CN101106529B - Packet forwarding method and system based on secure service - Google Patents
Packet forwarding method and system based on secure service Download PDFInfo
- Publication number
- CN101106529B CN101106529B CN2007101198804A CN200710119880A CN101106529B CN 101106529 B CN101106529 B CN 101106529B CN 2007101198804 A CN2007101198804 A CN 2007101198804A CN 200710119880 A CN200710119880 A CN 200710119880A CN 101106529 B CN101106529 B CN 101106529B
- Authority
- CN
- China
- Prior art keywords
- list item
- arp
- index
- packet
- safety service
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Images
Abstract
The invention discloses a packet transmission method and a system based on safety business. Receive a first packet of business traffic, obtain the safe business message and ARP table entry corresponding with the first packet and establish the relationship among the attribute message, safe business message and ARP table entry message of the business traffic packet carried by the first packet. Receive a subsequent packet of business traffic searches the safe business message and ARP table entry message, according to the business traffic packet attribute message and relationship carried by the subsequent packet, carry out safe business treatment to the subsequent packet according to the safe business message and send out the subsequent packet according to ARP table entry message. The invention does not need to search the safe business table entry, FIB table entry and ARP table entry of every packet and greatly improves the packet transmission rate based on safe business.
Description
Technical field
The present invention relates to the safety service technical field, be specifically related to package transmitting method and system based on safety service.
Background technology
Along with popularizing and development of network, be not only simple quick forwarding to the requirement of the network equipment, also need the network equipment that safety service is provided.This demand in market has promoted the development of safety means, and safety means are proposed following the requirement: network data is implemented safety service as: still provide reasonable forwarding performance under the situation of safety inspection filtration etc.
Safety means will reach above requirement, depend on the lifting of hardware performance, simultaneously the also tissue of depended software relevant entries and relevant operation flow optimization.How to organize relevant main list item and rely on it to promote handling property, become the proposition that safety product faces.
Fig. 1 is existing bag forwarding process figure based on safety service, and as shown in Figure 1, its concrete steps are as follows:
Step 101: configuration safety service list item on safety means.
Each safety service list item comprises: one or the corresponding relation of combination in any and safety service information in the five-tuple information, perhaps comprise: the corresponding relation of forwarding information and safety service information perhaps comprises: one or the corresponding relation of combination in any, forwarding information and safety service information in the five-tuple information.
Five-tuple information is promptly: source IP address information, source port information, protocol number, purpose IP address information, purpose outbound port information.
Forwarding information is promptly: three layers of outgoing interface information in forwarding information base (FIB) list item etc., the outbound port information in the ARP(Address Resolution Protocol) list item etc.
Which kind of safety service the indication of safety service information specifically should carry out is handled, as: filtration treatment etc.
Step 102: safety means receive bag, search the safety service list item corresponding with the five-tuple of this bag.
Step 103: safety means are carried out corresponding safety service and are handled according to the safety service information in the safety service list item that finds, and are finished, and go to step 104.
Safety service in this step handle at be that the safety service of porch is handled.
Step 104: safety means are searched the fib table item corresponding with the purpose IP address of this bag.
Step 105: safety means are searched the ARP list item that mates most with the fib table item.
Step 106: safety means search with the fib table item in the corresponding safety service list item of three layers of outgoing interface information.
Step 107: safety means are carried out corresponding safety service and are handled according to the safety service information in the safety service list item that finds, and are finished, and go to step 108.
Safety service in this step handle at be that the safety service in exit is handled.
Step 108: safety means are encapsulated into two layers of link layer header in the ARP list item that finds on two layers of head of bag, and this bag is forwarded.
From above process as can be seen: after safety means receive bag, at first according to the five-tuple information searching safety service list item that wraps, and carry out corresponding safety service and handle, search fib table item and ARP list item then, search the safety service list item according to the fib table item and the ARP list item that find again, and carry out corresponding safety service and handle, dispose, transmit bag according to the ARP list item.Obviously, handling process is longer, greatly reduces the forward efficiency of bag.
Summary of the invention
The invention provides package transmitting method and system, to improve forward efficiency based on the bag of safety service based on safety service.
Technical scheme of the present invention is achieved in that
A kind of package transmitting method based on safety service is characterized in that, comprising:
Receive the first packet of Business Stream, obtain safety service information corresponding and ARP list item, set up the incidence relation of the attribute information of the service flow packet that first packet carries and safety service information, ARP list item information with this first packet;
Receive the subsequent packet of Business Stream, the service flow packet attribute information and the described incidence relation that carry according to subsequent packet, find safety service information and ARP list item information, according to safety service information subsequent packet is carried out safety service and handle, subsequent packet is forwarded according to the ARP list item information.
Described incidence relation is kept in the software unit.
The described incidence relation of setting up comprises: set up the incidence relation between the index of attribute information, safety service information and ARP list item of service flow packet.
When receiving subsequent packet, described searching comprises: in all incidence relations, search the corresponding incidence relation of attribute information of the service flow packet of carrying with subsequent packet, safety service information in this incidence relation is the safety service information that finds, and finds the ARP list item according to the ARP table item index in this incidence relation.
Further comprise before the first packet of described reception Business Stream: study fib table item in software unit;
When receiving the first packet of Business Stream, the described ARP of obtaining list item comprises: search the fib table item corresponding, search the ARP list item that mates most with this fib table item again with this first packet,
And the described incidence relation of setting up further comprises: for this incidence relation is provided with indication effective effective marker position, and set up the corresponding relation of the index of the index of fib table item and this incidence relation,
And, when upgrading the fib table item, in described corresponding relation, finding the incidence relation index according to this fib table entry index, it is invalid that the effective marker position in the incidence relation of this incidence relation index point is set to.
When receiving subsequent packet, the described incidence relation that finds further comprises: judge whether the effective marker position in this incidence relation indicates effectively, if carry out safe handling according to the safety service information in this incidence relation; Otherwise, in software unit, search safety service information and the ARP list item corresponding again with this subsequent packet, replace safety service information in this incidence relation with the safety service information that finds, replace ARP table item index in this incidence relation with the index of the ARP list item that finds.
Described incidence relation is kept in the hardware cell.
Further comprise before the first packet of described reception Business Stream: study ARP list item in software unit, in hardware cell, preserve the content ARP perception list item identical with this ARP list item,
The described incidence relation of setting up is: set up the incidence relation between the index of the ARP perception list item in attribute information, safety service information and the described ARP list item that gets access to of service flow packet, this incidence relation is saved in the hardware cell.
When receiving subsequent packet, described searching comprises: in all incidence relations in hardware cell, search the corresponding incidence relation of attribute information of the service flow packet of carrying with this subsequent packet, safety service information in this incidence relation is the safety service information that finds, find ARP perception list item according to the ARP perception table item index in this incidence relation in hardware cell, this ARP perception list item is the ARP list item information that finds.
Further comprise after the described ARP of foundation perception list item: the index of this ARP perception list item of record in the ARP list item,
Further comprise before the first packet of described reception Business Stream: study fib table item in software unit;
When receiving the first packet of Business Stream, the described ARP of searching list item comprises: search the fib table item corresponding, search the ARP list item that mates most with this fib table item again with this first packet,
And the described incidence relation of setting up further comprises: for this incidence relation is provided with indication effective effective marker position, and set up the corresponding relation of the index of the index of fib table item and this incidence relation,
And, when upgrading the fib table item, in described corresponding relation, finding the incidence relation index according to this fib table entry index, it is invalid that the effective marker position in the incidence relation of this incidence relation index point is set to.
When receiving subsequent packet, the described incidence relation that finds further comprises: judge whether the effective marker position in this incidence relation indicates effectively, if carry out safe handling according to the safety service information in this incidence relation; Otherwise, in software unit, search safety service information and the ARP list item corresponding again with this subsequent packet, replace safety service information in this incidence relation with the safety service information that finds, replace ARP perception table item index in this incidence relation with the ARP perception table item index in the ARP list item that finds.
The attribute information of described service flow packet is: five-tuple information.
A kind of packet forwarding system based on safety service comprises:
The professional relating module of transmitting receives the first packet of Business Stream, sets up the incidence relation between the corresponding ARP list item information of the attribute information of the service flow packet that first packet carries safety service information, the first packet corresponding with first packet; Receive the subsequent packet of Business Stream, the attribute information and the described incidence relation of the service flow packet of carrying according to this subsequent packet find safety service information and ARP list item information; The safety service information that finds is sent to the safety service processing module, the ARP list item information that finds is sent to forwarding module;
The safety service processing module is carried out the safety service processing according to the service flow packet that the safety service information butt joint that receives is received, is finished, and service flow packet is sent to forwarding module;
Forwarding module forwards the service flow packet that receives according to the ARP list item information that receives.
The described professional relating module of transmitting comprises:
Session list item memory module is preserved each Session list item of being made up of attribute information, safety service information, the ARP table item index of service flow packet;
The Session list item is searched module, receive service flow packet, in Session list item memory module, search the Session list item corresponding with the attribute information of service flow packet, if find, safety service information in the Session list item is sent to the safety service processing module, the ARP table item index in the Session list item is sent to forwarding module; Otherwise, service flow packet is sent to the Session list item sets up update module;
The Session list item is set up update module, receive service flow packet, the safety service information of service flow packet correspondence is sent to the safety service processing module, foundation comprises the attribute information of service flow packet and the Session list item of described safety service information, search the ARP list item corresponding with service flow packet, this ARP list item is sent to forwarding module, and the index of the ARP list item that finds is added in the Session list item of foundation, the Session list item is saved in Session list item memory module.
This system further comprises: FIB and Session list item relating module, fib table item update module, wherein:
FIB and Session list item relating module, the corresponding relation of preservation fib table entry index and Session table item index;
And, it is further that described Session list item is set up update module, for the Session list item of setting up is provided with the effective effective marker of indication position, and the corresponding relation of the index of the index of the fib table item of service flow packet correspondence and the Session list item set up is kept in FIB and the Session list item relating module
Fib table item update module, when upgrading the fib table item, in FIB and Session list item relating module, find the Session table item index corresponding with this fib table entry index, find the Session list item according to this Session table item index in Session list item memory module, it is invalid that the effective marker position in the Session list item is set to.
Described Session list item is searched module finds the Session list item in Session list item memory module after, judge whether the effective marker position in this Session list item indicates effectively, if indication is invalid, then the index of service flow packet and this Session list item is sent to the Session list item and set up update module
After described Session list item is set up update module and is received service flow packet and Session table item index, safety service information that will be corresponding with this service flow packet sends to the safety service processing module, in Session list item memory module, find the Session list item according to this Session table item index, replace safety service information in this Session list item with the safety service information that finds; Search the ARP list item corresponding, this ARP list item is sent to forwarding module, replace ARP table item index in this Session list item with the index of this ARP list item with service flow packet.
Described Session list item memory module is arranged in software unit.
The described professional relating module of transmitting comprises:
ARP list item study memory module, study ARP list item adds the index of ARP perception list item identical with the ARP contents in table in the ARP perception list item memory module in the ARP list item to;
ARP perception list item memory module is preserved and the identical ARP perception list item of ARP contents in table in the software unit;
Session list item memory module is preserved each Session list item of being made up of attribute information, safety service information, the ARP perception table item index of service flow packet;
The Session list item is searched module, receive service flow packet, in Session list item memory module, search the Session list item corresponding with the attribute information of service flow packet, if find, safety service information in the Session list item is sent to the safety service processing module, the ARP perception table item index in the Session list item is sent to forwarding module; Otherwise, service flow packet is sent to the Session list item sets up update module;
The Session list item is set up update module, receives service flow packet, and the safety service information corresponding with service flow packet is sent to the safety service processing module, sets up to comprise the attribute information of service flow packet and the Session list item of described safety service information; Search the ARP list item corresponding, this ARP list item is sent to forwarding module, and the ARP perception table item index in the ARP list item is added in the Session list item of foundation, the Session list item is saved in Session list item memory module with service flow packet.
This system further comprises: FIB and Session list item relating module, fib table item update module, wherein:
FIB and Session list item relating module, the corresponding relation of preservation fib table entry index and Session table item index;
And, it is further that described Session list item is set up update module, for the Session list item of setting up is provided with the effective effective marker of indication position, the corresponding relation of the index of the Session list item of the index of the fib table item of service flow packet correspondence and foundation is kept in FIB and the Session list item relating module
Fib table item update module, when upgrading the fib table item, in FIB and Session list item relating module, find the Session table item index corresponding with this fib table entry index, find the Session list item according to this Session table item index in Session list item memory module, it is invalid that the effective marker position in the Session list item is set to.
Described Session list item is searched module finds the Session list item in Session list item memory module after, judge whether the effective marker position in this Session list item indicates effectively, if indication is invalid, service flow packet and Session table item index is sent to the Session list item set up update module
After described Session list item is set up update module and is received service flow packet and Session table item index, the safety service information corresponding with service flow packet is sent to the safety service processing module, in Session list item memory module, find the Session list item according to this Session table item index, replace safety service information in this Session list item with described safety service information; Search the ARP list item corresponding, this ARP list item is sent to forwarding module, and replace the ARP perception table item index in the Session list item that is found with the ARP perception table item index in this ARP list item with service flow packet.
Described ARP perception list item memory module, Session list item memory module are arranged in hardware cell.
Compared with prior art, the present invention adopts prior art to carry out the safety service list item by the first packet to Business Stream, the fib table item, searching of ARP list item, and be attribute information of each bag of Business Stream with the attribute information of this first packet, set up the attribute information and the safety service information of this service flow packet according to lookup result, the incidence relation of ARP list item, make the subsequent packet of Business Stream directly to carry out the safety service processing and to transmit processing according to described incidence relation, need not each bag and all carry out the safety service list item, the fib table item, searching of ARP list item improved the bag forward efficiency based on safety service greatly.
Description of drawings
Fig. 1 is existing bag forwarding process figure based on safety service;
The bag forwarding process figure that Fig. 2 provides for the embodiment of the invention one based on safety service;
The bag forwarding process figure that Fig. 3 provides for the embodiment of the invention two based on safety service;
The packet forwarding system composition diagram that Fig. 4 provides for the embodiment of the invention one based on safety service;
The packet forwarding system composition diagram that Fig. 5 provides for the embodiment of the invention two based on safety service.
Embodiment
Because the five-tuple of each bag in the same Business Stream is identical, and the safety service list item serves as according to setting up with the five-tuple of bag all usually, and forwarding-table item: fib table item and ARP list item also are that the five-tuple with bag serves as according to setting up, thereby can learn: the safety service that each bag of same Business Stream is carried out is handled and is transmitted that to handle be identical.Therefore, core concept of the present invention is: the first packet of Business Stream carried out the safety service list item according to prior art searches with fib table item, ARP list item and search, and the five-tuple information of setting up this first packet according to lookup result and the incidence relation that needs the corresponding ARP list item of the information of all safety services of this bag execution and this bag.Like this, the subsequent packet of this Business Stream just can directly find safety service information and ARP list item information according to this incidence relation, thereby directly this subsequent packet is carried out that safety service is handled and transmit and handle, and need not to carry out again the search procedure of safety service list item and fib table item, ARP list item.
The present invention is further described in more detail below in conjunction with drawings and the specific embodiments.
The bag forwarding process figure that Fig. 2 provides for the embodiment of the invention one based on safety service, as shown in Figure 2, its concrete steps are as follows:
Step 201: safety means receive bag, search the Session list item corresponding with the five-tuple information of this bag in software.
Step 202: safety means judge whether to find the Session list item, if, execution in step 213; Otherwise, execution in step 203.
Step 203: safety means determine that this bag is the first packet of Business Stream, search the information of carrying with this first packet as the safety service list item that five-tuple information is corresponding.
Step 204: safety means are according to the safety service information in the safety service list item that finds, carrying out corresponding safety service handles, and in software, set up the Session list item, this Session list item comprises: the five-tuple information of this first packet and described safety service information.
Safety service in this step handle at be that the safety service of porch is handled.
Step 205: safety means are searched the fib table item corresponding with the purpose IP address of this first packet in software.
Step 206: safety means find the fib table item, search the ARP list item that mates most with this fib table item in software.
In this step, when safety means find the fib table item, further preserve the index of this fib table item and the corresponding relation of the Session table item index of being set up, and, when revising or delete the fib table item, by described corresponding relation, find all Session list items corresponding with this fib table item, it is invalid that the effective marker position in all Session list items is set to indicate.Like this, when receiving the subsequent packet of Business Stream, just can determine whether the fib table item is modified or deleted, if just trigger the renewal of Session list item according to the effective marker position in the Session list item.
Step 207: safety means add the index of the ARP list item that finds in the Session list item that step 204 sets up to.
As can be seen, execute this step after, the Session list item that safety means are set up comprises: five-tuple information, safety service information, ARP table item index.
Step 208: safety means search with described fib table item in the corresponding safety service list item of three layers of outgoing interface information.
The fib table item comprises: information such as purpose IP address, purpose mask, three layers of outgoing interface, next jumping.
Step 209: safety means judge whether to find the safety service list item, if, execution in step 210; Otherwise, execution in step 211.
Step 210: safety means are according to the safety service information in the safety service list item that finds, this first packet is carried out corresponding safety service to be handled, simultaneously this safety service information is added in the Session list item of step 204 foundation, safety service disposes, and goes to step 211.
Safety service in this step handle at be that the safety service in exit is handled.
Step 211: safety means add the effective effective marker of indication position in the Session list item of step 204 foundation to.
If in step 209, do not find the safety service list item, can determine that then this first packet need not to do safety service and handles in the exit.
Step 212: safety means are encapsulated into two layers of link layer header in the ARP list item that finds on two layers of head of this first packet, and this bag is forwarded, and return step 201.
Step 213: safety means are determined the subsequent packet of this bag for Business Stream, judge whether the effective marker position in the Session list item indicates effectively, if, execution in step 214; Otherwise, execution in step 216.
Step 214: safety means determine that fib table Xiang Wei is modified or deleted, thereby determine that the ARP table item index in the Session list item is correct,, this subsequent packet is carried out corresponding safety service handle according to the safety service information in the Session list item, be finished, go to step 215.
Step 215: safety means find the ARP list item according to the ARP table item index in the Session list item, two layers of link layer header in the ARP list item that finds are encapsulated on two layers of head of this subsequent packet, and this bag is forwarded, and return step 201.
Step 216: safety means determine that the fib table item is modified or deleted, and this subsequent packet is used as first packet handles, and search the safety service list item corresponding with the five-tuple information of this subsequent packet in software.
Step 217: safety means are carried out corresponding safety service to this subsequent packet and are handled, and replace the safety service information in the Session list item that finds with this safety service information according to the safety service information in the safety service list item that finds.
Step 218: safety means are searched the fib table item corresponding with the purpose IP address of this subsequent packet in software.
Step 219: safety means find the fib table item, search the ARP list item that mates most with this fib table item in software.
Step 220: safety means are replaced ARP table item index in the Session list item that finds with the index of the ARP list item that finds.
Step 221: safety means search with described fib table item in the corresponding safety service list item of three layers of outgoing interface information.
Step 222: safety means judge whether to find the safety service list item, if, execution in step 223; Otherwise, execution in step 224.
Step 223: safety means are according to the safety service information in the safety service list item that finds, this subsequent packet is carried out corresponding safety service to be handled, simultaneously this safety service information is added in the Session list item that finds, and the effective marker position in the Session list item that finds is set to indication effectively, safety service disposes, and goes to step 224.
Step 224: safety means are encapsulated into two layers of link layer header in the ARP list item that finds on two layers of head of this subsequent packet, and this bag is forwarded, and return step 201.
From flow process shown in Figure 2 as can be seen: when the first packet to Business Stream has carried out after the safety service list item the software, fib table item and ARP list item search, the structure of the Session list item of being set up in software according to lookup result is as follows:
Session list item: five-tuple information, safety service information, ARP table item index, effective marker position.
Like this, after the subsequent packet of receiving this Business Stream, just can in software, find above-mentioned Session list item according to the five-tuple information of this subsequent packet, handle according to the corresponding safety service of the safety service information and executing in this Session list item then, find ARP list item in the software according to the ARP table item index in this Session list item, thereby this subsequent packet is forwarded.As can be seen, all safety service information all centralized stores in the Session list item, improved the safety service treatment effeciency; And, when searching the ARP list item, also need not again to carry out the searching of fib table item, also to need not to carry out the matching operation of ARP list item and fib table item, and can directly find the ARP list item, further improved forward efficiency according to the ARP table item index in the Session list item according to five-tuple information.
In embodiment illustrated in fig. 2, the safety service of the subsequent packet of Business Stream handled and transmit to handle all in software, carry out, below be given in and in the hardware subsequent packet of Business Stream carried out safety service and handle and transmit the embodiment that handles.
The bag forwarding process figure that Fig. 3 provides for the embodiment of the invention two based on safety service, as shown in Figure 3, its concrete steps are as follows:
Step 301: safety means arrive the ARP list item by software learning, in hardware, set up ARP perception list item, the content that comprises in this ARP perception list item is identical with the content of the ARP list item of being learnt, and the index of ARP perception list item is added in the ARP list item of being learnt.
When by software upgrading ARP list item, find ARP perception list item in the hardware according to the ARP perception table item index in this ARP list item, thereby upgrade this ARP perception list item synchronously.
Step 302: safety means receive bag, search the Session list item corresponding with the five-tuple information of this bag in hardware.
Step 303: safety means judge whether to find the Session list item, if, execution in step 314; Otherwise, execution in step 304.
Step 304: safety means determine that this bag is the first packet of Business Stream, search the information of carrying with this first packet as the safety service list item that five-tuple information is corresponding in software.
Step 305: safety means are according to the safety service information in the safety service list item that finds, this first packet is carried out corresponding safety service to be handled, and in software, set up the Session list item, this Session list item comprises: the five-tuple information of this first packet and described safety service information.
Step 306: safety means are searched the fib table item corresponding with the purpose IP address of this first packet in software.
Step 307: safety means find the fib table item, search the ARP list item that mates most with this fib table item in software.
In this step, when safety means find the fib table item, further preserve the index of this fib table item and the corresponding relation of the Session table item index of being set up, and, when revising or delete the fib table item, by described corresponding relation, find all Session list items corresponding with this fib table item, it is invalid that the effective marker position in all Session list items is set to indicate.Like this, when receiving the subsequent packet of Business Stream, just can determine whether the fib table item is modified or deleted, if just trigger the renewal of Session list item according to the effective marker position in the Session list item.
Step 308: safety means add the ARP perception table item index in the ARP list item that finds in the Session list item of setting up in the step 305 to.
As can be seen, execute this step after, the Session list item that safety means are set up comprises: five-tuple information, safety service information, ARP perception table item index.
Step 309: safety means in software, search with described fib table item in the corresponding safety service list item of three layers of outgoing interface information.
Step 310: safety means judge whether to find the safety service list item, if, execution in step 311; Otherwise, execution in step 312.
Step 311: safety means are according to the safety service information in the safety service list item that finds, this first packet is carried out corresponding safety service to be handled, simultaneously this safety service information is added in the Session list item of step 305 foundation, safety service disposes, and goes to step 312.
Step 312: safety means add the effective effective marker of indication position in the Session list item of step 305 foundation to, then this Session list item are saved in the hardware.
Step 313: safety means are encapsulated into two layers of link layer header in the ARP list item that finds on two layers of head of this first packet, and this bag is forwarded, and return step 302.
Step 314: safety means are determined the subsequent packet of this bag for Business Stream, judge whether the effective marker position in the Session list item indicates effectively, if, execution in step 315; Otherwise, execution in step 317.
Step 315: safety means determine that fib table Xiang Wei is modified or deleted, thereby determine that the ARP perception table item index in the Session list item is correct,, this subsequent packet is carried out corresponding safety service handle according to the safety service information in the Session list item, be finished, go to step 316.
Step 316: safety means find ARP perception list item according to the ARP perception table item index in the Session list item, two layers of link layer header in the ARP perception list item that finds are encapsulated on two layers of head of this subsequent packet, and this bag is forwarded, and return step 302.
Step 317: safety means determine that the fib table item is modified or deleted, and this subsequent packet is used as first packet handles, and search the safety service list item corresponding with the five-tuple information of this subsequent packet in software.
Step 318: safety means are carried out corresponding safety service to this subsequent packet and are handled, and replace the safety service information in the Session list item that finds with this safety service information according to the safety service information in the safety service list item that finds.
Step 319: safety means are searched the fib table item corresponding with the purpose IP address of this subsequent packet in software.
Step 320: safety means find the fib table item, search the ARP list item that mates most with this fib table item in software.
Step 321: safety means are replaced the ARP perception table item index in the Session list item that finds with the ARP perception table item index in the ARP list item that finds.
Step 322: safety means in software, search with described fib table item in the corresponding safety service list item of three layers of outgoing interface information.
Step 323: safety means judge whether to find the safety service list item, if, execution in step 324; Otherwise, execution in step 325.
Step 324: safety means are according to the safety service information in the safety service list item that finds, this subsequent packet is carried out corresponding safety service to be handled, simultaneously this safety service information is added in the Session list item that finds, and the effective marker position in this Session list item is set to indication effectively, safety service disposes, execution in step 325.
Step 325: safety means are encapsulated into two layers of link layer header in the ARP list item that finds on two layers of head of this subsequent packet, and this bag is forwarded, and return step 302.
From flow process shown in Figure 3 as can be seen: after software, learning the ARP list item, can in hardware, preserve the ARP perception list item corresponding, and this ARP perception table item index is saved in the ARP list item of learning with this ARP list item.
When the first packet to Business Stream has carried out after the safety service list item in the software, fib table item and ARP list item search, the structure of the Session list item of being preserved in hardware according to lookup result is as follows:
Session list item: five-tuple information, safety service information, ARP perception table item index, effective marker position.
Like this, after the subsequent packet of receiving this Business Stream, just can in hardware, find above-mentioned Session list item according to the five-tuple information of this bag, handle according to the corresponding safety service of the safety service information and executing in this Session list item then, find ARP perception list item in the hardware according to the ARP perception table item index in this Session list item, thereby this message is forwarded.As can be seen, processing is handled and transmitted to the safety service of subsequent packet all in hardware, carry out, improved the safety service treatment effeciency and the forward efficiency of subsequent packet greatly.
The packet forwarding system composition diagram that Fig. 4 provides for the embodiment of the invention one based on safety service, as shown in Figure 4, it mainly comprises: safety service list item memory module 401, fib table item study memory module 402, ARP list item study memory module 403, Session list item memory module 404, bag receiver module 405, Session list item are searched module 406, the Session list item is set up update module 407, safety service processing module 408, forwarding module 409, FIB and Session list item relating module 410 and fib table item update module 411, wherein:
Safety service list item memory module 401: preserve each safety service list item of forming by five-tuple information and/or forwarding-table item information and safety service information.
IB list item study memory module 402: learn the fib table item, preserve this fib table item.
ARP list item study memory module 403: study is also preserved the ARP list item.
Session list item memory module 404: preserve each Session list item of forming by five-tuple information, safety service information, ARP perception table item index, effective marker position.
Bag receiver module 405: be used for receiving bag, this bag sent to safety service processing module 408 and the Session list item is searched module 406.
The Session list item is searched module 406: receive the bag that bag receiver module 405 is sent, in Session list item memory module 404, search the corresponding Session list item of five-tuple information that carries with this bag, if find, judge whether the effective marker position in this Session list item indicates effectively, if indication effectively, then the safety service information in this Session list item is sent to safety service processing module 408, in ARP list item study memory module 403, find the ARP list item according to the ARP table item index in this Session list item, this ARP list item is sent to forwarding module 409; If indication is invalid, should wrap and this Session table item index is carried at renewal and sends to the Session list item in indicating and set up update module 407; If do not find, then this bag is carried to set up and sends to the Session list item in the indication and set up update module 407.
The Session list item is set up update module 407: receive after the Session list item searches the foundation indication of carrying bag that module 406 sends, in safety service list item memory module 401, search the information of carrying as the safety service information that five-tuple information is corresponding with this bag, the safety service information that finds is sent to safety service processing module 408, set up new Session list item, this Session list item comprises: described five-tuple information and the safety service information that finds; In fib table item study memory module 402, search the corresponding fib table item in purpose IP address that carries with this bag, the index of this fib table item corresponding relation with the index of the Session list item of being set up is kept in FIB and the Session list item relating module 410, in ARP list item study memory module 403, search the ARP list item that mates most with this fib table item, this ARP list item is sent to forwarding module 409, and the ARP perception table item index in this ARP list item added in the newly-established Session list item, in safety service list item memory module 401, search then with the described fib table item that finds in the corresponding safety service information of three layers of outgoing interface information, if find, this safety service information is sent to safety service processing module 408, and this safety service information added in the newly-established Session list item, this Session list item is saved in the Session list item memory module 404.Receiving the Session list item searches after the renewal of carrying bag and Session table item index that module 406 sends indicates, in safety service list item memory module 401, search the information of carrying as the safety service information that five-tuple information is corresponding with this bag, the safety service information that finds is sent to safety service processing module 408, in Session list item memory module 404, find the Session list item according to this Session table item index, replace safety service information in this Session list item with the safety service information that finds; In fib table item study memory module 402, search the corresponding fib table item in purpose IP address that carries with this bag, in ARP list item study memory module 403, search the ARP list item that mates most with this fib table item, this ARP list item is sent to forwarding module 409, replace ARP perception table item index in this Session list item with the ARP perception table item index in this ARP list item, and in safety service list item memory module 401, search with the described fib table item that finds in the corresponding safety service information of three layers of outgoing interface information, if find, this safety service information is sent to safety service processing module 408, and this safety service information is added in this Session list item.
Safety service processing module 408: receive the bag that bag receiver module 405 is sent, reception Session list item searches module 406 or the Session list item is set up the safety service information that update module 407 is sent, according to this safety service information this bag being carried out corresponding safety service handles, dispose, this bag is sent to forwarding module 409.
Forwarding module 409: receive the bag through the safety service processing that safety service processing module 408 is sent, reception Session list item searches module 406 or the Session list item is set up the ARP list item that update module 407 is sent, and according to this ARP list item, this bag is sent.
FIB and Session list item relating module 410: the corresponding relation of preserving fib table entry index and Session table item index.
Fib table item update module 411: the fib table item that is used for upgrading fib table item study memory module 402, and when upgrading the fib table item, in FIB and Session list item relating module 410, find the Session table item index corresponding with this fib table entry index, find the Session list item according to this Session table item index in Session list item memory module 404, it is invalid that the effective marker position of this Session list item is set to indicate.
In actual applications, safety service list item memory module 401, fib table item study memory module 402, ARP list item study memory module 403, Session list item memory module 404, Session list item can be searched module 406 and Session list item sets up update module 407 and is referred to as the professional relating module of transmitting.
In the embodiment shown in fig. 4, safety service list item memory module 401, fib table item study memory module 402, ARP list item study memory module 403, Session list item memory module 404 all are arranged in software unit.
The packet forwarding system composition diagram that Fig. 5 provides for the embodiment of the invention two based on safety service, as shown in Figure 5, it mainly comprises: safety service list item memory module 501, fib table item study memory module 502, ARP list item study memory module 503, ARP perception list item memory module 504, Session list item memory module 505, bag receiver module 506, the Session list item is searched module 507, the Session list item is set up update module 508, safety service processing module 509, forwarding module 510, FIB and Session list item relating module 511 and fib table item update module 512, wherein:
Safety service list item memory module 501: preserve each safety service list item of forming by five-tuple information and/or forwarding-table item information and safety service information.
Fib table item study memory module 502: learn the fib table item, preserve this fib table item.
ARP list item study memory module 503: study is also preserved the ARP list item, simultaneously in ARP perception list item memory module 504, set up ARP perception list item, the content of this ARP perception list item is identical with the content of the ARP list item of learning, and the index of this ARP perception list item is added in the ARP list item of learning.
ARP perception list item memory module 504: storage ARP perception list item.
Session list item memory module 505: preserve each Session list item of forming by five-tuple information, safety service information, ARP perception table item index, effective marker position.
Bag receiver module 506: be used for receiving bag, this bag sent to safety service processing module 509 and the Session list item is searched module 507.
The Session list item is searched module 507: receive the bag that bag receiver module 506 is sent, in Session list item memory module 505, search the information of carrying as the Session list item that five-tuple information is corresponding with this bag, if find, judge whether the effective marker position in this Session list item indicates effectively, if indication effectively, then the safety service information in this Session list item is sent to safety service processing module 509, the ARP perception table item index in this Session list item is sent to forwarding module 510; If indication is invalid, should wrap and this Session table item index is carried at renewal and sends to the Session list item in indicating and set up update module 508; If do not find, then this bag is carried to set up and sends to the Session list item in the indication and set up update module 508.
The Session list item is set up update module 508: receive the Session list item and search the foundation indication of carrying bag that module 507 is sent, in safety service list item memory module 501, search the information of carrying as the safety service information that five-tuple information is corresponding with this bag, the safety service information that finds is sent to safety service processing module 509, set up new Session list item, this Session list item comprises: described five-tuple information and the safety service information that finds; In fib table item study memory module 502, search the corresponding fib table item in purpose IP address that carries with this bag, the index of this fib table item corresponding relation with the index of the Session list item of being set up is kept in FIB and the Session list item relating module 511, in ARP list item study memory module 503, search the ARP list item that mates most with this fib table item, this ARP list item is sent to forwarding module 510, and the ARP perception table item index in this ARP list item added in the newly-established Session list item, and in safety service list item memory module 501, search with the described fib table item that finds in the corresponding safety service information of three layers of outgoing interface information, if find, this safety service information is sent to safety service processing module 509, and this safety service information added in the newly-established Session list item, this Session list item is saved in the Session list item memory module 505.Receive the Session list item and search the renewal indication of carrying bag and Session table item index that module 507 is sent, in safety service list item memory module 501, search the information of carrying as the safety service information that five-tuple information is corresponding with this bag, the safety service information that finds is sent to safety service processing module 509, in Session list item memory module 505, find the Session list item according to this Session table item index, replace safety service information in this Session list item with the safety service information that finds; In fib table item study memory module 502, search the corresponding fib table item in purpose IP address that carries with this bag, in ARP list item study memory module 503, search the ARP list item that mates most with this fib table item, this ARP list item is sent to forwarding module 510, and replace ARP perception table item index in the Session list item found with the ARP perception table item index in this ARP list item, and in safety service list item memory module 501, search with the described fib table item that finds in the corresponding safety service information of three layers of outgoing interface information, if find, this safety service information is sent to safety service processing module 509, and this safety service information is added in the Session list item that is found.
Safety service processing module 509: receive the bag that bag receiver module 506 is sent, reception Session list item searches module 507 or the Session list item is set up the safety service information that update module 508 is sent, according to this safety service information this bag being carried out corresponding safety service handles, dispose, this bag is sent to forwarding module 510.
Forwarding module 510: receive the bag that safety service processing module 509 is sent through the safety service processing, receive the Session list item and search the ARP perception table item index that module 507 is sent, in ARP perception list item memory module 504, search the ARP perception list item that this ARP perception table item index points to, according to this ARP perception list item, this bag is sent; Receive the Session list item and set up the ARP list item that update module 508 is sent,, bag is sent according to this ARP list item.
FIB and Session list item relating module 511: the corresponding relation of preserving fib table entry index and Session table item index.
Fib table item update module 512, be used for upgrading the fib table item of fib table item study memory module 502, and when upgrading the fib table item, in FIB and Session list item relating module 511, find the Session table item index corresponding with this fib table entry index, find the Session list item according to this Session table item index in Session list item memory module 505, it is invalid that the effective marker position of this Session list item is set to indicate.
In actual applications, safety service list item memory module 501, fib table item study memory module 502, ARP list item study memory module 503, ARP perception list item memory module 504, Session list item memory module 505, Session list item can be searched module 507 and Session list item sets up update module 508 and is referred to as the professional relating module of transmitting.
In the embodiment shown in fig. 5, safety service list item memory module 501, fib table item study memory module 502, ARP list item study memory module 503 are kept in the software for adopting the module of prior art structure.And ARP perception list item memory module 504, Session list item memory module 505 are the module of embodiment of the invention structure, be kept in the hardware, as: among the TCAM, with the access speed of quickening safety means to Session list item, ARP perception list item, thereby raising is based on the bag forward efficiency of safety service.
The above only is process of the present invention and method embodiment, in order to restriction the present invention, all any modifications of being made within the spirit and principles in the present invention, is not equal to replacement, improvement etc., all should be included within protection scope of the present invention.
Claims (15)
1. the package transmitting method based on safety service is characterized in that, comprising:
Receive the first packet of Business Stream, obtain safety service information corresponding and ARP list item with this first packet, set up the incidence relation of five-tuple information that first packet carries and safety service information, ARP table item index, wherein said five-tuple information is source IP address information, source port information, protocol number, purpose IP address information and purpose outbound port information;
Receive the subsequent packet of Business Stream, the five-tuple information and the described incidence relation that carry according to subsequent packet, find safety service information and ARP table item index, according to safety service information subsequent packet being carried out safety service handles, find the ARP list item according to the ARP table item index, subsequent packet is forwarded according to the ARP list item.
2. the method for claim 1 is characterized in that, described incidence relation is kept in the software unit.
3. method as claimed in claim 2, it is characterized in that, when receiving subsequent packet, described searching comprises: in all incidence relations, search the corresponding incidence relation of five-tuple information that carries with subsequent packet, safety service information in this incidence relation is the safety service information that finds, and finds the ARP list item according to the ARP table item index in this incidence relation.
4. method as claimed in claim 2 is characterized in that, further comprises before the first packet of described reception Business Stream: study forwarding information base fib table item in software unit;
When receiving the first packet of Business Stream, obtain the ARP list item corresponding and comprise with this first packet: search the fib table item corresponding, search the ARP list item that mates most with this fib table item again with this first packet,
And, the described incidence relation of setting up five-tuple information that first packet carries and safety service information, ARP table item index further comprises: for this incidence relation is provided with the effective effective marker of indication position, and set up the corresponding relation of the index of the index of fib table item and this incidence relation
And, when upgrading the fib table item, in described corresponding relation, finding the incidence relation index according to this fib table entry index, it is invalid that the effective marker position in the incidence relation of this incidence relation index point is set to.
5. method as claimed in claim 4, it is characterized in that, when receiving subsequent packet, described five-tuple information of carrying according to subsequent packet and described incidence relation further comprise before finding safety service information and ARP table item index: judge whether the effective marker position in this incidence relation indicates effectively, if carry out safe handling according to the safety service information in this incidence relation; Otherwise, in software unit, search safety service information and the ARP list item corresponding again with this subsequent packet, replace safety service information in this incidence relation with the safety service information that finds, replace ARP table item index in this incidence relation with the index of the ARP list item that finds.
6. the method for claim 1 is characterized in that, described incidence relation is kept in the hardware cell.
7. method as claimed in claim 6 is characterized in that, further comprises before the first packet of described reception Business Stream: study ARP list item in software unit, in hardware cell, preserve the content ARP perception list item identical with this ARP list item,
The described incidence relation of setting up five-tuple information that first packet carries and safety service information, ARP table item index is: set up the incidence relation between the index of the five-tuple information, safety service information of service flow packet and the ARP perception list item in the accessed ARP list item, this incidence relation is saved in the hardware cell.
8. method as claimed in claim 7, it is characterized in that, when receiving subsequent packet, described searching comprises: in all incidence relations in hardware cell, search the corresponding incidence relation of five-tuple information that carries with this subsequent packet, safety service information in this incidence relation is the safety service information that finds, and finds ARP perception list item according to the ARP perception table item index in this incidence relation in hardware cell, and this ARP perception list item is the ARP list item that finds.
9. method as claimed in claim 7 is characterized in that, the described content ARP perception list item identical with this ARP list item of preserving in hardware cell further comprises afterwards: the index of this ARP perception list item of record in the ARP list item,
Further comprise before the first packet of described reception Business Stream: study fib table item in software unit;
When receiving the first packet of Business Stream, obtain the ARP list item corresponding and comprise with this first packet: search the fib table item corresponding, search the ARP list item that mates most with this fib table item again with this first packet,
And, the described incidence relation of setting up five-tuple information that first packet carries and safety service information, ARP table item index further comprises: for this incidence relation is provided with the effective effective marker of indication position, and set up the corresponding relation of the index of the index of fib table item and this incidence relation
And, when upgrading the fib table item, in described corresponding relation, finding the incidence relation index according to this fib table entry index, it is invalid that the effective marker position in the incidence relation of this incidence relation index point is set to.
10. method as claimed in claim 9, it is characterized in that, when receiving subsequent packet, described five-tuple information of carrying according to subsequent packet and described incidence relation further comprise before finding safety service information and ARP table item index: judge whether the effective marker position in this incidence relation indicates effectively, if carry out safe handling according to the safety service information in this incidence relation; Otherwise, in software unit, search safety service information and the ARP list item corresponding again with this subsequent packet, replace safety service information in this incidence relation with the safety service information that finds, replace ARP perception table item index in this incidence relation with the ARP perception table item index in the ARP list item that finds.
11. the packet forwarding system based on safety service is characterized in that, comprising:
First module, receive the first packet of Business Stream, obtain safety service information corresponding and ARP list item with this first packet, set up the incidence relation between the corresponding ARP table item index of five-tuple information that first packet carries safety service information, the first packet corresponding with first packet, wherein said five-tuple information is source IP address information, source port information, protocol number, purpose IP address information and purpose outbound port information;
Second module, receive the subsequent packet of Business Stream, the five-tuple information and the described incidence relation that carry according to this subsequent packet, find safety service information and ARP table item index, according to safety service information subsequent packet being carried out safety service handles, find the ARP list item according to the ARP table item index, subsequent packet is forwarded according to the ARP list item.
12. system as claimed in claim 11, it is characterized in that described first module is further used for, for the incidence relation of setting up is provided with the effective effective marker of indication position, and the corresponding relation of the index of the fib table item of preservation service flow packet correspondence and the index of the incidence relation of being set up
And described system further comprises:
Three module when upgrading the fib table item, finds the index of the incidence relation corresponding with this fib table entry index, and to incidence relation, it is invalid that the effective marker position of this incidence relation is set to according to the index search of this incidence relation.
13. system as claimed in claim 11 is characterized in that, described first module comprises:
First submodule, study ARP list item adds the index of the ARP perception list item identical with the ARP contents in table in the ARP list item to;
Second submodule is preserved and the identical ARP perception list item of ARP contents in table in the software unit;
The 3rd submodule is preserved each Session list item of being made up of five-tuple information, safety service information, the ARP perception table item index of service flow packet.
14. system as claimed in claim 13 is characterized in that, this system further comprises: three module, the corresponding relation of preservation fib table entry index and Session table item index;
Four module is for the Session list item is provided with the effective effective marker of indication position;
The 5th module when upgrading the fib table item, finds the Session table item index corresponding with this fib table entry index, finds the Session list item according to this Session table item index, and it is invalid that the effective marker position in the Session list item is set to.
15., it is characterized in that described second submodule, the 3rd submodule are arranged in hardware cell as claim 13 or 14 described systems.
Priority Applications (3)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2007101198804A CN101106529B (en) | 2007-08-02 | 2007-08-02 | Packet forwarding method and system based on secure service |
| PCT/CN2008/071676 WO2009015578A1 (en) | 2007-08-02 | 2008-07-17 | Method and network security device for executing security processing to packets |
| US12/529,907 US8316432B2 (en) | 2007-08-02 | 2008-07-17 | Method for implementing security-related processing on packet and network security device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2007101198804A CN101106529B (en) | 2007-08-02 | 2007-08-02 | Packet forwarding method and system based on secure service |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101106529A CN101106529A (en) | 2008-01-16 |
| CN101106529B true CN101106529B (en) | 2010-07-21 |
Family
ID=39000212
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2007101198804A Expired - Fee Related CN101106529B (en) | 2007-08-02 | 2007-08-02 | Packet forwarding method and system based on secure service |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101106529B (en) |
Families Citing this family (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8316432B2 (en) | 2007-08-02 | 2012-11-20 | Hangzhou H3C Technologies Co., Ltd. | Method for implementing security-related processing on packet and network security device |
| CN102075421B (en) * | 2010-12-30 | 2013-10-02 | 杭州华三通信技术有限公司 | Service quality processing method and device |
| CN107547406B (en) * | 2017-08-30 | 2020-06-05 | 新华三技术有限公司 | Method and device for establishing FIB table in distributed EVPN gateway networking |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1464703A (en) * | 2002-06-19 | 2003-12-31 | 华为技术有限公司 | Method for increasing IP message transferring speed |
| CN1777174A (en) * | 2004-11-15 | 2006-05-24 | 中兴通讯股份有限公司 | Internet safety protocol high-speed processing IP burst method |
| CN1794695A (en) * | 2005-12-28 | 2006-06-28 | 杭州华为三康技术有限公司 | Method of refreshing hardware table item |
| CN1845531A (en) * | 2006-04-28 | 2006-10-11 | 杭州华为三康技术有限公司 | Data forwarding controlling method and apparatus |
| CN1913495A (en) * | 2006-08-28 | 2007-02-14 | 杭州华为三康技术有限公司 | Data conversion method and device |
-
2007
- 2007-08-02 CN CN2007101198804A patent/CN101106529B/en not_active Expired - Fee Related
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1464703A (en) * | 2002-06-19 | 2003-12-31 | 华为技术有限公司 | Method for increasing IP message transferring speed |
| CN1777174A (en) * | 2004-11-15 | 2006-05-24 | 中兴通讯股份有限公司 | Internet safety protocol high-speed processing IP burst method |
| CN1794695A (en) * | 2005-12-28 | 2006-06-28 | 杭州华为三康技术有限公司 | Method of refreshing hardware table item |
| CN1845531A (en) * | 2006-04-28 | 2006-10-11 | 杭州华为三康技术有限公司 | Data forwarding controlling method and apparatus |
| CN1913495A (en) * | 2006-08-28 | 2007-02-14 | 杭州华为三康技术有限公司 | Data conversion method and device |
Also Published As
| Publication number | Publication date |
|---|---|
| CN101106529A (en) | 2008-01-16 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| KR101965794B1 (en) | Packet format and communication method of network node for compatibility of ip routing, and the network node | |
| CN102685177B (en) | The transparent proxy cache method of resource, the network equipment and system | |
| CN104283806B (en) | Business chain processing method and equipment | |
| CN102100041B (en) | Outbound transmission of packet based on routing search key constructed from packet destination address and outbound interface | |
| CN102685179B (en) | Modular transparent proxy cache | |
| CN103595637B (en) | Based on tree and the content center network node processing data method of Hash table | |
| CN102075438B (en) | unicast data frame transmission method and device | |
| CN105959254B (en) | The method and apparatus for handling message | |
| US9973400B2 (en) | Network flow information collection method and apparatus | |
| CN106657637A (en) | Handheld device capable of providing data tethering services while maintaining suite of handheld service functions | |
| CN104429038A (en) | Route forwarding method, apparatus and system | |
| CN110224929A (en) | The data packet forwarding method of link aggregation interface based on DPDK | |
| CN105991793B (en) | The method and apparatus of message forwarding | |
| CN104782087B (en) | Switching equipment, controller, switching equipment configuration, message processing method and system | |
| CN104486229B (en) | A kind of method and apparatus for realizing the forwarding of VPN message | |
| CN102035738A (en) | Method and device for acquiring routing information | |
| CN103534991B (en) | A kind of message forwarding method and equipment | |
| CN101110769B (en) | Package transmitting method and system based on safety service | |
| CN102325077B (en) | Communication method among branches and egress routers of branches | |
| CN107070790A (en) | A kind of route learning method and routing device | |
| CN101106529B (en) | Packet forwarding method and system based on secure service | |
| CN105933235B (en) | Data communications method and device | |
| CN103812774B (en) | Tactics configuring method, message processing method and related device based on TCAM | |
| CN102201996B (en) | Method and equipment for forwarding message in network address translation (NAT) environment | |
| CN100589446C (en) | Package transmitting method and system based on safety service |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CP03 | Change of name, title or address | ||
| CP03 | Change of name, title or address |
Address after: 310052 Binjiang District Changhe Road, Zhejiang, China, No. 466, No. Patentee after: Xinhua three Technology Co., Ltd. Address before: 310053 Hangzhou hi tech Industrial Development Zone, Zhejiang province science and Technology Industrial Park, No. 310 and No. six road, HUAWEI, Hangzhou production base Patentee before: Huasan Communication Technology Co., Ltd. |
|
| CF01 | Termination of patent right due to non-payment of annual fee | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20100721 Termination date: 20200802 |