[go: up one dir, main page]

CN100423513C - A Merging Method of TCP Connection - Google Patents

A Merging Method of TCP Connection Download PDF

Info

Publication number
CN100423513C
CN100423513C CNB2006100660083A CN200610066008A CN100423513C CN 100423513 C CN100423513 C CN 100423513C CN B2006100660083 A CNB2006100660083 A CN B2006100660083A CN 200610066008 A CN200610066008 A CN 200610066008A CN 100423513 C CN100423513 C CN 100423513C
Authority
CN
China
Prior art keywords
tcp
address
port
destination
connection
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
CNB2006100660083A
Other languages
Chinese (zh)
Other versions
CN1819562A (en
Inventor
卢胜文
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
New H3C Technologies Co Ltd
Original Assignee
Hangzhou H3C Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hangzhou H3C Technologies Co Ltd filed Critical Hangzhou H3C Technologies Co Ltd
Priority to CNB2006100660083A priority Critical patent/CN100423513C/en
Publication of CN1819562A publication Critical patent/CN1819562A/en
Application granted granted Critical
Publication of CN100423513C publication Critical patent/CN100423513C/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Landscapes

  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

本发明公开了一种TCP连接的合并方法,其特征在于,包括:A.第一、第二从设备分别向主设备发出建立TCP连接请求,主设备采用哄骗方式立即发送确认消息给第一、第二从设备,在主设备不启动TCP处理流程情况下,第一、第二从设备分别与主设备建立TCP连接TCP I、TCP II;B.在主设备上建立该两个TCP连接TCP I、TCP II的对应关系;C.第一、第二从设备通过主设备转发进行数据传输。采用本发明的TCP连接的合并方法,由于中间节点不用处理复杂的TCP协议和状态机,大大降低中间节点的处理负荷。可采用网络处理器或硬件逻辑实现高速转发,将两条以上TCP连接的合并从而实现端到端的可靠传输。

Figure 200610066008

The invention discloses a method for merging TCP connections, which is characterized in that it comprises: A. The first and second slave devices respectively send a TCP connection establishment request to the master device, and the master device immediately sends a confirmation message to the first and second slave devices in a spoofing manner. The second slave equipment, under the condition that the master equipment does not start the TCP processing flow, the first and second slave equipment respectively establish TCP connections TCP I and TCP II with the master equipment; B. set up the two TCP connections TCP I on the master equipment , the corresponding relationship of TCP II; C. The first and second slave devices perform data transmission through forwarding by the master device. By adopting the merging method of TCP connections of the present invention, since the intermediate nodes do not need to deal with complex TCP protocols and state machines, the processing load of the intermediate nodes is greatly reduced. Network processors or hardware logic can be used to achieve high-speed forwarding, and more than two TCP connections can be combined to achieve end-to-end reliable transmission.

Figure 200610066008

Description

一种TCP连接的合并方法 A Merging Method of TCP Connection

技术领域 technical field

本发明涉及计算机网络技术领域,具体涉及TCP连接的处理方法。The invention relates to the technical field of computer networks, in particular to a processing method for a TCP connection.

技术背景technical background

传输控制协议(TCP)是TCP/IP协议栈中的传输层协议,它通过序列确认以及包重发机制,提供可靠的数据流发送和应用程序的虚拟连接服务。当网络层服务质量不能满足要求时,通过TCP服务加以提高,以满足高层的要求。在网络中,计算机上须确保目的地机器上的软件程序能从源地址机器处获得数据包,以及源计算机能收到正确的回复,为此,TCP在端点间建立连接或虚拟电路进行可靠通信,而且TCP进程能够同时发送和接收包。TCP通过面向连接的、端到端的可靠数据报发送来保证可靠性。另外,TCP提供了有效的流控制,当向发送者返回确认响应时,接收TCP进程就会说明它能接收并保证缓存不会发生溢出信息。The Transmission Control Protocol (TCP) is a transport layer protocol in the TCP/IP protocol stack. It provides reliable data stream sending and virtual connection services for applications through sequence confirmation and packet retransmission mechanisms. When the quality of service at the network layer cannot meet the requirements, it can be improved through the TCP service to meet the requirements of the upper layer. In the network, the computer must ensure that the software program on the destination machine can obtain the data packet from the source address machine, and the source computer can receive the correct reply. To this end, TCP establishes a connection or virtual circuit between endpoints for reliable communication , and the TCP process can send and receive packets at the same time. TCP guarantees reliability through connection-oriented, end-to-end reliable datagram delivery. In addition, TCP provides effective flow control. When the confirmation response is returned to the sender, the receiving TCP process will indicate that it can receive and ensure that the buffer will not overflow the information.

大多数网络服务如文件传输服务、远程登录服务、WEB服务等都是基于传输控制协议(TCP)连接的。两台计算机通过网络进行数据通信时,也需要进行TCP连接。Most network services such as file transfer services, remote login services, WEB services, etc. are based on Transmission Control Protocol (TCP) connections. When two computers communicate data through the network, a TCP connection is also required.

但在TCP应用中经常遇到这样的情况,两台计算机都位于私网中,它们通过网络地址转换设备上因特网,如果这两台计算机之间要进行数据传送,通常需要一台位于公网的服务器来实现转接。如图1所示,首先,计算机A、B分别和服务器C建立TCP连接,服务器C先接收到一个TCP连接TCP1发来的数据,再发送到另外一个TCP连接TCP2上,这样数据才能到达对方计算机。在服务器上监听并建立两条TCP连接,然后由服务器转发从一个TCP连接收到另外一个连接。However, in TCP applications, such a situation is often encountered. Both computers are located in a private network, and they access the Internet through a network address translation device. server for transfer. As shown in Figure 1, first, computers A and B respectively establish TCP connections with server C, and server C first receives data from one TCP connection TCP1, and then sends it to another TCP connection TCP2, so that the data can reach the other computer . Monitor and establish two TCP connections on the server, and then the server forwards another connection received from one TCP connection.

服务器上需要建立两条TCP连接,由于TCP是个比较复杂的协议,TCP的建立和维护需要消耗大量的计算机资源,所以TCP连接建立的数量和速度通常是衡量一个服务器处理能力的指标。Two TCP connections need to be established on the server. Since TCP is a relatively complex protocol, the establishment and maintenance of TCP needs to consume a lot of computer resources, so the number and speed of TCP connection establishment are usually indicators to measure the processing capacity of a server.

另外一个缺点就是,服务器进行TCP数据转发时理论上存在数据被误改写的可能,不能实现真正意义上的端到端可靠性。Another disadvantage is that when the server forwards TCP data, theoretically, there is a possibility that the data may be mistakenly rewritten, and end-to-end reliability in the true sense cannot be achieved.

发明内容 Contents of the invention

鉴于此,本发明要解决的技术问题在于,提供一种TCP连接的处理方法,以实现端到端的数据传输的高效、可靠。In view of this, the technical problem to be solved by the present invention is to provide a method for processing a TCP connection so as to realize efficient and reliable end-to-end data transmission.

本发明提供一种TCP连接的合并方法,第一、第二从设备预先通过TCP连接注册到主设备,该方法包括:The present invention provides a method for merging TCP connections. The first and second slave devices are pre-registered to the master device through the TCP connection. The method includes:

A.所述主设备通知第一、第二从设备建立TCP连接,接收第一、第二从设备分别向主设备发出建立TCP连接请求后,响应该请求并发送确认消息,分别与第一、第二从设备建立TCP连接TCP I、TCP II;A. The master device notifies the first and second slave devices to establish a TCP connection, and after receiving the first and second slave devices to send a TCP connection request to the master device respectively, responds to the request and sends an acknowledgment message, and communicates with the first and second slave devices respectively The second slave device establishes TCP connection TCP I, TCP II;

B.在主设备上建立该两个TCP连接TCP I、TCP II之间的源IP地址、源端口、目的IP地址、目的端口的映射关系;B. set up the mapping relationship of source IP address, source port, destination IP address, destination port between these two TCP connection TCP I, TCP II on main equipment;

C.主设备根据所述映射关系将来自第一、第二从设备的数据转发给第二、第一从设备。C. The master device forwards the data from the first and second slave devices to the second and first slave devices according to the mapping relationship.

步骤A中所述主设备发送的确认消息为伪确认消息,以使所述从设备收到该确认消息后继续进行建立TCP连接的后续步骤。The acknowledgment message sent by the master device in step A is a pseudo-acknowledgment message, so that the slave device continues to perform subsequent steps of establishing a TCP connection after receiving the acknowledgment message.

所述TCP连接由源IP地址、源端口地址、目的IP地址、目的端口地址进行标识。The TCP connection is identified by a source IP address, a source port address, a destination IP address, and a destination port address.

TCP连接TCP I、TCP II建立之后,主设备通过注册时的TCP连接通道发送连接建立成功消息发给第一、第二从设备,随后所述主设备进入数据转发状态。After the TCP connection TCP I and TCP II are established, the master device sends a connection establishment success message to the first and second slave devices through the TCP connection channel during registration, and then the master device enters the data forwarding state.

更适宜地,其中步骤C包括:More suitably, wherein step C comprises:

D.主设备对所收到的数据包的源IP地址和源端口地址以及目的IP地址和目的端口地址进行变换;D. The master device transforms the source IP address, source port address and destination IP address and destination port address of the received packet;

E.根据TCP I与TCP II的发送序号差和确认序号差,调整数据包的发送序号和确认序号;E. According to the sending sequence number difference and confirmation sequence number difference between TCP I and TCP II, adjust the sending sequence number and confirmation sequence number of the data packet;

F.主设备进行数据转发。F. The master device forwards data.

更适宜地,其中步骤D包括:More suitably, wherein step D comprises:

将从TCP I收到的数据包的源IP地址和源端口地址替换为TCP II对应的主设备侧的IP地址和端口地址,将所述数据包的目的IP地址和目的端口地址替换为TCP II记录的第二从设备端的IP地址和端口地址;Replace the source IP address and source port address of the data packet received from TCP I with the IP address and port address of the master device side corresponding to TCP II, and replace the destination IP address and destination port address of the data packet with TCP II Recorded IP address and port address of the second slave device side;

将从TCP II收到的数据包的源IP地址和源端口地址替换为TCP I对应的主设备侧的IP地址和端口地址,将所述数据包的目的IP地址和目的端口地址替换为TCP I记录的第一从设备端的IP地址和端口地址。Replace the source IP address and source port address of the data packet received from TCP II with the IP address and port address of the corresponding master device side of TCP I, and replace the destination IP address and destination port address of the data packet with TCP I Record the IP address and port address of the first slave device.

当数据包被更改后,需要重新计算IP和TCP校验和。When packets are changed, IP and TCP checksums need to be recalculated.

当TCP II终止,主设备删除TCP I连接,同时删除相关的转发记录,当TCPI终止,主设备删除TCP II连接,同时删除相关的转发记录。When TCP II terminates, the master device deletes the TCP I connection and deletes the relevant forwarding records at the same time. When TCP II terminates, the master device deletes the TCP II connection and deletes the relevant forwarding records at the same time.

本发明提供的一种TCP连接的合并方法,通过第三设备转发数据,实现两个设备之间的数据交换,该方法包括:A method for merging TCP connections provided by the present invention uses a third device to forward data to realize data exchange between two devices, and the method includes:

第一、第二设备预先通过TCP连接注册到所述第三设备;The first and second devices are pre-registered to the third device through a TCP connection;

所述第三设备响应所述第一、第二设备发送的建立TCP连接请求,采用哄骗方式分别发送确认消息给发出TCP连接请求的所述第一、第二设备,并分别与所述第一、第二设备建立伪TCP连接;The third device responds to the request for establishing a TCP connection sent by the first and second devices, sends confirmation messages to the first and second devices that send the TCP connection request in a spoofing manner, and communicates with the first and second devices respectively. , the second device establishes a pseudo-TCP connection;

建立两个伪TCP连接之间的源I P地址、源端口、目的IP地址、目的端口的映射关系;Establish the mapping relationship between source IP address, source port, destination IP address and destination port between two pseudo-TCP connections;

所述第三设备根据所述映射关系为两个伪TCP连接相应的所述第一、第二设备转发数据。The third device forwards data for the first and second devices corresponding to the two pseudo-TCP connections according to the mapping relationship.

更适宜地,所述第三设备对所收到的数据包的源IP地址和源端口以及目的IP地址和目的端口进行变换;More suitably, the third device transforms the source IP address, source port and destination IP address and destination port of the received data packet;

所述第三设备根据所述两伪TCP连接的发送序号差和确认序号差,调整数据包的发送序号和确认序号。The third device adjusts the sending sequence number and the acknowledgment sequence number of the data packet according to the difference between the sending sequence numbers and the confirmation sequence numbers of the two pseudo-TCP connections.

由于根据本发明的方法,分别由从设备向主设备发起两条TCP连接,从设备不受地址转换设备和防火墙限制与主设备建立连接,适合各种组网环境。主设备发送伪确认信息的方式及时响应从设备的TCP建立请求,使得TCP连接顺畅建立,随即转发从设备之间的数据,由于中间节点不用处理复杂的TCP协议和状态机,大大降低中间节点的处理负荷。可采用网络处理器或硬件逻辑实现高速转发,将两条以上TCP连接的合并从而实现端到端的可靠传输。According to the method of the present invention, two TCP connections are respectively initiated from the slave device to the master device, and the slave device is not limited by the address conversion device and the firewall to establish a connection with the master device, which is suitable for various networking environments. The master device sends false confirmation information in a timely manner to respond to the TCP establishment request of the slave device, so that the TCP connection can be established smoothly, and then the data between the slave devices is forwarded. processing load. Network processors or hardware logic can be used to achieve high-speed forwarding, and more than two TCP connections can be combined to achieve end-to-end reliable transmission.

附图说明 Description of drawings

图1是现有的基于TCP连接传送数据的示意图;FIG. 1 is a schematic diagram of an existing data transmission based on a TCP connection;

图2是为说明本发明所提供方法的工作原理示意图;Fig. 2 is a schematic diagram of the working principle for illustrating the method provided by the present invention;

图3是根据本发明的方法流程图;Fig. 3 is a flow chart of the method according to the present invention;

图4为根据本发明的实施例的工作原理示意图。Fig. 4 is a schematic diagram of the working principle according to an embodiment of the present invention.

具体实施方式 Detailed ways

下面结合说明书附图来说明本发明的原理。参照图2和图3,根据本发明的TCP连接的合并处理过程如下:The principle of the present invention will be described below in conjunction with the accompanying drawings. With reference to Fig. 2 and Fig. 3, the merging process of TCP connection according to the present invention is as follows:

1、从设备I、II通过TCP连接注册到主设备,主设备通知从设备I、II发起连接建立。1. The slave devices I and II register to the master device through the TCP connection, and the master device notifies the slave devices I and II to initiate connection establishment.

2、从设备I、II分别向主设备发出开始TCP连接建立请求(TCP SYN),主设备向从设备I、II分别发出伪确认(SYN ACK)消息,但此时主设备并没有真正启动TCP的处理流程,其目的就是哄骗从设备I、II本设备已经完成TCP建立处理,以使从设备I、II收到该确认消息后继续进行建立TCP连接的后续步骤。2. The slave devices I and II send a TCP connection establishment request (TCP SYN) to the master device respectively, and the master device sends a false acknowledgment (SYN ACK) message to the slave devices I and II respectively, but the master device does not actually start TCP at this time. The purpose of the processing flow is to coax the slave devices I and II into completing the TCP establishment process, so that the slave devices I and II continue to perform subsequent steps of establishing a TCP connection after receiving the confirmation message.

3、在主设备上建立这个两个TCP连接的对应关系,即将两个TCP连接的源IP、源端口、目的IP、目的端口建立映射关系。3. Establish the corresponding relationship between the two TCP connections on the master device, that is, establish a mapping relationship between the source IP, source port, destination IP, and destination port of the two TCP connections.

4、两条TCP连接都建立好后,主设备发连接建立成功的通知消息给发给从设备I、II,由于主设备是伪TCP连接,无法真正保证发送的消息能准确可靠发送到对端,所以发送成功消息通过注册时的TCP连接通道来发送。随后主设备进入数据转发状态。4. After the two TCP connections are established, the master device sends a notification message that the connection is successfully established to the slave devices I and II. Since the master device is a pseudo-TCP connection, there is no real guarantee that the sent message can be sent to the peer end accurately and reliably. , so the successful sending message is sent through the TCP connection channel during registration. Then the master device enters the data forwarding state.

5、从设备I、II间正常发送数据,主设备转发从设备I、II的数据,转发的过程见后面的描述。5. Data is normally sent between slave devices I and II, and the master device forwards data from slave devices I and II. See the description below for the forwarding process.

6、如果有一条TCP终止,主设备将删除另一条TCP连接,同时删除相关的转发记录。6. If one TCP is terminated, the master device will delete another TCP connection and delete the relevant forwarding records at the same time.

在主设备上的数据转发过程如下:The data forwarding process on the master device is as follows:

如图2所示,假设一个数据由从设备I发往设备II。从设备I与主设备之间的TCP连接标记为TCP I,从设备II与主设备之间的TCP连接标记为TCP II。As shown in Figure 2, suppose a piece of data is sent from device I to device II. The TCP connection between the slave device I and the master device is marked as TCP I, and the TCP connection between the slave device II and the master device is marked as TCP II.

主设备收到从设备I从TCP I发来的数据后,查找到与其对应的从设备II的另一条TCP II连接信息,替换数据包的源IP和源端口为TCP II对应的主设备侧的IP和端口,替换数据包的目的IP和端口为TCP II记录的从设备II端的IP和端口。After receiving the data sent from TCP I by slave device I, the master device finds another TCP II connection information corresponding to slave device II, and replaces the source IP and source port of the data packet with the one on the master device side corresponding to TCP II. IP and port, replace the destination IP and port of the data packet with the IP and port of the slave device II recorded by TCP II.

记录两条TCP连接的起始发送和确认序号的序号差,调整TCP的序号和检验码,对该两条TCP连接,数据包的发送、确认序号进行检测,如果存在差异则需要进行调整,同时相应地重新计算IP和TCP校验和。例如,如果TCP I的发送序号比TCP II的序号小N,确认序号小M,则将数据包的发送、确认序号分别加N和M。Record the sequence number difference between the initial transmission and confirmation sequence numbers of the two TCP connections, adjust the TCP sequence number and check code, and detect the transmission and confirmation sequence numbers of the two TCP connections. If there is a difference, it needs to be adjusted. At the same time Recalculate IP and TCP checksums accordingly. For example, if the sending serial number of TCP I is smaller than the serial number of TCP II by N, and the confirmation serial number is smaller than M, then the sending and confirmation serial numbers of the data packet are added N and M respectively.

之后,主设备转发该数据包。Afterwards, the master device forwards the packet.

由从设备II发往从设备I的数据包的处理与上述过程类似,在此不再叙述。The processing of the data packet sent from the slave device II to the slave device I is similar to the above-mentioned process, and will not be described here.

实施例Example

下面以一个SSL应用的例子来说明详细说明如何实现两条TCP连接的合并的。The following uses an example of an SSL application to illustrate in detail how to realize the merging of two TCP connections.

如图4所示,PC-B是一个资料服务器,计算机PC-A想访问计算机PC-B的资源,由于PC-A、PC-B没有直接联网,只能通过因特网来访问,所以为了安全,使用SSL来进行访问,但由于PC-A、PC-B都位于私网中,是通过地址转换设备上网的,而且出口有防火墙设备,所以无法在PC-A、PC-B间直接建立SSL连接,需要通过一个服务器SERVER-C来转接。目前通常的解决方法,是直接和SERVER-C建立两个TCP连接,然后将一个连接接收到数据,发送到另外一个连接,这种方法需要SERVER-C服务器维护两条完整的TCP连接,接入用户的数量和速度都非常受限,但采用本发明,服务器SERVER-C不用维护TCP连接,只需做一个简单的转发就可以了,建立速度、接入用户的数量、转发速度都要高很多。下面我们说明一下具体的工作过程As shown in Figure 4, PC-B is a data server. Computer PC-A wants to access the resources of computer PC-B. Since PC-A and PC-B are not directly connected to the Internet, they can only be accessed through the Internet. Therefore, for safety, Use SSL to access, but since PC-A and PC-B are located in the private network, they access the Internet through address translation equipment, and there is a firewall device at the exit, so an SSL connection cannot be directly established between PC-A and PC-B , need to transfer through a server SERVER-C. The usual solution at present is to directly establish two TCP connections with SERVER-C, and then receive data from one connection and send it to the other connection. This method requires the SERVER-C server to maintain two complete TCP connections. The number and speed of users are very limited, but with the present invention, the server SERVER-C does not need to maintain the TCP connection, and only needs to do a simple forwarding, and the establishment speed, the number of access users, and the forwarding speed are all much higher . Let's explain the specific working process

假设PC-A、PC-B、SERVER-C对应的IP地址分别IPA、IPB、IPC,其基本工作原理如下:Assuming that the IP addresses corresponding to PC-A, PC-B, and SERVER-C are IPA, IPB, and IPC respectively, the basic working principles are as follows:

首先,PC-A、PC-B先登录到服务器SERVER-C,请求建立PC-A、PC-B的连接关系,SERVER-C通知PC-A、PC-B向SERVER-C发起TCP建立,TCP的端口分别是PORTA、PORTB、PORTC,为了便于SERVER-C识别两条需要合并的连接,可以同时发一个唯一的连接标识给PC-A、PC-B。First, PC-A and PC-B first log in to the server SERVER-C and request to establish a connection relationship between PC-A and PC-B. SERVER-C notifies PC-A and PC-B to initiate TCP establishment to SERVER-C. The ports are PORTA, PORTB, and PORTC. In order to facilitate SERVER-C to identify the two connections that need to be merged, a unique connection ID can be sent to PC-A and PC-B at the same time.

其次,PC-A、PC-B分别发起TCP SYN开始TCP建立的3次握手,SERVER-C进行TCP哄骗,回应TCP SYNACK,两条TCP连接建立。Secondly, PC-A and PC-B respectively initiate TCP SYN to start the three-way handshake of TCP establishment, SERVER-C performs TCP spoofing, responds to TCP SYNACK, and two TCP connections are established.

这时PC-A、PC-B可以向SERVER-C发出自己的连接标识,SERVER-C根据连接标识建立两个TCP连接的转发关系。At this time, PC-A and PC-B can send their own connection identifiers to SERVER-C, and SERVER-C establishes a forwarding relationship between two TCP connections according to the connection identifiers.

接着,SERVER-C通知PC-A、PC-B连接标识对应的TCP连接合并成功,SERVER-C进入转发状态,不再解释两个连接的数据内容。Then, SERVER-C notifies PC-A and PC-B that the TCP connections corresponding to the connection identifiers are merged successfully, and SERVER-C enters the forwarding state, and no longer interprets the data content of the two connections.

其后,PC-A就可以向PC-B发起SSL建立流程了,这时PC-APC-B完全感觉不到中间得变化,跟PC-A和PC-B直接建立有TCP连接一样,即使服务器SERVER-C不支持SSL也不受丝毫影响。Afterwards, PC-A can initiate the SSL establishment process to PC-B. At this time, PC-APC-B does not feel any changes in the middle, just like PC-A and PC-B directly establish a TCP connection, even if the server SERVER-C does not support SSL and is not affected in the slightest.

完成SSL建立就可以进行安全的数据传输了。Once the SSL establishment is complete, secure data transmission can begin.

SERVER-C的数据转发过程如下:The data forwarding process of SERVER-C is as follows:

(1)SERVER-C收到PC-A发来的数据包,假设TCPA的序号比TCPB的序号大N,确认序号大M。则替换数据包的源IPA、源端口PORTA为IPC、PORTC,替换数据包中的目的IPC、目的端口PORTC为IPB、PORTB。(1) SERVER-C receives the data packet sent by PC-A, assuming that the sequence number of TCPA is N greater than that of TCPB, and confirms that the sequence number is greater than M. Then replace the source IPA and source port PORTA of the data packet with IPC and PORTC, and replace the destination IPC and destination port PORTC in the data packet with IPB and PORTB.

(2)SERVER-C调整发送、确认序号分别为序号-N和序号-M,模为最大TCP序号数。(2) SERVER-C adjusts the sending and confirmation sequence numbers to be sequence number-N and sequence number-M respectively, and the modulus is the maximum number of TCP sequence numbers.

(3)发送数据。(3) Send data.

如果不采用本发明,SERVER-C必须多维护两个完整TCP连接,先从一个TCP连接接收数据流,然后再写到另一个TCP连接上,对SERVER-C资源的消耗要大得多。If the present invention is not used, SERVER-C must maintain two more complete TCP connections, first receive data flow from one TCP connection, and then write to another TCP connection, which consumes much more resources of SERVER-C.

上述实施例为本发明的示范性的实施例,并不用于限制本发明,对于本领域的技术人员来说,本发明可以有各种更改和变化。凡在本发明的精神和原则之内,所作的任何修改、等同替换、改进等,均应包含在本发明的权利要求范围之内。The above-mentioned embodiments are exemplary embodiments of the present invention, and are not intended to limit the present invention. For those skilled in the art, the present invention may have various modifications and changes. Any modifications, equivalent replacements, improvements, etc. made within the spirit and principles of the present invention shall be included within the scope of the claims of the present invention.

Claims (10)

1. 一种TCP连接的合并方法,其特征在于,第一、第二从设备预先通过TCP连接注册到主设备,该方法包括:1. A method for merging TCP connections, characterized in that the first and second slave devices are pre-registered to the master device through the TCP connection, the method comprising: A.主设备通知第一、第二从设备建立TCP连接,接收第一、第二从设备分别向主设备发出建立TCP连接请求后,响应该请求并发送伪确认消息,以继续进行建立TCP连接的后续步骤;A. The master device notifies the first and second slave devices to establish a TCP connection, and after receiving the first and second slave devices respectively send a TCP connection establishment request to the master device, it responds to the request and sends a false confirmation message to continue to establish a TCP connection next steps of 在所述第一、第二从设备收到该伪确认消息后,主设备分别与第一、第二从设备建立TCP连接TCP I、TCP II;After the first and second slave devices receive the false confirmation message, the master device establishes TCP connections TCP I and TCP II with the first and second slave devices respectively; B.在主设备上建立该两个TCP连接TCP I、TCP II之间的源IP地址、源端口、目的I P地址、目的端口的映射关系;B. set up the mapping relationship of source IP address, source port, destination IP address, destination port between these two TCP connection TCP I, TCP II on main equipment; C.主设备根据所述映射关系将来自第一、第二从设备的数据分别转发给第二、第一从设备。C. The master device forwards the data from the first and second slave devices to the second and first slave devices respectively according to the mapping relationship. 2. 如权利要求1所述的TCP连接的合并方法,其特征在于,所述TCP连接由源IP地址、源端口、目的IP地址、目的端口进行标识。2. the merging method of TCP connection as claimed in claim 1, is characterized in that, described TCP connection is identified by source IP address, source port, destination IP address, destination port. 3. 如权利要求1所述的TCP连接的合并方法,其特征在于,TCP连接TCPI、TCP II建立之后,主设备通过注册时的TCP连接通道分别发送连接建立成功消息给第一、第二从设备,随后所述主设备进入数据转发状态。3. the merging method of TCP connection as claimed in claim 1, it is characterized in that, after TCP connects TCPI, TCP II to set up, main equipment sends respectively connection establishment success message to first, second from the TCP connection channel when registering device, and then the master device enters a data forwarding state. 4. 如权利要求1所述的TCP连接的合并方法,其特征在于,其中步骤C包括:4. the merging method of TCP connection as claimed in claim 1, is characterized in that, wherein step C comprises: D.主设备对所收到的数据包的源IP地址和源端口以及目的IP地址和目的端口进行变换;D. The master device transforms the source IP address, source port and destination IP address and destination port of the received data packet; E.根据TCP I与TCP II的发送序号差和确认序号差,调整数据包的发送序号和确认序号;E. According to the sending sequence number difference and confirmation sequence number difference between TCP I and TCP II, adjust the sending sequence number and confirmation sequence number of the data packet; F.主设备进行数据转发。F. The master device forwards data. 5. 如权利要求4所述的TCP连接的合并方法,其特征在于,其中步骤D包括:5. the merging method of TCP connection as claimed in claim 4, is characterized in that, wherein step D comprises: 将从TCP I收到的数据包的源IP地址和源端口替换为TCP II对应的主设备侧的IP地址和端口,将所述数据包的目的IP地址和目的端口替换为TCP II记录的第二从设备端的IP地址和端口;Replace the source IP address and source port of the data packet received from TCP I with the IP address and port of the master device side corresponding to TCP II, and replace the destination IP address and destination port of the data packet with the first IP address and destination port of the TCP II record. 2. The IP address and port of the slave device; 将从TCP II收到的数据包的源IP地址和源端口换为TCP I对应的主设备侧的IP地址和端口,将所述数据包的目的IP地址和目的端口替换为TCP I记录的第一从设备端的IP地址和端口。Change the source IP address and source port of the data packet received from TCP II into the IP address and port of the master device side corresponding to TCP I, and replace the destination IP address and destination port of the data packet with the first TCP I record 1. The IP address and port of the slave device. 6. 如权利要求5所述的TCP连接的合并方法,其特征在于,当数据包被更改后,需要重新计算IP和TCP校验和。6. The merging method of TCP connection as claimed in claim 5, is characterized in that, after data packet is changed, need to recalculate IP and TCP checksum. 7. 如权利要求1或5所述的TCP连接的合并方法,其特征在于,当TCPI终止,主设备删除TCP II连接,同时删除相关的转发记录;当TCP II终止,主设备删除TCP I连接,同时删除相关的转发记录。7. The merging method of TCP connection as claimed in claim 1 or 5, it is characterized in that, when TCPI terminates, main equipment deletes TCP II connection, deletes relevant forwarding record simultaneously; When TCP II terminates, main equipment deletes TCP I connection , and delete related forwarding records at the same time. 8. 一种TCP连接的合并方法,其特征在于,通过第三设备转发数据,实现两个设备之间的数据交换,该方法包括:8. A method for merging TCP connections, characterized in that, forwarding data through a third device to realize data exchange between two devices, the method comprising: 第一、第二设备预先通过TCP连接注册到所述第三设备;The first and second devices are pre-registered to the third device through a TCP connection; 所述第三设备响应所述第一、第二设备发送的建立TCP连接请求,采用哄骗方式分别发送确认消息给发出TCP连接请求的所述第一、第二设备,并分别与所述第一、第二设备建立伪TCP连接;The third device responds to the request for establishing a TCP connection sent by the first and second devices, sends confirmation messages to the first and second devices that send the TCP connection request in a spoofing manner, and communicates with the first and second devices respectively. , the second device establishes a pseudo-TCP connection; 建立两个伪TCP连接之间的源IP地址、源端口、目的IP地址、目的端口的映射关系;Establish the mapping relationship between source IP address, source port, destination IP address and destination port between two pseudo-TCP connections; 所述第三设备根据所述映射关系为两个伪TCP连接相应的所述第一、第二设备转发数据。The third device forwards data for the first and second devices corresponding to the two pseudo-TCP connections according to the mapping relationship. 9. 如权利要求8所述的TCP连接的合并方法,其特征在于,所述第三设备对所收到的数据包的源IP地址和源端口以及目的IP地址和目的端口进行变换;9. The merging method of TCP connection as claimed in claim 8, is characterized in that, described the 3rd device transforms the source IP address and source port and destination IP address and destination port of the received packet; 所述第三设备根据所述两伪TCP连接的发送序号差和确认序号差,调整数据包的发送序号和确认序号。The third device adjusts the sending sequence number and the acknowledgment sequence number of the data packet according to the difference between the sending sequence numbers and the confirmation sequence numbers of the two pseudo-TCP connections. 10. 如权利要求9所述的TCP连接的合并方法,其特征在于,其中所述IP地址和端口变换包括:10. The merging method of TCP connection as claimed in claim 9, is characterized in that, wherein said IP address and port transformation comprise: 将从其中一伪TCP连接收到的数据包的源IP地址和源端口地址替换为另一伪TCP连接对应的所述第三设备侧的IP地址和端口地址,将所述数据包的目的IP地址和目的端口分别替换为另一伪TCP连接对应的设备端的IP地址和端口。The source IP address and source port address of the data packet received from one of the pseudo-TCP connections are replaced with the IP address and port address of the third device side corresponding to another pseudo-TCP connection, and the destination IP address of the data packet is The address and destination port are replaced with the IP address and port of the device corresponding to another fake TCP connection.
CNB2006100660083A 2006-03-21 2006-03-21 A Merging Method of TCP Connection Expired - Fee Related CN100423513C (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CNB2006100660083A CN100423513C (en) 2006-03-21 2006-03-21 A Merging Method of TCP Connection

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CNB2006100660083A CN100423513C (en) 2006-03-21 2006-03-21 A Merging Method of TCP Connection

Publications (2)

Publication Number Publication Date
CN1819562A CN1819562A (en) 2006-08-16
CN100423513C true CN100423513C (en) 2008-10-01

Family

ID=36919251

Family Applications (1)

Application Number Title Priority Date Filing Date
CNB2006100660083A Expired - Fee Related CN100423513C (en) 2006-03-21 2006-03-21 A Merging Method of TCP Connection

Country Status (1)

Country Link
CN (1) CN100423513C (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101309285B (en) * 2007-05-15 2012-09-05 华为技术有限公司 Second layer control method,apparatus and system thereof
CN105991629B (en) * 2015-03-26 2019-06-04 杭州迪普科技股份有限公司 TCP connection method for building up and device
CN115550467B (en) * 2022-08-31 2024-11-26 上海金铎禹辰水环境工程有限公司 Remote terminal connection method, device, equipment and storage medium

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1391378A (en) * 2001-06-11 2003-01-15 华为技术有限公司 Connection switching system at front end of server cluster and its switching method
US6535515B1 (en) * 1998-05-25 2003-03-18 Kdd Corporation TCP communication speed improving system
CN1505342A (en) * 2002-11-28 2004-06-16 深圳市中兴通讯股份有限公司上海第二 A Method of Connecting to Internet from Local Area Network
CN1582583A (en) * 2001-02-15 2005-02-16 讯捷通讯公司 A dual proxy approach to TCP performance improvements over a wireless interface
JP2005260715A (en) * 2004-03-12 2005-09-22 Ntt Communications Kk Terminal device having packet nat transparent function, and its program

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6535515B1 (en) * 1998-05-25 2003-03-18 Kdd Corporation TCP communication speed improving system
CN1582583A (en) * 2001-02-15 2005-02-16 讯捷通讯公司 A dual proxy approach to TCP performance improvements over a wireless interface
CN1391378A (en) * 2001-06-11 2003-01-15 华为技术有限公司 Connection switching system at front end of server cluster and its switching method
CN1505342A (en) * 2002-11-28 2004-06-16 深圳市中兴通讯股份有限公司上海第二 A Method of Connecting to Internet from Local Area Network
JP2005260715A (en) * 2004-03-12 2005-09-22 Ntt Communications Kk Terminal device having packet nat transparent function, and its program

Also Published As

Publication number Publication date
CN1819562A (en) 2006-08-16

Similar Documents

Publication Publication Date Title
KR100255501B1 (en) How to Improve Session and Transport Layer Proxies with Transport Control Protocol Glue
US6704786B1 (en) Network and end-host efficiency for web communication
US7826487B1 (en) Coalescing acknowledgement responses to improve network communications
US7640364B2 (en) Port aggregation for network connections that are offloaded to network interface devices
US8032641B2 (en) Assymmetric traffic flow detection
US9231784B2 (en) Method for eliminating redundant connections
US8583831B2 (en) Thin client discovery
US10530644B2 (en) Techniques for establishing a communication connection between two network entities via different network flows
WO1999052254A1 (en) System and method for managing client requests in client-server networks
US11888818B2 (en) Multi-access interface for internet protocol security
Natarajan et al. SCTP: An innovative transport layer protocol for the web
CN101233739A (en) System and method for establishing a peer-to-peer connection between a PC and a smartphone using a network with barriers
US20150373135A1 (en) Wide area network optimization
JP6444988B2 (en) Communication system using HTTP
US20060221946A1 (en) Connection establishment on a tcp offload engine
JP2017118545A5 (en)
CN100423513C (en) A Merging Method of TCP Connection
CN100426769C (en) Method for establishing pier-to-pier direct channels
CN113014855B (en) Video conference acceleration method, system and video conference acceleration platform
CN100393039C (en) Network management method for devices without IP addresses
US20080056263A1 (en) Efficient transport layer processing of incoming packets
CN101510901B (en) Communication method, communication apparatus and system between distributed equipment
US8023985B1 (en) Transitioning a state of a connection in response to an indication that a wireless link to a wireless device has been lost
Ko et al. Internet Small Computer System Interface (iSCSI) Extensions for the Remote Direct Memory Access (RDMA) Specification
CN101110816B (en) Remote data transmission system and method

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
CP03 Change of name, title or address

Address after: 310052 Binjiang District Changhe Road, Zhejiang, China, No. 466, No.

Patentee after: NEW H3C TECHNOLOGIES Co.,Ltd.

Address before: 310053 Hangzhou hi tech Industrial Development Zone, Zhejiang province science and Technology Industrial Park, No. 310 and No. six road, HUAWEI, Hangzhou production base

Patentee before: HANGZHOU H3C TECHNOLOGIES Co.,Ltd.

CP03 Change of name, title or address
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20081001

CF01 Termination of patent right due to non-payment of annual fee