CN105162794A - Method and apparatus for updating IPSEC key in appointed mode - Google Patents
Method and apparatus for updating IPSEC key in appointed mode Download PDFInfo
- Publication number
- CN105162794A CN105162794A CN201510613693.6A CN201510613693A CN105162794A CN 105162794 A CN105162794 A CN 105162794A CN 201510613693 A CN201510613693 A CN 201510613693A CN 105162794 A CN105162794 A CN 105162794A
- Authority
- CN
- China
- Prior art keywords
- ipsec
- data traffic
- tunnel
- network congestion
- dpd
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
- H04L63/061—Network architectures or network communication protocols for network security for supporting key management in a packet data network for key exchange, e.g. in peer-to-peer networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0485—Networking architectures for enhanced packet encryption processing, e.g. offloading of IPsec packet processing or efficient security association look-up
Abstract
The invention provides a method and an apparatus for updating an IPSEC key in an appointed mode. The method comprises: sending a DPD keeping-alive request message from a local terminal to an opposite terminal; when no response is made to the DPD request message, judging whether a tunnel has IPSEC data traffic, and if not, adding 1 to a DPD link status anomaly index, and disconnecting the IPSEC tunnel until the DPD link status anomaly index is n; and if the IPSEC data traffic occurs, adding 1 to a network congestion index, calculating an advanced IPSEC key updating rate q*m, and if the inequality that t is greater than T-(q*m) holds, beginning to update the IPSEC key. The method of calculating the network congestion index according to whether the tunnel has the IPSEC data traffic and calculating the advanced IPSEC key updating time according to the network congestion index realizes advanced completion of IPSEC key negotiation and thus fundamentally avoids failure in IPSEC key updating due to network congestion.
Description
Technical field
The present invention relates to technical field of the computer network, be specifically related to a kind of the IPSEC key updating method and the equipment that use stipulated form.
Background technology
Wherein for IPSEC (InternetProtocolSecurity, Internet Protocol Security) unit introduces two cover IPSEC state keepalive mechanisms, wherein a set of KEEPALIVE mode for formulating the earliest, namely local device periodically can send keepalive (keep-alive) message to opposite equip., wait for the response of opposite equip., when keepalive (keep-alive) message that local device sends some continuously is not responded, think the abnormal state of opposite equip., thus delete the tunnel of IPSEC local device and opposite equip., but there will be under heavy traffic condition keepalive (keep-alive) message frequent loss cause judge by accident situation.The reason producing above-mentioned situation is that the network equipment is preferential mainly with forwarding performance greatly, and keepalive (keep-alive) message as main frame message when flow is very large, be first dropped.Under keepalive (keep-alive) message frequent loss causes erroneous judgement situation; the problem that there will be the IPSEC tunnel vibration failure mode of continuous flash (flow of primary tunnel at short notice) occurs; in order to address this problem; revise out DPD (DigitalPre-Distortion; digital pre-distortion) detection method; namely when having IPSEC tunnel traffic and message is normal; can think that this IPSEC tunnel is exactly available; so would not send DPD probe messages; when there is no IPSEC flow, DPD probe messages will be sent.
When holding consultation in existing IPSEC tunnel, must ensure that IKE (Internetkeyexchange, the IKE) cipher code renewal time at two ends is consistent, otherwise the problem that will distance connection be there will be go offline.And specify in IPSEC agreement, IPSEC key has certain ageing, namely used the set time, will lose efficacy, such as be configured with IPSEC key 8 hours effectively, if so do not consult the IPSEC key made new advances in time, this IPSEC key can not have been used again, can only delete whole tunnel.Because packet loss appears in network congestion in IPSEC key updating process, and then constantly can re-start renewal, if upgrade the appearance that can not cause the problems referred to above not in time.
In the prior art, in order to avoid the appearance of the problems referred to above, improve by updating apparatus performance the probability that forwarding performance reduces IPSEC negotiation message dropping, ensure that IPSEC key upgrades in time, reduce the vibration of IPSEC tunnel.But updating apparatus cost is high, general user can not adopt this kind of method.
Summary of the invention
The object of this invention is to provide one and carry out detection network state according to DPD probe messages, IPSEC data traffic whether is had to carry out computing network congestion index according to tunnel again, the method of IPSEC key advancing updating time is calculated according to network congestion index, accomplish that IPSEC key agreement is fulfiled ahead of schedule, thus fundamentally avoid the IPSEC key updating failure because network congestion causes.
According to an aspect of the present invention, a kind of IPSEC key updating method of stipulated form that uses comprises the following steps:
S1, local terminal sends DPD and asks keep-alive message to opposite end, if local terminal does not receive the back message of the described DPD request message that opposite end sends, perform S2;
S2, judges whether the communication tunnel between local terminal and opposite end has IPSEC data traffic, if there is IPSEC data traffic, then performs S3;
S3, increases the weights of the network congestion exponent m of described communication tunnel, judges whether to upgrade IPSEC key according to the network congestion exponent m value after weighting.
Preferably, describedly judge whether that the step to IPSEC key upgrades is according to the m value after weighting:
According to the m value after weighting, calculate IPSEC key updating rate K=q*m in advance,
If t>T-K sets up, then IPSEC key starts to upgrade;
If t>T-K is false, then again perform S2;
Wherein, q is default coefficient pre-set time, and t is current time, and T is default IPSEC cipher code renewal time.
Preferably, the span of described q is 1 to 100.
Preferably, the value of described q is 30.
Preferably, also comprise in step s 2: if there is no IPSEC data traffic, then increase the weights of the abnormal index h of described communication tunnel; When the size increasing the abnormal index h after weights reaches disconnection index n, then disconnect described communication tunnel, when the size increasing the abnormal index h after weights do not reach disconnect index n time, then after interval time, re-execute S2, wherein said disconnection index n be greater than 1 integer.
According to another aspect of the present invention, a kind of equipment of the IPSEC key updating method of stipulated form that uses comprises:
DPD asks keep-alive message monitoring unit, for when local terminal sends DPD request keep-alive message to opposite end, monitors the back message whether receiving the described DPD request keep-alive message that opposite end sends, if not, sends the first signal to IPSEC data traffic judging unit;
Whether IPSEC data traffic judging unit, have IPSEC data traffic according to the first input tunnel, sends out secondary signal if so, to network congestion exponential count unit;
Network congestion exponent m counting unit, increases the weights of the network congestion exponent m in present communications tunnel according to secondary signal;
Judge unit update time, judge whether to upgrade IPSEC key according to the m value after weighting.
Preferably, described judgement unit update time comprises:
First module, according to the m value after weighting, calculates IPSEC key updating rate K=q*m in advance;
Second module, if t>T-K sets up, carries out IPSEC key updating;
3rd module, if when t≤T-K sets up, be sent to described IPSEC data traffic judging unit by the first signal;
Wherein, q is default coefficient pre-set time, and t is current time, and T is default IPSEC cipher code renewal time.
Preferably, the span of described q is 1 to 100.
Preferably, the value of described q is 30.
Preferably, described equipment also comprises DPD Link State abnormal index h counting unit, when the communication tunnel that described IPSEC data traffic judging unit judges not detect between local terminal and opposite end has IPSEC data traffic, increase the weights of present communications tunnel abnormal index h, and after the weights increasing present communications tunnel abnormal index h, described abnormal index is judged, when abnormal index is for reaching n, IPSEC tunnel disconnect, wherein said n be greater than 1 integer.
The present invention uses the IPSEC key updating method of stipulated form to have employed the mode of IPSEC key updating in advance, provide a longer Timing Advance so to IPSEC key updating, when there being IPSEC key updating message dropping, having the more time retransmits IPSEC key updating message, thus improve the success rate retransmitting IPSEC key updating message, avoid the IPSEC tunnel vibration because network congestion packet loss causes.
Accompanying drawing explanation
Fig. 1 is the method flow diagram of the IPSEC key updating of stipulated form used according to the invention
Fig. 2 is the equipment that the present invention uses the method for the IPSEC key updating of stipulated form
Embodiment
For making the object, technical solutions and advantages of the present invention clearly understand, below in conjunction with embodiment also with reference to accompanying drawing, the present invention is described in more detail.Should be appreciated that, these describe just exemplary, and do not really want to limit the scope of the invention.In addition, in the following description, the description to known features and technology is eliminated, to avoid unnecessarily obscuring concept of the present invention.
IPSEC tunnel comprises protocol massages and data message two kinds in the prior art, and wherein, protocol massages is by the ike message of main frame Message processing; Sa is the agreement to some key element between IPSEC peer-to-peer, and IPSEC can consult to set up sa by ike.Described ike consults to be divided into two stages when setting up sa: the first negotiation phase and the second negotiation phase; Described first negotiation phase for generating the key be encrypted described protocol massages, i.e. ikesa; Described second negotiation phase for generating the key encrypted described data message, i.e. IPSECsa, and consult to send datagram successfully at the second negotiation phase.Generate Ikesa and the IPSECsa i.e. process of key agreement.
As shown in Figure 1, the invention provides a kind of IPSEC key updating method using stipulated form, comprise the following steps:
S1, local terminal sends DPD and asks keep-alive message to opposite end, if local terminal does not receive the back message of the described DPD request message that opposite end sends, perform S2;
S2, judges whether the communication tunnel between local terminal and opposite end has IPSEC data traffic, if there is IPSEC data traffic, then performs S3;
S3, increases the weights of the network congestion exponent m of described communication tunnel, and judges whether to upgrade IPSEC key according to the network congestion exponent m after increasing weights.
In step sl; local terminal configures DPD and asks keep-alive message on tunnel; whether existing various technology is all asking keep-alive message to send without sending DPD during IPSEC data traffic, and have IPSEC data traffic all to send DPD in the present invention to ask keep-alive message.
In step sl, if when local terminal receives the back message of the described DPD request message that opposite end sends, then illustrate that IPSEC tunnel is normal, does not need to carry out IPSEC key updating in advance.
Preferably, also comprise in described step S2: if there is no IPSEC data traffic, then increase the weights of the abnormal index h of described communication tunnel; When the size increasing the abnormal index h after weights reaches disconnection index n, then disconnect described communication tunnel, when the size increasing the abnormal index h after weights does not reach disconnection index n, then after interval time, re-execute S2;
Wherein, described interval time is 5 minutes;
Wherein, described disconnection index n can be arranged according to actual needs, preferably, n be greater than 1 integer;
Wherein, the weights of the abnormal index h of the described communication tunnel of described increase are specially: on the basis of the weights of current abnormal index h, add 1.
In step s3, the weights of the network congestion exponent m of the described communication tunnel of described increase are specially: on the basis of the weights of current network congestion index m, add 1;
In step s3, describedly judge whether that carrying out renewal to IPSEC key is specially according to increasing the network congestion exponent m after weights: the rate K in advance calculating IPSEC key updating, described rate K=q*m in advance, wherein q is coefficient pre-set time; As t>T-K, then upgrade IPSEC key, as t≤T-K, perform step S2, wherein t is current time, and T is default IPSEC cipher code renewal time.
Preferably, pre-set time, coefficient q, can be arranged according to actual needs, and span is 1 to 100.
Such as; pre-set time, coefficient q was set to 30; there being continual data package dropout 10 in IPSEC data traffic situation, (namely local terminal have sent 10 DPD and asks keep-alive message; all do not receive corresponding back message); namely network congestion exponent m is 10; calculating IPSEC key updating in advance rate q*m is 300; so just need within 300 seconds, to carry out key agreement in advance; current time t is 9: 56; the IPSEC cipher code renewal time T of setting is 10 points; now meet t>T-(q*m), just think that IPSEC key needs to start now have updated.
Preferably, the initial value of above-mentioned abnormal index h and network congestion exponent m is all 0.
To sum up, the IPSEC key updating packet loss caused in order to avoid network congestion makes cipher code renewal time long, IPSEC tunnel disconnects, have employed the mode of IPSEC key updating in advance, provide a longer lead so to IPSEC key updating, when there being IPSEC key updating message dropping, having the more time retransmits IPSEC key updating message, thus improve the success rate retransmitting IPSEC key updating message, avoid the IPSEC tunnel vibration because network congestion packet loss causes.
As shown in Figure 2, the present invention uses the equipment of the method for the IPSEC key updating of stipulated form, comprising:
DPD asks keep-alive message monitoring unit, for when local terminal sends DPD request keep-alive message to opposite end, monitor the back message whether local terminal receives the described DPD request keep-alive message that opposite end sends, if not, then send the first signal to IPSEC data traffic judging unit;
Whether IPSEC data traffic judging unit, have IPSEC data traffic according to the communication tunnel between the first input local terminal and opposite end, sends out secondary signal if so, to network congestion exponent m counting unit;
Network congestion exponent m counting unit, increases the weights of the network congestion exponent m in present communications tunnel according to secondary signal;
Judge unit update time, the weights size according to the network congestion exponent m after increase weights judges whether to upgrade IPSEC key.
Judge that update time, unit comprised: the first module, according to the network congestion exponent m increased after weights, calculate IPSEC key updating rate K=q*m in advance; Second module, as t>T-K, then upgrades IPSEC key; 3rd module, as t≤T-K, is sent to described IPSEC data traffic judging unit by the first signal.Wherein, described q is for presetting coefficient pre-set time, and t is current time, and T is default IPSEC cipher code renewal time.Wherein, the span of q value is 1 to 100, preferably 30.
Wherein, described first signal detects for triggering described IPSEC data traffic judging unit; Described secondary signal is for triggering described network congestion exponent m counting unit adjustment network congestion exponent m.
Preferably, also comprise DPD Link State abnormal index h counting unit, when the communication tunnel that described IPSEC data traffic judging unit judges not detect between local terminal and opposite end has IPSEC data traffic, increase the weights of present communications tunnel abnormal index h, and after the weights increasing present communications tunnel abnormal index h, described abnormal index is judged, when abnormal index is for reaching n, IPSEC tunnel disconnect, wherein said n be greater than 1 integer.
The present invention uses DPD asks the discarding state of keep-alive message as Rule of judgment; according to computing formula of the present invention, IPSEC key agreement is fulfiled ahead of schedule, passes through the method; evade IPSEC key to after date, the phenomenon causing IPSEC negotiation key to abandon tunnel exception due to network congestion occurs.
Should be understood that, above-mentioned embodiment of the present invention only for exemplary illustration or explain principle of the present invention, and is not construed as limiting the invention.Therefore, any amendment made when without departing from the spirit and scope of the present invention, equivalent replacement, improvement etc., all should be included within protection scope of the present invention.In addition, claims of the present invention be intended to contain fall into claims scope and border or this scope and border equivalents in whole change and modification.
Claims (10)
1. use an IPSEC key updating method for stipulated form, it is characterized in that, described method comprises the steps:
S1, local terminal sends DPD and asks keep-alive message to opposite end, if local terminal does not receive the back message of the described DPD request message that opposite end sends, perform S2;
S2, judges whether the communication tunnel between local terminal and opposite end has IPSEC data traffic, if there is IPSEC data traffic, then performs S3;
S3, increases the weights of the network congestion exponent m of described communication tunnel, judges whether to upgrade IPSEC key according to the network congestion exponent m value after weighting.
2. method according to claim 1, is characterized in that, describedly judges whether that the step to IPSEC key upgrades is according to the network congestion exponent m value after weighting:
According to the m value after weighting, calculate IPSEC key updating rate K=q*m in advance,
If t>T-K sets up, then IPSEC key starts to upgrade;
If t>T-K is false, then again perform S2;
Wherein, q is default coefficient pre-set time, and t is current time, and T is default IPSEC cipher code renewal time.
3. method according to claim 2, is characterized in that, the span of described q is 1 to 100.
4. method according to claim 2, is characterized in that, the value of described q is 30.
5. method according to claim 1, is characterized in that, also comprises in step s 2: if do not have IPSEC data traffic, then increase the weights of the abnormal index h of described communication tunnel; When the size increasing the abnormal index h after weights reaches disconnection index n, then disconnect described communication tunnel, when the size increasing the abnormal index h after weights do not reach disconnect index n time, then after interval time, re-execute S2, wherein said disconnection index n be greater than 1 integer.
6. use an equipment for the IPSEC key updating method of stipulated form, it is characterized in that, comprising:
DPD asks keep-alive message monitoring unit, for when local terminal sends DPD request keep-alive message to opposite end, monitors the back message whether receiving the described DPD request keep-alive message that opposite end sends, if not, sends the first signal to IPSEC data traffic judging unit;
Whether IPSEC data traffic judging unit, have IPSEC data traffic according to the first input tunnel, sends out secondary signal if so, to network congestion exponential count unit;
Network congestion exponent m counting unit, increases the weights of the network congestion exponent m in present communications tunnel according to secondary signal;
Judge unit update time, judge whether to upgrade IPSEC key according to the m value after weighting.
7. equipment according to claim 6, described judgement unit update time comprises:
First module, according to the m value after weighting, calculates IPSEC key updating rate K=q*m in advance;
Second module, if t>T-K sets up, carries out IPSEC key updating;
3rd module, if when t≤T-K sets up, be sent to described IPSEC data traffic judging unit by the first signal;
Wherein, q is default coefficient pre-set time, and t is current time, and T is default IPSEC cipher code renewal time.
8. equipment according to claim 7, is characterized in that, the span of described q is 1 to 100.
9. equipment according to claim 8, is characterized in that, the value of described q is 30.
10. equipment according to claim 6, it is characterized in that, also comprise DPD Link State abnormal index h counting unit, when the communication tunnel that described IPSEC data traffic judging unit judges not detect between local terminal and opposite end has IPSEC data traffic, increase the weights of present communications tunnel abnormal index h, and after the weights increasing present communications tunnel abnormal index h, described abnormal index is judged, when abnormal index is for reaching n, IPSEC tunnel disconnect, wherein said n be greater than 1 integer.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510613693.6A CN105162794B (en) | 2015-09-23 | 2015-09-23 | A kind of IPSEC key updating methods and equipment using stipulated form |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510613693.6A CN105162794B (en) | 2015-09-23 | 2015-09-23 | A kind of IPSEC key updating methods and equipment using stipulated form |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN105162794A true CN105162794A (en) | 2015-12-16 |
| CN105162794B CN105162794B (en) | 2018-04-27 |
Family
ID=54803548
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510613693.6A Expired - Fee Related CN105162794B (en) | 2015-09-23 | 2015-09-23 | A kind of IPSEC key updating methods and equipment using stipulated form |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105162794B (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108199837A (en) * | 2018-01-23 | 2018-06-22 | 新华三信息安全技术有限公司 | A kind of cryptographic key negotiation method and device |
| CN108282781A (en) * | 2017-01-06 | 2018-07-13 | 中兴通讯股份有限公司 | Method, terminal and the base station of data transmission in moving process |
| CN109981272A (en) * | 2019-04-19 | 2019-07-05 | 鼎信信息科技有限责任公司 | Cryptographic key negotiation method, device, computer equipment and storage medium |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102420770A (en) * | 2011-12-27 | 2012-04-18 | 汉柏科技有限公司 | Method and equipment for negotiating internet key exchange (IKE) message |
| WO2012134789A1 (en) * | 2011-03-31 | 2012-10-04 | Motorola Solutions, Inc. | Using a dynamically-generated symmetric key to establish internet protocol security for communications between a mobile subscriber and a supporting wireless communications network |
| CN102868627A (en) * | 2012-09-24 | 2013-01-09 | 杭州华三通信技术有限公司 | Method and device for IKE (internet key exchange) coordinated congestion control |
| CN102946333A (en) * | 2012-10-31 | 2013-02-27 | 杭州华三通信技术有限公司 | DPD method and equipment based on IPsec |
| CN103259792A (en) * | 2013-04-28 | 2013-08-21 | 汉柏科技有限公司 | Method of confirming key updating time |
| JP2015027031A (en) * | 2013-07-29 | 2015-02-05 | 埼玉日本電気株式会社 | Communication system |
| CN104753950A (en) * | 2015-04-08 | 2015-07-01 | 北京汉柏科技有限公司 | Message forwarding method and system based on IPSEC (internet protocol security) tunnel double-link |
-
2015
- 2015-09-23 CN CN201510613693.6A patent/CN105162794B/en not_active Expired - Fee Related
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2012134789A1 (en) * | 2011-03-31 | 2012-10-04 | Motorola Solutions, Inc. | Using a dynamically-generated symmetric key to establish internet protocol security for communications between a mobile subscriber and a supporting wireless communications network |
| CN102420770A (en) * | 2011-12-27 | 2012-04-18 | 汉柏科技有限公司 | Method and equipment for negotiating internet key exchange (IKE) message |
| CN102868627A (en) * | 2012-09-24 | 2013-01-09 | 杭州华三通信技术有限公司 | Method and device for IKE (internet key exchange) coordinated congestion control |
| CN102946333A (en) * | 2012-10-31 | 2013-02-27 | 杭州华三通信技术有限公司 | DPD method and equipment based on IPsec |
| CN103259792A (en) * | 2013-04-28 | 2013-08-21 | 汉柏科技有限公司 | Method of confirming key updating time |
| JP2015027031A (en) * | 2013-07-29 | 2015-02-05 | 埼玉日本電気株式会社 | Communication system |
| CN104753950A (en) * | 2015-04-08 | 2015-07-01 | 北京汉柏科技有限公司 | Message forwarding method and system based on IPSEC (internet protocol security) tunnel double-link |
Non-Patent Citations (1)
| Title |
|---|
| 张勍: "Linux操作系统下网络认证密钥交换协议IKE研究", 《中国优秀硕士学位论文全文数据库 信息科技辑》 * |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108282781A (en) * | 2017-01-06 | 2018-07-13 | 中兴通讯股份有限公司 | Method, terminal and the base station of data transmission in moving process |
| CN108199837A (en) * | 2018-01-23 | 2018-06-22 | 新华三信息安全技术有限公司 | A kind of cryptographic key negotiation method and device |
| CN108199837B (en) * | 2018-01-23 | 2020-12-25 | 新华三信息安全技术有限公司 | Key negotiation method and device |
| CN109981272A (en) * | 2019-04-19 | 2019-07-05 | 鼎信信息科技有限责任公司 | Cryptographic key negotiation method, device, computer equipment and storage medium |
| CN109981272B (en) * | 2019-04-19 | 2020-05-15 | 南方电网数字电网研究院有限公司 | Key agreement method, device, computer equipment and storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN105162794B (en) | 2018-04-27 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| WO2016008344A1 (en) | Wireless connection establishing methods and wireless connection establishing apparatuses | |
| CN104092697A (en) | Anti-replaying method and device based on time | |
| WO2017066910A1 (en) | Method, device and system for determining control policy | |
| CN112583726B (en) | Flow control method and device | |
| WO2016029847A1 (en) | Methods and apparatus for switching between a wired communication and a wireless communication | |
| CN102420770A (en) | Method and equipment for negotiating internet key exchange (IKE) message | |
| CN103227777B (en) | A kind of dpd of preventing detects the method unsuccessfully causing ipsec tunnel to shake | |
| CN114095195B (en) | Method, network device, and non-transitory computer readable medium for adaptive control of secure socket layer proxy | |
| CN105162794A (en) | Method and apparatus for updating IPSEC key in appointed mode | |
| WO2017148419A1 (en) | Data transmission method and server | |
| EP3038321B1 (en) | Anti-replay method and apparatus | |
| US10122438B2 (en) | Systems, methods and devices for modifying relay operation of a wireless device | |
| CN102891850A (en) | Method for preventing parameter resetting in IPSec (IP Security) channel updating | |
| CN116094978A (en) | Information reporting method, information processing method and information processing equipment | |
| EP3456146A1 (en) | Method and system for loss mitigation during device to device communication mode switching | |
| WO2015117446A1 (en) | Method and device for sending control resource change notification message | |
| CN104104573A (en) | Method and system for controlling IPsec tunnel of network devices | |
| US10972442B1 (en) | Distributed predictive packet quantity threshold reporting | |
| CN110830421B (en) | Data transmission method and device | |
| CN111245601B (en) | Communication negotiation method and device | |
| JP6635169B2 (en) | Mobile communication system, MTC-IWF, UE, and methods thereof | |
| CN109714135B (en) | Data packet transmission method and device | |
| CN110417679B (en) | Method, device and system for avoiding bypass blocking | |
| CN104349360B (en) | Decrypt restoration methods, device, user terminal and the network equipment of failure | |
| JP6508338B2 (en) | Communication system, communication control apparatus, communication control method, and communication program |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20180427 Termination date: 20180923 |