CN113347085B - Method for realizing STP protocol under mimicry environment - Google Patents
Method for realizing STP protocol under mimicry environment Download PDFInfo
- Publication number
- CN113347085B CN113347085B CN202110611448.7A CN202110611448A CN113347085B CN 113347085 B CN113347085 B CN 113347085B CN 202110611448 A CN202110611448 A CN 202110611448A CN 113347085 B CN113347085 B CN 113347085B
- Authority
- CN
- China
- Prior art keywords
- stp
- message
- port
- mac address
- stp protocol
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
- H04L45/18—Loop-free operations
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L65/00—Network arrangements, protocols or services for supporting real-time applications in data packet communication
- H04L65/60—Network streaming of media packets
- H04L65/65—Network streaming protocols, e.g. real-time transport protocol [RTP] or real-time control protocol [RTCP]
Landscapes
- Engineering & Computer Science (AREA)
- Multimedia (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Small-Scale Networks (AREA)
Abstract
The invention provides a method for realizing STP protocol in a mimicry environment, which is applied to a mimicry switch to realize STP protocol in the mimicry switch environment, wherein the mimicry switch comprises an input agent, an output agent, an internal switching chip, an external switching chip and a plurality of executors, the input agent and the output agent are connected to the same port of the internal switching chip and the external switching chip, and the plurality of executors are respectively connected to other ports of the internal switching chip. The invention carries out rotation transformation on the source MAC addresses of the STP protocol messages on the input proxy and the execution body, and solves the problem that the MAC address table of the internal exchange chip is repeatedly migrated to cause the internal communication to be switched on and off when the internal communication is switched off when the same STP protocol message passes through the input proxy and the execution body respectively under the condition of external link call return.
Description
Technical Field
The invention relates to the field of mimicry defense, in particular to a method for realizing STP protocol in a mimicry environment.
Background
The STP protocol relies on receiving and transmitting STP messages for determining whether a loop is present at a service port of the switching device and for performing loop blocking. The mimicry component generally comprises an input/output agent, a resolution module, a heterogeneous executive body and a feedback module, and in a hardware level, the mimicry component usually depends on a CPU module to run. Under the mimicry construction system, because each CPU module realizes communication through an internal exchange chip, when a loop occurs in the exchange equipment, the input/output agent and the execution body receive the same STP message, so that the MAC address of the port of the internal exchange chip is repeatedly migrated, and the communication between the mimicry components is switched on and off.
Disclosure of Invention
In order to solve the above problem, it is necessary to provide a method for implementing the STP protocol in a mimicry environment.
The first aspect of the present invention provides a method for implementing STP protocol in a mimicry environment, the method comprising the steps of:
starting the STP protocol by an execution body, wherein an STP protocol stack of the execution body sends an STP protocol message outwards from a port N, and the source MAC address of the STP protocol message is aa: bb: cc: dd: ee: ff;
STP protocol message reaches external exchange chip port T-M through internal exchange chip and output agent, MAC address table of port N learned by internal exchange chip is MN (N, aa: bb: cc: dd: ee: ff, VX represents VLAN ID where port N is located, X is execution body number;
when the input agent receives an STP message with a source MAC address aa: bb: cc: dd: ee: ff, the source MAC address of the STP message is replaced by YY: bb: cc: dd: ee: ff and then sent to the internal switching chip, and the MAC address table on a port T-M learned by the internal switching chip is MN (M, YY: bb: cc: dd: ee: ff, VX);
when the source MAC address of the STP message received by the execution body is YY: bb: cc: dd: ee: ff, the source MAC address is replaced by aa: bb: cc: dd: ee: ff, the source MAC address is sent to the STP protocol stack of the execution body, and if the STP message received by the STP protocol stack is the STP message sent by the execution body, the loop of the external link is judged to appear.
The invention provides a mimicry switch capable of realizing STP protocol, which comprises an input proxy, an output proxy, an internal switching chip, an external switching chip and a plurality of executors, wherein the input proxy and the output proxy are connected to the same port of the internal switching chip and the external switching chip, and the plurality of executors are respectively connected to other ports of the internal switching chip;
the executive is configured to:
starting the STP protocol, sending an STP protocol message from a port N by the STP protocol stack of the execution body, and setting the source MAC address of the STP protocol message as aa: bb: cc: dd: ee: ff;
replacing the source MAC address of the STP message with the source MAC address YY, bb, cc, dd, ee and ff with aa, bb, cc, dd, ee and ff, sending the STP message to the execution body, and judging that the external link appears a loopback if the STP message received by the STP protocol stack is the STP message sent by the STP stack;
the outbound proxy is configured to:
sending the received STP protocol message to the external exchange chip port T-M;
the input agent is configured to:
replacing the source MAC address of the received STP message with the source MAC address aa: bb: cc: dd: ee: ff with YY: bb: cc: dd: ee: ff, and then sending the STP message to the internal exchange chip;
the internal switching chip is configured to:
through transmitting STP protocol message sent by the execution body from the port N to the port T-M of the external exchange chip through the output agent, learning that the MAC address table of the port N is MN (N, aa: bb: cc: dd: ee: ff, VX), wherein the VX represents VLAN ID where the port N is located, and X is the number of the execution body;
through STP protocol message from input agent, learning MAC address table of port T-M as MN (M, YY: bb: cc: dd: ee: ff, VX)
Transmitting the STP protocol message from the input proxy and the output proxy to the corresponding executive body;
the external switch chip is configured to be an input/output port module of the mimic switch.
Based on the above, the internal exchange chip adopts a 53128 exchange chip, and the external exchange chip adopts a 5160/7148 exchange chip.
Based on the above, the output agent and the input agent are disposed on a CPU module, and are connected to an external switch chip through a PCIE interface and connected to an internal switch chip through an ethernet port.
The STP protocol design method under the mimicry environment provided by the invention carries out rotation transformation on STP protocol message source MAC addresses on the input proxy and the execution body, thereby solving the problem that the internal communication is 'on-off' due to the fact that the same STP protocol message repeatedly migrates through the input proxy and the execution body respectively under the condition of external link call return.
Additional aspects and advantages of the invention will be set forth in part in the description which follows, and in part will be obvious from the description, or may be learned by practice of the invention.
Drawings
The above and/or additional aspects and advantages of the present invention will become apparent and readily appreciated from the following description of the embodiments, taken in conjunction with the accompanying drawings of which:
fig. 1 shows a flow diagram of the method of the invention.
Figure 2 shows a block diagram of the architecture of the mimetic switch of the present invention.
Detailed Description
In order that the above objects, features and advantages of the present invention can be more clearly understood, a more particular description of the invention will be rendered by reference to the appended drawings. It should be noted that the embodiments and features of the embodiments of the present application may be combined with each other without conflict.
In the following description, numerous specific details are set forth in order to provide a thorough understanding of the present invention, however, the present invention may be practiced in other ways than those specifically described herein, and therefore the scope of the present invention is not limited by the specific embodiments disclosed below.
As shown in fig. 1 and fig. 2, the present invention provides a method for implementing STP protocol in a mimicry environment, which is applied to a mimicry switch, where the mimicry switch includes an input proxy, an output proxy, an internal switch chip, an external switch chip, and a plurality of executors, the input proxy and the output proxy are connected to a same port of the internal switch chip and the external switch chip, and the plurality of executors are respectively connected to other ports of the internal switch chip;
the executive is configured to:
starting the STP protocol, sending an STP protocol message from a port N by the STP protocol stack of the execution body, and setting the source MAC address of the STP protocol message as aa: bb: cc: dd: ee: ff;
replacing the source MAC address of the STP message with the source MAC address YY, bb, cc, dd, ee and ff with aa, bb, cc, dd, ee and ff, sending the STP message to the execution body, and judging that the external link appears a loopback if the STP message received by the STP protocol stack is the STP message sent by the STP stack;
the outbound proxy is configured to:
sending the received STP protocol message to the port T-M of the external exchange chip;
the input agent is configured to:
replacing the source MAC address of the received STP message with the source MAC address aa, bb, cc, dd, ee and ff to YY, bb, cc, dd, ee and ff, and then sending the message to a switching chip;
the internal switching chip is configured to:
through transmitting STP protocol message sent by the execution body from the port N to the port T-M of the external exchange chip through the output agent, learning that the MAC address table of the port N is MN (N, aa: bb: cc: dd: ee: ff, VX), wherein the VX represents VLAN ID where the port N is located, and X is the number of the execution body;
learning that the MAC address table of the port T-M is MN (M, YY: bb: cc: dd: ee: ff, VX) through STP protocol message from the input agent;
transmitting the STP protocol message from the input proxy and the output proxy to the corresponding executive body;
the external switch chip is configured to be an input/output port module of the mimic switch.
Specifically, the internal exchange chip adopts a 53128 exchange chip, and the external exchange chip adopts a 5160/7148 exchange chip. The output agent and the input agent are deployed on a CPU module, connected with an external switching chip through a PCIE interface and connected with an internal switching chip through an Ethernet interface.
The method for realizing the STP protocol under the mimicry switch comprises the following steps:
starting the STP protocol by an execution body 1, sending an STP protocol message from a port 2 to the outside by an STP protocol stack of the execution body 1, and setting a source MAC address of the STP protocol message as aa: bb: cc: dd: ee: ff;
the STP protocol message reaches a port T-1 of an external switching chip through an internal switching chip and an output proxy, an MAC address table of a port 2 learned by the internal switching chip is 12 (2, aa bb cc; under the mimic switch, when a loop occurs between a port T-1 and a port T-2, an STP message on the port T-1 reaches the port T-2, and the STP message on the port T-2 finally reaches an input proxy, so that an MAC address on an internal switching chip port is repeatedly migrated, and the communication between mimic components is caused to be on and off;
when the input agent receives an STP message with a source MAC address aa: bb: cc: dd: ee: ff, replacing the source MAC address of the STP message with an address of 11 bb cc; therefore, the ports T-1 and T-2 of the switching chip are in the same VLAN, the same MAC address table can not appear, and the problem of repeated migration of the MAC address table is avoided;
when the source MAC address of the STP message received by the execution body is 11 bb cc. When the external link is judged to have loop back, the STP protocol stack can disable one of the loop back ports of the mimic switch to eliminate the external loop back link, so that the problem of 'on-off when internal communication' caused by repeated migration of an MAC address table of an internal switching chip is solved.
The above description is only for the specific embodiments of the present invention, but the scope of the present invention is not limited thereto, and any person skilled in the art can easily conceive of the changes or substitutions within the technical scope of the present invention, and all the changes or substitutions should be covered within the scope of the present invention. Therefore, the protection scope of the present invention shall be subject to the protection scope of the claims.
Claims (4)
1. A method for implementing STP protocol in a mimicry environment, the method comprising the steps of:
starting the STP protocol by an execution body, wherein an STP protocol stack of the execution body sends an STP protocol message outwards from a port N, and the source MAC address of the STP protocol message is aa: bb: cc: dd: ee: ff;
STP protocol message reaches external exchange chip port T-M through internal exchange chip and output agent, MAC address table of port N learned by internal exchange chip is MN (N, aa: bb: cc: dd: ee: ff, VX represents VLAN ID where port N is located, X is execution body number;
when an input agent receives an STP message with a source MAC address of aa: bb: cc: dd: ee: ff, the STP message is replaced by YY: bb: cc: dd: ee: ff and then sent to an internal switching chip, and an MAC address table on a port T-M learned by the internal switching chip is MN (M, YY: bb: cc: dd: ee: ff, VX);
when the source MAC address of the STP message received by the execution body is YY: bb: cc: dd: ee: ff, the source MAC address is replaced by aa: bb: cc: dd: ee: ff, and then the source MAC address is sent to the STP protocol stack of the execution body, and if the STP message received by the STP protocol stack is the STP message sent by the execution body, the external link is judged to be looped back.
2. A mimetic switch capable of implementing the STP protocol, the switch comprising: the system comprises an input agent, an output agent, an internal exchange chip, an external exchange chip and a plurality of executors, wherein the input agent and the output agent are connected to the same port of the internal exchange chip and the external exchange chip, and the plurality of executors are respectively connected to other ports of the internal exchange chip;
the executive is configured to:
starting the STP protocol, sending an STP protocol message from a port N by the STP protocol stack of the execution body, and setting the source MAC address of the STP protocol message as aa: bb: cc: dd: ee: ff;
replacing the source MAC address of the STP message with the source MAC address YY, bb, cc, dd, ee and ff with aa, bb, cc, dd, ee and ff, sending the STP message to the execution body, and judging that the external link appears a loopback if the STP message received by the STP protocol stack is the STP message sent by the STP stack;
the output agent is configured to:
sending the received STP protocol message to the port T-M of the external exchange chip;
the input agent is configured to:
replacing the source MAC address of the received STP message with the source MAC address aa: bb: cc: dd: ee: ff with YY: bb: cc: dd: ee: ff, and then sending the STP message to the internal exchange chip;
the internal switching chip is configured to:
the STP protocol message sent by the execution body from the port N is sent to the port T-M of the external exchange chip through the output agent, the MAC address table of the port N is learned to be MN (N, aa: bb: cc: dd: ee: ff, VX), the VX represents the VLAN ID where the port N is located, and X is the execution body number;
learning that the MAC address table of the port T-M is MN (M, YY: bb: cc: dd: ee: ff, VX) through STP protocol message from the input agent;
transmitting the STP protocol message from the input proxy and the output proxy to the corresponding executive body;
the external switch chip is configured to be an input-output port module of the mimic switch.
3. The emulated switch of claim 2, wherein: the internal exchange chip adopts a 53128 exchange chip, and the external exchange chip adopts a 5160/7148 exchange chip.
4. The emulated switch of claim 3, wherein: the output agent and the input agent are deployed on a CPU module, connected with an external switching chip through a PCIE interface and connected with an internal switching chip through an Ethernet interface.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110611448.7A CN113347085B (en) | 2021-06-02 | 2021-06-02 | Method for realizing STP protocol under mimicry environment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110611448.7A CN113347085B (en) | 2021-06-02 | 2021-06-02 | Method for realizing STP protocol under mimicry environment |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN113347085A CN113347085A (en) | 2021-09-03 |
| CN113347085B true CN113347085B (en) | 2022-12-13 |
Family
ID=77474630
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110611448.7A Active CN113347085B (en) | 2021-06-02 | 2021-06-02 | Method for realizing STP protocol under mimicry environment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113347085B (en) |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104065582A (en) * | 2013-03-22 | 2014-09-24 | 杭州华三通信技术有限公司 | Message transmission method and gateway device |
| CN111416865A (en) * | 2020-03-24 | 2020-07-14 | 河南信大网御科技有限公司 | Protocol proxy processing method and system based on mimicry defense |
| CN112152943A (en) * | 2020-09-07 | 2020-12-29 | 华东计算技术研究所(中国电子科技集团公司第三十二研究所) | Method and system for controlling executive body based on processor mimicry switch |
Family Cites Families (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8559341B2 (en) * | 2010-11-08 | 2013-10-15 | Cisco Technology, Inc. | System and method for providing a loop free topology in a network environment |
| US8948056B2 (en) * | 2011-06-28 | 2015-02-03 | Brocade Communication Systems, Inc. | Spanning-tree based loop detection for an ethernet fabric switch |
| SE1950056A1 (en) * | 2019-01-17 | 2020-07-18 | Telia Co Ab | Methods and apparatuses for switching frames in a network topology |
| CN111371907B (en) * | 2020-05-26 | 2020-08-14 | 网络通信与安全紫金山实验室 | STP (spanning Tree protocol) -based data synchronization method and device and mimicry switch |
| CN111865928A (en) * | 2020-06-29 | 2020-10-30 | 中国人民解放军战略支援部队信息工程大学 | Security testing device and method for mimicry switch |
| CN112615862B (en) * | 2020-12-18 | 2022-08-05 | 网络通信与安全紫金山实验室 | Simulated defense-based attack defense device, method, equipment and medium |
-
2021
- 2021-06-02 CN CN202110611448.7A patent/CN113347085B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104065582A (en) * | 2013-03-22 | 2014-09-24 | 杭州华三通信技术有限公司 | Message transmission method and gateway device |
| CN111416865A (en) * | 2020-03-24 | 2020-07-14 | 河南信大网御科技有限公司 | Protocol proxy processing method and system based on mimicry defense |
| CN112152943A (en) * | 2020-09-07 | 2020-12-29 | 华东计算技术研究所(中国电子科技集团公司第三十二研究所) | Method and system for controlling executive body based on processor mimicry switch |
Non-Patent Citations (2)
| Title |
|---|
| "Implementation of Loop Prevention Protocols at the Data Link Layer in LAN";Vladimir Dimitrov Dimitrov;《2020 28th National Conference with International Participation (TELECOM)》;20201225;105-108 * |
| 生成树协议与交换网络环路研究;郭彦伟等;《厦门大学学报(自然科学版)》;20060612;308-311 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN113347085A (en) | 2021-09-03 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108156074B (en) | Protection switching method, network equipment and system | |
| CN108306777B (en) | SDN controller-based virtual gateway active/standby switching method and device | |
| CN107465613B (en) | Link aggregation interface communication state switching method and device | |
| CN104852855A (en) | Congestion control method, device and equipment | |
| US7130271B1 (en) | Relaying apparatus | |
| CN113347085B (en) | Method for realizing STP protocol under mimicry environment | |
| CN105281927A (en) | Method and device for multilink protection switching | |
| JP5172810B2 (en) | Baseband unit and base station system | |
| CN112260893A (en) | Ethernet redundancy device of VxWorks operating system based on network heartbeat | |
| CN103166868B (en) | For the method and apparatus that anti-neighbours are shaken | |
| CN100499500C (en) | Method for realizing management for multistage communication device | |
| CN112583746B (en) | Cell transmission method and device, storage medium and electronic device | |
| CN114828038A (en) | Access network system | |
| CN104219126A (en) | Automatic learning method and equipment for subring protocol VLAN (virtual local area network) in virtual channel mode | |
| CN100407666C (en) | Wideband wireless switch-in equipment chain circuit loop testing method | |
| CN113794634B (en) | Load sharing method and equipment | |
| CN104038426A (en) | Network switch and data updating method | |
| CN114710405B (en) | Method and system for designing internal network of mimicry system | |
| CN114615187B (en) | Logic interface data communication method and device | |
| CN109714294B (en) | Physical layer chip, network security device and data forwarding method | |
| KR100469733B1 (en) | Computer Exchange System and Method | |
| CN111131532B (en) | Method and system for automatically changing MAC address, computer equipment and medium | |
| CN114356830B (en) | Bus terminal control method, device, computer equipment and storage medium | |
| KR20000051752A (en) | Packet call generator for testing functions of mobile data service device and method thereof | |
| EP0509068A1 (en) | Dynamic association of rf radio data communication system in a pre-existing computer controlled network |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |