CN101361325B - Packet packaging and redirecting method for data packet - Google Patents
Packet packaging and redirecting method for data packet Download PDFInfo
- Publication number
- CN101361325B CN101361325B CN200680051160.2A CN200680051160A CN101361325B CN 101361325 B CN101361325 B CN 101361325B CN 200680051160 A CN200680051160 A CN 200680051160A CN 101361325 B CN101361325 B CN 101361325B
- Authority
- CN
- China
- Prior art keywords
- interface
- network
- packet
- network node
- sent
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/46—Interconnection of networks
- H04L12/4633—Interconnection of networks using encapsulation techniques, e.g. tunneling
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
- H04L45/22—Alternate routing
Abstract
Provided is a method to redirect data packets by a network controller to a network node. A network interface routes a data packet from the network node. Another network interface redirects the data packet from the network node. A switch selects between the two network interfaces based upon the state of the network node.
Description
Technical field
Theme described herein relates to communication system, more specifically, relates in certain embodiments packet (packet) route is passed communication system.
Background technology
In Modern Communication System, data send to another communication node from a communication node through network with the form of grouping usually.These groupings generally include one or more headers (header) and a payload (payload), and this payload is the actual useful data that will be sent, receive and be used by communication node.
Keep the integrality between a plurality of network nodes and the main frame to become unusually important.Header information helps packet process various network nodes from the source routing to the destination.Payload is the actual information content that is transferred to destination node from source node.When the fail safe of one of them network node suffered damage, this a breach of security may endanger other client computer or main frame by for example distribution virus.
Network router may be because a variety of causes be denied to the access to netwoks of communication node.The network adapter that this control allows the telemanagement order to be positioned on network node or the main frame stops the all-network activity immediately.But this control may have serious consequence, causes closing network node or main frame.Consider the transaction in for example bank's operation.If communication node or main frame will be closed, may cause the serious consequence of personal financial business or business finance business.
Exist various technology to allow communication network node and communication network to keep communicating by letter.Some technology depend on network software stack modules.Similarly, " bump-in-the-wire " is as the embedded application operation in the network controller.These technology have shortcoming.
Description of drawings
Fig. 1 is the block diagram according to the communication system of the embodiment of the invention.
Fig. 2 is the layout according to the data packet frame of the embodiment of the invention.
Fig. 3 is the block diagram of the embodiment of the invention.
Fig. 4 is the flow chart of describing the embodiment of the invention.
Embodiment
Fig. 1 has described the block diagram according to the communication system 10 of the embodiment of the invention.Work station 50 and 55 expression communication network node or main frames. Shown work station 50 and 55 is coupled to network 20 by router four 0.Can provide security strategy to network 20 and communication system 10 by the network security station 30 of linking equally network 20. Work station 50 and 55 each comprise respectively network adapter (NA) 51 and 56.
Specification and accompanying drawing have been described specific embodiments of the invention, and it is enough to make those skilled in the art to realize these embodiment.Example only represents possible modification.The part of some embodiment and feature can comprise in other embodiments or replace part and the feature of other embodiment.The scope of the embodiment of the invention comprises the four corner of claim and all available equivalents.
In certain embodiments, the present invention relates to packet data encapsulation and the Packet routing of communication network.In other embodiments, the present invention can relate to network security and for the treatment of the method for the network node that is tampered or main frame.In certain embodiments, the invention still further relates between normal packet data transmission and " wearing tunnel (tunneling) " packet data transmission and switch.In another embodiment, the present invention can comprise semiconductor device.
This paper is with reference to by RFC (Request for Comment) definition of Internet Engineering task groups (IETF) and Internet Engineering guidance group (IESG) and that record and announce as standard-track RFC.
Request for Comment 2003 (C.Perkins, " IP Encapsulation within IP ", RFC 2003, IBM, announce in September, 1996) encapsulation is defined as a kind of method that encapsulation (carrying as payload) the Internet protocol data is reported in the Internet protocol data newspaper.For example, there is a kind of method that an IP datagram or packet packaging are the payload in another IP datagram or the grouping.
Wearing the tunnel technology is a term, and it is generally used for describing the processing procedure that changes the normal routed path of Internet protocol (IP) packet by additional another header.Typically, first of the routed path that substitutes and last routing node are commonly called the end points in tunnel, and the path between two end points is called as tunnel (tunnel).
Term is worn tunnel and is encapsulated the common situations that is generally used for creating the tunnel that passes communication system.From RFC 2003, encapsulation is proposed the means that change the normal IP route of datagram as a kind of, and this is to realize by sending it to according to this middle destination that can not select of the IP destination address field (DAF) in the original ip header (network portion).Reach this middle destination node in case encapsulation of data is reported for work, it is obtained original ip datagram by decapsulation, sends it to subsequently the indicated destination of original destination address field (DAF).The encapsulation of this datagram and the use of decapsulation often are called as carries out " wearing tunnel " to datagram, and wrapper and decapsulator are considered to the end points in tunnel.
Therefore, the IP data packet flows from the source, by encapsulation function, by the decapsulation functional module, arrives the destination usually.Usually, a plurality of source and destination can be arranged to using the same tunnel between the encapsulation function reconciliation encapsulation function.
In one embodiment, network 20 can comprise local area network (LAN) (LAN) or Intranet (intranet).In another embodiment, network 20 can comprise the Internet arrangement.In another embodiment of the present invention, network 20 can comprise WLAN (wireless local area network) (WLAN).
Between router four 0, network 20 and network security station 30, there are many agreements to can be used for encapsulating and wearing the tunnel business.In one embodiment, these agreements can comprise the IP encapsulation in the IP, RFC2003.In another embodiment, these agreements can comprise the IP tunneling (wearing the tunnel protocol layer) in the IP.In another embodiment, these agreements can comprise the Ethernet encapsulation in the IP, RFC3378 (R.Housley and S.Hollenbeck, " EtherIP:Tunneling Ethernet Frames inIPDatagrams ", RFC announces in September, 3378,2002).
Further, fire compartment wall 45 can be coupled to router four 0 among Fig. 1.Fire compartment wall 45 can comprise security gateway, wherein can send packet data to the network 20 front security strategies of carrying out safety station 30 at router four 0.
In normal running, under the monitoring at network security station 30, usually pass through back and forth transmission of data packets of network 20 by router four 0 safely such as work station 50 and 55 such network nodes.In another embodiment, many other communication nodes or work station (not shown for the sake of simplicity) also can be coupled to network 20.For example, if work station 55 by virus attack, then work station 55 may send other each communication node that virus serves to network 20 or work station 50 etc.
In one embodiment of the invention, can be routed device 40 from the data of work station 55 wears tunnel and arrives fire compartment walls 45 by network 20.Network adapter 56 each packet of encapsulation of work station 55 are to be directed to it at network security station 30.Then each packet of fire compartment wall 45 decapsulations and the scope of examination are to search virus or the similar mark that can distort work station 55.For example, to encapsulation and wear tunnel control can by with each communication node or work station 50 and 55 in controlled entity, the network security station 30 that network adapter 56 communicates carry out.
For example, network adapter 56 provides an interface, is used for normal route from the packet of work station 55.When the event of distorting that does not detect work station 55 or virus, use this normal route.Network adapter 56 also provides an interface, is used for being redirected the suspected data packets from work station 55.Then when station 30 security strategy indicates given work station to be compromised, network adapter 56 is selected between two interfaces as the basis or is switched take single work station.
Forward Fig. 2 to, described the layout of data packet frame among some embodiment.For example, this data packet frame 60 can comprise layer 4 header and payload 65, and wherein payload can comprise the data that work station 55 will send or receive.Header and payload 65 are packed or be attached with IP (Internet protocol) header 63.By additional IP 62, header and payload 65 are packed with IP header 63.At last, in this example, to packet 60, header and payload 65, IP header 63 and IP header 62 are all packed by additional ethernet header 61.
Along with the data packet frame 60 that makes up moves through network 20, various headers are by decapsulation, until soon transmit to work station 55.
Ethernet header 61 can be the header of the 2nd layer of type, and it is for another main frame that this grouping is directed on the same LAN (local area network (LAN)).Based on the LAN of Ethernet, header 61 can be called as local header, and normally each network controller checks so that the header of process data packets 60 to arbitrarily.
Below, IP (Internet protocol) header 62 forms the encapsulation header that one embodiment of the invention provides.IP header 62 is layer 3 header and have routing function normally.In the embodiment of Fig. 2, header 62 is used for packet 60 is routed to the firewall entity of network, and for example fire compartment wall 45.
Although IP header 62 is encapsulation header normally, IP header 63 may be the original ip header of packet 65.Packet 65 can comprise layer 4 header and the payload of unformatted data (plaindata) normally.
Fig. 3 is according to the method for packing of some embodiments of the present invention and the functional-block diagram of system.Encapsulation and Redirectional system 70 can comprise operating system (OS) and network protocol stack (network stack) 72 and the network controller 75 that is arranged in each network host or work station 50 and 55, and wherein network controller can be coupled to OS and network protocol stack 72 by pci bus structure 74.Network controller 75 can be radio network controller and can further be coupled to network 20 by bus or antenna 71, wherein bus or antenna 71 can comprise orientation or omnidirectional antenna, for example comprise dipole antenna, unipole antenna, paster antenna, loop aerial, microstrip antenna or be suitable for receiving and/or sending other type antenna of data packet signals.In one embodiment of the invention, 20 coupling can be wireless coupling from network controller 75 to network.
Operating system and network protocol stack 72 can comprise what Microsoft provided
The operating system of XP operating system or equivalence.
In one embodiment of the invention, network controller 75 can be the network adapter 56 of the work station 55 of Fig. 1, but network controller can form the almost part of arbitrary network parts.In certain embodiments, network controller 75 can comprise primary network interface 76 and second network interface 77.The second network interface 76 and 77 of advocating peace can be coupled to respectively encapsulation function 78.Encapsulation function 78 can be coupled to physical network interface 79, and physical network interface 79 can be coupled to network 20 by bus 73 again.
In certain embodiments, the second network interface (76,77) of advocating peace is informed different MTU (MTU) to network protocol stack.MTU has defined this equipment can be in the network packet maximum byte size that connects transmission.For example, professional to ethernet communication, this size equals 1514.For example, to ethernet controller, main interface informs that the MTU of actual physical device is 1514 now, and second network interface 77 shows less MTU, this allows network controller 75 additional encapsulation headers to outer the grouping of being initiated by OS network protocol stack 72, keeps simultaneously the outer total size of grouping of sending out less than the MTU of physical equipment.For example, when using IP to wear tunnel technology execution encapsulation by ethernet controller, second network interface 77 will inform that MTU is 1514-20=1494, and wherein 20 is sizes of IP header.In the processing that encapsulation is outer when sending out grouping, IP divides into groups or with upper strata (for example TCP/IP) data sectional because it has avoided cutting apart with simplified network controller 75 for this.
To thinking the packet that is not tampered in network security station 30, perhaps source, work station 50 or 55 are considered to not to be tampered or the situation of safety, and work station 50 or 55 OS and network protocol stack 72 can transmit this primary network interface 76 that is grouped into.Usually, primary network interface 76 provides normal or " the non-tunnel of the wearing " interface from main frame or work station 55 to network 20.Under network controller 75 specified datas are divided into groups 60 damaged situations, network controller 75 effectively will be processed from the main non-tunnel network interface 76 of wearing and switch, to wear tunnel network interface 77 transmission of data packets by second.For example, second network interface 77 is worn tunnel and is encapsulated this packet it is redirected to network security station 30.
Wear tunnel and encapsulation in order to finish, network controller 75 can switch processing from the main or non-tunnel network interface 76 of wearing, to select second or the processing of wearing tunnel network interface 77.
Then, the encapsulation of second network 77 usefulness IP headers 62 comprises the packet of part 63 and 65, crosses network-to-network and stands safely 30 with the tunnelling of wearing of packet-oriented 60.Then, can to have IP header 62 and 63 and the grouping of layer 4 header and payload 65 apply standard ethernet header 61.According to ethernet header 61, grouping 60 can be passed physical network interface 79 and is transferred to network 20 in order to process.
For suspicious work station 55 and behind the preparation network controller 75, when network controller 75 receives when indication from safety station 30, controller 75 can be reconfigured.In certain embodiments, can from handling process, remove second network interface 77, and must select and enable primary network interface 76.Then, normal data flow can be passed primary network interface 76 and physical network interface 79 arrival networks 20.
Fig. 4 is the flow chart of describing according to the operation of network controller in the some embodiments of the present invention 75.Network controller 75 waits for the configuration event of automatic network 20, square frame 80 usually.When network controller 75 detected configuration event, square frame 80 transferred control to square frame 82.Below, determine whether request " tunnel " event, square frame 82.
If asked to wear the tunnel event, for example then indicating, network node or the host work station 55 of transmission of data packets may be tampered.As a result, the operation of network controller 75 is shifted from square frame 82 by the "Yes" path and is controlled to square frame 84.
Then, second network interface 77 can be configured to provide the tunnel of asking " interface ", square frame 86.Second network interface 77 is reached the standard grade.Then, packet 60 is transferred to second network interface 77 in order to processed by network controller 75.The tunnel interface that is provided by the second network interface is linked to network effectively, square frame 88.
If do not ask " tunnel " event, then square frame 82 shifts by the "No" path and controls to square frame 90.This has asked proper network interface 76 corresponding to determining, and does not need " tunnel " network interface 77 to process the packet that receives.
Therefore, the tunnel interface link disconnects.That is to say, tunnel interface 77 rolls off the production line, square frame 90.Below, the main non-tunnel network interface 76 of wearing is configured to reach the standard grade and process the processing procedure that the packet of input is carried out, 92.At last, the non-packet processing stream that the tunnel normal interface can be input, 94 of wearing.That is to say, for example, packet 60 is transferred to " normally " primary network interface 76 usually so that network controller 75 is processed.
The encapsulation of above-mentioned packet and redirected processing can be adopted the form of machine-readable software code.This machine-readable software code can realize in the read-only memory (ROM), random access memory (RAM) or the EPROM (EPROM) that are read and explain to provide said method by a processor or a plurality of processor.These memories can be positioned on semiconductor device or the chip with network controller 75, perhaps can be positioned at independently on the memory devices.Further, software can be from being loaded into network controller such as hard disk, floppy disk or CD or the such memory devices of hardware state machine.
Therefore, the above-mentioned processing of network controller 75 provides the Dynamic Packet of the packet of network node host communication service to encapsulate and be redirected, and need not extra ageng or complicated hardware.Further, network controller 75 can be realized at semiconductor device or " chipset ".This has been avoided the further cost of " adding " hardware.
Although just illustrate and described in detail some embodiments of the present invention, it is obvious to those skilled in the art that and to carry out various modifications therein and do not deviate from the essence of these embodiment or exceed the scope of claims.
Claims (21)
1. one kind is used for comprising from the method for network node transmission data:
First interface via network node sends data from described network node, comprises
Receive the first packet at described first interface from the peripheral control interface bus of described network node,
The first packet that receives is sent to the physical network interface of described network node from described first interface, and
Described the first packet is sent to network from described physical network interface;
The second interface via described network node sends data from described network node, comprises
Receive the second packet at described the second interface from the described peripheral control interface bus of described network node,
The second packet after the second packet that encapsulation receives encapsulates with generation,
The second packet after the described physical network interface of described network node receives described encapsulation, and
The second packet after the encapsulation that receives is sent to described network from described physical network interface; And
Based on the state that is generated by the network security station, sending data via described first interface from described network node and switching between described network node transmission data via described the second interface, whether described state indicates described network node to be compromised.
2. method claimed in claim 1, wherein, described encapsulation further comprises, additional IP header is to the second packet of described reception.
3. method claimed in claim 1, wherein, described switching comprises:
Wait for configuration event; And
Determine whether described configuration event wears the tunnel event.
4. method claimed in claim 3, wherein, if the described tunnel event of wearing occurs in described definite indication, then described switching further comprises described first interface is rolled off the production line.
5. method claimed in claim 4, wherein, if the described tunnel event of wearing occurs in described definite indication, then described switching further comprises and activates described the second interface.
6. method claimed in claim 5 wherein, rolls off the production line described first interface and activates described the second interface and carried out by network controller.
7. method claimed in claim 1, wherein, take independent work station as the basis, the state of distorting for indication is carried out and is being sent data and sending switching between the data via described the second interface from described network node from described network node via described first interface.
8. method claimed in claim 1, wherein, described the second interface is the interface of the radio network controller of described network node.
9. network controller comprises:
Physical network interface is used for network node is coupled to network;
Be coupled to the first interface of described physical network interface, described first interface has the first MTU MTU size, described first interface is used for receiving the first packet from the peripheral control interface bus of described network node, described first interface also is used for the first packet that receives is sent to described physical network interface, wherein, described physical network interface also is used for described the first packet is sent to described network;
The second interface with two MTU size less than a described MTU size, described the second interface are used for receiving the second packet from the described peripheral control interface bus of described network node;
Be coupled to described the second interface and be coupled to the wrapper of described physical network interface, described wrapper is used for receiving described the second packet from described the second interface, described wrapper also is used for the IP header is appended to described packet to produce the second packet after encapsulating, described wrapper also is used for the second packet after the described encapsulation is offered described physical network interface, wherein, described physical network interface also is used for the second packet after the described encapsulation is sent to described network; And
Controller, be used for operating described network controller as the network adapter of described network node, be included in to receive the described first interface of described the first packet and receive from the described peripheral control interface bus of described network node between the second interface of described the second packet from the described peripheral control interface bus of described network node and switch, described switching is based on the state that is generated by the network security station, and whether described state indicates described network node to be compromised.
10. network controller claimed in claim 9, wherein, described network node comprises operating system.
11. network controller claimed in claim 9, wherein, each in a plurality of network nodes comprises described controller.
12. a device that is used for sending from network node data comprises:
Be used for via the first interface of network node data being sent to from described network node the module of network, comprise
Be used for receiving from the peripheral control interface bus of described network node at described first interface the module of the first packet,
Be used for the first packet that receives is sent to from described first interface the module of the physical network interface of described network node, and
Be used for described the first packet is sent to from described physical network interface the module of network;
Be used for via the second interface of described network node data being sent to from described network node the module of described network, comprise
Be used for receiving from the described peripheral control interface bus of described network node at described the second interface the module of the second packet,
Be used for encapsulating the module of the second packet after the second packet that receives encapsulates with generation,
The module that is used for the second packet after the described physical network interface of described network node receives described encapsulation, and
Be used for the second packet after the encapsulation that receives is sent to from described physical network interface the module of described network; And
Be used for based on the state by the generation of network security station, sending data and sending the module of switching between the data from described network node via described the second interface from described network node via described first interface, whether described state indicates described network node to be compromised.
13. the described device of claim 12, wherein, the second packet that encapsulates described reception comprises, the IP header is appended to the second packet of described reception.
14. the described device of claim 12, wherein, described switching comprises:
Wait for configuration event; And
Determine whether described configuration event wears the tunnel event.
15. the described device of claim 14, wherein, if the described tunnel event of wearing occurs in described definite indication, then described switching further comprises, described first interface is rolled off the production line.
16. the described device of claim 14, wherein, if the described tunnel event of wearing occurs in described definite indication, then described switching also comprises described the second interface of activation.
17. a network node comprises:
The peripheral control interface bus;
Be coupled to the network protocol stack of described peripheral control interface bus;
Via the network adapter of described peripheral control interface bus coupling to described network protocol stack, comprise
Physical network interface,
Be coupled to the first interface of described physical network interface, described first interface has the first MTU MTU size, described first interface is used for receiving the first packet from described peripheral control interface bus, described first interface also is used for the first packet that receives is sent to described physical network interface, wherein, described physical network interface also is used for described the first packet is sent to network;
The second interface with two MTU size less than a described MTU size, described the second interface are used for receiving the second packet from described peripheral control interface bus;
Be coupled to described the second interface and be coupled to the wrapper of described physical network interface, described wrapper is used for receiving described the second packet from described the second interface, described wrapper also is used for the IP header is appended to described packet to produce the second packet after encapsulating, described wrapper also is used for the second packet after the described encapsulation is offered described physical network interface, wherein, described physical network interface also is used for the second packet after the described encapsulation is sent to described network; And
Controller, be used for based on the state by the generation of network security station, select receiving the described first interface of described the first packet from described peripheral control interface bus and receive from described peripheral control interface bus between the second interface of described the second packet, whether described state indicates described network node to be compromised; And
Omnidirectional antenna is used for described physical network interface is coupled to described network.
18. the described network node of claim 17, described controller comprises radio network controller.
19. the described network node of claim 17 wherein, further comprises router, is used for sending described packet to described network from described controller.
One of 20. the described network node of claim 17, wherein, below described network comprises at least:
Intranet;
The Internet;
Local area network (LAN) (LAN).
21. the described network node of claim 17, wherein, described network comprises WLAN (wireless local area network) (WLAN).
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| PCT/US2006/001917 WO2007084128A1 (en) | 2006-01-17 | 2006-01-17 | Method for packet encapsulation and redirection of data packets |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101361325A CN101361325A (en) | 2009-02-04 |
| CN101361325B true CN101361325B (en) | 2013-01-02 |
Family
ID=36499447
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN200680051160.2A Expired - Fee Related CN101361325B (en) | 2006-01-17 | 2006-01-17 | Packet packaging and redirecting method for data packet |
Country Status (3)
| Country | Link |
|---|---|
| CN (1) | CN101361325B (en) |
| DE (1) | DE112006003638T5 (en) |
| WO (1) | WO2007084128A1 (en) |
Families Citing this family (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101399766B (en) * | 2007-09-28 | 2011-05-11 | 中国移动通信集团公司 | Network system and access method for data service |
| JP6256110B2 (en) * | 2014-03-04 | 2018-01-10 | 富士通株式会社 | Packet processing system and packet processing method |
| CN104579697B (en) * | 2015-01-23 | 2019-03-01 | 北京立华莱康平台科技有限公司 | Network expansion module and Multi net voting processing system |
| US9817787B2 (en) * | 2015-03-26 | 2017-11-14 | Intel Corporation | Method, apparatus and system for encapsulating information in a communication |
| US20240069949A1 (en) * | 2022-08-29 | 2024-02-29 | International Business Machines Corporation | Applying hypervisor-based containers to a cluster of a container orchestration system |
Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1602470A (en) * | 2001-12-10 | 2005-03-30 | 思科技术公司 | Protecting against malicious traffic |
Family Cites Families (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2003043276A1 (en) * | 2001-11-13 | 2003-05-22 | Matsushita Electric Industrial Co., Ltd. | Provider connection system, packet exchange apparatus thereof, dns server, packet exchange method, and computer program thereof |
| US7069336B2 (en) * | 2002-02-01 | 2006-06-27 | Time Warner Cable | Policy based routing system and method for caching and VPN tunneling |
-
2006
- 2006-01-17 CN CN200680051160.2A patent/CN101361325B/en not_active Expired - Fee Related
- 2006-01-17 DE DE112006003638T patent/DE112006003638T5/en not_active Ceased
- 2006-01-17 WO PCT/US2006/001917 patent/WO2007084128A1/en active Application Filing
Patent Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1602470A (en) * | 2001-12-10 | 2005-03-30 | 思科技术公司 | Protecting against malicious traffic |
Also Published As
| Publication number | Publication date |
|---|---|
| WO2007084128A1 (en) | 2007-07-26 |
| CN101361325A (en) | 2009-02-04 |
| DE112006003638T5 (en) | 2008-11-27 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9749229B2 (en) | Forwarding packets with encapsulated service chain headers | |
| US11658847B2 (en) | Packet communications providing packet processing efficiencies in a network including using a segment routing and tunnel exchange | |
| US7551615B2 (en) | Method for packet encapsulation and redirection of data packets | |
| CN106878047B (en) | Fault handling method and device | |
| US7082140B1 (en) | System, device and method for supporting a label switched path across a non-MPLS compliant segment | |
| US8451752B2 (en) | Seamless handoff scheme for multi-radio wireless mesh network | |
| US20220078114A1 (en) | Method and Apparatus for Providing Service for Traffic Flow | |
| US20060168274A1 (en) | Method and system for high availability when utilizing a multi-stream tunneled marker-based protocol data unit aligned protocol | |
| CN107948086A (en) | A kind of data packet sending method, device and mixed cloud network system | |
| CN101361325B (en) | Packet packaging and redirecting method for data packet | |
| EP4160950A1 (en) | Method and apparatus for sending message, and network device, system and storage medium | |
| US10009277B2 (en) | Backward congestion notification in layer-3 networks | |
| CN109120492B (en) | Storage unit, source switch, message forwarding method and mirror image system | |
| CN105591834A (en) | Traffic monitoring method and device in VXLAN | |
| EP4002776A1 (en) | End-to-end flow monitoring in a computer network | |
| CN110086689A (en) | A kind of double stack BFD detection methods and system | |
| WO2015154603A1 (en) | Tunnel protecting method and device based on shared tunnel | |
| CN110300064A (en) | A kind of data traffic processing method, equipment and system | |
| CN112910791B (en) | Diversion system and method thereof | |
| CN108156066A (en) | Message forwarding method and device | |
| CN112910790B (en) | Diversion system and method thereof | |
| JP2011151557A (en) | Communication system and control method | |
| EP3621251B1 (en) | Packet processing | |
| CN214799523U (en) | Flow guiding system | |
| CN113839909B (en) | Method, device and system for processing data message |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20130102 Termination date: 20200117 |