CN108259294A - Message processing method and device - Google Patents
Message processing method and device Download PDFInfo
- Publication number
- CN108259294A CN108259294A CN201710114261.XA CN201710114261A CN108259294A CN 108259294 A CN108259294 A CN 108259294A CN 201710114261 A CN201710114261 A CN 201710114261A CN 108259294 A CN108259294 A CN 108259294A
- Authority
- CN
- China
- Prior art keywords
- arp messages
- address
- transmitting terminal
- mac address
- module
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L69/00—Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
- H04L69/22—Parsing or analysis of headers
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/46—Interconnection of networks
- H04L12/4641—Virtual LANs, VLANs, e.g. virtual private networks [VPN]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements, protocols or services for addressing or naming
- H04L61/09—Mapping addresses
- H04L61/10—Mapping addresses of different types
- H04L61/103—Mapping addresses of different types across network layers, e.g. resolution of network layer into physical layer addresses or address resolution protocol [ARP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1466—Active attacks involving interception, injection, modification, spoofing of data unit addresses, e.g. hijacking, packet injection or TCP sequence number attacks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1475—Passive attacks, e.g. eavesdropping or listening without modification of the traffic monitored
Abstract
The application provides a kind of message processing method and device, and applied in VTEP equipment, this method includes:ARP messages are received, judge whether the transmitting terminal IP address of the ARP messages and the transmitting terminal MAC Address and preset gateway MAC address of preset gateway ip address and the ARP messages match;If the two matches, check whether the routing direction of ARP messages is correct, if routing direction mistake, abandon ARP messages;If transmitting terminal IP address and preset gateway ip address mismatch or transmitting terminal MAC Address and preset gateway MAC address mismatch, ARP messages are abandoned.The application is by the way that the transmitting terminal MAC Address and preset gateway MAC address of the transmitting terminal IP address of ARP messages and preset gateway ip address and the ARP messages are matched, and attack message is identified according to matching result, and abandon ARP messages, so as to avoid attack message being sent to gateway, network failure is reduced.
Description
Technical field
This application involves the communication technology more particularly to a kind of message processing methods and device.
Background technology
VXLAN (Virtual eXtensible LAN, expansible Virtual Local Area Network) is based on Internet Protocol
(IP) network, special using the two-layer virtual of " media access control (MAC in UDP) in User Datagram Protocol " packing forms
With network (VPN) technology.VXLAN is mainly used in data center network.
Wherein, the stateless gateway networking of VXLAN is a kind of very extensive application, as shown in Figure 1, VXLAN's is ill-mannered
The networking of state gateway includes multiple VXLAN gateways (GW), and all VXLAN gateways are all stateless gateways, i.e., all VXLAN gateways
IP address and media access control (Media Access Control, MAC) address it is identical, in this way, for VXLAN tunnels
For road endpoint (VXLAN Tunneling End Point, VTEP) equipment, all VXLAN gateways are equivalent to an equipment,
VTEP equipment does not have to distinguish each VXLAN gateways.
But in stateless gateway networking shown in Fig. 1, if some virtual machine (VM) is under attack, sends out and pretend to be
Address resolution protocol (ARP) broadcast of gateway, then all other VM can all receive ARP broadcast, lead to all gateways that are sent to
Message encapsulation error causes whole network failure.
Invention content
In view of this, the application provides a kind of message processing method and device.
Specifically, the application is achieved by the following technical solution:
It is according to embodiments of the present invention in a first aspect, provide a kind of message processing method, it is described applied in VTEP equipment
Method includes:
Receive ARP messages;
Judge the transmitting terminal IP address of the ARP messages and the transmission of preset gateway ip address and the ARP messages
Whether end MAC Address and preset gateway MAC address match;
If the two matches, check whether the routing direction of the ARP messages is correct, if the routing direction mistake,
Then abandon the ARP messages;
If the transmitting terminal IP address and preset gateway ip address mismatch or the transmitting terminal MAC Address and pre-
If gateway MAC address mismatch, then abandon the ARP messages.
Second aspect according to embodiments of the present invention provides a kind of message process device, applied to expansible virtual local area
In net endpoint of a tunnel VTEP equipment, described device includes:
Receiving module, for receiving ARP messages;
Matching module, for judging the transmitting terminal IP address of ARP messages that the receiving module receives and preset
Whether the transmitting terminal MAC Address and preset gateway MAC address of gateway ip address and the ARP messages match;
It checks discard module, if the matching result for the matching module is matched for the two, checks the ARP reports
Whether the routing direction of text is correct, if the routing direction mistake, abandons the ARP messages;
Discard module, if the matching result for the matching module is the transmitting terminal IP address and preset gateway IP
Address mismatch or the transmitting terminal MAC Address and preset gateway MAC address mismatch, then abandon the ARP messages.
In the embodiment of the present application, by by the transmitting terminal IP address of ARP messages and preset gateway ip address and institute
The transmitting terminal MAC Address and preset gateway MAC address for stating ARP messages are matched, and identify attack according to matching result
Message, and the ARP messages for belonging to attack message are abandoned, so as to avoid attack message being sent to gateway, reduce network event
Barrier.
Description of the drawings
Fig. 1 is a kind of schematic diagram of stateless gateway networking shown in an existing exemplary embodiment;
Fig. 2 is a kind of flow chart of message processing method shown in one exemplary embodiment of the application;
Fig. 3 is the flow chart of another message processing method shown in one exemplary embodiment of the application;
Fig. 4 is the flow chart of another message processing method shown in one exemplary embodiment of the application;
Fig. 5 is a kind of hardware structure diagram of VTEP equipment where the application message process device;
Fig. 6 is a kind of block diagram of message process device shown in one exemplary embodiment of the application;
Fig. 7 is a kind of block diagram of message process device shown in one exemplary embodiment of the application.
Specific embodiment
Here exemplary embodiment will be illustrated in detail, example is illustrated in the accompanying drawings.Following description is related to
During attached drawing, unless otherwise indicated, the same numbers in different attached drawings represent the same or similar element.Following exemplary embodiment
Described in embodiment do not represent all embodiments consistent with the application.On the contrary, they be only with it is such as appended
The example of the consistent device and method of some aspects be described in detail in claims, the application.
It is only merely for the purpose of description specific embodiment in term used in this application, and is not intended to be limiting the application.
It is also intended in the application and " one kind " of singulative used in the attached claims, " described " and "the" including majority
Form, unless context clearly shows that other meanings.It is also understood that term "and/or" used herein refers to and wraps
Containing one or more associated list items purposes, any or all may be combined.
It will be appreciated that though various information, but this may be described using term first, second, third, etc. in the application
A little information should not necessarily be limited by these terms.These terms are only used for same type of information being distinguished from each other out.For example, not departing from
In the case of the application range, the first information can also be referred to as the second information, and similarly, the second information can also be referred to as
One information.Depending on linguistic context, word as used in this " if " can be construed to " ... when " or " when ...
When " or " in response to determining ".
In the embodiment of the present application, VTEP is as access device, is responsible for being packaged the message that south orientation enters and south orientation
The message gone out carries out decapsulation processing, therefore the messages that send out of VM will first pass around VTEP and carry out plus VXLAN encapsulation process.
In view of this, the application is handled message on VTEP, in the embodiment of the present application, is preset first on VTEP all
The gateway ip address and MAC Address of VXLAN, and by the transmitting terminal IP address (Sender IP address) of ARP messages and preset
Gateway ip address and ARP messages transmitting terminal MAC Address (Sender MAC address) and preset gateway MAC address
It is matched, whether is then attack message, and abandon attack message according to matching result confirmation message, to avoid report will be attacked
Text is sent to gateway, so as to reduce network failure.The realization process of the application is described in detail with reference to specific embodiment.
Fig. 2 is a kind of flow chart of message processing method shown in one exemplary embodiment of the application, the embodiment from
VTEP sides are described.As shown in Fig. 2, the message processing method includes:
Step S201 receives ARP messages.
Step S202 judges the transmitting terminal IP address of the ARP messages and preset gateway ip address and the ARP messages
Whether transmitting terminal MAC Address and preset gateway MAC address match, if equal successful match, perform step S203, if sending
IP address and preset gateway ip address mismatch or transmitting terminal MAC Address and preset gateway MAC address is held to mismatch,
Then perform step S204.
Wherein, VTEP equipment can receive and preserve pre-set gateway ip address and gateway MAC address.
Step S203 checks whether the routing direction of the ARP messages is correct, if routing direction mistake, performs step
S204。
In this embodiment, it if the equal successful match of the two, needs to carry out whether just a step checks the routing direction of message
Really, wherein, checking the whether correct mode of routing direction of message can be:Whether the routing direction for checking message is to be sent to
The direction for the virtual machine that VTEP equipment is accessed namely from north orientation south, if routing direction be not from north orientation south, then it is assumed that be to attack
Hit message.
Step S204 abandons the ARP messages.
If only there are one field information successful match, then it is assumed that are attack messages.Confirming that the ARP messages are attack reports
Wen Hou, by the ARP packet loss.
Above-described embodiment, by by the transmitting terminal IP address of ARP messages and preset gateway ip address and ARP messages
Transmitting terminal MAC Address and preset gateway MAC address are matched, and identify attack message according to matching result, and abandon
Belong to the ARP messages of attack message, so as to avoid attack message being sent to gateway, reduce network failure.
Fig. 3 is the flow chart of another message processing method shown in one exemplary embodiment of the application, as shown in figure 3,
After S204 in fig. 2, it can also include:
Step S205 exports the relevant fault location information of ARP messages, for fault point.
In this embodiment, after confirming that the message is attack message, can be believed by log information (log) or alarm
The various ways such as breath export the relevant fault location information of the ARP messages to network administrator, which can wrap
It includes but is not limited to message content and receives the physical port of the ARP messages, to facilitate network administrator accordingly quickly and efficiently
Fault point.
Above-described embodiment by exporting the relevant fault location information of the ARP messages to network administrator, can facilitate net
Network administrator quickly and efficiently navigates to trouble point.
Fig. 4 is the flow chart of another message processing method shown in one exemplary embodiment of the application, as shown in figure 4,
This method includes:
Step S401 receives ARP messages.
Step S402 judges the transmitting terminal IP address of the ARP messages and the transmitting terminal of gateway ip address and the ARP messages
Whether MAC Address and gateway MAC address match, if mismatching, perform step S403, if matching, perform step
S404, if an only successful match, performs step S405.
Step S403, forwards the ARP messages, and operation terminates.
If the two mismatches, then it is assumed that the message is normal message, is forwarded according to the former forwarding rule of the message.
Step S404 checks whether the routing direction of the ARP messages is correct, if routing direction is correct, performs step
S403 if routing direction mistake, performs step S405.
Step S405 abandons the ARP messages, and network administrator is notified to be checked.
Above-described embodiment, by by the transmitting terminal IP address of ARP messages and preset gateway ip address and ARP messages
Transmitting terminal MAC Address and preset gateway MAC address are matched, and are forwarded ARP messages according to matching result or abandoned ARP reports
Text is sent to gateway to avoid by attack message, so as to reduce network failure.
Corresponding with the embodiment of aforementioned message processing method, present invention also provides the embodiments of message process device.
The embodiment of the application message process device can be applied in VTEP equipment.Device embodiment can pass through software
It realizes, can also be realized by way of hardware or software and hardware combining.For implemented in software, as on a logical meaning
Device, be to be read computer program instructions corresponding in nonvolatile memory by the processor of VTEP equipment where it
Into memory, operation is formed.For hardware view, as shown in figure 5, being that 500 place VTEP of the application message process device is set
A kind of standby hardware structure diagram in addition to processor 510 shown in fig. 5, memory 520, network interface 530 and non-volatile is deposited
Except reservoir 540, VTEP equipment in embodiment where device can also include other hardware generally according to its actual functional capability,
This is repeated no more.
Fig. 6 is a kind of block diagram of message process device shown in one exemplary embodiment of the application, which can be applied to
In VTEP equipment, as shown in fig. 6, the message process device includes:Receiving module 61, checks discard module 63 at matching module 62
With discard module 64.
Receiving module 61 is used to receive ARP messages.
Matching module 62 is used to judge the transmitting terminal IP address for the ARP messages that receiving module 61 receives and preset gateway IP
Whether the transmitting terminal MAC Address and preset gateway MAC address of address and ARP messages match.
If checking, discard module 63 matches for the matching result of matching module 62 for the two, checks ARP messages
Whether routing direction is correct, if routing direction mistake, abandons ARP messages.
If discard module 64 is transmitting terminal IP address and preset gateway ip address for the matching result of matching module 62
Mismatch or transmitting terminal MAC Address and preset gateway MAC address mismatch, then abandon ARP messages.
In an optional embodiment, which can also include:Output module 65.
Output module 65 is used for after 64 dropping packets of discard module 63 or discard module are checked, exports ARP message phases
The fault location information of pass, for fault point.
In another optional embodiment, which can also include:First forwarding module 66.
First forwarding module 66 is used to judge the transmitting terminal IP address of ARP messages and preset gateway IP in matching module 62
After whether the transmitting terminal MAC Address and preset gateway MAC address of address and ARP messages match, if the two is not
Match, then forward ARP messages.
In another optional embodiment, which can also include:Second forwarding module 67.
Second forwarding module 67 is used for after checking that discard module 63 checks whether the routing direction of ARP messages is correct,
If routing direction is correct, ARP messages are forwarded.
In another optional embodiment, as shown in fig. 7, checking that discard module 63 can include:Check submodule
631 and determination sub-module 632.
Check submodule 631 be used for check ARP messages routing direction whether be sent to VTEP equipment accessed it is virtual
The direction of machine.
If determination sub-module 632 is to be sent to the void that VTEP equipment is accessed for checking that submodule 631 checks ARP messages
The direction of plan machine, it is determined that routing direction is correct, if it is not to be sent to VTEP equipment institute to check that submodule 631 checks ARP messages
The direction of the virtual machine of access, it is determined that routing direction mistake.
The function of each unit and the realization process of effect specifically refer to and step are corresponded in the above method in above device
Realization process, details are not described herein.
For device embodiment, since it corresponds essentially to embodiment of the method, so related part is referring to method reality
Apply the part explanation of example.The apparatus embodiments described above are merely exemplary, wherein illustrating as separating component
Unit may or may not be physically separate, the component shown as unit may or may not be
Physical unit, you can be located at a place or can also be distributed in multiple network element.It can be according to the actual needs
Some or all of module therein is selected to realize the purpose of application scheme.Those of ordinary skill in the art are not paying wound
In the case that the property made is worked, you can to understand and implement.
Above-mentioned message process device, by by the transmitting terminal IP address of ARP messages and preset gateway ip address and ARP
The transmitting terminal MAC Address and preset gateway MAC address of message are matched, and identify attack message according to matching result,
And the ARP messages for belonging to attack message are abandoned, so as to avoid attack message being sent to gateway, reduce network failure.
The foregoing is merely the preferred embodiment of the application, not limiting the application, all essences in the application
God and any modification, equivalent substitution, improvement and etc. within principle, done, should be included within the scope of the application protection.
Claims (10)
1. a kind of message processing method, which is characterized in that applied in expansible virtual LAN endpoint of a tunnel VTEP equipment, institute
The method of stating includes:
Receive ARP messages;
Judge the transmitting terminal IP address of the ARP messages and the transmitting terminal MAC of preset gateway ip address and the ARP messages
Whether address and preset gateway MAC address match;
If the two matches, check whether the routing direction of the ARP messages is correct, if the routing direction mistake, loses
Abandon the ARP messages;
If the transmitting terminal IP address and preset gateway ip address mismatch or the transmitting terminal MAC Address and preset
Gateway MAC address mismatches, then abandons the ARP messages.
2. according to the method described in claim 1, it is characterized in that, after the discarding message, the method is also wrapped
It includes:
The relevant fault location information of the ARP messages is exported, for fault point.
3. according to the method described in claim 1, it is characterized in that, in the transmitting terminal IP address for judging the ARP messages
Whether matched with the transmitting terminal MAC Address and preset gateway MAC address of preset gateway ip address and the ARP messages
Later, the method further includes:
If the two mismatches, the ARP messages are forwarded.
4. according to the method described in claim 1, it is characterized in that, the routing direction for checking the ARP messages whether
After correct, the method further includes:
If the routing direction is correct, the ARP messages are forwarded.
5. according to the method described in claim 1, it is characterized in that, the routing direction for checking the ARP messages whether just
Really, including:
Whether the routing direction for checking the ARP messages is to be sent to the direction of virtual machine that the VTEP equipment is accessed;
If it is sent to the direction of virtual machine that the VTEP equipment is accessed, it is determined that the routing direction is correct, if not hair
The direction of virtual machine accessed to the VTEP equipment, it is determined that the routing direction mistake.
6. a kind of message process device, which is characterized in that applied in expansible virtual LAN endpoint of a tunnel VTEP equipment, institute
Device is stated to include:
Receiving module, for receiving ARP messages;
Matching module, for judging the transmitting terminal IP address of the ARP messages of the receiving module reception and preset gateway
Whether the transmitting terminal MAC Address and preset gateway MAC address of IP address and the ARP messages match;
It checks discard module, if the matching result for the matching module is matched for the two, checks the ARP messages
Whether routing direction is correct, if the routing direction mistake, abandons the ARP messages;
Discard module, if the matching result for the matching module is the transmitting terminal IP address and preset gateway ip address
Mismatch or the transmitting terminal MAC Address and preset gateway MAC address mismatch, then abandon the ARP messages.
7. device according to claim 6, which is characterized in that described device further includes:
Output module after abandoning the message in the inspection discard module or discard module, exports the ARP messages
Relevant fault location information, for fault point.
8. device according to claim 6, which is characterized in that described device further includes:
First forwarding module, for judging the transmitting terminal IP address of the ARP messages and preset gateway in the matching module
After whether the transmitting terminal MAC Address and preset gateway MAC address of IP address and the ARP messages match, if the two
It mismatches, then forwards the ARP messages.
9. device according to claim 6, which is characterized in that described device further includes:
Second forwarding module, after checking whether the routing direction of the ARP messages is correct in the inspection discard module,
If the routing direction is correct, the ARP messages are forwarded.
10. device according to claim 6, which is characterized in that the inspection discard module includes:
Submodule is checked, for checking whether the routing direction of the ARP messages is to be sent to the void that the VTEP equipment accessed
The direction of plan machine;
Determination sub-module, if it is to be sent to the VTEP equipment to be accessed to check the ARP messages for the inspection submodule
Virtual machine direction, it is determined that the routing direction is correct, if it is described inspection submodule check the ARP messages be not hair
The direction of virtual machine accessed to the VTEP equipment, it is determined that the routing direction mistake.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710114261.XA CN108259294B (en) | 2017-02-28 | 2017-02-28 | Message processing method and device |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710114261.XA CN108259294B (en) | 2017-02-28 | 2017-02-28 | Message processing method and device |
Publications (2)
Publication Number | Publication Date |
---|---|
CN108259294A true CN108259294A (en) | 2018-07-06 |
CN108259294B CN108259294B (en) | 2021-01-26 |
Family
ID=62721763
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201710114261.XA Active CN108259294B (en) | 2017-02-28 | 2017-02-28 | Message processing method and device |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN108259294B (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112165447A (en) * | 2020-08-21 | 2021-01-01 | 杭州安恒信息技术股份有限公司 | WAF equipment-based network security monitoring method, system and electronic device |
CN113259162A (en) * | 2021-05-08 | 2021-08-13 | 中国工商银行股份有限公司 | Network fault determination method and device, electronic equipment and storage medium |
Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101170515A (en) * | 2007-12-04 | 2008-04-30 | 华为技术有限公司 | A method, system and gateway device for processing packets |
CN101488951A (en) * | 2008-12-31 | 2009-07-22 | 成都市华为赛门铁克科技有限公司 | Method, equipment and communication network for preventing from address resolution protocol attack |
CN101789940A (en) * | 2010-01-28 | 2010-07-28 | 联想网御科技(北京)有限公司 | Method for preventing flood attack of DNS request message and device thereof |
CN104243265A (en) * | 2014-09-05 | 2014-12-24 | 华为技术有限公司 | Gateway control method, device and system based on virtual machine migration |
CN105407096A (en) * | 2015-11-26 | 2016-03-16 | 深圳市风云实业有限公司 | Message data detection method based on stream management |
CN105429870A (en) * | 2015-11-30 | 2016-03-23 | 北京瑞和云图科技有限公司 | VXLAN security gateway device and application method thereof in SDN |
CN105743993A (en) * | 2016-03-31 | 2016-07-06 | 杭州数梦工场科技有限公司 | Message processing method and system |
-
2017
- 2017-02-28 CN CN201710114261.XA patent/CN108259294B/en active Active
Patent Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101170515A (en) * | 2007-12-04 | 2008-04-30 | 华为技术有限公司 | A method, system and gateway device for processing packets |
CN101488951A (en) * | 2008-12-31 | 2009-07-22 | 成都市华为赛门铁克科技有限公司 | Method, equipment and communication network for preventing from address resolution protocol attack |
CN101789940A (en) * | 2010-01-28 | 2010-07-28 | 联想网御科技(北京)有限公司 | Method for preventing flood attack of DNS request message and device thereof |
CN104243265A (en) * | 2014-09-05 | 2014-12-24 | 华为技术有限公司 | Gateway control method, device and system based on virtual machine migration |
CN105407096A (en) * | 2015-11-26 | 2016-03-16 | 深圳市风云实业有限公司 | Message data detection method based on stream management |
CN105429870A (en) * | 2015-11-30 | 2016-03-23 | 北京瑞和云图科技有限公司 | VXLAN security gateway device and application method thereof in SDN |
CN105743993A (en) * | 2016-03-31 | 2016-07-06 | 杭州数梦工场科技有限公司 | Message processing method and system |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112165447A (en) * | 2020-08-21 | 2021-01-01 | 杭州安恒信息技术股份有限公司 | WAF equipment-based network security monitoring method, system and electronic device |
CN112165447B (en) * | 2020-08-21 | 2023-12-19 | 杭州安恒信息技术股份有限公司 | WAF equipment-based network security monitoring method, system and electronic device |
CN113259162A (en) * | 2021-05-08 | 2021-08-13 | 中国工商银行股份有限公司 | Network fault determination method and device, electronic equipment and storage medium |
Also Published As
Publication number | Publication date |
---|---|
CN108259294B (en) | 2021-01-26 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
EP3138243B1 (en) | Network service insertion | |
US8799504B2 (en) | System and method of TCP tunneling | |
US10382309B2 (en) | Method and apparatus for tracing paths in service function chains | |
CN101427526B (en) | Method and system for automatically interconnecting ipv4 networks across an ipv6 network | |
CN110535768B (en) | Multicast data transmission method and related equipment | |
US9106257B1 (en) | Checksumming encapsulated network packets | |
US9445384B2 (en) | Mobile device to generate multiple maximum transfer units and data transfer method | |
Tuexen et al. | UDP encapsulation of Stream Control Transmission Protocol (SCTP) packets for end-host to end-host communication | |
WO2022042503A1 (en) | Message transmission method, apparatus, and system | |
CN109787878A (en) | A kind of tunnel links detection method and relevant device | |
US8510466B2 (en) | Bypassing an application layer gateway | |
EP3985943A2 (en) | Service function chaining and overlay transport loop prevention | |
CN107733930A (en) | For forwarding Internet protocol in multiple WAN network gateways(IP)The method and system of packet | |
CN108259294A (en) | Message processing method and device | |
Kruse et al. | Datagram convergence layers for the delay-and disruption-tolerant networking (DTN) bundle protocol and licklider transmission protocol (LTP) | |
JPWO2011052729A1 (en) | Packet relay device, packet relay method and program | |
CN109120526A (en) | The method and the network equipment of point-to-point transmitting message | |
US10320953B2 (en) | User datagram protocol networking method for stability improvement | |
CN113746715B (en) | Method and device for realizing cross-three-layer transmission of two-layer message | |
Yong et al. | GRE-in-UDP encapsulation | |
US10256992B2 (en) | Tunnel encapsulation | |
CN106059846B (en) | fault analysis method and device applied to VXLAN | |
Templin | The Subnetwork Encapsulation and Adaptation Layer (SEAL) | |
CN107547686A (en) | ARP request message processing method and device | |
Kruse et al. | RFC 7122: Datagram convergence layers for the delay-and disruption-tolerant Networking (DTN) bundle protocol and Licklider transmission protocol (LTP) |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |