[go: up one dir, main page]

CN110636149B - Remote access method, device, router and storage medium - Google Patents

Remote access method, device, router and storage medium Download PDF

Info

Publication number
CN110636149B
CN110636149B CN201910989769.3A CN201910989769A CN110636149B CN 110636149 B CN110636149 B CN 110636149B CN 201910989769 A CN201910989769 A CN 201910989769A CN 110636149 B CN110636149 B CN 110636149B
Authority
CN
China
Prior art keywords
network address
virtual network
target
access request
identifier
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201910989769.3A
Other languages
Chinese (zh)
Other versions
CN110636149A (en
Inventor
廖远
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen Onething Technologies Co Ltd
Original Assignee
Shenzhen Onething Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen Onething Technologies Co Ltd filed Critical Shenzhen Onething Technologies Co Ltd
Priority to CN201910989769.3A priority Critical patent/CN110636149B/en
Publication of CN110636149A publication Critical patent/CN110636149A/en
Application granted granted Critical
Publication of CN110636149B publication Critical patent/CN110636149B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • H04L12/4641Virtual LANs, VLANs, e.g. virtual private networks [VPN]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/25Mapping addresses of the same type
    • H04L61/2503Translation of Internet protocol [IP] addresses
    • H04L61/256NAT traversal

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention provides a remote access method, which comprises the following steps: acquiring a first identifier of first equipment and acquiring a second identifier of second equipment; judging whether the first equipment and the second equipment are in the same virtual network or not according to the first identification and the second identification; if the first equipment and the second equipment are in the same virtual network, determining a target virtual network address of the second equipment; judging whether the type of network address resource conversion of a target route to which the second equipment belongs is conical network address resource conversion or not according to a network address resource conversion type detection algorithm; and if the type of the network address resource conversion of the target route to which the second equipment belongs is the cone network address resource conversion, sending the access request of the first equipment to the second equipment in a peer-to-peer network transmission mode according to the target virtual network address. The invention also provides a remote access device, a router and a storage medium. The invention can realize remote access by using simple equipment.

Description

远程访问方法、装置、路由器及存储介质Remote access method, device, router and storage medium

技术领域technical field

本发明涉及网络传输技术领域,尤其涉及一种远程访问方法、装置、路由器及存储介质。The present invention relates to the technical field of network transmission, and in particular, to a remote access method, device, router and storage medium.

背景技术Background technique

目前,在进行远程访问时,需要搭建较高要求的网络结构以及使用高端设备来组建硬件环境。企业基于上述硬件环境可以进行远程访问,以享受互联网技术服务。At present, when performing remote access, it is necessary to build a network structure with higher requirements and use high-end equipment to set up a hardware environment. Based on the above hardware environment, enterprises can conduct remote access to enjoy Internet technical services.

然而,针对普通用户而言,普通用户所使用的网络结构通常比较简单,上网设备也较低端。普通用户无法基于较简单的网络结构和较低端的上网设备来搭建远程访问的硬件环境,因此,当普通用户在异地时,无法进行远程访问。However, for ordinary users, the network structure used by ordinary users is usually relatively simple, and the devices for accessing the Internet are also relatively low-end. Ordinary users cannot build a hardware environment for remote access based on a simpler network structure and lower-end Internet access devices. Therefore, when ordinary users are in different places, they cannot perform remote access.

因此,如何利用简单设备进行远程访问是一个亟需解决的技术问题。Therefore, how to use simple devices for remote access is an urgent technical problem to be solved.

发明内容SUMMARY OF THE INVENTION

鉴于以上内容,有必要提供一种远程访问方法、装置、路由器及存储介质,能够利用简单设备进行远程访问。In view of the above, it is necessary to provide a remote access method, device, router and storage medium, which can perform remote access by using simple devices.

本发明的第一方面提供一种远程访问方法,所述方法包括:A first aspect of the present invention provides a remote access method, the method comprising:

当第一设备需要对第二设备进行远程访问时,获取所述第一设备的第一标识,以及获取所述第二设备的第二标识;When the first device needs to perform remote access to the second device, acquiring the first identifier of the first device, and acquiring the second identifier of the second device;

根据所述第一标识以及所述第二标识,判断所述第一设备和所述第二设备是否处于同一个虚拟网络中;According to the first identifier and the second identifier, determine whether the first device and the second device are in the same virtual network;

若所述第一设备和所述第二设备处于同一个虚拟网络中,确定所述第二设备的目标虚拟网络地址;If the first device and the second device are in the same virtual network, determining the target virtual network address of the second device;

根据网络地址资源转换类型检测算法,判断所述第二设备所属的目标路由的网络地址资源转换的类型是否为锥形网络地址资源转换;According to the network address resource conversion type detection algorithm, determine whether the network address resource conversion type of the target route to which the second device belongs is cone network address resource conversion;

若所述第二设备所属的目标路由的网络地址资源转换的类型为锥形网络地址资源转换,根据所述目标虚拟网络地址,通过对等网络传输的方式,将所述第一设备的访问请求发送至所述第二设备,其中,所述访问请求携带有所述目标虚拟网络地址。If the type of network address resource translation of the target route to which the second device belongs is cone network address resource translation, according to the target virtual network address, the access request of the first device is transmitted through a peer-to-peer network. sent to the second device, wherein the access request carries the target virtual network address.

在一种可能的实现方式中,所述根据所述目标虚拟网络地址,通过对等网络传输的方式,将所述第一设备的访问请求发送至所述第二设备包括:In a possible implementation manner, the sending the access request of the first device to the second device by means of peer-to-peer network transmission according to the target virtual network address includes:

根据所述目标虚拟网络地址,从第一服务器中获取所述第二设备的第一外网地址;obtaining the first external network address of the second device from the first server according to the target virtual network address;

根据所述第一外网地址,将所述第一设备的访问请求发送至所述第二设备所属的目标路由,其中,所述目标路由根据所述访问请求携带的所述目标虚拟网络地址,将所述访问请求发送至所述第二设备。According to the first external network address, the access request of the first device is sent to the target route to which the second device belongs, wherein the target route is based on the target virtual network address carried in the access request, The access request is sent to the second device.

在一种可能的实现方式中,所述方法还包括:In a possible implementation, the method further includes:

若所述第二设备所属的目标路由的网络地址资源转换的类型不为锥形网络地址资源转换,根据所述目标虚拟网络地址,通过服务器转发的方式,将所述第一设备的访问请求发送至所述第二设备。If the type of the network address resource translation of the target route to which the second device belongs is not cone network address resource translation, according to the target virtual network address, the access request of the first device is sent by means of server forwarding to the second device.

在一种可能的实现方式中,所述根据所述目标虚拟网络地址,通过服务器转发的方式,将所述第一设备的访问请求发送至所述第二设备包括:In a possible implementation manner, the sending the access request of the first device to the second device by forwarding the server according to the target virtual network address includes:

将所述第一设备的访问请求的源地址映射为第二服务器的第二外网地址;mapping the source address of the access request of the first device to the second external network address of the second server;

根据所述目标虚拟网络地址,从所述第二服务器存储的多个外网地址中,确定所述第二设备的第三外网地址;According to the target virtual network address, from a plurality of external network addresses stored by the second server, determine a third external network address of the second device;

根据所述第二外网地址以及所述第三外网地址,将所述访问请求发送至所述第二设备。The access request is sent to the second device according to the second external network address and the third external network address.

在一种可能的实现方式中,所述方法还包括:In a possible implementation, the method further includes:

若所述第一设备和所述第二设备不处于同一个虚拟网络中,根据所述第一标识以及所述第二标识,将所述第一设备以及所述第二设备添加至目标虚拟网络中;If the first device and the second device are not in the same virtual network, add the first device and the second device to the target virtual network according to the first identifier and the second identifier middle;

从所述目标虚拟网络的虚拟地址池中,选择第一虚拟网络地址并将所述第一虚拟网络地址分配至所述第一设备,以及从所述目标虚拟网络的虚拟网络地址池中,选择第二虚拟网络地址并将所述第二虚拟网络地址分配至所述第二设备。From the virtual address pool of the target virtual network, selecting a first virtual network address and assigning the first virtual network address to the first device, and from the virtual network address pool of the target virtual network, selecting A second virtual network address and assigning the second virtual network address to the second device.

在一种可能的实现方式中,所述第二服务器用于存储虚拟网络中的所有设备的标识信息、虚拟网络地址、外网地址以及配置信息。In a possible implementation manner, the second server is configured to store identification information, virtual network addresses, external network addresses, and configuration information of all devices in the virtual network.

本发明的第二方面提供一种远程访问装置,所述装置包括:A second aspect of the present invention provides a remote access device, the device comprising:

获取模块,用于当第一设备需要对第二设备进行远程访问时,获取所述第一设备的第一标识,以及获取所述第二设备的第二标识;an acquisition module, configured to acquire the first identifier of the first device and acquire the second identifier of the second device when the first device needs to perform remote access to the second device;

判断模块,用于根据所述第一标识以及所述第二标识,判断所述第一设备和所述第二设备是否处于同一个虚拟网络中;a judgment module, configured to judge whether the first device and the second device are in the same virtual network according to the first identification and the second identification;

确定模块,用于若所述第一设备和所述第二设备处于同一个虚拟网络中,确定所述第二设备的目标虚拟网络地址;a determining module, configured to determine the target virtual network address of the second device if the first device and the second device are in the same virtual network;

所述判断模块,还用于根据网络地址资源转换类型检测算法,判断所述第二设备所属的目标路由的网络地址资源转换的类型是否为锥形网络地址资源转换;The judging module is further configured to judge, according to a network address resource conversion type detection algorithm, whether the network address resource conversion type of the target route to which the second device belongs is a cone network address resource conversion;

发送模块,用于若所述第二设备所属的目标路由的网络地址资源转换的类型为锥形网络地址资源转换,根据所述目标虚拟网络地址,通过对等网络传输的方式,将所述第一设备的访问请求发送至所述第二设备,其中,所述访问请求携带有所述目标虚拟网络地址。The sending module is configured to, if the type of the network address resource conversion of the target route to which the second device belongs is cone network address resource conversion, according to the target virtual network address, transmit the An access request from a device is sent to the second device, wherein the access request carries the target virtual network address.

本发明的第三方面提供一种路由器,所述路由器包括处理器和存储器,所述处理器用于执行所述存储器中存储的计算机程序时实现所述的远程访问方法。A third aspect of the present invention provides a router, the router includes a processor and a memory, and the processor is configured to implement the remote access method when executing a computer program stored in the memory.

本发明的第四方面提供一种计算机可读存储介质,所述计算机可读存储介质上存储有计算机程序,所述计算机程序被处理器执行时实现所述的远程访问方法。A fourth aspect of the present invention provides a computer-readable storage medium, where a computer program is stored on the computer-readable storage medium, and the computer program implements the remote access method when executed by a processor.

由以上技术方案,本发明中,当第一设备需要对第二设备进行远程访问时,获取所述第一设备的第一标识,以及获取所述第二设备的第二标识;根据所述第一标识以及所述第二标识,判断所述第一设备和所述第二设备是否处于同一个虚拟网络中;若所述第一设备和所述第二设备处于同一个虚拟网络中,确定所述第二设备的目标虚拟网络地址;根据网络地址资源转换类型检测算法,判断所述第二设备所属的目标路由的网络地址资源转换的类型是否为锥形网络地址资源转换;若所述第二设备所属的目标路由的网络地址资源转换的类型为锥形网络地址资源转换,根据所述目标虚拟网络地址,通过对等网络传输的方式,将所述第一设备的访问请求发送至所述第二设备,其中,所述访问请求携带有所述目标虚拟网络地址。可见,本发明中,处于同一个虚拟网络中的各个设备,可以通过虚拟网络地址直接相互通信,从而实现简单设备的远程访问,可以为普通用户提供互联网技术服务,而且可以通过对等网络传输的方式进行传输,不需要消耗中间服务器节点的带宽,节约了带宽资源。From the above technical solutions, in the present invention, when the first device needs to perform remote access to the second device, the first identification of the first device is obtained, and the second identification of the second device is obtained; an identifier and the second identifier to determine whether the first device and the second device are in the same virtual network; if the first device and the second device are in the same virtual network, determine whether the first device and the second device are in the same virtual network. the target virtual network address of the second device; according to the network address resource conversion type detection algorithm, determine whether the network address resource conversion type of the target route to which the second device belongs is conical network address resource conversion; if the second The type of network address resource translation of the target route to which the device belongs is cone network address resource translation. According to the target virtual network address, the access request of the first device is sent to the first device by means of peer-to-peer network transmission. Two devices, wherein the access request carries the target virtual network address. It can be seen that in the present invention, each device in the same virtual network can directly communicate with each other through the virtual network address, so as to realize remote access of simple devices, provide Internet technical services for ordinary users, and can transmit data through peer-to-peer networks. It does not need to consume the bandwidth of the intermediate server node and saves bandwidth resources.

附图说明Description of drawings

图1是本发明公开的一种远程访问方法的较佳实施例的流程图。FIG. 1 is a flow chart of a preferred embodiment of a remote access method disclosed in the present invention.

图2是本发明公开的一种远程访问装置的较佳实施例的功能模块图。FIG. 2 is a functional block diagram of a preferred embodiment of a remote access device disclosed in the present invention.

图3是本发明实现远程访问方法的较佳实施例的路由器的结构示意图。FIG. 3 is a schematic structural diagram of a router according to a preferred embodiment of the remote access method according to the present invention.

具体实施方式Detailed ways

为了能够更清楚地理解本发明的上述目的、特征和优点,下面结合附图和具体实施例对本发明进行详细描述。需要说明的是,在不冲突的情况下,本发明的实施例及实施例中的特征可以相互组合。In order to more clearly understand the above objects, features and advantages of the present invention, the present invention will be described in detail below with reference to the accompanying drawings and specific embodiments. It should be noted that the embodiments of the present invention and the features in the embodiments may be combined with each other under the condition of no conflict.

显然,所描述的实施例仅仅是本发明一部分实施例,而不是全部的实施例。基于本发明中的实施例,本领域普通技术人员在没有做出创造性劳动前提下所获得的所有其他实施例,都属于本发明保护的范围。Obviously, the described embodiments are only some, but not all, embodiments of the present invention. Based on the embodiments of the present invention, all other embodiments obtained by those of ordinary skill in the art without creative efforts shall fall within the protection scope of the present invention.

除非另有定义,本文所使用的所有的技术和科学术语与属于本发明的技术领域的技术人员通常理解的含义相同。本文中在本发明的说明书中所使用的术语只是为了描述具体的实施例的目的,不是旨在于限制本发明。Unless otherwise defined, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this invention belongs. The terms used herein in the description of the present invention are for the purpose of describing specific embodiments only, and are not intended to limit the present invention.

本发明实施例的远程访问方法应用在路由器中,也可以应用在路由器和通过网络与所述路由器进行连接的服务器所构成的硬件环境中,由服务器和路由器共同执行。网络包括但不限于:广域网、城域网或局域网。The remote access method of the embodiment of the present invention is applied in a router, and can also be applied in a hardware environment composed of a router and a server connected to the router through a network, and is jointly executed by the server and the router. The network includes, but is not limited to: a wide area network, a metropolitan area network or a local area network.

请参见图1,图1是本发明公开的一种远程访问方法的较佳实施例的流程图。其中,根据不同的需求,该流程图中步骤的顺序可以改变,某些步骤可以省略。Please refer to FIG. 1. FIG. 1 is a flowchart of a preferred embodiment of a remote access method disclosed in the present invention. Wherein, according to different requirements, the order of the steps in the flowchart can be changed, and some steps can be omitted.

S11、当第一设备需要对第二设备进行远程访问时,路由器获取所述第一设备的第一标识,以及获取所述第二设备的第二标识。S11. When the first device needs to perform remote access to the second device, the router acquires the first identifier of the first device, and acquires the second identifier of the second device.

其中,所述第一设备以及所述第二设备可以为连接在路由器上的上网设备,也可以是安装有路由器客户端的移动终端,其中,所述路由器客户端用于模拟实现路由器的功能。Wherein, the first device and the second device may be Internet access devices connected to a router, or may be mobile terminals installed with a router client, wherein the router client is used to simulate the function of a router.

其中,所述第一标识可以为所述第一设备的设备序列号,用于辨识所述第一设备的身份。The first identifier may be a device serial number of the first device, which is used to identify the identity of the first device.

其中,所述第一设备与所述第二设备可以为处于异地的设备,并分别连接于不同的路由器。Wherein, the first device and the second device may be devices located in different places and connected to different routers respectively.

本发明实施例中,所述第一设备的第一标识以及所述第二设备的第二标识可以预先存储至服务器中,如果所述第一设备要访问所述第二设备,所述第一设备会生成将要发往所述第二设备的访问请求,即数据包,数据包中会有所述第二设备的相关信息,比如网络地址信息,路由器可以根据所述第二设备的相关信息,向服务器获取所述第二设备的第二标识,因为第一设备连接在该路由器上,因此,该路由器可以获取到所述第一设备的第一标识,也可以从服务器中获取所述第一设备的第一标识。In this embodiment of the present invention, the first identifier of the first device and the second identifier of the second device may be stored in the server in advance. If the first device wants to access the second device, the first The device will generate an access request to be sent to the second device, that is, a data packet, and the data packet will contain relevant information of the second device, such as network address information. The router can, according to the relevant information of the second device, Obtain the second identification of the second device from the server, because the first device is connected to the router, therefore, the router can obtain the first identification of the first device, or obtain the first identification from the server. The first identification of the device.

S12、路由器根据所述第一标识以及所述第二标识,判断所述第一设备和所述第二设备是否处于同一个虚拟网络中,若是,执行步骤S13,若否,结束本流程。S12. The router determines whether the first device and the second device are in the same virtual network according to the first identifier and the second identifier, and if so, executes step S13, and if not, ends the process.

在本发明实施例中,可以根据所述第一标识以及所述第二标识,向服务器查询所述第一设备与所述第二设备各自所属的虚拟网络,从而判断所述第一设备和所述第二设备是否处于同一个虚拟网络中,若路由器存储有虚拟网络的成员列表,则可以根据所述第一标识以及所述第二标识,判断所述虚拟网络的成员列表中是否存在所述第一设备以及所述第二设备,若所述虚拟网络的成员列表中存在所述第一设备以及所述第二设备,则确定所述第一设备以及所述第二设备处于同一个虚拟网络中,若所述虚拟网络的成员列表中不存在所述第一设备或不存在所述第二设备,则确定所述第一设备以及所述第二设备不处于同一个虚拟网络中。In this embodiment of the present invention, according to the first identifier and the second identifier, the server may be queried to the virtual network to which the first device and the second device respectively belong, so as to determine whether the first device and the second device belong to each other. Whether the second device is in the same virtual network, if the router stores the member list of the virtual network, it can be judged whether the member list of the virtual network exists according to the first identifier and the second identifier. The first device and the second device, if the first device and the second device exist in the member list of the virtual network, determine that the first device and the second device are in the same virtual network , if the first device or the second device does not exist in the member list of the virtual network, it is determined that the first device and the second device are not in the same virtual network.

S13、路由器确定所述第二设备的目标虚拟网络地址。S13. The router determines the target virtual network address of the second device.

其中,所述虚拟网络地址可以是从同一个网段的网络地址池中分配给组成虚拟网络的设备成员的网络地址。Wherein, the virtual network address may be a network address allocated to the device members forming the virtual network from the network address pool of the same network segment.

作为一种可选的实施方式,所述方法还包括:As an optional embodiment, the method further includes:

若所述第一设备和所述第二设备不处于同一个虚拟网络中,根据所述第一标识以及所述第二标识,将所述第一设备以及所述第二设备添加至目标虚拟网络中;If the first device and the second device are not in the same virtual network, add the first device and the second device to the target virtual network according to the first identifier and the second identifier middle;

从所述目标虚拟网络的虚拟地址池中,选择第一虚拟网络地址并将所述第一虚拟网络地址分配至所述第一设备,以及从所述目标虚拟网络的虚拟网络地址池中,选择第二虚拟网络地址并将所述第二虚拟网络地址分配至所述第二设备。From the virtual address pool of the target virtual network, selecting a first virtual network address and assigning the first virtual network address to the first device, and from the virtual network address pool of the target virtual network, selecting A second virtual network address and assigning the second virtual network address to the second device.

在该可选的实施方式中,若所述第一设备和所述第二设备不处于同一个虚拟网络中,可以根据所述第一标识以及所述第二标识,将所述第一设备以及所述第二设备添加至目标虚拟网络中,所述目标虚拟网络会根据预先配置的目标网段,生成网段与所述目标网段一致的多个虚拟网络地址,即虚拟网络地址池,可以从所述目标虚拟网络的虚拟网络地址池中,随机选择一个还未被使用的第一虚拟网络地址,并将所述第一虚拟网络地址分配至所述第一设备,随机选择一个还未被使用的第二虚拟网络地址,并将所述第二虚拟网络地址分配至所述第二设备。In this optional implementation manner, if the first device and the second device are not in the same virtual network, the first device and the second device may be identified according to the first identifier and the second identifier. The second device is added to the target virtual network, and the target virtual network will generate, according to the preconfigured target network segment, multiple virtual network addresses whose network segment is consistent with the target network segment, that is, a virtual network address pool, which can be Randomly select a first virtual network address that has not been used from the virtual network address pool of the target virtual network, assign the first virtual network address to the first device, and randomly select an unused first virtual network address. and assigning the second virtual network address to the second device.

可选的,所述第一设备的第一标识、所述第一虚拟网络地址以及所述第二设备的第二标识、所述第二虚拟网络地址可以存储至服务器中,所述服务器还可以存储所述第一设备使用的外网地址以及所述第二设备使用的外网地址等相关信息。Optionally, the first identifier of the first device, the first virtual network address, and the second identifier and the second virtual network address of the second device may be stored in a server, and the server may also Related information such as the external network address used by the first device and the external network address used by the second device is stored.

S14、路由器根据网络地址资源转换类型检测算法,判断所述第二设备所属的目标路由的网络地址资源转换的类型是否为锥形网络地址资源转换,若是,执行步骤S15,若否,结束本流程。S14. According to the network address resource conversion type detection algorithm, the router determines whether the network address resource conversion type of the target route to which the second device belongs is cone network address resource conversion. If so, go to step S15, if not, end the process .

其中,所述网络地址资源转换(Network Address Translation,NAT)类型检测算法可以用于检测路由器所配置的NAT的类型。The network address resource translation (Network Address Translation, NAT) type detection algorithm may be used to detect the type of NAT configured by the router.

其中,所述NAT的类型可以包括完全锥型NAT、限制锥型NAT、端口限制锥型NAT以及对称型NAT。The types of the NAT may include full cone NAT, restricted cone NAT, port restricted cone NAT and symmetric NAT.

其中,所述锥形NAT可以包括所述完全锥型NAT、所述限制锥型NAT以及所述端口限制锥型NAT。The cone NAT may include the full cone NAT, the restricted cone NAT, and the port restricted cone NAT.

S15、路由器根据所述目标虚拟网络地址,通过对等网络传输的方式,将所述第一设备的访问请求发送至所述第二设备,其中,所述访问请求携带有所述目标虚拟网络地址。S15. The router sends the access request of the first device to the second device by means of peer-to-peer network transmission according to the target virtual network address, where the access request carries the target virtual network address .

其中,所述对等网络(Peer-to-peer networking,P2P)是一种在对等者(Peer)之间分配任务和工作负载的分布式应用架构,是对等计算模型在应用层形成的一种组网或网络形式。在P2P网络环境中,彼此连接的多台计算机之间都处于对等的地位,各台计算机有相同的功能,无主从之分,一台计算机既可作为服务器,设定共享资源供网络中其他计算机所使用,又可以作为工作站,整个网络一般来说不依赖专用的集中服务器,也没有专用的工作站。网络中的每一台计算机既能充当网络服务的请求者,又对其它计算机的请求做出响应,提供资源、服务和内容。The peer-to-peer networking (P2P) is a distributed application architecture that distributes tasks and workloads among peers, and is formed by a peer-to-peer computing model at the application layer. A form of networking or networking. In the P2P network environment, multiple computers connected to each other are in a peer-to-peer position. Each computer has the same function, and there is no master-slave distinction. One computer can be used as a server, setting shared resources for the network. Other computers can also be used as workstations. Generally speaking, the entire network does not rely on dedicated centralized servers, nor does it have dedicated workstations. Each computer in the network can not only act as a requester of network services, but also respond to requests from other computers, providing resources, services and content.

本发明实施例中,如果第二设备所属的目标路由的网络地址资源转换的类型为锥形网络地址资源转换,则第二设备存储在服务器中的外网地址以及端口号可以被其他设备使用,即具有不同的源地址的其他设备在使用所述第二设备存储在服务器中的外网地址的发送至所述第二设备的数据包不会被所述第二设备所属的目标路由拦截,从而可以通过对等网络传输的方式,让所述第一设备与所述第二设备直接进行通信,不需要通过其他服务器的处理,从而不需要消耗其他服务器的带宽,节约了带宽资源。In this embodiment of the present invention, if the type of network address resource translation of the target route to which the second device belongs is cone network address resource translation, the external network address and port number stored in the server by the second device can be used by other devices, That is, the data packets sent to the second device by other devices with different source addresses using the external network address stored in the server by the second device will not be intercepted by the destination route to which the second device belongs, thus The first device can communicate directly with the second device by means of peer-to-peer network transmission, without processing by other servers, thereby eliminating the need to consume bandwidth of other servers and saving bandwidth resources.

具体的,所述根据所述目标虚拟网络地址,通过对等网络传输的方式,将所述第一设备的访问请求发送至所述第二设备包括:Specifically, according to the target virtual network address, sending the access request of the first device to the second device by means of peer-to-peer network transmission includes:

根据所述目标虚拟网络地址,从第一服务器中获取所述第二设备的第一外网地址;obtaining the first external network address of the second device from the first server according to the target virtual network address;

根据所述第一外网地址,将所述第一设备的访问请求发送至所述第二设备所属的目标路由,其中,所述目标路由根据所述访问请求携带的所述目标虚拟网络地址,将所述访问请求发送至所述第二设备。According to the first external network address, the access request of the first device is sent to the target route to which the second device belongs, wherein the target route is based on the target virtual network address carried in the access request, The access request is sent to the second device.

在该可选的实施方式中,在将所述第二设备添加至虚拟网络中的时候,所述第二设备会与所述第一服务器进行通信,所述第一服务器会存储所述第二设备所使用的外网地址以及所述第二设备的目标虚拟网络地址。因此,可以根据所述目标虚拟网络地址,从所述第一服务中查询并获取到所述第二设备的第一外网地址。获得第一外网地址后,路由器可以将有所述第一设备发往所述第二设备的访问请求的数据包的目的地址映射为所述第一外网地址,从而使得所述访问请求可以发送至所述第二设备所属的目标路由,其中,所述目标路由根据所述访问请求携带的所述目标虚拟网络地址,将所述访问请求发送至所述第二设备。In this optional implementation manner, when the second device is added to the virtual network, the second device will communicate with the first server, and the first server will store the second device The external network address used by the device and the target virtual network address of the second device. Therefore, the first external network address of the second device may be queried and acquired from the first service according to the target virtual network address. After obtaining the first external network address, the router can map the destination address of the data packet with the access request sent by the first device to the second device to the first external network address, so that the access request can be Send to the target route to which the second device belongs, wherein the target route sends the access request to the second device according to the target virtual network address carried in the access request.

其中,所述第一服务器用于存储虚拟网络中的所有设备的标识信息、虚拟网络地址、外网地址以及配置信息。Wherein, the first server is used for storing identification information, virtual network addresses, external network addresses and configuration information of all devices in the virtual network.

可选的,处于虚拟网络的中所有设备会定时与所述第一服务器进行通信,使得所述第一服务器可以定时保存或更新所有设备的标识信息、虚拟网络地址、外网地址以及配置信息。Optionally, all devices in the virtual network will regularly communicate with the first server, so that the first server can regularly save or update the identification information, virtual network addresses, external network addresses and configuration information of all devices.

作为一种可选的实施方式,所述方法还包括:As an optional embodiment, the method further includes:

若所述第二设备所属的目标路由的网络地址资源转换的类型不为锥形网络地址资源转换,根据所述目标虚拟网络地址,通过服务器转发的方式,将所述第一设备的访问请求发送至所述第二设备。If the type of the network address resource translation of the target route to which the second device belongs is not cone network address resource translation, according to the target virtual network address, the access request of the first device is sent by means of server forwarding to the second device.

在该可选的实施方式中,如果所述第二设备所属的目标路由的网络地址资源转换的类型不为锥形网络地址资源转换,即所述第二设备与不同的源地址的设备进行通信时,所述第二设备采用的外网地址是不相同的,即保存在服务器中的第二设备的外网地址只能由该服务器使用来和所述第二设备进行通信,若其他设备使用保存在服务器中的第二设备的外网地址去和所述设备进行通信,因为其他设备使用的源地址和该服务器的源地址不一样,所有其他设备发往所述第二设备的访问请求(数据包)会被所述第二设备所属的目标路由拦截,即其他设备无法与所述第二设备直接进行通信。因此,需要通过服务器转发的方式将所述第一设备的访问请求发送至所述第二设备。In this optional implementation manner, if the type of network address resource translation of the target route to which the second device belongs is not cone network address resource translation, that is, the second device communicates with devices with different source addresses When the external network address used by the second device is different, that is, the external network address of the second device stored in the server can only be used by the server to communicate with the second device. The external network address of the second device stored in the server is used to communicate with the device. Because the source address used by other devices is different from the source address of the server, all other devices send access requests to the second device ( data packets) will be intercepted by the target route to which the second device belongs, that is, other devices cannot communicate directly with the second device. Therefore, it is necessary to send the access request of the first device to the second device by means of server forwarding.

具体的,所述根据所述目标虚拟网络地址,通过服务器转发的方式,将所述第一设备的访问请求发送至所述第二设备包括:Specifically, the sending the access request of the first device to the second device by forwarding the server according to the target virtual network address includes:

将所述第一设备的访问请求的源地址映射为第二服务器的第二外网地址;mapping the source address of the access request of the first device to the second external network address of the second server;

根据所述目标虚拟网络地址,从所述第二服务器存储的多个外网地址中,确定所述第二设备的第三外网地址;According to the target virtual network address, from a plurality of external network addresses stored by the second server, determine a third external network address of the second device;

根据所述第二外网地址以及所述第三外网地址,将所述访问请求发送至所述第二设备。The access request is sent to the second device according to the second external network address and the third external network address.

在该可选的实施方式中,可以将所述第一设备的访问请求发送至所述第二服务器,所述第二服务器可以将所述访问请求的源地址映射为所述第二服务器的第二外网地址,并根据所述目标虚拟网络地址,从所述第二服务器存储的多个外网地址中,确定所述第二设备的第三外网地址,可以将所述访问请求的目的地址映射为所述第三外网地址,使得所述访问请求在使用所述第二设备存储在所述第二服务器中的第三外网地址对所述第二设备进行访问时,不会被拦截,从而确保所述访问请求可以发送至所述第二设备。In this optional implementation manner, the access request of the first device may be sent to the second server, and the second server may map the source address of the access request to the first address of the second server The second external network address, and according to the target virtual network address, the third external network address of the second device is determined from the multiple external network addresses stored by the second server, and the purpose of the access request can be determined. The address is mapped to the third external network address, so that when accessing the second device using the third external network address stored in the second server by the second device, the access request will not be Intercept to ensure that the access request can be sent to the second device.

其中,所述第二服务器用于存储虚拟网络中的所有设备的标识信息、虚拟网络地址、外网地址以及配置信息。Wherein, the second server is used for storing identification information, virtual network addresses, external network addresses and configuration information of all devices in the virtual network.

可选的,处于虚拟网络的中所有设备会定时与所述第二服务器进行通信,使得所述第一服务器可以定时保存或更新所有设备的标识信息、虚拟网络地址、外网地址以及配置信息。Optionally, all devices in the virtual network will regularly communicate with the second server, so that the first server can regularly save or update the identification information, virtual network addresses, external network addresses and configuration information of all devices.

在图1所描述的方法流程中,当第一设备需要对第二设备进行远程访问时,获取所述第一设备的第一标识,以及获取所述第二设备的第二标识;根据所述第一标识以及所述第二标识,判断所述第一设备和所述第二设备是否处于同一个虚拟网络中;若所述第一设备和所述第二设备处于同一个虚拟网络中,确定所述第二设备的目标虚拟网络地址;根据网络地址资源转换类型检测算法,判断所述第二设备所属的目标路由的网络地址资源转换的类型是否为锥形网络地址资源转换;若所述第二设备所属的目标路由的网络地址资源转换的类型为锥形网络地址资源转换,根据所述目标虚拟网络地址,通过对等网络传输的方式,将所述第一设备的访问请求发送至所述第二设备,其中,所述访问请求携带有所述目标虚拟网络地址。可见,处于同一个虚拟网络中的各个设备,可以通过虚拟网络地址直接相互通信,从而实现简单设备的远程访问,可以为普通用户提供互联网技术服务,而且可以通过对等网络传输的方式进行传输,不需要消耗中间服务器节点的带宽,节约了带宽资源。In the method flow described in FIG. 1 , when the first device needs to perform remote access to the second device, it acquires the first identifier of the first device, and acquires the second identifier of the second device; according to the The first identifier and the second identifier are used to determine whether the first device and the second device are in the same virtual network; if the first device and the second device are in the same virtual network, determine whether the first device and the second device are in the same virtual network. The target virtual network address of the second device; according to the network address resource conversion type detection algorithm, determine whether the network address resource conversion type of the target route to which the second device belongs is conical network address resource conversion; if the first The type of network address resource translation of the target route to which the second device belongs is cone network address resource translation. According to the target virtual network address, the access request of the first device is sent to the The second device, wherein the access request carries the target virtual network address. It can be seen that each device in the same virtual network can directly communicate with each other through the virtual network address, so as to realize remote access of simple devices, provide Internet technical services for ordinary users, and transmit through peer-to-peer network transmission. There is no need to consume the bandwidth of intermediate server nodes, thus saving bandwidth resources.

以上所述,仅是本发明的具体实施方式,但本发明的保护范围并不局限于此,对于本领域的普通技术人员来说,在不脱离本发明创造构思的前提下,还可以做出改进,但这些均属于本发明的保护范围。The above are only specific embodiments of the present invention, but the protection scope of the present invention is not limited to this. improvements, but these all belong to the protection scope of the present invention.

请参见图2,图2是本发明公开的一种远程访问装置的较佳实施例的功能模块图。Please refer to FIG. 2, which is a functional block diagram of a preferred embodiment of a remote access device disclosed in the present invention.

在一些实施例中,所述远程访问装置运行于路由器中。所述远程访问装置可以包括多个由程序代码段所组成的功能模块。所述远程访问装置中的各个程序段的程序代码可以存储于存储器中,并由至少一个处理器所执行,以执行图1所描述的远程访问方法中的部分或全部步骤。In some embodiments, the remote access device runs in a router. The remote access device may include a plurality of functional modules composed of program code segments. The program codes of each program segment in the remote access device may be stored in a memory and executed by at least one processor to perform some or all of the steps in the remote access method described in FIG. 1 .

本实施例中,所述远程访问装置根据其所执行的功能,可以被划分为多个功能模块。所述功能模块可以包括:获取模块201、判断模块202、确定模块203及发送模块204。本发明所称的模块是指一种能够被至少一个处理器所执行并且能够完成固定功能的一系列计算机程序段,其存储在存储器中。In this embodiment, the remote access device may be divided into a plurality of functional modules according to the functions performed by the remote access device. The functional modules may include: an acquiring module 201 , a judging module 202 , a determining module 203 and a sending module 204 . The modules referred to in the present invention refer to a series of computer program segments that can be executed by at least one processor and can perform fixed functions, and are stored in a memory.

获取模块201,用于当第一设备需要对第二设备进行远程访问时,获取所述第一设备的第一标识,以及获取所述第二设备的第二标识。The acquiring module 201 is configured to acquire a first identifier of the first device and acquire a second identifier of the second device when the first device needs to perform remote access to the second device.

其中,所述第一设备以及所述第二设备可以为连接在路由器上的上网设备,也可以是安装有路由器客户端的移动终端,其中,所述路由器客户端用于模拟实现路由器的功能。Wherein, the first device and the second device may be Internet access devices connected to a router, or may be mobile terminals installed with a router client, wherein the router client is used to simulate the function of a router.

其中,所述第一标识可以为所述第一设备的设备序列号,用于辨识所述第一设备的身份。The first identifier may be a device serial number of the first device, which is used to identify the identity of the first device.

其中,所述第一设备与所述第二设备可以为处于异地的设备,并分别连接于不同的路由器。Wherein, the first device and the second device may be devices located in different places and connected to different routers respectively.

本发明实施例中,所述第一设备的第一标识以及所述第二设备的第二标识可以预先存储至服务器中,如果所述第一设备要访问所述第二设备,所述第一设备会生成将要发往所述第二设备的访问请求,即数据包,数据包中会有所述第二设备的相关信息,比如网络地址信息,路由器可以根据所述第二设备的相关信息,向服务器获取所述第二设备的第二标识,因为第一设备连接在该路由器上,因此,该路由器可以获取到所述第一设备的第一标识,也可以从服务器中获取所述第一设备的第一标识。In this embodiment of the present invention, the first identifier of the first device and the second identifier of the second device may be stored in the server in advance. If the first device wants to access the second device, the first The device will generate an access request to be sent to the second device, that is, a data packet, and the data packet will contain relevant information of the second device, such as network address information. The router can, according to the relevant information of the second device, Obtain the second identification of the second device from the server, because the first device is connected to the router, therefore, the router can obtain the first identification of the first device, or obtain the first identification from the server. The first identification of the device.

判断模块202,用于根据所述第一标识以及所述第二标识,判断所述第一设备和所述第二设备是否处于同一个虚拟网络中。The determining module 202 is configured to determine whether the first device and the second device are in the same virtual network according to the first identifier and the second identifier.

在本发明实施例中,可以根据所述第一标识以及所述第二标识,向服务器查询所述第一设备与所述第二设备各自所属的虚拟网络,从而判断所述第一设备和所述第二设备是否处于同一个虚拟网络中,若路由器存储有虚拟网络的成员列表,则可以根据所述第一标识以及所述第二标识,判断所述虚拟网络的成员列表中是否存在所述第一设备以及所述第二设备,若所述虚拟网络的成员列表中存在所述第一设备以及所述第二设备,则确定所述第一设备以及所述第二设备处于同一个虚拟网络中,若所述虚拟网络的成员列表中不存在所述第一设备或不存在所述第二设备,则确定所述第一设备以及所述第二设备不处于同一个虚拟网络中。In this embodiment of the present invention, according to the first identifier and the second identifier, the server may be queried to the virtual network to which the first device and the second device respectively belong, so as to determine whether the first device and the second device belong to each other. Whether the second device is in the same virtual network, if the router stores the member list of the virtual network, it can be judged whether the member list of the virtual network exists according to the first identifier and the second identifier. The first device and the second device, if the first device and the second device exist in the member list of the virtual network, determine that the first device and the second device are in the same virtual network , if the first device or the second device does not exist in the member list of the virtual network, it is determined that the first device and the second device are not in the same virtual network.

确定模块203,用于若所述第一设备和所述第二设备处于同一个虚拟网络中,确定所述第二设备的目标虚拟网络地址。The determining module 203 is configured to determine the target virtual network address of the second device if the first device and the second device are in the same virtual network.

其中,所述虚拟网络地址可以是从同一个网段的网络地址池中分配给组成虚拟网络的设备成员的网络地址。Wherein, the virtual network address may be a network address allocated to the device members forming the virtual network from the network address pool of the same network segment.

所述判断模块202,还用于根据网络地址资源转换类型检测算法,判断所述第二设备所属的目标路由的网络地址资源转换的类型是否为锥形网络地址资源转换。The judging module 202 is further configured to judge, according to the network address resource conversion type detection algorithm, whether the network address resource conversion type of the target route to which the second device belongs is cone network address resource conversion.

其中,所述网络地址资源转换(Network Address Translation,NAT)类型检测算法可以用于检测路由器所配置的NAT的类型。The network address resource translation (Network Address Translation, NAT) type detection algorithm may be used to detect the type of NAT configured by the router.

其中,所述NAT的类型可以包括完全锥型NAT、限制锥型NAT、端口限制锥型NAT以及对称型NAT。The types of the NAT may include full cone NAT, restricted cone NAT, port restricted cone NAT and symmetric NAT.

其中,所述锥形NAT可以包括所述完全锥型NAT、所述限制锥型NAT以及所述端口限制锥型NAT。The cone NAT may include the full cone NAT, the restricted cone NAT, and the port restricted cone NAT.

发送模块204,用于若所述第二设备所属的目标路由的网络地址资源转换的类型为锥形网络地址资源转换,根据所述目标虚拟网络地址,通过对等网络传输的方式,将所述第一设备的访问请求发送至所述第二设备,其中,所述访问请求携带有所述目标虚拟网络地址。The sending module 204 is configured to, if the type of the network address resource conversion of the target route to which the second device belongs is cone network address resource conversion, transmit the An access request from the first device is sent to the second device, wherein the access request carries the target virtual network address.

其中,所述对等网络(Peer-to-peer networking,P2P)是一种在对等者(Peer)之间分配任务和工作负载的分布式应用架构,是对等计算模型在应用层形成的一种组网或网络形式。在P2P网络环境中,彼此连接的多台计算机之间都处于对等的地位,各台计算机有相同的功能,无主从之分,一台计算机既可作为服务器,设定共享资源供网络中其他计算机所使用,又可以作为工作站,整个网络一般来说不依赖专用的集中服务器,也没有专用的工作站。网络中的每一台计算机既能充当网络服务的请求者,又对其它计算机的请求做出响应,提供资源、服务和内容。The peer-to-peer networking (P2P) is a distributed application architecture that distributes tasks and workloads among peers, and is formed by a peer-to-peer computing model at the application layer. A form of networking or networking. In the P2P network environment, multiple computers connected to each other are in a peer-to-peer position. Each computer has the same function, and there is no master-slave distinction. One computer can be used as a server, setting shared resources for the network. Other computers can also be used as workstations. Generally speaking, the entire network does not rely on dedicated centralized servers, nor does it have dedicated workstations. Each computer in the network can not only act as a requester of network services, but also respond to requests from other computers, providing resources, services and content.

本发明实施例中,如果第二设备所属的目标路由的网络地址资源转换的类型为锥形网络地址资源转换,则第二设备存储在服务器中的外网地址以及端口号可以被其他设备使用,即具有不同的源地址的其他设备在使用所述第二设备存储在服务器中的外网地址的发送至所述第二设备的数据包不会被所述第二设备所属的路由拦截,从而可以通过对等网络传输的方式,让所述第一设备与所述第二设备直接进行通信,不需要通过其他服务器的处理,从而不需要消耗其他服务器的带宽,节约了带宽资源。In this embodiment of the present invention, if the type of network address resource translation of the target route to which the second device belongs is cone network address resource translation, the external network address and port number stored in the server by the second device can be used by other devices, That is, the data packets sent to the second device by other devices with different source addresses using the external network address stored in the server by the second device will not be intercepted by the route to which the second device belongs, so that it can be By means of peer-to-peer network transmission, the first device and the second device communicate directly without processing by other servers, so that bandwidth of other servers does not need to be consumed, and bandwidth resources are saved.

作为一种可选的实施方式,所述远程访问装置还可以包括:As an optional implementation manner, the remote access device may further include:

添加模块,用于若所述第一设备和所述第二设备不处于同一个虚拟网络中,根据所述第一标识以及所述第二标识,将所述第一设备以及所述第二设备添加至目标虚拟网络中;An adding module is configured to, if the first device and the second device are not in the same virtual network, add the first device and the second device to the first device and the second device according to the first identifier and the second identifier added to the target virtual network;

分配模块,用于从所述目标虚拟网络的虚拟地址池中,选择第一虚拟网络地址并将所述第一虚拟网络地址分配至所述第一设备,以及从所述目标虚拟网络的虚拟网络地址池中,选择第二虚拟网络地址并将所述第二虚拟网络地址分配至所述第二设备。an allocation module, configured to select a first virtual network address from the virtual address pool of the target virtual network and allocate the first virtual network address to the first device, and select a virtual network address from the target virtual network In the address pool, a second virtual network address is selected and the second virtual network address is allocated to the second device.

在该可选的实施方式中,若所述第一设备和所述第二设备不处于同一个虚拟网络中,可以根据所述第一标识以及所述第二标识,将所述第一设备以及所述第二设备添加至目标虚拟网络中,所述目标虚拟网络会根据预先配置的目标网段,生成网段与所述目标网段一致的多个虚拟网络地址,即虚拟网络地址池,可以从所述目标虚拟网络的虚拟网络地址池中,随机选择一个还未被使用的第一虚拟网络地址,并将所述第一虚拟网络地址分配至所述第一设备,随机选择一个还未被使用的第二虚拟网络地址,并将所述第二虚拟网络地址分配至所述第二设备。In this optional implementation manner, if the first device and the second device are not in the same virtual network, the first device and the second device may be identified according to the first identifier and the second identifier. The second device is added to the target virtual network, and the target virtual network will generate, according to the preconfigured target network segment, multiple virtual network addresses whose network segment is consistent with the target network segment, that is, a virtual network address pool, which can be Randomly select a first virtual network address that has not been used from the virtual network address pool of the target virtual network, assign the first virtual network address to the first device, and randomly select an unused first virtual network address. and assigning the second virtual network address to the second device.

可选的,所述第一设备的第一标识、所述第一虚拟网络地址以及所述第二设备的第二标识、所述第二虚拟网络地址可以存储至服务器中,所述服务器还可以存储所述第一设备使用的外网地址以及所述第二设备使用的外网地址等相关信息。Optionally, the first identifier of the first device, the first virtual network address, and the second identifier and the second virtual network address of the second device may be stored in a server, and the server may also Related information such as the external network address used by the first device and the external network address used by the second device is stored.

作为一种可选的实施方式,所述发送模块204根据所述目标虚拟网络地址,通过对等网络传输的方式,将所述第一设备的访问请求发送至所述第二设备的方式具体为:As an optional implementation manner, the sending module 204 sends the access request of the first device to the second device by means of peer-to-peer network transmission according to the target virtual network address, specifically as follows: :

根据所述目标虚拟网络地址,从第一服务器中获取所述第二设备的第一外网地址;obtaining the first external network address of the second device from the first server according to the target virtual network address;

根据所述第一外网地址,将所述第一设备的访问请求发送至所述第二设备所属的目标路由,其中,所述目标路由根据所述访问请求携带的所述目标虚拟网络地址,将所述访问请求发送至所述第二设备。According to the first external network address, the access request of the first device is sent to the target route to which the second device belongs, wherein the target route is based on the target virtual network address carried in the access request, The access request is sent to the second device.

在该可选的实施方式中,在将所述第二设备添加至虚拟网络中的时候,所述第二设备会与所述第一服务器进行通信,所述第一服务器会存储所述第二设备所使用的外网地址以及所述第二设备的目标虚拟网络地址。因此,可以根据所述目标虚拟网络地址,从所述第一服务中查询并获取到所述第二设备的第一外网地址。获得第一外网地址后,路由器可以将有所述第一设备发往所述第二设备的访问请求的数据包的目的地址映射为所述第一外网地址,从而使得所述访问请求可以发送至所述第二设备所属的目标路由,其中,所述目标路由根据所述访问请求携带的所述目标虚拟网络地址,将所述访问请求发送至所述第二设备。In this optional implementation manner, when the second device is added to the virtual network, the second device will communicate with the first server, and the first server will store the second device The external network address used by the device and the target virtual network address of the second device. Therefore, the first external network address of the second device may be queried and acquired from the first service according to the target virtual network address. After obtaining the first external network address, the router can map the destination address of the data packet with the access request sent by the first device to the second device to the first external network address, so that the access request can be Send to the target route to which the second device belongs, wherein the target route sends the access request to the second device according to the target virtual network address carried in the access request.

其中,所述第一服务器用于存储虚拟网络中的所有设备的标识信息、虚拟网络地址、外网地址以及配置信息。Wherein, the first server is used for storing identification information, virtual network addresses, external network addresses and configuration information of all devices in the virtual network.

可选的,处于虚拟网络的中所有设备会定时与所述第一服务器进行通信,使得所述第一服务器可以定时保存或更新所有设备的标识信息、虚拟网络地址、外网地址以及配置信息。Optionally, all devices in the virtual network will regularly communicate with the first server, so that the first server can regularly save or update the identification information, virtual network addresses, external network addresses and configuration information of all devices.

作为一种可选的实施方式,所述发送模块204,还用于若所述第二设备所属的目标路由的网络地址资源转换的类型不为锥形网络地址资源转换,根据所述目标虚拟网络地址,通过服务器转发的方式,将所述第一设备的访问请求发送至所述第二设备。As an optional implementation manner, the sending module 204 is further configured to, if the type of network address resource translation of the target route to which the second device belongs is not conical network address resource translation, according to the target virtual network The address is forwarded by the server to send the access request of the first device to the second device.

在该可选的实施方式中,如果所述第二设备所属的目标路由的网络地址资源转换的类型不为锥形网络地址资源转换,即所述第二设备与不同的源地址的设备进行通信时,所述第二设备采用的外网地址是不相同的,即保存在服务器中的第二设备的外网地址只能由该服务器使用来和所述第二设备进行通信,若其他设备使用保存在服务器中的第二设备的外网地址去和所述设备进行通信,因为其他设备使用的源地址和该服务器的源地址不一样,所有其他设备发往所述第二设备的访问请求(数据包)会被所述第二设备所属的目标路由拦截,即其他设备无法与所述第二设备直接进行通信。因此,需要通过服务器转发的方式将所述第一设备的访问请求发送至所述第二设备。In this optional implementation manner, if the type of network address resource translation of the target route to which the second device belongs is not cone network address resource translation, that is, the second device communicates with devices with different source addresses When the external network address used by the second device is different, that is, the external network address of the second device stored in the server can only be used by the server to communicate with the second device. The external network address of the second device stored in the server to communicate with the device, because the source address used by other devices is different from the source address of the server, all other devices send access requests to the second device ( data packets) will be intercepted by the destination route to which the second device belongs, that is, other devices cannot communicate directly with the second device. Therefore, the access request of the first device needs to be sent to the second device by means of server forwarding.

作为一种可选的实施方式,所述发送模块204根据所述目标虚拟网络地址,通过服务器转发的方式,将所述第一设备的访问请求发送至所述第二设备的方式具体为:As an optional implementation manner, the manner in which the sending module 204 sends the access request of the first device to the second device by forwarding the server according to the target virtual network address is as follows:

将所述第一设备的访问请求的源地址映射为第二服务器的第二外网地址;mapping the source address of the access request of the first device to the second external network address of the second server;

根据所述目标虚拟网络地址,从所述第二服务器存储的多个外网地址中,确定所述第二设备的第三外网地址;According to the target virtual network address, from a plurality of external network addresses stored by the second server, determine a third external network address of the second device;

根据所述第二外网地址以及所述第三外网地址,将所述访问请求发送至所述第二设备。The access request is sent to the second device according to the second external network address and the third external network address.

在该可选的实施方式中,可以将所述第一设备的访问请求发送至所述第二服务器,所述第二服务器可以将所述访问请求的源地址映射为所述第二服务器的第二外网地址,并根据所述目标虚拟网络地址,从所述第二服务器存储的多个外网地址中,确定所述第二设备的第三外网地址,可以将所述访问请求的目的地址映射为所述第三外网地址,使得所述访问请求在使用所述第二设备存储在所述第二服务器中的第三外网地址对所述第二设备进行访问时,不会被拦截,从而确保所述访问请求可以发送至所述第二设备。In this optional implementation manner, the access request of the first device may be sent to the second server, and the second server may map the source address of the access request to the first address of the second server The second external network address, and according to the target virtual network address, the third external network address of the second device is determined from the multiple external network addresses stored by the second server, and the purpose of the access request can be determined. The address is mapped to the third external network address, so that when the access request is accessed to the second device using the third external network address stored in the second server by the second device, the access request will not be Intercept to ensure that the access request can be sent to the second device.

其中,所述第二服务器用于存储虚拟网络中的所有设备的标识信息、虚拟网络地址、外网地址以及配置信息。Wherein, the second server is used for storing identification information, virtual network addresses, external network addresses and configuration information of all devices in the virtual network.

可选的,处于虚拟网络的中所有设备会定时与所述第二服务器进行通信,使得所述第一服务器可以定时保存或更新所有设备的标识信息、虚拟网络地址、外网地址以及配置信息。Optionally, all devices in the virtual network will regularly communicate with the second server, so that the first server can regularly save or update the identification information, virtual network addresses, external network addresses and configuration information of all devices.

在图2所描述的远程访问装置中,本发明中,当第一设备需要对第二设备进行远程访问时,获取所述第一设备的第一标识,以及获取所述第二设备的第二标识;根据所述第一标识以及所述第二标识,判断所述第一设备和所述第二设备是否处于同一个虚拟网络中;若所述第一设备和所述第二设备处于同一个虚拟网络中,确定所述第二设备的目标虚拟网络地址;根据网络地址资源转换类型检测算法,判断所述第二设备所属的目标路由的网络地址资源转换的类型是否为锥形网络地址资源转换;若所述第二设备所属的目标路由的网络地址资源转换的类型为锥形网络地址资源转换,根据所述目标虚拟网络地址,通过对等网络传输的方式,将所述第一设备的访问请求发送至所述第二设备,其中,所述访问请求携带有所述目标虚拟网络地址。可见,处于同一个虚拟网络中的各个设备,可以通过虚拟网络地址直接相互通信,从而实现简单设备的远程访问,可以为普通用户提供互联网技术服务,而且可以通过对等网络传输的方式进行传输,不需要消耗中间服务器节点的带宽,节约了带宽资源。In the remote access apparatus described in FIG. 2, in the present invention, when the first device needs to perform remote access to the second device, the first identifier of the first device is acquired, and the second identifier of the second device is acquired. identification; according to the first identification and the second identification, determine whether the first device and the second device are in the same virtual network; if the first device and the second device are in the same virtual network In the virtual network, determine the target virtual network address of the second device; according to a network address resource translation type detection algorithm, determine whether the network address resource translation type of the target route to which the second device belongs is a cone network address resource translation If the type of the network address resource conversion of the target route to which the second device belongs is the cone network address resource conversion, according to the target virtual network address, through the mode of peer-to-peer network transmission, the access of the first device is A request is sent to the second device, wherein the access request carries the target virtual network address. It can be seen that each device in the same virtual network can directly communicate with each other through the virtual network address, so as to realize remote access of simple devices, provide Internet technical services for ordinary users, and transmit through peer-to-peer network transmission. There is no need to consume the bandwidth of intermediate server nodes, thus saving bandwidth resources.

如图3所示,图3是本发明实现远程访问方法的较佳实施例的路由器的结构示意图。所述路由器3包括存储器31、至少一个处理器32、存储在所述存储器31中并可在所述至少一个处理器32上运行的计算机程序33及至少一条通讯总线34。As shown in FIG. 3 , FIG. 3 is a schematic structural diagram of a router according to a preferred embodiment of the remote access method of the present invention. The router 3 includes a memory 31 , at least one processor 32 , a computer program 33 stored in the memory 31 and executable on the at least one processor 32 , and at least one communication bus 34 .

本领域技术人员可以理解,图3所示的示意图仅仅是所述路由器3的示例,并不构成对所述路由器3的限定,可以包括比图示更多或更少的部件,或者组合某些部件,或者不同的部件,例如所述路由器3还可以包括输入输出设备、网络接入设备等。Those skilled in the art can understand that the schematic diagram shown in FIG. 3 is only an example of the router 3, and does not constitute a limitation on the router 3, and may include more or less components than those shown in the figure, or combine some components, or different components, for example, the router 3 may also include input and output devices, network access devices, and the like.

所述路由器3所处的网络包括但不限于互联网、广域网、城域网、局域网、虚拟专用网络(Virtual Private Network,VPN)等。The network where the router 3 is located includes but is not limited to the Internet, a wide area network, a metropolitan area network, a local area network, a virtual private network (Virtual Private Network, VPN), and the like.

所述至少一个处理器32可以是中央处理单元(Central Processing Unit,CPU),还可以是其他通用处理器、数字信号处理器(Digital Signal Processor,DSP)、专用集成电路(Application Specific Integrated Circuit,ASIC)、现场可编程门阵列(Field-Programmable Gate Array,FPGA)或者其他可编程逻辑器件、晶体管逻辑器件、分立硬件组件等。该处理器32可以是微处理器或者该处理器32也可以是任何常规的处理器等,所述处理器32是所述路由器3的控制中心,利用各种接口和线路连接整个路由器3的各个部分。The at least one processor 32 may be a central processing unit (Central Processing Unit, CPU), and may also be other general-purpose processors, digital signal processors (Digital Signal Processors, DSP), application specific integrated circuits (Application Specific Integrated Circuit, ASIC) ), Field-Programmable Gate Array (FPGA) or other programmable logic devices, transistor logic devices, discrete hardware components, etc. The processor 32 can be a microprocessor or the processor 32 can also be any conventional processor, etc. The processor 32 is the control center of the router 3, and uses various interfaces and lines to connect the various parts of the router 3 part.

所述存储器31可用于存储所述计算机程序33和/或模块/单元,所述处理器32通过运行或执行存储在所述存储器31内的计算机程序和/或模块/单元,以及调用存储在存储器31内的数据,实现所述路由器3的各种功能。所述存储器31可主要包括存储程序区和存储数据区,其中,存储程序区可存储操作系统、至少一个功能所需的应用程序(比如声音播放功能、图像播放功能等)等;存储数据区可存储根据路由器3的使用所创建的数据(比如音频数据等)等。此外,存储器31可以包括非易失性存储器,例如硬盘、内存、插接式硬盘,智能存储卡(Smart Media Card,SMC),安全数字(Secure Digital,SD)卡,闪存卡(Flash Card)、至少一个磁盘存储器件、闪存器件等。The memory 31 can be used to store the computer program 33 and/or modules/units, and the processor 32 executes or executes the computer programs and/or modules/units stored in the memory 31 and calls the computer programs and/or modules/units stored in the memory 31. 31 to realize various functions of the router 3 . The memory 31 may mainly include a stored program area and a stored data area, wherein the stored program area may store an operating system, an application program required for at least one function (such as a sound playback function, an image playback function, etc.), etc.; the storage data area may Data (such as audio data, etc.) created in accordance with the use of the router 3 and the like are stored. In addition, the memory 31 may include non-volatile memory, such as hard disk, internal memory, plug-in hard disk, Smart Media Card (SMC), Secure Digital (SD) card, Flash Card (Flash Card), At least one disk storage device, flash memory device, etc.

结合图1,所述路由器3中的所述存储器31存储多个指令以实现一种远程访问方法,所述处理器32可执行所述多个指令从而实现:1, the memory 31 in the router 3 stores multiple instructions to implement a remote access method, and the processor 32 can execute the multiple instructions to implement:

当第一设备需要对第二设备进行远程访问时,获取所述第一设备的第一标识,以及获取所述第二设备的第二标识;When the first device needs to perform remote access to the second device, acquiring the first identifier of the first device, and acquiring the second identifier of the second device;

根据所述第一标识以及所述第二标识,判断所述第一设备和所述第二设备是否处于同一个虚拟网络中;According to the first identifier and the second identifier, determine whether the first device and the second device are in the same virtual network;

若所述第一设备和所述第二设备处于同一个虚拟网络中,确定所述第二设备的目标虚拟网络地址;If the first device and the second device are in the same virtual network, determining the target virtual network address of the second device;

根据网络地址资源转换类型检测算法,判断所述第二设备所属的目标路由的网络地址资源转换的类型是否为锥形网络地址资源转换;According to the network address resource conversion type detection algorithm, determine whether the network address resource conversion type of the target route to which the second device belongs is cone network address resource conversion;

若所述第二设备所属的目标路由的网络地址资源转换的类型为锥形网络地址资源转换,根据所述目标虚拟网络地址,通过对等网络传输的方式,将所述第一设备的访问请求发送至所述第二设备,其中,所述访问请求携带有所述目标虚拟网络地址。If the type of network address resource translation of the target route to which the second device belongs is cone network address resource translation, according to the target virtual network address, the access request of the first device is transmitted through a peer-to-peer network. sent to the second device, wherein the access request carries the target virtual network address.

在一种可选的实施方式中,所述根据所述目标虚拟网络地址,通过对等网络传输的方式,将所述第一设备的访问请求发送至所述第二设备包括:In an optional implementation manner, the sending the access request of the first device to the second device by means of peer-to-peer network transmission according to the target virtual network address includes:

根据所述目标虚拟网络地址,从第一服务器中获取所述第二设备的第一外网地址;obtaining the first external network address of the second device from the first server according to the target virtual network address;

根据所述第一外网地址,将所述第一设备的访问请求发送至所述第二设备所属的目标路由,其中,所述目标路由根据所述访问请求携带的所述目标虚拟网络地址,将所述访问请求发送至所述第二设备。According to the first external network address, the access request of the first device is sent to the target route to which the second device belongs, wherein the target route is based on the target virtual network address carried in the access request, The access request is sent to the second device.

在一种可选的实施方式中,所述处理器32可执行所述多个指令从而实现:In an optional implementation manner, the processor 32 can execute the plurality of instructions to achieve:

若所述第二设备所属的目标路由的网络地址资源转换的类型不为锥形网络地址资源转换,根据所述目标虚拟网络地址,通过服务器转发的方式,将所述第一设备的访问请求发送至所述第二设备。If the type of network address resource translation of the target route to which the second device belongs is not cone network address resource translation, send the access request of the first device by forwarding the server according to the target virtual network address to the second device.

在一种可选的实施方式中,所述处理器32可执行所述多个指令从而实现:In an optional implementation manner, the processor 32 can execute the plurality of instructions to achieve:

所述根据所述目标虚拟网络地址,通过服务器转发的方式,将所述第一设备的访问请求发送至所述第二设备包括:The sending the access request of the first device to the second device by forwarding the server according to the target virtual network address includes:

将所述第一设备的访问请求的源地址映射为第二服务器的第二外网地址;mapping the source address of the access request of the first device to the second external network address of the second server;

根据所述目标虚拟网络地址,从所述第二服务器存储的多个外网地址中,确定所述第二设备的第三外网地址;According to the target virtual network address, from a plurality of external network addresses stored by the second server, determine a third external network address of the second device;

根据所述第二外网地址以及所述第三外网地址,将所述访问请求发送至所述第二设备。The access request is sent to the second device according to the second external network address and the third external network address.

在一种可选的实施方式中,所述处理器32可执行所述多个指令从而实现:In an optional implementation manner, the processor 32 can execute the plurality of instructions to achieve:

若所述第一设备和所述第二设备不处于同一个虚拟网络中,根据所述第一标识以及所述第二标识,将所述第一设备以及所述第二设备添加至目标虚拟网络中;If the first device and the second device are not in the same virtual network, add the first device and the second device to the target virtual network according to the first identifier and the second identifier middle;

从所述目标虚拟网络的虚拟地址池中,选择第一虚拟网络地址并将所述第一虚拟网络地址分配至所述第一设备,以及从所述目标虚拟网络的虚拟网络地址池中,选择第二虚拟网络地址并将所述第二虚拟网络地址分配至所述第二设备。From the virtual address pool of the target virtual network, selecting a first virtual network address and assigning the first virtual network address to the first device, and from the virtual network address pool of the target virtual network, selecting A second virtual network address and assigning the second virtual network address to the second device.

在一种可选的实施方式中,所述第二服务器用于存储虚拟网络中的所有设备的标识信息、虚拟网络地址、外网地址以及配置信息。In an optional implementation manner, the second server is configured to store identification information, virtual network addresses, external network addresses, and configuration information of all devices in the virtual network.

具体地,所述处理器32对上述指令的具体实现方法可参考图1对应实施例中相关步骤的描述,在此不赘述。Specifically, for the specific implementation method of the above-mentioned instruction by the processor 32, reference may be made to the description of the relevant steps in the embodiment corresponding to FIG. 1 , which is not repeated here.

在图3所描述的路由器3中,当第一设备需要对第二设备进行远程访问时,获取所述第一设备的第一标识,以及获取所述第二设备的第二标识;根据所述第一标识以及所述第二标识,判断所述第一设备和所述第二设备是否处于同一个虚拟网络中;若所述第一设备和所述第二设备处于同一个虚拟网络中,确定所述第二设备的目标虚拟网络地址;根据网络地址资源转换类型检测算法,判断所述第二设备所属的目标路由的网络地址资源转换的类型是否为锥形网络地址资源转换;若所述第二设备所属的目标路由的网络地址资源转换的类型为锥形网络地址资源转换,根据所述目标虚拟网络地址,通过对等网络传输的方式,将所述第一设备的访问请求发送至所述第二设备,其中,所述访问请求携带有所述目标虚拟网络地址。可见,处于同一个虚拟网络中的各个设备,可以通过虚拟网络地址直接相互通信,从而实现简单设备的远程访问,可以为普通用户提供互联网技术服务,而且可以通过对等网络传输的方式进行传输,不需要消耗中间服务器节点的带宽,节约了带宽资源。In the router 3 described in FIG. 3 , when the first device needs to perform remote access to the second device, the first identification of the first device is obtained, and the second identification of the second device is obtained; according to the The first identifier and the second identifier are used to determine whether the first device and the second device are in the same virtual network; if the first device and the second device are in the same virtual network, determine whether the first device and the second device are in the same virtual network. The target virtual network address of the second device; according to the network address resource conversion type detection algorithm, determine whether the network address resource conversion type of the target route to which the second device belongs is cone network address resource conversion; if the first The type of network address resource translation of the target route to which the second device belongs is cone network address resource translation. According to the target virtual network address, the access request of the first device is sent to the The second device, wherein the access request carries the target virtual network address. It can be seen that each device in the same virtual network can directly communicate with each other through the virtual network address, so as to realize remote access of simple devices, provide Internet technical services for ordinary users, and transmit through peer-to-peer network transmission. There is no need to consume the bandwidth of intermediate server nodes, thus saving bandwidth resources.

所述路由器3集成的模块/单元如果以软件功能单元的形式实现并作为独立的产品销售或使用时,可以存储在一个计算机可读取存储介质中。基于这样的理解,本发明实现上述实施例方法中的全部或部分流程,也可以通过计算机程序来指令相关的硬件来完成,所述的计算机程序可存储于一计算机可读存储介质中,该计算机程序在被处理器执行时,可实现上述各个方法实施例的步骤。其中,所述计算机程序包括计算机程序代码,所述计算机程序代码可以为源代码形式、对象代码形式、可执行文件或某些中间形式等。所述计算机可读介质可以包括:能够携带所述计算机程序代码的任何实体或装置、记录介质、U盘、移动硬盘、磁碟、光盘、计算机存储器、只读存储器(ROM,Read-Only Memory)。If the modules/units integrated in the router 3 are implemented in the form of software functional units and sold or used as independent products, they may be stored in a computer-readable storage medium. Based on this understanding, the present invention can implement all or part of the processes in the methods of the above embodiments, and can also be completed by instructing relevant hardware through a computer program. The computer program can be stored in a computer-readable storage medium, and the computer When the program is executed by the processor, the steps of the foregoing method embodiments can be implemented. Wherein, the computer program includes computer program code, and the computer program code may be in the form of source code, object code, executable file or some intermediate form, and the like. The computer-readable medium may include: any entity or device capable of carrying the computer program code, a recording medium, a U disk, a removable hard disk, a magnetic disk, an optical disk, a computer memory, a read-only memory (ROM, Read-Only Memory) .

在本发明所提供的几个实施例中,应该理解到,所揭露的系统,装置和方法,可以通过其它的方式实现。例如,以上所描述的装置实施例仅仅是示意性的,例如,所述模块的划分,仅仅为一种逻辑功能划分,实际实现时可以有另外的划分方式。In the several embodiments provided by the present invention, it should be understood that the disclosed system, apparatus and method may be implemented in other manners. For example, the apparatus embodiments described above are only illustrative. For example, the division of the modules is only a logical function division, and there may be other division manners in actual implementation.

所述作为分离部件说明的模块可以是或者也可以不是物理上分开的,作为模块显示的部件可以是或者也可以不是物理单元,即可以位于一个地方,或者也可以分布到多个网络单元上。可以根据实际的需要选择其中的部分或者全部模块来实现本实施例方案的目的。The modules described as separate components may or may not be physically separated, and the components shown as modules may or may not be physical units, that is, may be located in one place, or may be distributed to multiple network units. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution in this embodiment.

另外,在本发明各个实施例中的各功能模块可以集成在一个处理单元中,也可以是各个单元单独物理存在,也可以两个或两个以上单元集成在一个单元中。上述集成的单元既可以采用硬件的形式实现,也可以采用硬件加软件功能模块的形式实现。In addition, each functional module in each embodiment of the present invention may be integrated into one processing unit, or each unit may exist physically alone, or two or more units may be integrated into one unit. The above-mentioned integrated unit may be implemented in the form of hardware, or may be implemented in the form of hardware plus software function modules.

对于本领域技术人员而言,显然本发明不限于上述示范性实施例的细节,而且在不背离本发明的精神或基本特征的情况下,能够以其他的具体形式实现本发明。因此,无论从哪一点来看,均应将实施例看作是示范性的,而且是非限制性的,本发明的范围由所附权利要求而不是上述说明限定,因此旨在将落在权利要求的等同要件的含义和范围内的所有变化涵括在本发明内。不应将权利要求中的任何附关联图标记视为限制所涉及的权利要求。此外,显然“包括”一词不排除其他单元或步骤,单数不排除复数。系统权利要求中陈述的多个单元或装置也可以由一个单元或装置通过软件或者硬件来实现。第二等词语用来表示名称,而并不表示任何特定的顺序。It will be apparent to those skilled in the art that the present invention is not limited to the details of the above-described exemplary embodiments, but that the present invention may be embodied in other specific forms without departing from the spirit or essential characteristics of the invention. Therefore, the embodiments are to be regarded in all respects as illustrative and not restrictive, and the scope of the invention is to be defined by the appended claims rather than the foregoing description, which are therefore intended to fall within the scope of the claims. All changes within the meaning and range of the equivalents of , are included in the present invention. Any reference signs in the claims shall not be construed as limiting the involved claim. Furthermore, it is clear that the word "comprising" does not exclude other elements or steps and the singular does not exclude the plural. Several units or means recited in the system claims can also be realized by one unit or means by means of software or hardware. Second-class terms are used to denote names and do not denote any particular order.

最后应说明的是,以上实施例仅用以说明本发明的技术方案而非限制,尽管参照较佳实施例对本发明进行了详细说明,本领域的普通技术人员应当理解,可以对本发明的技术方案进行修改或等同替换,而不脱离本发明技术方案的精神和范围。Finally, it should be noted that the above embodiments are only used to illustrate the technical solutions of the present invention and not to limit them. Although the present invention has been described in detail with reference to the preferred embodiments, those of ordinary skill in the art should understand that the technical solutions of the present invention can be Modifications or equivalent substitutions can be made without departing from the spirit and scope of the technical solutions of the present invention.

Claims (8)

1.一种远程访问方法,应用于路由器,其特征在于,所述方法包括:1. a remote access method, applied to router, is characterized in that, described method comprises: 当第一设备需要对第二设备进行远程访问时,获取所述第一设备的第一标识,以及获取所述第二设备的第二标识;When the first device needs to perform remote access to the second device, acquiring the first identifier of the first device, and acquiring the second identifier of the second device; 根据所述第一标识以及所述第二标识,判断所述第一设备和所述第二设备是否处于同一个虚拟网络中;According to the first identifier and the second identifier, determine whether the first device and the second device are in the same virtual network; 若所述第一设备和所述第二设备处于同一个虚拟网络中,确定所述第二设备的目标虚拟网络地址;If the first device and the second device are in the same virtual network, determining the target virtual network address of the second device; 根据网络地址资源转换类型检测算法,判断所述第二设备所属的目标路由的网络地址资源转换的类型是否为锥形网络地址资源转换;According to the network address resource conversion type detection algorithm, determine whether the network address resource conversion type of the target route to which the second device belongs is cone network address resource conversion; 若所述第二设备所属的目标路由的网络地址资源转换的类型为锥形网络地址资源转换,根据所述目标虚拟网络地址,通过对等网络传输的方式,将所述第一设备的访问请求发送至所述第二设备,其中,所述访问请求携带有所述目标虚拟网络地址;If the type of network address resource translation of the target route to which the second device belongs is cone network address resource translation, according to the target virtual network address, the access request of the first device is transmitted through a peer-to-peer network. sent to the second device, wherein the access request carries the target virtual network address; 若所述第二设备所属的目标路由的网络地址资源转换的类型不为锥形网络地址资源转换,根据所述目标虚拟网络地址,通过服务器转发的方式,将所述第一设备的访问请求发送至所述第二设备;If the type of the network address resource translation of the target route to which the second device belongs is not cone network address resource translation, according to the target virtual network address, the access request of the first device is sent by means of server forwarding to the second device; 若所述第一设备和所述第二设备不处于同一个虚拟网络中,根据所述第一标识以及所述第二标识,将所述第一设备以及所述第二设备添加至目标虚拟网络中;If the first device and the second device are not in the same virtual network, add the first device and the second device to the target virtual network according to the first identifier and the second identifier middle; 从所述目标虚拟网络的虚拟地址池中,选择第一虚拟网络地址并将所述第一虚拟网络地址分配至所述第一设备,以及从所述目标虚拟网络的虚拟网络地址池中,选择第二虚拟网络地址并将所述第二虚拟网络地址分配至所述第二设备。From the virtual address pool of the target virtual network, selecting a first virtual network address and assigning the first virtual network address to the first device, and from the virtual network address pool of the target virtual network, selecting A second virtual network address and assigning the second virtual network address to the second device. 2.根据权利要求1所述的方法,其特征在于,所述根据所述目标虚拟网络地址,通过对等网络传输的方式,将所述第一设备的访问请求发送至所述第二设备包括:2 . The method according to claim 1 , wherein the sending the access request of the first device to the second device by means of peer-to-peer network transmission according to the target virtual network address comprises: 2 . : 根据所述目标虚拟网络地址,从第一服务器中获取所述第二设备的第一外网地址;obtaining the first external network address of the second device from the first server according to the target virtual network address; 根据所述第一外网地址,将所述第一设备的访问请求发送至所述第二设备所属的目标路由,其中,所述目标路由根据所述访问请求携带的所述目标虚拟网络地址,将所述访问请求发送至所述第二设备。According to the first external network address, the access request of the first device is sent to the target route to which the second device belongs, wherein the target route is based on the target virtual network address carried in the access request, The access request is sent to the second device. 3.根据权利要求1所述的方法,其特征在于,所述根据所述目标虚拟网络地址,通过服务器转发的方式,将所述第一设备的访问请求发送至所述第二设备包括:3. The method according to claim 1, wherein, according to the target virtual network address, sending the access request of the first device to the second device by means of server forwarding comprises: 将所述第一设备的访问请求的源地址映射为第二服务器的第二外网地址;mapping the source address of the access request of the first device to the second external network address of the second server; 根据所述目标虚拟网络地址,从所述第二服务器存储的多个外网地址中,确定所述第二设备的第三外网地址;According to the target virtual network address, from a plurality of external network addresses stored by the second server, determine a third external network address of the second device; 根据所述第二外网地址以及所述第三外网地址,将所述访问请求发送至所述第二设备。The access request is sent to the second device according to the second external network address and the third external network address. 4.根据权利要求3所述的方法,其特征在于,所述第二服务器用于存储虚拟网络中的所有设备的标识信息、虚拟网络地址、外网地址以及配置信息。4 . The method according to claim 3 , wherein the second server is configured to store identification information, virtual network addresses, external network addresses and configuration information of all devices in the virtual network. 5 . 5.一种远程访问装置,其特征在于,所述远程访问装置包括:5. A remote access device, wherein the remote access device comprises: 获取模块,用于当第一设备需要对第二设备进行远程访问时,获取所述第一设备的第一标识,以及获取所述第二设备的第二标识;an acquisition module, configured to acquire the first identifier of the first device and acquire the second identifier of the second device when the first device needs to perform remote access to the second device; 判断模块,用于根据所述第一标识以及所述第二标识,判断所述第一设备和所述第二设备是否处于同一个虚拟网络中;a judgment module, configured to judge whether the first device and the second device are in the same virtual network according to the first identification and the second identification; 确定模块,用于若所述第一设备和所述第二设备处于同一个虚拟网络中,确定所述第二设备的目标虚拟网络地址;a determining module, configured to determine the target virtual network address of the second device if the first device and the second device are in the same virtual network; 所述判断模块,还用于根据网络地址资源转换类型检测算法,判断所述第二设备所属的目标路由的网络地址资源转换的类型是否为锥形网络地址资源转换;The judging module is further configured to judge, according to a network address resource conversion type detection algorithm, whether the network address resource conversion type of the target route to which the second device belongs is a cone network address resource conversion; 发送模块,用于若所述第二设备所属的目标路由的网络地址资源转换的类型为锥形网络地址资源转换,根据所述目标虚拟网络地址,通过对等网络传输的方式,将所述第一设备的访问请求发送至所述第二设备,其中,所述访问请求携带有所述目标虚拟网络地址;The sending module is configured to, if the type of the network address resource conversion of the target route to which the second device belongs is cone network address resource conversion, according to the target virtual network address, transmit the An access request from a device is sent to the second device, wherein the access request carries the target virtual network address; 所述发送模块,还用于若所述第二设备所属的目标路由的网络地址资源转换的类型不为锥形网络地址资源转换,根据所述目标虚拟网络地址,通过服务器转发的方式,将所述第一设备的访问请求发送至所述第二设备;The sending module is further configured to, if the type of the network address resource conversion of the target route to which the second device belongs is not the cone network address resource conversion, according to the target virtual network address, through the server forwarding method, transfer the sending the access request of the first device to the second device; 添加模块,用于若所述第一设备和所述第二设备不处于同一个虚拟网络中,根据所述第一标识以及所述第二标识,将所述第一设备以及所述第二设备添加至目标虚拟网络中;An adding module is configured to, if the first device and the second device are not in the same virtual network, add the first device and the second device to the first device and the second device according to the first identifier and the second identifier added to the target virtual network; 分配模块,用于从所述目标虚拟网络的虚拟地址池中,选择第一虚拟网络地址并将所述第一虚拟网络地址分配至所述第一设备,以及从所述目标虚拟网络的虚拟网络地址池中,选择第二虚拟网络地址并将所述第二虚拟网络地址分配至所述第二设备。an allocation module, configured to select a first virtual network address from the virtual address pool of the target virtual network and allocate the first virtual network address to the first device, and select a virtual network address from the target virtual network In the address pool, a second virtual network address is selected and the second virtual network address is allocated to the second device. 6.根据权利要求5所述的远程访问装置,其特征在于,所述发送模块根据所述目标虚拟网络地址,通过对等网络传输的方式,将所述第一设备的访问请求发送至所述第二设备的方式具体为:6 . The remote access device according to claim 5 , wherein the sending module sends the access request of the first device to the said target virtual network address by means of peer-to-peer network transmission. 7 . The method of the second device is as follows: 根据所述目标虚拟网络地址,从第一服务器中获取所述第二设备的第一外网地址;obtaining the first external network address of the second device from the first server according to the target virtual network address; 根据所述第一外网地址,将所述第一设备的访问请求发送至所述第二设备所属的目标路由,其中,所述目标路由根据所述访问请求携带的所述目标虚拟网络地址,将所述访问请求发送至所述第二设备。According to the first external network address, the access request of the first device is sent to the target route to which the second device belongs, wherein the target route is based on the target virtual network address carried in the access request, The access request is sent to the second device. 7.一种路由器,其特征在于,所述路由器包括处理器和存储器,所述处理器用于执行存储器中存储的计算机程序以实现如权利要求1至4中任意一项所述的远程访问方法。7 . A router, characterized in that the router comprises a processor and a memory, and the processor is configured to execute a computer program stored in the memory to implement the remote access method according to any one of claims 1 to 4 . 8.一种计算机可读存储介质,其特征在于,所述计算机可读存储介质存储有至少一个指令,所述至少一个指令被处理器执行时实现如权利要求1至4中任意一项所述的远程访问方法。8. A computer-readable storage medium, wherein the computer-readable storage medium stores at least one instruction, and when the at least one instruction is executed by a processor, the implementation of any one of claims 1 to 4 is realized remote access method.
CN201910989769.3A 2019-10-17 2019-10-17 Remote access method, device, router and storage medium Active CN110636149B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910989769.3A CN110636149B (en) 2019-10-17 2019-10-17 Remote access method, device, router and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910989769.3A CN110636149B (en) 2019-10-17 2019-10-17 Remote access method, device, router and storage medium

Publications (2)

Publication Number Publication Date
CN110636149A CN110636149A (en) 2019-12-31
CN110636149B true CN110636149B (en) 2022-06-10

Family

ID=68975287

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910989769.3A Active CN110636149B (en) 2019-10-17 2019-10-17 Remote access method, device, router and storage medium

Country Status (1)

Country Link
CN (1) CN110636149B (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113010224B (en) * 2021-03-03 2024-01-30 南方电网数字平台科技(广东)有限公司 Front-end micro-servitization method, front-end micro-servitization device, computer equipment and storage medium
CN114945012B (en) * 2022-05-31 2024-02-13 济南浪潮数据技术有限公司 Source address conversion communication method, device, equipment and medium

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101699801A (en) * 2009-10-30 2010-04-28 孙喜明 Data transmission method and virtual peer-to-peer network for data transmission
CN102084354A (en) * 2008-04-05 2011-06-01 社会传播公司 Shared virtual area communication environment based apparatus and methods
CN105830419A (en) * 2013-12-27 2016-08-03 微软技术许可有限责任公司 Peer-to-peer network prioritizing propagation of objects through the network
CN108886539A (en) * 2016-04-11 2018-11-23 西部数据技术公司 Connection is established between the data storage device being located at after NAT
CN109462659A (en) * 2018-12-17 2019-03-12 深圳市网心科技有限公司 Embedded device remote access control system, method and storage medium

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102084354A (en) * 2008-04-05 2011-06-01 社会传播公司 Shared virtual area communication environment based apparatus and methods
CN101699801A (en) * 2009-10-30 2010-04-28 孙喜明 Data transmission method and virtual peer-to-peer network for data transmission
CN105830419A (en) * 2013-12-27 2016-08-03 微软技术许可有限责任公司 Peer-to-peer network prioritizing propagation of objects through the network
CN108886539A (en) * 2016-04-11 2018-11-23 西部数据技术公司 Connection is established between the data storage device being located at after NAT
CN109462659A (en) * 2018-12-17 2019-03-12 深圳市网心科技有限公司 Embedded device remote access control system, method and storage medium

Also Published As

Publication number Publication date
CN110636149A (en) 2019-12-31

Similar Documents

Publication Publication Date Title
US20220377045A1 (en) Network virtualization of containers in computing systems
CN110313163B (en) Load balancing in distributed computing systems
CN109688235B (en) Virtual network service processing method, device and system, controller, storage medium
US10437775B2 (en) Remote direct memory access in computing systems
CN109889621B (en) Configuration method and device of virtual private cloud service
CN109937401B (en) Live migration of load-balancing virtual machines via traffic bypass
US8650326B2 (en) Smart client routing
CN107210924B (en) Method and apparatus for configuring a communication system
CN111460460A (en) Task access method, device, proxy server and machine-readable storage medium
CN105993161B (en) Element, method, system and computer readable storage device for resolving an address
WO2014190791A1 (en) Method for setting identity of gateway device and management gateway device
CN108243079B (en) Method and equipment for network access based on VPC
CN116982306A (en) Extending IP addresses in overlay networks
CN111130838A (en) A process-level service instance dynamic expansion and network bandwidth limitation method and device
US20250062988A1 (en) Service chaining in fabric networks
CN110636149B (en) Remote access method, device, router and storage medium
WO2023035660A1 (en) Resource request method, system and apparatus, and device and storage medium
US20150350079A1 (en) Method of message routing for a distributed computing system
CN117395225A (en) Data access method, device, system and equipment in cloud primary container network
CN116016448A (en) Service network access method, device, equipment and storage medium
CN114827781A (en) Network cooperation method, device, equipment and storage medium
CN116418724A (en) Service access method, device and load balancing system
US20200127923A1 (en) System and method of performing load balancing over an overlay network
CN112988320B (en) Method and device for creating a virtual machine
CN113746653B (en) Gateway configuration method, client, server and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant