Unlock instant, AI-driven research and patent intelligence for your innovation.

A nat rule matching method, device, electronic equipment and storage medium

A matching method and rule technology, applied in the field of computer networks, can solve difficult problems

Active Publication Date: 2021-05-07
BEIJING TOPSEC NETWORK SECURITY TECH +2
View PDF6 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

As the number of NAT rules on the device increases, this problem becomes more prominent and difficult to solve

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A nat rule matching method, device, electronic equipment and storage medium
  • A nat rule matching method, device, electronic equipment and storage medium
  • A nat rule matching method, device, electronic equipment and storage medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0046] In order to more clearly understand the above objects, features and advantages of the present disclosure, the solutions of the present disclosure will be further described below. It should be noted that, in the case of no conflict, the embodiments of the present disclosure and the features in the embodiments can be combined with each other.

[0047] In the following description, many specific details are set forth in order to fully understand the present disclosure, but the present disclosure can also be implemented in other ways than described here; obviously, the embodiments in the description are only some of the embodiments of the present disclosure, and Not all examples.

[0048] At present, in the IPv4 environment, NAT rule matching is carried out by constructing the source address prefix tree and the destination address prefix tree; Uniformity leads to a decrease in matching efficiency, so this scheme cannot be applied in an IPv6 environment. In addition, the e...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The present disclosure relates to a NAT rule matching method, including: converting all NAT rules into rule prefix entries, wherein each rule prefix entry includes a source address public prefix, a destination address public prefix, a source port public prefix, and a service public prefix and the corresponding NAT rules; construct a NAT rule prefix tree based on the rule prefix table entry, wherein, the NAT rule prefix tree includes a source address rule prefix tree, a destination address rule prefix tree, a source port public prefix tree and a service rule prefix tree; through a load balancing algorithm Mount each rule prefix entry in the NAT rule prefix tree; based on the matching parameters of the received message, perform NAT rule matching on the NAT rule prefix tree after the rule prefix entry is mounted. The embodiment of the present disclosure ensures uniform hashing of rule prefix table items through a load balancing algorithm, and improves the matching efficiency of NAT rules in an IPv6 environment.

Description

technical field [0001] The present disclosure relates to the technical field of computer networks, and in particular to a NAT rule matching method, device, electronic equipment and storage medium. Background technique [0002] With the rapid development of the Internet, the limited IPv4 address space is gradually exhausted, so more and more countries have adopted IPv6 as a national strategy. With the gradual deployment of the next-generation Internet with the IPv6 protocol as the core, the ordinary IPv4 address NAT (Network Address Translation, Network Address Translation method) can no longer meet the current network security needs. At this time, the NAT technology based on the IPv6 address is gradually mature. . However, when the number of NAT rules deployed on network communication and security gateways is relatively large, the problem of matching efficiency follows. As the number of NAT rules on the device increases, this problem becomes more prominent and difficult to...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/12
CPCH04L61/2557
Inventor 范鸿雷纪鹏飞
Owner BEIJING TOPSEC NETWORK SECURITY TECH