WO2018098633A1 - Procédé de transmission de données, appareil de transmission de données, dispositif électronique et produit programme informatique - Google Patents

Procédé de transmission de données, appareil de transmission de données, dispositif électronique et produit programme informatique Download PDF

Info

Publication number
WO2018098633A1
WO2018098633A1 PCT/CN2016/107745 CN2016107745W WO2018098633A1 WO 2018098633 A1 WO2018098633 A1 WO 2018098633A1 CN 2016107745 W CN2016107745 W CN 2016107745W WO 2018098633 A1 WO2018098633 A1 WO 2018098633A1
Authority
WO
WIPO (PCT)
Prior art keywords
transmission
unit
network transmission
transmission unit
vpn
Prior art date
Application number
PCT/CN2016/107745
Other languages
English (en)
Chinese (zh)
Inventor
王华涛
Original Assignee
深圳前海达闼云端智能科技有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 深圳前海达闼云端智能科技有限公司 filed Critical 深圳前海达闼云端智能科技有限公司
Priority to CN201680002961.3A priority Critical patent/CN106797335B/zh
Priority to PCT/CN2016/107745 priority patent/WO2018098633A1/fr
Publication of WO2018098633A1 publication Critical patent/WO2018098633A1/fr

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • H04L12/4633Interconnection of networks using encapsulation techniques, e.g. tunneling
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • H04L12/4641Virtual LANs, VLANs, e.g. virtual private networks [VPN]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/72Routing based on the source address
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L47/00Traffic control in data switching networks
    • H04L47/10Flow control; Congestion control
    • H04L47/12Avoiding congestion; Recovering from congestion
    • H04L47/125Avoiding congestion; Recovering from congestion by balancing the load, e.g. traffic engineering
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L47/00Traffic control in data switching networks
    • H04L47/70Admission control; Resource allocation
    • H04L47/82Miscellaneous aspects
    • H04L47/825Involving tunnels, e.g. MPLS

Definitions

  • the present invention relates to the field of wireless communication technologies, and in particular, to a data transmission method, a data transmission device, an electronic device, and a computer program product.
  • wireless data terminals such as 3G (third generation mobile communication technology) / 4G (fourth generation mobile communication technology) terminals (such as SIM (Subscriber Identification Module) Card transmission, such as a cable network transmission unit, is one of the common methods for data transmission.
  • 3G third generation mobile communication technology
  • 4G fourth generation mobile communication technology
  • SIM Subscriber Identification Module
  • the first terminal (such as a user's smart phone) establishes a transmission path with the second terminal in advance through the wireless router by using a wifi technology (one end of the transmission path is connected to the wireless router, and the other end is connected to the second terminal).
  • a wifi technology one end of the transmission path is connected to the wireless router, and the other end is connected to the second terminal.
  • each data in the data stream transmits its data to the second terminal (such as an application server) through a pre-established transmission path.
  • the first terminal establishes a transmission path with the second terminal by using the 3G/4G technology in advance through the 3G/4G terminal (one end of the transmission path is connected to the 3G/4G terminal, and the other end is connected to the second terminal).
  • the first terminal transmits the data stream
  • each data in the data stream transmits its data to the second terminal through a pre-established transmission path.
  • the transmission path is established in advance with the second terminal through the 4G terminal, as shown in FIG. 1 , including a 4G terminal-base station (such as EnodeB)-Internet-second. terminal.
  • a 4G terminal-base station such as EnodeB
  • the base station transmits each data to the second terminal via the Internet.
  • each data in the data stream of the first terminal is transmitted through a path established by the pre-established network transmission unit and the second terminal, and the bandwidth in the 4G technology is fixed, but the data stream transmitted by the method is used.
  • the amount of data included is unstable, if the data transmitted by this method If the amount of data included in the stream is large, the available bandwidth of each data in the data stream is small. For a single data, the available bandwidth cannot satisfy the transmission requirement of the data, and the transmission time of the data is prolonged, and the transmission quality is degraded.
  • an embodiment of the present invention provides a data transmission method, a data transmission device, an electronic device, and a computer program product.
  • an embodiment of the present invention provides a data transmission method, where the method is applied to an access device, where the method includes:
  • the routing unit routes to the first transmission virtual network device, so that the source address IP is the IP address of the network transmission unit corresponding to the access device, and the data packet whose destination IP is the VPN server is routed to the network transmission unit by the routing unit of the access device. a gateway of the corresponding network transmission unit;
  • the routing unit of the access device After the routing unit of the access device routes the uplink data packet to the first transmission virtual network device according to the modified routing rule, acquiring the uplink data packet from the first transmission virtual network device;
  • an embodiment of the present invention provides a data transmission apparatus, including:
  • a establishing unit configured to establish a VPN tunnel between the first transmission virtual network device on the access device side and the second transmission virtual network device on the VPN server end;
  • a modifying unit configured to modify a routing rule of the access device;
  • the modified routing rule causes the uplink data packet to be routed by the routing unit of the access device to the first transmission virtual network device, so that the source address IP is the IP address of the network transmission unit corresponding to the access device, and the data packet whose destination IP is the VPN server is routed by the routing unit of the access device to the gateway of the network transmission unit corresponding to the network transmission unit;
  • a first acquiring unit configured to acquire an uplink data packet from the first transmission virtual network device after the routing unit of the access device routes the uplink data packet to the first transmission virtual network device according to the modified routing rule ;
  • a selecting unit configured to select a network transmission unit according to a pre-acquired network transmission unit selection policy; and when performing VPN encapsulation on the uplink data packet, setting a source address IP of the VPN encapsulated uplink data packet to the selected network transmission unit IP, destination IP is set to the IP address of the VPN server.
  • an embodiment of the present invention provides an electronic device, where the electronic device includes:
  • a memory one or more processors; and one or more modules, the one or more modules being stored in the memory and configured to be executed by the one or more processors, the one or The plurality of modules includes instructions for performing the various steps in the method of the first aspect.
  • an embodiment of the present invention provides a computer program product for use in conjunction with an electronic device including a display, the computer program product comprising a computer readable storage medium and a computer program mechanism embedded therein, the computer
  • the program mechanism includes instructions for performing the various steps in the method of the first aspect.
  • an embodiment of the present invention provides a data transmission method, which is applied to a VPN server, where the method includes:
  • the data packet After receiving the uplink data packet of the access device, the data packet is VPN decapsulated and sent to the second transmission virtual network device.
  • an embodiment of the present invention provides a data transmission apparatus, including:
  • a establishing unit configured to establish a VPN tunnel between the first transmission virtual network device on the access device side and the second transmission virtual network device on the VPN server end;
  • a determining unit configured to determine each network transmission unit corresponding to the access device side
  • the processing unit is configured to perform VPN decapsulation on the data packet after receiving the uplink data packet of the access device, and send the data packet to the second transmission virtual network device.
  • an embodiment of the present invention provides an electronic device, where the electronic device includes:
  • a memory one or more processors; and one or more modules, the one or more modules being stored in the memory and configured to be executed by the one or more processors, the one or The plurality of modules includes instructions for performing the various steps of the method of the fifth aspect.
  • an embodiment of the present invention provides a computer program product for use in conjunction with an electronic device including a display, the computer program product comprising a computer readable storage medium and a computer program mechanism embedded therein, the computer
  • the program mechanism includes instructions for performing the various steps of the methods described in the method of the fifth aspect.
  • the method provided by the embodiment of the present invention may select a network transmission unit according to a network transmission unit selection policy, and transmit the uplink data through the selected network transmission unit, so as to flexibly select the network transmission unit according to the transmitted data, and thereby utilize the network transmission unit reasonably.
  • FIG. 2 is a schematic structural diagram of a data transmission system according to an embodiment of the present invention.
  • FIG. 3 is a schematic flowchart of a VPN tunnel establishment process according to an embodiment of the present invention.
  • FIG. 4 is a schematic flowchart of a data transmission method according to an embodiment of the present invention.
  • FIG. 5 is a schematic flowchart of another data transmission method according to an embodiment of the present invention.
  • FIG. 6 is a schematic structural diagram of a data transmission apparatus according to an embodiment of the present invention.
  • FIG. 7 is a schematic structural diagram of an electronic device according to an embodiment of the present invention.
  • FIG. 8 is a schematic structural diagram of another data transmission apparatus according to an embodiment of the present invention.
  • FIG. 9 is a schematic structural diagram of another electronic device according to an embodiment of the present invention.
  • the current data transmission method is: the first terminal establishes a transmission path with the second terminal in advance through a network transmission unit (such as a wireless router or a wireless data terminal).
  • a network transmission unit such as a wireless router or a wireless data terminal.
  • the first terminal transmits data its data is transmitted to the second terminal through a pre-established transmission path.
  • the bandwidth corresponding to the network transmission unit is fixed, but the amount of data transmitted by the method is unstable. If the amount of data transmitted by the method is large, the available bandwidth of each data is small, and available for a single data. The bandwidth cannot meet the transmission requirement of the data, causing the transmission time of the data to be prolonged and the transmission quality to be degraded.
  • the present invention provides a data transmission method, which can select a network transmission unit according to a network transmission unit selection policy, and transmit uplink data through a selected network transmission unit, thereby implementing flexible selection of a network according to the transmitted data.
  • the transmission unit, and then the network transmission unit is rationally utilized to improve the data transmission quality.
  • the data transmission method provided by the present invention can be applied to a data transmission system composed of an access device and a VPN server.
  • the data transmission system includes an access device 202 and a VPN server 203.
  • it can also include a data generating end - the first terminal 201 and the data most The final receiving end - the second terminal 204.
  • the access device 202 can be located in the first terminal 201 (as shown in FIG. 2( a )).
  • the access device 202 can also be located outside the first terminal 201, and the access device 202 is connected to the first terminal 201 (as shown in FIG. 2(b)).
  • the access device 202 is connected to n network transmission units at the same time, wherein the n network transmission units may be n wireless terminals, or may be n line network transmission units, or may be, m wireless terminals and nm line network transmissions.
  • n network transmission units may be n wireless terminals, or may be n line network transmission units, or may be, m wireless terminals and nm line network transmissions.
  • Unit, m is a positive integer greater than 0 and m is less than n.
  • n wireless terminals may be n wireless routers, or n wireless data terminals, or t network transmission units and n-t wireless data terminals, where t is a positive integer greater than 0 and m is less than n.
  • m wireless terminals which may be m wireless routers, or m wireless data terminals, or i network transmission units and m-i wireless data terminals, i being a positive integer greater than 0 and m being less than n.
  • the services provided for each wireless terminal may be the same operator or different operators.
  • the access device 202 before performing the data transmission method provided by the embodiment, the access device 202 establishes a VPN (Virtual Private Network) tunnel in advance with the VPN server 203.
  • the specific establishment process is: after the access device 202 determines that the open condition is met, the VPN tunnel between the first transmission virtual network device on the access device 202 side and the second transmission virtual network device on the VPN server end 203 is established, and the access is modified.
  • the routing rules of the device is: after the access device 202 determines that the open condition is met, the VPN tunnel between the first transmission virtual network device on the access device 202 side and the second transmission virtual network device on the VPN server end 203 is established, and the access is modified.
  • the routing rules of the device is:
  • the modified routing rule may enable the uplink data packet to be routed by the routing unit of the access device 202 to the first transmission virtual network device, where the source address IP is the IP of the network transmission unit corresponding to the access device 202.
  • the inter-connected protocol) address, and the packet whose destination IP is the VPN server 203 is routed by the routing unit of the access device 202 to the gateway of the network transmission unit corresponding to the network transmission unit.
  • the routing unit in order for the uplink data packet to be routed by the routing unit of the access device 202 to the first transmission virtual network device, the routing unit may be The next hop is directed to the network transmission unit; in addition, in order to enable the destination IP to be the data packet of the VPN server 203 to be routed by the routing unit of the access device 202 to the gateway of the network transmission unit corresponding to the network transmission unit, N policy routes and N routing tables, (N is equal to the number of network transmission units), that is, adding a policy route and a routing table to each network transmission unit.
  • the policy routing content is that the source address is the IP address of the network transmission unit, and the destination IP address is the data packet of the VPN server IP address, and the routing table of the network transmission unit is queried.
  • the content of the routing table is the default gateway is the gateway of the network transmission unit. .
  • the opening condition includes: monitoring that the preset button is triggered by the user; and/or, the real-time network transmission parameter does not satisfy the transmission requirement.
  • FIG. 3 shows a specific implementation method for establishing a VPN tunnel between the first transmission virtual network device on the access device 202 side and the second transmission virtual network device of the VPN server 203, and modifying the routing rules of the access device.
  • the method includes:
  • the access device 202 sends the type information of each network transmission unit to the VPN server 203.
  • the access device 202 In order for the VPN server 203 to determine a more reasonable network transmission unit selection policy, the access device 202 needs to transmit the type information of each network transmission unit it accesses to the VPN server 203.
  • the VPN server 203 determines a network transmission unit selection policy according to information of each network transmission unit, creates a second transmission virtual network device, allocates a VPN tunnel establishment resource, and changes a next hop in the second routing rule to a second transmission virtual Internet equipment.
  • the manner in which the VPN server 203 creates the second transmission virtual network device may be an existing manner, for example, establishing a TUN (point-to-point device) type second transmission virtual network device through a Linux virtual network card, or establishing a TAP through a Linux virtual network card (Ethernet) Device) type of second transmission virtual network device.
  • a TUN point-to-point device
  • a Linux virtual network card Ethernet
  • the VPN server 203 acquires a corresponding network transmission unit selection policy according to the real-time network transmission parameters.
  • the network transmission unit selection strategy may be a load balancing selection strategy, or A selection strategy for bandwidth aggregation.
  • the VPN server 203 determines the network transmission unit selection policy according to the information of each network transmission unit. After the second transmission virtual network device is created, the next hop in the second routing rule is changed to the second transmission virtual network device, and the VPN server 203 is received according to the second routing rule. The data is routed to the second transport virtual network device.
  • the VPN server 203 sends the network transmission unit selection policy, the type of the second transmission virtual network device, and the VPN tunnel establishment resource to the access device 202.
  • the type of the second transmission virtual network device is TUN, or the type of the second transmission virtual network device is TAP.
  • the VPN server 203 also determines available network transmission units based on real-time network transmission parameters, and returns the available network transmission units to the access device 202 in the form of first information.
  • the access device 202 receives the network transmission unit selection policy, the type of the second transmission virtual network device, and the VPN tunnel establishment resource.
  • the access device 202 also receives the first information.
  • the access device 202 also actively receives the network transmission unit selection policy. For example, when the access device 202 detects that the preset button is triggered by the user, the corresponding network transmission unit selection policy is acquired; or the access device 202 acquires the corresponding network transmission unit selection policy according to the real-time network transmission parameter.
  • the access device 202 creates a first transmission virtual network device of the same type as the second transmission virtual network device, and establishes one VPN tunnel according to the VPN tunnel establishment resource.
  • the access device 202 access device changes the next hop in the first routing rule to the first transmission virtual network device.
  • a VPN tunnel is established between the access device 202 and the VPN server 203, and the first transmission virtual network device can simultaneously connect multiple network transmission units of the access device 202 according to the network transmission unit selection policy.
  • the network transmission unit is selected to transmit data to the VPN server 203 via the VPN tunnel through the selected network transmission unit, and the second transmission virtual network device in the VPN server 203 routes the data to the second terminal 204.
  • each network transmission unit has independent network access capability, and each network transmission unit can use its independent network access capability to transmit data to the VPN server 203 through the VPN tunnel to implement network transmission.
  • the first terminal 201 can select a network transmission unit from among multiple network transmission units that simultaneously connect the access device.
  • the data is transmitted to the VPN server 203 through the VPN tunnel through the selected network transmission unit.
  • the second transmission virtual network device in the VPN server 203 then routes the data to the second terminal 204. For details, refer to FIG. 4.
  • the access device 202 acquires uplink data.
  • the uplink data may be the first data in the first terminal 201.
  • the access device 202 If the access device 202 is located in the first terminal 201, the first data can be directly read from the first data storage location in the first terminal 201. If the access device 202 is located outside the first terminal 201, the first data sent by the first terminal 201 may be received.
  • the access device 202 obtains an uplink data packet from the first transmission virtual network device after the routing unit routes the uplink data packet to the first transmission virtual network device according to the modified first routing rule.
  • the access device 202 selects a network transmission unit according to the pre-acquired network transmission unit selection policy, and sets a source address IP of the VPN encapsulated uplink data packet to the selected network transmission when performing VPN encapsulation on the uplink data packet.
  • Unit IP, destination IP is set to VPN The IP address of the server.
  • the source IP address of the encapsulated uplink data packet is the IP of the selected network transmission unit, and the destination IP address is the IP address of the VPN server.
  • the specific implementation process of the access device 202 selecting a network transmission unit according to the pre-acquired network transmission unit selection policy may be: the access device 202 selects one transmission unit from the available network transmission units indicated by the first information.
  • the specific implementation process of performing the VPN encapsulation of the uplink data packet may be: encapsulating the uplink data packet and performing VPN encapsulation.
  • the access device 202 selects a network transmission unit according to the network transmission unit selection policy, and transmits the first data to the VPN server 203 via the VPN tunnel through the selected network transmission unit.
  • the implementation of the data transmission through the VPN tunnel may be an existing implementation, for example, a UDP (User Datagram Protocol) transmission, and details are not described herein again.
  • UDP User Datagram Protocol
  • the VPN server 203 determines, according to each network transmission unit corresponding to the access device 202, after receiving the uplink data packet of the access device 202, the VPN packet is decapsulated and sent to the second transmission virtual network device.
  • the VPN server 203 After the VPN server 203 performs VPN decapsulation on the data sent by the access device 202, the VPN server 203 sends the decapsulated data to the second transmission virtual network device according to the changed second routing rule.
  • the second transmission virtual network device decrypts the access device 202 to send data in the step, and the decrypted data is routed to the second terminal 204.
  • the first terminal 201 sends data to the access device 202, and the access device 202 selects a network transmission unit according to the network transmission unit selection policy, and passes the data through the selected network transmission unit through the VPN tunnel. Transfer to the VPN server 203, and route the data to the second terminal 204 via the VPN server 203, not only implementing the first terminal 201 The purpose of transmitting the data to the second terminal 204 can also reasonably utilize the network transmission unit to improve the data transmission quality.
  • the access device 202 shown in FIG. 4 can select the network transmission unit, and the access device 202 and the VPN server 203 can be implemented.
  • the process of transmitting the data to the VPN server 203 between the established VPN tunnels, and the process of transmitting the data from the VPN tunnel established between the VPN server 203 and the access device 202 to the access device 202 may also be implemented. 5.
  • the VPN server 203 receives the data packet addressed to the access device 202.
  • the data packet can be the second data in the second terminal 204.
  • the VPN server 203 routes the data packet to the second transmission virtual network device according to the changed second routing rule, and selects a network transmission unit according to the network transmission unit selection policy.
  • the VPN server 203 Before the VPN server 203 selects a network transmission unit according to the network transmission unit selection policy, it is also required to determine each network transmission unit corresponding to the access device side.
  • the VPN server 203 performs VPN encapsulation on the data packet and sends the data packet to the public network.
  • the destination address of the encapsulated data packet is the IP address of the selected network transmission unit.
  • the VPN server 203 may first encrypt the data packet, and then VPN encapsulate the encrypted data packet and send it to the public network.
  • the access device 202 routes the second data to the first transmission virtual network device according to the changed first routing rule, the encrypted data is obtained from the first transmission virtual network device, and the encrypted data is decrypted. The data is sent to the routing module of access device 202.
  • the routing module can route the decrypted data to the first terminal 201.
  • the VPN server 203 transmits the data in the second terminal 204 to the access device 202, and the access device 202 routes to the first terminal 201, not only to transmit the data in the second terminal 204 to the first terminal.
  • the purpose of the terminal 201 is also to flexibly select to transmit data. The way to rationally utilize the network transmission unit to improve the quality of data transmission.
  • the following takes the smart terminal to transmit the video data obtained by the instant messaging software to the VPN server corresponding to the instant messaging software as an example, and describes the implementation methods of the prior art and the present solution again.
  • the smart terminal includes both a wireless router and a 4G terminal, and the smart terminal currently transmits data through the 4G terminal.
  • the smart terminal transmits all the video data acquired by the instant communication software to the VPN server corresponding to the instant communication software through the 4G terminal.
  • the intelligent terminal transmits the image data acquired by the instant communication software to the VPN server corresponding to the instant communication software through the 4G terminal according to the real-time situation of the VPN tunnel corresponding to the 4G terminal and the wireless router, and acquires the voice by the instant communication software.
  • the data is transmitted to the VPN server corresponding to the instant messaging software through the wireless router.
  • the bandwidth that the 4G terminal can provide cannot satisfy the video data requirement, but the bandwidth that the 4G terminal can provide can meet the transmission requirement of the voice data by using the image data in the video data and The voice data is separated, the voice data is transmitted through the 4G terminal, and the image data is transmitted through the wireless router, which does not cause the transmission time of the video data to be prolonged, and the quality of the video data transmission is degraded.
  • the access device 202 continues to determine whether the shutdown condition is satisfied after determining that the ON condition is satisfied, and terminates the data transmission if the access device 202 determines that the shutdown condition is satisfied. Process, disconnect the VPN tunnel, and restore the routing rules to the pre-modification.
  • the access device 202 sends a VPN tunnel disconnection instruction to the VPN server 203, and restores the next hop in the changed first routing rule to the next hop before the change; the VPN server The 203 VPN server releases the VPN tunnel establishment resource according to the VPN tunnel disconnection command, and restores the next hop in the changed second routing rule to the next hop before the change.
  • the specific implementation manner of obtaining the preset shutdown control signal is: when the preset button is detected to be triggered by the user, the access device 202 determines that the shutdown condition is satisfied; or, according to the currently acquired network transmission unit selection policy, only one application is determined.
  • the network transmission unit transmits, and the access device 202 determines that the shutdown condition is satisfied.
  • the method provided by the embodiment of the present invention may select a network transmission unit according to a network transmission unit selection policy, and transmit the uplink data through the selected network transmission unit, so as to flexibly select the network transmission unit according to the transmitted data, and thereby utilize the network transmission unit reasonably.
  • the method provided by the present application can be flexibly controlled by the control signal.
  • the network transmission unit is a wireless network terminal, but in practical applications, the network transmission unit may also be a wired network port.
  • the present embodiment provides a data transmission apparatus, and the principle of solving the problem by the data transmission apparatus is similar to the method performed by the access apparatus in the data transmission method shown in FIG. 3 to FIG. 5, and thus the transmission is performed.
  • the terminal reference may be made to the implementation of the method performed by the access device in FIG. 3 to FIG. 5, and the repeated description is not repeated.
  • the data transmission device includes:
  • the establishing unit 601 is configured to establish a VPN tunnel between the first transmission virtual network device on the access device side and the second transmission virtual network device on the VPN server end;
  • the modifying unit 602 is configured to modify the routing rule of the access device.
  • the modified routing rule is configured to route the uplink data packet by the routing unit of the access device to the first transmission virtual network device, so that the source address IP is the network corresponding to the access device.
  • the IP address of the transmission unit and the destination IP address of the VPN server are routed by the routing unit of the access device to the network transmission corresponding to the network transmission unit.
  • the first obtaining unit 603 is configured to: after the routing unit of the access device routes the uplink data packet to the first transmission virtual network device according to the modified routing rule, obtain the uplink data packet from the first transmission virtual network device;
  • the selecting unit 604 is configured to select a network transmission unit according to the pre-acquired network transmission unit selection policy, and set the source address IP of the VPN encapsulated uplink data packet to the selected network transmission when performing VPN encapsulation on the uplink data packet.
  • the IP address of the unit and the destination IP address are set to the IP address of the VPN server.
  • the network transmission unit selection policy is a load balancing selection policy; or a bandwidth aggregation selection policy.
  • the data transmission device further includes:
  • a second sending unit configured to send type information of each network transmission unit to a VPN server
  • a first receiving unit configured to receive first information returned by the VPN server; the first information is used to indicate an available network transmission unit;
  • the selecting unit 604 includes:
  • a transmission unit is selected from available network transmission units indicated by the first information.
  • the data transmission device further includes:
  • the second receiving unit is configured to receive a network transmission unit selection policy returned by the VPN server.
  • the selecting unit 604 is configured to encrypt the uplink data packet and perform VPN encapsulation.
  • the data transmission device further includes:
  • a second acquiring unit configured to obtain encrypted downlink data from the first transmission virtual network device
  • a decryption unit for decrypting encrypted downlink data
  • a third sending unit configured to send the decrypted downlink data to a routing module of the access device.
  • the establishing unit 601 is configured to establish a VPN tunnel when the opening condition is met;
  • Opening conditions include:
  • the data transmission device further includes:
  • the disconnect unit is used to determine that the shutdown condition is met, disconnect the VPN tunnel, and restore the routing rule to the pre-modification.
  • the data transmission device further includes:
  • a determining unit configured to determine that the closing condition is satisfied after detecting that the preset button is triggered by the user; or determining, according to the currently acquired network transmission unit selection policy, that only one network transmission unit is used for transmission, and determining that the closing condition is satisfied.
  • the data transmission device further includes:
  • the third acquiring unit is configured to: when the preset button is triggered by the user, obtain a corresponding network transmission unit selection policy; or obtain a corresponding network transmission unit selection policy according to the real-time network transmission parameter.
  • the data transmission apparatus may select a network transmission unit according to a network transmission unit selection policy, and transmit the uplink data through the selected network transmission unit, thereby flexibly selecting a network transmission unit according to the transmitted data, and thereby rationally utilizing the network transmission. unit.
  • the present embodiment provides an electronic device.
  • the electronic device includes a memory 701, one or more processors 702, and one or more modules 703, the one or more modules 703. Stored in the memory 701 and configured to be executed by the one or more processors 702, the one or more modules 703 including methods for performing the operations performed by the access devices of Figures 3-5 The instructions in each step.
  • the electronic device provided by the embodiment of the present invention may select a network transmission unit according to a network transmission unit selection policy, and transmit the uplink data through the selected network transmission unit to implement the The transmitted data flexibly selects the network transmission unit to make reasonable use of the network transmission unit.
  • the present embodiment provides a computer program product for use in conjunction with an electronic device including a display, the computer program product comprising a computer readable storage medium and a computer program mechanism embedded therein, the computer
  • the program mechanism includes instructions for performing the various steps in the method performed by the access device of Figures 3 through 5.
  • the computer program product provided by the embodiment of the present invention may select a network transmission unit according to a network transmission unit selection policy, and transmit the uplink data through the selected network transmission unit, thereby flexibly selecting a network transmission unit according to the transmitted data, thereby appropriately utilizing the network transmission. unit.
  • the present embodiment provides a data transmission apparatus.
  • the principle of solving the problem by the data transmission apparatus is similar to the method performed by the VPN server in the data transmission method shown in FIG. 3 to FIG. 5, and thus the transmission end is
  • the implementation refer to the implementation of the method performed by the VPN server in FIG. 3 to FIG. 5, and the repeated description is not repeated.
  • the data transmission device includes:
  • the establishing unit 801 is configured to establish a VPN tunnel between the first transmission virtual network device on the access device side and the second transmission virtual network device on the VPN server end;
  • a determining unit 802 configured to determine each network transmission unit corresponding to the access device side
  • the processing unit 803 is configured to perform VPN decapsulation on the data packet after receiving the uplink data packet of the access device, and send the data packet to the second transmission virtual network device.
  • the data transmission device further includes:
  • the obtaining unit is configured to obtain a corresponding network transmission unit selection policy according to the real-time network transmission parameter.
  • the data transmission apparatus selects a policy according to a network transmission unit selection policy. Selecting a network transmission unit to receive data, and flexibly selecting a network transmission unit according to the transmitted data, thereby rationally utilizing the network transmission unit.
  • the present embodiment provides an electronic device.
  • the electronic device includes a memory 901, one or more processors 902, and one or more modules 903, the one or more modules 903 Stored in the memory 901 and configured to be executed by the one or more processors 902, the one or more modules 903 comprising methods for performing the VPN server of Figures 3 through 5 Instructions for each step.
  • the electronic device selects a network transmission unit to receive data according to a network transmission unit selection policy, and implements flexible selection of a network transmission unit according to the transmitted data, thereby appropriately utilizing the network transmission unit.
  • the present embodiment provides a computer program product for use in conjunction with an electronic device including a display, the computer program product comprising a computer readable storage medium and a computer program mechanism embedded therein, the computer
  • the program mechanism includes instructions for performing the various steps in the method performed by the VPN server of Figures 3 through 5.
  • the computer program product provided by the embodiment of the present invention selects a network transmission unit to receive data according to a network transmission unit selection policy, and implements flexible selection of a network transmission unit according to the transmitted data, thereby appropriately utilizing the network transmission unit.
  • embodiments of the present invention can be provided as a method, system, or computer program product. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment, or a combination of software and hardware. Moreover, the present invention may employ computer usable storage media (including but not included) in one or more of the computer usable program code embodied therein. It is limited to the form of a computer program product implemented on a disk storage, a CD-ROM, an optical storage, or the like.
  • the computer program instructions can also be stored in a computer readable memory that can direct a computer or other programmable data processing device to operate in a particular manner, such that the instructions stored in the computer readable memory produce an article of manufacture comprising the instruction device.
  • the apparatus implements the functions specified in one or more blocks of a flow or a flow and/or block diagram of the flowchart.
  • These computer program instructions can also be loaded onto a computer or other programmable data processing device such that a series of operational steps are performed on a computer or other programmable device to produce computer-implemented processing for execution on a computer or other programmable device.
  • the instructions provide steps for implementing the functions specified in one or more of the flow or in a block or blocks of a flow diagram.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

L'invention concerne un procédé de transmission de données, un appareil de transmission de données, un dispositif électronique et un produit programme informatique, qui s'appliquent au domaine technique des communications sans fil. Le procédé consiste à : établir un tunnel VPN et modifier une règle de routage d'un appareil d'accès ; acquérir le paquet de données de liaison montante à partir du premier dispositif de réseau de transmission virtuel après le routage d'un paquet de données de liaison montante vers un premier dispositif de réseau de transmission virtuel conformément à la règle de routage modifiée ; et sélectionner une unité de transmission de réseau conformément à une politique de sélection d'unité de transmission de réseau, et lors de l'exécution d'une encapsulation VPN sur le paquet de données de liaison montante, régler une adresse IP d'adresse source du paquet de données de liaison montante à encapsulation VPN pour qu'elle soit l'IP de l'unité de transmission de réseau sélectionnée, et établir une adresse IP de destination pour qu'elle soit l'adresse IP d'un serveur VPN. Selon le procédé décrit dans la présente invention, une unité de transmission de réseau peut être sélectionnée conformément à une politique de sélection d'unité de transmission de réseau, et des données de liaison montante sont transmises au moyen de l'unité de transmission de réseau sélectionnée, de telle sorte que l'unité de transmission de réseau est sélectionnée de manière flexible et raisonnable en fonction des données transmises.
PCT/CN2016/107745 2016-11-29 2016-11-29 Procédé de transmission de données, appareil de transmission de données, dispositif électronique et produit programme informatique WO2018098633A1 (fr)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN201680002961.3A CN106797335B (zh) 2016-11-29 2016-11-29 数据传输方法、数据传输装置、电子设备和计算机程序产品
PCT/CN2016/107745 WO2018098633A1 (fr) 2016-11-29 2016-11-29 Procédé de transmission de données, appareil de transmission de données, dispositif électronique et produit programme informatique

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2016/107745 WO2018098633A1 (fr) 2016-11-29 2016-11-29 Procédé de transmission de données, appareil de transmission de données, dispositif électronique et produit programme informatique

Publications (1)

Publication Number Publication Date
WO2018098633A1 true WO2018098633A1 (fr) 2018-06-07

Family

ID=58952992

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2016/107745 WO2018098633A1 (fr) 2016-11-29 2016-11-29 Procédé de transmission de données, appareil de transmission de données, dispositif électronique et produit programme informatique

Country Status (2)

Country Link
CN (1) CN106797335B (fr)
WO (1) WO2018098633A1 (fr)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113709052A (zh) * 2020-05-21 2021-11-26 中移(苏州)软件技术有限公司 一种网络报文的处理方法、装置、电子设备和存储介质
CN114157534A (zh) * 2021-12-14 2022-03-08 福达新创通讯科技(厦门)有限公司 一种基于分布式的多支流vpn通信、系统、存储介质

Families Citing this family (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109088953B (zh) * 2017-06-14 2022-02-25 中兴通讯股份有限公司 一种Linux网关代理转换IP的方法及装置
CN109861924B (zh) * 2017-11-30 2022-06-21 中兴通讯股份有限公司 报文的发送、处理方法及装置,pe节点,节点
CN111131043B (zh) * 2018-10-30 2022-04-29 深信服科技股份有限公司 一种udp数据包的传输方法、系统及相关组件
CN109495461B (zh) * 2018-11-01 2021-07-23 北京车和家信息技术有限公司 数据访问请求处理方法、装置及车载中控系统
WO2022016406A1 (fr) * 2020-07-22 2022-01-27 北京小米移动软件有限公司 Procédé et appareil de transmission d'informations, et dispositif de communication
CN113938293A (zh) * 2021-09-23 2022-01-14 深圳市柔宇科技股份有限公司 Vpn网络分享方法、存储介质和终端设备

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101958822A (zh) * 2009-07-17 2011-01-26 株式会社日立制作所 加密通信系统及网关装置
CN102752149A (zh) * 2012-07-18 2012-10-24 贝尔特物联技术无锡有限公司 4g网络管理系统
CN102801695A (zh) * 2011-05-27 2012-11-28 华耀(中国)科技有限公司 虚拟专用网通信设备及其数据包传输方法
CN102843292A (zh) * 2012-08-20 2012-12-26 成都卫士通信息产业股份有限公司 一种跨运营商网络的vpn数据处理方法及装置

Family Cites Families (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1143665B1 (fr) * 1999-06-10 2007-01-03 Alcatel Internetworking, Inc. Système et procédé de gestion de règle unifiée avec un dispositif intégré de mise-en-oeuvre
CN100438476C (zh) * 2003-11-04 2008-11-26 深圳市深信服电子科技有限公司 多路复用vpn隧道的连接方法
CN101136778A (zh) * 2006-08-02 2008-03-05 美国凹凸微系有限公司 防火墙/vpn安全网关设备的基于vpn配置的策略
US8638794B1 (en) * 2010-04-15 2014-01-28 Cellco Partnership Method and system for routing traffic across multiple interfaces via VPN traffic selectors and local policies
US9300570B2 (en) * 2012-05-22 2016-03-29 Harris Corporation Multi-tunnel virtual private network
CN102938734A (zh) * 2012-11-26 2013-02-20 杭州华三通信技术有限公司 Mpls网络中隧道的选择方法及pe设备
CN103067290B (zh) * 2012-11-30 2016-06-01 成都卫士通信息产业股份有限公司 基于虚拟网卡适应负载均衡网络的vpn隧道实现方法
CN104426732A (zh) * 2013-08-19 2015-03-18 华耀(中国)科技有限公司 一种高速传输隧道的实现方法及系统
US9531565B2 (en) * 2013-12-20 2016-12-27 Pismo Labs Technology Limited Methods and systems for transmitting and receiving packets

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101958822A (zh) * 2009-07-17 2011-01-26 株式会社日立制作所 加密通信系统及网关装置
CN102801695A (zh) * 2011-05-27 2012-11-28 华耀(中国)科技有限公司 虚拟专用网通信设备及其数据包传输方法
CN102752149A (zh) * 2012-07-18 2012-10-24 贝尔特物联技术无锡有限公司 4g网络管理系统
CN102843292A (zh) * 2012-08-20 2012-12-26 成都卫士通信息产业股份有限公司 一种跨运营商网络的vpn数据处理方法及装置

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113709052A (zh) * 2020-05-21 2021-11-26 中移(苏州)软件技术有限公司 一种网络报文的处理方法、装置、电子设备和存储介质
CN113709052B (zh) * 2020-05-21 2024-02-27 中移(苏州)软件技术有限公司 一种网络报文的处理方法、装置、电子设备和存储介质
CN114157534A (zh) * 2021-12-14 2022-03-08 福达新创通讯科技(厦门)有限公司 一种基于分布式的多支流vpn通信、系统、存储介质

Also Published As

Publication number Publication date
CN106797335B (zh) 2020-04-07
CN106797335A (zh) 2017-05-31

Similar Documents

Publication Publication Date Title
WO2018098633A1 (fr) Procédé de transmission de données, appareil de transmission de données, dispositif électronique et produit programme informatique
US9712504B2 (en) Method and apparatus for avoiding double-encryption in site-to-site IPsec VPN connections
US8713305B2 (en) Packet transmission method, apparatus, and network system
CN105229988B (zh) 在对接结构中的基于代理的通信方法和设备
CN106878138B (zh) 一种报文传输方法和装置
EP3309993A1 (fr) Procédé, dispositif et système de traitement de paquet vxlan
CN107018059B (zh) 一种报文转发方法及装置
CN111093198A (zh) 无线局域网数据发送方法及其装置
WO2015158168A1 (fr) Procédé et appareil de communication entre un terminal mobile et un terminal pos, et terminal pos
US10812292B2 (en) Packet processing method and device
CN110858822B (zh) 媒体接入控制安全协议报文传输方法和相关装置
US10187478B2 (en) Dynamic detection of inactive virtual private network clients
CN108886685A (zh) 一种终端匹配方法、装置
CN103067290A (zh) 基于虚拟网卡适应负载均衡网络的vpn隧道实现方法
EP2919498B1 (fr) Procédé, dispositif et système pour le traitement de paquets par un relais
EP3293933A1 (fr) Protection de contenu de communication
CN112492622B (zh) 一种数据报文处理方法及设备
CN107819685A (zh) 一种数据处理的方法以及网络设备
CN105471827A (zh) 一种报文传输方法及装置
CN105337954A (zh) 卫星通信中ip报文的加密、解密方法及装置
CN106209401B (zh) 一种传输方法及装置
AU2004297923A1 (en) Method and apparatus to inline encryption and decryption for a wireless station
US20190281530A1 (en) X2 service transmission method and network device
WO2017131767A1 (fr) Configuration de réseau privé virtuel mobile
US20050028011A1 (en) Automatic setting of security in communication network system

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 16922886

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205 DATED 30/09/2019)

122 Ep: pct application non-entry in european phase

Ref document number: 16922886

Country of ref document: EP

Kind code of ref document: A1