WO2017219816A1 - Data transmission method and network address translation device - Google Patents

Data transmission method and network address translation device Download PDF

Info

Publication number
WO2017219816A1
WO2017219816A1 PCT/CN2017/085496 CN2017085496W WO2017219816A1 WO 2017219816 A1 WO2017219816 A1 WO 2017219816A1 CN 2017085496 W CN2017085496 W CN 2017085496W WO 2017219816 A1 WO2017219816 A1 WO 2017219816A1
Authority
WO
WIPO (PCT)
Prior art keywords
information
public network
network
receiving end
sending
Prior art date
Application number
PCT/CN2017/085496
Other languages
French (fr)
Chinese (zh)
Inventor
梁一川
胡亿芬
戴笑来
夷泓
蔡磊
孟继杰
李红亮
刘展
孙月芹
Original Assignee
中兴通讯股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中兴通讯股份有限公司 filed Critical 中兴通讯股份有限公司
Publication of WO2017219816A1 publication Critical patent/WO2017219816A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/25Mapping addresses of the same type
    • H04L61/2503Translation of Internet protocol [IP] addresses
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming

Definitions

  • the present disclosure relates to the field of communications, and in particular, to a data transmission method and a network address translation device.
  • NAT Network Address Translation
  • a server in an intranet is used by a NAT device to proxy the external service of the server, and an external service accesses the public network address of the server.
  • the actual access to the NAT device is converted into a NAT device.
  • Web address to the server due to the variety of operating networks and network users, the domain name/IP that different networks resolve for the same website may be different.
  • there is a WEB server in the internal network The server has a public network IP address in the carrier A network and a public network IP address in the carrier B network.
  • the user of the external A network accesses the WEB server, after DNS resolution, it finds that it is the address of the A network, sends the request to the NAT device, and transfers it to the server.
  • the packet returned by the server must also select the IP address of the public network interface of the carrier A to reach the user requesting access.
  • the intranet address and the public network address of the server are in a one-to-one correspondence, so two different WEB servers are used in the related art, and each server has its corresponding intranet address, and the NAT device
  • the two web servers are respectively assigned a public network address corresponding to the intranet address, so that the packets of the WEB server can be returned according to the receiving path.
  • the NAT device can directly forward the information to the device in the internal network, but the device in the internal network needs to forward the information to the device in the inbound network.
  • replying to the sending device the information is forwarded to the NAT device to complete the conversion of the internal network address to the public network address.
  • the NAT device can send the information through two different networks. However, if the information is to be successfully sent to the sender, only the network used by the sender to send the information can be selected. At this time, the NAT device does not know which network is. The network used by the sender before.
  • the data transmission method and the network address translation device provided by the embodiments of the present disclosure mainly solve the technical problem: when a plurality of corresponding public network addresses are configured for the internal network address of the terminal device in the internal network, the related information cannot be The terminal device selects a suitable network to send information to the destination.
  • an embodiment of the present disclosure provides a data transmission method, including:
  • the embodiment of the present disclosure further provides a network address translation device, including an information receiving module, a saving module, a processing module, and a network selection module:
  • the information receiving module is configured to receive sending information of the sending end, where the sending information includes a public network identifier of the receiving end;
  • the saving module is configured to generate source identification information according to the sending information, and save the source identification information to an entry corresponding to the public network identifier of the receiving end;
  • the processing module is configured to forward the sending information to the receiving end by using an intranet, and receive response information that includes the source identifier information that is sent by the receiving end through the intranet;
  • the network selection module is configured to match the corresponding public network according to the source identification information, and forward the response information to the sending end by using the public network.
  • Embodiments of the present disclosure also provide a computer storage medium having stored therein computer executable instructions for performing the aforementioned data transmission method.
  • the network address translation device receives the transmission information of the transmitting end, where the transmission information carries the public network identifier of the receiving end, and generates the source identifier according to the sending information.
  • the information is saved to the entry corresponding to the public network identifier; the sent information is forwarded to the receiving end, and the response message containing the active identification information fed back by the receiving end through the intranet is received; Based on the information, the corresponding public network is matched, and the response message is forwarded to the sender through the public network.
  • the source identification information is generated and saved in the solution in the embodiment of the present disclosure, and is saved to the entry corresponding to the public network identifier of the receiving end.
  • the response information at the receiving end also carries the source identification information, and the source identification information can be matched according to the source identification information.
  • the public network by using the public network to forward response information, can ensure that the response message is sent by the network receiving the sent message.
  • FIG. 1 is a flowchart of a data transmission method according to Embodiment 1 of the present disclosure
  • FIG. 2 is a schematic structural diagram of a network address translation device according to Embodiment 2 of the present disclosure
  • FIG. 3 is a schematic diagram of networking of a specific example in Embodiment 2 of the present disclosure.
  • Embodiment 1 is a diagrammatic representation of Embodiment 1:
  • FIG. 1 For a data transmission method, please refer to FIG. 1, which includes:
  • S101 Receive sending information of the sending end.
  • S102 Generate source identification information according to the sending information, and save the source identification information to an entry corresponding to the public network identifier of the receiving end;
  • S103 Forward the sent information to the receiving end, and receive the response information that the receiving end feeds back through the intranet;
  • S104 Match the corresponding public network according to the source identification information, and forward the response information to the sending end through the public network.
  • the received transmission information includes the public network identifier of the receiving end.
  • the public network identification information is mainly used to identify the public network at the receiving end.
  • the internal network identifier of the receiving end is obtained, and at least two public network identifiers corresponding to the internal network identifier are configured for the receiving end; and the internal network identifier and each public network identifier are correspondingly saved to different entries. Mark multiple entries for each entry.
  • the IP address used by the receiving end to access the public network can be used as the public network identifier.
  • the internal network identifier of the receiving end can be the internal network IP address of the receiving end.
  • the public network identifier of the receiving end includes the public network IP address of the receiving end.
  • the terminal in the internal network has its own internal network IP address, and uses the static network address translation mode to configure at least two public network IP addresses corresponding to the internal network IP address for the terminal in the internal network;
  • An intranet address corresponds to multiple public network addresses.
  • the IP address described here mainly serves to identify the network or the terminal, and other implementation manners can be adopted.
  • the mapping relationship is saved in multiple different entries based on the corresponding public IP addresses.
  • a multi-export tag is also marked for an entry whose intranet address corresponds to multiple public network addresses.
  • the source identification information is generated according to the transmission information, and the source identification information is saved, so that the receiving end can use the public information used by the sending end to send the sending information after receiving the information.
  • the network transmits the response information.
  • the source identifier information may be an IP address of the sending end.
  • the sending end sends the sending information to the receiving end, the sending end carries its own IP address in the sending information, so After the information is sent, only the transmission information needs to be parsed, and the IP address of the sender can be obtained, thereby obtaining source identification information.
  • the use of the IP address of the sender as the source identifier is only one specific embodiment of the embodiment, and may be identified by other means.
  • the source identification information is also saved. Specifically, the public network identifier in the sending information may be matched with the account saved by the public network identifier. After the corresponding public network identifier is matched, the source identifier information is saved under the entry.
  • the corresponding entry when the source identifier information is saved, the corresponding entry may be matched according to the public network identifier of the receiving end, and then the entry may be determined to have multiple exit markings; if yes, the internal network address corresponding to the entry is verified. If multiple public network addresses are used, you need to save the corresponding source identification information for the entry when you want to use the inbound traffic to the same public network address. Then, determine whether the corresponding source identification information has been saved under the entry. Now, you don't have to save it again. If you don't have it, you need to save the source ID information.
  • step S103 the sending information is forwarded to the receiving end through the intranet, and after receiving the sending information, the receiving end needs to generate a response message when responding to the information. Thus, a response message from the receiving end is received.
  • the source identification information is carried in the response information. This is also the advantage of using the IP address of the sender as the source identifier information in the embodiment. In the network, if the information is to be sent, the source IP address of the sender and the destination IP address of the destination end are carried in the packet.
  • the receiving end When the receiving end sends the above-mentioned sending information, it will carry its own IP address in the sending information; when the receiving end receives the sending information and makes a feedback to send the response information, in order to ensure normal transmission, the response information itself is also in the response information.
  • the IP address of the sender is used as the destination address. In this way, the source IP address of the sender can not only help to implement information forwarding, but also can be used for identification. Therefore, it is not necessary to add additional identifier information to add additional
  • the transmission bandwidth is simple and convenient, and also saves resources.
  • step S104 the source identifier information in the response information is obtained, and the source identifier information is matched with each entry saved by the user. After the corresponding entry is matched, the public network address under the entry is obtained, and the public network address is used. The corresponding network forwards the response information.
  • a timer may also be set for each entry.
  • the transmission method in this embodiment is usually directed to some servers in the intranet. If the server has a large amount of access, then a large number of entries need to be saved. By setting the timer, the information in the entry or the information in the entry is periodically cleared to avoid occupying a large amount of resources.
  • the data transmission method in this embodiment generates source identification information after receiving the information sent by the sending end, and uses the source identification information to identify the network, and when forwarding the response information of the receiving end, according to the source identification information
  • the corresponding public network is matched to send the response information.
  • the intranet address of the intranet device is one-to-one corresponding to the public network address, and the two servers are used, only one service can be implemented with users in different public networks. Interaction saves costs.
  • Embodiment 2 is a diagrammatic representation of Embodiment 1:
  • the network address translation device includes an information receiving module 21, which is configured to receive sending information of a sending end, where the sending information includes a public network identifier of the receiving end, and the public network identifier information. It mainly identifies the public network of the receiving end, and can use the IP address used by the receiving end to access the public network. Public network identification.
  • the network address translation device further includes a network address translation module 22, configured to acquire an internal network identifier of the receiving end, and configure at least two public network identifiers corresponding to the internal network identifier for the receiving end before receiving the sending information of the transmitting end; The intranet identifier and each public network identifier are saved to different entries, and multiple entries are marked for each entry.
  • the network address translation module 22 first configures corresponding IP addresses for different networks.
  • the IP address used by the receiving end to access the public network can be used as the public network identifier.
  • the internal network identifier of the receiving end can be the internal network IP address of the receiving end.
  • the public network identifier of the receiving end includes the public network IP address of the receiving end.
  • the terminal in the internal network has its own internal network IP address, and the network address translation module 22 uses the static network address translation mode to configure at least two public network IP addresses corresponding to the internal network IP address for the terminals in the internal network.
  • the IP address described here mainly serves to identify the network or the terminal, and other implementation manners can be adopted.
  • mapping relationship is saved in multiple different entries based on the corresponding public IP addresses.
  • a multi-export tag is also marked for an entry whose intranet address corresponds to multiple public network addresses.
  • the network address translation device further includes a saving module 23, which generates source identification information according to the transmission information, and saves the source identification information, so that when the receiving end receives the information, the receiving end may use the sending end to send the sending information.
  • the public network used transmits the response information.
  • the source identifier information may be an IP address of the sending end.
  • the sending end sends the sending information to the receiving end, the sending end carries its own IP address in the sending information, so after receiving the sending information, only The transmission information needs to be parsed, and the IP address of the sender can be obtained, thereby obtaining source identification information.
  • the use of the IP address of the sender as the source identifier is only one specific embodiment of the embodiment, and may be identified by other means.
  • the source identification information is also saved. Specifically, the saving module 23 may first match the account saved by the public network identifier in the sending information, and then, after matching the corresponding public network identifier, save the source identifier information under the entry.
  • the saving module 23 may first match the corresponding entry according to the public network identifier of the receiving end, and then determine whether the entry has multiple exit markings; if yes, further determine whether the source has been saved. The identification information, if it has been saved, does not repeatedly save the source identification information, if not, the source identification information needs to be saved.
  • the network address translation device further includes a processing module 24, configured to forward the transmission information to the receiving end through the intranet, and receive response information including the active identification information fed back by the receiving end through the intranet.
  • the network address translation device further includes a network selection module 25, configured to match the corresponding public network according to the source identification information, and forward the response information to the sending end through the public network.
  • the network selection module 25 obtains the source identifier information in the response information, and matches the source identifier information with each entry that is saved by itself. After the corresponding entry is matched, the public network address under the entry is obtained, and the public network is adopted. The network corresponding to the address forwards the response information.
  • a timer module may be further included, which is used to set a timer for each item. If the server has a large amount of access, a large number of entries need to be saved, and a timer may be used to periodically Close the entry, or clear the information in the entry to avoid taking up a lot of resources.
  • the functions of the save module 23, the processing module 24, and the network selection module 25 can all be implemented by a processor of the network address translation device.
  • the network address translation device in this embodiment is further described below with reference to a specific example.
  • the network address translation device in this embodiment is a router:
  • the server addresses correspond to the two public network addresses of the A network and the B network, and put a static multi-export mark to generate an entry table. Please refer to Table 1.
  • the configuration commands are as follows:
  • a network user 60.1.1.1 accesses the server http://10.1.1.1:80, the root address (public network) + port number (10.1.1.1:80), directly converted to the private network address + port number (192.168.100.1: 80) At the same time, an entry 60.1.1.1 is generated, and the corresponding public network address is 10.1.1.1:80.
  • Table 2 For the entry list of users who have entered traffic, please refer to Table 2.
  • Private network address User source address Public address 1 192.168.100.1:80 10.1.1.1:80 (A network) 2 192.168.100.1:80 60.1.1.1 10.1.1.1:80 (A network) 3 192.168.100.1:80 20.1.1.1:80 (B network)
  • the intranet server returns a packet to the A network.
  • NAT network address
  • destination address (60.1.1.1)
  • select the entry No. 2 select the entry No. 2
  • replace the private network address with the A network.
  • B network user 80.1.1.1 access server http://10.1.1.1:80, root address (public network) + port number (20.1.1.1:80), directly convert to the private network address + port number (192.168.100.1:80), and then generate an entry 80.1.1.1, the corresponding public network address is 20.1.1.1:80; Please refer to Table 3 for the entry list.
  • Private network address User source address Public address 1 192.168.100.1:80 10.1.1.1:80 (A network) 2 192.168.100.1:80 60.1.1.1 10.1.1.1:80 (A network) 3 192.168.100.1:80 20.1.1.1:80 (B network) 4 192.168.100.1:80 80.1.1.1 20.1.1.1:80 (B network)
  • the intranet server returns a packet to the B network.
  • NAT Network Address Translation
  • destination address 80.1.1.1
  • select the 4th entry select the 4th entry, and then replace the private network address with the B network.
  • the public network address is 20.1.1.1:80.
  • the network address translation device in the embodiment After receiving the sending information of the sending end, the network address translation device in the embodiment generates source identification information, and uses the source identification information to identify the network. When multiple corresponding public network addresses are configured for the internal network address of the terminal device in the internal network, an accurate network is selected for the terminal.
  • modules or steps of the above embodiments of the present disclosure may be implemented by a general computing device, which may be concentrated on a single computing device or distributed among multiple computing devices. On the network, optionally, they may be implemented by program code executable by the computing device, such that they may be stored in a computer storage medium (ROM/RAM, disk, optical disk) by a computing device, and at some In some cases, the steps shown or described may be performed in an order different than that herein, or they may be separately fabricated into individual integrated circuit modules, or a plurality of modules or steps may be fabricated into a single integrated circuit module. . Therefore, the present disclosure is not limited to any specific combination of hardware and software.
  • the data transmission method provided by the embodiment of the present disclosure may be applied to a network address translation device, by generating and storing source identification information, and saving the same to an entry corresponding to the public network identifier of the receiving end; the response information at the receiving end also carries the source identifier.
  • the information can be matched according to the source identification information to the corresponding public network, and the public network can be used to forward the response information, so that the network that receives the sent message can be sent to the response message.

Abstract

Embodiments of the present invention provide a data transmission method and a network address translation device. The method comprises: a network address translation device receives sending information of a sending end, the sending information carrying a public network identifier of a reception end; generate source identifier information according to the sending information, and store the source identifier information to an entry corresponding to the public network identifier; forward the sending information to the reception end, and receive a response message that is sent by the reception end through an internal network and that comprises the source identifier information; and obtain, by means of matching, a corresponding public network by using the source identifier information as a criteria, and forward the response message to the sending end through the public network. The problem in the prior art of failure to select a proper network for a terminal device to send information to a destination end when multiple corresponding public network addresses are configured for an internal network address of the terminal device in the internal network is resolved, and accordingly an accurate network is selected for the terminal when multiple corresponding public network addresses are configured for the internal network address of the terminal device in the internal network.

Description

一种数据传输方法、网络地址转换设备Data transmission method and network address translation device 技术领域Technical field
本公开涉及通信领域,尤其涉及一种数据传输方法、网络地址转换设备。The present disclosure relates to the field of communications, and in particular, to a data transmission method and a network address translation device.
背景技术Background technique
随着网络业务的快速发展,NAT(Netword Address Translation,网络地址转换)技术,得到了越来越多的运用。其一种使用场景是,为了隐藏服务器的真实IP地址,采用这种方式不仅可以保护自己的隐私,还可以保护机器不被互联网上的IP扫描软件发现,减小本机受IP攻击的可能性。对于服务器,为了方便用户访问,通常会采用静态NAT形式给内网中的服务器分配一个与之对应的公网地址。With the rapid development of network services, NAT (Netword Address Translation) technology has been used more and more. One use scenario is that in order to hide the real IP address of the server, this method not only protects its privacy, but also protects the machine from being discovered by IP scanning software on the Internet, reducing the possibility of the device being attacked by IP. . For the server, in order to facilitate user access, a static NAT form is usually used to assign a corresponding public network address to the server in the internal network.
在相关技术中往往存在这样的情况,处于内网中的服务器,由NAT设备代理该服务器的对外业务,外部业务访问服务器的公网地址,实际访问到的是NAT设备,由NAT设备转换为内网地址到服务器。但是,由于运营网络以及网络用户多种多样,不同网络对于同一个网站解析的域名/IP可能不同。例如,有个WEB服务器在内网中。该服务器在运营商A网络中有一个公网IP地址,在运营商B网络中也有一个公网IP地址。由于运营商对于同一网站解析的域名/IP不一样,所以外部A网络的用户访问该WEB服务器时,经过DNS解析后,发现是A网络的地址,发送请求到NAT设备,转给服务器。服务器返回的报文,也必须选择运营商A的公网接口IP地址,才能到达请求访问的用户。但是由于相关技术中,服务器的内网地址和公网地址都采用一一对应的形式,所以相关技术中都使用两个不同的WEB服务器,每个服务器都有其对应的内网地址,NAT设备为两台WEB服务器分别分配与之内网地址一一对应的公网地址,从而使得可以根据接收路径返回WEB服务器的报文。当给该WEB服务器设置两个对应的公网地址,由于NAT设备在向内网中的设备转发发送端的信息的时候,可以直接将信息转发给内网中的设备,但是内网中的设备要向该发送设备回复信息的时候,先将信息转发至NAT设备,完成内网地址到公网地址的转换,但是,由于该内网中的WEB服务器对应有两个公网地址,也就是说,NAT设备可以通过两个不同的网络来发送该信息,但是,如果要让该信息顺利到达发送端只能选择之前发送端发送信息所使用的网络,而此时,NAT设备并不知道哪个网络是之前发送端所使用的网络。In the related art, there is often a situation in which a server in an intranet is used by a NAT device to proxy the external service of the server, and an external service accesses the public network address of the server. The actual access to the NAT device is converted into a NAT device. Web address to the server. However, due to the variety of operating networks and network users, the domain name/IP that different networks resolve for the same website may be different. For example, there is a WEB server in the internal network. The server has a public network IP address in the carrier A network and a public network IP address in the carrier B network. Because the domain name/IP that the operator resolves on the same website is different, when the user of the external A network accesses the WEB server, after DNS resolution, it finds that it is the address of the A network, sends the request to the NAT device, and transfers it to the server. The packet returned by the server must also select the IP address of the public network interface of the carrier A to reach the user requesting access. However, in the related art, the intranet address and the public network address of the server are in a one-to-one correspondence, so two different WEB servers are used in the related art, and each server has its corresponding intranet address, and the NAT device The two web servers are respectively assigned a public network address corresponding to the intranet address, so that the packets of the WEB server can be returned according to the receiving path. When the corresponding public network address is set to the WEB server, the NAT device can directly forward the information to the device in the internal network, but the device in the internal network needs to forward the information to the device in the inbound network. When replying to the sending device, the information is forwarded to the NAT device to complete the conversion of the internal network address to the public network address. However, since the WEB server in the internal network has two public network addresses, that is, The NAT device can send the information through two different networks. However, if the information is to be successfully sent to the sender, only the network used by the sender to send the information can be selected. At this time, the NAT device does not know which network is. The network used by the sender before.
所以,相关技术中存在这样的问题,当针对内网中的终端设备的内网地址配置多条对应的公网地址时,不能为该终端设备选择合适的网络来发送信息至目的端。Therefore, there is a problem in the related art that when a plurality of corresponding public network addresses are configured for an intranet address of a terminal device in an intranet, an appropriate network cannot be selected for the terminal device to transmit information to the destination end.
发明内容Summary of the invention
本公开实施例提供的数据传输方法和网络地址转换设备,主要解决的技术问题是:相关技术中,当针对内网中的终端设备的内网地址配置多条对应的公网地址时,不能为 该终端设备选择合适的网络来发送信息至目的端。The data transmission method and the network address translation device provided by the embodiments of the present disclosure mainly solve the technical problem: when a plurality of corresponding public network addresses are configured for the internal network address of the terminal device in the internal network, the related information cannot be The terminal device selects a suitable network to send information to the destination.
为解决上述技术问题,本公开实施例提供一种数据传输方法,包括:To solve the above technical problem, an embodiment of the present disclosure provides a data transmission method, including:
接收发送端的发送信息,所述发送信息包括接收端的公网标识;Receiving, by the sending end, the sending information, where the sending information includes a public network identifier of the receiving end;
根据所述发送信息生成源标识信息,并将所述源标识信息保存至所述接收端的公网标识所对应的条目;Generating source identification information according to the sending information, and saving the source identification information to an entry corresponding to the public network identifier of the receiving end;
将所述发送信息通过内网转发给所述接收端,并接收所述接收端通过内网反馈的包含所述源标识信息的响应信息;And transmitting, by the intranet, the sending information to the receiving end, and receiving, by the receiving end, feedback information that includes the source identification information that is fed back through the intranet;
根据所述源标识信息匹配出相应的公网,将所述响应信息通过所述公网转发给所述发送端。And matching the corresponding public network according to the source identification information, and forwarding the response information to the sending end by using the public network.
本公开实施例还提供一种网络地址转换设备,包括信息接收模块、保存模块、处理模块和网络选择模块:The embodiment of the present disclosure further provides a network address translation device, including an information receiving module, a saving module, a processing module, and a network selection module:
所述信息接收模块,用于接收发送端的发送信息,所述发送信息包括接收端的公网标识;The information receiving module is configured to receive sending information of the sending end, where the sending information includes a public network identifier of the receiving end;
所述保存模块,用于根据所述发送信息生成源标识信息,并将所述源标识信息保存至所述接收端的公网标识所对应的条目;The saving module is configured to generate source identification information according to the sending information, and save the source identification information to an entry corresponding to the public network identifier of the receiving end;
所述处理模块,用于将所述发送信息通过内网转发给所述接收端,并接收所述接收端通过内网反馈的包含所述源标识信息的响应信息;The processing module is configured to forward the sending information to the receiving end by using an intranet, and receive response information that includes the source identifier information that is sent by the receiving end through the intranet;
所述网络选择模块,用于根据所述源标识信息匹配出相应的公网,将所述响应信息通过所述公网转发给所述发送端。The network selection module is configured to match the corresponding public network according to the source identification information, and forward the response information to the sending end by using the public network.
本公开实施例还提供一种计算机存储介质,所述计算机存储介质中存储有计算机可执行指令,所述计算机可执行指令用于执行前述的数据传输方法。Embodiments of the present disclosure also provide a computer storage medium having stored therein computer executable instructions for performing the aforementioned data transmission method.
本公开的有益效果是:The beneficial effects of the present disclosure are:
根据本公开实施例提供的数据传输方法、网络地址转换设备以及计算机存储介质,网络地址转换设备接收发送端的发送信息,在该发送信息中携带有接收端的公网标识;根据该发送信息生成源标识信息,并将该源标识信息保存至公网标识相对应的条目;将该发送信息转发给接收端,还接收该接收端通过内网反馈的包含有源标识信息的响应消息;以该源标识信息为依据,匹配出相应的公网,将响应消息通过公网转发给发送端。采用本公开实施例中的方案,生成并保存源标识信息,并且将其保存至接收端的公网标识对应的条目;在接收端的响应信息也携带该源标识信息,根据源标识信息可以匹配出相应的公网,利用该公网来转发响应信息,可以确保以接收发送消息的网络对响应消息进行发送。有效解决相关技术中,当针对内网中的终端设备的内网地址配置多条对应的公网地址时,不能为该终端设备选择合适的网络来发送信息至目的端的问题;从而当针对内网中的终端设备的内网地址配置多条对应的公网地址时,为终端选择准确的网络,从而不需要增加额外服务器,浪费财力和资源。 According to the data transmission method, the network address translation device, and the computer storage medium provided by the embodiment of the present disclosure, the network address translation device receives the transmission information of the transmitting end, where the transmission information carries the public network identifier of the receiving end, and generates the source identifier according to the sending information. The information is saved to the entry corresponding to the public network identifier; the sent information is forwarded to the receiving end, and the response message containing the active identification information fed back by the receiving end through the intranet is received; Based on the information, the corresponding public network is matched, and the response message is forwarded to the sender through the public network. The source identification information is generated and saved in the solution in the embodiment of the present disclosure, and is saved to the entry corresponding to the public network identifier of the receiving end. The response information at the receiving end also carries the source identification information, and the source identification information can be matched according to the source identification information. The public network, by using the public network to forward response information, can ensure that the response message is sent by the network receiving the sent message. In the related art, when a plurality of corresponding public network addresses are configured for the internal network address of the terminal device in the internal network, the problem that the appropriate network cannot be selected for the terminal device to send information to the destination end; When the internal network address of the terminal device is configured with multiple corresponding public network addresses, an accurate network is selected for the terminal, thereby eliminating the need to add additional servers and wasting financial resources and resources.
附图说明DRAWINGS
图1为本公开实施例一的数据传输方法的流程图;1 is a flowchart of a data transmission method according to Embodiment 1 of the present disclosure;
图2为本公开实施例二的网络地址转换设备的结构示意图;2 is a schematic structural diagram of a network address translation device according to Embodiment 2 of the present disclosure;
图3为本公开实施例二中的一种具体示例的组网示意图。FIG. 3 is a schematic diagram of networking of a specific example in Embodiment 2 of the present disclosure.
具体实施方式detailed description
下面通过具体实施方式结合附图对本公开实施例作进一步详细说明。The embodiments of the present disclosure will be further described in detail below with reference to the accompanying drawings.
实施例一:Embodiment 1:
为了解决相关技术中,当针对内网中的终端设备的内网地址配置多条对应的公网地址时,不能为该终端设备选择合适的网络来发送信息至目的端的问题,本实施例提供一种数据传输方法,请参见图1,该方法包括:In the related art, when a plurality of corresponding public network addresses are configured for the internal network address of the terminal device in the internal network, the problem that the terminal device cannot select a suitable network to send the information to the destination end is provided in the embodiment. For a data transmission method, please refer to FIG. 1, which includes:
S101:接收发送端的发送信息;S101: Receive sending information of the sending end.
S102:根据所述发送信息生成源标识信息,并将该源标识信息保存至接收端的公网标识所对应的条目;S102: Generate source identification information according to the sending information, and save the source identification information to an entry corresponding to the public network identifier of the receiving end;
S103:将发送信息转发给接收端,并接收该接收端通过内网反馈的响应信息;S103: Forward the sent information to the receiving end, and receive the response information that the receiving end feeds back through the intranet;
S104:根据源标识信息匹配出相应的公网,将响应信息通过公网转发给发送端。S104: Match the corresponding public network according to the source identification information, and forward the response information to the sending end through the public network.
在步骤S101中,接收到的发送信息里面会包括接收端的公网标识。该公网标识信息主要对接收端的公网进行标识。在此之前,还会获取接收端的内网标识,为接收端配置至少两个与该内网标识相对应的公网标识;并将该内网标识和各公网标识对应保存至不同的条目,为各条目打上多出口标记。In step S101, the received transmission information includes the public network identifier of the receiving end. The public network identification information is mainly used to identify the public network at the receiving end. Before that, the internal network identifier of the receiving end is obtained, and at least two public network identifiers corresponding to the internal network identifier are configured for the receiving end; and the internal network identifier and each public network identifier are correspondingly saved to different entries. Mark multiple entries for each entry.
由于内网中的设备是不能直接访问公网的,所以,会先在自身配置针对不同网络需要使用相应的IP地址。可以采用接收端访问公网时使用的IP地址作为该公网标识,接收端的内网标识可以是接收端的内网IP地址;接收端的公网标识包括所述接收端的公网IP地址。Because the devices on the intranet cannot directly access the public network, you need to configure the corresponding IP address for different networks. The IP address used by the receiving end to access the public network can be used as the public network identifier. The internal network identifier of the receiving end can be the internal network IP address of the receiving end. The public network identifier of the receiving end includes the public network IP address of the receiving end.
内网中的终端都拥有其自身的内网IP地址,使用静态网络地址转换方式,为内网中的终端配置至少两个与该内网IP地址对应的公网IP地址;此时,该终端一个内网地址对应于多个公网地址,当某商家在内网中设置了服务器,用户可以通过多个网络来对该服务器进行访问。当然这里所述的IP地址主要起到识别网络或终端的作用,完全可以采用其他实现方式。在配置好内网里设备的内网IP地址与多个公网IP地址的对应关系之后,还会根据其对应关系,基于不同公网IP将其对应关系保存在多个不同的条目中。在一种具体实施方式中,还会为一个内网地址对应多个公网地址的条目打上多出口标记。The terminal in the internal network has its own internal network IP address, and uses the static network address translation mode to configure at least two public network IP addresses corresponding to the internal network IP address for the terminal in the internal network; An intranet address corresponds to multiple public network addresses. When a merchant sets up a server in the internal network, the user can access the server through multiple networks. Of course, the IP address described here mainly serves to identify the network or the terminal, and other implementation manners can be adopted. After the mapping between the internal IP address of the device and the public IP address of the device is configured, the mapping relationship is saved in multiple different entries based on the corresponding public IP addresses. In a specific embodiment, a multi-export tag is also marked for an entry whose intranet address corresponds to multiple public network addresses.
在步骤S102中,会根据发送信息生成源标识信息,并且将该源标识信息进行保存,以便于接收端在接收到信息后,进行回复时,可以采用发送端发送该发送信息时所采用的公网进行响应信息的传输。具体地,该源标识信息可以是发送端的IP地址,通常,发送端向接收端发送该发送信息的时候,会在发送信息内携带自身的IP地址,于是,在收 到该发送信息后,只需要对该发送信息进行解析,便可以得到发送端的IP地址,从而得到源标识信息。使用发送端的IP地址作为源标识信息仅是本实施例的一种具体实施方式,也可以采用其他方式进行标识。还会将源标识信息进行保存。具体地,可以先根据发送信息内的公网标识,与自身保存的条目进行匹配,当匹配出相应公网标识后,将该源标识信息保存在该条目下。In step S102, the source identification information is generated according to the transmission information, and the source identification information is saved, so that the receiving end can use the public information used by the sending end to send the sending information after receiving the information. The network transmits the response information. Specifically, the source identifier information may be an IP address of the sending end. Generally, when the sending end sends the sending information to the receiving end, the sending end carries its own IP address in the sending information, so After the information is sent, only the transmission information needs to be parsed, and the IP address of the sender can be obtained, thereby obtaining source identification information. The use of the IP address of the sender as the source identifier is only one specific embodiment of the embodiment, and may be identified by other means. The source identification information is also saved. Specifically, the public network identifier in the sending information may be matched with the account saved by the public network identifier. After the corresponding public network identifier is matched, the source identifier information is saved under the entry.
在一种具体实施方式中,保存该源标识信息时,可以先根据接收端的公网标识匹配出相应条目,然后判断该条目是否有多出口标记;若是,则证明该条目下的内网地址对应了多个公网地址,要实现出向流量也使用入向相同的公网地址就需要为该条目保存对应的源标识信息;于是判断该条目下是否已经保存了对应的源标识信息;如果已经保存了,就不用再重复保存,如果没有就需要将该源标识信息保存进来。In a specific implementation manner, when the source identifier information is saved, the corresponding entry may be matched according to the public network identifier of the receiving end, and then the entry may be determined to have multiple exit markings; if yes, the internal network address corresponding to the entry is verified. If multiple public network addresses are used, you need to save the corresponding source identification information for the entry when you want to use the inbound traffic to the same public network address. Then, determine whether the corresponding source identification information has been saved under the entry. Now, you don't have to save it again. If you don't have it, you need to save the source ID information.
在步骤S103中,通过内网将发送信息转发给接收端,接收端接收到该发送信息后,需要针对该信息做出响应时,会生成响应消息。于是,会接收到该接收端的响应消息。在该响应信息中携带源标识信息。这也是本实施例中使用发送端的IP地址作为源标识信息的好处,在网络中,要进行信息的发送,都会在报文中携带自身的源IP地址和目的端的目的IP地址,当发送端向接收端发送上述发送信息时,本身就会在发送信息中携带自身的IP地址;接收端接收到该发送信息后,做出反馈发送响应信息时,为了保证正常传输,本身也会在该响应信息中携带发送端的IP地址,作为目的地址;如此一来,发送端的源IP地址,不止可以帮助实现信息转发,还可以用来进行标识;因此,也不需要再额外增加标识信息,来增加额外的传输带宽,简单方便,还节约资源。In step S103, the sending information is forwarded to the receiving end through the intranet, and after receiving the sending information, the receiving end needs to generate a response message when responding to the information. Thus, a response message from the receiving end is received. The source identification information is carried in the response information. This is also the advantage of using the IP address of the sender as the source identifier information in the embodiment. In the network, if the information is to be sent, the source IP address of the sender and the destination IP address of the destination end are carried in the packet. When the receiving end sends the above-mentioned sending information, it will carry its own IP address in the sending information; when the receiving end receives the sending information and makes a feedback to send the response information, in order to ensure normal transmission, the response information itself is also in the response information. The IP address of the sender is used as the destination address. In this way, the source IP address of the sender can not only help to implement information forwarding, but also can be used for identification. Therefore, it is not necessary to add additional identifier information to add additional The transmission bandwidth is simple and convenient, and also saves resources.
然后执行步骤S104,获取响应信息中的源标识信息,将该源标识信息与自身保存的各条目进行匹配,当匹配出相应的条目后,获取该条目下的公网地址,采用公网地址所对应的网络将该响应信息进行转发。Then, in step S104, the source identifier information in the response information is obtained, and the source identifier information is matched with each entry saved by the user. After the corresponding entry is matched, the public network address under the entry is obtained, and the public network address is used. The corresponding network forwards the response information.
在本实施例中还可以为各个条目设置定时器,采用本实施例中的传输方法的通常是针对内网中的一些服务器,如果服务器的访问量很大,那么就需要保存大量的条目,可以采用设置定时器的方式,周期性地对先关条目,或条目中的信息进行清除,以免占用大量资源。In this embodiment, a timer may also be set for each entry. The transmission method in this embodiment is usually directed to some servers in the intranet. If the server has a large amount of access, then a large number of entries need to be saved. By setting the timer, the information in the entry or the information in the entry is periodically cleared to avoid occupying a large amount of resources.
采用本实施例中的数据传输方法,在接收到发送端是发送信息后,生成源标识信息,并利用该源标识信息来对网络进行标识,在转发接收端的响应信息时,根据该源标识信息匹配出相应公网,来对响应信息进行发送。相较于相关技术中采用配置内网设备的内网地址与公网地址一一对应,并采用两台服务器的方式而言,只需要一台服务就就能实现与不同公网内的用户进行交互,节约了成本。The data transmission method in this embodiment generates source identification information after receiving the information sent by the sending end, and uses the source identification information to identify the network, and when forwarding the response information of the receiving end, according to the source identification information The corresponding public network is matched to send the response information. Compared with the related art, the intranet address of the intranet device is one-to-one corresponding to the public network address, and the two servers are used, only one service can be implemented with users in different public networks. Interaction saves costs.
实施例二:Embodiment 2:
本实施例提供一种网络地址转换设备,请参考图2,该网络地址转换设备包括信息接收模块21,用来接收发送端的发送信息,该发送信息包括接收端的公网标识,该公网标识信息主要对接收端的公网进行标识,可以采用接收端访问公网时使用的IP地址作为该 公网标识。网络地址转换设备还包括网络地址转换模块22,用来在接收发送端的发送信息之前,获取接收端的内网标识,为接收端配置至少两个与该内网标识相对应的公网标识;并将该内网标识和各公网标识对应保存至不同的条目,为各条目打上多出口标记。This embodiment provides a network address translation device. Referring to FIG. 2, the network address translation device includes an information receiving module 21, which is configured to receive sending information of a sending end, where the sending information includes a public network identifier of the receiving end, and the public network identifier information. It mainly identifies the public network of the receiving end, and can use the IP address used by the receiving end to access the public network. Public network identification. The network address translation device further includes a network address translation module 22, configured to acquire an internal network identifier of the receiving end, and configure at least two public network identifiers corresponding to the internal network identifier for the receiving end before receiving the sending information of the transmitting end; The intranet identifier and each public network identifier are saved to different entries, and multiple entries are marked for each entry.
由于内网中的设备是不能直接访问公网的,所以,网络地址转换模块22会先在自身配置针对不同网络需要使用相应的IP地址。可以采用接收端访问公网时使用的IP地址作为该公网标识,接收端的内网标识可以是接收端的内网IP地址;接收端的公网标识包括所述接收端的公网IP地址。内网中的终端都拥有其自身的内网IP地址,网络地址转换模块22使用静态网络地址转换方式,为内网中的终端配置至少两个与该内网IP地址对应的公网IP地址。当然这里所述的IP地址主要起到识别网络或终端的作用,完全可以采用其他实现方式。在配置好内网里设备的内网IP地址与多个公网IP地址的对应关系之后,还会根据其对应关系,基于不同公网IP将其对应关系保存在多个不同的条目中。在一种具体实施方式中,还会为一个内网地址对应多个公网地址的条目打上多出口标记。Since the devices in the internal network cannot directly access the public network, the network address translation module 22 first configures corresponding IP addresses for different networks. The IP address used by the receiving end to access the public network can be used as the public network identifier. The internal network identifier of the receiving end can be the internal network IP address of the receiving end. The public network identifier of the receiving end includes the public network IP address of the receiving end. The terminal in the internal network has its own internal network IP address, and the network address translation module 22 uses the static network address translation mode to configure at least two public network IP addresses corresponding to the internal network IP address for the terminals in the internal network. Of course, the IP address described here mainly serves to identify the network or the terminal, and other implementation manners can be adopted. After the mapping between the internal IP address of the device and the public IP address of the device is configured, the mapping relationship is saved in multiple different entries based on the corresponding public IP addresses. In a specific embodiment, a multi-export tag is also marked for an entry whose intranet address corresponds to multiple public network addresses.
网络地址转换设备还包括保存模块23,根据发送信息生成源标识信息,并且将该源标识信息进行保存,以便于接收端在接收到信息后,进行回复时,可以采用发送端发送该发送信息时所采用的公网进行响应信息的传输。具体地,该源标识信息可以是发送端的IP地址,通常,发送端向接收端发送该发送信息的时候,会在发送信息内携带自身的IP地址,于是,在收到该发送信息后,只需要对该发送信息进行解析,便可以得到发送端的IP地址,从而得到源标识信息。使用发送端的IP地址作为源标识信息仅是本实施例的一种具体实施方式,也可以采用其他方式进行标识。还会将源标识信息进行保存。具体地,保存模块23可以先根据发送信息内的公网标识,与自身保存的条目进行匹配,当匹配出相应公网标识后,将该源标识信息保存在该条目下。The network address translation device further includes a saving module 23, which generates source identification information according to the transmission information, and saves the source identification information, so that when the receiving end receives the information, the receiving end may use the sending end to send the sending information. The public network used transmits the response information. Specifically, the source identifier information may be an IP address of the sending end. Generally, when the sending end sends the sending information to the receiving end, the sending end carries its own IP address in the sending information, so after receiving the sending information, only The transmission information needs to be parsed, and the IP address of the sender can be obtained, thereby obtaining source identification information. The use of the IP address of the sender as the source identifier is only one specific embodiment of the embodiment, and may be identified by other means. The source identification information is also saved. Specifically, the saving module 23 may first match the account saved by the public network identifier in the sending information, and then, after matching the corresponding public network identifier, save the source identifier information under the entry.
在一种具体实施方式中,保存模块23保存该源标识信息时,可以先根据接收端的公网标识匹配出相应条目,然后判断该条目是否有多出口标记;若是,进一步判断是否已经保存该源标识信息,若已经保存,则不再重复保存该源标识信息,如果没有就需要将该源标识信息保存进来。In a specific implementation manner, when saving the source identification information, the saving module 23 may first match the corresponding entry according to the public network identifier of the receiving end, and then determine whether the entry has multiple exit markings; if yes, further determine whether the source has been saved. The identification information, if it has been saved, does not repeatedly save the source identification information, if not, the source identification information needs to be saved.
网络地址转换设备还包括处理模块24,用来将发送信息通过内网转发给接收端,并接收该接收端通过内网反馈的包含有源标识信息的响应信息。The network address translation device further includes a processing module 24, configured to forward the transmission information to the receiving end through the intranet, and receive response information including the active identification information fed back by the receiving end through the intranet.
网络地址转换设备还包括网络选择模块25,用来根据源标识信息匹配出相应的公网,将响应信息通过公网转发给发送端。具体地,网络选择模块25获取响应信息中的源标识信息,将该源标识信息与自身保存的各条目进行匹配,当匹配出相应的条目后,获取该条目下的公网地址,采用公网地址所对应的网络将该响应信息进行转发。The network address translation device further includes a network selection module 25, configured to match the corresponding public network according to the source identification information, and forward the response information to the sending end through the public network. Specifically, the network selection module 25 obtains the source identifier information in the response information, and matches the source identifier information with each entry that is saved by itself. After the corresponding entry is matched, the public network address under the entry is obtained, and the public network is adopted. The network corresponding to the address forwards the response information.
在本实施例中还可以包括定时器模块,用来为各个条目设置定时器,如果服务器的访问量很大,那么就需要保存大量的条目,可以采用设置定时器的方式,周期性地对先关条目,或条目中的信息进行清除,以免占用大量资源。In this embodiment, a timer module may be further included, which is used to set a timer for each item. If the server has a large amount of access, a large number of entries need to be saved, and a timer may be used to periodically Close the entry, or clear the information in the entry to avoid taking up a lot of resources.
本实施例中网络地址转换设备的各个模块,信息接收模块21、网络地址转换模块 22、保存模块23、处理模块24和网络选择模块25的功能都可以由网络地址转换设备的处理器来实现。Each module of the network address translation device in this embodiment, the information receiving module 21, and the network address translation module 22. The functions of the save module 23, the processing module 24, and the network selection module 25 can all be implemented by a processor of the network address translation device.
下面结合具体示例对本实施例中的网络地址转换设备做进一步说明,具体组网方式请参考图3,本实施例中的网络地址转换设备为路由器:The network address translation device in this embodiment is further described below with reference to a specific example. For the specific networking mode, refer to FIG. 3. The network address translation device in this embodiment is a router:
首先,在路由器上为A网络和B网络配置不同公网地址池,比如:First, configure different public address pools for the A network and the B network on the router, for example:
cgn 1Cgn 1
cgn-pool Anetwork mode patCgn-pool Anetwork mode pat
section 1 10.1.1.1 10.1.1.3Section 1 10.1.1.1 10.1.1.3
cgn-pool Bnetwork mode patCgn-pool Bnetwork mode pat
section 1 20.1.1.1 20.1.1.3Section 1 20.1.1.1 20.1.1.3
然后,为WEB服务器配置2条静态条目,服务器地址分别对应A网络和B网络的2个公网地址,并打上静态多出口标记,生成条目表,请参考表1,配置命令如下:Then, configure two static entries for the WEB server. The server addresses correspond to the two public network addresses of the A network and the B network, and put a static multi-export mark to generate an entry table. Please refer to Table 1. The configuration commands are as follows:
static rule 1 192.168.100.1 80 10.1.1.1 80Static rule 1 192.168.100.1 80 10.1.1.1 80
static rule 2 192.168.100.1 80 20.1.1.1 80Static rule 2 192.168.100.1 80 20.1.1.1 80
表1Table 1
条目号Entry number 私网地址Private network address 用户源地址User source address 公网地址Public address
11 192.168.100.1:80192.168.100.1:80   10.1.1.1 8010.1.1.1 80
22 192.168.100.1:80192.168.100.1:80   20.1.1.1 8020.1.1.1 80
A网络用户60.1.1.1访问服务器http://10.1.1.1:80,根目的地址(公网)+端口号(10.1.1.1:80),直接转换为私网地址+端口号(192.168.100.1:80),同时再生成一个条目60.1.1.1,对应选的公网地址是10.1.1.1:80。有入向流量后的用户的条目表,请参考表2A network user 60.1.1.1 accesses the server http://10.1.1.1:80, the root address (public network) + port number (10.1.1.1:80), directly converted to the private network address + port number (192.168.100.1: 80) At the same time, an entry 60.1.1.1 is generated, and the corresponding public network address is 10.1.1.1:80. For the entry list of users who have entered traffic, please refer to Table 2.
表2Table 2
条目号Entry number 私网地址Private network address 用户源地址User source address 公网地址Public address
11 192.168.100.1:80192.168.100.1:80   10.1.1.1:80(A网络)10.1.1.1:80 (A network)
22 192.168.100.1:80192.168.100.1:80 60.1.1.160.1.1.1 10.1.1.1:80(A网络)10.1.1.1:80 (A network)
33 192.168.100.1:80192.168.100.1:80   20.1.1.1:80(B网络)20.1.1.1:80 (B network)
内网服务器返回报文给A网络,发现要做NAT时,根据私网地址(192.168.100.1:80)+目的地址(60.1.1.1),选择2号条目,再将私网地址替换为A网络的公网地址10.1.1.1:80。The intranet server returns a packet to the A network. When it is found that NAT is to be performed, according to the private network address (192.168.100.1:80) + destination address (60.1.1.1), select the entry No. 2, and then replace the private network address with the A network. The public network address 10.1.1.1:80.
B网络用户80.1.1.1访问服务器http://10.1.1.1:80,根目的地址(公网)+端口号 (20.1.1.1:80),直接转换为私网地址+端口号(192.168.100.1:80),同时再生成一个条目80.1.1.1,对应选的公网地址是20.1.1.1:80;此时的条目表请参考表3B network user 80.1.1.1 access server http://10.1.1.1:80, root address (public network) + port number (20.1.1.1:80), directly convert to the private network address + port number (192.168.100.1:80), and then generate an entry 80.1.1.1, the corresponding public network address is 20.1.1.1:80; Please refer to Table 3 for the entry list.
表3table 3
条目号Entry number 私网地址Private network address 用户源地址User source address 公网地址Public address
11 192.168.100.1:80192.168.100.1:80   10.1.1.1:80(A网络)10.1.1.1:80 (A network)
22 192.168.100.1:80192.168.100.1:80 60.1.1.160.1.1.1 10.1.1.1:80(A网络)10.1.1.1:80 (A network)
33 192.168.100.1:80192.168.100.1:80   20.1.1.1:80(B网络)20.1.1.1:80 (B network)
44 192.168.100.1:80192.168.100.1:80 80.1.1.180.1.1.1 20.1.1.1:80(B网络)20.1.1.1:80 (B network)
内网服务器返回报文给B网络,发现要做NAT时,根据私网地址(192.168.100.1:80)+目的地址(80.1.1.1),选择4号条目,再将私网地址替换为B网络的公网地址20.1.1.1:80。The intranet server returns a packet to the B network. When it is found that NAT is to be performed, according to the private network address (192.168.100.1:80)+destination address (80.1.1.1), select the 4th entry, and then replace the private network address with the B network. The public network address is 20.1.1.1:80.
采用本实施例中的网络地址转换设备,在接收到发送端的发送信息后,生成源标识信息,并利用该源标识信息来对网络进行标识。当针对内网中的终端设备的内网地址配置多条对应的公网地址时,为终端选择准确的网络。After receiving the sending information of the sending end, the network address translation device in the embodiment generates source identification information, and uses the source identification information to identify the network. When multiple corresponding public network addresses are configured for the internal network address of the terminal device in the internal network, an accurate network is selected for the terminal.
显然,本领域的技术人员应该明白,上述本公开实施例的各模块或各步骤可以用通用的计算装置来实现,它们可以集中在单个的计算装置上,或者分布在多个计算装置所组成的网络上,可选地,它们可以用计算装置可执行的程序代码来实现,从而,可以将它们存储在计算机存储介质(ROM/RAM、磁碟、光盘)中由计算装置来执行,并且在某些情况下,可以以不同于此处的顺序执行所示出或描述的步骤,或者将它们分别制作成各个集成电路模块,或者将它们中的多个模块或步骤制作成单个集成电路模块来实现。所以,本公开不限制于任何特定的硬件和软件结合。Obviously, those skilled in the art should understand that the modules or steps of the above embodiments of the present disclosure may be implemented by a general computing device, which may be concentrated on a single computing device or distributed among multiple computing devices. On the network, optionally, they may be implemented by program code executable by the computing device, such that they may be stored in a computer storage medium (ROM/RAM, disk, optical disk) by a computing device, and at some In some cases, the steps shown or described may be performed in an order different than that herein, or they may be separately fabricated into individual integrated circuit modules, or a plurality of modules or steps may be fabricated into a single integrated circuit module. . Therefore, the present disclosure is not limited to any specific combination of hardware and software.
以上内容是结合具体的实施方式对本公开实施例所作的进一步详细说明,不能认定本公开的具体实施只局限于这些说明。对于本公开所属技术领域的普通技术人员来说,在不脱离本公开构思的前提下,还可以做出若干简单推演或替换,都应当视为属于本公开的保护范围。The above content is a further detailed description of the embodiments of the present disclosure in conjunction with the specific embodiments, and the specific implementation of the present disclosure is not limited to the description. It is to be understood by those skilled in the art that the present invention may be construed as being limited to the scope of the present disclosure.
工业实用性Industrial applicability
本公开实施例提供的数据传输方法可应用于网络地址转换设备中,通过生成并保存源标识信息,并且将其保存至接收端的公网标识对应的条目;在接收端的响应信息也携带该源标识信息,根据源标识信息可以匹配出相应的公网,利用该公网来转发响应信息,可以确保以接收发送消息的网络对响应消息进行发送。有效解决相关技术中,当针 对内网中的终端设备的内网地址配置多条对应的公网地址时,不能为该终端设备选择合适的网络来发送信息至目的端的问题;从而当针对内网中的终端设备的内网地址配置多条对应的公网地址时,为终端选择准确的网络,从而不需要增加额外服务器,浪费财力和资源。 The data transmission method provided by the embodiment of the present disclosure may be applied to a network address translation device, by generating and storing source identification information, and saving the same to an entry corresponding to the public network identifier of the receiving end; the response information at the receiving end also carries the source identifier. The information can be matched according to the source identification information to the corresponding public network, and the public network can be used to forward the response information, so that the network that receives the sent message can be sent to the response message. Effectively solve related techniques when the needle When multiple corresponding public network addresses are configured for the intranet address of the terminal device in the intranet, the problem that the terminal device cannot select a suitable network to send information to the destination end; thus, the intranet for the terminal device in the intranet When an address is configured with multiple corresponding public network addresses, an accurate network is selected for the terminal, thereby eliminating the need to add additional servers and wasting financial resources and resources.

Claims (10)

  1. 一种数据传输方法,包括:A data transmission method includes:
    接收发送端的发送信息,所述发送信息包括接收端的公网标识;Receiving, by the sending end, the sending information, where the sending information includes a public network identifier of the receiving end;
    根据所述发送信息生成源标识信息,并将所述源标识信息保存至所述接收端的公网标识所对应的条目;Generating source identification information according to the sending information, and saving the source identification information to an entry corresponding to the public network identifier of the receiving end;
    将所述发送信息通过内网转发给所述接收端,并接收所述接收端通过内网反馈的包含所述源标识信息的响应信息;And transmitting, by the intranet, the sending information to the receiving end, and receiving, by the receiving end, feedback information that includes the source identification information that is fed back through the intranet;
    根据所述源标识信息匹配出相应的公网,将所述响应信息通过所述公网转发给所述发送端。And matching the corresponding public network according to the source identification information, and forwarding the response information to the sending end by using the public network.
  2. 如权利要求1所述的数据传输方法,其中,在接收发送端的发送信息之前还包括:The data transmission method according to claim 1, wherein before receiving the transmission information of the transmitting end, the method further comprises:
    获取所述接收端的内网标识,为所述接收端配置至少两个与所述内网标识相对应的公网标识;并将所述内网标识和各公网标识对应保存至不同的条目,为所述各条目打上多出口标记。Obtaining an internal network identifier of the receiving end, configuring at least two public network identifiers corresponding to the internal network identifiers for the receiving end, and saving the internal network identifier and each public network identifier to different entries, Multiple entries are marked for each entry.
  3. 如权利要求2所述的数据传输方法,其中,将所述源标识信息保存至所述接收端的公网标识所对应的条目包括:The data transmission method according to claim 2, wherein the storing the source identification information to the entry corresponding to the public network identifier of the receiving end comprises:
    根据所述接收端的公网标识匹配出相应条目,并在所述条目有多出口标记时判断是否已经保存所述源标识信息;若是,则不保存所述源标识信息;否则将所述源标识信息保存至所述条目。Corresponding to the public network identifier of the receiving end, matching the corresponding entry, and determining whether the source identification information has been saved when the entry has multiple exit markings; if yes, the source identification information is not saved; otherwise, the source identifier is The information is saved to the entry.
  4. 如权利要求3所述的数据传输方法,其中,根据所述源标识信息匹配出相应的公网,将所述响应信息转发给所述发送端包括:The data transmission method according to claim 3, wherein the matching of the source identification information to the corresponding public network, the forwarding of the response information to the sending end comprises:
    获取所述响应信息内的所述源标识信息;Obtaining the source identification information in the response information;
    根据所述源标识信息匹配出相应条目,并获取所述条目中保存的所述接收端的公网标识;And matching the corresponding entry according to the source identifier information, and acquiring the public network identifier of the receiving end saved in the entry;
    根据所述公网标识,选择相应网络将所述响应信息发送给所述发送端。And selecting, according to the public network identifier, the corresponding network to send the response information to the sending end.
  5. 如权利要求1-4任一项所述的数据传输方法,其中,根据所述发送信息生成源标识信息包括,读取所述发送信息携带的所述发送端的IP地址,并将所述发送端的IP地址作为源标识信息。The data transmission method according to any one of claims 1 to 4, wherein generating source identification information according to the transmission information comprises: reading an IP address of the transmitting end carried by the sending information, and The IP address is used as the source identification information.
  6. 如权利要求5所述的数据传输方法,其中,The data transmission method according to claim 5, wherein
    所述接收端的内网标识包括所述接收端的内网IP地址;The internal network identifier of the receiving end includes an internal network IP address of the receiving end;
    所述接收端的公网标识包括所述接收端的公网IP地址。The public network identifier of the receiving end includes a public network IP address of the receiving end.
  7. 一种网络地址转换设备,包括信息接收模块、保存模块、处理模块和网络选择模块,A network address translation device includes an information receiving module, a saving module, a processing module, and a network selection module.
    所述信息接收模块,设置为接收发送端的发送信息,所述发送信息包括接收端的公网标识; The information receiving module is configured to receive sending information of the sending end, where the sending information includes a public network identifier of the receiving end;
    所述保存模块,设置为根据所述发送信息生成源标识信息,并将所述源标识信息保存至所述接收端的公网标识所对应的条目;The saving module is configured to generate source identification information according to the sending information, and save the source identification information to an entry corresponding to the public network identifier of the receiving end;
    所述处理模块,设置为将所述发送信息通过内网转发给所述接收端,并接收所述接收端通过内网反馈的包含所述源标识信息的响应信息;The processing module is configured to forward the sending information to the receiving end by using an intranet, and receive response information that includes the source identification information that is received by the receiving end through the intranet;
    所述网络选择模块,设置为根据所述源标识信息匹配出相应的公网,将所述响应信息通过所述公网转发给所述发送端。The network selection module is configured to match the corresponding public network according to the source identification information, and forward the response information to the sending end by using the public network.
  8. 如权利要求7所述的网络地址转换设备,其中,还包括:网络地址转换模块,设置为获取所述接收端的内网标识,为所述接收端配置至少两个与所述内网标识相对应的公网标识;并将所述内网标识和各公网标识对应保存至不同的条目,为所述各条目打上多出口标记。The network address translation device of claim 7, further comprising: a network address translation module, configured to acquire an internal network identifier of the receiving end, and configured at least two corresponding to the internal network identifier for the receiving end The public network identifier is saved; and the internal network identifier and each public network identifier are correspondingly saved to different entries, and multiple entries are marked for each entry.
  9. 如权利要求8所述的网络地址转换设备,其中,所述保存模块设置为,根据所述接收端的公网标识匹配出相应条目,并在所述条目有多出口标记时判断是否已经保存所述源标识信息;若是,则不保存所述源标识信息;否则将所述源标识信息保存至所述条目。The network address translation device according to claim 8, wherein the saving module is configured to match the corresponding entry according to the public network identifier of the receiving end, and determine whether the saved condition has been saved when the entry has multiple exit markings Source identification information; if so, the source identification information is not saved; otherwise the source identification information is saved to the entry.
  10. 如权利要求7-9任一项所述的网络地址转换设备,其中,所述保存模块设置为,读取所述发送信息携带的所述发送端的IP地址,并将所述发送端的IP地址作为源标识信息。 The network address translation device according to any one of claims 7-9, wherein the saving module is configured to read an IP address of the transmitting end carried by the sending information, and use the IP address of the sending end as Source identification information.
PCT/CN2017/085496 2016-06-22 2017-05-23 Data transmission method and network address translation device WO2017219816A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201610460226.9 2016-06-22
CN201610460226.9A CN107528932A (en) 2016-06-22 2016-06-22 A kind of data transmission method, network address translation apparatus

Publications (1)

Publication Number Publication Date
WO2017219816A1 true WO2017219816A1 (en) 2017-12-28

Family

ID=60735488

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2017/085496 WO2017219816A1 (en) 2016-06-22 2017-05-23 Data transmission method and network address translation device

Country Status (2)

Country Link
CN (1) CN107528932A (en)
WO (1) WO2017219816A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114244719A (en) * 2021-11-29 2022-03-25 贵州乌江水电开发有限责任公司 Centralized control power station communication topological structure suitable for public network and application method thereof

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110661895A (en) * 2018-06-29 2020-01-07 网宿科技股份有限公司 Network address mapping method and network address mapping equipment of server
CN111404870B (en) * 2019-11-13 2022-05-31 浙江中控技术股份有限公司 Safe and reliable public network communication method applied to Modbus

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2010068018A2 (en) * 2008-12-08 2010-06-17 Electronics And Telecommunications Research Institute Method for configuring closed user network using ip tunneling mechanism and closed user network system
CN102148767A (en) * 2011-05-12 2011-08-10 杭州华三通信技术有限公司 Network address translation (NAT)-based data routing method and device
CN103475750A (en) * 2013-09-16 2013-12-25 杭州华三通信技术有限公司 Address translation method and equipment suitable for multi-export network
CN105100299A (en) * 2010-11-25 2015-11-25 华为技术有限公司 Message sending method, NAT (Network Address Translation) table entry establishment method and NAT device

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2011023228A1 (en) * 2009-08-27 2011-03-03 Nokia Siemens Networks Oy Identity management system

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2010068018A2 (en) * 2008-12-08 2010-06-17 Electronics And Telecommunications Research Institute Method for configuring closed user network using ip tunneling mechanism and closed user network system
CN105100299A (en) * 2010-11-25 2015-11-25 华为技术有限公司 Message sending method, NAT (Network Address Translation) table entry establishment method and NAT device
CN102148767A (en) * 2011-05-12 2011-08-10 杭州华三通信技术有限公司 Network address translation (NAT)-based data routing method and device
CN103475750A (en) * 2013-09-16 2013-12-25 杭州华三通信技术有限公司 Address translation method and equipment suitable for multi-export network

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114244719A (en) * 2021-11-29 2022-03-25 贵州乌江水电开发有限责任公司 Centralized control power station communication topological structure suitable for public network and application method thereof
CN114244719B (en) * 2021-11-29 2023-11-28 贵州乌江水电开发有限责任公司 Centralized control power station communication topological structure suitable for public network and application method thereof

Also Published As

Publication number Publication date
CN107528932A (en) 2017-12-29

Similar Documents

Publication Publication Date Title
US10715482B2 (en) Wide area service discovery for internet of things
CN104137518B (en) Internet protocol connection in Service-Oriented Architecture Based bus
US8559448B2 (en) Method and apparatus for communication of data packets between local networks
CN109889618B (en) Method and system for processing DNS request
US8650326B2 (en) Smart client routing
US20090106453A1 (en) Domain name system using dynamic dns and global address management method for dynamic dns server
WO2015117337A1 (en) Method and apparatus for setting network rule entry
TW201815131A (en) Data transmission method and network equipment
US20150296028A1 (en) System and method for simple service discovery in content-centric networks
US11070424B2 (en) System and method for dynamic name configuration in content-centric networks
US8706908B2 (en) System, method and apparatus for media access control (MAC) address proxying
EP2928117B1 (en) System and method for device registration and discovery in content-centric networks
US20140032782A1 (en) Method and apparatus for route selection of host in multihoming site
WO2018214853A1 (en) Method, apparatus, medium and device for reducing length of dns message
EP2765743A1 (en) Layer 2 inter-connecting method, apparatus and system based on ipv6
US11843455B2 (en) Systems and methods for monitoring network traffic
WO2017219816A1 (en) Data transmission method and network address translation device
CN106507414B (en) Message forwarding method and device
CN103780494A (en) User information obtaining method and device
EP2690832B1 (en) Communication device, communication system, and communication method
WO2016095751A1 (en) Domain name analysis method and apparatus
WO2016177185A1 (en) Method and apparatus for processing media access control (mac) address
WO2017219777A1 (en) Packet processing method and device
US20120047271A1 (en) Network address translation device and method of passing data packets through the network address translation device
JP2013126219A (en) Transfer server and transfer program

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 17814554

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 17814554

Country of ref document: EP

Kind code of ref document: A1