CN101296064B - Bypass switching method, system and bypass equipment - Google Patents
Bypass switching method, system and bypass equipment Download PDFInfo
- Publication number
- CN101296064B CN101296064B CN2008101152097A CN200810115209A CN101296064B CN 101296064 B CN101296064 B CN 101296064B CN 2008101152097 A CN2008101152097 A CN 2008101152097A CN 200810115209 A CN200810115209 A CN 200810115209A CN 101296064 B CN101296064 B CN 101296064B
- Authority
- CN
- China
- Prior art keywords
- bypass
- equipment
- ips
- control interface
- self
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Images
Landscapes
- Power Sources (AREA)
Abstract
The invention provides a method and a system for bypass changeover, and a bypass device. Provided with independent power supply, the bypass device monitors the state of an intrusion prevention system (IPS) system by a control port; when the breakdown or the overload of the IPS device is detected, the bypass device is switched to a bypass state. As the bypass changeover of the bypass device of the invention does not rely on the IPS to supply power to the bypass device, but adopts the way of monitoring the state of the IPS system, and the ability of the independent power supply of the bypass device can be independently designed according to the scale of the port self, the load caused by the bypass device to the power supply and the power of the IPS device is prevented and the scale of the port of the bypass device can not be limited by the ability of the IPS power supply.
Description
Technical field
The present invention relates to the network communications technology, method, system and bypass equipment that particularly a kind of bypass is switched.
Background technology
Along with the continuous development of network technology and the continuous expansion of Internet scale; network security problem draws attention day by day; link in the network is except the transmission that will finish data; also need data are carried out some special monitorings and filtration treatment to guarantee the fail safe of network; intrusion prevention system (IPS; Intrusion Prevention System) equipment is exactly the safety protection equipment of carrying out a kind of like this function, and because of its networking flexibility, powerful, more and more by the application of scale.
Because IPS equipment is in the serial access network link; if IPS equipment self load is overweight; perhaps self breaks down; then the network link at this IPS equipment place then problems such as loss of data or service disconnection can occur; in order to address this problem; usually can be this IPS deployed with devices bypass equipment with bypass mode; when IPS self loads overweight or self breaks down; carrying out bypass switches; be about to this bypass equipment and switch to bypass condition; the data of network link are no longer passed through this IPS, but the bypass equipment of this IPS of process, this bypass equipment leads directly to transmission to the data that receive.The bypass equipment of disposing in the prior art is normally passive, concrete network configuration can be as shown in Figure 1, to be IPS equipment power by the cable 5 between the USB interface of the USB interface of IPS equipment and bypass equipment bypass equipment, concrete bypass handoff procedure is: when IPS equipment operate as normal, IPS equipment is by 5 pairs of bypass equipment power supplies of cable, the data that the network equipment 1 sends are via cable 1, cable 3 transfers to IPS equipment, through the IPS device processes after transfer to the network equipment 2 by cable 4 and cable 2, bypass equipment is in the access link state at this moment, only at data-interface cable 1 and cable 3 are connected, cable 2 and cable 4 are connected; When the IPS equipment self is loaded overweight or self send fault, no longer by 5 pairs of bypass equipment power supplies of cable, when bypass equipment does not have the power supply power supply, switch to bypass condition, cable 1 and cable 3 open circuit, cable 2 and cable 4 open circuit, and the data that the network equipment 1 sends are sent to bypass equipment via cable 1, transfer to the network equipment 2 via cable 2 again.Thereby realize the bypass switching through said process, in this process, only comprise a bypass switch unit in the bypass equipment by power supply control, be generally an analog switch, when to this bypass switch unit power supply, with the link conducting of IPS equipment, this bypass equipment is in the access link state, when stopping this bypass switch unit power supply, with the link conducting of bypass equipment, this bypass equipment is in bypass condition.
Yet, in the said method of prior art, because whether the switching of bypass equipment depends on IPS equipment to this bypass equipment power supply, IPS equipment needs simultaneously bypass equipment to be powered when work, therefore, this must cause certain burden to power supply and self power of IPS, and the data-interface scale of bypass equipment also can be subjected to the power supply capacity restriction of IPS power supply.
