CN107888563A - A kind of determination method and apparatus of terminal access position - Google Patents
A kind of determination method and apparatus of terminal access position Download PDFInfo
- Publication number
- CN107888563A CN107888563A CN201710966470.7A CN201710966470A CN107888563A CN 107888563 A CN107888563 A CN 107888563A CN 201710966470 A CN201710966470 A CN 201710966470A CN 107888563 A CN107888563 A CN 107888563A
- Authority
- CN
- China
- Prior art keywords
- access
- port
- switch
- terminal
- mac
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 65
- 230000015654 memory Effects 0.000 claims description 36
- 238000003860 storage Methods 0.000 claims description 31
- 238000004590 computer program Methods 0.000 claims description 21
- 238000004364 calculation method Methods 0.000 claims description 6
- 230000008859 change Effects 0.000 abstract description 9
- 230000008447 perception Effects 0.000 abstract description 6
- 230000000875 corresponding effect Effects 0.000 description 38
- 230000006870 function Effects 0.000 description 12
- 230000000694 effects Effects 0.000 description 5
- 238000012545 processing Methods 0.000 description 4
- 238000004891 communication Methods 0.000 description 3
- 238000010586 diagram Methods 0.000 description 3
- 238000005516 engineering process Methods 0.000 description 3
- 238000004422 calculation algorithm Methods 0.000 description 2
- 238000013461 design Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 239000013307 optical fiber Substances 0.000 description 2
- 230000004083 survival effect Effects 0.000 description 2
- 230000001360 synchronised effect Effects 0.000 description 2
- 230000009471 action Effects 0.000 description 1
- 230000006399 behavior Effects 0.000 description 1
- 238000012790 confirmation Methods 0.000 description 1
- 230000004069 differentiation Effects 0.000 description 1
- 235000013399 edible fruits Nutrition 0.000 description 1
- 230000002708 enhancing effect Effects 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 238000007689 inspection Methods 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 230000014759 maintenance of location Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000002265 prevention Effects 0.000 description 1
- 238000004549 pulsed laser deposition Methods 0.000 description 1
- 239000007787 solid Substances 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 238000012360 testing method Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements, protocols or services for addressing or naming
- H04L61/09—Mapping addresses
- H04L61/10—Mapping addresses of different types
- H04L61/103—Mapping addresses of different types across network layers, e.g. resolution of network layer into physical layer addresses or address resolution protocol [ARP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements, protocols or services for addressing or naming
- H04L61/09—Mapping addresses
- H04L61/25—Mapping addresses of the same type
- H04L61/2503—Translation of Internet protocol [IP] addresses
- H04L61/255—Maintenance or indexing of mapping tables
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2101/00—Indexing scheme associated with group H04L61/00
- H04L2101/60—Types of network addresses
- H04L2101/618—Details of network addresses
- H04L2101/622—Layer-2 addresses, e.g. medium access control [MAC] addresses
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Power Engineering (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The invention discloses a kind of determination method and apparatus of terminal access position, including:IP tables, MAC table and the ARP table of core switch are scanned, determines the IP MAC corresponding relations and port mac corresponding relation of core switch;Circulation obtains the MAC table of all access switch and matches the ARP table of access switch, determines the annexation of the port of all terminal devices and access switch;The true on-position of all terminal devices is determined according to the Link State of the port of access switch.The determination method and apparatus of terminal access position proposed by the present invention can be directed to different terminal equipment or different types of terminal device carries out the determination of terminal access position, improve location accuracy, reduce manual work amount, and can further the dynamic change of perception terminal equipment connecting relation and in violation of rules and regulations access equipment alarm and disabled ports.
Description
Technical field
The present invention relates to computer realm, more specifically, particularly relating to the determination method and dress of a kind of terminal access position
Put.
Background technology
During current IT application in enterprise, the safety and stablization of enterprise network are the most important things.Network is information
Change the basis built, be the carrying of the core competitiveness of enterprise, substantial amounts of data and business are included in network, if by broken
It is bad, change, leakage, caused by consequence it is very serious.In the prior art using the generation of many measures prevention the above situation, including
802.1x accesses are used during terminal accesses;Ensure the legitimacy of access using port access;Further through strict inspection
The compliance of terminal is surveyed with legal resource of access enterprise etc..But the basis of everything is the connection of terminal and interchanger
The correct identification of relation, only clearly knows the on-position of terminal, can just accomplish it is active trace back, accomplish it is very clear, still
The confirmation of on-position is manually completed by network manager at present, can not accomplish accurate automatic identification.
The problem of automatic and accurate identifies is unable to for the on-position of terminal in the prior art, there has been no effective solution at present
Certainly scheme.
The content of the invention
In view of this, the purpose of the embodiment of the present invention is the determination method and apparatus for proposing a kind of terminal access position,
Different terminal equipment or different types of terminal device can be directed to and carry out terminal access position determination, improve location accuracy,
Reduce manual work amount, and can further the dynamic change of perception terminal equipment connecting relation and to violation access set
Standby alarm and disabled ports.
Based on above-mentioned purpose, the one side of the embodiment of the present invention provides a kind of determination method of terminal access position, bag
Include following steps:
IP tables, MAC table and the ARP table of core switch are scanned, determines IP-MAC corresponding relations and the end of core switch
Mouth-MAC corresponding relations;
Circulation obtains the MAC table of all access switch and matches the ARP table of access switch, determines all terminal devices
With the annexation of the port of access switch;
The true on-position of all terminal devices is determined according to the Link State of the port of access switch.
In some embodiments, IP tables, MAC table and the ARP table of core switch are scanned, determines core switch
IP-MAC corresponding relations include with port-MAC corresponding relations:
Scan the IP tables of core switch and determine IP scopes;
Active scan IP scopes and the MAC table and ARP table for updating core switch;
Scan the ARP table of core switch and determine IP-MAC corresponding relations;
Scan the MAC table of core switch and determine port-MAC corresponding relations.
In some embodiments, circulation obtains the MAC table of all access switch and matches the ARP of access switch
Table, determining the annexation of the port of all terminal devices and access switch includes:
Circulation obtains the MAC table of all access switch and updates port-MAC corresponding relations;
The ARP table of port-MAC corresponding relations and access switch is matched, obtains the IP- ports of all terminal devices
Corresponding relation, and as all terminal devices and the annexation of the port of access switch.
In some embodiments, the true of all terminal devices is determined according to the Link State of the port of access switch
On-position includes:
The Link State for determining each port of access switch is Access or Trunk;
The port that Link State is Access is defined as to the true on-position of counterpart terminal equipment;
The port that Link State is Trunk is defined as the doubtful on-position of counterpart terminal equipment, and further scanned
The access switch that Trunk ports are directly connected to is to determine the true on-position of counterpart terminal equipment.
In some embodiments, core switch and all access switch open SNMP (Simple Network
Management Protocol, Simple Network Management Protocol) service.
In some embodiments, terminal device is single device or the hub for being connected to multiple devices simultaneously.
The another aspect of the embodiment of the present invention, a kind of determining device of terminal access position is additionally provided, has been used above-mentioned
Method.
The another aspect of the embodiment of the present invention, additionally provide a kind of computer equipment, including memory, at least one processing
Device and storage perform above-mentioned on a memory and the computer program that can run on a processor, during computing device program
Method.
The another aspect of the embodiment of the present invention, a kind of computer-readable recording medium is additionally provided, it is described computer-readable
Storage medium is stored with computer program, and the computer program performs above-mentioned method when being executed by processor.
The another aspect of the embodiment of the present invention, additionally provide a kind of computer program product, the computer program product
Including the calculation procedure being stored on computer-readable recording medium, the calculation procedure includes instruction, when the instruction is counted
When calculation machine performs, the computer is set to perform the above method.
The present invention has following advantageous effects:The determination method of terminal access position provided in an embodiment of the present invention with
Device, by determining the IP-MAC corresponding relations of the core switch and port-MAC corresponding relations, determining that all terminals are set
The annexation of the standby port with access switch and the true on-position for determining all terminal devices, it can be directed to not
Terminal access position determination is carried out with terminal device or different types of terminal device, location accuracy is improved, reduces manual work
Measure, and can further the dynamic change of perception terminal equipment connecting relation and to violation access equipment alarm and taboo
Use port.
Brief description of the drawings
In order to illustrate more clearly about the embodiment of the present invention or technical scheme of the prior art, below will be to needed for embodiment
The accompanying drawing to be used is briefly described, it should be apparent that, drawings in the following description are only some embodiments of the present invention,
For those of ordinary skill in the art, on the premise of not paying creative work, can also be obtained according to these accompanying drawings
Other accompanying drawings.
Fig. 1 is the schematic flow sheet of one embodiment of the determination method of terminal access position provided by the invention;
Fig. 2 is the schematic flow sheet of second embodiment of the determination method of terminal access position provided by the invention;
Fig. 3 is that the network architecture of second embodiment of the determination method of terminal access position provided by the invention shows
It is intended to;
Fig. 4 is an implementation of the computer equipment of the determination method provided by the invention for performing the terminal access position
The hardware architecture diagram of example.
Embodiment
For the object, technical solutions and advantages of the present invention are more clearly understood, below in conjunction with specific embodiment, and reference
Accompanying drawing, the embodiment of the present invention is further described.
It should be noted that all statements for using " first " and " second " are for differentiation two in the embodiment of the present invention
The non-equal entity of individual same names or non-equal parameter, it is seen that " first " " second " should not only for the convenience of statement
The restriction to the embodiment of the present invention is interpreted as, subsequent embodiment no longer illustrates one by one to this.
Based on above-mentioned purpose, the one side of the embodiment of the present invention, it is proposed that one kind can be directed to different terminal equipment
Or different types of terminal device carries out one embodiment of the method for terminal access position determination.Fig. 1 is illustrated that this hair
The schematic flow sheet of one embodiment of the determination method of the terminal access position of bright offer.
The determination method of the terminal access position comprises the following steps:
Step S101, IP tables, MAC table and the ARP table of core switch are scanned, determine that the IP-MAC of core switch is corresponding
Relation and port-MAC corresponding relations;
Step S103, circulation obtain the MAC table of all access switch and match the ARP table of access switch, determine institute
There is the annexation of the port of terminal device and access switch;
Step S105, the true access digit of all terminal devices is determined according to the Link State of the port of access switch
Put.
Wherein, optionally it is determined that the true on-position of terminal device is to be closed according to IP, MAC, the corresponding of port three
System, link relation (port) is determined by known terminal device information (such as MAC), and by virtual address (IP) along link
Up to the terminal device.
In some embodiments, IP tables, MAC table and the ARP table of core switch are scanned, determines core switch
IP-MAC corresponding relations include with port-MAC corresponding relations:
Scan the IP tables of core switch and determine IP scopes;
Active scan IP scopes and the MAC table and ARP table for updating core switch;
Scan the ARP table of core switch and determine IP-MAC corresponding relations;
Scan the MAC table of core switch and determine port-MAC corresponding relations.
In some embodiments, circulation obtains the MAC table of all access switch and matches the ARP of access switch
Table, determining the annexation of the port of all terminal devices and access switch includes:
Circulation obtains the MAC table of all access switch and updates port-MAC corresponding relations;
The ARP table of port-MAC corresponding relations and access switch is matched, obtains the IP- ports of all terminal devices
Corresponding relation, and as all terminal devices and the annexation of the port of access switch.
In some embodiments, the true of all terminal devices is determined according to the Link State of the port of access switch
On-position includes:
The Link State for determining each port of access switch is Access or Trunk;
The port that Link State is Access is defined as to the true on-position of counterpart terminal equipment;
The port that Link State is Trunk is defined as the doubtful on-position of counterpart terminal equipment, and further scanned
The access switch that Trunk ports are directly connected to is to determine the true on-position of counterpart terminal equipment.
Wherein, alternatively, the access switch that further scanning Trunk ports are directly connected to may still obtain one newly
Trunk ports, can continue to scan on until obtaining Access ports.Access ports are the real on-positions of equipment, and
Trunk ports are a bit on an available link paths of equipment.The embodiment of the present invention uses the conduct of Access ports
The effective port of identification equipment can location equipment really be more accurately position.
In some embodiments, core switch and all access switch open SNMP services.
Wherein, alternatively, SNMP is serviced for allowing other equipment to believe by the inside of this agreement acquisition local switch
Breath.In the present invention, core switch obtains the support that the behaviors such as the MAC table of access switch need SNMP to service.
In some embodiments, terminal device is single device or the hub for being connected to multiple devices simultaneously.
Wherein, alternatively, hub is because that can not carry out network management without being produced with core switch and access switch
Initiative service interaction.Hub is considered as independent terminal device in a network.
From above-described embodiment as can be seen that the determination method of terminal access position provided in an embodiment of the present invention, by true
The IP-MAC corresponding relations of the fixed core switch and port-MAC corresponding relations, determine that all terminal devices exchange with accessing
The annexation of the port of machine and the true on-position for determining all terminal devices, can be directed to different terminal equipment or
Different types of terminal device carries out terminal access position determination, improves location accuracy, reduces manual work amount, and can be with
The dynamic change of further perception terminal equipment connecting relation and the equipment alarm to violation access and disabled ports.
The embodiment of the present invention, which also proposed one kind, can be directed to different terminal equipment or the progress of different types of terminal device
Second embodiment of the method that terminal access position determines.Fig. 2 is illustrated that terminal access position provided by the invention really
Determine the schematic flow sheet of second embodiment of method.
As shown in Fig. 2 scanning the IP lists of core switch first, the all-ones subnet of core switch is determined, thus may be used
To determine the border of system.After obtaining the whole network subnet, whole subnet address is scanned by Ping modes, confirm IP address survival or
Person is to be not present, and the MAC table of access switch can be made to be updated to newest most full MAC information.Then, interchanger is scanned
ARP table, obtain IP-MAC corresponding relations, be stored in access NAC end message module.Next circulation obtains access and exchanged
The MAC forward tables of machine are to update the relation of port and MAC, and to search terminal IP in the information table of terminal according to MAC Address
Address, obtain the linking relationship of PC and access switch.The Link State of port is further obtained, only port is Access mouths
It could accurately confirm that this MAC Address is connected on this port, accurately determine the on-position relation of equipment.If port is Trunk
Mouthful, doubtful on-position can only be masked as.Only clear and definite Access eloquence can determine that the real on-position of this equipment;It is doubtful
On-position can determine access switch be present under this port, can scan this access switch to confirm real access digit
Put relation.This method is based on accurate terminal access position, can do port flow control, binding and on-position essence
Really control.
Fig. 3 shows the network architecture schematic diagram of the present embodiment.As shown in figure 3, network system includes:
Access NAC (Network access control, network admittance control), is responsible for equipment control and interchanger pipe
Reason;
Managed switch, configuration SNMP services;
HUB equipment (electric wire connecting junction), the part as test;
Terminal, it is respectively connected to interchanger and HUB equipment;
External network, i.e. outer net resource;
Server area, i.e. intranet server.
Access NAC connection core switch, the equipment of scanning whole network survival, outer net and server area are respectively connected to core
Heart interchanger, Trunk the mouths eth0/1, Eth0/2, PC1 that access switch A and B connect core switch respectively connect access switch
AEth0/2 mouths, PC2, PC3 meet HUB, and HUB equipment connects access switch B Eth0/2 mouths.
Access NAC scans the Vlan IP tables of core switch by SNMP;Determine the whole network IP scopes;Active scan is found
All IP scopes, it is ensured that the whole network switch A RP tables and MAC table are complete;The ARP of core switch is scanned by SNMP,
It was found that all IP-MAC corresponding relations.
In next step, all access switch A, B MAC table are scanned respectively by SNMP.Access switch A is scanned, is obtained
There is MAC Address corresponding to PC1 in (Eth0/2, MAC-PC1) Eth0/2 mouths, by the ARP and the end that match access switch
Mouth state (Access), determine PC1 connection access switch A Eth0/2 mouths.Because HUB can not webmaster;Corresponding to PC2, PC3
MAC Address appears in access switch B Eth0/2 mouths, because Eth0/2 mouths belong to Access mouths, so determine PC2, PC3
Connect the Eth0/2 mouths of switch b.
With reference to whole topological relation;Determine the Eth0/2 mouths of the equipment of terminal PC 1 connection switch A;PC2, PC3 connection exchange
Machine B Eth0/2 mouths, on-position are added to access NAC as terminal attribute, and corresponding action is done according to strategy.
From above-described embodiment as can be seen that terminal access position provided in an embodiment of the present invention determines method, pass through determination
The IP-MAC corresponding relations and port-MAC corresponding relations of the core switch, determine all terminal devices and access switch
Port annexation and determine the true on-position of all terminal devices, different terminal equipment or not can be directed to
The terminal device of same type carries out terminal access position determination, improves location accuracy, reduces manual work amount, and can enter
The dynamic change of one step perception terminal equipment connecting relation and the equipment alarm to violation access and disabled ports.
It is important to note that above-mentioned terminal access position determines each step in each embodiment of method
Intersecting, replacing, increasing, deleting, therefore, these rational permutation and combination become alternatively determines method in terminal access position
It should also be as belonging to protection scope of the present invention, and protection scope of the present invention should not be confined on the embodiment.
Based on above-mentioned purpose, second aspect of the embodiment of the present invention, it is proposed that one kind can be directed to different terminal equipment
Or different types of terminal device carries out one embodiment of the device of terminal access position determination.The terminal access position
Determining device used the determination method of above-mentioned terminal access position.
Terminal access position determining device provided in an embodiment of the present invention, by the IP-MAC for determining the core switch
Corresponding relation and port-MAC corresponding relations, the annexation for the port for determining all terminal devices and access switch and determination
The true on-position of all terminal devices, can be directed to different terminal equipment or different types of terminal device is carried out eventually
Hold on-position to determine, improve location accuracy, reduce manual work amount, and further the connection of perception terminal equipment can close
The dynamic change of system and the equipment alarm to violation access and disabled ports.
It is important to note that the embodiment of above-mentioned terminal access position determining device employs the terminal access digit
The embodiment for the determination method put illustrates the course of work of each module, those skilled in the art can it is readily conceivable that
By in the other embodiment of the determination method of these module applications to the terminal access position.Certainly, because the terminal connects
The each step entered in method for determining position embodiment can be intersected, replaces, increases, deleted, and therefore, these are reasonable
Permutation and combination become and alternatively should also be as belonging to protection scope of the present invention in the terminal access position determining device, and should
Protection scope of the present invention is confined on the embodiment.
Based on above-mentioned purpose, the 3rd aspect of the embodiment of the present invention, it is proposed that one kind performs the terminal access position
Determination method computer equipment one embodiment.
The computer equipment of the determination method for performing the terminal access position includes memory, at least one processing
Device and storage perform above-mentioned on a memory and the computer program that can run on a processor, during computing device program
Anticipate a kind of method.
As shown in figure 4, the computer equipment for the determination method provided by the invention for performing the terminal access position
The hardware architecture diagram of one embodiment.
By taking computer equipment as shown in Figure 4 as an example, include a processor 401 and one in the computer equipment
Memory 402, and can also include:Input unit 403 and output device 404.
Processor 401, memory 402, input unit 403 and output device 404 can pass through bus or other modes
Connect, in Fig. 4 exemplified by being connected by bus.
Memory 402 is used as a kind of non-volatile computer readable storage medium storing program for executing, available for storage non-volatile software journey
Sequence, non-volatile computer executable program and module, such as the determination of the terminal access position in the embodiment of the present application
Programmed instruction/module corresponding to method.Processor 401 by operation be stored in non-volatile software program in memory 402,
Instruction and module, various function application and data processing so as to execute server, that is, realize above method embodiment
The determination method of terminal access position.
Memory 402 can include storing program area and storage data field, wherein, storing program area can store operation system
Application program required for system, at least one function;Storage data field can be stored according to the determining device of terminal access position
Use created data etc..In addition, memory 402 can include high-speed random access memory, can also include non-volatile
Property memory, a for example, at least disk memory, flush memory device or other non-volatile solid state memory parts.At some
In embodiment, memory 402 is optional including relative to the remotely located memory of processor 401, and these remote memories can be with
Pass through network connection to local module.The example of above-mentioned network includes but is not limited to internet, intranet, LAN, shifting
Dynamic communication network and combinations thereof.
Input unit 403 can receive the numeral or character information of input, and the determination produced with terminal access position fills
The key signals input that the user put is set and function control is relevant.Output device 404 may include the display devices such as display screen.
One or more of terminal access positions determine that programmed instruction/module is stored in the storage corresponding to method
In device 402, when being performed by the processor 401, the terminal access position determination side in above-mentioned any means embodiment is performed
Method.
Any one embodiment of the computer equipment of the determination method for performing the terminal access position, Ke Yida
The effect identical or similar to corresponding foregoing any means embodiment.
Based on above-mentioned purpose, the 4th aspect of the embodiment of the present invention, it is proposed that a kind of computer-readable recording medium, institute
Stating computer-readable recording medium storage has computer executable instructions, and the computer executable instructions can perform above-mentioned any side
The determination method of terminal access position in method embodiment is with realizing the terminal access digit in above-mentioned any device/system embodiment
The determination device/system put.The embodiment of the computer-readable recording medium, corresponding foregoing any side can be reached
The method effect identical or similar with device/system embodiment.
Based on above-mentioned purpose, the 5th aspect of the embodiment of the present invention, it is proposed that a kind of computer program product, the calculating
Machine program product includes the calculation procedure being stored on computer-readable recording medium, and the computer program includes instruction, when this
When instruction is computer-executed, the computer is set to perform the determination method of the terminal access position in above-mentioned any means embodiment
Determination device/system with realizing the terminal access position in above-mentioned any device/system embodiment.The computer program production
The embodiment of product, the corresponding foregoing any means effect identical or similar with device/system embodiment can be reached
Fruit.
Finally it should be noted that one of ordinary skill in the art will appreciate that realizing the whole in above-described embodiment method
Or part flow, related hardware can be instructed to complete by computer program, described program can be stored in a computer
In read/write memory medium, the program is upon execution, it may include such as the flow of the embodiment of above-mentioned each method.Wherein, it is described
Storage medium can be magnetic disc, CD, read-only memory (Read-Only Memory, ROM) or random access memory
(Random Access Memory, RAM) etc..The embodiment of the computer program, corresponding foregoing can be reached
The identical or similar effect of embodiment of the method for anticipating.
In addition, typically, it can be various electric terminal equipments that the embodiment of the present invention, which discloses described device, equipment etc., example
Such as mobile phone, personal digital assistant (PDA), tablet personal computer (PAD), intelligent television or large-scale terminal device, such as service
Device etc., therefore protection domain disclosed in the embodiment of the present invention should not limit as certain certain types of device, equipment.It is of the invention real
It can be applied to above-mentioned any with the combining form of electronic hardware, computer software or both to apply example and disclose described client
In a kind of electric terminal equipment.
In addition, disclosed method is also implemented as the computer program performed by CPU according to embodiments of the present invention, should
Computer program can store in a computer-readable storage medium.When the computer program is performed by CPU, the present invention is performed
The above-mentioned function of being limited in method disclosed in embodiment.
In addition, above method step and system unit can also utilize controller and make it that controller is real for storing
The computer-readable recording medium of the computer program of existing above-mentioned steps or Elementary Function is realized.
In addition, it should be appreciated that computer-readable recording medium (for example, memory) as described herein can be volatile
Property memory or nonvolatile memory, or both volatile memory and nonvolatile memory can be included.As example
Sub and nonrestrictive, nonvolatile memory can include read-only storage (ROM), programming ROM (PROM), electrically programmable
ROM (EPROM), electrically erasable programmable ROM (EEPROM) or flash memory.Volatile memory can include arbitrary access
Memory (RAM), the RAM can serve as external cache.Nonrestrictive as an example, RAM can be with more
Kind form obtains, such as synchronous random access memory (DRAM), dynamic ram (DRAM), synchronous dram (SDRAM), double data rate SDRAM
(DDR SDRAM), enhancing SDRAM (ESDRAM), synchronization link DRAM (SLDRAM) and directly Rambus RAM (DRRAM).
The storage device of disclosed aspect is intended to the memory of including but not limited to these and other suitable type.
Those skilled in the art will also understand is that, the various illustrative logical blocks with reference to described by disclosure herein, mould
Block, circuit and algorithm steps may be implemented as the combination of electronic hardware, computer software or both.It is hard in order to clearly demonstrate
This interchangeability of part and software, enters with regard to the function of various exemplary components, square, module, circuit and step to it
General description is gone.This function is implemented as software and is also implemented as hardware depending on concrete application and application
Design constraint to whole system.Those skilled in the art can realize described in a variety of ways for every kind of concrete application
Function, but this realize that decision should not be interpreted as causing a departure from scope of disclosure of the embodiment of the present invention.
Various illustrative logical blocks, module and circuit with reference to described by disclosure herein, which can utilize, to be designed to
The following part of function described here is performed to realize or perform:General processor, digital signal processor (DSP), special collection
Into circuit (ASIC), field programmable gate array (FPGA) or other PLDs, discrete gate or transistor logic, divide
Any combinations of vertical nextport hardware component NextPort or these parts.General processor can be microprocessor, but alternatively, processing
Device can be any conventional processors, controller, microcontroller or state machine.Processor can also be implemented as computing device
Combination, for example, the combination of DSP and microprocessor, multi-microprocessor, one or more microprocessors combination DSP and/or any
Other this configurations.
The step of method or algorithm with reference to described by disclosure herein, can be directly contained in hardware, be held by processor
In capable software module or in combination of the two.Software module may reside within RAM memory, flash memory, ROM storages
Device, eprom memory, eeprom memory, register, hard disk, removable disk, CD-ROM or known in the art it is any its
In the storage medium of its form.Exemplary storage medium is coupled to processor so that processor can be from the storage medium
Middle reading information writes information to the storage medium.In an alternative, the storage medium can be with processor collection
Into together.Processor and storage medium may reside within ASIC.ASIC may reside within user terminal.In a replacement
In scheme, processor and storage medium can be used as discrete assembly resident in the user terminal.
In one or more exemplary designs, the function can be real in hardware, software, firmware or its any combination
It is existing.If realized in software, can be stored in using the function as one or more instruction or code computer-readable
Transmitted on medium or by computer-readable medium.Computer-readable medium includes computer-readable storage medium and communication media,
The communication media includes helping for computer program to be sent to any medium of another position from a position.Storage medium
It can be any usable medium that can be accessed by a general purpose or special purpose computer.It is nonrestrictive as an example, the computer
Computer-readable recording medium can include RAM, ROM, EEPROM, CD-ROM or other optical disc memory apparatus, disk storage equipment or other magnetic
Property storage device, or can be used for carry or storage form for instruction or data structure required program code and can
Any other medium accessed by universal or special computer or universal or special processor.In addition, any connection can
It is properly termed as computer-readable medium.If for example, use coaxial cable, optical fiber cable, twisted-pair feeder, digital subscriber line
(DSL) or such as wireless technology of infrared ray, radio and microwave to send software from website, server or other remote sources,
Then above-mentioned coaxial cable, optical fiber cable, twisted-pair feeder, DSL or such as wireless technology of infrared ray, radio and microwave are included in
The definition of medium.As used herein, disk and CD include compact disk (CD), laser disk, CD, digital versatile disc
(DVD), floppy disk, Blu-ray disc, wherein disk generally magnetically reproduce data, and CD reproduce data using laser optics.On
The combination for stating content should also be as being included in the range of computer-readable medium.
Above is exemplary embodiment disclosed by the invention, it should be noted that in the sheet limited without departing substantially from claim
On the premise of inventive embodiments scope of disclosure, it may be many modifications and change.According to open embodiment described herein
The function of claim to a method, step and/or action be not required to perform with any particular order.In addition, although the present invention is implemented
Element disclosed in example can be described or required in the form of individual, but be odd number unless explicitly limited, it is understood that be multiple.
It should be appreciated that it is used in the present context, unless context clearly supports exception, singulative " one
It is individual " (" a ", " an ", " the ") be intended to also include plural form.It is to be further understood that "and/or" used herein is
Referring to includes any of one or more than one project listed in association and is possible to combine.
The embodiments of the present invention disclose that embodiment sequence number is for illustration only, do not represent the quality of embodiment.
One of ordinary skill in the art will appreciate that hardware can be passed through by realizing all or part of step of above-described embodiment
To complete, by program the hardware of correlation can also be instructed to complete, described program can be stored in a kind of computer-readable
In storage medium, storage medium mentioned above can be read-only storage, disk or CD etc..
Those of ordinary skills in the art should understand that:The discussion of any of the above embodiment is exemplary only, not
It is intended to imply that scope of disclosure of the embodiment of the present invention (including claim) is limited to these examples;In the think of of the embodiment of the present invention
It under road, can also be combined, and exist as described above between the technical characteristic in above example or different embodiments
Many other changes of the different aspect of the embodiment of the present invention, for simplicity, they are not provided in details.Therefore, it is all at this
Spiritual and any omission within principle, made, modification, equivalent substitution, improvement of inventive embodiments etc., should be included in this hair
Within the protection domain of bright embodiment.
Claims (10)
1. a kind of determination method of terminal access position, it is characterised in that comprise the following steps:
IP tables, MAC table and the ARP table of core switch are scanned, determines IP-MAC corresponding relations and the end of the core switch
Mouth-MAC corresponding relations;
Circulation obtains the MAC table of all access switch and matches the ARP table of the access switch, determines all terminal devices
With the annexation of the port of the access switch;
The true on-position of all terminal devices is determined according to the Link State of the port of the access switch.
2. according to the method for claim 1, it is characterised in that scan IP tables, MAC table and the ARP of the core switch
Table, the IP-MAC corresponding relations and port-MAC corresponding relations for determining the core switch include:
Scan the IP tables of the core switch and determine IP scopes;
IP scopes described in active scan and the MAC table and ARP table for updating the core switch;
Scan the ARP table of the core switch and determine IP-MAC corresponding relations;
Scan the MAC table of the core switch and determine port-MAC corresponding relations.
3. according to the method for claim 1, it is characterised in that circulation obtains the MAC table of all access switch simultaneously
The ARP table of the access switch is matched, determines that all terminal devices and the connection of the port of the access switch are closed
System includes:
Circulation obtains the MAC table of all access switch and updates port-MAC corresponding relations;
The ARP table of the port-MAC corresponding relations and the access switch is matched, obtains all terminal devices
IP- ports corresponding relation, and as the annexation of all terminal devices and the port of the access switch.
4. according to the method for claim 1, it is characterised in that true according to the Link State of the port of the access switch
The true on-position of fixed all terminal devices includes:
The Link State for determining each port of the access switch is Access or Trunk;
The port that Link State is Access is defined as to the true on-position of counterpart terminal equipment;
The port that Link State is Trunk is defined as to the doubtful on-position of counterpart terminal equipment, and further described in scanning
The access switch that Trunk ports are directly connected to is to determine the true on-position of counterpart terminal equipment.
5. according to the method described in any one in claim 1-4, it is characterised in that the core switch and all described
Access switch opens SNMP services.
6. according to the method described in any one in claim 1-4, it is characterised in that the terminal device be single device or
The hub of multiple devices is connected to simultaneously.
7. a kind of determining device of terminal access position, it is characterised in that use side as claimed in any one of claims 1 to 6
Method.
8. a kind of computer equipment, including memory, at least one processor and it is stored on the memory and can be in institute
State the computer program run on processor, it is characterised in that such as claim is performed during the computing device described program
Method described in 1-6 any one.
9. a kind of computer-readable recording medium, the computer-readable recording medium storage has computer program, and its feature exists
In perform claim requires the method described in 1-6 any one when the computer program is executed by processor.
10. a kind of computer program product, it is characterised in that the computer program product includes being stored in computer-readable deposit
Calculation procedure on storage media, the calculation procedure include instruction, when the instruction is computer-executed, make the computer
Perform claim requires the method described in 1-6 any one.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710966470.7A CN107888563B (en) | 2017-10-17 | 2017-10-17 | Method and device for determining terminal access position |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710966470.7A CN107888563B (en) | 2017-10-17 | 2017-10-17 | Method and device for determining terminal access position |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN107888563A true CN107888563A (en) | 2018-04-06 |
| CN107888563B CN107888563B (en) | 2020-07-14 |
Family
ID=61781652
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201710966470.7A Active CN107888563B (en) | 2017-10-17 | 2017-10-17 | Method and device for determining terminal access position |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN107888563B (en) |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110266546A (en) * | 2019-06-29 | 2019-09-20 | 苏州浪潮智能科技有限公司 | A kind of method, equipment and readable medium configuring switch port |
| CN110365635A (en) * | 2019-05-23 | 2019-10-22 | 新华三技术有限公司 | A kind of connection control method and device of illegal endpoint |
| CN112511666A (en) * | 2020-12-14 | 2021-03-16 | 国网辽宁省电力有限公司盘锦供电公司 | Asset positioning method of computer terminal |
| CN114124782A (en) * | 2021-11-24 | 2022-03-01 | 北京鼎兴达信息科技股份有限公司 | Method for determining IP service path of terminal |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101110668A (en) * | 2006-07-21 | 2008-01-23 | 中国移动通信集团公司 | Method for tracing to secondary layer switch port |
| CN101272289A (en) * | 2008-05-09 | 2008-09-24 | 中兴通讯股份有限公司 | Method for port line-speed transmitting test data frame and Ethernet switchboard |
| CN103023779A (en) * | 2012-08-13 | 2013-04-03 | 中兴通讯股份有限公司 | Method and device for processing data message |
| US20150281075A1 (en) * | 2014-03-31 | 2015-10-01 | Electronics And Telecommunications Research Institute | Method and apparatus for processing address resolution protocol (arp) packet |
| CN105024949A (en) * | 2014-04-28 | 2015-11-04 | 国网山西省电力公司电力科学研究院 | Port automatically binding method and system |
-
2017
- 2017-10-17 CN CN201710966470.7A patent/CN107888563B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101110668A (en) * | 2006-07-21 | 2008-01-23 | 中国移动通信集团公司 | Method for tracing to secondary layer switch port |
| CN101272289A (en) * | 2008-05-09 | 2008-09-24 | 中兴通讯股份有限公司 | Method for port line-speed transmitting test data frame and Ethernet switchboard |
| CN103023779A (en) * | 2012-08-13 | 2013-04-03 | 中兴通讯股份有限公司 | Method and device for processing data message |
| US20150281075A1 (en) * | 2014-03-31 | 2015-10-01 | Electronics And Telecommunications Research Institute | Method and apparatus for processing address resolution protocol (arp) packet |
| CN105024949A (en) * | 2014-04-28 | 2015-11-04 | 国网山西省电力公司电力科学研究院 | Port automatically binding method and system |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110365635A (en) * | 2019-05-23 | 2019-10-22 | 新华三技术有限公司 | A kind of connection control method and device of illegal endpoint |
| CN110266546A (en) * | 2019-06-29 | 2019-09-20 | 苏州浪潮智能科技有限公司 | A kind of method, equipment and readable medium configuring switch port |
| CN112511666A (en) * | 2020-12-14 | 2021-03-16 | 国网辽宁省电力有限公司盘锦供电公司 | Asset positioning method of computer terminal |
| CN114124782A (en) * | 2021-11-24 | 2022-03-01 | 北京鼎兴达信息科技股份有限公司 | Method for determining IP service path of terminal |
| CN114124782B (en) * | 2021-11-24 | 2023-02-28 | 北京鼎兴达信息科技股份有限公司 | Method for determining IP service path of terminal |
Also Published As
| Publication number | Publication date |
|---|---|
| CN107888563B (en) | 2020-07-14 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN107888563A (en) | A kind of determination method and apparatus of terminal access position | |
| US20220076066A1 (en) | Using generative adversarial networks (gans) to enable sharing of sensitive data | |
| CN103607290B (en) | A kind of method and apparatus that network connection parameter is set | |
| BR112012028264B1 (en) | method and apparatus for accessing service by a mobile station and mobile station | |
| CN108401037A (en) | User terminal and the binding method of equipment, device and system | |
| US20210312472A1 (en) | Method and system for prediction of smart contract violation using dynamic state space creation | |
| CN108207012A (en) | A kind of flow control methods, device, terminal and system | |
| CN107968849B (en) | Method and device for network private line connection | |
| CN110247846B (en) | Routing method and routing device of virtual private network | |
| CN109067650A (en) | Routing based on SRIO exchange network is searched for automatically and configuration method | |
| CN106302306B (en) | Flow statistical method and device based on Access Control List (ACL) | |
| CN110796367A (en) | Equipment information management method and device based on information remote identification and terminal | |
| CN114553706B (en) | Network topology discovery method and device and electronic equipment | |
| CN109640345A (en) | Network dialing method, device and electronic equipment | |
| CN109788528A (en) | Access point and its internet business activating method and system | |
| TWI809888B (en) | Communication system, computer readable memory medium and communication control method | |
| CN103457957B (en) | A kind of network penetration test macro and method with adaptation function | |
| CN111090564B (en) | Method, device and medium for acquiring node network time delay | |
| CN111130976B (en) | Method, equipment and medium for configuring virtual local area network of white box switch | |
| CN108768807A (en) | A kind of method and device of cloud platform actual situation interconnection | |
| CN108966311A (en) | A kind of router, terminal and network share method, Network records method | |
| CN110611678B (en) | Method for identifying message and access network equipment | |
| CN114489943A (en) | Data access method and device | |
| CN107666671A (en) | The method and device of incorrect link detection based on TWAMP | |
| CN110968489B (en) | Method, equipment and medium for testing BMC (baseboard management controller) access pressure of white box switch |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| EE01 | Entry into force of recordation of patent licensing contract | ||
| EE01 | Entry into force of recordation of patent licensing contract |
Application publication date: 20180406 Assignee: CHINA TECHNOLOGY EXCHANGE Co.,Ltd. Assignor: BEIJING VRV SOFTWARE Corp.,Ltd. Contract record no.: X2022110000035 Denomination of invention: A Method and Device for Determining Terminal Access Location Granted publication date: 20200714 License type: Exclusive License Record date: 20220928 |
|
| PE01 | Entry into force of the registration of the contract for pledge of patent right |
Denomination of invention: A Method and Device for Determining Terminal Access Location Effective date of registration: 20220930 Granted publication date: 20200714 Pledgee: CHINA TECHNOLOGY EXCHANGE Co.,Ltd. Pledgor: BEIJING VRV SOFTWARE Corp.,Ltd. Registration number: Y2022110000244 |
|
| PE01 | Entry into force of the registration of the contract for pledge of patent right | ||
| EC01 | Cancellation of recordation of patent licensing contract |
Assignee: CHINA TECHNOLOGY EXCHANGE Co.,Ltd. Assignor: BEIJING VRV SOFTWARE Corp.,Ltd. Contract record no.: X2022110000035 Date of cancellation: 20240320 |
|
| EC01 | Cancellation of recordation of patent licensing contract | ||
| PC01 | Cancellation of the registration of the contract for pledge of patent right |
Granted publication date: 20200714 Pledgee: CHINA TECHNOLOGY EXCHANGE Co.,Ltd. Pledgor: BEIJING VRV SOFTWARE Corp.,Ltd. Registration number: Y2022110000244 |
|
| PC01 | Cancellation of the registration of the contract for pledge of patent right |