CN105847056B - The transmission method and system of two-way converting detection control message - Google Patents
The transmission method and system of two-way converting detection control message Download PDFInfo
- Publication number
- CN105847056B CN105847056B CN201610178159.1A CN201610178159A CN105847056B CN 105847056 B CN105847056 B CN 105847056B CN 201610178159 A CN201610178159 A CN 201610178159A CN 105847056 B CN105847056 B CN 105847056B
- Authority
- CN
- China
- Prior art keywords
- bfd
- auth type
- session
- control message
- type
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/06—Management of faults, events, alarms or notifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer And Data Communications (AREA)
Abstract
The embodiment of the invention discloses the transmission methods and system of a kind of BFD control message, this method comprises: the first system establishes the BFD session between the first system and second system, the second system is the far end system of the first system, and the auth type of the BFD session includes the first auth type;The second auth type is added in the session parameter for the BFD session that the first system saves;When the timer expiry of the first system, the 2nd BFD for sending the first BFD control message for carrying first auth type to the second system and carrying second auth type controls message, and the first BFD control message and the 2nd BFD control message are received in the same detection cycle of the second system by the second system.In above scheme, when the first system is asynchronous with the modification time for the auth type that second system is supported respectively, it can avoid making erroneous judgement to the state of communication link.
Description
Technical field
The present invention relates to fields of communication technology more particularly to two-way converting to detect (Bidirectional Forwarding
Detection, BFD) control message transmission method and system.
Background technique
BFD agreement can be quickly detected the failure of a pair of of LA Management Room.The network equipment can be according to testing result by stream
Amount switches to backup link from active link, to improve the availability of network.The network equipment 1 and the network equipment 2 can pass through association
Quotient establishes the BFD session that auth type is auth type 1.That is, the BFD session between the network equipment 1 and the network equipment 2
When establishing, the network equipment 1 and the network equipment 2 all support auth type 1.After BFD session establishment, it may be necessary to by the network equipment 1
The auth type of support is revised as auth type 2 from auth type 1, and, the auth type that the network equipment 2 is supported is from certification
Class1 is revised as auth type 2.The network equipment 1 modifies the time of auth type and the time of the modification auth type of the network equipment 2
It is possible that asynchronous.If the network equipment 1 completes auth type modification, and the network equipment 2 does not complete auth type modification, then network
Equipment 1 sends the BFD control message for carrying auth type 2 to the network equipment 2, and the network equipment 2 receives the transmission of the network equipment 1
After the BFD control message for carrying auth type 2, the BFD control message for carrying auth type 2 can not be authenticated.This feelings
Under condition, the network equipment 2 will be considered that the communication link between the network equipment 1 and the network equipment 2 breaks down.And actually network is set
Communication link between standby 1 and the network equipment 2 does not break down.In above-mentioned technical proposal, BFD mechanism to the network equipment it
Between the state of communication link be made that erroneous judgement.The erroneous judgement, which is possible to will lead to flow, is switched to backup link from active link,
It is interrupted during switching so as to cause flow.
Summary of the invention
The embodiment of the invention discloses the transmission methods and system of a kind of BFD control message, help avoid to communication chain
The state on road makes erroneous judgement.
First aspect of the embodiment of the present invention discloses a kind of transmission method of BFD control message, comprising: the first system is established
The BFD session between the first system and second system, the second system are the distal ends of the first system
System, the auth type of the BFD session may include the first auth type;After the first system establishes the BFD session,
The second auth type is added in the session parameter for the BFD session that the first system saves;The first system adds institute
After stating the second auth type, when the timer expiry of the first system, Xiang Suoshu second system, which is sent, to be carried described first and recognizes
The first BFD control message for demonstrate,proving type and the 2nd BFD for carrying second auth type control message, the first BFD control
Message processed and the 2nd BFD control message are received in the same detection cycle of the second system by the second system
It arrives.By the above-mentioned means, second system can authenticate wherein at least one BFD control message, so that two end systems can be not
During carrying out auth type modification simultaneously, it still is able to carry out link failure detection by the BFD session of above-mentioned foundation.
For example, the second system is in the same detection cycle in the session parameter of the BFD session
Save first auth type.That is, first auth type is in the same detection cycle to described
Two system is effective.The second system can be to the BFD of carrying first auth type from the first system
Control message is authenticated.
Alternatively, the session parameter for the BFD session that the second system saves in the same detection cycle by
First auth type is changed to second auth type.That is, auth type is before changing, the first certification class
Type is effective to the second system in the same detection cycle.The second system can be to from described first
The BFD control message of carrying first auth type of system is authenticated.After auth type change, the second certification class
Type is effective to the second system in the same detection cycle.The second system can be to from described first
The BFD control message of carrying second auth type of system is authenticated.
With reference to first aspect, in the first possible implementation, if the method may also include that the first system
Determine that since the first system be not received by the time cycle adding second auth type from described second
The BFD of carrying second auth type of system controls message, then the session shape for the BFD session safeguarded the first system
State is revised as malfunction, and then can influence the session status of the BFD session of second system maintenance, to avoid the first system
Dateless waiting second system of uniting carries out authenticated configuration.
The possible implementation of with reference to first aspect the first, in second of possible implementation of first aspect
In, the first system determines that since the first system do not receive in the time cycle adding second auth type
To the concrete mode of the BFD control message of carrying second auth type from the second system can include: described the
One system determines that the first system receives the 3rd BFD control message from the second system within the time cycle
In without carrying second auth type;Further, it can determine and not have in the 3rd BFD control message in the following manner
Have and carry second auth type:
The first system determine the key identification in the 3rd BFD control message whether the guarantor with the first system
The cipher key match in key set deposited, if mismatching, it may be determined that the first system is received within the time cycle and come from
The 3rd BFD control message of the second system does not carry second auth type and does not carry the second certification class
Type, if matching, the first system determines that identifying algorithm, the first system are determined based on described based on second auth type
The authentication material one whether authentication material that the key matched and the identifying algorithm generate carries with the 3rd BFD control message
It causes;If inconsistent, the first system is determined in the 3rd BFD control message without carrying second auth type.
Second of possible implementation with reference to first aspect, in first aspect in the third possible implementation, if
Cipher key match in the key identification and the key set, then the first system is recognized based on second auth type determination
Demonstrate,prove the mode of algorithm can include: if the cipher key match in the key identification and the key set, and the 3rd BFD is controlled
The auth type that message carries is consistent with second auth type, then it is true to be based on second auth type for the first system
The fixed identifying algorithm.
With reference to first aspect, in the 4th kind of possible implementation of first aspect, if the method may also include that it is described
The first system determines that since the first system receive described in carrying in the time cycle adding second auth type
The BFD of second auth type controls message, then the first system deletes the BFD session saved in the first system
First auth type in session parameter.
With reference to first aspect or first aspect the first to the 4th kind of any possible implementation, in first aspect
In five kinds of possible implementations, the method may also include that the session ginseng of the BFD session saved in the first system
After adding the second auth type in number, the first system sends configuration-direct to third system, and the third system is described
The standby system of the first system, the session parameter for the BFD session that the configuration-direct is used to save to the third system
Middle addition second auth type, the third system is used to break down when the first system, instead of first system
System maintains the BFD session.So as to the session parameter of the standby system for the first system that guarantees to timely update, to guarantee first
The session status of the BFD session of system and second system is after malfunction, third system can be joined by updated session
Number, establishes normal BFD session with second system.
4th kind of possible implementation with reference to first aspect, in the 6th kind of possible implementation of first aspect,
The first system deletes first auth type in the session parameter for the BFD session that the first system saves
Afterwards, the method may also include that the first system sends to delete to the standby system of the first system and instruct, the deletion
Instruct first auth type in the session parameter for deleting the BFD session saved in the third system.From
And the session parameter of the standby system for the first system that can guarantee to timely update, to guarantee the BFD of the first system and second system
The session status of session is after malfunction, third system can be established just by updated session parameter with second system
Normal BFD session.
Second aspect of the embodiment of the present invention discloses a kind of transmission method of BFD control message, comprising: second system is established
BFD session between the first system and the second system, the auth type of the BFD session include the first auth type;Institute
It states second system and receives the carrying from the first system described first in the same detection cycle of the second system and recognize
The first BFD control message for demonstrate,proving type and the 2nd BFD for carrying the second auth type control message.
In conjunction with second aspect, in the first possible implementation of the second aspect, the method may also include that described
It does not include described when second system establishes the BFD session, in the session parameter for the BFD session that the second system saves
Second auth type;The second system is established after the BFD session and the second system receives the 2nd BFD
Before controlling message, second auth type is not added to the session ginseng for the BFD session that the second system saves
In number;
After the method may also include that the second system receives the first BFD control message, the second system
By resetting timer, to next detection cycle timing;The second system receives the 2nd BFD control message
Afterwards, it abandons the 2nd BFD and controls message.
In conjunction with second aspect, in a second possible implementation of the second aspect, the method may also include that described
Before second system is established after the BFD session and the second system receives the 2nd BFD control message, the side
Method further include: add second auth type in the session parameter for the BFD session that the second system saves;It is described
After second system receives the 2nd BFD control message, the session ginseng for the BFD session that the second system saves is deleted
First auth type in number.
In conjunction with second of possible implementation of second aspect, in the third possible implementation of second aspect
In, after the second system adds second auth type, and, the second system receives the 2nd BFD control
Before message, the method also includes: the second systems to send to the first system and carries the of first auth type
Four BFD control message and carry the 5th BFD control message of second auth type;The second system receives described
After two BFD control message, the method also includes: the second system sends to the first system and carries second certification
6th BFD of type controls message.
The third aspect, the embodiment of the invention discloses a kind of the first system, the first system is contained for executing the
The unit of method in one side.
Fourth aspect, the embodiment of the invention discloses a kind of second system, the second system is contained for executing the
The unit of method in two aspects.
5th aspect, the embodiment of the invention discloses a kind of the first system, the second system may include processor, processing
Device is configured as that the first system is supported to execute corresponding function in the method that first aspect provides.The first system may be used also
To include memory, memory with processor for coupling, the computer for the method that preservation provides for realizing first aspect
Program.The first system can also include communication interface, for the first system and other systems or communication.
6th aspect, the embodiment of the invention discloses a kind of second system, the second system may include processor, processing
Device is configured as that the second system is supported to execute corresponding function in the method that second aspect provides.The second system may be used also
To include memory, memory with processor for coupling, the computer for the method that preservation provides for realizing second aspect
Program.The second system can also include communication interface, for the second system and other communication systems or communication network
Communication.
7th aspect, the embodiment of the present invention disclose a kind of computer storage medium, mention for being stored as above-mentioned 5th aspect
Computer software instructions used in the first system of confession, it includes for executing computer journey involved in method in first aspect
Sequence.
Eighth aspect, the embodiment of the present invention disclose a kind of computer storage medium, mention for being stored as above-mentioned 6th aspect
Computer software instructions used in the second system of confession, it includes for executing computer journey involved in method in second aspect
Sequence.
In the embodiment of the present invention, the first system and second system establish the BFD meeting that auth type includes the first auth type
Words.After the first system adds the second auth type, the first BFD control of the first auth type is carried by sending to second system
Message processed and the 2nd BFD for carrying the second auth type control message.Second system receives this in same detection cycle and takes
The first BFD control message with the first auth type and the 2nd BFD for carrying the second auth type control message.If the second system
When system receives BFD control message, the auth type that second system is supported is there is no modification, then second system can be to first
BFD control message is authenticated.If second system receive BFD control message, second system support auth type from
First auth type is revised as the second auth type, then second system can control message to the 2nd BFD and authenticate.Namely
It says, after the auth type that the first system is supported is revised as the first auth type and the second auth type from the first auth type,
No matter whether the auth type that second system is supported is modified, and second system can control message to BFD and authenticate.Into
And it avoids second system and is mistakenly considered between the first system and second system due to that can not be authenticated to BFD control message
Communication link break down.Therefore, above scheme helps to solve time and the second system of second system modification auth type
System modifies the Time Inconsistency of auth type and leads to the technical issues of making erroneous judgement to the state of communication link.In turn, it helps
In avoiding flow from interrupting.
Detailed description of the invention
It in order to more clearly explain the embodiment of the invention or the technical proposal in the existing technology, below will be to institute in embodiment
Attached drawing to be used is needed to be briefly described, it should be apparent that, the accompanying drawings in the following description is only some implementations of the invention
Example, for those of ordinary skill in the art, without creative efforts, can also obtain according to these attached drawings
Obtain other attached drawings.
Fig. 1 is a kind of structural schematic diagram of BFD system disclosed by the embodiments of the present invention;
Fig. 2 is the structural schematic diagram of another kind BFD system disclosed by the embodiments of the present invention;
Fig. 3 is that second system passes in the first system and the second network equipment B in a kind of first network equipment A in the prior art
The interaction time diagram of defeated BFD control message;
Fig. 4 is second system in the first system and the second network equipment B in another first network equipment A in the prior art
Transmit the interaction time diagram of BFD control message;
Fig. 5 is a kind of flow diagram of the transmission method of BFD control message disclosed by the embodiments of the present invention;
Fig. 6 is the flow diagram of the transmission method of another kind BFD control message disclosed by the embodiments of the present invention;
Fig. 7 is the flow diagram of the transmission method of another BFD control message disclosed by the embodiments of the present invention;
When Fig. 8 is the interaction that a kind of the first system disclosed by the embodiments of the present invention and second system transmit BFD control message
Sequence schematic diagram;
Fig. 9 is a kind of structural schematic diagram of the first system disclosed by the embodiments of the present invention;
Figure 10 is a kind of structural schematic diagram of second system disclosed by the embodiments of the present invention;
Figure 11 is a kind of structural schematic diagram of third system disclosed by the embodiments of the present invention;
Figure 12 is a kind of structural schematic diagram of the first system disclosed by the embodiments of the present invention;
Figure 13 is a kind of structural schematic diagram of second system disclosed by the embodiments of the present invention;
Figure 14 is a kind of structural schematic diagram of third system disclosed by the embodiments of the present invention.
Specific embodiment
Following will be combined with the drawings in the embodiments of the present invention, and technical solution in the embodiment of the present invention is described.
The embodiment of the invention discloses the transmission methods and system of a kind of BFD control message, can establish BFD session
During the network equipment carries out auth type modification, guarantee to carry out link failure detection by the BFD session of above-mentioned foundation, and
And it avoids the BFD mechanism during modification of this auth type and erroneous judgement is made to the state of communication link, and then avoid stream
Measure disruption.Embodiment in order to better understand the present invention is below first described the application scenarios of the embodiment of the present invention.
It is a kind of structural schematic diagram of BFD system disclosed by the embodiments of the present invention referring to Fig. 1, Fig. 1.As shown in Figure 1, should
BFD system includes first network equipment A and the second network equipment B.First network equipment A and the second network equipment B can be
The equipment that can support BFD agreement.For example, first network equipment A and the second network equipment B can be router, base station or
Core multi-layer switches.First network equipment may include the first system, and second network equipment may include second system.The first system
It can be applied to the forwarding engine in the network equipment with second system, can also be applied to the control engine in the network equipment.First net
Multiple systems may be present in network and second network equipment.When first network equipment A and the second network equipment B establish BFD session,
The first system and second system can pass through the control engine in first network equipment A and the control in the second network equipment B respectively
Engine establishes BFD session.In turn, link, the interface, data connection between first network equipment A and the second network equipment B are detected
Or the failure of control engine itself.Certainly, between first network equipment and second network equipment or the first system and second system
Between can establish multiple BFD sessions.The embodiment of the present invention is carried out so that the first system establishes a BFD session with second system as an example
Explanation.BFD system described in the embodiment of the present invention is using first network equipment A shown in Fig. 1 as base station, the second network equipment B
It is illustrated for router.
Referring to fig. 2, Fig. 2 is the structural schematic diagram of another BFD system disclosed by the embodiments of the present invention.As shown in Fig. 2, should
BFD system may include first network equipment A, the second network equipment B and third network equipment C.Wherein, third network equipment C is
The alternate device of first network equipment A.Third system in third network equipment C can be used as first in first network equipment A
The standby system of system.As shown in Fig. 2, the second network equipment B is base station, first network equipment A and third network equipment C are road
By device.First network equipment A and the second network equipment B maintains BFD session.If controlling packet check between A and B by BFD
Link break down, then can active link be switched to the backup link between C and B between A and B by flow.In addition, the
Three network equipment C can adapter tube first network equipment A role.Specifically, third network equipment C replaces first network equipment
A maintains BFD session.
Fig. 3 and the technical solution of BFD auth type shown in Fig. 4 modification can be applicable to application scenarios shown in fig. 1 or fig. 2
In.It is the second system in the first system and the second network equipment B in a kind of first network equipment A in the prior art referring to Fig. 3, Fig. 3
The interaction time diagram of system transmission BFD control message.As shown in figure 3, in the carry out BFD session of the first system and second system
The time of auth type modification is not identical.If carrying out auth type in detection cycle of the second system not in the first system to repair
Change and feed back the BFD control message for carrying modified auth type, then will lead to the first system will establish with second system
The session status of BFD session be revised as DOWN state.BFD mechanism is made that the state of the communication link between the network equipment
Erroneous judgement.The erroneous judgement, which is possible to will lead to flow, is switched to backup communication link from primary communication link, and then flow is caused to cut
There may be interruptions during changing, and affect the transmission of network flow.
Referring to fig. 4, Fig. 4 is in the prior art in another first network equipment A in the first system and the second network equipment B
Second system transmits the interaction time diagram of BFD control message.As shown in figure 4, the BFD session of Configuration network equipment can be passed through
State is AdminDown state, that is, cancels the function that link detecting is carried out by BFD, when one-port equipment is completed newly
After authenticated configuration, then terminate AdminDown state, and then restores BFD detection function.To two network equipments shake hands again it is extensive
Multiple BFD session is to continue to test the link failure between two network equipments by new auth type.However, both ends are carrying out
When asynchronous auth type is modified, the communication link between the network equipment is kept not interrupt although meeting, by configuring net
The BFD session status of network equipment be AdminDown condition mode, will during session status maintains AdminDown state nothing
Method finds the link failure between the network equipment.
In application scenarios shown in fig. 1 or fig. 2, for the defects of Fig. 3 or transmission process shown in Fig. 4, refer to
Method shown in Fig. 5, Fig. 5 are a kind of flow diagrams of the transmission method of BFD control message disclosed by the embodiments of the present invention.Such as figure
Shown in 5, the second system in the first system and the second network equipment B in first network equipment A passes through mutually transmission BFD control
Message carries out link failure detection, if the session status that both ends can mutually transmit BFD control message is UP (keep-alive) state,
Show that the link between both ends is normal, it, can when the auth type of user's needs modification BFD control message in BFD conversation procedure
Referring to step shown in Fig. 5.Specifically, this method may include following steps.
Step S501, the BFD session between the first system and second system foundation, the second system is first system
The far end system of system, the auth type of the BFD session include the first auth type.
In one embodiment, the first system can establish the BFD session between the first system and second system.Wherein,
Two system can be the far end system (remote system) of the first system.It is taken specifically, the first system can be sent to second system
BFD with DOWN state controls message.When the first system receives the control message of the carrying DOWN state of second system feedback
Afterwards, the control message for carrying INIT state can be sent to second system.In turn, when the first system sends above-mentioned take to second system
After control message with INIT state, after the control message for carrying UP state or INIT state for receiving second system feedback,
The control message for carrying UP state can be sent to second system.So far, the first system and second system establish BFD session.BFD
After session establishment, the first system can interact BFD control message with second system.
It is established in BFD conversation procedure in the first system and second system, interactive BFD control message carries in the process
Negotiation information, for the negotiation information for negotiating the first system and after second system establishes BFD session, BFD controls the transmission of message
Rule.The first system saves the session parameter of the BFD session.Second system also saves the session parameter of the BFD session.Wherein,
The session parameter for the BFD session that the first system is saved may include that the first system and second system pass through above-mentioned BFD control message
The session parameter that the negotiation information of carrying is held consultation such as sends interval or receives interval.It also is included in the first system and sets
The session parameter determined based on above-mentioned negotiation parameter set, such as detection cycle.Similarly, the BFD session that second system is saved
Session parameter may also comprise above-mentioned two parts content.Certainly, if the BFD of the first system and second system control message is being established
Parameters for authentication is carried in BFD conversation procedure, includes that BFD is controlled in the session parameter saved in the first system and second system
The auth type of message, the auth type are the first auth type.First auth type is the described of the first system preservation
Old auth type in the session parameter of BFD session.It should be noted that transmitting BFD control between the first system and second system
The direction of message processed is two-way.It is relatively independent that the first system, which sends BFD control message with the process for receiving BFD control message,
, second system is similarly such.
Step S502, after the first system establishes the BFD session, in the BFD meeting that the first system saves
The second auth type is added in the session parameter of words.
In one embodiment, it after the first system establishes the BFD session between second system, can be protected in the first system
The second auth type is added in the session parameter for the BFD session deposited.Wherein, which is what the first system saved
New auth type in the session parameter of the BFD session.The first system can be by receiving the configuration-direct of user described the
The second auth type is added in the session parameter of the BFD session of one system.Wherein, the first system can be established in the first system
Configuration-direct is received with before the BFD session of second system, can also be received after the BFD session that the first system is established with second system
Configuration-direct.Specifically, new auth type information and old auth type information can be identified in session parameter.Do not joining in session
Before adding the second auth type in number, new auth type information may be configured as the first auth type, settable in old authenticated configuration
Null value (NULL).The mode for showing current BFD session is only one kind, i.e. the first auth type.Recognize in session parameter addition second
After demonstrate,proving type, new auth type information may be configured as the second auth type, and old auth type information may be configured as the first certification class
Type.
It should be noted that auth type may include simple password (Simple Password), Keyed MD5,
A variety of auth types such as Meticulous Keyed MD5, Keyed SHA1, Meticulous Keyed SHA1, respectively authenticate class
Type can be distinguished by different auth type values, if the auth type value of Simple Password is 1, and so on.When
So, auth type value can also be distinguished according to specific agreement, and the embodiment of the present invention is without limitation.
Step S503, after the first system adds second auth type, the timer expiry of the first system
When, Xiang Suoshu second system sends the first BFD control message for carrying first auth type and carries second certification
2nd BFD of type controls message.
In one embodiment, after the first system adds the second auth type, it can be sent to second system and carry first
The first BFD control message of auth type and the 2nd BFD of the second auth type control message.Specifically, the first system can root
It is spaced according to the transmission in the session parameter of preservation and determines the timing cycle of transmission timer is reached in transmission timer time-out
When being spaced to a transmission, one or more BFD is sent to second system and controls message.At this point, can be carried in BFD control message
First auth type or the second auth type.It should be noted that needing the detection cycle (Detection in second system
Time the BFD that at least one carries the first auth type is sent in) and controls message, keeps second system inscribed in detection cycle
The BFD control message of first auth type of carrying is received, if so that second system is not authenticated in the detection cycle
Type modification when still retaining the authentication mode of former auth type (the first auth type), receives and carries the first auth type
BFD control message when authenticate the BFD control message and to the BFD control message carry out subsequent processing.In turn, second system can
To keep the session status of the BFD session between second system and the first system for UP state.To which, second system will not be to the
Link state between one system and second system makes erroneous judgement.When second system receives before not carrying out auth type modification
The BFD control message of the first auth type is carried, the detection timer of second system can start new detection cycle, and examine herein
It surveys in the period and determines whether to receive effective BFD control message.Specifically, it is clear to will test period corresponding detection timer
Zero, enable to detect the new detection cycle of timer self-starting;Or refresh the detection timer, so that detection timer is passed through instruction
It indicates to start new detection cycle.
Specifically, the first system sends the first BFD control for carrying the first auth type in the detection cycle of second system
The transmission frequency of message processed can preset ratio with the transmission frequency for sending the 2nd BFD control message for carrying the second auth type
N:M, wherein N and M is the integer more than or equal to 1.During this period, at least sends and primary carry the of the first auth type
One BFD controls message, therefore the minimum value of N is 1;The value range of above-mentioned ratio can be 1:1~1:N.Due to second system
Detection cycle be the first system transmission interval integral multiple, therefore, in detection cycle, if the first system can be sent
X BFD controls message, can send one when the corresponding transmission timer of the transmission detection of any one in the period exceeds the time limit
The first BFD control message of the first auth type is carried, remaining sends interval transmission N number of (i.e. X-1) and carries the second certification class
2nd BFD of type controls message, after determining whether second system completes auth type modification with higher frequency, can pass through carrying
The 2nd BFD control message of second auth type carries out mutual ship's speed.The first BFD that the first system is sent in the detection cycle
The transmission frequency of the transmission frequency and the 2nd BFD control message that control message is 1:N;Or the first system is in two neighboring transmission
Interval sends the first BFD control message respectively and the 2nd BFD controls message, the first BFD control message sent during this period
The transmission frequency for sending the frequency and the 2nd BFD control message is 1:1;Certainly, within this range, first network equipment A can also lead to
It crosses other modes and sends the first BFD control message and the 2nd BFD control message, wouldn't repeat herein.
Step S504, second system receive the first BFD control for carrying the first auth type in same detection cycle
Message and the 2nd BFD for carrying the second auth type control message.
In one embodiment, second system can receive in same detection cycle carries the first of the first auth type
BFD controls message and carries the 2nd BFD control message of the second auth type.
For example, described in second system saves in the session parameter of the BFD session in the same detection cycle
First auth type.That is, the first auth type is effective to second system in the above-mentioned same detection cycle.Cause
This, second system can control message to the BFD of the first auth type of carrying from the first system and authenticate.
Alternatively, the session parameter for the BFD session that second system saves is in the above-mentioned same detection cycle by first
Auth type is changed to the second auth type.That is, auth type is before changing, the first auth type is in the above-mentioned same inspection
Surveying in the period is effective to second system.Therefore second system can authenticate class the carrying described first from the first system
The BFD control message of type is authenticated.After auth type change, the second auth type is in the same detection cycle to the second system
System is effective.Therefore second system can control message to the BFD of the second auth type of carrying from the first system and carry out
Certification.
By the above-mentioned means, the BFD session being able to maintain that between the first system and second system of the first system maintenance
Session status is UP state, to can guarantee when system carries out auth type modification, still is able to through BFD protocol detection both ends
The link state of system.Certainly, if the session status for the BFD session that the first system or second system are safeguarded is become by other reasons
More DOWN state when, that is, show still to be able to pass through during the first system or second system carry out auth type modification
Link failure between BFD protocol detection the first system and second system.Specifically, if second system in the detection cycle not
Auth type modification is carried out, then shows only to save the first auth type in the session parameter of second system preservation, at this point, second
System can only receive the first BFD control message for carrying the first auth type, for carrying the 2nd BFD of the second auth type
Message is controlled, the authentication mode that second system passes through the auth type currently saved can not control message to the 2nd BFD and carry out
Certification, second system can abandon the 2nd BFD control message as a result,.If second system can only receive in the detection cycle
Message is controlled to the 2nd BFD for carrying the second auth type, needs to carry out discard processing to the 2nd BFD control message, then
It is possible that second system modifies second system due to not receiving effective BFD control message when the detection cycle is expired
The session status of BFD session between the first system is DOWN state, and second system can be to the first system and the second system at this time
The link state of system is judged by accident, therefore, in the detection cycle, guarantees that second system receives at least one carrying first and recognizes
The first BFD for demonstrate,proving type controls message.
If second system is authenticated type modification in the detection cycle, show that second system saves above-mentioned
The first auth type and the second auth type are saved in the session parameter of BFD session, when second system is in the detection cycle
The first BFD control message for carrying the first auth type is received, the first BFD control message can be certified, and can start new
Detection cycle, guarantee two systems between BFD session session status it is normal;When second system receives carrying in the detection cycle
2nd BFD of the second auth type controls message, the 2nd BFD control message can be certified, and can determine that the first system is completed
Auth type modification, and the first system and second system can be maintained between the first system and second system by new auth type
Above-mentioned BFD session, therefore, can delete second system preservation session parameter in the first auth type;Similarly, when the first system
When system receives the BFD control message of the second auth type of carrying of second system transmission, the first system can also be deleted first
The first auth type in the session parameter saved in system, so far, the first system and second system can pass through new certification class
Type carries out the transmission of BFD control message.
Optionally, second system can receive the carrying first from the first system and authenticate in a upper detection cycle
The BFD of type controls message.Wherein, a upper detection cycle refers to the adjacent of the above-mentioned same detection cycle in the embodiment of the present invention
Detection cycle, and referred to the detection cycle before the same detection cycle on the upper detection cycle time.A upper detection
Period is after second system establishes the above-mentioned BFD session with the first system.To which second system can be in a upper detection cycle
Interior maintenance BFD session.
The sending duration of the first system is corresponding with a upper detection cycle for second system, i.e., the first system is being held
The BFD control message sent in the continuous time can be received in a upper detection cycle by second system.The first system is at this
In duration, the first system does not carry out auth type modification.Therefore the session ginseng for the above-mentioned BFD session that the first system is saved
The second auth type is not included in number.The first system, which can not send carrying second to second system within the duration, to be recognized
The BFD for demonstrate,proving type controls message.The first system can only send to second system within the duration and carry the first certification class
The BFD of type controls message.Therefore, second system can only receive the carrying from the first system in a upper detection cycle
The BFD of first auth type controls message, and can control message to the BFD and authenticate.Second system can not be upper one
A detection system receives the control message of the second auth type of carrying from the first system.
It should be noted that detection cycle (Detection Time) be specifically defined mode and executive mode can be found in English
6.8.2 in the RFC5880 of special net engineering task force (Internet Engineering Task Force, IETF) publication
Section.
The first system in the application is the adjacent system (neighboring system) or far end system of second system
(remote system).System in the application specifically can be the system in the RFC5880 of IETF publication.Specifically, originally
The BFD state machine (BFD state machine) that system in application can be defined by the RFC5880 that IETF is issued is realized.
In the embodiment of the present invention, the first system and second system establish the BFD meeting that auth type includes the first auth type
Words.After the first system adds the second auth type, the first BFD control of the first auth type is carried by sending to the first system
Message processed and the 2nd BFD for carrying the second auth type control message.Second system receives this in same detection cycle and takes
The first BFD control message with the first auth type and the 2nd BFD for carrying the second auth type control message.If the second system
When system receives BFD control message, the auth type that second system is supported is there is no modification, then second system can be to first
BFD control message is authenticated.If second system receive BFD control message, second system support auth type from
First auth type is revised as the second auth type, then second system can control message to the 2nd BFD and authenticate.Namely
It says, after the auth type that the first system is supported is revised as the first auth type and the second auth type from the first auth type,
No matter whether the auth type that second system is supported is modified, and second system can control message to BFD and authenticate.Into
And it avoids second system and is mistakenly considered between the first system and second system due to that can not be authenticated to BFD control message
Communication link break down.Therefore, above scheme helps to solve time and the second system of second system modification auth type
System modifies the Time Inconsistency of auth type and leads to the technical issues of making erroneous judgement to the state of communication link.In turn, it helps
In avoiding flow from interrupting.The following description of the present invention embodiment describes the first system or second system for emphasis and completes
Auth type modification after, receive BFD control message treatment process, the embodiment of the present invention by taking the first system as an example, specifically,
It can be found in Fig. 6, Fig. 6 is the flow diagram of the transmission method of another kind BFD control message disclosed by the embodiments of the present invention.Such as figure
Shown in 6, this method may include following steps.
Since step S601, the first system determine time cycle of the first system adding second auth type
Inside whether receive the BFD control message for carrying out carrying second auth type of this second system.
In one embodiment, since the first system can determine time week of the first system adding the second auth type
Whether the BFD control message that carries second auth type is received in phase.Specifically, when the first system authenticates class from addition second
Type starts, then shows that the first system completes auth type modification, and then need to determine the second system within the preset time cycle
Whether system also completes auth type modification.It by determining whether to receive the BFD control message for carrying the second auth type
To determine whether second system completes auth type modification, and auth type modification is consistent with the first system, if above-mentioned
Condition of anticipating is unsatisfactory for, then two end systems are then unable to maintain that the BFD session of above-mentioned foundation.
Specifically, the time cycle can be preset in the session parameter of the first system preservation, the first system authenticates class for second
Type is added in the session parameter of the first system preservation, and when the first system adds second auth type, the first system can be touched
The operation of the time cycle is sent out, specifically, can such as change timer by preset timer executes the time cycle, the first system
Whether system receives the BFD control message for carrying the second auth type before determining change timer expiry.
Optionally, when the first system receives the control message of the 3rd BFD from second system, the 3rd BFD is determined
Whether control message carries the mode of the second auth type can include:
The first system determine the key identification in the 3rd BFD control message whether with the preservation of the first system
Cipher key match in key set;If the cipher key match in the key identification and the key set, the first system are based on
Second auth type determines identifying algorithm;Optionally, if cipher key match in the key identification and the key set, and
And the auth type that the 3rd BFD control message carries is consistent with second auth type, then the first system is based on
Second auth type determines the identifying algorithm;The first system, which determines, is based on the matched key and the certification
Whether the authentication material that algorithm generates is consistent with the authentication material that the 3rd BFD control message carries.
In one embodiment, after the first system receives the 3rd BFD control message, it may be determined that the 3rd BFD control
Key identification (key_ID) in message processed whether with the cipher key match in the key set that is saved in the first system.Wherein,
It can be reserved for multiple keys of configuration in one system, multiple key constitutes key set, controls in second system by the 3rd BFD
The key identification that message carries corresponds to one of key, can carry out next step verification process, and the first system can be based on second
Auth type determines identifying algorithm, optionally, before the first system determines identifying algorithm based on the second auth type, may further determine that
3rd BFD controls the auth type that message carries and whether the second auth type is consistent.It wherein, in the manner described above, can be by difference
Auth type value represent different auth types, i.e., by determine the 3rd BFD control the auth type value carried in message with
Whether the auth type value for the second auth type in session parameter that second system saves is consistent.It, can be based on the if consistent
Two auth types determine identifying algorithm, are authenticated with further.Through the above steps, the first system can be based on key identification institute
Matched key and the identifying algorithm determined by the second auth type generate authentication material, and by the authentication material and third
Whether BFD controls the authentication material that message carries consistent.Specifically, authentication material can be embodied according to the difference of auth type
It (is keyed MD5 or Meticulous Keyed for auth type that three BFD, which control the Auth key/Digest in message,
MD5) or Auth key/Hash (is Keyed SHA1 or Meticulous Keyed SHA1) field for auth type.This is recognized
Card material can be to be presented as a string of bytes, if the authentication material generated is consistent with the string byte, show that authentication material is consistent, into
And can determine that the 3rd BFD control message carries the second auth type, and the 3rd BFD control message comes from second system, and
Non-interference infected information.If any one mode in above-mentioned authentication mode is inconsistent, show the first system not above-mentioned
Time cycle in receive the second auth type of carrying from second system the 3rd BFD control message.
It should be noted that determining key identification and key in aforesaid way for matching relationship, i.e., according to corresponding key
Mark finds corresponding cipher key content, and key identification is different, and cipher key content is different;Above-mentioned determining auth type is consistent or authenticates material
When expecting consistent, can refer to that auth type value is identical or authentication material value is identical, here, unanimously with it is identical synonymous.
Step S602 is deleted if the first system, which determines, receives the BFD for carrying second auth type control message
First auth type in the session parameter for the BFD session that the first system saves.
In one embodiment, the carrying second from second system is received when the first system is determining through the above way
After the BFD control message of auth type, then the first system has known that auth type modification, and the second system is completed in second system
The auth type of system modification is the second auth type, and so far, auth type modification is completed in the first system and second system, then
The first system and second system can transmit the BFD control message for carrying the second auth type.The first system is deleted in the first system
The first auth type in the session parameter of the BFD session of preservation.If determining the time cycle using above-mentioned change timer, when
After the first system determines that receiving above-mentioned BFD controls message, can also the change timer be deleted or be closed.
Step S603, if the first system, which determines, is not received by the BFD for carrying second auth type control message,
The session status that the first system is safeguarded is revised as malfunction.
In one embodiment, when the first system through the above way determine carrying is not received by within the time cycle should
The BFD of second auth type controls message, then show second system in the specified period without complete auth type modification or
The modified auth type of the auth type of completion can not be by the certification of the first system, therefore, and the first system is needed first
The session status of system maintenance is revised as DOWN (failure) state.
Specifically, may include the state machine of the corresponding BFD session of BFD session with above-mentioned foundation in the first system, it should
The state machine of BFD session is used to modify the session status of the BFD session, the session shape of the state machine according to the trigger condition of state
State can be DOWN (failure) state, INIT (initial/activation) state, UP (keep-alive) state, ADMINDOWN (cancellation fault detection)
State.For example, when the first system and second system establish BFD session, the state machine output state sequence of the BFD session
It can be DOWN-INIT-UP, when session status is UP state, the BFD session that the first system and second system are established, and pass through
Receive and send effective BFD control message and safeguard that the session dress dimension of the BFD session is UP state, when state machine detect it is above-mentioned
When trigger condition, then the session status of the BFD session is revised as DOWN state, shows that the first system and second system can not be again
The persistently BFD session, the link fails between the first system and second system.
The embodiment of the present invention avoids after an end system completes authenticated configuration, and dateless waiting opposite end carries out certification and matches
It sets, so as to find that both ends system authentication configures inconsistent, timely reporting links failure problems in time, to guarantee business transmission not
It is impacted.
The transmission mode of BFD control message between the first system and second system described in above-described embodiment is applicable
In BFD system shown in fig. 1 or fig. 2.It is specific to tie when BFD system is there are when the standby system of the first system or second system
Fig. 2 is closed, reference can be made to corresponding embodiment describes method in Fig. 7.Wherein, Fig. 7 is another BFD control disclosed by the embodiments of the present invention
The flow diagram of the transmission method of message processed.Third system shown in fig. 7 is the standby system of the first system, can be with the
One system is altogether in same physical equipment, i.e. in first network equipment A;Can also independently exist in different physical equipments,
The first system as shown in Figure 2 is included in first network equipment A, and third system is included in third network equipment C.The present invention is real
Example combination Fig. 2 is applied to be illustrated so that the first system is respectively present in the different network equipments from third system as an example.
Step S701, the first system and second system establish BFD session.
Step S702 after the first system establishes the BFD session, sends the institute that the first system saves to third system
State the session parameter of BFD session.
Step S703, third system save the session parameter of the BFD session in the third system.
In one embodiment, during the BFD session that the first system establishes the first system and second system, first
System can save the corresponding session parameter of BFD session in the first system, meanwhile, the first system can join the session saved
Number be sent to third system, the i.e. standby system of the first system, thus when the first system break down need to the first system into
When row backup link is converted, third system can replace the first system and second system based on the session saved in third system
The BFD session that parameter maintains above-mentioned the first system and second system to be established, and then complete the backup link to the first system
Conversion.
Step S704, the first system add in the session parameter for the BFD session that the first system saves
Second auth type.
Step S705, after the first system adds second auth type, Xiang Suoshu third system sends configuration and refers to
It enables, the configuration-direct is recognized for adding described second into the session parameter for the BFD session that the third system saves
Demonstrate,prove type.
Step S706, described in the third system is added in the session parameter for the BFD session that the third system saves
Second auth type.
In one embodiment, after the first system adds the second auth type, show that the first system is authenticated class
The configuration-direct for carrying second auth type, then can be sent to third system by type modification, and third system is matched by parsing this
The second auth type that setting instruction can be carried is added in the session parameter of the BFD session saved in third system.
Step S707, after the first system deletes first auth type, Xiang Suoshu third system, which sends to delete, to be referred to
It enables, described first in the session parameter for deleting instruction for deleting the BFD session saved in the third system
Auth type.
It should be noted that deletion instruction is used to indicate the above-mentioned BFD meeting saved in third system-kill third system
The first auth type in the session parameter of words.
Step S708, in the session parameter of the BFD session saved in third system described in the third system-kill
First auth type.
In one embodiment, when in the session parameter that the first system deletes the BFD session saved in the first system
The first auth type after, the first system can to third system send delete instruction, the deletion instruction be used to indicate third system
Delete corresponding first auth type of its preservation.It is corresponding to delete in third system after third system receives deletion instruction
The first auth type in the session parameter of the BFD session of interior preservation.And then the BFD session saved in third system
Session parameter realizes the session parameter synchronized update with the BFD session saved in the first system.
Step S709, after the third system detection to the first system breaks down, then the third system to
The second system sends the BFD control message for carrying second auth type.
Step S710, the third system receive the BFD of carrying second auth type from the second system
Control message.
In one embodiment, when the first system breaks down, standby system of the third system as the first system, energy
Enough detect that the first system breaks down, the backup link conversion that third system needs that the first system is replaced to complete the first system,
According to above-mentioned steps, the session parameter of the above-mentioned BFD session saved in third system realized with saved in the first system it is upper
The session parameter synchronized update of BFD session is stated, i.e. third system can replace the first system to maintain the BFD session with second system.
It should be noted that maintaining above-mentioned BFD session by the first system before the first system breaks down;The first system hair
After raw failure, above-mentioned BFD session is maintained by third system.That is, third system has taken over the role of the first system.
After the BFD session establishment for maintaining BFD session to refer to above-mentioned the first system and second system in the embodiment of the present invention, two
A system is interacted according to BFD agreement.The BFD session be two systems (the first system and second system or third system with
Second system) between BFD session.
It should be noted that third system replaces second system to maintain above-mentioned BFD session, the second system can be notified or not notified
System has carried out system conversion, and for second system, the above-mentioned BFD session for detecting link failure is still continuing.Therefore, third
System can send the BFD control message for carrying the second auth type to second system, also can receive what second system was sent certainly
The BFD control message of the second auth type is carried, i.e. third system and second system can carry the second certification by mutually transmitting
The BFD control message of type maintains the session status of above-mentioned BFD session.
Optionally, when the first system is in the BFD control report for not receiving the second auth type of carrying from second system
Wen Shi, the first system with break down, third system at this time third system save session parameter in save the first certification
Type and the second auth type, third system are recognized by sending to carry the BFD control message of the first auth type and carry second
The BFD for demonstrate,proving type controls message, maintains above-mentioned BFD session with second system, and continuing the detection second system within the time cycle is
No completion auth type modification, if completing auth type modification, third system is authenticated saved in third system first
Type is deleted.
The BFD between the first system and second system that the method passes through the standby system preservation of synchronized update the first system
The session parameter of session guarantees that third system can replace the first system and second system to maintain if the first system breaks down
The BFD session that the first system and second system are established before successfully completes backup link conversion, with continue to test two systems or
The link failure of two equipment rooms comprising two systems.
Referring to Fig. 8, Fig. 8 is that a kind of the first system disclosed by the embodiments of the present invention and second system transmission BFD control are reported
The interaction time diagram of text.The embodiment of the first system and/or second system is in combination with shown in above-mentioned Fig. 5~Fig. 7 in Fig. 8
Embodiment.Fig. 8 is described in detail the first system and second system and handles BFD control report during carrying out auth type modification
The mode of text.
Specifically, the first system and second system establish BFD session, the BFD ession for telecommunication is being established, the first system and the
Two system saves the session parameter of the BFD session in this system respectively, wherein the session parameter includes the first system and second
System transmits the first auth type entrained when BFD control message.After the first system and second system establish BFD session,
Transmission BFD controls message mutually, when the first system and second system do not carry out auth type modification, transmits BFD control mutually
Message processed, the session status of the message is UP, and carries the first auth type, as shown in figure 8, the first auth type is
KEYED MD5。
After the first system carries out auth type modification, in the BFD established that the first system is saved in the first system
The second auth type is added in the session parameter of session, as shown in figure 8, the second auth type is KEYED SHA1.At this point, first
It include two kinds of auth types, i.e. the first auth type and the second auth type in the session parameter for the BFD session that system saves.And
Second system not yet carries out auth type modification, at this point, only including one kind in the session parameter for the BFD session that second system saves
Auth type, i.e. the first auth type.The first system sends the BFD control for carrying SHA1 (the second auth type) to second system
Message, message is controlled with the BFD for carrying MD5 (the first auth type), and second system can not authenticate the BFD control for carrying SHA1
Message, therefore BFD control message is abandoned, second system can authenticate the BFD control message carried without certification, therefore normal
Handle the message.Second system is sent to the first system to be carried the BFD of MD5 and controls message, and the first system can receive processing the
The BFD that two system is sent controls message, and during this period, the first system and second system are able to carry out normal BFD session, that is, exists
When BFD agreement does not detect that the link between two end systems breaks down because of other reasons, the session status of the BFD session is UP
State.
After second system carries out auth type modification, BFD meeting that second system saved in second system established
The second auth type is added in the session parameter of words, as shown in figure 8, the second auth type is KEYED SHA1, at this time second
There are two kinds of auth types, i.e. the first auth type and the second certification classes in the session parameter of the BFD session saved in system
Type, therefore, second system is sent to the first system has the BFD for carrying SHA1 to control message, and carries the BFD control report of MD5
Text can be by the in the session parameter saved in the first system after the first system receives and carries the BFD of SHA1 and control message
One auth type is deleted, if after this, when receiving the BFD control message of the carrying MD5 of second system transmission, can drop should
Message, hereafter, the first system only send the BFD control message for carrying the second auth type (SHA1) to second system.Similarly,
Two system can be handled it, and can be by institute when the BFD for the carrying SHA1 for receiving the first system transmission controls message
The first auth type saved is deleted.To as the BFD control message Shi Kejin for the carrying SHA1 for receiving the first system transmission
Row reception processing receives discardable when the BFD control message for carrying MD5.Since then, the first system can be mutual with second system
The BFD that transmission carries SHA1 auth type controls message.
In the embodiment of the present invention, during the modification of both ends auth type, it is ensured that normal BFD session is to detect the first system
It whether there is link failure in link between system and second system.
The embodiment of the present invention is described with reference to the accompanying drawing for realizing the device of above method.
Referring to Fig. 9, Fig. 9 is a kind of structural schematic diagram of the first system disclosed by the embodiments of the present invention.The first system
900 may include establishing unit 901, adding unit 902, transmission unit 903.By the above unit, it can be achieved that in above-described embodiment
The method that the first system executes.
Wherein, unit 901 is established, for the BFD session between foundation and second system, the second system is described
The far end system of one system, the auth type of the BFD session include the first auth type;
Adding unit 902 is established after unit 901 establishes the BFD session for described, is saved in the first system
The second auth type is added in the session parameter of the BFD session;
Transmission unit 903, after adding second auth type for the adding unit 902, the first system
When timer expiry, Xiang Suoshu second system sends the first BFD control message for carrying first auth type and carries institute
The 2nd BFD control message of the second auth type is stated, the first BFD control message and the 2nd BFD control message are in institute
It states and is received in the same detection cycle of second system by the second system.
In the embodiment of the present invention, unit 901 is established for executing the method in embodiment shown in fig. 5 in step S501;
Adding unit 902 is used to execute the method in embodiment shown in fig. 5 in step S502;Transmission unit 903 is for executing Fig. 5 institute
Method in the embodiment shown in step S503.
Optionally, the first system 900 may also include the first determination unit 904, delete unit 905, the second determination unit
906, unit 907 is modified.
Wherein, the first determination unit 904, for determining the adding unit 902 from adding unit addition described the
The BFD control of carrying second auth type from the second system is received in the time cycle that two auth types start
Message processed;
Unit 905 is deleted, is determined for the first determination unit 904 and receives the carrying from the second system described the
The BFD of two auth types controls message, then deletes described in the session parameter for the BFD session that the first system saves
First auth type.
Second determination unit 906, for determining the first system from adding unit addition the second certification class
The BFD control report of carrying second auth type from the second system is not received by the time cycle that type starts
Text;
Optionally, the second determination unit 906 is also used to determine that the first system receives within the time cycle and comes
Second auth type is not carried from the 3rd BFD control message of the second system;
Second determination unit 906 includes:
First determination unit, for determine the key identification in the 3rd BFD control message whether with first system
Cipher key match in the key set of the preservation of system;
Second determination unit, if being determined in the key identification and the key set for first determination unit
Cipher key match then determines identifying algorithm based on second auth type;
Third determination unit, the authentication material generated for determination based on the matched key and the identifying algorithm are
The no authentication material carried with the 3rd BFD control message is consistent;
4th determination unit, if for the third determination unit determine the generation authentication material and the third
BFD controls the authentication material that message carries and mismatches, it is determined that recognizes in the 3rd BFD control message without carrying described second
Demonstrate,prove type;
Unit 907 is modified, for determining to be not received by from the second system when second determination unit 906
Carrying second auth type BFD control message after, the session shape for the BFD session that the first system is safeguarded
State is revised as malfunction.
In the embodiment of the present invention, the first determination unit 904 and the second determination unit 906 and the second determination unit include
One to the 4th determination unit is for executing step S601 in embodiment shown in fig. 6;Unit 905 is deleted for executing shown in Fig. 6
Embodiment in step S602;Modification unit 907 is for executing step S603 in embodiment shown in fig. 6.
Optionally, transmission unit 903 are also used to the BFD meeting that the adding unit 902 is saved in the first system
After adding the second auth type in the session parameter of words, configuration-direct is sent to third system, the third system is described the
The standby system of one system is established and described the if the session status of the BFD session is malfunction by the third system
The new BFD session of two system, the configuration-direct are used for into the session parameter for the BFD session that the third system saves
Add second auth type;
The transmission unit 903 is also used to the deletion unit 907 and deletes the BFD meeting that the first system saves
After first auth type in the session parameter of words, is sent to third system and delete instruction, the third system is described
The standby system of the first system, the deletion instruct the session for deleting the BFD session saved in the third system
First auth type in parameter.
In the embodiment of the present invention, transmission unit 903 can be used for executing step S704 in embodiment illustrated in fig. 7;Transmission unit
903 can also be used to execute step S706 in embodiment illustrated in fig. 7.
In the embodiment of the present invention, the above transmission unit 903 can by the communication interface of the first system 900 send instruction or
BFD controls message, and certainly, which may also include receiving unit, and receiving unit can pass through the first system 900
Communication interface receives instruction or BFD controls message.The communication interface is, for example, wireline interface, naturally it is also possible to be wireless interface.
Referring to Fig. 10, Figure 10 is a kind of structural schematic diagram of second system disclosed by the embodiments of the present invention.Second system
System 1000 may include establishing unit 1001 and receiving unit 1002.
Wherein, unit 1001 is established, the BFD session for establishing between the first system and the second system, the BFD
The auth type of session includes the first auth type;
Receiving unit 1002, for receiving in the same detection cycle of the second system from the first system
It carries the first BFD control message of first auth type and carries the 2nd BFD control message of the second auth type.
In the embodiment of the present invention, establishing unit 1001 can be used for executing step S501 in embodiment shown in fig. 5, receive single
Member 1002 can be used for executing step S504 in embodiment shown in fig. 5.
In the embodiment of the present invention, the above receiving unit 1002 can be received by the communication interface of second system 1000 and be instructed
Or BFD controls message, certainly, which may also include transmission unit, and transmission unit can pass through second system
1000 communication interface sends instruction or BFD controls message.The communication interface is, for example, wireline interface, naturally it is also possible to be wireless
Interface.
Figure 11 is please referred to, Figure 11 is a kind of structural schematic diagram of third system disclosed by the embodiments of the present invention.The third system
System 1100 may include receiving unit 1101, storage unit 1102, adding unit 1103, delete unit 1104, establishes unit 1105
And transmission unit 1106.
Wherein, receiving unit 1101, for receiving information or instruction from the first system;
Storage unit 1102 when receiving the session parameter information from the first system for the receiving unit 1101, is protected
Deposit the session parameter, wherein include the first auth type in the session parameter;
Adding unit 1103, when receiving for the receiving unit 1101 from the configuration-direct of the first system,
The second auth type in the configuration-direct is added in the session parameter that the storage unit 1102 saves;
Unit 1104 is deleted, after receiving the instruction of the deletion from the first system for the receiving unit 1101,
First auth type in the session parameter is deleted;
Unit 1105 is established, when the session status of the BFD session between the first system and second system is DOWN shape
State then establishes the new BFD session with the second system.
Transmission unit 1106 is established after unit 1105 establishes the new BFD session, Xiang Suoshu second system hair for described
Send the BFD control message for carrying second auth type.
In the embodiment of the present invention, storage unit 1102 can be used for executing step S703 in embodiment shown in Fig. 7;Addition is single
Member 1103 can be used for executing step S706 in embodiment shown in Fig. 7;Deleting unit 1104 can be used for executing implementation shown in Fig. 7
Step S708 in example;Establishing unit 1105 can be used for executing step S709 in embodiment shown in Fig. 7;Transmission unit 1106 can be used
The step S710 in execution embodiment shown in Fig. 7.
In the embodiment of the present invention, the above receiving unit 1101 can be received by the communication interface of third system 1100 and be instructed
Or BFD controls message, transmission unit 1106 can send instruction or BFD control report by the communication interface of third system 1100
Text.The communication interface is, for example, wireline interface, naturally it is also possible to be wireless interface.
It should be noted that the first system, second system and third system may include identical functional unit, Fig. 9, Figure 10
And functional unit shown in Figure 11 complements one another in systems, emphasis is executed to distinguish the function of each system, in Fig. 9, figure
The functional unit for needing to illustrate only is drawn in 10 and Figure 11, other same functional unit is not drawn all.
Referring to above embodiments, the first system 900 in embodiment illustrated in fig. 9, the second system in embodiment illustrated in fig. 10
System 1000, the third system 1100 in embodiment illustrated in fig. 11 are presented in the form of unit.Here " unit " can refer to
Application-specific integrated circuit (application-specific integrated circuit, ASIC), executes one or more
The processor and memory of software or firmware program, integrated logic circuit and/or other device of above-mentioned function can be provided.
In a simple embodiment, those skilled in the art is contemplated that the first system 900 shown in Fig. 9 can be with
Using form shown in following figure 12.
As shown in figure 12, the first system can be realized with the structure in Figure 12, which includes at least one
Processor 1201, at least one processor 1202, at least one communication interface 1203.In addition, the first system can also include
The universal components such as antenna, this will not be detailed here.
Wherein, for memory 1202 for storing program code, processor 1201 can call the program generation stored in memory
Code, to execute following steps:
The BFD session between the first system and second system is established, the second system is the first system
Far end system, the auth type of the BFD session include the first auth type;
After establishing the BFD session, second is added in the session parameter for the BFD session that the first system saves
Auth type;
After adding second auth type, when the timer expiry of the first system, Xiang Suoshu second system is sent
It carries the first BFD control message of first auth type and carries the 2nd BFD control message of second auth type,
The first BFD control message and the 2nd BFD control message in the same detection cycle of the second system by institute
Second system is stated to receive.
In the embodiment of the present invention, processor 1201 can be general central processor (CPU), microprocessor, specific application
Integrated circuit (application-specific integrated circuit, ASIC), or it is one or more for control with
The integrated circuit that upper scheme processes execute.Processor 1201 can be used for executing in above-mentioned embodiment illustrated in fig. 5 (embodiment of the method)
Step S501~S503, processor 1201 can also be used to execute step S601~S603 in above-mentioned embodiment illustrated in fig. 6;Processor
1201 can also be used to execute step S704 and S706 in above-mentioned embodiment illustrated in fig. 7;Alternatively, processor 1201 can be used in execution
It states and establishes unit 901 in embodiment illustrated in fig. 9, adding unit 902, transmission unit 903, the first determination unit 904, deletes unit
905, the second determination unit 906, the function of modification unit 907.
Communication interface 1203, for the other systems in present networks equipment or the system communication in other network equipments,
Communication interface can support various network communications agreement or standard in the embodiment of the present invention.
Memory 1202 can be read-only memory (read-only memory, ROM) or can store static information and refer to
The other kinds of static storage device enabled, random access memory (random access memory, RAM) or can store
The other kinds of dynamic memory of information and instruction, is also possible to Electrically Erasable Programmable Read-Only Memory
(Electrically Erasable Programmable Read-Only Memory, EEPROM), CD-ROM (Compact
Disc Read-Only Memory, CD-ROM) or other optical disc storages, optical disc storage (including compression optical disc, laser disc, light
Dish, Digital Versatile Disc, Blu-ray Disc etc.), magnetic disk storage medium or other magnetic storage apparatus or can be used in carry or
Store have instruction or data structure form desired program code and can by any other medium of computer access, but
It is without being limited thereto.Memory 1202, which can be, to be individually present, and is connected by bus with processor 1201.Memory 1202 can also be with
It is integrated with processor 1201.
In a simple embodiment, those skilled in the art is contemplated that second system 1000 shown in Fig. 10 can
In the form of using shown in following figure 13.
As shown in figure 13, second system can be realized with the structure in Figure 13, which includes at least one
Processor 1301, at least one processor 1302, at least one communication interface 1303.In addition, the second system can also include
The universal components such as antenna, this will not be detailed here.
Wherein, for memory 1302 for storing program code, processor 1301 can call the program generation stored in memory
Code, to execute following steps:
The BFD session between the first system and the second system is established, the auth type of the BFD session includes first
Auth type;
Carrying first certification from the first system is received in the same detection cycle of the second system
The first BFD control message of type and the 2nd BFD for carrying the second auth type control message.
In the embodiment of the present invention, processor 1301 can be general central processor (CPU), microprocessor, specific application
Integrated circuit (application-specific integrated circuit, ASIC), or it is one or more for control with
The integrated circuit that upper scheme processes execute.Processor 1301 can be used for executing in above-mentioned embodiment illustrated in fig. 5 (embodiment of the method)
Step S501 and step S504;Alternatively, processor 1301, which can be used for executing, establishes unit 1001 in above-mentioned embodiment illustrated in fig. 10
And the function of receiving unit 1002.
Communication interface 1303, for the other systems in present networks equipment or the system communication in other network equipments,
Communication interface can support various network communications agreement or standard in the embodiment of the present invention.
Memory 1302 can be read-only memory (read-only memory, ROM) or can store static information and refer to
The other kinds of static storage device enabled, random access memory (random access memory, RAM) or can store
The other kinds of dynamic memory of information and instruction, is also possible to Electrically Erasable Programmable Read-Only Memory
(Electrically Erasable Programmable Read-Only Memory, EEPROM), CD-ROM (Compact
Disc Read-Only Memory, CD-ROM) or other optical disc storages, optical disc storage (including compression optical disc, laser disc, light
Dish, Digital Versatile Disc, Blu-ray Disc etc.), magnetic disk storage medium or other magnetic storage apparatus or can be used in carry or
Store have instruction or data structure form desired program code and can by any other medium of computer access, but
It is without being limited thereto.Memory 1302, which can be, to be individually present, and is connected by bus with processor 1101.Memory 1302 can also be with
It is integrated with processor 1301.
In a simple embodiment, those skilled in the art is contemplated that third system 1100 can shown in Figure 11
In the form of using shown in following figure 14.
As shown in figure 14, second system can be realized with the structure in Figure 14, which includes at least one
Processor 1401, at least one processor 1402, at least one communication interface 1403.In addition, the second system can also include
The universal components such as antenna, this will not be detailed here.
Wherein, for memory 1402 for storing program code, processor 1401 can call the program generation stored in memory
Code, to execute following steps:
Receive information or instruction from the first system;
After receiving the configuration-direct from the first system, the second auth type in the configuration-direct is added
Into the session parameter of preservation;
After receiving the deletion instruction from the first system, by first auth type in the session parameter
It deletes.
In the embodiment of the present invention, processor 1401 can be general central processor (CPU), microprocessor, specific application
Integrated circuit (application-specific integrated circuit, ASIC), or it is one or more for control with
The integrated circuit that upper scheme processes execute.Processor 1401 can be used for executing in above-mentioned embodiment illustrated in fig. 7 (embodiment of the method)
Step S703, S706, S708~S710;Alternatively, processor 1401, which can be used for executing, receives list in above-mentioned embodiment illustrated in fig. 11
Member 1101, storage unit 1102, function adding unit 1103, deleted unit 1104, establish unit 1105 and transmission unit 1106
Energy.
Communication interface 1403, for the other systems in present networks equipment or the system communication in other network equipments,
Communication interface can support various network communications agreement or standard in the embodiment of the present invention.
Memory 1402 can be read-only memory (read-only memory, ROM) or can store static information and refer to
The other kinds of static storage device enabled, random access memory (random access memory, RAM) or can store
The other kinds of dynamic memory of information and instruction, is also possible to Electrically Erasable Programmable Read-Only Memory
(Electrically Erasable Programmable Read-Only Memory, EEPROM), CD-ROM (Compact
Disc Read-Only Memory, CD-ROM) or other optical disc storages, optical disc storage (including compression optical disc, laser disc, light
Dish, Digital Versatile Disc, Blu-ray Disc etc.), magnetic disk storage medium or other magnetic storage apparatus or can be used in carry or
Store have instruction or data structure form desired program code and can by any other medium of computer access, but
It is without being limited thereto.Memory 1402, which can be, to be individually present, and is connected by bus with processor 1101.Memory 1402 can also be with
It is integrated with processor 1401.
It should be noted that function performed by processor in Figure 12, Figure 13, Figure 14 or method and step can be identical, on
Stating function performed by processor described in each figure or method and step can complement one another.
The embodiment of the invention also provides a kind of computer storage mediums, by being stored as based on used in above-mentioned the first system
Calculation machine software instruction, it includes for executing computer program involved in above method embodiment.
The embodiment of the invention also provides a kind of computer storage mediums, by being stored as based on used in above-mentioned second system
Calculation machine software instruction, it includes for executing computer program involved in above method embodiment.
The embodiment of the invention also provides a kind of computer storage mediums, for being stored as calculating used in above-mentioned three system
Machine software instruction, it includes for executing computer program involved in above method embodiment.
Although combining each embodiment herein, invention has been described, however, implementing the claimed invention
In the process, those skilled in the art are by checking the attached drawing, disclosure and the appended claims, it will be appreciated that and it is real
Other variations of the existing open embodiment.In the claims, " comprising " (comprising) word is not excluded for other compositions
Part or step, "a" or "an" are not excluded for multiple situations.Claim may be implemented in single processor or other units
In several functions enumerating.Mutually different has been recited in mutually different dependent certain measures, it is not intended that these are arranged
It applies to combine and generates good effect.
It will be understood by those skilled in the art that the embodiment of the present invention can provide as method, apparatus (equipment) or computer journey
Sequence product.Therefore, complete hardware embodiment, complete software embodiment or combining software and hardware aspects can be used in the present invention
The form of embodiment.Moreover, it wherein includes the calculating of computer usable program code that the present invention, which can be used in one or more,
The computer program implemented in machine usable storage medium (including but not limited to magnetic disk storage, CD-ROM, optical memory etc.)
The form of product.Computer program is stored/distributed in suitable medium, is provided together with other hardware or as the one of hardware
Part can also use other distribution forms, such as pass through the wired or wireless telecommunication system of Internet or other.
The present invention be referring to the embodiment of the present invention method, apparatus (equipment) and computer program product flow chart with/
Or block diagram describes.It should be understood that each process that can be realized by computer program instructions in flowchart and/or the block diagram and/
Or the combination of the process and/or box in box and flowchart and/or the block diagram.It can provide these computer program instructions
To general purpose computer, special purpose computer, Embedded Processor or other programmable data processing devices processor to generate one
A machine so that by the instruction that the processor of computer or other programmable data processing devices executes generate for realizing
The device for the function of being specified in one or more flows of the flowchart and/or one or more blocks of the block diagram.
These computer program instructions, which may also be stored in, is able to guide computer or other programmable data processing devices with spy
Determine in the computer-readable memory that mode works, so that it includes referring to that instruction stored in the computer readable memory, which generates,
Enable the manufacture of device, the command device realize in one box of one or more flows of the flowchart and/or block diagram or
The function of being specified in multiple boxes.
These computer program instructions also can be loaded onto a computer or other programmable data processing device, so that counting
Series of operation steps are executed on calculation machine or other programmable devices to generate computer implemented processing, thus in computer or
The instruction executed on other programmable devices is provided for realizing in one or more flows of the flowchart and/or block diagram one
The step of function of being specified in a box or multiple boxes.
Although in conjunction with specific features and embodiment, invention has been described, it is clear that, do not departing from this hair
In the case where bright spirit and scope, it can be carry out various modifications and is combined.Correspondingly, the specification and drawings are only institute
The exemplary illustration of the invention that attached claim is defined, and be considered as covered in the scope of the invention any and all and repair
Change, change, combining or equivalent.Obviously, those skilled in the art various changes and modifications can be made to the invention without
It is detached from the spirit and scope of the present invention.If in this way, these modifications and changes of the present invention belong to the claims in the present invention and its
Within the scope of equivalent technologies, then the present invention is also intended to include these modifications and variations.
Claims (14)
1. a kind of transmission method of two-way converting detection BFD control message, which is characterized in that the described method includes:
The first system establishes the BFD session between the first system and second system, and the second system is first system
The far end system of system, the auth type of the BFD session include the first auth type;
After the first system establishes the BFD session, in the session parameter for the BFD session that the first system saves
Add the second auth type;
After the first system adds second auth type, when the timer expiry of the first system, Xiang Suoshu second
System sends the first BFD control message for carrying first auth type and the 2nd BFD for carrying second auth type
Message, the first BFD control message and the 2nd BFD control message are controlled in the same detection week of the second system
It is received in phase by the second system.
2. method as described in claim 1, which is characterized in that the method also includes: if the first system determines described
Since one system be not received by the carrying from the second system in the time cycle adding second auth type
The BFD of second auth type controls message, then the session status modification for the BFD session safeguarded the first system
For malfunction.
3. method as claimed in claim 2, which is characterized in that the first system determines the first system in week time
The BFD that carrying second auth type from the second system is not received by phase controls message and includes:
The first system determines that the first system receives the third from the second system within the time cycle
BFD control message does not carry second auth type;
The first system determines that the first system receives the third from the second system within the time cycle
BFD control message does not carry second auth type and includes:
The first system determine the key identification in the 3rd BFD control message whether with the preservation of the first system
Cipher key match in key set;
If the cipher key match in the key identification and the key set, the first system is based on second auth type
Determine identifying algorithm;
The first system determine the authentication material that is generated based on the matched key and the identifying algorithm whether with it is described
It is consistent that 3rd BFD controls the authentication material that message carries;
If the authentication material of the generation and the authentication material that the 3rd BFD control message carries are inconsistent, described first
System determines in the 3rd BFD control message without carrying second auth type.
4. method as claimed in claim 3, which is characterized in that
If the cipher key match in the key identification and the key set, the first system is based on second auth type
Determine that identifying algorithm includes:
If the cipher key match in the key identification and the key set, and the certification that the 3rd BFD control message carries
Type is consistent with second auth type, then the first system determines that the certification is calculated based on second auth type
Method.
5. method as described in claim 1, which is characterized in that the method also includes:
If the first system determines that since the first system receive in the time cycle adding second auth type
Message is controlled to the BFD for carrying second auth type, then the first system deletes the described of the first system preservation
First auth type in the session parameter of BFD session.
6. such as any one of claim 1-5 the method, which is characterized in that in the BFD session that the first system saves
Session parameter in add the second auth type after, the method also includes:
The first system sends configuration-direct to third system, and the third system is the standby system of the first system,
The configuration-direct is for adding the second certification class into the session parameter for the BFD session that the third system saves
Type, the third system are used to break down when the first system, maintain the BFD session instead of the first system.
7. method as claimed in claim 5, which is characterized in that deleted described in the first system preservation in the first system
After first auth type in the session parameter of BFD session, the method also includes:
The first system sends to third system and deletes instruction, and the third system is the standby system of the first system,
First certification in the session parameter that instruction is deleted for deleting the BFD session saved in the third system
Type.
8. a kind of the first system characterized by comprising
Unit is established, detects BFD session for the two-way converting between foundation and second system, the second system is described the
The far end system of one system, the auth type of the BFD session include the first auth type;
Adding unit is established after unit establishes the BFD session for described, in the BFD meeting that the first system saves
The second auth type is added in the session parameter of words;
Transmission unit, after adding second auth type for the adding unit, the timer expiry of the first system
When, Xiang Suoshu second system sends the first BFD control message for carrying first auth type and carries second certification
2nd BFD of type controls message, and the first BFD control message and the 2nd BFD control message are in the second system
The same detection cycle in received by the second system.
9. the first system as claimed in claim 8, which is characterized in that the first system further include:
Determination unit, for determining time of the adding unit since the adding unit adds second auth type
The BFD control message of carrying second auth type from the second system is not received by period;
Unit is modified, for determining to be not received by from the carrying of the second system described second when the determination unit
After the BFD control message of auth type, the session status for the BFD session that the first system is safeguarded is revised as failure shape
State.
10. the first system as claimed in claim 9, which is characterized in that the determination unit is also used to:
Determine that the first system receives the 3rd BFD control message from the second system within the time cycle and do not have
Have and carries second auth type;
The determination unit includes:
First determination unit, for determine the key identification in the 3rd BFD control message whether with the first system
Cipher key match in the key set of preservation;
Second determination unit, if determining the key in the key identification and the key set for first determination unit
Matching, then determine identifying algorithm based on second auth type;
Third determination unit, for determine the authentication material generated based on the matched key and the identifying algorithm whether with
The authentication material that the 3rd BFD control message carries is consistent;
4th determination unit, if determining the authentication material and the 3rd BFD of the generation for the third determination unit
It controls the authentication material that message carries to mismatch, it is determined that without carrying second certification in the 3rd BFD control message
Type.
11. the first system as claimed in claim 10, which is characterized in that second determination unit is also used to:
If the cipher key match in the key identification and the key set, and the certification that the 3rd BFD control message carries
Type is consistent with second auth type, then determines the identifying algorithm based on second auth type.
12. the first system as claimed in claim 8, which is characterized in that the first system further include:
Delete unit, if for the first system determine the first system since adding second auth type when
Between the BFD control message for carrying second auth type is received in the period, then delete the first system save it is described
First auth type in the session parameter of BFD session.
13. the first system as described in claim any one of 8-12, which is characterized in that the transmission unit is also used to:
The adding unit adds the second auth type in the session parameter for the BFD session that the first system saves
Afterwards, configuration-direct is sent to third system, the third system is the standby system of the first system, and the configuration-direct is used
Second auth type, the third system are added in the session parameter of the BFD session saved to the third system
System maintains the BFD session for breaking down when the first system, instead of the first system.
14. the first system as claimed in claim 12, which is characterized in that the transmission unit is also used to:
The first certification class in the session parameter for the BFD session that the first system described in the deletion element deletion saves
It after type, is sent to third system and deletes instruction, the third system is the standby system of the first system, the deletion instruction
First auth type in session parameter for deleting the BFD session saved in the third system.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610178159.1A CN105847056B (en) | 2016-03-25 | 2016-03-25 | The transmission method and system of two-way converting detection control message |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610178159.1A CN105847056B (en) | 2016-03-25 | 2016-03-25 | The transmission method and system of two-way converting detection control message |
Publications (2)
Publication Number | Publication Date |
---|---|
CN105847056A CN105847056A (en) | 2016-08-10 |
CN105847056B true CN105847056B (en) | 2019-08-06 |
Family
ID=56583588
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201610178159.1A Active CN105847056B (en) | 2016-03-25 | 2016-03-25 | The transmission method and system of two-way converting detection control message |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN105847056B (en) |
Families Citing this family (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109039746B (en) * | 2018-08-07 | 2022-02-25 | 新华三技术有限公司 | Method for detecting bidirectional forwarding path and detecting session state and processor |
CN109039822B (en) * | 2018-08-23 | 2020-09-01 | 烽火通信科技股份有限公司 | BFD protocol message filtering method and system |
CN109743746A (en) * | 2018-12-07 | 2019-05-10 | 盛科网络(苏州)有限公司 | A kind of two-way converting detection BFD parameter consultation method, device and chip |
CN113875197B (en) * | 2019-05-30 | 2023-06-06 | 中兴通讯股份有限公司 | Bidirectional forwarding detection authentication |
Family Cites Families (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR101188942B1 (en) * | 2003-07-29 | 2012-10-08 | 톰슨 라이센싱 | Key synchronization mechanism for wireless lanwlan |
CN1878058B (en) * | 2006-07-12 | 2010-05-26 | 中国移动通信集团公司 | Subscriber terminal cipher key update method used in broadcast service |
US20110302410A1 (en) * | 2010-06-07 | 2011-12-08 | Christopher Clarke | Secure document delivery |
US9537846B2 (en) * | 2014-04-15 | 2017-01-03 | Ciena Corporation | Integrity check optimization systems and methods in live connectivity frames |
-
2016
- 2016-03-25 CN CN201610178159.1A patent/CN105847056B/en active Active
Also Published As
Publication number | Publication date |
---|---|
CN105847056A (en) | 2016-08-10 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN110771118B (en) | Seamless mobility and session continuity with TCP mobility options | |
CN105847056B (en) | The transmission method and system of two-way converting detection control message | |
RU2556457C2 (en) | Communication system, node, control device, communication method and program | |
US9210135B2 (en) | Resynchronization of passive monitoring of a flow based on hole detection | |
US9900291B2 (en) | Methods and apparatus for synchronizing decryption state with remote encryption state | |
CN106656834B (en) | The parallel normalized device and method of Intermediate System-Intermediate System isomery function equivalence body | |
KR20150051107A (en) | Method for fast flow path setup and failure recovery | |
JP6230322B2 (en) | Communication apparatus, key sharing method, program, and communication system | |
US20140043960A1 (en) | Method, tor switch, and system for implementing protection switchover based on trill network | |
CN103227777B (en) | A kind of dpd of preventing detects the method unsuccessfully causing ipsec tunnel to shake | |
JP2010166486A (en) | Protection control measuring system and device and data transfer method | |
JP2014504048A (en) | COMMUNICATION SYSTEM, TRANSFER NODE, CONTROL DEVICE, COMMUNICATION CONTROL METHOD, AND PROGRAM | |
WO2019137554A1 (en) | Method and device for ensuring operation security of ring network protocol | |
WO2014117737A1 (en) | Oam packet processing method, device and system | |
CN106487746A (en) | A kind of method and device of BMP message authentication | |
CN104283780A (en) | Method and device for establishing data transmission route | |
CN107070573A (en) | Monitor the clock synchronous regime in the network based on Ethernet | |
CN107104919A (en) | The processing method of firewall box, SCTP SCTP packet | |
CN103199990A (en) | Method and device for routing protocol authentication transfer | |
WO2014142095A1 (en) | Control device, communication system, synchronization method and program | |
CN101945083B (en) | Authentication method and counterfeit judgment method for virtual router redundancy protocol | |
CN106100929B (en) | The method and apparatus of two-way converting detection certification handoff-security | |
CN102164042A (en) | Connectivity fault alarming method and device | |
Vinayak et al. | Analytical modeling of transmission control protocol newreno using generalized stochastic petri nets | |
WO2017126063A1 (en) | Control apparatus, control program, and device control system |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |