WO2022116848A1 - Packet transmission method and apparatus, computer device, and storage medium - Google Patents

Packet transmission method and apparatus, computer device, and storage medium Download PDF

Info

Publication number
WO2022116848A1
WO2022116848A1 PCT/CN2021/131445 CN2021131445W WO2022116848A1 WO 2022116848 A1 WO2022116848 A1 WO 2022116848A1 CN 2021131445 W CN2021131445 W CN 2021131445W WO 2022116848 A1 WO2022116848 A1 WO 2022116848A1
Authority
WO
WIPO (PCT)
Prior art keywords
address
flow table
packet
reverse
public network
Prior art date
Application number
PCT/CN2021/131445
Other languages
French (fr)
Chinese (zh)
Inventor
周娜
黄华桥
谭国权
Original Assignee
武汉绿色网络信息服务有限责任公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 武汉绿色网络信息服务有限责任公司 filed Critical 武汉绿色网络信息服务有限责任公司
Publication of WO2022116848A1 publication Critical patent/WO2022116848A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/25Mapping addresses of the same type
    • H04L61/2503Translation of Internet protocol [IP] addresses
    • H04L61/2517Translation of Internet protocol [IP] addresses using port numbers
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/25Mapping addresses of the same type
    • H04L61/2503Translation of Internet protocol [IP] addresses
    • H04L61/255Maintenance or indexing of mapping tables
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/25Mapping addresses of the same type
    • H04L61/2503Translation of Internet protocol [IP] addresses
    • H04L61/2557Translation policies or rules

Definitions

  • the present application relates to the field of communication technologies, and in particular, to a message transmission method, device, computer equipment and storage medium.
  • NAT is the process of converting an IP address in a data packet header to another IP address.
  • NAT technology when NAT technology is used for packet transmission, the same private network device can only communicate with one public network device through a public network IP address and public network port.
  • a private network device needs to access multiple public network devices, it needs to occupy multiple public network IP addresses and public network ports, which speeds up the consumption of public network IP address resources.
  • Embodiments of the present application provide a message transmission method, device, computer equipment, and storage medium, so as to solve the problem that when a private network device needs to access multiple public network devices, it needs to occupy multiple public network IP addresses and public network ports, thereby speeding up It solves the technical problem of the consumption of public network IP address resources.
  • the present application provides a message transmission method, which is applied to a NAT conversion device, and the message transmission method includes:
  • NAT conversion is performed on the forward message to convert the source IP address of the forward message into a corresponding public network IP address, and the source port of the forward message is converted into a corresponding public network port, And establish a forward flow table according to the quintuple information of the forward message, and establish a reverse flow table according to the destination IP address, destination port and transport layer protocol of the forward message and the corresponding public network IP address and public network port.
  • a forward flow table associating the forward flow table with the reverse flow table;
  • the reversed packet after the NAT transformation is sent to the private network device.
  • the private network device is a user terminal
  • the public network device is a server
  • the message transmission method includes:
  • the first forward packet after the NAT transformation is sent to the first server;
  • the message transmission method further includes:
  • the first public network IP address and the first public network port are obtained according to the quintuple information of the second forward packet, and the destination IP address of the second forward packet is the same as the first public network port.
  • the destination IP address of the packet is different;
  • the second forward packet after the NAT transformation is sent to the second server;
  • the corresponding reverse flow table is obtained according to the quintuple information of the forward packet, and the forward flow table associated with the corresponding reverse flow table is obtained according to the corresponding reverse flow table
  • the steps include:
  • the message transmission method further includes:
  • the step of deleting the NAT entry in the NAT flow table that is not hit by the forward message within a preset time includes:
  • the preset time is determined according to the transport layer protocol of the forward packet recorded in the reverse flow table.
  • the present application also provides a message transmission device, which is applied to a NAT conversion device, and the message transmission device includes a receiving unit, a NAT unit and a forwarding unit, wherein:
  • the receiving unit is configured to receive the forward message sent by the private network device
  • the NAT unit is used to obtain the corresponding public network IP address and public network port according to the quintuple information of the forward message;
  • the NAT unit is further configured to perform NAT conversion on the forward message, so as to convert the source IP address of the forward message into a corresponding public network IP address, and convert the source port of the forward message
  • For the corresponding public network port establish a forward flow table according to the quintuple information of the forward message, according to the destination IP address, destination port and transport layer protocol of the forward message and the corresponding public network IP
  • the address and the public network port establish a reverse flow table, and associate the forward flow table with the reverse flow table;
  • the forwarding unit is used to send the forward message after the NAT conversion to the corresponding public network device according to the destination IP address of the forward message after the NAT conversion;
  • the NAT unit is further configured to receive a reverse message sent by the corresponding public network device according to the forward message converted by the NAT, obtain a corresponding reverse flow table according to the quintuple information of the reverse message, and Obtain the forward flow table associated with the corresponding reverse flow table according to the corresponding reverse flow table;
  • the NAT unit is also used to obtain the private network IP address and the private network port of the corresponding private network device from the forward flow table associated with the corresponding reverse flow table, and perform NAT translation on the reverse message to obtain the corresponding private network IP address and private network port. Convert the destination IP address of the reverse packet to the private network IP address of the corresponding private network device, and convert the destination port of the reverse packet to the private network port of the corresponding private network device;
  • the forwarding unit is further configured to send the NAT-translated reverse packet to the private network device according to the destination IP address of the NAT-translated reverse packet.
  • the present application also provides a computer device, the computer device comprising:
  • processors one or more processors
  • the one or more application programs are stored in the memory and configured to be executed by the processor to implement any one of the above message transmission methods.
  • the present application further provides a computer-readable storage medium on which a computer program is stored, and the computer program is loaded by a processor to execute the steps in any of the foregoing message transmission methods.
  • the source IP address, source port, destination IP address and destination port of the forward packet are translated during the NAT translation process, so that the same private network device can use a public network IP address and a public network port to many-to-many access to different public network devices, thereby reducing the occupied public network IP address resources.
  • FIG. 1 is a schematic diagram of a scenario of a message transmission system in an embodiment of the present application
  • FIG. 2 is a schematic flowchart of a message transmission method in an embodiment of the present application.
  • FIG. 3 is a schematic flowchart of a message transmission method in an embodiment of the present application.
  • FIG. 4 is a schematic flowchart of a message transmission method in an embodiment of the present application.
  • FIG. 5 is a schematic structural diagram of a message transmission apparatus in an embodiment of the present application.
  • FIG. 6 is a schematic structural diagram of a computer device provided in an embodiment of the present application.
  • first and second are only used for descriptive purposes, and should not be construed as indicating or implying relative importance or implying the number of indicated technical features. Thus, features defined as “first”, “second” may expressly or implicitly include one or more of said features. In the description of the present application, “plurality” means two or more, unless otherwise expressly and specifically defined.
  • NAT technology is mainly used to realize the function of private network accessing public network. This way of representing more private IP addresses by using a small number of public IP addresses will help to slow down the exhaustion of available public IP addresses.
  • the private IP address refers to the IP address of the internal network or host, and the public IP address refers to the globally unique IP address on the Internet.
  • Embodiments of the present application provide a message transmission method, device, server, and storage medium, which are described in detail below.
  • FIG. 1 is a schematic diagram of a scenario of a message transmission system in an embodiment of the present invention.
  • the message transmission system may include a private network device 100, a NAT translation device 200 for network address translation, and a public network device 300 .
  • the private network device 100 refers to a device located on a private network (intranet)
  • the public network device 300 refers to a device located on an external network (public network).
  • the NAT conversion device 200 is mainly used to obtain forward packets sent by the private network device 100 , perform NAT translation on the forward packets and forward them to the public network device 300 , and receive the public network device 300
  • the sent reverse packet is sent to the private network device 100 after NAT translation is performed on the reverse packet, so as to realize packet transmission between the private network device 100 and the public network device 300 .
  • the NAT function in the NAT conversion device 200 may be implemented by a NAT device such as a router or a firewall.
  • the public network device 300 After the public network device 300 receives the forward message transmitted by the NAT conversion device 200, the public network device 300 will respond accordingly according to the received forward message, so as to send a reverse direction corresponding to the forward message.
  • the packet is sent to the NAT translation device 200.
  • the NAT translation device 200 After the NAT translation device 200 performs NAT translation on the reverse packet, it forwards the translated reverse packet to the corresponding private network device according to the destination IP address of the NAT-translated reverse packet. 100.
  • the NAT device may be a router or a firewall and other devices.
  • NAT can be divided into PAT (Port Address Translation, address translation with port) and NO-PAT (Not Port Address Translation, address translation without port).
  • PAT Port Address Translation, address translation with port
  • NO-PAT Not Port Address Translation, address translation without port
  • NO-PAT mode an external network IP address can only be assigned to one internal and external IP address for translation at the same time; while in PAT mode, one external network IP address can be assigned to multiple intranet IP addresses at the same time.
  • the NAT that appears in this application refers to the PAT mode.
  • FIG. 1 is only an application scenario of the solution of the present application, and does not constitute a limitation on the application scenario of the solution of the present application.
  • Other application environments may also include other application scenarios than those shown in FIG. More private network devices 100 are shown.
  • FIG. 1 only shows that the message transmission system includes one private network device 100. It can be understood that the message transmission system may also include multiple other private network devices that can access the server. 100, which is not specifically limited here.
  • FIG. 1 the schematic diagram of the scenario of the message transmission system shown in FIG. 1 is only an example.
  • the message transmission system and the scenario described in the embodiments of the present invention are for the purpose of illustrating the technical solutions of the embodiments of the present invention more clearly, not It constitutes a limitation on the technical solutions provided by the embodiments of the present invention.
  • Those of ordinary skill in the art know that, with the evolution of the message transmission system and the emergence of new service scenarios, the technical solutions provided by the embodiments of the present invention are similar to similar technical problems. Be applicable.
  • an embodiment of the present invention provides a message transmission method.
  • the execution body of the message transmission method is the message transmission apparatus 400 and is applied to the NAT translation device 200 .
  • FIG. 2 is a schematic flowchart of a message transmission method in an embodiment of the present invention, and the message transmission method includes:
  • S102 Acquire a corresponding public network IP address and public network port according to the quintuple information of the forward packet.
  • the quintuple is a communication term
  • the quintuple information of the forward packet refers to the source IP address, source port, destination IP address, destination port and transport layer protocol of the forward packet.
  • the source IP address of the forward packet refers to the private network IP address of the private network device 100 that sends the forward packet
  • the source port refers to the private network port from which the private network device 100 sends the forward packet
  • the destination IP address is Indicates the address of the terminal to be accessed by the forward packet
  • the destination port refers to the access port of the terminal to be accessed by the forward packet
  • the transport layer protocol refers to the TCP/IP protocol suite (TCP/IP Protocol Suite, TCP/IP) or the user Datagram Protocol (User Datagram Protocol, UDP) and other communication protocols.
  • the meaning is that a private network device 100 with a source IP address of 192.168.1.1 communicates with a terminal with an IP address of 121.14.88.76 and an access port of 80 through the source port 10000 using the TCP protocol. to connect.
  • the NAT translation device 200 After receiving the forward packet, the NAT translation device 200 performs NAT translation on the source IP address and source port of the forward packet, and simultaneously establishes a forward flow table, a reverse flow table, and a forward flow table and the forward flow table.
  • the corresponding relationship of the reverse flow table so as to associate the destination IP address and destination port of the forward packet with the corresponding public network IP address and public network port.
  • the forward flow table provides the basis for the forwarding of forward packets
  • the reverse The forward flow table provides the basis for forwarding reverse packets.
  • the source IP address of the forward packet is 192.168.1.1, and the forward packet
  • the source port of the forward packet is 10000
  • the destination IP address of the forward packet is 129.88.88.88
  • the destination port of the forward packet is 50
  • the public IP address assigned to the forward packet is 61.159.62.130.
  • the public network port to which the document is allocated is 30.
  • Table 2 is the forward flow table established during NAT translation.
  • the source IP address of the forward packets is 61.159.62.130, the source port of the forward packets is 30, and the destination IP address of the forward packets is 129.88.88.88, the destination port of forward packets is 50.
  • Table 4 is a reverse flow table established during NAT translation of forward packets.
  • S104 Send the NAT-translated forward packet to the corresponding public network device 300 according to the destination IP address of the NAT-translated forward packet.
  • the destination IP address of the forward packet after NAT translation is the destination IP address of the forward packet before NAT translation
  • the NAT translation device 200 can use the destination IP address of the forward packet after NAT translation. , and send the NAT-translated forward packet to the corresponding public network device 300 .
  • S105 Receive a reverse packet sent by the corresponding public network device 300 according to the forward packet converted by NAT, obtain a corresponding reverse flow table according to the quintuple information of the reverse packet, and obtain a corresponding reverse flow table according to the corresponding reverse packet. Get the forward flow table associated with the corresponding reverse flow table from the flow table.
  • the reverse packet is a reply packet sent by the public network device 300 after receiving the forward packet sent by the private network device 100, and the source IP address of the reverse packet is the purpose of the corresponding forward packet. IP address, the source port of the reverse packet is the destination port of the corresponding forward packet, so the corresponding reverse flow table can be obtained according to the quintuple information of the reverse packet, and then the corresponding reverse flow table can be obtained.
  • the forward flow table associated with the corresponding reverse flow table is a reply packet sent by the public network device 300 after receiving the forward packet sent by the private network device 100, and the source IP address of the reverse packet is the purpose of the corresponding forward packet. IP address, the source port of the reverse packet is the destination port of the corresponding forward packet, so the corresponding reverse flow table can be obtained according to the quintuple information of the reverse packet, and then the corresponding reverse flow table can be obtained.
  • the forward flow table associated with the corresponding reverse flow table is a reply packet sent by the public network device 300 after receiving the forward packet sent by the private
  • S106 Obtain the private network IP address and private network port of the corresponding private network device 100 from the forward flow table associated with the corresponding reverse flow table, and perform NAT translation on the reverse packet to convert the reverse
  • the destination IP address of the reverse packet is converted into the private network IP address of the corresponding private network device 100
  • the destination port of the reverse packet is converted into the private network port of the corresponding private network device 100 .
  • the source IP address and source port of the corresponding forward packet are recorded in the forward flow table, and the source IP address of the forward packet is the private network of the private network device 100 that sends the forward packet.
  • IP address the source port of the forward packet is the private network port of the private network device 100 that sends the forward packet, that is, the private network IP address of the private network device 100 is the same as the source IP address of the forward packet, and the private network device 100 is the same as the source IP address of the forward packet.
  • the network port is the same as the source port of forward packets.
  • the source IP address of the reverse packet is 121.14.88.76
  • the source port of the reverse packet is 80
  • the destination IP address of the reverse packet is the public IP address, that is, 61.159.62.130.
  • the destination port of the reverse packet is the public network port, which is 30.
  • the IP address of the private network device 100 to be accessed by the reverse packet is the address of the private network device 100 that sends the forward packet, which is 192.168.1.1.
  • the port of the private network device 100 that needs to be accessed by the reverse packet is the port through which the private network device 100 sends the forward packet, that is, 1000.
  • the source IP address of the reverse packet is 121.14.88.76
  • the source port of the reverse packet is 80
  • the destination IP address of the reverse packet is 192.168.1.1
  • the destination port of the first forward packet is 1000.
  • S107 Send the NAT-translated reverse packet to the private network device 100 according to the destination IP address of the NAT-translated reverse packet.
  • the source IP address and source port of the forward packet are subjected to NAT translation during the NAT translation process, and the destination IP address and destination port of the forward packet are compared with the public network IP address and public network IP address.
  • the network ports are associated, so that the same private network device 100 can access multiple different public network devices 300 through one public network IP address and public network port, thereby reducing occupied public network IP address resources.
  • the private network device 100 is a user terminal
  • the public network device 300 is a server.
  • the user terminal is a terminal located in a private network (intranet), and the user terminal may be a general-purpose computer device or a special-purpose computer device.
  • the user terminal may be a desktop computer, a portable computer, a network server, a PDA (Personal Digital ASistant, PDA), a mobile phone, a tablet computer, a wireless terminal device, a communication device, an embedded device, etc., which is not limited in this embodiment.
  • PDA Personal Digital ASistant
  • the server is a server on an external network (public network).
  • the server may be an independent server, or a server network or server cluster composed of multiple servers.
  • the server described in the embodiment of the present invention It includes, but is not limited to, a computer, a network host, a single network server, a set of multiple network servers, or a cloud server composed of multiple servers.
  • the cloud server is composed of a large number of computers or network servers based on cloud computing.
  • FIG. 3 is a schematic flowchart of a message transmission method according to an embodiment of the present invention.
  • the message transmission method includes:
  • S201 Receive a first forward packet sent by a first user terminal.
  • the first user terminal may be any user terminal, and the first forward packet is any forward packet sent by the first user terminal.
  • first public network IP address refers to the public network IP address allocated when the first user terminal accesses the server on the external network
  • first public network port refers to the public network IP address allocated when the first user terminal accesses the server on the external network. public network port.
  • S203 Perform NAT translation on the first forward packet, so as to convert the source IP address of the first forward packet into the first public network IP address, and convert the source IP address of the first forward packet into the first public network IP address.
  • the source port is converted into the first public network port, and a first forward flow table is established according to the quintuple information of the first forward packet, and the destination IP address, destination.
  • the port and the transport layer protocol, the first public network IP address and the first public network port establish a first reverse flow table, and associate the first forward flow table with the first reverse flow table.
  • the first server is a server that needs to be accessed by the first forward packet, and the first server may be any server among many servers.
  • S205 Receive a first reverse packet sent by the first server according to the first forward packet converted by NAT, and obtain a first reverse flow table according to the quintuple information of the first reverse packet, and obtain a first forward flow table associated with the first reverse flow table according to the first reverse flow table.
  • the first reverse packet is a reply packet made by the first server according to the received first forward packet
  • the first private network IP address of the first user terminal is the same as the first forward packet.
  • the source IP addresses are the same, and the first private network port is the same as the source port of the first forward packet.
  • FIG. 4 is a schematic flowchart of a message transmission method in an embodiment of the present invention, and the message transmission method further includes:
  • S301 Receive a second forward packet sent by a first user terminal.
  • the second forward packet is any forward packet other than the first forward packet among the forward packets sent by the first user terminal.
  • the destination IP address of the second forward packet is different from the destination IP address of the first forward packet, that is, the IP address of the server that the second forward packet needs to access is different from that of the first forward packet.
  • the IP address of the accessed server is different.
  • S303 Perform NAT translation on the second forward packet, so as to convert the source IP address of the second forward packet into the first public network IP address, and convert the source IP address of the second forward packet into the first public network IP address.
  • the source port is converted into the first public network port, and a second forward flow table is established according to the quintuple information of the second forward packet, and the destination IP address and destination of the second forward packet are
  • the port and the transport layer protocol and the first public network IP address and the first public network port establish a second reverse flow table, and associate the second forward flow table with the second reverse flow table.
  • S305 Receive a second reverse packet sent by the second server according to the second forward packet converted by NAT, and obtain a second reverse flow table according to the quintuple information of the second reverse packet, and obtain a second forward flow table associated with the second reverse flow table according to the second reverse flow table.
  • the step S105 includes:
  • the message transmission method further includes:
  • the preset time is determined according to the transport layer protocol of the forward packet recorded in the reverse flow table.
  • the reverse flow table records the transport layer protocol of the reverse packet.
  • the preset time of the NAT entry of the forward packet using the TCP transport layer protocol is longer, and the UDP transport layer is used.
  • the preset time of the NAT entry of the forward packet of the protocol is relatively short, and the specific preset time can be selected according to the actual situation.
  • a message transmission apparatus 400 is further provided in the embodiment of the present invention, and the message transmission apparatus 400 is applied to a NAT conversion device 200.
  • the NAT translation device 200 may be a NAT translation device 200 in a home network system.
  • the message transmission apparatus 400 includes a receiving unit 401, a NAT unit 402 and a forwarding unit 403, wherein:
  • the receiving unit 401 is configured to receive the forward message sent by the private network device 100;
  • the NAT unit 402 is configured to obtain the corresponding public network IP address and public network port according to the quintuple information of the forward message;
  • the NAT unit 402 is further configured to perform NAT translation on the forward packet, so as to convert the source IP address of the forward packet into a corresponding public network IP address, and convert the source port of the forward packet into a corresponding public network IP address. Convert to the corresponding public network port, and establish a forward flow table according to the quintuple information of the forward message, according to the destination IP address, destination port and transport layer protocol of the forward message and the corresponding public network The IP address and the public network port establish a reverse flow table, and associate the forward flow table with the reverse flow table;
  • the forwarding unit 403 is configured to send the forward message converted by the NAT to the corresponding public network device 300 according to the destination IP address of the forward message converted by the NAT;
  • the NAT unit 402 is further configured to receive a reverse packet sent by the corresponding public network device 300 according to the forward packet converted by NAT, and obtain a corresponding reverse flow table according to the quintuple information of the reverse packet. , and obtain the forward flow table associated with the corresponding reverse flow table according to the corresponding reverse flow table;
  • the NAT unit 402 is further configured to obtain the private network IP address and private network port of the corresponding private network device 100 from the forward flow table associated with the corresponding reverse flow table, and perform NAT translation on the reverse packet. , so as to convert the destination IP address of the reverse packet into the private network IP address of the corresponding private network device 100, and convert the destination port of the reverse packet into the private network port of the corresponding private network device 100 ;
  • the forwarding unit 403 is further configured to send the NAT-translated reverse packet to the private network device 100 according to the destination IP address of the NAT-translated reverse packet.
  • the private network device 100 is a user terminal
  • the public network device 300 is a server
  • the NAT translation device 200 may be a NAT translation device 200 in a home network system.
  • the receiving unit 401 is configured to receive the first forward packet sent by the first user terminal
  • the NAT unit 402 is configured to obtain the first public network IP address and the first public network port according to the quintuple information of the first forward packet;
  • the NAT unit 402 is further configured to perform NAT translation on the first forward packet, so as to convert the source IP address of the first forward packet into the first public network IP address, and convert the first forward packet into the first public network IP address.
  • the source port of a forward packet is converted to the first public network port, and a first forward flow table is established according to the quintuple information of the first forward packet, and according to the first forward packet.
  • the destination IP address, destination port and transport layer protocol as well as the first public network IP address and the first public network port establish a first reverse flow table, and the first forward flow table and the first reverse flow table Associated;
  • the forwarding unit 403 sends the first forward message after the NAT conversion to the first server according to the destination IP address of the first forward message after the NAT conversion;
  • the NAT unit 402 is further configured to receive the first reverse packet sent by the first server according to the first forward packet converted by NAT, and obtain the first reverse packet according to the quintuple information of the first reverse packet. a reverse flow table, and obtain a first forward flow table associated with the first reverse flow table according to the first reverse flow table;
  • the NAT unit 402 is further configured to obtain the first private network IP address and the first private network port of the first user terminal from the first forward flow table, and perform NAT translation on the first reverse packet, To convert the destination IP address of the first reverse packet to the first private network IP address, and convert the destination port of the first reverse packet to the first private network port;
  • the forwarding unit 403 is further configured to send the NAT-translated first reverse packet to the first user terminal according to the first private network IP address.
  • the receiving unit 401 is configured to receive a second forward packet sent by the first user terminal, where the destination IP address of the second forward packet is the same as the destination IP address of the first forward packet. different addresses;
  • the NAT unit 402 is configured to acquire the first public network IP address and the first public network port according to the quintuple information of the second forward packet;
  • the NAT unit 402 is further configured to perform NAT translation on the second forward packet, so as to convert the source IP address of the second forward packet into the first public network IP address, and convert the second forward packet into the first public network IP address.
  • the source port of the second forward packet is converted to the first public network port, and a second forward flow table is established according to the quintuple information of the second forward packet, and according to the second forward packet.
  • the destination IP address, destination port and transport layer protocol as well as the first public network IP address and the first public network port establish a second reverse flow table, and the second forward flow table and the second reverse flow table Associated;
  • the forwarding unit 403 is used to send the second forward message after the NAT conversion to the second server according to the destination IP address of the second forward message after the NAT conversion;
  • the NAT unit 402 is further configured to receive a second reverse packet sent by the second server according to the second forward packet converted by the NAT, and obtain the first reverse packet according to the quintuple information of the second reverse packet. Two reverse flow tables, and obtain a second forward flow table associated with the second reverse flow table according to the second reverse flow table;
  • the NAT unit 402 is further configured to obtain the first private network IP address and the first private network port of the first user terminal from the second forward flow table, and perform NAT translation on the second reverse packet, To convert the destination IP address of the second reverse packet to the first private network IP address, and convert the destination port of the second reverse packet to the first private network port;
  • the forwarding unit 403 is further configured to send the NAT-translated second reverse packet to the first user terminal according to the first private network IP address.
  • the NAT unit 402 is further configured to query the reverse flow table according to the quintuple information of the reverse packet;
  • the NAT unit 402 is further configured to delete the reverse flow table that is not hit by the reverse message within the preset time, and delete the reverse flow table that is not hit by the reverse message within the preset time.
  • the forward flow table associated with the flow table is further configured to delete the reverse flow table that is not hit by the reverse message within the preset time, and delete the reverse flow table that is not hit by the reverse message within the preset time.
  • the preset time is determined according to the transport layer protocol of the forward packet recorded in the reverse flow table.
  • the embodiment of the present application also provides a computer device that integrates any NAT conversion device provided by the embodiment of the present application, and the computer device includes:
  • processors 501 one or more processors 501;
  • the one or more application programs are stored in the memory 502 and are configured to be performed by the processor 501 to execute the steps of the message transmission method described in any of the foregoing message transmission method embodiments .
  • the embodiments of the present application further provide a computer device that integrates any of the message transmission apparatuses provided by the embodiments of the present application.
  • FIG. 6 it shows a schematic structural diagram of a computer device involved in an embodiment of the present application, specifically:
  • the computer device may include a processor 501 of one or more processing cores, a memory 502 of one or more computer-readable storage media, a power supply 503 and an input unit 504 and other components.
  • a processor 501 of one or more processing cores may include a processor 501 of one or more processing cores, a memory 502 of one or more computer-readable storage media, a power supply 503 and an input unit 504 and other components.
  • FIG. 6 does not constitute a limitation to the computer device, and may include more or less components than the one shown, or combine some components, or arrange different components. in:
  • the processor 501 is the control center of the computer equipment, and uses various interfaces and lines to connect various parts of the entire computer equipment, by running or executing the software programs and/or modules stored in the memory 502, and calling the software programs stored in the memory 502. Data, perform various functions of computer equipment and process data, so as to conduct overall monitoring of computer equipment.
  • the processor 501 may include one or more processing cores; preferably, the processor 501 may integrate an application processor and a modem processor, wherein the application processor mainly processes the operating system, user interface, and application programs, etc. , the modem processor mainly deals with wireless communication. It can be understood that, the above-mentioned modulation and demodulation processor may not be integrated into the processor 501 .
  • the memory 502 can be used to store software programs and modules, and the processor 501 executes various functional applications and data processing by running the software programs and modules stored in the memory 502 .
  • the memory 502 may mainly include a stored program area and a stored data area, wherein the stored program area may store an operating system, an application program (such as a sound playback function, an image playback function, etc.) required for at least one function, and the like; Data created by the use of computer equipment, etc.
  • memory 502 may include high-speed random access memory, and may also include non-volatile memory, such as at least one magnetic disk storage device, flash memory device, or other volatile solid state storage device. Accordingly, the memory may also include a memory controller to provide access to the memory 502 by the processor 501 .
  • the computer equipment also includes a power supply 503 for supplying power to various components.
  • the power supply 503 can be logically connected to the processor 501 through a power management system, so that functions such as charging, discharging, and power consumption management are implemented through the power management system.
  • Power source 503 may also include one or more DC or AC power sources, recharging systems, power failure detection circuits, power converters or inverters, power status indicators, and any other components.
  • the computer device may also include an input unit 504 that may be used to receive input numerical or character information and generate keyboard, mouse, joystick, optical, or trackball signal input related to user settings and functional control.
  • an input unit 504 may be used to receive input numerical or character information and generate keyboard, mouse, joystick, optical, or trackball signal input related to user settings and functional control.
  • the computer device may also include a display unit and the like, which will not be described herein again.
  • the processor 501 in the computer device loads the executable files corresponding to the processes of one or more application programs into the memory 502 according to the following instructions, and the processor 501 executes them and stores them in the memory 502 .
  • NAT conversion is performed on the forward message to convert the source IP address of the forward message into a corresponding public network IP address, and the source port of the forward message is converted into a corresponding public network port, And establish a forward flow table according to the quintuple information of the forward message, and establish a reverse flow table according to the destination IP address, destination port and transport layer protocol of the forward message and the corresponding public network IP address and public network port.
  • a forward flow table associating the forward flow table with the reverse flow table;
  • the NAT-translated forward packet is sent to the corresponding public network device 300;
  • the NAT-translated reverse packet is sent to the private network device 100 according to the destination IP address of the NAT-translated reverse packet.
  • an embodiment of the present application provides a computer-readable storage medium, and the storage medium may include: a read-only memory (ROM, Read Only Memory), a random access memory (RAM, Random Access Memory), a magnetic disk or an optical disk, etc. .
  • a computer program is stored thereon, and the computer program is loaded by the processor 501 to execute the steps in any message transmission method provided by the embodiments of the present application.
  • the computer program loaded by the processor 501 may perform the following steps:
  • NAT conversion is performed on the forward message to convert the source IP address of the forward message into a corresponding public network IP address, and the source port of the forward message is converted into a corresponding public network port, And establish a forward flow table according to the quintuple information of the forward message, and establish a reverse flow table according to the destination IP address, destination port and transport layer protocol of the forward message and the corresponding public network IP address and public network port.
  • a forward flow table associating the forward flow table with the reverse flow table;
  • the NAT-translated forward packet is sent to the corresponding public network device 300;
  • the NAT-translated reverse packet is sent to the private network device 100 according to the destination IP address of the NAT-translated reverse packet.
  • the above units or structures can be implemented as independent entities, or can be arbitrarily combined to be implemented as the same or several entities.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Small-Scale Networks (AREA)

Abstract

Disclosed in the present application are a packet transmission method and apparatus, a computer device, and a storage medium, the packet transmission method comprising: on the basis of 5-tuple information of a forward packet, acquiring a corresponding public network IP address and a public network port; respectively converting the source IP address and source port of the forward packet to the corresponding public network IP address and public network port, establishing a forward flow table on the basis of the 5-tuple information of the forward packet, establishing a reverse flow table on the basis of the destination IP address, destination port, and transport layer protocol of the forward packet and the corresponding public network IP address and public network port, and associating the forward flow table and the reverse flow table; and sending the NAT translated forward packet to a corresponding public network device. By means of associating the destination IP address and destination port of a forward packet with a public network IP address and public network port during a NAT translation process, the present application enables a private network device to access multiple different public network devices by means of one public network IP address, in order to reduce the occupied public network IP address resources.

Description

报文传输方法、装置、计算机设备及存储介质Message transmission method, device, computer equipment and storage medium 技术领域technical field
本申请涉及通信技术领域,具体涉及一种报文传输方法、装置、计算机设备及存储介质。The present application relates to the field of communication technologies, and in particular, to a message transmission method, device, computer equipment and storage medium.
背景技术Background technique
随着接入因特网的计算机数量的不断猛增,公网IP地址资源也就愈加显得捉襟见肘。一般即使是拥有几百台计算机的大型局域网用户,当他们申请公网IP地址时,所分配的公网IP地址也不过只有几个或十几个。显然,这样少的公网IP地址根本无法满足网络用户的需求,于是也就产生了网络地址转换技术(Network Address Translation,NAT)。As the number of computers connected to the Internet continues to soar, public IP address resources are increasingly stretched. Generally, even for large-scale local area network users with hundreds of computers, when they apply for public network IP addresses, the allocated public network IP addresses are only a few or a dozen. Obviously, such a small number of public network IP addresses cannot meet the needs of network users at all, so the Network Address Translation (NAT) technology was born.
NAT是将数据包头中的IP地址转换为另一个IP地址的过程,目前利用NAT技术进行报文传输时,同一私网设备通过一个公网IP地址和公网端口只能对一个公网设备进行访问,私网设备需要对多个公网设备进行访问时,需要占用多个公网IP地址和公网端口,加快了公网IP地址资源的消耗。NAT is the process of converting an IP address in a data packet header to another IP address. Currently, when NAT technology is used for packet transmission, the same private network device can only communicate with one public network device through a public network IP address and public network port. When a private network device needs to access multiple public network devices, it needs to occupy multiple public network IP addresses and public network ports, which speeds up the consumption of public network IP address resources.
发明内容SUMMARY OF THE INVENTION
本申请实施例提供一种报文传输方法、装置、计算机设备及存储介质,以解决私网设备需要对多个公网设备进行访问时,需要占用多个公网IP地址和公网端口,加快了公网IP地址资源的消耗的技术问题。Embodiments of the present application provide a message transmission method, device, computer equipment, and storage medium, so as to solve the problem that when a private network device needs to access multiple public network devices, it needs to occupy multiple public network IP addresses and public network ports, thereby speeding up It solves the technical problem of the consumption of public network IP address resources.
第一方面,本申请提供一种报文传输方法,应用于NAT转换设备,所述报文传输方法包括:In a first aspect, the present application provides a message transmission method, which is applied to a NAT conversion device, and the message transmission method includes:
接收私网设备发送的正向报文;Receive forward packets sent by private network devices;
根据所述正向报文的五元组信息获取对应的公网IP地址和公网端口;Obtain the corresponding public network IP address and public network port according to the quintuple information of the forward message;
对所述正向报文进行NAT转换,以将所述正向报文的源IP地址转换为对应的公网IP地址,将所述正向报文的源端口转换为对应的公网端口,并根据所述正向报文的五元组信息建立正向流表,根据所述正向报文的目的IP地址、目的端口和传输层协议以及对应的公网IP地址和公网端口建立反向流表,将所述正向流表与所述反向流表相关联;NAT conversion is performed on the forward message to convert the source IP address of the forward message into a corresponding public network IP address, and the source port of the forward message is converted into a corresponding public network port, And establish a forward flow table according to the quintuple information of the forward message, and establish a reverse flow table according to the destination IP address, destination port and transport layer protocol of the forward message and the corresponding public network IP address and public network port. a forward flow table, associating the forward flow table with the reverse flow table;
根据NAT转换后的正向报文的目的IP地址,将NAT转换后的正向报文发送给对应的公网设备;According to the destination IP address of the NAT-translated forward packet, send the NAT-translated forward packet to the corresponding public network device;
接收对应的公网设备根据NAT转换后的正向报文发送的反向报文,根据所述反向报文的五元组信息获取对应的反向流表,并根据对应的反向流表获取与 对应的反向流表关联的正向流表;Receive the reverse packet sent by the corresponding public network device according to the forward packet converted by NAT, obtain the corresponding reverse flow table according to the quintuple information of the reverse packet, and obtain the corresponding reverse flow table according to the corresponding reverse flow table. Get the forward flow table associated with the corresponding reverse flow table;
从与对应的反向流表关联的正向流表中获取对应的私网设备的私网IP地址和私网端口,对所述反向报文进行NAT转换,以将所述反向报文的目的IP地址转换为对应的私网设备的私网IP地址,以及将所述反向报文的目的端口转换为对应的私网设备的私网端口;Obtain the private network IP address and private network port of the corresponding private network device from the forward flow table associated with the corresponding reverse flow table, and perform NAT translation on the reverse packet to convert the reverse packet Convert the destination IP address of the reverse packet into the private network IP address of the corresponding private network device, and convert the destination port of the reverse packet into the private network port of the corresponding private network device;
根据NAT转换后的反向报文的目的IP地址,将NAT转换后的反向报文发送给所述私网设备。According to the destination IP address of the reversed packet after the NAT transformation, the reversed packet after the NAT transformation is sent to the private network device.
在一些实施例中,所述私网设备为用户终端,所述公网设备为服务器。In some embodiments, the private network device is a user terminal, and the public network device is a server.
在一些实施例中,所述报文传输方法包括:In some embodiments, the message transmission method includes:
接收第一用户终端发送第一正向报文;receiving a first forward packet sent by the first user terminal;
根据所述第一正向报文的五元组信息获取第一公网IP地址和第一公网端口;Obtain the first public network IP address and the first public network port according to the quintuple information of the first forward packet;
对所述第一正向报文进行NAT转换,以将所述第一正向报文的源IP地址转换为所述第一公网IP地址,将所述第一正向报文的源端口转换为所述第一公网端口,并根据所述第一正向报文的五元组信息建立第一正向流表,根据所述第一正向报文的目的IP地址、目的端口和传输层协议以及第一公网IP地址和第一公网端口建立第一反向流表,将所述第一正向流表与所述第一反向流表相关联;Perform NAT translation on the first forward packet, so as to convert the source IP address of the first forward packet into the first public network IP address, and convert the source port of the first forward packet Convert to the first public network port, and establish a first forward flow table according to the quintuple information of the first forward packet, according to the destination IP address of the first forward packet, destination port and The transport layer protocol, the first public network IP address and the first public network port establish a first reverse flow table, and associate the first forward flow table with the first reverse flow table;
根据NAT转换后的第一正向报文的目的IP地址,将NAT转换后的第一正向报文发送给第一服务器;According to the destination IP address of the first forward packet after the NAT transformation, the first forward packet after the NAT transformation is sent to the first server;
接收所述第一服务器根据NAT转换后的第一正向报文发送的第一反向报文,根据所述第一反向报文的五元组信息获取第一反向流表,并根据第一反向流表获取与第一反向流表关联的第一正向流表;Receive a first reverse packet sent by the first server according to the first forward packet after NAT conversion, obtain a first reverse flow table according to the quintuple information of the first reverse packet, and The first reverse flow table obtains a first forward flow table associated with the first reverse flow table;
从所述第一正向流表中获取第一用户终端的第一私网IP地址和第一私网端口,对所述第一反向报文进行NAT转换,以将所述第一反向报文的目的IP地址转换为所述第一私网IP地址,以及将所述第一反向报文的目的端口转换为所述第一私网端口;Obtain the first private network IP address and first private network port of the first user terminal from the first forward flow table, and perform NAT translation on the first reverse packet, so as to convert the first reverse Converting the destination IP address of the message to the first private network IP address, and converting the destination port of the first reverse message to the first private network port;
根据所述第一私网IP地址将NAT转换后的第一反向报文发送给所述第一用户终端。Send the NAT-translated first reverse packet to the first user terminal according to the first private network IP address.
在一些实施例中,所述报文传输方法还包括:In some embodiments, the message transmission method further includes:
接收第一用户终端发送第二正向报文;receiving a second forward packet sent by the first user terminal;
根据所述第二正向报文的五元组信息获取所述第一公网IP地址和所述第一公网端口,所述第二正向报文的目的IP地址与所述第一正向报文的目的IP地址不同;The first public network IP address and the first public network port are obtained according to the quintuple information of the second forward packet, and the destination IP address of the second forward packet is the same as the first public network port. The destination IP address of the packet is different;
对所述第二正向报文进行NAT转换,以将所述第二正向报文的源IP地址转 换为所述第一公网IP地址,将所述第二正向报文的源端口转换为所述第一公网端口,并根据所述第二正向报文的五元组信息建立第二正向流表,根据所述第二正向报文的目的IP地址、目的端口和传输层协议以及第一公网IP地址和第一公网端口建立第二反向流表,将所述第二正向流表与所述第二反向流表相关联;Perform NAT translation on the second forward packet, so as to convert the source IP address of the second forward packet into the first public network IP address, and convert the source port of the second forward packet Convert to the first public network port, and establish a second forward flow table according to the quintuple information of the second forward packet, according to the destination IP address of the second forward packet, destination port and The transport layer protocol, the first public network IP address and the first public network port establish a second reverse flow table, and associate the second forward flow table with the second reverse flow table;
根据NAT转换后的第二正向报文的目的IP地址,将NAT转换后的第二正向报文发送给第二服务器;According to the destination IP address of the second forward packet after the NAT transformation, the second forward packet after the NAT transformation is sent to the second server;
接收所述第二服务器根据NAT转换后的第二正向报文发送的第二反向报文,根据所述第二反向报文的五元组信息获取第二反向流表,并根据第二反向流表获取与第二反向流表关联的第二正向流表;Receive a second reverse packet sent by the second server according to the second forward packet after NAT conversion, obtain a second reverse flow table according to the quintuple information of the second reverse packet, and obtain a second reverse flow table according to The second reverse flow table obtains a second forward flow table associated with the second reverse flow table;
从所述第二正向流表中获取第一用户终端的第一私网IP地址和第一私网端口,对所述第二反向报文进行NAT转换,以将所述第二反向报文的目的IP地址转换为所述第一私网IP地址,以及将所述第二反向报文的目的端口转换为所述第一私网端口;Obtain the first private network IP address and first private network port of the first user terminal from the second forward flow table, and perform NAT translation on the second reverse packet to convert the second reverse Converting the destination IP address of the message to the first private network IP address, and converting the destination port of the second reverse message to the first private network port;
根据所述第一私网IP地址将NAT转换后的第二反向报文发送给所述第一用户终端。Send the NAT-translated second reverse packet to the first user terminal according to the first private network IP address.
在一些实施例中,所述根据所述正向报文的五元组信息获取对应的反向流表,并根据对应的反向流表获取与对应的反向流表关联的正向流表的步骤包括:In some embodiments, the corresponding reverse flow table is obtained according to the quintuple information of the forward packet, and the forward flow table associated with the corresponding reverse flow table is obtained according to the corresponding reverse flow table The steps include:
根据所述反向报文的五元组信息查询反向流表;Query the reverse flow table according to the quintuple information of the reverse packet;
若存在被所述反向报文命中的反向流表,则根据被所述反向报文命中的反向流表,获取与被所述反向报文命中的反向流表关联的正向流表。If there is a reverse flow table hit by the reverse packet, obtain a forward flow table associated with the reverse flow table hit by the reverse packet according to the reverse flow table hit by the reverse packet to the flow table.
在一些实施例中,所述报文传输方法还包括:In some embodiments, the message transmission method further includes:
删除在预置时间内未被反向报文命中的反向流表,并删除与在预置时间内未被反向报文命中的反向流表关联的正向流表。Delete the reverse flow table that is not hit by the reverse packet within the preset time, and delete the forward flow table associated with the reverse flow table that is not hit by the reverse packet within the preset time.
在一些实施例中,所述删除所述NAT流表中在预置时间内未被正向报文命中的NAT表项的步骤包括:In some embodiments, the step of deleting the NAT entry in the NAT flow table that is not hit by the forward message within a preset time includes:
所述预置时间根据所述反向流表中记录的正向报文的传输层协议确定。The preset time is determined according to the transport layer protocol of the forward packet recorded in the reverse flow table.
第二方面,本申请还提供一种报文传输装置,应用于NAT转换设备,所述报文传输装置包括接收单元、NAT单元和转发单元,其中:In a second aspect, the present application also provides a message transmission device, which is applied to a NAT conversion device, and the message transmission device includes a receiving unit, a NAT unit and a forwarding unit, wherein:
所述接收单元用于接收私网设备发送的正向报文;The receiving unit is configured to receive the forward message sent by the private network device;
所述NAT单元用于根据所述正向报文的五元组信息获取对应的公网IP地址和公网端口;The NAT unit is used to obtain the corresponding public network IP address and public network port according to the quintuple information of the forward message;
所述NAT单元还用于对所述正向报文进行NAT转换,以将所述正向报文的源IP地址转换为对应的公网IP地址,将所述正向报文的源端口转换为对应的公网端口,并根据所述正向报文的五元组信息建立正向流表,根据所述正向报文 的目的IP地址、目的端口和传输层协议以及对应的公网IP地址和公网端口建立反向流表,将所述正向流表与所述反向流表相关联;The NAT unit is further configured to perform NAT conversion on the forward message, so as to convert the source IP address of the forward message into a corresponding public network IP address, and convert the source port of the forward message For the corresponding public network port, establish a forward flow table according to the quintuple information of the forward message, according to the destination IP address, destination port and transport layer protocol of the forward message and the corresponding public network IP The address and the public network port establish a reverse flow table, and associate the forward flow table with the reverse flow table;
所述转发单元用于根据NAT转换后的正向报文的目的IP地址,将NAT转换后的正向报文发送给对应的公网设备;The forwarding unit is used to send the forward message after the NAT conversion to the corresponding public network device according to the destination IP address of the forward message after the NAT conversion;
所述NAT单元还用于接收对应的公网设备根据NAT转换后的正向报文发送的反向报文,根据所述反向报文的五元组信息获取对应的反向流表,并根据对应的反向流表获取与对应的反向流表关联的正向流表;The NAT unit is further configured to receive a reverse message sent by the corresponding public network device according to the forward message converted by the NAT, obtain a corresponding reverse flow table according to the quintuple information of the reverse message, and Obtain the forward flow table associated with the corresponding reverse flow table according to the corresponding reverse flow table;
所述NAT单元还用于从与对应的反向流表关联的正向流表中获取对应的私网设备的私网IP地址和私网端口,对所述反向报文进行NAT转换,以将所述反向报文的目的IP地址转换为对应的私网设备的私网IP地址,以及将所述反向报文的目的端口转换为对应的私网设备的私网端口;The NAT unit is also used to obtain the private network IP address and the private network port of the corresponding private network device from the forward flow table associated with the corresponding reverse flow table, and perform NAT translation on the reverse message to obtain the corresponding private network IP address and private network port. Convert the destination IP address of the reverse packet to the private network IP address of the corresponding private network device, and convert the destination port of the reverse packet to the private network port of the corresponding private network device;
所述转发单元还用于根据NAT转换后的反向报文的目的IP地址,将NAT转换后的反向报文发送给所述私网设备。The forwarding unit is further configured to send the NAT-translated reverse packet to the private network device according to the destination IP address of the NAT-translated reverse packet.
第三方面,本申请还提供一种计算机设备,所述计算机设备包括:In a third aspect, the present application also provides a computer device, the computer device comprising:
一个或多个处理器;one or more processors;
存储器;以及memory; and
一个或多个应用程序;one or more applications;
其中所述一个或多个应用程序被存储于所述存储器中,并配置为由所述处理器执行以实现上述任一种报文传输方法。The one or more application programs are stored in the memory and configured to be executed by the processor to implement any one of the above message transmission methods.
第四方面,本申请还提供一种计算机可读存储介质,其上存储有计算机程序,所述计算机程序被处理器进行加载,以执行上述任一种报文传输方法中的步骤。In a fourth aspect, the present application further provides a computer-readable storage medium on which a computer program is stored, and the computer program is loaded by a processor to execute the steps in any of the foregoing message transmission methods.
本申请通过在NAT转换过程时对正向报文的源IP地址、源端口、目的IP地址和目的端口均做转换,从而使得同一私网设备可以通过一个公网IP地址和公网端口对多个不同的公网设备进行访问,从而可以减少占用的公网IP地址资源。In this application, the source IP address, source port, destination IP address and destination port of the forward packet are translated during the NAT translation process, so that the same private network device can use a public network IP address and a public network port to many-to-many access to different public network devices, thereby reducing the occupied public network IP address resources.
附图说明Description of drawings
为了更清楚地说明本申请实施例中的技术方案,下面将对实施例描述中所需要使用的附图作简单地介绍,显而易见地,下面描述中的附图仅仅是本申请的一些实施例,对于本领域技术人员来讲,在不付出创造性劳动的前提下,还可以根据这些附图获得其他的附图。In order to illustrate the technical solutions in the embodiments of the present application more clearly, the following briefly introduces the drawings that are used in the description of the embodiments. Obviously, the drawings in the following description are only some embodiments of the present application. For those skilled in the art, other drawings can also be obtained from these drawings without creative effort.
图1为本申请一实施方式中报文传输系统的场景示意图;FIG. 1 is a schematic diagram of a scenario of a message transmission system in an embodiment of the present application;
图2为本申请一实施方式中报文传输方法的流程示意图;2 is a schematic flowchart of a message transmission method in an embodiment of the present application;
图3为本申请一实施方式中报文传输方法的流程示意图;3 is a schematic flowchart of a message transmission method in an embodiment of the present application;
图4为本申请一实施方式中报文传输方法的流程示意图;FIG. 4 is a schematic flowchart of a message transmission method in an embodiment of the present application;
图5为本申请一实施方式中报文传输装置的结构示意图;FIG. 5 is a schematic structural diagram of a message transmission apparatus in an embodiment of the present application;
图6是本申请一实施方式中提供的计算机设备的结构示意图。FIG. 6 is a schematic structural diagram of a computer device provided in an embodiment of the present application.
附图标记:Reference number:
100、私网设备;200、NAT转换设备;300、公网设备;400、报文传输装置;401、接收单元;402、NAT单元;403、转发单元;501、处理器;502、存储器;503、电源;504、输入单元。100, private network equipment; 200, NAT conversion equipment; 300, public network equipment; 400, message transmission device; 401, receiving unit; 402, NAT unit; 403, forwarding unit; 501, processor; 502, memory; 503 , a power supply; 504, an input unit.
具体实施方式Detailed ways
下面将结合本申请实施例中的附图,对本申请实施例中的技术方案进行清楚、完整地描述,显然,所描述的实施例仅仅是本申请一部分实施例,而不是全部的实施例。基于本申请中的实施例,本领域技术人员在没有作出创造性劳动前提下所获得的所有其他实施例,都属于本申请保护的范围。The technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application. Obviously, the described embodiments are only a part of the embodiments of the present application, but not all of the embodiments. Based on the embodiments in the present application, all other embodiments obtained by those skilled in the art without creative work fall within the protection scope of the present application.
在本申请的描述中,需要理解的是,术语“中心”、“纵向”、“横向”、“长度”、“宽度”、“厚度”、“上”、“下”、“前”、“后”、“左”、“右”、“竖直”、“水平”、“顶”、“底”、“内”、“外”等指示的方位或位置关系为基于附图所示的方位或位置关系,仅是为了便于描述本申请和简化描述,而不是指示或暗示所指的装置或元件必须具有特定的方位、以特定的方位构造和操作,因此不能理解为对本申请的限制。此外,术语“第一”、“第二”仅用于描述目的,而不能理解为指示或暗示相对重要性或者隐含指明所指示的技术特征的数量。由此,限定有“第一”、“第二”的特征可以明示或者隐含地包括一个或者更多个所述特征。在本申请的描述中,“多个”的含义是两个或两个以上,除非另有明确具体的限定。In the description of this application, it should be understood that the terms "center", "longitudinal", "lateral", "length", "width", "thickness", "upper", "lower", "front", " The orientation or positional relationship indicated by "rear", "left", "right", "vertical", "horizontal", "top", "bottom", "inside", "outside", etc. is based on the orientation shown in the drawings Or the positional relationship is only for the convenience of describing the present application and simplifying the description, rather than indicating or implying that the indicated device or element must have a specific orientation, be constructed and operated in a specific orientation, and therefore should not be construed as a limitation on the present application. In addition, the terms "first" and "second" are only used for descriptive purposes, and should not be construed as indicating or implying relative importance or implying the number of indicated technical features. Thus, features defined as "first", "second" may expressly or implicitly include one or more of said features. In the description of the present application, "plurality" means two or more, unless otherwise expressly and specifically defined.
在本申请中,“示例性”一词用来表示“用作例子、例证或说明”。本申请中被描述为“示例性”的任何实施例不一定被解释为比其它实施例更优选或更具优势。为了使本领域任何技术人员能够实现和使用本申请,给出了以下描述。在以下描述中,为了解释的目的而列出了细节。应当明白的是,本领域普通技术人员可以认识到,在不使用这些特定细节的情况下也可以实现本申请。在其它实例中,不会对公知的结构和过程进行详细阐述,以避免不必要的细节使本申请的描述变得晦涩。因此,本申请并非旨在限于所示的实施例,而是与符合本申请所公开的原理和特征的最广范围相一致。In this application, the word "exemplary" is used to mean "serving as an example, illustration, or illustration." Any embodiment described in this application as "exemplary" is not necessarily to be construed as preferred or advantageous over other embodiments. The following description is presented to enable any person skilled in the art to make and use the present application. In the following description, details are set forth for the purpose of explanation. It is to be understood that one of ordinary skill in the art can realize that the present application may be practiced without the use of these specific details. In other instances, well-known structures and procedures have not been described in detail so as not to obscure the description of the present application with unnecessary detail. Therefore, this application is not intended to be limited to the embodiments shown but is to be accorded the widest scope consistent with the principles and features disclosed herein.
下面首先对本发明实施例中涉及到的一些基本概念进行介绍:The following first introduces some basic concepts involved in the embodiments of the present invention:
在实际应用中,NAT技术主要用于实现私有网络访问公共网络的功能。这种通过使用少量的公网IP地址代表较多的私网IP地址的方式,将有助于减缓 可用公网IP地址的枯竭。私网IP地址是指内部网络或主机的IP地址,公网IP地址是指在因特网上全球唯一的IP地址。In practical applications, NAT technology is mainly used to realize the function of private network accessing public network. This way of representing more private IP addresses by using a small number of public IP addresses will help to slow down the exhaustion of available public IP addresses. The private IP address refers to the IP address of the internal network or host, and the public IP address refers to the globally unique IP address on the Internet.
本申请实施例提供一种报文传输方法、装置、服务器及存储介质,以下分别进行详细说明。Embodiments of the present application provide a message transmission method, device, server, and storage medium, which are described in detail below.
如图1所示,图1为本发明一实施方式中报文传输系统的场景示意图,该报文传输系统可以包括私网设备100、用于网络地址转换的NAT转换设备200以及公网设备300。As shown in FIG. 1, FIG. 1 is a schematic diagram of a scenario of a message transmission system in an embodiment of the present invention. The message transmission system may include a private network device 100, a NAT translation device 200 for network address translation, and a public network device 300 .
需要说明的是,本申请实施例中,私网设备100是指位于私网(内网)的设备,公网设备300是指位于外网(公网)的设备。It should be noted that, in this embodiment of the present application, the private network device 100 refers to a device located on a private network (intranet), and the public network device 300 refers to a device located on an external network (public network).
本申请实施例中,NAT转换设备200主要用于获取私网设备100发送的正向报文,并对正向报文进行NAT转换后转发给公网设备300,以及用于接收公网设备300发送的反向报文,并对反向报文进行NAT转换后发送给私网设备100,以实现私网设备100与公网设备300之间的报文传输。所述NAT转换设备200中的NAT功能可以通过路由器或防火墙等NAT设备实现。In the embodiment of the present application, the NAT conversion device 200 is mainly used to obtain forward packets sent by the private network device 100 , perform NAT translation on the forward packets and forward them to the public network device 300 , and receive the public network device 300 The sent reverse packet is sent to the private network device 100 after NAT translation is performed on the reverse packet, so as to realize packet transmission between the private network device 100 and the public network device 300 . The NAT function in the NAT conversion device 200 may be implemented by a NAT device such as a router or a firewall.
可以理解的是,公网设备300接收到NAT转换设备200传送的正向报文后,公网设备300会根据接收的正向报文作出相应回应,以发送与正向报文对应的反向报文给NAT转换设备200,NAT转换设备200对反向报文进行NAT转换后,根据NAT转换后的反向报文的目的IP地址将转换后的反向报文转发至对应的私网设备100。It can be understood that, after the public network device 300 receives the forward message transmitted by the NAT conversion device 200, the public network device 300 will respond accordingly according to the received forward message, so as to send a reverse direction corresponding to the forward message. The packet is sent to the NAT translation device 200. After the NAT translation device 200 performs NAT translation on the reverse packet, it forwards the translated reverse packet to the corresponding private network device according to the destination IP address of the NAT-translated reverse packet. 100.
需要说明的是,NAT设备可以为路由器或防火墙等设备。从实现从转换模式的角度而言,NAT可分为PAT(Port Address Translation,带端口的地址转换)和NO-PAT(Not Port Address Translation,不带端口的地址转换)。其中,NO-PAT模式下,一个外网IP地址同一时间只能分给一个内外IP地址进行转换;而PAT模式下,一个外网IP地址可以同时分配给多个内网IP地址共用。本申请所出现的NAT指PAT模式。It should be noted that the NAT device may be a router or a firewall and other devices. From the perspective of translation mode, NAT can be divided into PAT (Port Address Translation, address translation with port) and NO-PAT (Not Port Address Translation, address translation without port). Among them, in NO-PAT mode, an external network IP address can only be assigned to one internal and external IP address for translation at the same time; while in PAT mode, one external network IP address can be assigned to multiple intranet IP addresses at the same time. The NAT that appears in this application refers to the PAT mode.
本领域技术人员可以理解,图1中示出的应用场景,仅仅是本申请方案的一种应用场景,并不构成对本申请方案应用场景的限定,其他的应用环境还可以包括比图1中所示更多的私网设备100,例如图1中仅示出了报文传输系统中包含一个私网设备100,可以理解的,报文传输系统还可以包括多个可访问服务器的其他私网设备100,具体此处不作限定。Those skilled in the art can understand that the application scenario shown in FIG. 1 is only an application scenario of the solution of the present application, and does not constitute a limitation on the application scenario of the solution of the present application. Other application environments may also include other application scenarios than those shown in FIG. More private network devices 100 are shown. For example, FIG. 1 only shows that the message transmission system includes one private network device 100. It can be understood that the message transmission system may also include multiple other private network devices that can access the server. 100, which is not specifically limited here.
需要说明的是,图1所示的报文传输系统的场景示意图仅仅是一个示例,本发明实施例描述的报文传输系统以及场景是为了更加清楚的说明本发明实施例的技术方案,并不构成对于本发明实施例提供的技术方案的限定,本领域普通技术人员可知,随着报文传输系统的演变和新业务场景的出现,本发明实 施例提供的技术方案对于类似的技术问题,同样适用。It should be noted that the schematic diagram of the scenario of the message transmission system shown in FIG. 1 is only an example. The message transmission system and the scenario described in the embodiments of the present invention are for the purpose of illustrating the technical solutions of the embodiments of the present invention more clearly, not It constitutes a limitation on the technical solutions provided by the embodiments of the present invention. Those of ordinary skill in the art know that, with the evolution of the message transmission system and the emergence of new service scenarios, the technical solutions provided by the embodiments of the present invention are similar to similar technical problems. Be applicable.
首先,本发明实施例中提供一种报文传输方法,该报文传输方法的执行主体为报文传输装置400,应用于NAT转换设备200。First, an embodiment of the present invention provides a message transmission method. The execution body of the message transmission method is the message transmission apparatus 400 and is applied to the NAT translation device 200 .
如图2所示,图2为本发明一实施方式中报文传输方法的流程示意图,所述报文传输方法包括:As shown in FIG. 2, FIG. 2 is a schematic flowchart of a message transmission method in an embodiment of the present invention, and the message transmission method includes:
S101、接收私网设备100发送的正向报文。S101. Receive a forward packet sent by the private network device 100.
S102、根据所述正向报文的五元组信息获取对应的公网IP地址和公网端口。S102: Acquire a corresponding public network IP address and public network port according to the quintuple information of the forward packet.
可以理解的是,五元组是通信术语,正向报文的五元组信息是指正向报文的源IP地址、源端口、目的IP地址、目的端口和传输层协议。It can be understood that the quintuple is a communication term, and the quintuple information of the forward packet refers to the source IP address, source port, destination IP address, destination port and transport layer protocol of the forward packet.
其中,正向报文的源IP地址是指发出正向报文的私网设备100的私网IP地址,源端口是指私网设备100发出正向报文的私网端口,目的IP地址是指正向报文需要访问的终端的地址,目的端口是指正向报文需要访问的终端的接入端口,传输层协议是指TCP/IP协议族(TCP/IP Protocol Suite,TCP/IP)或用户数据报协议(User Datagram Protocol,UDP)等通信协议。The source IP address of the forward packet refers to the private network IP address of the private network device 100 that sends the forward packet, the source port refers to the private network port from which the private network device 100 sends the forward packet, and the destination IP address is Indicates the address of the terminal to be accessed by the forward packet, the destination port refers to the access port of the terminal to be accessed by the forward packet, and the transport layer protocol refers to the TCP/IP protocol suite (TCP/IP Protocol Suite, TCP/IP) or the user Datagram Protocol (User Datagram Protocol, UDP) and other communication protocols.
举例说明,如表1所示,其意义是,一个源IP地址为192.168.1.1的私网设备100通过源端口10000,利用TCP协议,与IP地址为121.14.88.76,接入端口为80的终端进行连接。For example, as shown in Table 1, the meaning is that a private network device 100 with a source IP address of 192.168.1.1 communicates with a terminal with an IP address of 121.14.88.76 and an access port of 80 through the source port 10000 using the TCP protocol. to connect.
源IP地址source IP address 源端口source port 目的IP地址destination IP address 目的端口destination port 传输层协议transport layer protocol
192.168.1.1192.168.1.1 1000010000 121.14.88.76121.14.88.76 8080 TCPTCP
表1Table 1
S103、对所述正向报文进行NAT转换,以将所述正向报文的源IP地址转换为对应的公网IP地址,将所述正向报文的源端口转换为对应的公网端口,并根据所述正向报文的五元组信息建立正向流表,根据所述正向报文的目的IP地址、目的端口和传输层协议以及对应的公网IP地址和公网端口建立反向流表,将所述正向流表与所述反向流表相关联。S103. Perform NAT translation on the forward packet, so as to convert the source IP address of the forward packet into a corresponding public network IP address, and convert the source port of the forward packet into a corresponding public network port, and establish a forward flow table according to the quintuple information of the forward message, according to the destination IP address, destination port and transport layer protocol of the forward message and the corresponding public network IP address and public network port A reverse flow table is established, and the forward flow table is associated with the reverse flow table.
可以理解的是,NAT转换设备200接收到正向报文后,对正向报文的源IP地址和源端口进行NAT转换,同时建立正向流表、反向流表以及正向流表与反向流表的对应关系,从而将正向报文的目的IP地址和目的端口与对应的公网IP地址和公网端口进行关联,正向流表为正向报文的转发提供依据,反向流表为反向报文的转发提供依据。It can be understood that, after receiving the forward packet, the NAT translation device 200 performs NAT translation on the source IP address and source port of the forward packet, and simultaneously establishes a forward flow table, a reverse flow table, and a forward flow table and the forward flow table. The corresponding relationship of the reverse flow table, so as to associate the destination IP address and destination port of the forward packet with the corresponding public network IP address and public network port. The forward flow table provides the basis for the forwarding of forward packets, and the reverse The forward flow table provides the basis for forwarding reverse packets.
如表2所示,例如,私网设备100发送需要访问IP地址为121.14.88.76,接入端口为80的公网设备300,正向报文的源IP地址为192.168.1.1,正向报文的源端口为10000,正向报文的目的IP地址为129.88.88.88,正向报文的目的端口为50,而正向报文被分配到的公网IP地址为61.159.62.130,正向报文被分配到的公网 端口为30,表2为NAT转换时建立的正向流表。As shown in Table 2, for example, when the private network device 100 sends the public network device 300 whose IP address is 121.14.88.76 and the access port is 80, the source IP address of the forward packet is 192.168.1.1, and the forward packet The source port of the forward packet is 10000, the destination IP address of the forward packet is 129.88.88.88, the destination port of the forward packet is 50, and the public IP address assigned to the forward packet is 61.159.62.130. The public network port to which the document is allocated is 30. Table 2 is the forward flow table established during NAT translation.
如表3所示,对正向报文进行NAT转换后,此时正向报文的源IP地址为61.159.62.130,正向报文的源端口为30,正向报文的目的IP地址为129.88.88.88,正向报文的目的端口为50。As shown in Table 3, after NAT translation is performed on the forward packets, the source IP address of the forward packets is 61.159.62.130, the source port of the forward packets is 30, and the destination IP address of the forward packets is 129.88.88.88, the destination port of forward packets is 50.
如表4所示,表4为正向报文NAT转换时建立的反向流表。As shown in Table 4, Table 4 is a reverse flow table established during NAT translation of forward packets.
源IP地址source IP address 源端口source port 目的IP地址destination IP address 目的端口destination port 传输层协议transport layer protocol
192.168.1.1192.168.1.1 1000010000 129.88.88.88129.88.88.88 5050 TCPTCP
表2Table 2
源IP地址source IP address 源端口source port 目的IP地址destination IP address 目的端口destination port 传输层协议transport layer protocol
61.159.62.13061.159.62.130 3030 129.88.88.88129.88.88.88 5050 TCPTCP
表3table 3
公网IP地址Public IP address 公网端口public network port 目的IP地址destination IP address 目的端口destination port 传输层协议transport layer protocol
61.159.62.13061.159.62.130 3030 129.88.88.88129.88.88.88 5050 TCPTCP
表4Table 4
S104、根据NAT转换后的正向报文的目的IP地址,将NAT转换后的正向报文发送给对应的公网设备300。S104: Send the NAT-translated forward packet to the corresponding public network device 300 according to the destination IP address of the NAT-translated forward packet.
可以理解的是,NAT转换后的正向报文的目的IP地址即为NAT转换前的正向报文的目的IP地址,NAT转换设备200可以根据NAT转换后的正向报文的目的IP地址,将NAT转换后的正向报文发送给对应的公网设备300。It can be understood that the destination IP address of the forward packet after NAT translation is the destination IP address of the forward packet before NAT translation, and the NAT translation device 200 can use the destination IP address of the forward packet after NAT translation. , and send the NAT-translated forward packet to the corresponding public network device 300 .
S105、接收对应的公网设备300根据NAT转换后的正向报文发送的反向报文,根据所述反向报文的五元组信息获取对应的反向流表,并根据对应的反向流表获取与对应的反向流表关联的正向流表。S105: Receive a reverse packet sent by the corresponding public network device 300 according to the forward packet converted by NAT, obtain a corresponding reverse flow table according to the quintuple information of the reverse packet, and obtain a corresponding reverse flow table according to the corresponding reverse packet. Get the forward flow table associated with the corresponding reverse flow table from the flow table.
可以理解的是,反向报文是公网设备300接收到私网设备100发送的正向报文后发出的回复报文,反向报文的源IP地址为对应的正向报文的目的IP地址,反向报文的源端口为对应的正向报文的目的端口,因此可根据反向报文的五元组信息获取对应的反向流表,从而根据对应的反向流表获取与对应的反向流表关联的正向流表。It can be understood that the reverse packet is a reply packet sent by the public network device 300 after receiving the forward packet sent by the private network device 100, and the source IP address of the reverse packet is the purpose of the corresponding forward packet. IP address, the source port of the reverse packet is the destination port of the corresponding forward packet, so the corresponding reverse flow table can be obtained according to the quintuple information of the reverse packet, and then the corresponding reverse flow table can be obtained. The forward flow table associated with the corresponding reverse flow table.
S106、从与对应的反向流表关联的正向流表中获取对应的私网设备100的私网IP地址和私网端口,对所述反向报文进行NAT转换,以将所述反向报文的目的IP地址转换为对应的私网设备100的私网IP地址,以及将所述反向报文的目的端口转换为对应的私网设备100的私网端口。S106: Obtain the private network IP address and private network port of the corresponding private network device 100 from the forward flow table associated with the corresponding reverse flow table, and perform NAT translation on the reverse packet to convert the reverse The destination IP address of the reverse packet is converted into the private network IP address of the corresponding private network device 100 , and the destination port of the reverse packet is converted into the private network port of the corresponding private network device 100 .
需要说明的是,正向流表中记录有对应的正向报文的源IP地址和源端口,正向报文的源IP地址即为发出该正向报文的私网设备100的私网IP地址,正向报文的源端口即为发出该正向报文的私网设备100的私网端口,即私网设备100 的私网IP地址与正向报文的源IP地址相同,私网端口与正向报文的源端口相同。It should be noted that the source IP address and source port of the corresponding forward packet are recorded in the forward flow table, and the source IP address of the forward packet is the private network of the private network device 100 that sends the forward packet. IP address, the source port of the forward packet is the private network port of the private network device 100 that sends the forward packet, that is, the private network IP address of the private network device 100 is the same as the source IP address of the forward packet, and the private network device 100 is the same as the source IP address of the forward packet. The network port is the same as the source port of forward packets.
如表5所示,例如反向报文的源IP地址为121.14.88.76,反向报文的源端口为80,反向报文的目的IP地址为公网IP地址,即为61.159.62.130,反向报文的目的端口为公网端口,即为30,反向报文需要访问的私网设备100的IP地址为发出正向报文的私网设备100的地址,即为192.168.1.1,反向报文需要访问的私网设备100的端口为私网设备100发出正向报文的端口,即为1000。As shown in Table 5, for example, the source IP address of the reverse packet is 121.14.88.76, the source port of the reverse packet is 80, and the destination IP address of the reverse packet is the public IP address, that is, 61.159.62.130. The destination port of the reverse packet is the public network port, which is 30. The IP address of the private network device 100 to be accessed by the reverse packet is the address of the private network device 100 that sends the forward packet, which is 192.168.1.1. The port of the private network device 100 that needs to be accessed by the reverse packet is the port through which the private network device 100 sends the forward packet, that is, 1000.
如表6所示,对反向报文进行NAT转换后,此时反向报文的源IP地址为121.14.88.76,反向报文的源端口为80,反向报文的目的IP地址为192.168.1.1,第一正向报文的目的端口为1000。As shown in Table 6, after the reverse packet is NATed, the source IP address of the reverse packet is 121.14.88.76, the source port of the reverse packet is 80, and the destination IP address of the reverse packet is 192.168.1.1, the destination port of the first forward packet is 1000.
源IP地址source IP address 源端口source port 目的IP地址destination IP address 目的端口destination port 传输层协议transport layer protocol
121.14.88.76121.14.88.76 8080 61.159.62.13061.159.62.130 3030 TCPTCP
表5table 5
表6Table 6
源IP地址source IP address 源端口source port 目的IP地址destination IP address 目的端口destination port 传输层协议transport layer protocol
121.14.88.76121.14.88.76 8080 192.168.1.1192.168.1.1 1000010000 TCPTCP
S107、根据NAT转换后的反向报文的目的IP地址,将NAT转换后的反向报文发送给所述私网设备100。S107: Send the NAT-translated reverse packet to the private network device 100 according to the destination IP address of the NAT-translated reverse packet.
需要说明的是,本申请中通过在NAT转换过程时对正向报文的源IP地址、源端口做NAT转换,同时将正向报文的目的IP地址和目的端口与公网IP地址和公网端口相关联,从而使得同一私网设备100可以通过一个公网IP地址和公网端口对多个不同的公网设备300进行访问,从而可以减少占用的公网IP地址资源。It should be noted that in this application, the source IP address and source port of the forward packet are subjected to NAT translation during the NAT translation process, and the destination IP address and destination port of the forward packet are compared with the public network IP address and public network IP address. The network ports are associated, so that the same private network device 100 can access multiple different public network devices 300 through one public network IP address and public network port, thereby reducing occupied public network IP address resources.
在一实施方式中,所述私网设备100为用户终端,所述公网设备300为服务器。In one embodiment, the private network device 100 is a user terminal, and the public network device 300 is a server.
本申请实施例中,用户终端为位于私网(内网)的终端,用户终端可以是一个通用计算机设备或者是一个专用计算机设备。在具体实现中用户终端可以是台式机、便携式电脑、网络服务器、掌上电脑(Personal Digital ASistant,PDA)、移动手机、平板电脑、无线终端设备、通信设备、嵌入式设备等,本实施例不限定用户终端的类型。In this embodiment of the present application, the user terminal is a terminal located in a private network (intranet), and the user terminal may be a general-purpose computer device or a special-purpose computer device. In a specific implementation, the user terminal may be a desktop computer, a portable computer, a network server, a PDA (Personal Digital ASistant, PDA), a mobile phone, a tablet computer, a wireless terminal device, a communication device, an embedded device, etc., which is not limited in this embodiment. Type of user terminal.
本申请实施例中,服务器为外网(公网)的服务器,服务器可以是独立的服务器,也可以是多个服务器组成的服务器网络或服务器集群,例如,本发明实施例中所描述的服务器,其包括但不限于计算机、网络主机、单个网络服务器、多个网络服务器集或多个服务器构成的云服务器。其中,云服务器由基于云计算(Cloud Computing)的大量计算机或网络服务器构成。In the embodiment of the present application, the server is a server on an external network (public network). The server may be an independent server, or a server network or server cluster composed of multiple servers. For example, the server described in the embodiment of the present invention, It includes, but is not limited to, a computer, a network host, a single network server, a set of multiple network servers, or a cloud server composed of multiple servers. Among them, the cloud server is composed of a large number of computers or network servers based on cloud computing.
如图3所示,图3为本发明一实施方式中报文传输方法的流程示意图,所述报文传输方法包括:As shown in FIG. 3, FIG. 3 is a schematic flowchart of a message transmission method according to an embodiment of the present invention. The message transmission method includes:
S201、接收第一用户终端发送第一正向报文。S201. Receive a first forward packet sent by a first user terminal.
需要说明的是,第一用户终端可以为任一用户终端,第一正向报文为第一用户终端发送的任一正向报文。It should be noted that the first user terminal may be any user terminal, and the first forward packet is any forward packet sent by the first user terminal.
S202、根据所述第一正向报文的五元组信息获取第一公网IP地址和第一公网端口。S202. Acquire a first public network IP address and a first public network port according to the quintuple information of the first forward packet.
需要说明的是,第一公网IP地址是指第一用户终端访问外网的服务器时分配到的公网IP地址,第一公网端口是指第一用户终端访问外网的服务器时分配到的公网端口。It should be noted that the first public network IP address refers to the public network IP address allocated when the first user terminal accesses the server on the external network, and the first public network port refers to the public network IP address allocated when the first user terminal accesses the server on the external network. public network port.
S203、对所述第一正向报文进行NAT转换,以将所述第一正向报文的源IP地址转换为所述第一公网IP地址,将所述第一正向报文的源端口转换为所述第一公网端口,并根据所述第一正向报文的五元组信息建立第一正向流表,根据所述第一正向报文的目的IP地址、目的端口和传输层协议以及第一公网IP地址和第一公网端口建立第一反向流表,将所述第一正向流表与所述第一反向流表相关联。S203. Perform NAT translation on the first forward packet, so as to convert the source IP address of the first forward packet into the first public network IP address, and convert the source IP address of the first forward packet into the first public network IP address. The source port is converted into the first public network port, and a first forward flow table is established according to the quintuple information of the first forward packet, and the destination IP address, destination The port and the transport layer protocol, the first public network IP address and the first public network port establish a first reverse flow table, and associate the first forward flow table with the first reverse flow table.
S204、根据NAT转换后的第一正向报文的目的IP地址,将NAT转换后的第一正向报文发送给第一服务器。S204. Send the first forward packet after the NAT transformation to the first server according to the destination IP address of the first forward packet after the NAT transformation.
可以理解的是,第一服务器为第一正向报文需要访问的服务器,第一服务器可以为众多服务器中的任一服务器。It can be understood that the first server is a server that needs to be accessed by the first forward packet, and the first server may be any server among many servers.
S205、接收所述第一服务器根据NAT转换后的第一正向报文发送的第一反向报文,根据所述第一反向报文的五元组信息获取第一反向流表,并根据第一反向流表获取与第一反向流表关联的第一正向流表。S205. Receive a first reverse packet sent by the first server according to the first forward packet converted by NAT, and obtain a first reverse flow table according to the quintuple information of the first reverse packet, and obtain a first forward flow table associated with the first reverse flow table according to the first reverse flow table.
可以理解的是,第一反向报文为第一服务器根据接收到的第一正向报文作出的回复报文,第一用户终端的第一私网IP地址与第一正向报文的源IP地址相同,第一私网端口与第一正向报文的源端口相同。It can be understood that the first reverse packet is a reply packet made by the first server according to the received first forward packet, and the first private network IP address of the first user terminal is the same as the first forward packet. The source IP addresses are the same, and the first private network port is the same as the source port of the first forward packet.
S206、从所述第一正向流表中获取第一用户终端的第一私网IP地址和第一私网端口,对所述第一反向报文进行NAT转换,以将所述第一反向报文的目的IP地址转换为所述第一私网IP地址,以及将所述第一反向报文的目的端口转换为所述第一私网端口。S206. Obtain the first private network IP address and the first private network port of the first user terminal from the first forward flow table, and perform NAT translation on the first reverse packet to convert the first The destination IP address of the reverse packet is converted into the first private network IP address, and the destination port of the first reverse packet is converted into the first private network port.
S207、根据所述第一私网IP地址将NAT转换后的第一反向报文发送给所述第一用户终端。S207. Send the NAT-translated first reverse packet to the first user terminal according to the first private network IP address.
如图4所示,图4为本发明一实施方式中报文传输方法的流程示意图,所述报文传输方法还包括:As shown in FIG. 4, FIG. 4 is a schematic flowchart of a message transmission method in an embodiment of the present invention, and the message transmission method further includes:
S301、接收第一用户终端发送第二正向报文。S301. Receive a second forward packet sent by a first user terminal.
需要说明的是,第二正向报文为第一用户终端发送的正向报文中除第一正向报文外的任一正向报文。It should be noted that the second forward packet is any forward packet other than the first forward packet among the forward packets sent by the first user terminal.
S302、根据所述第二正向报文的五元组信息获取所述第一公网IP地址和所述第一公网端口,所述第二正向报文的目的IP地址与所述第一正向报文的目的IP地址不同。S302. Acquire the first public network IP address and the first public network port according to the quintuple information of the second forward packet, and the destination IP address of the second forward packet is the same as the first public network port. The destination IP addresses of a forward packet are different.
可以理解的是,第二正向报文的目的IP地址与第一正向报文的目的IP地址不同,即第二正向报文需要访问的服务器的IP地址与第一正向报文需要访问的服务器的IP地址不同。It can be understood that the destination IP address of the second forward packet is different from the destination IP address of the first forward packet, that is, the IP address of the server that the second forward packet needs to access is different from that of the first forward packet. The IP address of the accessed server is different.
S303、对所述第二正向报文进行NAT转换,以将所述第二正向报文的源IP地址转换为所述第一公网IP地址,将所述第二正向报文的源端口转换为所述第一公网端口,并根据所述第二正向报文的五元组信息建立第二正向流表,根据所述第二正向报文的目的IP地址、目的端口和传输层协议以及第一公网IP地址和第一公网端口建立第二反向流表,将所述第二正向流表与所述第二反向流表相关联。S303. Perform NAT translation on the second forward packet, so as to convert the source IP address of the second forward packet into the first public network IP address, and convert the source IP address of the second forward packet into the first public network IP address. The source port is converted into the first public network port, and a second forward flow table is established according to the quintuple information of the second forward packet, and the destination IP address and destination of the second forward packet are The port and the transport layer protocol and the first public network IP address and the first public network port establish a second reverse flow table, and associate the second forward flow table with the second reverse flow table.
S304、根据NAT转换后的第二正向报文的目的IP地址,将NAT转换后的第二正向报文发送给第二服务器。S304. Send the second forward packet after the NAT transformation to the second server according to the destination IP address of the second forward packet after the NAT transformation.
S305、接收所述第二服务器根据NAT转换后的第二正向报文发送的第二反向报文,根据所述第二反向报文的五元组信息获取第二反向流表,并根据第二反向流表获取与第二反向流表关联的第二正向流表。S305. Receive a second reverse packet sent by the second server according to the second forward packet converted by NAT, and obtain a second reverse flow table according to the quintuple information of the second reverse packet, and obtain a second forward flow table associated with the second reverse flow table according to the second reverse flow table.
S306、从所述第二正向流表中获取第一用户终端的第一私网IP地址和第一私网端口,对所述第二反向报文进行NAT转换,以将所述第二反向报文的目的IP地址转换为所述第一私网IP地址,以及将所述第二反向报文的目的端口转换为所述第一私网端口。S306. Obtain the first private network IP address and the first private network port of the first user terminal from the second forward flow table, and perform NAT translation on the second reverse packet to convert the second The destination IP address of the reverse packet is converted to the first private network IP address, and the destination port of the second reverse packet is converted to the first private network port.
S307、根据所述第一私网IP地址将NAT转换后的第二反向报文发送给所述第一用户终端。S307. Send the NAT-translated second reverse packet to the first user terminal according to the first private network IP address.
需要说明的是,同一用户终端发送的不同的正向报文可以通过一个公网IP地址和公网端口对不同的服务器进行访问,从而可以减少占用的公网IP地址资源。It should be noted that different forward packets sent by the same user terminal can access different servers through a public network IP address and a public network port, thereby reducing the occupied public network IP address resources.
在一实施方式中,所述步骤S105包括:In one embodiment, the step S105 includes:
根据所述反向报文的五元组信息查询反向流表;Query the reverse flow table according to the quintuple information of the reverse packet;
若存在被所述反向报文命中的反向流表,则根据被所述反向报文命中的反向流表,获取与被所述反向报文命中的反向流表关联的正向流表。If there is a reverse flow table hit by the reverse packet, obtain a forward flow table associated with the reverse flow table hit by the reverse packet according to the reverse flow table hit by the reverse packet to the flow table.
在一实施方式中,所述报文传输方法还包括:In one embodiment, the message transmission method further includes:
删除在预置时间内未被反向报文命中的反向流表,并删除与在预置时间内未被反向报文命中的反向流表关联的正向流表。Delete the reverse flow table that is not hit by the reverse packet within the preset time, and delete the forward flow table associated with the reverse flow table that is not hit by the reverse packet within the preset time.
可以理解的是,通过定时清除长期未被反向报文命中的反向流表和与长期未被反向报文命中的反向流表关联的正向流表,可以降低NAT流表的存储压力。It can be understood that by periodically clearing the reverse flow table that has not been hit by reverse packets for a long time and the forward flow table associated with the reverse flow table that has not been hit by reverse packets for a long time, the storage of the NAT flow table can be reduced. pressure.
在一实施方式中,所述预置时间根据所述反向流表中记录的正向报文的传输层协议确定。In an embodiment, the preset time is determined according to the transport layer protocol of the forward packet recorded in the reverse flow table.
需要说明的是,反向流表中记录有反向报文的传输层协议,一般而言,采用TCP传输层协议的正向报文的NAT表项的预置时间较长,采用UDP传输层协议的正向报文的NAT表项的预置时间较长短,具体的预置时间可以根据实际情况进行选择。It should be noted that the reverse flow table records the transport layer protocol of the reverse packet. Generally speaking, the preset time of the NAT entry of the forward packet using the TCP transport layer protocol is longer, and the UDP transport layer is used. The preset time of the NAT entry of the forward packet of the protocol is relatively short, and the specific preset time can be selected according to the actual situation.
为了更好实施本发明实施例中的报文传输方法,在报文传输方法的基础之上,本发明实施例中还提供一种报文传输装置400,报文传输装置400应用于NAT转换设备200。In order to better implement the message transmission method in the embodiment of the present invention, on the basis of the message transmission method, a message transmission apparatus 400 is further provided in the embodiment of the present invention, and the message transmission apparatus 400 is applied to a NAT conversion device 200.
在一实施方式中,所述NAT转换设备200可以为家庭网络系统中的NAT转换设备200。In one embodiment, the NAT translation device 200 may be a NAT translation device 200 in a home network system.
如图5所示,所述报文传输装置400包括接收单元401、NAT单元402和转发单元403,其中:As shown in FIG. 5 , the message transmission apparatus 400 includes a receiving unit 401, a NAT unit 402 and a forwarding unit 403, wherein:
所述接收单元401用于接收私网设备100发送的正向报文;The receiving unit 401 is configured to receive the forward message sent by the private network device 100;
所述NAT单元402用于根据所述正向报文的五元组信息获取对应的公网IP地址和公网端口;The NAT unit 402 is configured to obtain the corresponding public network IP address and public network port according to the quintuple information of the forward message;
所述NAT单元402还用于对所述正向报文进行NAT转换,以将所述正向报文的源IP地址转换为对应的公网IP地址,将所述正向报文的源端口转换为对应的公网端口,并根据所述正向报文的五元组信息建立正向流表,根据所述正向报文的目的IP地址、目的端口和传输层协议以及对应的公网IP地址和公网端口建立反向流表,将所述正向流表与所述反向流表相关联;The NAT unit 402 is further configured to perform NAT translation on the forward packet, so as to convert the source IP address of the forward packet into a corresponding public network IP address, and convert the source port of the forward packet into a corresponding public network IP address. Convert to the corresponding public network port, and establish a forward flow table according to the quintuple information of the forward message, according to the destination IP address, destination port and transport layer protocol of the forward message and the corresponding public network The IP address and the public network port establish a reverse flow table, and associate the forward flow table with the reverse flow table;
所述转发单元403用于根据NAT转换后的正向报文的目的IP地址,将NAT转换后的正向报文发送给对应的公网设备300;The forwarding unit 403 is configured to send the forward message converted by the NAT to the corresponding public network device 300 according to the destination IP address of the forward message converted by the NAT;
所述NAT单元402还用于接收对应的公网设备300根据NAT转换后的正向报文发送的反向报文,根据所述反向报文的五元组信息获取对应的反向流表,并根据对应的反向流表获取与对应的反向流表关联的正向流表;The NAT unit 402 is further configured to receive a reverse packet sent by the corresponding public network device 300 according to the forward packet converted by NAT, and obtain a corresponding reverse flow table according to the quintuple information of the reverse packet. , and obtain the forward flow table associated with the corresponding reverse flow table according to the corresponding reverse flow table;
所述NAT单元402还用于从与对应的反向流表关联的正向流表中获取对应的私网设备100的私网IP地址和私网端口,对所述反向报文进行NAT转换,以将所述反向报文的目的IP地址转换为对应的私网设备100的私网IP地址,以及将所述反向报文的目的端口转换为对应的私网设备100的私网端口;The NAT unit 402 is further configured to obtain the private network IP address and private network port of the corresponding private network device 100 from the forward flow table associated with the corresponding reverse flow table, and perform NAT translation on the reverse packet. , so as to convert the destination IP address of the reverse packet into the private network IP address of the corresponding private network device 100, and convert the destination port of the reverse packet into the private network port of the corresponding private network device 100 ;
所述转发单元403还用于根据NAT转换后的反向报文的目的IP地址,将NAT转换后的反向报文发送给所述私网设备100。The forwarding unit 403 is further configured to send the NAT-translated reverse packet to the private network device 100 according to the destination IP address of the NAT-translated reverse packet.
在一实施方式中,所述私网设备100为用户终端,所述公网设备300为服务器,所述NAT转换设备200可以为家庭网络系统中的NAT转换设备200。In one embodiment, the private network device 100 is a user terminal, the public network device 300 is a server, and the NAT translation device 200 may be a NAT translation device 200 in a home network system.
在一实施方式中,所述接收单元401用于接收第一用户终端发送第一正向报文;In one embodiment, the receiving unit 401 is configured to receive the first forward packet sent by the first user terminal;
所述NAT单元402用于根据所述第一正向报文的五元组信息获取第一公网IP地址和第一公网端口;The NAT unit 402 is configured to obtain the first public network IP address and the first public network port according to the quintuple information of the first forward packet;
所述NAT单元402还用于对所述第一正向报文进行NAT转换,以将所述第一正向报文的源IP地址转换为所述第一公网IP地址,将所述第一正向报文的源端口转换为所述第一公网端口,并根据所述第一正向报文的五元组信息建立第一正向流表,根据所述第一正向报文的目的IP地址、目的端口和传输层协议以及第一公网IP地址和第一公网端口建立第一反向流表,将所述第一正向流表与所述第一反向流表相关联;The NAT unit 402 is further configured to perform NAT translation on the first forward packet, so as to convert the source IP address of the first forward packet into the first public network IP address, and convert the first forward packet into the first public network IP address. The source port of a forward packet is converted to the first public network port, and a first forward flow table is established according to the quintuple information of the first forward packet, and according to the first forward packet The destination IP address, destination port and transport layer protocol as well as the first public network IP address and the first public network port establish a first reverse flow table, and the first forward flow table and the first reverse flow table Associated;
所述转发单元403根据NAT转换后的第一正向报文的目的IP地址,将NAT转换后的第一正向报文发送给第一服务器;The forwarding unit 403 sends the first forward message after the NAT conversion to the first server according to the destination IP address of the first forward message after the NAT conversion;
所述NAT单元402还用于接收所述第一服务器根据NAT转换后的第一正向报文发送的第一反向报文,根据所述第一反向报文的五元组信息获取第一反向流表,并根据第一反向流表获取与第一反向流表关联的第一正向流表;The NAT unit 402 is further configured to receive the first reverse packet sent by the first server according to the first forward packet converted by NAT, and obtain the first reverse packet according to the quintuple information of the first reverse packet. a reverse flow table, and obtain a first forward flow table associated with the first reverse flow table according to the first reverse flow table;
所述NAT单元402还用于从所述第一正向流表中获取第一用户终端的第一私网IP地址和第一私网端口,对所述第一反向报文进行NAT转换,以将所述第一反向报文的目的IP地址转换为所述第一私网IP地址,以及将所述第一反向报文的目的端口转换为所述第一私网端口;The NAT unit 402 is further configured to obtain the first private network IP address and the first private network port of the first user terminal from the first forward flow table, and perform NAT translation on the first reverse packet, To convert the destination IP address of the first reverse packet to the first private network IP address, and convert the destination port of the first reverse packet to the first private network port;
所述转发单元403还用于根据所述第一私网IP地址将NAT转换后的第一反向报文发送给所述第一用户终端。The forwarding unit 403 is further configured to send the NAT-translated first reverse packet to the first user terminal according to the first private network IP address.
在一实施方式中,所述接收单元401用于接收第一用户终端发送第二正向报文,所述第二正向报文的目的IP地址与所述第一正向报文的目的IP地址不同;In one embodiment, the receiving unit 401 is configured to receive a second forward packet sent by the first user terminal, where the destination IP address of the second forward packet is the same as the destination IP address of the first forward packet. different addresses;
所述NAT单元402用于根据所述第二正向报文的五元组信息获取所述第一公网IP地址和所述第一公网端口;The NAT unit 402 is configured to acquire the first public network IP address and the first public network port according to the quintuple information of the second forward packet;
所述NAT单元402还用于对所述第二正向报文进行NAT转换,以将所述第二正向报文的源IP地址转换为所述第一公网IP地址,将所述第二正向报文的源端口转换为所述第一公网端口,并根据所述第二正向报文的五元组信息建立第二正向流表,根据所述第二正向报文的目的IP地址、目的端口和传输层协议以及第一公网IP地址和第一公网端口建立第二反向流表,将所述第二正向流表与 所述第二反向流表相关联;The NAT unit 402 is further configured to perform NAT translation on the second forward packet, so as to convert the source IP address of the second forward packet into the first public network IP address, and convert the second forward packet into the first public network IP address. The source port of the second forward packet is converted to the first public network port, and a second forward flow table is established according to the quintuple information of the second forward packet, and according to the second forward packet The destination IP address, destination port and transport layer protocol as well as the first public network IP address and the first public network port establish a second reverse flow table, and the second forward flow table and the second reverse flow table Associated;
所述转发单元403用于根据NAT转换后的第二正向报文的目的IP地址,将NAT转换后的第二正向报文发送给第二服务器;The forwarding unit 403 is used to send the second forward message after the NAT conversion to the second server according to the destination IP address of the second forward message after the NAT conversion;
所述NAT单元402还用于接收所述第二服务器根据NAT转换后的第二正向报文发送的第二反向报文,根据所述第二反向报文的五元组信息获取第二反向流表,并根据第二反向流表获取与第二反向流表关联的第二正向流表;The NAT unit 402 is further configured to receive a second reverse packet sent by the second server according to the second forward packet converted by the NAT, and obtain the first reverse packet according to the quintuple information of the second reverse packet. Two reverse flow tables, and obtain a second forward flow table associated with the second reverse flow table according to the second reverse flow table;
所述NAT单元402还用于从所述第二正向流表中获取第一用户终端的第一私网IP地址和第一私网端口,对所述第二反向报文进行NAT转换,以将所述第二反向报文的目的IP地址转换为所述第一私网IP地址,以及将所述第二反向报文的目的端口转换为所述第一私网端口;The NAT unit 402 is further configured to obtain the first private network IP address and the first private network port of the first user terminal from the second forward flow table, and perform NAT translation on the second reverse packet, To convert the destination IP address of the second reverse packet to the first private network IP address, and convert the destination port of the second reverse packet to the first private network port;
所述转发单元403还用于根据所述第一私网IP地址将NAT转换后的第二反向报文发送给所述第一用户终端。The forwarding unit 403 is further configured to send the NAT-translated second reverse packet to the first user terminal according to the first private network IP address.
在一实施方式中,所述NAT单元402还用于根据所述反向报文的五元组信息查询反向流表;In one embodiment, the NAT unit 402 is further configured to query the reverse flow table according to the quintuple information of the reverse packet;
若存在被所述反向报文命中的反向流表,则根据被所述反向报文命中的反向流表,获取与被所述反向报文命中的反向流表关联的正向流表。If there is a reverse flow table hit by the reverse packet, obtain a forward flow table associated with the reverse flow table hit by the reverse packet according to the reverse flow table hit by the reverse packet to the flow table.
在一实施方式中,所述NAT单元402还用于删除在预置时间内未被反向报文命中的反向流表,并删除与在预置时间内未被反向报文命中的反向流表关联的正向流表。In one embodiment, the NAT unit 402 is further configured to delete the reverse flow table that is not hit by the reverse message within the preset time, and delete the reverse flow table that is not hit by the reverse message within the preset time. The forward flow table associated with the flow table.
其中,所述预置时间根据所述反向流表中记录的正向报文的传输层协议确定。The preset time is determined according to the transport layer protocol of the forward packet recorded in the reverse flow table.
本申请实施例还提供一种计算机设备,其集成了本申请实施例所提供的任一种NAT转换装置,所述计算机设备包括:The embodiment of the present application also provides a computer device that integrates any NAT conversion device provided by the embodiment of the present application, and the computer device includes:
一个或多个处理器501;one or more processors 501;
存储器502;以及 memory 502; and
一个或多个应用程序;one or more applications;
其中所述一个或多个应用程序被存储于所述存储器502中,并配置为由所述处理器501执行上述报文传输方法实施例中任一实施例中所述的报文传输方法的步骤。The one or more application programs are stored in the memory 502 and are configured to be performed by the processor 501 to execute the steps of the message transmission method described in any of the foregoing message transmission method embodiments .
本申请实施例还提供一种计算机设备,其集成了本申请实施例所提供的任一种报文传输装置。如图6所示,其示出了本申请实施例所涉及的计算机设备的结构示意图,具体来讲:The embodiments of the present application further provide a computer device that integrates any of the message transmission apparatuses provided by the embodiments of the present application. As shown in FIG. 6 , it shows a schematic structural diagram of a computer device involved in an embodiment of the present application, specifically:
该计算机设备可以包括一个或者一个以上处理核心的处理器501、一个或一个以上计算机可读存储介质的存储器502、电源503和输入单元504等部件。 本领域技术人员可以理解,图6中示出的计算机设备结构并不构成对计算机设备的限定,可以包括比图示更多或更少的部件,或者组合某些部件,或者不同的部件布置。其中:The computer device may include a processor 501 of one or more processing cores, a memory 502 of one or more computer-readable storage media, a power supply 503 and an input unit 504 and other components. Those skilled in the art can understand that the computer device structure shown in FIG. 6 does not constitute a limitation to the computer device, and may include more or less components than the one shown, or combine some components, or arrange different components. in:
处理器501是该计算机设备的控制中心,利用各种接口和线路连接整个计算机设备的各个部分,通过运行或执行存储在存储器502内的软件程序和/或模块,以及调用存储在存储器502内的数据,执行计算机设备的各种功能和处理数据,从而对计算机设备进行整体监控。The processor 501 is the control center of the computer equipment, and uses various interfaces and lines to connect various parts of the entire computer equipment, by running or executing the software programs and/or modules stored in the memory 502, and calling the software programs stored in the memory 502. Data, perform various functions of computer equipment and process data, so as to conduct overall monitoring of computer equipment.
可选的,处理器501可包括一个或多个处理核心;优选的,处理器501可集成应用处理器和调制解调处理器,其中,应用处理器主要处理操作系统、用户界面和应用程序等,调制解调处理器主要处理无线通信。可以理解的是,上述调制解调处理器也可以不集成到处理器501中。Optionally, the processor 501 may include one or more processing cores; preferably, the processor 501 may integrate an application processor and a modem processor, wherein the application processor mainly processes the operating system, user interface, and application programs, etc. , the modem processor mainly deals with wireless communication. It can be understood that, the above-mentioned modulation and demodulation processor may not be integrated into the processor 501 .
存储器502可用于存储软件程序以及模块,处理器501通过运行存储在存储器502的软件程序以及模块,从而执行各种功能应用以及数据处理。存储器502可主要包括存储程序区和存储数据区,其中,存储程序区可存储操作系统、至少一个功能所需的应用程序(比如声音播放功能、图像播放功能等)等;存储数据区可存储根据计算机设备的使用所创建的数据等。此外,存储器502可以包括高速随机存取存储器,还可以包括非易失性存储器,例如至少一个磁盘存储器件、闪存器件、或其他易失性固态存储器件。相应地,存储器还可以包括存储器控制器,以提供处理器501对存储器502的访问。The memory 502 can be used to store software programs and modules, and the processor 501 executes various functional applications and data processing by running the software programs and modules stored in the memory 502 . The memory 502 may mainly include a stored program area and a stored data area, wherein the stored program area may store an operating system, an application program (such as a sound playback function, an image playback function, etc.) required for at least one function, and the like; Data created by the use of computer equipment, etc. Additionally, memory 502 may include high-speed random access memory, and may also include non-volatile memory, such as at least one magnetic disk storage device, flash memory device, or other volatile solid state storage device. Accordingly, the memory may also include a memory controller to provide access to the memory 502 by the processor 501 .
计算机设备还包括给各个部件供电的电源503,优选的,电源503可以通过电源管理系统与处理器501逻辑相连,从而通过电源管理系统实现管理充电、放电、以及功耗管理等功能。电源503还可以包括一个或一个以上的直流或交流电源、再充电系统、电源故障检测电路、电源转换器或者逆变器、电源状态指示器等任意组件。The computer equipment also includes a power supply 503 for supplying power to various components. Preferably, the power supply 503 can be logically connected to the processor 501 through a power management system, so that functions such as charging, discharging, and power consumption management are implemented through the power management system. Power source 503 may also include one or more DC or AC power sources, recharging systems, power failure detection circuits, power converters or inverters, power status indicators, and any other components.
该计算机设备还可包括输入单元504,该输入单元504可用于接收输入的数字或字符信息,以及产生与用户设置以及功能控制有关的键盘、鼠标、操作杆、光学或者轨迹球信号输入。The computer device may also include an input unit 504 that may be used to receive input numerical or character information and generate keyboard, mouse, joystick, optical, or trackball signal input related to user settings and functional control.
尽管未示出,计算机设备还可以包括显示单元等,在此不再赘述。具体在本实施例中,计算机设备中的处理器501会按照如下的指令,将一个或一个以上的应用程序的进程对应的可执行文件加载到存储器502中,并由处理器501来运行存储在存储器502中的应用程序,从而实现各种功能,如下:Although not shown, the computer device may also include a display unit and the like, which will not be described herein again. Specifically, in this embodiment, the processor 501 in the computer device loads the executable files corresponding to the processes of one or more application programs into the memory 502 according to the following instructions, and the processor 501 executes them and stores them in the memory 502 . The application program in the memory 502, thereby realizing various functions, as follows:
接收私网设备100发送的正向报文;Receive the forward message sent by the private network device 100;
根据所述正向报文的五元组信息获取对应的公网IP地址和公网端口;Obtain the corresponding public network IP address and public network port according to the quintuple information of the forward message;
对所述正向报文进行NAT转换,以将所述正向报文的源IP地址转换为对应 的公网IP地址,将所述正向报文的源端口转换为对应的公网端口,并根据所述正向报文的五元组信息建立正向流表,根据所述正向报文的目的IP地址、目的端口和传输层协议以及对应的公网IP地址和公网端口建立反向流表,将所述正向流表与所述反向流表相关联;NAT conversion is performed on the forward message to convert the source IP address of the forward message into a corresponding public network IP address, and the source port of the forward message is converted into a corresponding public network port, And establish a forward flow table according to the quintuple information of the forward message, and establish a reverse flow table according to the destination IP address, destination port and transport layer protocol of the forward message and the corresponding public network IP address and public network port. a forward flow table, associating the forward flow table with the reverse flow table;
根据NAT转换后的正向报文的目的IP地址,将NAT转换后的正向报文发送给对应的公网设备300;According to the destination IP address of the NAT-translated forward packet, the NAT-translated forward packet is sent to the corresponding public network device 300;
接收对应的公网设备300根据NAT转换后的正向报文发送的反向报文,根据所述反向报文的五元组信息获取对应的反向流表,并根据对应的反向流表获取与对应的反向流表关联的正向流表;Receive a reverse packet sent by the corresponding public network device 300 according to the forward packet converted by the NAT, obtain a corresponding reverse flow table according to the quintuple information of the reverse packet, and obtain a corresponding reverse flow table according to the corresponding reverse flow table obtains the forward flow table associated with the corresponding reverse flow table;
从与对应的反向流表关联的正向流表中获取对应的私网设备100的私网IP地址和私网端口,对所述反向报文进行NAT转换,以将所述反向报文的目的IP地址转换为对应的私网设备100的私网IP地址,以及将所述反向报文的目的端口转换为对应的私网设备100的私网端口;Obtain the private network IP address and private network port of the corresponding private network device 100 from the forward flow table associated with the corresponding reverse flow table, and perform NAT translation on the reverse packet to convert the reverse packet The destination IP address of the message is converted into the private network IP address of the corresponding private network device 100, and the destination port of the reverse message is converted into the private network port of the corresponding private network device 100;
根据NAT转换后的反向报文的目的IP地址,将NAT转换后的反向报文发送给所述私网设备100。The NAT-translated reverse packet is sent to the private network device 100 according to the destination IP address of the NAT-translated reverse packet.
本领域普通技术人员可以理解,上述实施例的各种方法中的全部或部分步骤可以通过指令来完成,或通过指令控制相关的硬件来完成,该指令可以存储于一计算机可读存储介质中,并由处理器501进行加载和执行。Those of ordinary skill in the art can understand that all or part of the steps in the various methods of the above embodiments can be completed by instructions, or completed by instructions that control relevant hardware, and the instructions can be stored in a computer-readable storage medium, It is loaded and executed by the processor 501 .
为此,本申请实施例提供一种计算机可读存储介质,该存储介质可以包括:只读存储器(ROM,Read Only Memory)、随机存取记忆体(RAM,Random AcceS Memory)、磁盘或光盘等。其上存储有计算机程序,所述计算机程序被处理器501进行加载,以执行本申请实施例所提供的任一种报文传输方法中的步骤。例如,所述计算机程序被处理器501进行加载可以执行如下步骤:To this end, an embodiment of the present application provides a computer-readable storage medium, and the storage medium may include: a read-only memory (ROM, Read Only Memory), a random access memory (RAM, Random Access Memory), a magnetic disk or an optical disk, etc. . A computer program is stored thereon, and the computer program is loaded by the processor 501 to execute the steps in any message transmission method provided by the embodiments of the present application. For example, the computer program loaded by the processor 501 may perform the following steps:
接收私网设备100发送的正向报文;Receive the forward message sent by the private network device 100;
根据所述正向报文的五元组信息获取对应的公网IP地址和公网端口;Obtain the corresponding public network IP address and public network port according to the quintuple information of the forward message;
对所述正向报文进行NAT转换,以将所述正向报文的源IP地址转换为对应的公网IP地址,将所述正向报文的源端口转换为对应的公网端口,并根据所述正向报文的五元组信息建立正向流表,根据所述正向报文的目的IP地址、目的端口和传输层协议以及对应的公网IP地址和公网端口建立反向流表,将所述正向流表与所述反向流表相关联;NAT conversion is performed on the forward message to convert the source IP address of the forward message into a corresponding public network IP address, and the source port of the forward message is converted into a corresponding public network port, And establish a forward flow table according to the quintuple information of the forward message, and establish a reverse flow table according to the destination IP address, destination port and transport layer protocol of the forward message and the corresponding public network IP address and public network port. a forward flow table, associating the forward flow table with the reverse flow table;
根据NAT转换后的正向报文的目的IP地址,将NAT转换后的正向报文发送给对应的公网设备300;According to the destination IP address of the NAT-translated forward packet, the NAT-translated forward packet is sent to the corresponding public network device 300;
接收对应的公网设备300根据NAT转换后的正向报文发送的反向报文,根据所述反向报文的五元组信息获取对应的反向流表,并根据对应的反向流表获 取与对应的反向流表关联的正向流表;Receive the reverse packet sent by the corresponding public network device 300 according to the forward packet converted by the NAT, obtain the corresponding reverse flow table according to the quintuple information of the reverse packet, and obtain the corresponding reverse flow table according to the corresponding reverse flow table obtains the forward flow table associated with the corresponding reverse flow table;
从与对应的反向流表关联的正向流表中获取对应的私网设备100的私网IP地址和私网端口,对所述反向报文进行NAT转换,以将所述反向报文的目的IP地址转换为对应的私网设备100的私网IP地址,以及将所述反向报文的目的端口转换为对应的私网设备100的私网端口;Obtain the private network IP address and private network port of the corresponding private network device 100 from the forward flow table associated with the corresponding reverse flow table, and perform NAT translation on the reverse packet to convert the reverse packet The destination IP address of the message is converted into the private network IP address of the corresponding private network device 100, and the destination port of the reverse message is converted into the private network port of the corresponding private network device 100;
根据NAT转换后的反向报文的目的IP地址,将NAT转换后的反向报文发送给所述私网设备100。The NAT-translated reverse packet is sent to the private network device 100 according to the destination IP address of the NAT-translated reverse packet.
在上述实施例中,对各个实施例的描述都各有侧重,某个实施例中没有详述的部分,可以参见上文针对其他实施例的详细描述,此处不再赘述。In the above-mentioned embodiments, the description of each embodiment has its own emphasis. For parts that are not described in detail in a certain embodiment, reference may be made to the above detailed description of other embodiments, and details are not repeated here.
具体实施时,以上各个单元或结构可以作为独立的实体来实现,也可以进行任意组合,作为同一或若干个实体来实现,以上各个单元或结构的具体实施可参见前面的方法实施例,在此不再赘述。During specific implementation, the above units or structures can be implemented as independent entities, or can be arbitrarily combined to be implemented as the same or several entities. For the specific implementation of the above units or structures, reference may be made to the foregoing method embodiments. No longer.
以上各个操作的具体实施可参见前面的实施例,在此不再赘述。For the specific implementation of the above operations, reference may be made to the foregoing embodiments, and details are not described herein again.
以上对本申请实施例进行了详细介绍,本文中应用了具体个例对本申请的原理及实施方式进行了阐述,以上实施例的说明只是用于帮助理解本申请的方法及其核心思想;同时,对于本领域的技术人员,依据本申请的思想,在具体实施方式及应用范围上均会有改变之处,综上所述,本说明书内容不应理解为对本申请的限制。The embodiments of the present application are described in detail above, and specific examples are used in this paper to illustrate the principles and implementations of the present application. The descriptions of the above embodiments are only used to help understand the methods and core ideas of the present application; at the same time, for Those skilled in the art, based on the idea of the present application, may have changes in the specific implementation manner and application scope. In conclusion, the contents of this specification should not be construed as a limitation on the present application.

Claims (10)

  1. 一种报文传输方法,其特征在于,应用于NAT转换设备,所述报文传输方法包括:A message transmission method, characterized in that, applied to a NAT conversion device, the message transmission method comprising:
    接收私网设备发送的正向报文;Receive forward packets sent by private network devices;
    根据所述正向报文的五元组信息获取对应的公网IP地址和公网端口;Obtain the corresponding public network IP address and public network port according to the quintuple information of the forward message;
    对所述正向报文进行NAT转换,以将所述正向报文的源IP地址转换为对应的公网IP地址,将所述正向报文的源端口转换为对应的公网端口,并根据所述正向报文的五元组信息建立正向流表,根据所述正向报文的目的IP地址、目的端口和传输层协议以及对应的公网IP地址和公网端口建立反向流表,将所述正向流表与所述反向流表相关联;NAT conversion is performed on the forward message to convert the source IP address of the forward message into a corresponding public network IP address, and the source port of the forward message is converted into a corresponding public network port, And establish a forward flow table according to the quintuple information of the forward message, and establish a reverse flow table according to the destination IP address, destination port and transport layer protocol of the forward message and the corresponding public network IP address and public network port. a forward flow table, associating the forward flow table with the reverse flow table;
    根据NAT转换后的正向报文的目的IP地址,将NAT转换后的正向报文发送给对应的公网设备;According to the destination IP address of the NAT-translated forward packet, send the NAT-translated forward packet to the corresponding public network device;
    接收对应的公网设备根据NAT转换后的正向报文发送的反向报文,根据所述反向报文的五元组信息获取对应的反向流表,并根据对应的反向流表获取与对应的反向流表关联的正向流表;Receive the reverse packet sent by the corresponding public network device according to the forward packet converted by NAT, obtain the corresponding reverse flow table according to the quintuple information of the reverse packet, and obtain the corresponding reverse flow table according to the corresponding reverse flow table. Get the forward flow table associated with the corresponding reverse flow table;
    从与对应的反向流表关联的正向流表中获取对应的私网设备的私网IP地址和私网端口,对所述反向报文进行NAT转换,以将所述反向报文的目的IP地址转换为对应的私网设备的私网IP地址,以及将所述反向报文的目的端口转换为对应的私网设备的私网端口;Obtain the private network IP address and private network port of the corresponding private network device from the forward flow table associated with the corresponding reverse flow table, and perform NAT translation on the reverse packet to convert the reverse packet Convert the destination IP address of the reverse packet into the private network IP address of the corresponding private network device, and convert the destination port of the reverse packet into the private network port of the corresponding private network device;
    根据NAT转换后的反向报文的目的IP地址,将NAT转换后的反向报文发送给所述私网设备。According to the destination IP address of the reversed packet after the NAT transformation, the reversed packet after the NAT transformation is sent to the private network device.
  2. 根据权利要求1所述的报文传输方法,其特征在于,所述私网设备为用户终端,所述公网设备为服务器。The message transmission method according to claim 1, wherein the private network device is a user terminal, and the public network device is a server.
  3. 根据权利要求2所述的报文传输方法,其特征在于,所述报文传输方法包括:The message transmission method according to claim 2, wherein the message transmission method comprises:
    接收第一用户终端发送第一正向报文;receiving a first forward packet sent by the first user terminal;
    根据所述第一正向报文的五元组信息获取第一公网IP地址和第一公网端口;Obtain the first public network IP address and the first public network port according to the quintuple information of the first forward packet;
    对所述第一正向报文进行NAT转换,以将所述第一正向报文的源IP地址转换为所述第一公网IP地址,将所述第一正向报文的源端口转换为所述第一公网端口,并根据所述第一正向报文的五元组信息建立第一正向流表,根据所述第一正向报文的目的IP地址、目的端口和传输层协议以及第一公网IP地址和第一公网端口建立第一反向流表,将所述第一正向流表与所述第一反向流表相关联;Perform NAT translation on the first forward packet, so as to convert the source IP address of the first forward packet into the first public network IP address, and convert the source port of the first forward packet Convert to the first public network port, and establish a first forward flow table according to the quintuple information of the first forward packet, according to the destination IP address of the first forward packet, destination port and The transport layer protocol, the first public network IP address and the first public network port establish a first reverse flow table, and associate the first forward flow table with the first reverse flow table;
    根据NAT转换后的第一正向报文的目的IP地址,将NAT转换后的第一正向报文发送给第一服务器;According to the destination IP address of the first forward packet after the NAT transformation, the first forward packet after the NAT transformation is sent to the first server;
    接收所述第一服务器根据NAT转换后的第一正向报文发送的第一反向报文,根据所述第一反向报文的五元组信息获取第一反向流表,并根据第一反向流表获取与第一反向流表关联的第一正向流表;Receive a first reverse packet sent by the first server according to the first forward packet after NAT conversion, obtain a first reverse flow table according to the quintuple information of the first reverse packet, and The first reverse flow table obtains a first forward flow table associated with the first reverse flow table;
    从所述第一正向流表中获取第一用户终端的第一私网IP地址和第一私网端口,对所述第一反向报文进行NAT转换,以将所述第一反向报文的目的IP地址转换为所述第一私网IP地址,以及将所述第一反向报文的目的端口转换为所述第一私网端口;Obtain the first private network IP address and first private network port of the first user terminal from the first forward flow table, and perform NAT translation on the first reverse packet, so as to convert the first reverse Converting the destination IP address of the message to the first private network IP address, and converting the destination port of the first reverse message to the first private network port;
    根据所述第一私网IP地址将NAT转换后的第一反向报文发送给所述第一用户终端。Send the NAT-translated first reverse packet to the first user terminal according to the first private network IP address.
  4. 根据权利要求3所述的报文传输方法,其特征在于,所述报文传输方法还包括:The message transmission method according to claim 3, wherein the message transmission method further comprises:
    接收第一用户终端发送第二正向报文;receiving a second forward packet sent by the first user terminal;
    根据所述第二正向报文的五元组信息获取所述第一公网IP地址和所述第一公网端口,所述第二正向报文的目的IP地址与所述第一正向报文的目的IP地址不同;The first public network IP address and the first public network port are obtained according to the quintuple information of the second forward packet, and the destination IP address of the second forward packet is the same as the first public network port. The destination IP address of the packet is different;
    对所述第二正向报文进行NAT转换,以将所述第二正向报文的源IP地址转换为所述第一公网IP地址,将所述第二正向报文的源端口转换为所述第一公网端口,并根据所述第二正向报文的五元组信息建立第二正向流表,根据所述第二正向报文的目的IP地址、目的端口和传输层协议以及第一公网IP地址和第一公网端口建立第二反向流表,将所述第二正向流表与所述第二反向流表相关联;Perform NAT translation on the second forward packet, so as to convert the source IP address of the second forward packet into the first public network IP address, and convert the source port of the second forward packet Convert to the first public network port, and establish a second forward flow table according to the quintuple information of the second forward packet, according to the destination IP address of the second forward packet, destination port and The transport layer protocol, the first public network IP address and the first public network port establish a second reverse flow table, and associate the second forward flow table with the second reverse flow table;
    根据NAT转换后的第二正向报文的目的IP地址,将NAT转换后的第二正向报文发送给第二服务器;According to the destination IP address of the second forward packet after the NAT transformation, the second forward packet after the NAT transformation is sent to the second server;
    接收所述第二服务器根据NAT转换后的第二正向报文发送的第二反向报文,根据所述第二反向报文的五元组信息获取第二反向流表,并根据第二反向流表获取与第二反向流表关联的第二正向流表;Receive a second reverse packet sent by the second server according to the second forward packet after NAT conversion, obtain a second reverse flow table according to the quintuple information of the second reverse packet, and obtain a second reverse flow table according to The second reverse flow table obtains a second forward flow table associated with the second reverse flow table;
    从所述第二正向流表中获取第一用户终端的第一私网IP地址和第一私网端口,对所述第二反向报文进行NAT转换,以将所述第二反向报文的目的IP地址转换为所述第一私网IP地址,以及将所述第二反向报文的目的端口转换为所述第一私网端口;Obtain the first private network IP address and first private network port of the first user terminal from the second forward flow table, and perform NAT translation on the second reverse packet to convert the second reverse Converting the destination IP address of the message to the first private network IP address, and converting the destination port of the second reverse message to the first private network port;
    根据所述第一私网IP地址将NAT转换后的第二反向报文发送给所述第一用户终端。Send the NAT-translated second reverse packet to the first user terminal according to the first private network IP address.
  5. 根据权利要求1至4中任一项所述的报文传输方法,其特征在于,所述根据所述正向报文的五元组信息获取对应的反向流表,并根据对应的反向流表获取与对应的反向流表关联的正向流表的步骤包括:The message transmission method according to any one of claims 1 to 4, wherein the corresponding reverse flow table is obtained according to the quintuple information of the forward message, and the corresponding reverse flow table is obtained according to the quintuple information of the forward message. The step of obtaining the forward flow table associated with the corresponding reverse flow table by the flow table includes:
    根据所述反向报文的五元组信息查询反向流表;Query the reverse flow table according to the quintuple information of the reverse packet;
    若存在被所述反向报文命中的反向流表,则根据被所述反向报文命中的反向流表,获取与被所述反向报文命中的反向流表关联的正向流表。If there is a reverse flow table hit by the reverse packet, obtain a forward flow table associated with the reverse flow table hit by the reverse packet according to the reverse flow table hit by the reverse packet to the flow table.
  6. 根据权利要求5所述的报文传输方法,其特征在于,所述报文传输方法还包括:The message transmission method according to claim 5, wherein the message transmission method further comprises:
    删除在预置时间内未被反向报文命中的反向流表,并删除与在预置时间内未被反向报文命中的反向流表关联的正向流表。Delete the reverse flow table that is not hit by the reverse packet within the preset time, and delete the forward flow table associated with the reverse flow table that is not hit by the reverse packet within the preset time.
  7. 根据权利要求6所述的报文传输方法,其特征在于,The message transmission method according to claim 6, wherein,
    所述预置时间根据所述反向流表中记录的正向报文的传输层协议确定。The preset time is determined according to the transport layer protocol of the forward packet recorded in the reverse flow table.
  8. 一种报文传输装置,其特征在于,应用于NAT转换设备,所述报文传输装置包括接收单元、NAT单元和转发单元,其中:A message transmission device, characterized in that, applied to a NAT conversion device, the message transmission device comprising a receiving unit, a NAT unit and a forwarding unit, wherein:
    所述接收单元用于接收私网设备发送的正向报文;The receiving unit is configured to receive the forward message sent by the private network device;
    所述NAT单元用于根据所述正向报文的五元组信息获取对应的公网IP地址和公网端口;The NAT unit is used to obtain the corresponding public network IP address and public network port according to the quintuple information of the forward message;
    所述NAT单元还用于对所述正向报文进行NAT转换,以将所述正向报文的源IP地址转换为对应的公网IP地址,将所述正向报文的源端口转换为对应的公网端口,并根据所述正向报文的五元组信息建立正向流表,根据所述正向报文的目的IP地址、目的端口和传输层协议以及对应的公网IP地址和公网端口建立反向流表,将所述正向流表与所述反向流表相关联;The NAT unit is further configured to perform NAT conversion on the forward message, so as to convert the source IP address of the forward message into a corresponding public network IP address, and convert the source port of the forward message For the corresponding public network port, establish a forward flow table according to the quintuple information of the forward message, according to the destination IP address, destination port and transport layer protocol of the forward message and the corresponding public network IP The address and the public network port establish a reverse flow table, and associate the forward flow table with the reverse flow table;
    所述转发单元用于根据NAT转换后的正向报文的目的IP地址,将NAT转换后的正向报文发送给对应的公网设备;The forwarding unit is used to send the forward message after the NAT conversion to the corresponding public network device according to the destination IP address of the forward message after the NAT conversion;
    所述NAT单元还用于接收对应的公网设备根据NAT转换后的正向报文发送的反向报文,根据所述反向报文的五元组信息获取对应的反向流表,并根据对应的反向流表获取与对应的反向流表关联的正向流表;The NAT unit is further configured to receive a reverse message sent by the corresponding public network device according to the forward message converted by the NAT, obtain a corresponding reverse flow table according to the quintuple information of the reverse message, and Obtain the forward flow table associated with the corresponding reverse flow table according to the corresponding reverse flow table;
    所述NAT单元还用于从与对应的反向流表关联的正向流表中获取对应的私网设备的私网IP地址和私网端口,对所述反向报文进行NAT转换,以将所述反向报文的目的IP地址转换为对应的私网设备的私网IP地址,以及将所述反向报文的目的端口转换为对应的私网设备的私网端口;The NAT unit is also used to obtain the private network IP address and the private network port of the corresponding private network device from the forward flow table associated with the corresponding reverse flow table, and perform NAT translation on the reverse message to obtain the corresponding private network IP address and private network port. Convert the destination IP address of the reverse packet to the private network IP address of the corresponding private network device, and convert the destination port of the reverse packet to the private network port of the corresponding private network device;
    所述转发单元还用于根据NAT转换后的反向报文的目的IP地址,将NAT转换后的反向报文发送给所述私网设备。The forwarding unit is further configured to send the NAT-translated reverse packet to the private network device according to the destination IP address of the NAT-translated reverse packet.
  9. 一种计算机设备,其特征在于,所述计算机设备包括:A computer device, characterized in that the computer device comprises:
    一个或多个处理器;one or more processors;
    存储器;以及memory; and
    一个或多个应用程序,其中所述一个或多个应用程序被存储于所述存储器中,并配置为由所述处理器执行以实现权利要求1至7中任一项所述的报文传输方法。one or more application programs, wherein the one or more application programs are stored in the memory and configured to be executed by the processor to implement the messaging of any one of claims 1 to 7 method.
  10. 一种计算机可读存储介质,其特征在于,其上存储有计算机程序,所述计算机程序被处理器进行加载,以执行权利要求1至7任一项所述的报文传输方法中的步骤。A computer-readable storage medium, characterized in that a computer program is stored thereon, and the computer program is loaded by a processor to execute the steps in the message transmission method according to any one of claims 1 to 7.
PCT/CN2021/131445 2020-12-01 2021-11-18 Packet transmission method and apparatus, computer device, and storage medium WO2022116848A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN202011381713.9A CN112333298B (en) 2020-12-01 2020-12-01 Message transmission method and device, computer equipment and storage medium
CN202011381713.9 2020-12-01

Publications (1)

Publication Number Publication Date
WO2022116848A1 true WO2022116848A1 (en) 2022-06-09

Family

ID=74308220

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2021/131445 WO2022116848A1 (en) 2020-12-01 2021-11-18 Packet transmission method and apparatus, computer device, and storage medium

Country Status (2)

Country Link
CN (1) CN112333298B (en)
WO (1) WO2022116848A1 (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115277213A (en) * 2022-07-29 2022-11-01 北京天融信网络安全技术有限公司 Message board transferring processing method and device
CN115277884A (en) * 2022-07-14 2022-11-01 苏州盛科通信股份有限公司 Subnet replacement method and device, exchange chip, electronic equipment and storage medium
CN115412308A (en) * 2022-08-09 2022-11-29 北京天融信网络安全技术有限公司 Message processing method and device and electronic equipment
CN116137585A (en) * 2023-04-20 2023-05-19 武汉绿色网络信息服务有限责任公司 Message forwarding method, device, computer equipment and storage medium

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112333298B (en) * 2020-12-01 2022-09-02 武汉绿色网络信息服务有限责任公司 Message transmission method and device, computer equipment and storage medium
CN113132242B (en) * 2021-03-19 2022-11-15 翱捷科技股份有限公司 Network equipment and method for sharing sending and receiving cache
CN115442328B (en) * 2022-08-03 2023-06-02 天翼云科技有限公司 Network address conversion method, device, gateway, medium and equipment

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101136926A (en) * 2007-10-12 2008-03-05 杭州华三通信技术有限公司 Packet forwarding method under asymmetric routing condition and network address conversion gateway
CN102204191A (en) * 2011-05-31 2011-09-28 华为技术有限公司 A message transmission method and a network-network routing device
CN102904975A (en) * 2012-09-28 2013-01-30 华为技术有限公司 Method and associated device for message processing
CN106331196A (en) * 2015-06-26 2017-01-11 中兴通讯股份有限公司 Method and device for realizing NAT
CN112333298A (en) * 2020-12-01 2021-02-05 武汉绿色网络信息服务有限责任公司 Message transmission method and device, computer equipment and storage medium

Family Cites Families (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101141420B (en) * 2007-09-05 2012-07-11 杭州华三通信技术有限公司 Method and system for performing data communication between private network and public network
CN102480530B (en) * 2010-11-25 2015-07-22 华为技术有限公司 Message sending method and device
CN102209124B (en) * 2011-06-08 2014-03-12 杭州华三通信技术有限公司 Method for communication between private network and public network and network address translation equipment
CN104065759A (en) * 2013-03-22 2014-09-24 杭州迪普科技有限公司 Method for improving utilization efficiency of NAT address pool resource and device thereof
CN104168338A (en) * 2013-05-16 2014-11-26 杭州迪普科技有限公司 Network address conversion device and network address conversion method
CN103685032B (en) * 2013-12-09 2017-06-23 福建星网锐捷网络有限公司 Message forwarding method and network address translation services device
CN103731356B (en) * 2013-12-09 2017-05-24 福建星网锐捷网络有限公司 Message processing method and device
US10237235B1 (en) * 2014-05-29 2019-03-19 Amazon Technologies, Inc. System for network address translation
CN110012118B (en) * 2019-03-08 2022-07-22 平安科技(深圳)有限公司 Method and controller for providing Network Address Translation (NAT) service

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101136926A (en) * 2007-10-12 2008-03-05 杭州华三通信技术有限公司 Packet forwarding method under asymmetric routing condition and network address conversion gateway
CN102204191A (en) * 2011-05-31 2011-09-28 华为技术有限公司 A message transmission method and a network-network routing device
CN102904975A (en) * 2012-09-28 2013-01-30 华为技术有限公司 Method and associated device for message processing
CN106331196A (en) * 2015-06-26 2017-01-11 中兴通讯股份有限公司 Method and device for realizing NAT
CN112333298A (en) * 2020-12-01 2021-02-05 武汉绿色网络信息服务有限责任公司 Message transmission method and device, computer equipment and storage medium

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115277884A (en) * 2022-07-14 2022-11-01 苏州盛科通信股份有限公司 Subnet replacement method and device, exchange chip, electronic equipment and storage medium
CN115277213A (en) * 2022-07-29 2022-11-01 北京天融信网络安全技术有限公司 Message board transferring processing method and device
CN115277213B (en) * 2022-07-29 2023-07-14 北京天融信网络安全技术有限公司 Message transfer board processing method and device
CN115412308A (en) * 2022-08-09 2022-11-29 北京天融信网络安全技术有限公司 Message processing method and device and electronic equipment
CN116137585A (en) * 2023-04-20 2023-05-19 武汉绿色网络信息服务有限责任公司 Message forwarding method, device, computer equipment and storage medium
CN116137585B (en) * 2023-04-20 2023-07-18 武汉绿色网络信息服务有限责任公司 Message forwarding method, device, computer equipment and storage medium

Also Published As

Publication number Publication date
CN112333298A (en) 2021-02-05
CN112333298B (en) 2022-09-02

Similar Documents

Publication Publication Date Title
WO2022116848A1 (en) Packet transmission method and apparatus, computer device, and storage medium
CN112040030B (en) Message transmission method and device, computer equipment and storage medium
WO2018108033A1 (en) Database migration method and device, terminal, system and storage medium
US7451197B2 (en) Method, system, and article of manufacture for network protocols
CN108924274B (en) Domain name system DNS processing method and device, storage medium and electronic equipment
WO2018196468A1 (en) Method, device and terminal for realizing data service
WO2014190791A1 (en) Method for setting identity of gateway device and management gateway device
US8149840B2 (en) Method, system and processor for processing network address translation service
JP5826320B2 (en) Network location service
WO2020181735A1 (en) Method for providing network address translation (nat) service and controller
WO2016101780A1 (en) Method and device for deploying service in virtualized network
WO2018019216A1 (en) Ap access control
CN109088957B (en) NAT rule management method, device and equipment
CN112040029B (en) NAT conversion method, device, computer equipment and storage medium
WO2016090921A1 (en) Session control method and device
WO2018024200A1 (en) Virtual desktop multicast control method, terminal, proxy terminal, and cloud desktop server
WO2014101145A1 (en) Method and apparatus for transmitting network information
WO2016175872A1 (en) Network based service discovery via unicast messages
CN108650337B (en) Server detection method, system and storage medium
WO2023179786A1 (en) Capacity expansion method for network address translation gateway, device and storage medium
WO2023221708A1 (en) Pdn dialing method, system and apparatus, multi-pdn dialing configuration method, system and apparatus, and device and storage medium
CN113676409B (en) Message forwarding method and device, electronic equipment and storage medium
US20110138067A1 (en) Cluster View Performance
WO2022089412A1 (en) Communication method and device
CN112019641B (en) Data transmission method and device

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 21899882

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 21899882

Country of ref document: EP

Kind code of ref document: A1