[go: up one dir, main page]

CN101557336B - Method for establishing network tunnel, data processing method and related equipment - Google Patents

Method for establishing network tunnel, data processing method and related equipment Download PDF

Info

Publication number
CN101557336B
CN101557336B CN2009101376586A CN200910137658A CN101557336B CN 101557336 B CN101557336 B CN 101557336B CN 2009101376586 A CN2009101376586 A CN 2009101376586A CN 200910137658 A CN200910137658 A CN 200910137658A CN 101557336 B CN101557336 B CN 101557336B
Authority
CN
China
Prior art keywords
node
external connection
virtual private
registration information
establishing
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN2009101376586A
Other languages
Chinese (zh)
Other versions
CN101557336A (en
Inventor
王雨晨
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Chengdu Huawei Technology Co Ltd
Original Assignee
Huawei Symantec Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Symantec Technologies Co Ltd filed Critical Huawei Symantec Technologies Co Ltd
Priority to CN2009101376586A priority Critical patent/CN101557336B/en
Publication of CN101557336A publication Critical patent/CN101557336A/en
Priority to PCT/CN2010/072424 priority patent/WO2010127610A1/en
Priority to US13/289,552 priority patent/US8769661B2/en
Application granted granted Critical
Publication of CN101557336B publication Critical patent/CN101557336B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Landscapes

  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The embodiment of the invention relates to the technical field of communication, and discloses a method for establishing a network tunnel, a data processing method and related equipment, wherein the method for establishing the network tunnel comprises the following steps: a first node inquires registration information of a second node from a virtual private network server to determine whether the second node accepts external connection, wherein the registration information of the second node at least comprises information whether the second node accepts external connection; and the first node establishes a corresponding network tunnel with the second node according to the inquired registration information. The technical scheme provided by the embodiment of the invention can enable the nodes in the VPN to know the registration information of other nodes, thereby establishing corresponding network tunnels with other nodes, reducing the waste of network resources and improving the efficiency of establishing the network tunnels.

Description

Method for establishing network tunnel, data processing method and related equipment
Technical Field
The present invention relates to the field of communications technologies, and in particular, to a method for establishing a network tunnel, a data processing method, and a related device.
Background
A Virtual Private Network (VPN) is a temporary, secure connection established over a public Network, usually the internet, as a secure, stable tunnel through a chaotic public Network. In general, a VPN network is an extension to an intranet of an enterprise through which remote users, corporate branches, business partners and providers can be assisted in establishing trusted secure connections with the company's intranet and ensuring secure transfer of data.
Currently, communication modes between nodes in a VPN network include a virtual switching mode and a direct connection channel mode. The virtual exchange mode is that all nodes in the VPN network establish a network tunnel with a VPN server, and the VPN server is required to transfer when data communication is carried out between different nodes; the VPN network in the virtual switching mode is a star network; the direct connection channel mode is that a network tunnel is directly established between one node and other nodes, and data communication between the two nodes is transmitted through the direct connection network tunnel without being transferred through a VPN (virtual private network) server; the VPN network in the direct path mode is a mesh network. Therefore, the VPN network in the direct connection channel mode does not need a VPN server to bear the centralized exchange task of data in the VPN network, so that the network performance bottleneck can not be formed in the VPN network, and the larger-scale VPN network can be easily constructed under the condition of the same bandwidth. Therefore, in the prior art, when a node accesses a VPN network, it first tries to directly establish a direct connection network tunnel with the node that needs to communicate, and if the attempt to directly establish the direct connection network tunnel fails, then it communicates with the node that needs to communicate in a virtual switching mode.
However, the inventor finds that communication modes supported by each node in an existing VPN network may be different, for example, when both nodes are in different Network Address Translation (NAT) devices and do not have a legal network Protocol (IP) address, the two nodes can only communicate in a virtual switching mode, and in this case, if an attempt is made to directly establish a direct connection network tunnel between the two nodes, not only network resources are wasted, but also efficiency of establishing the network tunnel is reduced.
Disclosure of Invention
The embodiment of the invention provides a method for establishing a network tunnel, a data processing method and related equipment, which can reduce resource waste and improve the efficiency of establishing the network tunnel by a network when the network tunnel is established between a node in a VPN network and other nodes.
In order to achieve the above purpose, the embodiments of the present invention provide the following technical solutions:
the method for establishing the network tunnel provided by the embodiment of the invention comprises the following steps: a first node inquires registration information of a second node from a virtual private network server to determine whether the second node accepts external connection, wherein the registration information of the second node at least comprises information whether the second node accepts external connection; and the first node establishes a corresponding network tunnel with the second node according to the inquired registration information.
The data processing method provided by the embodiment of the invention comprises the following steps: receiving a query message sent by a first node, wherein the query message comprises registration information for querying a second node; and sending pre-stored registration information of the second node to the first node so as to enable the first node and the second node to establish a corresponding network tunnel, wherein the registration information of the second node at least comprises information whether the second node accepts external connection.
The virtual private network node provided by the embodiment of the invention comprises: the system comprises a query unit, a processing unit and a processing unit, wherein the query unit is used for querying registration information of a second node to a virtual private network server so as to determine whether the second node accepts external connection, and the registration information of the second node at least comprises information whether the second node accepts external connection; and the network tunnel establishing unit is used for establishing a corresponding network tunnel with the second node according to the inquired registration information.
The virtual private network server provided by the embodiment of the invention comprises: a receiving unit, configured to receive a message sent by a first node, where the message is used to query registration information of a second node; a sending unit, configured to send pre-stored registration information of a second node to the first node, so that the first node and the second node establish a corresponding network tunnel, where the registration information of the second node at least includes information about whether the second node accepts external connection.
The virtual private network system provided by the embodiment of the invention comprises: a virtual private network node and a virtual private network server; the virtual private network node is configured to query the virtual private network server for registration information of a second node to determine whether the second node accepts external connection, where the registration information of the second node at least includes information whether the second node accepts external connection; establishing a corresponding network tunnel with the second node according to the inquired registration information; the virtual private network server is used for receiving a message sent by the virtual private network node, wherein the message is used for inquiring the registration information of a second node; sending pre-stored registration information of a second node to the virtual private network node so that the virtual private network node establishes a corresponding network tunnel with the second node, wherein the registration information of the second node at least comprises information whether the second node accepts external connection.
Compared with the prior art, the embodiment of the invention enables the first node in the VPN network to know the registration information of the second node, and the registration information comprises the information whether the second node accepts the external connection, so that the first node can establish a corresponding network tunnel according to the registration information of the second node and the second node, and the attempt of establishing a direct connection network tunnel is avoided when the second node does not accept the external connection, thereby reducing the waste of network resources and improving the efficiency of establishing the network tunnel.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings needed in the embodiments will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings without creative efforts.
Fig. 1 is a flowchart of a method for establishing a network tunnel according to an embodiment of the present invention;
fig. 2 is a flowchart of querying node registration information in a process of establishing a network tunnel according to an embodiment of the present invention;
fig. 3 is a flowchart of a method for establishing a network tunnel according to an embodiment of the present invention;
fig. 4 is a flowchart of a method for establishing a network tunnel according to an embodiment of the present invention;
fig. 5 is a flowchart of a method for establishing a network tunnel according to an embodiment of the present invention;
FIG. 6 is a flow chart of a data processing method provided in an embodiment of the present invention;
fig. 7 is a structural diagram of a virtual private network node provided in an embodiment of the present invention;
FIG. 8 is a block diagram of a query unit provided in an embodiment of the present invention;
fig. 9 is a structural diagram of a unit for establishing a network tunnel according to an embodiment of the present invention;
fig. 10 is a block diagram of a virtual private network server provided in an embodiment of the present invention;
fig. 11 is a structural diagram of a virtual private network system provided in an embodiment of the present invention;
fig. 12 is a schematic diagram of a VPN network according to an embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The first embodiment is as follows:
referring to fig. 1, fig. 1 is a flowchart of a method for establishing a network tunnel according to an embodiment of the present invention. As shown in fig. 1, the method may include:
101: the first node inquires registration information of the second node from the virtual private network server to determine whether the second node accepts external connection, wherein the registration information of the second node at least comprises information whether the second node accepts external connection;
the nodes described in this and subsequent embodiments include, but are not limited to, computers in VPN networks and other user terminals.
In this embodiment, when the first node requests communication with the second node, registration information of the second node is queried from the virtual private network server, where the registration information at least includes information whether the second node accepts external connection, and the information is used to indicate whether the second node can establish a direct connection network tunnel.
For example, referring to fig. 2, fig. 2 is a flowchart illustrating a method for querying node registration information in a network tunnel establishment process according to the present embodiment. As shown in fig. 2, the querying, by the first node, the registration information of the second node from the virtual private network server may specifically be:
201: a first node sends a query message to a virtual private network server, wherein the query message is used for querying registration information of a second node;
202: and receiving the registration information of the second node sent by the virtual private network server.
Furthermore, the query message sent by the first node to the virtual private network server may further include a name of the second node and/or a current real IP address of the second node.
For example, the current real IP address of the second node refers to a legal address of the second node in the Internet (Internet), and specifically may be an Internet Protocol (IP) address of the second node in the Internet network, or an address of the second node after combining the IP address in the Internet network with a Transmission Control Protocol (TCP)/User Datagram Protocol (UDP) port, or another service address of the second node in the Internet network represented by a web page address (URL).
For example, the registration information of the second node sent by the receiving vpn server in 202 may specifically be:
and receiving the current real IP address, the virtual IP address and the information whether to accept the external connection of the second node sent by the virtual private network server.
If the second node receives the information of the external connection, the first node can establish a direct connection network tunnel in a direct connection channel mode with the second node according to the current real IP address of the second node; on the contrary, if the second node does not accept external connection, the first node may establish an indirect network tunnel in the virtual switching mode with the second node according to the virtual IP address of the second node.
If the current real IP address and virtual IP address of the second node are known to the first node, the registration information of the second node sent by the receiving virtual private network server in 202 may be information of whether the second node accepts external connection.
The registration information of the second node in this embodiment may include other relevant information of the second node besides the current real IP address and the virtual IP address of the second node and the information of whether to accept the external connection.
102: and establishing a corresponding network tunnel with the second node according to the inquired registration information.
For example, after receiving the registration information of the second node, if the first node finds that the second node can accept the external connection, the first node establishes a corresponding network tunnel with the second node. Referring to fig. 3, fig. 3 is a flowchart illustrating a method for establishing a network tunnel according to the present embodiment. As shown in fig. 3, the establishing, by the first node, the corresponding network tunnel with the second node may include:
301: a first node sends a request for establishing a network tunnel to a second node;
302: the first node receives the response sent by the second node, so as to establish a network tunnel with the second node.
In addition, the first node can also inquire the registration information of the first node from the virtual private network server;
the registration information of the first node at least comprises information whether the first node accepts external connection;
for example, after receiving the registration information of the second node, if the first node finds that the second node can accept the external connection, and the first node accepts the external connection, the first node establishes a corresponding network tunnel with the second node. Referring to fig. 4, fig. 4 is a flowchart illustrating a method for establishing a network tunnel according to the present embodiment. As shown in fig. 4, the establishing, by the first node, the corresponding network tunnel with the second node may include:
401: the first node sends a message for prompting the second node to establish a network tunnel to the first node to the second node;
402: a first node receives a request for establishing a network tunnel sent by a second node;
403: the first node sends a response to the second node, thereby establishing a network tunnel with the second node.
For example, after receiving the registration information of the second node, the first node establishes a corresponding network tunnel with the second node if it is found that the second node does not accept external connection and the first node does not accept external connection. Referring to fig. 5, fig. 5 is a flowchart illustrating a method for establishing a network tunnel according to the present embodiment. As shown in fig. 5, the establishing, by the first node, the corresponding network tunnel with the second node may include:
501: a first node sends a request for establishing a network tunnel to a virtual private network server;
502: the first node receives the response sent by the virtual private network server, so as to establish a network tunnel between the first node and the virtual private network server;
503: the first node sends a message of establishing the network tunnel to the second node so that the second node establishes the network tunnel with the virtual private network server.
At this time, the virtual private network server is used as a relay device between the first node and the second node, and is configured to receive the communication data sent by the first node and forward the communication data to the second node, and at the same time, receive the communication data sent by the second node and forward the communication data to the first node, so that a network tunnel between the first node and the second node is indirectly established.
It should be noted that, the specific implementation process of establishing the network tunnel with the second node after the first node knows the registration message between the second node and the first node is familiar to those skilled in the art, and the embodiment is not further described herein.
The method for establishing a network tunnel according to the first embodiment of the present invention is described in detail above, and according to the embodiment of the present invention, before a first node in a VPN network establishes a network tunnel with a second node, registration information of the second node and registration information of the first node may be queried from a virtual private network server, so that whether the second node and the first node accept external connection or not may be known, and a corresponding network tunnel may be established with the second node.
Example two:
referring to fig. 6, fig. 6 is a flowchart of a data processing method according to an embodiment of the present invention. As shown in fig. 6, the method may include:
601: the method comprises the steps that a virtual private network server receives a message sent by a first node, wherein the message is used for inquiring registration information of a second node;
in this embodiment, the message sent by the first node may further be used to query registration information of the first node.
602: and the virtual private network server sends the pre-stored registration information of the second node to the first node so that the first node and the second node establish a corresponding network tunnel.
For example, the first node may receive the current real IP address of the second node, the virtual IP address and the information about whether to accept the external connection, which are sent by the virtual private network server;
and receiving the current real IP address and the virtual IP address of the first node and the information whether to accept external connection, wherein the information is sent by the virtual private network server.
The registration information of the second node in this embodiment includes, but is not limited to, a current real IP address and a virtual IP address of the second node, and information on whether to accept external connection;
also, the registration information of the first node in this embodiment includes, but is not limited to, the current real IP address of the first node, the virtual IP address, and information on whether to accept external connection.
Furthermore, the current real IP address of the second node refers to a legal address of the second node in the Internet network, and specifically may be a network IP address of the second node in the Internet network, or an address of the second node after combining an IP address in the Internet network with a TCP/UDP port, or another service address of the second node in the Internet network represented by a URL;
similarly, the current real IP address of the first node refers to a legal address of the first node in the Internet network, and may specifically be an IP address of the first node in the Internet network, or an address of the first node after combining the IP address of the first node in the Internet network with a TCP/UDP port, or another service address of the first node in the Internet network represented by a URL.
According to the method provided by the embodiment of the present invention, before the foregoing 201, the method may further include:
the method comprises the steps that a virtual private network server receives an access request message sent by a first node and an access request message sent by a second node, wherein the access request message sent by the first node comprises a node name and a current real IP address of the first node;
the access request message sent by the second node comprises the node name and the current real IP address of the second node;
the virtual private network server allocates a virtual IP address to the first node, determines whether the first node accepts external connection, allocates a virtual IP address to the second node, and determines whether the second node accepts external connection;
the virtual private network server stores a correspondence of the first node name, the current real IP address, the assigned virtual IP address, and the information on whether to accept the external connection, and stores a correspondence of the second node name, the current real IP address, the assigned virtual IP address, and the information on whether to accept the external connection. And using the node names of the first node and the second node, the current real internet protocol address, the virtual internet protocol address and information indicating whether the first node and the second node accept external connection as the registration information of the first node and the second node.
The determining whether the first node accepts the external connection may specifically be:
after a virtual IP address is distributed to a first node, a connection request for establishing a network tunnel is sent to the first node once to judge whether the first node accepts external connection or not, and after a response returned by the first node is received, the first node is confirmed to accept the external connection, namely the attribute of 'whether the first node accepts the external connection' is 'OK'; on the contrary, if the response returned by the first node cannot be received within the specified time, it is confirmed that the first node does not accept the external connection, that is, the attribute of "accept external connection" of the first node is "NO".
Also, it can be confirmed whether the second node accepts the external connection in the above-described manner.
In this embodiment, the specific implementation of establishing the corresponding network tunnel between the first node and the second node is the same as the method described in the first embodiment, and will not be repeated here.
In the embodiment of the present invention, the virtual private network server may send the registration information of the second node and the first node to the first node according to the request of the first node, so that the first node may know whether the second node and the first node accept external connection before establishing a network tunnel with the second node, and then establish a corresponding network tunnel with the second node, thereby avoiding an attempt of establishing a direct connection network tunnel by the two nodes when the two nodes can only be connected in a virtual switching mode, so as to reduce waste of network resources and improve efficiency of establishing the network tunnel.
Example three:
referring to fig. 7, fig. 7 is a structural diagram of a virtual private network node according to an embodiment of the present invention. As shown in fig. 7, the virtual private network node may include:
an inquiring unit 701, configured to inquire registration information of the second node to the virtual private network server to determine whether the second node accepts external connection, where the registration information of the second node at least includes information whether the second node accepts external connection;
a network tunnel establishing unit 702, configured to establish a corresponding network tunnel with the second node according to the queried registration information.
For example, the corresponding network tunnels described in this embodiment include a direct network tunnel in a direct channel mode and an indirect network tunnel in a virtual switch mode.
Referring to fig. 8, fig. 8 is a schematic structural diagram of a query unit according to a third embodiment of the present invention. As shown in fig. 8, the query unit 701 may include:
a sending subunit 7011, configured to send an inquiry message to the virtual private network server, where the inquiry message includes registration information for inquiring the second node;
a receiving subunit 7012, configured to receive the registration information of the second node sent by the virtual private network server.
Preferably, the registration information of the second node may include, but is not limited to, a current real IP address of the second node, a virtual IP address, and information on whether to accept an external connection.
Referring to fig. 9, fig. 9 is a schematic structural diagram of a network tunnel unit according to an embodiment of the present invention. As shown in fig. 9, the establishing a network tunnel unit 702 may include:
a first establishing subunit 7021, configured to send a request for establishing a network tunnel to the second node when the second node accepts the external connection; and receiving a response sent by the second node so as to establish a network tunnel with the second node.
For example, the querying unit 701 may be further configured to query the virtual private network server for registration information of the first node; the registration information of the first node at least comprises information whether the first node accepts external connection.
As such, establishing the network tunnel unit 702 may include:
a second establishing subunit 7022, configured to send, to the second node, a message for prompting the second node to establish a network tunnel to the first node when the second node does not accept the external connection and the first node accepts the external connection, and receive a request for establishing the network tunnel sent by the second node; and sending a response to the second node, thereby establishing a network tunnel with the second node.
A third establishing subunit 7023, configured to send a request for establishing a network tunnel to the virtual private network server when the second node does not accept external connection and the first node does not accept external connection; receiving a response sent by the virtual private network server so as to establish a network tunnel with the virtual private network server; and sending a message for establishing the network tunnel to the second node so that the second node establishes the network tunnel to the virtual private network server, thereby establishing the network tunnel between the first node and the second node.
At this time, the virtual private network server is used as a relay device between the first node and the second node, and is configured to receive the communication data sent by the first node and forward the communication data to the second node, and at the same time, receive the communication data sent by the second node and forward the communication data to the first node, so that a network tunnel between the first node and the second node is indirectly established.
It should be noted that the method and the process for the second node to establish the network tunnel to the virtual private network server are the same as the method and the process for the first node to establish the network tunnel to the virtual private network server, and this embodiment is not described herein again.
As described above in detail for the virtual private network node according to the third embodiment of the present invention, the receiving subunit 7012 in the querying unit 701 of the first node according to the embodiment of the present invention may query, before the first node and the second node establish the network tunnel, the registration information of the second node and the registration information of the first node from the virtual private network server, so that the network tunnel establishing unit 702 may know whether the second node and the first node accept external connection, and further establish a corresponding network tunnel with the second node, thereby avoiding an attempt to establish a direct connection network tunnel by the two nodes when the two nodes can only be connected in the virtual switching mode, so that waste of network resources may be reduced, and efficiency of establishing the network tunnel may be improved.
Example four:
referring to fig. 10, fig. 10 is a structural diagram of a virtual private network server according to an embodiment of the present invention. As shown in fig. 10, the virtual private network server may include:
a receiving unit 1001, configured to receive a message sent by a first node, where the message is used to query registration information of a second node;
a sending unit 1002, configured to send pre-stored registration information of a second node to the first node, so that the first node and the second node establish a corresponding network tunnel, where the registration information of the second node at least includes information of whether the second node accepts external connection.
In this embodiment, the message sent by the first node and received by the receiving unit 1001 may further be used to query registration information of the first node, and then the sending unit 1002 may further send the registration information of the first node to the first node, where the registration information of the first node at least includes information about whether the first node accepts external connection or not
For example, the corresponding network tunnels described in this embodiment include a direct network tunnel in a direct channel mode and an indirect network tunnel in a virtual switch mode.
Preferably, the registration information of the second node may include, but is not limited to, a current real IP address of the second node, a virtual IP address, and information on whether to accept external connection;
also, the registration information of the first node may include, but is not limited to, the current real IP address of the first node, a virtual IP address, and information on whether to accept an external connection.
Preferably, the receiving unit 1001 may further be configured to receive an access request message sent by a first node and an access request message sent by a second node;
the access request message sent by the first node comprises a node name and a current real IP address of the first node; the access request message sent by the second node comprises the node name and the current real IP address of the second node;
the virtual private network server provided in the embodiment of the present invention may further include:
an allocating unit 1003, configured to allocate a virtual IP address to the first node according to the access request message sent by the first node and received by the access unit 1001, and determine whether the first node accepts external connection information;
and information for allocating a virtual IP address of the second node according to the access request message sent by the second node received by the access unit 1001, and determining whether the second node accepts external connection.
A storage unit 1004, configured to store a correspondence between a node name of the first node, a current real IP address, an assigned virtual IP address, and information on whether to accept external connection;
and storing the corresponding relation of the node name of the second node, the current real IP address, the allocated virtual IP address and the information whether to accept the external connection, and using the node names of the first node and the second node, the current real Internet protocol address, the virtual Internet protocol address and the information indicating whether to accept the external connection of the first node and the second node as the registration information of the first node and the second node.
Preferably, the allocating unit 1003 sends a connection request for establishing a network tunnel to the first node once after allocating virtual IP addresses to the first node and the second node, respectively, to determine whether the first node accepts external connection, and confirms that the first node accepts external connection after receiving a response returned by the first node within a specified time; on the contrary, if the response returned by the first node cannot be received within the specified time, the first node is confirmed not to accept the external connection;
sending a connection request for establishing the network tunnel to the second node once to judge whether the second node accepts the external connection, and confirming that the second node accepts the external connection after receiving a response returned by the second node within a specified time; on the contrary, if the response returned by the second node can not be received within the specified time, the second node is confirmed not to accept the external connection.
Furthermore, the current real IP address of the second node refers to a legal address of the second node in the Internet network, and specifically may be a network IP address of the second node in the Internet network, or an address of the second node after combining an IP address in the Internet network with a TCP/UDP port, or another service address of the second node in the Internet network represented by a URL;
similarly, the current real IP address of the first node refers to a legal address of the first node in the Internet network, and may specifically be an IP address of the first node in the Internet network, or an address of the first node after combining the IP address of the first node in the Internet network with a TCP/UDP port, or another service address of the first node in the Internet network represented by a URL.
The foregoing describes in detail a virtual private network server provided by the fourth embodiment of the present invention, where the receiving unit 1001 in the virtual private network server provided by the embodiment of the present invention may receive a request of a first node, and the sending unit 1002 may send registration information of a second node and the first node to the first node according to the request of the first node, so that the first node may know whether the second node and the first node accept external connection before establishing a network tunnel with the second node, and then establish a corresponding network tunnel with the second node, thereby avoiding an attempt of establishing a direct connection network tunnel by the two nodes when the two nodes are connected only in a virtual switching mode, which may reduce waste of network resources and improve efficiency of establishing the network tunnel.
Example five:
referring to fig. 11, fig. 11 is a structural diagram of a virtual private network system according to an embodiment of the present invention. As shown in fig. 11, the virtual private network system may include:
virtual private network node 1101 and virtual private network server 1102; wherein,
a virtual private network node 1101 for querying the virtual private network server 1102 for registration information of the second node to determine whether the second node accepts external connection, the registration information of the second node at least including information whether the second node accepts external connection; establishing a corresponding network tunnel with the second node according to the inquired registration information;
a virtual private network server 1102, configured to receive a message sent by the virtual private network node 1101, where the message is used to query registration information of a second node; sending pre-stored registration information of the second node to the virtual private network node 1101, so that the virtual private network node 1101 establishes a corresponding network tunnel with the second node, where the registration information of the second node at least includes information whether the second node accepts external connection.
It should be noted that the structure of the virtual private network node 1101 described in this embodiment is the same as the structure of the virtual private network node described in the third embodiment, and the function of the virtual private network node is the same, and the description of this embodiment is not repeated here; the structure of the vpn server 1102 described in this embodiment is the same as the structure of the vpn server described in the fourth embodiment, and the function of the server is the same, and the description of this embodiment is not repeated here.
Referring to fig. 12, fig. 12 is a schematic diagram of a VPN network according to an embodiment of the present invention. As shown in fig. 12, the VPN network provided in this embodiment may include a VPN server and a VPN node.
VPN nodes may include, but are not limited to, computers and other user terminals, among others; where the VPN server must have a legitimate address in the Internet network (the address may be in the form of an IP address, a combination of an IP address and a TCP/UDP port, or other service address represented by a URL) and may use its legitimate Internet address to receive data packets from the Internet network.
The VPN server needs to have a node registration function and an information query function. When a certain node is accessed to a VPN network, a VPN server needs to distribute a virtual IP address used by a first node in the VPN network for the node; registering and registering the node name of the first node, the current real IP address, the distributed virtual IP address, whether to accept external connection, even encryption parameters and other information;
the VPN server allows nodes within the VPN network to query registration information of other VPN nodes based on information such as node names of other VPN nodes and/or virtual IP addresses of other VPN nodes.
In this embodiment, the node should have a communication function with the VPN server; initiating a request function for establishing a network tunnel with other nodes in the VPN network; meanwhile, the node in this embodiment should also have a function of receiving a request for establishing a network tunnel with other nodes in the VPN network; meanwhile, the node in this embodiment should have the better ability to acquire the registration information of other nodes and the registration information of the first node, and establish a corresponding network tunnel with other nodes.
The corresponding network tunnels comprise a direct connection network tunnel in a direct connection channel mode and an indirect network tunnel in a virtual exchange mode.
As shown in fig. 12, there are 4 networked computers in the VPN network, and the names are: ID-1, ID-2ID-3, ID-4; wherein ID-1 and ID-2 are computers with legal IP addresses in Internet, and are allowed to receive connection from Internet; ID-3 and ID-4 are both in NAT network, have no legal Internet address, and are not allowed to receive network connection from Internet.
In the VPN network shown in fig. 7, network communication between nodes has the following three different situations:
1) network bidirectional connection can be directly established between the nodes, for example, between ID-1 and ID-2, any one node can actively establish a network tunnel to the other node;
2) the nodes can only directly establish one-way connection, for example, between ID-1 and ID-3, because ID-3 is in NAT network and has no legal IP address, only ID-3 is allowed to actively establish network tunnel to ID-1, but ID-1 is not allowed to establish network tunnel to ID-3;
3) and the nodes can not be directly connected, for example, between ID-3 and ID-4, because both ID-3 and ID-4 are in NAT network and have no legal IP address, a direct tunnel can not be established between ID-3 and ID-4, ID-3 and ID-4 can only respectively establish a network tunnel with VPN server, and the communication data between ID-3 and ID-4 must be transferred via VPN server.
Assuming that ID-1 needs to communicate with ID-2 and ID-3 in the VPN network shown in fig. 12, then:
1) ID-1 inquires the VPN server about the registration information of ID-2 and ID-3.
2) The ID-1 inquires of the VPN server about registration information of the ID-1.
Wherein, for 1), ID-1 sends inquiry information to VPN server, the inquiry information is used to inquire the registration information of ID-2 to VPN server; wherein the query message may include the name of ID-2 and/or the current real IP address of ID-2;
ID-1 sends inquiry information to VPN server, the inquiry information is used to inquire ID-3 register information to VPN server; wherein the query message may include the name of ID-3 and/or the current real IP address of ID-3;
for 2), the ID-1 sends an inquiry message to the VPN server, and the inquiry message is used for inquiring the registration information of the ID-1 from the VPN server; wherein the query message may include the name of ID-1 and/or the current real IP address of ID-1.
After receiving the inquiry message sent by ID-1, the VPN server inquires the registration information of ID-2 and ID-3 and sends the inquiry information to ID-1. Table 1 shows registration messages of nodes ID-1, ID-2ID-3, and ID-4 in the VPN network shown in fig. 3, which are stored in advance by the VPN server.
TABLE 1
Node point Node name Current real IP address Virtual IP address Whether to accept external connections
ID-1 NID-1 IP1:P1 VIP1 OK
ID-2 NID-2 IP2:P2 VIP2 OK
ID-3 NID-3 IP3:P3 VIP3 NO
ID-4 NID-4 IP4:P4 VIP4 NO
Since ID-3 and ID-4 are both in the NAT device, the current real IP address of ID-3 and ID-4 is actually the real IP address of the NAT device used by ID-3 and ID-4.
3) After receiving the query message sent by the ID-1, the VPN server queries the registration information of the ID-2 as follows: name NID-2, real address IP2: P2, virtual IP address VIP2, allowing acceptance of external connections;
the registration information of the query ID-3 is: name NID-3, real address IP3: P3, virtual IP address VIP3, not allowed to accept external connections;
the registration information of the query ID-1 is: the name is NID-1, the real address is IP1: P1, the virtual IP address VIP1, allowing for accepting external connections.
4) And the VPN server respectively transmits the registration information of the ID-2, the ID-3 and the ID-1 to the ID-1 according to the inquired registration information of the ID-2, the ID-3 and the ID-1.
Of course, the VPN server can also only select part of the registration information of ID-2, ID-3 and ID-1 to send to ID-1, such as the real address in the registration information of ID-2 is IP2: P2, the external connection is allowed to be accepted, the external connection is not allowed in the registration information of ID-3, and the real address in the registration information of ID-1 is IP1: P1, the external connection is allowed to be accepted to send to ID-1.
5) After ID-1 receives the registration information of ID-2, ID-3 and ID-1 sent by the VPN server, if the ID-2 point is found to receive external connection, the ID-1 sends a request for establishing a network tunnel to ID-2; if a response sent by the ID-2 is received, completing the direct connection network tunnel between the ID-1 and the ID-2 in the direct connection channel mode;
if ID-3 is found not to accept external connection and ID-1 accepts external connection, ID-1 sends a message for prompting ID-3 to actively establish a network tunnel to ID-1 to ID-3; receiving a request for establishing a network tunnel sent by ID-3; after the response sent to ID-3, the indirect network tunnel in virtual switched mode between ID-1 and ID-3 is completed.
Assuming again that ID-3 needs to communicate with ID-4 in the VPN network shown in fig. 12, then:
1) the ID-3 queries the VPN server for registration information for ID-4.
2) The ID-3 queries the VPN server for registration information for ID-4.
Wherein, for 1), ID-3 sends inquiry information to VPN server, the inquiry information is used to inquire the registration information of ID-4 to VPN server; wherein the query message may include the name of ID-4 and/or the current real IP address of ID-4;
ID-3 sends inquiry information to VPN server, the inquiry information is used to inquire ID-3 register information to VPN server; wherein the query message may include the name of ID-3 and/or the current real IP address of ID-3.
3) After receiving the query message sent by the ID-3, the VPN server queries the registration information of the ID-4 as follows: name NID-4, real address IP4: P4, virtual IP address VIP4, not allowed to accept external connections;
the registration information of the query ID-3 is: the name is NID-3, the real address is IP3: P3, the virtual IP address VIP3, no external connection is allowed.
4) And the VPN server respectively sends the registration information of the ID-4 and the ID-3 to the ID-3 according to the inquired registration information of the ID-4 and the ID-3.
Of course, the VPN server may also select only part of the registration information of ID-4 and ID-3 to send to ID-3, such as sending the registration information of ID-4 that is not allowed to accept external connections and the registration information of ID-3 that is not allowed to accept external connections to ID-3.
5) After ID-3 receives the registration information of ID-4 and ID-3 sent by the VPN server, the ID-3 sends a request for establishing a network tunnel to the VPN server if the ID-4 does not accept external connection and the ID-3 does not accept external connection, which indicates that a direct connection network tunnel cannot be established between the ID-3 and the ID-4; after receiving the response sent by the VPN server, completing the network tunnel with the VPN server;
and the ID-3 sends a message of establishing the network tunnel to the ID-4, so that the ID-4 establishes the network tunnel to the VPN server, thereby establishing the network tunnel between the ID-4 and the VPN server, and at the moment, the VPN server is used as a transfer device between the ID-3 and the ID-4, receives the communication data sent by the ID-3 and transfers the communication data to the ID-4; meanwhile, communication data sent by the ID-4 is received and forwarded to the ID-3, so that a network tunnel between the ID-3 and the ID-4 is indirectly established.
It should be noted that in this embodiment, the VPN server needs to store the registration messages of ID-1, ID-2, ID-3, and ID-4 in advance, specifically:
the VPN server receives access request messages respectively sent by ID-1, ID-2, ID-3 and ID-4, wherein the access request messages respectively sent by ID-1, ID-2, ID-3 and ID-4 comprise respective node names and current real IP addresses;
respectively allocating virtual IP addresses to ID-1, ID-2, ID-3 and ID-4, and respectively determining whether the information of ID-1, ID-2, ID-3 and ID-4 accepts external connection;
and storing the corresponding relation of the node names of the ID-1, the ID-2, the ID-3 and the ID-4, the current real IP address, the distributed virtual IP address and the information of whether to accept the external connection.
The information for respectively determining whether to accept the external connection of ID-1, ID-2, ID-3, and ID-4 is specifically:
after respective virtual IP addresses are respectively allocated to ID-1, ID-2, ID-3 and ID-4, a connection request for establishing a network tunnel is sent to ID-1, ID-2, ID-3 and ID-4 once to judge whether the ID-1, ID-2, ID-3 and ID-4 accept external connection or not;
after receiving the response returned by ID-1 and ID-2 within the specified time, considering that ID-1 and ID-2 accept the external connection, namely ID-1 and ID-2, and the attribute of 'whether to accept the external connection' is OK; when the response returned by ID-3 and ID-4 can not be received within the specified time, the ID-3 and ID-4 are considered not to accept the external connection, namely the attribute of 'whether to accept the external connection' of the ID-3 and ID-4 is 'NO'.
In addition, if the node itself stores the registration information of the first node, the node only needs to query the VPN server for the registration information of the second node, and does not need to query the VPN server for the registration information of the first node again.
In the VPN network provided in the fifth embodiment of the present invention, before establishing a network tunnel with another node, the node may query, from the VPN server, registration information of the other node and registration information of the first node, so as to know whether the other node and the first node accept external connection, and further establish a corresponding network tunnel with the other node, thereby avoiding an attempt to establish a direct connection network tunnel with the two nodes when the two nodes can only be connected in a virtual switching mode, so that waste of network resources can be reduced, and efficiency of establishing a network tunnel can be improved.
Those of ordinary skill in the art will understand that: all or part of the steps for implementing the method embodiments may be implemented by hardware related to program instructions, and the program may be stored in a computer readable storage medium, and when executed, the program performs the steps including the method embodiments; and the aforementioned storage medium includes: various media that can store program codes, such as a Read Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk, or an optical disk.
The method for establishing a network tunnel, the data processing method and the related device provided by the embodiment of the present invention are introduced in detail, and a specific embodiment is applied in the present disclosure to explain the principle and the implementation of the present invention, and the description of the embodiment is only used to help understanding the method and the core idea of the present invention; meanwhile, for a person skilled in the art, according to the idea of the present invention, there may be variations in the specific embodiments and the application scope, and in summary, the content of the present specification should not be construed as a limitation to the present invention.

Claims (13)

1. A method for establishing a network tunnel, comprising:
a first node inquires registration information of a second node from a virtual private network server to determine whether the second node accepts external connection, wherein the registration information of the second node at least comprises information whether the second node accepts external connection;
the first node establishes a corresponding network tunnel with the second node according to the inquired registration information of the second node;
the first node inquires registration information of the first node from the virtual private network server to determine whether the first node accepts external connection, wherein the registration information of the first node at least comprises information whether the first node accepts external connection;
wherein, if the second node does not accept external connection and the first node accepts external connection, the establishing a corresponding network tunnel with the second node includes:
the first node sends a message for prompting the second node to establish a network tunnel to the first node to the second node;
the first node receives a request for establishing a network tunnel sent by the second node;
and the first node sends a response to the second node and establishes a network tunnel with the second node.
2. The method of claim 1, wherein the first node querying a virtual private network server for registration information of a second node comprises:
a first node sends a query message to the virtual private network server, wherein the query message comprises a node name of a second node and/or a current real internet protocol address of the second node;
and the first node receives the registration information of the second node sent by the virtual private network server, wherein the registration information of the second node is obtained by the virtual private network server according to the node name of the second node and/or the current real Internet protocol address of the second node.
3. The method of claim 1, wherein if the second node accepts the external connection, the step of establishing the corresponding network tunnel with the second node comprises:
the first node sends a request for establishing a network tunnel to the second node;
and the first node receives the response sent by the second node and establishes a network tunnel with the second node.
4. The method of claim 1, further comprising:
if the second node does not accept external connection and the first node does not accept external connection, the establishing a corresponding network tunnel with the second node includes:
the first node sends a request for establishing a network tunnel to the virtual private network server;
the first node receives a response sent by the virtual private network server and establishes a network tunnel with the virtual private network server;
the first node sends a message of establishing the network tunnel to the second node so as to enable the second node to establish the network tunnel to the virtual private network server, thereby establishing the network tunnel between the first node and the second node.
5. A data processing method, comprising:
a virtual private network server receives a query message sent by a first node, wherein the query message comprises registration information for querying a second node;
the virtual private network server sends pre-stored registration information of the second node to the first node so as to enable the first node and the second node to establish a corresponding network tunnel, wherein the registration information of the second node at least comprises information whether the second node accepts external connection;
the method further comprises the following steps:
the virtual private network server establishes a network tunnel with the first node and the second node, and if the establishment is successful, the first node and the second node are determined to accept external connection; otherwise, determining that the first node and the second node do not accept external connection.
6. The method of claim 5, further comprising:
the virtual private network server receives an access request message sent by the first node, wherein the access request message comprises a node name of the first node and a current real Internet protocol address;
allocating a virtual internet protocol address to the first node and determining whether the first node accepts external connection;
storing the node name, the current real internet protocol address, the virtual internet protocol address and the information indicating whether the first node accepts the external connection, and taking the node name, the current real internet protocol address, the virtual internet protocol address and the information indicating whether the first node accepts the external connection as the registration information of the first node; and
receiving an access request message sent by the second node, wherein the access request message comprises a node name of the second node and a current real Internet protocol address;
allocating a virtual internet protocol address to the second node and determining whether the second node accepts external connections;
and storing the node name, the current real Internet protocol address, the virtual Internet protocol address and the information indicating whether the second node accepts the external connection, and taking the node name, the current real Internet protocol address, the virtual Internet protocol address and the information indicating whether the second node accepts the external connection as the registration information of the second node.
7. A virtual private network node, comprising:
the system comprises a query unit, a processing unit and a processing unit, wherein the query unit is used for querying registration information of a second node to a virtual private network server so as to determine whether the second node accepts external connection, and the registration information of the second node at least comprises information whether the second node accepts external connection;
a network tunnel establishing unit, configured to establish a corresponding network tunnel with the second node according to the queried registration information of the second node;
wherein the establishing a network tunnel unit includes:
a first establishing subunit, configured to send a request for establishing a network tunnel to the second node when the second node accepts external connection; receiving a response sent by the second node, and establishing a network tunnel with the second node;
a second establishing subunit, configured to send, to the second node, a message for prompting the second node to establish a network tunnel to the virtual private network node when the second node does not accept external connection and the virtual private network node accepts external connection, and receive a request for establishing the network tunnel sent by the second node; and the response sent to the second node establishes a network tunnel with the second node.
8. The virtual private network node of claim 7, wherein the querying unit comprises:
a sending subunit, configured to send a query message to a virtual private network server, where the query message includes registration information for querying a second node;
and the receiving subunit is configured to receive the registration information of the second node sent by the virtual private network server.
9. The virtual private network node according to claim 7, wherein the querying unit is further configured to query the virtual private network server for registration information of the first node to determine whether the first node accepts external connection, the registration information of the first node at least including information whether the first node accepts external connection; the first node is the virtual private network node.
10. The virtual private network node of claim 7, wherein the means for establishing a network tunnel further comprises:
a third establishing subunit, configured to send a request for establishing a network tunnel to the vpn server when the second node does not accept external connection and the vpn node does not accept external connection; receiving a response sent by the virtual private network server, and establishing a network tunnel between the virtual private network server and the network; sending a establish network tunnel message to the second node to cause the second node to establish a network tunnel to the virtual private network server to establish a network tunnel between the virtual private network node and the second node.
11. A virtual private network server, comprising:
a receiving unit, configured to receive a message sent by a first node, where the message is used to query registration information of a second node;
a sending unit, configured to send pre-stored registration information of a second node to the first node, so that the first node and the second node establish a corresponding network tunnel, where the registration information of the second node at least includes information about whether the second node accepts external connection;
the distribution unit is used for establishing a network tunnel with the first node and the second node, and if the network tunnel is successfully established, the first node and the second node are determined to accept external connection; otherwise, determining that the first node and the second node do not accept external connection.
12. The vpn server according to claim 11, wherein the receiving unit is further configured to receive an access request message sent by the first node, where the access request message includes a node name of the first node and a current real internet protocol address;
the virtual private network server further comprises:
a storage unit, configured to store a node name of the first node, a current real internet protocol address, a virtual internet protocol address, and information indicating whether the first node accepts external connection, and use the node name of the first node, the current real internet protocol address, the virtual internet protocol address, and the information indicating whether the first node accepts external connection as registration information of the first node;
the allocation unit is further configured to allocate a virtual internet protocol address of the first node;
the receiving unit is further configured to receive an access request message sent by the second node, where the access request message includes a node name of the second node and a current real internet protocol address;
the allocation unit is further configured to allocate a virtual internet protocol address of the second node;
the storage unit is configured to store the node name of the second node, the current real internet protocol address, the virtual internet protocol address, and information indicating whether the second node accepts external connection, and use the node name of the second node, the current real internet protocol address, the virtual internet protocol address, and the information indicating whether the second node accepts external connection as registration information of the second node.
13. A virtual private network system, comprising:
a virtual private network node and a virtual private network server;
the virtual private network node is configured to query the virtual private network server for registration information of a second node to determine whether the second node accepts external connection, where the registration information of the second node at least includes information whether the second node accepts external connection; establishing a corresponding network tunnel with the second node according to the inquired registration information;
the virtual private network server is used for receiving a message sent by the virtual private network node, wherein the message is used for inquiring the registration information of a second node; sending pre-stored registration information of a second node to the virtual private network node so that the virtual private network node establishes a corresponding network tunnel with the second node, wherein the registration information of the second node at least comprises information whether the second node accepts external connection;
the virtual private network node further comprises a network tunnel establishing unit:
wherein the establishing a network tunnel unit includes:
a first establishing subunit, configured to send a request for establishing a network tunnel to the second node when the second node accepts external connection; receiving a response sent by the second node, and establishing a network tunnel with the second node;
the second establishing subunit is configured to send, to the second node, a message for prompting the second node to establish a network tunnel to the virtual private network node when the second node does not accept external connection and the virtual private network node accepts external connection, and receive a request for establishing the network tunnel sent by the second node; and the response sent to the second node establishes a network tunnel with the second node.
CN2009101376586A 2009-05-04 2009-05-04 Method for establishing network tunnel, data processing method and related equipment Active CN101557336B (en)

Priority Applications (3)

Application Number Priority Date Filing Date Title
CN2009101376586A CN101557336B (en) 2009-05-04 2009-05-04 Method for establishing network tunnel, data processing method and related equipment
PCT/CN2010/072424 WO2010127610A1 (en) 2009-05-04 2010-05-04 Method, equipment and system for processing visual private network node information
US13/289,552 US8769661B2 (en) 2009-05-04 2011-11-04 Virtual private network node information processing method, relevant device and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN2009101376586A CN101557336B (en) 2009-05-04 2009-05-04 Method for establishing network tunnel, data processing method and related equipment

Publications (2)

Publication Number Publication Date
CN101557336A CN101557336A (en) 2009-10-14
CN101557336B true CN101557336B (en) 2012-05-02

Family

ID=41175287

Family Applications (1)

Application Number Title Priority Date Filing Date
CN2009101376586A Active CN101557336B (en) 2009-05-04 2009-05-04 Method for establishing network tunnel, data processing method and related equipment

Country Status (1)

Country Link
CN (1) CN101557336B (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2010127610A1 (en) * 2009-05-04 2010-11-11 成都市华为赛门铁克科技有限公司 Method, equipment and system for processing visual private network node information
CN102263704B (en) 2011-09-01 2014-03-26 杭州华三通信技术有限公司 Topology construction method and device supporting layer 2 interconnection of data centers
CN105282003B (en) * 2014-06-20 2019-03-22 中国电信股份有限公司 Establish the method and system and tunnel control device and virtual switch in tunnel

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1476204A (en) * 2002-08-16 2004-02-18 华为技术有限公司 Virtual specsel net realizing method based on dynamic IP address and system
CN1747436A (en) * 2005-10-24 2006-03-15 杭州华为三康技术有限公司 Access method and system for client end of virtual private network
CN101151849A (en) * 2005-03-28 2008-03-26 客得富移动通信股份有限公司 Method for mobile node's connection to virtual private network using mobile IP
CN101212374A (en) * 2006-12-29 2008-07-02 北大方正集团有限公司 Method and system for realizing remote access to campus network resources

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1476204A (en) * 2002-08-16 2004-02-18 华为技术有限公司 Virtual specsel net realizing method based on dynamic IP address and system
CN101151849A (en) * 2005-03-28 2008-03-26 客得富移动通信股份有限公司 Method for mobile node's connection to virtual private network using mobile IP
CN1747436A (en) * 2005-10-24 2006-03-15 杭州华为三康技术有限公司 Access method and system for client end of virtual private network
CN101212374A (en) * 2006-12-29 2008-07-02 北大方正集团有限公司 Method and system for realizing remote access to campus network resources

Also Published As

Publication number Publication date
CN101557336A (en) 2009-10-14

Similar Documents

Publication Publication Date Title
EP1368947B1 (en) Addressing method and system for using an anycast address
EP2241091B1 (en) Combining locally addressed devices and wide area network (wan) addressed devices on a single network
US20060056420A1 (en) Communication apparatus selecting a source address
RU2543304C2 (en) Packet relay method and device
US20040246991A1 (en) IP address translator and packet transfer apparatus
US9769113B1 (en) Socket-based internet protocol for wireless networks
CA2884683C (en) Split network address translation
CN103618801A (en) Method, device and system for sharing P2P (Peer-to-Peer) resources
CN101321128A (en) Communication device, communication network system and communication method
US9413590B2 (en) Method for management of a secured transfer session through an address translation device, corresponding server and computer program
EP1187426B1 (en) Method for using a unique IP address in a private IP address domain
CN110460641A (en) Data transmission method, apparatus and system
CN103414800B (en) A kind of NAT passes through the distribution of middle distributed relay server and system of selection and system
CN101557336B (en) Method for establishing network tunnel, data processing method and related equipment
CN111711705A (en) Method and device for realizing network connection based on bidirectional NAT (network Address translation) by proxy node
CN104518959B (en) A kind of method and device of communication between devices
EP2497324B1 (en) Methods for address translator traversal in 3gpp networks
JP5241665B2 (en) COMMUNICATION DEVICE, COMMUNICATION SYSTEM, AND COMMUNICATION METHOD
CN104702565A (en) Media resource sharing method, sharing server and sharing system
CN101237442A (en) Method, system and device for terminal identification analysis and service transmission in integrated network
CN101572729B (en) Processing method of node information of virtual private network, interrelated equipment and system
JP4654613B2 (en) Communication system, communication method, address distribution system, address distribution method, communication terminal
CN102811263A (en) Communication method and system based on IPv6 for mobile terminal and mobile terminal
US20100023620A1 (en) Access controller
JP4889617B2 (en) Gateway apparatus and communication control method

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
C56 Change in the name or address of the patentee

Owner name: HUAWEI DIGITAL TECHNOLOGY (CHENGDU) CO., LTD.

Free format text: FORMER NAME: CHENGDU HUAWEI SYMANTEC TECHNOLOGIES CO., LTD.

CP01 Change in the name or title of a patent holder

Address after: 611731 Chengdu high tech Zone, Sichuan, West Park, Qingshui River

Patentee after: HUAWEI DIGITAL TECHNOLOGIES (CHENG DU) Co.,Ltd.

Address before: 611731 Chengdu high tech Zone, Sichuan, West Park, Qingshui River

Patentee before: CHENGDU HUAWEI SYMANTEC TECHNOLOGIES Co.,Ltd.

TR01 Transfer of patent right

Effective date of registration: 20220905

Address after: No. 1899 Xiyuan Avenue, high tech Zone (West District), Chengdu, Sichuan 610041

Patentee after: Chengdu Huawei Technologies Co.,Ltd.

Address before: 611731 Qingshui River District, Chengdu hi tech Zone, Sichuan, China

Patentee before: HUAWEI DIGITAL TECHNOLOGIES (CHENG DU) Co.,Ltd.

TR01 Transfer of patent right