CN114978890B - Port mapping system and mapping method thereof - Google Patents
Port mapping system and mapping method thereof Download PDFInfo
- Publication number
- CN114978890B CN114978890B CN202210526920.1A CN202210526920A CN114978890B CN 114978890 B CN114978890 B CN 114978890B CN 202210526920 A CN202210526920 A CN 202210526920A CN 114978890 B CN114978890 B CN 114978890B
- Authority
- CN
- China
- Prior art keywords
- port
- port mapping
- mapping
- internal network
- control device
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000013507 mapping Methods 0.000 title claims abstract description 159
- 238000000034 method Methods 0.000 title claims abstract description 17
- 238000012423 maintenance Methods 0.000 abstract description 4
- 238000007726 management method Methods 0.000 description 3
- 238000004891 communication Methods 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000012550 audit Methods 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 230000002452 interceptive effect Effects 0.000 description 1
- 238000011835 investigation Methods 0.000 description 1
- 238000002955 isolation Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/08—Configuration management of networks or network elements
- H04L41/0803—Configuration setting
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
- Small-Scale Networks (AREA)
Abstract
The invention discloses a port mapping system and a mapping method thereof, wherein the mapping system comprises a control device, internal network equipment and a plurality of port mapping servers; the control device is used for registering the address, the available port and the port forwarding performance of the internal network equipment and the external network equipment supported by the port mapping server; the method comprises the steps of analyzing an access request after receiving a request of a user for accessing internal network equipment, searching a configured port mapping database, selecting an idle port mapping server port according to registered port mapping server information if the configured port mapping database is not found, configuring a port mapping relation for corresponding internal network equipment, and issuing the port mapping relation to the selected port mapping server; and the control device returns the external network address and the port corresponding to the internal network equipment to the user according to the newly configured port mapping relation data. The invention can realize the mechanism control management of the port mapping server and reduce the maintenance cost and technical difficulty of the enterprise network.
Description
Technical Field
The invention belongs to the technical field of network communication, and relates to a port mapping system and a mapping method thereof.
Background
Many businesses build an internal local area network and require that the internal local area network be connected to an external network, such as the internet. With the rapid development of the internet, the shortage of IP addresses is a very prominent problem, and service resources of enterprises cannot each have an IP address, and port mapping is a solution for interworking between internal and external networks.
The port mapping is to map one port of the intranet host to one port of the extranet host, when a user accesses a certain port of the extranet IP, the server automatically maps the user request to the port of the intranet host, so that the problem of intercommunication between the internal network and the external network can be solved, the IP address space is saved, and a large number of internal demands of enterprises can be met by a plurality of extranet IP addresses for the enterprises.
The port mapping may be implemented by some software, such as Rinetd, portmap, etc., which may be implemented on a server as long as the software is installed on the server.
The port mapping method solves the intercommunication problem of the external network and the internal isolation network of the enterprise, but also increases the operation and maintenance cost of the enterprise, and has large configuration workload and low configuration efficiency especially when a large amount of intercommunication services exist. If configuration errors or repeated mapping of ports occur, the service is not enabled or blocked, the fault is difficult to check, the technical requirement for checking is high, and the labor workload is high.
Disclosure of Invention
The invention aims to overcome the defects in the prior art, and provides a port mapping system and a mapping method thereof, which can realize the mechanism control management of a port mapping server and reduce the maintenance cost and the technical difficulty of an enterprise network.
In order to achieve the above purpose, the invention is realized by adopting the following technical scheme:
in one aspect, the present invention provides a port mapping system, including a control device, an internal network device, and a plurality of port mapping servers;
the port mapping server is used for mapping the ports of the external network to the corresponding internal network ports according to the port mapping configuration; the port mapping configuration records the mapping relation between the external network port and the internal network port;
the control device is used for registering the address, the available port and the port forwarding performance of the internal network equipment and the external network equipment supported by the port mapping server; the method is also used for analyzing the access request after receiving the request of the user for accessing the internal network equipment, searching the configured port mapping database to obtain the external network address and the port configured for the corresponding internal network equipment, and returning the external network address and the port to the user so that the user can access the corresponding port mapping server through the external network address and the port;
when the control device searches the configured port mapping database, if the external network address and the port configured for the internal network device are not found, selecting an idle port mapping server port according to the registered port mapping server information, configuring a port mapping relation for the corresponding internal network device, updating the configured port mapping relation data to the port mapping database, and issuing to the selected port mapping server; and the control device returns the external network address and the port corresponding to the internal network equipment to the user according to the newly configured port mapping relation data.
In another aspect, the present invention provides a mapping method of the port mapping system according to the first aspect, where the control device stores port mapping data, and the mapping method includes the following steps:
the control device registers the addresses of the internal network devices and the external network devices supported by the port mapping servers, available ports and port forwarding performance;
the control device receives a request submitted by a user for accessing the internal network equipment and analyzes the access request of the user;
when the access request of the user passes, the control device searches the configured port mapping database to obtain an external network address and a port configured for the corresponding internal network equipment, and returns the external network address and the port to the user, so that the user can access the corresponding port mapping server through the external network address and the port, and then the port of the external network is mapped to the corresponding internal network port through the port mapping server;
when the control device searches the configured port mapping database, if the external network address and the port configured for the internal network device are not found, the control device selects an idle port mapping server port according to the registered port mapping server information, obtains the idle port for mapping the internal network device, generates the external network device address, the port, the internal network device address and the list item of the port, converts the list item into a configuration format supported by a tool, updates the configuration format to the port mapping database, and transmits the configuration format to the selected port mapping server; the control device returns the external network address and the port corresponding to the internal network device to the user according to the newly configured port mapping relation data; the user can access the corresponding port mapping server through the external network address and the port, and then the port mapping server maps the port of the external network to the corresponding internal network port.
Optionally, the access request includes: internal network device address and port, validity period, and access protocol.
Optionally, the method further comprises: when the validity period of the user accessing the internal network device expires, the control device deletes the configuration port mapping relation for the corresponding internal network device.
Optionally, the registered several port mapping servers are respectively communicated with the external network and the internal network, and are provided with port mapping software.
Optionally, the port mapping software includes Rinetd and Portmap.
Optionally, when the idle ports are allocated, the control device configures at least one port mapping server, or adopts a load balancing policy of the mapping server.
Optionally, when the user accesses the internal device, the control device provides audit, authority and security control for the port for the user.
Compared with the prior art, the invention has the beneficial effects that:
the port mapping method provided by the invention can realize the mechanism control management of the port mapping server, improve the configuration efficiency, and avoid the problems of service failure or blockage and difficult fault investigation when configuration errors or repeated mapping of ports occur; and the management of the mapping server is transparent to the user, so that the maintenance cost and the technical difficulty of the enterprise network are reduced.
Drawings
FIG. 1 is an interactive flow chart of the port mapping of the present invention;
fig. 2 is a block diagram of the port map of the present invention.
Detailed Description
The invention is further described below with reference to the accompanying drawings. The following examples are only for more clearly illustrating the technical aspects of the present invention, and are not intended to limit the scope of the present invention.
In the description of the present invention, it should be understood that the terms "center", "longitudinal", "lateral", "upper", "lower", "front", "rear", "left", "right", "vertical", "horizontal", "top", "bottom", "inner", "outer", etc. indicate orientations or positional relationships based on the orientations or positional relationships shown in the drawings, are merely for convenience in describing the present invention and simplifying the description, and do not indicate or imply that the devices or elements referred to must have a specific orientation, be configured and operated in a specific orientation, and thus should not be construed as limiting the present invention. Furthermore, the terms "first," "second," and the like, are used for descriptive purposes only and are not to be construed as indicating or implying a relative importance or implicitly indicating the number of technical features indicated. Thus, a feature defining "a first", "a second", etc. may explicitly or implicitly include one or more such feature. In the description of the present invention, unless otherwise indicated, the meaning of "a plurality" is two or more.
In the description of the present invention, it should be noted that, unless explicitly specified and limited otherwise, the terms "mounted," "connected," and "connected" are to be construed broadly, and may be either fixedly connected, detachably connected, or integrally connected, for example; can be mechanically or electrically connected; can be directly connected or indirectly connected through an intermediate medium, and can be communication between two elements. The specific meaning of the above terms in the present invention can be understood by those of ordinary skill in the art in a specific case.
Embodiment one:
as shown in fig. 1 and 2, a port mapping system includes a control device, an internal network device, and a plurality of port mapping servers;
the port mapping server is used for mapping the ports of the external network to the corresponding internal network ports according to the port mapping configuration; the port mapping configuration records the mapping relation between the external network port and the internal network port;
the control device is used for registering the address, the available port and the port forwarding performance of the internal network equipment and the external network equipment supported by the port mapping server; the method is also used for analyzing the access request after receiving the request of the user for accessing the internal network equipment, searching the configured port mapping database to obtain the external network address and the port configured for the corresponding internal network equipment, and returning the external network address and the port to the user so that the user can access the corresponding port mapping server through the external network address and the port;
when the control device searches the configured port mapping database, if the external network address and the port configured for the internal network device are not found, selecting an idle port mapping server port according to the registered port mapping server information, configuring a port mapping relation for the corresponding internal network device, updating the configured port mapping relation data to the port mapping database, and issuing to the selected port mapping server; and the control device returns the external network address and the port corresponding to the internal network equipment to the user according to the newly configured port mapping relation data.
Embodiment two:
as shown in fig. 1 and 2, according to a port mapping system of the first embodiment, the present embodiment provides a mapping method of a port mapping system, where a control device stores port mapping data, and the mapping method includes the following steps:
s1, a control device registers addresses, available ports and port forwarding performance of internal network equipment and external network equipment supported by a plurality of port mapping servers, and the registered port mapping servers are provided with port mapping software, wherein the port mapping software comprises Rinetd and Portmap;
s2, the control device receives a request of a user for submitting an address and a port of an access internal network device, an effective period and an access protocol, and analyzes the access request of the user;
s3, the control device searches the configured port mapping database to obtain an external network address and a port configured for the corresponding internal network equipment, and returns the external network address and the port to the user, so that the user can access the corresponding port mapping server through the external network address and the port;
s3, when the control device searches the configured port mapping database, if the external network address and the port configured for the internal network device are not found, the control device selects an idle port mapping server port according to the registered port mapping server information, configures a port mapping relation for the corresponding internal network device, the configured port mapping relation is that the control device obtains the idle port of the mapping device according to the port mapping software type, generates the list items of the external network device address, the port and the internal network device address and the port, converts the list items into a configuration format supported by a tool according to the port mapping device type, updates the configured port mapping relation data to the port mapping database, and transmits the configuration data to one of the two selected port mapping servers, wherein the port mapping servers can realize port backup and high availability, or adopt a load balancing strategy of the mapping server to improve the network performance; the control device returns an external network address and a port corresponding to the internal network device to the user according to the newly configured port mapping relation data, so that the user can access a corresponding port mapping server through the external network address and the port, and then the port of the external network is mapped to a corresponding internal network port through the port mapping server; when a user accesses the internal equipment, the control device provides auditing, authority and security control for the port for the user.
And S4, when the validity period of the user access to the internal network equipment expires, the control device deletes the configuration port mapping relation for the corresponding internal network equipment.
The foregoing is merely a preferred embodiment of the present invention, and it should be noted that modifications and variations could be made by those skilled in the art without departing from the technical principles of the present invention, and such modifications and variations should also be regarded as being within the scope of the invention.
Claims (7)
1. A port mapping system, characterized by: the system comprises a control device, internal network equipment and a plurality of port mapping servers;
the port mapping server is used for mapping the ports of the external network to the corresponding internal network ports according to the port mapping configuration; the port mapping configuration records the mapping relation between the external network port and the internal network port;
the control device is used for registering the address, the available port and the port forwarding performance of the internal network equipment and the external network equipment supported by the port mapping server; the method is also used for analyzing the access request after receiving the request of the user for accessing the internal network equipment, searching the configured port mapping database to obtain the external network address and the port configured for the corresponding internal network equipment, and returning the external network address and the port to the user so that the user can access the corresponding port mapping server through the external network address and the port;
when the control device searches the configured port mapping database, if the external network address and the port configured for the internal network device are not found, selecting an idle port mapping server port according to the registered port mapping server information, configuring a port mapping relation for the corresponding internal network device, updating the configured port mapping relation data to the port mapping database, and issuing to the selected port mapping server; the control device returns the external network address and the port corresponding to the internal network device to the user according to the newly configured port mapping relation data;
the control device stores port mapping data, and the mapping method comprises the following steps:
the control device registers the addresses of the internal network devices and the external network devices supported by the port mapping servers, available ports and port forwarding performance;
the control device receives a request submitted by a user for accessing the internal network equipment and analyzes the access request of the user;
when the access request of the user passes, the control device searches the configured port mapping database to obtain an external network address and a port configured for the corresponding internal network equipment, and returns the external network address and the port to the user, so that the user can access the corresponding port mapping server through the external network address and the port, and then the port of the external network is mapped to the corresponding internal network port through the port mapping server;
when the control device searches the configured port mapping database, if the external network address and the port configured for the internal network device are not found, the control device selects an idle port mapping server port according to the registered port mapping server information, obtains the idle port for mapping the internal network device, generates the external network device address, the port, the internal network device address and the list item of the port, converts the list item into a configuration format supported by a tool, updates the configuration format to the port mapping database, and transmits the configuration format to the selected port mapping server; the control device returns the external network address and the port corresponding to the internal network device to the user according to the newly configured port mapping relation data; the user can access the corresponding port mapping server through the external network address and the port, and then the port mapping server maps the port of the external network to the corresponding internal network port.
2. The port mapping system of claim 1, wherein the access request comprises: internal network device address and port, validity period, and access protocol.
3. The port mapping system of claim 2, further comprising: when the validity period of the user accessing the internal network device expires, the control device deletes the configuration port mapping relation for the corresponding internal network device.
4. A port mapping system according to claim 1, characterized in that: the registered port mapping servers are respectively communicated with an external network and an internal network, and are provided with port mapping software.
5. A port mapping system according to claim 4, characterized in that: the port mapping software includes Rinetd and Portmap.
6. A port mapping system according to claim 1, characterized in that: when the port of the idle port mapping server is allocated, the control device configures at least one port mapping server or adopts the load balancing strategy of the mapping server.
7. The port mapping system of claim 1, further comprising: when a user accesses the internal equipment, the control device provides auditing, authority and security control for the port for the user.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210526920.1A CN114978890B (en) | 2022-05-16 | 2022-05-16 | Port mapping system and mapping method thereof |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210526920.1A CN114978890B (en) | 2022-05-16 | 2022-05-16 | Port mapping system and mapping method thereof |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN114978890A CN114978890A (en) | 2022-08-30 |
| CN114978890B true CN114978890B (en) | 2024-01-23 |
Family
ID=82982344
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210526920.1A Active CN114978890B (en) | 2022-05-16 | 2022-05-16 | Port mapping system and mapping method thereof |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114978890B (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115499409B (en) * | 2022-09-29 | 2024-07-26 | 阿里巴巴(中国)有限公司 | NAT gateway, server and network system |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101605154A (en) * | 2009-07-09 | 2009-12-16 | 中兴通讯股份有限公司 | Use the IP Address Confirmation system and method for the network equipment of network address translation |
| CN102148879A (en) * | 2010-10-22 | 2011-08-10 | 华为技术有限公司 | Port mapping method and device and communication system |
| CN103516820A (en) * | 2012-06-25 | 2014-01-15 | 中兴通讯股份有限公司 | Port forwarding method and apparatus based on MAC address |
| CN105991789A (en) * | 2015-03-06 | 2016-10-05 | 中兴通讯股份有限公司 | Method for realizing virtual machine port mapping, servers and system |
-
2022
- 2022-05-16 CN CN202210526920.1A patent/CN114978890B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101605154A (en) * | 2009-07-09 | 2009-12-16 | 中兴通讯股份有限公司 | Use the IP Address Confirmation system and method for the network equipment of network address translation |
| CN102148879A (en) * | 2010-10-22 | 2011-08-10 | 华为技术有限公司 | Port mapping method and device and communication system |
| CN103516820A (en) * | 2012-06-25 | 2014-01-15 | 中兴通讯股份有限公司 | Port forwarding method and apparatus based on MAC address |
| CN105991789A (en) * | 2015-03-06 | 2016-10-05 | 中兴通讯股份有限公司 | Method for realizing virtual machine port mapping, servers and system |
Non-Patent Citations (2)
| Title |
|---|
| 发布网络内部服务器及内网建站的方法;王新宇;胡华海;;科技信息(第01期);全文 * |
| 端口映射的分析与应用;傅丰;徐洪章;;天中学刊(第02期);全文 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN114978890A (en) | 2022-08-30 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US8767737B2 (en) | Data center network system and packet forwarding method thereof | |
| US7093261B1 (en) | Message integration framework for multi-application systems | |
| CN110324177A (en) | Service request processing method, system and medium under micro-service architecture | |
| EP1604486B1 (en) | Relational model for management information in network devices | |
| US20050002380A1 (en) | Automated IT asset location system | |
| US20020166033A1 (en) | System and method for storage on demand service in a global SAN environment | |
| US7761552B2 (en) | Root node for integrating NAS of different user name spaces | |
| US8970873B2 (en) | System and method for managing printer resources on an internal network | |
| CN110209719A (en) | A kind of multitype database based on micro services framework uniformly accesses system and method | |
| CN108632378B (en) | Monitoring method for cloud platform service | |
| US20060224799A1 (en) | Address management device | |
| CN109918359A (en) | Database service persistence method and system based on swarm | |
| CN113645304B (en) | Data service processing method and related equipment | |
| CN114978890B (en) | Port mapping system and mapping method thereof | |
| CN102123180A (en) | DNS (Domain Name Server) network structure and domain name resolution method | |
| CN110958180A (en) | Gateway routing method, intelligent gateway, electronic device and computer storage medium | |
| EP3306471B1 (en) | Automatic server cluster discovery | |
| CN103106242A (en) | Phone bill query method and phone bill query system | |
| US20080295158A1 (en) | System and method to access and use layer 2 and layer 3 information used in communications | |
| JP2002368781A (en) | User location management domain name conversion system | |
| CN116260878A (en) | Service center system based on global service structure server of distributed computing and storage | |
| CN101355453A (en) | Operation management maintenance proxy apparatus and method for implementing network management | |
| JP5332488B2 (en) | Map-based communication of multiple functional entities | |
| CN114154825A (en) | Two-dimensional power grid distributed cache service system | |
| CN114157721A (en) | Route distribution method, device, equipment and readable storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |