CN101179515A - Method and device for inhibiting black hole routing - Google Patents
Method and device for inhibiting black hole routing Download PDFInfo
- Publication number
- CN101179515A CN101179515A CNA2007103022515A CN200710302251A CN101179515A CN 101179515 A CN101179515 A CN 101179515A CN A2007103022515 A CNA2007103022515 A CN A2007103022515A CN 200710302251 A CN200710302251 A CN 200710302251A CN 101179515 A CN101179515 A CN 101179515A
- Authority
- CN
- China
- Prior art keywords
- black hole
- address
- message
- routing iinformation
- source
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention discloses a method for restricting back hole routing, which includes the following steps: a network device is capable of restricting black hold routing; black hole routing information is established; the back hole routing information includes a target IP address; when the network device receives a message whose source IP address is the same with the target IP address of the black hole routing information, the black hole routing information is deleted. The invention also discloses a device for restricting the black hole routing and a network device having the device for restricting the black hole routing. In the invention, the network device inspects a black hole routing table after receives the message; in the event that the black hole routing table has the same black hole routing corresponding to the source address of the message, the IP address of a user terminal that transmits the message is sure to come into effect, then the black hole routing information is deleted in time; therefore, the message transmitted to the user terminal is capable of triggering ARP detection successfully without waiting until the aging time of the black hole routing is exceeded.
Description
Technical field
The present invention relates to the ethernet technology field, more particularly, relate to a kind of method and apparatus that suppresses the black hole route.
Background technology
In the Ethernet, transmit or support the control plane and the datum plane disjunctive model network equipment for support hardware, in carrying out IPv4 (the IP agreement of version number 4) repeating process, the described network equipment can carry out ARP (Address Resolution Protocol, address resolution protocol) surveys, promptly the next-hop ip address of message is resolved, judges whether to separate parsing MAC (Media Access Control, medium access control)) address.If survey successfully, on the network equipment, can set up an ARP list item, and when setting up list item, issue a main frame route to hardware or datum plane, can transmit by hardware so that go to the message of assigned ip address.Belong to the interface direct connection network segment for purpose IP, and the message that does not have corresponding main frame route is arranged in hardware or the datum plane, then deliver to control plane in the meeting to transmit, and trigger ARP and survey.
As can be seen from the above description, if there is the data flow of a large amount of " purpose IP belongs to the interface direct connection network segment, and the ARP detection is unsuccessful " in the network, can consumes the resource of a large amount of control planes, even cause attack the network equipment.
In order to prevent the appearance of this situation, can use the black hole route technology, its principle is: (send the ARP request if ARP surveys failure, do not receive effective arp reply at the appointed time), then can think does not have this user in the network, corresponding to this IP address of surveying failure, issues a main frame route to hardware, be used for being sent to this user's packet loss, this main frame route is called the black hole route.
The black hole route has certain ageing time, and after ageing time was overtime, the black hole route made subsequent packet have an opportunity to carry out ARP and surveys deleted.In the prior art, the establishment of black hole route and issuing by ARP is controlled, the trigger condition of deletion black hole route has two: the one, set up the normal ARP list item corresponding (can be dynamic learning configuration or manual configuration) with this black hole route, and the 2nd, this black hole routing aging time is overtime.
The IP of user terminal correspondence never exists and comes into force, if gateway after the user obtains the IP address, on each network equipment, do not set up immediately the ARP list item (cause by in two kinds of situations any one: the one, the initial data message of user terminal is not to issue gateway, and user terminal does not support to send gratuitous ARP; The 2nd, initial message sends to gateway, but gateway does not support freely to learn ARP).These network equipments can't recognize in time that the IP of this user terminal correspondence comes into force, and there be the IP corresponding black hole route corresponding with this user terminal in the black hole routing table above it.Though so the IP of this user terminal correspondence enters into force, it can't acquire other user terminals and send to his message.And can only wait until in the network overtimely in each network equipment with this IP address corresponding black hole routing aging time, and carry out just obtaining after ARP surveys successfully other user terminals to send to his message, cause losing of some messages, and the overlong time of waiting for.
Summary of the invention
In view of this, the invention provides a kind of method and apparatus that suppresses the black hole route, if gateway not set up immediately the ARP list item in the prior art on each network equipment after the user obtains the IP address to solve, under the situation that the IP of user terminal correspondence comes into force, each equipment in the network can't in time be understood the problem of this information.
The present invention is achieved in that
A kind of method that suppresses the black hole route comprises:
The network equipment enables the black hole route, creates the black hole routing iinformation, and this black hole routing iinformation comprises purpose IP address;
When this network equipment receives a message, when the source IP address of this message is consistent with the purpose IP address in the routing iinformation of described black hole, this black hole routing iinformation is deleted.
Preferably, before creating the black hole routing iinformation, also comprise:
Search the IP device information that needs protection that sets in advance, in IP device information, do not exist and the same IP address of source IP address of triggering the message of creating the black hole routing iinformation, carry out described establishment black hole routing iinformation step.
Preferably, when having the IP address the same in the IP device information, ignore and create black hole this step of routing iinformation with the source IP address that triggers the message of creating the black hole routing iinformation.
Preferably, the described IP device information that needs protection is configured in the reference paper with order line, MIB or WEB mode.
A kind of device that suppresses the black hole route comprises the receiving element that is used to receive message, and is used to manage the routing management unit, black hole of black hole routing iinformation, and described black hole routing iinformation comprises purpose IP address information, also comprises:
First judging unit is used for judging whether the source IP address of the message that described message receiving element receives is consistent with the purpose IP address of black hole routing iinformation;
First processing unit is used for indicating the described black hole of routing management element deletion, described black hole route when the source IP address of message is consistent with the purpose IP address of black hole routing iinformation.
Preferably, said apparatus also comprises:
Second processing unit; be used for the IP device information that needs protection that sets in advance by searching; when having the IP address the same in the described IP device information with the source IP address that triggers the message of creating the black hole routing iinformation, the establishment of cancellation black hole, indication routing management unit, black hole routing iinformation.
Preferably, in the said apparatus, the described IP device information that needs protection is configured in the reference paper with order line, MIB or WEB mode.
A kind of network equipment comprises the device that suppresses the black hole route, and this device comprises the routing management unit, black hole that is used to receive the receiving element of message and is used to manage the black hole routing iinformation, and described black hole routing iinformation comprises purpose IP address information, and this device also comprises:
First judging unit is used for judging whether the source IP address of the message that described message receiving element receives is consistent with the purpose IP address of black hole routing iinformation;
First processing unit is used for indicating the described black hole of routing management element deletion, described black hole route when the source IP address of message is consistent with the purpose IP address of black hole routing iinformation.
Preferably, the above-mentioned network equipment also comprises:
Second processing unit; be used for the IP device information that needs protection that sets in advance by searching; when having the IP address the same in the described IP device information with the source IP address that triggers the message of creating the black hole routing iinformation, the establishment of cancellation black hole, indication routing management unit, black hole routing iinformation.
Preferably, in the above-mentioned network equipment, the described IP device information that needs protection is configured in the reference paper with order line, MIB or WEB mode.
From above-mentioned technical scheme as can be seen, compared with prior art, among the present invention, the network equipment is after receiving message, source IP address according to message, the IP address of in time recognizing the user terminal that sends this message enters into force, to from the routing table of black hole, delete in the black hole route of this IP address correspondence, thereby making the message that sends to this user terminal can trigger ARP smoothly surveys, and then when surveying successfully, this user terminal can receive the message that sends over from other user terminals or the network equipment smoothly.And the ageing time that need not to wait for this black hole route is just carried out ARP after overtime and is surveyed.
Description of drawings
Fig. 1 is a kind of realization flow figure that suppresses the method for black hole route of the present invention;
Fig. 2 is a kind of schematic network structure;
Determine whether to create the flow chart of black hole route in the method realization flow that Fig. 3 suppresses the black hole route for the present invention is a kind of;
The structural representation of the embodiment one of the device that Fig. 4 suppresses the black hole route for the present invention is a kind of;
The structural representation of the embodiment two of the device that Fig. 5 suppresses the black hole route for the present invention is a kind of.
Embodiment
In order to solve the problem that prior art exists, the invention provides a kind of improved technical scheme, its basic thought is: the network equipment is after receiving message, judge whether exist in the routing table of local black hole and the corresponding black hole of the source address of this message route, if this black hole route is deleted from the routing table of black hole.
In order to make those skilled in the art better understand technical solution of the present invention, be described in detail below in conjunction with drawings and Examples.
Please refer to Fig. 1, suppress the flow chart of embodiment one of the method for black hole route for the present invention is a kind of.
Specifically may further comprise the steps:
Step S101: the network equipment enables the black hole route, creates the black hole routing iinformation.
This black hole routing iinformation comprises purpose IP address.
Step S102: receiving data packets.
Step S103: whether the source IP address of judging this data message is the same with the purpose IP address in the routing iinformation of described black hole, if enter step S104; Otherwise, finish.
Inquiry black hole routing table, source IP address to this data message is judged, when this black hole routing table exists with the corresponding purpose IP of this source IP address address, determines to exist the black hole route corresponding with source IP address, otherwise, then determine not exist corresponding black hole route.
Step S104: delete this black hole route, finish.
Owing to there be the black hole route corresponding with this source IP address, the destination node (described user terminal) that this explanation black hole route is limited is effective, so, with this black hole route deletion.
If when making that receiving next destination address is the message of this source IP address, can trigger ARP smoothly and survey.
As can be seen, the network equipment of the embodiment of the invention is after receiving message, source IP address according to message, the IP address of in time recognizing the user terminal that sends this message enters into force, to from the routing table of black hole, delete in the black hole route of this IP address correspondence, survey thereby make the message send to this user terminal can trigger ARP smoothly, and then when surveying successfully, this user terminal can receive the message that sends over from other user terminals or the network equipment smoothly.And the ageing time that need not to wait for this black hole route is just carried out ARP after overtime and is surveyed.This function is that prior network device is not available.
If the network equipment or gateway can just be set up the ARP list item immediately on the network equipment after user terminal obtains the IP address, equally also can solve owing to the state that can't in time understand user terminal IP causes message dropping the problem of waits for too long.But in this case, too strong to the dependence of the gateway and the network equipment, need network equipment gateway can support to learn gratuitous ARP, and user terminal can support to send gratuitous ARP.And the embodiment of the invention need not the gateway and the network equipment are proposed described requirement.
Utilize the present invention; can also be in advance configuration needs protection on the network equipment source IP address (for convenience; hereinafter it is referred to as the protection source IP address); these protection source IP addresss can be the IP addresses of some the reliable server or the network equipment, perhaps the source IP address of certain special message of using.Survey at ARP under the situation of failure, need to create before the routing iinformation of black hole, the source IP address that triggers the message of creating the black hole route is judged, determine whether to create the black hole route according to judged result, concrete process is as shown in Figure 3.
May further comprise the steps:
Step S201: receiving data packets, carry out ARP and survey.
Reception is from the data message of other network equipments or server transmission.
Step S202: judge whether ARP surveys successful, if failure enters step S203; Otherwise, finish.
Step S203: whether the source IP address of judging this data message belongs to the protection source IP address, if enter step S204; Otherwise, enter step S205.
Step S204: cancel the establishment of the black hole route corresponding and issue end with the purpose IP address of this message.
Step S205: create the establishment of the black hole route corresponding, finish with the purpose IP address of this message.
Same as the prior art from receiving data packets to carrying out the ARP detection process, so this paper is not described in detail.
Described protection source IP address is arranged in the reference paper, and this reference paper is stored some protection source IP addresss.Among the above-mentioned steps S203, whether the source IP address of judging this data message belongs to is protected the concrete mode of source IP address as follows:
At first; from described message, know the source IP address of this message; then; the reference paper that inquiry sets in advance; when having the IP address information that is complementary with this source IP address in this reference paper; the source IP address of judging this message belongs to the protection source IP address, otherwise, judge that the source IP address of this message does not belong to the protection source IP address.
This reference paper can pass through modes such as order line, MIB (Management Information Base, management information bank) or WEB and be configured.
By such scheme as can be known; the present invention is not directly to create the black hole routing iinformation, but the source IP address of this message is judged after surveying failure; and when judging source IP address and belong to the protection source IP address that sets in advance, the establishment of cancellation black hole route and issuing.
Utilize the embodiment of the invention; the IP address setting of some trustworthy network equipments or server can be the protection source IP address; even thereby make the message that sends out from this network equipment or server survey under the situation of failure at ARP; do not create and corresponding black hole, this purpose IP address route yet; guarantee black hole route normal use on the one hand; make that on the other hand the message of some special applications can be transmitted, enriched the service and the application of network.
Be example with network shown in Figure 2 below, technical scheme of the present invention is further described in detail.
IP address setting with Dynamic Host Configuration Protocol server 20 and certificate server 10 is the protection source IP address in advance, is arranged in the reference paper, and suppose that the IP address of Dynamic Host Configuration Protocol server 20 is: 10.10.0.1, the IP address of certificate server 10 is 10.10.0.2.
Dynamic Host Configuration Protocol server 20 is before the distributing IP address, send an ICMP request message, with to will IP address allocated surveying, when determining that this will IP address allocated (be assumed to be: after 10.10.10.1) not being a conflict IP address, this IP address assignment is given the user terminal of request authentication.
Be in the network equipment 30 between Dynamic Host Configuration Protocol server 20 and this user terminal when receiving this ICMP request message, carry out ARP and survey,, cause ARP to survey failure owing to also do not have user terminal to use this IP address (10.10.10.1) this moment.At this moment, the reference information in the network equipment 30 inquiry reference papers, the source IP address (10.10.0.1) of judging this message belongs to the protection source IP address, so, the establishment of cancellation and the black hole route of IP address (10.10.10.1) and issuing.
So, obtain the IP address at user terminal, and successfully after certificate server 10 sends the required message of authentication protocol, certificate server 10 receives this message identifying, and add their confirmation by sending confirmation message, the purpose IP address of this confirmation message is the IP address of user terminal, and source address is the IP address of certificate server 10.After the network equipment 30 receives this confirmation message, carry out ARP and survey, because at this moment, user terminal has obtained this IP address (10.10.10.1), and ARP surveys successfully, so directly this confirmation message is transmitted.After user terminal received this confirmation message, the affirmation authentication was finished, thereby obtained the authority of accesses network.
Embodiment corresponding to the said method part the invention allows for a kind of device that suppresses the black hole route.
Please refer to Fig. 4, suppress the structural representation of embodiment one of the device of black hole route for the present invention is a kind of.
This device comprises: receiving element 111, first judging unit 112, first processing unit 113 and routing management unit, black hole 114.
Routing management unit, described black hole 114 is used for management (comprising establishment, deletion) black hole routing iinformation.
The course of work and the operation principle of this device are as follows:
After receiving element 111 receives the data message of other servers in the automatic network or the network equipment, the source IP address of 112 pairs of these data messages of described first judging unit is judged, judges whether the source IP address of this data message is consistent with the purpose IP address in the routing iinformation of black hole., and judged result offered first processing unit 113.When there was corresponding with this source IP address black hole route in first processing unit 113 in this judgment result displays black hole routing table, transmission information indication routing management unit, black hole 114 was with this black hole routing iinformation deletion.
Fig. 5 shows the structural representation of the embodiment two of a kind of device that suppresses the black hole route of the present invention.
According to prior art, if the data message ARP that receiving element 111 receives surveys failure, the black hole routing iinformation is created in routing management unit, described black hole 114, and this black hole routing iinformation comprises the corresponding to purpose IP address, purpose IP address with described data message.
The embodiment of the invention discloses a kind of technical scheme unlike the prior art; on the basis of the foregoing description one; the embodiment of the invention also further comprises: second processing unit 115; this second processing unit 115 is used for the IP device information that needs protection that sets in advance by searching; when having the IP address the same in the described IP device information with the source IP address that triggers the data message of creating the black hole routing iinformation; the source IP address of promptly determining this data message belongs to the protection source IP address, then indicates the establishment of cancellation black hole, routing management unit, described black hole routing iinformation.
Described second processing unit 115 is judged whether the source IP address of this data message belongs to and is protected the concrete mode of source IP address as follows:
At first; from described message, know the source IP address of this message; then; the reference paper that inquiry sets in advance; when having the IP address information that is complementary with this source IP address in this reference paper; the source IP address of judging this message belongs to the protection source IP address, otherwise, judge that the source IP address of this message does not belong to the protection source IP address.
The IP address setting of some trustworthy network equipments or server can be the protection source IP address; even thereby make the message that sends out from this network equipment or server survey under the situation of failure at ARP; do not create and corresponding black hole, this purpose IP address route yet; guarantee black hole route normal use on the one hand; make that on the other hand the message of some special applications can be transmitted, enriched the service and the application of network.
Described protection source IP address can be arranged in the reference paper.This reference paper can pass through modes such as order line, MIB (Management Information Base, management information bank) or WEB and be configured.
The present invention also discloses a kind of network equipment.
The difference of this network equipment and prior network device is that this network equipment comprises the device that suppresses the black hole route.
This suppresses the structure of the device of black hole route, and the operation principle and the course of work have detailed introduction in the device embodiment one of above-mentioned inhibition black hole route, do not repeat them here.
More than disclosed only be preferred implementation of the present invention; but the present invention is not limited thereto; any those skilled in the art can think do not have a creationary variation, and, all should drop in protection scope of the present invention not breaking away from some improvements and modifications of being done under the principle of the invention prerequisite.
Claims (10)
1. a method that suppresses the black hole route is characterized in that, comprising:
The network equipment enables the black hole route, creates the black hole routing iinformation, and this black hole routing iinformation comprises purpose IP address;
When this network equipment receives a message, when the source IP address of this message is consistent with the purpose IP address in the routing iinformation of described black hole, this black hole routing iinformation is deleted.
2. to go 1 described method as right, it is characterized in that, before creating the black hole routing iinformation, also comprise:
Search the IP device information that needs protection that sets in advance, in IP device information, do not exist and the same IP address of source IP address of triggering the message of creating the black hole routing iinformation, carry out described establishment black hole routing iinformation step.
3. method as claimed in claim 2 is characterized in that, when having the IP address the same with the source IP address that triggers the message of creating the black hole routing iinformation in the IP device information, ignores and creates black hole this step of routing iinformation.
4. method as claimed in claim 3 is characterized in that, the described IP device information that needs protection is configured in the reference paper with order line, MIB or WEB mode.
5. a device that suppresses the black hole route comprises the receiving element that is used to receive message, and is used to manage the routing management unit, black hole of black hole routing iinformation, and described black hole routing iinformation comprises purpose IP address information, it is characterized in that, also comprises:
First judging unit is used for judging whether the source IP address of the message that described message receiving element receives is consistent with the purpose IP address of black hole routing iinformation;
First processing unit is used for indicating the described black hole of routing management element deletion, described black hole route when the source IP address of message is consistent with the purpose IP address of black hole routing iinformation.
6. device as claimed in claim 5 is characterized in that, also comprises:
Second processing unit; be used for the IP device information that needs protection that sets in advance by searching; when having the IP address the same in the described IP device information with the source IP address that triggers the message of creating the black hole routing iinformation, the establishment of cancellation black hole, indication routing management unit, black hole routing iinformation.
7. device as claimed in claim 6 is characterized in that, the described IP device information that needs protection is configured in the reference paper with order line, MIB or WEB mode.
8. network equipment, it is characterized in that comprise the device that suppresses the black hole route, this device comprises the routing management unit, black hole that is used to receive the receiving element of message and is used to manage the black hole routing iinformation, described black hole routing iinformation comprises purpose IP address information, and this device also comprises:
First judging unit is used for judging whether the source IP address of the message that described message receiving element receives is consistent with the purpose IP address of black hole routing iinformation;
First processing unit is used for indicating the described black hole of routing management element deletion, described black hole route when the source IP address of message is consistent with the purpose IP address of black hole routing iinformation.
9. the network equipment as claimed in claim 8 is characterized in that, also comprises:
Second processing unit; be used for the IP device information that needs protection that sets in advance by searching; when having the IP address the same in the described IP device information with the source IP address that triggers the message of creating the black hole routing iinformation, the establishment of cancellation black hole, indication routing management unit, black hole routing iinformation.
10. the network equipment as claimed in claim 9 is characterized in that, the described IP device information that needs protection is configured in the reference paper with order line, MIB or WEB mode.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2007103022515A CN101179515B (en) | 2007-12-24 | 2007-12-24 | Method and device for inhibiting black hole routing |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2007103022515A CN101179515B (en) | 2007-12-24 | 2007-12-24 | Method and device for inhibiting black hole routing |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101179515A true CN101179515A (en) | 2008-05-14 |
| CN101179515B CN101179515B (en) | 2010-06-02 |
Family
ID=39405605
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2007103022515A Active CN101179515B (en) | 2007-12-24 | 2007-12-24 | Method and device for inhibiting black hole routing |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101179515B (en) |
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101350789B (en) * | 2008-09-17 | 2010-12-08 | 杭州华三通信技术有限公司 | Method and apparatus for clearing residual LSP banding |
| CN102404774A (en) * | 2010-09-09 | 2012-04-04 | 中国移动通信集团上海有限公司 | Method and device for detecting network black holes |
| CN102843362A (en) * | 2012-08-08 | 2012-12-26 | 江苏华丽网络工程有限公司 | Method for carrying out ARP (Address Resolution Protocol) defense by using TCAM (Ternary Content Addressable Memory) |
| CN103581025A (en) * | 2013-10-23 | 2014-02-12 | 华为技术有限公司 | Method and system for processing routing information and equipment |
| CN104270364A (en) * | 2014-09-30 | 2015-01-07 | 杭州华三通信技术有限公司 | Message processing method and device for hypertext transfer protocol |
| CN105025028A (en) * | 2015-07-28 | 2015-11-04 | 中国工程物理研究院计算机应用研究所 | IP black hole discovering method based on flow analysis |
| CN105635138A (en) * | 2015-12-28 | 2016-06-01 | 华为技术有限公司 | Method and apparatus for preventing ARP attacks |
| CN107819733A (en) * | 2016-09-14 | 2018-03-20 | 中国电信股份有限公司 | User self-help performs the methods, devices and systems of blackhole route |
Family Cites Families (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP1744516A1 (en) * | 2005-07-15 | 2007-01-17 | AT&T Corp. | Distributed denial-of-service attack mitigation by selective black-holing in IP networks |
| CN100542143C (en) * | 2007-04-16 | 2009-09-16 | 杭州华三通信技术有限公司 | Graceful Restart method, designated intermediate system, neighbor router and radio network |
| CN101076029B (en) * | 2007-07-12 | 2011-05-11 | 中兴通讯股份有限公司 | Method for updating boundary gate protocol recursion router |
-
2007
- 2007-12-24 CN CN2007103022515A patent/CN101179515B/en active Active
Cited By (15)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101350789B (en) * | 2008-09-17 | 2010-12-08 | 杭州华三通信技术有限公司 | Method and apparatus for clearing residual LSP banding |
| CN102404774A (en) * | 2010-09-09 | 2012-04-04 | 中国移动通信集团上海有限公司 | Method and device for detecting network black holes |
| CN102404774B (en) * | 2010-09-09 | 2014-05-07 | 中国移动通信集团上海有限公司 | Method and device for detecting network black holes |
| CN102843362B (en) * | 2012-08-08 | 2016-05-04 | 唐稳杰 | A kind of TCAM of use carries out the method for ARP defence |
| CN102843362A (en) * | 2012-08-08 | 2012-12-26 | 江苏华丽网络工程有限公司 | Method for carrying out ARP (Address Resolution Protocol) defense by using TCAM (Ternary Content Addressable Memory) |
| CN103581025B (en) * | 2013-10-23 | 2017-02-22 | 华为技术有限公司 | Method and system for processing routing information and equipment |
| CN103581025A (en) * | 2013-10-23 | 2014-02-12 | 华为技术有限公司 | Method and system for processing routing information and equipment |
| CN104270364A (en) * | 2014-09-30 | 2015-01-07 | 杭州华三通信技术有限公司 | Message processing method and device for hypertext transfer protocol |
| CN104270364B (en) * | 2014-09-30 | 2018-01-12 | 新华三技术有限公司 | A kind of Hypertext Transfer Protocol message treating method and apparatus |
| CN105025028A (en) * | 2015-07-28 | 2015-11-04 | 中国工程物理研究院计算机应用研究所 | IP black hole discovering method based on flow analysis |
| CN105025028B (en) * | 2015-07-28 | 2018-07-24 | 中国工程物理研究院计算机应用研究所 | The black holes IP based on flow analysis find method |
| CN105635138A (en) * | 2015-12-28 | 2016-06-01 | 华为技术有限公司 | Method and apparatus for preventing ARP attacks |
| CN105635138B (en) * | 2015-12-28 | 2019-02-12 | 华为技术有限公司 | A kind of method and apparatus for preventing ARP from attacking |
| CN107819733A (en) * | 2016-09-14 | 2018-03-20 | 中国电信股份有限公司 | User self-help performs the methods, devices and systems of blackhole route |
| CN107819733B (en) * | 2016-09-14 | 2020-05-01 | 中国电信股份有限公司 | Method, device and system for self-help execution of black hole routing by user |
Also Published As
| Publication number | Publication date |
|---|---|
| CN101179515B (en) | 2010-06-02 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101179515B (en) | Method and device for inhibiting black hole routing | |
| JP4664143B2 (en) | Packet transfer apparatus, communication network, and packet transfer method | |
| CN101179603B (en) | Method and device for controlling user network access in IPv6 network | |
| CN101741702B (en) | Method and device for limiting broadcast of ARP request | |
| KR100908320B1 (en) | Method for protecting and searching host in internet protocol version 6 network | |
| US9184930B2 (en) | Detection and support of a dual-stack capable host | |
| CN107517138A (en) | Equipment detection method and device | |
| CN101834864A (en) | Method and device for preventing attack in three-layer virtual private network | |
| CN103414641B (en) | Neighbor table item release, device and the network equipment | |
| US9992159B2 (en) | Communication information detecting device and communication information detecting method | |
| CN101729314A (en) | Method and device for recovering dynamic table entries and dynamic host configuration protocol snoopingsnooping equipment | |
| CN102333013B (en) | Method, device and system for detecting medium access control (MAC) address conflicts | |
| CN102025797A (en) | Address prefix processing method, device, system and network equipment | |
| JP2012029222A (en) | Communication control device, communication system and program | |
| US20130254425A1 (en) | Dns forwarder for multi-core platforms | |
| JP2007081456A (en) | Converter | |
| EP3188492B1 (en) | Multicast security control method and device based on dns | |
| CN103595711A (en) | Adjusting safety access method and exchanger | |
| CN102333134B (en) | Medium/media access control address conflict detection method, device and system | |
| US9912557B2 (en) | Node information detection apparatus, node information detection method, and program | |
| CN101572675A (en) | Method for finding operating VRRP network equipment in directly connected network segment and device thereof | |
| JP2007166234A (en) | Ip address management method and remote monitoring device using it | |
| KR100687746B1 (en) | Method and apparatus for preventing collision of address | |
| JP7444600B2 (en) | Detection device and detection method | |
| CN112601229B (en) | Device and method for detecting illegality |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CP03 | Change of name, title or address |
Address after: 310052 Binjiang District Changhe Road, Zhejiang, China, No. 466, No. Patentee after: NEW H3C TECHNOLOGIES Co.,Ltd. Address before: 310053 Hangzhou hi tech Industrial Development Zone, Zhejiang province science and Technology Industrial Park, No. 310 and No. six road, HUAWEI, Hangzhou production base Patentee before: HANGZHOU H3C TECHNOLOGIES Co.,Ltd. |
|
| CP03 | Change of name, title or address | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20230615 Address after: 310052 11th Floor, 466 Changhe Road, Binjiang District, Hangzhou City, Zhejiang Province Patentee after: H3C INFORMATION TECHNOLOGY Co.,Ltd. Address before: 310052 Changhe Road, Binjiang District, Hangzhou, Zhejiang Province, No. 466 Patentee before: NEW H3C TECHNOLOGIES Co.,Ltd. |
|
| TR01 | Transfer of patent right |