CN111726400A - Reverse connection method, device and server-side system - Google Patents
Reverse connection method, device and server-side system Download PDFInfo
- Publication number
- CN111726400A CN111726400A CN202010514640.XA CN202010514640A CN111726400A CN 111726400 A CN111726400 A CN 111726400A CN 202010514640 A CN202010514640 A CN 202010514640A CN 111726400 A CN111726400 A CN 111726400A
- Authority
- CN
- China
- Prior art keywords
- gateway
- equipment
- target
- reverse proxy
- reverse
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 46
- 238000013507 mapping Methods 0.000 claims abstract description 20
- 230000004044 response Effects 0.000 claims description 33
- 238000004590 computer program Methods 0.000 claims description 10
- 238000004891 communication Methods 0.000 abstract description 16
- 238000010586 diagram Methods 0.000 description 12
- 230000006870 function Effects 0.000 description 8
- 230000003287 optical effect Effects 0.000 description 4
- 238000012986 modification Methods 0.000 description 3
- 230000004048 modification Effects 0.000 description 3
- 230000008569 process Effects 0.000 description 3
- 238000012545 processing Methods 0.000 description 3
- 230000008901 benefit Effects 0.000 description 2
- 230000000644 propagated effect Effects 0.000 description 2
- 239000004065 semiconductor Substances 0.000 description 2
- 238000012546 transfer Methods 0.000 description 2
- 230000008859 change Effects 0.000 description 1
- 238000006243 chemical reaction Methods 0.000 description 1
- 238000010276 construction Methods 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 239000000835 fiber Substances 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 230000002452 interceptive effect Effects 0.000 description 1
- 239000004973 liquid crystal related substance Substances 0.000 description 1
- 239000013307 optical fiber Substances 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 238000013519 translation Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/14—Session management
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
- H04L67/1001—Protocols in which an application is distributed across nodes in the network for accessing one among a plurality of replicated servers
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/50—Network services
- H04L67/56—Provisioning of proxy services
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/50—Network services
- H04L67/56—Provisioning of proxy services
- H04L67/568—Storing data temporarily at an intermediate stage, e.g. caching
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/50—Network services
- H04L67/60—Scheduling or organising the servicing of application requests, e.g. requests for application data transmissions using the analysis and optimisation of the required network resources
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention discloses a reverse connection method, a reverse connection device and a service end system, and relates to the technical field of computers. One embodiment of the method comprises: determining a target reverse proxy node corresponding to a request message to be sent to equipment in a target gateway according to the cached first corresponding relation, wherein the request message comprises an equipment identifier of the equipment in the target gateway; the first corresponding relation is a mapping relation between the equipment identifier of each gateway equipment and a reverse proxy node which is in long connection with the gateway equipment; and forwarding the request message to the equipment in the target gateway by utilizing the target reverse proxy node. The implementation method can realize that the service node actively sends the request to the equipment in the gateway through the long connection and redirection service, does not need to redesign the communication mode of the service node, and is easy to realize.
Description
Technical Field
The invention relates to the technical field of computers, in particular to a reverse connection method, a reverse connection device and a server side system.
Background
In the communication mode between the device and the device management server, not only the device actively initiates a request to the management server, but also the management server actively initiates a request to the device, for example, the management server actively pushes an execution policy or some information necessary for work to the device.
When the management server is deployed outside the gateway and the device is deployed inside the gateway, the internal device knows the public network IP address of the server and can initiate active access, but the server does not know the IP address of the device in the gateway, or even if the device knows the public network IP address, the public network IP address is the IP address in the local area network, and the server cannot access the device and only passively waits for the device in the gateway to actively access the device.
How to realize that a server actively sends a request to a device in a gateway is a problem which needs to be solved urgently at present.
Disclosure of Invention
In view of this, embodiments of the present invention provide a method and an apparatus for reverse connection, and a service end system, which can implement that a service node actively sends a request to a device in a gateway through a long connection and a redirection service, and do not need to redesign a communication mode of the service node, so that implementation is easy.
To achieve the above object, according to an aspect of an embodiment of the present invention, there is provided a method of reverse connection, including:
determining a target reverse proxy node corresponding to a request message to be sent to equipment in a target gateway according to the cached first corresponding relation, wherein the request message comprises an equipment identifier of the equipment in the target gateway; the first corresponding relation is a mapping relation between the equipment identifier of each gateway equipment and a reverse proxy node which is in long connection with the gateway equipment;
and forwarding the request message to the equipment in the target gateway by utilizing the target reverse proxy node.
Optionally, before determining, according to the cached first corresponding relationship, a target reverse proxy node corresponding to a request message to be sent to a device in the target gateway, the method further includes:
receiving a registration request sent by each gateway device by using at least one reverse proxy node, wherein the registration request comprises a device identifier of the gateway device;
and establishing long connection between the equipment in the gateway and the reverse proxy node receiving the registration request of the equipment in the gateway, and storing a mapping relation between the equipment identifier of the equipment in the gateway and the IP address of the reverse proxy node receiving the registration request of the equipment in the gateway to obtain a first corresponding relation.
Optionally, each intra-gateway device maintains a long connection with a reverse-proxy, the reverse-proxy comprising a plurality of reverse-proxy nodes.
Optionally, after determining, according to the cached first corresponding relationship, a target reverse proxy node corresponding to a request message to be sent to a device in the target gateway, the method further includes:
and sending the IP address of the target reverse proxy node to the service node so that the service node sends the request message to the target reverse proxy node according to the IP address of the target reverse proxy node.
Optionally, before forwarding, by the target reverse proxy node, the request message to the device in the target gateway, the method further includes: analyzing a request identifier and a service node identifier of the service node from the request information, and storing a second corresponding relation between the request identifier and the service node identifier;
after forwarding the request message to the device in the target gateway by using the target reverse proxy node, the method further includes: and receiving a response message sent by the equipment in the gateway by using the reverse proxy node, analyzing the service node identification from the response message, determining a target service node corresponding to the service node identification according to the second corresponding relation, and forwarding the response message to the target service node.
Optionally, the reverse proxy node is used to receive a heartbeat packet periodically sent by the intra-gateway device that maintains the long connection with the reverse proxy node, so as to maintain the long connection with the corresponding intra-gateway device.
According to a second aspect of embodiments of the present invention, there is provided a reverse connection apparatus, including:
the redirection module is used for determining a target reverse proxy node corresponding to a request message to be sent to equipment in a target gateway according to the cached first corresponding relation, wherein the request message comprises an equipment identifier of the equipment in the target gateway; the first corresponding relation is a mapping relation between the equipment identifier of each gateway equipment and a reverse proxy node which is in long connection with the gateway equipment;
and the reverse proxy module is used for forwarding the request message to the equipment in the target gateway by utilizing the target reverse proxy node.
Optionally, the reverse proxy module is further configured to: before the redirection module determines a target reverse proxy node corresponding to a request message to be sent to equipment in a target gateway according to the cached first corresponding relation, utilizing at least one reverse proxy node to receive a registration request sent by the equipment in each gateway, wherein the registration request comprises equipment identification of the equipment in the gateway; and establishing long connection between the equipment in the gateway and the reverse proxy node receiving the registration request of the equipment in the gateway, and storing a mapping relation between the equipment identifier of the equipment in the gateway and the IP address of the reverse proxy node receiving the registration request of the equipment in the gateway to obtain a first corresponding relation.
Optionally, each intra-gateway device maintains a long connection with a reverse-proxy, the reverse-proxy comprising a plurality of reverse-proxy nodes.
Optionally, the redirection module is further configured to: and after determining a target reverse proxy node corresponding to a request message to be sent to equipment in a target gateway according to the cached first corresponding relation, sending the IP address of the target reverse proxy node to the service node so that the service node sends the request message to the target reverse proxy node according to the IP address of the target reverse proxy node.
Optionally, the reverse proxy module is further configured to:
utilizing the target reverse proxy node to analyze a request identifier and a service node identifier of the service node from the request information before forwarding the request message to the equipment in the target gateway, and storing a second corresponding relation between the request identifier and the service node identifier;
after the request message is forwarded to the target gateway internal device by using the target reverse proxy node, receiving a response message sent by the gateway internal device by using the reverse proxy node, analyzing the service node identification from the response message, determining a target service node corresponding to the service node identification according to a second corresponding relation, and forwarding the response message to the target service node.
Optionally, the reverse proxy module is further configured to: and receiving heartbeat packets periodically sent by the equipment in the gateway which keeps long connection with the reverse proxy node by using the reverse proxy node so as to keep long connection with the corresponding equipment in the gateway.
According to a third aspect of the embodiments of the present invention, there is provided a server-side system, including: a reverse connection device and a service node; wherein,
the service node generates a request message to be sent to equipment in a target gateway and sends the request message to the reverse connection device, wherein the request message comprises an equipment identifier of the equipment in the target gateway;
the reverse connection device determines a target reverse proxy node corresponding to a request message to be sent to equipment in the target gateway according to the cached first corresponding relation; the first corresponding relation is a mapping relation between the equipment identifier of each gateway equipment and a reverse proxy node which is in long connection with the gateway equipment; and forwarding the request message to the equipment in the target gateway by utilizing the target reverse proxy node.
Optionally, the reverse connecting device is further configured to: before determining a target reverse proxy node corresponding to a request message to be sent to equipment in a target gateway according to the cached first corresponding relation, receiving a registration request sent by the equipment in each gateway by using at least one reverse proxy node, wherein the registration request comprises an equipment identifier of the equipment in the gateway; and establishing long connection between the equipment in the gateway and the reverse proxy node receiving the registration request of the equipment in the gateway, and storing a mapping relation between the equipment identifier of the equipment in the gateway and the IP address of the reverse proxy node receiving the registration request of the equipment in the gateway to obtain a first corresponding relation.
Optionally, each intra-gateway device maintains a long connection with a reverse-proxy, the reverse-proxy comprising a plurality of reverse-proxy nodes.
Optionally, the reverse connecting device is further configured to: and after determining a target reverse proxy node corresponding to a request message to be sent to equipment in a target gateway according to the cached first corresponding relation, sending the IP address of the target reverse proxy node to the service node so that the service node sends the request message to the target reverse proxy node according to the IP address of the target reverse proxy node.
Optionally, the reverse connecting device is further configured to:
utilizing the target reverse proxy node to analyze a request identifier and a service node identifier of the service node from the request information before forwarding the request message to the equipment in the target gateway, and storing a second corresponding relation between the request identifier and the service node identifier;
after the request message is forwarded to the target gateway internal device by using the target reverse proxy node, receiving a response message sent by the gateway internal device by using the reverse proxy node, analyzing the service node identification from the response message, determining a target service node corresponding to the service node identification according to a second corresponding relation, and forwarding the response message to the target service node.
Optionally, the reverse-proxy apparatus is further configured to: and receiving heartbeat packets periodically sent by the equipment in the gateway which keeps long connection with the reverse proxy node by using the reverse proxy node so as to keep long connection with the corresponding equipment in the gateway.
According to a fourth aspect of the embodiments of the present invention, there is provided an electronic apparatus connected in reverse, including:
one or more processors;
a storage device for storing one or more programs,
when the one or more programs are executed by the one or more processors, the one or more processors are caused to implement the method provided by the first aspect of the embodiments of the present invention.
According to a fifth aspect of embodiments of the present invention, there is provided a computer readable medium, on which a computer program is stored, which when executed by a processor, implements the method provided by the first aspect of embodiments of the present invention.
One embodiment of the above invention has the following advantages or benefits: the method can realize that the service node actively sends the request to the equipment in the gateway through long connection and redirection service without redesigning the communication mode of the service node, and is easy to realize.
Further effects of the above-mentioned non-conventional alternatives will be described below in connection with the embodiments.
Drawings
The drawings are included to provide a better understanding of the invention and are not to be construed as unduly limiting the invention. Wherein:
fig. 1 is a schematic view of a main flow of a method of reverse connection of an embodiment of the present invention;
FIG. 2 is a schematic diagram of the main flow of a method of reverse connection of an alternative embodiment of the present invention;
FIG. 3 is a schematic diagram of the main modules of a reverse-link apparatus of an embodiment of the present invention;
FIG. 4 is an exemplary system architecture diagram in which embodiments of the present invention may be employed;
fig. 5 is a schematic block diagram of a computer system suitable for use in implementing a terminal device or server of an embodiment of the invention.
Detailed Description
Exemplary embodiments of the present invention are described below with reference to the accompanying drawings, in which various details of embodiments of the invention are included to assist understanding, and which are to be considered as merely exemplary. Accordingly, those of ordinary skill in the art will recognize that various changes and modifications of the embodiments described herein can be made without departing from the scope and spirit of the invention. Also, descriptions of well-known functions and constructions are omitted in the following description for clarity and conciseness.
According to an aspect of an embodiment of the present invention, there is provided a method of reverse connection.
Fig. 1 is a schematic diagram of a main flow of a reverse connection method according to an embodiment of the present invention, and as shown in fig. 1, the reverse connection method includes:
step S101, determining a target reverse proxy node corresponding to a request message to be sent to equipment in a target gateway according to the cached first corresponding relation, wherein the request message comprises an equipment identifier of the equipment in the target gateway; the first corresponding relation is a mapping relation between the equipment identifier of each gateway equipment and a reverse proxy node which is in long connection with the gateway equipment;
step S102, the target reverse proxy node is utilized to forward the request message to the equipment in the target gateway.
The Gateway (Gateway) is also called an internetwork connector and a protocol converter. The gateway realizes network interconnection above a network layer, is a complex network interconnection device, and is a computer system or a device serving as a conversion task. A gateway is a translator used between two networks that differ in communication protocol, data format or language, or even in an architecture that is completely different. The gateway repackages the received information to accommodate the needs of the destination system.
NAT (Network Address Translation) refers to modifying a source IP Address and a destination IP Address of a received IP (internet protocol, protocol for interconnection between networks) packet, and then sending out the packet. The NAT gateway is a gateway that implements a NAT function, and is usually deployed at a connection between a local area network and the internet. Devices within the lan (i.e. within the gateway) possess a lan IP which is normally addressable only within the lan. While NAT gateways have both local IP and internet addressable public IP. When a device in the local area network wants to access the internet, the source IP of the transmitted IP data packet is the IP in the local area network, and the destination IP is the IP on the internet to be accessed. After the data packet is sent out, the NAT gateway receives the data packet, modifies the source IP into the Internet public network IP of the NAT gateway, and forwards the data packet, so that the response packet of the data packet can be sent to the own public network IP. When the response packet of the data packet returns, the NAT gateway modifies the destination IP of the response packet into the IP address of the real sending equipment in the local area network, and forwards the response packet to the local area network. The NAT gateway can realize that a plurality of devices in the local area network access the Internet service through an Internet public network IP, and simultaneously can also realize the protection of the devices in the local area network, but service nodes on the Internet cannot directly access the devices in the local area network.
If forwarding rules are configured on the NAT gateway, the service node can actively access the devices inside the NAT gateway, and this way of exposing access to the internal addresses increases the risk of the network. If the device in the gateway regularly accesses the service node through a polling mode, the device in the gateway inquires whether the service node needs to send information to the device in the gateway, if the time interval is too small, the device in the gateway can frequently access the service node, for example, the service node is deployed at a cloud, the cloud service node is usually designed by multiple tenants, each tenant can manage multiple devices, and therefore the access data volume can exponentially increase, the bandwidth is occupied, and the traffic use cost is increased. If the time interval is too large, the real-time performance of the information cannot be guaranteed, for example, the time interval is 10 minutes, a newly added policy may be that the device in the gateway actively initiates a request to acquire and execute the request after 10 minutes, and the real-time performance is poor.
The device identifier is a unique identifier of a device in the gateway, and is used for uniquely representing the device in the gateway. The redirect node and the reverse-proxy node are nodes deployed outside the gateway. In steps S101 and S102, a reverse proxy node that is in long connection with a device in a target gateway is determined by a redirection operation, then a reverse proxy mode is adopted in step S103, a request message that a service node is intended to forward to the device in the target gateway is forwarded to the device in the target gateway by the reverse proxy node, and the service node can actively send a request to the device in the gateway through the long connection and redirection service, so that the above-mentioned various disadvantages are avoided, and a communication mode of the service node does not need to be redesigned, which is easy to implement.
The first correspondence may be manually set and stored in advance, or may be determined after the device in the gateway registers with the reverse proxy node. For example, before determining a target reverse proxy node corresponding to a request message to be sent to a device in a target gateway according to the cached first corresponding relationship, receiving a registration request sent by the device in each gateway by using at least one reverse proxy node, where the registration request includes a device identifier of the device in the gateway; and establishing long connection between the equipment in the gateway and a reverse proxy node for receiving the registration request of the equipment in the gateway, and storing a mapping relation between the equipment identifier of the equipment in the gateway and the IP address of the reverse proxy node for receiving the registration request of the equipment in the gateway to obtain a first corresponding relation. A reverse proxy node may only maintain a long connection with devices within a gateway. In order to realize high availability and load balance, each device in the gateway is kept long connected with a reverse proxy, the reverse proxy comprises a plurality of reverse proxy nodes, and requests for accessing the service node are balanced to one of the reverse proxy nodes by deploying a plurality of instances of the reverse proxy nodes. Thus, the function of maintaining connections is always available as long as exceptions do not occur in all reverse-proxy nodes. Re-registration may be initiated when the in-gateway device finds that a long connection with a certain reverse proxy node is not available, and then the first correspondence is updated.
In an actual application process, after determining a target reverse proxy node corresponding to a request message to be sent to a device in a target gateway according to the cached first corresponding relationship, the request message of the service node may be directly forwarded to the target reverse proxy node. In an optional embodiment, after determining, according to the cached first corresponding relationship, a target reverse proxy node corresponding to a request message to be sent to a device in a target gateway, the method further includes: and sending the IP address of the target reverse proxy node to the service node so that the service node sends the request message to the target reverse proxy node according to the IP address of the target reverse proxy node. Therefore, the complexity of the redirection operation can be reduced, and the development is facilitated.
Before forwarding the request message to the device in the target gateway, the method may further include: and analyzing the request identifier and the service node identifier of the service node from the request information, and storing a second corresponding relation between the request identifier and the service node identifier. After the request message is forwarded to the device in the target gateway by using the target reverse proxy node, the method further includes: and receiving a response message sent by equipment in the gateway by using the reverse proxy node, analyzing the service node identifier from the response message, determining a target service node corresponding to the service node identifier according to the second corresponding relation, and forwarding the response message to the target service node.
The request identifier refers to a unique identifier of the request message, and is used for uniquely representing one request message. The service node identifier refers to a unique identifier of the service node, and is used for uniquely representing one service node. The content request message of the request identity and the corresponding reply message remain unchanged so that the service node or client associates the request and the reply. By storing the second corresponding relationship between the request identifier of each request message and the service node identifier of the service node where the request message occurs, the service node corresponding to the request message can be quickly determined after the response message of the device in the gateway is received, and then the response message is forwarded to the corresponding service node.
Optionally, the reverse proxy node is used to receive heartbeat packets periodically sent by the intra-gateway device that maintains the long connection with the reverse proxy node, so as to maintain the long connection with the corresponding intra-gateway device. Illustratively, the in-gateway device periodically sends heartbeat packets to the reverse proxy node to which it maintains a long connection to maintain the long connection, attempting a reconnection if the connection is broken. The heartbeat packet is sent to timely discover and reconnect when the connection is interrupted, so that the situation that a service node cannot actively generate a request message to the equipment in the gateway due to long connection interruption between the equipment in the gateway and the corresponding reverse proxy node is avoided.
Fig. 2 is a schematic diagram of the main flow of the method of reverse connection of an alternative embodiment of the present invention. In this embodiment, the service node is deployed on the cloud. The method comprises the steps of deploying a Socket-Server (reverse proxy node) at the cloud end, wherein the Socket-Server (such as Socket-Server-1 or Socket-Server-2 in fig. 2) is mainly responsible for maintaining connection with a device (such as device-a, device-B or device-C in fig. 2) in the gateway and a service node (such as Server-1, Server-2 or Server-3 in fig. 2) on the cloud, and forwarding a data packet in the middle. In order to realize high availability and load balance, a plurality of Socket-server instances (reverse proxy nodes) are deployed, and requests from the public network IP are load-balanced on one of the Socket-servers. Devices in the NAT gateway (e.g., device-a, device-B, or device-C in fig. 2) actively register with the Socket-server, and the registration content is their device identification (deviceID). After receiving the registration request of the equipment, the Socket-server stores the first corresponding relation between the deviceID and the IP of the Socket-server instance, and maintains long connection with the equipment. And the equipment in the NAT gateway periodically sends a heartbeat packet to the Socket-server to keep the long link, and if the connection is interrupted, reconnection is attempted.
When a service node on the cloud needs to send a request message to a device in an NAT gateway, the request message is first sent to a redirect-server (a redirection node, for example, redirect-server-1 or redirect-server-2 in fig. 2) in the cloud, the redirect-server acquires a deviceID from the request message, and queries a first correspondence between the saved deviceID and an IP of a Socket-server instance according to the deviceID, so as to acquire an IP address of a target Socket-server that is in long connection with a device in the target gateway (for example, device-a, device-B, or device-C in fig. 2). The redirect-server returns HTTP 307 (English of HTTP is called HyperText transfer protocol, Chinese meaning is HyperText transfer protocol) to the service node on the cloud, in the HTTP protocol, 307 represents a redirected response state code), and the service node on the cloud sends the request message to a target Socket-server instance which keeps long connection with the equipment in the target gateway. If only one Socket-server instance exists, the service node on the cloud can directly send a request message to the Socket-server, and if a plurality of Socket-server instances exist, the service node on the cloud does not know which Socket-server the device in the target gateway which the service node wants to communicate with is connected with, so that redirection is needed through the redirect-server. And an HTTP redirection protocol is used during redirection, so that for a service node on the cloud, an operation of additionally modifying a program and additionally inquiring a Socket-server address is not required, and the implementation and the expansion are easy.
The Socket-server receives a Request message sent by a service node on the cloud, acquires an X-Request-ID (Request identifier, for example, a random ID created by the service node on the cloud for the HTTP connection) in an HTTP header of the Request message, stores a second correspondence between the X-Request-ID and the service node identifier of the service node on the cloud, and forwards the Request message to a device in the NAT gateway through long connection between load balancing and the NAT gateway. Because the server often has a plurality of service nodes, it needs to determine to forward the response message to which cloud service node according to the X-Request-ID in the response message.
And the equipment in the gateway returns the response message to the Socket-server which is in long connection with the equipment through long connection, after receiving the response message, the Socket-server finds the connection between the corresponding equipment and the service node on the cloud through the X-Request-ID in the HTTP header, and forwards the returned response message to the service node on the cloud.
In this embodiment, after the service node that needs to actively connect to the NAT gateway internal device is in the cloud, the communication mode that the original passive request receiving communication mode is changed into the interactive communication mode without redesigning the communication mode, so that the cloud service node actively sends the request to the device located inside the NAT gateway. By adopting the method of the embodiment of the invention, the server in the NAT gateway can realize seamless cloud-up, the server in the NAT gateway initiates a request to the equipment in the NAT gateway, and initiates a request to the redirect-server after cloud-up, and other changes are not needed except the change of the destination address. Due to the fact that a plurality of Socket-server instances are deployed, high availability of the server system on the cloud can be achieved.
According to a second aspect of the embodiments of the present invention, there is provided an apparatus for implementing the above method.
Fig. 3 is a schematic diagram of main blocks of a reverse connection apparatus according to an embodiment of the present invention, and as shown in fig. 3, the reverse connection apparatus 300 includes:
a redirection module 301, configured to determine, according to the cached first correspondence, a target reverse proxy node corresponding to a request message to be sent to a device in a target gateway, where the request message includes a device identifier of the device in the target gateway; the first corresponding relation is a mapping relation between the equipment identifier of each gateway equipment and a reverse proxy node which is in long connection with the gateway equipment;
the reverse proxy module 302 forwards the request message to the target gateway internal device by using the target reverse proxy node.
Optionally, the reverse proxy module is further configured to: before the redirection module determines a target reverse proxy node corresponding to a request message to be sent to equipment in a target gateway according to the cached first corresponding relation, utilizing at least one reverse proxy node to receive a registration request sent by the equipment in each gateway, wherein the registration request comprises equipment identification of the equipment in the gateway; and establishing long connection between the equipment in the gateway and the reverse proxy node receiving the registration request of the equipment in the gateway, and storing a mapping relation between the equipment identifier of the equipment in the gateway and the IP address of the reverse proxy node receiving the registration request of the equipment in the gateway to obtain a first corresponding relation.
Optionally, each intra-gateway device maintains a long connection with a reverse-proxy, the reverse-proxy comprising a plurality of reverse-proxy nodes.
Optionally, the redirection module is further configured to: after determining a target reverse proxy node corresponding to a request message to be sent to equipment in a target gateway according to the cached first corresponding relation, sending the IP address of the target reverse proxy node to the service node, so that the service node sends the request message to the target reverse proxy node according to the IP address of the target reverse proxy node.
Optionally, the reverse proxy module is further configured to:
utilizing the target reverse proxy node to analyze a request identifier and a service node identifier of the service node from the request information before forwarding the request message to the equipment in the target gateway, and storing a second corresponding relation between the request identifier and the service node identifier;
after the request message is forwarded to the target gateway internal device by using the target reverse proxy node, receiving a response message sent by the gateway internal device by using the reverse proxy node, analyzing the service node identification from the response message, determining a target service node corresponding to the service node identification according to a second corresponding relation, and forwarding the response message to the target service node.
Optionally, the reverse proxy module is further configured to: and receiving heartbeat packets periodically sent by the equipment in the gateway which keeps long connection with the reverse proxy node by using the reverse proxy node so as to keep long connection with the corresponding equipment in the gateway.
According to a third aspect of the embodiments of the present invention, there is provided a server-side system, including: a reverse connection device and a service node; wherein,
the service node generates a request message to be sent to equipment in a target gateway and sends the request message to the reverse connection device, wherein the request message comprises an equipment identifier of the equipment in the target gateway;
the reverse connection device determines a target reverse proxy node corresponding to a request message to be sent to equipment in the target gateway according to the cached first corresponding relation; the first corresponding relation is a mapping relation between the equipment identifier of each gateway equipment and a reverse proxy node which is in long connection with the gateway equipment; and forwarding the request message to the equipment in the target gateway by utilizing the target reverse proxy node.
Optionally, the reverse connecting device is further configured to: before determining a target reverse proxy node corresponding to a request message to be sent to equipment in a target gateway according to the cached first corresponding relation, receiving a registration request sent by the equipment in each gateway by using at least one reverse proxy node, wherein the registration request comprises an equipment identifier of the equipment in the gateway; and establishing long connection between the equipment in the gateway and the reverse proxy node receiving the registration request of the equipment in the gateway, and storing a mapping relation between the equipment identifier of the equipment in the gateway and the IP address of the reverse proxy node receiving the registration request of the equipment in the gateway to obtain a first corresponding relation.
Optionally, each intra-gateway device maintains a long connection with a reverse-proxy, the reverse-proxy comprising a plurality of reverse-proxy nodes.
Optionally, the reverse connecting device is further configured to: after determining a target reverse proxy node corresponding to a request message to be sent to equipment in a target gateway according to the cached first corresponding relation, sending the IP address of the target reverse proxy node to the service node, so that the service node sends the request message to the target reverse proxy node according to the IP address of the target reverse proxy node.
Optionally, the reverse connecting device is further configured to:
utilizing the target reverse proxy node to analyze a request identifier and a service node identifier of the service node from the request information before forwarding the request message to the equipment in the target gateway, and storing a second corresponding relation between the request identifier and the service node identifier;
after the request message is forwarded to the target gateway internal device by using the target reverse proxy node, receiving a response message sent by the gateway internal device by using the reverse proxy node, analyzing the service node identification from the response message, determining a target service node corresponding to the service node identification according to a second corresponding relation, and forwarding the response message to the target service node.
Optionally, the reverse-proxy apparatus is further configured to: and receiving heartbeat packets periodically sent by the equipment in the gateway which keeps long connection with the reverse proxy node by using the reverse proxy node so as to keep long connection with the corresponding equipment in the gateway.
According to a fourth aspect of the embodiments of the present invention, there is provided an electronic apparatus connected in reverse, including:
one or more processors;
a storage device for storing one or more programs,
when the one or more programs are executed by the one or more processors, the one or more processors are caused to implement the method provided by the first aspect of the embodiments of the present invention.
According to a fifth aspect of embodiments of the present invention, there is provided a computer readable medium, on which a computer program is stored, which when executed by a processor, implements the method provided by the first aspect of embodiments of the present invention.
Fig. 4 illustrates an exemplary system architecture 400 of a reverse-connected method or reverse-connected apparatus to which embodiments of the present invention may be applied.
As shown in fig. 4, the system architecture 400 may include terminal devices 401, 402, 403, a gateway 404, and a server 405.
The user may use the terminal devices 401, 402, 403 to interact with the server 405 through the gateway 404 to receive or send messages or the like. The terminal devices 401, 402, 403 may have installed thereon various communication client applications, such as shopping-like applications, web browser applications, search-like applications, instant messaging tools, mailbox clients, social platform software, etc. (by way of example only).
The terminal devices 401, 402, 403 may be various electronic devices having a display screen and supporting web browsing, including but not limited to smart phones, tablet computers, laptop portable computers, desktop computers, and the like.
The server 405 may be a server providing various services, such as a background management server (for example only) providing support for shopping websites browsed by users using the terminal devices 401, 402, 403. The background management server can actively push the execution policy or some information necessary for working to the terminal device.
It should be noted that the method for reverse connection provided by the embodiment of the present invention is generally performed by the server 405, and accordingly, the reverse connection device is generally disposed in the server 405.
It should be understood that the number of terminal devices, networks, and servers in fig. 4 is merely illustrative. There may be any number of terminal devices, networks, and servers, as desired for implementation.
Referring now to FIG. 5, shown is a block diagram of a computer system 500 suitable for use with a terminal device implementing an embodiment of the present invention. The terminal device shown in fig. 5 is only an example, and should not bring any limitation to the functions and the scope of use of the embodiments of the present invention.
As shown in fig. 5, the computer system 500 includes a Central Processing Unit (CPU)501 that can perform various appropriate actions and processes according to a program stored in a Read Only Memory (ROM)502 or a program loaded from a storage section 508 into a Random Access Memory (RAM) 503. In the RAM 503, various programs and data necessary for the operation of the system 500 are also stored. The CPU 501, ROM 502, and RAM 503 are connected to each other via a bus 504. An input/output (I/O) interface 505 is also connected to bus 504.
The following components are connected to the I/O interface 505: an input portion 506 including a keyboard, a mouse, and the like; an output portion 507 including a display such as a Cathode Ray Tube (CRT), a Liquid Crystal Display (LCD), and the like, and a speaker; a storage portion 508 including a hard disk and the like; and a communication section 509 including a network interface card such as a LAN card, a modem, or the like. The communication section 509 performs communication processing via a network such as the internet. The driver 510 is also connected to the I/O interface 505 as necessary. A removable medium 511 such as a magnetic disk, an optical disk, a magneto-optical disk, a semiconductor memory, or the like is mounted on the drive 510 as necessary, so that a computer program read out therefrom is mounted into the storage section 508 as necessary.
In particular, according to the embodiments of the present disclosure, the processes described above with reference to the flowcharts may be implemented as computer software programs. For example, embodiments of the present disclosure include a computer program product comprising a computer program embodied on a computer readable medium, the computer program comprising program code for performing the method illustrated in the flow chart. In such an embodiment, the computer program may be downloaded and installed from a network through the communication section 509, and/or installed from the removable medium 511. The computer program performs the above-described functions defined in the system of the present invention when executed by the Central Processing Unit (CPU) 501.
It should be noted that the computer readable medium shown in the present invention can be a computer readable signal medium or a computer readable storage medium or any combination of the two. A computer readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the foregoing. More specific examples of the computer readable storage medium may include, but are not limited to: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In the present invention, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. In the present invention, however, a computer readable signal medium may include a propagated data signal with computer readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated data signal may take many forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A computer readable signal medium may also be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device. Program code embodied on a computer readable medium may be transmitted using any appropriate medium, including but not limited to: wireless, wire, fiber optic cable, RF, etc., or any suitable combination of the foregoing.
The flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present invention. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams or flowchart illustration, and combinations of blocks in the block diagrams or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
The modules described in the embodiments of the present invention may be implemented by software or hardware. The described modules may also be provided in a processor, which may be described as: a processor comprising: a redirection module and a reverse proxy module. The names of these modules do not in some cases constitute a definition of the module itself, for example, the redirection module may also be described as a "module that forwards the request message to the device within the target gateway".
As another aspect, the present invention also provides a computer-readable medium that may be contained in the apparatus described in the above embodiments; or may be separate and not incorporated into the device. The computer readable medium carries one or more programs which, when executed by a device, cause the device to comprise: determining a target reverse proxy node corresponding to a request message to be sent to equipment in a target gateway according to the cached first corresponding relation, wherein the request message comprises an equipment identifier of the equipment in the target gateway; the first corresponding relation is a mapping relation between the equipment identifier of each gateway equipment and a reverse proxy node which is in long connection with the gateway equipment; and forwarding the request message to the equipment in the target gateway by utilizing the target reverse proxy node.
According to the technical scheme of the embodiment of the invention, the service node can actively send the request to the equipment in the gateway through the long connection and redirection service, and the communication mode of the service node is not required to be redesigned, so that the method is easy to realize.
The above-described embodiments should not be construed as limiting the scope of the invention. Those skilled in the art will appreciate that various modifications, combinations, sub-combinations, and substitutions can occur, depending on design requirements and other factors. Any modification, equivalent replacement, and improvement made within the spirit and principle of the present invention should be included in the protection scope of the present invention.
Claims (10)
1. A method of reverse connection, comprising:
determining a target reverse proxy node corresponding to a request message to be sent to equipment in a target gateway according to the cached first corresponding relation, wherein the request message comprises an equipment identifier of the equipment in the target gateway; the first corresponding relation is a mapping relation between the equipment identifier of the equipment in the gateway and a reverse proxy node which is in long connection with the equipment in the gateway;
and forwarding the request message to the equipment in the target gateway by utilizing the target reverse proxy node.
2. The method of claim 1, wherein before determining the target reverse proxy node corresponding to the request message to be sent to the device in the target gateway according to the cached first mapping relationship, further comprising:
receiving a registration request sent by each gateway device by using at least one reverse proxy node, wherein the registration request comprises a device identifier of the gateway device;
and establishing long connection between the equipment in the gateway and the reverse proxy node receiving the registration request of the equipment in the gateway, and storing a mapping relation between the equipment identifier of the equipment in the gateway and the IP address of the reverse proxy node receiving the registration request of the equipment in the gateway to obtain a first corresponding relation.
3. A method according to claim 1 or 2, wherein each intra-gateway device maintains a long connection with a reverse-proxy, the reverse-proxy comprising a plurality of reverse-proxy nodes.
4. The method of claim 1, wherein after determining the target reverse proxy node corresponding to the request message to be sent to the device in the target gateway according to the cached first mapping relationship, further comprising:
and sending the IP address of the target reverse proxy node to a service node so that the service node sends the request message to the target reverse proxy node according to the IP address of the target reverse proxy node.
5. The method of claim 1, wherein, prior to forwarding, with the target reverse proxy node, the request message to the target intra-gateway device, further comprising: analyzing a request identifier and a service node identifier of a service node from the request information, and storing a second corresponding relation between the request identifier and the service node identifier;
after forwarding the request message to the device in the target gateway by using the target reverse proxy node, the method further includes: and receiving a response message sent by the equipment in the gateway by using the reverse proxy node, analyzing the request identifier from the response message, determining a target service node corresponding to the request identifier according to the second corresponding relation, and forwarding the response message to the target service node.
6. The method of claim 1, wherein heartbeat packets periodically sent by an in-gateway device to which the reverse proxy node maintains the long connection are received with the reverse proxy node to maintain the long connection with the corresponding in-gateway device.
7. A reverse-connect apparatus, comprising:
the redirection module is used for determining a target reverse proxy node corresponding to a request message to be sent to equipment in a target gateway according to the cached first corresponding relation, wherein the request message comprises an equipment identifier of the equipment in the target gateway; the first corresponding relation is a mapping relation between the equipment identifier of each gateway equipment and a reverse proxy node which is in long connection with the gateway equipment;
and the reverse proxy module is used for forwarding the request message to the equipment in the target gateway by utilizing the target reverse proxy node.
8. A server-side system, comprising: a reverse connection device and a service node; wherein,
the service node generates a request message to be sent to equipment in a target gateway and sends the request message to the reverse connection device, wherein the request message comprises an equipment identifier of the equipment in the target gateway;
the reverse connection device determines a target reverse proxy node corresponding to a request message to be sent to equipment in the target gateway according to the cached first corresponding relation; the first corresponding relation is a mapping relation between the equipment identifier of each gateway equipment and a reverse proxy node which is in long connection with the gateway equipment; and forwarding the request message to the equipment in the target gateway by utilizing the target reverse proxy node.
9. A reverse-connected electronic device, comprising:
one or more processors;
a storage device for storing one or more programs,
when executed by the one or more processors, cause the one or more processors to implement the method of any one of claims 1-6.
10. A computer-readable medium, on which a computer program is stored, which, when being executed by a processor, carries out the method according to any one of claims 1-6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010514640.XA CN111726400A (en) | 2020-06-08 | 2020-06-08 | Reverse connection method, device and server-side system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010514640.XA CN111726400A (en) | 2020-06-08 | 2020-06-08 | Reverse connection method, device and server-side system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN111726400A true CN111726400A (en) | 2020-09-29 |
Family
ID=72567328
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010514640.XA Pending CN111726400A (en) | 2020-06-08 | 2020-06-08 | Reverse connection method, device and server-side system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111726400A (en) |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113271260A (en) * | 2021-05-12 | 2021-08-17 | 康键信息技术(深圳)有限公司 | Load balancing processing method, device, equipment and storage medium |
| CN114143315A (en) * | 2021-11-30 | 2022-03-04 | 阿里巴巴(中国)有限公司 | Edge cloud system, host access method and device |
| CN115225715A (en) * | 2022-06-30 | 2022-10-21 | 深圳市云洲创新科技有限公司 | Data interaction method and data interaction system |
| CN116582495A (en) * | 2023-04-28 | 2023-08-11 | 北京百度网讯科技有限公司 | Traffic migration method, server, client, electronic device and storage medium |
| CN116668512A (en) * | 2023-06-19 | 2023-08-29 | 中国电信股份有限公司 | Hybrid network connection method, system, electronic device and storage medium |
| CN118018604A (en) * | 2024-04-09 | 2024-05-10 | 创意信息技术股份有限公司 | A cloud-edge integrated reverse proxy method and device |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104168302A (en) * | 2013-05-20 | 2014-11-26 | 中国电信股份有限公司 | Device control realizing method, device control realizing system and proxy gateway |
| CN104980528A (en) * | 2015-06-26 | 2015-10-14 | 广州华多网络科技有限公司 | Method, system and apparatus for realizing communication between nodes |
| CN108600204A (en) * | 2018-04-11 | 2018-09-28 | 浙江大学 | A kind of corporate intranet access method based on Opposite direction connection and application layer tunnel |
| CN109729115A (en) * | 2017-10-30 | 2019-05-07 | 北京临风云科技有限公司 | Realize method, apparatus, the proxy server, terminal device of distributed computing |
-
2020
- 2020-06-08 CN CN202010514640.XA patent/CN111726400A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104168302A (en) * | 2013-05-20 | 2014-11-26 | 中国电信股份有限公司 | Device control realizing method, device control realizing system and proxy gateway |
| CN104980528A (en) * | 2015-06-26 | 2015-10-14 | 广州华多网络科技有限公司 | Method, system and apparatus for realizing communication between nodes |
| CN109729115A (en) * | 2017-10-30 | 2019-05-07 | 北京临风云科技有限公司 | Realize method, apparatus, the proxy server, terminal device of distributed computing |
| CN108600204A (en) * | 2018-04-11 | 2018-09-28 | 浙江大学 | A kind of corporate intranet access method based on Opposite direction connection and application layer tunnel |
Cited By (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113271260A (en) * | 2021-05-12 | 2021-08-17 | 康键信息技术(深圳)有限公司 | Load balancing processing method, device, equipment and storage medium |
| CN113271260B (en) * | 2021-05-12 | 2024-12-03 | 康键信息技术(深圳)有限公司 | Load balancing processing method, device, equipment and storage medium |
| CN114143315A (en) * | 2021-11-30 | 2022-03-04 | 阿里巴巴(中国)有限公司 | Edge cloud system, host access method and device |
| CN115225715A (en) * | 2022-06-30 | 2022-10-21 | 深圳市云洲创新科技有限公司 | Data interaction method and data interaction system |
| CN115225715B (en) * | 2022-06-30 | 2024-01-26 | 深圳市云洲创新科技有限公司 | Data interaction method and data interaction system |
| CN116582495A (en) * | 2023-04-28 | 2023-08-11 | 北京百度网讯科技有限公司 | Traffic migration method, server, client, electronic device and storage medium |
| CN116582495B (en) * | 2023-04-28 | 2025-11-21 | 北京百度网讯科技有限公司 | Traffic migration method, server, client, electronic device and storage medium |
| CN116668512A (en) * | 2023-06-19 | 2023-08-29 | 中国电信股份有限公司 | Hybrid network connection method, system, electronic device and storage medium |
| CN118018604A (en) * | 2024-04-09 | 2024-05-10 | 创意信息技术股份有限公司 | A cloud-edge integrated reverse proxy method and device |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11431673B2 (en) | Method, apparatus, and system for selecting MEC node | |
| CN111726400A (en) | Reverse connection method, device and server-side system | |
| EP3886404A1 (en) | Domain name server allocation method and device | |
| CN109889621B (en) | Configuration method and device for virtual private cloud service | |
| CN109729040B (en) | Method, apparatus and computer readable medium for selection of a protocol | |
| CN114398176A (en) | Service access method, device, electronic equipment and storage medium | |
| CN102667509A (en) | System and method for providing faster and more efficient data communication | |
| CN115486044A (en) | Load balances connection establishment among connector server groups | |
| CN112003945A (en) | Service request response method and device | |
| KR20080026161A (en) | Unified Architecture for Remote Network Access | |
| CN114584603B (en) | Method and device for connecting desktop client software with server and readable storage medium | |
| CN110830374A (en) | Method and device for gray level release based on SDK | |
| CN111277481A (en) | Method, device, equipment and storage medium for establishing VPN tunnel | |
| CN113079098A (en) | Method, device, equipment and computer readable medium for updating route | |
| CN115883655A (en) | Service request processing method and device, electronic equipment and storage medium | |
| US10243920B1 (en) | Internet protocol address reassignment between virtual machine instances | |
| CN114760360B (en) | Request response method, request response device, electronic equipment and computer readable storage medium | |
| US11122131B1 (en) | Edge cloud resource location using enhanced DNS service | |
| CN107222365B (en) | Data processing method and device and server | |
| CN107872538B (en) | Service processing method, reverse proxy and service server for decoupling TCP long connection | |
| CN120499159A (en) | Session holding method, apparatus, device, medium and product | |
| CN112367383A (en) | Service calling method and related equipment | |
| CN115996187B (en) | Routing information processing method and device, routing information interaction system and routing equipment | |
| CN111953804B (en) | Network data transmission method, device, medium and electronic equipment | |
| CN112055083B (en) | Request processing method and device, electronic equipment and medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20200929 |