CN104506437B - A kind of item establishing method and device - Google Patents
A kind of item establishing method and device Download PDFInfo
- Publication number
- CN104506437B CN104506437B CN201410839769.2A CN201410839769A CN104506437B CN 104506437 B CN104506437 B CN 104506437B CN 201410839769 A CN201410839769 A CN 201410839769A CN 104506437 B CN104506437 B CN 104506437B
- Authority
- CN
- China
- Prior art keywords
- message
- unknown
- forwarding
- downlink
- unknown message
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Abstract
A kind of item establishing method of present invention offer and device.The method includes:When forwarding plane receives downlink message, judge whether the downlink message is unknown message;When the downlink message is unknown message, the forwarding plane is by the unknown message up sending to control plane;After control plane receives the unknown message, corresponding secure binding list item is established for the destination host of the unknown message.Therefore, the present invention can ensure that destination host normally accesses network by establishing secure binding list item.
Description
Technical field
The present invention relates to field of communication technology more particularly to a kind of item establishing methods and device.
Background technology
It is gradually taken seriously with the application and development, internet security of network.Due to ND Snooping
(Neighbor Discovery Snooping, neighbor discovery protocol message are intercepted) technology can be by intercepting Layer2 switching net
The uplink message that subscriber's main station is sent in network, such as ND protocol massages, to establish ND Snooping list items, therefore the prior art
In can carry out safeguard protection as the secure binding list item of subscriber's main station using ND Snooping list items, to prevent from illegally using
Family accesses to network by IP (Internet Protocol, net interconnection agreement) address of counterfeit validated user.
However when network forwarding equipment because exception or equipment restart cause local ND snooping list items to be lost when, by
This case possibly can not be perceived in subscriber's main station, then subscriber's main station cannot retransmit ND protocol massages, therefore the network
ND snooping list item of the forwarding unit without calligraphy learning to the subscriber's main station, causes subscriber's main station that can not access network.
Invention content
In view of this, a kind of item establishing method of present invention offer and device.
Specifically, the present invention is achieved through the following technical solutions:
A kind of item establishing method, the method are applied to network forwarding equipment, the method includes:
When forwarding plane receives downlink message, judge whether the downlink message is unknown message;
When the downlink message is unknown message, the forwarding plane is by the unknown message up sending to control plane;
After control plane receives the unknown message, corresponding secure binding is established for the destination host of the unknown message
List item.
Further, the forwarding plane judges whether the downlink message is unknown message, including:
Forwarding plane obtains the source medium access control MAC Address of the downlink message;
The source MAC of the downlink message is searched in the mac address table of itself;
If not finding, it is determined that the downlink message is unknown message.
Further, when issuing access control list ACL rule on the port of the network forwarding equipment in advance, institute
Forwarding plane is stated by the unknown message up sending to control plane, including:
The forwarding plane is searched and the unknown matched acl rule of message in the acl rule issued in advance;
According to the action defined in the acl rule being matched to, replicate the unknown message and on be sent to control plane.
Further, when the network forwarding equipment includes the forwarding chip with register, the forwarding plane will
The unknown message up sending to control plane, including:
The forwarding plane according to preset forwarding strategy in the register, replicate the unknown message and on be sent to control
Preparative layer face.
Further, the control plane is that the destination host of the unknown message establishes corresponding secure binding list item,
Including:
Obtain the virtual LAN VLAN and purpose Internet protocol IP address belonging to the unknown message;
According to the destination IP address creation Neighbor Discovery protocol massages, and by the ND protocol massages in the VLAN
In broadcasted so that the destination host of the unknown message returns to ND response messages after receiving the ND protocol massages;
According to the ND response messages that the destination host returns, the corresponding secure binding list item of the destination host is created.
A kind of list item establishes device, and described device is applied to network forwarding equipment, and described device includes:
Message judging unit, for when forwarding plane receives downlink message, judging whether the downlink message is unknown
Message;
Message up sending unit is used for when the downlink message is unknown message, by the unknown message up sending to control
Level;
List item establishes unit, for after control plane receives the unknown message, being the target master of the unknown message
Machine establishes corresponding secure binding list item.
Further, the message judging unit is specifically used for obtaining the source MAC of the downlink message, at itself
Mac address table in search the source MAC of the downlink message, if not finding, it is determined that the downlink message be it is unknown
Message.
Further, when issuing acl rule on the port of the network forwarding equipment in advance,
The message up sending unit is matched specifically for being searched in the acl rule issued in advance with the unknown message
Acl rule;According to the action defined in the acl rule being matched to, replicate the unknown message and on be sent to control plane.
Further, when the network forwarding equipment includes the forwarding chip with register,
The message up sending unit is specifically used for, according to preset forwarding strategy in the register, replicating described unknown
Message and on be sent to control plane.
Further, the list item establishes unit, is specifically used for obtaining VLAN and destination IP belonging to the unknown message
Address;It is broadcasted in the VLAN according to the destination IP address creation ND protocol massages, and by the ND protocol massages,
So that the destination host of the unknown message returns to ND response messages after receiving the ND protocol massages;According to the target master
The ND response messages that machine returns, create the corresponding secure binding list item of the destination host.
It can be seen that the present invention is by when the forwarding plane of network forwarding equipment receives downlink message, if described in judging
Downlink message is unknown message, by the control plane of the unknown message up sending to the network forwarding equipment, and by control layer
Face is that the destination host of the unknown message establishes corresponding secure binding list item, when the network forwarding equipment receives the mesh
When marking the access request that host is sent, it can determine that the destination host is validated user according to the secure binding list item, from
And the destination host is allow normally to access network in the case of no uplink message.
Description of the drawings
Fig. 1 is the network architecture diagram in a kind of illustrative embodiments of the present invention;
Fig. 2 is the process chart of the item establishing method in a kind of illustrative embodiments of the present invention;
Fig. 3 is the process chart of the network forwarding equipment in a kind of illustrative embodiments of the present invention;
Fig. 4 is that a kind of list item in a kind of illustrative embodiments of the present invention establishes the network of device and turns the hardware knot of equipment
Composition;
Fig. 5 is the building-block of logic that a kind of list item in a kind of illustrative embodiments of the present invention establishes device.
Specific implementation mode
Fig. 1 is referred to, is the network architecture diagram in a kind of illustrative embodiments of the present invention, wherein network forwarding equipment point
Network connection is not established with host 1 and host 2.It usually can be by direction of the host towards the network forwarding equipment, referred to as
" up direction ", the message transmitted in this direction can be described as " uplink message ".It is corresponding, can by the network forwarding equipment towards
The direction of host is known as " down direction ", and the message transmitted in this direction can be described as " downlink message ".Divide the work according to business different,
Usually the network forwarding equipment can be divided into control plane and forwarding plane.Processor wherein in network forwarding equipment is visual
Level in order to control, control plane are commonly used in issuing control strategy to forwarding plane by inner passage and setting with other networks
Standby interactive controlling message.Port and forwarding chip in network forwarding equipment can be considered that forwarding plane, forwarding plane are commonly used in
It is E-Packeted according to the control strategy that control plane issues.
Traditional network forwarding equipment is when forwarding plane receives the uplink message of host transmission, and triggering control plane can
Think that the host for sending the uplink message creates secure binding list item, to allow host to have secure access to network.But work as
When the secure binding list item of host 1 on the network forwarding equipment is lost, since host 1 can not perceive in most cases
This case, therefore will not actively send uplink message and carry out retriggered control plane and establish secure binding list item.When host 1 again
When secondary request accesses network, it is possible to can be by the network forwarding equipment denied access.
In the embodiment of the present invention, when the forwarding plane of network forwarding equipment receives downlink message, if judging the downlink report
Text is unknown message, is institute by the control plane of the unknown message up sending to the network forwarding equipment, and by control plane
The destination host for stating unknown message establishes corresponding secure binding list item, to allow the destination host normally to access net
Network.
Referring to FIG. 2, be the process chart of the item establishing method in a kind of illustrative embodiments of the present invention, it is described
Method is applied to network forwarding equipment, the method includes:
When step 201, forwarding plane receive downlink message, judge whether the downlink message is unknown message;
Wherein, when the forwarding plane of network forwarding equipment receives downlink message by downlink port, itself can be searched
MAC (Media Access Control, media intervene control layer) address list item judge whether the downlink message is unknown report
Text.In optional embodiment of the present invention, the forwarding plane judge the downlink message whether be unknown message process tool
Body is:The downlink message is first parsed, the source MAC of the downlink message is obtained;Then in the mac address table itself learnt
The middle source MAC for searching the downlink message;If not finding the source MAC of the downlink message, it is determined that described
Downlink message is unknown message.
The unknown message in the present embodiment can be unknown unicast message, can also be unknown multicast packets, below
Processing step unknown unicast message and unknown multicast packets are applicable in.
Step 202, when the downlink message be unknown message when, the forwarding plane will the unknown message up sending to control
Preparative layer face;
When it is unknown message to determine the downlink message, in addition to according to conventional treatment mode by the unknown message to downlink
Other than the host in direction is broadcasted, the forwarding plane can also arrive the unknown message up sending according to preset processing strategy
Control plane processing.
In optional embodiment of the present invention, the forwarding plane can lead to the unknown message up sending to control plane
Following two modes are crossed to realize.
Mode one:
ACL (Access Control List, access control row are issued on the port of the network forwarding equipment in advance
Table) rule, forwarding plane can be searched in the acl rule issued in advance and the unknown matched acl rule of message;And it presses
According to the action defined in the acl rule being matched to, replicate the unknown message and on be sent to control plane.Since acl rule is made
It is widely used on forwarding plane for the main policies of Protection of Network Security, therefore this method has good compatibility, it can
To be applied to various network forwarding equipments.
Mode two:
When the forwarding plane includes the forwarding chip with register, can also be pre-set in the register
Forwarding strategy.It, can be multiple according to preset forwarding strategy in the register when forwarding plane receives the unknown message of downlink
Make the unknown message and on send control plane.Since forwarding chip is forwarded by hardware, compared to software forward processing speed
Faster, therefore the method by sending the unknown message to control plane on forwarding chip can improve the network forwarding equipment
Treatment effeciency.
It should be noted that since the network forwarding equipment is except through the unknown message triggering control layer of the downlink
Face actively is gone to establish outside secure binding list item, also to ensure that the unknown message can be transferred on host.Carry out therefore this reality
Apply and need to replicate the unknown message in example, and it is indirect on give.
After step 203, control plane receive the unknown message, for the unknown message destination host establish it is corresponding
Secure binding list item.
After control plane receives the unknown message sent on forwarding plane, the control plane is can trigger to the unknown report
The corresponding destination host of text sends control message, by being interacted with destination host, to establish corresponding peace for the destination host
Full binding list item.
It can be seen that the present invention is by when the forwarding plane of network forwarding equipment receives downlink message, if described in judging
Downlink message is unknown message, by the control plane of the unknown message up sending to the network forwarding equipment, and by control layer
Face is that the destination host of the unknown message establishes corresponding secure binding list item, when the network forwarding equipment receives the mesh
When marking the access request that host is sent, it can determine that the destination host is validated user according to the secure binding list item, from
And the destination host is allow normally to access network in the case of no uplink message.
Since the secure binding list item can include a variety of list items, common secure binding list item is ND Snooping
List item, therefore in optional embodiment of the present invention, by taking network forwarding equipment establishes ND Snooping list items as an example, illustrate institute
It states after control plane receives unknown message, specifically establishes the process of secure binding list item.The control layer of network forwarding equipment first
Face can obtain VLAN (Virtual Local Area Network, virtual LAN) and purpose belonging to the unknown message
IP address, that is, destination host IP address;Control plane creates ND protocol massages, and the destination IP address is filled up to
Then the specific field of the ND protocol massages carries out wide in the VLAN by the ND protocol massages belonging to the unknown message
It broadcasts.After the destination host receives the ND protocol massages, confirm that the purpose IP address carried in the ND protocol massages is exactly
After the IP address of itself, ND response messages are returned to the network forwarding equipment, and with carrying the MAC Address of host itself, IP
The information such as location.The ND response messages that the control plane is returned according to the destination host, it is corresponding to create the destination host
Secure binding list item may include the information such as MAC Address, IP address, affiliated VLAN and the port numbers of host in the list item.By
ARP request can be replaced to carry out link layer address parsing in ND protocol massages, can also be screened in carrying out neighbor discovery process
Inaccessible neighbor node, screening repeat to address (RA), therefore by interacting ND protocol massages with destination host, it can be fast and accurately
Obtain the information such as MAC Address, the IP address of destination host.
To make the objectives, technical solutions, and advantages of the present invention more comprehensible, right below based on the network architecture of Fig. 1
Scheme of the present invention is described in further detail.
According to previous embodiment, when the ND snooping list items of host 1 on network forwarding equipment are lost, the network
The concrete processing procedure of forwarding unit as shown in figure 3, including:
Step 301, network forwarding equipment forwarding plane receive downlink message after, with obtaining the source MAC of the downlink message
Location;
Step 302, network forwarding equipment forwarding plane judge the downlink message source MAC whether itself
In mac address table, if so, going to step 303;If it is not, then going to step 304;
Step 303, network forwarding equipment forwarding plane forward the downlink message, and terminate;
Step 304, network forwarding equipment forwarding plane replicate and broadcast the downlink message;
Step 305, network forwarding equipment forwarding plane on send the downlink message to control plane;
VLAN and purpose IP address of the control plane belonging to the downlink message of step 306, network forwarding equipment
It creates ND protocol massages and is broadcasted in the VLAN;
Assuming that the purpose IP address of the downlink message is IP1, affiliated VLAN is VLAN1.IP1 is written the control plane
In the specific field of ND protocol massages, the ND protocol massages usually can be the DAD-NS reports for requesting host position
Text.Since host 1 and host 2 belong to VLAN1, host 1 and host 2 can be received by network forwarding equipment transmission
DAD-NS messages.Host 1 and host 2 after receiving the DAD-NS messages, can obtain its carrying IP1, then with the IP of itself
Address is matched, it is assumed that the IP address of host 1 is IP1, then illustrates that host 1 is the destination host of the unknown message.Then
Host 1 can return to ND response messages to network forwarding equipment.The ND response messages include host 1 source IP address IP1,
The information such as source MAC MAC1, inbound port P1.
After step 307, control plane receive the ND response messages of the return of host 1,1 corresponding ND of the host is created
Snooping list items.
The control plane is that the ND snooping list items that host 1 creates are as shown in table 1 below:
| Source IP address | Source MAC | Inbound port | Affiliated VALN |
| IP1 | MAC1 | P1 | VALN1 |
Table 1
So when the network forwarding equipment subsequently receives the access network request of the transmission of host 1 again, according to the request
In host 1 source IP address, source MAC, the information such as inbound port and affiliated VALN with itself preserve ND snooping tables
Item is compared, and can identify the identity of host 1, to carry out safe clearance to host 1.
It can be seen that the present invention is by when the forwarding plane of network forwarding equipment receives downlink message, if described in judging
Downlink message is unknown message, by the control plane of the unknown message up sending to the network forwarding equipment, and by control layer
Face is that the destination host of the unknown message establishes corresponding secure binding list item, when the network forwarding equipment receives the mesh
When marking the access request that host is sent, it can determine that the destination host is validated user according to the secure binding list item, from
And the destination host is allow normally to access network in the case of no uplink message.
Based on identical design, device is established the present invention also provides a kind of list item, described device can by software realization,
It can also be realized by way of hardware or software and hardware combining.For implemented in software, list item of the invention establishes device work
It is by the CPU of network forwarding equipment where it by corresponding computer journey in memory for the device on a logical meaning
Sequence instruction is run after reading.
It please refers to Fig.4 and Fig. 5, is that a kind of list item in a kind of illustrative embodiments of the present invention establishes device 400, it is described
Device is applied to network forwarding equipment, and the basic running environment of described device includes CPU, memory and other hardware, from logic
From the point of view of in level, described device 400 includes:
Message judging unit 401, for when forwarding plane receives downlink message, judging whether the downlink message is not
Know message;
Message up sending unit 402 is used for when the downlink message is unknown message, by the unknown message up sending to control
Preparative layer face;
List item establishes unit 403, for after control plane receives the unknown message, being the target of the unknown message
Host establishes corresponding secure binding list item.
Optionally, the message judging unit is specifically used for obtaining the MAC Address of the downlink message, in the MAC of itself
The source MAC of the downlink message is searched in address table, if not finding, it is determined that the downlink message is unknown message.
Optionally, when issuing acl rule on the port of the network forwarding equipment in advance, the message up sending list
Member, specifically for being searched and the unknown matched acl rule of message in the acl rule issued in advance;According to what is be matched to
Action defined in acl rule, replicate the unknown message and on be sent to control plane.
Optionally, when the network forwarding equipment includes the forwarding chip with register, the message up sending unit,
Specifically for according to preset forwarding strategy in the register, replicate the unknown message and on be sent to control plane.
Optionally, the list item establishes unit, with being specifically used for obtaining VLAN and the destination IP belonging to the unknown message
Location;It is broadcasted in the VLAN according to the destination IP address creation ND protocol massages, and by the ND protocol massages, with
The destination host of the unknown message is set to return to ND response messages after receiving the ND protocol massages;According to the destination host
The ND response messages of return create the corresponding secure binding list item of the destination host.
It can be seen that the present invention is by when the forwarding plane of network forwarding equipment receives downlink message, if described in judging
Downlink message is unknown message, by the control plane of the unknown message up sending to the network forwarding equipment, and by control layer
Face is that the destination host of the unknown message establishes corresponding secure binding list item, when the network forwarding equipment receives the mesh
When marking the access request that host is sent, it can determine that the destination host is validated user according to the secure binding list item, from
And the destination host is allow normally to access network in the case of no uplink message.
The foregoing is merely illustrative of the preferred embodiments of the present invention, is not intended to limit the invention, all essences in the present invention
With within principle, any modification, equivalent substitution, improvement and etc. done should be included within the scope of protection of the invention god.
Claims (8)
1. a kind of item establishing method, which is characterized in that the method is applied to network forwarding equipment, the method includes:
When forwarding plane receives downlink message, judge whether the downlink message is unknown message;Wherein, the forwarding plane is sentenced
Whether the downlink message that breaks is unknown message, including:Forwarding plane obtains the source medium access control MAC of the downlink message
Address;The source MAC of the downlink message is searched in the mac address table of itself;If not finding, it is determined that the downlink
Message is unknown message;
When the downlink message is unknown message, the forwarding plane is by the unknown message up sending to control plane;
After control plane receives the unknown message, corresponding safety related table is established for the destination host of the unknown message
.
2. according to the method described in claim 1, it is characterized in that, ought be issued on the port of the network forwarding equipment in advance
When access control list ACL rule, the forwarding plane by the unknown message up sending to control plane, including:
The forwarding plane is searched and the unknown matched acl rule of message in the acl rule issued in advance;
According to the action defined in the acl rule being matched to, replicate the unknown message and on be sent to control plane.
3. according to the method described in claim 1, it is characterized in that, when the network forwarding equipment includes having turning for register
Send out chip when, the forwarding plane by the unknown message up sending to control plane, including:
The forwarding plane according to preset forwarding strategy in the register, replicate the unknown message and on be sent to control layer
Face.
4. according to the method described in claim 1, it is characterized in that, the control plane is the destination host of the unknown message
Corresponding secure binding list item is established, including:
Obtain the virtual LAN VLAN and purpose Internet protocol IP address belonging to the unknown message;
According to the destination IP address creation Neighbor Discovery protocol massages, and by the ND protocol massages in the VLAN into
Row broadcast, so that the destination host of the unknown message returns to ND response messages after receiving the ND protocol massages;
According to the ND response messages that the destination host returns, the corresponding secure binding list item of the destination host is created.
5. a kind of list item establishes device, which is characterized in that described device is applied to network forwarding equipment, and described device includes:
Message judging unit, for when forwarding plane receives downlink message, judging whether the downlink message is unknown message;
Wherein, the message judging unit is specifically used for obtaining the source MAC of the downlink message, in the mac address table of itself
The source MAC of the downlink message is searched, if not finding, it is determined that the downlink message is unknown message;
Message up sending unit is used for when the downlink message is unknown message, by the unknown message up sending to control plane;
List item establishes unit, for after control plane receives the unknown message, being built for the destination host of the unknown message
Found corresponding secure binding list item.
6. device according to claim 5, which is characterized in that issued on the port of the network forwarding equipment when in advance
When acl rule,
The message up sending unit, specifically for being searched and the unknown matched ACL of message in the acl rule issued in advance
Rule;According to the action defined in the acl rule being matched to, replicate the unknown message and on be sent to control plane.
7. device according to claim 5, which is characterized in that when the network forwarding equipment includes having turning for register
When sending out chip,
The message up sending unit is specifically used for, according to preset forwarding strategy in the register, replicating the unknown message
Control plane is sent on and.
8. device according to claim 5, which is characterized in that the list item establishes unit, is specifically used for described in acquisition not
Know the VLAN and purpose IP address belonging to message;According to the destination IP address creation ND protocol massages, and by the ND agreements
Message is broadcasted in the VLAN, so that the destination host of the unknown message returns after receiving the ND protocol massages
ND response messages;According to the ND response messages that the destination host returns, the corresponding safety related table of the destination host is created
.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410839769.2A CN104506437B (en) | 2014-12-29 | 2014-12-29 | A kind of item establishing method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410839769.2A CN104506437B (en) | 2014-12-29 | 2014-12-29 | A kind of item establishing method and device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN104506437A CN104506437A (en) | 2015-04-08 |
| CN104506437B true CN104506437B (en) | 2018-08-24 |
Family
ID=52948152
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410839769.2A Active CN104506437B (en) | 2014-12-29 | 2014-12-29 | A kind of item establishing method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104506437B (en) |
Families Citing this family (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104836744B (en) * | 2015-05-29 | 2018-06-12 | 新华三技术有限公司 | A kind of message processing method and device |
| CN107317740A (en) * | 2017-08-01 | 2017-11-03 | 京信通信系统(中国)有限公司 | A kind of processing method and processing device of data message |
| CN111327543A (en) * | 2018-12-14 | 2020-06-23 | 中兴通讯股份有限公司 | Message forwarding method and device, storage medium and electronic device |
| CN111083049B (en) * | 2019-12-13 | 2024-02-27 | 迈普通信技术股份有限公司 | User table item recovery method and device, electronic equipment and storage medium |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101022394A (en) * | 2007-04-06 | 2007-08-22 | 杭州华为三康技术有限公司 | Method for realizing virtual local network aggregating method and converging exchanger |
| CN101431428A (en) * | 2007-11-09 | 2009-05-13 | 中国电信股份有限公司 | Security monitoring service recovery method and system |
| CN101552677A (en) * | 2009-05-12 | 2009-10-07 | 杭州华三通信技术有限公司 | Processing method and exchange equipment for address detected message |
| CN101582888A (en) * | 2009-06-01 | 2009-11-18 | 杭州华三通信技术有限公司 | Method for creating neighbor discovery table item and server |
| CN101909007A (en) * | 2010-07-29 | 2010-12-08 | 福建星网锐捷网络有限公司 | Production method, device and network equipment of binding table |
| CN103795633A (en) * | 2012-10-31 | 2014-05-14 | 中兴通讯股份有限公司 | Layer-2 forwarding method and forwarding equipment |
-
2014
- 2014-12-29 CN CN201410839769.2A patent/CN104506437B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101022394A (en) * | 2007-04-06 | 2007-08-22 | 杭州华为三康技术有限公司 | Method for realizing virtual local network aggregating method and converging exchanger |
| CN101431428A (en) * | 2007-11-09 | 2009-05-13 | 中国电信股份有限公司 | Security monitoring service recovery method and system |
| CN101552677A (en) * | 2009-05-12 | 2009-10-07 | 杭州华三通信技术有限公司 | Processing method and exchange equipment for address detected message |
| CN101582888A (en) * | 2009-06-01 | 2009-11-18 | 杭州华三通信技术有限公司 | Method for creating neighbor discovery table item and server |
| CN101909007A (en) * | 2010-07-29 | 2010-12-08 | 福建星网锐捷网络有限公司 | Production method, device and network equipment of binding table |
| CN103795633A (en) * | 2012-10-31 | 2014-05-14 | 中兴通讯股份有限公司 | Layer-2 forwarding method and forwarding equipment |
Also Published As
| Publication number | Publication date |
|---|---|
| CN104506437A (en) | 2015-04-08 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10237230B2 (en) | Method and system for inspecting network traffic between end points of a zone | |
| CN107332812B (en) | Method and device for realizing network access control | |
| RU2357281C2 (en) | Virtual broadcasting network for inter-domain connection | |
| US8189580B2 (en) | Method for blocking host in IPv6 network | |
| US10931580B2 (en) | Packet processing method and network device | |
| US10348692B2 (en) | Method and apparatus for anonymous access and control of a service node | |
| US9560016B2 (en) | Supporting IP address overlapping among different virtual networks | |
| EP3282649B1 (en) | Data packet forwarding | |
| CN103118149B (en) | Communication control method between same tenant's server and the network equipment | |
| CN106559292A (en) | A kind of broad band access method and device | |
| CN104506437B (en) | A kind of item establishing method and device | |
| JP6633775B2 (en) | Packet transmission | |
| CN101674306B (en) | Address resolution protocol message processing method and switch | |
| WO2019137355A1 (en) | Method and device for transmitting data, and network system | |
| US20160065380A1 (en) | Message processing | |
| CN112134776A (en) | Method for generating multicast forwarding table item and access gateway | |
| CN102546308B (en) | The method and system of neighbor uni-cast agency is realized based on duplicate address detection | |
| US11606333B1 (en) | Synchronizing dynamic host configuration protocol snoop information | |
| CN104683500B (en) | A kind of safe list item generation method and device | |
| CN102546663A (en) | Method and device for preventing duplication address detection attack | |
| WO2017036384A1 (en) | Provider edge device and data forwarding method | |
| US20140092902A1 (en) | Method for processing multicast group, dci router and system | |
| TW201806360A (en) | IPv6 networking system for controlling Internet of Things equipment capable of preventing DoS attacks initiated by malicious devices, and improving gateway safety and stability | |
| Song et al. | A novel frame switching model based on virtual MAC in SDN | |
| Kang et al. | ARP modification for prevention of IP spoofing |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| CB02 | Change of applicant information | ||
| CB02 | Change of applicant information |
Address after: 310052 Binjiang District Changhe Road, Zhejiang, China, No. 466, No. Applicant after: Xinhua three Technology Co., Ltd. Address before: 310052 Binjiang District Changhe Road, Zhejiang, China, No. 466, No. Applicant before: Huasan Communication Technology Co., Ltd. |
|
| GR01 | Patent grant | ||
| GR01 | Patent grant |