Summary of the invention
In view of this, the invention provides method, system and bypass equipment that a kind of bypass is switched, so that the burden of avoiding bypass equipment that the power supply and the power of IPS equipment is caused, and the data-interface scale of bypass equipment is subjected to the restriction of IPS power supply power supply capacity.
The method that a kind of bypass is switched, be applied to independently-powered bypass equipment, this method comprises:
If described bypass equipment monitors control interface level down between self and the intrusion prevention system IPS equipment to preset threshold value, then monitor the IPS device fails, return to normal level if monitor described control interface level, then monitor described IPS equipment work and recover normal; If described bypass equipment receives the bypass switching command by the control interface of self, it is overweight then to monitor the IPS machine utilization, recovers normal instruction if receive by self control interface, then monitors described IPS equipment work and recovers normal;
When monitoring described IPS device fails or loading when overweight, described bypass equipment is switched to bypass condition; Recover just often when monitoring described IPS equipment work, described bypass equipment is switched to the access link state.
The method that a kind of bypass is switched, this method are applied to comprise the system of the bypass equipment of IPS equipment, at least two mutual cascades, and wherein, each bypass equipment is independently-powered, and this method comprises:
If the bypass equipment that is connected with described IPS equipment monitors control interface level down between self and the IPS equipment to preset threshold value, then monitor the IPS device fails, return to normal level if monitor described control interface level, then monitor described IPS equipment work and recover normal; If described bypass equipment receives the bypass switching command by the control interface of self, it is overweight then to monitor the IPS machine utilization, recovers normal instruction if receive by self control interface, then monitors described IPS equipment work and recovers normal;
When monitoring described IPS device fails or loading when overweight, the described bypass equipment that is connected with IPS equipment switches to bypass condition with self, and by self and and the bypass equipment of self cascade between control interface, send the bypass switching command to bypass equipment, switch to bypass condition for bypass equipment with self cascade with self cascade;
Recover just often when monitoring described IPS equipment work, the described bypass equipment that is connected with IPS equipment will self switch to the access link state, and by self and and the bypass equipment of self cascade between control interface, to send recovering normal instruction, switch to the access link state for bypass equipment with self cascade with self bypass equipment in succession.
A kind of bypass equipment, this bypass equipment comprises: Condition Monitoring Unit, independently-powered unit and bypass switch unit;
Described Condition Monitoring Unit, be used for the state of IPS equipment is monitored, if monitor control interface level down between self and the IPS equipment to preset threshold value, then monitor the IPS device fails, return to normal level if monitor described control interface level, then monitor described IPS equipment work and recover normal; If described bypass equipment receives the bypass switching command by the control interface of self, it is overweight then to monitor the IPS machine utilization, recovers normal instruction if receive by self control interface, then monitors described IPS equipment work and recovers normal; When monitoring described IPS device fails or loading when overweight, trigger described bypass switch unit this bypass equipment is switched to bypass condition, recover just often when monitoring described IPS equipment work, trigger described bypass switch unit this bypass equipment is switched to the access link state;
Described independently-powered unit is used for described Condition Monitoring Unit and bypass switch unit are powered;
Described bypass switch unit is used for this bypass equipment is switched to bypass condition or access link state.
The system that a kind of bypass is switched is characterized in that this system comprises: IPS equipment and above-mentioned bypass equipment provided by the invention.
As can be seen from the above technical solutions, method provided by the invention, system and bypass equipment, bypass equipment is adopted independently-powered mode, and, whether no longer adopt IPS equipment bypass equipment to be powered triggers bypass and switches, but in bypass equipment, increased status monitoring function, be that bypass equipment is monitored the state of IPS equipment, when monitoring described IPS device fails or loading when overweight, self is switched to bypass condition, recover just often when monitoring the IPS equipment work, will self switch to the access link state.Because whether the bypass of bypass equipment switching in the present invention no longer depends on IPS equipment and this bypass equipment is powered, but adopt the mode that the state of IPS equipment is monitored, and, bypass equipment is also adopted independently-powered mode, make IPS equipment when work, need not simultaneously bypass equipment to be powered, thus the burden of having avoided bypass equipment that power supply and the power of IPS equipment is caused; Therefore bypass equipment is independently-powered can, can not be subjected to the restriction of IPS power supply power supply capacity according to the port scale independent design of self yet.
