CN103685410A - Method for unvarnished transmission of timestamp - Google Patents
Method for unvarnished transmission of timestamp Download PDFInfo
- Publication number
- CN103685410A CN103685410A CN201210348315.6A CN201210348315A CN103685410A CN 103685410 A CN103685410 A CN 103685410A CN 201210348315 A CN201210348315 A CN 201210348315A CN 103685410 A CN103685410 A CN 103685410A
- Authority
- CN
- China
- Prior art keywords
- client
- message
- layer proxy
- timestamp
- background server
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Landscapes
- Computer And Data Communications (AREA)
Abstract
The invention discloses a method for achieving unvarnished transmission of a timestamp on the basis of a network system which is formed by a client connected with a background server through the Internet and a four-layer proxy server under the condition that the system runs under an SYN Cookie/SYN Cache mechanism. The method mainly comprises the process as follows: the client sets a TCP timestamp option to be zero in transmission control protocol (TCP) connection handshake with the background server through the internet and the four-layer proxy server. Compared with the prior art, by adopting the method disclosed by the invention, the performance of the four-layer proxy server is improved, and design and achievement of supporting the timestamp option by the four-layer proxy server are simplified.
Description
Technical field
The present invention relates to network application field, particularly a kind of method of transparent transmission timestamp.
Background technology
The handshake of using when SYN(TCP/IP connects) Flood(floods) be current most popular DoS(Denial of Service attack) with DdoS(distributed denial of service attack) one of mode, this is a kind of Transmission Control Protocol defect of utilizing, send a large amount of TCP connection requests of forging, thereby make by the attack pattern of attacker's resource exhaustion (CPU at full capacity or low memory).Two kinds of mechanism of generally using that SYN Cookie/SYN Cache(defence SYN Flood attacks) mechanism can effectively be resisted SYN Flood and attack, more common in actual applications.
Under SYN Cookie/SYN Cache mechanism, after four layer proxy servers are received client SYN message, can be at once to background server, initiate request, but first and client complete the three-way handshake of TCP, and then initiate to ask to background server end.This situation can cause between client and background server directly transparent transmission of the timestamp information in four layer protocol information, but could proper communication after revising by proxy server.Information revise message when forwarding data packets in, not only can affect systematic function, has also increased the complexity of programming.In above-mentioned prior art, the basic step carried out of communicating by letter between client and background server is as follows:
PCx (is above-mentioned PC1, PC2 ...), the timestamp of stamping while being used for representing proxy server and client communication, PSx(is above-mentioned PS1, PS2 ...), be used for representing the timestamp of stamping when proxy server is communicated by letter with background server end.The timestamp that all needs to process respectively two ends when four layer proxy servers are communicated by letter with two ends such as client and background servers, the processing at two ends is independently to carry out, in all correlation step, four layer proxy servers all need processing time stamp option when E-Packeting, make like this transmission performance of system decline, system is complicated, and user requires to improve to this.
Summary of the invention
Deficiency for above-mentioned prior art, the object of the invention is to propose a kind of method of transparent transmission timestamp, make to use in the situation of SYN Cookie/SYN Cache mechanism when four layer proxy servers, needn't process TCP timestamp option, direct transparent transmission timestamp, and do not affect the transmission of follow-up data.
For achieving the above object, the method applied in the present invention is: the network system that is connected with background server and is formed by the Internet and four layer proxy servers based on client, and described system operates under SYN Cookie/SYN Cache mechanism, client is connected in handshake procedure at TCP with background server by the Internet and four layer proxy servers, and it is zero that TCP timestamp option is set.TCP timestamp option be wherein set be zero by four layer proxy servers respectively and between client and background server, carry out to message, stamping special timestamp value zero method when TCP shakes hands and realize.Further, concrete steps of the present invention are as follows:
Step 1, client is sent out SYN message to four layer proxy servers, and client is stamped client current time stamp C1 to message;
Step 6, normal data communication between client and background server.
Compared with prior art, the main distinction and effect thereof are embodiment of the present invention: improved the performance of four layer proxy servers, simplified design and realization that four layer proxy servers are supported timestamp option.
Accompanying drawing explanation
Fig. 1 is system configuration schematic diagram of the present invention;
Fig. 2 is the inventive method block diagram;
Fig. 3 is timestamp form schematic diagram of the present invention.
Embodiment
In the following description, in order to make reader understand the application better, many ins and outs have been proposed.But, persons of ordinary skill in the art may appreciate that even without these ins and outs and the many variations based on following execution mode and modification, also can realize each claim of the application technical scheme required for protection.
For making the object, technical solutions and advantages of the present invention clearer, below in conjunction with accompanying drawing, implementation step of the present invention and operation principle are described in further detail.
As shown in Figure 1, the network system that is connected with background server 104 and forms by the Internet 102 and four layer proxy servers 103 based on client 101, and described system operates under SYN Cookie/SYN Cache mechanism, the method of a kind of transparent transmission timestamp of the present invention is that client is passed through at TCP, to be connected in handshake procedure between the Internet and four layer proxy servers and background server, and it is zero that TCP timestamp option is set.TCP timestamp option be wherein set be zero by four layer proxy servers respectively and between client and background server, carry out to message, stamping special timestamp value zero method when TCP shakes hands and realize.As shown in Figure 2, further, implementation step of the present invention is as follows:
Step 1, client is sent out SYN message to four layer proxy servers, and client is stamped current time stamp C1 to message;
Step 6, normal data communication between client and background server.
The present invention is when step 2, four layer proxy servers are stamped special timestamp value 0 to message, and the timestamp response value of Transmission Control Protocol omit step 3 like this, in like manner when step 4, four layer proxy servers are stamped special timestamp value 0 to message, like this timestamp response value of Transmission Control Protocol meeting omit step 5.Like this, from step 6, four layer proxy servers are direct transparent transmission timestamp option just, makes client and background server start normal data communication.
Operation principle of the present invention is mainly RFC 1323 protocol theory realized transparent transmission TCP timestamp in conjunction with the feature of four layer proxy servers of having applied in a flexible way.
First, RFC 1323 agreements are High Performance Scalable agreements of the TCP of adjustment, improvement and optimized network speed and throughput, clear and definite regulation in RFC 1323 agreements, and when the response of timestamp is worth when invalid, it must be zero.Find with reality test after deliberation, the Transmission Control Protocol in the operating systems such as windows, linux and Freebsd is in handshake phase, if the response value of timestamp is zero, it can be treated as invalid value, thereby can not affect the proper communication of follow-up data.The present invention has abolished industry custom thoughtcast, and this protocol capabilities of applying in a flexible way under the prerequisite that does not affect follow-up data proper communication has been realized the transparent transmission of timestamp in TCP handshake phase.
Secondly, four layer proxy servers are to use four layers and the agent equipment that message processed with lower-layer protocols information (as IP address and port etc.), four layer proxies can not checked the data of application layer, only according to IP address and port information, provide agency service, equally also can not affect the proper communication of follow-up data.
As shown in Figure 3, according to RFC1323, the format content of timestamp option comprises: classification 301, length 302, timestamp field value (TSval) 303 and timestamp response value (TSecr) 304, the TSval field value that wherein TSecr field receives for echo.The inventive method available programs formula is expressed as follows:
Above-mentioned Cx (x=1,2 ...) be the timestamp that client is stamped to message, Sx (x=1,2 ...) be the timestamp that background server end is stamped to message.
Array APV serial equipment all has the function of four layer proxy servers and load balancing thereof; use the system topological example of Array APV series four layer proxy server load balancing functions as shown in Figure 1: have 3 four layer proxy servers; its IP can be respectively 10.3.1.21; 10.3.1.22; 10.3.1.23, this system can realize and support SYN Cookie/SYN Cache defencive function, support timestamp option and the load balancing that is implemented to these three four stratum server requests.
Although pass through with reference to some of the preferred embodiment of the invention, the present invention is illustrated and described, but those of ordinary skill in the art should be understood that and can do various changes to it in the form and details, and without departing from the spirit and scope of the present invention.
Claims (3)
1. the method for a transparent transmission timestamp, the network system that is connected with background server and forms by the Internet and four layer proxy servers based on client, and described system operates under SYN Cookie/SYN Cache mechanism, it is characterized in that described system realizes in TCP connection handshake procedure, it is zero that TCP timestamp option is set.
2. the method for a kind of transparent transmission timestamp according to claim 1, it is characterized in that arranging TCP timestamp option and be zero is by four layer proxy servers respectively and between client and background server, carry out when TCP shakes hands stamping special timestamp value zero to message.
3. the method for a kind of transparent transmission timestamp according to claim 1, is characterized in that the method comprises following concrete steps:
Step 1, client is sent out SYN message to four layer proxy servers, and client is stamped client current time stamp C1 to message;
Step 2, four layer proxy servers are responded SAK message to client, and four layer proxy servers are stamped special timestamp value 0 to message;
Step 3, client sends ACK bag, and client is stamped client current time stamp C2 to message, and client sends datagram subsequently;
Step 4, four layer proxy servers send SYN message to background server end, and four layer proxy servers are stamped special timestamp value 0 to message;
Step 5, background server is given four layer proxy server response SAK messages, and background server is stamped background server current time stamp S1 to message;
Step 6, normal data communication between client and background server.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210348315.6A CN103685410B (en) | 2012-09-18 | 2012-09-18 | A kind of method of transparent transmission timestamp |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210348315.6A CN103685410B (en) | 2012-09-18 | 2012-09-18 | A kind of method of transparent transmission timestamp |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN103685410A true CN103685410A (en) | 2014-03-26 |
| CN103685410B CN103685410B (en) | 2016-08-31 |
Family
ID=50321709
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201210348315.6A Active CN103685410B (en) | 2012-09-18 | 2012-09-18 | A kind of method of transparent transmission timestamp |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103685410B (en) |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1728671A (en) * | 2004-07-29 | 2006-02-01 | 株式会社Ntt都科摩 | Server device, method for controlling a server device, and method for establishing a connection using the server device |
| CN1842060A (en) * | 2005-03-29 | 2006-10-04 | 日本电气株式会社 | Session relay apparatus, session relay method and program |
| CN101035035A (en) * | 2007-04-02 | 2007-09-12 | 华为技术有限公司 | Method, device, system and communication method for detecting the host number |
| US20080209518A1 (en) * | 2007-02-28 | 2008-08-28 | Sourcefire, Inc. | Device, system and method for timestamp analysis of segments in a transmission control protocol (TCP) session |
| US7831745B1 (en) * | 2004-05-25 | 2010-11-09 | Chelsio Communications, Inc. | Scalable direct memory access using validation of host and scatter gather engine (SGE) generation indications |
| CN102377620A (en) * | 2011-12-09 | 2012-03-14 | 浙江大学 | Method for detecting broadband private connection based on open system interconnection (OSI) transmission layer timestamp |
-
2012
- 2012-09-18 CN CN201210348315.6A patent/CN103685410B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7831745B1 (en) * | 2004-05-25 | 2010-11-09 | Chelsio Communications, Inc. | Scalable direct memory access using validation of host and scatter gather engine (SGE) generation indications |
| CN1728671A (en) * | 2004-07-29 | 2006-02-01 | 株式会社Ntt都科摩 | Server device, method for controlling a server device, and method for establishing a connection using the server device |
| CN1842060A (en) * | 2005-03-29 | 2006-10-04 | 日本电气株式会社 | Session relay apparatus, session relay method and program |
| US20080209518A1 (en) * | 2007-02-28 | 2008-08-28 | Sourcefire, Inc. | Device, system and method for timestamp analysis of segments in a transmission control protocol (TCP) session |
| CN101035035A (en) * | 2007-04-02 | 2007-09-12 | 华为技术有限公司 | Method, device, system and communication method for detecting the host number |
| CN102377620A (en) * | 2011-12-09 | 2012-03-14 | 浙江大学 | Method for detecting broadband private connection based on open system interconnection (OSI) transmission layer timestamp |
Also Published As
| Publication number | Publication date |
|---|---|
| CN103685410B (en) | 2016-08-31 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| EP2974202B1 (en) | Identification of originating ip address and client port connection | |
| US9027129B1 (en) | Techniques for protecting against denial of service attacks | |
| US8965961B1 (en) | System and method of reducing latency using adaptive retransmission timeouts | |
| US7882251B2 (en) | Routing hints | |
| US8224966B2 (en) | Reproxying an unproxied connection | |
| US9491261B1 (en) | Remote messaging protocol | |
| US20050229243A1 (en) | Method and system for providing Web browsing through a firewall in a peer to peer network | |
| US10355961B2 (en) | Network traffic capture analysis | |
| WO2016077716A1 (en) | Communication sessions at a coap protocol layer | |
| US20050038906A1 (en) | Routing hints | |
| IL173157A (en) | Routing hints | |
| EP3090515A1 (en) | Communication network with load balancing functionality | |
| WO2008001247A2 (en) | A sip redirect server for managing a denial of service attack | |
| US7564848B2 (en) | Method for the establishing of connections in a communication system | |
| Simpson | TCP cookie transactions (TCPCT) | |
| US8539099B2 (en) | Method for providing on-path content distribution | |
| WO2019243890A2 (en) | Multi-port data transmission via udp | |
| US20150288763A1 (en) | Remote asymmetric tcp connection offload over rdma | |
| US7564854B2 (en) | Network architecture with a light-weight TCP stack | |
| CN110324302B (en) | IOT equipment communication method | |
| EP3414877A1 (en) | Technique for transport protocol selection and setup of a connection between a client and a server | |
| CN103685410A (en) | Method for unvarnished transmission of timestamp | |
| EP3902222A1 (en) | Dr mode protection method and device | |
| Song et al. | The throughput critical condition study for reliable multipath transport | |
| US20240152502A1 (en) | Data authentication and validation across multiple sources, interfaces, and networks |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CP01 | Change in the name or title of a patent holder |
Address after: 100125 Beijing city Chaoyang District Liangmaqiao Road No. 40 building 10 room 1001, twenty-first Century Patentee after: Beijing Huayao Technology Co., Ltd Address before: 100125 Beijing city Chaoyang District Liangmaqiao Road No. 40 building 10 room 1001, twenty-first Century Patentee before: Huayao (China) Technology Co., Ltd. |
|
| CP01 | Change in the name or title of a patent holder |