CN105207904B - Processing method, device and the router of message - Google Patents
Processing method, device and the router of message Download PDFInfo
- Publication number
- CN105207904B CN105207904B CN201410293381.7A CN201410293381A CN105207904B CN 105207904 B CN105207904 B CN 105207904B CN 201410293381 A CN201410293381 A CN 201410293381A CN 105207904 B CN105207904 B CN 105207904B
- Authority
- CN
- China
- Prior art keywords
- message
- gateway
- address
- routing
- forwarding
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000003672 processing method Methods 0.000 title claims abstract description 23
- 238000000034 method Methods 0.000 claims abstract description 16
- 238000013519 translation Methods 0.000 claims description 22
- 238000012545 processing Methods 0.000 claims description 19
- 238000006243 chemical reaction Methods 0.000 claims description 6
- 230000008569 process Effects 0.000 claims description 4
- 230000000694 effects Effects 0.000 abstract description 7
- 230000003068 static effect Effects 0.000 description 15
- 238000004891 communication Methods 0.000 description 5
- 238000010586 diagram Methods 0.000 description 3
- 238000005516 engineering process Methods 0.000 description 2
- 230000004044 response Effects 0.000 description 2
- 230000008859 change Effects 0.000 description 1
- 238000007796 conventional method Methods 0.000 description 1
- 235000013399 edible fruits Nutrition 0.000 description 1
- 230000005611 electricity Effects 0.000 description 1
- 238000001914 filtration Methods 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 238000012423 maintenance Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000006855 networking Effects 0.000 description 1
- 230000008439 repair process Effects 0.000 description 1
- 238000010845 search algorithm Methods 0.000 description 1
- 230000009897 systematic effect Effects 0.000 description 1
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention discloses a kind of processing method of message, device and routers.Wherein, this method includes:Obtain the first gateway corresponding with the first message, wherein the first message includes source address, and the first gateway is the next-hop gateway of the first message forwarding;The second gateway for meeting preset condition is searched according to the source address of the first message, message parameter and the first gateway;First message is forwarded to the second gateway.Using the embodiment of the present invention, solves the problems, such as can not to be that different routing outlets is arranged in different source addresses in the prior art, realize the effect that can determine gateway for it according to the source address of message.
Description
Technical field
The present invention relates to data processing fields, in particular to a kind of processing method of message, device and router.
Background technology
There is egress gateways router the flow for accessing internal network external network server to carry out NAT (Network
Address Translation, network address translation), Firewall (i.e. fire wall) filtering etc. business functions.On a plurality of
The networking of line link needs to configure static routing or policybased routing to realize correct routing, i.e., is transported according to belonging to destination address
Quotient's (telecommunications, movement, unicom etc.) is sought to select corresponding link.
However different internal network users have different outlet routing demands, such as:
1) Intranet 192.168.1.0/24 outlet requests are come from and select telecommunication link if destination address belongs to telecommunications.
2) all outlet ports request from Intranet 192.168.2.0/24, all selects communication links.
3) Intranet 192.168.3.0/24 outlet requests are come from and select communication links if destination address belongs to telecommunications.
Following outlet route selecting method is provided in the prior art:
(1) outlet is searched in static routing, can only be according to destination address although very high by static routing search performance
Come routing, the different egress policy of different business needs, and the above method can not be that different outlets is not arranged in homologous address
Strategy.
(2) policybased routing routing.Although policybased routing comparison is flexible, can according to source address, destination address come routing,
It is that policybased routing uses linear search algorithm, performance very low.If complicated routing policy is realized, due to the network of operator
Address is too many, needs to add a large amount of routing rule, causes forwarding performance low.
For example, when Intranet 192.168.3.0/24 outlet request destination addresses belong to telecommunications, communication links are selected.Electricity
Communication network address has 2000, needs to increase by 2000 policybased routings, as follows:
from192.168.3.0/24to ip1/16lookup unicom
from192.168.3.0/24to ip2/11lookup unicom
from192.168.3.0/24to ip2000/24lookup unicom
If there is above-mentioned strategy is realized it is necessary to increasing n*2000 policybased routing, maintenance cost in n inner-mesh network address
Height, performance cannot be satisfied demand at all.
For that can not be the problem of different routing outlets are arranged in different source addresses in the prior art, not yet propose at present
Effective solution scheme.
Invention content
For that can not be the problem of different routing outlets are arranged in different source addresses in the related technology, not yet propose at present
Effective solution scheme, for this purpose, the main purpose of the present invention is to provide a kind of processing method of message, device and router,
To solve the above problems.
To achieve the goals above, according to an aspect of the invention, there is provided a kind of processing method of message, this method
Including:Obtain the first gateway corresponding with the first message, wherein the first message includes source address, and the first gateway is the first message
The next-hop gateway of forwarding;It is searched according to the source address of the first message, message parameter and the first gateway and meets the of preset condition
Two gateways;First message is forwarded to the second gateway.
Further, obtaining the first gateway corresponding with the first message includes:Receive the first message, wherein the first message
In carry destination address;Inquiry obtains the first gateway corresponding with destination address from default routing table.
Further, it is searched according to the source address of the first message, message parameter and the first gateway and meets the of preset condition
Two gateways include:The routing data consistent with message parameter, source address and the first gateway are found in default gateway table,
In, message parameter includes:Destination address, entrance network interface card and outlet network interface card;The gateway of data direction will be route as the second gateway;
In the case of searching the routing data consistent less than with message parameter, source address and the first gateway in default gateway table, by the
One gateway is as the second gateway.
Further, the first message is forwarded to the second gateway includes:Network address translation is carried out to the first message to obtain
Transformed first message;Transformed first message is forwarded to the second gateway.
Further, while transformed first message is forwarded to the second gateway, processing method further includes:Record
Source address, source port, destination address, destination interface and the next-hop gateway before and after network address translation are carried out to the first message,
Generate forwarding connection table, wherein next-hop gateway is the first gateway or the second gateway.
Further, after generating forwarding connection table, processing method further includes:Receive new message;It is connected from forwarding
Inquiry whether there is message accounting identical with new message in table;There is report identical with new message in forwarding connection table
In the case of text record, next-hop gateway corresponding with new message is read from forwarding connection table.
To achieve the goals above, according to another aspect of the present invention, a kind of processing unit of message, the device are provided
Including:Acquisition module, for obtaining the first gateway corresponding with the first message, wherein the first message includes source address, the first net
Close the next-hop gateway for the forwarding of the first message;Searching module, for according to the source address of the first message, message parameter and first
Gateway searches the second gateway for meeting preset condition;Forwarding module, for the first message to be forwarded to the second gateway.
Further, acquisition module includes:First receiving module, for receiving the first message, wherein band in the first message
Purposeful address;Gateway searching module obtains the first gateway corresponding with destination address for being inquired from default routing table.
Further, searching module includes:First searches submodule, joins with message for being found in default gateway table
Number, source address routing data consistent with the first gateway, wherein message parameter includes:Destination address, entrance network interface card and outlet net
Card;First determining module, for the gateway of data direction will to be route as the second gateway;Second determining module, for default
In the case of searching the routing data consistent less than with message parameter, source address and the first gateway in gateway table, by the first gateway
As the second gateway.
Further, forwarding module includes:Address conversion module is obtained for carrying out network address translation to the first message
Transformed first message;Submodule is forwarded, for transformed first message to be forwarded to the second gateway.
Further, processing unit further includes:Logging modle, for transformed first message to be forwarded to the second net
While pass, record to the source address before and after the first message progress network address translation, source port, destination address, destination interface
With next-hop gateway, forwarding connection table is generated, wherein next-hop gateway is the first gateway or the second gateway.
Further, gateway searching module includes:Second receiving module, for receiving new message;Second searches submodule
Block whether there is message accounting identical with new message for being inquired from forwarding connection table;Read module, for forwarding
In the case of there is message accounting identical with new message in connection table, read from forwarding connection table corresponding with new message
Next-hop gateway.
To achieve the goals above, according to another aspect of the present invention, a kind of router is provided, which includes:
The processing unit of message.
Using the embodiment of the present invention, after getting the first gateway of the first message, according to the source address of the first message,
Message parameter and the first gateway search the second gateway for meeting preset condition, and the first message is sent to the second gateway, realize
Flexible selection to the outlet of the first message, and above-mentioned processing method, it is of low cost, in general linux servers
It is upper to dispose, it safeguards simple, it is only necessary to which a small amount of rule (preset condition i.e. in above-described embodiment) can meet internal network
User's complexity exports routing demand, and has higher forwarding performance, and it can not be different source addresses in the prior art to solve
The problem of different routing outlets are arranged realizes the effect that can determine gateway for it according to the source address of message.
Description of the drawings
Attached drawing described herein is used to provide further understanding of the present invention, and is constituted part of this application, this hair
Bright illustrative embodiments and their description are not constituted improper limitations of the present invention for explaining the present invention.In the accompanying drawings:
Fig. 1 is the structural schematic diagram of the processing unit of message according to the ... of the embodiment of the present invention;
Fig. 2 is the structural schematic diagram of router according to the ... of the embodiment of the present invention;
Fig. 3 is the flow chart of the processing method of message according to the ... of the embodiment of the present invention;And
Fig. 4 is a kind of flow chart of the processing method of optional message according to the ... of the embodiment of the present invention.
Specific implementation mode
In order to enable those skilled in the art to better understand the solution of the present invention, below in conjunction in the embodiment of the present invention
Attached drawing, technical scheme in the embodiment of the invention is clearly and completely described, it is clear that described embodiment is only
The embodiment of a part of the invention, instead of all the embodiments.Based on the embodiments of the present invention, ordinary skill people
The every other embodiment that member is obtained without making creative work should all belong to the model that the present invention protects
It encloses.
It should be noted that term " first " in description and claims of this specification and above-mentioned attached drawing, "
Two " etc. be for distinguishing similar object, without being used to describe specific sequence or precedence.It should be appreciated that using in this way
Data can be interchanged in the appropriate case, so as to the embodiment of the present invention described herein can in addition to illustrating herein or
Sequence other than those of description is implemented.In addition, term " comprising " and " having " and their any deformation, it is intended that cover
It includes to be not necessarily limited to for example, containing the process of series of steps or unit, method, system, product or equipment to cover non-exclusive
Those of clearly list step or unit, but may include not listing clearly or for these processes, method, product
Or the other steps or unit that equipment is intrinsic.
Fig. 1 is the structural schematic diagram of the processing unit of message according to the ... of the embodiment of the present invention.As shown in Figure 1, the device can
To include:Acquisition module 10, searching module 20 and forwarding module 30.
Wherein, acquisition module, for obtaining corresponding with the first message the first gateway, wherein the first message includes source
Location, the first gateway are the next-hop gateway of the first message forwarding.
Searching module, for meeting preset condition according to the lookup of the source address of the first message, message parameter and the first gateway
The second gateway.
Forwarding module, for the first message to be forwarded to the second gateway.
Using the embodiment of the present invention, after getting the first gateway of the first message, according to the source address of the first message,
Message parameter and the first gateway search the second gateway for meeting preset condition, and the first message is sent to the second gateway, realize
Flexible selection to the outlet of the first message, and above-mentioned processing method, it is of low cost, in general linux servers
It is upper to dispose, it safeguards simple, it is only necessary to which a small amount of rule (preset condition i.e. in above-described embodiment) can meet internal network
User's complexity exports routing demand, and has higher forwarding performance, and it can not be different source addresses in the prior art to solve
The problem of different routing outlets are arranged realizes the effect that can determine gateway for it according to source address.
The first message in above-described embodiment can be the request that E-Packets that inner-mesh network user sends, this E-Packets
The first message is carried in request, the method in above-described embodiment can be applied on gateway router.
In the above embodiment of the present invention, acquisition module may include:First receiving module, for receiving the first report
Text, wherein destination address is carried in the first message;Gateway searching module, for from default routing table inquiry obtain and purpose
Corresponding first gateway in address.
Specifically, after gateway router receives the first message by the first receiving module, mould is searched by gateway
Block searches the first gateway corresponding with destination address.Wherein, (i.e. above-mentioned with the destination address queries static routing table of the first message
Default routing table in embodiment) in gateway, obtain next-hop gateway (the first message in this embodiment of the first message
Next gateway be the first gateway).
Wherein, next-hop gateway is a crucial condition, since the quantity of the next-hop gateway of gateway router is seldom,
Therefore a small amount of regular (preset condition i.e. in above-described embodiment) is only needed to can be achieved with complicated routing demand.
It should be further noted that next-hop gateway is (i.e. pre- in above-described embodiment by queries static routing table
If routing table) obtain.Can be that each operator's configuration is quiet on gateway router when initializing gateway router
State is route.For example, if the destination address of message belongs to telecommunications, the next-hop gateway of message is exactly telecommunications gateway.
In the above embodiment of the present invention, searching module may include:First searches submodule, in default gateway
The routing data consistent with message parameter, source address and the first gateway are found in table, wherein message parameter includes:Destination
Location, entrance network interface card and outlet network interface card;First determining module, for the gateway of data direction will to be route as the second gateway;Second
Determining module, for searching the routing data consistent less than with message parameter, source address and the first gateway in default gateway table
In the case of, using the first gateway as second gateway.The gateway of the first message next-hop is determined in the above-described embodiments
For the first gateway or the second gateway.
Specifically, it is found in default gateway table uniform with the source address of the first message, message parameter and the first gateway
The routing data of cause, the corresponding gateway of routing data are the second gateway of the first message.
Above-mentioned preset condition can be custom rule.Wherein, custom rule using source address, destination address, enter
The preset condition of mouth network interface card, outlet network interface card and next-hop gateway as routing, it is specific as shown in table 1.It is above-mentioned when the first message
When data meet the condition in custom rule, next-hop gateway (the first net i.e. in above-described embodiment of the first message is changed
Close) it is specified gateway (the second gateway i.e. in above-described embodiment), to realize the selection of link.
Table 1:
Specifically, if the source address of the first message meets 192.168.1.0/24, specifically, source address is
192.168.1.0/X, the natural number that X is 0 to 32, because ipv4 address sizes are 4 bytes, i.e., 32, and destination address is not
It is limited (destination address in table is sky, and expression is not limited destination address), entrance network interface card is eth0, and outlet network interface card is not done
Limitation, the first gateway (i.e. above-mentioned original next-hop gateway) they are 115.238.228.193, it is determined that the source of the first message
Location, message parameter and the first gateway meet first routing data, the i.e. source address, message parameter and the first net of the first message
Close new next-hop gateway (i.e. above-described embodiment consistent with first routing data, then that first routing data is directed toward
In routing data be directed toward gateway) be the second gateway;If the data of the gateway found in default gateway table are sky,
Using the first initial gateway as the second gateway, the first gateway is forwarded it to when forwarding the first message.
Wherein, the default gateway table in above-described embodiment is realized in a manner of Hash table, can improve route inquiring data
With the second gateway speed.
In the above embodiment of the present invention, forwarding module may include:Address conversion module, for the first message into
Row network address translation obtains transformed first message;Submodule is forwarded, for transformed first message to be forwarded to the
Two gateways.
Specifically, network address translation is made to the first message, i.e., the source address and source port of the first message is converted to net
Public network address and the public network port of router are closed, then, the first message after address conversion is sent to network interface card by gateway router
Transformed first message is sent to the second gateway by queue.
It should be further noted that processing unit can also include:Logging modle, for being reported by transformed first
While text is forwarded to the second gateway, source address, source port, the purpose before and after carrying out network address translation to the first message are recorded
Address, destination interface and next-hop gateway generate forwarding connection table.Wherein, next-hop gateway is the first net in this embodiment
Pass or the second gateway.Next-hop gateway in the embodiment is also the new next-hop gateway in table 1.
Specifically, while forwarding the first message, forwarding connection table is established, to accelerate the processing speed to the first message
Degree.
Forwarding connection table, the source address before and after record network address translation and source port are established when forwarding the first message,
For doing network address translation to replying message, i.e., reply message public network destination address and ground that port translation is Intranet user
Location and port.Forward connection table content as shown in table 2.
Table 2:
As shown in table 2, which is also recorded for every chain in addition to record source address, source port, destination address, destination interface
Connecing the next-hop gateway of (corresponding each first message), (the next-hop gateway can be the first gateway in above-described embodiment or the
Two gateways).
Wherein, which is realized with Hash table, to improve inquiry velocity.Same is linked, only first first report
Text needs queries static routing table and matching routing rule, subsequent first message directly to use the next-hop net that the table records
It closes, improves forwarding speed.
Specifically, it is also likely to be the second gateway to forward the next-hop gateway recorded in connection table to may be the first gateway.Such as
The second gateway is matched in custom rule table before the first message of fruit, then it is the second net to forward recorded in connection table
It closes, if be not matched to before, what is recorded here is exactly the first gateway of the first message.That is, as long as forwarding connects
It connects table and has found record, illustrate to have gone to match, the rule in custom rule table may be met, it is also possible to not meet
Rule need not all have matched, no matter whether meeting rule originally because going matching result same again, as long as looking into again
There is record to connection table, just directly with the next-hop gateway recorded in table.
In the above embodiment of the present invention, gateway searching module may include:Second receiving module is new for receiving
Message;Second searches submodule, whether there is message accounting identical with new message for being inquired from forwarding connection table;It reads
Modulus block is used in the case where there is message accounting identical with new message in forwarding connection table, from forwarding connection table
Read next-hop gateway corresponding with new message.Wherein, new message is the first message not received before router.
Identical message accounting in embodiments of the present invention refers to source address, source port, destination address, destination
Mouth is identical.
By above-described embodiment, forwarding connection table is preserved in gateway router, often forwards first message should
The relevant information of first message records generation forwarding connection table, identical with the first message so as to be received in next time
When message, directly forward first message to the second gateway, without repeating the processing of above-mentioned lookup, conversion, significantly
Ground saves processing time, improves user experience.
The present invention also provides a kind of router, which may include the message of any one in above-described embodiment
Processing unit.
Using the embodiment of the present invention, after getting the first gateway of the first message, according to the source address of the first message,
Message parameter and the first gateway search the second gateway for meeting preset condition, and the first message is sent to the second gateway, realize
Flexible selection to the outlet of the first message, and above-mentioned processing method, it is of low cost, in general linux servers
It is upper to dispose, it safeguards simple, it is only necessary to which a small amount of rule (preset condition i.e. in above-described embodiment) can meet internal network
User's complexity exports routing demand, and has higher forwarding performance, and it can not be different source addresses in the prior art to solve
The problem of different routing outlets are arranged realizes the effect that can determine gateway for it according to source address.
As shown in Fig. 2, the router may include:Message input module 40, routing judgment module 50, routing policy module
60, message output module 70, the machine input module 80, respond module 90 and the machine output module 100.
Wherein, the first receiving module of acquisition module can be arranged in message input module, and searching module can be arranged
In routing policy module 60, forwarding module is set in message output module 70.
Specifically, above-mentioned router can be set in the kernel of Linux system.
PRE_ROUTING, that is, message input module 40, input route preceding checkpoint.Namely the first message received passes through
First module, the module polls forwarding link, if in table exist the message accounting consistent with the first message, directly read
The next-hop gateway (i.e. the second gateway) of first message, and by the routing state mark position 1 of the first message.Sentence by routing
When disconnected module, if it find that the route indication position of the first message has been marked as 1, then it is not necessarily to carry out routing judgement to it.
Routing Decision i.e. route judgment module 50, the module be used for judge the first message destination address whether
For the machine, the machine input module is then sent it to if it is the machine, if the destination address of the first message is not directed to the machine,
Send it to routing policy module.
Specifically, in the flow of Route Decision (routing judges), routing table can be preset by inquiry, including
Static routing and policybased routing, determine whether the destination address of the first message is directed toward the machine.
INPUT, that is, the machine input module, by Route Decision (routing judges), if the destination address of message is
The machine, then the first message enter the module.
The respond module of Local Process, that is, above-mentioned, which can be systematic difference program, for being reported to first
Text responds, and generates response message.
The machine output module 100 in OUTPUT, that is, above-described embodiment is exported response message by the machine output module.
The routing policy module 60 of FORWARD, that is, above-mentioned, judges the routing state flag bit of the first message, if being set to 1,
It does not just handle, message output module directly is sent to regard to it.Otherwise judge whether source address, entrance network interface card, next-hop gateway accord with
Conjunction condition obtains the second gateway, and update forwarding connection table if meeting preset condition.
POST_ROUTING, that is, the machine output module 100 is used for transformed first message of output address.
There are three uplinks with network router below, is the introduction present invention for telecommunications, movement, unicom respectively.
Can be that gateway router configures static routing, if telecommunication network address has 2000, mobile network address has
500, unicom network address has 500, then being configured in 3000 static routing namely default routing table for gateway router has
3000 data.
Above-described embodiment through the invention, if the destination address of the first message request of Intranet outlet belongs to some fortune
Quotient is sought, gateway router will select the corresponding link of the operator, the first message is sent to the corresponding gateway of the operator.
For example, if to realize " from Intranet 192.168.3.0/24 outlet requests, if entrance network interface card is eth0, mesh
Address belong to telecommunications, select communication links " this demand, it is only necessary to it is as follows to add a custom rule:
LBG_CHROUTE-s192.168.3.0/24-i eth0--old-gw telecommunications gateways -- new-gw unicom gateways
If n inner-mesh network address needs to realize similar demand, it is only necessary to increase n rules (i.e. above-mentioned default item
Part).And if realized using policybased routing, it needs to increase 2000*n rules.Since the quantity of rule is than conventional method
Regular quantity is few very much, so forward efficiency improves.
In terms of search performance, linear search of the hash algorithm than policybased routing of the static routing of Linux system is calculated
Method is much better.HTTP GET requests are forwarded by gateway router, HTTP reply data length is 65 bytes.
3000 static routing, forwarding performance data:Newly-built connection number 6.3W/s, flow 500Mbps.
3000 policybased routings, forwarding performance data:Newly-built connection number 4600/s, flow 140Mbps.
Above-described embodiment through the invention, the next-hop gateway based on message are routed, with a small amount of rule
Realize complicated routing, forwarding performance is high, of low cost.
Fig. 3 is a kind of flow chart of the processing method of message according to the ... of the embodiment of the present invention.As shown in figure 3, this method can
To include the following steps:
Step S302:Obtain the first gateway corresponding with the first message, wherein the first message includes source address, the first net
Close the next-hop gateway for the forwarding of the first message.
Step S304:It is searched according to the source address of the first message, message parameter and the first gateway and meets the of preset condition
Two gateways.
Step S306:First message is forwarded to the second gateway.
Using the embodiment of the present invention, after getting the first gateway of the first message, according to the source address of the first message,
Message parameter and the first gateway search the second gateway for meeting preset condition, and the first message is sent to the second gateway, realize
Flexible selection to the outlet of the first message, and above-mentioned processing method, it is of low cost, in general linux servers
It is upper to dispose, it safeguards simple, it is only necessary to which a small amount of rule (preset condition i.e. in above-described embodiment) can meet internal network
User's complexity exports routing demand, and has higher forwarding performance, and it can not be different source addresses in the prior art to solve
The problem of different routing outlets are arranged realizes the effect that can determine gateway for it according to source address.
The first message in above-described embodiment can be the request that E-Packets that inner-mesh network user sends, this E-Packets
The first message is carried in request, the method in above-described embodiment can be applied on gateway router.
According to the abovementioned embodiments of the present invention, obtaining the first gateway corresponding with the first message may include:Receive first
Message, wherein destination address is carried in the first message;Inquiry obtains the first net corresponding with destination address from default routing table
It closes.
Specifically, inquiry obtains the first gateway corresponding with destination address and includes from default routing table:It is connected from forwarding
Inquiry whether there is message accounting identical with the first message in table;There is report identical with the first message in forwarding connection table
In the case of text record, the first gateway is read from forwarding connection table;There is no identical as the first message in forwarding connection table
Message accounting in the case of, from default routing table inquiry obtain the first gateway corresponding with destination address.
Wherein, next-hop gateway is a crucial condition, since the quantity of the next-hop gateway of gateway router is seldom,
Therefore a small amount of regular (preset condition i.e. in above-described embodiment) is only needed to can be achieved with complicated routing demand.
It should be further noted that next-hop gateway is (i.e. pre- in above-described embodiment by queries static routing table
If routing table) obtain.Can be that each operator's configuration is quiet on gateway router when initializing gateway router
State is route.For example, if the destination address of message belongs to telecommunications, the next-hop gateway of message is exactly telecommunications gateway.
According to the above embodiment of the present invention, symbol is found according to the source address of the first message, message parameter and the first gateway
Close preset condition the second gateway may include:It is searched and message parameter, source address and the first gateway one in default gateway table
The routing data of cause, wherein message parameter includes:Destination address, entrance network interface card and outlet network interface card;The net of data direction will be route
It closes and is used as the second gateway;The routing number consistent less than with message parameter, source address and the first gateway is searched in default gateway table
In the case of, using the first gateway as second gateway.The net of the first message next-hop is determined in the above-described embodiments
Close is the first gateway or the second gateway.
Specifically, it is found in default gateway table uniform with the source address of the first message, message parameter and the first gateway
The routing data of cause, the corresponding gateway of routing data are the second gateway of the first message.
Above-mentioned preset condition can be custom rule.Wherein, custom rule using source address, destination address, enter
The preset condition of mouth network interface card, outlet network interface card and next-hop gateway as routing, it is specific as shown in table 1.It is above-mentioned when the first message
When data meet the condition in custom rule, next-hop gateway (the first net i.e. in above-described embodiment of the first message is changed
Close) it is specified gateway (the second gateway i.e. in above-described embodiment), to realize the selection of link.
In the above embodiment of the present invention, the first message, which is forwarded to the second gateway, may include:To the first message into
Row network address translation obtains transformed first message;Transformed first message is forwarded to the second gateway.
Specifically, while transformed first message is forwarded to the second gateway, processing method can also include:Note
Module is recorded, for while transformed first message is forwarded to the second gateway, record to be to the first message progress network
Location conversion front and back source address, source port, destination address, destination interface and next-hop gateway, generate forwarding connection table.Wherein,
Next-hop gateway is the first gateway or the second gateway in this embodiment.Next-hop gateway in the embodiment is also in table 1
New next-hop gateway.
Specifically, while forwarding the first message, forwarding connection table is established, to accelerate the processing speed to the first message
Degree.
Forward Intranet export request message when establish forwarding connection table, record network address translation before and after source address and
Source port is Intranet reply message public network destination address and port translation for doing network address translation to replying message
The address and port of user.
The present invention is discussed in detail with reference to Fig. 4.As shown in figure 4, the present invention can be achieved by the steps of:
Step S401:Receive the first message.
Specifically, the first message is received by gateway router.
Step S402:Obtain the first gateway corresponding with the first message.
Specifically, it is route with the destination address queries static of the first message, obtains the next-hop gateway (i.e. the of the first message
One gateway).
Wherein next-hop gateway is a crucial condition, since the next-hop gateway quantity of gateway router is seldom, because
This only needs a small amount of rule to can be achieved with complicated routing demand.
Next-hop gateway is obtained by queries static routing table.When initializing gateway router, need
It is each operator's configuration static routing on gateway router.For example, if the destination address of message belongs to telecommunications, under message
One jump gateway is exactly telecommunications gateway.
Step S403:Whether source address, the first gateway and the message parameter for detecting the first message meet preset condition.
Wherein, in the case where the source address of the first message, the first gateway and message parameter meet preset condition, step is executed
Rapid S404;In the case where the source address of the first message, the first gateway and message parameter do not meet preset condition, step is executed
S405。
In the above-described embodiments, if it is, determining new next-hop gateway;If it is not, then new next-hop gateway is
First gateway.
Step S404:Determine the second gateway.
Specifically, modification next-hop gateway is the gateway that preset condition is specified.
Step S405:Network address translation is carried out to the first message and obtains transformed first message.
Specifically, network address translation is done to message, i.e., the source address of message and source port is converted to gateway router
Public network address and public network port.
Step S406:Send transformed first message.
Specifically, message is sent to network interface card queue by gateway router.
It should be noted that step shown in the flowchart of the accompanying drawings can be in such as a group of computer-executable instructions
It is executed in computer system, although also, logical order is shown in flow charts, and it in some cases, can be with not
The sequence being same as herein executes shown or described step.
It can be seen from the above description that the present invention realizes following technique effect:
Using the embodiment of the present invention, after getting the first gateway of the first message, according to the source address of the first message,
Message parameter and the first gateway search the second gateway for meeting preset condition, and the first message is sent to the second gateway, realize
Flexible selection to the outlet of the first message, and above-mentioned processing method, it is of low cost, in general linux servers
It is upper to dispose, it safeguards simple, it is only necessary to which a small amount of rule (preset condition i.e. in above-described embodiment) can meet internal network
User's complexity exports routing demand, and has higher forwarding performance, and it can not be different source addresses in the prior art to solve
The problem of different routing outlets are arranged realizes the effect that can determine gateway for it according to source address.
Obviously, those skilled in the art should be understood that each module of the above invention or each step can be with general
Computing device realize that they can be concentrated on a single computing device, or be distributed in multiple computing devices and formed
Network on, optionally, they can be realized with the program code that computing device can perform, it is thus possible to which they are stored
Be performed by computing device in the storage device, either they are fabricated to each integrated circuit modules or by they
In multiple modules or step be fabricated to single integrated circuit module to realize.In this way, the present invention is not limited to any specific
Hardware and software combines.
The foregoing is only a preferred embodiment of the present invention, is not intended to restrict the invention, for the skill of this field
For art personnel, the invention may be variously modified and varied.All within the spirits and principles of the present invention, any made by repair
Change, equivalent replacement, improvement etc., should all be included in the protection scope of the present invention.
Claims (11)
1. a kind of message processing method for egress gateways, which is characterized in that including:
Obtain the first gateway corresponding with the first message, wherein first message includes source address, and first gateway is institute
State the next-hop gateway of the first message forwarding;
The second net for meeting preset condition is searched according to the source address of first message, message parameter and first gateway
It closes;
First message is forwarded to second gateway,
Wherein, obtaining the first gateway corresponding with the first message includes:
Receive first message, wherein destination address is carried in first message;
Inquiry obtains first gateway corresponding with the destination address from default routing table.
2. processing method according to claim 1, which is characterized in that join according to the source address of first message, message
Number and first gateway, which are searched, to be met the second gateways of preset condition and includes:
The routing number consistent with the message parameter, the source address and first gateway is found in default gateway table
Include according to, wherein the message parameter:The destination address, entrance network interface card and outlet network interface card;
The gateway that the routing data are directed toward is as second gateway;
The routing number consistent less than with the message parameter, the source address and first gateway is searched in default gateway table
In the case of, using first gateway as second gateway.
3. processing method according to claim 1 or 2, which is characterized in that first message is forwarded to described second
Gateway includes:
Network address translation is carried out to first message and obtains transformed first message;
Transformed first message is forwarded to second gateway.
4. processing method according to claim 3, which is characterized in that transformed first message is being forwarded to institute
While stating the second gateway, the processing method further includes:
Record to first message carry out network address translation before and after source address, source port, destination address, destination interface and
Next-hop gateway generates forwarding connection table, wherein the next-hop gateway is first gateway or second gateway.
5. processing method according to claim 4, which is characterized in that after generating forwarding connection table, the processing side
Method further includes:
Receive new message;
Inquiry whether there is message accounting identical with the new message from the forwarding connection table;
In the case of there is message accounting identical with the new message in the forwarding connection table, connected from the forwarding
Next-hop gateway corresponding with the new message is read in table.
6. a kind of message process device for egress gateways, which is characterized in that including:
Acquisition module, for obtaining the first gateway corresponding with the first message, wherein first message includes source address, institute
State the next-hop gateway that the first gateway is first message forwarding;
Searching module, it is default for meeting according to the lookup of the source address of first message, message parameter and first gateway
Second gateway of condition;
Forwarding module, for first message to be forwarded to second gateway,
Wherein, the acquisition module includes:
First receiving module, for receiving first message, wherein destination address is carried in first message;
Gateway searching module obtains first gateway corresponding with the destination address for being inquired from default routing table.
7. processing unit according to claim 6, which is characterized in that the searching module includes:
First searches submodule, for being found in default gateway table and the message parameter, the source address and described the
The consistent routing data of one gateway, wherein the message parameter includes:The destination address, entrance network interface card and outlet network interface card;
First determining module, the gateway for being directed toward the routing data is as second gateway;
Second determining module, for searched in default gateway table less than with the message parameter, the source address and described the
In the case of the consistent routing data of one gateway, using first gateway as second gateway.
8. the processing unit described according to claim 6 or 7, which is characterized in that the forwarding module includes:
Address conversion module obtains transformed first message for carrying out network address translation to first message;
Submodule is forwarded, for transformed first message to be forwarded to second gateway.
9. processing unit according to claim 8, which is characterized in that the processing unit further includes:
Logging modle, for while transformed first message is forwarded to second gateway, recording to described
First message carries out source address, source port, destination address, destination interface and the next-hop gateway before and after network address translation, raw
At forwarding connection table, wherein the next-hop gateway is first gateway or second gateway.
10. processing unit according to claim 9, which is characterized in that the gateway searching module includes:
Second receiving module, for receiving new message;
Second searches submodule, whether there is message identical with the new message for being inquired from the forwarding connection table
Record;
Read module, in the case of for there is message accounting identical with the new message in the forwarding connection table,
Next-hop gateway corresponding with the new message is read from the forwarding connection table.
11. a kind of router, which is characterized in that include the processing unit of the message described in any one of claim 6 to 10.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410293381.7A CN105207904B (en) | 2014-06-25 | 2014-06-25 | Processing method, device and the router of message |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410293381.7A CN105207904B (en) | 2014-06-25 | 2014-06-25 | Processing method, device and the router of message |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN105207904A CN105207904A (en) | 2015-12-30 |
| CN105207904B true CN105207904B (en) | 2018-07-17 |
Family
ID=54955348
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410293381.7A Active CN105207904B (en) | 2014-06-25 | 2014-06-25 | Processing method, device and the router of message |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105207904B (en) |
Families Citing this family (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107707478A (en) * | 2017-09-30 | 2018-02-16 | 迈普通信技术股份有限公司 | Data forwarding method and equipment |
| CN109495461B (en) * | 2018-11-01 | 2021-07-23 | 北京车和家信息技术有限公司 | Data access request processing method and device and vehicle-mounted central control system |
| CN114697186B (en) * | 2022-03-03 | 2023-08-15 | 中国电子科技集团公司第二十八研究所 | Plug-and-play network management system based on dual routing |
| CN114826987B (en) * | 2022-04-01 | 2024-07-09 | 阿里云计算有限公司 | Gateway forwarding abnormality detection method, equipment, medium and product |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101217465A (en) * | 2007-12-28 | 2008-07-09 | 北京锐安科技有限公司 | A route selecting method for multi-exit server and router |
| CN101383778A (en) * | 2008-10-27 | 2009-03-11 | 杭州华三通信技术有限公司 | Packet transmission method based on network dual exit and exit router |
| CN101668010A (en) * | 2009-09-22 | 2010-03-10 | 中兴通讯股份有限公司 | Method and device for sharing multi-interface data stream load in WiMAX system |
| CN101938399A (en) * | 2009-06-30 | 2011-01-05 | 华为技术有限公司 | A routing method and device |
| CN102186221A (en) * | 2011-04-25 | 2011-09-14 | 北京星网锐捷网络技术有限公司 | Method and device for updating routing table item |
| CN102664804A (en) * | 2012-04-24 | 2012-09-12 | 汉柏科技有限公司 | Method and system for achieving network bridge function of network equipment |
Family Cites Families (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20060182118A1 (en) * | 2005-02-01 | 2006-08-17 | Hong Kong Applied Science and Technology Research Institute Company Limited | System And Method For Efficient Traffic Processing |
| CN101141372A (en) * | 2006-09-07 | 2008-03-12 | 上海贝尔阿尔卡特股份有限公司 | Method and device for management of routing information and data forwarding in access equipment |
-
2014
- 2014-06-25 CN CN201410293381.7A patent/CN105207904B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101217465A (en) * | 2007-12-28 | 2008-07-09 | 北京锐安科技有限公司 | A route selecting method for multi-exit server and router |
| CN101383778A (en) * | 2008-10-27 | 2009-03-11 | 杭州华三通信技术有限公司 | Packet transmission method based on network dual exit and exit router |
| CN101938399A (en) * | 2009-06-30 | 2011-01-05 | 华为技术有限公司 | A routing method and device |
| CN101668010A (en) * | 2009-09-22 | 2010-03-10 | 中兴通讯股份有限公司 | Method and device for sharing multi-interface data stream load in WiMAX system |
| CN102186221A (en) * | 2011-04-25 | 2011-09-14 | 北京星网锐捷网络技术有限公司 | Method and device for updating routing table item |
| CN102664804A (en) * | 2012-04-24 | 2012-09-12 | 汉柏科技有限公司 | Method and system for achieving network bridge function of network equipment |
Also Published As
| Publication number | Publication date |
|---|---|
| CN105207904A (en) | 2015-12-30 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10728176B2 (en) | Ruled-based network traffic interception and distribution scheme | |
| US8290934B2 (en) | Method and system for processing access control lists using a hashing scheme | |
| US9225628B2 (en) | Topology-based consolidation of link state information | |
| CN104350467B (en) | Elasticity for the cloud security using SDN carries out layer | |
| CN102656850B (en) | For the treatment of the method for multiple data and the switching equipment for switched communication grouping | |
| EP2544417B1 (en) | Communication system, path control apparatus, packet forwarding apparatus and path control method | |
| US7260096B2 (en) | Method and router for forwarding internet data packets | |
| US6957272B2 (en) | Stackable lookup engines | |
| US20060221956A1 (en) | Methods for performing packet classification via prefix pair bit vectors | |
| CN103491006B (en) | The data of virtual network router unify retransmission method | |
| US9106506B2 (en) | Filter-based forwarding in a network | |
| CN106470158B (en) | Message forwarding method and device | |
| US20060045088A1 (en) | Method of using Patricia tree and longest prefix match for policy-based route look-up | |
| US20160112299A1 (en) | Configuring forwarding information | |
| CN1875585A (en) | Dynamic unknown L2 flooding control with MAC limits | |
| CN105207904B (en) | Processing method, device and the router of message | |
| CN106453091B (en) | The equivalent route management method and device of router Forwarding plane | |
| CN106803809A (en) | A kind of method and apparatus of message forwarding | |
| CN101699796B (en) | Stream trust-based method and system for transmitting data message at high speed and router thereof | |
| CN107786497A (en) | The method and apparatus for generating ACL table | |
| CN107147581A (en) | The maintaining method and device of route table items | |
| US20170237691A1 (en) | Apparatus and method for supporting multiple virtual switch instances on a network switch | |
| US8873555B1 (en) | Privilege-based access admission table | |
| WO2005020525A1 (en) | Protocol speed increasing device | |
| US8040882B2 (en) | Efficient key sequencer |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20200713 Address after: 310052 room 508, floor 5, building 4, No. 699, Wangshang Road, Changhe street, Binjiang District, Hangzhou City, Zhejiang Province Patentee after: Alibaba (China) Co.,Ltd. Address before: 510627 Guangdong city of Guangzhou province Whampoa Tianhe District Road No. 163 Xiping Yun Lu Yun Ping B radio 14 floor tower square Patentee before: Guangzhou Dongjing Computer Technology Co.,Ltd. |