CN100574207C - The method of a kind of Operation and Maintenance client and remote equipment direct communication - Google Patents

Abstract

The invention discloses the method for a kind of Operation and Maintenance client and remote equipment direct communication, the TCP/IP agency is set at the centralized maintenance center, the process of its communication comprises: 1) authentication is carried out to the operational maintenance command that receives in the centralized maintenance center, determine that user and Operation and Maintenance client have the authority that sends the startup agency simultaneously, start the TCP/IP agency; 2) TCP/IP agency sets up the corresponding relation of the proxy port of the port numbers of remote equipment IP address, remote equipment and remote equipment; 3) TCP/IP agency set up respectively with Operation and Maintenance client, remote equipment between TCP/IP be connected; When 4) the Operation and Maintenance client is communicated by letter with remote equipment, connect the TCP/IP agency who information is sent to the centralized maintenance center by TCP/IP earlier; The TCP/IP agency directly is transmitted to Operation and Maintenance client or remote equipment by the TCP/IP connection again with this information.The inventive method has solved in the centralized maintenance contradiction with remote equipment access security and ease of use, can also realize that port shifts simultaneously, convenient centralized management.

Description

The method of a kind of Operation and Maintenance client and remote equipment direct communication

Technical field

The present invention relates to the method for a kind of Operation and Maintenance client and remote equipment direct communication in the communication equipment network.

Background technology

At present, in communication equipment network, for network security, remote equipment only allows the Backend Administration Module (BAM) at centralized maintenance center to set up TCP with remote equipment oneself to be connected, and the Operation and Maintenance client can not directly be set up TCP with remote equipment and be connected.

For example: the base station transceiver (BTS) in code division multiple access (CDMA) system, as remote equipment, its (BAM) that allows the centralized maintenance center with oneself set up TCP and be connected, the Operation and Maintenance client is the PC of complete operation maintenance function, can not directly set up TCP with remote equipment and be connected.Its connected mode is referring to Fig. 1, and Fig. 1 is the communication scheme between prior art BAM and BTS, the Operation and Maintenance client.Wherein, the BAM 101 at centralized maintenance center has two IP addresses: one is external IP, with Operation andMaintenance client 104 be the same network segment (10.71.XXX.XXX), set up TCP/IP by Ethernet with Operation andMaintenance client 104 and be connected, Transmission TCP/IP protocol frame; Another is inner IP, for another network segment (10.12.XXX.XXX), sets up TCP/IP byconnection device 102 with remote equipment BTS 103 and is connected.A Telnet Server is arranged among the remote equipment BTS 103, and centralized maintenance center BAM101 can use the Telnet agreement directly to login Telnet Server among the remote equipment BTS 103 as telnet client.For system safety, remote equipment BTS103 only allows centralized maintenance center BAM to use implicit IP address visit oneself, thus Operation andMaintenance client 104 directly Telnet be connected to the Telnet Server of remote equipment BTS103.

In the prior art, the safety system of centralized maintenance center BAM101 has user authority management and client rights management.If a user UserN wants by an Operation andMaintenance client 104 visit centralized maintenance center BAM 101, fill order Cmd_X, need user UserN to have the authority of fill order Cmd_X this moment, Operation andMaintenance client 104 also has the authority of fill order Cmd_X simultaneously, the safety management module of centralized maintenance center BAM101 can carry out authentication to above-mentioned authority, has only the user by authentication could pass through an Operation andMaintenance client 104 visit centralized maintenance center BAM101.

Summary of the invention

In view of this, the object of the present invention is to provide the method for a kind of Operation and Maintenance client and remote equipment direct communication, make the Operation and Maintenance client can be safely, easily with the remote equipment direct communication.

For achieving the above object, technical scheme of the present invention specifically is achieved in that

The method of a kind of Operation and Maintenance client and remote equipment direct communication is provided with the TCP/IP agency at the centralized maintenance center, the process of Operation and Maintenance client and remote equipment direct communication may further comprise the steps:

1) the centralized maintenance center receives the user after the startup agency's that the Operation and Maintenance client sends operational maintenance command, safety management module wherein carries out authentication, have the authority that sends the operational maintenance command that starts the agency simultaneously if determine described user and Operation and Maintenance client, start the TCP/IP agency at centralized maintenance center;

2) the TCP/IP agency sets up the port numbers of remote equipment IP address, remote equipment and the proxy port corresponding relation of remote equipment;

3) the TCP/IP agency is according to the corresponding relation in thestep 2, set up that the Operation and Maintenance client is connected with TCP/IP between the centralized maintenance center and the centralized maintenance center is connected with TCP/IP between the remote equipment, when system does not need Operation and Maintenance client and remote equipment direct communication, the centralized maintenance center stops TCP/IP agency operation, when system needs Operation and Maintenance client and remote equipment direct communication, carry out following steps;

4) the Operation and Maintenance client is when remote equipment sends information, is connected the TCP/IP that sends to the centralized maintenance center by the Operation and Maintenance client with TCP/IP between the centralized maintenance center earlier and acts on behalf of; TCP/IP agency is connected by the centralized maintenance center this information and directly is transmitted to remote equipment with TCP/IP between the remote equipment;

5) remote equipment is when the Operation and Maintenance client sends information, is connected the TCP/IP that sends to the centralized maintenance center by remote equipment with TCP/IP between the centralized maintenance center earlier and acts on behalf of; TCP/IP agency is connected by the centralized maintenance center this information and directly is transmitted to the Operation and Maintenance client with TCP/IP between the Operation and Maintenance client.

Wherein, describedstep 1 further comprises:

If safety management module is determined described user or Operation and Maintenance client and is not sent the authority of the operational maintenance command that starts the agency that centralized maintenance center return command is carried out failure, points out user or Operation and Maintenance client not to have authority.

Described TCP/IP agency can be Telnet agency or FTP agency or TFTP agency.

When described TCP/IP agency acted on behalf of for Telnet, describedstep 2 may further include: create one and intercept the addressing point;

Described step 3 specifically can may further comprise the steps:

31) the Operation and Maintenance client is initiated the Telnet request to the TCP/IP at centralized maintenance center agency;

32) intercept the addressing point and receive this request, create a service addressing point immediately and set up Telnet with the Operation and Maintenance client and be connected; Creating client's addressing point simultaneously sets up Telnet with remote equipment and is connected;

Described step 4 specifically can may further comprise the steps:

41) the Operation and Maintenance client sends to the Telnet agency with information by the Telnet connection;

42) this information of Telnet agency's service addressing point reception is by being connected by Telnet and being transmitted to remote equipment with client's addressing that this service addressing point is created simultaneously this information of naming a person for a particular job.

Described step 5 specifically can may further comprise the steps:

51) remote equipment sends to the Telnet agency with information by the Telnet connection;

52) this information of client's addressing point of Telnet agency reception is by being connected by Telnet and being transmitted to the Operation and Maintenance client with the service addressing that this client's addressing point is created simultaneously this information of naming a person for a particular job.

Described step 32 may further include: the service addressing point that will set up is simultaneously set up one-to-one relationship and storage with client's addressing point;

Described step 42 may further include the Telnet agency according to the corresponding relation between service addressing point and client's addressing point, retrieves service addressing point corresponding client addressing point;

Described step 52 may further include the Telnet agency according to the corresponding relation between service addressing point and client's addressing point, retrieves the corresponding service addressing point of client's addressing point.

By technical scheme of the present invention as seen, the method of this Operation and Maintenance client of the present invention and remote equipment direct communication, the TCP/IP agency at the Operation and Maintenance client terminal start-up centralized maintenance center by authority is arranged, foundation connects from the virtual TCP/IP of Operation and Maintenance client to the centralized maintenance center to remote equipment, and the Operation and Maintenance client is connected directly by this virtual TCP/IP with remote equipment and communicates.

Among the present invention, the authority that starts the agency collects middle maintenance centre's unified management, well solved in the centralized maintenance contradiction with remote equipment access security and ease of use, as long as the user that authority is arranged is by Operation and Maintenance client terminal start-up TCP/IP agency, just can directly visit remote equipment, stop the agency when not needing to communicate by letter and get final product.Simultaneously, the present invention can also realize that port shifts, and a certain port is transferred to the port of user's appointment, convenient centralized management.

Description of drawings

Fig. 1 is the communication scheme between prior art BAM and BTS, the Operation and Maintenance client;

Fig. 2 is the connection diagram between the BAM of a preferred embodiment of the present invention and BTS, the Operation and Maintenance client;

Fig. 3 is connected the schematic flow sheet that communicates for setting up virtual telnet between Operation and Maintenance client embodiment illustrated in fig. 2 and the BTS.

Embodiment

For making the purpose, technical solutions and advantages of the present invention clearer, below in conjunction with embodiment and accompanying drawing, the present invention is described in more detail.

The method of this Operation and Maintenance client of the present invention and remote equipment direct communication, the TCP/IP agency at the Operation and Maintenance client terminal start-up centralized maintenance center by authority is arranged, foundation connects from the virtual TCP/IP of Operation and Maintenance client to the centralized maintenance center to remote equipment, and the Operation and Maintenance client is connected directly by this virtual TCP/IP with remote equipment and communicates.

TCP/IP agency among the present invention can be Telnet agency or FTP agency or TFTP agency.

Realize that to act on behalf of the process that the Operation and Maintenance client is communicated by letter with remote equipment is that embodiment describes below by Telnet.Referring to Fig. 2, Fig. 2 is the connection diagram between the BAM of a preferred embodiment of the present invention and BTS, the Operation and Maintenance client.

Present embodiment is provided with TCP/IP agency-Telnetagency 201 in the BAM200 of centralized maintenance center.The BAM200 at centralized maintenance center can Telnet be connected to the Telnet Server of BTS as a Telnet Client, uses the default port numbers 23 of Telnet agreement.Operation andMaintenance client 230 can sign in to BAM200 by the Ethernet connection, but directly Telnet is connected to BTS220.After starting Telnetagency 201 on the BAM200, being equivalent to set up a kind of virtual Telnet between Operation andMaintenance client 230 and BTS220 is connected, like this Operation andMaintenance client 230 just directly Telnet be connected to BTS220, communicate with BTS220, realize remote maintenance and management.

Referring to Fig. 3, Fig. 3 is connected the schematic flow sheet that communicates for setting up virtual telnet between Operation and Maintenance client embodiment illustrated in fig. 2 and the BTS, and it may further comprise the steps:

Step 301, user by centralized maintenance center authentication signs in to centralized maintenance center BAM200 by the Operation and Maintenance client, start the Telnetagency 201 on the BAM, Telnetagency 201 port numbers that will set up remote equipment IP address, remote equipment are the proxy port corresponding relation of former port numbers and Operation and Maintenance client.As shown in Table 1:

BTS IP	Former port numbers	The agent side slogan
			129.10.10.1	23	1001

Table one

Telnetagency 201 creates an addressing point (Socket) simultaneously, is called Listen Socket, is specifically designed to the Telnet connection request of intercepting Operation and Maintenance client designated port (as: 1001).

Step 302, Operation andMaintenance client 230 is carried out Telnet 10.71.11.82 1001, and (10.71.11.82 is BAM IP) is that Telnet Client initiates the Telnet request, and port numbers is 1001.

Step 303, Listen Socket receives this request, create a new Socket immediately, be called Server Socket, connect with Operation andMaintenance client 230, create a Socket simultaneously in addition, be called Client Socket, connect with the Telnet Server of BTS220, use Telnet default port numbers 23.This Server Socket is corresponding one by one with the Client Socket that sets up simultaneously, has set up two Telnet that arrive Operation andMaintenance client 230 and BAM 200 to BTS 220 with regard to BAM 200 like this and has been connected.

Step 304, when Operation andMaintenance client 230 sends information to BTS 220, earlier information is sent to Telnetagency 201, Telnetagency 201 Server Socket receives this information, and retrieve and be somebody's turn to do and the corresponding Client Socket of Server Socket, this information is transmitted to the Telnet Server of BTS 220 by this Client Socket.

Step 305, when BTS 220 sends information to Operation andMaintenance client 230, earlier information is sent to Telnetagency 201, Telnetagency 201 Client Socket receives this information, and the retrieval Server Socket corresponding with this Client Socket, by being forwarded to Operation andMaintenance client 230 with this Server Socket.

At this moment, just being equivalent to Operation andMaintenance client 230 sets up a virtual Telnet with the Telnet Server of BTS 220 and is connected, Operation andMaintenance client 230 is carried out the telnet command of BTS 220, and is in full accord with the implementation effect that directly is connected with the Telnet Server of BTS 220.

If do not wish Operation andMaintenance client 230 visit BTS 220, as long as stop the Telnet agency.

Present embodiment can be retrieved mutually according to the one-to-one relationship of Server Socket and Client Socket, realizes that setting up 220 virtual Telnet of a plurality of Operation andMaintenance clients 230 and one or more BTS by a Telnetagency 201 is connected.When a plurality of Operation andMaintenance clients 230 and 220 of BTS set up virtual Telnet and are connected, act on behalf of shown in 201 inside as Telnet among Fig. 2,201 need of a Telnet agency are set up a Listen Socket, different operating maintaincustomer end 230 is set up different Server Socket and Client Socket, an Operation andMaintenance client 230 is one to one with Server Socket and the Client Socket that BTS220 communicates use, corresponding as the ServerSocket1 among Fig. 2 with Client Socket1, their respective operations maintain customer ends 1230.When exchanges data, Telnetagency 201 can be transmitted to information Operation andMaintenance client 230 or BTS 220 accurately according to this corresponding relation.

It is similar that a plurality of Operation andMaintenance clients 230 and 220 of a plurality of remote equipment BTS set up performing step and single remote equipment that virtual telnet is connected: the TCP/IP agency who at first starts to another remote equipment BTS220, the Listen Socket that system creation is new, if there is the Operation and Maintenance client to connect BTS 220, the TCP/IP agency just creates a pair of Server Socket and Client Socket, and foundation is connected with the virtual telnet of remote equipment.

The user adopts the inventive method when the Operation and Maintenance client is visited remote equipment by the Telnet mode, only needs to specify the outer net IP at centralized maintenance center and the port numbers of user's appointment, just can realize that port shifts.For example, in above-mentioned enforcement, table one corresponds to the IP address of remote equipment and telnet port numbers 23 on the port one 001 of user's appointment.The Telnet agency sets up the Telnet virtual connections of Operation and Maintenance client to remote equipment, so just No. 23 original ports is transferred on the port one 001 of user's appointment.

The TCP/IP agency of present embodiment is the Telnet agency, can also be FTP agency or TFTP agency in actual applications, when connecting,, set upBAM 200 and be connected according to FTP or TFTP agreement regulation by FTP agency or TFTP agency to two FTP or the TFTP of Operation andMaintenance client 230 and BAM 200 to BTS 220.

By the above embodiments as seen, the method of this Operation and Maintenance client of the present invention and remote equipment direct communication, well solved in the centralized maintenance contradiction with remote equipment access security and ease of use, can also realize that port shifts simultaneously, convenient centralized management.

Claims (5)

Translated fromChinese

1、一种操作维护客户端与远程设备直接通信的方法，其特征在于，在集中维护中心设置TCP/IP代理，操作维护客户端与远程设备直接通信的过程包括以下步骤：1. A method for direct communication between an operation and maintenance client and a remote device, characterized in that a TCP/IP agent is set at a centralized maintenance center, and the process of operating and maintaining the client and remote device direct communication comprises the following steps:1)集中维护中心接收到用户在操作维护客户端发送的启动代理的操作维护命令后，其中的安全管理模块进行鉴权，如果确定所述用户和操作维护客户端同时拥有发送启动代理的操作维护命令的权限，启动集中维护中心的TCP/IP代理；1) After the centralized maintenance center receives the operation and maintenance command for starting the agent sent by the user at the operation and maintenance client, the security management module therein performs authentication. If it is determined that the user and the operation and maintenance client have both the operation and maintenance The authority of the command starts the TCP/IP agent of the centralized maintenance center;2)TCP/IP代理建立远程设备IP地址、远程设备的端口号与远程设备的代理端口对应关系；2) The TCP/IP agent establishes the corresponding relationship between the remote device IP address, the port number of the remote device and the proxy port of the remote device;3)TCP/IP代理根据步骤2中的对应关系，建立操作维护客户端与集中维护中心之间的TCP/IP连接和集中维护中心与远程设备之间的TCP/IP连接，当系统不需要操作维护客户端与远程设备直接通信时，集中维护中心停止TCP/IP代理运行，当系统需要操作维护客户端与远程设备直接通信时，执行以下步骤；3) The TCP/IP agent establishes the TCP/IP connection between the operation and maintenance client and the centralized maintenance center and the TCP/IP connection between the centralized maintenance center and the remote device according to the corresponding relationship in step 2. When the system does not need to operate When the maintenance client communicates directly with the remote device, the centralized maintenance center stops the TCP/IP proxy operation. When the system needs to operate the maintenance client to communicate directly with the remote device, perform the following steps;4)操作维护客户端向远程设备发送信息时，先通过操作维护客户端与集中维护中心之间的TCP/IP连接发送到集中维护中心的TCP/IP代理；TCP/IP代理将该信息通过集中维护中心与远程设备之间的TCP/IP连接直接转发给远程设备；4) When the operation and maintenance client sends information to the remote device, it first sends the information to the TCP/IP agent of the centralized maintenance center through the TCP/IP connection between the operation and maintenance client and the centralized maintenance center; the TCP/IP agent sends the information through the centralized The TCP/IP connection between the maintenance center and the remote device is directly forwarded to the remote device;5)远程设备向操作维护客户端发送信息时，先通过远程设备与集中维护中心之间的TCP/IP连接发送到集中维护中心的TCP/IP代理；TCP/IP代理将该信息通过集中维护中心与操作维护客户端之间的TCP/IP连接直接转发给操作维护客户端。5) When the remote device sends information to the operation and maintenance client, it first sends the information to the TCP/IP agent of the centralized maintenance center through the TCP/IP connection between the remote device and the centralized maintenance center; the TCP/IP agent passes the information through the centralized maintenance center The TCP/IP connection with the operation and maintenance client is directly forwarded to the operation and maintenance client.2、如权利要求1所述的方法，其特征在于，所述步骤1进一步包括：如果安全管理模块确定所述用户或操作维护客户端没有发送启动代理的操作维护命令的权限，集中维护中心返回命令执行失败，提示用户或操作维护客户端没有权限。2. The method according to claim 1, wherein the step 1 further comprises: if the security management module determines that the user or the operation and maintenance client does not have the authority to send the operation and maintenance command to start the agent, the centralized maintenance center returns If the command execution fails, it prompts that the user or the operation and maintenance client does not have permission.3、如权利要求1所述的方法，其特征在于：所述的TCP/IP代理为Telnet代理或FTP代理或TFTP代理。3. The method according to claim 1, wherein the TCP/IP agent is a Telnet agent, an FTP agent or a TFTP agent.4、如权利要求3所述的方法，其特征在于：所述的TCP/IP代理为Telnet代理时，所述步骤2进一步包括：创建一个侦听寻址点；4. The method according to claim 3, characterized in that: when said TCP/IP proxy is a Telnet proxy, said step 2 further comprises: creating a listening addressing point;所述步骤3具体包括以下步骤：Described step 3 specifically comprises the following steps:31)操作维护客户端向集中维护中心的TCP/IP代理发起Telnet请求；31) The operation and maintenance client initiates a Telnet request to the TCP/IP agent of the centralized maintenance center;32)侦听寻址点收到该请求，立即创建一个服务寻址点与操作维护客户端建立Telnet连接；同时创建一个客户寻址点与远程设备建立Telnet连接；32) listen to the addressing point to receive the request, immediately create a service addressing point to establish a Telnet connection with the operation and maintenance client; simultaneously create a client addressing point to establish a Telnet connection with the remote device;所述步骤4具体包括以下步骤：Described step 4 specifically comprises the following steps:41)操作维护客户端将信息通过Telnet连接发送给Telnet代理；41) The operation and maintenance client sends the information to the Telnet agent through the Telnet connection;42)Telnet代理的服务寻址点接收该信息，由与该服务寻址点同时创建的客户寻址点将该信息通过Telnet连接转发给远程设备。42) The service address point of the Telnet proxy receives the information, and the client address point created simultaneously with the service address point forwards the information to the remote device through the Telnet connection.所述步骤5具体包括以下步骤：Described step 5 specifically comprises the following steps:51)远程设备将信息通过Telnet连接发送给Telnet代理；51) The remote device sends the information to the Telnet agent through the Telnet connection;52)Telnet代理的客户寻址点接收该信息，由与该客户寻址点同时创建的服务寻址点将该信息通过Telnet连接转发给操作维护客户端。52) The client address point of the Telnet proxy receives the information, and the service address point created simultaneously with the client address point forwards the information to the operation and maintenance client through the Telnet connection.5、如权利要求4所述的方法，其特征在于，所述步骤32进一步包括：将同时建立的服务寻址点与客户寻址点建立一一对应关系并存储；5. The method according to claim 4, characterized in that the step 32 further comprises: establishing a one-to-one correspondence between the simultaneously established service address point and the customer address point and storing them;所述步骤42进一步包括Telnet代理根据服务寻址点与客户寻址点间的对应关系，检索到服务寻址点对应的客户寻址点；Said step 42 further comprises Telnet agent according to the corresponding relationship between the service address point and the customer address point, retrieving the client address point corresponding to the service address point;所述步骤52进一步包括Telnet代理根据服务寻址点与客户寻址点间的对应关系，检索到客户寻址点对应的服务寻址点。The step 52 further includes that the Telnet agent retrieves the service address point corresponding to the client address point according to the corresponding relationship between the service address point and the client address point.

Images