Movatterモバイル変換

[0]ホーム
URL:

CN115834655A - Method and device for accessing server in private network - Google Patents

Method and device for accessing server in private networkDownload PDF

Info

Publication number
CN115834655A
CN115834655ACN202211317069.8ACN202211317069ACN115834655ACN 115834655 ACN115834655 ACN 115834655ACN 202211317069 ACN202211317069 ACN 202211317069ACN 115834655 ACN115834655 ACN 115834655A
Authority
CN
China
Prior art keywords
proxy
network connection
cross
node
connection
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202211317069.8A
Other languages
Chinese (zh)
Other versions
CN115834655B (en
Inventor
刘天驰
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Alipay Hangzhou Information Technology Co Ltd
Original Assignee
Alipay Hangzhou Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Alipay Hangzhou Information Technology Co LtdfiledCriticalAlipay Hangzhou Information Technology Co Ltd
Priority to CN202211317069.8ApriorityCriticalpatent/CN115834655B/en
Publication of CN115834655ApublicationCriticalpatent/CN115834655A/en
Application grantedgrantedCritical
Publication of CN115834655BpublicationCriticalpatent/CN115834655B/en
Activelegal-statusCriticalCurrent
Anticipated expirationlegal-statusCritical

Links

Images

Landscapes

Abstract

The embodiment of the specification relates to the technical field of network communication, and provides a method and a device for accessing a server in a private network. The method comprises the following steps: the proxy server node receives a cross-network connection request for the access sent by a client through a first connection; the cross-network connection request is used for the client in the external network to access the server in the private network; the proxy server node selects a public network connection corresponding to the service type accessed at this time from at least two public network connections between the proxy server node and the proxy client node; different service types correspond to different public network connections; the proxy server node sends the cross-network connection request to the proxy client node through the selected public network connection; and the agent service end node transmits the information of the current access between the client and the server by using the first connection and the selected public network connection. The embodiment of the specification can avoid mutual interference of the access flows of different service types.

Description

Translated fromChinese
访问私网中的服务端的方法和装置Method and device for accessing server in private network

技术领域technical field

本说明书一个或多个实施例涉及网络通信技术,尤其涉及访问私网中的服务端的方法和装置。One or more embodiments of this specification relate to network communication technologies, and in particular to a method and device for accessing a server in a private network.

背景技术Background technique

随着云计算的普及,将应用程序部署在多个公有云或多个私有云的多云架构愈加常见。在这种多云环境中,有大量的场景需要跨云、跨网络的访问私网内的应用程序,私网内的应用程序则成为了被访问的服务端,以此共享不同云和不同网络中的数据和服务。With the popularity of cloud computing, a multi-cloud architecture in which applications are deployed on multiple public clouds or multiple private clouds is becoming more and more common. In this multi-cloud environment, there are a large number of scenarios that require cross-cloud and cross-network access to applications in the private network, and the applications in the private network become the accessed server to share data in different clouds and different networks. data and services.

为了网络安全,保护用户的隐私数据,私有网络内通常会使用防火墙等技术阻止外部网络对其内部的服务端进行访问,这导致了公网和私网之间的网络隔离,这对跨云、跨网络的访问私网内的服务端造成困难。为了解决上述问题,基于私网穿透技术的跨网代理应运而生,成为在多云场景下打通私有网络的主要方案之一。For network security and protection of users' private data, technologies such as firewalls are usually used in private networks to prevent external networks from accessing their internal servers, which results in network isolation between the public network and private network, which affects cross-cloud, Cross-network access to the server in the private network causes difficulties. In order to solve the above problems, a cross-network proxy based on private network penetration technology emerged as the times require, and has become one of the main solutions to open up private networks in multi-cloud scenarios.

但是,目前基于私网穿透技术实现的跨网代理,存在不同业务类型的访问的流量相互干扰的问题。However, the current cross-network proxy based on the private network penetration technology has the problem of mutual interference of access traffic of different business types.

发明内容Contents of the invention

本说明书一个或多个实施例描述了访问私网中的服务端的方法和装置,能够避免不同业务类型的访问的流量相互干扰。One or more embodiments of this specification describe a method and device for accessing a server in a private network, which can avoid mutual interference of access traffic of different service types.

根据第一方面,提供了一种访问私网中的服务端的方法,其中,包括:According to the first aspect, a method for accessing a server in a private network is provided, including:

代理服务端节点通过第一连接来接收客户端发来的针对本次访问的跨网连接请求;该跨网连接请求用于外网中的该客户端访问私网中的服务端,该跨网连接请求携带有该服务端的私网地址;The proxy server node receives the cross-network connection request sent by the client for this visit through the first connection; the cross-network connection request is used for the client in the external network to access the server in the private network, and the cross-network The connection request carries the private network address of the server;

代理服务端节点确定本次访问的业务类型;The proxy server node determines the business type of this visit;

代理服务端节点从代理服务端节点与代理客户端节点之间的至少两条公网连接中选择本次访问的业务类型对应的公网连接;其中,不同的业务类型对应不同的公网连接;The proxy server node selects the public network connection corresponding to the business type of this visit from at least two public network connections between the proxy server node and the proxy client node; where different business types correspond to different public network connections;

代理服务端节点通过选择出的公网连接将跨网连接请求发送至代理客户端节点;The proxy server node sends the cross-network connection request to the proxy client node through the selected public network connection;

代理服务端节点接收到代理客户端节点返回的连接成功消息后,向所述客户端返回连接成功消息;After the proxy server node receives the connection success message returned by the proxy client node, it returns a connection success message to the client;

代理服务端节点利用第一连接以及选择出的公网连接,传输所述客户端与所述服务端之间的本次访问的信息。The proxy server node transmits the current visit information between the client and the server by using the first connection and the selected public network connection.

其中,所述第一连接是由所述客户端向所述代理服务端节点发起建立的、基于socks5协议的连接;和/或,所述跨网连接请求中携带本次访问的业务类型信息;相应地,所述代理服务端节点确定本次访问的业务类型包括:所述代理服务端节点通过解析跨网连接请求确定本次访问的业务类型。Wherein, the first connection is a connection based on the socks5 protocol initiated and established by the client to the proxy server node; and/or, the service type information of this visit is carried in the cross-network connection request; Correspondingly, the proxy server node determining the service type of this visit includes: the proxy server node determining the service type of this visit by analyzing the cross-network connection request.

其中,在产生所述本次访问之前,进一步包括:所述代理服务端节点与所述代理客户端节点建立所述至少两条公网连接。Wherein, before generating the current visit, it further includes: the proxy server node establishes the at least two public network connections with the proxy client node.

其中,所述代理服务端节点与所述代理客户端节点建立所述至少两条公网连接,包括:在代理客户端节点启动后,代理服务端节点与该代理客户端节点建立初始通道连接;代理服务端节点通过初始通道连接向代理客户端节点动态更新当前需要的各个业务类型的信息;以及代理服务端节点与代理客户端节点根据动态更新的业务类型的信息,动态地为当前需要的每一种业务类型均设置一条对应的公网连接。Wherein, the establishment of the at least two public network connections between the proxy server node and the proxy client node includes: after the proxy client node is started, the proxy server node establishes an initial channel connection with the proxy client node; The proxy server node dynamically updates the information of each service type currently needed to the proxy client node through the initial channel connection; and the proxy server node and the proxy client node dynamically provide each service type currently needed A corresponding public network connection is set for each service type.

同一种业务类型的至少两个访问复用所述至少两条公网连接中的同一条公网连接;其中,该至少两个访问为:由连接到同一个所述代理服务端节点的至少一个客户端发起的、向所述私网中连接到同一个所述代理客户端节点的至少一个服务端的访问。At least two accesses of the same business type multiplex the same public network connection in the at least two public network connections; wherein, the at least two accesses are: connected to the same proxy server node at least one The access initiated by the client to at least one server connected to the same proxy client node in the private network.

其中,在代理服务端节点接收到跨网连接请求之后,并在所述代理服务端节点通过所选择的公网连接将跨网连接请求发送至代理客户端节点之前,进一步包括:代理服务端节点为所述本次访问分配跨网连接ID;Wherein, after the proxy server node receives the cross-network connection request, and before the proxy server node sends the cross-network connection request to the proxy client node through the selected public network connection, it further includes: the proxy server node Allocating a cross-network connection ID for the visit;

该方法进一步包括:The method further includes:

所述代理服务端节点绑定该跨网连接ID与所述第一连接;The proxy server node binds the cross-network connection ID to the first connection;

所述代理服务端节点在向所述代理客户端节点发送的本次访问的所有第一信息中均添加所述跨网连接ID;The proxy server node adds the cross-network connection ID to all the first information of this visit sent to the proxy client node;

所述代理服务端节点从所述代理客户端节点发来的第二信息中解析出跨网连接ID,删除第二信息中的跨网连接ID,然后将第二信息通过与解析出的跨网连接ID绑定的第一连接发送给所述客户端;其中,所述信息包括信令及数据。The proxy server node parses the cross-network connection ID from the second information sent by the proxy client node, deletes the cross-network connection ID in the second information, and then passes the second information through the parsed cross-network connection ID. The first connection bound with the connection ID is sent to the client; wherein the information includes signaling and data.

该方法进一步包括:针对所述至少两条公网连接中的每一条公网连接,在所述代理服务端节点中均设置该公网连接专用的发送队列及专用的工作线程;The method further includes: for each of the at least two public network connections, setting a dedicated sending queue and a dedicated working thread for the public network connection in the proxy server node;

所述代理服务端节点利用第一连接以及选择出的公网连接传输所述客户端与所述服务端之间的信息,包括:所述代理服务端节点通过所述第一连接接收客户端发来的信息;所述代理服务端节点利用所述选择出的公网连接专用的工作线程,将接收到的信息放入所述选择出的公网连接专用的发送队列中;所述代理服务端节点利用所述选择出的公网连接专用的工作线程,从该公网连接专用的发送队列中依次取出信息,并通过所述选择出的公网连接将取出的信息发送至所述代理客户端节点。The proxy server node uses the first connection and the selected public network connection to transmit information between the client and the server, including: the proxy server node receives the client-sent message through the first connection incoming information; the proxy server node uses the selected public network connection dedicated working thread to put the received information into the selected public network connection dedicated sending queue; the proxy server node The node uses the selected working thread dedicated to the public network connection to sequentially fetch information from the sending queue dedicated to the public network connection, and sends the fetched information to the proxy client through the selected public network connection node.

根据第二方面,提供了访问私网中的服务端的方法,其中,私网中的代理客户端节点与该私网外的代理服务端节点之间建立有至少两条公网连接,其中,不同的业务类型对应不同的公网连接;该方法包括:According to the second aspect, a method for accessing a server in a private network is provided, wherein at least two public network connections are established between the proxy client node in the private network and the proxy server node outside the private network, wherein the different The business types correspond to different public network connections; the method includes:

所述代理客户端节点从所述至少两条公网连接中的一条公网连接上接收到针对本次访问的跨网连接请求;该跨网连接请求中携带有私网中的服务端的私网地址;The proxy client node receives a cross-network connection request for this visit from one of the at least two public network connections; the cross-network connection request carries the private network of the server in the private network address;

所述代理客户端节点根据跨网连接请求中携带的私网地址,与所述服务端建立第二连接;The proxy client node establishes a second connection with the server according to the private network address carried in the cross-network connection request;

在第二连接建立成功后,所述代理客户端节点通过接收到跨网连接请求的公网连接,向所述代理服务端节点返回连接成功消息;After the second connection is successfully established, the proxy client node returns a connection success message to the proxy server node through the public network connection that receives the cross-network connection request;

所述代理客户端节点利用第二连接以及接收到跨网连接请求的公网连接,传输所述客户端与所述服务端之间的本次访问的信息。The proxy client node transmits the current visit information between the client and the server by using the second connection and the public network connection that received the cross-network connection request.

其中,所述代理客户端节点接收到的跨网连接请求中携带有跨网连接ID;Wherein, the cross-network connection request received by the proxy client node carries a cross-network connection ID;

在建立所述第二连接之后,进一步包括:After establishing the second connection, further comprising:

所述代理客户端节点绑定该跨网连接ID与所述第二连接;The proxy client node binds the cross-network connection ID with the second connection;

所述代理客户端节点在向所述代理服务端节点发送的本次访问的所有第二信息中均添加所述跨网连接ID;所述代理客户端节点根据所述代理服务端节点发来的所有第一信息中携带的所述跨网连接ID,将所有第一信息通过与该跨网连接ID绑定的第二连接发送给所述服务端;其中,所述信息包括信令及数据。The proxy client node adds the cross-network connection ID in all the second information of this visit sent to the proxy server node; The cross-network connection ID carried in all the first information is used to send all the first information to the server through the second connection bound with the cross-network connection ID; wherein, the information includes signaling and data.

该方法进一步包括:针对所述至少两条公网连接中的每一条公网连接,在所述代理客户端节点中均设置该公网连接专用的发送队列及专用的工作线程;The method further includes: for each of the at least two public network connections, setting a dedicated sending queue and a dedicated working thread for the public network connection in the proxy client node;

所述代理客户端节点利用第二连接以及接收到跨网连接请求的公网连接,传输所述客户端与所述服务端之间的本次访问的信息,包括:所述代理客户端节点通过所述第二连接接收服务端发来的信息;所述代理客户端节点利用接收到跨网连接请求的公网连接专用的工作线程,将接收到的信息放入该公网连接专用的发送队列中;所述代理服务端节点利用该专用的工作线程,从该专用的发送队列中依次取出信息,并通过该公网连接将取出的信息发送至所述代理服务端节点。The proxy client node uses the second connection and the public network connection that receives the cross-network connection request to transmit the current access information between the client and the server, including: the proxy client node passes The second connection receives the information sent by the server; the proxy client node uses the working thread dedicated to the public network connection that receives the cross-network connection request, and puts the received information into the sending queue dedicated to the public network connection In: the proxy server node uses the dedicated worker thread to sequentially fetch information from the dedicated sending queue, and sends the retrieved information to the proxy server node through the public network connection.

根据第三方面,提供了访问私网中的服务端的方法,其中,包括:According to the third aspect, a method for accessing a server in a private network is provided, including:

客户端与代理服务端节点建立第一连接;所述客户端通过第一连接将针对本次访问的跨网连接请求发送给所述代理服务端节点;其中,该跨网连接请求用于外网中的该客户端访问私网中的服务端,并且该跨网连接请求中携带有该服务端的私网地址。The client establishes a first connection with the proxy server node; the client sends a cross-network connection request for this visit to the proxy server node through the first connection; wherein, the cross-network connection request is used for the external network The client in accesses the server in the private network, and the cross-network connection request carries the private network address of the server.

根据第四方面,提供了访问私网中的服务端的装置,应用于代理服务端节点中,该装置包括:According to the fourth aspect, a device for accessing a server in a private network is provided, which is applied to a proxy server node, and the device includes:

代理服务端模块,配置为与客户端建立第一连接;A proxy server module configured to establish a first connection with the client;

跨网服务端模块,配置为与代理客户端节点建立至少两条公网连接,其中,不同的业务类型对应不同的公网连接;The cross-network server module is configured to establish at least two public network connections with the proxy client node, wherein different business types correspond to different public network connections;

处理模块,配置为通过所述代理服务端模块建立的第一连接接收客户端发来的针对本次访问的跨网连接请求;该跨网连接请求用于外网中的该客户端访问私网中的服务端,该跨网连接请求携带有该服务端的私网地址;确定本次访问的业务类型;从所述跨网服务端模块建立的至少两条公网连接中选择本次访问的业务类型对应的公网连接,通过选择出的公网连接将跨网连接请求发送至代理客户端节点;在接收到代理客户端节点返回的连接成功消息后,通过代理服务端模块建立的第一连接向客户端发送连接成功消息;通过代理服务端模块建立的第一连接以及跨网服务端模块建立的公网连接传输客户端与服务端之间的本次访问的信息。The processing module is configured to receive the cross-network connection request for this visit sent by the client through the first connection established by the proxy server module; the cross-network connection request is used for the client in the external network to access the private network The server in the cross-network connection request carries the private network address of the server; determines the business type of this visit; selects the business of this visit from at least two public network connections established by the cross-network server module For the public network connection corresponding to the type, the cross-network connection request is sent to the proxy client node through the selected public network connection; after receiving the connection success message returned by the proxy client node, the first connection established through the proxy server module Send a connection success message to the client; transmit the current access information between the client and the server through the first connection established by the proxy server module and the public network connection established by the cross-network server module.

根据第五方面,提供了访问私网中的服务端的装置,应用于代理客户端节点中,该装置包括:According to the fifth aspect, a device for accessing a server in a private network is provided, which is applied to a proxy client node, and the device includes:

跨网服务端单元,配置为与私网外的代理服务端节点建立至少两条公网连接,其中,不同的业务类型对应不同的公网连接;The cross-network server unit is configured to establish at least two public network connections with proxy server nodes outside the private network, wherein different business types correspond to different public network connections;

控制单元,配置为从所述至少两条公网连接中的一条公网连接上接收到针对本次访问的跨网连接请求,解析出该跨网连接请求中携带的私网中的服务端的私网地址;在第二连接建立成功后,通过接收到跨网连接请求的公网连接,向代理服务端节点返回连接成功消息;利用跨网服务端单元建立的公网连接以及代理客户端单元建立的第二连接,传输客户端与服务端之间的本次访问的信息;The control unit is configured to receive a cross-network connection request for this visit from one of the at least two public network connections, and parse out the private information of the server in the private network carried in the cross-network connection request. network address; after the second connection is established successfully, by receiving the public network connection of the cross-network connection request, the connection success message is returned to the proxy server node; the public network connection established by the cross-network server unit and the proxy client unit are used to establish The second connection to transmit the information of this visit between the client and the server;

代理客户端单元,配置为根据跨网连接请求中携带的私网地址,与服务端建立第二连接。The proxy client unit is configured to establish a second connection with the server according to the private network address carried in the cross-network connection request.

根据第六方面,提供了访问私网中的服务端的装置,应用于客户端,该装置包括:According to the sixth aspect, a device for accessing a server in a private network is provided, which is applied to a client, and the device includes:

连接建立模块,配置为与代理服务端节点建立第一连接;A connection establishment module configured to establish a first connection with the proxy server node;

信息处理模块,配置为通过第一连接将针对本次访问的跨网连接请求发送给代理服务端节点;其中,该跨网连接请求用于外网中的该客户端访问私网中的服务端,并且该跨网连接请求中携带有该服务端的私网地址。The information processing module is configured to send the cross-network connection request for this visit to the proxy server node through the first connection; wherein, the cross-network connection request is used for the client in the external network to access the server in the private network , and the cross-network connection request carries the private network address of the server.

根据第七方面,提供了一种计算设备,包括存储器和处理器,所述存储器中存储有可执行代码,所述处理器执行所述可执行代码时,实现本说明书任一实施例所述的方法。According to a seventh aspect, there is provided a computing device, including a memory and a processor, wherein executable code is stored in the memory, and when the processor executes the executable code, it implements the method described in any embodiment of this specification. method.

本说明书各个实施例提供的访问私网中的服务端的方法及装置,至少具有如下的有益效果:The method and device for accessing the server in the private network provided by each embodiment of this specification have at least the following beneficial effects:

1、在同一个代理服务端节点与同一个代理客户端节点之间会建立至少两条公网连接,不同业务类型对应不同的公网连接,也就是说不同业务类型的访问的流量会通过不同的公网连接传输。这样,则避免了不同业务类型的访问的数据相互干扰的问题。1. At least two public network connections will be established between the same proxy server node and the same proxy client node, and different business types correspond to different public network connections, that is to say, the access traffic of different business types will pass through different public network connection transmission. In this way, the problem of mutual interference of data accessed by different service types is avoided.

2、因为相同业务类型的访问对于网络带宽以及响应时效等的要求都是相同的,因此,在本说明书一个实施例中,同一个业务类型的各个访问可以复用代理服务端节点与代理客户端节点之间的一条公网连接,这样,则可以节约公网连接的资源。2. Because access of the same service type has the same requirements on network bandwidth and response timeliness, in one embodiment of this specification, each access of the same service type can reuse the proxy server node and proxy client A public network connection between nodes, so that the resources of public network connection can be saved.

3、在现有技术中,在访问发起之后,代理服务端节点才向代理客户端节点发送新建公网连接的指令,代理客户端节点接收到该指令后才会向代理服务端节点发起建立一条新的公网连接,这样就会有发送指令和新建公网连接两个方面的额外耗时,该额外耗时在跨地区、国家的多云数据传输场景中可达百毫秒级、甚至秒级,严重影响建立跨网连接的效率。本说明书实施例中可以在访问发起之前预先建立代理服务端节点与代理客户端节点之间的公网连接,这样,在访问发起之后,就不会存在现有技术中的上述发送指令和新建公网连接两个方面的额外耗时,因此,能够缩短从客户端至服务端的跨网连接的建立时间,提高对私网中服务端的访问的效率。3. In the prior art, after the access is initiated, the proxy server node sends an instruction to create a public network connection to the proxy client node, and the proxy client node initiates the establishment of a public network connection to the proxy server node only after receiving the command. New public network connection, so there will be additional time-consuming in sending instructions and creating a new public network connection. This additional time-consuming can reach hundreds of milliseconds or even seconds in multi-cloud data transmission scenarios across regions and countries. Seriously affect the efficiency of establishing cross-network connections. In the embodiment of this specification, the public network connection between the proxy server node and the proxy client node can be pre-established before the access is initiated. In this way, after the access is initiated, there will be no such sending instructions and newly created public network in the prior art. Therefore, it can shorten the establishment time of the cross-network connection from the client to the server, and improve the efficiency of access to the server in the private network.

4、在本说明书一个实施例中,代理服务端节点与代理客户端节点之间的至少两条公网连接是动态建立的,也就是说,不是预先固定设置数量不变的公网连接,而是可以根据一段时间内需要使用的各种业务类型来动态设置至少两条公网连接,因此,能够适应业务的动态变化需求,并且避免公网连接资源的浪费。4. In one embodiment of this specification, at least two public network connections between the proxy server node and the proxy client node are dynamically established, that is to say, the number of public network connections is not fixed in advance, but It is possible to dynamically set at least two public network connections according to various business types that need to be used within a period of time, so it can adapt to the dynamic changing needs of the business and avoid the waste of public network connection resources.

5、在本说明书一个实施例中,可以在代理客户端节点及代理服务端节点中为每一条公网连接均设置专用的工作线程及专用的发送队列,从而可以根据每一条公网连接对应的业务类型对资源的需求量,来动态调整工作线程及发送队列占用的资源,更加符合业务的需求。5. In one embodiment of this specification, a dedicated worker thread and a dedicated sending queue can be set for each public network connection in the proxy client node and the proxy server node, so that the Based on the demand for resources by the business type, dynamically adjust the resources occupied by the worker thread and the sending queue, which is more in line with the needs of the business.

附图说明Description of drawings

为了更清楚地说明本说明书实施例或现有技术中的技术方案,下面将对实施例或现有技术描述中所需要使用的附图作简单地介绍,显而易见地,下面描述中的附图是本说明书的一些实施例,对于本领域普通技术人员来讲,在不付出创造性劳动的前提下,还可以根据这些附图获得其他的附图。In order to more clearly illustrate the technical solutions in the embodiments of this specification or the prior art, the following will briefly introduce the drawings that need to be used in the description of the embodiments or the prior art. Obviously, the accompanying drawings in the following description are For some embodiments of this specification, those skilled in the art can also obtain other drawings based on these drawings without creative work.

图1是基于私网穿透技术实现访问私网中的服务端的系统架构示意图。FIG. 1 is a schematic diagram of a system architecture for accessing a server in a private network based on a private network penetration technology.

图2是本说明书一个实施例所应用的系统架构的示意图。Fig. 2 is a schematic diagram of a system architecture applied by an embodiment of the present specification.

图3是本说明书一个实施例中应用于代理服务端节点的访问私网中的服务端的方法的流程图。Fig. 3 is a flow chart of a method for accessing a server in a private network applied to a proxy server node in one embodiment of the present specification.

图4是本说明书一个实施例中应用于代理客户端节点的访问私网中的服务端的方法的流程图。Fig. 4 is a flow chart of a method for accessing a server in a private network applied to a proxy client node in one embodiment of the present specification.

图5是本说明书一个实施例中应用于客户端的访问私网中的服务端的方法的流程图。Fig. 5 is a flowchart of a method for accessing a server in a private network applied to a client in an embodiment of the present specification.

图6是本说明书一个实施例中客户端、代理服务端节点、代理客户端节点及服务端配合实现的访问私网中的服务端的示意图。FIG. 6 is a schematic diagram of accessing a server in a private network through cooperation of a client, a proxy server node, a proxy client node, and a server in an embodiment of the present specification.

图7是本说明书一个实施例中代理服务端节点的结构示意图。Fig. 7 is a schematic structural diagram of a proxy server node in an embodiment of this specification.

图8是本说明书一个实施例中代理客户端节点的结构示意图。Fig. 8 is a schematic structural diagram of a proxy client node in an embodiment of the present specification.

图9是本说明书一个实施例中客户端的结构示意图。Fig. 9 is a schematic structural diagram of a client in an embodiment of the present specification.

具体实施方式Detailed ways

首先对本说明书实施例中涉及到的一些专有名称进行说明。First, some proper names involved in the embodiments of this specification are described.

服务端:提供某种服务的软件或者承载该软件的硬件设备。Server: The software that provides a certain service or the hardware device that hosts the software.

私网:与其它网络环境隔离的私有网络环境,比如虚拟私有云(VPC,VirtualPrivate Cloud)、本地局域网等。Private network: a private network environment isolated from other network environments, such as virtual private cloud (VPC, Virtual Private Cloud), local area network, etc.

私网穿透:一种可以从外部网络访问私网内的服务端的网络技术,该技术首先会建立起从私网内向公网的网络通道,然后利用该通道反向的从外部网络向私网内的服务端发起网络请求,该类技术无需私网内的服务端向公网直接暴露端口,可以保障私网环境的私密性。Private network penetration: A network technology that can access the server in the private network from the external network. This technology will first establish a network channel from the private network to the public network, and then use this channel to reverse from the external network to the private network. The server in the private network initiates a network request. This type of technology does not require the server in the private network to directly expose the port to the public network, which can ensure the privacy of the private network environment.

参见图1,利用私网穿透技术实现访问私网中的服务端的方法包括:在公网中为客户端设置代理服务端节点(可以称为代理server),在私网环境中为私网中的服务端设置代理客户端节点(可以称为代理agent);当一个客户端需要访问私网环境中的一个服务端时,会建立从客户端到代理服务端节点的连接,从代理服务端节点到代理客户端节点的公网连接,从代理客户端节点到服务端的私网连接,从而实现了从外网的客户端至私网中的服务端的跨网连接,以便实现外网的客户端对私网中的服务端的访问。Referring to Fig. 1, the method of utilizing the private network penetration technology to realize the access to the server in the private network includes: setting a proxy server node (which can be called a proxy server) for the client in the public network; The server sets the proxy client node (can be called proxy agent); when a client needs to access a server in the private network environment, it will establish a connection from the client to the proxy server node, from the proxy server node The public network connection to the proxy client node, the private network connection from the proxy client node to the server, thus realizing the cross-network connection from the client in the external network to the server in the private network, so as to realize the connection between the client in the external network Access to the server in the private network.

参见图1,客户端数量有m个,私网环境V中服务端数量有s个,其中m、s均为大于1的正整数。比如,s大于m,当多个客户端比如m个客户端,同时访问私网环境V中的m个服务端时,在现有技术中,会复用从代理服务端节点到代理客户端节点的公网连接。也就是说,在同一个代理服务端节点与同一个代理客户端节点之间只会建立一条公网连接,m个客户端对私网环境V中的m个服务端的m个访问的数据都经过该同一条公网连接传输。因此,则会导致不同业务类型的访问的流量相互干扰的问题。比如,共用该条公网连接传输m个访问的数据时,可能需要同时传输访问1对应的基于HTTP协议的文件下载请求,以及传输访问2对应的心跳消息,文件下载请求的特点是数据传输量大且对延迟不敏感,而心跳消息则数据量较小且对延迟敏感,因为共用代理服务端节点与代理客户端节点之间的公网连接,那么访问1的文件下载请求会占用大量的网络资源来进行数据传输,导致访问2的心跳消息无法被及时传递,最终导致使用方出现超时等异常。Referring to Figure 1, there are m clients and s servers in the private network environment V, where m and s are both positive integers greater than 1. For example, if s is greater than m, when multiple clients, such as m clients, access m servers in the private network environment V at the same time, in the prior art, the node from the proxy server to the proxy client node will be reused public network connection. That is to say, only one public network connection will be established between the same proxy server node and the same proxy client node, and the data accessed by m clients to m servers in the private network environment V will pass through The same public network connection transmission. Therefore, it will lead to the problem that the access traffic of different service types interferes with each other. For example, when sharing the public network connection to transmit m access data, it may be necessary to transmit the file download request based on the HTTP protocol corresponding to access 1 and the heartbeat message corresponding to access 2 at the same time. The characteristic of the file download request is the data transmission volume Large and insensitive to delay, while the heartbeat message has a small amount of data and is sensitive to delay. Because the public network connection between the proxy server node and the proxy client node is shared, the file download request for access 1 will occupy a large amount of network resources for data transmission, resulting in the failure of the heartbeat message of access 2 to be delivered in time, and eventually causing abnormalities such as timeouts on the user side.

下面结合附图,对本说明书提供的方案进行描述。The solutions provided in this specification will be described below in conjunction with the accompanying drawings.

首先需要说明的是,在本发明实施例中使用的术语是仅仅出于描述特定实施例的目的,而非旨在限制本发明。在本发明实施例和所附权利要求书中所使用的单数形式的“一种”、“所述”和“该”也旨在包括多数形式,除非上下文清楚地表示其他含义。First of all, it should be noted that the terminology used in the embodiments of the present invention is only for the purpose of describing specific embodiments, rather than limiting the present invention. As used in the embodiments of the present invention and the appended claims, the singular forms "a", "said" and "the" are also intended to include the plural forms unless the context clearly indicates otherwise.

为了方便对本说明书的理解,首先对本说明书所应用的系统架构进行描述。如图2中所示,该系统架构主要包括:连接到同一个代理服务端节点的至少一个客户端,位于公网中的代理服务端节点(可以称为代理server),位于私网环境V中的代理客户端节点(可以称为代理agent),位于该私网环境V中的、连接到该代理客户端节点的至少一个服务端。如图2所示,在代理服务端节点与代理客户端节点之间建立有n条公网连接,n为大于1的正整数,不同的公网连接对应不同的业务类型。In order to facilitate the understanding of this specification, the system architecture applied in this specification is firstly described. As shown in Figure 2, the system architecture mainly includes: at least one client connected to the same proxy server node, a proxy server node (which can be called a proxy server) located in the public network, located in a private network environment V A proxy client node (may be referred to as a proxy agent), located in the private network environment V, connected to at least one server of the proxy client node. As shown in FIG. 2, there are n public network connections established between the proxy server node and the proxy client node, where n is a positive integer greater than 1, and different public network connections correspond to different service types.

应该理解,图2中的客户端的数目m、服务端的数目s以及公网连接的数目n仅仅是示意性的。根据实现需要,可以选择和布设任意数目。It should be understood that the number m of clients, the number s of servers, and the number n of public network connections in FIG. 2 are only illustrative. Any number can be selected and arranged according to implementation requirements.

在本说明书实施例中,涉及到代理服务端节点(可以称为代理server)、代理客户端节点(可以称为代理agent)、客户端以及服务端的处理。下面分别通过不同的实施例分别对其进行说明。In the embodiment of this specification, it involves processing of a proxy server node (may be called a proxy server), a proxy client node (may be called a proxy agent), a client, and a server. It will be described respectively through different embodiments below.

图3是本说明书一个实施例中应用于代理服务端节点的访问私网中的服务端的方法的流程图。可以理解,该方法也可以通过任何具有计算、处理能力的装置、设备、平台、设备集群来执行。参见图2、图3,该方法包括:Fig. 3 is a flow chart of a method for accessing a server in a private network applied to a proxy server node in one embodiment of the present specification. It can be understood that the method can also be executed by any device, device, platform, or device cluster that has computing and processing capabilities. Referring to Fig. 2, Fig. 3, this method comprises:

步骤301:代理服务端节点通过第一连接来接收客户端发来的针对本次访问的跨网连接请求;该跨网连接请求用于外网中的该客户端访问私网中的服务端,并携带有该服务端的私网地址。Step 301: The proxy server node receives the cross-network connection request for this visit sent by the client through the first connection; the cross-network connection request is used for the client in the external network to access the server in the private network, And carry the private network address of the server.

步骤303:代理服务端节点确定本次访问的业务类型。Step 303: The proxy server node determines the service type of this visit.

步骤305:代理服务端节点从代理服务端节点与代理客户端节点之间的至少两条公网连接中选择本次访问的业务类型对应的公网连接;其中,不同的业务类型对应不同的公网连接。Step 305: The proxy server node selects the public network connection corresponding to the business type of this visit from at least two public network connections between the proxy server node and the proxy client node; wherein, different business types correspond to different public network connections. network connection.

步骤307:代理服务端节点通过选择出的公网连接将跨网连接请求发送至代理客户端节点。Step 307: The proxy server node sends the cross-network connection request to the proxy client node through the selected public network connection.

步骤309:代理服务端节点接收到代理客户端节点返回的连接成功消息后,向所述客户端返回连接成功消息。Step 309: After receiving the connection success message returned by the proxy client node, the proxy server node returns a connection success message to the client.

步骤311:代理服务端节点利用第一连接以及选择出的公网连接,传输所述客户端与所述服务端之间的本次访问的信息。Step 311: The proxy server node uses the first connection and the selected public network connection to transmit the current visit information between the client and the server.

从上述图3所示过程可以看出,在本说明书实施例中,在同一个代理服务端节点与同一个代理客户端节点之间会建立至少两条公网连接,不同业务类型对应不同的公网连接。这样,则避免了现有技术中m个客户端对私网环境V中的m个服务端的m个访问的数据都经过同一条公网连接传输所导致的各种弊端。在本说明书实施例中,不同业务类型的访问的流量会通过不同的公网连接传输,因此不会相互干扰。As can be seen from the process shown in Figure 3 above, in the embodiment of this specification, at least two public network connections will be established between the same proxy server node and the same proxy client node, and different business types correspond to different public network connections. network connection. In this way, various disadvantages in the prior art caused by the data that m clients access to m servers in the private network environment V are all transmitted through the same public network connection are avoided. In the embodiment of this specification, the access traffic of different service types will be transmitted through different public network connections, so they will not interfere with each other.

图4是本说明书一个实施例中应用于代理客户端节点的访问私网中的服务端的方法的流程图。可以理解,该方法也可以通过任何具有计算、处理能力的装置、设备、平台、设备集群来执行。参见图2、图3、图4,私网中的代理客户端节点与该私网外的代理服务端节点之间建立有至少两条公网连接,其中,不同的业务类型对应不同的公网连接;该方法包括:Fig. 4 is a flow chart of a method for accessing a server in a private network applied to a proxy client node in one embodiment of the present specification. It can be understood that the method can also be executed by any device, device, platform, or device cluster that has computing and processing capabilities. Referring to Figure 2, Figure 3, and Figure 4, at least two public network connections are established between the proxy client node in the private network and the proxy server node outside the private network, where different business types correspond to different public network connect; the method includes:

步骤401:代理客户端节点从至少两条公网连接中的一条公网连接上接收到针对本次访问的跨网连接请求;该跨网连接请求中携带有私网中的服务端的私网地址。Step 401: The proxy client node receives a cross-network connection request for this visit from one of the at least two public network connections; the cross-network connection request carries the private network address of the server in the private network .

步骤403:代理客户端节点根据跨网连接请求中携带的私网地址,与对应的服务端建立第二连接。Step 403: The proxy client node establishes a second connection with the corresponding server according to the private network address carried in the cross-network connection request.

步骤405:在第二连接建立成功后,代理客户端节点通过接收到跨网连接请求的公网连接,向所述代理服务端节点返回连接成功消息。Step 405: After the second connection is successfully established, the proxy client node returns a connection success message to the proxy server node through the public network connection that receives the cross-network connection request.

步骤407:代理客户端节点利用第二连接以及接收到跨网连接请求的公网连接,传输客户端与服务端之间的本次访问的信息。Step 407: The proxy client node transmits the current access information between the client and the server by using the second connection and the public network connection that received the cross-network connection request.

图5是本说明书一个实施例中应用于客户端的访问私网中的服务端的方法的流程图。可以理解,该方法也可以通过任何具有计算、处理能力的装置、设备、平台、设备集群来执行。参见图2、图3、图4及图5,该方法包括:Fig. 5 is a flowchart of a method for accessing a server in a private network applied to a client in an embodiment of the present specification. It can be understood that the method can also be executed by any device, device, platform, or device cluster that has computing and processing capabilities. Referring to Fig. 2, Fig. 3, Fig. 4 and Fig. 5, the method includes:

步骤501:客户端与代理服务端节点建立第一连接。Step 501: The client establishes a first connection with the proxy server node.

步骤503:客户端通过第一连接将针对本次访问的跨网连接请求发送给所述代理服务端节点;其中,该跨网连接请求用于外网中的该客户端访问私网中的服务端,并且该跨网连接请求中携带有该服务端的私网地址。Step 503: The client sends a cross-network connection request for this visit to the proxy server node through the first connection; wherein, the cross-network connection request is used for the client in the external network to access services in the private network end, and the cross-network connection request carries the private network address of the server end.

下面结合具体的实施例以及图2、图6,来对上述图3至图5所示过程中的每一个步骤分别进行说明。由客户端、代理服务端节点、代理客户端节点及服务端配合实现的访问私网中的服务端的过程包括:In the following, each step in the process shown in the above-mentioned Fig. 3 to Fig. 5 will be described respectively with reference to specific embodiments and Fig. 2 and Fig. 6 . The process of accessing the server in the private network realized by the cooperation of the client, the proxy server node, the proxy client node and the server includes:

首先执行步骤501:客户端与代理服务端节点建立第一连接。First,step 501 is executed: the client establishes a first connection with the proxy server node.

参见图2、图6,本说明书实施例中,服务端位于私网环境V中,客户端可以是位于另一个私网环境中,也可以是位于公网中。Referring to Fig. 2 and Fig. 6, in the embodiment of this specification, the server is located in a private network environment V, and the client may be located in another private network environment or in a public network.

当一个客户端(为便于描述,记为客户端1)需要使用服务端(为便于描述,记为服务端1)提供的服务时,会发起对服务端1的访问,请求与代理服务端节点建立第一连接。比如,服务端1为位于私网环境中的数据库,客户端1需要访问该数据库以便获取数据库中存储的相应数据时,则可以发起建立第一连接,比如图6中所示的业务类型A的访问1对应的连接。When a client (referred to as client 1 for ease of description) needs to use the services provided by the server (referred to as server 1 for ease of description), it will initiate an access to server 1, requesting and proxying the server node Establish the first connection. For example, the server 1 is a database located in a private network environment. When the client 1 needs to access the database in order to obtain the corresponding data stored in the database, it can initiate the establishment of the first connection, such as the service type A shown in FIG. 6 Access the connection corresponding to 1.

这里,第一连接可以是由客户端1向代理服务端节点发起建立的、基于socks5协议的连接。Here, the first connection may be a connection based on the socks5 protocol initiated by the client 1 to the proxy server node.

如图6中所示,代理服务端节点具体可以包括两个接口:一个称之为代理服务端,另一个称之为跨网服务端。代理客户端节点具体也可以包括两个接口:一个称之为代理客户端,另一个也称之为跨网服务端。其中,代理服务端用于与客户端进行连接、交互信息,代理服务端节点中的跨网服务端用于与代理客户端节点中的跨网服务端进行连接、交互信息;代理客户端用于与服务端进行连接、交互信息。因此,在本步骤501中,客户端可以是与代理服务端建立第一连接。As shown in FIG. 6 , the proxy server node may specifically include two interfaces: one is called the proxy server, and the other is called the cross-network server. Specifically, the proxy client node may also include two interfaces: one is called the proxy client, and the other is also called the cross-network server. Among them, the proxy server is used to connect and exchange information with the client, and the cross-network server in the proxy server node is used to connect and exchange information with the cross-network server in the proxy client node; the proxy client is used to Connect and exchange information with the server. Therefore, in thisstep 501, the client may establish a first connection with the proxy server.

接下来执行步骤503:客户端通过第一连接将针对本次访问的跨网连接请求发送给代理服务端节点;其中,该跨网连接请求用于外网中的该客户端访问私网中的服务端,并且该跨网连接请求中携带有该服务端的私网地址。Next,step 503 is executed: the client sends a cross-network connection request for this visit to the proxy server node through the first connection; wherein, the cross-network connection request is used for the client in the external network to access the private network server, and the cross-network connection request carries the private network address of the server.

客户端发送的跨网连接请求中还可以进一步携带本次访问的业务类型信息,和/或进一步携带服务端所在的私网的标识。因此可以得到,在本说明书一个实施例中,客户端1可以通过socks5协议在跨网连接请求的目的地址中同时携带:本次访问的业务类型信息、服务端1所在的私网的标识以及服务端1的私网地址。The cross-network connection request sent by the client may further carry the service type information of this visit, and/or further carry the identifier of the private network where the server is located. Therefore, it can be obtained that, in one embodiment of this specification, the client 1 can simultaneously carry in the destination address of the cross-network connection request through the socks5 protocol: the business type information of this visit, the identification of the private network where the server 1 is located, and the service The private network address of peer 1.

接下来执行步骤301:代理服务端节点通过第一连接来接收客户端发来的针对本次访问的跨网连接请求;该跨网连接请求用于外网中的该客户端访问私网中的服务端,并携带有该服务端的私网地址。Next,step 301 is executed: the proxy server node receives the cross-network connection request sent by the client for this visit through the first connection; the cross-network connection request is used for the client in the external network to access the private network server, and carries the private network address of the server.

如图6中所示,在步骤503中,客户端可以是将跨网连接请求发送给代理服务端。那么,在本步骤301中,是由代理服务端节点中的代理服务端接收跨网连接请求。As shown in FIG. 6, instep 503, the client may send a cross-network connection request to the proxy server. Then, in thisstep 301, the proxy server in the proxy server node receives the cross-network connection request.

接下来执行步骤303:代理服务端节点确定本次访问的业务类型。Next,step 303 is executed: the proxy server node determines the service type of this visit.

如前所述,客户端发送的跨网连接请求中可以进一步携带有本次访问的业务类型信息,因此,本步骤303的一种实现过程包括:代理服务端节点通过解析跨网连接请求确定本次访问的业务类型。As mentioned above, the cross-network connection request sent by the client may further carry the service type information of this visit. Therefore, an implementation process of thisstep 303 includes: the proxy server node determines the current service type by analyzing the cross-network connection request. The business type of the visit.

在本说明书另一个实施例中,本步骤303的另一种实现过程包括:代理服务端节点根据接收到的管理人员的指令确定本次访问的业务类型。In another embodiment of the present specification, another implementation process ofstep 303 includes: the proxy server node determines the business type of this visit according to the received manager's instruction.

在本说明书实施例中,一个访问的业务类型是指该访问需要的服务的类型,比如,业务类型为浏览某个网站的网页,再如,业务类型为从数据库下载某个文件,又如业务类型为由私网中的服务端对客户端进行的某种能力测试。In the embodiment of this specification, the business type of a visit refers to the type of service required by the visit. For example, the business type is browsing a web page of a certain website. Another example is that the business type is downloading a file from a database. The type is a certain capability test performed by the server in the private network on the client.

接下来执行步骤305:代理服务端节点从代理服务端节点与代理客户端节点之间的至少两条公网连接中选择本次访问的业务类型对应的公网连接;其中,不同的业务类型对应不同的公网连接。Next,step 305 is performed: the proxy server node selects the public network connection corresponding to the business type of this visit from at least two public network connections between the proxy server node and the proxy client node; wherein, different business types correspond to Different public network connections.

不同的业务类型对于网络带宽的需求以及对于响应速度的要求都是不同的。在本说明书实施例中,不是所有业务类型的访问都共用代理服务端节点与代理客户端节点之间的一条公网连接,而是,不同的业务类型对应不同的公网连接,也就是说不同业务类型的访问的信息(该信息包括信令及数据)会经过不同的公网连接传输,因此,避免了相互干扰。比如,参见图6,当多个客户端比如m个客户端,其中m为大于1的正整数,同时访问私网环境V中的m个服务端时,该m个访问的流量不是从代理服务端节点与代理客户端节点之间的一条公网连接传输,而是根据业务类型分流。也就是说,参见图6,针对对应业务类型A(比如为基于HTTP协议的文件下载请求)的访问1以及针对对应业务类型B(比如为发送心跳消息)的访问2,根据本步骤305的处理,针对访问1的跨网连接请求,会选择出对应于业务类型A的公网连接,针对访问2的跨网连接请求,会选择出对应于业务类型B的公网连接,后续,访问1对应的信息(包括信令及数据)都会从对应于业务类型A的公网连接中传输,访问2对应的信息(包括信令及数据)都会从对应于业务类型B的公网连接中传输。Different service types have different requirements for network bandwidth and response speed. In the embodiment of this specification, not all business types share a public network connection between the proxy server node and the proxy client node, but different business types correspond to different public network connections, that is to say, different The access information of the service type (the information includes signaling and data) will be transmitted through different public network connections, thus avoiding mutual interference. For example, referring to Figure 6, when multiple clients such as m clients, where m is a positive integer greater than 1, access m servers in the private network environment V at the same time, the traffic accessed by these m is not from the proxy service A public network connection between the end node and the proxy client node is transmitted, but it is divided according to the type of business. That is to say, referring to FIG. 6 , for access 1 corresponding to service type A (such as a file download request based on HTTP protocol) and for visit 2 corresponding to service type B (such as sending a heartbeat message), according to the processing ofstep 305 , for the cross-network connection request of access 1, the public network connection corresponding to service type A will be selected, and for the cross-network connection request of visit 2, the public network connection corresponding to service type B will be selected, and then access 1 will correspond to The information (including signaling and data) of access 2 will be transmitted from the public network connection corresponding to service type A, and the information (including signaling and data) corresponding to access 2 will be transmitted from the public network connection corresponding to service type B.

如上所述,代理服务端节点与代理客户端节点之间建立有至少两条公网连接。下面说明建立该至少两条公网连接的方法。As mentioned above, at least two public network connections are established between the proxy server node and the proxy client node. The method for establishing the at least two public network connections is described below.

第一、建立该至少两条公网连接的时机。First, the timing for establishing the at least two public network connections.

时机1:在一个新的业务类型的访问发起之后再建立。比如,步骤303中,代理服务端节点确定出本次访问的业务类型之后,如果没有对应该业务类型的公网连接,再通知代理客户端节点建立。Timing 1: Establish after the access of a new service type is initiated. For example, instep 303, after the proxy server node determines the service type of this visit, if there is no public network connection corresponding to the service type, it then notifies the proxy client node to establish it.

时机2:在产生访问之前,预先建立。Timing 2: Pre-establish before generating access.

采用时机2,不会在客户端发起一个新的访问之后,存在用于建立上述公网连接的发送指令和新建公网连接两个方面的额外耗时,而此种额外耗时在跨地区、国家的多云数据传输场景中可达秒级,严重影响建立跨网连接的效率。采用时机2,当客户端发起一个访问时,代理服务端节点与代理客户端节点之间能够传输该访问的流量的公网连接早已存在,因此,能够缩短从客户端至服务端的跨网连接的建立时间,提高对私网中服务端的访问的效率。当采用时机2时,可以是在代理客户端节点启动后,就立刻发起建立与代理服务端节点之间的至少两条公网连接。When timing 2 is adopted, after the client initiates a new access, there will be no additional time-consuming in terms of sending instructions for establishing the above-mentioned public network connection and creating a new public network connection. In the country's multi-cloud data transmission scenario, it can reach the second level, which seriously affects the efficiency of establishing cross-network connections. Using opportunity 2, when the client initiates a visit, the public network connection between the proxy server node and the proxy client node that can transmit the traffic of the visit already exists, so the cross-network connection from the client to the server can be shortened Set up time to improve the efficiency of access to the server in the private network. When the opportunity 2 is adopted, it may immediately initiate the establishment of at least two public network connections with the proxy server node after the proxy client node is started.

第二、建立该至少两条公网连接的方式:动态建立。Second, a manner of establishing the at least two public network connections: dynamically establishing.

在实际的业务实现中,业务的需求是动态变化的。比如,在某一个时间段内,各个客户端需要对私网中的各个服务端提供的业务类型A、业务类型B的服务进行访问;而在另一个时间段内,该各个客户端需要对该私网中的各个服务端提供的业务类型C、业务类型D的服务进行访问。因此,在本说明书一个实施例中,当采用上述时机2,即在访问发生之前建立代理服务端节点与该代理客户端节点之间的至少两条公网连接时,是动态建立对应每一种业务类型的公网连接,具体实现过程包括:In actual business implementation, business requirements change dynamically. For example, in a certain period of time, each client needs to access the services of service type A and service type B provided by each server in the private network; The services of business type C and business type D provided by each server in the private network can be accessed. Therefore, in one embodiment of this specification, when the above-mentioned opportunity 2 is used, that is, when at least two public network connections between the proxy server node and the proxy client node are established before the access occurs, it is dynamically established corresponding to each The public network connection of the business type, the specific implementation process includes:

步骤S1:在代理客户端节点启动后,代理服务端节点与该代理客户端节点建立初始通道连接。Step S1: After the proxy client node is started, the proxy server node establishes an initial channel connection with the proxy client node.

初始通道连接也是一条公网连接,比如TCP连接。The initial channel connection is also a public network connection, such as a TCP connection.

步骤S3:代理服务端节点通过初始通道连接向代理客户端节点动态更新当前需要的各个业务类型的信息。Step S3: The proxy server node dynamically updates the currently required information of each service type to the proxy client node through the initial channel connection.

步骤S5:代理服务端节点与代理客户端节点根据动态更新的业务类型的信息,动态地为当前需要的每一种业务类型均设置一条对应的公网连接。Step S5: The proxy server node and the proxy client node dynamically set a corresponding public network connection for each service type currently required according to the dynamically updated service type information.

在本说明书一个实施例中,步骤S3中,代理服务端节点通过初始通道连接周期地向代理客户端节点发送本周期内需要使用的所有业务类型的信息,步骤S5中,代理客户端节点根据收到的该信息,在本周期内为每个业务类型向代理服务端节点建立对应的跨网通道即一条公网连接。可以理解,在不同的周期内,需要访问的业务类型可能不同,因此,在不同的周期内,设置的公网连接的数量以及公网连接对应的业务类型也会动态变化。In one embodiment of this specification, in step S3, the proxy server node periodically sends the information of all service types that need to be used in this period to the proxy client node through the initial channel connection, and in step S5, the proxy client node According to the received information, a corresponding cross-network channel, that is, a public network connection, is established to the proxy server node for each business type within this period. It can be understood that in different periods, the types of services that need to be accessed may be different. Therefore, in different periods, the number of set public network connections and the service types corresponding to the public network connections will also change dynamically.

第三、代理服务端节点与代理客户端节点之间至少两条公网连接的使用方法:可复用。Third, the method of using at least two public network connections between the proxy server node and the proxy client node: reusable.

在本说明书一个实施例中,同一种业务类型的至少两个访问复用该至少两条公网连接中的同一条公网连接;其中,该至少两个访问为:由连接到同一个代理服务端节点的至少一个客户端发起的、向私网中连接到同一个代理客户端节点的至少一个服务端的访问。比如,参见图6,若干客户端中,客户端1发起了对应于业务类型A的访问1,客户端2发起了对应于业务类型B的访问2,客户端3发起了对应于业务类型A的访问3,客户端1、客户端2以及客户端3均连接到同一个代理服务端节点,这样,因为访问1与访问3对应的业务类型相同均为业务类型A,因此,访问1及访问3的信息(包括信令及数据)都通过同一个公网连接(即对应于业务类型A的公网连接)进行传输。访问2对应的业务类型与访问1及访问3对应的业务类型不同,因此,访问2的信息通过另一个公网连接(即对应于业务类型B的公网连接)进行传输。In one embodiment of this specification, at least two accesses of the same type of business multiplex the same public network connection among the at least two public network connections; wherein, the at least two accesses are: connected to the same proxy service At least one client of the end node initiates access to at least one server connected to the same proxy client node in the private network. For example, referring to Figure 6, among several clients, client 1 initiates access 1 corresponding to service type A, client 2 initiates access 2 corresponding to service type B, and client 3 initiates access 2 corresponding to service type A Access 3, client 1, client 2, and client 3 are all connected to the same proxy server node, so, because the business types corresponding to access 1 and access 3 are the same as business type A, therefore, access 1 and access 3 All information (including signaling and data) is transmitted through the same public network connection (that is, the public network connection corresponding to service type A). The service type corresponding to visit 2 is different from the service types corresponding to visit 1 and visit 3. Therefore, the information of visit 2 is transmitted through another public network connection (that is, the public network connection corresponding to service type B).

因此,在本说明书实施例中,代理客户端节点与代理服务端节点之间的至少两条公网连接可以是在访问发生之前预先动态建立的,并且,不同的业务类型的信息使用不同的公网连接进行传输,同一个业务类型的信息可以使用同一个公网连接进行传输。Therefore, in the embodiment of this specification, at least two public network connections between the proxy client node and the proxy server node may be dynamically established in advance before the access occurs, and information of different business types uses different public network connections. The information of the same service type can be transmitted using the same public network connection.

需要说明的是,当同一个业务类型的各个访问复用同一个公网连接进行传输时,为了能进一步区分同一个公网连接中传输的不同访问的信息,在步骤301中代理服务端节点接收到跨网连接请求之后,并在步骤307中代理服务端节点通过所选择的公网连接将跨网连接请求发送至代理客户端节点之前,进一步包括:代理服务端节点为本次访问分配跨网连接ID;It should be noted that when multiple accesses of the same service type use the same public network connection for transmission, in order to further distinguish the information of different visits transmitted in the same public network connection, instep 301 the proxy server node receives After the cross-network connection request, and before the proxy server node sends the cross-network connection request to the proxy client node through the selected public network connection instep 307, it further includes: the proxy server node allocates a cross-network connection for this visit. connection-id;

相应地,本说明书实施例的方法中进一步包括:Correspondingly, the method in the embodiment of this specification further includes:

代理服务端节点绑定该跨网连接ID与第一连接;The proxy server node binds the cross-network connection ID with the first connection;

在一个传输方向上,代理服务端节点在向代理客户端节点发送的本次访问的所有信息(记为第一信息)中比如包括跨网连接请求中均添加跨网连接ID,以便代理客户端节点能够根据跨网连接ID区分各个访问;In one transmission direction, the proxy server node adds a cross-network connection ID to all the information (denoted as the first information) of this visit sent to the proxy client node, such as including the cross-network connection request, so that the proxy client The node can distinguish each access according to the cross-network connection ID;

在另一个传输方向上,代理服务端节点从代理客户端节点发来的信息(记为第二信息)中解析出跨网连接ID,删除第二信息中携带的跨网连接ID,然后将第二信息通过与解析出的跨网连接ID绑定的第一连接发送给正确的客户端。In another transmission direction, the proxy server node parses the cross-network connection ID from the information sent by the proxy client node (denoted as the second message), deletes the cross-network connection ID carried in the second message, and then sends the first The second message is sent to the correct client through the first connection bound to the parsed cross-network connection ID.

接下来执行步骤307:代理服务端节点通过选择出的公网连接将跨网连接请求发送至代理客户端节点。Next,step 307 is executed: the proxy server node sends the cross-network connection request to the proxy client node through the selected public network connection.

比如,对于客户端1发来的跨网连接请求,代理服务端节点通过对应于业务类型A的公网连接,将该跨网连接请求发送至代理客户端节点。For example, for the cross-network connection request sent by client 1, the proxy server node sends the cross-network connection request to the proxy client node through the public network connection corresponding to service type A.

如果同一业务类型的各个访问复用同一个公网连接,那么,为了区分通过同一公网传输的同一业务类型的各个访问,在本步骤307中,代理服务端节点会首先在跨网连接请求中添加为本次访问分配的跨网连接ID,然后再发送至代理客户端节点。If each access of the same service type multiplexes the same public network connection, then, in order to distinguish the various accesses of the same service type transmitted through the same public network, in thisstep 307, the proxy server node will first in the cross-network connection request Add the cross-network connection ID allocated for this visit, and then send it to the proxy client node.

参见图6,本步骤307中,可以是代理服务端节点中的跨网服务端将该跨网连接请求发送至代理客户端节点中的跨网服务端。Referring to FIG. 6 , instep 307 , the cross-network server in the proxy server node may send the cross-network connection request to the cross-network server in the proxy client node.

接下来执行步骤401:代理客户端节点从至少两条公网连接中的一条公网连接上接收到针对本次访问的跨网连接请求;该跨网连接请求中携带有私网中的服务端的私网地址。Next,step 401 is executed: the proxy client node receives a cross-network connection request for this visit from one of the at least two public network connections; the cross-network connection request carries the private network server private address.

如前所述,跨网连接请求还可以进一步携带本次访问对应的跨网连接ID。As mentioned above, the cross-network connection request may further carry the cross-network connection ID corresponding to this visit.

接下来执行步骤403:代理客户端节点根据跨网连接请求中携带的服务端的私网地址,与服务端建立第二连接。Next,step 403 is executed: the proxy client node establishes a second connection with the server according to the private network address of the server carried in the cross-network connection request.

这里,服务端的私网地址通常是服务端在所处的私网环境中的内网IP地址。Here, the private network address of the server is usually the intranet IP address of the server in the private network environment.

如前所述,跨网连接请求还可以进一步携带本次访问对应的跨网连接ID,因此,本步骤403中,代理客户端节点可以进一步将跨网连接请求中携带的跨网连接ID与第二连接绑定,以便表征第二连接对应的是哪一个访问。As mentioned above, the cross-network connection request can further carry the cross-network connection ID corresponding to this visit. Therefore, instep 403, the proxy client node can further combine the cross-network connection ID carried in the cross-network connection request with the first The second connection is bound to indicate which access the second connection corresponds to.

参见图6,本步骤403中,可以是代理客户端节点中的代理客户端与私网中的服务端建立第二连接。Referring to FIG. 6 , instep 403, the proxy client in the proxy client node may establish a second connection with the server in the private network.

接下来执行步骤405:在第二连接建立成功后,代理客户端节点通过接收到跨网连接请求的公网连接,向代理服务端节点返回连接成功消息。Next,step 405 is executed: after the second connection is successfully established, the proxy client node returns a connection success message to the proxy server node through the public network connection that receives the cross-network connection request.

比如,对于客户端1发来的跨网连接请求,代理客户端节点通过对应于业务类型A的公网连接,将连接成功消息发送至代理服务端节点。For example, for the cross-network connection request sent by client 1, the proxy client node sends a connection success message to the proxy server node through the public network connection corresponding to service type A.

接下来执行步骤309:代理服务端节点接收到代理客户端节点返回的连接成功消息后,向本次访问的客户端返回连接成功消息。Next,step 309 is executed: after receiving the connection success message returned by the proxy client node, the proxy server node returns a connection success message to the client of this visit.

至此,从客户端至服务端的跨网连接建立成功。客户端与服务端之间可以传输本次访问的相关数据。So far, the cross-network connection from the client to the server has been established successfully. Data related to this visit can be transmitted between the client and the server.

接下来执行步骤311:代理服务端节点利用第一连接以及选择出的公网连接,传输客户端与服务端之间的本次访问的信息。Next,step 311 is executed: the proxy server node uses the first connection and the selected public network connection to transmit the current visit information between the client and the server.

在本说明书实施例中,信息既包括各种信令、消息,也包括数据。In this embodiment of the specification, information includes various signaling, messages, and data.

因为不同业务类型对应不同的公网连接,因此,为了进一步提高处理效率,在本说明书一个实施例中,针对代理客户端节点与代理服务端节点之间的至少两条公网连接中的每一条公网连接,在代理服务端节点中均设置该公网连接专用的发送队列及工作线程;Because different business types correspond to different public network connections, in order to further improve processing efficiency, in one embodiment of this specification, for each of the at least two public network connections between the proxy client node and the proxy server node For public network connection, a sending queue and worker thread dedicated to the public network connection are set in the proxy server node;

这样,参见图6,本步骤311的实现过程包括:In this way, referring to FIG. 6, the implementation process of thisstep 311 includes:

代理服务端节点通过第一连接接收客户端1发来的本次访问1的信息;The proxy server node receives the information of this visit 1 sent by the client 1 through the first connection;

代理服务端节点利用选择出的公网连接专用的工作线程比如业务类型A的公网连接专用的工作线程1,将接收到的信息放入该业务类型A对应的公网连接专用的发送队列记为发送队列1中;The proxy server node uses the selected working thread dedicated to the public network connection, such as the dedicated working thread 1 of the public network connection of service type A, to put the received information into the dedicated sending queue record of the public network connection corresponding to the service type A. For sending queue 1;

代理服务端节点利用工作线程1,从发送队列1中依次取出信息,并通过对应业务类型A的公网连接将取出的信息发送至代理客户端节点。The proxy server node uses the worker thread 1 to sequentially fetch information from the sending queue 1, and sends the fetched information to the proxy client node through the public network connection corresponding to service type A.

可见,每一条公网连接拥有独立的发送队列和工作线程,大流量业务类型的数据仅会在对应自身业务类型的公网连接专用的发送队列中缓存,这样比如可以为该大流量业务类型分配更多处理资源,之后等待自身业务类型的公网连接专用的工作线程发送,从而有效地隔离不同业务类型的跨网连接的流量,减少不同流量特点的跨网连接之间的干扰。如图7中所示,若访问1和访问3都是文件下载连接,且业务类型均为文件下载,则传输的文件数据仅会缓存在业务类型A对应的发送队列1里,并等待工作线程1来发送,而业务类型B的访问2的数据会缓存在业务类型B对应的发送队列2里,并等待工作线程2来发送,可见访问2的数据传输不受访问1和访问3的数据传输的影响。It can be seen that each public network connection has an independent sending queue and worker thread, and the data of the high-traffic business type will only be cached in the dedicated sending queue for the public network connection corresponding to its own business type. More processing resources, and then wait for the dedicated worker thread of the public network connection of its own business type to send, thereby effectively isolating the traffic of cross-network connections of different business types and reducing the interference between cross-network connections with different traffic characteristics. As shown in Figure 7, if access 1 and access 3 are both file download connections, and the service types are both file downloads, the transmitted file data will only be cached in the sending queue 1 corresponding to service type A and wait for the worker thread 1 to send, and the data of access 2 of service type B will be cached in the sending queue 2 corresponding to service type B, and wait for worker thread 2 to send. It can be seen that the data transmission of access 2 is not affected by the data transmission of access 1 and access 3 Impact.

接下来执行步骤407:代理客户端节点利用第二连接以及接收到跨网连接请求的公网连接,传输所述客户端与所述服务端之间的本次访问的信息。Next,step 407 is executed: the proxy client node transmits the current access information between the client and the server by using the second connection and the public network connection that received the cross-network connection request.

如前所述,代理客户端节点会绑定跨网连接ID与第二连接,因此,本步骤407的过程可以包括:在一个传输方向上,代理客户端节点在向代理服务端节点发送的本次访问的所有第二信息中均添加跨网连接ID;在另一个传输方向上,代理客户端节点从代理服务端节点发来的第一信息中解析出跨网连接ID,删除第一信息中的跨网连接ID,然后将第一信息通过与解析出的跨网连接ID绑定的第二连接发送给服务端;其中,所述信息包括信令及数据。As mentioned above, the proxy client node will bind the cross-network connection ID with the second connection, therefore, the process ofstep 407 may include: in one transmission direction, the proxy client node sends the proxy server node The cross-network connection ID is added to all the second information of the first visit; in the other transmission direction, the proxy client node parses the cross-network connection ID from the first message sent by the proxy server node, and deletes the cross-network connection ID in the first message. ID of the cross-network connection, and then send the first information to the server through the second connection bound to the parsed cross-network connection ID; wherein, the information includes signaling and data.

因为不同业务类型对应不同的公网连接,因此,为了进一步提高处理效率,在本说明书一个实施例中,针对代理客户端节点与代理服务端节点之间的至少两条公网连接中的每一条公网连接,在代理客户端节点中均设置该公网连接专用的发送队列及专用的工作线程;Because different business types correspond to different public network connections, in order to further improve processing efficiency, in one embodiment of this specification, for each of the at least two public network connections between the proxy client node and the proxy server node For public network connection, a dedicated sending queue and a dedicated worker thread for the public network connection are set in the proxy client node;

这样,参见图6,本步骤407的实现过程包括:In this way, referring to FIG. 6, the implementation process of thisstep 407 includes:

代理客户端节点通过第二连接接收服务端比如服务端1发来的信息;The proxy client node receives the information sent by the server such as server 1 through the second connection;

代理客户端节点利用接收到跨网连接请求的公网连接比如对应业务类型A的公网连接的专用工作线程,将接收到的信息放入该公网连接专用的发送队列中;The proxy client node uses the public network connection that receives the cross-network connection request, such as a dedicated worker thread corresponding to the public network connection of service type A, to put the received information into the dedicated sending queue for the public network connection;

代理服务端节点利用该专用的工作线程,从该专用的发送队列中依次取出信息,并通过该公网连接将取出的信息发送至代理服务端节点。The proxy server node uses the dedicated working thread to sequentially fetch information from the dedicated sending queue, and sends the fetched information to the proxy server node through the public network connection.

在本说明书的一个实施例中,提供了一种访问私网中的服务端的装置,该装置应用于代理服务端节点中,参见图7,该装置包括:In one embodiment of this specification, a device for accessing a server in a private network is provided, and the device is applied to a proxy server node, as shown in FIG. 7 , the device includes:

代理服务端模块701,配置为与客户端建立第一连接;Theproxy server module 701 is configured to establish a first connection with the client;

跨网服务端模块702,配置为与代理客户端节点建立至少两条公网连接,其中,不同的业务类型对应不同的公网连接;Thecross-network server module 702 is configured to establish at least two public network connections with the proxy client node, wherein different service types correspond to different public network connections;

处理模块703,配置为通过代理服务端模块701建立的第一连接接收客户端发来的针对本次访问的跨网连接请求;该跨网连接请求用于外网中的该客户端访问私网中的服务端,该跨网连接请求携带有该服务端的私网地址;确定本次访问的业务类型;从跨网服务端模块702建立的至少两条公网连接中选择本次访问的业务类型对应的公网连接,通过选择出的公网连接将跨网连接请求发送至代理客户端节点;在接收到代理客户端节点返回的连接成功消息后,通过代理服务端模块701建立的第一连接向客户端发送连接成功消息;通过代理服务端模块701建立的第一连接以及跨网服务端模块702建立的公网连接传输客户端与服务端之间的本次访问的信息。Theprocessing module 703 is configured to receive a cross-network connection request for this visit from the client through the first connection established by theproxy server module 701; the cross-network connection request is used for the client in the external network to access the private network In the server, the cross-network connection request carries the private network address of the server; determine the business type of this visit; select the business type of this visit from at least two public network connections established by thecross-network server module 702 The corresponding public network connection sends the cross-network connection request to the proxy client node through the selected public network connection; after receiving the connection success message returned by the proxy client node, the first connection established by theproxy server module 701 Send a connection success message to the client; transmit the current visit information between the client and the server through the first connection established by theproxy server module 701 and the public network connection established by thecross-network server module 702.

在图7所示的本说明书装置的一个实施例中,第一连接是由所述客户端向所述代理服务端节点发起建立的、基于socks5协议的连接。In an embodiment of the device of this specification shown in FIG. 7 , the first connection is a connection based on the socks5 protocol initiated by the client to the proxy server node.

在图7所示的本说明书装置的一个实施例中,跨网连接请求中携带本次访问的业务类型信息;相应地,处理模块702被配置为执行:通过解析跨网连接请求确定本次访问的业务类型。In an embodiment of the device of this specification shown in Figure 7, the service type information of this visit is carried in the cross-network connection request; correspondingly, theprocessing module 702 is configured to perform: determine the current visit by parsing the cross-network connection request type of business.

在图7所示的本说明书装置的一个实施例中,在产生所述本次访问之前,跨网服务端模块702与代理客户端节点建立上述至少两条公网连接。In an embodiment of the device of this specification shown in FIG. 7 , before the current access is generated, thecross-network server module 702 establishes the above-mentioned at least two public network connections with the proxy client node.

在图7所示的本说明书装置的一个实施例中,跨网服务端模块702被配置为执行:In one embodiment of the device of this specification shown in FIG. 7 , thecross-network server module 702 is configured to execute:

在代理客户端节点启动后,与该代理客户端节点建立初始通道连接;After the proxy client node is started, an initial channel connection is established with the proxy client node;

通过初始通道连接向代理客户端节点动态更新当前需要的各个业务类型的信息;以及Dynamically update the current required information of each business type to the proxy client node through the initial channel connection; and

与代理客户端节点根据动态更新的业务类型的信息,动态地为当前需要的每一种业务类型均设置一条对应的公网连接。According to the dynamically updated service type information, the proxy client node dynamically sets a corresponding public network connection for each service type currently required.

在图7所示的本说明书装置的一个实施例中,处理模块703被配置为:In one embodiment of the device of this specification shown in FIG. 7, theprocessing module 703 is configured to:

针对同一种业务类型的至少两个访问复用跨网服务端模块702建立的至少两条公网连接中的同一条公网连接;其中,该至少两个访问为:由连接到同一个所述代理服务端节点的至少客户端发起的、向所述私网中连接到同一个所述代理客户端节点的至少一个服务端的访问。The same public network connection among the at least two public network connections established by the at least two access multiplexingcross-network server modules 702 of the same business type; wherein, the at least two accesses are: connected to the same public network connection Access initiated by at least a client of a proxy server node to at least one server connected to the same proxy client node in the private network.

在图7所示的本说明书装置的一个实施例中,处理模块703被配置为:In one embodiment of the device of this specification shown in FIG. 7, theprocessing module 703 is configured to:

在接收到跨网连接请求之后,并在通过所选择的公网连接将跨网连接请求发送至代理客户端节点之前,为本次访问分配跨网连接ID;After receiving the cross-network connection request and before sending the cross-network connection request to the proxy client node through the selected public network connection, assign a cross-network connection ID for this visit;

绑定该跨网连接ID与所述第一连接;Binding the cross-network connection ID to the first connection;

在向所述代理客户端节点发送的本次访问的所有第一信息中均添加所述跨网连接ID;Adding the cross-network connection ID to all the first information of this visit sent to the proxy client node;

根据所述代理客户端节点发来的所有第二信息中携带的所述跨网连接ID,将所有第二信息通过与该跨网连接ID绑定的第一连接发送给所述客户端;其中,所述信息包括信令及数据。According to the cross-network connection ID carried in all the second information sent by the proxy client node, send all the second information to the client through the first connection bound to the cross-network connection ID; wherein , the information includes signaling and data.

在图7所示的本说明书装置的一个实施例中,针对所述至少两条公网连接中的每一条公网连接,在处理模块703中均设置该公网连接专用的发送队列及专用的工作线程;In one embodiment of the device of this specification shown in FIG. 7, for each of the at least two public network connections, a dedicated sending queue and a dedicated queue for the public network connection are set in theprocessing module 703. worker thread;

处理模块703被配置为执行:Theprocessing module 703 is configured to perform:

通过第一连接接收客户端发来的信息;receiving information from the client through the first connection;

利用所选择出的公网连接专用的工作线程,将接收到的信息放入所选择出的公网连接专用的发送队列中;Using the selected working thread dedicated to the public network connection, the received information is put into the selected sending queue dedicated to the public network connection;

利用所选择出的公网连接专用的工作线程,从该公网连接专用的发送队列中依次取出信息,并通过所选择出的公网连接将取出的信息发送至代理客户端节点。Using the selected working thread dedicated to the public network connection, the information is sequentially fetched from the sending queue dedicated to the public network connection, and the fetched information is sent to the proxy client node through the selected public network connection.

本说明书一个实施例中,还提出了一种访问私网中的服务端的装置,应用于代理客户端节点中,参见图8,该装置包括:In an embodiment of this specification, a device for accessing a server in a private network is also proposed, which is applied to a proxy client node, see Figure 8, the device includes:

跨网服务端单元801,配置为与该私网外的代理服务端节点建立至少两条公网连接,其中,不同的业务类型对应不同的公网连接;Thecross-network server unit 801 is configured to establish at least two public network connections with proxy server nodes outside the private network, wherein different service types correspond to different public network connections;

控制单元802,配置为从所述至少两条公网连接中的一条公网连接上接收到针对本次访问的跨网连接请求,解析出该跨网连接请求中携带的私网中的服务端的私网地址;在第二连接建立成功后,通过接收到跨网连接请求的公网连接,向代理服务端节点返回连接成功消息;利用跨网服务端单元801建立的公网连接以及代理客户端单元803建立的第二连接,传输客户端与服务端之间的本次访问的信息;Thecontrol unit 802 is configured to receive a cross-network connection request for this visit from one of the at least two public network connections, and parse out the information of the server in the private network carried in the cross-network connection request. Private network address; after the second connection is established successfully, by receiving the public network connection of the cross-network connection request, return a connection success message to the agent server node; utilize the public network connection established by thecross-network server unit 801 and the proxy client The second connection established byunit 803 transmits the current access information between the client and the server;

代理客户端单元803,配置为根据跨网连接请求中携带的私网地址,与服务端建立第二连接。Theproxy client unit 803 is configured to establish a second connection with the server according to the private network address carried in the cross-network connection request.

在图8所示的本说明书装置的一个实施例中,跨网服务端单元801,被配置为在产生本次访问之前,发起建立与代理服务端节点之间的至少两条公网连接。In an embodiment of the device of this specification shown in FIG. 8 , thecross-network server unit 801 is configured to initiate the establishment of at least two public network connections with the proxy server node before this visit occurs.

在图8所示的本说明书装置的一个实施例中,跨网服务端单元801被配置为执行:In one embodiment of the device of this specification shown in FIG. 8, thecross-network server unit 801 is configured to execute:

在代理客户端节点启动后,发起建立与代理服务端节点之间的初始通道连接;After the proxy client node is started, initiate the establishment of an initial channel connection with the proxy server node;

通过初始通道连接接收代理服务端节点动态更新的当前需要的各个业务类型的信息;以及Receive the information of each service type currently required by the proxy server node dynamically updated through the initial channel connection; and

根据动态更新的业务类型的信息,与代理服务端节点动态地为当前需要的每一种业务类型均设置一条对应的公网连接。According to the dynamically updated service type information, a corresponding public network connection is dynamically set with the proxy server node for each currently required service type.

在图8所示的本说明书装置的一个实施例中,控制单元802被配置为执行:In one embodiment of the apparatus of the present description shown in FIG. 8, thecontrol unit 802 is configured to perform:

对同一种业务类型的至少两个访问复用至少两条公网连接中的同一条公网连接;其中,该至少两个访问为:由连接到同一个所述代理服务端节点的至少客户端发起的、向所述私网中连接到同一个所述代理客户端节点的至少一个服务端的访问。Multiplexing the same public network connection in at least two public network connections for at least two accesses of the same business type; wherein, the at least two accesses are: at least one client connected to the same proxy server node Initiated access to at least one server connected to the same proxy client node in the private network.

在图8所示的本说明书装置的一个实施例中,控制单元802接收到的跨网连接请求中携带有跨网连接ID;In an embodiment of the device of this specification shown in FIG. 8, the cross-network connection request received by thecontrol unit 802 carries a cross-network connection ID;

控制单元802进一步被配置为执行:Thecontrol unit 802 is further configured to perform:

在建立所述第二连接之后,绑定该跨网连接ID与第二连接;After establishing the second connection, bind the cross-network connection ID with the second connection;

在通过跨网服务端单元801建立的公网连接向代理服务端节点发送的本次访问的所有第二信息中均添加所述跨网连接ID;Add the cross-network connection ID to all the second information of this visit sent to the proxy server node through the public network connection established by thecross-network server unit 801;

根据代理服务端节点发来的所有第一信息中携带的跨网连接ID,将所有第一信息通过与该跨网连接ID绑定的第二连接发送给服务端;其中,该信息包括信令及数据。According to the cross-network connection ID carried in all the first information sent by the proxy server node, send all the first information to the server through the second connection bound to the cross-network connection ID; wherein, the information includes signaling and data.

在图8所示的本说明书装置的一个实施例中,控制单元802中,针对所述至少两条公网连接中的每一条公网连接,均设置有该公网连接专用的发送队列及专用的工作线程;In one embodiment of the device of this specification shown in FIG. 8 , in thecontrol unit 802, for each of the at least two public network connections, a dedicated sending queue and a dedicated queue for the public network connection are provided. the worker thread;

控制单元802被配置为执行:Thecontrol unit 802 is configured to perform:

通过第二连接接收服务端发来的信息;receiving information from the server through the second connection;

利用接收到跨网连接请求的公网连接专用的工作线程,将接收到的信息放入该公网连接专用的发送队列中;Put the received information into the sending queue dedicated to the public network connection by using the working thread dedicated to the public network connection that has received the cross-network connection request;

利用该专用的工作线程,从该专用的发送队列中依次取出信息,并通过该公网连接将取出的信息发送至所述代理服务端节点。Using the dedicated working thread, sequentially extract information from the dedicated sending queue, and send the extracted information to the proxy server node through the public network connection.

在本说明书一个实施例中,提出了访问私网中的服务端的装置,应用于客户端,参见图9,该装置包括:In one embodiment of this specification, a device for accessing a server in a private network is proposed, which is applied to a client, see Figure 9, the device includes:

连接建立模块901,配置为与代理服务端节点建立第一连接;Aconnection establishment module 901 configured to establish a first connection with the proxy server node;

信息处理模块902,配置为通过第一连接将针对本次访问的跨网连接请求发送给代理服务端节点;其中,该跨网连接请求用于外网中的该客户端访问私网中的服务端,并且该跨网连接请求中携带有该服务端的私网地址。Theinformation processing module 902 is configured to send the cross-network connection request for this visit to the proxy server node through the first connection; wherein, the cross-network connection request is used for the client in the external network to access the service in the private network end, and the cross-network connection request carries the private network address of the server end.

在图9所示的本说明书装置的一个实施例中,跨网连接请求中进一步携带有本次访问的业务类型信息和/或所述私网的标识。In an embodiment of the device of this specification shown in FIG. 9 , the cross-network connection request further carries the service type information of this visit and/or the identifier of the private network.

和/或,and / or,

在图9所示的本说明书装置的一个实施例中,第一连接是由连接建立模块901向代理服务端节点发起建立的、基于socks5协议的连接。In an embodiment of the device of this specification shown in FIG. 9 , the first connection is a connection based on the socks5 protocol initiated by theconnection establishment module 901 to the proxy server node.

本说明书一个实施例提供了一种计算机可读存储介质,其上存储有计算机程序,当所述计算机程序在计算机中执行时,令计算机执行说明书中任一个实施例中的方法。An embodiment of the present specification provides a computer-readable storage medium on which a computer program is stored, and when the computer program is executed in a computer, the computer is instructed to execute the method in any one of the embodiments in the specification.

本说明书一个实施例提供了一种计算设备,包括存储器和处理器,所述存储器中存储有可执行代码,所述处理器执行所述可执行代码时,实现执行说明书中任一个实施例中的方法。An embodiment of this specification provides a computing device, including a memory and a processor, wherein executable code is stored in the memory, and when the processor executes the executable code, the implementation of any one of the embodiments in the specification is implemented. method.

可以理解的是,本说明书实施例示意的结构并不构成对本说明书实施例的装置的具体限定。在说明书的另一些实施例中,上述装置可以包括比图示更多或者更少的部件,或者组合某些部件,或者拆分某些部件,或者不同的部件布置。图示的部件可以以硬件、软件或者软件和硬件的组合来实现。It can be understood that, the structure shown in the embodiment of the present specification does not constitute a specific limitation on the device of the embodiment of the present specification. In other embodiments of the specification, the above-mentioned apparatus may include more or less components than those shown in the illustrations, or combine certain components, or separate certain components, or arrange different components. The illustrated components may be realized in hardware, software, or a combination of software and hardware.

本说明书中的各个实施例均采用递进的方式描述,各个实施例之间相同相似的部分互相参见即可,每个实施例重点说明的都是与其他实施例的不同之处。尤其,对于装置实施例而言,由于其基本相似于方法实施例,所以描述的比较简单,相关之处参见方法实施例的部分说明即可。Each embodiment in this specification is described in a progressive manner, the same and similar parts of each embodiment can be referred to each other, and each embodiment focuses on the differences from other embodiments. In particular, as for the device embodiment, since it is basically similar to the method embodiment, the description is relatively simple, and for relevant parts, please refer to part of the description of the method embodiment.

本领域技术人员应该可以意识到,在上述一个或多个示例中,本发明所描述的功能可以用硬件、软件、挂件或它们的任意组合来实现。当使用软件实现时,可以将这些功能存储在计算机可读介质中或者作为计算机可读介质上的一个或多个指令或代码进行传输。Those skilled in the art should be aware that, in the above one or more examples, the functions described in the present invention may be implemented by hardware, software, pendants or any combination thereof. When implemented in software, the functions may be stored on or transmitted over as one or more instructions or code on a computer-readable medium.

以上所述的具体实施方式,对本发明的目的、技术方案和有益效果进行了进一步详细说明,所应理解的是,以上所述仅为本发明的具体实施方式而已,并不用于限定本发明的保护范围,凡在本发明的技术方案的基础之上,所做的任何修改、等同替换、改进等,均应包括在本发明的保护范围之内。The specific embodiments described above have further described the purpose, technical solutions and beneficial effects of the present invention in detail. It should be understood that the above descriptions are only specific embodiments of the present invention and are not intended to limit the scope of the present invention. Protection scope, any modification, equivalent replacement, improvement, etc. made on the basis of the technical solution of the present invention shall be included in the protection scope of the present invention.

Claims (19)

Translated fromChinese
1.访问私网中的服务端的方法,其中,包括:1. The method of accessing the server in the private network, including:代理服务端节点通过第一连接来接收客户端发来的针对本次访问的跨网连接请求;该跨网连接请求用于外网中的该客户端访问私网中的服务端,该跨网连接请求携带有该服务端的私网地址;The proxy server node receives the cross-network connection request sent by the client for this visit through the first connection; the cross-network connection request is used for the client in the external network to access the server in the private network, and the cross-network The connection request carries the private network address of the server;代理服务端节点确定本次访问的业务类型;The proxy server node determines the business type of this visit;代理服务端节点从代理服务端节点与代理客户端节点之间的至少两条公网连接中选择本次访问的业务类型对应的公网连接;其中,不同的业务类型对应不同的公网连接;The proxy server node selects the public network connection corresponding to the business type of this visit from at least two public network connections between the proxy server node and the proxy client node; where different business types correspond to different public network connections;代理服务端节点通过选择出的公网连接将跨网连接请求发送至代理客户端节点;The proxy server node sends the cross-network connection request to the proxy client node through the selected public network connection;代理服务端节点接收到代理客户端节点返回的连接成功消息后,向所述客户端返回连接成功消息;After the proxy server node receives the connection success message returned by the proxy client node, it returns a connection success message to the client;代理服务端节点利用第一连接以及选择出的公网连接,传输所述客户端与所述服务端之间的本次访问的信息。The proxy server node transmits the current visit information between the client and the server by using the first connection and the selected public network connection.2.根据权利要求1所述的方法,其中,2. The method of claim 1, wherein,所述第一连接是由所述客户端向所述代理服务端节点发起建立的、基于socks5协议的连接;The first connection is a connection based on the socks5 protocol initiated by the client to the proxy server node;和/或,and / or,所述跨网连接请求中携带本次访问的业务类型信息;相应地,所述代理服务端节点确定本次访问的业务类型包括:所述代理服务端节点通过解析跨网连接请求确定本次访问的业务类型。The cross-network connection request carries the business type information of this visit; correspondingly, the proxy server node determines the business type of this visit includes: the proxy server node determines the current visit by parsing the cross-network connection request type of business.3.根据权利要求1所述的方法,其中,在产生所述本次访问之前,进一步包括:3. The method according to claim 1, wherein, before generating said current visit, further comprising:所述代理服务端节点与所述代理客户端节点建立所述至少两条公网连接。The proxy server node establishes the at least two public network connections with the proxy client node.4.根据权利要求3所述的方法,其中,所述代理服务端节点与所述代理客户端节点建立所述至少两条公网连接,包括:4. The method according to claim 3, wherein said proxy server node establishes said at least two public network connections with said proxy client node, comprising:在代理客户端节点启动后,代理服务端节点与该代理客户端节点建立初始通道连接;After the proxy client node starts, the proxy server node establishes an initial channel connection with the proxy client node;代理服务端节点通过初始通道连接向代理客户端节点动态更新当前需要的各个业务类型的信息;以及The proxy server node dynamically updates the current required information of each service type to the proxy client node through the initial channel connection; and代理服务端节点与代理客户端节点根据动态更新的业务类型的信息,动态地为当前需要的每一种业务类型均设置一条对应的公网连接。The proxy server node and the proxy client node dynamically set a corresponding public network connection for each type of business currently required according to the dynamically updated information of the business type.5.根据权利要求1所述的方法,5. The method of claim 1,同一种业务类型的至少两个访问复用所述至少两条公网连接中的同一条公网连接;其中,该至少两个访问为:由连接到同一个所述代理服务端节点的至少一个客户端发起的、向所述私网中连接到同一个所述代理客户端节点的至少一个服务端的访问。At least two accesses of the same business type multiplex the same public network connection in the at least two public network connections; wherein, the at least two accesses are: connected to the same proxy server node at least one The access initiated by the client to at least one server connected to the same proxy client node in the private network.6.根据权利要求5所述的方法,其中,在代理服务端节点接收到跨网连接请求之后,并在所述代理服务端节点通过所选择的公网连接将跨网连接请求发送至代理客户端节点之前,进一步包括:代理服务端节点为所述本次访问分配跨网连接ID;6. The method according to claim 5, wherein, after the proxy server node receives the cross-network connection request, the proxy server node sends the cross-network connection request to the proxy client through the selected public network connection Before the end node, it further includes: the proxy service end node assigns a cross-network connection ID for the current visit;该方法进一步包括:The method further includes:所述代理服务端节点绑定该跨网连接ID与所述第一连接;The proxy server node binds the cross-network connection ID to the first connection;所述代理服务端节点在向所述代理客户端节点发送的本次访问的所有第一信息中均添加所述跨网连接ID;The proxy server node adds the cross-network connection ID to all the first information of this visit sent to the proxy client node;所述代理服务端节点从所述代理客户端节点发来的第二信息中解析出跨网连接ID,删除该第二信息中的跨网连接ID,然后将第二信息通过与解析出的跨网连接ID绑定的第一连接发送给所述客户端;其中,所述信息包括信令及数据。The proxy server node parses the cross-network connection ID from the second information sent by the proxy client node, deletes the cross-network connection ID in the second information, and then passes the second information through the parsed cross-network connection ID. The first connection bound with the network connection ID is sent to the client; wherein the information includes signaling and data.7.根据权利要求1所述的方法,其中,该方法进一步包括:针对所述至少两条公网连接中的每一条公网连接,在所述代理服务端节点中均设置该公网连接专用的发送队列及专用的工作线程;7. The method according to claim 1, wherein, the method further comprises: for each public network connection in the at least two public network connections, setting the public network connection dedicated Send queue and dedicated worker thread;所述代理服务端节点利用第一连接以及选择出的公网连接传输所述客户端与所述服务端之间的信息,包括:The proxy server node uses the first connection and the selected public network connection to transmit information between the client and the server, including:所述代理服务端节点通过所述第一连接接收客户端发来的信息;The proxy server node receives the information sent by the client through the first connection;所述代理服务端节点利用所述选择出的公网连接专用的工作线程,将接收到的信息放入所述选择出的公网连接专用的发送队列中;The proxy server node uses the selected working thread dedicated to the public network connection to put the received information into the selected sending queue dedicated to the public network connection;所述代理服务端节点利用所述选择出的公网连接专用的工作线程,从该公网连接专用的发送队列中依次取出信息,并通过所述选择出的公网连接将取出的信息发送至所述代理客户端节点。The proxy server node uses the selected working thread dedicated to the public network connection to sequentially fetch information from the sending queue dedicated to the public network connection, and sends the fetched information to the The proxy client node.8.访问私网中的服务端的方法,其中,私网中的代理客户端节点与该私网外的代理服务端节点之间建立有至少两条公网连接,其中,不同的业务类型对应不同的公网连接;该方法包括:8. The method for accessing the server in the private network, wherein at least two public network connections are established between the proxy client node in the private network and the proxy server node outside the private network, wherein different business types correspond to different public network connection; the method includes:所述代理客户端节点从所述至少两条公网连接中的一条公网连接上接收到针对本次访问的跨网连接请求;该跨网连接请求中携带有私网中的服务端的私网地址;The proxy client node receives a cross-network connection request for this visit from one of the at least two public network connections; the cross-network connection request carries the private network of the server in the private network address;所述代理客户端节点根据跨网连接请求中携带的私网地址,与所述服务端建立第二连接;The proxy client node establishes a second connection with the server according to the private network address carried in the cross-network connection request;在第二连接建立成功后,所述代理客户端节点通过接收到跨网连接请求的公网连接,向所述代理服务端节点返回连接成功消息;After the second connection is successfully established, the proxy client node returns a connection success message to the proxy server node through the public network connection that receives the cross-network connection request;所述代理客户端节点利用第二连接以及接收到跨网连接请求的公网连接,传输所述客户端与所述服务端之间的本次访问的信息。The proxy client node transmits the current visit information between the client and the server by using the second connection and the public network connection that received the cross-network connection request.9.根据权利要求8所述的方法,其中,在产生所述本次访问之前,进一步包括:9. The method according to claim 8, wherein, before generating the current visit, further comprising:所述代理客户端节点发起建立与所述代理服务端节点之间的所述至少两条公网连接。The proxy client node initiates establishment of the at least two public network connections with the proxy server node.10.根据权利要求9所述的方法,其中,所述代理客户端节点发起建立与所述代理服务端节点之间的所述至少两条公网连接包括:10. The method according to claim 9, wherein the proxy client node initiates establishment of the at least two public network connections with the proxy server node comprising:在所述代理客户端节点启动后,发起建立与所述代理服务端节点之间的初始通道连接;After the proxy client node is started, initiate the establishment of an initial channel connection with the proxy server node;所述代理客户端节点通过初始通道连接接收所述代理服务端节点动态更新的当前需要的各个业务类型的信息;以及The proxy client node receives the information of each service type dynamically updated by the proxy server node through the initial channel connection; and所述代理客户端节点与所述代理服务端节点根据动态更新的业务类型的信息,动态地为当前需要的每一种业务类型均设置一条对应的公网连接。The proxy client node and the proxy server node dynamically set a corresponding public network connection for each service type currently required according to the dynamically updated service type information.11.根据权利要求8所述的方法,11. The method of claim 8,同一种业务类型的至少两个访问复用所述至少两条公网连接中的同一条公网连接;其中,该至少两个访问为:由连接到同一个所述代理服务端节点的至少一个客户端发起的、向所述私网中连接到同一个所述代理客户端节点的至少一个服务端的访问。At least two accesses of the same business type multiplex the same public network connection in the at least two public network connections; wherein, the at least two accesses are: connected to the same proxy server node at least one The access initiated by the client to at least one server connected to the same proxy client node in the private network.12.根据权利要求11所述的方法,其中,所述代理客户端节点接收到的跨网连接请求中携带有跨网连接ID;12. The method according to claim 11, wherein the cross-network connection request received by the proxy client node carries a cross-network connection ID;在建立所述第二连接之后,进一步包括:After establishing the second connection, further comprising:所述代理客户端节点绑定该跨网连接请求中携带的跨网连接ID与所述第二连接;The proxy client node binds the cross-network connection ID carried in the cross-network connection request with the second connection;所述代理客户端节点在向所述代理服务端节点发送的本次访问的所有第二信息中均添加所述跨网连接ID;The proxy client node adds the cross-network connection ID to all the second information of this visit sent to the proxy server node;所述代理客户端节点从所述代理服务端节点发来的第一信息中解析出跨网连接ID,删除第一信息中的跨网连接ID,然后将第一信息通过与解析出的跨网连接ID绑定的第二连接发送给所述服务端;其中,所述信息包括信令及数据。The proxy client node parses the cross-network connection ID from the first information sent by the proxy server node, deletes the cross-network connection ID in the first information, and then passes the first information through the parsed cross-network connection ID. The second connection bound with the connection ID is sent to the server; wherein the information includes signaling and data.13.根据权利要求8所述的方法,其中,该方法进一步包括:针对所述至少两条公网连接中的每一条公网连接,在所述代理客户端节点中均设置该公网连接专用的发送队列及专用的工作线程;13. The method according to claim 8, wherein the method further comprises: for each public network connection in the at least two public network connections, setting the public network connection dedicated Send queue and dedicated worker thread;所述代理客户端节点利用第二连接以及接收到跨网连接请求的公网连接,传输所述客户端与所述服务端之间的本次访问的信息,包括:The proxy client node uses the second connection and the public network connection that receives the cross-network connection request to transmit the current visit information between the client and the server, including:所述代理客户端节点通过所述第二连接接收服务端发来的信息;The proxy client node receives the information sent by the server through the second connection;所述代理客户端节点利用接收到跨网连接请求的公网连接专用的工作线程,将接收到的信息放入该公网连接专用的发送队列中;The agent client node utilizes the working thread dedicated to the public network connection that receives the cross-network connection request, and puts the received information into the sending queue dedicated to the public network connection;所述代理服务端节点利用该专用的工作线程,从该专用的发送队列中依次取出信息,并通过该公网连接将取出的信息发送至所述代理服务端节点。The proxy server node uses the dedicated working thread to sequentially fetch information from the dedicated sending queue, and sends the fetched information to the proxy server node through the public network connection.14.访问私网中的服务端的方法,其中,包括:14. A method for accessing a server in a private network, including:客户端与代理服务端节点建立第一连接;The client establishes a first connection with the proxy server node;所述客户端通过第一连接将针对本次访问的跨网连接请求发送给所述代理服务端节点;其中,该跨网连接请求用于外网中的该客户端访问私网中的服务端,并且该跨网连接请求中携带有该服务端的私网地址。The client sends a cross-network connection request for this visit to the proxy server node through the first connection; wherein, the cross-network connection request is used for the client in the external network to access the server in the private network , and the cross-network connection request carries the private network address of the server.15.根据权利要求14所述的方法,其中,15. The method of claim 14, wherein,所述跨网连接请求中进一步携带有本次访问的业务类型信息和/或所述私网的标识;The cross-network connection request further carries the service type information of this visit and/or the identifier of the private network;和/或,and / or,所述第一连接是由所述客户端向代理服务端节点发起建立的、基于socks5协议的连接。The first connection is initiated by the client to the proxy server node and is based on the socks5 protocol.16.访问私网中的服务端的装置,应用于代理服务端节点中,该装置包括:16. The device for accessing the server in the private network is applied to the proxy server node, and the device includes:代理服务端模块,配置为与客户端建立第一连接;A proxy server module configured to establish a first connection with the client;跨网服务端模块,配置为与代理客户端节点建立至少两条公网连接,其中,不同的业务类型对应不同的公网连接;The cross-network server module is configured to establish at least two public network connections with the proxy client node, wherein different business types correspond to different public network connections;处理模块,配置为通过所述代理服务端模块建立的第一连接接收客户端发来的针对本次访问的跨网连接请求;该跨网连接请求用于外网中的该客户端访问私网中的服务端,该跨网连接请求携带有该服务端的私网地址;确定本次访问的业务类型;从所述跨网服务端模块建立的至少两条公网连接中选择本次访问的业务类型对应的公网连接,通过选择出的公网连接将跨网连接请求发送至代理客户端节点;在接收到代理客户端节点返回的连接成功消息后,通过代理服务端模块建立的第一连接向客户端发送连接成功消息;通过代理服务端模块建立的第一连接以及跨网服务端模块建立的公网连接传输客户端与服务端之间的本次访问的信息。The processing module is configured to receive the cross-network connection request for this visit sent by the client through the first connection established by the proxy server module; the cross-network connection request is used for the client in the external network to access the private network The server in the cross-network connection request carries the private network address of the server; determines the business type of this visit; selects the business of this visit from at least two public network connections established by the cross-network server module For the public network connection corresponding to the type, the cross-network connection request is sent to the proxy client node through the selected public network connection; after receiving the connection success message returned by the proxy client node, the first connection established through the proxy server module Send a connection success message to the client; transmit the current access information between the client and the server through the first connection established by the proxy server module and the public network connection established by the cross-network server module.17.访问私网中的服务端的装置,应用于代理客户端节点中,该装置包括:17. The device for accessing the server in the private network is applied to the proxy client node, and the device includes:跨网服务端单元,配置为与私网外的代理服务端节点建立至少两条公网连接,其中,不同的业务类型对应不同的公网连接;The cross-network server unit is configured to establish at least two public network connections with proxy server nodes outside the private network, wherein different business types correspond to different public network connections;控制单元,配置为从所述至少两条公网连接中的一条公网连接上接收到针对本次访问的跨网连接请求,解析出该跨网连接请求中携带的私网中的服务端的私网地址;在第二连接建立成功后,通过接收到跨网连接请求的公网连接,向代理服务端节点返回连接成功消息;利用跨网服务端单元建立的公网连接以及代理客户端单元建立的第二连接,传输客户端与服务端之间的本次访问的信息;The control unit is configured to receive a cross-network connection request for this visit from one of the at least two public network connections, and parse out the private information of the server in the private network carried in the cross-network connection request. network address; after the second connection is established successfully, by receiving the public network connection of the cross-network connection request, the connection success message is returned to the proxy server node; the public network connection established by the cross-network server unit and the proxy client unit are used to establish The second connection to transmit the information of this visit between the client and the server;代理客户端单元,配置为根据跨网连接请求中携带的私网地址,与服务端建立第二连接。The proxy client unit is configured to establish a second connection with the server according to the private network address carried in the cross-network connection request.18.访问私网中的服务端的装置,应用于客户端,该装置包括:18. The device for accessing the server in the private network is applied to the client, and the device includes:连接建立模块,配置为与代理服务端节点建立第一连接;A connection establishment module configured to establish a first connection with the proxy server node;信息处理模块,配置为通过第一连接将针对本次访问的跨网连接请求发送给代理服务端节点;其中,该跨网连接请求用于外网中的该客户端访问私网中的服务端,并且该跨网连接请求中携带有该服务端的私网地址。The information processing module is configured to send the cross-network connection request for this visit to the proxy server node through the first connection; wherein, the cross-network connection request is used for the client in the external network to access the server in the private network , and the cross-network connection request carries the private network address of the server.19.一种计算设备,包括存储器和处理器,所述存储器中存储有可执行代码,所述处理器执行所述可执行代码时,实现权利要求1-15中任一项所述的方法。19. A computing device, comprising a memory and a processor, wherein executable code is stored in the memory, and when the processor executes the executable code, the method according to any one of claims 1-15 is implemented.
CN202211317069.8A2022-10-262022-10-26 Method and device for accessing a server in a private networkActiveCN115834655B (en)

Priority Applications (1)

Application NumberPriority DateFiling DateTitle
CN202211317069.8ACN115834655B (en)2022-10-262022-10-26 Method and device for accessing a server in a private network

Applications Claiming Priority (1)

Application NumberPriority DateFiling DateTitle
CN202211317069.8ACN115834655B (en)2022-10-262022-10-26 Method and device for accessing a server in a private network

Publications (2)

Publication NumberPublication Date
CN115834655Atrue CN115834655A (en)2023-03-21
CN115834655B CN115834655B (en)2025-01-03

Family

ID=85525503

Family Applications (1)

Application NumberTitlePriority DateFiling Date
CN202211317069.8AActiveCN115834655B (en)2022-10-262022-10-26 Method and device for accessing a server in a private network

Country Status (1)

CountryLink
CN (1)CN115834655B (en)

Citations (7)

* Cited by examiner, † Cited by third party
Publication numberPriority datePublication dateAssigneeTitle
US20020078371A1 (en)*2000-08-172002-06-20Sun Microsystems, Inc.User Access system using proxies for accessing a network
US20130111038A1 (en)*2010-07-092013-05-02Attila Technologies, LlcTransparent Proxy Architecture for Multi-Path Data Connections
CN110809054A (en)*2019-11-112020-02-18腾讯科技(深圳)有限公司 Data transmission method, apparatus, device and storage medium
CN113452592A (en)*2021-06-092021-09-28北京奥星贝斯科技有限公司Cross-cloud data access method and device under hybrid cloud architecture
CN113472875A (en)*2021-06-282021-10-01深信服科技股份有限公司Connection multiplexing method and device, electronic equipment and storage medium
CN113992642A (en)*2021-10-252022-01-28深信服科技股份有限公司Flow auditing method and device of gateway proxy server and related equipment
CN114710548A (en)*2022-03-222022-07-05阿里巴巴(中国)有限公司Message forwarding method and device

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication numberPriority datePublication dateAssigneeTitle
US20020078371A1 (en)*2000-08-172002-06-20Sun Microsystems, Inc.User Access system using proxies for accessing a network
US20130111038A1 (en)*2010-07-092013-05-02Attila Technologies, LlcTransparent Proxy Architecture for Multi-Path Data Connections
CN110809054A (en)*2019-11-112020-02-18腾讯科技(深圳)有限公司 Data transmission method, apparatus, device and storage medium
CN113452592A (en)*2021-06-092021-09-28北京奥星贝斯科技有限公司Cross-cloud data access method and device under hybrid cloud architecture
CN113472875A (en)*2021-06-282021-10-01深信服科技股份有限公司Connection multiplexing method and device, electronic equipment and storage medium
CN113992642A (en)*2021-10-252022-01-28深信服科技股份有限公司Flow auditing method and device of gateway proxy server and related equipment
CN114710548A (en)*2022-03-222022-07-05阿里巴巴(中国)有限公司Message forwarding method and device

Also Published As

Publication numberPublication date
CN115834655B (en)2025-01-03

Similar Documents

PublicationPublication DateTitle
JP7252356B2 (en) MOBILE EDGE COMPUTING NODE SELECTION METHOD, APPARATUS AND SYSTEM AND COMPUTER PROGRAM
CN109067914B (en)web service proxy method, device, equipment and storage medium
US7490162B1 (en)Method and system for forwarding messages received at a traffic manager
CN107948324B (en)request transmission system, method, device and storage medium
EP2112788A1 (en)A method, system and nodes for p2p content sharing
CN112104744B (en)Traffic proxy method, server and storage medium
EP2343867B1 (en)System and method of reducing intranet traffic on bottleneck links in a telecommunications network
CN108200158B (en)request transmission system, method, device and storage medium
JP2001356973A (en)Network system
CN111385203B (en)Data transmission method, device and equipment based on hybrid cloud and storage medium
US8341285B2 (en)Method and system for transferring files
CN113949695B (en)Method for accessing network, media gateway, electronic device and storage medium
CN107528891B (en)Websocket-based automatic clustering method and system
RU2664480C2 (en)Method, device and system for content delivery
WO2014075450A1 (en)Resource download method, service server and cellular phone client
WO2023151264A1 (en)Load balancing method and apparatus, node, and storage medium
CN112968965A (en)Metadata service method, server and storage medium for NFV network node
WO2013185696A2 (en)Data processing method and device
CN116647538B (en)Connecting device capable of accessing different intranet services
CN115834655A (en)Method and device for accessing server in private network
WO2023186109A1 (en)Node access method and data transmission system
WO2023284231A1 (en)Message processing method and message processing system
JP2023522785A (en) Harmony Comprehensive Proxy Service
CN108848175A (en)A kind of method and device creating TCP connection
CN114553965B (en) Intranet device scheduling method, network device and storage medium

Legal Events

DateCodeTitleDescription
PB01Publication
PB01Publication
SE01Entry into force of request for substantive examination
SE01Entry into force of request for substantive examination
GR01Patent grant
GR01Patent grant
[8]ページ先頭
©2009-2025 Movatter.jp