Movatterモバイル変換

[0]ホーム
URL:

CN105939239B - Data transmission method and device of virtual network card - Google Patents

Data transmission method and device of virtual network cardDownload PDF

Info

Publication number
CN105939239B
CN105939239BCN201510466721.6ACN201510466721ACN105939239BCN 105939239 BCN105939239 BCN 105939239BCN 201510466721 ACN201510466721 ACN 201510466721ACN 105939239 BCN105939239 BCN 105939239B
Authority
CN
China
Prior art keywords
address
network card
virtual network
target virtual
message
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201510466721.6A
Other languages
Chinese (zh)
Other versions
CN105939239A (en
Inventor
王永亮
孔伟政
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hangzhou DPTech Technologies Co Ltd
Original Assignee
Hangzhou DPTech Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hangzhou DPTech Technologies Co LtdfiledCriticalHangzhou DPTech Technologies Co Ltd
Priority to CN201510466721.6ApriorityCriticalpatent/CN105939239B/en
Publication of CN105939239ApublicationCriticalpatent/CN105939239A/en
Application grantedgrantedCritical
Publication of CN105939239BpublicationCriticalpatent/CN105939239B/en
Activelegal-statusCriticalCurrent
Anticipated expirationlegal-statusCritical

Links

Images

Landscapes

Abstract

The invention provides a data transmission method and a data transmission device of a virtual network card, wherein the method comprises the following steps: acquiring a first IP address allocated to a target virtual network card by a gateway; detecting whether the first IP address is in the same network segment with the IP address of a preset network card; when the first IP address and the IP address of the preset network card are in the same network segment, configuring a second IP address which is not in the same network segment with the IP address of the preset network card for the target virtual network card; and transmitting the message through the target virtual network card configured with the second IP address. In the invention, when the first IP address configured for the target virtual network card by the gateway and the IP addresses of other network cards are in the same network segment, the second IP address of another different network segment is configured for the target virtual network card, so that the problem of IP address conflict is avoided, the information safety of a user can be ensured, and the reliability of information transmission is improved.

Description

Data transmission method and device of virtual network card
Technical Field
The present application relates to the field of network communication technologies, and in particular, to a data transmission method and apparatus for a virtual network card.
Background
A VPN (Virtual Private Network) refers to a Private Network established over a public Network. In order to transmit the data packets between the computer and the VPN gateway in an encrypted manner, the user needs to install a VPN client (hereinafter, referred to as a client) corresponding to the VPN gateway. The client needs to seal and unseal the data packet by using the flow guide of a VPN virtual network card (hereinafter referred to as a virtual network card) to the data packet, thereby completing the transmission of the data packet.
With the rapid development of computer hardware, one computer can simultaneously have a plurality of virtual network cards and physical network cards; the IP addresses of the network cards are usually easy to conflict, because each network card adds a direct route, a broadcast route and the like to the routing table when configuring the IP, if the two IP addresses are different, but in the same network segment, two routing table entries with the same destination IP address and mask, but different gateways and different jumping points can be caused, and at the moment, the gateway which the message reaches can be determined according to the routing table entry with the small jumping point after the message reaches. If the number of hops of the route issued by the VPN virtual network card is larger than the number of hops of the original route, the message cannot be sent to the VPN virtual network card, so that the client cannot correctly transmit the data packet of the user, and the information security of the user is threatened.
Disclosure of Invention
In view of this, the present application provides a data transmission method and apparatus for a virtual network card, which can solve the problem that a data packet of the virtual network card cannot be correctly transmitted.
Specifically, the method is realized through the following technical scheme:
a data transmission method of a virtual network card comprises the following steps:
acquiring a first IP address allocated to a target virtual network card by a gateway;
detecting whether the first IP address is in the same network segment with the IP address of a preset network card;
when the first IP address and the IP address of the preset network card are in the same network segment, configuring a second IP address which is not in the same network segment with the IP address of the preset network card for the target virtual network card;
and transmitting the message through the target virtual network card configured with the second IP address.
Optionally, the transmitting the message through the target virtual network card configured with the second IP address includes:
acquiring an uplink message transmitted to the gateway by the target virtual network card; wherein, the source address of the uplink message is the second IP address;
modifying the source address in the uplink message into the first IP address;
and encapsulating the modified uplink message and then sending the encapsulated uplink message to the gateway.
Optionally, the modifying the source address in the uplink message to the first IP address includes:
searching a first IP address corresponding to the target virtual network card and the second IP address in a preset address record table; the address record table records the corresponding relation among the target virtual network card, the first IP address and the second IP address;
and replacing the field value of the source address field in the uplink message with the first IP address.
Optionally, the transmitting the message through the target virtual network card configured with the second IP address includes:
receiving a downlink message sent to the target virtual network card by the gateway; wherein, the destination address of the downlink message is the first IP address;
modifying the destination address in the downlink message into the second IP address;
and sending the modified downlink message to the target virtual network card.
Optionally, the modifying the destination address in the downlink message to the second IP address includes:
searching a second IP address corresponding to the target virtual network card and the first IP address in a preset address record table; the address record table records the corresponding relation among the target virtual network card, the first IP address and the second IP address;
and replacing the field value of the destination address field in the downlink message with the second IP address.
Correspondingly, an embodiment of the present invention further provides a data transmission device for a virtual network card, including:
the first address acquisition unit is used for acquiring a first IP address allocated to the target virtual network card by the gateway;
the detection unit is used for detecting whether the first IP address is in the same network segment with the IP address of the preset network card;
the configuration unit is used for configuring a second IP address which is not in the same network segment with the IP address of the preset network card for the target virtual network card when the first IP address and the IP address of the preset network card are in the same network segment;
and the transmission unit is used for transmitting the message through the target virtual network card configured with the second IP address.
Optionally, the transmission unit further includes:
an uplink message acquiring subunit, configured to acquire an uplink message transmitted to the gateway by the target virtual network card; wherein, the source address recorded in the uplink message is the second IP address;
a first modification subunit, configured to modify a source address in the uplink message into the first IP address;
and the first sending subunit is configured to encapsulate the modified uplink packet and send the modified uplink packet to the gateway.
Optionally, the first modifying subunit includes:
the first searching module is used for searching a first IP address corresponding to the target virtual network card and the second IP address in a preset address record table; the address record table records the corresponding relation among the target virtual network card, the first IP address and the second IP address;
a first replacing module, configured to replace a field value of a source address field in the uplink message with the first IP address.
Optionally, the transmission unit further includes:
a downlink message receiving subunit, configured to receive a downlink message sent by the gateway to the target virtual network card; wherein, the destination address recorded in the downlink message is the first IP address;
a second modification subunit, configured to modify a destination address in the downlink message to the second IP address;
and the second sending subunit is configured to send the modified downlink message to the target virtual network card.
Optionally, the second modifying subunit includes:
the second searching module is used for searching a second IP address corresponding to the target virtual network card and the first IP address in a preset address record table; the address record table records the corresponding relation among the target virtual network card, the first IP address and the second IP address;
and the second replacing module is used for replacing the field value of the destination address field in the downlink message with the second IP address.
The technical scheme provided by the embodiment of the invention can have the following beneficial effects:
when a first IP address allocated to a target virtual network card by a gateway is obtained, whether the first IP address is in the same network segment with the IP address of a preset network card is detected; when the first IP address and the IP address of a preset network card are in the same network segment, configuring a second IP address which is not in the same network segment with the IP address of the preset network card for the target virtual network card; in the invention, when the gateway is the target virtual network card, the first IP address is in the same network segment with the IP addresses of other network cards, and the target virtual network card is configured with the second IP address which is not in the same network segment with the IP addresses of all other network cards, so that the problem of IP address conflict is avoided when data is transmitted through the target virtual network card, the information safety of a user can be ensured, and the reliability of information transmission is improved. The invention does not change the process of configuring the IP address by the gateway, and the modification cost is lower.
The invention configures the second IP address for the target virtual network card, and the target virtual network card recorded by the gateway is the first IP address, and modifies the source address of the uplink message into the first IP address when sending the uplink message to the gateway, thereby enabling the gateway to accurately obtain the information in the uplink message and ensuring the gateway to correctly forward the uplink message. When the source address in the uplink message is modified, the field value corresponding to the source address field is replaced by the first IP address according to the message format, the message format does not need to be changed in the address modification process, the processing efficiency is high, and the transmission speed of the message cannot be influenced.
The invention configures the second IP address for the target virtual network card, and the target virtual network card recorded by the gateway is the first IP address, and modifies the destination address of the downlink message into the second IP address when receiving the downlink message of the gateway, thereby enabling the downlink message to successfully reach the target virtual network card. When the destination address in the uplink message is modified, the field value corresponding to the destination address field is replaced by the second IP address according to the message format, the message format does not need to be changed in the address modification process, the processing efficiency is high, and the transmission speed of the message is not influenced.
Drawings
Fig. 1 is a schematic view of an application scenario for implementing data transmission of a virtual network card according to an embodiment of the present invention.
Fig. 2 is a flowchart illustrating a data transmission method of the virtual network card according to an embodiment of the present invention.
Fig. 3A is a flowchart illustrating a data transmission method of the virtual network card according to another embodiment of the present invention.
Fig. 3B is a schematic diagram of an uplink packet according to an embodiment of the present invention.
Fig. 3C is a schematic diagram of a modified uplink packet according to an embodiment of the present invention.
Fig. 4A is a flowchart illustrating a data transmission method of the virtual network card according to another embodiment of the present invention.
Fig. 4B is a schematic diagram of a downlink packet according to an embodiment of the present invention.
Fig. 4C is a schematic diagram of a modified downlink packet according to an embodiment of the present invention.
Fig. 5 is a hardware configuration diagram of a device in which the data transmission apparatus of the virtual network card according to the present invention is located.
Fig. 6 is a block diagram of an embodiment of a data transmission device of the virtual network card according to the present invention.
Detailed Description
Reference will now be made in detail to the exemplary embodiments, examples of which are illustrated in the accompanying drawings. When the following description refers to the accompanying drawings, like numbers in different drawings represent the same or similar elements unless otherwise indicated. The embodiments described in the following exemplary embodiments do not represent all embodiments consistent with the present application. Rather, they are merely examples of apparatus and methods consistent with aspects of the present application.
The terminology used herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the application. As used in this application, the singular forms "a", "an", and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. It should also be understood that the term "and/or" as used herein refers to and encompasses any and all possible combinations of one or more of the associated listed items.
It is to be understood that although the terms first, second, third, etc. may be used herein to describe various information, these information should not be limited to these terms. These terms are only used to distinguish one type of information from another. For example, first information may also be referred to as second information, and similarly, second information may also be referred to as first information, without departing from the scope of the present invention. The word "if" as used herein may be interpreted as "at … …" or "when … …" or "in response to a determination", depending on the context.
Fig. 1 is a schematic view of an application scenario for implementing data transmission of a virtual network card according to an embodiment of the present invention. In fig. 1, the client may be a mobile terminal and a non-mobile terminal, where the non-mobile terminal includes a desktop computer, and the mobile terminal includes a smart phone, a tablet computer, a notebook computer, a personal digital assistant, and the like. The client comprises a physical network card and is provided with a plurality of VPN virtual network cards, and the client can realize data interaction through internet communication between each virtual network card and a VPN gateway.
As shown in fig. 2, which is a schematic flow chart of the data transmission method of the virtual network card in an embodiment of the present invention, the method of the embodiment of the present invention may be applied to the client side shown in fig. 1, and includes the following steps:
instep 201, a first IP address allocated by the gateway for the target virtual network card is obtained.
The Gateway (Gateway) is also called an internetwork connector and a protocol converter. The gateway realizes network interconnection above a network layer, is complex network interconnection equipment and is only used for interconnection of two networks with different high-level protocols; the gateway in this embodiment may be a VPN gateway, which is deployed at the network boundary of an application server, and protects an application system that needs to be reinforced by way of open access control, and a user can access a protected application service only through a VPN gateway device.
The virtual network card is also called as a virtual network adapter, namely a network environment is simulated by adopting software and a network adapter is simulated; the virtual network card is a feasible network card for the client, but not a real physical network card, but a software module running in the client; the virtual network card is mainly used for establishing a local area network between remote computers. The virtual network card can simulate the function of a concentrator to realize the function of VPN, so that the system recognizes the software as a network card, and the virtual network card can be connected to the virtual concentrator to form a local area network with other computers as long as an external network can be accessed. All physical local area network operations can be performed on the virtual local area network, such as mutual access, message transmission, online games, and the like.
In this step, the VPN gateway device allocates a first IP address to a target virtual network card, where the target virtual network card is a network card that is not configured with an IP address and is preset in the client, and the VPN gateway device can configure an IP address for the network card that is not configured with an IP address according to a preset network segment and transmit the IP address to the client through a network.
Instep 202, it is detected whether the first IP address is in the same network segment as the IP address of the preset network card.
Because a plurality of network cards are preset in the client, the preset network cards can comprise a physical network card of the client and a plurality of virtual network cards, the preset network cards are configured with IP addresses, at the moment, a first IP address allocated to a target virtual network card by the gateway is possibly in the same network segment with the IP address of the preset network card in the client, if the preset network card is in the same network segment, because each network card adds a direct connection route, a broadcast route and the like to a routing table when configuring the IP, if the two IP addresses are different but in the same network segment, two routing table entries with the same target IP address and mask but different gateways and different hops can be caused, and at the moment, the gateway which is reached can be determined according to the routing table entry with the small hops after a message arrives. If the number of hops of the route issued by the VPN virtual network card is larger than the number of hops of the original route, the message cannot be sent to the VPN virtual network card, and the client cannot encrypt and decrypt the data packet of the user, so that the information security of the user is threatened.
In practical application, a network card address storage table can be preset, and the corresponding relation between each network card of the gateway and the IP address configured for each network card by the gateway is recorded in the network card address storage table; each network card in the network card address storage table may have a corresponding identifier, and the identifier may use letters or numbers and the like as a unique identifier for distinguishing from other network cards. When receiving that the gateway configures a first IP address for a new target virtual network card, the gateway can read the IP addresses of the network cards recorded in the network card address storage table, and quickly detect whether the first IP address of the target virtual network card is in the same network segment with the IP addresses of other network cards.
In practical application, if two IP addresses are judged to be in the same network segment, the two IP addresses can be respectively and-operated with the subnet mask, and the obtained result is a network number, if the network numbers are the same, the two IP addresses are in the same network segment, otherwise, the two IP addresses are not in the same network segment.
For example: a, IP: 202.194.128.9, respectively; b, IP: 202.194.128.14, respectively; subnet mask: 255.255.255.0.
the addresses of a and B are first converted to binary:
A:1100 1010.1100 0010.1000 0000.0000 1001
B:1100 1010.1100 0010.1000 0000.0000 1101
11111111.11111111.11111111.00000000 mask
The result of the AND operation of A and B is as follows:
A:11001010.1100 0010.1000 0000.0000 0000
conversion to decimal system: 202.194.128.0
B:1100 1010.1100 0010.1000 0000.0000 0000
Conversion to decimal system: 202.194.128.0
Therefore, the network identities of the two IPs are the same, i.e. a and B are in the same network segment.
Instep 203, when the first IP address and the IP address of the preset network card are in the same network segment, a second IP address that is not in the same network segment as the IP address of the preset network card is configured for the virtual network card.
If the client detects that the first IP address allocated to the target virtual network card by the gateway and the IP address of the preset network card are in the same network segment, the first IP address of the target virtual network card can conflict with the IP address of the preset network card, and at the moment, a second IP address which is not in the same network segment with the IP addresses of all other network cards can be searched according to the configured IP addresses of the other network cards; specifically, when a second IP address is generated, it is only necessary to ensure that the second IP address and the IP addresses of the other network cards are not in the same network segment according to all the preset network cards and the corresponding IP addresses recorded in the network card address storage table; the client configures a second IP address which is not in the same network segment with the IP addresses of the other network cards for the target virtual network card, so that the problem of address conflict is prevented, and the safety and the reliability of information transmission are ensured. In practical application, when a second IP address is generated, a non-conflicting address can be selected as the second IP address according to a plurality of preset network segments; those skilled in the art can flexibly generate the second IP address according to actual needs, as long as it is ensured that the second IP address and the IP address of the preset network card are not in the same network segment.
For example, the IP address allocated by the VPN gateway to the virtual network card is 2.2.2.2, and the address of the local network card 1 is 2.2.2, at this time, the IP address of the virtual network card conflicts with the IP address of the local network card, and if the IP address of the virtual network card is set to 2.2.2.2, the relevant route of the client fails to be issued, and the VPN packet cannot reach the client, which threatens the information security of the user.
When the client receives the IP address distributed by the VPN gateway for the virtual network card, the address is compared with the IP addresses of all network cards of the local machine, if the same IP address exists, an IP address which is in a different network segment with the same IP address is generated to replace the IP address, such as 3.3.3.3, and the IP address of the virtual network card is set by the IP address, so that the problem of conflict between the IP address of the virtual network card and the IP address of the network card of the local machine is solved, and the VPN message can be guided to the client through the virtual network card.
Instep 204, a message is transmitted through the target virtual network card configured with the second IP address.
After the client configures another second IP address which is not in the same network segment for the target virtual network card, the problem of IP address conflict can be prevented when the data is transmitted through the target virtual network card.
As can be seen from the above embodiment, when acquiring a first IP address allocated by a gateway for a target virtual network card, a client detects whether the first IP address is in the same network segment as an IP address of a preset network card; when the first IP address and the IP address of a preset network card are in the same network segment, configuring a second IP address which is not in the same network segment with the IP address of the preset network card for the target virtual network card; in the embodiment of the invention, when the gateway is that the first IP address of the target virtual network card and the IP addresses of other network cards are in the same network segment, another second IP address which is not in the same network segment with all other network cards is configured for the target virtual network card, so that the problem of IP address conflict can be prevented when data is transmitted through the target virtual network card, the information safety of a user is ensured, and the reliability of information transmission is improved. The embodiment of the invention does not change the process of configuring the IP address by the gateway, and the modification cost is lower.
Fig. 3A is a flowchart of another embodiment of the data transmission method for a virtual network card according to the present invention, which describes a processing procedure how to transmit a message through a target virtual network card configured with the second IP address based on the foregoing embodiment, and includes the following steps:
instep 301, an uplink message transmitted to the gateway by the target virtual network card is obtained. And the source address of the uplink message is the second IP address.
The uplink message refers to a message sent to the VPN gateway device, and since the target virtual network card is configured as the second IP address by the client, the source address of the uplink message is the second IP address.
Instep 302, the source address in the uplink message is modified to the first IP address.
Because the IP address of the target virtual network card recorded in the gateway is the first IP address, the source address of the uplink message needs to be modified from the second IP address to the first IP address.
In an optional implementation manner, the modifying the source address of the uplink packet to the first IP address includes:
searching a first IP address corresponding to the target virtual network card and the second IP address in a preset address record table; and the address record table records the corresponding relation among the target virtual network card, the first IP address and the second IP address.
And replacing the field value of the source address field in the uplink message with the first IP address.
In this embodiment, an address record table may be preset, and the correspondence between the target virtual network card, the first IP address, and the second IP address in the address record table is used to search the address record table when modifying the source address of the packet, so as to obtain the first IP address corresponding to the target virtual network card and the second IP address.
It can be seen from the above embodiments that, when modifying the source address in the uplink message, the field value corresponding to the source address field in the message is replaced by the first IP address according to the message format, and the message format does not need to be changed in the address modification process, so that the processing efficiency is high, and the transmission speed of the message is not affected.
Instep 303, the modified uplink packet is encapsulated and then sent to the gateway.
The source address recorded in the modified uplink message is the first IP address recorded in the gateway, so that the gateway can accurately obtain the information in the uplink message, and the gateway can be ensured to correctly forward the uplink message.
For example, as shown in fig. 3B, the present invention is a schematic diagram of an uplink message shown in the embodiment of the present invention, in the uplink message, a source address (SRC IP field) recorded in the message is a first IP address configured by a gateway: 3.3.3.3; since the client configures the target virtual network card to be 2.2.2.2 in order to prevent collision, the field value of the SRC IP field is replaced by 2.2.2.2, as shown in fig. 3C, which is a schematic diagram of a modified uplink packet according to the embodiment of the present invention.
It can be seen from the above embodiments that, since the terminal configures the second IP address for the target virtual network card, and the target virtual network card recorded by the gateway is the first IP address, the terminal modifies the source address of the uplink message into the first IP address when sending the uplink message, so that the gateway can accurately obtain the information in the uplink message, and can ensure that the gateway can correctly forward the uplink message.
Fig. 4A is a flowchart of another embodiment of the data transmission method of the virtual network card according to the present invention, which describes another processing procedure of how to transmit a message through the target virtual network card configured with the second IP address based on the foregoing embodiment, and includes the following steps:
instep 401, a downlink message sent by the gateway to the target virtual network card is received. Wherein, the destination address of the downlink message is the first IP address.
The downlink message refers to a message issued by the VPN gateway device, and since the target virtual network card recorded in the gateway is the first IP address, the destination address of the uplink message is the first IP address. The client can distinguish the target network card for receiving the message through the port number of the downlink message.
Instep 402, the destination address in the downlink message is modified to the second IP address.
Because the IP address of the target virtual network card recorded in the client is the second IP address, the destination address in the downlink message needs to be modified from the first IP address to the second IP address.
In an optional implementation manner, the modifying the destination address of the downlink packet to the second IP address includes:
searching a second IP address corresponding to the target virtual network card and the first IP address in a preset address record table; and the address record table records the corresponding relation among the target virtual network card, the first IP address and the second IP address.
And replacing the field value of the destination address field in the downlink message with the second IP address.
In this embodiment, an address record table may be preset, and the corresponding relationship between the target virtual network card, the first IP address, and the second IP address in the address record table is used to search the address record table when modifying the destination address of the packet, so as to obtain the second IP address corresponding to the target virtual network card and the first IP address.
As can be seen from the above embodiments, when modifying the destination address in the uplink message, the field value corresponding to the destination address field is replaced by the second IP address according to the message format, the message format does not need to be changed in the address modification process, the processing efficiency is high, and the transmission speed of the message is not affected.
Instep 403, the modified downlink packet is sent to the target virtual network card.
The destination address recorded in the modified downlink message is the second IP address configured for the target virtual network card by the client, so that the downlink message can smoothly reach the target virtual network card.
For example, as shown in fig. 4B, the present invention is a schematic diagram of a downlink packet shown in the embodiment of the present invention, where a destination address (DST IP field) recorded in the downlink packet is a first IP address configured by a gateway: 2.2.2.2; since the client configures the target virtual network card to be 3.3.3.3 in order to prevent collision, the field value of the DST IP field is replaced with 3.3.3.3, as shown in fig. 4C, which is a schematic diagram of a modified downlink message shown in the embodiment of the present invention.
It can be seen from the above embodiments that, since the terminal configures the second IP address for the target virtual network card, and the target virtual network card recorded by the gateway is the first IP address, the terminal modifies the destination address of the downlink message into the second IP address when receiving the downlink message of the gateway, so that the downlink message can smoothly reach the target virtual network card.
Corresponding to the embodiment of the data transmission method of the virtual network card, the invention also provides an embodiment of a data transmission device of the virtual network card.
The embodiment of the data transmission device of the virtual network card can be realized by software, or can be realized by hardware or a combination of the software and the hardware. The software implementation is taken as an example, and is formed by reading corresponding computer program instructions in the nonvolatile memory into the memory for operation through the processor of the device where the software implementation is located as a logical means. From a hardware aspect, as shown in fig. 5, the hardware structure diagram of the device where the data transmission apparatus of the virtual network card is located is shown, except for the processor, the memory, the network interface, and the nonvolatile memory shown in fig. 5, the device where the apparatus is located in the embodiment may generally include other hardware, such as a forwarding chip responsible for processing a packet, and the like; the device may also be a distributed device in terms of hardware structure, and may include multiple interface cards to facilitate expansion of message processing at the hardware level. In the embodiments, the device in which the apparatus is located may also include other hardware, which is not described herein again, generally according to the actual function of the data transmission apparatus of the virtual network card.
Referring to fig. 6, a block diagram of an embodiment of a data transmission device of a virtual network card according to the present invention is shown, the device includes: anaddress acquisition unit 610, adetection unit 620, aconfiguration unit 630 and atransmission unit 640.
Theaddress obtaining unit 610 is configured to obtain a first IP address allocated by the gateway for the target virtual network card.
The detectingunit 620 is configured to detect whether the first IP address is in the same network segment as an IP address of a preset network card.
Aconfiguration unit 630, configured to configure, for the target virtual network card, a second IP address that is not in the same network segment as the IP address of the preset network card when the first IP address and the IP address of the preset network card are in the same network segment.
And a transmittingunit 640, configured to transmit a message through the target virtual network card configured with the second IP address.
As can be seen from the above embodiments, when the client acquires the first IP address allocated by the gateway for the target virtual network card, the client detects whether the first IP address is in the same network segment as the IP address of the preset network card; when the first IP address and the IP address of a preset network card are in the same network segment, configuring a second IP address which is not in the same network segment with the IP address of the preset network card for the target virtual network card; when the gateway is the target virtual network card, the first IP address of the target virtual network card and the IP addresses of other network cards are in the same network segment, and the other second IP address which is not in the same network segment with all other network cards is configured for the target virtual network card, so that the problem of IP address conflict can be prevented when data are transmitted through the target virtual network card, the information safety of a user is ensured, and the reliability of information transmission is improved. The embodiment of the invention does not change the process of configuring the IP address by the gateway, and the modification cost is lower.
In an optional implementation manner, thetransmission unit 640 includes: an uplinkmessage acquiring subunit 641, a first modifyingsubunit 642 and a first sendingsubunit 643.
The uplinkmessage acquiring subunit 641 is configured to acquire an uplink message that is transmitted by the target virtual network card to the gateway; and the source address of the uplink message is the second IP address.
A first modifyingsubunit 642, configured to modify the source address in the uplink message into the first IP address.
A first sendingsubunit 643, configured to encapsulate the modified uplink packet and send the modified uplink packet to the gateway.
The first modifyingsubunit 642 may include: afirst lookup module 6421 and afirst replacement module 6422.
Afirst searching module 6421, configured to search a preset address record table for a first IP address corresponding to the target virtual network card and the second IP address; and the address record table records the corresponding relation among the target virtual network card, the first IP address and the second IP address.
A first replacingmodule 6422, configured to replace a field value of a source address field in the uplink message with the first IP address.
As can be seen from the above embodiments, since the second IP address is configured for the target virtual network card, and the target virtual network card recorded by the gateway is the first IP address, when the uplink message is sent to the gateway, the source address of the uplink message is modified into the first IP address, so that the gateway can accurately obtain the information in the uplink message, and it is ensured that the gateway can correctly forward the uplink message. When the source address in the uplink message is modified, the field value corresponding to the source address field is replaced by the first IP address according to the message format, the message format does not need to be changed in the address modification process, the processing efficiency is high, and the transmission speed of the message cannot be influenced.
In another optional implementation manner, thetransmission unit 640 includes: a downlinkmessage receiving subunit 644, a second modifyingsubunit 645, and asecond sending subunit 646.
Wherein, the downlinkmessage receiving subunit 644 is configured to receive a downlink message sent by the gateway to the target virtual network card; and the destination address of the downlink message is the first IP address.
A second modifyingsubunit 645, configured to modify the destination address in the downlink message into the second IP address.
And asecond sending subunit 646, configured to send the modified downlink message to the target virtual network card.
The second modifyingsubunit 645 may include: asecond lookup module 6451 and asecond replacement module 6452.
Thesecond searching module 6451 is configured to search a preset address record table for a second IP address corresponding to the target virtual network card and the first IP address; and the address record table records the corresponding relation among the target virtual network card, the first IP address and the second IP address.
A second replacingmodule 6452, configured to replace a field value of a destination address field in the downlink message with the second IP address.
It can be seen from the above embodiments that, since the second IP address is configured for the target virtual network card, and the target virtual network card recorded by the gateway is the first IP address, the destination address of the downlink message is modified to the second IP address when the downlink message of the gateway is received, so that the downlink message can smoothly reach the target virtual network card. When the destination address in the uplink message is modified, the field value corresponding to the destination address field is replaced by the second IP address according to the message format, the message format does not need to be changed in the address modification process, the processing efficiency is high, and the transmission speed of the message is not influenced.
For the device embodiments, since they substantially correspond to the method embodiments, reference may be made to the partial description of the method embodiments for relevant points. The above-described embodiments of the apparatus are merely illustrative, and the units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the modules can be selected according to actual needs to achieve the purpose of the scheme of the application. One of ordinary skill in the art can understand and implement it without inventive effort.
The above description is only exemplary of the present application and should not be taken as limiting the present application, as any modification, equivalent replacement, or improvement made within the spirit and principle of the present application should be included in the scope of protection of the present application.

Claims (6)

CN201510466721.6A2015-07-312015-07-31Data transmission method and device of virtual network cardActiveCN105939239B (en)

Priority Applications (1)

Application NumberPriority DateFiling DateTitle
CN201510466721.6ACN105939239B (en)2015-07-312015-07-31Data transmission method and device of virtual network card

Applications Claiming Priority (1)

Application NumberPriority DateFiling DateTitle
CN201510466721.6ACN105939239B (en)2015-07-312015-07-31Data transmission method and device of virtual network card

Publications (2)

Publication NumberPublication Date
CN105939239A CN105939239A (en)2016-09-14
CN105939239Btrue CN105939239B (en)2020-05-12

Family

ID=57152763

Family Applications (1)

Application NumberTitlePriority DateFiling Date
CN201510466721.6AActiveCN105939239B (en)2015-07-312015-07-31Data transmission method and device of virtual network card

Country Status (1)

CountryLink
CN (1)CN105939239B (en)

Families Citing this family (12)

* Cited by examiner, † Cited by third party
Publication numberPriority datePublication dateAssigneeTitle
CN106534794A (en)*2016-11-302017-03-22浙江宇视科技有限公司 A remote control method and device for a video surveillance system
CN107070790B (en)*2016-12-162020-05-19浙江宇视科技有限公司Route learning method and routing equipment
CN109218157B (en)*2017-07-042020-10-09大唐移动通信设备有限公司Data processing method, device and system of virtual private network system
CN107453898A (en)*2017-07-212017-12-08郑州云海信息技术有限公司A kind of network system and its network collocating method
CN109639554B (en)*2018-12-262022-01-21山东有人物联网股份有限公司Remote VLAN implementation method
CN110493228B (en)*2019-08-212021-10-26中国工商银行股份有限公司Terminal illegal networking detection method and device
CN113472907A (en)*2020-03-302021-10-01中兴通讯股份有限公司Network access method, router, electronic device and computer readable medium
CN112260925B (en)*2020-09-302022-04-29厦门汉印电子技术有限公司Electronic scale data transmission method, device, equipment and storage medium of virtual network
CN114124896B (en)*2021-11-032023-08-08中盈优创资讯科技有限公司Method and device for solving isolation of broadcasting domain between client and service system
CN114422214B (en)*2021-12-312023-12-29深信服科技股份有限公司Access information processing method, device, equipment and computer storage medium
CN115001977B (en)*2022-04-112024-02-13北京华耀科技有限公司Method and system for establishing virtual private network and virtual private network client device
CN116915777B (en)*2023-09-132023-12-05杭州立方控股股份有限公司Intelligent parking management system and method for seat personnel cooperation

Citations (7)

* Cited by examiner, † Cited by third party
Publication numberPriority datePublication dateAssigneeTitle
EP1170925A1 (en)*2000-07-062002-01-09Samsung Electronics Co. Ltd.Mac address-based communication restricting method
CN102821044A (en)*2012-07-272012-12-12北京奇虎科技有限公司Method and device for configuring server cluster
CN102946351A (en)*2012-10-232013-02-27杭州华三通信技术有限公司Data transmission method and system
CN103023898A (en)*2012-12-032013-04-03杭州迪普科技有限公司Method and device for accessing intranet resource of virtual private network (VPN) server
CN103442098A (en)*2013-09-022013-12-11三星电子(中国)研发中心Method, system and server for allocating virtual IP addresses
EP2860918A1 (en)*2013-01-232015-04-15ZTE CorporationMessage processing method and system in multi-homing access overlay network
CN104618243A (en)*2015-02-282015-05-13华为技术有限公司Routing method, device and system, and gateway scheduling method and device

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication numberPriority datePublication dateAssigneeTitle
CN101964799B (en)*2010-10-212014-06-04神州数码网络(北京)有限公司Solution method of address conflict in point-to-network tunnel mode
CN102957752A (en)*2011-08-192013-03-06中兴通讯股份有限公司System and method for identification and gateway address distribution

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication numberPriority datePublication dateAssigneeTitle
EP1170925A1 (en)*2000-07-062002-01-09Samsung Electronics Co. Ltd.Mac address-based communication restricting method
CN102821044A (en)*2012-07-272012-12-12北京奇虎科技有限公司Method and device for configuring server cluster
CN102946351A (en)*2012-10-232013-02-27杭州华三通信技术有限公司Data transmission method and system
CN103023898A (en)*2012-12-032013-04-03杭州迪普科技有限公司Method and device for accessing intranet resource of virtual private network (VPN) server
EP2860918A1 (en)*2013-01-232015-04-15ZTE CorporationMessage processing method and system in multi-homing access overlay network
CN103442098A (en)*2013-09-022013-12-11三星电子(中国)研发中心Method, system and server for allocating virtual IP addresses
CN104618243A (en)*2015-02-282015-05-13华为技术有限公司Routing method, device and system, and gateway scheduling method and device

Also Published As

Publication numberPublication date
CN105939239A (en)2016-09-14

Similar Documents

PublicationPublication DateTitle
CN105939239B (en)Data transmission method and device of virtual network card
US20190028424A1 (en)Method and system for inspecting network traffic between end points of a zone
US10129353B2 (en)Overlay networks for application groups
CN106789526B (en)method and device for connecting multiple system networks
CN103179100B (en)A kind of method and apparatus preventing domain name system Tunnel Attack
US8472420B2 (en)Gateway device
CN108259299A (en)A kind of forwarding-table item generation method, device and machine readable storage medium
CN106878133B (en)Message forwarding method and device
US20210329531A1 (en)Dynamic mapping of nodes responsible for monitoring traffic of an evolved packet core
CN107197462A (en)Detection method, device and the electronic equipment of wireless network type
US20100250731A1 (en)Systems and methods for application identification
CN106507414B (en)Message forwarding method and device
CN113709016B (en)Communication system, communication method, communication apparatus, communication device, and storage medium
CN105812221B (en)The device and method of data transmission in virtual expansible Local Area Network
CN108243177A (en) A data transmission method and device
CN109246016B (en)Cross-VXLAN message processing method and device
US20250126137A1 (en)System and method for providing cybersecurity services in dual-stack traffic processing within communication networks
EP2983337B1 (en)Method and system for facilitating the establishment of a virtual private network in a cellular communication network
HermanArtificial intelligence, machine learning, and computer vision
CN113497788A (en)Data processing method and device
CN105227569A (en)The data pack transmission method of application and device
CN113794596B (en)Network reconstruction method based on metropolitan area network
US11212308B1 (en)Methods and systems for identifying and classifying locations of networked devices
KR20160123416A (en)Information security device, terminal, network having information security system and terminal
SinghImplementing Cisco Networking Solutions: Configure, implement, and manage complex network designs

Legal Events

DateCodeTitleDescription
C06Publication
PB01Publication
C10Entry into substantive examination
SE01Entry into force of request for substantive examination
CB02Change of applicant information
CB02Change of applicant information

Address after:Binjiang District and Hangzhou city in Zhejiang Province Road 310051 No. 68 in the 6 storey building

Applicant after:Hangzhou Dipu Polytron Technologies Inc

Address before:Binjiang District and Hangzhou city in Zhejiang Province Road 310051 No. 68 in the 6 storey building

Applicant before:Hangzhou Dipu Technology Co., Ltd.

GR01Patent grant
GR01Patent grant
[8]ページ先頭
©2009-2025 Movatter.jp