Method, system and equipment for traversing firewall

A firewall and node technology, applied in the field of communication, can solve problems such as inability to communicate with each other

Inactive Publication Date: 2009-06-24
HUAWEI TECH CO LTD +1
View PDF0 Cites 20 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0006] In the process of implementing the present invention, the inventor found that in this method, when both the terminal and the server communicate behind a firewall (especially a state inspection firewall), mutual communication cannot be realized

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method, system and equipment for traversing firewall
  • Method, system and equipment for traversing firewall
  • Method, system and equipment for traversing firewall

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0038] see figure 1 , is a schematic diagram of a network for firewall traversal provided by an embodiment of the present invention. by figure 1 In this example, node A as the visitor and node B as the visited party communicate with each other as an example. For convenience, this embodiment pre-sets a firewall traversal proxy (FTP, Firewall Traversal Proxy) between node A and node B. Node A and Node B obtain the IP address and port number of the opposite end through FTP. Among them, FTP only needs to have a static and global IP address, which can be specifically a separate server or router with a public IP address; Its functions are integrated on existing servers or routers in the network, but barrier-free communication with the visiting party and the visited party must be guaranteed. see figure 2 , the present embodiment takes the IP request packet as the data to be sent as an example, and the specific steps of the method are as follows:

[0039] Step 101: Node A and Nod...

Embodiment 2

[0062] see image 3 , is a schematic diagram of a network for firewall traversal provided by an embodiment of the present invention. and figure 1 Compared with the provided networking structure, image 3 IPC (IP Tunnel Client, IP Tunnel Client) and IPS (IP Tunnel Server, IP Tunnel Proxy Server) are respectively deployed near Node A and Node B in , taking Node A and Node B for mutual communication as an example, see Figure 4 , the present embodiment takes the IP request packet as the data to be sent as an example, and the specific steps of the method are as follows:

[0063] Step 201: Node A and Node B report their IP addresses and port numbers to FTP respectively.

[0064] Step 202: After FTP receives the IP addresses and port numbers reported by node A and node B, save them, and return the IP addresses, port numbers and session identifiers of the peers to node A and node B respectively.

[0065] Wherein, the session identifier SID is pre-stored by FTP, and is used for mu...

Embodiment 3

[0091] see Figure 5 , the firewall traversal system provided by the embodiment of the present invention, the system includes:

[0092] The first node is used to obtain the IP address and port number of the second node; according to the IP address and port number of the peer node, the data to be sent is encapsulated into an IP tunnel packet, and the IP tunnel packet is sent;

[0093] The second node is configured to receive the IP tunnel packet sent by the first node, and decapsulate the IP tunnel packet to obtain data to be sent.

[0094] Among them, the first node includes:

[0095] An acquisition module, configured to acquire the IP address and port number of the second node;

[0096] The encapsulation module is used to add an IP header and a user datagram protocol header to the data to be sent according to the IP address and port number obtained by the acquisition module, and encapsulates it into an IP tunnel packet, and the IP header and the user datagram protocol heade...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a firewall penetration method, a system and a device thereof, belonging to communication field. The method includes the following steps: acquiring the IP address and the port number of a correspondent node; encapsulating the data to be sent into an IP tunnel packet according to the IP address and the port number of the correspondent node and enabling the IP tunnel packet to penetrate the firewall of the correspondent node; and sending the IP tunnel packet to the correspondent node. The system comprises a first node and a second node; or a first node, a first node proxy client, a second node and a second node proxy server. The node device comprises an acquisition module, an encapsulating module and a sending module. The method, the system and the device encapsulate the data to be sent and add an IP header and an UDP header to obtain the IP tunnel packet which can penetrate the firewall of the correspondent node, thus achieving connection and communication among the communication nodes.

Description

technical field [0001] The present invention relates to the communication field, in particular to a firewall traversal method, system and equipment. Background technique [0002] In P2P (Peer to Peer, peer-to-peer network), when the nodes that need to communicate with each other are located behind their respective firewalls, and the firewalls use state detection and other deep packet analysis technologies to detect the contents of data packets entering and leaving the firewall, For example, many firewalls will restrict the active entry of SYN (Synchronize, a very small data packet) outside the firewall. At this time, the TCP (Transmission Control The three-way handshake of Protocol (Transmission Control Protocol) makes it impossible to establish a TCP connection, thereby affecting communication. Therefore, it is necessary to solve the problem that P2P network nodes establish end-to-end connections through firewalls. [0003] At present, the prior art provides a method for ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06H04L12/56
Inventor 周世杰李峰梁丽娟秦志光罗嘉庆
Owner HUAWEI TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap