CN101026578A - Method for rapid response to ICMP echo request message - Google Patents
Method for rapid response to ICMP echo request message Download PDFInfo
- Publication number
- CN101026578A CN101026578A CNA2007100631545A CN200710063154A CN101026578A CN 101026578 A CN101026578 A CN 101026578A CN A2007100631545 A CNA2007100631545 A CN A2007100631545A CN 200710063154 A CN200710063154 A CN 200710063154A CN 101026578 A CN101026578 A CN 101026578A
- Authority
- CN
- China
- Prior art keywords
- icmp
- echo request
- message
- request message
- head
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
Characters of the method include steps: (1) receiving ICMP loop back request message (LBRM); carrying sorting slices of LBRM; (2) based on different slice type to process ICMP LBRM respectively in order to obtain relevant out interface information and packaging information; (3) based on the out interface information and packaging information to package and send out ICMP LBRM. The invention responses ICMP LBRM not needed to be sliced directly, as well as processes, packages and sends each slice so as to reach purpose of saving CPU resources and quick response. The invention carries out distributed type response directly for ICMP LBRM by line card on network device to treat line card received ICMP LBRM.
Description
Technical field
The present invention relates to network safety filed, particularly relate to a kind of quick response IC MP echo request method of message.
Background technology
ICMP (Internet Control Message Protocol) is the Internet Internet Control Message Protocol, and it transmits query message and error message at transmit leg and recipient.Request for Comment (Request For Comment, RFC) 792, one of promptly a series of numbered internet information documents and standard, specified in more detail the ICMP agreement.
The design of ICMP agreement is mainly based on following 2 points:
1),, gives the transmit leg reporting errors in the transmission course of Internet if data message is made mistakes;
2), recipient and transmit leg carry out communication by sending the ICMP query message, and like this, one can be detecting the opposing party's accessibility, and obtain necessary information from the opposing party.
Based on above 2 points, icmp packet substantially can be divided into two types, i.e. ICMP query message and ICMP error message, and wherein, the ICMP query message is with a pair of request and replys the message of definition.In actual applications, router need be known the network reachability of another machine in the network, at this moment can send ICMP echo request message by the ping order and come acquired information, and the opposing party receives that the back responds ICMP return response message.
If the ICMP echo request message that transmit leg is initiated is big bag, the big bag here is meant needs the ICMP of burst echo request message (being usually used in the big packet attack of applied in network performance test or network), conventional response method is to preserve the burst of receiving with certain buffer memory, wait until that within a certain period of time all bursts arrive this network equipment, the complete back of recombinating sends back message using.Maximum at present ping packet length is 65500, and the way of this routine needs a large amount of buffer memorys, and consumes cpu resource, and CPU is under attack easily.
Summary of the invention
Technical problem to be solved by this invention is to provide a kind of quick response IC MP echo request method of message, is used to improve the response speed to ICMP echo request message.
To achieve these goals, the invention provides a kind of quick response IC MP echo request method of message, be used for the network equipment, it is characterized in that, comprising:
Step 2 is handled respectively described ICMP echo request message according to different burst types, to obtain corresponding outgoing interface information and packaging information; And
Described quick response IC MP echo request method of message wherein, in the described step 1, is carried out the burst classification according to the offset field of IP head to described ICMP echo request message.
Described quick response IC MP echo request method of message, wherein, in the described step 1, described burst type comprises monolithic, a sheet, intermediate and cauda.
Described quick response IC MP echo request method of message, wherein, in the described step 2, when the burst type of described ICMP echo request message is monolithic or sheet, search outgoing interface information and the packaging information that routing table obtains described ICMP echo request message according to the source IP address of a monolithic or a sheet, and write down described source IP address, described outgoing interface information, described packaging information.
Described quick response IC MP echo request method of message wherein, in the described step 2, when the burst type of described ICMP echo request message is intermediate or cauda, is obtained the routing iinformation of a sheet by direct obtain manner.
Whether successful described quick response IC MP echo request method of message wherein, in the described step 2, also comprises: judge routing iinformation the step of obtaining a sheet by direct obtain manner, if then carry out described step 3; Otherwise, further search routing table according to the source IP address of corresponding burst, to obtain outgoing interface information, carry out described step 3 again.
Described quick response IC MP echo request method of message wherein, in the described step 3, adopts different packaged types according to the different burst types of described ICMP echo request message to described ICMP return response message.
Described quick response IC MP echo request method of message, wherein, when described ICMP echo request message was monolithic bag or sheet bag, described step 3 was specially:
Step 311 is revised the layer two MAC head, and purpose MAC and source MAC are exchanged;
Step 312 is revised the IP head, the source IP and the purpose IP of described ICMP echo request message is exchanged, and revise the life span value of described ICMP echo request message, the verification of recomputating the IP head with;
Step 313 is revised the ICMP head, the TYPE field type of ICMP head is changed into by request replys, and according to the verification of described ICMP echo request message ICMP head and directly obtain described ICMP return response message the ICMP head verification with; And
Step 314, the monolithic bag or the sheet bag that are packaged into described ICMP return response message also send.
Described quick response IC MP echo request method of message, wherein, when described ICMP echo request message was intermediate bag or cauda bag, described step 3 was specially:
Step 321 is revised the layer two MAC head, and purpose MAC and source MAC are exchanged;
Step 322 is revised the IP head, the source IP and the purpose IP of described ICMP echo request message is exchanged, and revise the life span value of described ICMP echo request message, the verification of recomputating the IP head with;
Step 323, the intermediate bag or the cauda bag that are packaged into described ICMP return response message also send.
Compared with prior art, the inventive method has following advantage:
A1), the inventive method does not need to know the length of entire I CMP bag, do not need to revise the content of ICMP echo request message load yet, can directly reply for the ICMP echo request message that does not need burst, each burst for big bag does not need to recombinate yet, but each burst is directly handled and encapsulated transmission, thereby reach the saving cpu resource, the purpose of response fast.
A2), when in distributed network equipment, using, the inventive method can directly be carried out distributed response to ICMP echo request message on the ply-yarn drill of the network equipment, do not need to carry out a series of mutual with master control borad, thereby can save network equipment bandwidth resources, the ICMP echo request message that this ply-yarn drill of fast processing is received.
Describe the present invention below in conjunction with the drawings and specific embodiments, but not as a limitation of the invention.
Description of drawings
Fig. 1 is for the schematic diagram of various burst types in the inventive method;
Fig. 2 is for the process chart of ICMP echo request message in the inventive method;
Fig. 3 is the schematic diagram that calculates ICMP verification and method in the inventive method.
Embodiment
Below in conjunction with drawings and Examples, describe the specific implementation of technical solution of the present invention in detail.
See also shown in Figure 1, be in the inventive method for the schematic diagram of various burst types, Fig. 2 is for the process chart of ICMP echo request message in the inventive method.
As shown in Figure 2, handling process comprises following three sub-handling processes in chronological order substantially again:
B1), the flow process of classifying when receiving ICMP echo request message is used to receive whether burst is classified according to wrapping behind the ICMP echo request message;
B2), obtain the flow process of encapsulation and routing iinformation, be used for obtaining outgoing interface information and packaging information according to the source IP address table of query and routing of burst; And
B3), the flow process of encapsulation ICMP return response message is used to encapsulate ICMP return response message and transmission.
Above-mentioned b1) in the flow process, after receiving the ICMP echo request message of issuing this locality, message is carried out the burst classification.
As shown in Figure 1, described the method for burst classification, its side-play amount according to the IP head (offset) field is classified.The type of burst comprises: monolithic (SINGLE FLIT), a sheet (HEAD FLIT), intermediate (MIDDLE FLIT), cauda (TAIL FLIT).
When the burst type is monolithic, DF position 1, MF position=0, offset field puts 0;
When the burst type is sheet, DF position 0, MF position=1, offset field puts 0;
When the burst type is intermediate, DF position 0, MF position=1, offset field is not 0;
When the burst type is cauda, DF position 0, MF position=0, offset field is not 0.
Wherein, DF (Don ' t Fragment) is burst bit flag field not, and MF (More Fragment) is more follow-up burst attribute field.
When the type of ICMP echo request message is respectively monolithic, a sheet, intermediate or cauda, accordingly, ICMP echo request message is called monolithic bag, a sheet bag, intermediate bag or cauda bag.Sheet bag, intermediate bag and cauda bag constitute big bag.
Above-mentioned b2) in the flow process, handles respectively, to obtain the outgoing interface information and the packaging information of packet (being ICMP echo request message) according to the difference of burst type.
ICMP return response message will arrive the requesting party, essential table of query and routing obtains requesting party's routing iinformation, these routing iinformations comprise this message finally sends message from which interface of answer party, outgoing interface information just, message with which kind of form sends out, whether need other as 802.1Q tag, MPLS label etc., the just final packaging information of message.Wherein MPLS (Multiprotocol Label Switch) is multiprotocol label switching.
As shown in Figure 2, if the ICMP echo request message of receiving is a monolithic bag or a sheet bag, then need to look into outgoing interface information and the packaging information that routing table obtains packet, and write down source IP address, outgoing interface information, packaging information etc. according to source IP address; And, then can directly obtain the routing iinformation of sheet bag to the end for follow-up intermediate bag or cauda bag, if obtain unsuccessfully, just look into routing table again one time with the source IP address of this burst.
Above-mentioned b3) in the flow process, according to b2) the information encapsulation ICMP return response message that obtains of flow process; Wherein, encapsulation process is distinguished the burst type, and the zero-copy principle is adopted in encapsulation, and adopt a kind of particular algorithm obtain the ICMP verification and.
Among Fig. 2, specifically comprise for the handling process of ICMP echo request bag:
Step 207 sends this message after encapsulation is finished.
Following Ethernet message is that example further specifies:
For a sheet and monolithic, at first revise the layer two MAC head, purpose MAC and source MAC are exchanged, next revise the IP head, the source IP and the purpose IP of packet are exchanged, and the ttl value of revising packet is designated value (being generally 255), and recomputate the IP head verification and, revise the ICMP head then, the TYPE field type of ICMP head is replied (Reply: value is 00) by asking (Request: value is 08) to be modified as, and finish according to verification and back encapsulation that the method for Fig. 3 recomputates the ICMP head, promptly according to the verification of ICMP echo request message ICMP head and directly obtain ICMP return response message the ICMP head verification and, directly be packaged into a monolithic bag or a sheet bag of ICMP return response message at last and send.TTL (Time To Live) is the time for survival.
For intermediate and cauda, therefore owing to do not comprise the ICMP head in the burst, only need revise the layer two MAC head when encapsulating and the IP head gets final product, modify steps is identical with monolithic with above-mentioned sheet.Same directly transmission after encapsulation is finished.
As shown in Figure 3, when having described encapsulation ICMP return response message ICMP verification and algorithm, it is the key point that can encapsulate response message fast.Different with conventional algorithm, recomputate after its advantage do not need to be entire I CMP message recombinated verification and, do not need to revise the content of icmp packet load yet, but according to the verification of the ICMP head of receiving ICMP echo request message and directly calculate ICMP return response message verification and.Specifically comprise:
CheckSumReply=CheckSumRequest+0x800
The aforementioned calculation formula is provable as follows:
Mention in the 4th page of verification of RFC1071 and the quick calculation method, when some fields change, can avoid recomputating whole message verification and, and proposed the old and new's verification and computing formula: if the field of some 16 bits changes in the message, and suppose that old field value is m, that new is m ', old verification and be C, new verification and be C ', so C '=C+ (m)+m '=C+ (m '-m).That is to say old verification and and new verification and between difference be steady state value.
By above-mentioned b3) encapsulation ICMP return response message flow process as can be known, ICMP return response message is compared with ICMP echo request message, from the ICMP head, the difference of message content is the icmp packet type, and the type field in the ICMP head is revised as " replying " by " request ", promptly be revised as 00 by 08, other field values are constant, can know according to above-mentioned formula, and old field value is m=0x0000 before corresponding the modification, new m '=0x0800, and C '=C+ (m)+m '=C+0x0800.Proof finishes.
Be described the present invention for example below by a practical application:
In a switch serial equipment, for response IC MP echo request message fast, used the inventive method, this switch serial equipment can be responded the big bag of 65500 bytes fast, and time delay is no more than 10 milliseconds.
Application of the present invention and collocation method are as follows:
Can dispose the quick response function of ICMP according to user's request and enable, can be the example that configuration order is used so that protocol stack switches between conventional treatment and fast processing below:
Enter configuration mode:
ZXR?10#config?terminal
Configuration ICMP response fast enables:
ZXR?10(config)#ip?icmp?fast-process
The quick response of configuration ICMP does not enable:
ZXR?10(config)#no?ip?icmp?fast-process
By way of example as can be known, the principle of the inventive method is exactly that burst for ICMP echo request message carries out distributed treatment, compares with conventional treatment, and this processing method can be saved cpu resource, reaches quick response, prevents the purpose of attacking.
The present invention proposes on the network equipment and realize a kind of quick response IC MP echo request method of message with software, compared with prior art, this method not only can improve the response speed of the ICMP echo request being protected literary composition, and do not need the burst of data cached bag, can save memory, alleviate network equipment CPU burden, prevent that CPU from being attacked.
Certainly; the present invention also can have other various embodiments; under the situation that does not deviate from spirit of the present invention and essence thereof; those of ordinary skill in the art work as can make various corresponding changes and distortion according to the present invention, but these corresponding changes and distortion all should belong to the protection range of the appended claim of the present invention.
Claims (9)
1, a kind of quick response IC MP echo request method of message is used for the network equipment, it is characterized in that, comprising:
Step 1 receives ICMP echo request message, and described ICMP echo request message is carried out the burst classification;
Step 2 is handled respectively described ICMP echo request message according to different burst types, to obtain corresponding outgoing interface information and packaging information; And
Step 3 is according to described outgoing interface information and described packaging information encapsulation ICMP return response message and transmission.
2, quick response IC MP echo request method of message according to claim 1 is characterized in that, in the described step 1, according to the offset field of IP head described ICMP echo request message is carried out the burst classification.
3, quick response IC MP echo request method of message according to claim 1 and 2 is characterized in that in the described step 1, described burst type comprises monolithic, a sheet, intermediate and cauda.
4, quick response IC MP echo request method of message according to claim 3, it is characterized in that, in the described step 2, when the burst type of described ICMP echo request message is monolithic or sheet, search outgoing interface information and the packaging information that routing table obtains described ICMP echo request message according to the source IP address of a monolithic or a sheet, and write down described source IP address, described outgoing interface information, described packaging information.
5, quick response IC MP echo request method of message according to claim 3, it is characterized in that, in the described step 2, when the burst type of described ICMP echo request message is intermediate or cauda, obtain the routing iinformation of a sheet by direct obtain manner.
6, quick response IC MP echo request method of message according to claim 5, it is characterized in that, in the described step 2, also comprise: judge the whether successful step of routing iinformation of obtaining a sheet by direct obtain manner, if then carry out described step 3; Otherwise, further search routing table according to the source IP address of corresponding burst, to obtain outgoing interface information, carry out described step 3 again.
7, according to claim 4,5 or 6 described quick response IC MP echo request method of message, it is characterized in that, in the described step 3, described ICMP return response message is adopted different packaged types according to the different burst types of described ICMP echo request message.
8, quick response IC MP echo request method of message according to claim 7 is characterized in that, when described ICMP echo request message was monolithic bag or sheet bag, described step 3 was specially:
Step 311 is revised the layer two MAC head, and purpose MAC and source MAC are exchanged;
Step 312 is revised the IP head, the source IP and the purpose IP of described ICMP echo request message is exchanged, and revise the life span value of described ICMP echo request message, the verification of recomputating the IP head with;
Step 313 is revised the ICMP head, the TYPE field type of ICMP head is changed into by request replys, and according to the verification of described ICMP echo request message ICMP head and directly obtain described ICMP return response message the ICMP head verification with; And
Step 314, the monolithic bag or the sheet bag that are packaged into described ICMP return response message also send.
9, quick response IC MP echo request method of message according to claim 7 is characterized in that when described ICMP echo request message was intermediate bag or cauda bag, described step 3 was specially:
Step 321 is revised the layer two MAC head, and purpose MAC and source MAC are exchanged;
Step 322 is revised the IP head, the source IP and the purpose IP of described ICMP echo request message is exchanged, and revise the life span value of described ICMP echo request message, the verification of recomputating the IP head with;
Step 323, the intermediate bag or the cauda bag that are packaged into described ICMP return response message also send.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN200710063154A CN100579075C (en) | 2007-01-29 | 2007-01-29 | Method for rapid response to ICMP echo request message |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN200710063154A CN100579075C (en) | 2007-01-29 | 2007-01-29 | Method for rapid response to ICMP echo request message |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101026578A true CN101026578A (en) | 2007-08-29 |
| CN100579075C CN100579075C (en) | 2010-01-06 |
Family
ID=38744485
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN200710063154A Expired - Fee Related CN100579075C (en) | 2007-01-29 | 2007-01-29 | Method for rapid response to ICMP echo request message |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN100579075C (en) |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104135439A (en) * | 2014-07-25 | 2014-11-05 | 西安空间无线电技术研究所 | Method for rapidly generating an ICMP error message |
| CN106301997A (en) * | 2015-06-29 | 2017-01-04 | 中兴通讯股份有限公司 | Gateway device response to network connectedness method and apparatus |
| CN106533830A (en) * | 2016-10-28 | 2017-03-22 | 上海斐讯数据通信技术有限公司 | Device and method for improving response time of message |
| CN111309471A (en) * | 2018-12-11 | 2020-06-19 | 迈普通信技术股份有限公司 | Data processing method and device and distributed system |
-
2007
- 2007-01-29 CN CN200710063154A patent/CN100579075C/en not_active Expired - Fee Related
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104135439A (en) * | 2014-07-25 | 2014-11-05 | 西安空间无线电技术研究所 | Method for rapidly generating an ICMP error message |
| CN104135439B (en) * | 2014-07-25 | 2017-05-31 | 西安空间无线电技术研究所 | A kind of ICMP error messages rapid generation |
| CN106301997A (en) * | 2015-06-29 | 2017-01-04 | 中兴通讯股份有限公司 | Gateway device response to network connectedness method and apparatus |
| WO2017000790A1 (en) * | 2015-06-29 | 2017-01-05 | 中兴通讯股份有限公司 | Gateway device network connectivity response method and device |
| CN106533830A (en) * | 2016-10-28 | 2017-03-22 | 上海斐讯数据通信技术有限公司 | Device and method for improving response time of message |
| CN111309471A (en) * | 2018-12-11 | 2020-06-19 | 迈普通信技术股份有限公司 | Data processing method and device and distributed system |
| CN111309471B (en) * | 2018-12-11 | 2024-02-09 | 迈普通信技术股份有限公司 | Data processing method, device and distributed system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN100579075C (en) | 2010-01-06 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10333845B2 (en) | Forwarding data packets | |
| WO2017067391A1 (en) | Data sharing method and device for virtual machines | |
| US9110703B2 (en) | Virtual machine packet processing | |
| CN101247353B (en) | Stream aging method and network appliance | |
| CN108768866B (en) | Cross-card forwarding method and device for multicast message, network equipment and readable storage medium | |
| CN113709057A (en) | Network congestion notification method, proxy node, network node and computer equipment | |
| CN108353022A (en) | A kind of processing method of data message, apparatus and system | |
| CN109314664B (en) | Zombie main control machine discovery equipment and method | |
| WO2015074182A1 (en) | Table items addressing method, switch, and controller based on flow table | |
| CN105791214A (en) | Method and apparatus for converting RapidIO message and Ethernet message | |
| Batalla et al. | ID-based service-oriented communications for unified access to IoT | |
| WO2022028456A1 (en) | Congestion control method and apparatus, network node device and computer-readable storage medium | |
| WO2014166073A1 (en) | Packet forwarding method and network device | |
| CN100579075C (en) | Method for rapid response to ICMP echo request message | |
| CN107888710A (en) | A kind of message forwarding method and device | |
| CN105634977A (en) | Method and device for discovering a path maximum transmission unit (PMTU) | |
| CN107733765B (en) | Mapping method, system and related equipment | |
| CN107749826A (en) | A kind of data packet forwarding method and system | |
| CN104040967B (en) | The stream forwarding method and message forwarding equipment of a kind of message | |
| CN105284083A (en) | OpenFlow device and IP network device communication method, device and system | |
| CN110235417B (en) | SDN and message forwarding method and device thereof | |
| KR101952187B1 (en) | Method and apparatus for processing service node ability, service classifier and service controller | |
| CN107124482A (en) | A kind of DNS data package transmitting method, system and router | |
| Holik | Meeting smart city latency demands with SDN | |
| US20100238930A1 (en) | Router and method of forwarding ipv6 packets |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20100106 Termination date: 20190129 |