CN102546394B - TCP (Transmission Control Protocol) connection elimination method - Google Patents
TCP (Transmission Control Protocol) connection elimination method Download PDFInfo
- Publication number
- CN102546394B CN102546394B CN201110413487.2A CN201110413487A CN102546394B CN 102546394 B CN102546394 B CN 102546394B CN 201110413487 A CN201110413487 A CN 201110413487A CN 102546394 B CN102546394 B CN 102546394B
- Authority
- CN
- China
- Prior art keywords
- tcp
- node
- search
- call number
- connection
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention provides a TCP (Transmission Control Protocol) connection elimination method, which is characterized in that: least recently used (LRU) TCP connection which has the smallest access frequency is eliminated all the time by using high-efficiency storage and retrieval of hash and an effective TCP connection elimination mechanism. Compared with the prior art, the TCP connection elimination method has the beneficial effects that: one TCP connection elimination strategy is realized; holding of an active node with more frequent access is guaranteed; and the node with low access frequency which is not accessed at the longest is eliminated. According to the method, the active connection is held, and synflood attack can be prevented to a certain extent.
Description
Technical field
The invention belongs to network safety filed.Be specifically related to a kind of TCP and connect the method for eliminating.
Background technology
Along with the develop rapidly of network, network environment becomes increasingly complex, and the data transmitted in a network are more difficult to ensure its original order of card, in order to effectively analyze upper layer application, ensure the speed of data flow on response backbone network, TCP Unloading Technology is day by day universal simultaneously.Due to the restriction of system resource, as: physical memory etc.The TCP concurrent connection number supported is also limited, under network environment at a high speed, certainly exists larger TCP concurrent connection number, also just there is the superseded problem that TCP connects.Eliminating that TCP connects mainly comprises two steps, the replacement policy that TCP connects and retrieval.Wherein retrieval occupies main time complexity, and traditional method stores the order that TCP connects according to setting up, and travels through during retrieval to all-links.When concurrent connection is larger, ordered retrieval efficiency is very low, and time complexity is read as O (n), n are the length of the concurrent connection of TCP.Therefore, in order to raise the efficiency, the system that concurrent connection number is larger, the general hash chained list that adopts stores, and each hash item connects a conflict chain, can adopt hash method when retrieving, and time complexity is conflict chain length.At this mechanism row.Replacement policy generally uses untapped superseded method at most.
Patent No. CN200580011566.3 (providing agreement to realize the method and apparatus of the wireless tcp session using split-type TCP to connect) discloses a kind of method and system, and this system operates in order to set up TCP session via wireless network and internet between MS and end points destination according to the method.The method comprises split-type TCP connection request is sent to from this MS the PEP being arranged in this network, and wherein this split-type TCP connection request comprises the information for identifying the network address of this MS and the network address of this end points destination.The method also comprises in response to receiving this split-type TCP connection request from this MS, set up split-type TCP to connect, this split-type TCP connects the wireless tcp (WTCP) be included between this MS with this PEP and to be connected and TCP at least part of way between this PEP with this end points destination is connected.In one embodiment, this end points destination is the application server being coupled to internet, and this TCP is connected between this PEP and this application server and sets up.In another embodiment, this end points destination is the 2nd MS being coupled to the 2nd PEP in second wireless network, and this TCP connection is at least established to the 2nd PEP, is then that WTCP connects from the 2nd PEP to the 2nd MS.
Patent No. CN200610066008.3 (a kind of merging method that TCP connects) discloses a kind of merging method that TCP connects, its feature comprises: A, first, second to send respectively to main equipment from equipment and set up TCP connection request, main equipment adopts mode of cheating to send acknowledge message immediately to first, second from equipment, under main equipment does not start TCP handling process situation, first, second is set up TCP respectively from equipment and is connected TCP I, TCP II with main equipment; B, set up the corresponding relation that these two TCP connect TCP I, TCP II on the master; C, first, second from equipment by main equipment forward carry out transfer of data.Adopt the merging method that TCP of the present invention connects, because intermediate node need not process complicated Transmission Control Protocol and state machine, greatly reduce the processing load of intermediate node.Network processing unit or hardware logic can be adopted to realize high speed forward, the merging that more than two TCP are connected thus are realized transmitting end to end.
The shortcoming of prior art is: adopt the method do not used at most to eliminate TCP and connect, likely eliminate leading portion very active, but the connection do not arrived every a period of time due to network reason data.Simultaneously when synflood attacks, be easy to effective TCP to connect eliminate.
Summary of the invention
The present invention overcomes prior art deficiency, and the replacement policy connected by adjustment TCP, is ensured that live-vertex is kept, delete minimum, the connected node do not used at most, can prevent synflood from attacking to a certain extent.
The invention provides a kind of TCP and connect the method for eliminating, by using hash store efficiently and retrieve, setting up effective TCP and connecting eliminative mechanism, superseded access times are minimum all the time, and the TCP do not used at most connects.
TCP provided by the invention connects the method for eliminating, and comprises the steps:
1) the concurrent connection table of initialization;
2) receive syn, reset packet, search concurrent chained list according to four-tuple, go to step 5;
3) receive syn ack or ack packet, go to step 8;
4) receive fin or fin ack packet, go to step 9;
5) search successfully, then the syn bag for retransmitting, abandons; Search unsuccessfully, then check whether maximum concurrent connection number is greater than threshold value, is less than, and goes to step 6, otherwise go to step 7.
6) search call number minimum, the connected node of no access is at most eliminated;
7) newly-built concurrent connection item, call number puts 1, is the node head of 1, goes to step 10 node motion to call number;
8) search node, success, then increase call number, and node motion is first to identical call number node, and failed then disconnected data then abandon; Go to step 10;
9) corresponding connection is closed.
One of 10) processing data packets terminates, and next packet arrives and goes to step 2,3,4.
Compared with prior art, beneficial effect of the present invention is: this TCP of the present invention connects replacement policy, and guarantee access ratio more frequently live-vertex is kept, and superseded access times are few, and the node of not accessing at most.The method can prevent synflood from attacking to a certain extent.
accompanying drawing explanation
Fig. 1 is the flow chart that a kind of TCP connects the method for eliminating.
embodiment
The detailed step of the present invention program is as follows:
1. the concurrent connection table of initialization;
2. receive syn, reset packet, search concurrent chained list according to four-tuple, go to step 5;
3. receive syn ack or ack packet, go to step 8
4. receive fin or fin ack packet, go to step 9;
5. search successfully, then the syn bag for retransmitting, abandons; Search unsuccessfully, then check whether maximum concurrent connection number is greater than threshold value, is less than, and goes to step 6, otherwise go to step 7.
6. search call number minimum, the connected node of no access is at most eliminated;
7. newly-built concurrent connection item, call number puts 1, is the node head of 1, goes to step 10 node motion to call number
8. search node, success, then increase call number, and node motion is first to identical call number node, and failed then disconnected data then abandon; Go to step 10;
9. close corresponding connection.
10. until system closing, otherwise go to step 2.
Above embodiment is only in order to illustrate that technical scheme of the present invention is not intended to limit, although with reference to above-described embodiment to invention has been detailed description, the those of ordinary skill in described field is to be understood that: still can modify to the specific embodiment of the present invention or replace on an equal basis, and not departing from any amendment of spirit and scope of the invention or equivalent replacement, it all should be encompassed in the middle of right of the present invention.
Claims (1)
1. TCP connects the method for eliminating, and it is characterized in that, by using hash store efficiently and retrieve, setting up effective TCP and connecting eliminative mechanism, superseded access times are minimum all the time, and the TCP do not used at most connects;
1) the concurrent connection table of initialization;
2) receive syn, reset packet, search concurrent chained list according to four-tuple, go to step 5;
3) receive syn ack or ack packet, go to step 8;
4) receive fin or fin ack packet, go to step 9;
5) search successfully, then the syn bag for retransmitting, abandons; Search unsuccessfully, then check whether maximum concurrent connection number is greater than threshold value, is less than, and goes to step 7, otherwise go to step 6;
6) search call number minimum, the connected node of no access is at most eliminated;
7) newly-built concurrent connection item, call number puts 1, is the node head of 1, goes to step 10 node motion to call number;
8) search node, success, then increase call number, and node motion is first to identical call number node, and failed then disconnected data then abandon; Go to step 10;
9) corresponding connection is closed;
One of 10) processing data packets terminates, and next packet arrives and goes to step 2,3,4.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201110413487.2A CN102546394B (en) | 2011-12-13 | 2011-12-13 | TCP (Transmission Control Protocol) connection elimination method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201110413487.2A CN102546394B (en) | 2011-12-13 | 2011-12-13 | TCP (Transmission Control Protocol) connection elimination method |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN102546394A CN102546394A (en) | 2012-07-04 |
| CN102546394B true CN102546394B (en) | 2014-12-31 |
Family
ID=46352383
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201110413487.2A Active CN102546394B (en) | 2011-12-13 | 2011-12-13 | TCP (Transmission Control Protocol) connection elimination method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102546394B (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109672648B (en) * | 2017-10-16 | 2020-05-22 | 中国科学院信息工程研究所 | TCP link dynamic management method and equipment |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101290228A (en) * | 2007-04-17 | 2008-10-22 | 北京协进科技发展有限公司 | Map data processing method, system and mobile terminal based on mobile terminal |
| CN101719906A (en) * | 2009-11-10 | 2010-06-02 | 电子科技大学 | Worm propagation behavior-based worm detection method |
| CN102098290A (en) * | 2010-12-17 | 2011-06-15 | 天津曙光计算机产业有限公司 | Elimination and replacement method of transmission control protocol (TCP) streams |
-
2011
- 2011-12-13 CN CN201110413487.2A patent/CN102546394B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101290228A (en) * | 2007-04-17 | 2008-10-22 | 北京协进科技发展有限公司 | Map data processing method, system and mobile terminal based on mobile terminal |
| CN101719906A (en) * | 2009-11-10 | 2010-06-02 | 电子科技大学 | Worm propagation behavior-based worm detection method |
| CN102098290A (en) * | 2010-12-17 | 2011-06-15 | 天津曙光计算机产业有限公司 | Elimination and replacement method of transmission control protocol (TCP) streams |
Also Published As
| Publication number | Publication date |
|---|---|
| CN102546394A (en) | 2012-07-04 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| KR102249741B1 (en) | Method and apparatus for data transmission | |
| JP5635117B2 (en) | Dynamically connected transport service | |
| CN109936510A (en) | Multipath RDMA transmission | |
| CN111711566B (en) | Receiving end disorder rearrangement method under multipath routing scene | |
| US20200351715A1 (en) | Message Cache Management in a Mesh Network | |
| CN110460533B (en) | RDMA (remote direct memory Access) -based data transmission method and device | |
| CN103546258B (en) | Method and device for data transmission | |
| TW202105375A (en) | Method for data transmission and RDMA network interface card | |
| CN1863158B (en) | IP message fragment cache memory and forwarding method | |
| CN111459417A (en) | NVMeoF storage network-oriented lock-free transmission method and system | |
| CN103440213B (en) | A kind of network card driving method being applied to there is the system of multi-CPU and network interface card | |
| CN103475657B (en) | The treating method and apparatus of anti-SYN extensive aggression | |
| CN105635000B (en) | A kind of message storage forwarding method and circuit and equipment | |
| CN109525376A (en) | Fast retransmission method, apparatus and terminal device | |
| CN104753629B (en) | A kind of data delivery method and apparatus | |
| CN102546394B (en) | TCP (Transmission Control Protocol) connection elimination method | |
| CN102801692A (en) | Transmission control protocol (TCP) optimization method and system based on split connection | |
| CN105471718B (en) | A kind of implementation method of full duplex message queue | |
| CN108512833A (en) | A kind of security from attacks method and device | |
| US20150199298A1 (en) | Storage and network interface memory share | |
| CN106372013B (en) | Long-distance inner access method, device and system | |
| US10009409B2 (en) | Retransmission control network node and related method | |
| CN104754760B (en) | A kind of Packet Service method for reconstructing and terminal | |
| US9628366B2 (en) | Methods, systems, and computer readable media for sustaining active control over concurrent session connections | |
| US20060067311A1 (en) | Method of processing packet data at a high speed |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20220803 Address after: 100193 No. 36 Building, No. 8 Hospital, Wangxi Road, Haidian District, Beijing Patentee after: Dawning Information Industry (Beijing) Co.,Ltd. Patentee after: DAWNING INFORMATION INDUSTRY Co.,Ltd. Address before: 100084 Beijing Haidian District City Mill Street No. 64 Patentee before: Dawning Information Industry (Beijing) Co.,Ltd. |
|
| TR01 | Transfer of patent right |