中的电器。或者反过来,设备为位于家庭网络之外的另一内网中的终端设备,对端为私有云服务器。In addition to providing traditional data storage and sharing and web browsing services, the private cloud server can also integrate smart home appliances to control home appliances. For example, the device is a private cloud server, and the peer end is a terminal device outside the home network. The peer end may have its own public network IP or may be located in another internal network. The user can establish a P2P connection with the private cloud server through the proxy on the peer end, so that the application in the terminal device and the program of the private cloud server transmit data, for example, accessing the smart home appliance in the private cloud server through an application in the terminal device. Controls to achieve remote control of the home appliances. Or, conversely, the device is a terminal device located in another intranet outside the home network, and the peer end is a private cloud server.
在本发明网络附属存储的一个实施例中,包括:处理器710、硬盘720和路由电路730,硬盘720和路由电路730分别连接处理器710。路由电路730的WAN接口连接Internet,LAN接口分别连接内网设备,并完成数据包在处理器710和对应接口之间的传输。处理器710用于交换路由信息、查找路由表和转发数据包,配合路由电路730实现局域网和广域网的互连、数据的处理和分发、流量控制等路由功能。处理器710还用于运行第一代理,以与对端的第二代理之间建立P2P穿透连接,处理器710还用于运行第一应用,以通过第一代理将第一数据输出至路由电路730,路由电路730将第一数据发给对端的第二代理,以使得对端的第二代理接收第一数据,并将第一数据发给相应的第二应用,其中,第一代理独立于第一应用,第二代理独立于第二应用,第一代理与第二代理均对相应的第一应用、第二应用透明。网络附属存储可以作为家庭网络中的私有云服务器。In an embodiment of the network attached storage of the present invention, the processor 710, the hard disk 720 and the routing circuit 730 are included, and the hard disk 720 and the routing circuit 730 are respectively connected to the processor 710. The WAN interface of the routing circuit 730 is connected to the Internet, and the LAN interface is respectively connected to the intranet device, and the transmission of the data packet between the processor 710 and the corresponding interface is completed. The processor 710 is configured to exchange routing information, look up a routing table, and forward a data packet, and cooperate with the routing circuit 730 to implement routing functions such as interconnection of a local area network and a wide area network, processing and distribution of data, and flow control. The processor 710 is further configured to run a first proxy to establish a P2P penetration connection with the second proxy of the peer end, and the processor 710 is further configured to run the first application to output the first data to the routing circuit by using the first proxy 730, the routing circuit 730 sends the first data to the second proxy of the peer end, so that the second proxy of the peer end receives the first data, and sends the first data to the corresponding second application, where the first proxy is independent of the first In one application, the second agent is independent of the second application, and the first agent and the second agent are both transparent to the corresponding first application and the second application. Network attached storage can act as a private cloud server in a home network.
网络附属存储通过独立运行的代理程序与其他不在同一内网的网络节点建立P2P连接,网络附属存储上的应用通过代理程序与其他网络节点的应用程序传输数据,这样应用程序无须修改代码即可通过代理与其他设备进行P2P数据传输,节约系统资源。The network attached storage establishes a P2P connection with other network nodes not on the same intranet through the independently running agent. The application on the network attached storage transmits data through the agent and other network node applications, so that the application can pass the code without modifying the code. The agent performs P2P data transmission with other devices to save system resources.
以上所述仅为本发明的实施方式,并非因此限制本发明的专利范围,凡是利用本发明说明书及附图内容所作的等效结构或等效流程变换,或直接或间接运用在其他相关的技术领域,均同理包括在本发明的专利保护范围内。The above is only the embodiment of the present invention, and is not intended to limit the scope of the invention, and the equivalent structure or equivalent process transformations made by the description of the invention and the drawings are directly or indirectly applied to other related technologies. The fields are all included in the scope of patent protection of the present invention.

Claims (18)

  1. 一种网络通信方法,其中,包括:A network communication method, including:
    第一通信方的第一代理与第二通信方的第二代理之间建立P2P穿透连接;Establishing a P2P penetration connection between the first agent of the first communication party and the second agent of the second communication party;
    所述第一通信方的第一应用通过所述第一代理将第一数据发给所述第二通信方的第二代理;The first application of the first communication party sends the first data to the second agent of the second communication party by using the first proxy;
    所述第二通信方的第二代理接收所述第一数据,并将所述第一数据发给相应的第二应用;Receiving, by the second agent of the second communication party, the first data, and sending the first data to a corresponding second application;
    其中,所述第一代理独立于所述第一应用,所述第二代理独立于所述第二应用,所述第一代理与所述第二代理均对相应的第一应用、第二应用透明。The first agent is independent of the first application, the second agent is independent of the second application, and the first agent and the second agent are both corresponding to the first application and the second application. Transparent.
  2. 根据权利要求1所述的方法,其中,The method of claim 1 wherein
    所述第一通信方的第一应用通过所述第一代理将第一数据发给所述第二通信方的第二代理的步骤包括:The step of the first application of the first communication party sending the first data to the second agent of the second communication party by using the first proxy includes:
    所述第一通信方的第一应用将所述第一数据发给所述第一通信方的第一环回端口;The first application of the first communication party sends the first data to a first loopback port of the first communication party;
    所述第一通信方的所述第一代理从所述第一环回端口获得所述第一数据,并发给所述第二通信方的第二代理。The first agent of the first communication party obtains the first data from the first loopback port and sends the first data to the second agent of the second communication party.
  3. 据权利要求1所述的方法,其中,The method of claim 1 wherein
    所述第二通信方的第二代理接收所述第一数据,并将所述第一数据发给相应的第二应用的步骤包括:The step of the second agent of the second communication party receiving the first data and sending the first data to the corresponding second application includes:
    所述第二通信方的第二代理接收所述第一数据后,将所述第一数据发送到所述第二通信方的第二环回端口;After receiving the first data, the second agent of the second communication party sends the first data to a second loopback port of the second communication party;
    所述第二通信方的相应所述第二应用从所述第二环回端口中获得所述第一数据。The corresponding second application of the second communication party obtains the first data from the second loopback port.
  4. 根据权利要求1所述的方法,其中,所述方法还包括:The method of claim 1 wherein the method further comprises:
    所述第二通信方的相应所述第二应用在获得所述第一数据后,将第二数据发给所述第二通信方的另一第二环回端口;After the first data is obtained, the second application of the second communication party sends the second data to another second loopback port of the second communication party;
    所述第二通信方的所述第二代理从所述另一第二环回端口获得所述第二数据,并发给所述第一通信方的第一代理。The second agent of the second communication party obtains the second data from the another second loopback port and sends the second data to the first agent of the first communication party.
  5. 根据权利要求1所述的方法,其中,The method of claim 1 wherein
    所述第一通信方的第一代理与第二通信方的第二代理之间建立P2P穿透连接的步骤是指:设置在所述第一通信方的数据链路层的第一代理与设置在所述第二通信方的数据链路层的第二代理之间建立P2P穿透连接。The step of establishing a P2P penetration connection between the first agent of the first communication party and the second agent of the second communication party means: setting the first agent and setting of the data link layer of the first communication party A P2P tunneling connection is established between the second agents of the data link layer of the second correspondent party.
  6. 根据权利要求1所述的方法,其中,The method of claim 1 wherein
    所述第一通信方的第一代理与第二通信方的第二代理之间建立P2P穿透连接的步骤包括:The step of establishing a P2P penetration connection between the first agent of the first communication party and the second agent of the second communication party includes:
    所述第一通信方的第一代理向服务器发送第一连接请求,所述第一连接请求包括第一通信方的地址及端口信息,还包括所要建立连接的对端即所述第二通信方的信息;The first agent of the first communication party sends a first connection request to the server, where the first connection request includes address and port information of the first communication party, and the opposite end of the connection to be established, that is, the second communication party Information;
    所述服务器接收所述第一连接请求,将所述第一通信方的地址及端口信息发给所述第二通信方的第二代理,并将所述第二通信方的地址及端口信息发给所述第一通信方的第一代理,所述服务器中预先保存有所述第一通信方和所述第二通信方的地址及端口信息;Receiving, by the server, the first connection request, sending the address and port information of the first communication party to the second agent of the second communication party, and sending the address and port information of the second communication party Providing, to the first agent of the first communication party, the address and port information of the first communication party and the second communication party are pre-stored in the server;
    所述第二通信方的第二代理利用所述第一通信方的地址及端口信息向所述第一通信方发送第二连接请求,所述第二连接请求被所述第一通信方侧的网络地址转换NAT拒绝,所述第二通信方侧的网络地址转换保存了所述第一通信方的地址及端口;The second agent of the second communication party sends a second connection request to the first communication party by using the address and port information of the first communication party, where the second connection request is on the first communication side The network address translation NAT rejects, and the network address translation of the second communication party side saves the address and port of the first communication party;
    所述第一通信方的第一代理向所述第二通信方发起第三连接请求,所述第二通信方侧的网络地址转换根据所述保存的所述第一通信方的地址及端口而通过所述第三请求;The first agent of the first communication party initiates a third connection request to the second communication party, and the network address translation of the second communication party side is based on the saved address and port of the first communication party. Passing the third request;
    所述第二通信方的第二代理接收所述第三连接请求,以建立所述第一通信方的第一代理与第二通信方的第二代理之间的P2P穿透连接。The second agent of the second communication party receives the third connection request to establish a P2P penetration connection between the first agent of the first communication party and the second agent of the second communication party.
  7. 根据权利要求1所述的方法,其中,The method of claim 1 wherein
    所述第一通信方是私有云服务器,所述第二通信方是所述私有云服务器所在内网之外的另一网络节点,或反过来。The first communication party is a private cloud server, and the second communication party is another network node outside the internal network where the private cloud server is located, or vice versa.
  8. 一种网络通信方法,其中,包括:A network communication method, including:
    第一通信方的第一代理与第二通信方的第二代理之间建立P2P穿透连接;Establishing a P2P penetration connection between the first agent of the first communication party and the second agent of the second communication party;
    所述第一通信方的第一应用通过所述第一代理将第一数据发给所述第二通信方的第二代理,以使得所述第二通信方的第二代理接收所述第一数据,并将所述第一数据发给相应的第二应用;The first application of the first communication party sends the first data to the second agent of the second communication party by the first agent, so that the second agent of the second communication party receives the first Data, and sending the first data to a corresponding second application;
    其中,所述第一代理独立于所述第一应用,所述第二代理独立于所述第二应用,所述第一代理与所述第二代理均对相应的第一应用、第二应用透明。The first agent is independent of the first application, the second agent is independent of the second application, and the first agent and the second agent are both corresponding to the first application and the second application. Transparent.
  9. 根据权利要求8所述的方法,其中,The method of claim 8 wherein
    所述第一通信方的第一应用通过所述第一代理将第一数据发给所述第二通信方的第二代理的步骤包括:The step of the first application of the first communication party sending the first data to the second agent of the second communication party by using the first proxy includes:
    所述第一通信方的第一应用将所述第一数据发给所述第一通信方的第一环回端口;The first application of the first communication party sends the first data to a first loopback port of the first communication party;
    所述第一通信方的所述第一代理从所述第一环回端口获得所述第一数据,并发给所述第二通信方的第二代理。The first agent of the first communication party obtains the first data from the first loopback port and sends the first data to the second agent of the second communication party.
  10. 据权利要求8所述的方法,其中,所述方法还包括:The method of claim 8 wherein the method further comprises:
    所述第一通信方的第一代理接收从所述第二通信方的第二代理发来的第二数据;The first agent of the first communication party receives the second data sent from the second agent of the second communication party;
    所述第一通信方的第一代理将所述第二数据发送到所述第一通信方的另一第一环回端口;Transmitting, by the first agent of the first communication party, the second data to another first loopback port of the first communication party;
    所述第一通信方的所述第一应用从所述另一第一环回端口中获得所述第二数据。The first application of the first communication party obtains the second data from the another first loopback port.
  11. 根据权利要求8所述的方法,其中,The method of claim 8 wherein
    所述第一通信方的第一代理与第二通信方的第二代理之间建立P2P穿透连接的步骤是指:设置在所述第一通信方的数据链路层的第一代理与设置在所述第二通信方的数据链路层的第二代理之间建立P2P穿透连接。The step of establishing a P2P penetration connection between the first agent of the first communication party and the second agent of the second communication party means: setting the first agent and setting of the data link layer of the first communication party A P2P tunneling connection is established between the second agents of the data link layer of the second correspondent party.
  12. 根据权利要求8所述的方法,其中,The method of claim 8 wherein
    所述第一通信方的第一代理与第二通信方的第二代理之间建立P2P穿透连接的步骤包括:The step of establishing a P2P penetration connection between the first agent of the first communication party and the second agent of the second communication party includes:
    所述第一通信方的第一代理向服务器发送第一连接请求,所述第一连接请求包括第一通信方的地址及端口信息,还包括所要建立连接的对端即所述第二通信方的信息;The first agent of the first communication party sends a first connection request to the server, where the first connection request includes address and port information of the first communication party, and the opposite end of the connection to be established, that is, the second communication party Information;
    所述服务器接收所述第一连接请求,将所述第一通信方的地址及端口信息发给所述第二通信方的第二代理,并将所述第二通信方的地址及端口信息发给所述第一通信方的第一代理,所述服务器中预先保存有所述第一通信方和所述第二通信方的地址及端口信息;Receiving, by the server, the first connection request, sending the address and port information of the first communication party to the second agent of the second communication party, and sending the address and port information of the second communication party Providing, to the first agent of the first communication party, the address and port information of the first communication party and the second communication party are pre-stored in the server;
    所述第二通信方的第二代理利用所述第一通信方的地址及端口信息向所述第一通信方发送第二连接请求,所述第二连接请求被所述第一通信方侧的网络地址转换拒绝,所述第二通信方侧的网络地址转换保存了所述第一通信方的地址及端口;The second agent of the second communication party sends a second connection request to the first communication party by using the address and port information of the first communication party, where the second connection request is on the first communication side The network address translation is rejected, and the network address translation on the second communication side saves the address and port of the first communication party;
    所述第一通信方的第一代理向所述第二通信方发起第三连接请求,所述第二通信方侧的网络地址转换根据所述保存的所述第一通信方的地址及端口而通过所述第三请求;The first agent of the first communication party initiates a third connection request to the second communication party, and the network address translation of the second communication party side is based on the saved address and port of the first communication party. Passing the third request;
    所述第二通信方的第二代理接收所述第三连接请求,以建立所述第一通信方的第一代理与第二通信方的第二代理之间的P2P穿透连接。The second agent of the second communication party receives the third connection request to establish a P2P penetration connection between the first agent of the first communication party and the second agent of the second communication party.
  13. 根据权利要求8所述的方法,其中,The method of claim 8 wherein
    所述第一通信方是私有云服务器,或者所述私有云服务器所在内网之外的另一网络节点。The first communication party is a private cloud server, or another network node outside the internal network where the private cloud server is located.
  14. 一种设备,其中,包括:A device comprising:
    处理器和网络通信电路;Processor and network communication circuit;
    所述处理器用于运行第一代理,以通过所述网络通信电路与对端的第二代理之间建立P2P穿透连接;The processor is configured to run a first proxy to establish a P2P penetration connection between the network communication circuit and a second proxy of the peer end;
    所述处理器还用于运行第一应用,以通过所述第一代理将第一数据输出至所述网络通信电路,所述网络通信电路将所述第一数据发给所述对端的第二代理,以使得所述对端的第二代理接收所述第一数据,并将所述第一数据发给相应的第二应用;The processor is further configured to run a first application to output first data to the network communication circuit by the first proxy, the network communication circuit sending the first data to a second of the opposite end a proxy, so that the second proxy of the peer end receives the first data, and sends the first data to a corresponding second application;
    其中,所述第一代理独立于所述第一应用,所述第二代理独立于所述第二应用,所述第一代理与所述第二代理均对相应的第一应用、第二应用透明。The first agent is independent of the first application, the second agent is independent of the second application, and the first agent and the second agent are both corresponding to the first application and the second application. Transparent.
  15. 根据权利要求14所述的设备,其中,The apparatus according to claim 14, wherein
    所述处理器具体用于运行所述第一应用以将所述第一数据发给第一环回端口,然后运行所述第一代理以从所述第一环回端口获得所述第一数据,并输出至所述网络通信电路,以实现控制所述第一应用通过所述第一代理将所述第一数据输出至所述网络通信电路。The processor is specifically configured to run the first application to send the first data to a first loopback port, and then run the first proxy to obtain the first data from the first loopback port. And outputting to the network communication circuit to control the first application to output the first data to the network communication circuit by the first agent.
  16. 据权利要求14所述的设备,其中, The device according to claim 14, wherein
    所述处理器还用于运行所述第一代理以通过所述网络通信电路接收从所述对端的第二代理发来的第二数据,然后运行所述第一代理以将所述第二数据发送到另一第一环回端口,然后运行所述第一应用以从所述另一第一环回端口中获得所述第二数据。The processor is further configured to run the first agent to receive second data sent by the second agent of the peer end through the network communication circuit, and then run the first agent to send the second data Sending to another first loopback port and then running the first application to obtain the second data from the other first loopback port.
  17. 根据权利要求14所述的设备,其中,The apparatus according to claim 14, wherein
    所述设备是私有云服务器,或者所述私有云服务器所在内网之外的另一网络节点。The device is a private cloud server, or another network node outside the intranet where the private cloud server is located.
  18. 一种网络附属存储设备,其中,包括:A network attached storage device, including:
    处理器、硬盘和路由电路,所述硬盘和路由电路分别连接所述处理器;a processor, a hard disk, and a routing circuit, wherein the hard disk and the routing circuit are respectively connected to the processor;
    所述处理器用于运行第一代理,以通过所述路由电路与对端的第二代理之间建立P2P穿透连接;The processor is configured to run a first proxy to establish a P2P penetration connection between the routing circuit and a second proxy of the peer end;
    所述处理器还用于运行所述第一应用,以通过所述第一代理将第一数据输出至所述路由电路,所述路由电路将所述第一数据发给所述对端的第二代理,以使得所述对端的第二代理接收所述第一数据,并将所述第一数据发给相应的第二应用;The processor is further configured to run the first application to output first data to the routing circuit by the first proxy, and the routing circuit sends the first data to a second of the opposite end a proxy, so that the second proxy of the peer end receives the first data, and sends the first data to a corresponding second application;
    其中,所述第一代理独立于所述第一应用,所述第二代理独立于所述第二应用,所述第一代理与所述第二代理均对相应的第一应用、第二应用透明。The first agent is independent of the first application, the second agent is independent of the second application, and the first agent and the second agent are both corresponding to the first application and the second application. Transparent.
PCT/CN2016/080671 2015-09-30 2016-04-29 Network communication method, device, and network attached storage device WO2017054447A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201510641629.9 2015-09-30
CN201510641629.9A CN105376299B (en) 2015-09-30 2015-09-30 Network communication method, equipment and network attached storage equipment

Publications (1)

Publication Number Publication Date
WO2017054447A1 true WO2017054447A1 (en) 2017-04-06

Family

ID=55378094

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2016/080671 WO2017054447A1 (en) 2015-09-30 2016-04-29 Network communication method, device, and network attached storage device

Country Status (2)

Country Link
CN (1) CN105376299B (en)
WO (1) WO2017054447A1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111953640A (en) * 2019-05-17 2020-11-17 阿里巴巴集团控股有限公司 Communication method, communication system, cloud node and readable storage medium
CN113079156A (en) * 2021-03-31 2021-07-06 国网浙江省电力有限公司信息通信分公司 Intranet and extranet information interaction system

Families Citing this family (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105376299B (en) * 2015-09-30 2020-12-04 深圳市先河系统技术有限公司 Network communication method, equipment and network attached storage equipment
CN107222326B (en) 2016-03-22 2021-02-02 斑马智行网络(香港)有限公司 Access method, configuration method and device for service between devices
CN106131233B (en) * 2016-06-20 2019-03-15 腾讯科技(深圳)有限公司 Realize the method, apparatus and system of the access of database multipath
CN106604119B (en) * 2016-12-26 2020-12-22 深圳市Tcl高新技术开发有限公司 Network penetration method and system for private cloud equipment of smart television
CN110611693A (en) * 2018-06-15 2019-12-24 上海宽翼通信科技股份有限公司 Online storage method and system based on private cloud and private cloud client
CN110661858A (en) * 2019-09-12 2020-01-07 南京博联智能科技有限公司 Websocket-based intranet penetration method and system
CN111030984B (en) * 2019-10-22 2022-08-19 上海泰宇信息技术股份有限公司 Data safety transmission system and method
CN114979261A (en) * 2021-02-24 2022-08-30 华为技术有限公司 Service interaction method, terminal, server and system
CN115776493A (en) * 2021-09-07 2023-03-10 华为云计算技术有限公司 Resource request method, system, device, equipment and storage medium
CN113839849A (en) * 2021-09-22 2021-12-24 天津津航计算技术研究所 Virtual private network erection method based on STUN

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100017500A1 (en) * 2008-07-17 2010-01-21 Rubik Lee Methods and systems for peer-to-peer proxy sharing
CN102868769A (en) * 2012-10-16 2013-01-09 青岛海尔软件有限公司 Real-time bi-directional data transmission system of Internet of things and Internet
CN102932362A (en) * 2012-11-09 2013-02-13 中山爱科数字科技股份有限公司 Method for household digital video disk (DVD) remote shared playing
CN103179213A (en) * 2013-04-03 2013-06-26 深圳市闪联信息技术有限公司 Method and system for transmitting home media resources on the basis of peer-to-peer agent mechanism
CN105376299A (en) * 2015-09-30 2016-03-02 深圳市先河系统技术有限公司 A network communication method, an apparatus and a network attached storage apparatus

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2007144682A1 (en) * 2006-06-14 2007-12-21 Nokia Corporation Method and device for wireless transmission of internet protocol tv
CN101170572A (en) * 2006-10-23 2008-04-30 日电(中国)有限公司 Multimedia network communication system based on P2P SIP technology
CN101087239A (en) * 2007-07-17 2007-12-12 北京搜狗科技发展有限公司 A data transmission method and device for fully utilizing bandwidth resource in peer-to-peer network
US8769278B2 (en) * 2010-04-07 2014-07-01 Apple Inc. Apparatus and method for efficiently and securely exchanging connection data
CN102984186A (en) * 2011-09-05 2013-03-20 中兴通讯股份有限公司 A method and an apparatus for establishing a session
US8917311B1 (en) * 2014-03-31 2014-12-23 Apple Inc. Establishing a connection for a video call

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100017500A1 (en) * 2008-07-17 2010-01-21 Rubik Lee Methods and systems for peer-to-peer proxy sharing
CN102868769A (en) * 2012-10-16 2013-01-09 青岛海尔软件有限公司 Real-time bi-directional data transmission system of Internet of things and Internet
CN102932362A (en) * 2012-11-09 2013-02-13 中山爱科数字科技股份有限公司 Method for household digital video disk (DVD) remote shared playing
CN103179213A (en) * 2013-04-03 2013-06-26 深圳市闪联信息技术有限公司 Method and system for transmitting home media resources on the basis of peer-to-peer agent mechanism
CN105376299A (en) * 2015-09-30 2016-03-02 深圳市先河系统技术有限公司 A network communication method, an apparatus and a network attached storage apparatus

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111953640A (en) * 2019-05-17 2020-11-17 阿里巴巴集团控股有限公司 Communication method, communication system, cloud node and readable storage medium
CN113079156A (en) * 2021-03-31 2021-07-06 国网浙江省电力有限公司信息通信分公司 Intranet and extranet information interaction system

Also Published As

Publication number Publication date
CN105376299A (en) 2016-03-02
CN105376299B (en) 2020-12-04

Similar Documents

Publication Publication Date Title
WO2017054447A1 (en) Network communication method, device, and network attached storage device
TWI234969B (en) Dynamic network address translation system and method of transparent private network device
US8380863B2 (en) Control of security application in a LAN from outside the LAN
US20040148439A1 (en) Apparatus and method for peer to peer network connectivty
TWI441493B (en) System and method for connection of hosts behind nats
CN102420774B (en) Method for realizing intranet penetration by using Internet group management protocol (IGMP) and intranet penetration system
WO2015000262A1 (en) Social network based multi-screen interaction method
WO2017054446A1 (en) Network communication method, device, and network attached storage device
JPWO2007043381A1 (en) Network communication device, network communication method, address management device
WO2016201966A1 (en) Nat traversal method, apparatus and system
TW201635164A (en) Method for use with a public cloud network, private cloud routing server and smart device client
WO2007019809A1 (en) A method and ststem for establishing a direct p2p channel
TWI558149B (en) Network transmission method and network transmission system for a multi-layer network address translator structure
CN103237092B (en) A kind of method and apparatus of accessing private network hard disk video recorder
US20140337478A1 (en) Peer-to-peer network communications
JP2009010606A (en) Tunnel connection system, tunnel control server, tunnel connecting device, and tunnel connection method
Huang et al. The p2p solution research and design based on nat traversing technology
WO2017067260A1 (en) Method, device and system for networking intelligent terminals
WO2010058893A1 (en) Method and apparatus for receiving data by using peer-to-peer portal server
CN113067908B (en) NAT (network Address translation) traversing method and device, electronic equipment and storage medium
CN117439815B (en) Intranet penetration system and method based on reverse transparent bridging
CN116436731B (en) Multi-internal network two-layer data stream communication method
JP5084716B2 (en) VPN connection apparatus, DNS packet control method, and program
TWI584617B (en) Auxiliary data transmission
KR20070061036A (en) Apparatus and method for sharing media inter homenetworks

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 16850072

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 16850072

Country of ref document: EP

Kind code of ref document: A1