Description of drawings
Fig. 1 is a bypass switch groups web frame schematic diagram of the prior art;
The bypass switch groups web frame schematic diagram that has cascade that Fig. 2 provides for the embodiment of the invention;
The bypass equipment structure chart that Fig. 3 provides for the embodiment of the invention.
Embodiment
In order to make the purpose, technical solutions and advantages of the present invention clearer, describe the present invention below in conjunction with the drawings and specific embodiments.
Method provided by the invention mainly comprises: bypass equipment is adopted independently-powered mode, bypass equipment is monitored the state of IPS equipment by control interface, when monitoring this IPS device fails or loading when overweight, this bypass equipment is switched to bypass condition; Recover just often when monitoring this IPS equipment work, this bypass equipment is switched to the access link state.
Power supply to the power supply of bypass equipment and IPS equipment in the said method is independent separately.Power supply capacity to bypass equipment can design according to the concrete power consumption demand of bypass equipment, and for example, the port scale that bypass equipment is supported is big more, and that then can design the power supply capacity of bypass equipment is strong more.Concrete supply power mode can be selected flexibly, for example can adopt the once mode of power supply, the perhaps mode of the common use of power supply and secondary power supply once, and perhaps battery powered mode etc. is not done concrete restriction at this to concrete supply power mode.
Bypass equipment is realized by the control interface between bypass equipment and the IPS equipment the status monitoring that IPS equipment carries out, this control interface can adopt multiple communication interface, for example, can adopt and be used to the employed USB interface of powering in the prior art, also can adopt network interface commonly used etc., all be that example is described in the following description with the USB interface.
Specifically the status monitoring that IPS equipment is carried out mainly can comprise following two aspects:
One, the monitoring whether IPS equipment is broken down.During the IPS operate as normal, level on the USB interface keeps 5V, when IPS takes place such as faults such as power down or aborted, level can change on IPS equipment and the USB interface that bypass equipment links to each other, the level of USB interface can be reduced to 0V from 5V, certainly, 5V only is the level standard of USB interface here, may have other level standard when adopting other communication interface.When bypass equipment monitors this USB interface level down to certain threshold value, just determine the IPS device fails; When monitoring this USB interface level when returning to normal level, determine that this IPS equipment work recovers normal.
Two, to the overweight monitoring of whether loading of IPS equipment.When the IPS machine utilization is overweight, for example, when the data traffic that receives surpasses the disposal ability of self, phenomenons such as loss of data or service disconnection may take place, therefore, in order to prevent the generation of this problem, IPS equipment can send the bypass switching command to bypass equipment by USB interface, when bypass equipment receives this bypass switching command, determine that the IPS machine utilization is overweight.When the load restoration of IPS equipment just often, can send to bypass equipment by USB interface and recover normal instruction, when bypass equipment receives the normal instruction of this recoverys, determine that the IPS equipment work recovers normally.
If bypass equipment monitors the USB interface level when being changed to 0V or receiving the bypass switching command, this bypass equipment is switched to bypass condition.That is to say that the triggering that bypass this moment is switched monitors the IPS device fails by bypass equipment or loads and trigger when overweight, and no longer be whether whether bypass equipment to be powered by IPS equipment to trigger by USB interface.USB interface is not re-used as the interface of power supply usefulness, but as the interface of monitoring the IPS equipment state.
Wherein, can adopt the mode that the bypass switch unit in the bypass equipment is stopped power supply that this bypass equipment is switched to bypass condition, the mode that bypass switch unit in the bypass equipment is restored electricity switches to the access link state with this bypass equipment, this is a handover mechanism of continuing to use bypass switch unit in the prior art, because when the bypass switch unit was analog switch, the state when not powering was comparatively stable, therefore, this mechanism is more excellent.Certainly, also can specifically be provided with, for example, the mode that can be arranged to bypass switch unit in the bypass equipment is restored electricity switches to bypass condition with this bypass equipment, and the mode that bypass switch unit in the bypass equipment is stopped power supply switches to the access link state with this bypass equipment.
In addition, in the realization of prior art, because bypass equipment is powered by IPS equipment, and whether carry out state by the power supply of IPS equipment and switch, therefore, when carrying out networking, just determined the bypass equipment that IPS equipment is connected, at this moment, if the IPS equipment in the networking is upgraded to having the more equipment of large port scale, not enough situation may appear in the port of original bypass equipment, perhaps, the port of IPS equipment is larger, and does not currently have can be with the bypass equipment of this IPS device port coupling the time, realization of the prior art then can't be expanded bypass equipment accordingly, the upgrading that this just can limit IPS equipment, perhaps cause the IPS device upgrade after, some link does not have the corresponding bypass can be for switching.
In order to address this is that, the present invention adopts independently-powered to bypass equipment and possesses outside the IPS status detection function in the mode that adopts the foregoing description, can expand bypass equipment by the mode of cascade, promptly can two bypass equipments be carried out cascade by USB interface, implementation can be as shown in Figure 2, the more USB interface of design on bypass equipment A, one of them USB interface is used to monitor the IPS equipment state, another USB interface is used for carrying out cascade with other bypass equipment, and the bypass equipment of notice cascade switches to bypass condition.With networking structure shown in Figure 2 is example, bypass equipment A monitors the IPS device fails by usb 1 or loads when overweight, self switch to the bypass condition except triggering, can also send the bypass switching command to bypass equipment B by USB interface 2, self switch to bypass condition so that bypass equipment B also can trigger.Bypass equipment A monitors the IPS equipment work by usb 1 and recovers just often, self switch to the access link state except triggering, bypass equipment B can also send to bypass equipment B by USB interface 2 and recover normal instruction, so that also can trigger the access link state that self switches to.If there is the more bypass equipment of multi-cascade, then a plurality of USB interface can be set also on bypass equipment B, one of them USB interface is used to receive the bypass switching command of upper level bypass equipment A or recovers normal instruction, another USB interface sends the bypass switching command or recovers normal instruction to the next stage bypass equipment, and the like, carry out aforesaid operations step by step.The bypass equipment number of bypass equipment institute cascade can be by the concrete port number decision that has after the IPS device upgrade.
Below for a specific example, suppose that certain network based demand disposed an IPS equipment of supporting 8 data ports, these 8 data ports are the GE port, then this IPS equipment can be supported the flow of two-way 4Gbps, this IPS serial access network link, if bypass equipment A is independently-powered and support 2 roadside road, another supports the bypass equipment B on 2 roadside road then to need cascade, and this bypass equipment A and bypass equipment B are independently-powered.When the data traffic of network hour, IPS equipment operate as normal, bypass equipment A and bypass equipment B are in the access link state, when network load increases, as when being increased to flowing full amount 4Gbps, because the limited transfer of data that may cause of disposal ability of IPS equipment can't reach linear speed, at this moment, IPS equipment sends the bypass switching command by USB interface to bypass equipment A, after bypass equipment A receives this bypass switching command, send the bypass switching command by another USB interface to bypass equipment B, and bypass equipment A switched to bypass condition, after same bypass equipment B received the bypass switching command, B switched to bypass condition with bypass equipment, thereby made the transfer of data in this network link can not take place to interrupt and loss of data.
After the IPS equipment fault recovers, the level that bypass equipment A can monitor USB interface returns to normal level, then send to bypass equipment B and recover normal instruction by another USB interface, and the operating state of bypass equipment A is set to the access link state, after bypass equipment B received and recovers normal instruction, self working state was set to the access link state; After the IPS machine utilization recovers normally, can send to bypass equipment A and recover normal instruction, after bypass equipment A receives the normal instruction of recovery by USB interface, send the normal instruction of recovery by another USB interface to bypass equipment B, and the operating state of bypass equipment A is set to the access link state, after bypass equipment B received and recovers normal instruction, self working state was set to the access link state.
More than be description, below system provided by the invention and bypass equipment be described in detail that system provided by the invention can comprise: IPS equipment and bypass equipment to method provided by the invention.
Wherein, bypass equipment is monitored the state of IPS equipment, when monitoring this IPS device fails or loading when overweight, this bypass equipment is switched to bypass condition; Recover just often when monitoring this IPS equipment work, this bypass equipment is switched to the access link state.
In addition, bypass equipment can also by except with control interface that IPS equipment links to each other other control interface, carry out cascade with other bypass equipment, monitoring the IPS device fails or loading when overweight, can also send the bypass switching command to bypass equipment with its cascade, switch to bypass condition for bypass equipment with its cascade, recover just often when monitoring the IPS equipment work, send the normal instruction of recovery to bypass equipment with its cascade, switch to the access link state for bypass equipment with its cascade, its structure can be as shown in Figure 2, what provide among Fig. 2 is two schematic diagrames that bypass equipment carries out cascade, certainly, the present invention is applicable to that also two above bypass equipments carry out the situation of cascade.
IPS equipment is when breaking down, and the control interface level down is to preset threshold value; Perhaps, when load is overweight, send the bypass switching command to bypass equipment by control interface.
Correspondingly, if bypass equipment monitors and IPS equipment between the control interface level down to preset threshold value, then determine this IPS device fails; If bypass equipment receives the bypass switching command by control interface, determine that then this IPS machine utilization is overweight.If bypass equipment monitors and IPS equipment between the control interface level return to normal level, perhaps receive and recover normal instruction by control interface, determine that then this IPS equipment work recovers normal.The bypass equipment that links to each other with IPS equipment receives from the bypass switching command of IPS equipment or recovers normal instruction, can receive from the bypass switching command of upper level bypass equipment with the bypass equipment of other bypass equipment cascade or recovers normal instruction.
The bypass equipment structure chart that Fig. 3 provides for the embodiment of the invention, as shown in Figure 3, this bypass equipment can comprise: Condition Monitoring Unit 300, independently-powered unit 310 and bypass switch unit 320.
Independently-powered unit 310 is used for Condition Monitoring Unit 300 and bypass switch unit 320 are powered.
Wherein, Condition Monitoring Unit 300 can comprise: voltage monitoring subelement 301 and power supply control sub unit 302.
Power supply control sub unit 302, be used for when the voltage monitoring subelement monitors the control interface level down to preset threshold value, send switching notice to independently-powered unit 310, when voltage monitoring subelement 301 monitors the control interface level down to preset threshold value, send the recovery notice to independently-powered unit 310.
When independently-powered unit 310 receives switching notice, stop bypass switch unit 320 is powered, receive when recovering notice, recover bypass switch unit 320 is powered.
Perhaps, Condition Monitoring Unit 300 can comprise: command monitoring subelement 303 and power supply control sub unit 304.
Power supply control sub unit 304, be used for when instruction monitoring subelement 303 monitors the bypass switching command, send switching notice to independently-powered unit 310, when instructing monitoring subelement 303 to monitor the normal instruction of recovery, recover to notify to 310 transmissions of independently-powered unit.
When independently-powered unit 310 receives switching notice, stop bypass switch unit 320 is powered, receive when recovering notice, recover bypass switch unit 320 is powered.
Two kinds of structures of Condition Monitoring Unit 310 can individualism, also can exist simultaneously, and when existing simultaneously, circuit control sub unit 302 and circuit control sub unit 304 can be set to a circuit control sub unit and realize.Above-described voltage monitoring subelement 301 can be realized that the power supply control sub unit is realized by power control circuit commonly used by electric voltage observation circuit commonly used.
In networking plan, IPS is upgraded when having the new equipment of large port scale more, original bypass equipment port number and IPS equipment do not match, at this moment, can expand original bypass equipment by cascade system, at this moment, this bypass equipment can also comprise: cascade unit 330, be used for monitoring the IPS device fails or loading when overweight in Condition Monitoring Unit 310, by the control interface between this bypass equipment and the next stage bypass equipment, send the bypass switching command to the next stage bypass equipment; Monitor the IPS equipment work in Condition Monitoring Unit 310 and recover just often,, send the normal instruction of recovery to the next stage bypass equipment by the control interface between this bypass equipment and the next stage bypass equipment.
On bypass equipment, can design more than one control port, for example, can design two control ports, one of them is used for linking to each other with the IPS equipment or the bypass equipment of upper level, another control port is used for linking to each other with the bypass equipment of next stage, thereby realizes expansion.
By above description as can be seen, method provided by the invention, system and bypass equipment, bypass equipment is adopted independently-powered mode, and, whether no longer adopt IPS equipment bypass equipment to be powered triggers bypass and switches, but in bypass equipment, increased status monitoring function, be that bypass equipment is monitored the state of IPS equipment, when monitoring described IPS device fails or loading when overweight, this bypass equipment switches to bypass condition with self, recover just often when monitoring the IPS equipment work, will self switch to the access link state.Because whether the bypass of bypass equipment switching in the present invention no longer depends on IPS equipment and this bypass equipment is powered, but adopt the mode that the state of IPS equipment is monitored, and, bypass equipment is also adopted independently-powered mode, make IPS equipment when work, need not simultaneously bypass equipment to be powered, thus the burden of having avoided bypass equipment that power supply and the power of IPS equipment is caused; Therefore bypass equipment is independently-powered can, can not be subjected to the restriction of IPS power supply power supply capacity according to the port scale independent design of self yet.
In addition, the IPS bypass equipment can also be by being provided with a plurality of control interfaces in the present invention, by the control interface between bypass equipment and the next stage bypass equipment a plurality of bypass equipments are carried out cascade, and provided the bypass changing method of a plurality of bypass equipments under the cascade situation, promptly detecting the IPS bypass equipment breaks down or meets when overweight, also send the bypass switching command to bypass equipment simultaneously with its cascade, after should receiving the bypass switching command with the bypass equipment of its cascade, if also have the next stage bypass equipment, then send the bypass switching command to its next stage bypass equipment simultaneously, until there not being the next stage bypass equipment; All bypass equipments all switch to bypass condition with self after receiving the bypass switching command.Thereby when IPS equipment factor such as upgrade causes the port scale of bypass equipment not enough, can bypass equipment be expanded flexibly, thereby satisfy network and IPS equipment demand fairly large bypass way.
The above only is preferred embodiment of the present invention, and is in order to restriction the present invention, within the spirit and principles in the present invention not all, any modification of being made, is equal to replacement, improvement etc., all should be included within the scope of protection of the invention.
Claims (9)
1. the method switched of a bypass is characterized in that be applied to independently-powered bypass equipment, this method comprises:
If described bypass equipment monitors control interface level down between self and the intrusion prevention system IPS equipment to preset threshold value, then monitor the IPS device fails, return to normal level if monitor described control interface level, then monitor described IPS equipment work and recover normal; If described bypass equipment receives the bypass switching command by the control interface of self, it is overweight then to monitor the IPS machine utilization, recovers normal instruction if receive by self control interface, then monitors described IPS equipment work and recovers normal;
When monitoring described IPS device fails or loading when overweight, described bypass equipment is switched to bypass condition; Recover just often when monitoring described IPS equipment work, described bypass equipment is switched to the access link state.
2. method according to claim 1 is characterized in that, described bypass equipment is switched to bypass condition be specially: stop the bypass switch unit of described bypass equipment is powered, keep other unit of described bypass equipment is powered;
Described bypass equipment is switched to the access link state to be specially: recover the power supply to the bypass switch unit of described bypass equipment.
3. the method switched of a bypass is characterized in that, this method is applied to comprise the system of the bypass equipment of IPS equipment, at least two mutual cascades, and wherein, each bypass equipment is independently-powered, and this method comprises:
If the bypass equipment that is connected with described IPS equipment monitors control interface level down between self and the IPS equipment to preset threshold value, then monitor the IPS device fails, return to normal level if monitor described control interface level, then monitor described IPS equipment work and recover normal; If described bypass equipment receives the bypass switching command by the control interface of self, it is overweight then to monitor the IPS machine utilization, recovers normal instruction if receive by self control interface, then monitors described IPS equipment work and recovers normal;
When monitoring described IPS device fails or loading when overweight, the described bypass equipment that is connected with IPS equipment switches to bypass condition with self, and by self and and the bypass equipment of self cascade between control interface, send the bypass switching command to bypass equipment, switch to bypass condition for bypass equipment with self cascade with self cascade;
Recover just often when monitoring described IPS equipment work, the described bypass equipment that is connected with IPS equipment will self switch to the access link state, and by self and and the bypass equipment of self cascade between control interface, to send recovering normal instruction, switch to the access link state for bypass equipment with self cascade with self bypass equipment in succession.
4. a bypass equipment is characterized in that, this bypass equipment comprises: Condition Monitoring Unit, independently-powered unit and bypass switch unit;
Described Condition Monitoring Unit, be used for the state of IPS equipment is monitored, if monitor control interface level down between self and the IPS equipment to preset threshold value, then monitor the IPS device fails, return to normal level if monitor described control interface level, then monitor described IPS equipment work and recover normal; If described bypass equipment receives the bypass switching command by the control interface of self, it is overweight then to monitor the IPS machine utilization, recovers normal instruction if receive by self control interface, then monitors described IPS equipment work and recovers normal; When monitoring described IPS device fails or loading when overweight, trigger described bypass switch unit this bypass equipment is switched to bypass condition, recover just often when monitoring described IPS equipment work, trigger described bypass switch unit this bypass equipment is switched to the access link state;
Described independently-powered unit is used for described Condition Monitoring Unit and bypass switch unit are powered;
Described bypass switch unit is used for this bypass equipment is switched to bypass condition or access link state.
5. bypass equipment according to claim 4 is characterized in that, described Condition Monitoring Unit comprises: voltage monitoring subelement and power supply control sub unit;
Described voltage monitoring subelement is used for the control interface level between this bypass equipment and the IPS is monitored;
Described power supply control sub unit, be used for when described voltage monitoring subelement monitors described control interface level down to preset threshold value, send switching notice to described independently-powered unit, monitor described control interface level when returning to normal level at described voltage monitoring subelement, send to described independently-powered unit and recover notice;
Described independently-powered unit when receiving switching notice, stops described bypass switch unit is powered, and receives when recovering notice, recovers described bypass switch unit is powered;
Described bypass switch unit when being stopped power supply, switches to bypass condition with this bypass equipment, when being resumed power supply, this bypass equipment is switched to the access link state.
6. bypass equipment according to claim 4 is characterized in that, described Condition Monitoring Unit comprises: command monitoring subelement and power supply control sub unit;
Described command monitoring subelement, the control interface that whether is used to monitor by this bypass equipment receives the bypass switching command or recovers normal instruction;
Described power supply control sub unit, be used for when described instruction monitoring subelement monitors the bypass switching command, to described independently-powered unit transmission switching notice, when described instruction monitoring subelement monitors the normal instruction of recovery, recover to notify to described independently-powered unit transmission;
Described independently-powered unit when receiving described switching notice, stops described bypass switch unit is powered, and when receiving described recovery notice, recovers described bypass switch unit is powered;
Described bypass switch unit when being stopped power supply, switches to bypass condition with this bypass equipment, when being resumed power supply, this bypass equipment is switched to the access link state.
7. bypass equipment according to claim 4, it is characterized in that, this bypass equipment also comprises: the cascade unit, be used for monitoring described IPS device fails or loading when overweight in described Condition Monitoring Unit, by the control interface between this bypass equipment and the next stage bypass equipment, send the bypass switching command to described next stage bypass equipment; Monitor described IPS equipment work in described Condition Monitoring Unit and recover just often,, send the normal instruction of recovery to described next stage bypass equipment by the control interface between this bypass equipment and the next stage bypass equipment.
8. the system that bypass is switched is characterized in that this system comprises: IPS equipment and bypass equipment as claimed in claim 4.
9. system according to claim 8 is characterized in that, described IPS equipment is when breaking down, and the control interface level down is to preset threshold value; Perhaps, when load is overweight, send the bypass switching command to described bypass equipment by control interface; Recover just often in work, send to described bypass equipment by control interface and recover normal instruction.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2008101152097A CN101296064B (en) | 2008-06-18 | 2008-06-18 | Bypass switching method, system and bypass equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2008101152097A CN101296064B (en) | 2008-06-18 | 2008-06-18 | Bypass switching method, system and bypass equipment |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101296064A CN101296064A (en) | 2008-10-29 |
| CN101296064B true CN101296064B (en) | 2011-12-21 |
Family
ID=40066102
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2008101152097A Expired - Fee Related CN101296064B (en) | 2008-06-18 | 2008-06-18 | Bypass switching method, system and bypass equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101296064B (en) |
Families Citing this family (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102064968B (en) * | 2010-12-31 | 2013-01-23 | 华为数字技术(成都)有限公司 | Method, device and system for preventing embedded BYPASS device from powering down |
| CN105099825B (en) * | 2015-08-17 | 2018-10-02 | 北京神州绿盟信息安全科技股份有限公司 | A kind of safeguard method and device of external Bypass |
| TWI670952B (en) * | 2017-08-14 | 2019-09-01 | 艾普仕股份有限公司 | Network switching system |
| CN112821545A (en) * | 2021-02-25 | 2021-05-18 | 福州创实讯联信息技术有限公司 | Method and device for setting bypass state of system after power failure |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US4972452A (en) * | 1989-11-09 | 1990-11-20 | Aspect Telecommunications Corporation | Digital bypass for telephone system |
| US5825850A (en) * | 1996-10-02 | 1998-10-20 | Time Warner Entertainment Co. L.P. | Automatic bypass switch for signal conductor |
| CN1764079A (en) * | 2004-10-22 | 2006-04-26 | 北京佳讯飞鸿电气有限责任公司 | Method and system for realizing low end access level router backup |
-
2008
- 2008-06-18 CN CN2008101152097A patent/CN101296064B/en not_active Expired - Fee Related
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US4972452A (en) * | 1989-11-09 | 1990-11-20 | Aspect Telecommunications Corporation | Digital bypass for telephone system |
| US5825850A (en) * | 1996-10-02 | 1998-10-20 | Time Warner Entertainment Co. L.P. | Automatic bypass switch for signal conductor |
| CN1764079A (en) * | 2004-10-22 | 2006-04-26 | 北京佳讯飞鸿电气有限责任公司 | Method and system for realizing low end access level router backup |
Non-Patent Citations (1)
| Title |
|---|
| 杨俊玲.基于LINUX 下桥模式的入侵检测系统的研究.《商业科技》.2008,全文. * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN101296064A (en) | 2008-10-29 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN1997034B (en) | A method and system for protection of the link convergence group | |
| CN102541697A (en) | Switching method for processing fault of dual-redundancy computer | |
| CN100499505C (en) | An Ethernet protection method and apparatus | |
| CN101296064B (en) | Bypass switching method, system and bypass equipment | |
| JP2001077919A (en) | Redundant configuration supervisory control system, supervisory controller thereof and controller to be supervised | |
| CN102281178A (en) | Ring network link redundancy control system and control method thereof | |
| CN101083559A (en) | Method and system for switching master control module and slave control module | |
| CN101159504B (en) | Synchronous digital hierarchy based ethernet protecting method | |
| CN101753397A (en) | System, method and device for rapidly self-healing Ethernet ring | |
| CN101860442A (en) | Exchanger, power supply device and method for realizing power-down remote-end alarm | |
| CN102883355A (en) | Building base band unit, base band processing board and fault processing method for base band processing board | |
| CN201533194U (en) | Automatic on/off switching electric appliance | |
| CN102804306B (en) | Switch element and correlation technique | |
| CN101790110B (en) | Device and method for coordinating and recovering automatic protection switching operation | |
| CN101123475A (en) | Optical channel protection method, device and system in optical communication system | |
| CN102064968A (en) | Method, device and system for preventing embedded BYPASS device from powering down | |
| CN100512135C (en) | A communication equipment power management system and implementing method thereof | |
| CN201163348Y (en) | Application control apparatus used for redundant system | |
| CN101399450A (en) | Apparatus and method for controlling electricity supply to portable device by multiple batteries | |
| CN101110609A (en) | Method and system for implementing communication of main and standby module | |
| CN101958782A (en) | Method for realizing node standby and system | |
| CN106114227B (en) | Power battery fault protecting method, device and power battery | |
| CN100395962C (en) | Method and system for equipment switching in communication system | |
| CN101714776B (en) | 10KV station electric control system of convertor station adopting selecting 2 from 3 logic | |
| CN203233229U (en) | Share-based power supply operation and support system of seafloor observation network |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CP03 | Change of name, title or address | ||
| CP03 | Change of name, title or address |
Address after: 310052 Binjiang District Changhe Road, Zhejiang, China, No. 466, No. Patentee after: Xinhua three Technology Co., Ltd. Address before: 310053 Hangzhou hi tech Industrial Development Zone, Zhejiang province science and Technology Industrial Park, No. 310 and No. six road, HUAWEI, Hangzhou production base Patentee before: Huasan Communication Technology Co., Ltd. |
|
| CF01 | Termination of patent right due to non-payment of annual fee | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20111221 Termination date: 20200618 |