Nginx upstream agent service system and implementation method thereof

A proxy service, upstream technology, applied in the field of network security, can solve the problem of socket communication, data plane Nginx unable to communicate, affecting efficiency and processing dependence on kernel scheduling, etc., to achieve the effect of improving data forwarding efficiency

Active Publication Date: 2017-05-31
BEIJING TOPSEC NETWORK SECURITY TECH +2
View PDF4 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0006] 1. Upstream and downstream message system protocol stack processing will have performance impact on message forwarding
[0007] 2. In some cases due to technical limitations, Nginx on the data plane cannot communicate with the management plane based on the AF_INET domain socket
[0008] 3. Upstream and downstream packets need to be copied and transmitted by the kernel. Multiple copies affect efficiency and processing depends on kernel scheduling, making it difficult to control application filtering
[0009] 4. In some cases due to technical limitations, Nginx on the data plane cannot communicate with the management plane based on AF_LOCAL / AF_UNIX domain sockets

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Nginx upstream agent service system and implementation method thereof
  • Nginx upstream agent service system and implementation method thereof

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0021] In order to solve the problems in the prior art, the present invention provides an Nginx upstream proxy service system and implementation method. The present invention will be further described in detail below in conjunction with the accompanying drawings and embodiments. It should be understood that the specific embodiments described here are only used to explain the present invention, not to limit the present invention.

[0022] like figure 1 Shown, a kind of Nginx upstream proxy service system implementation method in the embodiment of the present invention, described proxy service system comprises management plane proxy service module and data plane Nginx module, and described method comprises:

[0023] Set up shared memory to described management plane proxy service module and described data plane Nginx module;

[0024] The shared memory is used as a bearer channel for TCP connection load data; the TCP connection load data includes user HTTP request data and upstr...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an Nginx upstream agent service system and an implementation method thereof. The agent service system comprises a management surface agent service module and a data surface Nginx module. The method includes: establishing a shared memory for the management surface agent service module and a data surface Nginx module; taking the shared memory as a bearing channel of TPC (terminal control protocol) connection load data; wherein the TCP connection load data includes HTTP (hyper text transport protocol) request data and HTTP response data of an upstream server. By the arrangement that the shared memory is taken as the bearing channel of the TCP connection load data, data forwarding efficiency of the agent system is effectively improved.

Description

technical field [0001] The invention relates to the field of network security, in particular to an Nginx upstream proxy service system and an implementation method. Background technique [0002] Network security devices in the multi-core era generally distinguish between the management plane and the data plane. The management plane is provided for network managers to use Telnet, Web, SSH, SNMP, etc. to manage devices. The basic task of the data plane is to process and forward various Types of data, such as the specific execution process of various functions such as L2 / L3 / ACL / Qos / multicast / security protection, all belong to the task category of the data forwarding plane. [0003] Nginx ("engine x") is a high-performance HTTP and reverse proxy server, as well as an IMAP / POP3 / SMTP proxy server. Nginx uses the epoll asynchronous non-blocking model on Linux to efficiently process TCP requests, and is the first choice for proxy forwarding of HTTP requests on the data plane. [0...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L29/08
CPCH04L69/163H04L67/56
Inventor 郭春碌费恩达
Owner BEIJING TOPSEC NETWORK SECURITY TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap