Detailed Description
In order to explain technical contents, achieved objects, and effects of the present invention in detail, the following description is made with reference to the accompanying drawings in combination with the embodiments.
The most key concept of the invention is as follows: the mapping table is arranged at the EOC local side, the IP address of the EOC terminal is established to be associated with the MAC addresses of all the user terminals connected with the EOC terminal, and when a certain user terminal is in failure or becomes an attack source under the condition that the failure or the abnormal condition occurs, the EOC terminal of which IP the attack source is positioned under can be quickly and accurately positioned through the MAC address of the user terminal.
Referring to fig. 2, a method for locating a fault terminal provided by the present invention includes:
the EOC local side is provided with a mapping table, the mapping table stores a plurality of list units, the list units comprise IP addresses of EOC terminals connected with the EOC local side and MAC addresses of all user terminals connected with the EOC terminals, and the IP addresses are associated with the MAC addresses;
the EOC local side acquires a first MAC address of a user terminal with a fault;
and inquiring the mapping table according to the first MAC address to obtain a first IP address corresponding to the first MAC address of the user terminal with the fault, and confirming the EOC terminal with the fault.
From the above description, the beneficial effects of the present invention are: the method for positioning the fault terminal provided by the invention is characterized in that a mapping table is arranged at an EOC local side, a plurality of list units are stored in the mapping table, each list unit comprises an IP address of the EOC terminal connected with the EOC local side and MAC addresses of all user terminals connected with the EOC terminal, the IP addresses are associated with the MAC addresses, when a certain user terminal is in fault or becomes an attack source under the condition that the attack source is positioned under the EOC terminal of which IP through the MAC address of the user terminal, the position of the poisoned MAC address can be found out, and the attack source can be effectively isolated in a mode of remotely managing the EOC terminal so as to ensure that other terminals in a network can work normally.
Further, before acquiring the first MAC address of the failed ue, the EOC central office further includes:
an EOC local side receives a fault terminal positioning request sent by a client side;
and analyzing the fault terminal positioning request to obtain a fault terminal positioning query instruction.
As can be seen from the above description, when the system identifies that a faulty terminal exists, the system notifies the client, and the client sends a request to the EOC office, so that the EOC office initiates a query step only when receiving the request sent by the client, and does not need to query or update related information in real time, thereby effectively improving the effective utilization rate of system resources.
Further, the EOC local side comprises a management module and a positioning module;
the method comprises the steps that a management module receives a fault terminal positioning request sent by a client, analyzes the fault terminal positioning request to obtain a fault terminal positioning query instruction, obtains a first MAC address of a user terminal with a fault, and forwards the fault terminal positioning query instruction and the first MAC address to a positioning module;
the positioning module receives a fault terminal positioning query instruction and a first MAC address, queries a mapping table according to the first MAC address, obtains a first IP address corresponding to the first MAC address of the fault user terminal, and confirms the fault EOC terminal; the mapping table is arranged on the positioning module.
As can be seen from the above description, in the embodiment, the EOC central office is composed of a management module and a positioning module, and the management module is responsible for receiving and analyzing the request, and acquiring the first MAC address of the failed ue; and the positioning module is responsible for inquiring the mapping table and confirming the EOC terminal with the fault.
Further, the method also comprises the following steps: updating a mapping table at a preset time interval; the updating step includes:
the EOC terminal is provided with an agent module and an information module, the information module stores terminal management information, and the terminal management information comprises MAC addresses of all user terminals connected with each EOC terminal in a downward mode;
and when the agent module receives the updating instruction sent by the positioning module, the agent module acquires the data currently stored in the terminal management information of the information module and sends the data to the positioning module.
According to the description, the terminal management information of the information module is updated at a certain time interval, and real-time updating is not needed, so that system resources do not need to be occupied in real time, the effective utilization rate of the system can be improved, and the time interval can be set optionally according to actual application scenes. The information module can be a database in an actual implementation mode, is arranged in the memory, and is additionally provided with the agent module as a transfer station, so that the operation pressure of the server can be effectively reduced, and the data processing efficiency is improved.
Further, if the state of the user terminal is an online state, adding the user terminal in the online state to the terminal management information; and if the state of the user terminal is the off-line state, deleting the user terminal in the off-line state from the terminal management information.
As can be seen from the above description, the terminal management information is only used to manage the online terminal, and if the ue is offline, no influence is caused to other terminals, so that although each ue is physically connected to the EOC terminal, only the online ue is managed during management, and thus the data processing capability and response efficiency can be further improved.
Referring to fig. 3, the present invention further provides a system for locating a fault terminal, including: the device comprises a setting module 1, an obtaining module 2 and a confirming module 3;
the setting module 1 is configured to set a mapping table for an EOC local side, where the mapping table stores a plurality of list units, where each list unit includes an IP address of an EOC terminal connected to the EOC local side and MAC addresses of all user terminals connected to the EOC terminal, and the IP addresses are associated with the MAC addresses;
the obtaining module 2 is configured to obtain, by the EOC central office, a first MAC address of the failed user terminal;
and the confirming module 3 is configured to query the mapping table according to the first MAC address, obtain a first IP address corresponding to the first MAC address of the failed user terminal, and confirm the failed EOC terminal.
The positioning system of the fault terminal provided by the invention is characterized in that a mapping table is arranged at an EOC local side, a plurality of list units are stored in the mapping table, each list unit comprises an IP address of the EOC terminal connected with the EOC local side and MAC addresses of all user terminals connected with the EOC terminal, the IP addresses are associated with the MAC addresses, when a certain user terminal is in fault or becomes an attack source under the condition that the attack source is positioned under the EOC terminal of which IP through the MAC address of the user terminal, the position of the poisoned MAC address can be found out, and the attack source can be effectively isolated through a remote EOC terminal management mode so as to ensure that other terminals in a network can work normally.
The system further comprises a receiving module, which is used for receiving a fault terminal positioning request sent by the client by the EOC local side; and analyzing the fault terminal positioning request to obtain a fault terminal positioning query instruction.
As can be seen from the above description, when the system identifies that a faulty terminal exists, the system notifies the client, and the client sends a request to the EOC office, so that the EOC office initiates a query step only when receiving the request sent by the client, and does not need to query or update related information in real time, thereby effectively improving the effective utilization rate of system resources.
Further, the EOC local side comprises a management module and a positioning module;
the management module is used for receiving a fault terminal positioning request sent by a client, analyzing the fault terminal positioning request, obtaining a fault terminal positioning query instruction, obtaining a first MAC address of a user terminal with a fault, and forwarding the fault terminal positioning query instruction and the first MAC address to the positioning module;
the positioning module is used for receiving a fault terminal positioning query instruction and a first MAC address, querying a mapping table according to the first MAC address, obtaining a first IP address corresponding to the first MAC address of the fault user terminal, and confirming the fault EOC terminal; the mapping table is arranged on the positioning module.
As can be seen from the above description, in the embodiment, the EOC central office is composed of a management module and a positioning module, and the management module is responsible for receiving and analyzing the request, and acquiring the first MAC address of the failed ue; and the positioning module is responsible for inquiring the mapping table and confirming the EOC terminal with the fault.
Further, the device also comprises an updating module used for updating the mapping table at a preset time interval; the updating step includes:
the EOC terminal is provided with an agent module and an information module, the information module stores terminal management information, and the terminal management information comprises MAC addresses of all user terminals connected with each EOC terminal in a downward mode;
and when the agent module receives the updating instruction sent by the positioning module, the agent module acquires the data currently stored in the terminal management information of the information module and sends the data to the positioning module.
According to the description, the terminal management information of the information module is updated at a certain time interval, and real-time updating is not needed, so that system resources do not need to be occupied in real time, the effective utilization rate of the system can be improved, and the time interval can be set optionally according to actual application scenes. The information module can be a database in an actual implementation mode, is arranged in the memory, and is additionally provided with the agent module as a transfer station, so that the operation pressure of the server can be effectively reduced, and the data processing efficiency is improved.
Furthermore, the system also comprises an adding module and a deleting module;
the adding module is used for adding the user terminal in the online state into the terminal management information if the state of the user terminal is in the online state;
and the deleting module is used for deleting the user terminal in the offline state from the terminal management information if the state of the user terminal is in the offline state.
As can be seen from the above description, the terminal management information is only used to manage the online terminal, and if the ue is offline, no influence is caused to other terminals, so that although each ue is physically connected to the EOC terminal, only the online ue is managed during management, and thus the data processing capability and response efficiency can be further improved.
Referring to fig. 2 to 6, a first embodiment of the present invention is:
referring to fig. 4 in conjunction with fig. 5 and 6, fig. 6 is a schematic diagram illustrating the EOC system 1 of fig. 5, and it should be understood that each of the EOC system 1 through EOC system n of fig. 5 includes the description of fig. 6.
In this embodiment, a user terminal a hung under an EOC terminal 1 in an EOC system 1 continuously sends a malicious attack message due to poisoning, so that the whole network is paralyzed, a network administrator knows that the MAC address of an attack source is Ua through a traffic monitoring technology on an OLT device, and now needs to quickly find out which EOC terminal the Ua is hung under through the method and the system for quickly and accurately positioning a fault terminal provided by the present invention, and then remotely manage and operate the EOC terminal, so as to implement isolation of the attack source.
In this embodiment, the management module and the positioning module run on the management server, and the agent module and the information module run on each EOC terminal.
In this embodiment, the method for quickly and accurately positioning a fault terminal of the present invention includes the following steps:
step 201: and the server (management module) sends a MAC positioning command, and the MAC address is Ua.
Step 202: after receiving the positioning command, the positioning module analyzes the positioning command to obtain an MAC address (Ua) to be positioned, and then sends a terminal management information query command to the agent module, wherein the terminal management information to be queried comprises the MAC address of the user terminal and the IP of the EOC terminal connected to the user terminal.
Step 203: and after receiving the query command, the agent module reads the terminal management information in the information module.
In this embodiment, each EOC terminal maintains its own information module, and the information module stores a MAC list of the user terminal that is under-hung by the EOC terminal.
The content of the information module of the EOC terminal 1 is shown in the following table 1:
off-hook user terminal MAC
|
Ua
|
.. (omitting other user terminals MAC here)
|
Ud |
TABLE 1
The information modules of other EOC terminals are the same as the EOC terminal 1, and are not described herein again.
Step 204: and the information module feeds back the terminal management information to the agent module according to the query rule of the agent module.
Step 205: and after acquiring the management information of the terminal from the information module, the agent module feeds back the query result to the positioning module.
In this embodiment, the query result finally obtained by the location module is shown in table 2 below:
off-hook user terminal MAC
|
IP of upper connection EOC terminal
|
Ua
|
E1
|
.. (omitting other user terminals MAC here)
|
E1
|
Ud
|
E1
|
Ue
|
E2
|
.. (omitting other user terminals MAC here)
|
E2
|
Uj
|
E2
|
.. (omitting other user terminals MAC here)
|
... (other EOC terminals IP omitted here) |
TABLE 2
Step 206: and taking the positioning MAC as an index, finding the IP of the corresponding uplink device from the query result, and feeding back the IP to the management module.
In this embodiment, the address Ua of the location MAC is used as an index, and the corresponding IP of the connected device is obtained from the query result as E1.
Step 207: and feeding back the MAC positioning result to the management module.
In this embodiment, the connected device IP whose localization result is the attack source is E1. The network administrator can know that the attack source is under the EOC terminal with IP E1, and then can isolate the attack source by means of the EOC terminal remotely.
In summary, the method and system for locating a faulty terminal provided by the present invention are implemented by setting a mapping table at an EOC local side, where the mapping table stores a plurality of list units, where each list unit includes an IP address of an EOC terminal connected to the EOC local side and MAC addresses of all user terminals connected to the EOC terminal, and the IP addresses are associated with the MAC addresses, when a fault or an abnormal condition occurs in a certain user terminal and becomes an attack source, the location of the poisoned MAC address can be found out by quickly and accurately locating the attack source under which IP EOC terminal the attack source is located through the MAC address of the user terminal, and the attack source can be effectively isolated by remotely managing the EOC terminal, so as to ensure that other terminals in a network can work normally, and without adopting a physical terminal removal manner, there is no performance impact on terminal hardware.
The above description is only an embodiment of the present invention, and not intended to limit the scope of the present invention, and all equivalent changes made by using the contents of the present specification and the drawings, or applied directly or indirectly to the related technical fields, are included in the scope of the present invention.