WO2022116850A1 - Method and device for identifying private network user, service system, and storage medium - Google Patents

Method and device for identifying private network user, service system, and storage medium Download PDF

Info

Publication number
WO2022116850A1
WO2022116850A1 PCT/CN2021/131449 CN2021131449W WO2022116850A1 WO 2022116850 A1 WO2022116850 A1 WO 2022116850A1 CN 2021131449 W CN2021131449 W CN 2021131449W WO 2022116850 A1 WO2022116850 A1 WO 2022116850A1
Authority
WO
WIPO (PCT)
Prior art keywords
private network
user terminal
vxlan
vni
address
Prior art date
Application number
PCT/CN2021/131449
Other languages
French (fr)
Chinese (zh)
Inventor
黄华桥
曾伟
Original Assignee
武汉绿色网络信息服务有限责任公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 武汉绿色网络信息服务有限责任公司 filed Critical 武汉绿色网络信息服务有限责任公司
Publication of WO2022116850A1 publication Critical patent/WO2022116850A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • H04L12/4641Virtual LANs, VLANs, e.g. virtual private networks [VPN]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • H04L12/4633Interconnection of networks using encapsulation techniques, e.g. tunneling
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/22Parsing or analysis of headers

Definitions

  • the present invention relates to the technical field of virtual extended local area network, in particular to a method, device, service system and storage medium for identifying private network users.
  • VXLAN Virtual eXtensible Local Area Network, virtual extended local area network
  • VXLAN Virtual eXtensible Local Area Network, virtual extended local area network
  • the main principle of the VXLAN technology is to introduce an outer VXLAN tunnel in UDP format as the data link layer, and the original data packet content is transmitted as the tunnel payload (Payload). Since the outer layer adopts UDP as the transmission method, the payload data can be easily transmitted in the second or third layer network.
  • Both ends of the VXLAN tunnel are VTEP (VXLAN Tunnel Endpoints, VXLAN tunnel endpoints) devices, such as DCSW (Data Switching Center), and the related processing of VXLAN packets is performed on this device.
  • VTEP VXLAN Tunnel Endpoints, VXLAN tunnel endpoints
  • DCSW Data Switching Center
  • the VXLAN packet structure includes two parts: the original packet and the VXLAN encapsulation.
  • the original packet includes payload, inner IP header (INNER IP Header) and inner Ethernet header (INNER Ethemet Header);
  • VXLAN encapsulation includes VXLAN header (VXLAN Header), outer UDP header (Outer UDP Header), outer IP header Header (Outer IP Header) and outer Ethernet header (Outer Ethernet Header), and VXLAN header has VNI (VXLAN Network Identifier, VXLAN network identifier).
  • the outer IP header and outer UDP header are the basis for mutual communication between VTEP devices, enabling VXALN packets to be transmitted on the underlying network.
  • the VTEP device After the VTEP device receives the VXLAN message, it removes the outer IP header and outer UDP header, and then processes the VXLAN logic according to the VXLAN header, which is mainly sent to the final virtual machine (Virtual Machine, also known as VM) according to the VNI, The virtual machine reads the original message.
  • VXLAN Virtual Machine
  • VNI Virtual Machine
  • a virtual machine can act as a user terminal or a server.
  • the server receives the original packet without VNI.
  • the private network IP address of the user terminal can be obtained by parsing the original packet, due to different private networks.
  • the user terminals can use the same private network IP address, that is, the private network IP addresses are not unique, so the server cannot determine a unique user terminal.
  • the purpose of the present invention is to disclose a method capable of accurately identifying private network users.
  • a method for identifying private network users disclosed in the present invention includes the following steps:
  • the user terminal is uniquely identified according to the mapping information, and an identification result is output.
  • step of receiving the VXLAN message sent by the user terminal is specifically: receiving the VXLAN message sent by the user terminal from the public network, and the step further includes:
  • the original packet sent by the user terminal from the private network is encapsulated by VXLAN according to its VNI to form a VXLAN packet and forwarded to the public network.
  • each user terminal accessing the public network includes a user terminal accessing the network in the home broadband service.
  • the step of uniquely identifying the user terminal according to the mapping information and outputting the identification result includes: counting user traffic sources according to the uniquely identified user terminal.
  • the structure of the VXLAN message sequentially includes VXLAN encapsulation and the original message from outside to inside;
  • the structure of the VXLAN encapsulation includes, from outside to inside, an outer Ethernet header, an outer IP header, an outer UDP header, and an outer UDP header.
  • the structure of the original packet includes an inner Ethernet header, an inner IP header and a payload in sequence from the outside to the inside;
  • the inner IP header has the private network IP address of the user terminal.
  • the present invention also discloses a device for identifying private network users, which includes a VXLAN message receiving module, a VXLAN decapsulation module, a private network IP address parsing module, a mapping table query module, and a result output module; wherein:
  • VXLAN packet receiving module receives VXLAN packets sent by the user terminal;
  • VXLAN decapsulation module perform VXLAN decapsulation on the VXLAN packet to obtain the original packet of the VXLAN packet;
  • Private network IP address parsing module parses the private network IP address of the user terminal from the original message
  • mapping information query module query the preset VNI and private network IP address mapping table to obtain the mapping information between the private network IP address of the user terminal and the user terminal VNI;
  • Result output module uniquely identify the user terminal according to the mapping information, and output the identification result.
  • mapping table module a mapping table module, a VNI management module, and a VXLAN encapsulation module;
  • Mapping table module preset VNI and private network IP address mapping table
  • VNI management module According to the preset VNI and private network IP address mapping table, assign the corresponding VNI to each user terminal accessing the public network;
  • VXLAN encapsulation module Perform VXLAN encapsulation according to the VNI of the original packets sent by the user terminal from the private network to form VXLAN packets and forward them to the public network.
  • the apparatus is located on an access service system of a communication operator.
  • the present invention also discloses a service system correspondingly, characterized in that, the service system includes:
  • processors one or more processors
  • One or more application programs wherein the one or more application programs are stored in the memory and configured to be executed by the processor to implement the method for identifying a private network user of any of the above solutions.
  • the present invention also discloses a computer-readable storage medium correspondingly, on which a computer program is stored, and the computer program is loaded by a processor to execute the method for identifying a private network user according to any one of claims 1 to 5. A step of.
  • the present invention uniquely identifies the user terminal according to the mapping information by sequentially performing VXLAN decapsulation, private network IP address resolution, and querying the preset VNI and private network IP address mapping table for the VXLAN message sent by the user terminal, That is, a unique user terminal can be determined, thereby realizing accurate identification of the user terminal;
  • the present invention can accurately identify the user terminal, the user traffic source can be accurately counted, the traffic economy can be promoted, and the economic benefit can be improved.
  • Figure 1 is a schematic structural diagram of a VXLAN packet
  • Embodiment 2 is a schematic flowchart of a method for identifying a private network user disclosed in Embodiment 1;
  • Embodiment 3 is a schematic flowchart of a method for identifying a private network user disclosed in Embodiment 2;
  • Embodiment 4 is a structural block diagram of an apparatus for identifying private network users disclosed in Embodiment 3;
  • FIG. 5 is a structural block diagram of an apparatus for identifying private network users disclosed in the fourth embodiment.
  • a method for identifying a private network user disclosed in this embodiment mainly includes the following steps R10-R50 (only the destination execution method is introduced):
  • R10 The VXLAN packet sent by the user terminal is received.
  • Step R10 receives the VXLAN message sent by the user terminal from the public network, wherein the structure of the VXLAN message can refer to FIG. 1, that is, it sequentially includes VXLAN encapsulation and original message from outside to inside; the structure of VXLAN encapsulation is from outside to inside
  • the inside includes the outer Ethernet header, the outer IP header, the outer UDP header and the VXLAN header in turn; the structure of the original packet includes the inner Ethernet header, the inner IP header and the payload in sequence from the outside to the inside; the inner IP header has the Private IP address.
  • R20 Perform VXLAN decapsulation on the VXLAN packet to obtain the original packet of the VXLAN packet.
  • VXLAN decapsulation refers to removing the outer Ethernet header, outer IP header, outer UDP header and VXLAN header, and only retains the inner Ethernet header, inner IP header and net header.
  • the original message including the load.
  • R30 Parse out the private network IP address of the user terminal from the original message.
  • the user terminals in different private networks can use the same private network IP address, the user terminal cannot be uniquely determined only by the private network IP address obtained by parsing.
  • R40 Query a preset VNI and private network IP address mapping table to obtain mapping information between the private network IP address of the user terminal and the VNI of the user terminal.
  • the form of the VNI and private network IP address mapping table may refer to the existing MAC address and private network IP address mapping table. The difference is that the MAC address and private network IP address mapping table stores the mapping information between physical addresses and private network IP addresses, while the VNI and private network IP address mapping table stores the mapping information between VNI and private network IP addresses.
  • R50 Uniquely identify the user terminal according to the mapping information, and output an identification result.
  • the user terminal can be uniquely identified according to the mapping information, and Output the mapping information.
  • the source of user traffic can be further counted.
  • this embodiment at least has the following beneficial effects:
  • the user terminal By sequentially performing VXLAN decapsulation, private network IP address resolution, and querying the preset VNI and private network IP address mapping table for the VXLAN packets sent by the user terminal, the user terminal is uniquely identified according to the mapping information, that is, A unique user terminal can be determined, thereby realizing accurate identification of the user terminal;
  • the user terminal can be accurately identified, so that the source of user traffic can be accurately counted, which can promote the traffic economy and help improve economic benefits.
  • a method for identifying a private network user disclosed in this embodiment in addition to including steps R10-R50 (destination terminal execution method) in Embodiment 1, further includes the following steps S10-S30 ( source execution method):
  • S10 Preset a VNI and private network IP address mapping table.
  • the method of presetting the mapping table between the VNI and the private network IP address may refer to the existing method of setting the mapping table between the MAC address and the private network IP address.
  • S20 Allocate a corresponding VNI to each user terminal accessing the public network according to the preset VNI and private network IP address mapping table.
  • the user terminals accessing the public network include user terminals accessing the network in the home broadband service.
  • S30 Perform VXLAN encapsulation according to the VNI of the original message sent by the user terminal from the private network to form a VXLAN message and forward it to the public network.
  • this embodiment discloses a device for identifying private network users.
  • the device may be specifically located on an access service system of a communication operator, and includes a VXLAN message receiving module 21 , a VXLAN decapsulation module 22 , and a private network IP address parsing module 23, mapping table query module 24, and result output module 25; wherein:
  • VXLAN packet receiving module 21 Receive a VXLAN packet sent by a user terminal.
  • VXLAN decapsulation module 22 Perform VXLAN decapsulation on the VXLAN packet to obtain the original packet of the VXLAN packet.
  • Private network IP address parsing module 23 parses out the private network IP address of the user terminal from the original message
  • Mapping information query module 24 query a preset VNI and private network IP address mapping table to obtain the mapping information between the private network IP address of the user terminal and the VNI of the user terminal.
  • Result output module 25 uniquely identify the user terminal according to the mapping information, and output the identification result.
  • Each functional module of the third embodiment corresponds to each step of the first embodiment, and the third embodiment can be understood with reference to the embodiment, and the third embodiment has the beneficial effects of the first embodiment.
  • this embodiment discloses a device for identifying private network users, which includes each functional module of the third embodiment, and also includes a mapping table module 11, a VNI management module 12, and a VXLAN encapsulation module 13; wherein:
  • Mapping table module 11 preset VNI and private network IP address mapping table.
  • VNI management module 12 According to a preset VNI and private network IP address mapping table, allocate a corresponding VNI to each user terminal accessing the public network.
  • VXLAN encapsulation module 13 Perform VXLAN encapsulation according to the VNI of the original message sent by the user terminal from the private network to form a VXLAN message and forward it to the public network.
  • Each functional module of the fourth embodiment corresponds to each step of the second embodiment, and the fourth embodiment can be understood with reference to the second embodiment, and the fourth embodiment has the beneficial effects of the second embodiment.
  • the above-mentioned method for identifying a private network user can be embodied as a service system as an execution carrier.
  • the service system includes one or more processors, memory, and one or more application programs, wherein the one or more application programs are stored in the memory and configured to be executed by the processor to achieve the above A method for identifying private network users in any scheme.
  • the processor may be a single-core processor, a multi-core processor, or any processor that implements multi-node and/or multi-threading; memory includes but is not limited to: electrical connections with one or more wires, portable computer disks, hard disks , Random Access Memory (RAM), Read Only Memory (ROM), Erasable Programmable Read Only Memory (EPROM or Flash), Optical Fiber, Portable Compact Disc Read Only Memory (CD-ROM), Optical Storage Devices, Magnetic Memory components, or any suitable combination of the above.
  • RAM Random Access Memory
  • ROM Read Only Memory
  • EPROM or Flash Erasable Programmable Read Only Memory
  • CD-ROM Portable Compact Disc Read Only Memory
  • Optical Storage Devices Magnetic Memory components, or any suitable combination of the above.
  • the above-mentioned method for identifying a private network user may only use a computer-readable storage medium as a carrier.
  • a specific solution is: a computer-readable storage medium on which a computer program is stored, and the computer program is loaded by a processor to execute the steps in the above-mentioned method for identifying a private network user.
  • the computer-readable storage medium includes, but is not limited to, an electrical connection having one or more wires, a portable computer disk, a hard disk, random access memory (RAM), read only memory (ROM), erasable programmable Read-only memory (EPROM or flash memory), fiber optics, portable compact disk read only memory (CD-ROM), optical storage devices, magnetic storage devices, or any suitable combination of the above.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The present invention relates to a method and device for identifying a private network user, a service system, and a storage medium. The method comprises: receiving a VXLAN message sent by a user terminal; decapsulating the VXLAN message to obtain an original message of the VXLAN message; parsing the original message to obtain a private network IP address of the user terminal; querying a preset mapping table of a VNI and the private network IP address to obtain mapping information between the private network IP address of the user terminal and the user terminal VNI; and uniquely identifying the user terminal according to the mapping information, and outputting the identified result. Thus, in the present invention, a private network user can be identified accurately, facilitating making statistics on user traffic.

Description

识别私网用户的方法、装置、服务系统及存储介质Method, device, service system and storage medium for identifying private network users 技术领域technical field
本发明涉及虚拟扩展局域网技术领域,具体涉及一种识别私网用户的方法、装置、服务系统及存储介质。The present invention relates to the technical field of virtual extended local area network, in particular to a method, device, service system and storage medium for identifying private network users.
背景技术Background technique
VXLAN(Virtual eXtensible Local Area Network,虚拟扩展局域网)是一种网络虚拟化技术,可以很好地解决了现有VLAN技术无法满足大二层网络需求的问题。VXLAN (Virtual eXtensible Local Area Network, virtual extended local area network) is a network virtualization technology, which can well solve the problem that the existing VLAN technology cannot meet the needs of large Layer 2 networks.
VXLAN技术的主要原理是引入一个UDP格式的外层VXLAN隧道作为数据链路层,而原有数据报文内容作为隧道净荷(Payload)加以传输。由于外层采用了UDP作为传输手段,净荷数据可以轻松地在二三层网络中传送。VXLAN隧道的两端是VTEP(VXLAN Tunnel Endpoints,VXLAN隧道端点)设备,例如DCSW(数据交换中心),VXLAN报文的相关处理均在该设备进行。The main principle of the VXLAN technology is to introduce an outer VXLAN tunnel in UDP format as the data link layer, and the original data packet content is transmitted as the tunnel payload (Payload). Since the outer layer adopts UDP as the transmission method, the payload data can be easily transmitted in the second or third layer network. Both ends of the VXLAN tunnel are VTEP (VXLAN Tunnel Endpoints, VXLAN tunnel endpoints) devices, such as DCSW (Data Switching Center), and the related processing of VXLAN packets is performed on this device.
参阅图1,VXLAN报文结构包括原始报文和VXLAN封装两部分。其中,原始报文包括净荷、内部IP头(INNER IP Header)和内部以太头(INNER Ethemet Header);VXLAN封装包括VXLAN头(VXLAN Header)、外层UDP头(Outer UDP Header)、外层IP头(Outer IP Header)以及外层以太头(Outer Ethemet Header),而VXLAN头中具有VNI(VXLAN Network Identifier,VXLAN网络标识符)。外层IP头和外层UDP头是VTEP设备之间互相通信的基础,使得VXALN报文能够在底层网络上传输。VTEP设备接收到VXLAN报文后,去除外层IP头和外层UDP头,然后根据VXLAN头来处理VXLAN的逻辑,主要是根据VNI发送到最终的虚拟机(Virtual Machine,又称为VM),而虚拟机读取到的是原始报文。Referring to Figure 1, the VXLAN packet structure includes two parts: the original packet and the VXLAN encapsulation. Among them, the original packet includes payload, inner IP header (INNER IP Header) and inner Ethernet header (INNER Ethemet Header); VXLAN encapsulation includes VXLAN header (VXLAN Header), outer UDP header (Outer UDP Header), outer IP header Header (Outer IP Header) and outer Ethernet header (Outer Ethernet Header), and VXLAN header has VNI (VXLAN Network Identifier, VXLAN network identifier). The outer IP header and outer UDP header are the basis for mutual communication between VTEP devices, enabling VXALN packets to be transmitted on the underlying network. After the VTEP device receives the VXLAN message, it removes the outer IP header and outer UDP header, and then processes the VXLAN logic according to the VXLAN header, which is mainly sent to the final virtual machine (Virtual Machine, also known as VM) according to the VNI, The virtual machine reads the original message.
虚拟机可以作为用户终端也可以作为服务器。以源端为用户终端,目的端为服务器为例,服务器接收到的是不含VNI的原始报文,通过对原始报文的解析虽然可以获得用户终端的私网IP地址,但由于不同私网上的用户终端可以使用相同的私网IP地址,也即私网IP地址并不唯一,因此服务器无法确定出一个 唯一的用户终端。A virtual machine can act as a user terminal or a server. Taking the source terminal as the user terminal and the destination terminal as the server as an example, the server receives the original packet without VNI. Although the private network IP address of the user terminal can be obtained by parsing the original packet, due to different private networks. The user terminals can use the same private network IP address, that is, the private network IP addresses are not unique, so the server cannot determine a unique user terminal.
由于无法确定出一个唯一的用户终端,从而也无法准确统计用户流量来源,进而无法给当前正在迅速发展的流量经济提供足够的技术支持。因此,需要基于VXLAN技术提出一种能够识别用户终端的技术方案。Since a unique user terminal cannot be determined, it is also impossible to accurately count the source of user traffic, and thus cannot provide sufficient technical support for the currently rapidly developing traffic economy. Therefore, it is necessary to propose a technical solution capable of identifying user terminals based on the VXLAN technology.
发明内容SUMMARY OF THE INVENTION
本发明的目的在于,公开一种能够准确识别私网用户的方法。The purpose of the present invention is to disclose a method capable of accurately identifying private network users.
具体的,本发明公开的一种识别私网用户的方法,其包括以下步骤:Specifically, a method for identifying private network users disclosed in the present invention includes the following steps:
接收到用户终端发来的VXLAN报文;Receive the VXLAN packet sent by the user terminal;
对所述VXLAN报文进行VXLAN解封装,获得该VXLAN报文的原始报文;performing VXLAN decapsulation on the VXLAN message to obtain the original message of the VXLAN message;
从所述原始报文中解析出用户终端的私网IP地址;Parse out the private network IP address of the user terminal from the original message;
查询预置的VNI与私网IP地址映射表,获得所述用户终端的私网IP地址与所述用户终端VNI的映射信息;query the preset VNI and private network IP address mapping table to obtain the mapping information between the private network IP address of the user terminal and the user terminal VNI;
根据所述映射信息唯一识别所述用户终端,并输出识别结果。The user terminal is uniquely identified according to the mapping information, and an identification result is output.
进一步的,所述接收到用户终端发来的VXLAN报文的步骤具体为:从公网上接收到用户终端发来的VXLAN报文,且该步骤之前还包括:Further, the step of receiving the VXLAN message sent by the user terminal is specifically: receiving the VXLAN message sent by the user terminal from the public network, and the step further includes:
预置VNI与私网IP地址映射表;Preset VNI and private network IP address mapping table;
根据预置的VNI与私网IP地址映射表,为接入公网的各用户终端分配对应的VNI;Allocate the corresponding VNI to each user terminal accessing the public network according to the preset VNI and private network IP address mapping table;
将用户终端从私网发出的原始报文,根据其VNI执行VXLAN封装,形成VXLAN报文并转发至公网。The original packet sent by the user terminal from the private network is encapsulated by VXLAN according to its VNI to form a VXLAN packet and forwarded to the public network.
进一步的,所述接入公网的各用户终端包括家庭宽带业务中入网的用户终端。Further, each user terminal accessing the public network includes a user terminal accessing the network in the home broadband service.
进一步的,根据所述映射信息唯一识别所述用户终端,并输出识别结果的步骤之后包括:根据唯一识别的用户终端统计用户流量来源。Further, the step of uniquely identifying the user terminal according to the mapping information and outputting the identification result includes: counting user traffic sources according to the uniquely identified user terminal.
进一步的,所述VXLAN报文的结构从外至内依次包括VXLAN封装和原始报文;所述VXLAN封装的结构从外至内依次包括外层以太头、外层IP头、外层UDP头以及VXLAN头;所述原始报文的结构从外至内依次包括内部以太头、内部IP头以及净荷;所述内部IP头具有所述用户终端的私网IP地址。Further, the structure of the VXLAN message sequentially includes VXLAN encapsulation and the original message from outside to inside; the structure of the VXLAN encapsulation includes, from outside to inside, an outer Ethernet header, an outer IP header, an outer UDP header, and an outer UDP header. VXLAN header; the structure of the original packet includes an inner Ethernet header, an inner IP header and a payload in sequence from the outside to the inside; the inner IP header has the private network IP address of the user terminal.
本发明还相应公开一种识别私网用户的装置,其包括VXLAN报文接收模块、VXLAN解封装模块、私网IP地址解析模块、映射表查询模块、结果输出模块;其中:The present invention also discloses a device for identifying private network users, which includes a VXLAN message receiving module, a VXLAN decapsulation module, a private network IP address parsing module, a mapping table query module, and a result output module; wherein:
VXLAN报文接收模块:接收到用户终端发来的VXLAN报文;VXLAN packet receiving module: receives VXLAN packets sent by the user terminal;
VXLAN解封装模块:对所述VXLAN报文进行VXLAN解封装,获得该VXLAN报文的原始报文;VXLAN decapsulation module: perform VXLAN decapsulation on the VXLAN packet to obtain the original packet of the VXLAN packet;
私网IP地址解析模块:从所述原始报文中解析出用户终端的私网IP地址;Private network IP address parsing module: parses the private network IP address of the user terminal from the original message;
映射信息查询模块:查询预置的VNI与私网IP地址映射表,获得所述用户终端的私网IP地址与所述用户终端VNI的映射信息;Mapping information query module: query the preset VNI and private network IP address mapping table to obtain the mapping information between the private network IP address of the user terminal and the user terminal VNI;
结果输出模块:根据所述映射信息唯一识别所述用户终端,并输出识别结果。Result output module: uniquely identify the user terminal according to the mapping information, and output the identification result.
进一步的,还包括映射表模块、VNI管理模块、VXLAN封装模块;其中:Further, it also includes a mapping table module, a VNI management module, and a VXLAN encapsulation module; wherein:
映射表模块:预置VNI与私网IP地址映射表;Mapping table module: preset VNI and private network IP address mapping table;
VNI管理模块:根据预置的VNI与私网IP地址映射表,为接入公网的各用户终端分配对应的VNI;VNI management module: According to the preset VNI and private network IP address mapping table, assign the corresponding VNI to each user terminal accessing the public network;
VXLAN封装模块:将用户终端从私网发出的原始报文,根据其VNI执行VXLAN封装,形成VXLAN报文并转发至公网。VXLAN encapsulation module: Perform VXLAN encapsulation according to the VNI of the original packets sent by the user terminal from the private network to form VXLAN packets and forward them to the public network.
进一步的,所述装置位于通信运营商的接入服务系统上。Further, the apparatus is located on an access service system of a communication operator.
本发明还相应公开一种服务系统,其特征在于,所述服务系统包括:The present invention also discloses a service system correspondingly, characterized in that, the service system includes:
一个或多个处理器;one or more processors;
存储器;以及memory; and
一个或多个应用程序,其中所述一个或多个应用程序被存储于所述存储器中,并配置为由所述处理器执行以实现上述任一方案的识别私网用户的方法。One or more application programs, wherein the one or more application programs are stored in the memory and configured to be executed by the processor to implement the method for identifying a private network user of any of the above solutions.
本发明还相应公开一种计算机可读存储介质,其上存储有计算机程序,所述计算机程序被处理器进行加载,以执行权利要求1至5任一项所述的识别私网 用户的方法中的步骤。The present invention also discloses a computer-readable storage medium correspondingly, on which a computer program is stored, and the computer program is loaded by a processor to execute the method for identifying a private network user according to any one of claims 1 to 5. A step of.
本发明至少具备以下有益效果:The present invention at least has the following beneficial effects:
(1)本发明通过对用户终端发来的VXLAN报文依次进行VXLAN解封装、私网IP地址解析、以及查询预置的VNI与私网IP地址映射表,根据映射信息唯一识别出用户终端,也即可以确定出一个唯一的用户终端,从而实现了对用户终端的准确识别;(1) The present invention uniquely identifies the user terminal according to the mapping information by sequentially performing VXLAN decapsulation, private network IP address resolution, and querying the preset VNI and private network IP address mapping table for the VXLAN message sent by the user terminal, That is, a unique user terminal can be determined, thereby realizing accurate identification of the user terminal;
(2)由于本发明能够准确识别出用户终端,从而可以准确统计用户流量来源,对流量经济起到促进作用,有助于提高经济效益。(2) Since the present invention can accurately identify the user terminal, the user traffic source can be accurately counted, the traffic economy can be promoted, and the economic benefit can be improved.
附图说明Description of drawings
为了更清楚地说明本发明实施例中的技术方案,下面将对实施例描述中所需要使用的附图作简单地介绍,显而易见地,下面描述中的附图仅仅是本发明的一些实施例,对于本领域技术人员来讲,在不付出创造性劳动的前提下,还可以根据这些附图获得其他的附图。In order to illustrate the technical solutions in the embodiments of the present invention more clearly, the following briefly introduces the accompanying drawings used in the description of the embodiments. Obviously, the accompanying drawings in the following description are only some embodiments of the present invention. For those skilled in the art, other drawings can also be obtained from these drawings without creative effort.
图1是一种VXLAN报文的结构示意图;Figure 1 is a schematic structural diagram of a VXLAN packet;
图2是实施例一公开的识别私网用户的方法流程示意图;2 is a schematic flowchart of a method for identifying a private network user disclosed in Embodiment 1;
图3是实施例二公开的识别私网用户的方法流程示意图;3 is a schematic flowchart of a method for identifying a private network user disclosed in Embodiment 2;
图4是实施例三公开的识别私网用户的装置结构框图;4 is a structural block diagram of an apparatus for identifying private network users disclosed in Embodiment 3;
图5是实施例四公开的识别私网用户的装置结构框图。FIG. 5 is a structural block diagram of an apparatus for identifying private network users disclosed in the fourth embodiment.
具体实施方式Detailed ways
下面将结合本发明实施例中的附图,对本发明实施例中的技术方案进行清楚、完整地描述,显然,所描述的实施例仅仅是本发明一部分实施例,而不是全部的实施例。基于本发明中的实施例,本领域技术人员在没有作出创造性劳动前提下所获得的所有其他实施例,都属于本发明保护的范围。The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present invention. Obviously, the described embodiments are only a part of the embodiments of the present invention, rather than all the embodiments. Based on the embodiments of the present invention, all other embodiments obtained by those skilled in the art without creative efforts shall fall within the protection scope of the present invention.
实施例一Example 1
请参阅图2,本实施例公开的一种识别私网用户的方法,主要包括以下步骤R10-R50(仅介绍目的端执行方法):Referring to FIG. 2, a method for identifying a private network user disclosed in this embodiment mainly includes the following steps R10-R50 (only the destination execution method is introduced):
R10:接收到用户终端发来的VXLAN报文。R10: The VXLAN packet sent by the user terminal is received.
步骤R10从公网上接收到用户终端发来的VXLAN报文,其中,VXLAN报文的结构可以参考图1,即其从外至内依次包括VXLAN封装和原始报文;VXLAN封装的结构从外至内依次包括外层以太头、外层IP头、外层UDP头以及VXLAN头;原始报文的结构从外至内依次包括内部以太头、内部IP头以及净荷;内部IP头具有用户终端的私网IP地址。Step R10 receives the VXLAN message sent by the user terminal from the public network, wherein the structure of the VXLAN message can refer to FIG. 1, that is, it sequentially includes VXLAN encapsulation and original message from outside to inside; the structure of VXLAN encapsulation is from outside to inside The inside includes the outer Ethernet header, the outer IP header, the outer UDP header and the VXLAN header in turn; the structure of the original packet includes the inner Ethernet header, the inner IP header and the payload in sequence from the outside to the inside; the inner IP header has the Private IP address.
R20:对所述VXLAN报文进行VXLAN解封装,获得该VXLAN报文的原始报文。R20: Perform VXLAN decapsulation on the VXLAN packet to obtain the original packet of the VXLAN packet.
其中,按照图1所示的VXLAN报文的结构,VXLAN解封装是指去除外层以太头、外层IP头、外层UDP头以及VXLAN头,只保留具有内部以太头、内部IP头以及净荷在内的原始报文。Among them, according to the structure of the VXLAN packet shown in Figure 1, VXLAN decapsulation refers to removing the outer Ethernet header, outer IP header, outer UDP header and VXLAN header, and only retains the inner Ethernet header, inner IP header and net header. The original message including the load.
R30:从所述原始报文中解析出用户终端的私网IP地址。R30: Parse out the private network IP address of the user terminal from the original message.
其中,由于在不同的私网中的用户终端可以使用相同的私网IP地址,因此,仅凭解析出的私网IP地址无法唯一确定用户终端。Wherein, since the user terminals in different private networks can use the same private network IP address, the user terminal cannot be uniquely determined only by the private network IP address obtained by parsing.
R40:查询预置的VNI与私网IP地址映射表,获得所述用户终端的私网IP地址与所述用户终端VNI的映射信息。R40: Query a preset VNI and private network IP address mapping table to obtain mapping information between the private network IP address of the user terminal and the VNI of the user terminal.
其中,VNI与私网IP地址映射表的形式可以参照现有的MAC地址与私网IP地址映射表。不同之处在于MAC地址与私网IP地址映射表中存储的是物理地址与私网IP地址的映射信息,而VNI与私网IP地址映射表存储的是VNI与私网IP地址的映射信息。The form of the VNI and private network IP address mapping table may refer to the existing MAC address and private network IP address mapping table. The difference is that the MAC address and private network IP address mapping table stores the mapping information between physical addresses and private network IP addresses, while the VNI and private network IP address mapping table stores the mapping information between VNI and private network IP addresses.
R50:根据所述映射信息唯一识别所述用户终端,并输出识别结果。R50: Uniquely identify the user terminal according to the mapping information, and output an identification result.
其中,由于用户终端的VNI在其接入的公网上具有唯一性,而用户终端的私网IP地址在其接入的私网上具有唯一性,从而根据映射信息可以唯一识别出该用户终端,并输出该映射信息。Among them, because the VNI of the user terminal is unique on the public network it accesses, and the private network IP address of the user terminal is unique on the private network it accesses, the user terminal can be uniquely identified according to the mapping information, and Output the mapping information.
并且,根据唯一识别的用户终端可以进一步统计用户流量来源。In addition, according to the uniquely identified user terminal, the source of user traffic can be further counted.
从而,本实施例至少具备以下有益效果:Thus, this embodiment at least has the following beneficial effects:
(1)通过对用户终端发来的VXLAN报文依次进行VXLAN解封装、私网IP地址解析、以及查询预置的VNI与私网IP地址映射表,根据映射信息唯一识别出用户终端,也即可以确定出一个唯一的用户终端,从而实现了对用户终端的准 确识别;(1) By sequentially performing VXLAN decapsulation, private network IP address resolution, and querying the preset VNI and private network IP address mapping table for the VXLAN packets sent by the user terminal, the user terminal is uniquely identified according to the mapping information, that is, A unique user terminal can be determined, thereby realizing accurate identification of the user terminal;
(2)能够准确识别出用户终端,从而可以准确统计用户流量来源,对流量经济起到促进作用,有助于提高经济效益。(2) The user terminal can be accurately identified, so that the source of user traffic can be accurately counted, which can promote the traffic economy and help improve economic benefits.
实施例二Embodiment 2
请参阅图3,本实施例公开的一种识别私网用户的方法,除了包括实施例一的步骤R10-R50(目的端执行方法)之外,在步骤R10之前还包括以下步骤S10-S30(源端执行方法):Referring to FIG. 3, a method for identifying a private network user disclosed in this embodiment, in addition to including steps R10-R50 (destination terminal execution method) in Embodiment 1, further includes the following steps S10-S30 ( source execution method):
S10:预置VNI与私网IP地址映射表。S10: Preset a VNI and private network IP address mapping table.
其中,预置VNI与私网IP地址映射表的方式可以参考现有的设置MAC地址与私网IP地址映射表的方式。The method of presetting the mapping table between the VNI and the private network IP address may refer to the existing method of setting the mapping table between the MAC address and the private network IP address.
S20:根据预置的VNI与私网IP地址映射表,为接入公网的各用户终端分配对应的VNI。S20: Allocate a corresponding VNI to each user terminal accessing the public network according to the preset VNI and private network IP address mapping table.
其中,接入公网的各用户终端包括家庭宽带业务中入网的用户终端。The user terminals accessing the public network include user terminals accessing the network in the home broadband service.
S30:将用户终端从私网发出的原始报文,根据其VNI执行VXLAN封装,形成VXLAN报文并转发至公网。S30: Perform VXLAN encapsulation according to the VNI of the original message sent by the user terminal from the private network to form a VXLAN message and forward it to the public network.
实施例三Embodiment 3
请参阅图4,本实施例公开一种识别私网用户的装置,该装置可具体位于通信运营商的接入服务系统上,其包括VXLAN报文接收模块21、VXLAN解封装模块22、私网IP地址解析模块23、映射表查询模块24、结果输出模块25;其中:Referring to FIG. 4 , this embodiment discloses a device for identifying private network users. The device may be specifically located on an access service system of a communication operator, and includes a VXLAN message receiving module 21 , a VXLAN decapsulation module 22 , and a private network IP address parsing module 23, mapping table query module 24, and result output module 25; wherein:
VXLAN报文接收模块21:接收到用户终端发来的VXLAN报文。VXLAN packet receiving module 21: Receive a VXLAN packet sent by a user terminal.
VXLAN解封装模块22:对所述VXLAN报文进行VXLAN解封装,获得该VXLAN报文的原始报文。VXLAN decapsulation module 22: Perform VXLAN decapsulation on the VXLAN packet to obtain the original packet of the VXLAN packet.
私网IP地址解析模块23:从所述原始报文中解析出用户终端的私网IP地址;Private network IP address parsing module 23: parses out the private network IP address of the user terminal from the original message;
映射信息查询模块24:查询预置的VNI与私网IP地址映射表,获得所述用户终端的私网IP地址与所述用户终端VNI的映射信息。Mapping information query module 24: query a preset VNI and private network IP address mapping table to obtain the mapping information between the private network IP address of the user terminal and the VNI of the user terminal.
结果输出模块25:根据所述映射信息唯一识别所述用户终端,并输出识别 结果。Result output module 25: uniquely identify the user terminal according to the mapping information, and output the identification result.
实施例三的各个功能模块与实施例一各步骤相对应,可以参考实施例一对实施例三进行理解,并且实施例三具备实施例一的有益效果。Each functional module of the third embodiment corresponds to each step of the first embodiment, and the third embodiment can be understood with reference to the embodiment, and the third embodiment has the beneficial effects of the first embodiment.
实施例四Embodiment 4
请参阅图5,本实施例公开一种识别私网用户的装置,其包括实施例三的各功能模块,同时还包括映射表模块11、VNI管理模块12、VXLAN封装模块13;其中:Referring to FIG. 5, this embodiment discloses a device for identifying private network users, which includes each functional module of the third embodiment, and also includes a mapping table module 11, a VNI management module 12, and a VXLAN encapsulation module 13; wherein:
映射表模块11:预置VNI与私网IP地址映射表。Mapping table module 11: preset VNI and private network IP address mapping table.
VNI管理模块12:根据预置的VNI与私网IP地址映射表,为接入公网的各用户终端分配对应的VNI。VNI management module 12: According to a preset VNI and private network IP address mapping table, allocate a corresponding VNI to each user terminal accessing the public network.
VXLAN封装模块13:将用户终端从私网发出的原始报文,根据其VNI执行VXLAN封装,形成VXLAN报文并转发至公网。VXLAN encapsulation module 13: Perform VXLAN encapsulation according to the VNI of the original message sent by the user terminal from the private network to form a VXLAN message and forward it to the public network.
实施例四的各个功能模块与实施例二各步骤相对应,可以参考实施例二对实施例四进行理解,并且实施例四具备实施例二的有益效果。Each functional module of the fourth embodiment corresponds to each step of the second embodiment, and the fourth embodiment can be understood with reference to the second embodiment, and the fourth embodiment has the beneficial effects of the second embodiment.
在以上对识别私网用户的方法做了详细介绍的基础上,可以理解的,上述识别私网用户的方法可以具体化为由一种服务系统作为执行载体。该服务系统包括一个或多个处理器、存储器、以及一个或多个应用程序,其中所述一个或多个应用程序被存储于所述存储器中,并配置为由所述处理器执行以实现上述任一方案的识别私网用户的方法。并且,处理器可以是单核处理器、多核处理器或者任意实现多节点和/或实现多线程的处理器;存储器包括但不限于:具有一个或多个导线的电连接、便携式计算机盘、硬盘、随机存取存储器(RAM)、只读存储器(ROM)、可擦式可编程只读存储器(EPROM或闪存)、光纤、便携式紧凑盘只读存储器(CD-ROM)、光存储器件、磁存储器件、或者上述的任意合适的组合。Based on the detailed introduction of the method for identifying a private network user above, it can be understood that the above-mentioned method for identifying a private network user can be embodied as a service system as an execution carrier. The service system includes one or more processors, memory, and one or more application programs, wherein the one or more application programs are stored in the memory and configured to be executed by the processor to achieve the above A method for identifying private network users in any scheme. Also, the processor may be a single-core processor, a multi-core processor, or any processor that implements multi-node and/or multi-threading; memory includes but is not limited to: electrical connections with one or more wires, portable computer disks, hard disks , Random Access Memory (RAM), Read Only Memory (ROM), Erasable Programmable Read Only Memory (EPROM or Flash), Optical Fiber, Portable Compact Disc Read Only Memory (CD-ROM), Optical Storage Devices, Magnetic Memory components, or any suitable combination of the above.
在另一实施例中,上述识别私网用户的方法还可仅以计算机可读存储介质作为载体。具体的方案为:一种计算机可读存储介质,其上存储有计算机程序, 该计算机程序被处理器进行加载,以执行上述识别私网用户的方法中的步骤。并且,该计算机可读存储介质包括但不限于:具有一个或多个导线的电连接、便携式计算机盘、硬盘、随机存取存储器(RAM)、只读存储器(ROM)、可擦式可编程只读存储器(EPROM或闪存)、光纤、便携式紧凑盘只读存储器(CD-ROM)、光存储器件、磁存储器件、或者上述的任意合适的组合。In another embodiment, the above-mentioned method for identifying a private network user may only use a computer-readable storage medium as a carrier. A specific solution is: a computer-readable storage medium on which a computer program is stored, and the computer program is loaded by a processor to execute the steps in the above-mentioned method for identifying a private network user. Also, the computer-readable storage medium includes, but is not limited to, an electrical connection having one or more wires, a portable computer disk, a hard disk, random access memory (RAM), read only memory (ROM), erasable programmable Read-only memory (EPROM or flash memory), fiber optics, portable compact disk read only memory (CD-ROM), optical storage devices, magnetic storage devices, or any suitable combination of the above.
以上仅对本发明的一部分进行了详细介绍,目的在于帮助理解本发明的方法及其核心思想;同时,对于本领域的技术人员,依据本发明的思想,在具体实施方式及应用范围上均会有改变之处,综上所述,本说明书内容不应理解为对本发明的限制。Only a part of the present invention has been described in detail above, and the purpose is to help understand the method of the present invention and its core idea; meanwhile, for those skilled in the art, according to the idea of the present invention, there will be For changes, in summary, the contents of this specification should not be construed as limiting the present invention.

Claims (10)

  1. 一种识别私网用户的方法,其特征在于,包括以下步骤:A method for identifying private network users, comprising the following steps:
    接收到用户终端发来的VXLAN报文;Receive the VXLAN packet sent by the user terminal;
    对所述VXLAN报文进行解封装,获得该VXLAN报文的原始报文;Decapsulate the VXLAN message to obtain the original message of the VXLAN message;
    从所述原始报文中解析出用户终端的私网IP地址;Parse out the private network IP address of the user terminal from the original message;
    查询预置的VNI与私网IP地址映射表,获得所述用户终端的私网IP地址与所述用户终端VNI的映射信息;query the preset VNI and private network IP address mapping table to obtain the mapping information between the private network IP address of the user terminal and the VNI of the user terminal;
    根据所述映射信息唯一识别所述用户终端,并输出识别结果。The user terminal is uniquely identified according to the mapping information, and an identification result is output.
  2. 根据权利要求1所述的识别私网用户的方法,其特征在于,所述接收到用户终端发来的VXLAN报文的步骤具体为:从公网上接收到用户终端发来的VXLAN报文,且该步骤之前还包括:The method for identifying a private network user according to claim 1, wherein the step of receiving the VXLAN packet sent by the user terminal is specifically: receiving the VXLAN packet sent by the user terminal from the public network, and This step also includes:
    预置VNI与私网IP地址映射表;Preset VNI and private network IP address mapping table;
    根据预置的VNI与私网IP地址映射表,为接入公网的各用户终端分配对应的VNI;Allocate the corresponding VNI to each user terminal accessing the public network according to the preset VNI and private network IP address mapping table;
    将用户终端从私网发出的原始报文,根据其VNI执行VXLAN封装,形成VXLAN报文并转发至公网。The original packet sent by the user terminal from the private network is encapsulated by VXLAN according to its VNI to form a VXLAN packet and forwarded to the public network.
  3. 根据权利要求2所述的识别私网用户的方法,其特征在于,所述接入公网的各用户终端包括家庭宽带业务中入网的用户终端。The method for identifying private network users according to claim 2, wherein each user terminal accessing the public network includes a user terminal accessing the network in a home broadband service.
  4. 根据权利要求3所述的识别私网用户的方法,其特征在于,根据所述映射信息唯一识别所述用户终端,并输出识别结果的步骤之后包括:根据唯一识别的用户终端统计用户流量来源。The method for identifying private network users according to claim 3, wherein the step of uniquely identifying the user terminal according to the mapping information and outputting the identification result comprises: counting user traffic sources according to the uniquely identified user terminal.
  5. 根据权利要求1-4任一项所述的识别私网用户的方法,其特征在于,所述VXLAN报文的结构从外至内依次包括VXLAN封装和原始报文;所述VXLAN封装的结构从外至内依次包括外层以太头、外层IP头、外层UDP头以及VXLAN头;所述原始报文的结构从外至内依次包括内部以太头、内部IP头以及净荷;所述内部IP头具有所述用户终端的私网IP地址。The method for identifying a private network user according to any one of claims 1 to 4, wherein the structure of the VXLAN packet includes VXLAN encapsulation and an original packet in sequence from the outside to the inside; the structure of the VXLAN encapsulation starts from From outside to inside, it includes an outer Ethernet header, an outer IP header, an outer UDP header, and a VXLAN header in turn; the structure of the original message includes an inner Ethernet header, an inner IP header, and a payload sequentially from the outside to the inside; the inner The IP header has the private network IP address of the user terminal.
  6. 一种识别私网用户的装置,其特征在于,包括VXLAN报文接收模块、VXLAN解封装模块、私网IP地址解析模块、映射表查询模块、结果输出模块;其中:A device for identifying private network users, comprising a VXLAN message receiving module, a VXLAN decapsulation module, a private network IP address parsing module, a mapping table query module, and a result output module; wherein:
    VXLAN报文接收模块:接收到用户终端发来的VXLAN报文;VXLAN packet receiving module: receives VXLAN packets sent by the user terminal;
    VXLAN解封装模块:对所述VXLAN报文进行解封装,获得该VXLAN报文的原始报文;VXLAN decapsulation module: decapsulates the VXLAN packet to obtain the original packet of the VXLAN packet;
    私网IP地址解析模块:从所述原始报文中解析出用户终端的私网IP地址;Private network IP address parsing module: parses the private network IP address of the user terminal from the original message;
    映射信息查询模块:查询预置的VNI与私网IP地址映射表,获得所述用户终端的私网IP地址与所述用户终端VNI的映射信息;Mapping information query module: query the preset VNI and private network IP address mapping table to obtain the mapping information between the private network IP address of the user terminal and the user terminal VNI;
    结果输出模块:根据所述映射信息唯一识别所述用户终端,并输出识别结果。Result output module: uniquely identify the user terminal according to the mapping information, and output the identification result.
  7. 根据权利要求6所述的识别私网用户的装置,其特征在于,还包括映射表模块、VNI管理模块、VXLAN封装模块;其中:The device for identifying private network users according to claim 6, further comprising a mapping table module, a VNI management module, and a VXLAN encapsulation module; wherein:
    映射表模块:预置VNI与私网IP地址映射表;Mapping table module: preset VNI and private network IP address mapping table;
    VNI管理模块:根据预置的VNI与私网IP地址映射表,为接入公网的各用户终端分配对应的VNI;VNI management module: According to the preset VNI and private network IP address mapping table, assign the corresponding VNI to each user terminal accessing the public network;
    VXLAN封装模块:将用户终端从私网发出的原始报文,根据其VNI执行VXLAN封装,形成VXLAN报文并转发至公网。VXLAN encapsulation module: performs VXLAN encapsulation on the original packets sent by the user terminal from the private network according to its VNI to form VXLAN packets and forward them to the public network.
  8. 根据权利要求6或7所述的识别私网用户的装置,其特征在于,所述装置位于通信运营商的接入服务系统上。The device for identifying private network users according to claim 6 or 7, wherein the device is located on an access service system of a communication operator.
  9. 一种服务系统,其特征在于,所述服务系统包括:A service system, characterized in that the service system includes:
    一个或多个处理器;one or more processors;
    存储器;以及memory; and
    一个或多个应用程序,其中所述一个或多个应用程序被存储于所述存储器中,并配置为由所述处理器执行以实现权利要求1至5中任一项所述的识别私网用户的方法。one or more application programs, wherein the one or more application programs are stored in the memory and configured to be executed by the processor to implement the identifying private network of any one of claims 1 to 5 user's method.
  10. 一种计算机可读存储介质,其特征在于,其上存储有计算机程序,所述计算机程序被处理器进行加载,以执行权利要求1至5任一项所述的识别私网用户的方法中的步骤。A computer-readable storage medium, characterized in that a computer program is stored thereon, and the computer program is loaded by a processor to execute the method for identifying a private network user according to any one of claims 1 to 5. step.
PCT/CN2021/131449 2020-12-01 2021-11-18 Method and device for identifying private network user, service system, and storage medium WO2022116850A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN202011381779.8 2020-12-01
CN202011381779.8A CN112565053B (en) 2020-12-01 2020-12-01 Method, device, service system and storage medium for identifying private network user

Publications (1)

Publication Number Publication Date
WO2022116850A1 true WO2022116850A1 (en) 2022-06-09

Family

ID=75045753

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2021/131449 WO2022116850A1 (en) 2020-12-01 2021-11-18 Method and device for identifying private network user, service system, and storage medium

Country Status (2)

Country Link
CN (1) CN112565053B (en)
WO (1) WO2022116850A1 (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112565053B (en) * 2020-12-01 2022-06-10 武汉绿色网络信息服务有限责任公司 Method, device, service system and storage medium for identifying private network user
CN113572868B (en) * 2021-09-28 2021-11-26 武汉绿色网络信息服务有限责任公司 Dynamic dial-up networking method and system

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100238923A1 (en) * 2006-11-16 2010-09-23 Electronics And Telecommunications Research Institute Tunneling method of mobile terminal for supporting ip mobility
CN102036227A (en) * 2009-09-27 2011-04-27 中国移动通信集团公司 Method, system and device for acquiring user identifier of data service
WO2017041562A1 (en) * 2015-09-09 2017-03-16 中兴通讯股份有限公司 Method and device for identifying user identity of terminal device
CN111585863A (en) * 2020-06-11 2020-08-25 国家计算机网络与信息安全管理中心 Virtual extensible local area network message processing equipment and data processing method thereof
CN111641731A (en) * 2020-05-29 2020-09-08 江苏海事职业技术学院 NAT traversal method based on GENRVE
CN112565053A (en) * 2020-12-01 2021-03-26 武汉绿色网络信息服务有限责任公司 Method, device, service system and storage medium for identifying private network user

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101060493B (en) * 2007-05-14 2011-10-26 中兴通讯股份有限公司 A method of private network user access the server in a private network through domain name
CN102904814B (en) * 2012-10-19 2015-09-16 福建星网锐捷网络有限公司 Data transmission method, source PE, object PE and data transmission system
CN103001966B (en) * 2012-12-11 2016-06-08 杭州迪普科技有限公司 The process of a kind of private network IP, recognition methods and device

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100238923A1 (en) * 2006-11-16 2010-09-23 Electronics And Telecommunications Research Institute Tunneling method of mobile terminal for supporting ip mobility
CN102036227A (en) * 2009-09-27 2011-04-27 中国移动通信集团公司 Method, system and device for acquiring user identifier of data service
WO2017041562A1 (en) * 2015-09-09 2017-03-16 中兴通讯股份有限公司 Method and device for identifying user identity of terminal device
CN111641731A (en) * 2020-05-29 2020-09-08 江苏海事职业技术学院 NAT traversal method based on GENRVE
CN111585863A (en) * 2020-06-11 2020-08-25 国家计算机网络与信息安全管理中心 Virtual extensible local area network message processing equipment and data processing method thereof
CN112565053A (en) * 2020-12-01 2021-03-26 武汉绿色网络信息服务有限责任公司 Method, device, service system and storage medium for identifying private network user

Also Published As

Publication number Publication date
CN112565053A (en) 2021-03-26
CN112565053B (en) 2022-06-10

Similar Documents

Publication Publication Date Title
CN107070691B (en) Cross-host communication method and system of Docker container
JP7282146B2 (en) BRAS system-based packet encapsulation method and apparatus
US9036639B2 (en) System and method for VXLAN inter-domain communications
WO2022116850A1 (en) Method and device for identifying private network user, service system, and storage medium
JP6034979B2 (en) Packet transfer method and apparatus, and data center network
Rosen Linux kernel networking: Implementation and theory
WO2012142750A1 (en) Method, apparatus and system for address resolution
CN107770072B (en) Method and equipment for sending and receiving message
US20170033992A1 (en) METHOD FOR PROCESSING VxLAN DATA UNITS
WO2021083332A1 (en) Method, apparatus and system for sending message
CN106878136B (en) Message forwarding method and device
US20190213349A1 (en) Filter-based control information query in software-defined networking (sdn) environments
CN114301868B (en) Method for quickly generating virtual container floating IP and method and device for network direct connection
CN115442184A (en) Access system and method, access server, system and storage medium
WO2021139568A1 (en) Method and apparatus for sending response message, computing device and storage medium
WO2018082452A1 (en) Data transmission method, equipment, device and system
CN112671941A (en) Message processing method, device, equipment and medium
CN115834472A (en) Message processing method, forwarding strategy obtaining method and device
EP3913865A1 (en) Message decapsulation method and device, message encapsulation method and device, electronic device, and storage medium
WO2020215455A1 (en) Data transmission method and system employing virtio port
CN112511440A (en) Message forwarding method, system, storage medium and electronic equipment
CN113497767A (en) Method and device for transmitting data, computing equipment and storage medium
US20240223496A1 (en) Packet transmission method, apparatus, and system, network device, and storage medium
EP4333382A1 (en) Packet transmission method, apparatus and system, network device, and storage medium
US11509536B2 (en) Relay functionality in an application centric infrastructure (ACI) fabric

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 21899884

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 21899884

Country of ref document: EP

Kind code of ref document: A1