CN114520800B - Method and device for updating MAC address table - Google Patents
Method and device for updating MAC address table Download PDFInfo
- Publication number
- CN114520800B CN114520800B CN202210015962.9A CN202210015962A CN114520800B CN 114520800 B CN114520800 B CN 114520800B CN 202210015962 A CN202210015962 A CN 202210015962A CN 114520800 B CN114520800 B CN 114520800B
- Authority
- CN
- China
- Prior art keywords
- mac address
- table entry
- type
- gateway
- source mac
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 36
- 230000003068 static effect Effects 0.000 claims abstract description 53
- 238000004891 communication Methods 0.000 claims description 18
- 238000004590 computer program Methods 0.000 claims description 10
- 238000010586 diagram Methods 0.000 description 10
- 238000012986 modification Methods 0.000 description 5
- 230000004048 modification Effects 0.000 description 5
- 230000006870 function Effects 0.000 description 4
- 238000005516 engineering process Methods 0.000 description 2
- 230000000977 initiatory effect Effects 0.000 description 2
- 230000002159 abnormal effect Effects 0.000 description 1
- 230000004075 alteration Effects 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 238000005538 encapsulation Methods 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/46—Interconnection of networks
- H04L12/4633—Interconnection of networks using encapsulation techniques, e.g. tunneling
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/46—Interconnection of networks
- H04L12/4641—Virtual LANs, VLANs, e.g. virtual private networks [VPN]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
- H04L45/74—Address processing for routing
- H04L45/745—Address table lookup; Address filtering
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements, protocols or services for addressing or naming
- H04L61/09—Mapping addresses
- H04L61/25—Mapping addresses of the same type
- H04L61/2503—Translation of Internet protocol [IP] addresses
- H04L61/2592—Translation of Internet protocol [IP] addresses using tunnelling or encapsulation
Abstract
The invention discloses a method and a device for updating a MAC address table, wherein the method comprises the following steps: after receiving a message sent by a host in downlink, acquiring a first source MAC address of the message; searching a first table entry comprising the first source MAC address in an MAC address table, wherein the type of the MAC address of at least one gateway in the MAC address table is set as a static MAC address; if the first table entry is found in the MAC address table, determining whether the type of the first source MAC address in the first table entry is a static MAC address; if the type of the first source MAC address in the first table entry is determined to be a static MAC address, the first table entry is not updated. The scheme can ensure that the connected host can access the gateway correctly.
Description
Technical Field
The present invention relates to the field of communications technologies, and in particular, to a method and an apparatus for updating a MAC address table.
Background
A virtual extensible local area network (Virtual eXtensible Local Area Network, VXLAN) is an overlay (overlay) network technology built on top of an internet protocol (Internet Protocol, IP) network, which uses a method of media access control (MEDIA ACCESS control, MAC) in the (in) user datagram protocol (User Datagram Protocol, UDP), i.e. encapsulating ordinary ethernet packets in UDP packets, which are transmitted as UDP data.
The virtual extensible local area network tunnel terminal (VXLAN Tunnel End Point, VTEP) is an edge device of the VXLAN, connected to the physical network, and allocated with an internet protocol (Internet Protocol, IP) address of the physical network, where the address is used for encapsulation and decapsulation of VXLAN packets, and VXLAN tunnels are established between the vteps on the IP network, and these VXLAN tunnels implement a transmission service of VXLAN packets traversing the IP network. The VTEPs can adopt a centralized deployment architecture, namely, the VTEPs in the Overlay network are divided into two layers: VXLAN bridges and VXLAN gateways.
As shown in fig. 1, which is a schematic diagram of a centralized deployment architecture of VXLAN, the VXLAN bridge is a VTEP to which the host directly accesses, and VXLAN network identifiers (VXLAN Network Identifier, vnis) are configured on the VXLAN bridge, and the VXLAN bridge can only perform two-layer forwarding of VXLAN messages, that is, perform two-layer forwarding of VXLAN messages in the same VNI based on a MAC address table. The VXLAN gateway is not directly connected with the host, the VXLAN gateway and all VXLAN bridges are interconnected and a VXLAN tunnel is established, the message from the host needs to be encapsulated into a VXLAN message through the VXLAN bridge, and the VXLAN message arrives at the VXLAN gateway after being forwarded through the VXLAN tunnel, and the VXLAN gateway can perform three-layer forwarding of the VXLAN message, namely, three-layer forwarding of the VXLAN message across vnis based on the VXLAN routing table and an address resolution protocol (Address Resolution Protocol, ARP) adjacency table.
The ethernet virtual private network (Ethernet Virtual Private Network, EVPN) uses the border gateway protocol (Border Gateway Protocol, BGP) as an upper layer control protocol, making the topology of the virtual private network (Virtual Private Network, VPN) more flexible. In VXLAN, the VTEP directly uses the EVPN protocol to establish and maintain a VXLAN tunnel, and learns the Media Access Control (MAC) Address of the VXLAN tunnel peer device.
Under normal conditions, the VXLAN bridge learns the MAC address of the VXLAN gateway, and creates an entry of the MAC address of the VXLAN gateway in the MAC address table. Messages from the host to access the VXLAN gateway are forwarded to the VXLAN gateway based on the established entries. Under abnormal conditions, for example, a host initiates a network attack, and a message is sent to a VXLAN bridge by using the MAC address of the VXLAN gateway, at this time, the VXLAN bridge relearns an entry based on the MAC address, where the entry points to the host initiating the network attack, and after receiving the message for accessing the VXLAN gateway, the message is forwarded to the host initiating the network attack based on the entry, and is not sent to the VXLAN gateway, so that other hosts cannot normally access the VXLAN gateway.
In VXLAN, as long as there is a network selected from the bridge and the gateway, and an EVPN is established between the bridge and the gateway, the host cannot normally access the gateway.
Disclosure of Invention
The embodiment of the invention provides a method and a device for updating an MAC address table, which are used for solving the problem that other hosts cannot normally access a gateway in the prior art.
According to an embodiment of the present invention, there is provided a method for updating a MAC address table, applied to each bridge included in a selected network, where the selected network further includes at least one gateway connected to each bridge, and an ethernet virtual private network EVPN is established between each gateway and each bridge, where the method includes:
After receiving a message sent by a host in downlink, acquiring a first source MAC address of the message;
Searching a first table entry comprising the first source MAC address in an MAC address table, wherein the type of the MAC address of at least one gateway in the MAC address table is set as a static MAC address;
If the first table entry is found in the MAC address table, determining whether the type of the first source MAC address in the first table entry is a static MAC address;
if the type of the first source MAC address in the first table entry is determined to be a static MAC address, the first table entry is not updated.
Optionally, the method further comprises:
After receiving the EVPN 2 type route sent by the at least one gateway, acquiring a second source MAC address carried by the EVPN 2 type route;
determining whether a setting field of the EVPN 2 type route carries a setting identifier;
If the setting field is determined to carry the setting identifier, a second table entry corresponding to the second source MAC address is established in the MAC address table;
setting the type of the second source MAC address in the second table entry as a static MAC address.
Optionally, the method further comprises:
If the first table entry is not found in the MAC address table, the first table entry is built in the MAC address table based on the first source MAC address.
Optionally, the method further comprises:
and if the type of the first source MAC address in the first table entry is determined not to be a static MAC address, updating the first table entry based on the first source MAC address.
According to an embodiment of the present invention, there is also provided an apparatus for updating a MAC address table, which is applied to each bridge included in a selected network, where the selected network further includes at least one gateway connected to each bridge, and an ethernet virtual private network EVPN is established between each gateway and each bridge, where the apparatus includes:
The first acquisition module is used for acquiring a first source MAC address of a message after receiving the message sent by the downlink host;
the searching module is used for searching a first table entry comprising the first source MAC address in the MAC address table, and the type of the MAC address of the at least one gateway in the MAC address table is set as a static MAC address;
The first determining module is configured to determine whether the type of the first source MAC address in the first table entry is a static MAC address if the first table entry is found in the MAC address table;
And the processing module is used for not updating the first table entry if the type of the first source MAC address in the first table entry is determined to be a static MAC address.
Optionally, the method further comprises:
The second acquisition module is used for acquiring a second source MAC address carried by the EVPN 2 type route after receiving the EVPN 2 type route sent by the at least one gateway;
a second determining module, configured to determine whether a setting field of the EVPN 2 class route carries a setting identifier;
The first establishing module is used for establishing a second table entry corresponding to the second source MAC address in the MAC address table if the setting field is determined to carry the setting identifier;
and the setting module is used for setting the type of the second source MAC address in the second table entry as a static MAC address.
Optionally, the method further comprises:
And the second establishing module is used for establishing the first table item in the MAC address table based on the first source MAC address if the first table item is not found in the MAC address table.
Optionally, the method further comprises:
And the updating module is used for updating the first table item based on the first source MAC address if the type of the MAC address is not a static MAC address.
According to an embodiment of the present invention, there is further provided an electronic device including a processor, a communication interface, a memory, and a communication bus, where the processor, the communication interface, and the memory complete communication with each other through the communication bus;
a memory for storing a computer program;
and the processor is used for realizing the steps of the method when executing the program stored in the memory.
According to an embodiment of the present invention, there is also provided a computer-readable storage medium having stored therein a computer program which, when executed by a processor, implements the above-mentioned method steps.
The invention has the following beneficial effects:
The embodiment of the invention provides a method and a device for updating an MAC address table, which are used for acquiring a first source MAC address of a message after receiving the message sent by a host; searching a first table entry comprising the first source MAC address in an MAC address table, wherein the type of the MAC address of at least one gateway in the MAC address table is set as a static MAC address; if the first table entry is found in the MAC address table, determining whether the type of the first source MAC address in the first table entry is a static MAC address; if the type of the first source MAC address in the first table entry is determined to be a static MAC address, the first table entry is not updated. In the scheme, the type of the MAC address of at least one gateway in the MAC address table of the network bridge is set to be a static MAC address, after receiving a message sent by a downlink host, if a first table entry comprising a first source MAC address of the message is found in the MAC address table, if the type of the first source MAC address in the first table entry is determined to be the static MAC address, the first table entry is not updated, that is, the table entry established based on the MAC address of the gateway in the MAC address table is not updated based on the message sent by the downlink host, and even if the downlink host impersonates the gateway to initiate network attack, the table entry established based on the MAC address of the gateway in the MAC address table is not changed, so that the message sent by the downlink host to the gateway can be ensured to be forwarded correctly, that is, the downlink host can be ensured to access the gateway correctly.
Drawings
FIG. 1 is a schematic diagram of a prior art centralized deployment architecture;
FIG. 2 is a flowchart of a method for updating a MAC address table according to an embodiment of the present invention;
fig. 3 is a schematic structural diagram of an apparatus for updating a MAC address table according to an embodiment of the present invention;
fig. 4 is a schematic structural diagram of an electronic device according to the present application.
Detailed Description
In order to solve the problem in the prior art that other hosts cannot normally access a gateway, an embodiment of the present invention provides a method for updating a MAC address table, where a selected network includes each bridge, the selected network further includes at least one gateway connected to each bridge, and an EVPN is established between each bridge and at least one gateway, where the selected network may be, but is not limited to, VXLAN, and the flow of the method is shown in fig. 2, and the steps are performed as follows:
S21: and after receiving the message sent by the downlink host, acquiring a first source MAC address of the message.
A plurality of hosts are usually accessed under the bridge, the hosts communicate with the bridge through sending messages, and after the bridge receives the messages, the bridge firstly obtains the source MAC address of the messages, where the source MAC address may be defined as a first source MAC address, and the first source MAC address is the MAC address of the sending message.
S22: a first entry including a first source MAC address is looked up in a MAC address table.
Wherein the type of the MAC address of at least one gateway in the MAC address table is set as a static MAC address.
Generally, after receiving a message, the bridge learns the MAC address, and specifically, may search a table entry including the first source MAC address in the MAC address table, where the table entry may be defined as a first table entry.
S23: if the first table entry is found in the MAC address table, determining whether the type of the first source MAC address in the first table entry is a static MAC address.
If the first entry is found in the MAC address table, it is further determined whether the type of the first source MAC address in the first entry is a static MAC address.
If the first entry is not found in the MAC address table, indicating that the entry of the first source MAC address has not been learned before, the first entry may be directly established in the MAC address table based on the first source MAC address.
S24: if the type of the first source MAC address in the first table entry is determined to be a static MAC address, the first table entry is not updated.
If the type of the first source MAC address in the first table entry is determined to be a static MAC address, since the type of the MAC address of at least one gateway in the MAC address table is set to be a static MAC address, the type of the MAC address may be divided into a static MAC address and a dynamic MAC address, and the priority of the static MAC address is higher than that of the dynamic MAC address, so that the first table entry may not be updated.
If the type of the first source MAC address in the first table entry is determined not to be the static MAC address, the table entry corresponding to the first source MAC address can be learned, so that the first table entry can be updated based on the first source MAC address.
In the scheme, the type of the MAC address of at least one gateway in the MAC address table of the network bridge is set to be a static MAC address, after receiving a message sent by a downlink host, if a first table entry comprising a first source MAC address of the message is found in the MAC address table, if the type of the first source MAC address in the first table entry is determined to be the static MAC address, the first table entry is not updated, that is, the table entry established based on the MAC address of the gateway in the MAC address table is not updated based on the message sent by the downlink host, and even if the downlink host impersonates the gateway to initiate network attack, the table entry established based on the MAC address of the gateway in the MAC address table is not changed, so that the message sent by the downlink host to the gateway can be ensured to be forwarded correctly, that is, the downlink host can be ensured to access the gateway correctly.
Optionally, the method further comprises:
After receiving the EVPN 2 type route sent by at least one gateway, acquiring a second source MAC address carried by the EVPN 2 type route;
Determining whether a setting field of the EVPN 2 type route carries a setting identifier;
If the setting field is determined to carry the setting identifier, a second table entry corresponding to a second source MAC address is established in the MAC address table;
the type of the second source MAC address in the second entry is set to a static MAC address.
The EVPN 2 type route is used for synchronously learning entries of the MAC address table between VTEPs, if the network bridge receives the EVPN 2 type route sent by at least one gateway, the network bridge may first obtain a source MAC address carried by the EVPN 2 type route (the source MAC address may be defined as a second source MAC address), further determine whether a setting field of the EVPN 2 type route carries a setting identifier, if it is determined that the setting field carries the setting identifier, establish an entry (may be defined as a second entry) corresponding to the second source MAC address in the MAC address table, and further set a type of the second source MAC address in the second entry as a static MAC address.
Wherein the setting field may be, but is not limited to, an extended community attribute, and the setting flag may be, but is not limited to, default Gateway Extended Community and/or MAC Mobility Extended Community with Sticky/static flag set.
Based on the same inventive concept, an embodiment of the present invention provides an updating device of a MAC address table, which is applied to each bridge included in a selected network, where the selected network further includes at least one gateway connected to each bridge, and an ethernet virtual private network EVPN is established between each bridge and at least one gateway, where the structure of the device is as shown in fig. 3, and the device includes:
a first obtaining module 31, configured to obtain a first source MAC address of a message after receiving a message sent by a host in a downlink manner;
A lookup module 32, configured to lookup a first table entry including a first source MAC address in a MAC address table, where a type of a MAC address of at least one gateway in the MAC address table is set to be a static MAC address;
A first determining module 33, configured to determine whether the type of the first source MAC address in the first table entry is a static MAC address if the first table entry is found in the MAC address table;
the processing module 34 is configured to not update the first entry if it is determined that the type of the first source MAC address in the first entry is a static MAC address.
In the scheme, the type of the MAC address of at least one gateway in the MAC address table of the network bridge is set to be a static MAC address, after receiving a message sent by a downlink host, if a first table entry comprising a first source MAC address of the message is found in the MAC address table, if the type of the first source MAC address in the first table entry is determined to be the static MAC address, the first table entry is not updated, that is, the table entry established based on the MAC address of the gateway in the MAC address table is not updated based on the message sent by the downlink host, and even if the downlink host impersonates the gateway to initiate network attack, the table entry established based on the MAC address of the gateway in the MAC address table is not changed, so that the message sent by the downlink host to the gateway can be ensured to be forwarded correctly, that is, the downlink host can be ensured to access the gateway correctly.
Optionally, the method further comprises:
The second acquisition module is used for acquiring a second source MAC address carried by the EVPN 2 type route after receiving the EVPN 2 type route sent by the at least one gateway;
The second determining module is used for determining whether the setting field of the EVPN 2 type route carries a setting identifier;
The first establishing module is used for establishing a second table entry corresponding to the second source MAC address in the MAC address table if the setting field is determined to carry the setting identifier;
and the setting module is used for setting the type of the second source MAC address in the second table entry as a static MAC address.
Optionally, the method further comprises:
and the second establishing module is used for establishing the first table item in the MAC address table based on the first source MAC address if the first table item is not found in the MAC address table.
Optionally, the method further comprises:
And the updating module is used for updating the first table item based on the first source MAC address if the type of the MAC address is not a static MAC address.
The embodiment of the present application further provides an electronic device, please refer to fig. 4, which includes a processor 410, a communication interface 420, a memory 430 and a communication bus 440, wherein the processor 410, the communication interface 420 and the memory 430 complete communication with each other through the communication bus 440.
A memory 430 for storing a computer program;
The processor 410 is configured to implement the method for updating the MAC address table according to any one of the above embodiments when executing the program stored in the memory 430.
The communication interface 420 is used for communication between the electronic device and other devices.
The memory may include random access memory (Random Access Memory, RAM) or may include non-volatile memory (NVM), such as at least one disk memory. Optionally, the memory may also be at least one memory device located remotely from the aforementioned processor.
The processor may be a general-purpose processor, including a central processing unit (Central Processing Unit, CPU), a network processor (Network Processor, NP), etc.; but may also be a digital signal processor (DIGITAL SIGNAL Processing, DSP), application SPECIFIC INTEGRATED Circuit (ASIC), field-Programmable gate array (Field-Programmable GATE ARRAY, FPGA) or other Programmable logic device, discrete gate or transistor logic device, discrete hardware components.
In the scheme, the type of the MAC address of at least one gateway in the MAC address table of the network bridge is set to be a static MAC address, after receiving a message sent by a downlink host, if a first table entry comprising a first source MAC address of the message is found in the MAC address table, if the type of the first source MAC address in the first table entry is determined to be the static MAC address, the first table entry is not updated, that is, the table entry established based on the MAC address of the gateway in the MAC address table is not updated based on the message sent by the downlink host, and even if the downlink host impersonates the gateway to initiate network attack, the table entry established based on the MAC address of the gateway in the MAC address table is not changed, so that the message sent by the downlink host to the gateway can be ensured to be forwarded correctly, that is, the downlink host can be ensured to access the gateway correctly.
Accordingly, an embodiment of the present application further provides a computer readable storage medium, where instructions are stored, when the computer readable storage medium runs on a computer, to cause the computer to execute the method for updating the MAC address table according to any one of the foregoing embodiments.
In the scheme, the type of the MAC address of at least one gateway in the MAC address table of the network bridge is set to be a static MAC address, after receiving a message sent by a downlink host, if a first table entry comprising a first source MAC address of the message is found in the MAC address table, if the type of the first source MAC address in the first table entry is determined to be the static MAC address, the first table entry is not updated, that is, the table entry established based on the MAC address of the gateway in the MAC address table is not updated based on the message sent by the downlink host, and even if the downlink host impersonates the gateway to initiate network attack, the table entry established based on the MAC address of the gateway in the MAC address table is not changed, so that the message sent by the downlink host to the gateway can be ensured to be forwarded correctly, that is, the downlink host can be ensured to access the gateway correctly.
The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flowchart illustrations and/or block diagrams, and combinations of flows and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
While alternative embodiments of the present invention have been described, additional variations and modifications in those embodiments may occur to those skilled in the art once they learn of the basic inventive concepts. It is therefore intended that the following appended claims be interpreted as including alternative embodiments and all such alterations and modifications as fall within the scope of the invention.
It will be apparent to those skilled in the art that various modifications and variations can be made to the embodiments of the present invention without departing from the spirit or scope of the embodiments of the invention. Thus, if such modifications and variations of the embodiments of the present invention fall within the scope of the claims and the equivalents thereof, the present invention is also intended to include such modifications and variations.
Claims (10)
1. A method for updating a media access control MAC address table, applied to each bridge included in a selected network, the selected network further including at least one gateway connected to each bridge, the at least one gateway establishing an ethernet virtual private network EVPN between each gateway and each bridge, the method comprising:
After receiving a message sent by a host in downlink, acquiring a first source MAC address of the message;
Searching a first table entry comprising the first source MAC address in an MAC address table, wherein the type of the MAC address of at least one gateway in the MAC address table is set as a static MAC address;
If the first table entry is found in the MAC address table, determining whether the type of the first source MAC address in the first table entry is a static MAC address;
if the type of the first source MAC address in the first table entry is determined to be a static MAC address, the first table entry is not updated.
2. The method as recited in claim 1, further comprising:
After receiving the EVPN 2 type route sent by the at least one gateway, acquiring a second source MAC address carried by the EVPN 2 type route;
determining whether a setting field of the EVPN 2 type route carries a setting identifier;
If the setting field is determined to carry the setting identifier, a second table entry corresponding to the second source MAC address is established in the MAC address table;
setting the type of the second source MAC address in the second table entry as a static MAC address.
3. The method as recited in claim 1, further comprising:
If the first table entry is not found in the MAC address table, the first table entry is built in the MAC address table based on the first source MAC address.
4. A method according to any one of claims 1-3, further comprising:
and if the type of the first source MAC address in the first table entry is determined not to be a static MAC address, updating the first table entry based on the first source MAC address.
5. An updating device of a MAC address table, applied to each bridge included in a selected network, the selected network further includes at least one gateway connected to each bridge, and an ethernet virtual private network EVPN is established between the at least one gateway and each bridge, where the device includes:
The first acquisition module is used for acquiring a first source MAC address of a message after receiving the message sent by the downlink host;
the searching module is used for searching a first table entry comprising the first source MAC address in the MAC address table, and the type of the MAC address of the at least one gateway in the MAC address table is set as a static MAC address;
The first determining module is configured to determine whether the type of the first source MAC address in the first table entry is a static MAC address if the first table entry is found in the MAC address table;
And the processing module is used for not updating the first table entry if the type of the first source MAC address in the first table entry is determined to be a static MAC address.
6. The apparatus as recited in claim 5, further comprising:
The second acquisition module is used for acquiring a second source MAC address carried by the EVPN 2 type route after receiving the EVPN 2 type route sent by the at least one gateway;
a second determining module, configured to determine whether a setting field of the EVPN 2 class route carries a setting identifier;
The first establishing module is used for establishing a second table entry corresponding to the second source MAC address in the MAC address table if the setting field is determined to carry the setting identifier;
and the setting module is used for setting the type of the second source MAC address in the second table entry as a static MAC address.
7. The apparatus as recited in claim 5, further comprising:
And the second establishing module is used for establishing the first table item in the MAC address table based on the first source MAC address if the first table item is not found in the MAC address table.
8. The apparatus of any one of claims 5-7, further comprising:
And the updating module is used for updating the first table item based on the first source MAC address if the type of the MAC address is not a static MAC address.
9. An electronic device, characterized in that the electronic device comprises a processor, a communication interface, a memory and a communication bus, wherein the processor, the communication interface and the memory are in communication with each other through the communication bus;
a memory for storing a computer program;
a processor for implementing the method steps of any of claims 1-4 when executing a program stored on a memory.
10. A computer-readable storage medium, characterized in that the computer-readable storage medium has stored therein a computer program which, when executed by a processor, implements the method steps of any of claims 1-4.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210015962.9A CN114520800B (en) | 2022-01-07 | 2022-01-07 | Method and device for updating MAC address table |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210015962.9A CN114520800B (en) | 2022-01-07 | 2022-01-07 | Method and device for updating MAC address table |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN114520800A CN114520800A (en) | 2022-05-20 |
| CN114520800B true CN114520800B (en) | 2024-04-16 |
Family
ID=81595877
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210015962.9A Active CN114520800B (en) | 2022-01-07 | 2022-01-07 | Method and device for updating MAC address table |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114520800B (en) |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101834870A (en) * | 2010-05-13 | 2010-09-15 | 中兴通讯股份有限公司 | Method and device for preventing deceptive attack of MAC (Medium Access Control) address |
| CN103581022A (en) * | 2013-10-23 | 2014-02-12 | 福建星网锐捷网络有限公司 | MAC address finding and transmitting method and device |
| CN104954218A (en) * | 2014-03-24 | 2015-09-30 | 杭州华三通信技术有限公司 | Distributed virtual switching device and forwarding method |
| JP2018137605A (en) * | 2017-02-22 | 2018-08-30 | 日本電信電話株式会社 | Network system and packet forwarding method |
| CN111934969A (en) * | 2020-07-28 | 2020-11-13 | 锐捷网络股份有限公司 | Maintenance method and device of MAC forwarding table |
| CN113037883A (en) * | 2021-02-23 | 2021-06-25 | 中国联合网络通信集团有限公司 | Method and device for updating MAC address table entries |
| CN113472912A (en) * | 2021-06-10 | 2021-10-01 | 中国联合网络通信集团有限公司 | ARP cache table item updating method, VTEP, VM and device |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US9900250B2 (en) * | 2015-03-26 | 2018-02-20 | Cisco Technology, Inc. | Scalable handling of BGP route information in VXLAN with EVPN control plane |
-
2022
- 2022-01-07 CN CN202210015962.9A patent/CN114520800B/en active Active
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101834870A (en) * | 2010-05-13 | 2010-09-15 | 中兴通讯股份有限公司 | Method and device for preventing deceptive attack of MAC (Medium Access Control) address |
| CN103581022A (en) * | 2013-10-23 | 2014-02-12 | 福建星网锐捷网络有限公司 | MAC address finding and transmitting method and device |
| CN104954218A (en) * | 2014-03-24 | 2015-09-30 | 杭州华三通信技术有限公司 | Distributed virtual switching device and forwarding method |
| JP2018137605A (en) * | 2017-02-22 | 2018-08-30 | 日本電信電話株式会社 | Network system and packet forwarding method |
| CN111934969A (en) * | 2020-07-28 | 2020-11-13 | 锐捷网络股份有限公司 | Maintenance method and device of MAC forwarding table |
| CN113037883A (en) * | 2021-02-23 | 2021-06-25 | 中国联合网络通信集团有限公司 | Method and device for updating MAC address table entries |
| CN113472912A (en) * | 2021-06-10 | 2021-10-01 | 中国联合网络通信集团有限公司 | ARP cache table item updating method, VTEP, VM and device |
Non-Patent Citations (2)
| Title |
|---|
| KalmanTune: A Kalman Filter Based Tuning Method to Make Boosted Ensembles Robust to Class-Label Noise;Arjun Pakrashi;Brian Mac Namee;《IEEE Access》;20200803;第8卷;全文 * |
| 局域网网络安全防护问题及策略;张靓晶;盘采华;《网络安全和信息化 》;20211205;全文 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN114520800A (en) | 2022-05-20 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111742525B (en) | Multi-cloud VPC routing and registration | |
| EP3122004B1 (en) | Traffic switching method, device, and system | |
| CN109257265B (en) | Flooding suppression method, VXLAN bridge, gateway and system | |
| US9621373B2 (en) | Proxy address resolution protocol on a controller device | |
| US10263808B2 (en) | Deployment of virtual extensible local area network | |
| CN111130981B (en) | Proxy response method and device for MAC address | |
| WO2016192686A1 (en) | Data packet forwarding | |
| US10693833B2 (en) | Address resolution suppression in a logical network | |
| US10574570B2 (en) | Communication processing method and apparatus | |
| CN110460684B (en) | Broadcast domain isolation method and device for VXLAN (virtual extensible local area network) in same network segment | |
| CN108900414B (en) | Forwarding table generation method and device | |
| CN105591907B (en) | A kind of route obtaining method and device | |
| WO2022001669A1 (en) | Method for establishing vxlan tunnel, and related device | |
| US9531564B2 (en) | Single hop overlay architecture for line rate performance in campus networks | |
| CN114465776B (en) | Flood attack defense method and related device | |
| US20190215191A1 (en) | Deployment Of Virtual Extensible Local Area Network | |
| CN116547953A (en) | Implementing inter-segment traffic policies by a network fabric control plane | |
| CN106911547B (en) | Message forwarding method and device | |
| CN110752989A (en) | Method and device for forwarding east-west traffic | |
| CN114520800B (en) | Method and device for updating MAC address table | |
| CN108282404B (en) | Route generation method, device and system | |
| WO2023273957A1 (en) | Computing power release method and apparatus, and computing power update method and apparatus | |
| CN112511401B (en) | Network connection method, device, equipment and medium | |
| WO2022228090A1 (en) | Path learning method and device, service node, and storage medium | |
| CN116547955A (en) | Method and apparatus for propagating network state updates using directional tracking |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |