CN101166084B - Secure method for preventing multicast user from attacking - Google Patents
Secure method for preventing multicast user from attacking Download PDFInfo
- Publication number
- CN101166084B CN101166084B CN2006101499262A CN200610149926A CN101166084B CN 101166084 B CN101166084 B CN 101166084B CN 2006101499262 A CN2006101499262 A CN 2006101499262A CN 200610149926 A CN200610149926 A CN 200610149926A CN 101166084 B CN101166084 B CN 101166084B
- Authority
- CN
- China
- Prior art keywords
- user
- message
- management protocol
- member management
- multicast member
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Images
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
- Computer And Data Communications (AREA)
Abstract
This invention discloses a safety method for preventing attack by multicast users including: after a device for transferring user IGMP messages receives an IGMP message, it does not transfer it immediately but sets a timer and transfers it when time is up, if it receives join of a same group of the user in a period, it leaves the message to take the latest one so as to prevent attack from users effectively and reduce IGMP messages in networks, which is suitable for multicast communication of data.
Description
Technical field
The present invention relates to the cast communication technology, relate in particular to a kind of be used for being implemented on the network and reduce multicast message and handle, prevent the safety method that the multicast user attacks.
Background technology
The professional general network model that adopts as shown in Figure 1 of the group broadcasting video frequency of carrying out on the present data network: network system comprises video service system, IP metropolitan area network, broadband access network and four parts of user network.
Video service system is realized functions such as video user management and video coding, and video traffic is sent into metropolitan area network; The IP metropolitan area network is delivered to broadband access network by the IP multicast functionality with video traffic; Broadband access network realizes that consumer wideband network connection authentication management, video group add/leave controlled function, and the video flowing that the user is required sends to the user; User network comprises CPE (customer premises equipment, CPE), PC, video STB equipment such as (set-top box), the interconnected formation one family of these device interiors local area network (LAN), the user adds if desired or leaves some channels, so just needs to send IGMP (the Internet multicast member management protocol) and adds and leave message.
Broadband access network generally comprises convergence switch and edge device such as DSLAM (Digital Subscriber Line Access Multiplexer).When the user is many, just need convergence switch that the very strong disposal ability to the IGMP message is arranged.Though can adopt IGMP PROXY (agency) function on edge device, when the channel that can select as the user was many, the message of inhibition was limited.
When PC or STB on-demand multicasting program, adopt the mode that IGMP REPORT joins message that sends.IGMP has three versions, is respectively V1, V2, V3, the general at present IGMPV2 that adopts.When the protocol number of IP header is 2, show it is the IGMP message.IGMPV2 message content form is as shown in Figure 2:
Type: expression IGMP type of message.
0x16 member's report message, expression adds a group;
The 0x17 leave message, a group is left in expression;
Whether 0x11 membership query, multicast router are used for inquiring about and have users, and are divided into general polling and ad hoc inquiry.Ad hoc inquiry is whether certain group of inquiry exists the user; General polling is which group of inquiry has the user.
Max Response Time maximum response time, default value is 10 seconds, promptly receive query message after, at this moment between in response send the REPORT message.
Group Address group address is indicated to add or is left or the group address of ad hoc inquiry.
Fig. 3 is the general flow figure of prior art, and this flow chart is applicable to that multicast control point and multicast forwarding point are all in the situation of convergence device.
Step 1: receive the igmp querying message of convergence device, receive that the port of query message is recorded as routed port; If can not receive query message, with regard to routed port of static configuration; Perhaps otherwise set or learn routed port.
Step 2: when the user need add a channel or need leave a channel, perhaps during switching channels, need to send IGMP and add or leave message.
Step 3: after edge device is received the IGMP message, judge whether the IGMP message is correct,, transmit to the routed port of same VLAN (VLAN) if correct.
Step 4: convergence device is received the IGMP message, and judgement is to join message, or leave message; If add, authenticate, whether can add, if can add, judge that whether the user adds, if add, withdraws from; If do not add, form the multicast forward table that has this user; If leave message judges whether this user adds,, withdraw from if do not add; If add, this user of deletion from multicast forward table.
IGMP PROXY agent functionality is, receives joining message of first user in the group, can upwards transmit to join message; Receive the leave message of last user in the group, can upwards transmit leave message.
Promptly work as a user and add a channel, need to send one and join message; When edge device did not play IGMP PROXY, joining message was transparent to convergence switch from edge device; When a user leaves a channel, can send a leave message, leave message is transparent to convergence switch from edge device.This just provides an assailable chance to the user: the user constantly sends the IGMP message, causes IGMP messages a lot of on the multicast network, makes convergence switch CPU very busy.Even played IGMP PROXY, from agent functionality as can be seen, constantly send adding in succession for the user, leave message has a lot of IGMP messages in the same old way on the network.
Summary of the invention
The technical problem to be solved in the present invention is on the basis of existing multicast communication network, and the safety method that provides a kind of multicast user of preventing to attack reduces IGMP message in the network by control, thereby prevents multicast user's attack.
In order to solve above technical problem, technical scheme of the present invention is achieved in that the safety method that prevents that the multicast user from attacking, and comprises step:
1) on the equipment of transmitting user the Internet multicast member management protocol message, timer is set; The cycle of described timer is 20 milliseconds, and its size can be regulated;
Transmit the equipment of user the Internet multicast member management protocol message, recorder to the up-to-date adding of each user in each group, the user the Internet multicast member management protocol message that leaves; Wherein, receive the user the Internet multicast member management protocol message feature of recording user simultaneously; Described user's feature comprises: user's IP address, MAC Address and user place port and VLAN ID;
After writing down described user's feature, transmit the equipment of user the Internet multicast member management protocol message, judged whether the Internet multicast member management protocol listening functions, if risen, judge that received user the Internet multicast member management protocol message joins message or leave message
If join message, judge whether this user adds, if do not add, form software and transmit;
If leave message judges whether this user adds, if add, this user of deletion from software is transmitted;
After forming that software is transmitted or from software is transmitted, deleting this user, if transmit the equipment of user the Internet multicast member management protocol message, in described timer setting-up time, receive phase adding, the leave message on the same group of same subscriber again, then delete old record, write down up-to-date adding, leave message.
2) equipment of forwarding user the Internet multicast member management protocol message sends the up-to-date the Internet multicast member management protocol message of each user in each group that writes down in a period of time.
Wherein, the equipment of described forwarding user the Internet multicast member management protocol message, recorder to the up-to-date adding of each user in each group, the user the Internet multicast member management protocol message that leaves also be specially:
After writing down described user's feature, if transmit the equipment of user the Internet multicast member management protocol message, in described timer setting-up time, receive phase adding, the leave message on the same group of same subscriber again, then delete old record, write down up-to-date adding, leave message;
Delete old record, write down up-to-date adding, leave message after, transmit the equipment of user the Internet multicast member management protocol message, judged whether the Internet multicast member management protocol proxy function, if risen, judge whether to exist multicast authentication,
If there is multicast authentication, the leave message that join message or before added user's the first time in the record group;
If there is no multicast authentication, first user up-to-date joins message or last user's up-to-date leave message in the record group.
Preferably, transmit the equipment of user the Internet multicast member management protocol message, each user's of record up-to-date adding, leave message merged.
Wherein, described step 2) be specially: the timer setting-up time arrives, or each user's who merges up-to-date adding, when leave message reaches maximum transmission unit, transmit the equipment of user the Internet multicast member management protocol message, transmit each user's of this merging up-to-date adding, leave message.
Compared with prior art, the present invention is on the equipment of transmitting user the Internet multicast member management protocol message, by setting timer, postpone to transmit user's adding, leave message, and only transmit the up-to-date the Internet multicast member management protocol message of each user in each group, like this, can significantly reduce the message amount in the network, alleviate the burden of message processor.
Reinstate the function of IGMP SNOOPING, can write software earlier and transmit, after timer time arrives, write hardware forwarding table again, like this, can prevent that the user from constantly sending out adding, leave message, and constantly write driving, thus cause the very slow situation of equipment operation to take place.
Enable IGMP PROXY agent functionality, receive joining message of first user in the group, can upwards transmit and join message; Receive the leave message of last user in the group, can upwards transmit leave message.Like this, also can suppress message to a certain extent.
Adopt to merge the IGMP method of message, can further lower the IGMP message, thereby reduce the IGMP message in the network, can effectively prevent user's attack like this.
Description of drawings
Fig. 1 is the networking structure schematic diagram of group broadcasting video frequency system.
Fig. 2 is the IGMPV2 message format.
Fig. 3 is present general forwarding process.
Fig. 4 is a flow process of the present invention.
Fig. 5 is the form of merging IGMP message of the present invention.
Fig. 6 is one of them User Format of merging IGMP message of the present invention.
Fig. 7 is the part networking structure schematic diagram of group broadcasting video frequency system.
Embodiment
The present invention is described in further detail below in conjunction with accompanying drawing.
As shown in Figure 4, transmit at needs on the equipment of user IGMP message, comprise following feature:
Receive user's IGMP message, do not transmit at once, but postpone to transmit.For this reason, set a timer, be timed to just and transmit; The cycle of timer is 20 milliseconds, and its size can be regulated.
If receive this user's phase adding on the same group again in one-period, leave message is got up-to-date message.For reaching above-mentioned requirements, need note user's feature, comprise user's IP address, MAC Address, and the port at user place and Virtual Local Area Network ID.
Further, judged whether IGMP SNOOPING (intercepting) function, if risen, judgement joins message or leave message, if join message, judges whether this user adds, if do not add, forms software and transmits.If leave message judges whether this user adds, if add, this user of deletion from software is transmitted.Like this, can prevent that the user from constantly sending out adding, leave message, and constantly write driving, thus cause the very slow situation of equipment operation to take place.
If timing cycle does not arrive, and receive same subscriber (IP address, user's MAC address, and the port at user place is identical) phase IGMP message on the same group, type of message can be different, promptly can add or leave, remove original record, write down up-to-date message.Can effectively prevent user's attack like this, reduce the IGMP message in the network.
Further, judged whether IGMP PROXY, if risen, to up-to-date message, judgement joins message or leave message, if join message, judges whether it is that first user in the group adds, if not, remove up-to-date joining message; If leave message judges whether it is that last user leaves in the group, if not, up-to-date leave message removed.Like this, also can suppress message to a certain extent.
If timing cycle arrives, just send the message of noting;
Further, merge user IGMP method of message in order to reach the ability of bigger reduction network IGMP message, to adopt.The form that merges can adopt Fig. 5, method shown in Figure 6.
If timer to or reach maximum transmission unit (MTU), just send the IGMP message that merges.
For reaching the requirement that sends message, receive the query message of IGMP, the place port need be recorded as routed port, needs to write down VLAN ID simultaneously.If perhaps can not receive the igmp querying message, the static routing port need be set, perhaps otherwise be provided with or the study routed port.
The message that merges is transmitted to the routed port of identical VLAN ID.
Further,, judged whether IGMP SNOOPING,, software transmitted write into chip if risen if timing cycle arrives.
Further, if receive query message, when forming routed port, need be merged into the IGMP message to all users' of all groups information.
In order to guarantee that in case the user files an application, just can directly receive data flow from upstream router, thereby guarantee the delay and the switching channels matter of time of IPTV Business Stream, often adopt the method for configuring static multicast, set up SACP to the multicast packet transparent channel between multicast source.
According to part networking schematic diagram shown in Figure 7: three video terminals, its MAC Address is respectively MAC1, MAC2, MAC3, the IP address is respectively IP1, IP2, IP3 is connected on the port one of user's convergence device, 2,3; 4 multicast channels are arranged in the network, be respectively G1, G2, G3, G4; The video terminal user can add different channels.
Transmit on the equipment of IGMP message at needs below, just whether play IGMP SNOOPING, IGMP PROXY gives and explanation respectively.
Do not play IGMP SNOOPING, do not play the situation of IGMP PROXY:
Step 101 is provided with timer, and timer duration is 20 milliseconds, but size can be set.
Whether step 102 has requestor in the network, if do not have, need the configuration routed port.
Step 103, video terminal 1 send IGMP REPORT (IGMP asks to add), request adding group 1.Receive user's message, note user's IP address, MAC Address, user place port, and the group address that adds or leave.
Step 104 if timer time arrives, is transmitted joining message of receiving at once, is sent to routed port;
Step 105, if timer time does not arrive, second video terminal, 2 request adding groups 2 merge to the information of terminal 2 among the new IGMP, same IP2, MAC2 gets from message.
Step 106 if timer time arrives, sends to routed port to the message that merges.
Step 107, if timing is less than, the 3rd video terminal switches to channel 4 from channel 3, can send the leave message of channel 3 and joining message of channel 4, leave message is merged in the new IGMP message with joining message, same IP3, MAC3 gets from message.If timer time arrives, the message that merges is sent to routed port.
Step 108, if timer time does not arrive, and video terminal 1 sends and leaves channel 1 and add channel 1 (can with give out a contract for a project instrument), because terminal 1 begins to have adding channel 1, now receive the message that leaves channel 1 at once, remove original adding, write down up-to-date leave message; Owing to receive the adding of channel 1 again at once, remove leaving just now, write down up-to-date adding.
Step 109, if timer arrives, perhaps the message of He Binging reaches MTU, just is sent to routed port.
If play the situation of IGMP SNOOPING, constantly send out adding in order to prevent the user, leave, and constantly write driving, cause equipment very slow, can write software earlier to transmit, after timer time arrives, write hardware forwarding table again.
Play IGMP SNOOPING, do not play the situation of IGMP PROXY:
Step 201 is provided with timer, and timer duration is 20 milliseconds, but size can be set.
Whether step 202 has requestor in the network, if do not have, need the configuration routed port.
Step 203, video terminal 1 send IGMP REPORT (IGMP asks to add), request adding group 1.Receive user's message, note user's IP address, MAC Address, user place port, and the group address that adds or leave.
Step 204 owing to be to add for the first time, write software and is transmitted.
Step 205 if timer time arrives, is transmitted joining message of receiving at once, is sent to routed port; Software transmitted write driving, form hardware forwarding table.
Step 206, if timer time does not arrive, second video terminal, 2 request adding groups 2 merge to the information of terminal 2 among the new IGMP, same IP2, MAC2 gets from message.Writing the software of channel 2 simultaneously transmits
Step 207 if timer time arrives, sends to routed port to the message that merges.Software transmitted write driving.
Step 208, if timing is less than, the 3rd video terminal switches to channel 4 from channel 3, can send the leave message of channel 3 and joining message of channel 4, leave message is merged in the new IGMP message with joining message, same IP3, MAC3 gets from message.Software is transmitted and is deleted user 3 and increase user 3 from channel 3 in channel 4.If timer time arrives, the message that merges is sent to routed port.Software is transmitted and is write driving: from 3 kinds of deletion users 3 of channel, if be last user in channel 3, delete transmitting of channel 3; Form transmitting of channel 4 simultaneously.
Step 209, if timer time does not arrive, and video terminal 1 sends and leaves channel 1 and add channel 1 (can with give out a contract for a project instrument), because terminal 1 begins to have adding channel 1, now receive the message that leaves channel 1 at once, remove original adding, write down up-to-date leave message; Owing to receive the adding of channel 1 again at once, remove leaving just now, write down up-to-date adding.For this situation, software is not transmitted and is changed.
Step 210, if timer arrives, perhaps the message of He Binging reaches MTU, just is sent to routed port.Do not change because software is transmitted, therefore do not need to write driving.
Do not play IGMP SNOOPING, play the situation of IGMP PROXY:
Step 301 is provided with timer, and timer duration is 20 milliseconds, but size can be set.
Whether step 302 has requestor in the network, if do not have, need the configuration routed port.
Step 303, video terminal 1 send IGMP REPORT (IGMP asks to add), request adding group 1.Receive user's message, note user's IP address, MAC Address, user place port, and the group address that adds or leave.
Step 304 if timer time arrives, judges whether to exist multicast authentication, if there is authentication, judges whether video terminal 1 adds channel 1 for the first time, if, transmit joining message of receiving at once, be sent to routed port; If there is no authentication is judged in the channel 1, and whether video terminal 1 first user, if, transmit joining message of receiving at once, be sent to routed port;
Step 305, if timer time does not arrive, second video terminal 2 request adding group 2.Judge whether to exist multicast authentication,, judge whether video terminal 2 adds channel 2 for the first time if there is authentication; If there is no authentication is judged in the channel 2, and whether video terminal 2 first user.If, the information of terminal 2 is merged among the new IGMP, same IP2, MAC2 gets from message.
Step 306 if timer time arrives, sends to routed port to the message that merges.
Step 307, if timing is less than, the 3rd video terminal switches to channel 4 from channel 3, can send the leave message of channel 3 and joining message of channel 4.Judge whether to exist multicast authentication,, judge whether terminal 3 added channel 3 in the past, if add, leave message merges if there is authentication; Whether same judgement terminal 3 adds channel 4 for the first time, if merge joining message.Same IP3, MAC3 gets from message.If there is no multicast authentication judges that terminal 3 is last user of channel 3, if leave message merges; Judge in the channel 4 that video terminal 3 is first user whether, if merge joining message.Timer time arrives, and the message that merges is sent to routed port.
Step 308, if timer time does not arrive, and video terminal 1 sends and leaves channel 1 and add channel 1 (can with give out a contract for a project instrument), because terminal 1 begins to have and adds channel 1, now receive the message that leaves channel 1 at once, remove original adding, if there is no multicast authentication judges that terminal 1 is last user of channel 1, if, write down up-to-date leave message,, also write down up-to-date leave message if there is multicast authentication; Owing to receive the adding of channel 1 again at once, judge whether to exist multicast authentication, if there is authentication, judge whether video terminal 1 adds channel 1 for the first time, and perhaps if there is no authentication is judged in the channel 1, whether video terminal 1 first user, if, remove leaving just now, write down up-to-date adding.
Step 309, if timer arrives, perhaps the message of He Binging reaches MTU, just is sent to routed port.
Play the situation of IGMP SNOOPING and IGMP PROXY, be equivalent to the merging of above-mentioned two kinds of situations, concrete steps are as follows:
Step 401 is provided with timer, and timer duration is 20 milliseconds, but size can be set.
Whether step 402 has requestor in the network, if do not have, need the configuration routed port.
Step 403, video terminal 1 send IGMP REPORT (IGMP asks to add), request adding group 1.Receive user's message, note user's IP address, MAC Address, user place port, and the group address that adds or leave.
Step 404 owing to be to add for the first time, write software and is transmitted.
Step 405 if timer time arrives, judges whether to exist multicast authentication, if there is authentication, judges whether video terminal 1 adds channel 1 for the first time, if, transmit joining message of receiving at once, be sent to routed port; If there is no authentication is judged in the channel 1, and whether video terminal 1 first user, if, transmit joining message of receiving at once, be sent to routed port; Software transmitted write driving, form hardware forwarding table.
Step 406, if timer time does not arrive, second video terminal 2 request adding group 2 judges whether to exist multicast authentication, if there is authentication, judges whether video terminal 2 adds channel 2 for the first time; If there is no authentication is judged in the channel 2, and whether video terminal 2 first user.If, the information of terminal 2 is merged among the new IGMP, same IP2, MAC2 gets from message.Writing the software of channel 2 simultaneously transmits
Step 407 if timer time arrives, sends to routed port to the message that merges.Software transmitted write driving.
Step 408, if timing is less than, the 3rd video terminal switches to channel 4 from channel 3, can send the leave message of channel 3 and joining message of channel 4.Software is transmitted and is deleted user 3 and increase user 3 from channel 3 in channel 4.Judge whether to exist multicast authentication,, judge whether terminal 3 added channel 3 in the past, if add, leave message merges if there is authentication; Whether same judgement terminal 3 adds channel 4 for the first time, if merge joining message.Same IP3, MAC3 gets from message.If there is no multicast authentication judges that terminal 3 is last user of channel 3, if leave message merges; Judge in the channel 4 that video terminal 3 is first user whether, if merge joining message.
Step 409, timer time arrives, and the message that merges is sent to routed port.Software is transmitted and is write driving: from 3 kinds of deletion users 3 of channel, if be last user in channel 3, delete transmitting of channel 3; Form transmitting of channel 4 simultaneously.
Step 410, if timer time does not arrive, and video terminal 1 sends and leaves channel 1 and add channel 1 (can with give out a contract for a project instrument), because terminal 1 begins to have and adds channel 1, now receives the message that leaves channel 1 at once, removes original adding.If there is no multicast authentication judges that terminal 1 is last user of channel 1, if, write down up-to-date leave message, if there is multicast authentication, also write down up-to-date leave message; Owing to receive the adding of channel 1 again at once, judge whether to exist multicast authentication, if there is authentication, judge whether video terminal 1 is to add channel 1 for the first time, and perhaps if there is no authentication is judged in the channel 1, whether video terminal 1 is first user, if, remove leaving just now, write down up-to-date adding.For this situation, software is not transmitted and is changed.
Step 411, if timer arrives, perhaps the message of He Binging reaches MTU, just is sent to routed port.Do not change because software is transmitted, therefore do not need to write driving.
Claims (4)
1. a safety method that prevents that the multicast user from attacking is characterized in that, comprises step:
1) on the equipment of transmitting user the Internet multicast member management protocol message, timer is set; The cycle of described timer is 20 milliseconds, and its size can be regulated;
Transmit the equipment of user the Internet multicast member management protocol message, recorder to the up-to-date adding of each user in each group, the user the Internet multicast member management protocol message that leaves; Wherein, receive the user the Internet multicast member management protocol message feature of recording user simultaneously; Described user's feature comprises: user's IP address, MAC Address and user place port and VLAN ID;
After writing down described user's feature, transmit the equipment of user the Internet multicast member management protocol message, judged whether the Internet multicast member management protocol listening functions, if risen, judge that received user the Internet multicast member management protocol message joins message or leave message
If join message, judge whether this user adds, if do not add, form software and transmit;
If leave message judges whether this user adds, if add, this user of deletion from software is transmitted;
After forming that software is transmitted or from software is transmitted, deleting this user, if transmit the equipment of user the Internet multicast member management protocol message, in described timer setting-up time, receive phase adding, the leave message on the same group of same subscriber again, then delete old record, write down up-to-date adding, leave message.
2) equipment of forwarding user the Internet multicast member management protocol message sends the up-to-date the Internet multicast member management protocol message of each user in each group that writes down in a period of time.
2. the safety method that the multicast user of preventing according to claim 1 attacks, it is characterized in that, the equipment of described forwarding user the Internet multicast member management protocol message, recorder to the up-to-date adding of each user in each group, the user the Internet multicast member management protocol message that leaves be specially:
After writing down described user's feature, if transmit the equipment of user the Internet multicast member management protocol message, in described timer setting-up time, receive phase adding, the leave message on the same group of same subscriber again, then delete old record, write down up-to-date adding, leave message;
Delete old record, write down up-to-date adding, leave message after, transmit the equipment of user the Internet multicast member management protocol message, judged whether the Internet multicast member management protocol proxy function, if risen, judge whether to exist multicast authentication,
If there is multicast authentication, the leave message that join message or before added user's the first time in the record group;
If there is no multicast authentication, first user up-to-date joins message or last user's up-to-date leave message in the record group.
3. the safety method that the multicast user of preventing according to claim 1 and 2 attacks is characterized in that: transmit the equipment of user the Internet multicast member management protocol message, each user's of record up-to-date adding, leave message merged.
4. the safety method that the multicast user of preventing according to claim 3 attacks, it is characterized in that: described step 2) be specially: the timer setting-up time arrives, or each user's who merges up-to-date adding, when leave message reaches maximum transmission unit, transmit the equipment of user the Internet multicast member management protocol message, transmit each user's of this merging up-to-date adding, leave message.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2006101499262A CN101166084B (en) | 2006-10-17 | 2006-10-17 | Secure method for preventing multicast user from attacking |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2006101499262A CN101166084B (en) | 2006-10-17 | 2006-10-17 | Secure method for preventing multicast user from attacking |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101166084A CN101166084A (en) | 2008-04-23 |
| CN101166084B true CN101166084B (en) | 2010-09-29 |
Family
ID=39334593
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2006101499262A Expired - Fee Related CN101166084B (en) | 2006-10-17 | 2006-10-17 | Secure method for preventing multicast user from attacking |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101166084B (en) |
Families Citing this family (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102195889B (en) * | 2011-06-02 | 2014-09-17 | 杭州华三通信技术有限公司 | Method and equipment for relieving Internet group management protocol (IGMP) message processing stress |
| CN102546666B (en) * | 2012-02-28 | 2016-04-27 | 神州数码网络(北京)有限公司 | The method preventing IGMP from cheating and to attack and device |
| CN104853259B (en) * | 2015-06-03 | 2017-10-13 | 上海斐讯数据通信技术有限公司 | A kind of message processing method and system based on IGMP |
| CN105791009A (en) * | 2016-03-02 | 2016-07-20 | 上海斐讯数据通信技术有限公司 | Method and system for collecting user internet-surfing behavior based on SDN (Software Defined Network) |
| CN106911590B (en) * | 2017-03-15 | 2020-04-14 | 迈普通信技术股份有限公司 | Message processing method and device and distributed equipment |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1744570A (en) * | 2005-08-25 | 2006-03-08 | 广东省电信有限公司研究院 | Method for realizing efficient video multicasting in ethernet passive optical entwork system |
| CN1798024A (en) * | 2004-12-20 | 2006-07-05 | 上海贝尔阿尔卡特股份有限公司 | Method and device for implementing multicast authentication and fee charging |
| CN1801711A (en) * | 2006-01-18 | 2006-07-12 | 杭州华为三康技术有限公司 | Multicast group member identification method and apparatus |
-
2006
- 2006-10-17 CN CN2006101499262A patent/CN101166084B/en not_active Expired - Fee Related
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1798024A (en) * | 2004-12-20 | 2006-07-05 | 上海贝尔阿尔卡特股份有限公司 | Method and device for implementing multicast authentication and fee charging |
| CN1744570A (en) * | 2005-08-25 | 2006-03-08 | 广东省电信有限公司研究院 | Method for realizing efficient video multicasting in ethernet passive optical entwork system |
| CN1801711A (en) * | 2006-01-18 | 2006-07-12 | 杭州华为三康技术有限公司 | Multicast group member identification method and apparatus |
Non-Patent Citations (2)
| Title |
|---|
| W.Fenner.RFC2236-internet Group Management Protocol,Version 2.ietf.org.1997,正文第3页第7行至第5页最后1行. * |
| 黄胤科.组播技术在IPTV直播业务中的应用.现代计算机.2006,正文第44页左栏第9行至第45页右栏第17行. * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN101166084A (en) | 2008-04-23 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9426093B2 (en) | Multicast interworking systems and methods | |
| US6937608B1 (en) | Data link layer switch with multicast capability | |
| US7623536B2 (en) | Network relaying method and device | |
| WO2005119968A1 (en) | A method for transmitting the policy information between the network devices | |
| CN101258414A (en) | Enhanced multicast VLAN registration | |
| CN102447565B (en) | A kind of method and system realizing multicast control at broadband access network | |
| WO2007059679A1 (en) | A method for processing the abnormal multicast service and a network equipment thereof | |
| EP2461584A1 (en) | Method and system for reducing time delay of internet protocol television (iptv) channel switching | |
| CN101207473A (en) | Method for multicast implementation of switch-in layer network in IPTV system | |
| WO2009082905A1 (en) | Method, system and switch device for dynamically establishing multicast virtual local area network | |
| CN101166084B (en) | Secure method for preventing multicast user from attacking | |
| WO2000062492A1 (en) | Multicast extension to data link layer protocols | |
| US8238337B1 (en) | Hybrid multicast switch employing network-layer routing | |
| CN101197821B (en) | Method for implementing access network multicast in IPTV system | |
| CN102347906B (en) | Multi-cast method and multi-cast network system | |
| EP1863219B1 (en) | Method and system for processing abnormally becoming power off of a terminal of multicast user | |
| CN1852080B (en) | Method for treating abnormal multicast business | |
| CN100502346C (en) | Method for realizing group broadcast channel quick switching | |
| CN101163002B (en) | Highly effective multicast authenticating method | |
| CN101170489A (en) | IGMP message transmission system | |
| US20030035378A1 (en) | Method and apparatus for managing multicast data on an IP subnet | |
| CN101409704A (en) | Method and apparatus for processing multicast member management protocol | |
| CN101170490B (en) | Igmp message transmission method | |
| WO2008040191A1 (en) | Method, system and device for distrubuting and receiving the multicast data in the media gateway | |
| CN100452867C (en) | Method of smooth switching IPTV band |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20100929 Termination date: 20171017 |