Nothing Special   »   [go: up one dir, main page]

CN108696546B - Method and device for accessing public network by user terminal of enterprise mobile private network - Google Patents

Method and device for accessing public network by user terminal of enterprise mobile private network Download PDF

Info

Publication number
CN108696546B
CN108696546B CN201710081308.7A CN201710081308A CN108696546B CN 108696546 B CN108696546 B CN 108696546B CN 201710081308 A CN201710081308 A CN 201710081308A CN 108696546 B CN108696546 B CN 108696546B
Authority
CN
China
Prior art keywords
message
enterprise
public network
http
user
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201710081308.7A
Other languages
Chinese (zh)
Other versions
CN108696546A (en
Inventor
翟来国
池海祥
池柏祥
李睿
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
ZTE Corp
Original Assignee
ZTE Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by ZTE Corp filed Critical ZTE Corp
Priority to CN201710081308.7A priority Critical patent/CN108696546B/en
Priority to PCT/CN2018/075548 priority patent/WO2018149342A1/en
Publication of CN108696546A publication Critical patent/CN108696546A/en
Application granted granted Critical
Publication of CN108696546B publication Critical patent/CN108696546B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/40Network security protocols
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/02Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/14Session management
    • H04L67/141Setup of application sessions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/56Provisioning of proxy services

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The invention discloses a method and a device for accessing a public network by a user terminal of an enterprise mobile private network, wherein the method comprises the following steps: when an enterprise mobile private network base station side receives an uplink public network message sent by a mobile terminal of an enterprise internal user, determining the message type of the uplink public network message; the enterprise mobile private network base station side establishes protocol connection of corresponding message types between the enterprise mobile private network base station side and the mobile terminal of the enterprise internal user according to the determined message types of the uplink public network messages, and obtains the uplink protocol messages sent by the mobile terminal of the enterprise internal user through the protocol connection; the enterprise mobile private network base station side routes the uplink protocol message to the HTTP proxy server; and when receiving the downlink protocol message returned by the HTTP proxy server, the enterprise mobile private network base station side sends the downlink protocol message to the mobile terminal of the user in the enterprise through the established protocol connection.

Description

Method and device for accessing public network by user terminal of enterprise mobile private network
Technical Field
The invention relates to the technical field of mobile communication, in particular to a method and a device for accessing a public network by a user terminal of an enterprise mobile private network.
Background
An enterprise network is generally divided into an internal network (referred to as an intranet) and a DMZ Zone (a Demilitarized Zone, also called an isolation Zone). An intranet host is located in an intranet, and when the intranet host accesses the Internet (Internet, also referred to as public network or external network), the intranet host accesses the Internet through an HTTP proxy (also referred to as WEB proxy), and the HTTP proxy is generally deployed in the DMZ zone.
The HTTP proxy server is used to proxy external network access of HTTP and HTTPs (Hyper Text Transfer Protocol over Secure Socket Layer). Both HTTP and HTTPs protocols are based on the TCP (Transmission Control Protocol) Protocol and are distinguished by port numbers.
The intranet host accesses the public network of the HTTP and the HTTPs, and different public network servers directly establish connection, but establish HTTP connection with the HTTP proxy server, and the HTTP proxy server then establishes specific protocol connection with the public network server, as shown in fig. 1.
Specifically, for HTTP access, as shown in fig. 2, the intranet host establishes an HTTP connection with the proxy server, and the proxy server establishes an HTTP connection with the target public network WEB server.
For HTTPS access, as shown in fig. 3, the intranet host establishes an HTTP connection with the proxy server and requests the proxy server to establish an SSL (Secure Socket Layer) connection with the public network server by using a CONNECT method, the HTTP connection between the intranet host and the HTTP proxy server transparently forwards SSL messages between the intranet host and the public network server, which is generally called a WEB tunnel.
An evolved Node B (eNB) of a mobile operator may also construct a virtual private mobile network for an enterprise besides providing public mobile network services for public users, and an intra-enterprise user may access an intranet through the virtual network, which is referred to herein as an enterprise private mobile network. Accordingly, these base stations may also be referred to as corporate private mobile network base stations, and it should be noted that corporate private mobile network base stations are also public base stations in nature, and unlike common public base stations, may be used to construct corporate private mobile networks.
Using the enterprise mobile private network, the mobile terminal of the User inside the enterprise, that is, the User Equipment (UE), can Access the enterprise internal network at the base station side, but when accessing the public network, because the APN (Access Point Name, Access Point) cannot set a proxy, the HTTP proxy server cannot be used to Access the public network, and still go through the base station of the operator mobile network, the Backhaul network (Backhaul) and the Core network EPC (Evolved Packet Core), then to the internet, and then to the public network server, as shown in fig. 4.
At present, there is no public method for accessing public network by mobile network terminal of user in enterprise network at mobile network base station side by using HTTP proxy server of enterprise network.
Disclosure of Invention
The technical problem solved by the scheme provided by the embodiment of the invention is that the mobile terminal of the user in the enterprise can not use the HTTP proxy server of the enterprise network to access the public network at the mobile network access side.
The enterprise mobile private network base station is a public base station of a mobile operator which can provide the function of constructing the enterprise mobile private network, and the enterprise mobile private network is only accessed by mobile terminals of users in an enterprise.
The method for the user terminal of the enterprise mobile private network to access the public network provided by the embodiment of the invention comprises the following steps:
when an enterprise mobile private network base station side receives an uplink public network message sent by a mobile terminal of an enterprise internal user, determining the message type of the uplink public network message;
the enterprise mobile private network base station side establishes protocol connection of corresponding message types between the enterprise mobile private network base station side and the mobile terminal of the enterprise internal user according to the determined message types of the uplink public network messages, and obtains the uplink protocol messages sent by the mobile terminal of the enterprise internal user through the protocol connection;
the enterprise mobile private network base station side routes the uplink protocol message to the HTTP proxy server so that the mobile terminal of the user in the enterprise can access the public network through the HTTP proxy server;
and when receiving the downlink protocol message returned by the HTTP proxy server, the enterprise mobile private network base station side sends the downlink protocol message to the mobile terminal of the user in the enterprise through the established protocol connection.
Preferably, the uplink public network message includes destination address information for identifying a public network address and TCP port number information for identifying a message type; the message types comprise an HTTP message type and an HTTPS message type.
Preferably, when the base station side of the enterprise mobile private network receives an uplink public network message sent by a mobile terminal of an enterprise internal user, determining the message type of the uplink public network message includes:
when an enterprise mobile private network base station side receives an uplink public network message sent by a mobile terminal of an enterprise internal user, analyzing the uplink public network message to obtain a destination address and a TCP port number of the uplink public network message;
the enterprise mobile private network base station side carries out matching processing on the obtained destination address and the TCP port number by utilizing a preset public network address library, an HTTP port list library and an HTTPS port list library;
if the obtained destination address and TCP port number are matched with the public network address library and the HTTP port list library, the enterprise mobile private network base station side determines that the uplink public network message is of an HTTP message type;
and if the obtained destination address and the TCP port number are matched with the public network address library and the HTTPS port list library, the enterprise mobile private network base station side determines that the uplink public network message is of an HTTPS message type.
Preferably, the establishing, by the enterprise mobile private network base station side, a protocol connection of a corresponding message type between the enterprise mobile private network base station side and the mobile terminal of the internal user of the enterprise according to the determined message type of the uplink public network message, and acquiring, via the protocol connection, the uplink protocol message sent by the mobile terminal of the internal user of the enterprise includes:
and when the enterprise mobile private network base station side determines that the uplink public network message is of the HTTP message type, establishing HTTP protocol connection between the uplink public network message and the mobile terminal of the enterprise internal user, and acquiring the uplink HTTP protocol message sent by the mobile terminal of the enterprise internal user through the HTTP protocol connection.
Preferably, the establishing, by the enterprise mobile private network base station side, a protocol connection of a corresponding message type between the enterprise mobile private network base station side and the mobile terminal of the internal user of the enterprise according to the determined message type of the uplink public network message, and acquiring, via the protocol connection, the uplink protocol message sent by the mobile terminal of the internal user of the enterprise includes:
and when the enterprise mobile private network base station side determines that the uplink public network message is of the HTTPS message type, establishing SSL protocol connection between the uplink public network message and the mobile terminal of the user in the enterprise, and acquiring the uplink SSL protocol message sent by the mobile terminal of the user in the enterprise through the SSL protocol connection.
Preferably, when the base station side of the enterprise mobile private network receives the downlink protocol packet returned by the HTTP proxy server, sending the downlink protocol packet to the mobile terminal of the user in the enterprise through the established protocol connection includes:
and when receiving the downlink HTTP protocol message returned by the HTTP proxy server, the enterprise mobile private network base station side encapsulates the downlink HTTP protocol message into a downlink user message for sending to the mobile terminal of the enterprise internal user, and sends the downlink user message to the mobile terminal of the enterprise internal user through the established HTTP protocol connection.
Preferably, when the base station side of the enterprise mobile private network receives the downlink protocol packet returned by the HTTP proxy server, sending the downlink protocol packet to the mobile terminal of the user in the enterprise through the established protocol connection includes:
and when receiving the downlink SSL protocol message returned by the HTTP proxy server, the enterprise mobile private network base station side encapsulates the downlink SSL protocol message into a downlink user message for sending to the mobile terminal of the enterprise internal user, and sends the downlink user message to the mobile terminal of the enterprise internal user through the established SSL protocol connection.
The device for the user terminal of the enterprise mobile private network to access the public network provided by the embodiment of the invention comprises the following steps:
the determining module is used for determining the message type of the uplink public network message when receiving the uplink public network message sent by the mobile terminal of the user in the enterprise;
a protocol connection establishing module, configured to establish a protocol connection of a corresponding message type between the uplink public network message and the mobile terminal of the user in the enterprise according to the determined message type of the uplink public network message, and obtain, via the protocol connection, an uplink protocol message sent by the mobile terminal of the user in the enterprise;
and the sending module is used for routing the uplink protocol message to the HTTP proxy server so that the mobile terminal of the user in the enterprise accesses the public network through the HTTP proxy server, and sending the downlink protocol message to the mobile terminal of the user in the enterprise through the established protocol connection when receiving the downlink protocol message returned by the HTTP proxy server.
Preferably, the uplink public network message includes destination address information for identifying a public network address and TCP port number information for identifying a message type; the message types comprise an HTTP message type and an HTTPS message type.
Preferably, the determining module comprises:
the analysis unit is used for analyzing the uplink public network message to obtain a destination address and a TCP port number of the uplink public network message when receiving the uplink public network message sent by a mobile terminal of a user inside an enterprise;
the matching unit is used for matching the obtained destination address and the TCP port number by utilizing a preset public network address library, an HTTP port list library and an HTTPS port list library;
and the determining unit is used for determining that the uplink public network message is of an HTTP message type when the obtained destination address and the obtained TCP port number are matched with the public network address library and the HTTP port list library, and determining that the uplink public network message is of an HTTPS message type when the obtained destination address and the obtained TCP port number are matched with the public network address library and the HTTPS port list library.
Preferably, the protocol connection establishing module includes:
and establishing a first protocol connection unit, which is used for establishing HTTP protocol connection between the uplink public network message and the mobile terminal of the user in the enterprise when the uplink public network message is determined to be of the HTTP message type, and acquiring the uplink HTTP protocol message sent by the mobile terminal of the user in the enterprise through the HTTP protocol connection.
Preferably, the protocol connection establishing module includes:
and establishing a second protocol connection unit, configured to establish, when it is determined that the uplink public network packet is of an HTTPS packet type, an SSL protocol connection between the uplink public network packet and the mobile terminal of the user inside the enterprise, and acquire, via the SSL protocol connection, an uplink SSL protocol packet sent by the mobile terminal of the user inside the enterprise.
According to the scheme provided by the embodiment of the invention, the local network HTTP proxy server is used by the user mobile terminal in the local network to access the public network service at the mobile network base station side, so that the originally rented wired transmission bandwidth of the enterprise network is fully utilized, the cost is saved, and the local network is convenient to control the behavior of the user mobile network terminal in the local network to access the public network.
Drawings
FIG. 1 is a schematic diagram illustrating an intranet host indirectly accessing a public network according to the prior art;
FIG. 2 is a diagram illustrating an intranet host HTTP accessing a website provided by the prior art;
FIG. 3 is a schematic diagram of an intranet host HTTPS access website provided by the prior art;
FIG. 4 is a diagram illustrating a mobile network terminal of an intra-enterprise user accessing a public network provided by the prior art;
fig. 5 is a flowchart of a method for a user terminal of an enterprise mobile private network to access a public network according to an embodiment of the present invention;
fig. 6 is a schematic diagram of an apparatus for a user terminal of an enterprise mobile private network to access a public network according to an embodiment of the present invention;
FIG. 7 is a schematic diagram of an enterprise-wide user mobile network terminal using an HTTP proxy server according to an embodiment of the present invention;
FIG. 8 is a schematic diagram of an intra-enterprise user mobile network terminal using an HTTP proxy server according to an embodiment of the present invention;
FIG. 9 is a schematic diagram of an added module provided by an embodiment of the present invention;
fig. 10 is a schematic diagram of a newly added module deployment in fig. 9 according to an embodiment of the present invention;
fig. 11 is a flowchart of processing an uplink message for an internal enterprise user HTTP public network access according to an embodiment of the present invention;
fig. 12 is a flowchart of processing a downstream message for HTTP public network access of an internal user of an enterprise according to an embodiment of the present invention;
fig. 13 is a flowchart of processing an internal user HTTPS public network access uplink message according to an embodiment of the present invention;
fig. 14 is a flowchart of processing an internal-enterprise user HTTPS public network access downlink message according to an embodiment of the present invention.
Detailed Description
The preferred embodiments of the present invention will be described in detail below with reference to the accompanying drawings, and it should be understood that the preferred embodiments described below are only for the purpose of illustrating and explaining the present invention, and are not to be construed as limiting the present invention.
Fig. 5 is a flowchart of a method for a user terminal of an enterprise mobile private network to access a public network according to an embodiment of the present invention, and as shown in fig. 5, the method includes:
step S501: when an enterprise mobile private network base station side receives an uplink public network message sent by a mobile terminal of an enterprise internal user, determining the message type of the uplink public network message;
step S502: the enterprise mobile private network base station side establishes protocol connection of corresponding message types between the enterprise mobile private network base station side and the mobile terminal of the enterprise internal user according to the determined message types of the uplink public network messages, and obtains the uplink protocol messages sent by the mobile terminal of the enterprise internal user through the protocol connection;
step S503: the enterprise mobile private network base station side routes the uplink protocol message to the HTTP proxy server so that the mobile terminal of the user in the enterprise can access the public network through the HTTP proxy server;
step S504: and when receiving the downlink protocol message returned by the HTTP proxy server, the enterprise mobile private network base station side sends the downlink protocol message to the mobile terminal of the user in the enterprise through the established protocol connection.
The uplink public network message comprises destination address information used for identifying a public network address and TCP port number information used for identifying a message type. The message types comprise an HTTP message type and an HTTPS message type.
When the enterprise mobile private network base station side receives an uplink public network message sent by a mobile terminal of an enterprise internal user, determining the message type of the uplink public network message comprises the following steps: when an enterprise mobile private network base station side receives an uplink public network message sent by a mobile terminal of an enterprise internal user, analyzing the uplink public network message to obtain a destination address and a TCP port number of the uplink public network message; the enterprise mobile private network base station side carries out matching processing on the obtained destination address and the TCP port number by utilizing a preset public network address library, an HTTP port list library and an HTTPS port list library; if the obtained destination address and TCP port number are matched with the public network address library and the HTTP port list library, the enterprise mobile private network base station side determines that the uplink public network message is of an HTTP message type; and if the obtained destination address and the TCP port number are matched with the public network address library and the HTTPS port list library, the enterprise mobile private network base station side determines that the uplink public network message is of an HTTPS message type.
The method comprises the following steps that the enterprise mobile private network base station side establishes protocol connection of corresponding message types between the enterprise mobile private network base station side and the mobile terminal of the enterprise internal user according to the determined message types of the uplink public network messages, and the uplink protocol messages sent by the mobile terminal of the enterprise internal user are acquired through the protocol connection, wherein the protocol connection comprises the following steps: and when the enterprise mobile private network base station side determines that the uplink public network message is of the HTTP message type, establishing HTTP protocol connection between the uplink public network message and the mobile terminal of the enterprise internal user, and acquiring the uplink HTTP protocol message sent by the mobile terminal of the enterprise internal user through the HTTP protocol connection. When the enterprise mobile private network base station side receives the downlink protocol message returned by the HTTP proxy server, the step of sending the downlink protocol message to the mobile terminal of the enterprise internal user through the established protocol connection comprises the following steps: and when receiving the downlink HTTP protocol message returned by the HTTP proxy server, the enterprise mobile private network base station side encapsulates the downlink HTTP protocol message into a downlink user message for sending to the mobile terminal of the enterprise internal user, and sends the downlink user message to the mobile terminal of the enterprise internal user through the established HTTP protocol connection.
The method comprises the following steps that the enterprise mobile private network base station side establishes protocol connection of corresponding message types between the enterprise mobile private network base station side and the mobile terminal of the enterprise internal user according to the determined message types of the uplink public network messages, and the uplink protocol messages sent by the mobile terminal of the enterprise internal user are acquired through the protocol connection, wherein the protocol connection comprises the following steps: and when the enterprise mobile private network base station side determines that the uplink public network message is of the HTTPS message type, establishing SSL protocol connection between the uplink public network message and the mobile terminal of the user in the enterprise, and acquiring the uplink SSL protocol message sent by the mobile terminal of the user in the enterprise through the SSL protocol connection. When the enterprise mobile private network base station side receives the downlink protocol message returned by the HTTP proxy server, the step of sending the downlink protocol message to the mobile terminal of the enterprise internal user through the established protocol connection comprises the following steps: and when receiving the downlink SSL protocol message returned by the HTTP proxy server, the enterprise mobile private network base station side encapsulates the downlink SSL protocol message into a downlink user message for sending to the mobile terminal of the enterprise internal user, and sends the downlink user message to the mobile terminal of the enterprise internal user through the established SSL protocol connection.
Fig. 6 is a schematic diagram of an apparatus for a user terminal of an enterprise mobile private network to access a public network according to an embodiment of the present invention, as shown in fig. 6, including: a determining module 601, configured to determine a message type of an uplink public network message when receiving the uplink public network message sent by a mobile terminal of a user inside an enterprise; a protocol connection establishing module 602, configured to establish, according to the determined message type of the uplink public network message, a protocol connection of a corresponding message type between the uplink public network message and the mobile terminal of the internal enterprise user, and obtain, via the protocol connection, an uplink protocol message sent by the mobile terminal of the internal enterprise user; a sending module 603, configured to route the uplink protocol packet to the HTTP proxy server, so that the mobile terminal of the user inside the enterprise accesses the public network through the HTTP proxy server, and when receiving the downlink protocol packet returned by the HTTP proxy server, sends the downlink protocol packet to the mobile terminal of the user inside the enterprise through the established protocol connection.
The uplink public network message comprises destination address information used for identifying a public network address and TCP port number information used for identifying a message type; the message types comprise an HTTP message type and an HTTPS message type.
Wherein the determining module 601 comprises: the analysis unit is used for analyzing the uplink public network message to obtain a destination address and a TCP port number of the uplink public network message when receiving the uplink public network message sent by a mobile terminal of a user inside an enterprise; the matching unit is used for matching the obtained destination address and the TCP port number by utilizing a preset public network address library, an HTTP port list library and an HTTPS port list library; and the determining unit is used for determining that the uplink public network message is of an HTTP message type when the obtained destination address and the obtained TCP port number are matched with the public network address library and the HTTP port list library, and determining that the uplink public network message is of an HTTPS message type when the obtained destination address and the obtained TCP port number are matched with the public network address library and the HTTPS port list library.
Wherein the establishing protocol connection module 602 includes:
and establishing a first protocol connection unit, which is used for establishing HTTP protocol connection between the uplink public network message and the mobile terminal of the user in the enterprise when the uplink public network message is determined to be of the HTTP message type, and acquiring the uplink HTTP protocol message sent by the mobile terminal of the user in the enterprise through the HTTP protocol connection.
Wherein, the establishing protocol connection module 602 further includes:
and establishing a second protocol connection unit, configured to establish, when it is determined that the uplink public network packet is of an HTTPS packet type, an SSL protocol connection between the uplink public network packet and the mobile terminal of the user inside the enterprise, and acquire, via the SSL protocol connection, an uplink SSL protocol packet sent by the mobile terminal of the user inside the enterprise.
The sending module 603 is specifically configured to, when receiving a downlink HTTP protocol packet returned by the HTTP proxy server, encapsulate the downlink HTTP protocol packet into a downlink user packet for sending to the mobile terminal of the enterprise internal user, and send the downlink user packet to the mobile terminal of the enterprise internal user through the established HTTP protocol connection.
The sending module 603 is further specifically configured to, when receiving a downlink SSL protocol packet returned by the HTTP proxy server, encapsulate the downlink SSL protocol packet into a downlink user packet for sending to the mobile terminal of the user inside the enterprise, and send the downlink user packet to the mobile terminal of the user inside the enterprise through the established SSL protocol connection.
Fig. 7 is a schematic diagram of an enterprise internal user mobile network terminal using an HTTP proxy server according to an embodiment of the present invention, and as shown in fig. 7, when an internal user of an enterprise network uses a mobile network terminal to access a public network, a new device simulates a public network server, establishes an HTTP protocol connection with a user terminal, and receives a user protocol packet; and the new equipment simulates the proxy internet surfing behavior of the intranet host and accesses the public network through the HTTP proxy server.
For HTTP access, the new equipment simulates a public network server to establish HTTP connection with a user terminal, and receives an HTTP request message of the user terminal; and then the new equipment simulates an intranet host, establishes HTTP connection with an HTTP proxy server, sends the received user terminal HTTP message to the HTTP proxy server after URL (Uniform resource locator) processing, and sends the HTTP proxy server to the public network server through HTTP connection with the public network server. The relative URL in the HTTP message of the user terminal is corrected to be the absolute URL in the URL processing, the HTTP response message returned by the HTTP proxy server is received, and the new equipment simulates a public network server and sends the HTTP response message to the user terminal through the HTTP connection with the user terminal.
Fig. 8 is a schematic diagram of an enterprise internal user mobile network terminal using an HTTP proxy server according to an embodiment of the present invention, and as shown in fig. 8, when an internal user of an enterprise network uses a mobile network terminal to access a public network, a new device simulates a public network server, establishes an SSL protocol connection with a user terminal, and receives a user protocol packet; and the new equipment simulates the proxy internet surfing behavior of the intranet host and accesses the public network through the HTTP proxy server.
For HTTPS access, the new equipment simulates a public network server to establish SSL connection with a user terminal, and receives SSL messages; and then the new equipment simulates an intranet host, establishes HTTP connection with an HTTP proxy server, requests the HTTP proxy server to establish SSL connection with a public network server by using a connect method, sends the received SSL message of the user terminal to the HTTP proxy server, and sends the SSL message to the public network server through the SSL connection between the HTTP proxy server and the public network server. And receiving the SSL message returned by the HTTP proxy server, simulating the public network server by the new equipment, and sending the SSL message to the user terminal through the SSL connection with the user terminal.
As shown in fig. 7 and 8, the new device analyzes the user uplink packet by packet of the mobile network base station, identifies the public network HTTP/HTTPs access packet of the internal user, simulates the public network server to establish HTTP or SSL connection with the user terminal according to the agent configuration rule, and receives the HTTP or SSL packet of the user terminal; simulating an intranet host, establishing HTTP connection with an HTTP proxy server according to proxy configuration rules, and sending a user HTTP or SSL protocol message to the HTTP proxy server; and receiving the user message returned by the proxy server, simulating a public network server, and sending the user message to the user terminal through the mobile network base station through the HTTP or SSL protocol connection established with the user terminal before.
Specifically, the method comprises the following steps:
1) identifying an HTTP/HTTPS public network access message: the destination address accords with the public network address configuration rule, and the TCP port number accords with the uplink message of the HTTP port list rule or the HTTPS port list rule.
2) Simulating a public network server to receive and transmit HTTP messages: the simulation public network server establishes HTTP connection with the user terminal and receives HTTP protocol messages sent by the user terminal. And sending the user HTTP protocol message received from the HTTP proxy server to the user terminal through the HTTP connection with the user terminal.
3) Simulating a public network server to receive and send SSL messages: the analog public network server establishes SSL connection with the user terminal and receives SSL protocol messages sent by the user terminal. And sending the user SSL protocol message received from the HTTP proxy server to the user terminal through SSL connection with the user terminal.
4) Simulating an HTTP message between the internal host to receive and send the HTTP message and the HTTP proxy server: and simulating internal host behaviors and establishing an HTTP connection with the HTTP proxy server. The received user terminal HTTP protocol message is sent to an HTTP proxy server after URL processing; and receiving the HTTP protocol message returned by the HTTP proxy server.
5) Simulating SSL messages between internal host receiving and sending and HTTP proxy server: simulating internal host behavior, establishing HTTP connection with the HTTP proxy server and requesting the proxy server to establish SSL connection with the public network server by using a CONNECT method. The received SSL protocol message of the user terminal is sent to an HTTP proxy server through HTTP connection with the proxy server; and receiving SSL protocol messages returned by the HTTP proxy server.
Fig. 9 is a schematic diagram of a newly added module provided in an embodiment of the present invention, as shown in fig. 9, including: the system comprises a rule configuration module, a user message agent module, an uplink message processing module and a downlink message processing module.
And the rule configuration module is used for providing public network address rules, an HTTP port list, an HTTPS port list and HTTP proxy server rules. And the public network address rule configures address information, and the addresses access the public network through the HTTP proxy server. In specific implementation, a configuration method similar to an intranet host can be adopted, namely an exception address list is configured, and besides, the exception address list is regarded as a public network address; it is also possible to use display indication methods, i.e. to explicitly indicate which subnets are public network addresses. The HTTP port list configures which TCP ports are HTTP ports. The HTTPS port list configures which TCP ports are HTTPS ports. The HTTP proxy rule configures the HTTP proxy address and port number, allowing multiple HTTP proxy configuration records to be configured for dynamic selection or load sharing.
The uplink message processing module analyzes the S1-U uplink messages of the internal users packet by packet, analyzes the destination address and the TCP port number in the user messages, identifies the uplink public network HTTP/HTTPS messages according to the public network address rule, the HTTP port list rule and the HTTPS port list rule, extracts the user messages (IP messages) and sends the user messages (IP messages) to the user message agent module.
The user message agent module is divided into an HTTP message agent module and an HTTPS message agent module. After receiving the message sent by the uplink message processing module, dynamically creating an HTTP message agent module and an HTTPS message agent module according to the type.
The HTTP message proxy module simulates a public network server to establish HTTP connection with a user terminal, collects the HTTP message of the user terminal, simulates the behavior of an intranet host, establishes HTTP connection with the HTTP proxy server according to proxy rule configuration, and sends the collected HTTP message of the user terminal to the HTTP proxy server after URL processing. And receiving HTTP response messages returned by the HTTP proxy server, simulating the public network server, sending the HTTP response messages to the user terminal through HTTP connection with the user terminal, and sending the messages to the downlink message processing module after the messages are packaged.
The HTTPS message proxy module simulates a public network server to establish SSL connection with a user terminal, receives SSL messages of the user terminal, simulates the behavior of an intranet host, establishes HTTP connection with the HTTP proxy server according to proxy rule configuration, requests the HTTP proxy server to establish SSL connection with the public network server by using a CONNECT method, and sends the received SSL messages of the user terminal to the HTTP proxy server through the HTTP connection with the HTTP proxy server. And receiving SSL messages returned by the HTTP proxy server, simulating the public network server, sending the SSL messages to the user terminal through SSL connection with the user terminal, and sending the messages to the downlink message processing module after the messages are packaged.
The HTTP message agent module and the HTTPS message agent module release when receiving a TCP connection release message of the user terminal and inform the user message agent module.
And the downlink message processing module is used for packaging the user message sent by the user message agent module into an S1-U message and sending the S1-U message to the mobile network base station and the user terminal.
Fig. 10 is a schematic diagram of the newly added module deployment in fig. 9 provided in the embodiment of the present invention, and as shown in fig. 10, the deployment includes two deployment manners: mode 1, deployed with a mobile network base station. The method has the advantages that the method is integrated with the base station of the mobile network, and is convenient to manage; the disadvantage is that the software version of the mobile network base station needs to be upgraded, which is not beneficial to deployment. Mode 2, individual device deployment. The method has the advantages that the method has no influence on the base station of the mobile network and is convenient to deploy; the disadvantage is that a new device is needed.
Fig. 11 is a flowchart of processing an uplink message for accessing an enterprise internal user HTTP public network according to an embodiment of the present invention, where, as shown in fig. 11, S1 is a logical link between a mobile network base station eNB and a core network EPC, an S1-U message refers to a user message on an S1 link, and an IP message of a user terminal, also referred to as a user message, is encapsulated in an S1-U message. In this example, the technical solution of the present invention receives an S1-U uplink message from a mobile network base station eNB, identifies an uplink HTTP public network access message of an internal user, simulates a public proxy server to receive the uplink message, and sends a simulated intranet host to the HTTP proxy server to access the public network after URL processing. The method specifically comprises the following steps:
step 1101: UE sends an air interface message carrying a user message (user HTTP message);
step 1102: the mobile network base station extracts a user message (user HTTP message), packages the user message into S1-U and sends the S1-U;
step 1103: the uplink message processing module analyzes the S1-U uplink message of the internal user packet by packet, analyzes a destination address and a TCP port number in the internal user message, and identifies an uplink HTTP public network message;
step 1104: the uplink message processing module sends a user message (user HTTP message) to the user message agent module;
step 1105: the user message agent module checks whether the HTTP message agent module connected with the user exists or not, and if not, the HTTP message agent module connected with the user is created;
step 1106: the user message agent module transfers the user message to the HTTP message agent module for processing;
step 1107: the HTTP message proxy module simulates a public network server and establishes HTTP connection with the UE;
step 1108: and the HTTP connection between the UE and the HTTP message proxy module is successfully established. The message between the UE and the HTTP message proxy module is sent through the HTTP connection;
step 1109: the HTTP message proxy module initiates the establishment of HTTP connection with an HTTP proxy server;
step 1110: the HTTP message proxy module receives a user HTTP message;
step 1111: and the HTTP message proxy module sends the received user HTTP message to an HTTP proxy server after URL processing.
Fig. 12 is a flowchart of processing an HTTP public network access downlink message for an internal user according to an embodiment of the present invention, and as shown in fig. 12, after receiving an HTTP message returned by an HTTP proxy server, an analog public network server sends the HTTP message to a user terminal through an HTTP connection with a UE, and packages the user message into an S1-U downlink message, which is sent to a mobile network base station. The method specifically comprises the following steps:
step 1201: the HTTP connection between the UE and the HTTP message proxy module is established;
step 1202: the HTTP message proxy module establishes HTTP connection with the HTTP proxy server;
step 1203: the HTTP proxy server sends an HTTP response message to the HTTP message proxy module;
step 1204: the HTTP message proxy module receives HTTP response messages;
step 1205: the HTTP message agent module encapsulates the received HTTP response message into a user message (user IP message) sent to the UE;
step 1206: the HTTP message agent module sends the user message to the downlink processing module;
step 1207: the downlink processing module is packaged into an S1-U downlink message and sent to the mobile network base station;
step 1208: and the mobile network base station extracts the user message and carries the user message to the UE through an air interface message.
Fig. 13 is a flowchart of processing an uplink packet for internal user HTTPS public network access according to an embodiment of the present invention, and as shown in fig. 13, an uplink packet is received from a mobile network base station eNB S1-U, an uplink HTTPS public network packet of an internal user is identified, a public proxy server is simulated for receiving the uplink HTTPS packet, and an intranet host is simulated and sent to an HTTP proxy server to access a public network. The method specifically comprises the following steps:
step 1301: UE sends an air interface message carrying a user message (user SSL message);
step 1302: the mobile network base station extracts user messages (user SSL messages) and packages the user messages into S1-U for sending;
step 1303: the uplink message processing module analyzes the S1-U uplink message of the internal user packet by packet, analyzes a destination address and a TCP port number in the internal user message, and identifies an uplink HTTPS public network message;
step 1304: the uplink message processing module sends a user message (user SSL message) to the user message agent module;
step 1305: the user message agent module checks whether the HTTPS message agent module connected with the user exists or not, and if not, the HTTPS message agent module connected with the user is created;
step 1306: the user message agent module transfers the user message agent module to the HTTPS message agent module for processing;
step 1307: the HTTPS message agent module simulates a public network server and establishes SSL connection with the UE;
step 1308: and the SSL connection between the UE and the HTTPS message agent module is successfully established. The message between the UE and the HTTPS message agent module is sent through the SSL connection;
step 1309: the HTTPS message proxy module initiates the establishment of HTTP connection with an HTTP proxy server and requests the HTTP proxy server to establish SSL connection with a public network server through a CONNECT method;
step 1310: the HTTPS message agent module receives a user SSL message;
step 1311: and the HTTPS message agent module sends the received SSL message of the user to an HTTP agent server.
Fig. 14 is a flowchart of processing an internal user HTTPS public network access downlink packet according to an embodiment of the present invention, and as shown in fig. 14, when receiving an SSL packet returned by an HTTP proxy server, an analog public network server sends the SSL packet to a user terminal through an SSL connection with a UE, and packages the user packet into an S1-U downlink packet, which is sent to a mobile network base station. The method specifically comprises the following steps:
step 1401: SSL connection between the UE and the HTTPS message agent module is established;
step 1402: the HTTP connection between the HTTPS message proxy module and the HTTP proxy server is established;
step 1403: the HTTP proxy server sends SSL messages to an HTTPS message proxy module;
step 1404: the HTTPS message agent module receives the SSL message;
step 1405: the HTTPS message agent module encapsulates the received SSL message into a user message (user IP message) sent to the UE;
step 1406: the HTTPS message agent module sends the user message to the downlink processing module;
step 1407: the downlink processing module is packaged into an S1-U downlink message and sent to the mobile network base station;
step 1408: and the mobile network base station extracts the user message and carries the user message to the UE through an air interface message.
According to the scheme provided by the embodiment of the invention, the mobile terminal of the user in the enterprise network uses the HTTP proxy server of the enterprise network to access the public network service at the mobile network base station side, so that the original leased wired transmission bandwidth of the enterprise network is fully utilized, the cost is saved, and the enterprise network is convenient to control the behavior of the mobile network terminal of the user in the enterprise network to access the public network.
Although the present invention has been described in detail hereinabove, the present invention is not limited thereto, and various modifications can be made by those skilled in the art in light of the principle of the present invention. Thus, modifications made in accordance with the principles of the present invention should be understood to fall within the scope of the present invention.

Claims (12)

1. A method for a user terminal of an enterprise mobile private network to access a public network comprises the following steps:
when an enterprise mobile private network base station side receives an uplink public network message sent by a mobile terminal of an enterprise internal user, determining the message type of the uplink public network message;
the enterprise mobile private network base station side simulates a public network server to establish protocol connection of corresponding message types between the public network server and the mobile terminal of the enterprise internal user according to the determined message type of the uplink public network message, and obtains the uplink protocol message sent by the mobile terminal of the enterprise internal user through the protocol connection;
the base station side of the enterprise mobile private network simulates an intranet host of the enterprise mobile private network to route the uplink protocol message to an HTTP proxy server so that a mobile terminal of a user in the enterprise can access a public network through the HTTP proxy server;
when the enterprise mobile private network base station side receives the downlink protocol message returned by the HTTP proxy server, the simulation public network server sends the downlink protocol message to the mobile terminal of the enterprise internal user through the established protocol connection;
wherein the HTTP refers to hypertext transfer protocol.
2. The method of claim 1, wherein the upstream public network packet includes destination address information for identifying a public network address and TCP port number information for identifying a packet type; the message types comprise an HTTP message type and an HTTPS message type;
wherein, the TCP refers to a transmission control protocol; the HTTPS refers to a hypertext transfer security protocol.
3. The method according to claim 2, wherein when the base station side of the enterprise mobile private network receives an uplink public network message sent by a mobile terminal of an enterprise internal user, the determining of the message type of the uplink public network message comprises:
when an enterprise mobile private network base station side receives an uplink public network message sent by a mobile terminal of an enterprise internal user, analyzing the uplink public network message to obtain a destination address and a TCP port number of the uplink public network message;
the enterprise mobile private network base station side carries out matching processing on the obtained destination address and the TCP port number by utilizing a preset public network address library, an HTTP port list library and an HTTPS port list library;
if the obtained destination address and TCP port number are matched with the public network address library and the HTTP port list library, the enterprise mobile private network base station side determines that the uplink public network message is of an HTTP message type;
and if the obtained destination address and the TCP port number are matched with the public network address library and the HTTPS port list library, the enterprise mobile private network base station side determines that the uplink public network message is of an HTTPS message type.
4. The method according to claim 3, wherein the enterprise mobile private network base station side establishes a protocol connection of a corresponding message type between the enterprise mobile private network base station side and the mobile terminal of the enterprise internal user according to the determined message type of the uplink public network message, and acquiring the uplink protocol message sent by the mobile terminal of the enterprise internal user through the protocol connection comprises:
and when the enterprise mobile private network base station side determines that the uplink public network message is of the HTTP message type, establishing HTTP protocol connection between the uplink public network message and the mobile terminal of the enterprise internal user, and acquiring the uplink HTTP protocol message sent by the mobile terminal of the enterprise internal user through the HTTP protocol connection.
5. The method according to claim 3, wherein the enterprise mobile private network base station side establishes a protocol connection of a corresponding message type between the enterprise mobile private network base station side and the mobile terminal of the enterprise internal user according to the determined message type of the uplink public network message, and acquiring the uplink protocol message sent by the mobile terminal of the enterprise internal user through the protocol connection comprises:
when the enterprise mobile private network base station side determines that the uplink public network message is of an HTTPS message type, establishing SSL protocol connection between the uplink public network message and the mobile terminal of the user in the enterprise, and acquiring the uplink SSL protocol message sent by the mobile terminal of the user in the enterprise through the SSL protocol connection;
wherein the SSL refers to a secure socket layer.
6. The method according to claim 4, wherein the step of sending the downlink protocol message to the mobile terminal of the user in the enterprise through the established protocol connection when the base station side of the enterprise mobile private network receives the downlink protocol message returned by the HTTP proxy server includes:
and when receiving the downlink HTTP protocol message returned by the HTTP proxy server, the enterprise mobile private network base station side encapsulates the downlink HTTP protocol message into a downlink user message for sending to the mobile terminal of the enterprise internal user, and sends the downlink user message to the mobile terminal of the enterprise internal user through the established HTTP protocol connection.
7. The method according to claim 5, wherein the sending, by the base station side of the enterprise mobile private network, the downlink protocol packet to the mobile terminal of the user inside the enterprise through the established protocol connection when receiving the downlink protocol packet returned by the HTTP proxy server, comprises:
and when receiving the downlink SSL protocol message returned by the HTTP proxy server, the enterprise mobile private network base station side encapsulates the downlink SSL protocol message into a downlink user message for sending to the mobile terminal of the enterprise internal user, and sends the downlink user message to the mobile terminal of the enterprise internal user through the established SSL protocol connection.
8. An apparatus for a user terminal of an enterprise mobile private network to access a public network, comprising:
the determining module is used for determining the message type of the uplink public network message when receiving the uplink public network message sent by the mobile terminal of the user in the enterprise;
a protocol connection establishing module for simulating a public network server to establish a protocol connection of a corresponding message type between the public network server and the mobile terminal of the internal enterprise user according to the determined message type of the uplink public network message, and acquiring the uplink protocol message sent by the mobile terminal of the internal enterprise user through the protocol connection;
the sending module is used for simulating the intranet host of the enterprise mobile private network to route the uplink protocol message to the HTTP proxy server so that the mobile terminal of the enterprise internal user can access the public network through the HTTP proxy server, and when receiving the downlink protocol message returned by the HTTP proxy server, the simulated public network server sends the downlink protocol message to the mobile terminal of the enterprise internal user through the established protocol connection;
wherein the HTTP refers to hypertext transfer protocol.
9. The apparatus of claim 8, wherein the upstream public network packet includes destination address information for identifying a public network address and TCP port number information for identifying a packet type; the message types comprise an HTTP message type and an HTTPS message type;
wherein, the TCP refers to a transmission control protocol; the HTTPS refers to a hypertext transfer security protocol.
10. The apparatus of claim 8, the determining module comprising:
the analysis unit is used for analyzing the uplink public network message to obtain a destination address and a TCP port number of the uplink public network message when receiving the uplink public network message sent by a mobile terminal of a user inside an enterprise;
the matching unit is used for matching the obtained destination address and the TCP port number by utilizing a preset public network address library, an HTTP port list library and an HTTPS port list library;
and the determining unit is used for determining that the uplink public network message is of an HTTP message type when the obtained destination address and the obtained TCP port number are matched with the public network address library and the HTTP port list library, and determining that the uplink public network message is of an HTTPS message type when the obtained destination address and the obtained TCP port number are matched with the public network address library and the HTTPS port list library.
11. The apparatus of claim 10, the establish protocol connection module comprising:
and establishing a first protocol connection unit, which is used for establishing HTTP protocol connection between the uplink public network message and the mobile terminal of the user in the enterprise when the uplink public network message is determined to be of the HTTP message type, and acquiring the uplink HTTP protocol message sent by the mobile terminal of the user in the enterprise through the HTTP protocol connection.
12. The apparatus of claim 10, the establish protocol connection module comprising:
establishing a second protocol connection unit, configured to establish, when it is determined that the uplink public network packet is of an HTTPS packet type, an SSL protocol connection between the uplink public network packet and the mobile terminal of the user inside the enterprise, and obtain, via the SSL protocol connection, an uplink SSL protocol packet sent by the mobile terminal of the user inside the enterprise;
wherein the SSL refers to a secure socket layer.
CN201710081308.7A 2017-02-15 2017-02-15 Method and device for accessing public network by user terminal of enterprise mobile private network Active CN108696546B (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN201710081308.7A CN108696546B (en) 2017-02-15 2017-02-15 Method and device for accessing public network by user terminal of enterprise mobile private network
PCT/CN2018/075548 WO2018149342A1 (en) 2017-02-15 2018-02-07 Public network accessing method and device and computer storage medium for user terminal of mobile private network

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710081308.7A CN108696546B (en) 2017-02-15 2017-02-15 Method and device for accessing public network by user terminal of enterprise mobile private network

Publications (2)

Publication Number Publication Date
CN108696546A CN108696546A (en) 2018-10-23
CN108696546B true CN108696546B (en) 2021-08-24

Family

ID=63169126

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710081308.7A Active CN108696546B (en) 2017-02-15 2017-02-15 Method and device for accessing public network by user terminal of enterprise mobile private network

Country Status (2)

Country Link
CN (1) CN108696546B (en)
WO (1) WO2018149342A1 (en)

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109587204B (en) * 2017-09-29 2021-11-02 中兴通讯股份有限公司 Method and device for accessing public network and electronic equipment
CN111405615B (en) * 2020-03-19 2021-10-22 联想(北京)有限公司 Communication data transmission method, device and storage medium
CN113301106A (en) * 2021-03-23 2021-08-24 阿里巴巴新加坡控股有限公司 Operation and maintenance processing system, method and device
CN113364842B (en) * 2021-05-31 2022-12-16 深圳市光网世纪科技有限公司 Network data transmission method
CN113900978B (en) * 2021-10-27 2024-05-10 海光信息技术股份有限公司 Data transmission method, device and chip

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101052022A (en) * 2006-04-05 2007-10-10 华为技术有限公司 System and method for virtual special net user to access public net
CN102835093A (en) * 2010-04-15 2012-12-19 微软公司 Method and system for reliable protocol tunneling over http
KR101472964B1 (en) * 2013-12-11 2014-12-16 콘텔라 주식회사 Security system and security method for enterprise communication service using mobile communication network

Family Cites Families (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6397259B1 (en) * 1998-05-29 2002-05-28 Palm, Inc. Method, system and apparatus for packet minimized communications
US6711678B2 (en) * 2002-04-05 2004-03-23 Expand Beyond Corporation Pre-authenticated communication within a secure computer network
CN100372323C (en) * 2003-06-12 2008-02-27 华为技术有限公司 A method for accessing server group
US8474035B2 (en) * 2010-06-30 2013-06-25 Juniper Networks, Inc. VPN network client for mobile device having dynamically constructed display for native access to web mail
US8819233B2 (en) * 2011-03-11 2014-08-26 Qualcomm Incorporated System and method using a web proxy-server to access a device having an assigned network address
WO2014047168A1 (en) * 2012-09-18 2014-03-27 Citrix Systems, Inc. Mobile device management and security
US8498626B1 (en) * 2012-12-10 2013-07-30 Verizon Patent And Licensing Inc. Service-based access for enterprise private network devices to service provider network services
US9935879B2 (en) * 2012-12-29 2018-04-03 Netronome Systems, Inc. Efficient intercept of connection-based transport layer connections
CN103118147A (en) * 2013-01-24 2013-05-22 中国联合网络通信集团有限公司 Method, equipment and system for accessing intranet server
CN103475699A (en) * 2013-08-27 2013-12-25 北京创毅讯联科技股份有限公司 Enterprise network agent device and method for enterprise network to communicate with public network
CN106302839B (en) * 2015-05-12 2020-06-26 中兴通讯股份有限公司 Internet protocol IP address allocation method and device
CN106101015B (en) * 2016-07-19 2020-08-14 广东药科大学 Mobile internet traffic class marking method and system

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101052022A (en) * 2006-04-05 2007-10-10 华为技术有限公司 System and method for virtual special net user to access public net
CN102835093A (en) * 2010-04-15 2012-12-19 微软公司 Method and system for reliable protocol tunneling over http
KR101472964B1 (en) * 2013-12-11 2014-12-16 콘텔라 주식회사 Security system and security method for enterprise communication service using mobile communication network

Also Published As

Publication number Publication date
WO2018149342A1 (en) 2018-08-23
CN108696546A (en) 2018-10-23

Similar Documents

Publication Publication Date Title
CN108696546B (en) Method and device for accessing public network by user terminal of enterprise mobile private network
EP2764662B1 (en) Test traffic interceptor in a data network
US11233856B2 (en) Selecting an address of a device
CN109587275A (en) A kind of method for building up and proxy server of communication connection
CN113347738B (en) Communication method, communication device, computer readable medium and electronic equipment
EP3520444B1 (en) Enhancement of traffic detection and routing in virtualized environment
CN102118398B (en) Access control method, device and system
US20150181592A1 (en) Telecommunications Networks
CN113347739B (en) Communication method, communication device, computer readable medium and electronic equipment
Balan et al. Multihoming for mobile internet of multimedia things
CN116633934A (en) Load balancing method, device, node and storage medium
CN104488232B (en) Device and method for interconnecting two sub-networks
EP3813481B1 (en) Information transmission methods and system
WO2013189398A2 (en) Application data push method, device, and system
CN114430332B (en) Customer Premises Equipment
WO2015171023A1 (en) Establishing a multipath tcp (mptcp) connection
CN109587204B (en) Method and device for accessing public network and electronic equipment
CN110784391B (en) Method, device, storage medium and terminal for communication between small base station and gateway
US20160156537A1 (en) Method and network monitoring device for estimating web page download time on a user device
CN101437029B (en) Data transmission method, local maintenance terminal, proxy equipment and system
US11057304B1 (en) DNS (domain name server)-based application-aware routing on SD-WAN (software-defined wide access network)
US20080019323A1 (en) Sgsn And Ggsn Integration
US12052219B2 (en) Chassis system management through data paths
CN112738032B (en) Communication system for preventing IP deception
US11811728B1 (en) Broadband network gateway (BNG) as dynamic host configuration protocol (DHCP) server

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant