CN102158362B - Network information monitoring realization method, system and device - Google Patents
Network information monitoring realization method, system and device Download PDFInfo
- Publication number
- CN102158362B CN102158362B CN201110096488.9A CN201110096488A CN102158362B CN 102158362 B CN102158362 B CN 102158362B CN 201110096488 A CN201110096488 A CN 201110096488A CN 102158362 B CN102158362 B CN 102158362B
- Authority
- CN
- China
- Prior art keywords
- supervision
- monitor
- message
- path
- label
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/08—Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters
- H04L43/0805—Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters by checking availability
- H04L43/0811—Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters by checking availability by checking connectivity
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
- H04L45/50—Routing or path finding of packets in data switching networks using label swapping, e.g. multi-protocol label switch [MPLS]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
- H04L45/70—Routing based on monitoring results
Abstract
The invention discloses a network information monitoring realization method, a network information monitoring realization system and a network information monitoring realization device. The method comprises the following steps of: establishing a monitoring label switched path (LSP) between a provider edge router PE and a monitoring router Monitor and configuring policy routing at an input interface of the PE; and forwarding a suspicious message to the Monitor for detection trough the monitoring LSP according to the configured policy routing, and performing corresponding operations according to a detection result fed back by the Monitor by using the PE, namely, switching to a normal LSP to forward the message if the suspicious message passes the detection, otherwise performing corresponding processing on the message according to a preset forwarding policy. In the method, the system and the device, the monitoring paths are increased and switched by using a policy routing technology, so control over message forwarding is realized, and the control and processing of hazardous information in a dissemination process are further completely realized.
Description
Technical field
The present invention relates to communication technical field, particularly relate to a kind of method, system and device realizing network information monitoring.
Background technology
Along with the fast development of Internet service, on network, various harmful information also spreads unchecked day by day, and each operator is also required the responsibility undertaking network information monitoring.As by network Anti-vice campaign for the previous period, domestic various websites at present all requirement must carry out real name registration and management.This monitoring and managing method belongs to supervises afterwards, cannot intervene Information Communication process, and for leasing server overseas and be engaged in the approach of harmful information, cannot effectively be supervised, therefore general effect is very limited.How can pass through network technology, to carry out detecting and filtering in harmful information communication process, become the problem that is needed badly solution.
Summary of the invention
In view of above-mentioned analysis, the present invention aims to provide a kind of method, system and device realizing network information monitoring, in order to solve the problem that the harmful information that exists in prior art is not effectively detected and filters in communication process.
Object of the present invention is mainly achieved through the following technical solutions:
The invention provides a kind of method realizing network information monitoring, comprising:
Supervision label switching path LSP passage and the incoming interface collocation strategy route at PE is set up between provider edge router PE and supervision router Monitor;
Suspicious message is transmitted to Monitor by supervision LSP passage according to the policybased routing of configuration and detects by PE, and carry out corresponding actions according to the testing result of Monitor feedback: pass through if detected, be switched to normal LSP passage and forward this message, otherwise according to predetermined forwarding strategy, respective handling is carried out to this message.
Further, also comprise after setting up supervision passage:
PE sends supervision example registration request to Monitor by supervision LSP passage, and after the example registration response receiving Monitor feedback, sets up supervision path between PE and Monitor.
Further, the process that suspicious message repeating carries out detecting to Monitor is specifically comprised:
To the supervision path allocation set up between PE and Monitor one supervision label, after the outer forwarding label of PE to the suspicious message received stamps supervision label, be transmitted to Monitor by supervision path and detect.
Further, also comprise: after the policybased routing configured at PE incoming interface is deleted, PE sends the request of supervision example revocation, and after the example revocation response receiving Monitor feedback, cancels the supervision path set up between PE and Monitor.
Wherein, described routing policy at least comprises: occurrence rule and setting option forwarding entry.
Present invention also offers a kind of system realizing network information monitoring, comprising: provider edge router PE and supervision router Monitor, wherein,
PE, for and Monitor between set up supervision label switching path LSP passage and the incoming interface collocation strategy route at PE; And according to the policybased routing of configuration, suspicious message is transmitted to Monitor detects by supervising LSP passage, and carry out corresponding actions according to the testing result of Monitor feedback: pass through if detected, be switched to normal LSP passage and forward this message, otherwise according to predetermined forwarding strategy, respective handling is carried out to this message;
Monitor, detects for the suspicious message sent PE, and testing result is fed back to corresponding PE.
Invention further provides a kind of device realizing network information monitoring, comprising:
Path Setup and administration module, for setting up supervision LSP passage between provider edge router PE and supervision router Monitor;
Strategy configuration module, for the incoming interface collocation strategy route at PE;
Forward process module, detect for suspicious message being transmitted to Monitor by supervision LSP passage according to the policybased routing of configuration, and carry out corresponding actions according to the testing result of Monitor feedback: pass through if detected, be switched to normal LSP passage and forward this message, otherwise according to predetermined forwarding strategy, respective handling is carried out to this message.
Further, also comprise:
Instance management module, for sending supervision example registration request to Monitor by supervision LSP passage, and after the example registration response receiving Monitor feedback, sets up supervision path between PE and Monitor.
Further, also comprise:
Label processing module, for giving supervision path allocation one supervision of setting up between PE and Monitor label, and supervision label is stamped to the outer forwarding label of the suspicious message that PE receives, be transmitted to Monitor by forward process module by supervision path and detect.
Further, described instance management module also for, after the policybased routing of PE incoming interface configuration is deleted, the request of supervision example revocation is sent to Monitor by supervision LSP passage, and after the example revocation response receiving Monitor feedback, cancel the supervision path set up between PE and Monitor.
Beneficial effect of the present invention is as follows:
The present invention, by increasing supervision passage, switches among different channels with policy routing technique, realizes the control to message repeating, fully achieves the control of harmful information in communication process and process.
Other features and advantages of the present invention will be set forth in the following description, and, becoming apparent from specification of part, or understand by implementing the present invention.Object of the present invention and other advantages realize by structure specifically noted in write specification, claims and accompanying drawing and obtain.
Accompanying drawing explanation
Fig. 1 is the structural representation of the networking example of the embodiment of the present invention;
Fig. 2 is the schematic flow sheet of method described in the embodiment of the present invention;
Fig. 3 is the structural representation of system described in the embodiment of the present invention;
Fig. 4 is the structural representation of device described in the embodiment of the present invention.
Embodiment
Specifically describe the preferred embodiments of the present invention below in conjunction with accompanying drawing, wherein, accompanying drawing forms the application's part, and together with embodiments of the present invention for explaining principle of the present invention.
First by reference to the accompanying drawings 1 and accompanying drawing 2 pairs of embodiment of the present invention described in method be described in detail.
For convenience of explanation, below by the networking shown in accompanying drawing 1 for example is described in detail to method described in the embodiment of the present invention.
As shown in Figure 1, CE1 (user's edge device) and CE2 is arranged in same private network, there is a normal LSP forwarding channel between PE1 (provider edge router) and PE2; A Monitor (supervision router) is set in present networks, if need to supervise the message through PE1, then needs between Monitor and PE1 to set up a supervision LSP passage; In like manner, if need to supervise the message through PE2, so also need between Monitor and PE2 to set up a supervision LSP passage.
As shown in Figure 2, Fig. 2 is the schematic flow sheet of method described in the embodiment of the present invention, and the message set through PE1 needs to be supervised, then described method specifically can comprise the steps:
Step 201: by running supervision enable command, sets up a supervision LSP passage between PE1 and Monitor;
Step 202: in the incoming interface collocation strategy route of PE1, this policybased routing at least comprises Match (coupling) item rule and Set (setting) item forwarding entry, wherein, Match item rule is used for filtering the message through PE1, determines to need detected suspicious message; Set item forwarding entry is for configuring supervision path;
Step 203:PE sends supervision example registration request to Monitor by supervision LSP passage, and after the example registration response receiving Monitor feedback, sets up supervision path between PE and Monitor, and is this supervision path allocation one supervision label;
Step 204: from the message of CE1, through PE1, if when being defined as suspicious message according to policybased routing, then PE1 is by the forward-path of this suspicious message from the normal LSP passage bridge that forwards to supervision LSP passage, sends to Monitor to detect after the outer forwarding label of this suspicious message is stamped supervision label by Utilization strategies label forwarding technology by supervision path;
When step 205:Monitor receives this suspicious message, it is detected, and send response message to PE1, testing result is informed PE1 (not passed through by or);
Step 206:PE1 carries out corresponding actions according to the testing result received: pass through if detected, then the forward-path of this suspicious message is switched to normal forwarding LSP passage by PE1 again, otherwise according to the forwarding strategy that user is pre-configured, select dropping packets or other mode process, specifically take which kind of processing mode need the requirement according to operator and determine.
Next, system described in the embodiment of the present invention is described in detail.
As shown in Figure 3, Fig. 3 is the structural representation of system described in the embodiment of the present invention, specifically can comprise: Monitor and PE, wherein,
When the message through certain PE needs by supervision, between this PE and Monitor, set up supervision label switching path LSP passage and the incoming interface collocation strategy route at PE; According to the policybased routing of configuration, suspicious message is transmitted to Monitor by supervision LSP passage to detect, and carry out corresponding actions according to the testing result of Monitor feedback: pass through if detected, then be switched to normal LSP passage and forward this message, otherwise according to predetermined forwarding strategy, respective handling is carried out to this message.Monitor detects the suspicious message that PE sends, and testing result is fed back to corresponding PE.
Finally, device described in the embodiment of the present invention is described in detail.
As shown in Figure 4, Fig. 4 can be arranged in PE for the structural representation of device described in the embodiment of the present invention, device described in the embodiment of the present invention, specifically can comprise: Path Setup and administration module, tactful configuration module, forward process module, instance management module and label processing module, wherein
Path management module, sets up supervision LSP passage between edge router PE and supervision router Monitor;
Strategy configuration module, in the incoming interface collocation strategy route of PE, this policybased routing at least comprises Match (coupling) item rule and Set (setting) item forwarding entry, wherein, Match item rule is used for filtering the message through PE1, determines to need detected suspicious message; Set item forwarding entry is for configuring supervision path;
Forward process module, according to the policybased routing of configuration, suspicious message is transmitted to Monitor by supervision LSP passage to detect, and carry out corresponding actions according to the testing result of Monitor feedback: pass through if detected, then be switched to normal LSP passage and forward this message, otherwise according to predetermined forwarding strategy, respective handling is carried out to this message.
Instance management module, sends supervision example registration request to Monitor by supervision LSP passage, and after the example registration response receiving Monitor feedback, sets up supervision path between PE and Monitor.
Label processing module, to the supervision path allocation set up between PE and Monitor one supervision label, and stamps supervision label to the outer forwarding label of the suspicious message that PE receives, is transmitted to Monitor detects by forward process module by supervision path.
After the policybased routing configured at PE incoming interface is deleted, instance management module sends the request of supervision example revocation to Monitor by supervision LSP passage, and after the example revocation response receiving Monitor feedback, cancel the supervision path set up between PE and Monitor.
It should be noted that, for the specific implementation process of system and device, owing to being described in detail in said method, so place repeats no more.
In sum, embodiments provide a kind of method, system and device realizing network information monitoring, the present invention is by increasing supervision LSP passage, switch between supervision LSP passage and normal LSP passage with policy routing technique, realize control to message repeating, fully achieve the control of harmful information in communication process and process; More more effective than existing monitoring and managing method afterwards and technology, implementation method is also more simple, can meet the needs of large scale deployment in current network.
The above; be only the present invention's preferably embodiment, but protection scope of the present invention is not limited thereto, is anyly familiar with those skilled in the art in the technical scope that the present invention discloses; the change that can expect easily or replacement, all should be encompassed within protection scope of the present invention.Therefore, protection scope of the present invention should be as the criterion with the protection range of claims.
Claims (10)
1. realize a method for network information monitoring, it is characterized in that, comprising:
Supervision label switching path LSP passage and the incoming interface collocation strategy route at PE is set up between provider edge router PE and supervision router Monitor;
Suspicious message is transmitted to Monitor by supervision LSP passage according to the policybased routing of configuration and detects by PE, and carry out corresponding actions according to the testing result of Monitor feedback: pass through if detected, be switched to normal LSP passage and forward this message, otherwise according to predetermined forwarding strategy, respective handling is carried out to this message.
2. method according to claim 1, is characterized in that, also comprises after setting up supervision passage:
PE sends supervision example registration request to Monitor by supervision LSP passage, and after the example registration response receiving Monitor feedback, sets up supervision path between PE and Monitor.
3. method according to claim 2, is characterized in that, the process that suspicious message repeating carries out detecting to Monitor is specifically comprised:
To the supervision path allocation set up between PE and Monitor one supervision label, after the outer forwarding label of PE to the suspicious message received stamps supervision label, be transmitted to Monitor by supervision path and detect.
4. according to the method in claim 2 or 3, it is characterized in that, also comprise: after the policybased routing configured at PE incoming interface is deleted, PE sends the request of supervision example revocation, and after the example revocation response receiving Monitor feedback, cancel the supervision path set up between PE and Monitor.
5. method according to claim 1, is characterized in that, described policybased routing at least comprises: occurrence rule and setting option forwarding entry.
6. realize a system for network information monitoring, it is characterized in that, comprising: provider edge router PE and supervision router Monitor, wherein,
PE, for and Monitor between set up supervision label switching path LSP passage and the incoming interface collocation strategy route at PE; And according to the policybased routing of configuration, suspicious message is transmitted to Monitor detects by supervising LSP passage, and carry out corresponding actions according to the testing result of Monitor feedback: pass through if detected, be switched to normal LSP passage and forward this message, otherwise according to predetermined forwarding strategy, respective handling is carried out to this message;
Monitor, detects for the suspicious message sent PE, and testing result is fed back to corresponding PE.
7. realize a device for network information monitoring, it is characterized in that, comprising:
Path Setup and administration module, for setting up supervision LSP passage between provider edge router PE and supervision router Monitor;
Strategy configuration module, for the incoming interface collocation strategy route at PE;
Forward process module, detect for suspicious message being transmitted to Monitor by supervision LSP passage according to the policybased routing of configuration, and carry out corresponding actions according to the testing result of Monitor feedback: pass through if detected, be switched to normal LSP passage and forward this message, otherwise according to predetermined forwarding strategy, respective handling is carried out to this message.
8. device according to claim 7, is characterized in that, also comprises:
Instance management module, for sending supervision example registration request to Monitor by supervision LSP passage, and after the example registration response receiving Monitor feedback, sets up supervision path between PE and Monitor.
9. device according to claim 8, is characterized in that, also comprises:
Label processing module, for giving supervision path allocation one supervision of setting up between PE and Monitor label, and supervision label is stamped to the outer forwarding label of the suspicious message that PE receives, be transmitted to Monitor by forward process module by supervision path and detect.
10. device according to claim 9, it is characterized in that, described instance management module also for, after the policybased routing of PE incoming interface configuration is deleted, the request of supervision example revocation is sent to Monitor by supervision LSP passage, and after the example revocation response receiving Monitor feedback, cancel the supervision path set up between PE and Monitor.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201110096488.9A CN102158362B (en) | 2011-04-18 | 2011-04-18 | Network information monitoring realization method, system and device |
| PCT/CN2012/071314 WO2012142868A1 (en) | 2011-04-18 | 2012-02-20 | Method, system and device for monitoring network information |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201110096488.9A CN102158362B (en) | 2011-04-18 | 2011-04-18 | Network information monitoring realization method, system and device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN102158362A CN102158362A (en) | 2011-08-17 |
| CN102158362B true CN102158362B (en) | 2015-05-06 |
Family
ID=44439563
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201110096488.9A Active CN102158362B (en) | 2011-04-18 | 2011-04-18 | Network information monitoring realization method, system and device |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN102158362B (en) |
| WO (1) | WO2012142868A1 (en) |
Families Citing this family (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102158362B (en) * | 2011-04-18 | 2015-05-06 | 中兴通讯股份有限公司 | Network information monitoring realization method, system and device |
| CN102377603B (en) * | 2011-10-26 | 2014-10-29 | 国家广播电影电视总局广播科学研究院 | Policy processing method and policy processing devices |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1719829A (en) * | 2004-07-09 | 2006-01-11 | 北京航空航天大学 | Implementing flow control and defensing DOS attack by using MPLS display route |
| CN101399749A (en) * | 2007-09-27 | 2009-04-01 | 华为技术有限公司 | Method, system and device for packet filtering |
| CN101820391A (en) * | 2010-03-17 | 2010-09-01 | 中兴通讯股份有限公司 | Route forwarding method used for IP network and network equipment |
| CN101848222A (en) * | 2010-05-28 | 2010-09-29 | 武汉烽火网络有限责任公司 | Inspection method and device of Internet deep packet |
Family Cites Families (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP4542359B2 (en) * | 2004-03-30 | 2010-09-15 | 株式会社クラウド・スコープ・テクノロジーズ | Network monitoring apparatus, monitoring method, and monitoring system |
| CN1983955A (en) * | 2006-05-09 | 2007-06-20 | 华为技术有限公司 | Method and system for monitoring illegal message |
| US8250641B2 (en) * | 2007-09-17 | 2012-08-21 | Intel Corporation | Method and apparatus for dynamic switching and real time security control on virtualized systems |
| CN101355567B (en) * | 2008-09-03 | 2012-05-09 | 中兴通讯股份有限公司 | Method for protecting safety of route-exchanging device central processing unit |
| CN102158362B (en) * | 2011-04-18 | 2015-05-06 | 中兴通讯股份有限公司 | Network information monitoring realization method, system and device |
-
2011
- 2011-04-18 CN CN201110096488.9A patent/CN102158362B/en active Active
-
2012
- 2012-02-20 WO PCT/CN2012/071314 patent/WO2012142868A1/en active Application Filing
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1719829A (en) * | 2004-07-09 | 2006-01-11 | 北京航空航天大学 | Implementing flow control and defensing DOS attack by using MPLS display route |
| CN101399749A (en) * | 2007-09-27 | 2009-04-01 | 华为技术有限公司 | Method, system and device for packet filtering |
| CN101820391A (en) * | 2010-03-17 | 2010-09-01 | 中兴通讯股份有限公司 | Route forwarding method used for IP network and network equipment |
| CN101848222A (en) * | 2010-05-28 | 2010-09-29 | 武汉烽火网络有限责任公司 | Inspection method and device of Internet deep packet |
Non-Patent Citations (1)
| Title |
|---|
| 蔡俊朝,蔡皖东,胡润东.一种网络信息监管系统的设计与实现.《微电子学与计算机》.2010,第27卷(第10期), * |
Also Published As
| Publication number | Publication date |
|---|---|
| WO2012142868A1 (en) | 2012-10-26 |
| CN102158362A (en) | 2011-08-17 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108965123B (en) | Link switching method and network communication system | |
| EP1981215B1 (en) | Network system | |
| KR101652649B1 (en) | System and method using rsvp hello suppression for graceful restart capable neighbors | |
| CN103250380B (en) | Improve the Ethernet ring circuit node of link failure recovery time afterwards | |
| CN100450039C (en) | Fast convergence method and device of the end-to-end service | |
| Nam et al. | A Study on SDN security enhancement using open source IDS/IPS Suricata | |
| US20060176804A1 (en) | Data transfer apparatus and multicast system | |
| CN104106244A (en) | Control device, communication system, communication method and program | |
| CN104980349A (en) | Relay System and Switching Device | |
| KR20130055392A (en) | Method and appratus for protection switching in point-to- multipoint network | |
| CN102104532B (en) | Fault switching method and system and hub provider edge (Hub PE) router | |
| US20140043960A1 (en) | Method, tor switch, and system for implementing protection switchover based on trill network | |
| CN103873379A (en) | Distributed route destroy-resistant strategy collocation method and system based on overlay network | |
| Sandor et al. | Resilience in the Internet of Things: The software defined networking approach | |
| CN103262046A (en) | Server management apparatus, server management method, and program | |
| CN102201999A (en) | Multicast service load sharing method and system | |
| KR20150007623A (en) | Method and appratus for protection switching in packet transport system | |
| CN103532863A (en) | Method and device for realizing software stacking | |
| WO2014146541A1 (en) | Cdn and network convergence system, scheduling module selection method and computer storage medium | |
| CN102158362B (en) | Network information monitoring realization method, system and device | |
| CN101478489B (en) | Method and system for controlling default routing notification by IS-IS protocol | |
| CN104320322A (en) | Message control method and equipment | |
| CN104901880B (en) | A kind of method and device of service operation | |
| WO2016206010A1 (en) | Link fault location method, apparatus and system | |
| CN100466546C (en) | System and method for realizing business protection using LCAS protocol |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant |