CN103595638B - A kind of MAC address learning method and device - Google Patents

A kind of MAC address learning method and device Download PDF

Info

Publication number
CN103595638B
CN103595638B CN201310538075.0A CN201310538075A CN103595638B CN 103595638 B CN103595638 B CN 103595638B CN 201310538075 A CN201310538075 A CN 201310538075A CN 103595638 B CN103595638 B CN 103595638B
Authority
CN
China
Prior art keywords
mac address
mac
message
preemptive type
address
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201310538075.0A
Other languages
Chinese (zh)
Other versions
CN103595638A (en
Inventor
陈勇
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Star Net Ruijie Networks Co Ltd
Original Assignee
Beijing Star Net Ruijie Networks Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Star Net Ruijie Networks Co Ltd filed Critical Beijing Star Net Ruijie Networks Co Ltd
Priority to CN201310538075.0A priority Critical patent/CN103595638B/en
Publication of CN103595638A publication Critical patent/CN103595638A/en
Application granted granted Critical
Publication of CN103595638B publication Critical patent/CN103595638B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Landscapes

  • Small-Scale Networks (AREA)

Abstract

The embodiment of the present invention provides a kind of MAC address learning method and device, the method includes: switching equipment determines the MAC Address carried in the message that the terminal received self by either port is sent, whether default can not be in preemptive type MAC table, be defined as no, and can not the MAC Address number in preemptive type MAC table when not up to setting numerical value, added to can be in preemptive type MAC table, when determining that message is DHCP message, E-Packet and the interaction of monitoring terminal and Dynamic Host Configuration Protocol server, and monitor Dynamic Host Configuration Protocol server be terminal become behind the distribution of work IP address time, MAC Address is added to can not be in preemptive type MAC table as legal MAC Address, MAC Address sum in the two table no more than sets numerical value.MAC Address, by changing MAC address learning mechanism, is identified, with when MAC Address floods, makes switch the most under fire and ensure that legal terminal normally uses network by the present invention.

Description

A kind of MAC address learning method and device
Technical field
The present invention relates to communication technical field, particularly relate to a kind of MAC address learning method and device.
Background technology
Media interviews control (Media Access Control, MAC) address, also referred to as hardware address, are to identify local The mark of Webweb network device node such as terminal, during the physical transfer of network bottom layer, can be realized by MAC Address Communication between heterogeneous networks equipment.
Ethernet is the most general communication protocol standard that current existing LAN uses, and carries out data transmission in Ethernet Process as follows: the MAC Address carried in the message that Ethernet switch is sent according to the terminal received, forward the packet to Particular port;So, switch must remember the relevant information of corresponding ports, and this information is commonly stored in the mac table, Switch fills MAC table by the way of MAC address learning.
Specifically, switch is after receiving the message that this terminal is sent, by taking in the message received by inspection The MAC Address of band the most in the mac table, if it is checked that the most in the mac table, then learns this MAC Address, i.e. creates a MAC Address and port interconnected record, for this record, this MAC Address that switch learns is generally of life span (i.e. the ageing time of MAC Address), if switch does not relearn this MAC Address in ageing time, it means that This record in MAC table has expired, and deletes from MAC table.
It should be noted that switch learns usual employing to MAC Address first receives the mode first learnt, i.e. can not rob Account for pattern, if the MAC table of switch has been learned full, then, the message being successfully received no longer carries out MAC address learning.
Owing in the MAC table of switch, the capacity of MAC Address is limited, when LAN exists assailant, attack Person utilizes the switch learning functionality to MAC Address, makes switch be attacked by substantial amounts of MAC Address;Such as, to switch Send the message of a large amount of different MAC Address, i.e. flood with MAC Address, cause MAC table quickly to be learned full, and then cause Reach destination interface and the business from unknown address will be flooded to all of the port of switch, thus cause the bright of network performance Aobvious decline;If it addition, assailant keep that flooding of illegal MAC Address, last switch learn all the most legal MAC Address by expired, causes all legal business to be submerged due to aging;Thus, from performance and safe the two angle From the point of view of, network will be caused significant impact by the extensive aggression of MAC Address.
For above-mentioned situation, following manner is the most generally used to solve:
First kind of way, static configuration MAC Address, i.e. close the MAC Address autolearn feature of switch, collect and hand over The legal MAC Address of the terminal accessed under each port changed planes, then, according to the legal MAC Address collected, sets up each end Mouthful with the corresponding relation of each MAC Address of the terminal of access.
The second way: dynamic learning MAC Address, i.e. limit the number learning MAC Address on the single port of switch Amount, attacks from certain fixing port owing to the extensive aggression of MAC Address is usually, therefore by limiting single port Table capacity, the attack source preventing the port from coming in takes mac address table, to ensure the properly functioning of other ports.
From above-mentioned settling mode it can be seen that no matter use which kind of mode, avoid MAC Address the most to a certain extent general The problem of flood, but, if using first kind of way, needing manually to carry out static configuration, human resources consumes relatively big, and When position change or the replacing of terminal, it is required to revise MAC table, inconvenient operation by hand;If the employing second way If, although the quantity learning MAC Address on the single port of switch is limited, but and is unaware of in MAC table each The MAC Address that individual port is corresponding is that legal terminal sends, or assailant sends, and so, is attacked at certain port When the person of hitting attacks, the MAC Address number that can learn under this port is the most quickly learned full, thus cause legal terminal under this port without Method normally uses network.
Summary of the invention
Embodiments provide a kind of MAC address learning method and device, in order to solve existing employing static configuration MAC Address causes inconvenient operation, and dynamic learning MAC Address cannot ensure that when MAC Address floods legal terminal normally makes By the problem of network.
Based on the problems referred to above, a kind of MAC address learning method that the embodiment of the present invention provides, including:
Switching equipment determines the MAC Address carried in the message that the terminal received self by either port is sent, and is No default can not in preemptive type MAC table, described can not the conjunction that learnt by each port for storage of preemptive type MAC table Method MAC Address;
If it is not, determine described can not the MAC Address number in preemptive type MAC table not up to set numerical value time, by described MAC Address adds to default in preemptive type MAC table, and can determine whether described message is DHCP (Dynamic Host Configuration Protocol, DHCP) message, described can pass through for storage by preemptive type MAC table The doubtful illegal MAC Address that each port learns, and can not be not more than by the MAC Address sum in preemptive type MAC table with described Described setting numerical value;
When determining that described message is DHCP message, it is forwarded, and monitors the friendship of described terminal and Dynamic Host Configuration Protocol server Mutually process, is after described terminal becomes distribution of work IP address monitoring Dynamic Host Configuration Protocol server, using described MAC Address as legal MAC Address add to described can not be in preemptive type MAC table.
A kind of MAC address learning device that the embodiment of the present invention provides, including:
Receiver module, for receiving, by the either port of described device, the message carrying MAC Address that terminal is sent;
Determine module, for determining the MAC Address carried in the described message that described receiver module receives, if in advance If can not be in preemptive type MAC table;When being defined as no, determine described can not whether to reach by the MAC Address number in preemptive type MAC table To setting numerical value;And when determining the most described setting numerical value, determine whether described message is DHCP message, described not Can be used for storing the legal MAC Address that described device is learnt by each port by preemptive type MAC table;
Add module, for described determine that module determines the most described setting numerical value time, described MAC Address is added Be added to preset can be in preemptive type MAC table;And be that described terminal becomes distribution of work IP in monitoring module monitors to Dynamic Host Configuration Protocol server Behind address, described MAC Address is added to and described can not preemptive type MAC table described can be used for storing described by preemptive type MAC table The doubtful illegal MAC Address that device is learnt by each port, and with described can not MAC Address in preemptive type MAC table total Number is not more than described setting numerical value;
Forwarding module, for described determine that module determines that described message is DHCP message time, forward described message;
Monitoring modular, for described determine that module determines that described message is DHCP message time, monitor described terminal with The interaction of described Dynamic Host Configuration Protocol server.
The beneficial effect of the embodiment of the present invention includes:
The MAC address learning method and device that the embodiment of the present invention provides, in the method, switching equipment determines that self is logical Cross the MAC Address carried in the message that the terminal that either port receives is sent, if can not preemptive type MAC table default In, be defined as no, and determine can not the MAC Address number in preemptive type MAC table when not up to setting numerical value, by MAC Address Add to and default in preemptive type MAC table, then can determine whether message is DHCP message;When being determined as, E-Packet and Monitoring terminal and the interaction of Dynamic Host Configuration Protocol server, and be after terminal becomes distribution of work IP address monitoring Dynamic Host Configuration Protocol server, will MAC Address adds to as legal MAC Address can not be in preemptive type MAC table, and can not preemptive type MAC table and can preemptive type MAC Address sum in MAC table no more than sets numerical value.The embodiment of the present invention, without artificial binding MAC address one by one, operates Come more convenient, and by the MAC Address quantity of each port of switching equipment is limited, create and distinguish can not robbing of message Account for formula MAC table and can preemptive type MAC table, realize in the case of MAC Address floods, can not rob under each port on switch Account for formula MAC table and keep stable, will not be pounded full, ensure that the legal terminal under each port all can normally get IP ground simultaneously Location, i.e. can normally use network.
Accompanying drawing explanation
The flow chart of the MAC address learning method that Fig. 1 provides for the embodiment of the present invention;
The LAN backbone schematic diagram that Fig. 2 provides for the embodiment of the present invention;
The structure chart of the MAC address learning device that Fig. 3 provides for the embodiment of the present invention.
Detailed description of the invention
Below in conjunction with Figure of description, the tool to a kind of MAC address learning method and device that the embodiment of the present invention provides Body embodiment illustrates.
The MAC address learning method that the embodiment of the present invention provides, as it is shown in figure 1, specifically include following steps:
S101: switching equipment determines the MAC ground carried in the message that the terminal received self by either port is sent Location, if can not if so, perform step S102 in preemptive type MAC table default;Otherwise, step S103 is performed;
Here, above-mentioned can not be mainly used in storing the conjunction that learnt by each port of switching equipment by preemptive type MAC table Method MAC Address;
S102: E-Packet;
S103: determine and can not whether reach to set numerical value by the MAC Address number in preemptive type MAC table, if so, perform step S104;Otherwise, step S105 is performed;
S104: dropping packets;
S105: MAC Address is added to and default in preemptive type MAC table, and can determine whether message is DHCP message;If It is to perform step S106;Otherwise, step S104 is performed;
Here, above-mentioned can preemptive type MAC table for store switching equipment by each port learn doubtful illegally MAC Address, and can not no more than set numerical value by the MAC Address sum in preemptive type MAC table with above-mentioned, this sets numerical value mainly For limit under each port can not preemptive type MAC table and can MAC Address quantity sum in preemptive type MAC table, to avoid MAC ground Location floods;
S106: E-Packet, and the interaction of monitoring terminal and Dynamic Host Configuration Protocol server, monitoring Dynamic Host Configuration Protocol server for eventually After holding into distribution of work IP address, being added to as legal MAC Address by MAC Address can not be in preemptive type MAC table.
In embodiments of the present invention, that presets under each port of switching equipment can not preemptive type MAC table and can seizing In formula MAC table, not only storing corresponding MAC Address, also storage has the terminal that reception appropriate address is corresponding to send the end of message Mouthful, in order to follow-up carry out message forwarding.
Further, above-mentioned can not in preemptive type MAC table the learning style of MAC Address use can not contention mode, the most just To say, can not in the case of switching equipment learns in preemptive type MAC table MAC Address quantity reaches above-mentioned setting numerical value, This means to have learned full by preemptive type MAC table, no longer learn new MAC Address, can preemptive type MAC table be now empty;On State can in preemptive type MAC table the learning style of MAC Address use can contention mode, say, that can preemptive type MAC table handed over In the case of the MAC Address quantity that exchange device learns also reaches above-mentioned setting numerical value, it means that can learn by preemptive type MAC table Full, can not preemptive type MAC table be now empty (the most also not learning to legal MAC Address), in this case, continue study MAC Address, and study to MAC Address is added to and preemptive type MAC table can i.e. be seized and can be learnt the earliest in preemptive type MAC table The MAC Address arrived.
It should be noted that above-mentioned setting numerical value can determine according to real network ruuning situation, such as set numerical value as 4, it is, of course, also possible to be other numerical value;The embodiment of the present invention sets numerical value by this, realizes each port to switching equipment Under MAC Address sum limit, during to avoid certain port to occur that MAC Address floods, affect the operation of other ports.
In other words, can not preemptive type MAC table and can MAC Address summation in preemptive type MAC table not over each port Under the sum (the most above-mentioned setting numerical value) of learnt MAC Address that pre-sets, and, can not preferentially take by preemptive type MAC table Can preemptive type MAC table, such as, under certain port of switching equipment arrange MAC Address sum be 4, sometime, can not rob Accounting for formula MAC table and can the ratio of MAC Address number in preemptive type MAC table be 3:1, this MAC Address summation representing the two reaches To 4, in this case, if switching equipment learns to a MAC Address again, being added to can not be in preemptive type MAC table , then, now, the MAC Address that can learn the earliest in preemptive type MAC table, so, the MAC Address number of the two need to be deleted Ratio becomes 4:0, can not preemptive type MAC table be i.e. preferentially to take MAC table.
Specifically, in above-mentioned steps S105, can not the most not up to set numerical value by the MAC Address number in preemptive type MAC table, This means that can not the most not learn full by the legal MAC Address in preemptive type MAC table, for the MAC ground carried in above-mentioned message For location, judging through switching equipment, it is not can not be in preemptive type MAC table, and its legitimacy is not correlated with by this explanation Certification, is at this moment learnt in preemptive type MAC table, then performing follow-up flow process.
Further, why the embodiment of the present invention performs above-mentioned steps S105-S106, is primarily due to, switching equipment It is by the interaction that monitoring Dynamic Host Configuration Protocol server is terminal dynamic IP address allocation, verifies the legitimacy of MAC Address, because of This, need to judge that above-mentioned message, whether as DHCP message, and needs the interaction of monitoring terminal and Dynamic Host Configuration Protocol server.
Here, terminal with the interaction of Dynamic Host Configuration Protocol server is: terminal sends DHCP by its switch accessed Discover message, to find Dynamic Host Configuration Protocol server in a local network;After Dynamic Host Configuration Protocol server receives DHCP Discover message, DHCP Offer message is sent to terminal by switch;Terminal sends DHCP Request by switch to Dynamic Host Configuration Protocol server Message, the IP address i.e. formally having been provided that to Dynamic Host Configuration Protocol server request distribution;Dynamic Host Configuration Protocol server receives DHCP Request report Wen Hou, returns DHCP ACK message by switch, i.e. confirms the request of terminal, distribute for it.
It should be noted that portability has and is pre-assigned to the IP address of terminal, terminal in above-mentioned DHCP Offer message The use time etc. of MAC Address, domain-name information and IP address.So, if switching equipment monitors Dynamic Host Configuration Protocol server for eventually Holding into distribution of work IP address, this explanation MAC Address is legal MAC Address, and i.e. corresponding terminal is legal terminal;If monitored Dynamic Host Configuration Protocol server is not terminal distribution IP address, and this explanation Dynamic Host Configuration Protocol server confirms unsuccessfully, also implies that this MAC Address is not Legal MAC Address, i.e. corresponding terminal is not legal terminal.
Further, in above-mentioned steps S106, MAC Address is added to by switching equipment as legal MAC Address can not In preemptive type MAC table, i.e. it is believed that this terminal is legal terminal, receive the message that this terminal is sent, without district if follow-up Dividing is which type of message, directly performs to forward operation, thus ensure that legal terminal normally uses network.
Preferably, in embodiments of the present invention, switching equipment can also carry out following flow process:
If it is determined that MAC Address in preemptive type MAC table, and can not monitored in the up-to-date ageing time of MAC Address Be that terminal successfully re-rents allocated IP address to Dynamic Host Configuration Protocol server, then basis re-rents the time of allocated IP address, updates Up-to-date ageing time;
If it is determined that MAC Address in preemptive type MAC table, and can not monitored in the up-to-date ageing time of MAC Address IP address, then deleting MAC address is not re-rented for terminal to Dynamic Host Configuration Protocol server.
It should be noted that the up-to-date ageing time in above-mentioned flow process, can be that Dynamic Host Configuration Protocol server is first for terminal distribution The use time of IP address, specifically can obtain from the DHCP ACK message that Dynamic Host Configuration Protocol server sends;It can also be DHCP service Device is that terminal is re-rented the use time distributing IP address, specifically can obtain from re-renting response message of Dynamic Host Configuration Protocol server transmission ?.
So, switching equipment can be by the up-to-date ageing time of intervalometer monitoring MAC Address, if during this period of time In, switching equipment is monitored terminal and be have sent to Dynamic Host Configuration Protocol server by self and re-rent (DHCP Request) message, and receives Arrive Dynamic Host Configuration Protocol server and returned to the DHCP ACK message carrying the time of re-renting of terminal, it means that Dynamic Host Configuration Protocol server has been agreed to Terminal is re-rented, and now, switching equipment just according to re-renting the time in this DHCP ACK message, updates up-to-date ageing time.
Correspondingly, if the most arrived, switching equipment does not also receive the DHCP Request message that terminal is sent, or If person does not receives the corresponding DHCP ACK message that Dynamic Host Configuration Protocol server is sent, this explanation terminal is perhaps without distributing IP ground for it Location, or the already out network of terminal (netting twine of such as terminal has been extracted or shut down), also or to have disabled terminal automatic Obtaining the function of IP address, in this case, switching equipment performs above-mentioned deletion action.
Preferably, in embodiments of the present invention, switching equipment can also carry out following flow process: can not preemptive type determining When MAC Address number in MAC table reaches to set numerical value, dropping packets.
In above-mentioned flow process, can not reach to set numerical value by the MAC Address number in preemptive type MAC table, this means that exchange Equipment is by the full legal MAC Address of the port study of Confucian classics receiving above-mentioned message, in this case, if switching equipment has determined that Go out the MAC Address carried in above-mentioned message not can not be in preemptive type MAC table, then, this message is just considered as MAC by switching equipment MAC Address in address extensive aggression message, no longer study message, directly carries out discard processing, thus avoids because MAC Address is general Flood causes MAC table quickly by problem that illegal MAC Address is full.
Below in conjunction with following embodiment, above-mentioned MAC address learning method is described in detail:
As illustrated in fig. 2, it is assumed that LAN include switch 201, terminal such as PC202, PC203, PC204, PC205, PC202, PC203, PC204 and PC205 is accessed under PC206 and Dynamic Host Configuration Protocol server 207, and 0/1 port of switch 201, these 4 PC all runs DHCP protocol, dynamically obtains IP address from Dynamic Host Configuration Protocol server, it is assumed that under 0/1 port PC202, PC203, PC204 and The MAC Address of PC205 is respectively as follows:
PC202:0000.0000.0001;
PC203:0000.0000.0002;
PC204:0000.0000.0003;
PC205:0000.0000.0004.
Assume under 0/1 port of switch 201 arrange MAC Address sum be 4, the most above-mentioned numerical value that sets as 4, such 0/ It is at best able on 1 port learn to 4 MAC Address, switch 201 will not be caused MAC Address extensive aggression.
Under default situations, under 0/1 port, not study, i.e. can not preemptive type MAC table and can preemptive type MAC to MAC Address Table is sky.
So, after PC202 opens machine, sent the DHCP of application IP address to Dynamic Host Configuration Protocol server 207 by switch 201 Discover message, after switch 201 receives this message, determines that the MAC Address carried in message is not can not preemptive type MAC In table, and, can not preemptive type MAC table be currently empty, at this moment, MAC Address be added to can rob as doubtful illegal MAC Address Account in formula MAC table;Assume that now the PC202 person of being hacked attacks all kinds message constantly sending MAC Address change, such as, wrap Include two layer message, IP message, ARP message, DHCP message etc..Such as start to be incremented by with MAC Address for 0000.1111.0001 All kinds message, in this case, switch 201 determines that the MAC Address carried in these messages the most can not robbed Accounting in formula MAC table, at this moment, switch 201 only forwards DHCP message therein, can not preemptive type MAC table be now empty, can seize Formula MAC table is as shown in table 1 below:
Numbering MAC Address Port
1 0000.0000.0001 0/1
2 0000.1111.0001 0/1
3 0000.1111.0002 0/1
4 0000.1111.0003 0/1
Table 1
Along with the transmission of the attack message of PC202, switch 201 can constantly be seized renewal, example by preemptive type MAC table As, switch 201 sometime can preemptive type MAC table as shown in table 2 below, now, can not seize MAC table still for sky:
Numbering MAC Address Port
1 0000.1111.0010 0/1
2 0000.1111.0011 0/1
3 0000.1111.0012 0/1
4 0000.1111.0013 0/1
Table 2
It follows that after Dynamic Host Configuration Protocol server 207 receives the DHCP Discover message that PC202 sends, pass through switch After 201 return DHCP Offer messages receive this message to PC202, PC202, by switch 201 to Dynamic Host Configuration Protocol server 207 Going out DHCP Request message, the IP address provided in application DHCP Offer message, now, switch 201 receives PC202 and sends out After the DHCP Request message gone out, being added to by the MAC Address of the PC202 relearned can be as follows in preemptive type MAC table Shown in table 3, at this moment, can not preemptive type MAC table be still empty:
Numbering MAC Address Port
1 0000.1111.0020 0/1
2 0000.1111.0021 0/1
3 0000.1111.0022 0/1
4 0000.0000.0001 0/1
Table 3
Finally, Dynamic Host Configuration Protocol server 207 sends DHCP ACK message by switch 201 to PC202, formally divides for PC202 Join IP address, at this moment, after switch 201 receives this message, i.e. think that this time monitoring PC202's and Dynamic Host Configuration Protocol server 207 is mutual Process terminates, it is believed that the MAC Address now learnt is legal MAC Address, and i.e. characterizing PC202 is legal terminal, now, and will Learn to MAC Address add to as legal MAC Address can not be in preemptive type MAC table, due to the MAC arranged under 0/1 port The sum of address is 4, therefore, need to delete the MAC Address that can learn the earliest in preemptive type MAC table, can be in preemptive type MAC table MAC Address number be updated to 3, at this moment, can not preemptive type MAC table as shown in table 4 below, can preemptive type MAC table as shown in table 5 below:
Numbering MAC Address Port
1 0000.0000.0001 0/1
Table 4
Numbering MAC Address Port
1 0000.1111.0030 0/1
2 0000.1111.0031 0/1
3 0000.1111.0032 0/1
Table 5
Owing to the MAC Address of now PC202 is can not be in preemptive type MAC table, then, switch 201 is successfully received During the message that PC202 sends, being all considered believable message, directly perform to forward operation, therefore, PC202 can normally use Network, will not be flooded by MAC Address and be affected.Further, owing to can not seizing by preemptive type MAC table, so, as long as PC202 is constantly in line states, then, PC202 can use network always.
By above-mentioned flow process it can be seen that PC202 is in the case of existing MAC Address extensive aggression, still can be normal Get IP address, can normally use network.
For other PC, such as PC203, PC204 and PC205, the execution flow process of Qi Jihou ibid, so, due to The MAC Address quantity allowing study under 0/1 port is 4, then, in the case of 4 PC the most normally get IP address, can not Preemptive type MAC table is in learns full state (as shown in table 6 below);Preemptive type MAC table is empty, so, if follow-up switch 201 Determine that the MAC Address carried in the message received is not can not preemptive type MAC table, then, the most no longer study message carries MAC Address, directly perform discard processing:
Numbering MAC Address Port
1 0000.0000.0001 0/1
2 0000.0000.0002 0/1
3 0000.0000.0003 0/1
4 0000.0000.0004 0/1
Table 6
From above-mentioned flow process it can be seen that use said method, the MAC Address that there is all kinds message in a local network is general In the case of flood is attacked, on switch each port can not keep stable by preemptive type MAC table, will not be pounded full, can not be robbed simultaneously Account for the terminal that in formula MAC table, MAC Address is corresponding and all can normally get IP address, normally use network.
Based on same inventive concept, the embodiment of the present invention additionally provides a kind of MAC address learning device, due to this device institute The principle of solution problem is similar to aforementioned MAC address learning method, and therefore the enforcement of this device may refer to the reality of preceding method Execute, repeat no more in place of repetition.
The embodiment of the present invention provides MAC address learning device, as it is shown on figure 3, specifically include:
Receiver module 301, for receiving, by the either port of described device, the report carrying MAC Address that terminal is sent Literary composition;
Determine module 302, for determining the MAC Address carried in the message that receiver module 301 receives, if presetting Can not be in preemptive type MAC table;And when being defined as no, determine and can not whether reach by the MAC Address number in preemptive type MAC table Set numerical value;And when determining not up to setting numerical value, determine whether message is DHCP message;
Here, above-mentioned can not preemptive type MAC table for storing the legal MAC that described device is learnt by each port Address;
Add module 303, for when determining that module 302 determines not up to setting numerical value, being added to by MAC Address pre- If can be in preemptive type MAC table;And after monitoring modular 305 monitors and becomes distribution of work IP address for terminal, MAC Address is made Adding to for legal MAC Address can not be in preemptive type MAC table;
Here, above-mentioned can preemptive type MAC table for store described device by each port learn doubtful illegally MAC Address, and can not preemptive type MAC table and can no more than set numerical value by the sum of MAC Address in preemptive type MAC table;
Forwarding module 304, for when determining that module 302 determines that message is DHCP message, E-Packets;
Monitoring modular 305, for when determining that module 302 determines that message is DHCP message, monitoring terminal takes with DHCP The interaction of business device.
Preferably, above-mentioned forwarding module 304, it is additionally operable to determining that module 302 determines that MAC Address is can not preemptive type Time in MAC table, E-Packet.
Preferably, said apparatus, also include:
Discard module 306, for when determining that module 302 determines that message is not DHCP message, by packet loss.
Preferably, said apparatus, also include more new module 307 and removing module 308,
Above-mentioned more new module 307, for determine module 302 determine MAC Address can not in preemptive type MAC table, and It is that terminal successfully re-rents allocated IP that monitoring modular 305 monitors Dynamic Host Configuration Protocol server in the up-to-date ageing time of MAC Address During address, according to re-renting time of allocated IP address, update up-to-date ageing time;
Above-mentioned removing module 308, for determine module 302 determine MAC Address can not in preemptive type MAC table, and Monitoring modular 305 monitors Dynamic Host Configuration Protocol server when not re-renting IP address for terminal in the up-to-date ageing time of MAC Address, deletes MAC Address.
Preferably, above-mentioned discard module 306, be additionally operable to determine that module 302 is determined can not be in preemptive type MAC table When MAC Address number reaches to set numerical value, dropping packets.
The MAC address learning method and device that the embodiment of the present invention provides, in the method, switching equipment determines that self is logical Cross the MAC Address carried in the message that the terminal that either port receives is sent, if can not preemptive type MAC table default In, be defined as no.And determine can not the MAC Address number in preemptive type MAC table when not up to setting numerical value, by MAC Address Add to and default in preemptive type MAC table, then can determine whether message is DHCP message;When being determined as, E-Packet and Monitoring terminal and the interaction of Dynamic Host Configuration Protocol server, and be after terminal becomes distribution of work IP address monitoring Dynamic Host Configuration Protocol server, will MAC Address adds to as legal MAC Address can not be in preemptive type MAC table, and can not preemptive type MAC table and can preemptive type MAC Address sum in MAC table no more than sets numerical value.
The embodiment of the present invention, without artificial binding MAC address one by one, operates more convenient, and by switching equipment The MAC Address quantity of each port limit, create distinguish message can not preemptive type MAC table and can preemptive type MAC table, come Realizing in the case of MAC Address floods, on switch, can not keep stablizing by preemptive type MAC table under each port, will not be pounded Full, ensure that the legal terminal under each port all can normally get IP address simultaneously, i.e. can normally use network.
Obviously, those skilled in the art can carry out various change and the modification essence without deviating from the present invention to the present invention God and scope.So, if these amendments of the present invention and modification belong to the scope of the claims in the present invention and equivalent technologies thereof Within, then the present invention is also intended to comprise these change and modification.

Claims (8)

1. a MAC address learning method, it is characterised in that including:
Switching equipment determines the MAC Address carried in the message that the terminal received self by either port is sent, if Preset can not in preemptive type MAC table, described can not preemptive type MAC table for storage by each port learn legal MAC Address;
If it is not, determine described can not the MAC Address number in preemptive type MAC table not up to set numerical value time, by described MAC ground Location is added to default in preemptive type MAC table, and can determine whether described message is dynamic host configuration protocol DHCP message, institute State can preemptive type MAC table for the doubtful illegal MAC Address that learnt by each port of storage, and with described can not preemptive type MAC Address sum in MAC table is not more than described setting numerical value;
When determining that described message is DHCP message, it is forwarded, and monitors the mutual mistake of described terminal and Dynamic Host Configuration Protocol server Journey, is after described terminal becomes distribution of work IP address monitoring Dynamic Host Configuration Protocol server, using described MAC Address as legal MAC Address Add to described can not be in preemptive type MAC table;
Switching equipment determine described MAC Address described can not in preemptive type MAC table time, forward described message.
2. the method for claim 1, it is characterised in that also include:
Switching equipment, when determining described message not for DHCP message, abandons described message.
3. method as claimed in claim 2, it is characterised in that also include:
If switching equipment determine described MAC Address described can not be in preemptive type MAC table, and at described MAC Address New aging monitoring in time is that described terminal successfully re-rents allocated IP address, then according to re-renting to described Dynamic Host Configuration Protocol server The time of the IP address of distribution, update described up-to-date ageing time;
If switching equipment determine described MAC Address described can not be in preemptive type MAC table, and at described MAC Address New aging monitoring in time does not re-rents IP address for described terminal to described Dynamic Host Configuration Protocol server, then delete described MAC Address.
4. method as claimed in claim 2, it is characterised in that also include:
Switching equipment determine described can not the MAC Address number in preemptive type MAC table reach to set numerical value time, abandon described report Literary composition.
5. a MAC address learning device, it is characterised in that including:
Receiver module, for receiving, by the either port of described device, the message carrying MAC Address that terminal is sent;
Determine module, for determining the MAC Address carried in the described message that described receiver module receives, if default Can not be in preemptive type MAC table;When being defined as no, determine described can not whether to reach to set by the MAC Address number in preemptive type MAC table Fixed number value;And when determining the most described setting numerical value, determine whether described message is DHCP DHCP message, described can not preemptive type MAC table for storing the legal MAC Address that described device is learnt by each port;
Add module, for described determine that module determines the most described setting numerical value time, described MAC Address is added to That presets can be in preemptive type MAC table;And be that described terminal becomes distribution of work IP address in monitoring module monitors to Dynamic Host Configuration Protocol server After, using described MAC Address as legal MAC Address add to described can not in preemptive type MAC table, described can preemptive type MAC table For storing the doubtful illegal MAC Address that described device is learnt by each port, and with described can not be in preemptive type MAC table MAC Address sum be not more than described setting numerical value;
Forwarding module, for described determine that module determines that described message is DHCP message time, forward described message;
Monitoring modular, for described determine that module determines that described message is DHCP message time, monitor described terminal with described The interaction of Dynamic Host Configuration Protocol server;
Described forwarding module, be additionally operable to described determine module determine described MAC Address described can not be in preemptive type MAC table Time, forward described message.
6. device as claimed in claim 5, it is characterised in that this device, also includes:
Discard module, for described determine module determine described message not for DHCP message time, abandon described message.
7. device as claimed in claim 6, it is characterised in that this device, also includes more new module and removing module,
Described more new module, for described determine module determine described MAC Address described can not in preemptive type MAC table, And described monitoring modular to monitor described Dynamic Host Configuration Protocol server in the up-to-date ageing time of described MAC Address be the success of described terminal When re-renting allocated IP address, according to re-renting time of allocated IP address, update described up-to-date ageing time;
Described removing module, for described determine module determine described MAC Address described can not in preemptive type MAC table, And described monitoring modular monitors described Dynamic Host Configuration Protocol server in the up-to-date ageing time of described MAC Address and does not continues for described terminal When renting IP address, delete described MAC Address.
8. device as claimed in claim 6, it is characterised in that described discard module, is additionally operable to determine that module determines described Go out described can not the MAC Address number in preemptive type MAC table when reaching to set numerical value, abandon described message.
CN201310538075.0A 2013-11-04 2013-11-04 A kind of MAC address learning method and device Active CN103595638B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201310538075.0A CN103595638B (en) 2013-11-04 2013-11-04 A kind of MAC address learning method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201310538075.0A CN103595638B (en) 2013-11-04 2013-11-04 A kind of MAC address learning method and device

Publications (2)

Publication Number Publication Date
CN103595638A CN103595638A (en) 2014-02-19
CN103595638B true CN103595638B (en) 2016-09-28

Family

ID=50085627

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201310538075.0A Active CN103595638B (en) 2013-11-04 2013-11-04 A kind of MAC address learning method and device

Country Status (1)

Country Link
CN (1) CN103595638B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106330712A (en) * 2015-06-18 2017-01-11 中兴通讯股份有限公司 MAC address learning control method and device

Families Citing this family (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106330652A (en) * 2015-06-30 2017-01-11 中兴通讯股份有限公司 Learning method and device of MAC address in virtual local area network of switch
CN107786679A (en) * 2016-08-25 2018-03-09 大连楼兰科技股份有限公司 Ensure the method and device of ARP message safeties
CN107547408B (en) * 2017-07-28 2020-08-28 新华三技术有限公司 Method and device for processing MAC address hash collision
CN107707486A (en) * 2017-10-26 2018-02-16 锐捷网络股份有限公司 A kind of message processing method and device based on openflow passages
CN110677378B (en) * 2018-07-03 2021-11-23 深圳Tcl数字技术有限公司 Control method of MAC address, intelligent terminal and storage medium
CN108712449A (en) * 2018-07-12 2018-10-26 新华三技术有限公司 Prevent the method, apparatus and electronic equipment of MAC Address extensive aggression

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1822565A (en) * 2004-10-15 2006-08-23 阿尔卡特公司 Network with MAC table overflow protection
US20070121617A1 (en) * 2005-11-29 2007-05-31 Cisco Technology, Inc. Extending sso for DHCP snooping to two box redundancy
CN101820396A (en) * 2010-05-24 2010-09-01 杭州华三通信技术有限公司 Method and device for verifying message safety
CN102694876A (en) * 2012-05-10 2012-09-26 北京星网锐捷网络技术有限公司 Method and device for determining effectiveness of learned MAC (Media Access Control) address and gateway equipment
CN103248724A (en) * 2013-04-19 2013-08-14 中国(南京)未来网络产业创新中心 SDN (Software-Defined Networking) controller-based DHCP (Dynamic Host Configuration Protocol) broadcast processing method

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1822565A (en) * 2004-10-15 2006-08-23 阿尔卡特公司 Network with MAC table overflow protection
US20070121617A1 (en) * 2005-11-29 2007-05-31 Cisco Technology, Inc. Extending sso for DHCP snooping to two box redundancy
CN101820396A (en) * 2010-05-24 2010-09-01 杭州华三通信技术有限公司 Method and device for verifying message safety
CN102694876A (en) * 2012-05-10 2012-09-26 北京星网锐捷网络技术有限公司 Method and device for determining effectiveness of learned MAC (Media Access Control) address and gateway equipment
CN103248724A (en) * 2013-04-19 2013-08-14 中国(南京)未来网络产业创新中心 SDN (Software-Defined Networking) controller-based DHCP (Dynamic Host Configuration Protocol) broadcast processing method

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
支力峰.数据链路层攻击防范技术研究.《信息安全与技术》.2012,(第6期),全文. *

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106330712A (en) * 2015-06-18 2017-01-11 中兴通讯股份有限公司 MAC address learning control method and device
CN106330712B (en) * 2015-06-18 2019-05-24 中兴通讯股份有限公司 A kind of control method and device of MAC address learning

Also Published As

Publication number Publication date
CN103595638A (en) 2014-02-19

Similar Documents

Publication Publication Date Title
CN103595638B (en) A kind of MAC address learning method and device
CN109802985B (en) Data transmission method, device, equipment and readable storage medium
KR102340683B1 (en) System and method for supporting partition-aware routing in a multi-tenant cluster environment
US9917724B2 (en) Access method and system of customer premise equipment, and broadband network gateway
KR100992968B1 (en) Network switch and method for protecting ip address conflict thereof
KR100656488B1 (en) Routing system and method for managing forward information in thereof
CN101047618B (en) Method and system for acquiring network route information
CN102165741B (en) Method for intercepting and searching host in IPV6 network
CN101764734B (en) Method for improving neighbor discovery safety in IPv6 (Internet Protocol Version 6) environment and broadband access equipment
CN106506724B (en) Method and device for distributing port blocks
CN102215158A (en) Method for realizing VRRP (Virtual Router Redundancy Protocol) flow transmission and routing equipment
WO2013055653A1 (en) Distributed ipv6 neighbor discovery for large datacenter switching systems
US20150304118A1 (en) Method for preselecting a router in an rpl network
CA2774281C (en) User access method, system, access server, and access device
CN103609089A (en) Preventing neighbor-discovery based denial of service attacks
CN105227465B (en) A kind of CPU agent method and the network equipment
Kim et al. SEATTLE: A scalable ethernet architecture for large enterprises
CN102209035B (en) Traffic forwarding method and devices
CN107465621A (en) A kind of router finds method, SDN controllers, router and network system
CN102447703B (en) A kind of heat backup method and system, CGN equipment
CN103227733B (en) A kind of topology discovery method and system
CN109150711B (en) Protection switching method, device and storage medium for point-to-multipoint two-layer multicast service
US9525646B2 (en) Method, device and computer program for selecting a router node in an LLN network
CN101217574A (en) A method and system for dynamic adjustment of network address transferring strategy
CN105610619B (en) A kind of network element managing method and apparatus

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant