CN102571562A - System and method for supporting multiple applications through stream reduction equipment by combining software and hardware - Google Patents
System and method for supporting multiple applications through stream reduction equipment by combining software and hardware Download PDFInfo
- Publication number
- CN102571562A CN102571562A CN2011104265807A CN201110426580A CN102571562A CN 102571562 A CN102571562 A CN 102571562A CN 2011104265807 A CN2011104265807 A CN 2011104265807A CN 201110426580 A CN201110426580 A CN 201110426580A CN 102571562 A CN102571562 A CN 102571562A
- Authority
- CN
- China
- Prior art keywords
- tcp
- hardware
- data
- application software
- connects
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Abstract
The invention provides a system and a method for supporting multiple applications through stream reduction equipment by combining software and hardware. A tcp connection state table is set in stream reduction hardware; a tcp connection filter table is set in application software; the application software acquires data of a tcp connection from the connection state table in the hardware, and then searches self connection filter table; and if the connection is in the connection filter table, the data are received, otherwise, the data are discarded. When one tcp connection is deleted in the application software, only the tcp connection in the self connection filter table is deleted, and the connection state table in the hardware is not operated, so that each application can process the tcp connection concerned per se and does not affect each other. Compared with the prior art, the system and the method have the advantage that: multi-application software is supported through the stream reduction equipment by combining the software and the hardware.
Description
Technical field
The invention belongs to the network data processing field, be specifically related to the stream reduction apparatus support system and methods of using that a kind of software and hardware combining realizes more.
Background technology:
In the current network; Most of flow transmits with Transmission Control Protocol; Transmission Control Protocol is connection-oriented complex protocol, and the reduction of data that network data processing system (such as intrusion detection, content auditing etc.) need connect transmission according to Transmission Control Protocol, each TCP is come out, on express network; Often have millions of even several ten million concurrent TCP connections, the load of network data processing system is very big.
On express network; A lot of network data processing systems are based on hardware flow reduction apparatus (comprising connection reduction apparatus, connection management equipment such as TOE network interface card) realization; Set up the state table that a concurrent tcp connects in the hardware device; Each tcp establishment of connection, transfer of data and pass closed procedure are managed, made application software directly obtain the data content that tcp connects transmission from hardware device.When software no longer needs the subsequent data of this connection, also can send out request to hardware, the tcp that deletion connects in the table connects.
The patent No. is that CN200810224570.3, name are called " based on the volume control device and the method for volume forecasting and trusted network address learning " and disclose a kind of volume control device and method based on volume forecasting and trusted network address learning; Device comprises forwarding engine and flow analysis unit; Said forwarding engine is used for the network traffics of transmission network packet, each destination host of statistics turnover, from the network packet that each destination host sends, collects trusted network address; When detecting attack traffic; Sampling is sent into the network packet of the destination host with attack traffic and sample is issued the flow analysis unit, and according to the attack traffic filtering rule that collected trusted network address and flow analysis unit return the network packet that mails to this destination host is carried out flow control; Said flow analysis unit is used for according to the network packet sample that is received; With each ICP/IP protocol header field value is item, extracts the attack traffic filtering rule that the Frequent Item Sets conduct of satisfying preset minimum support is applied to the corresponding destination host of said network packet sample.
The patent No. is that CN201010275436.3, name are called " a kind of network flow control system and method " and disclose a kind of network flow control system and method.The present invention includes UDP packet filtering module, flow control parameters update module and tcp window Shaping Module.This flow control parameters update module is used to receive the packet of this system of inflow, and according to the Flow Control target of this packet flow velocity and default, calculates Flow Control state, UDP packet filtering ratio, the tcp window shaping ratio of this system.This UDP packet filtering module is used to receive Flow Control state, UDP packet filtering ratio, and at this Flow Control state during for the needs Flow Control, according to this UDP packet filtering ratio, the UDP message bag of this inflow system is filtered.This tcp window Shaping Module is used to receive this filtered data bag, Flow Control state, tcp window shaping ratio, and according to the tcp window size and the tcp window shaping ratio of this packet, this filtered data bag is carried out window shaping.The present invention can be widely used in the network flow control system.
In the such scheme; On express network; Often need use the hardware flow reduction apparatus to carry out the management of tcp connection table, it is out of question only to move an application software on the hardware flow reduction apparatus, but a lot of network data processing system; Need on a hardware platform, move a plurality of application; The data that each application possibly need different tcp to connect, because an application in a plurality of application can have influence on other application to the operation of tcp connection table in the hardware, therefore general stream reduction apparatus can't support a plurality of application to move simultaneously.
Summary of the invention
The present invention overcomes the defective of prior art, supports a plurality of application to move simultaneously.
The invention provides the stream reduction apparatus support systems that use that a kind of software and hardware combining realizes more, comprise a plurality of application software modules and stream restore hardware module, comprise tcp connection status table module in this stream restore hardware module.
The stream reduction apparatus support that software and hardware combining provided by the invention the realizes systems that use comprise in each application software module that tcp connects filter table, is used for confirming the connection status of tcp more.
The stream reduction apparatus support that software and hardware combining provided by the invention the realizes systems that use, application software module comprises data reception module, is used to receive tcp and connects the data that filter table transmits more.
The stream reduction apparatus support that software and hardware combining provided by the invention the realizes systems that use, application software module comprises the deletion link block, is used for deleting the tcp that connects the filter table module and connects more.
The stream reduction apparatus support that the present invention also provides a kind of software and hardware combining the to realize methods of using are provided with a tcp connection status table more in the stream restore hardware, a tcp is set in application software connects filter table.
The stream reduction apparatus support that software and hardware combining provided by the invention the realizes methods of using more; After said application software obtains the data of a newly-built tcp connection from hardware connection status table; Connect the tcp that joins oneself to this tcp and connect in the filter table, and receive data.
The stream reduction apparatus support that software and hardware combining provided by the invention the realizes methods of using more; After said application software obtains tcp connection data of transmitting from hardware tcp connection status table; The tcp that need search oneself connects filter table; If being connected in the filter table, this tcp exists; Then accept data, otherwise abandon data.
The stream reduction apparatus support that software and hardware combining provided by the invention the realizes methods of using, said application software receive one when closing the data that tcp connects more, connect this tcp connection of deletion the filter table from own TCP, and abandon data.
The stream reduction apparatus support of the software and hardware combining realization provided by the invention methods of using when tcp of said application software deletion connects, are only deleted the list item in the tcp connection filter table in the software more, and not to the tcp connection status table handling in the hardware.
The present invention uses the method for software and hardware combining; Except in the stream restore hardware, a connection status off-balancesheet being set, also being provided with one and connecting filter table, after the connection status table of application software from hardware obtains the data of a tcp connection in each application software the inside; Also to go to search the connection filter table of oneself; Connect in the filter table if this is connected, then receive data, otherwise abandon data.When an application software will be deleted tcp and connected, only connect deletion to this tcp in the oneself connection filter table, and, make each application can handle the tcp connection of own concern so not to the connection status table handling in the hardware, be independent of each other.
Compared with prior art, beneficial effect of the present invention is: an application in a plurality of application of the present invention can not have influence on other application to the operation of tcp connection table in the hardware; Software and hardware combining solves the support of stream reduction apparatus to many application software.
Description of drawings
Fig. 1 is a structural representation of the present invention.
Embodiment
Fig. 1 is a structural representation of the present invention, comprises a plurality of application software modules and stream restore hardware module, comprises tcp connection status table module in this stream restore hardware module.
Comprise in each application software module that tcp connects filter table, is used for confirming the connection status of tcp.Application software module also comprises data reception module, is used to receive tcp and connects the data that filter table transmits.Software module also comprises the deletion link block, is used for deleting the tcp that connects the filter table module and connects.
Implementation method of the present invention and process are following:
(1) sets up a tcp connection status table in the stream reduction apparatus, set up a tcp in each application software and connect filter table.
(2) after application software obtains the data of a newly-built tcp connection from hardware connection status table, connect the tcp that joins oneself to this tcp and connect in the filter table, and receive data.
(3) when application software obtained tcp connection data of transmitting from hardware tcp connection status table after, the tcp that need search oneself connected filter table, if this tcp is connected in the filter table exists, and then receives data, otherwise abandons data.
(4) receive one when closing the data that tcp connects when application software, connect this tcp connection of deletion the filter table from own TCP, and abandon data.
(5) when tcp of application software deletion connects, only delete the list item in the tcp connection filter table in the software, and not to the tcp connection status table handling in the hardware.
An application in a plurality of application of the present invention can not have influence on other application to the operation of tcp connection table in the hardware; Software and hardware combining solves the support of stream reduction apparatus to many application software.
Above embodiment is only in order to technical scheme of the present invention to be described but not to its restriction; Although the present invention has been carried out detailed explanation with reference to the foregoing description; The those of ordinary skill in said field is to be understood that: still can specific embodiments of the invention make amendment or replacement on an equal basis; And do not break away from any modification of spirit and scope of the invention or be equal to replacement, it all should be encompassed in the middle of the claim scope of the present invention.
Claims (9)
1. the stream reduction apparatus support systems that use that software and hardware combining realizes comprise a plurality of application software modules and stream restore hardware module more, it is characterized in that flowing comprising tcp connection status table module in the restore hardware module.
2. the system of claim 1 is characterized in that comprising in the application software module that tcp connects filter table, is used for confirming the connection status of tcp.
3. the system of claim 1-2 is characterized in that application software module comprises data reception module, is used to receive tcp and connects the data that filter table transmits.
4. the system of claim 1-3 is characterized in that application software module comprises the deletion link block, is used for deleting the tcp that connects the filter table module and connects.
5. the stream reduction apparatus support methods of using that software and hardware combining realizes is characterized in that more, in the stream restore hardware, a tcp connection status table are set, and a tcp is set in application software connects filter table.
6. based on the described support of claim 5 methods of using, it is characterized in that said application software after the data of a newly-built tcp connection of hardware connection status table acquisition more, this tcp connected the tcp that joins oneself connect in the filter table, and receive data.
7. according to the described support of the claim 5-6 methods of using more; After it is characterized in that said application software obtains tcp connection data of transmitting from hardware tcp connection status table; The tcp that need search oneself connects filter table; If this tcp is connected in the filter table exist, then accept data, otherwise abandon data.
8. according to the described support of the claim 5-7 methods of using, it is characterized in that said application software receives one when closing the data that tcp connects, and connects this tcp connection of deletion the filter table from own TCP, and abandons data more.
9. according to the described support of the claim 5-8 methods of using, when it is characterized in that tcp of said application software deletion connects, only delete the list item in the tcp connection filter table in the software more, and not to the tcp connection status table handling in the hardware.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2011104265807A CN102571562A (en) | 2011-12-19 | 2011-12-19 | System and method for supporting multiple applications through stream reduction equipment by combining software and hardware |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2011104265807A CN102571562A (en) | 2011-12-19 | 2011-12-19 | System and method for supporting multiple applications through stream reduction equipment by combining software and hardware |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN102571562A true CN102571562A (en) | 2012-07-11 |
Family
ID=46416065
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2011104265807A Pending CN102571562A (en) | 2011-12-19 | 2011-12-19 | System and method for supporting multiple applications through stream reduction equipment by combining software and hardware |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102571562A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103188355A (en) * | 2013-04-02 | 2013-07-03 | 汉柏科技有限公司 | Method for dynamic matching of message through prejudging |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20040246974A1 (en) * | 2003-06-05 | 2004-12-09 | Gyugyi Paul J. | Storing and accessing TCP connection information |
| CN102075525A (en) * | 2010-12-17 | 2011-05-25 | 曙光信息产业(北京)有限公司 | Method for deleting TCP connection in hardware by sending connection invalid request to hardware by software |
| CN102111435A (en) * | 2010-12-17 | 2011-06-29 | 曙光信息产业(北京)有限公司 | Method for realizing transmission control protocol (TCP) connection status management by combining software with hardware |
-
2011
- 2011-12-19 CN CN2011104265807A patent/CN102571562A/en active Pending
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20040246974A1 (en) * | 2003-06-05 | 2004-12-09 | Gyugyi Paul J. | Storing and accessing TCP connection information |
| CN102075525A (en) * | 2010-12-17 | 2011-05-25 | 曙光信息产业(北京)有限公司 | Method for deleting TCP connection in hardware by sending connection invalid request to hardware by software |
| CN102111435A (en) * | 2010-12-17 | 2011-06-29 | 曙光信息产业(北京)有限公司 | Method for realizing transmission control protocol (TCP) connection status management by combining software with hardware |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103188355A (en) * | 2013-04-02 | 2013-07-03 | 汉柏科技有限公司 | Method for dynamic matching of message through prejudging |
| CN103188355B (en) * | 2013-04-02 | 2016-03-02 | 汉柏科技有限公司 | A kind of by judging the method for message being carried out to Dynamic Matching in advance |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN107404400B (en) | Network situation awareness implementation method and device | |
| CN101473598B (en) | Communicating packets between forwarding contexts using virtual interfaces | |
| CN102668467B (en) | Computer system and monitoring method for computer system | |
| US9565120B2 (en) | Method and system for performing distributed deep-packet inspection | |
| CN101309150B (en) | Distributed service attack refusing defense method, apparatus and system | |
| EP2518940A1 (en) | Automatic network topology detection and modeling | |
| CN109274673B (en) | Network flow abnormity detection and defense method | |
| CN110855493B (en) | Application topological graph drawing device for mixed environment | |
| CN101997871B (en) | Device for quickly capturing, filtering and forwarding data | |
| CN102739457A (en) | Network flow recognition system and method based on DPI (Deep Packet Inspection) and SVM (Support Vector Machine) technology | |
| EP3720075B1 (en) | Data transmission method and virtual switch | |
| CN105282169A (en) | DDoS attack warning method and system based on SDN controller threshold | |
| CN105376110A (en) | Network data packet analysis method and system in big data stream technology | |
| CN105847250B (en) | VoIP flow media various dimensions information steganography real-time detection method | |
| CN102215102A (en) | Method and applications of network monitoring data packet with timestamp | |
| CN103078753A (en) | Method, device and system for processing mails | |
| CN112350882A (en) | Distributed network traffic analysis system and method | |
| KR20140097691A (en) | Recording Medium, Method and Device for Server Grouping | |
| CN108512816B (en) | Traffic hijacking detection method and device | |
| CN102158406A (en) | Intelligent routing method for computer network links | |
| CN101447896B (en) | TCP connection managing method for internet bypass monitoring system | |
| JPWO2012081721A1 (en) | Communication system, node, packet transfer method and program | |
| CN109951425B (en) | TCP (Transmission control protocol) flow state integrity detection method based on FPGA (field programmable Gate array) | |
| CN102571562A (en) | System and method for supporting multiple applications through stream reduction equipment by combining software and hardware | |
| CN103001966A (en) | Processing and identifying method and device for private network IP |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C12 | Rejection of a patent application after its publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20120711 |