CN102387046A - Detection method and equipment of MAD (Multi-Activity Detection) for LACP (Link Aggregation Control Protocol) - Google Patents
Detection method and equipment of MAD (Multi-Activity Detection) for LACP (Link Aggregation Control Protocol) Download PDFInfo
- Publication number
- CN102387046A CN102387046A CN2011103190220A CN201110319022A CN102387046A CN 102387046 A CN102387046 A CN 102387046A CN 2011103190220 A CN2011103190220 A CN 2011103190220A CN 201110319022 A CN201110319022 A CN 201110319022A CN 102387046 A CN102387046 A CN 102387046A
- Authority
- CN
- China
- Prior art keywords
- lacp
- activeid
- value
- expansion
- protocol massages
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention provides a detection method of multi-activity detection (MAD) for a link aggregation control protocol (LACP). The detection method comprises the following steps of: expanding an LACP message, so that the LACP message comprises a media access control (MAC) address used for distinguishing the product type of different member equipment and distinguishing different intelligent resilient frameworks (IRF); and comparing whether the product type of the received expanded LACP message is same as it of the message receiver by the message receiver; if so, further comparing whether the MAC address of the expanded LACP message is same as the MAC address of the message receiver; if the MAC address of the expanded LACP report is same as the MAC address of the message receiver, determining whether all ports are completely closed according to a magnitude relation between an active identifier (Active ID) value of the expanded LACP message and the Active ID value of the message receiver. The invention simultaneously discloses detection equipment of the MAD for the LACP. The detection method and equipment of MAD for LACP is applied to accurately distinguish the LACP message and effectively realizes the MAD detection of LACP in IRF.
Description
Technical field
The present invention relates to intelligent resilient infrastructure (IRF) technology, detection method and the equipment that activate entity detection (MAD) of the Link Aggregation Control Protocol (LACP) among particularly a kind of IRF more.
Background technology
IRF is a kind of software virtualization technology; Its core concept is that multiple devices are linked together through the IRF physical port; After carrying out necessary configuration; Be virtualized into one " distributed apparatus ", use this technology can gather the hardware resource and the software processes ability of multiple devices, realize collaborative work, unified management and uninterrupted maintenance of multiple devices.Yet when the IRF link failure, an IRF is split into two new IRF, and these two new IRF have three layers of configuration such as identical Internet Protocol (IP) address, can cause address conflict, and fault is enlarged in network.
At present; For fear of this situation, normally through on the member device of IRF, launching LACPMAD, promptly the TLV field that activates ID (ActiveID) is carried in expansion in the LACP protocol massages; Thus; Each member device can be through the LACP protocol massages and the mutual ActiveID of other member device (for an IRF, the value of its ActiveID is unique, is the numbering of main member device among the IRF) of expansion.When IRF normally moved, the ActiveID value in the LACP protocol massages that all member devices send was identical, the multi-Active conflict can not take place; When IRF was split into two or more IRF, the ActiveID value in the LACP protocol massages that the member device among the different I RF sends was different, thereby the multi-Active conflict takes place.
When the multi-Active conflict took place, the member device that receives the LACP protocol massages obtained ActiveID value wherein, and relatively should value and the size of the ActiveID value of self; Because it is little that the ActiveID value of main member device is set in the prior art usually; Therefore, when self ActiveID value is big, all of the port Close All of this member device; Member device to avoid having identical global configuration carries out data transmit-receive respectively, causes the network concussion.
Yet; If malicious attacker structure LACP protocol massages is arranged, and the ActiveID value in this LACP protocol massages is littler than the ActiveID value of certain member device, after then this member device is received this LACP protocol massages; All of the port is Close All, thereby causes network failure.
Summary of the invention
In view of this, the invention provides the detection method of a kind of LACP MAD, can correctly discern the LACP protocol massages, realize that effectively the LACP MAD among the IRF detects.
The present invention also provides the checkout equipment of a kind of LACP MAD, can correctly discern the LACP protocol massages, realizes that effectively the LACP MAD among the IRF detects.
In order to achieve the above object, the technical scheme of the present invention's proposition is:
A kind of Link Aggregation Control Protocol LACP activates the detection method of entity detection MAD more, and this method comprises:
The LACP protocol massages is expanded, made it comprise the product type and the media access control MAC address of distinguishing different intelligent resilient infrastructure IRF that is used to distinguish different members equipment;
Whether the product type of the LACP protocol massages of the expansion that the message recipient relatively receives is identical with self product type; If; Whether the MAC Address of the LACP protocol massages of more said expansion is identical with the self MAC address again; If identical, determine whether all of the port Close All according to the activation identify label ActiveID value of the LACP protocol massages of said expansion and the magnitude relationship of self ActiveID value.
When the product type of the LACP of the said expansion that receives protocol massages and self product type were inequality, this method further comprises: the message recipient abandoned the LACP protocol massages of the expansion that receives.
When the MAC Address of the LACP of said expansion protocol massages and self MAC address were inequality, this method further comprises: the message recipient abandoned the LACP protocol massages of the expansion that receives.
The ActiveID value of said LACP protocol massages according to said expansion and the magnitude relationship of self ActiveID value determine whether that all of the port Close All comprises:
The ActiveID value of main member device hour in IRF, self ActiveID value is greater than the ActiveID value of the LACP protocol massages of expansion, all of the port Close All;
Or when the ActiveID of main member device among IRF value was big, self ActiveID value was less than the ActiveID value of the LACP protocol massages of expansion, all of the port Close All.
A kind of Link Aggregation Control Protocol LACP activates the checkout equipment of entity detection MAD more, and this equipment comprises: message expanding element, first comparing unit, second comparing unit and port shutdown unit, wherein,
Said message expanding element is used for the LACP protocol massages is expanded, and makes it comprise the product type and the media access control MAC address of distinguishing different intelligent resilient infrastructure IRF that is used to distinguish different members equipment;
Said first comparing unit, whether the product type of the LACP protocol massages of the expansion that is used for relatively receiving is identical with self product type;
Said second comparing unit is used for first comparing unit relatively when identical, and whether the MAC Address of the LACP protocol massages of more said expansion is identical with the self MAC address;
Said port shutdown unit, be used for when second comparing unit relatively when identical, determine whether all of the port Close All according to the activation identify label ActiveID value of the LACP protocol massages of said expansion and the magnitude relationship of self ActiveID value.
This equipment also comprises the packet loss unit, is used for when the product type of the LACP of the said expansion that receives protocol massages and self product type are inequality, abandoning the LACP protocol massages of the expansion that receives.
This equipment also comprises the packet loss unit, is used for when the MAC Address of the LACP of said expansion protocol massages and self MAC address are inequality, abandoning the LACP protocol massages of the expansion that receives.
The ActiveID value of said LACP protocol massages according to said expansion and the magnitude relationship of self ActiveID value determine whether that all of the port Close All comprises:
The ActiveID value of main member device hour in IRF, self ActiveID value is greater than the ActiveID value of the LACP protocol massages of expansion, all of the port Close All;
Or when the ActiveID of main member device among IRF value was big, self ActiveID value was less than the ActiveID value of the LACP protocol massages of expansion, all of the port Close All.
In sum; Detection method and the equipment of the LACP MAD that the present invention adopted; Be through being used for carrying out LACP protocol massages expansion increase product type and two fields of MAC Address that LACP MAD detects; Thereby after making that message recipient (being the member device among the IRF) receives the LACP MAD message after the expansion; At first can whether legal according to the LACP protocol massages that wherein product type and MAC Address are determined this expansion, when the LACP of said expansion protocol massages, determine whether all of the port Close All according to the ActiveID value of the LACP protocol massages of expansion and the magnitude relationship of self ActiveID value again.Therefore, LACP MAD detection method of the present invention not only can correctly be discerned the LACP protocol massages, and after correctly identifying the LACP protocol massages, can realize effectively that the LACP MAD among the IRF detects.
Description of drawings
Fig. 1 is the workflow diagram of the detection method of LACP MAD of the present invention;
Fig. 2 is the structural representation of the checkout equipment of LACP MAD of the present invention.
Embodiment
In order to solve the technical problem that the present invention proposes, the concrete realization of scheme according to the invention comprises:
The LACP protocol massages is expanded, made it comprise the product type and the MAC Address of distinguishing different I RF that is used to distinguish different members equipment; Whether the product type of the LACP protocol massages of the expansion that the message recipient relatively receives is identical with self product type; If; Whether the MAC Address of the LACP protocol massages of more said expansion is identical with the self MAC address again; If identical, determine whether all of the port Close All according to the ActiveID value of the LACP protocol massages of said expansion and the magnitude relationship of self ActiveID value.
For making the object of the invention, technical scheme and advantage clearer, will combine accompanying drawing and specific embodiment that the present invention is done to describe in detail further below.
Fig. 1 is the workflow diagram of the detection method of LACP MAD of the present invention.As shown in Figure 1, this flow process comprises:
Step 101: the LACP protocol massages is expanded, made it comprise the product type and the MAC Address of distinguishing different I RF that is used to distinguish different members equipment.
Need to prove; In this step, the product type of member device can be for low side devices or high-end devices etc., for some IRF; The product type of member device wherein all is identical; Equipment with different product type can not pile up, and therefore, just can judge equipment through the LACP protocol massages that has comprised product type and whether belong to the IRF pile system.
What also need explain is, MAC Address is the total MAC of IRF pile system, and for an IRF, all member devices wherein have identical MAC Address.
Step 102: whether the product type of the LACP protocol massages of the expansion that the message recipient relatively receives is identical with self product type, if identical, execution in step 103; Otherwise, execution in step 105.
In this step; If message recipient's self product type is identical with the product type of the LACP protocol massages of the expansion that receives, explain that then the member device as the message recipient can be positioned at same IRF pile system with the member device that sends the LACP protocol massages of expansion; Otherwise, explain that these two member devices can not be arranged in same IRF pile system, then the LACP protocol massages of this expansion belongs to attack message, and it is abandoned.
Step 103: whether the MAC Address of the LACP protocol massages of the expansion that the message recipient relatively receives is identical with the self MAC address, if identical, execution in step 104; Otherwise, execution in step 105.
In this step; If message recipient's self MAC Address is identical with the MAC Address of the LACP protocol massages of the expansion that receives, explain that then the member device as the message recipient is to be positioned at same IRF pile system with the member device that sends the LACP protocol massages of expansion; Otherwise, explain that these two member devices are not arranged in same IRF pile system, then the LACP protocol massages of this expansion belongs to attack message, and it is abandoned.
Step 104: the message recipient is according to ActiveID value and the magnitude relationship of self ActiveID value in the LACP protocol massages of expansion, determine whether all of the port Close All after, finish whole workflow.
In this step; If message recipient's self product type is all identical with the product type and the MAC Address of the LACP protocol massages of the expansion that receives with MAC Address; The LACP protocol massages that the expansion that receives then is described is legal LACP MAD detection messages; At this moment, can be according to ActiveID value and the magnitude relationship of self ActiveID value in the LACP protocol massages of expansion, determine whether Close All of all of the port.
Need to prove; In this step; According to the ActiveID value in the LACP protocol massages of expansion and the magnitude relationship of self ActiveID value; Determine whether that closing whole ports can comprise: when the ActiveID value that main member device is set hour, if the ActiveID value of self is greater than the ActiveID value in the LACP protocol massages of expansion, then all of the port Close All; Or, when the ActiveID value that main member device is set is big, if the ActiveID value of self is less than the ActiveID value in the LACP protocol massages of expansion, then all of the port Close All.Specifically can decide, be as the criterion with the realization that does not influence the embodiment of the invention according to actual conditions.
Step 105: the message recipient finishes whole workflow after abandoning the LACP protocol massages of the expansion that receives.
So far, promptly accomplished the whole workflow of the detection method of LACP MAD of the present invention.
Based on said method, Fig. 2 has provided the structural representation of the checkout equipment of the LACP MAD that the present invention adopted.As shown in Figure 2, this equipment comprises: message expanding element 21, first comparing unit 22, second comparing unit 23 and port shutdown unit 24, wherein,
Said message expanding element 21 is used for the LACP protocol massages is expanded, and makes it comprise the product type and the media access control MAC address of distinguishing different intelligent resilient infrastructure IRF that is used to distinguish different members equipment;
Said first comparing unit 22, whether the product type of the LACP protocol massages of the expansion that is used for relatively receiving is identical with self product type;
Said second comparing unit 23 is used for first comparing unit 22 relatively when identical, and whether the MAC Address of the LACP protocol massages of more said expansion is identical with the self MAC address;
Said port shutdown unit 24, be used for when second comparing unit 23 relatively when identical, determine whether all of the port Close All according to the activation identify label ActiveID value of the LACP protocol massages of said expansion and the magnitude relationship of self ActiveID value.
Wherein, the ActiveID value of said LACP protocol massages according to said expansion and the magnitude relationship of self ActiveID value determine whether that all of the port Close All comprises:
The ActiveID value of main member device hour in IRF, self ActiveID value is greater than the ActiveID value of the LACP protocol massages of expansion, all of the port Close All;
Or when the ActiveID of main member device among IRF value was big, self ActiveID value was less than the ActiveID value of the LACP protocol massages of expansion, all of the port Close All.
Further, this equipment also comprises packet loss unit 25, be used for when said first comparing unit 22 relatively when inequality, abandon the LACP protocol massages of the expansion that receives.
Said packet loss unit 25, also be used for when said second comparing unit 23 relatively when inequality, abandon the LACP protocol massages of the expansion that receives.
So far, promptly obtained the checkout equipment of the LACP MAD that the present invention adopted.The concrete workflow of the checkout equipment of the said LACPMAD of Fig. 2 can repeat no more referring to Fig. 1 here.
In a word; Detection method and the equipment of the LACP MAD that the present invention adopted; Through being used for carrying out LACP protocol massages expansion increase product type and two fields of MAC Address that LACP MAD detects; Thereby after making that message recipient (being the member device among the IRF) receives the LACP MAD message after the expansion; At first can whether legal according to the LACP protocol massages that wherein product type and MAC Address are determined this expansion, when the LACP of said expansion protocol massages, determine whether all of the port Close All according to the ActiveID value of the LACP protocol massages of expansion and the magnitude relationship of self ActiveID value again.Therefore, LACP MAD detection method of the present invention not only can correctly be discerned the LACP protocol massages, and after correctly identifying the LACP protocol massages, can realize effectively that the LACPMAD among the IRF detects.
The above is merely preferred embodiment of the present invention, and is in order to restriction the present invention, not all within spirit of the present invention and principle, any modification of being made, is equal to replacement, improvement etc., all should be included within the scope that the present invention protects.
Claims (8)
1. a Link Aggregation Control Protocol LACP activates the detection method of entity detection MAD more, it is characterized in that this method comprises:
The LACP protocol massages is expanded, made it comprise the product type and the media access control MAC address of distinguishing different intelligent resilient infrastructure IRF that is used to distinguish different members equipment;
Whether the product type of the LACP protocol massages of the expansion that the message recipient relatively receives is identical with self product type; If; Whether the MAC Address of the LACP protocol massages of more said expansion is identical with the self MAC address again; If identical, determine whether all of the port Close All according to the activation identify label ActiveID value of the LACP protocol massages of said expansion and the magnitude relationship of self ActiveID value.
2. method according to claim 1; It is characterized in that; When the product type of the LACP of the said expansion that receives protocol massages and self product type were inequality, this method further comprises: the message recipient abandoned the LACP protocol massages of the expansion that receives.
3. method according to claim 1 is characterized in that, when the MAC Address of the LACP of said expansion protocol massages and self MAC address were inequality, this method further comprises: the message recipient abandoned the LACP protocol massages of the expansion that receives.
4. method according to claim 1 is characterized in that, the ActiveID value of said LACP protocol massages according to said expansion and the magnitude relationship of self ActiveID value determine whether that all of the port Close All comprises:
The ActiveID value of main member device hour in IRF, self ActiveID value is greater than the ActiveID value of the LACP protocol massages of expansion, all of the port Close All;
Or when the ActiveID of main member device among IRF value was big, self ActiveID value was less than the ActiveID value of the LACP protocol massages of expansion, all of the port Close All.
5. a Link Aggregation Control Protocol LACP activates the checkout equipment of entity detection MAD more, it is characterized in that this equipment comprises: message expanding element, first comparing unit, second comparing unit and port shutdown unit, wherein,
Said message expanding element is used for the LACP protocol massages is expanded, and makes it comprise the product type and the media access control MAC address of distinguishing different intelligent resilient infrastructure IRF that is used to distinguish different members equipment;
Said first comparing unit, whether the product type of the LACP protocol massages of the expansion that is used for relatively receiving is identical with self product type;
Said second comparing unit is used for first comparing unit relatively when identical, and whether the MAC Address of the LACP protocol massages of more said expansion is identical with the self MAC address;
Said port shutdown unit, be used for when second comparing unit relatively when identical, determine whether all of the port Close All according to the activation identify label ActiveID value of the LACP protocol massages of said expansion and the magnitude relationship of self ActiveID value.
6. equipment according to claim 5 is characterized in that this equipment also comprises the packet loss unit, be used for when said first comparing unit relatively when inequality, abandon the LACP protocol massages of the expansion that receives.
7. equipment according to claim 5 is characterized in that this equipment also comprises the packet loss unit, be used for when said second comparing unit relatively when inequality, abandon the LACP protocol massages of the expansion that receives.
8. equipment according to claim 5 is characterized in that, the ActiveID value of said LACP protocol massages according to said expansion and the magnitude relationship of self ActiveID value determine whether that all of the port Close All comprises:
The ActiveID value of main member device hour in IRF, self ActiveID value is greater than the ActiveID value of the LACP protocol massages of expansion, all of the port Close All;
Or when the ActiveID of main member device among IRF value was big, self ActiveID value was less than the ActiveID value of the LACP protocol massages of expansion, all of the port Close All.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2011103190220A CN102387046A (en) | 2011-10-19 | 2011-10-19 | Detection method and equipment of MAD (Multi-Activity Detection) for LACP (Link Aggregation Control Protocol) |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2011103190220A CN102387046A (en) | 2011-10-19 | 2011-10-19 | Detection method and equipment of MAD (Multi-Activity Detection) for LACP (Link Aggregation Control Protocol) |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN102387046A true CN102387046A (en) | 2012-03-21 |
Family
ID=45826046
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2011103190220A Pending CN102387046A (en) | 2011-10-19 | 2011-10-19 | Detection method and equipment of MAD (Multi-Activity Detection) for LACP (Link Aggregation Control Protocol) |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102387046A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106060049A (en) * | 2016-06-01 | 2016-10-26 | 杭州华三通信技术有限公司 | Anti-attack method and device for IRF system |
| CN103731303B (en) * | 2013-12-20 | 2017-08-11 | 新华三技术有限公司 | A kind of longitudinal fusion architecture interface realizes the method and apparatus of many active entities detections |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20090109998A1 (en) * | 2007-10-29 | 2009-04-30 | Alcatel Lucent | Facilitating self configuring link aggregation using link aggregation control protocol |
| CN101442484A (en) * | 2008-12-05 | 2009-05-27 | 杭州华三通信技术有限公司 | Method, system and equipment for detecting stacking multi-Active |
| CN101674208A (en) * | 2009-10-28 | 2010-03-17 | 杭州华三通信技术有限公司 | LACP MAD detection method and device thereof |
-
2011
- 2011-10-19 CN CN2011103190220A patent/CN102387046A/en active Pending
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20090109998A1 (en) * | 2007-10-29 | 2009-04-30 | Alcatel Lucent | Facilitating self configuring link aggregation using link aggregation control protocol |
| CN101442484A (en) * | 2008-12-05 | 2009-05-27 | 杭州华三通信技术有限公司 | Method, system and equipment for detecting stacking multi-Active |
| CN101674208A (en) * | 2009-10-28 | 2010-03-17 | 杭州华三通信技术有限公司 | LACP MAD detection method and device thereof |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103731303B (en) * | 2013-12-20 | 2017-08-11 | 新华三技术有限公司 | A kind of longitudinal fusion architecture interface realizes the method and apparatus of many active entities detections |
| CN106060049A (en) * | 2016-06-01 | 2016-10-26 | 杭州华三通信技术有限公司 | Anti-attack method and device for IRF system |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN107996023B (en) | Method and equipment for monitoring virtual network and virtual network system | |
| CN102197627B (en) | The improvement of flux of multicast convergence | |
| CN103166811B (en) | A kind of MAD detection method and equipment | |
| CN104104570A (en) | Aggregation processing method in IRF (Intelligent Resilient Framework) system and device | |
| CN101420332B (en) | Notifying method and network device for member terminal port configuring condition | |
| CN102355366B (en) | Member-stacking device and method for managing member-stacking device at split stacking moment | |
| US10764119B2 (en) | Link handover method for service in storage system, and storage device | |
| US10721094B2 (en) | Ethernet ring protection switching method and node | |
| KR20100122870A (en) | Method and apparatus for maintaining port state tables in a forwarding plane of a network element | |
| US8659993B2 (en) | Priority domains for protection switching processes | |
| CN101714932A (en) | MAD testing method and device for IRF stacker | |
| US20190026168A1 (en) | Geographical Redundancy and Dynamic Scaling for Virtual Network Functions | |
| CN103607317A (en) | Two-layer loop detection method, two-layer loop detection device and communication system | |
| US10652145B2 (en) | Managing data frames in switched networks | |
| US20170222864A1 (en) | Method and Apparatus for Implementing Operation, Administration, and Maintenance Function | |
| US10397340B2 (en) | Multicast migration | |
| CN104158707A (en) | Method and device of detecting and processing brain split in cluster | |
| CN103220189A (en) | Multi-active detection (MAD) backup method and equipment | |
| US9372708B2 (en) | Synchronizing multicast groups | |
| CN106909197B (en) | Virtualization host time management method and virtualization host system | |
| US9479438B2 (en) | Link aggregation based on virtual interfaces of VLANs | |
| CN102387046A (en) | Detection method and equipment of MAD (Multi-Activity Detection) for LACP (Link Aggregation Control Protocol) | |
| JP6190281B2 (en) | Relay system and switch device | |
| CN100550844C (en) | The method of reducing redirected message characteristic information | |
| CN111464436B (en) | Method for solving single-port loop of RSTP (remote station transfer protocol) |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C12 | Rejection of a patent application after its publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20120321 |