CN116112460A

Movatterモバイル変換

Info

Publication number: CN116112460A
Application number: CN202111330018.4A
Authority: CN
Inventors: 陈臻垚; 陈湘子; 李鹏; 欧亮
Original assignee: China Telecom Corp Ltd
Current assignee: China Telecom Corp Ltd
Priority date: 2021-11-11
Filing date: 2021-11-11
Publication date: 2023-05-12

Abstract

The disclosure belongs to the technical field of Internet, and relates to a processing method and device of network address resources, a storage medium and electronic equipment. The method comprises the following steps: establishing an address resource pool of a public address and acquiring a private address; wherein the address resource pool comprises public address values of public addresses; performing address calculation on the private address to obtain a private address value, and performing address traversal on the public address value by using the private address value to determine a target address in the public address; and performing address calculation on the target address and the private address to obtain an address conversion entry, and generating a network address conversion table according to the address conversion entry. The method and the device provide data support through the address resource pool of the public address, so that the processing of the network address resources can reuse the resources in the address resource pool, the utilization rate of the network address resources is greatly increased, the occupied memory of the network address conversion table is less, the maintenance of the network address resources is convenient, and the problem of address shortage of the Internet is effectively solved.

Description

Translated fromChinese

网络地址资源的处理方法及装置、存储介质、电子设备Method and device for processing network address resources, storage medium, and electronic equipment

技术领域technical field

本公开涉及互联网技术领域，尤其涉及一种网络地址资源的处理方法与网络地址资源的处理装置、计算机可读存储介质及电子设备。The present disclosure relates to the field of Internet technologies, and in particular to a method for processing network address resources, a processing device for network address resources, a computer-readable storage medium, and electronic equipment.

背景技术Background technique

随着Internet(互联网)网络以爆炸性的速度膨胀，IP(Internet Protocol，网际互连协议)地址数量的短缺以及路由规模的日益增大已经成为一个相当严重的问题。通常，采用网络地址转换(NAT，Network Address Translation)的方式解决这一问题。As the Internet (Internet) network expands at an explosive rate, the shortage of IP (Internet Protocol, Internet Protocol) addresses and the increasing routing scale have become a very serious problem. Usually, a network address translation (NAT, Network Address Translation) is used to solve this problem.

但是，当采用静态地址转换的方式时，地址池的利用率太低，并且地址冲突较大。除此之外，使用链表解决冲突时也会使得效率过低。当使用动态地址转换的方式时，地址池资源的利用率仍然非常有限。However, when the static address translation method is adopted, the utilization rate of the address pool is too low, and the address conflicts are large. In addition, using a linked list to resolve conflicts will also make the efficiency too low. When using dynamic address translation, the utilization of address pool resources is still very limited.

鉴于此，本领域亟需开发一种新的网络地址资源的处理方法及装置。In view of this, there is an urgent need in the art to develop a new method and device for processing network address resources.

需要说明的是，在上述背景技术部分公开的信息仅用于加强对本公开的背景的理解，因此可以包括不构成对本领域普通技术人员已知的现有技术的信息。It should be noted that the information disclosed in the above background section is only for enhancing the understanding of the background of the present disclosure, and therefore may include information that does not constitute the prior art known to those of ordinary skill in the art.

发明内容Contents of the invention

本公开的目的在于提供一种网络地址资源的处理方法、网络地址资源的处理装置、计算机可读存储介质及电子设备，进而至少在一定程度上克服由于相关技术的限制而导致的地址资源利用率过低和冲突情况频显的技术问题。The purpose of the present disclosure is to provide a method for processing network address resources, a processing device for network address resources, a computer-readable storage medium, and an electronic device, so as to overcome the utilization rate of address resources caused by the limitations of related technologies at least to a certain extent Technical issues with frequent undershooting and conflict situations.

本公开的其他特性和优点将通过下面的详细描述变得显然，或部分地通过本公开的实践而习得。Other features and advantages of the present disclosure will become apparent from the following detailed description, or in part, be learned by practice of the present disclosure.

根据本发明实施例的第一个方面，提供一种网络地址资源的处理方法，所述方法包括：According to a first aspect of an embodiment of the present invention, a method for processing network address resources is provided, the method including:

建立公有地址的地址资源池，并获取私有地址；其中，所述地址资源池中包括所述公有地址的公有地址值；Establishing an address resource pool of public addresses, and obtaining private addresses; wherein, the address resource pool includes the public address value of the public address;

对所述私有地址进行地址计算得到私有地址值，并利用所述私有地址值对所述公有地址值进行地址遍历确定所述公有地址中的目标地址；Perform address calculation on the private address to obtain a private address value, and use the private address value to perform address traversal on the public address value to determine a target address in the public address;

对所述目标地址和所述私有地址进行地址计算得到地址转换条目，并根据所述地址转换条目生成网络地址转换表。Address calculation is performed on the target address and the private address to obtain an address translation entry, and a network address translation table is generated according to the address translation entry.

在本发明的一种示例性实施例中，所述私有地址包括目的私有地址，In an exemplary embodiment of the present invention, the private address includes a destination private address,

所述对所述私有地址进行地址计算得到私有地址值，包括：The private address value obtained by performing address calculation on the private address includes:

对所述目的私有地址进行地址计算得到私有地址值。Address calculation is performed on the destination private address to obtain a private address value.

在本发明的一种示例性实施例中，所述私有地址包括目标私有地址，In an exemplary embodiment of the present invention, the private address includes a target private address,

所述对所述目标地址和所述私有地址进行地址计算得到地址转换条目，包括：The performing address calculation on the target address and the private address to obtain an address translation entry includes:

对所述目标地址和所述目标私有地址进行地址计算得到地址转换条目。Address calculation is performed on the target address and the target private address to obtain an address translation entry.

在本发明的一种示例性实施例中，所述地址转换条目包括正向转换条目和反向转换条目，In an exemplary embodiment of the present invention, the address translation entry includes a forward translation entry and a reverse translation entry,

所述根据所述地址转换条目生成网络地址转换表，包括：The generating a network address translation table according to the address translation entry includes:

获取与所述正向转换条目对应的正向地址转换表，并获取与所述反向转换条目对应的反向地址转换表；obtaining a forward address translation table corresponding to the forward translation entry, and obtaining a reverse address translation table corresponding to the reverse translation entry;

对所述正向转换条目和所述正向地址转换表进行重复识别，以更新所述正向地址转换表；repeatedly identifying the forward translation entry and the forward address translation table to update the forward address translation table;

将所述反向转换条目插入至所述反向地址转换表中，以更新所述反向地址转换表。Inserting the reverse translation entry into the reverse address translation table to update the reverse address translation table.

在本发明的一种示例性实施例中，所述对所述正向转换条目和所述正向地址转换表进行重复识别，以更新所述正向地址转换表，包括：In an exemplary embodiment of the present invention, the repeatedly identifying the forward translation entry and the forward address translation table to update the forward address translation table includes:

对所述正向转换条目和所述正向地址转换表进行重复识别，确定所述正向地址转换表中已存在所述正向转换条目；repeatedly identifying the forward translation entry and the forward address translation table, and determining that the forward translation entry already exists in the forward address translation table;

利用所述地址资源池对所述正向转换条目重新分配所述公有地址，以更新所述正向地址转换表。re-allocating the public address to the forward translation entry by using the address resource pool, so as to update the forward address translation table.

在本发明的一种示例性实施例中，所述地址资源池为一个计数器的形式，In an exemplary embodiment of the present invention, the address resource pool is in the form of a counter,

所述方法还包括：The method also includes:

若所述地址资源池中的所述公有地址通过所述网络地址转换表建立连接，对所述一个计数器进行更新；If the public address in the address resource pool establishes a connection through the network address translation table, update the one counter;

若所述地址资源池中的所述公有地址通过所述网络地址转换表删除连接，对所述网络地址转换表进行更新。If the public address in the address resource pool deletes the connection through the network address translation table, the network address translation table is updated.

在本发明的一种示例性实施例中，所述地址资源池为至少两个计数器的形式，In an exemplary embodiment of the present invention, the address resource pool is in the form of at least two counters,

所述方法还包括：The method also includes:

若所述地址资源池中的所述公有地址通过所述网络地址转换表建立连接，对所述至少两个计数器进行更新；If the public address in the address resource pool establishes a connection through the network address translation table, update the at least two counters;

若所述地址资源池中的所述公有地址通过所述网络地址转换表删除连接，对所述至少两个计数器中的一个进行更新。If the public address in the address resource pool deletes the connection through the network address translation table, one of the at least two counters is updated.

根据本发明实施例的第二个方面，提供一种网络地址资源的处理装置，包括：According to a second aspect of the embodiments of the present invention, there is provided an apparatus for processing network address resources, including:

数据获取模块，被配置为建立公有地址的地址资源池，并获取私有地址；其中，所述地址资源池中包括所述公有地址的公有地址值；The data acquisition module is configured to establish an address resource pool of public addresses and acquire private addresses; wherein, the address resource pool includes public address values of the public addresses;

地址计算模块，被配置为对所述私有地址进行地址计算得到私有地址值，并利用所述私有地址值对所述公有地址值进行地址遍历确定所述公有地址中的目标地址；The address calculation module is configured to perform address calculation on the private address to obtain a private address value, and use the private address value to perform address traversal on the public address value to determine a target address in the public address;

条目更新模块，被配置为对所述目标地址和所述私有地址进行地址计算得到地址转换条目，并根据所述地址转换条目生成网络地址转换表。The entry update module is configured to perform address calculation on the target address and the private address to obtain an address translation entry, and generate a network address translation table according to the address translation entry.

根据本发明实施例的第三个方面，提供一种电子设备，包括：处理器和存储器；其中，存储器上存储有计算机可读指令，所述计算机可读指令被所述处理器执行时实现上述任意示例性实施例中的网络地址资源的处理方法。According to a third aspect of the embodiments of the present invention, there is provided an electronic device, including: a processor and a memory; wherein, the memory stores computer-readable instructions, and when the computer-readable instructions are executed by the processor, the above-mentioned A method for processing network address resources in any exemplary embodiment.

根据本发明实施例的第四个方面，提供一种计算机可读存储介质，其上存储有计算机程序，所述计算机程序被处理器执行时实现上述任意示例性实施例中的网络地址资源的处理方法。According to a fourth aspect of the embodiments of the present invention, there is provided a computer-readable storage medium, on which a computer program is stored, and when the computer program is executed by a processor, the processing of the network address resources in any of the above-mentioned exemplary embodiments is implemented. method.

由上述技术方案可知，本公开示例性实施例中的网络地址资源的处理方法、网络地址资源的处理装置、计算机存储介质及电子设备至少具备以下优点和积极效果：It can be seen from the above technical solutions that the network address resource processing method, network address resource processing device, computer storage medium and electronic equipment in the exemplary embodiments of the present disclosure have at least the following advantages and positive effects:

在本公开的示例性实施例提供的方法及装置中，通过建立的公有地址的地址资源池对生成网络地址转换表提供数据支持，使得网络地址资源的处理能够重复使用地址资源池中的资源，极大地增加了网络地址资源的利用率。更进一步的，对私有地址以及私有地址和目标地址之间进行相同的地址计算，使得网络地址转换表的占用内存少，并且便于网络地址资源的维护，有效地解决了互联网的地址短缺问题。In the method and device provided by the exemplary embodiments of the present disclosure, the address resource pool of the established public address provides data support for generating the network address translation table, so that the processing of network address resources can reuse the resources in the address resource pool, The utilization rate of network address resources is greatly increased. Furthermore, the same address calculation is performed on the private address and between the private address and the target address, so that the network address translation table occupies less memory, facilitates the maintenance of network address resources, and effectively solves the problem of address shortage on the Internet.

应当理解的是，以上的一般描述和后文的细节描述仅是示例性和解释性的，并不能限制本公开。It is to be understood that both the foregoing general description and the following detailed description are exemplary and explanatory only and are not restrictive of the present disclosure.

附图说明Description of drawings

此处的附图被并入说明书中并构成本说明书的一部分，示出了符合本公开的实施例，并与说明书一起用于解释本公开的原理。显而易见地，下面描述中的附图仅仅是本公开的一些实施例，对于本领域普通技术人员来讲，在不付出创造性劳动的前提下，还可以根据这些附图获得其他的附图。The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the disclosure and together with the description serve to explain the principles of the disclosure. Apparently, the drawings in the following description are only some embodiments of the present disclosure, and those skilled in the art can obtain other drawings according to these drawings without creative efforts.

图1示意性示出一种相关技术中地址池的组织结构示意图；FIG. 1 schematically shows a schematic diagram of an organizational structure of an address pool in a related art;

图2示意性示出另一种相关技术中地址池的组织结构示意图；FIG. 2 schematically shows a schematic diagram of an organizational structure of an address pool in another related art;

图3示意性示出本公开示例性实施例中一种网络地址资源的处理方法的流程示意图；Fig. 3 schematically shows a schematic flowchart of a method for processing network address resources in an exemplary embodiment of the present disclosure;

图4示意性示出本公开示例性实施例中一种建立的地址资源池的内容和结构示意图；FIG. 4 schematically shows the content and structure of an address resource pool established in an exemplary embodiment of the present disclosure;

图5示意性示出本公开示例性实施例中另一种建立的地址资源池的内容和结构示意图；FIG. 5 schematically shows the content and structure of another address resource pool established in an exemplary embodiment of the present disclosure;

图6示意性示出本公开示例性实施例中生成网络地址转换表的方法的流程示意图；FIG. 6 schematically shows a schematic flowchart of a method for generating a network address translation table in an exemplary embodiment of the present disclosure;

图7示意性示出本公开示例性实施例中更新正向地址转换表的方法的流程示意图；FIG. 7 schematically shows a schematic flowchart of a method for updating a forward address translation table in an exemplary embodiment of the present disclosure;

图8示意性示出本公开示例性实施例中一种对计数器进行更新的方法的流程示意图；Fig. 8 schematically shows a schematic flowchart of a method for updating a counter in an exemplary embodiment of the present disclosure;

图9示意性示出本公开示例性实施例中另一种对计数器进行更新的方法的流程示意图；Fig. 9 schematically shows a schematic flowchart of another method for updating a counter in an exemplary embodiment of the present disclosure;

图10示意性示出本公开示例性实施例中再一种建立的地址资源池的内容和结构示意图；FIG. 10 schematically shows the content and structure of another address resource pool established in an exemplary embodiment of the present disclosure;

图11示意性示出本公开示例性实施例中应用场景下网络地址资源的处理方法的流程示意图；Fig. 11 schematically shows a schematic flowchart of a method for processing network address resources in an application scenario in an exemplary embodiment of the present disclosure;

图12示意性示出本公开示例性实施例中一种网络地址资源的处理装置的结构示意图；Fig. 12 schematically shows a schematic structural diagram of an apparatus for processing network address resources in an exemplary embodiment of the present disclosure;

图13示意性示出本公开示例性实施例中一种用于实现网络地址资源的处理方法的电子设备；Fig. 13 schematically shows an electronic device for implementing a method for processing network address resources in an exemplary embodiment of the present disclosure;

图14示意性示出本公开示例性实施例中一种用于实现网络地址资源的处理方法的计算机可读存储介质。Fig. 14 schematically shows a computer-readable storage medium for implementing a method for processing network address resources in an exemplary embodiment of the present disclosure.

具体实施方式Detailed ways

现在将参考附图更全面地描述示例实施方式。然而，示例实施方式能够以多种形式实施，且不应被理解为限于在此阐述的范例；相反，提供这些实施方式使得本公开将更加全面和完整，并将示例实施方式的构思全面地传达给本领域的技术人员。所描述的特征、结构或特性可以以任何合适的方式结合在一个或更多实施方式中。在下面的描述中，提供许多具体细节从而给出对本公开的实施方式的充分理解。然而，本领域技术人员将意识到，可以实践本公开的技术方案而省略所述特定细节中的一个或更多，或者可以采用其它的方法、组元、装置、步骤等。在其它情况下，不详细示出或描述公知技术方案以避免喧宾夺主而使得本公开的各方面变得模糊。Example embodiments will now be described more fully with reference to the accompanying drawings. Example embodiments may, however, be embodied in many forms and should not be construed as limited to the examples set forth herein; rather, these embodiments are provided so that this disclosure will be thorough and complete and will fully convey the concept of example embodiments to those skilled in the art. The described features, structures, or characteristics may be combined in any suitable manner in one or more embodiments. In the following description, numerous specific details are provided in order to give a thorough understanding of embodiments of the present disclosure. However, those skilled in the art will appreciate that the technical solutions of the present disclosure may be practiced without one or more of the specific details being omitted, or other methods, components, devices, steps, etc. may be adopted. In other instances, well-known technical solutions have not been shown or described in detail to avoid obscuring aspects of the present disclosure.

本说明书中使用用语“一个”、“一”、“该”和“所述”用以表示存在一个或多个要素/组成部分/等；用语“包括”和“具有”用以表示开放式的包括在内的意思并且是指除了列出的要素/组成部分/等之外还可存在另外的要素/组成部分/等；用语“第一”和“第二”等仅作为标记使用，不是对其对象的数量限制。The terms "a", "an", "the" and "the" are used in this specification to indicate the existence of one or more elements/components/etc.; the terms "comprising" and "having" are used to indicate an open Included means and means that there may be additional elements/components/etc. in addition to the listed elements/components/etc; the terms "first" and "second" etc. The number of its objects is limited.

此外，附图仅为本公开的示意性图解，并非一定是按比例绘制。图中相同的附图标记表示相同或类似的部分，因而将省略对它们的重复描述。附图中所示的一些方框图是功能实体，不一定必须与物理或逻辑上独立的实体相对应。Furthermore, the drawings are merely schematic illustrations of the present disclosure and are not necessarily drawn to scale. The same reference numerals in the drawings denote the same or similar parts, and thus repeated descriptions thereof will be omitted. Some of the block diagrams shown in the drawings are functional entities and do not necessarily correspond to physically or logically separate entities.

随着Internet网络以爆炸性的速度膨胀，IP地址数量的短缺以及路由规模的日益增大已经成为一个相当严重的问题。With the explosive expansion of the Internet network, the shortage of IP addresses and the increasing scale of routing have become a very serious problem.

为了解决这个问题，出现了多种解决方案，如使用IPv6(Internet ProtocolVersion 6，联网协议第六版)替代现有的IPv4(Internet Protocol Version 4，联网协议第四版)。In order to solve this problem, a variety of solutions have emerged, such as using IPv6 (Internet Protocol Version 6, the sixth edition of the networking protocol) to replace the existing IPv4 (Internet Protocol Version 4, the fourth edition of the networking protocol).

而在IPv6完全推广之前，一种在目前网络环境中比较有效的方法即NAT。NAT是指在一个网络内部，根据需求可以随意自定义IP地址，而不需要经过申请。Before IPv6 is fully promoted, a more effective method in the current network environment is NAT. NAT means that within a network, IP addresses can be freely customized according to needs without application.

在网络内部，各个设备之间通过内部的IP地址进行通信，而当内部的计算机要与外部Internet网络进行通信时，具有NAT功能的设备(例如路由器)负责将其内部的IP地址转换为合法的外部IP地址进行通信。Inside the network, each device communicates through the internal IP address, and when the internal computer wants to communicate with the external Internet network, a device with NAT function (such as a router) is responsible for converting its internal IP address into a legal one. External IP address for communication.

NAT的典型应用，是将NAT设置在内部网络与外部公网的连接处的路由器上。当IP数据包离开内网时，NAT负责将内部的IP源地址转换为公网IP地址。而当IP数据包进入内部网时，NAT将公网目的地址转换为内部私有地址再进行转发。A typical application of NAT is to set NAT on the router at the connection between the internal network and the external public network. When the IP data packet leaves the internal network, NAT is responsible for converting the internal IP source address to the public network IP address. When the IP data packet enters the internal network, NAT converts the public network destination address into an internal private address and then forwards it.

进行地址转换时，由于端口号范围最多为65535，通常采用一组连续的公网地址组成一个地址资源池，当内部网络访问外部网络时，在资源池中选取一个公网地址替换IP包中的源地址(私网地址)，并以此建立一个地址转换关系表，利用此表在收到来自外部的数据包时进行反向地址还原。When performing address translation, since the port number ranges up to 65535, a group of continuous public network addresses is usually used to form an address resource pool. When the internal network accesses the external network, a public network address is selected in the resource pool to replace the IP address in the IP packet. source address (private network address), and establish an address translation relationship table, and use this table to restore the reverse address when receiving a data packet from the outside.

对于地址池中的地址资源利用通常可以采用静态地址转换和动态地址转换两种方式。For address resource utilization in the address pool, static address translation and dynamic address translation can generally be used.

其中，静态地址转换是采用地址关联的方式将地址池分为两组。Among them, the static address translation is to divide the address pool into two groups by means of address association.

第一组作为Hash(哈希)表用于直接的地址分配，第二组用于在第一组分配不成功时使用。两组地址池的组织结构相同。The first group is used as a Hash (hash) table for direct address assignment, and the second group is used when the first group assignment fails. The organizational structure of the two groups of address pools is the same.

图1示出了一种相关技术中地址池的组织结构示意图，如图1所示，为每个IP地址分配一个64K表项的数组。其中，每个表项代表一个端口，该端口号和IP地址一起构成一项地址池资源。FIG. 1 shows a schematic diagram of an organizational structure of an address pool in a related art. As shown in FIG. 1 , an array of 64K entries is allocated to each IP address. Wherein, each entry represents a port, and the port number and IP address together constitute an address pool resource.

当对一个数据流进行网络地址转换时，通过对该数据流Hash选中第一组地址池IP1-IPk中的一个表项，利用此表项给出的地址进行源地址替换。如果此表项已被分配，则到第二组地址池IPn中分配一个空闲表项，并在Hash选中的第一组地址池中的表项中用指针指向该空闲表项，如果后续还有相同Hash命中的情况，则继续到IPn中分配一个空闲表项，并延长冲突链表。When performing network address translation on a data flow, an entry in the first group of address pools IP1-IPk is selected by hashing the data flow, and the address given by this entry is used to replace the source address. If this entry has been allocated, then allocate an idle entry in the second group of address pool IPn, and use a pointer to point to the idle entry in the entry in the first group of address pools selected by Hash, if there are subsequent In the case of the same Hash hit, continue to allocate an idle entry in IPn, and extend the conflict list.

在此方法中，地址池和地址转换关系表合一，正向地址转换表和反向地址转换关系表合一。In this method, the address pool and the address translation relationship table are combined into one, and the forward address translation table and the reverse address translation relationship table are combined into one.

采用静态地址转换的方法使得地址池的利用率较低。尤其是在Hash不均匀时，地址冲突大。另外，使用链表解决冲突的方式在冲突较大时效率很低。The static address translation method makes the utilization rate of the address pool lower. Especially when the Hash is uneven, the address conflict is large. In addition, the method of using a linked list to resolve conflicts is very inefficient when the conflict is large.

动态地址转换的方法是采用位图关联方式。The method of dynamic address translation is to use bitmap association.

图2示出了另一种相关技术中地址池的组织结构示意图，如图2所示，每个地址池有多个IP地址，每个IP地址按端口号分配地址资源，每个端口号对应一位，每一位ULONG(无符号长整型)整数代表一个端口的状态，2K个ULONG型整数就可以代表所有的端口号。Figure 2 shows a schematic diagram of the organizational structure of address pools in another related technology. As shown in Figure 2, each address pool has multiple IP addresses, and each IP address allocates address resources according to port numbers, and each port number corresponds to One bit, each ULONG (unsigned long integer) integer represents the status of a port, and 2K ULONG integers can represent all port numbers.

连接时，如果一个端口已经被分配出去，则将该端口对应的状态置为1；连接释放时，将该连接对应的端口状态位置为0。When connecting, if a port has been allocated, the state corresponding to the port is set to 1; when the connection is released, the port state corresponding to the connection is set to 0.

网络地址转换关系表组织成Hash表结构，用数据流的源/目的地址、源/目的端口号、IP协议号作为关键词来查找，正反向的网络地址转换分别查找各自的Hash表。The network address translation relationship table is organized into a Hash table structure, and the source/destination address, source/destination port number, and IP protocol number of the data flow are used as keywords to search, and the forward and reverse network address translations are respectively searched for their respective Hash tables.

采用动态地址转换的方法，地址池的利用率较静态地址转换的方法有所提高，但是，一个IP地址+端口号对仍只能用于一个连接。举例而言，要支持512K(千)的连接，至少需要512K/64K＝8个IP地址，地址池资源的利用率仍然有限。With the method of dynamic address translation, the utilization rate of the address pool is improved compared with the method of static address translation. However, one IP address+port number pair can only be used for one connection. For example, to support 512K (thousand) connections, at least 512K/64K=8 IP addresses are required, and the utilization rate of address pool resources is still limited.

针对相关技术中存在的问题，本公开提出了一种网络地址资源的处理方法，图3示出了网络地址资源的处理方法的流程图，如图3所示，网络地址资源的处理方法至少包括以下步骤：Aiming at the problems existing in related technologies, the present disclosure proposes a method for processing network address resources. FIG. 3 shows a flow chart of the method for processing network address resources. As shown in FIG. 3 , the method for processing network address resources includes at least The following steps:

步骤S310.建立公有地址的地址资源池，并获取私有地址；其中，地址资源池中包括公有地址的公有地址值。Step S310. Establish an address resource pool of public addresses, and obtain private addresses; wherein, the address resource pool includes public address values of public addresses.

步骤S320.对私有地址进行地址计算得到私有地址值，并利用私有地址值对公有地址值进行地址遍历确定公有地址中的目标地址。Step S320. Perform address calculation on the private address to obtain a private address value, and use the private address value to perform address traversal on the public address value to determine the target address in the public address.

步骤S330.对目标地址和私有地址进行地址计算得到地址转换条目，并根据地址转换条目生成网络地址转换表。Step S330. Perform address calculation on the target address and the private address to obtain an address translation entry, and generate a network address translation table according to the address translation entry.

在本公开的示例性实施例中，通过建立的公有地址的地址资源池对生成网络地址转换表提供数据支持，使得网络地址资源的处理能够重复使用地址资源池中的资源，极大地增加了网络地址资源的利用率。更进一步的，对私有地址以及私有地址和目标地址之间进行相同的地址计算，使得网络地址转换表的占用内存少，并且便于网络地址资源的维护，有效地解决了互联网的地址短缺问题。In an exemplary embodiment of the present disclosure, the address resource pool of the established public address provides data support for the generation of the network address translation table, so that the processing of network address resources can reuse the resources in the address resource pool, greatly increasing the network Utilization of address resources. Furthermore, the same address calculation is performed on the private address and between the private address and the target address, so that the network address translation table occupies less memory, facilitates the maintenance of network address resources, and effectively solves the problem of address shortage on the Internet.

下面对网络地址资源的处理方法的各个步骤进行详细说明。Each step of the method for processing network address resources will be described in detail below.

在步骤S310中，建立公有地址的地址资源池，并获取私有地址；其中，地址资源池中包括公有地址的公有地址值。In step S310, an address resource pool of public addresses is established, and private addresses are acquired; wherein, the address resource pool includes public address values of public addresses.

在本公开的示例性实施例中，地址资源池表示一组连续的公有地址，地址资源池的Hash表内容对应公有地址资源，亦即公有地址值。地址资源池Hash表的大小可以为64K的2N(N＝0,1,2…)倍。其中，N的取值直接决定了地址的复用率，N取得越大，目标空间就划分得越细，从而地址资源池可重复利用的次数也就越多。In an exemplary embodiment of the present disclosure, the address resource pool represents a group of continuous public addresses, and the contents of the Hash table of the address resource pool correspond to public address resources, that is, public address values. The size of the Hash table of the address resource pool may be 2N (N=0, 1, 2...) times of 64K. Among them, the value of N directly determines the reuse rate of the address. The larger the value of N is, the finer the target space is divided, and the more times the address resource pool can be reused.

举例而言，N＝16时，地址资源池Hash表的大小为64K,也就是每个地址池资源最多可能复用64K次。而N＝0时，地址资源池Hash表就退化为了传统的没有复用的地址资源分配方式。亦即，一个地址池资源只能同时被一个连接使用。For example, when N=16, the size of the address resource pool Hash table is 64K, that is, each address pool resource may be reused up to 64K times. When N=0, the Hash table of the address resource pool degenerates into a traditional address resource allocation method without multiplexing. That is, one address pool resource can only be used by one connection at the same time.

同时，注意到N取得越大时，消耗的内存也越多。因此N的取值要在复用率和地址空间消耗这两个因素中权衡。At the same time, notice that the larger the N is, the more memory is consumed. Therefore, the value of N should be weighed between the two factors of multiplexing rate and address space consumption.

图4示出了一种建立的地址资源池的内容和结构示意图，如图4所示，地址资源池Hash表由64K个表项组成，每个表项的内容Counter1(计数器1),Counter2,...,Counter64K分别是一个计数器，这些计数器的位数相同，并且由地址池Hash表对应IP地址个数的不同而不同。Fig. 4 shows a kind of content and structural diagram of the address resource pool of establishment, as shown in Fig. 4, the address resource pool Hash table is made up of 64K entry, the content of each entry Counter1 (counter 1), Counter2, ..., Counter64K are a counter respectively, the number of these counters is the same, and the number of corresponding IP addresses in the address pool Hash table is different.

设定地址资源池Hash表对应2N(N＝0,1,…)个IP地址，那么，地址资源池Hash表中每个条目代表的计数器的位数为16+N(N＝0,1,…)。Set the address resource pool Hash table to correspond to 2N (N=0,1,…) IP addresses, then, the number of bits of the counter represented by each entry in the address resource pool Hash table is 16+N (N=0,1, ...).

举例而言，如果地址资源池Hash表对应1个IP地址，则N＝0。地址资源池Hash表中每个条目代表一个16位的计数器。如果地址池Hash表对应2个IP地址，则N＝l，地址资源池Hash表中每个表项代表一个17位的计数器。For example, if the Hash table of the address resource pool corresponds to one IP address, then N=0. Each entry in the address resource pool Hash table represents a 16-bit counter. If the address pool Hash table corresponds to 2 IP addresses, then N=1, and each entry in the address resource pool Hash table represents a 17-bit counter.

其中，每个计数器对应了公有地址资源的逻辑分配指针。Wherein, each counter corresponds to a logical allocation pointer of a public address resource.

通常，可以建立一个公有IP地址索引表。该公有IP地址索引表的每一项对应一个索引号和一个公有IP地址。Usually, a public IP address index table can be established. Each item in the public IP address index table corresponds to an index number and a public IP address.

通过地址资源池Hash表中每个表项所代表的计数器及公有IP地址索引表可以查找公有“IP地址+端口号”对。The public "IP address + port number" pair can be found through the counter represented by each entry in the address resource pool Hash table and the public IP address index table.

计数器的高16位代表了要转换的公有端口号，计数器的低N位表示要转换的公有IP地址索引表的索引号。地址资源池Hash表对应的IP地址个数不同，则地址资源池Hash表中每个表项的位数不同。The upper 16 bits of the counter represent the public port number to be converted, and the lower N bits of the counter represent the index number of the public IP address index table to be converted. The number of IP addresses corresponding to the Hash table of the address resource pool is different, and the number of digits of each entry in the Hash table of the address resource pool is different.

如果地址资源池Hash表只对应1个IP地址，则计数器为16位，减去高16位后剩余低位为0位(即N＝0)。即IP地址索引号为0，对应公有IP地址索引表中的第1个公有IP地址。If the Hash table of the address resource pool only corresponds to one IP address, the counter is 16 bits, and after subtracting the high 16 bits, the remaining low bits are 0 bits (that is, N=0). That is, the IP address index number is 0, which corresponds to the first public IP address in the public IP address index table.

如果地址资源池Hash表对应2个IP地址，则计数器为17位，减去高16位后剩余低位为1位(即N＝l)，分别表示为0和1。即IP地址索引号分别为0和1。其中，0对应公有IP地址索引表中的笫一个公有IP地址，1对应公有IP地址索引表中的第2个公有IP地址，依此类推。If the address resource pool Hash table corresponds to 2 IP addresses, the counter is 17 bits, and the remaining low bit is 1 bit after subtracting the high 16 bits (that is, N=1), which are represented as 0 and 1 respectively. That is, the IP address index numbers are 0 and 1, respectively. Wherein, 0 corresponds to the first public IP address in the public IP address index table, 1 corresponds to the second public IP address in the public IP address index table, and so on.

图5示出了另一种建立的地址资源池的内容和结构示意图，如图5所示，该地址资源池Hash表的内容和结构与图4所示的地址资源池Hash表相同，只是此表的容量更大，有128K。也就是说有128K个条目。Fig. 5 shows the content and the structural schematic diagram of another kind of address resource pool of establishment, as shown in Fig. 5, the content and the structure of this address resource pool Hash table are the same as the address resource pool Hash table shown in Fig. 4, only this The capacity of the table is larger, 128K. That is 128K entries.

进一步的，还可以获取私有地址。Furthermore, a private address can also be obtained.

其中，私有地址可以是内部网络用户数据流的目的三元组形式。Wherein, the private address may be in the form of the destination triplet of the internal network user data flow.

举例而言，该目的三元组为“协议号+目的IP地址+目的端口号”，也可以是其他形式，本示例性实施例对此不做特殊限定。For example, the destination triplet is "protocol number+destination IP address+destination port number", and may also be in other forms, which is not specifically limited in this exemplary embodiment.

在步骤S320中，对私有地址进行地址计算得到私有地址值，并利用私有地址值对公有地址值进行地址遍历确定公有地址中的目标地址。In step S320, perform address calculation on the private address to obtain a private address value, and use the private address value to perform address traversal on the public address value to determine the target address in the public address.

在本公开的示例性实施例中，对私有地址进行地址计算的方式可以是哈希计算。In an exemplary embodiment of the present disclosure, the manner of performing address calculation on the private address may be hash calculation.

在可选的实施例中，私有地址包括目的私有地址，对目的私有地址进行地址计算得到私有地址值。In an optional embodiment, the private address includes a destination private address, and address calculation is performed on the destination private address to obtain a private address value.

其中，目的私有地址可以是目的三元组“协议号+目的IP地址+目的端口号”。Wherein, the destination private address may be the destination triplet "protocol number+destination IP address+destination port number".

举例而言，利用SHA-256算法对目的私有地址进行地址计算得到私有地址值。For example, use the SHA-256 algorithm to perform address calculation on the destination private address to obtain the private address value.

SHA-2(Secure Hash Algorithm 2，安全散列算法2)是一种密码散列函数算法标准，由美国国家安全局研发，属于SHA算法之一，是SHA-1的后继者。SHA-2 (Secure Hash Algorithm 2, Secure Hash Algorithm 2) is a cryptographic hash function algorithm standard developed by the US National Security Agency. It is one of the SHA algorithms and is the successor of SHA-1.

SHA-2下又可再分为六个不同的算法标准，分别是SHA-224、SHA-256、SHA-384、SHA-512、SHA-512/224、SHA-512/256。SHA-2 can be further divided into six different algorithm standards, namely SHA-224, SHA-256, SHA-384, SHA-512, SHA-512/224, SHA-512/256.

其中，SHA256是一个哈希函数。哈希函数，又称散列算法，是一种从任何一种数据中创建小的数字“指纹”的方法。散列函数把消息或数据压缩成摘要，使得数据量变小，将数据的格式固定下来。该函数将数据打乱混合，重新创建一个叫做散列值(或哈希值)的指纹。散列值通常用一个短的随机字母和数字组成的字符串来代表。Among them, SHA256 is a hash function. A hash function, also known as a hash algorithm, is a method of creating small digital "fingerprints" from any kind of data. The hash function compresses the message or data into a summary, which reduces the amount of data and fixes the format of the data. This function scrambles the data to recreate a fingerprint called a hash value (or hash value). The hash value is usually represented by a short string of random letters and numbers.

对于任意长度的消息，SHA256都会产生一个256bit(比特)长的哈希值，称作消息摘要。该消息摘要相当于是个长度为32个字节的数组，通常用一个长度为64的十六进制字符串来表示，亦即授权码。For a message of any length, SHA256 will generate a 256bit (bit) long hash value, called a message digest. The message digest is equivalent to an array with a length of 32 bytes, usually represented by a hexadecimal string with a length of 64, that is, an authorization code.

其中，对应64K的地址资源池Hash表得到的Hash值为16位(即地址资源池Hash表的大小为216＝64K)。对应128K的地址资源池Hash表得到的Hash值为17位(即地址池Hash表的大小为217＝128K),依此类推。Wherein, the Hash value obtained from the Hash table of the address resource pool corresponding to 64K is 16 bits (that is, the size of the Hash table of the address resource pool is 216=64K). The Hash value obtained from the Hash table of the address resource pool corresponding to 128K is 17 bits (that is, the size of the Hash table of the address pool is 217=128K), and so on.

在得到私有地址值之后，可以通过私有地址值对地址资源池Hash表中的公有地址值进行地址遍历查询。After obtaining the private address value, an address traversal query can be performed on the public address value in the Hash table of the address resource pool through the private address value.

当在公有地址值中确定相同的私有地址值之后，可以获取到地址资源池Hash表中的对应条目得到内部网络用户数据流的目的三元组“协议号+目的IP地址+目的端口号”的公有“IP地址+端口号”对，亦即公有地址中的目标地址。After the same private address value is determined in the public address value, the corresponding entry in the Hash table of the address resource pool can be obtained to obtain the destination triplet "protocol number + destination IP address + destination port number" of the internal network user data flow The public "IP address + port number" pair, that is, the target address in the public address.

在步骤S330中，对目标地址和私有地址进行地址计算得到地址转换条目，并根据地址转换条目生成网络地址转换表。In step S330, perform address calculation on the target address and the private address to obtain an address translation entry, and generate a network address translation table according to the address translation entry.

在本公开的示例性实施例中，得到目标地址之后，可以对目标地址和私有地址进行地址计算。In an exemplary embodiment of the present disclosure, after the target address is obtained, address calculation may be performed on the target address and the private address.

在可选的实施例中，私有地址包括目标私有地址，对目标地址和目标私有地址进行地址计算得到地址转换条目。In an optional embodiment, the private address includes the target private address, and an address translation entry is obtained by performing address calculation on the target address and the target private address.

其中，目标私有地址可以是目标五元组“源IP地址+源端口号+协议号+目的IP地址+目的端口号”的形式，而且已知目标地址为公有“IP地址+端口号”。Wherein, the target private address may be in the form of the target quintuple "source IP address + source port number + protocol number + destination IP address + destination port number", and the known target address is a public "IP address+port number".

进一步的，对目标五元组“源IP地址+源端口号+协议号+目的IP地址+目的端口号”和公有“IP地址+端口号”进行哈希计算可以得到地址转换条目。Further, the address translation entry can be obtained by performing hash calculation on the target quintuple "source IP address + source port number + protocol number + destination IP address + destination port number" and the public "IP address+port number".

因此，可以根据地址转换条目生成公有地址和私有地址的网络地址转换表。Therefore, a network address translation table for public addresses and private addresses can be generated based on the address translation entries.

在可选的实施例中，地址转换条目包括正向转换条目和反向转换条目，图6示出了生成网络地址转换表的方法的流程示意图，如图6所示，该方法至少包括以下步骤：在步骤S610中，获取与正向转换条目对应的正向地址转换表，并获取与反向转换条目对应的反向地址转换表。In an optional embodiment, the address translation entry includes a forward translation entry and a reverse translation entry. FIG. 6 shows a schematic flowchart of a method for generating a network address translation table. As shown in FIG. 6, the method at least includes the following steps : In step S610, obtain the forward address translation table corresponding to the forward translation entry, and obtain the reverse address translation table corresponding to the reverse translation entry.

基于目标五元组“源IP地址+源端口号+协议号+目的IP地址+目的端口号”和公有“IP地址+端口号”去生成正向地址转换表和反向地址转换表。内网机器去访问一个公网的服务器，过程是内网机器发送了一个echo(回声)报文，公网回复一个reply(应答)报文。Based on the target quintuple "source IP address+source port number+protocol number+destination IP address+destination port number" and public "IP address+port number" to generate forward address translation table and reverse address translation table. When an intranet machine accesses a public network server, the process is that the intranet machine sends an echo (echo) message, and the public network replies with a reply (response) message.

正向地址转换表可以处理的echo报文中的源就是内网主机IP地址以及端口号，目的就是公网的服务器IP地址以及端口号。The source of the echo message that can be processed by the forward address translation table is the IP address and port number of the host on the intranet, and the destination is the IP address and port number of the server on the public network.

反向地址转换表需要处理的reply报文中的源就是公网服务器IP地址以及端口号，目的就是持有的公网(共有)IP地址以及端口号。The source in the reply message to be processed by the reverse address translation table is the public network server IP address and port number, and the destination is the held public network (shared) IP address and port number.

正向地址转换表中的存的key(键)是也就是一个Hash值，是“源IP地址+源端口号+协议号+目的IP地址+目的端口号”的Hash值。根据该key值能查到的值是公网(共有)IP地址+端口号。基于这个值会把报文中的源IP替换成公网IP，源端口号替换成公网端口号，然后进行接下来的转发工作。The key stored in the forward address translation table is a Hash value, which is the Hash value of "source IP address+source port number+protocol number+destination IP address+destination port number". The value that can be found according to the key value is the public network (shared) IP address + port number. Based on this value, the source IP in the message will be replaced with the public network IP, and the source port number will be replaced with the public network port number, and then the next forwarding work will be performed.

反向地址转换表中的key是公有“IP地址+端口号”+协议号+源IP地址+源端口号的Hash值，然后查出对应内网的IP地址和端口号，替换掉此处的公有“IP地址+端口号”。The key in the reverse address translation table is the hash value of the public "IP address + port number" + protocol number + source IP address + source port number, then find out the IP address and port number corresponding to the intranet, and replace the Public "IP address + port number".

该正向地址转换表可以是用于存储私有地址和公有地址的正向转换条目的表，而反向地址转换表可以是用于存储私有地址和公有地址的反向转换条目的表。The forward address translation table may be a table for storing forward translation entries of private addresses and public addresses, and the reverse address translation table may be a table for storing reverse translation entries of private addresses and public addresses.

在步骤S620中，对正向转换条目和正向地址转换表进行重复识别，以更新正向地址转换表。In step S620, the forward translation entry and the forward address translation table are repeatedly identified, so as to update the forward address translation table.

在可选的实施例中，图7示出了更新正向地址转换表的方法的流程示意图，如图7所示，该方法至少包括以下步骤：在步骤S710中，对正向转换条目和正向地址转换表进行重复识别，确定正向地址转换表中已存在正向转换条目。In an optional embodiment, FIG. 7 shows a schematic flowchart of a method for updating a forward address translation table. As shown in FIG. 7 , the method at least includes the following steps: In step S710, the The address translation table performs duplicate identification to determine that a forward translation entry already exists in the forward address translation table.

该重复识别可以是判断正向地址转换表中是否已经存在与生成的正向转换条目相同的条目。The duplicate identification may be judging whether an entry identical to the generated forward translation entry already exists in the forward address translation table.

由于是根据相同的哈希算法计算出的条目值，因此可以通过比对正向转换条目的哈希值与正向地址转换表中的哈希值的方式确定正向地址转换表中是否存在与正向转换条目相同的条目。Since the value of the entry is calculated according to the same hash algorithm, it can be determined whether there is an entry in the forward address translation table by comparing the hash value of the forward translation entry with the hash value Forward translates entries that are the same as the entry.

当正向转换条目的哈希值与正向地址转换表中的哈希值相同时，确定正向地址转换表中已经存在正向转换条目。When the hash value of the forward translation entry is the same as the hash value in the forward address translation table, it is determined that the forward translation entry already exists in the forward address translation table.

在步骤S720中，利用地址资源池对正向转换条目重新分配公有地址，以更新正向地址转换表。In step S720, use the address resource pool to reallocate the public address to the forward translation entry, so as to update the forward address translation table.

如果在正向地址转换表中与正向转换条目查到同样的哈希值，意味着“源IP地址+源端口号+协议号+目的IP地址+目的端口号”想映射的公网IP的协议端口被使用了，所以会重新给它分配一个其它的公网IP的协议端口。If the same hash value is found in the forward address translation table and the forward translation entry, it means that the "source IP address + source port number + protocol number + destination IP address + destination port number" of the public network IP that you want to map The protocol port is used, so it will be reassigned to a protocol port of another public network IP.

重新分配是按照该方式实现的。Redistribution is implemented in this manner.

具体的，当取出地址资源池Hash表中的对应条目已被使用时，取出地址资源池中的下一个元素，亦即共有地址做映射，直至分配到对应的公有地址，并按照该公有地址更新正向地址转换表。Specifically, when the corresponding entry in the address resource pool Hash table has been used, take out the next element in the address resource pool, that is, the common address for mapping until it is allocated to the corresponding public address, and update according to the public address Forward address translation table.

在本示例性实施例中，在对正向转换条目和正向地址转换表进行重复识别的过程中，可能会出现正向转换条目已经存在于正向地址转换表的情况，因此通过重新分配的方式使得公有地址和私有地址之间建立一一对应的关系，保证了地址资源的使用效果。In this exemplary embodiment, in the process of repeatedly identifying the forward translation entry and the forward address translation table, it may occur that the forward translation entry already exists in the forward address translation table, so by reallocating A one-to-one correspondence relationship is established between public addresses and private addresses, ensuring the use effect of address resources.

值得说明的是，如果在正向地址转换表中与正向转换条目没有查到同样的哈希值，意味着“源IP地址+源端口号+协议号+目的IP地址+目的端口号”想映射的公网IP的协议端口没有被使用，因此可以将生成的正向转换条目插入到正向地址转换表中即可。It is worth noting that if the same hash value as the forward translation entry is not found in the forward address translation table, it means "source IP address + source port number + protocol number + destination IP address + destination port number" The protocol port of the mapped public network IP is not used, so the generated forward translation entry can be inserted into the forward address translation table.

在步骤S630中，将反向转换条目插入至反向地址转换表中，以更新反向地址转换表。In step S630, a reverse translation entry is inserted into the reverse address translation table to update the reverse address translation table.

由于正向地址转换表和反向地址转换表只是映射方向的不同，正向地址转换表是将内网端口查表(生成表)出到外网端口，反向地址转换表是将外网端口映射回对应的内网端口。因此，在正向地址转换表更新之后，可以直接将生成的反向转换条目插入到反向地址转换表中，以实现反向地址转换表的更新。Because the forward address translation table and the reverse address translation table are only different in the mapping direction, the forward address translation table is to look up the table (generate table) from the internal network port to the external network port, and the reverse address translation table is to transfer the external network port Map back to the corresponding intranet port. Therefore, after the forward address translation table is updated, the generated reverse translation entry can be directly inserted into the reverse address translation table, so as to realize the update of the reverse address translation table.

在本示例性实施例中，通过生成的正向转换条目和反向转换条目可以实现对正向地址转换表和反向地址转换表的更新，为私有地址和公有地址建立连接提供了支持。In this exemplary embodiment, the forward address translation table and the reverse address translation table can be updated through the generated forward translation entry and reverse translation entry, providing support for establishing a connection between a private address and a public address.

在可选的实施例中，地址资源池为一个计数器的形式。图8示出了一种对计数器进行更新的方法的流程示意图，如图8所示，该方法至少包括以下步骤：在步骤S810中，若地址资源池中的公有地址通过网络地址转换表建立连接，对一个计数器进行更新。In an optional embodiment, the address resource pool is in the form of a counter. Fig. 8 shows a schematic flowchart of a method for updating a counter. As shown in Fig. 8, the method at least includes the following steps: In step S810, if the public address in the address resource pool establishes a connection through the network address translation table , to update a counter.

当取出地址资源池Hash表中的对应条目的公有地址建立连接之后，可以同时刷新地址资源池Hash表中每个条目代表的计数器。After the public address of the corresponding entry in the Hash table of the address resource pool is taken out and the connection is established, the counter represented by each entry in the Hash table of the address resource pool can be refreshed at the same time.

具体操作可以是将该计数器值加1后回写，即表示指向下一个公有地址资源。如果计数器的值溢出，则计数器的值复位，从0开始计数。这样，如果一个地址资源池Hash表对应多个IP地址时，公有地址的分配是使IP地址域先进行轮转。The specific operation may be to add 1 to the counter value and write it back, which means pointing to the next public address resource. If the value of the counter overflows, the value of the counter is reset and starts counting from 0. In this way, if an address resource pool Hash table corresponds to multiple IP addresses, the allocation of public addresses is to make the IP address field rotate first.

在步骤S820中，若地址资源池中的公有地址通过网络地址转换表删除连接，对网络地址转换表进行更新。In step S820, if the public address in the address resource pool deletes the connection through the network address translation table, the network address translation table is updated.

当两台设备的两个协议端口之间的会话结束之后，通过网络地址转换表将之前使用的公有地址建立的条目连接可以删除，而无需对地址资源池进行任何操作。After the session between the two protocol ports of the two devices ends, the entry connection established by the previously used public address through the network address translation table can be deleted without any operation on the address resource pool.

在本示例性实施例中，通过计数器形式的地址资源池能够对计数器和网络地址转换表进行更新，使得网络地址转换表更加符合实时性的要求。In this exemplary embodiment, the counter and the network address translation table can be updated through the address resource pool in the form of a counter, so that the network address translation table can better meet the requirement of real-time performance.

当使用图4和图5的一个计数器形式的地址资源池时，在有大量内部用户同时通过网络地址转换表访问同一个外部网络地址时，会有一定概率的冲突。When using the address resource pool in the form of a counter in Figure 4 and Figure 5, when a large number of internal users access the same external network address through the network address translation table at the same time, there will be a certain probability of conflict.

假定多个用户同时对同一目的地址发出5K个连接请求，在地址资源池仅有一个IP地址时，该目的地址上可能引起冲突的概率为5K/64K＝0.08。亦即有8％的连接建立时，要重新分配一次地址资源。Assuming that multiple users send 5K connection requests to the same destination address at the same time, when the address resource pool has only one IP address, the probability that the destination address may cause a conflict is 5K/64K=0.08. That is, when 8% of connections are established, address resources need to be re-allocated once.

为了减少地址分配时的冲突概率，可以限定在一个目标Hash空间的地址资源池资源分配不得超过一个数值(比如30％)，以使网络地址转换表始终以较快速度响应用户的请求，因此可以采用至少两个计数器的形式的地址资源池。In order to reduce the conflict probability during address allocation, the resource allocation of the address resource pool in a target Hash space can be limited to no more than a value (such as 30%), so that the network address translation table can always respond to the user's request at a faster speed, so it can A pool of address resources in the form of at least two counters.

在可选的实施例中，地址资源池为至少两个计数器的形式。图9示出了另一种对计数器进行更新的方法的流程示意图，如图9所示，该方法至少包括以下步骤：在步骤S910中，若地址资源池中的公有地址通过网络地址转换表建立连接，对至少两个计数器进行更新。In an optional embodiment, the address resource pool is in the form of at least two counters. FIG. 9 shows a schematic flowchart of another method for updating the counter. As shown in FIG. 9, the method at least includes the following steps: In step S910, if the public address in the address resource pool is established through the network address translation table Concatenated to update at least two counters.

图10示出了再一种建立的地址资源池的内容和结构示意图，如图10所示，地址资源池Hash表由64K个表项组成，每个表项的内容分别为两个计数器，分别是Counter1、Counter1'、Counter2、Counter2'、...、Counter64K和Counter64K'。Fig. 10 shows a schematic diagram of the content and structure of yet another established address resource pool. As shown in Fig. 10, the address resource pool Hash table is composed of 64K entries, and the contents of each entry are two counters, respectively are Counter1, Counter1', Counter2, Counter2', ..., Counter64K and Counter64K'.

其中，计数器Counter1,Counter2,…,Counter64K和图4所示的一个64K的地址资源池Hash表的内容和结构中的计数器Counter1、Counter2、...、Counter64K相同，用于公有地址资源的分配。Among them, the counters Counter1, Counter2, ..., Counter64K are the same as the counters Counter1, Counter2, ..., Counter64K in the structure of a 64K address resource pool Hash table shown in Figure 4, and are used for the allocation of public address resources.

这些计数器的位数相同，并且由地址资源池Hash表对应IP地址个数的不同而不同。These counters have the same number of digits and are different according to the number of corresponding IP addresses in the Hash table of the address resource pool.

设定地址资源池Hash表对应2N(N＝0,1,...)个IP地址，则地址资源池Hash表中每个表项代表的计数器的位数为16+N(N＝0,1,...)。Set the Hash table of the address resource pool to correspond to 2N (N=0,1,...) IP addresses, then the number of digits of the counter represented by each entry in the Hash table of the address resource pool is 16+N (N=0, 1,...).

举例而言，如果地址资源池Hash表对应1个IP地址，则N＝0。地址资源池Hash表中每个表项代表一个16位的计数器。如果地址资源池Hash表对应2个IP地址，则N＝l，地址资源池Hash表中每个表项代表一个17位的计数器。For example, if the Hash table of the address resource pool corresponds to one IP address, then N=0. Each entry in the address resource pool Hash table represents a 16-bit counter. If the address resource pool Hash table corresponds to two IP addresses, then N=1, and each entry in the address resource pool Hash table represents a 17-bit counter.

计数器的高16位代表了要转换的公有端口号，计数器的低N位表示要转换的公有IP地址索引表的索引号，前面提到地址池Hash表对应的IP地址个数不同，则地址池Hash表中每个表项的位数不同。The upper 16 bits of the counter represent the public port number to be converted, and the lower N bits of the counter represent the index number of the public IP address index table to be converted. The number of bits in each entry in the Hash table is different.

如果地址池Hash表只对应1个IP地址，则计数器为16位，减去高16位后剩余低位为0位(即N＝0)。即IP地址索引号为0，对应公有IP地址索引表中的第1个公有IP地址。If the address pool Hash table only corresponds to one IP address, the counter is 16 bits, and the remaining low bits are 0 bits after subtracting the high 16 bits (that is, N=0). That is, the IP address index number is 0, which corresponds to the first public IP address in the public IP address index table.

如果地址池Hash表对应2个IP地址，则计数器为17位，减去高16位后剩余低位为1位(即N＝l)，分别表示为0和1。即IP地址索引号分别为0和1。其中，0对应公有IP地址索引表中的第一个公有IP地址，1对应公有IP地址索引表中的第2个公有IP地址，依此类推。If the address pool Hash table corresponds to 2 IP addresses, then the counter is 17 bits, and the remaining low bit is 1 bit after subtracting the high 16 bits (that is, N=1), which are represented as 0 and 1 respectively. That is, the IP address index numbers are 0 and 1, respectively. Among them, 0 corresponds to the first public IP address in the public IP address index table, 1 corresponds to the second public IP address in the public IP address index table, and so on.

其中，计数器Counter1'、Counter2'、...、Counter64K'用于对在同一表项中计数器对应的地址资源分配计数，其位数取决于允许同时有多少个地址被分配使用如果最多允许在一个目标Hash空间的地址池资源同时分配出去一半地址，则Counter1'比Counter1少1位，其它用于地址资源分配计数的计数器Counter2'、…、Counter64K'，依此类推。如果最多允许在一个目标Hash空间的地址池资源同时分配出去1/4地址，则Counter1'比Counter1少2位，其它用于地址资源分配计数的计数器Counter2',...,Counter64K'，依此类推。Among them, the counters Counter1', Counter2', ..., Counter64K' are used to count the address resource allocation corresponding to the counter in the same entry, and the number of bits depends on how many addresses are allowed to be allocated at the same time. The address pool resources of the target Hash space are allocated half of the address at the same time, then Counter1' is 1 bit less than Counter1, and other counters Counter2', ..., Counter64K' are used for address resource allocation and counting, and so on. If a maximum of 1/4 addresses are allowed to be allocated in the address pool resources of a target Hash space at the same time, then Counter1' is 2 bits less than Counter1, and other counters Counter2',...,Counter64K' used for counting address resource allocation, and so on analogy.

当取出地址资源池Hash表中的对应条目的公有地址建立连接之后，可以同时刷新地址资源池Hash中每个表项代表的计数器。After the public address of the corresponding entry in the address resource pool Hash table is taken out and the connection is established, the counter represented by each entry in the address resource pool Hash can be refreshed at the same time.

具体操作可以是将该表项的两个计数器值都加1后回写，即表项中笫一个计数器，例如Counter1，指向下一个公有地址资源，笫二个计数器，例如Counter1'表示此表项对应的目标Hash空间的地址池资源又被分配出去一个。The specific operation can be to add 1 to the two counter values of the entry and write it back, that is, the first counter in the entry, such as Counter1, points to the next public address resource, and the second counter, such as Counter1', indicates this entry The address pool resource of the corresponding target Hash space is allocated one more.

笫二个计数器达到最大值时，表示此表项对应的目标Hash空间的地址池资源不能再用，则本次地址分配失败，不予分配。When the second counter reaches the maximum value, it means that the address pool resources of the target Hash space corresponding to this table item can no longer be used, and the address allocation fails this time and is not allocated.

在步骤S920中，若地址资源池中的公有地址通过网络地址转换表删除连接，对至少两个计数器中的一个进行更新。In step S920, if the public address in the address resource pool deletes the connection through the network address translation table, one of the at least two counters is updated.

当地址资源池的表项对应的目标Hash空间的地址池资源使用完毕，连接拆除时，则将表项中笫二个计数器，例如Counter1'减1后回写，表示此表项对应的目标Hash空间的地址池资源中有一个被释放。When the address pool resource of the target Hash space corresponding to the entry in the address resource pool is used up and the connection is removed, the second counter in the entry, such as Counter1', will be written back after being decremented by 1, indicating the target Hash corresponding to this entry. One of the address pool resources of the space is released.

而第一个计数器，例如Counter1值不变，表示再有新的用户连接时，如果分配对应此表项对应的目标Hash空间的地址池资源，则从此表项对应的笫一个计数器，例如Counter1当前对应的地址向下分配。The value of the first counter, such as Counter1, remains unchanged, indicating that when a new user connects, if the address pool resource corresponding to the target Hash space corresponding to this entry is allocated, the first counter corresponding to this entry, such as Counter1, is currently The corresponding addresses are assigned downwards.

在本示例性实施例中，通过至少两个计数器形式的地址资源池能够在不同情况下对计数器进行更新，使得网络地址转换表更加符合实时性的要求，也避免了地址请求冲突的情况发生。In this exemplary embodiment, at least two address resource pools in the form of counters can update the counters in different situations, so that the network address translation table is more in line with real-time requirements and avoids address request conflicts.

下面结合一应用场景对本公开实施例中网络地址资源的处理方法做出详细说明。The method for processing network address resources in the embodiments of the present disclosure will be described in detail below in conjunction with an application scenario.

随着Internet网络以爆炸性的速度膨胀，IP地址数量的短缺以及路由规模的日益增大已经成为一个相当严重的问题。为了解决这个问题，出现了多种解决方案，如使用IPv6替代现有的IPv4。With the explosive expansion of the Internet network, the shortage of IP addresses and the increasing scale of routing have become a very serious problem. In order to solve this problem, various solutions have emerged, such as using IPv6 to replace the existing IPv4.

而在IPv6完全推广之前，一种在目前网络环境中比较有效的方法即NAT。NAT是指在一个网络内部，根据需求可以随意自定义IP地址，而不需要经过申请。在网络内部，各个设备之间通过内部的IP地址进行通信，而当内部的计算机要与外部Internet网络进行通信时，具有NAT功能的设备(例如路由器)负责将其内部的IP地址转换为合法的外部IP地址进行通信。Before IPv6 is fully promoted, a more effective method in the current network environment is NAT. NAT means that within a network, IP addresses can be freely customized according to needs without application. Inside the network, each device communicates through the internal IP address, and when the internal computer wants to communicate with the external Internet network, a device with NAT function (such as a router) is responsible for converting its internal IP address into a legal one. External IP address for communication.

第一组作为Hash表用于直接的地址分配，第二组用于在第一组分配不成功时使用。两组地址池的组织结构相同。为每个IP地址分配一个64K表项的数组。The first group is used as a Hash table for direct address assignment, and the second group is used when the first group assignment fails. The organizational structure of the two groups of address pools is the same. An array of 64K entries is allocated for each IP address.

其中，每个表项代表一个端口，该端口号和IP地址一起构成一项地址池资源。当对一个数据流进行网络地址转换时，通过对该数据流Hash选中第一组地址池IP1-IPk中的一个表项，利用此表项给出的地址进行源地址替换。如果此表项已被分配，则到第二组地址池IPn中分配一个空闲表项，并在Hash选中的第一组地址池中的表项中用指针指向该空闲表项，如果后续还有相同Hash命中的情况，则继续到IPn中分配一个空闲表项，并延长冲突链表。Wherein, each entry represents a port, and the port number and IP address together constitute an address pool resource. When performing network address translation on a data flow, an entry in the first group of address pools IP1-IPk is selected by hashing the data flow, and the address given by this entry is used to replace the source address. If this entry has been allocated, then allocate an idle entry in the second group of address pool IPn, and use a pointer to point to the idle entry in the entry in the first group of address pools selected by Hash, if there are subsequent In the case of the same Hash hit, continue to allocate an idle entry in IPn, and extend the conflict list.

动态地址转换的方法是采用位图关联方式。每个地址池有多个IP地址，每个IP地址按端口号分配地址资源，每个端口号对应一位，每一位ULONG(无符号长整型)整数代表一个端口的状态，2K个ULONG型整数就可以代表所有的端口号。The method of dynamic address translation is to use bitmap association. Each address pool has multiple IP addresses, each IP address allocates address resources according to the port number, each port number corresponds to one bit, each ULONG (unsigned long integer) integer represents the status of a port, 2K ULONG Type integers can represent all port numbers.

采用动态地址转换的方法，地址池的利用率较静态地址转换的方法有所提高，但是，一个IP地址+端口号对仍只能用于一个连接。With the method of dynamic address translation, the utilization rate of the address pool is improved compared with the method of static address translation. However, one IP address+port number pair can only be used for one connection.

举例而言，要支持512K的连接，至少需要512K/64K＝8个IP地址，地址池资源的利用率仍然有限。For example, to support 512K connections, at least 512K/64K=8 IP addresses are required, and the utilization rate of address pool resources is still limited.

图11示出了应用场景下网络地址资源的处理方法的流程示意图，如图11所示，在步骤S1110中，建立地址池Hash表。FIG. 11 shows a schematic flowchart of a method for processing network address resources in an application scenario. As shown in FIG. 11 , in step S1110, an address pool Hash table is established.

地址资源池表示一组连续的公有地址，地址资源池的Hash表内容对应公有地址资源，亦即公有地址值。地址资源池Hash表的大小可以为64K的2N(N＝0,1,2…)倍。The address resource pool represents a group of continuous public addresses, and the content of the Hash table in the address resource pool corresponds to the public address resource, that is, the public address value. The size of the Hash table of the address resource pool may be 2N (N=0, 1, 2...) times of 64K.

其中，N的取值直接决定了地址的复用率，N取得越大，目标空间就划分得越细，从而地址资源池可重复利用的次数也就越多。Among them, the value of N directly determines the reuse rate of the address. The larger the value of N is, the finer the target space is divided, and the more times the address resource pool can be reused.

例如，地址资源池Hash表由64K个表项组成，每个表项的内容Counter1,Counter2,...,Counter64K分别是一个计数器，这些计数器的位数相同，并且由地址池Hash表对应IP地址个数的不同而不同。For example, the Hash table of the address resource pool consists of 64K entries. The content of each entry, Counter1, Counter2,..., Counter64K, is a counter respectively. The numbers vary.

再例如，该地址资源池Hash表的内容和结构与图4所示的地址资源池Hash表相同，只是此表的容量更大，有128K。也就是说有128K个条目。For another example, the content and structure of the address resource pool Hash table are the same as the address resource pool Hash table shown in FIG. 4 , except that the capacity of this table is larger, 128K. That is 128K entries.

进一步的，还可以获取私有地址。Furthermore, private addresses can also be obtained.

其中，私有地址可以是内部网络用户数据流的目的三元组形式。举例而言，该目的三元组为“协议号+目的IP地址+目的端口号”，也可以是其他形式，本示例性实施例对此不做特殊限定。Wherein, the private address may be in the form of the destination triplet of the internal network user data flow. For example, the destination triplet is "protocol number+destination IP address+destination port number", and may also be in other forms, which is not specifically limited in this exemplary embodiment.

在步骤S1120中，取目的三元组进行Hash运算，得到一个Hash值。In step S1120, the target triplet is selected for Hash operation to obtain a Hash value.

对私有地址进行地址计算的方式可以是哈希计算。The address calculation method for the private address may be hash calculation.

私有地址包括目的私有地址，对目的私有地址进行地址计算得到私有地址值。The private address includes the destination private address, and address calculation is performed on the destination private address to obtain the private address value.

在步骤S1130中，以Hash值查找地址池Hash表。In step S1130, look up the Hash table of the address pool with the Hash value.

在步骤S1140中，取出地址池Hash表中的对应表项。In step S1140, the corresponding entry in the address pool Hash table is fetched.

在步骤S1150中，取得公有“IP地址+端口号”对。In step S1150, the public "IP address+port number" pair is obtained.

在步骤S1160中，对目标五元组进行Hash，分别生成正向网络地址转换表项和反向网络地址转换表项。In step S1160, Hash is performed on the target quintuple to generate a forward NAT entry and a reverse NAT entry respectively.

在得到目标地址之后，可以对目标地址和私有地址进行地址计算。After obtaining the target address, address calculation can be performed on the target address and the private address.

私有地址包括目标私有地址，对目标地址和目标私有地址进行地址计算得到地址转换条目。The private address includes the target private address, and an address translation entry is obtained by performing address calculation on the target address and the target private address.

该地址转换条目包括正向转换条目和反向转换条目，亦即正向网络地址转换表项和反向网络地址转换表项。The address translation entry includes a forward translation entry and a reverse translation entry, that is, a forward NAT entry and a reverse NAT entry.

在步骤S1170中，正向NAT转换关系表中是否已有相同表项。In step S1170, whether the same entry exists in the forward NAT translation relationship table.

获取与正向转换条目对应的正向地址转换表，并获取与反向转换条目对应的反向地址转换表。A forward address translation table corresponding to the forward translation entry is obtained, and a reverse address translation table corresponding to the reverse translation entry is obtained.

基于目标五元组“源IP地址+源端口号+协议号+目的IP地址+目的端口号”和公有“IP地址+端口号”去生成正向地址转换表和反向地址转换表。内网机器去访问一个公网的服务器，过程是内网机器发送了一个echo(回声)报文，公网回复一个reply(回复)报文。Based on the target quintuple "source IP address+source port number+protocol number+destination IP address+destination port number" and public "IP address+port number" to generate forward address translation table and reverse address translation table. When an intranet machine accesses a public network server, the process is that the intranet machine sends an echo (echo) message, and the public network replies with a reply (reply) message.

对正向转换条目和正向地址转换表进行重复识别，确定正向地址转换表中已存在正向转换条目。The forward translation entry and the forward address translation table are repeatedly identified, and it is determined that the forward translation entry already exists in the forward address translation table.

该重复识别可以是判断正向地址转换表中是否已经存在与生成的正向转换条目相同的条目。由于是根据相同的哈希算法计算出的条目值，因此可以通过比对正向转换条目的哈希值与正向地址转换表中的哈希值的方式确定正向地址转换表中是否存在与正向转换条目相同的条目。The duplicate identification may be judging whether an entry identical to the generated forward translation entry already exists in the forward address translation table. Since the value of the entry is calculated according to the same hash algorithm, it can be determined whether there is an entry in the forward address translation table by comparing the hash value of the forward translation entry with the hash value Forward translates entries that are the same as the entry.

利用地址资源池对正向转换条目重新分配公有地址，以更新正向地址转换表。Use the address resource pool to reallocate the public address to the forward translation entry, so as to update the forward address translation table.

重新分配是按照该方式实现的。具体的，当取出地址资源池Hash表中的对应条目已被使用时，取出地址资源池中的下一个元素，亦即共有地址做映射，直至分配到对应的公有地址，并按照该公有地址更新正向地址转换表。Redistribution is implemented in this manner. Specifically, when the corresponding entry in the address resource pool Hash table has been used, take out the next element in the address resource pool, that is, the common address for mapping until it is allocated to the corresponding public address, and update according to the public address Forward address translation table.

在步骤S1180中，插入正向NAT转换关系表。In step S1180, the forward NAT translation relationship table is inserted.

如果在正向地址转换表中与正向转换条目没有查到同样的哈希值，意味着“源IP地址+源端口号+协议号+目的IP地址+目的端口号”想映射的公网IP的协议端口没有被使用，因此可以将生成的正向转换条目插入到正向地址转换表中即可。If the same hash value as the forward translation entry is not found in the forward address translation table, it means that "source IP address + source port number + protocol number + destination IP address + destination port number" wants to map the public network IP The protocol port of is not used, so the generated forward translation entry can be inserted into the forward address translation table.

在步骤S1190中，插入反向NAT转换关系表。In step S1190, a reverse NAT translation relationship table is inserted.

当出现有连接删除的情况时，直接删除NAT转换关系表中的对应的转换表项，对地址资源池没有操作。When a connection is deleted, the corresponding translation entry in the NAT translation relationship table is directly deleted, and no operation is performed on the address resource pool.

值得说明的是，该网络地址资源的处理方法不仅适用于TCP/UDP连接，对基于其它协议的连接同样适用，只要使用相应的地址转换关系表的查找key。It is worth noting that the processing method of the network address resources is not only applicable to TCP/UDP connections, but also applicable to connections based on other protocols, as long as the lookup key of the corresponding address translation relationship table is used.

举例而言，当网络地址资源的处理方法适用于icmp协议时，不存在端口的这一层，是IP到IP之间的。但是，不同内网机器发出的icmp包可以通过协议中的id字段进行区分，然后也是做一个Hash的唯一性映射。因此，也是用过Hash为key找表中的value(值)即可。For example, when the processing method of network address resources is applicable to the icmp protocol, there is no such layer as the port, which is between IP and IP. However, the icmp packets sent by different intranet machines can be distinguished by the id field in the protocol, and then a Hash unique mapping is also done. Therefore, it is enough to use Hash to find the value (value) in the table for the key.

并且，TCP/UDP的前1024个端口号通常保留，不用于公有地址分配。该应用场景中的描述中是为了简化，假定了一个IP地址上的64K个端口均可以分配在实际应用中，可以保留TCP/UDP的前1024个端口号，但是对网络地址资源的处理方法的实施并无影响。Also, the first 1024 port numbers of TCP/UDP are usually reserved and not used for public address allocation. The description in this application scenario is for simplification. It is assumed that all 64K ports on an IP address can be allocated in actual applications, and the first 1024 port numbers of TCP/UDP can be reserved, but the processing method of network address resources is limited. Implementation has no effect.

在该应用场景下的网络地址资源的处理方法，通过建立的公有地址的地址资源池对生成网络地址转换表提供数据支持，使得网络地址资源的处理能够重复使用地址资源池中的资源，极大地增加了网络地址资源的利用率。更进一步的，对私有地址以及私有地址和目标地址之间进行相同的地址计算，使得网络地址转换表的占用内存少，并且便于网络地址资源的维护，有效地解决了互联网的地址短缺问题。The method for processing network address resources in this application scenario provides data support for generating a network address translation table through the established address resource pool of public addresses, so that the processing of network address resources can reuse the resources in the address resource pool, greatly improving Increased utilization of network address resources. Furthermore, the same address calculation is performed on the private address and between the private address and the target address, so that the network address translation table occupies less memory, facilitates the maintenance of network address resources, and effectively solves the problem of address shortage on the Internet.

此外，在本公开的示例性实施例中，还提供一种网络地址资源的处理装置。图12示出了网络地址资源的处理装置的结构示意图，如图12所示，网络地址资源的处理装置1200可以包括：数据获取模块1210、地址计算模块1220和条目更新模块1230。其中：In addition, in an exemplary embodiment of the present disclosure, an apparatus for processing network address resources is also provided. FIG. 12 shows a schematic structural diagram of an apparatus for processing network address resources. As shown in FIG. 12 , theapparatus 1200 for processing network address resources may include: adata acquisition module 1210 , anaddress calculation module 1220 and anentry update module 1230 . in:

数据获取模块1210，被配置为建立公有地址的地址资源池，并获取私有地址；其中，所述地址资源池中包括所述公有地址的公有地址值；Thedata obtaining module 1210 is configured to establish an address resource pool of public addresses, and obtain private addresses; wherein, the address resource pool includes public address values of the public addresses;

地址计算模块1220，被配置为对所述私有地址进行地址计算得到私有地址值，并利用所述私有地址值对所述公有地址值进行地址遍历确定所述公有地址中的目标地址；Theaddress calculation module 1220 is configured to perform address calculation on the private address to obtain a private address value, and use the private address value to perform address traversal on the public address value to determine a target address in the public address;

条目更新模块1230，被配置为对所述目标地址和所述私有地址进行地址计算得到地址转换条目，并根据所述地址转换条目生成网络地址转换表。Theentry update module 1230 is configured to perform address calculation on the target address and the private address to obtain an address translation entry, and generate a network address translation table according to the address translation entry.

所述方法还包括：The method also includes:

上述网络地址资源的处理装置1200的具体细节已经在对应的网络地址资源的处理方法中进行了详细的描述，因此此处不再赘述。The specific details of the above-mentionedapparatus 1200 for processing network address resources have been described in detail in the corresponding method for processing network address resources, so details will not be repeated here.

应当注意，尽管在上文详细描述中提及了网络地址资源的处理装置1200的若干模块或者单元，但是这种划分并非强制性的。实际上，根据本公开的实施方式，上文描述的两个或更多模块或者单元的特征和功能可以在一个模块或者单元中具体化。反之，上文描述的一个模块或者单元的特征和功能可以进一步划分为由多个模块或者单元来具体化。It should be noted that although several modules or units of thedevice 1200 for processing network address resources are mentioned in the above detailed description, such division is not mandatory. Actually, according to the embodiment of the present disclosure, the features and functions of two or more modules or units described above may be embodied in one module or unit. Conversely, the features and functions of one module or unit described above can be further divided to be embodied by a plurality of modules or units.

此外，在本公开的示例性实施例中，还提供了一种能够实现上述方法的电子设备。In addition, in an exemplary embodiment of the present disclosure, an electronic device capable of implementing the above method is also provided.

下面参照图13来描述根据本发明的这种实施例的电子设备1300。图13显示的电子设备1300仅仅是一个示例，不应对本发明实施例的功能和使用范围带来任何限制。Anelectronic device 1300 according to such an embodiment of the present invention is described below with reference to FIG. 13 . Theelectronic device 1300 shown in FIG. 13 is only an example, and should not limit the functions and scope of use of this embodiment of the present invention.

如图13所示，电子设备1300以通用计算设备的形式表现。电子设备1300的组件可以包括但不限于：上述至少一个处理单元1310、上述至少一个存储单元1320、连接不同系统组件(包括存储单元1320和处理单元1310)的总线1330、显示单元1340。As shown in FIG. 13,electronic device 1300 takes the form of a general-purpose computing device. The components of theelectronic device 1300 may include, but are not limited to: at least oneprocessing unit 1310, at least onestorage unit 1320, abus 1330 connecting different system components (including thestorage unit 1320 and the processing unit 1310), and adisplay unit 1340.

其中，所述存储单元存储有程序代码，所述程序代码可以被所述处理单元1310执行，使得所述处理单元1310执行本说明书上述“示例性方法”部分中描述的根据本发明各种示例性实施例的步骤。Wherein, the storage unit stores program codes, and the program codes can be executed by theprocessing unit 1310, so that theprocessing unit 1310 executes various exemplary methods according to the present invention described in the "Exemplary Methods" section of this specification. Example steps.

存储单元1320可以包括易失性存储单元形式的可读介质，例如随机存取存储单元(RAM)1321和/或高速缓存存储单元1322，还可以进一步包括只读存储单元(ROM)1323。Thestorage unit 1320 may include a readable medium in the form of a volatile storage unit, such as a random access storage unit (RAM) 1321 and/or acache storage unit 1322 , and may further include a read-only storage unit (ROM) 1323 .

存储单元1320还可以包括具有一组(至少一个)程序模块1325的程序/实用工具1324，这样的程序模块1325包括但不限于：操作系统、一个或者多个应用程序、其它程序模块以及程序数据，这些示例中的每一个或某种组合中可能包括网络环境的实现。Storage unit 1320 may also include programs/utilities 1324 having a set (at least one) ofprogram modules 1325,such program modules 1325 including but not limited to: an operating system, one or more application programs, other program modules, and program data, Implementations of networked environments may be included in each or some combination of these examples.

总线1330可以为表示几类总线结构中的一种或多种，包括存储单元总线或者存储单元控制器、外围总线、图形加速端口、处理单元或者使用多种总线结构中的任意总线结构的局域总线。Bus 1330 may represent one or more of several types of bus structures, including a memory cell bus or memory cell controller, a peripheral bus, an accelerated graphics port, a processing unit, or a local area using any of a variety of bus structures. bus.

电子设备1300也可以与一个或多个外部设备1500(例如键盘、指向设备、蓝牙设备等)通信，还可与一个或者多个使得用户能与该电子设备1300交互的设备通信，和/或与使得该电子设备1300能与一个或多个其它计算设备进行通信的任何设备(例如路由器、调制解调器等等)通信。这种通信可以通过输入/输出(I/O)接口1350进行。并且，电子设备1300还可以通过网络适配器1360与一个或者多个网络(例如局域网(LAN)，广域网(WAN)和/或公共网络，例如因特网)通信。如图所示，网络适配器1360通过总线1330与电子设备1300的其它模块通信。应当明白，尽管图中未示出，可以结合电子设备1300使用其它硬件和/或软件模块，包括但不限于：微代码、设备驱动器、冗余处理单元、外部磁盘驱动阵列、RAID系统、磁带驱动器以及数据备份存储系统等。Theelectronic device 1300 can also communicate with one or more external devices 1500 (such as keyboards, pointing devices, Bluetooth devices, etc.), and can also communicate with one or more devices that enable the user to interact with theelectronic device 1300, and/or communicate with Any device (eg, router, modem, etc.) that enables theelectronic device 1300 to communicate with one or more other computing devices. Such communication may occur through input/output (I/O)interface 1350 . Moreover, theelectronic device 1300 can also communicate with one or more networks (such as a local area network (LAN), a wide area network (WAN) and/or a public network such as the Internet) through thenetwork adapter 1360 . As shown, thenetwork adapter 1360 communicates with other modules of theelectronic device 1300 through thebus 1330 . It should be appreciated that although not shown, other hardware and/or software modules may be used in conjunction withelectronic device 1300, including but not limited to: microcode, device drivers, redundant processing units, external disk drive arrays, RAID systems, tape drives And data backup storage system, etc.

通过以上的实施例的描述，本领域的技术人员易于理解，这里描述的示例实施例可以通过软件实现，也可以通过软件结合必要的硬件的方式来实现。因此，根据本公开实施例的技术方案可以以软件产品的形式体现出来，该软件产品可以存储在一个非易失性存储介质(可以是CD-ROM，U盘，移动硬盘等)中或网络上，包括若干指令以使得一台计算设备(可以是个人计算机、服务器、终端装置、或者网络设备等)执行根据本公开实施例的方法。Through the description of the above embodiments, those skilled in the art can easily understand that the exemplary embodiments described here can be implemented by software, or by combining software with necessary hardware. Therefore, the technical solutions according to the embodiments of the present disclosure can be embodied in the form of software products, and the software products can be stored in a non-volatile storage medium (which can be CD-ROM, U disk, mobile hard disk, etc.) or on the network , including several instructions to make a computing device (which may be a personal computer, a server, a terminal device, or a network device, etc.) execute the method according to the embodiment of the present disclosure.

在本公开的示例性实施例中，还提供了一种计算机可读存储介质，其上存储有能够实现本说明书上述方法的程序产品。在一些可能的实施例中，本发明的各个方面还可以实现为一种程序产品的形式，其包括程序代码，当所述程序产品在终端设备上运行时，所述程序代码用于使所述终端设备执行本说明书上述“示例性方法”部分中描述的根据本发明各种示例性实施例的步骤。In an exemplary embodiment of the present disclosure, there is also provided a computer-readable storage medium on which a program product capable of implementing the above-mentioned method in this specification is stored. In some possible embodiments, various aspects of the present invention can also be implemented in the form of a program product, which includes program code, and when the program product is run on a terminal device, the program code is used to make the The terminal device executes the steps according to various exemplary embodiments of the present invention described in the "Exemplary Method" section above in this specification.

参考图14所示，描述了根据本发明的实施例的用于实现上述方法的程序产品1400，其可以采用便携式紧凑盘只读存储器(CD-ROM)并包括程序代码，并可以在终端设备，例如个人电脑上运行。然而，本发明的程序产品不限于此，在本文件中，可读存储介质可以是任何包含或存储程序的有形介质，该程序可以被指令执行系统、装置或者器件使用或者与其结合使用。As shown in FIG. 14 , aprogram product 1400 for realizing the above-mentioned method according to an embodiment of the present invention is described, which may adopt a portable compact disc read-only memory (CD-ROM) and include program codes, and may be used in a terminal device, For example running on a personal computer. However, the program product of the present invention is not limited thereto. In this document, a readable storage medium may be any tangible medium containing or storing a program, and the program may be used by or in combination with an instruction execution system, apparatus or device.

所述程序产品可以采用一个或多个可读介质的任意组合。可读介质可以是可读信号介质或者可读存储介质。可读存储介质例如可以为但不限于电、磁、光、电磁、红外线、或半导体的系统、装置或器件，或者任意以上的组合。可读存储介质的更具体的例子(非穷举的列表)包括：具有一个或多个导线的电连接、便携式盘、硬盘、随机存取存储器(RAM)、只读存储器(ROM)、可擦式可编程只读存储器(EPROM或闪存)、光纤、便携式紧凑盘只读存储器(CD-ROM)、光存储器件、磁存储器件、或者上述的任意合适的组合。The program product may reside on any combination of one or more readable media. The readable medium may be a readable signal medium or a readable storage medium. The readable storage medium may be, for example, but not limited to, an electrical, magnetic, optical, electromagnetic, infrared, or semiconductor system, device, or device, or any combination thereof. More specific examples (non-exhaustive list) of readable storage media include: electrical connection with one or more conductors, portable disk, hard disk, random access memory (RAM), read only memory (ROM), erasable programmable read-only memory (EPROM or flash memory), optical fiber, portable compact disk read-only memory (CD-ROM), optical storage devices, magnetic storage devices, or any suitable combination of the foregoing.

计算机可读信号介质可以包括在基带中或者作为载波一部分传播的数据信号，其中承载了可读程序代码。这种传播的数据信号可以采用多种形式，包括但不限于电磁信号、光信号或上述的任意合适的组合。可读信号介质还可以是可读存储介质以外的任何可读介质，该可读介质可以发送、传播或者传输用于由指令执行系统、装置或者器件使用或者与其结合使用的程序。A computer readable signal medium may include a data signal carrying readable program code in baseband or as part of a carrier wave. Such propagated data signals may take many forms, including but not limited to electromagnetic signals, optical signals, or any suitable combination of the foregoing. A readable signal medium may also be any readable medium other than a readable storage medium that can transmit, propagate, or transport a program for use by or in conjunction with an instruction execution system, apparatus, or device.

可读介质上包含的程序代码可以用任何适当的介质传输，包括但不限于无线、有线、光缆、RF等等，或者上述的任意合适的组合。Program code embodied on a readable medium may be transmitted using any appropriate medium, including but not limited to wireless, wireline, optical fiber cable, RF, etc., or any suitable combination of the foregoing.

可以以一种或多种程序设计语言的任意组合来编写用于执行本发明操作的程序代码，所述程序设计语言包括面向对象的程序设计语言—诸如Java、C++等，还包括常规的过程式程序设计语言—诸如“C”语言或类似的程序设计语言。程序代码可以完全地在用户计算设备上执行、部分地在用户设备上执行、作为一个独立的软件包执行、部分在用户计算设备上部分在远程计算设备上执行、或者完全在远程计算设备或服务器上执行。在涉及远程计算设备的情形中，远程计算设备可以通过任意种类的网络，包括局域网(LAN)或广域网(WAN)，连接到用户计算设备，或者，可以连接到外部计算设备(例如利用因特网服务提供商来通过因特网连接)。Program code for carrying out the operations of the present invention may be written in any combination of one or more programming languages, including object-oriented programming languages—such as Java, C++, etc., as well as conventional procedural programming languages. Programming language - such as "C" or a similar programming language. The program code may execute entirely on the user's computing device, partly on the user's device, as a stand-alone software package, partly on the user's computing device and partly on a remote computing device, or entirely on the remote computing device or server to execute. In cases involving a remote computing device, the remote computing device may be connected to the user computing device through any kind of network, including a local area network (LAN) or a wide area network (WAN), or may be connected to an external computing device (for example, using an Internet service provider). business to connect via the Internet).

本领域技术人员在考虑说明书及实践这里公开的发明后，将容易想到本公开的其他实施例。本申请旨在涵盖本公开的任何变型、用途或者适应性变化，这些变型、用途或者适应性变化遵循本公开的一般性原理并包括本公开未公开的本技术领域中的公知常识或惯用技术手段。说明书和实施例仅被视为示例性的，本公开的真正范围和精神由权利要求指出。Other embodiments of the disclosure will be readily apparent to those skilled in the art from consideration of the specification and practice of the invention disclosed herein. This application is intended to cover any modification, use or adaptation of the present disclosure, and these modifications, uses or adaptations follow the general principles of the present disclosure and include common knowledge or conventional technical means in the technical field not disclosed in the present disclosure . The specification and examples are to be considered exemplary only, with the true scope and spirit of the disclosure indicated by the appended claims.