Eureka AIR delivers breakthrough ideas for toughest innovation challenges, trusted by R&D personnel around the world.

Method and device for achieving packet forwarding

A message sending and message technology, which is applied in the field of network communication, can solve the problems of reduced IPv4 addresses of distributed firewall devices and the inability to effectively improve the overall performance of distributed firewall devices, etc.

Inactive Publication Date: 2012-12-12
NEW H3C TECH CO LTD
View PDF6 Cites 35 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] At present, there are two main ways for a distributed firewall device to use the interface board to send packets to each service board: Method 1. The interface board sends packets to each service board through a load balancing algorithm, but the interface board needs to keep all session information, The overall performance of the distributed firewall device may not be effectively improved; the second method is that the interface board uses the equivalent routing method to send packets to each service board, but each service board needs to be configured with a different NAT address pool. NAT processing is performed in forward packets and reverse packets, resulting in fewer IPv4 addresses available for configurable distributed firewall devices

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and device for achieving packet forwarding
  • Method and device for achieving packet forwarding
  • Method and device for achieving packet forwarding

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 2

[0020] This embodiment is a distributed firewall device, and compared with the first embodiment, it further provides other solutions to realize message forwarding.

[0021] figure 2 Shown is the structure of the distributed firewall device provided by this embodiment. The device is composed of multiple interface boards, multiple service boards, and a main control board interconnected through a switching network.

[0022] The interface board sends all forward packets (sent from the internal network to the external network) and all reverse packets (messages sent from the external network to the internal network) of the same flow to the same service board through the switching network For processing, based on the requirements of the application layer network management, the interface board sends the packets associated with the data flow to the same service board for processing. For example, the interface board will send the control flow and data flow of the File Transfer Protoc...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a method and a device for achieving packet forwarding. The method is applied to a distributed firewall device which is at least composed of a plurality of interface boards, a plurality of business boards and a main control board. The method at least includes that each interface board receives a forward message in a private network and sends the forward message to a corresponding business board, each business board receives the forward message, a source internet protocol (IP) address of the forward message is modified to a preset public network IP address of the local business board, a source port of the forward message is modified to any network address translation port of a network address translation port section distributed by the main control board, a network address translation session is established, the converted forward message is sent to a corresponding interface board, and the interface boards send the converted forward message in a public network. According to the method and the device, the main control board of a distributed firewall distributes ports used for network address translation (NAT) based on a request of each business board, and thereby the NAT is performed for the forward message, a corresponding NAT is established, and the new establishing and concurrence of the NAT session can increase with the increasing of the business boards.

Description

technical field [0001] The invention relates to network communication technology, in particular to a method and equipment for realizing message forwarding. Background technique [0002] The distributed firewall processes services in parallel through distributed multi-service boards, which can meet the needs of users with high concurrency, high new construction and high throughput. [0003] A distributed firewall device generally consists of an interface board, a service board, and a main control board. In the device, the interface board is used to receive and send messages, and sends the messages to the service board to process services; the service board is used to establish sessions, Qos processing, forwarding, and network address modification (NAT, Network Address Translation), etc. Most of the business; the main control board is used to handle configuration and routing, etc., and does not participate in forwarding. [0004] Since there are multiple service boards in th...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L12/56H04L29/06
Inventor 王其勇
Owner NEW H3C TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com