CN113839860A - Data packet forwarding method and device and network equipment - Google Patents
Data packet forwarding method and device and network equipment Download PDFInfo
- Publication number
- CN113839860A CN113839860A CN202010595491.4A CN202010595491A CN113839860A CN 113839860 A CN113839860 A CN 113839860A CN 202010595491 A CN202010595491 A CN 202010595491A CN 113839860 A CN113839860 A CN 113839860A
- Authority
- CN
- China
- Prior art keywords
- packet
- network
- abnormal
- forwarding
- routing information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/40—Network security protocols
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
- H04L45/28—Routing or path finding of packets in data switching networks using route fault recovery
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
Abstract
The application provides a forwarding method, a forwarding device and network equipment of a data packet, which relate to the technical field of communication, and the method comprises the following steps: acquiring a network packet received by network equipment, and judging whether the network packet is an abnormal packet or not; if yes, setting an abnormal identifier for the abnormal packet; and searching the routing information corresponding to the abnormal identifier in a preset routing table, and forwarding the network packet according to the searched routing information. According to the data packet forwarding method, device and network equipment, the routing information is searched for the abnormal packet, so that the network packet can still be forwarded when the network packet is abnormal, the smoothness of the network is further guaranteed, and the experience degree of a user is improved.
Description
Technical Field
The present application relates to the field of communications technologies, and in particular, to a method, an apparatus, and a network device for forwarding a data packet.
Background
At present, the quality of a communication link can be judged through the quality parameters of the link, and network switching can be performed under the condition that the currently used communication link is judged to have poor network quality, so that the link is ensured to be normal.
However, in some cases, it is difficult to obtain the quality parameter of the link, for example, when the network is completely disconnected, the delay data of the network cannot be counted. Therefore, when the network is completely blocked, it is difficult to achieve perfect network allocation, which results in unsmooth network and reduces user experience.
Disclosure of Invention
In view of the above, the present application provides a method, an apparatus and a network device for forwarding a data packet to alleviate the above technical problem.
In a first aspect, an embodiment of the present application provides a method for forwarding a data packet, where the method is applied to a network device, and the method includes: acquiring a network packet received by the network equipment, and judging whether the network packet is an abnormal packet or not; if yes, setting an abnormal identifier for the abnormal packet; and searching the routing information corresponding to the abnormal identifier in a preset routing table, and forwarding the network packet according to the searched routing information.
In an embodiment of the present application, the network device is configured with a firewall architecture, where the firewall architecture includes a plurality of detection nodes, each detection node registers a preset callback function, and the detection nodes are connected in sequence to form a propagation link of the network packet.
In an embodiment of the present application, the step of determining whether the network packet is an abnormal packet includes: extracting the packet information of the network packet; wherein the packet information includes at least one of: protocol type and identity ID; and judging whether the network packet is an abnormal packet or not according to the packet information.
In an embodiment of the present application, the step of determining whether the network packet is an abnormal packet according to the packet information includes: if the protocol type of the network packet is an ICMP packet, acquiring the category identification of the ICMP packet; judging whether the category identification is a preset abnormal identification; if so, determining that the network packet is an abnormal packet.
In an embodiment of the present application, the step of determining whether the network packet is an abnormal packet according to the packet information includes: if the protocol type of the network packet is a DNS packet, acquiring a DNS code of the DNS packet; judging whether the DNS code is a preset abnormal code or not; if so, determining that the network packet is an abnormal packet.
In an embodiment of the present application, the step of determining whether the network packet is an abnormal packet according to the packet information includes: if the identity ID of the network packet is a game packet, judging whether the time interval for receiving the game packet is greater than a preset time interval; if so, determining that the network packet is an abnormal packet.
In an embodiment of the present application, the step of forwarding the network packet according to the found routing information includes: switching a first network currently used by the network equipment to a standby second network according to the searched routing information; and forwarding the network packet through the second network according to the routing information.
In an embodiment of the present application, the method further includes: after a first network currently used by the network equipment is switched to a standby second network, recording the number of the network packets forwarded by the second network; and if the number of the network packets forwarded by the second network exceeds a preset number threshold, switching the second network to the first network.
In a second aspect, an embodiment of the present application provides a device for forwarding a data packet, where the device is applied to a network device, and the device includes: the judging module is used for acquiring the network packet received by the network equipment and judging whether the network packet is an abnormal packet or not; the setting module is used for setting an abnormal identifier for the abnormal packet when the judgment result of the judging module is yes; and the forwarding module is used for searching the routing information corresponding to the abnormal identifier in a preset routing table and forwarding the network packet according to the searched routing information.
In a third aspect, an embodiment of the present application provides a network device, which includes a memory, a processor, and a computer program stored on the memory and executable on the processor, where the processor implements the method according to the first aspect when executing the computer program.
In a fourth aspect, the present application provides a computer-readable storage medium, on which a computer program is stored, where the computer program is executed by a processor to perform the method of the first aspect.
The method, the device and the network equipment for forwarding the data packet provided by the embodiment of the application can acquire the network packet received by the network equipment, and set an abnormal identifier for the abnormal packet when the network packet is judged to be the abnormal packet; and then, the routing information corresponding to the abnormal identifier is searched in a preset routing table, the network packet is forwarded according to the searched routing information, and the network packet can still be forwarded, so that the smoothness of the network is ensured, and the experience degree of a user is improved.
In order to make the embodiments of the present application more comprehensible, various embodiments accompanied with the attached drawings are described in detail below.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings needed to be used in the description of the embodiments or the prior art will be briefly described below, and it is obvious that the drawings in the following description are some embodiments of the present application, and other drawings can be obtained by those skilled in the art without creative efforts.
Fig. 1 is a flowchart of a method for forwarding a data packet according to an embodiment of the present application;
fig. 2 is a schematic diagram of a firewall architecture according to an embodiment of the present disclosure;
fig. 3 is a flowchart of another packet forwarding method according to an embodiment of the present application;
fig. 4 is a schematic structural diagram of a data packet forwarding apparatus according to an embodiment of the present application;
fig. 5 is a schematic structural diagram of a network device according to an embodiment of the present application.
Detailed Description
In order to make the technical solutions of the embodiments of the present application clearer, the technical solutions of the present application will be described clearly and completely with reference to the accompanying drawings. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
Currently, in the prior art, the quality of the link is determined by a quality parameter of the link, for example, a determination is made regarding the delay of the application. However, there are cases where the delay cannot be determined, for example, when the network is completely disconnected, the delay data cannot be counted by TCP (Transmission Control Protocol) interaction, so that when the network is completely disconnected, a perfect network allocation cannot be achieved.
In addition, another scheme is that for TCP, RTT (Round Trip Time) Time of each TCP flow is counted, and by counting the RTT Time, current network quality can be determined, where a higher RTT represents worse network quality. However, this method has certain limitations, for example, in the current times of prevailing handtours, most of the implementation methods of handtours are implemented by using a UDP (User Datagram Protocol), so that the technique of counting RTT time is limited to detecting TCP type packets, and cannot be determined for UDP type packets, because the UDP Protocol does not have a so-called RTT time, and thus, for the case of the UDP RTT Protocol, it is difficult to determine the quality of a link by counting time.
Based on this, the method, the device and the network device for forwarding the data packet provided in the embodiments of the present application can effectively alleviate the above technical problems.
For the convenience of understanding the present embodiment, a detailed description will be first given of a packet forwarding method disclosed in the embodiments of the present application.
Specifically, an embodiment of the present application provides a method for forwarding a data packet, where the method is applied to a network device, and as shown in fig. 1, a flowchart of the method for forwarding a data packet is provided, where the method includes:
step S102, acquiring a network packet received by network equipment, and judging whether the network packet is an abnormal packet or not;
step S104, if yes, setting an abnormal identifier for the abnormal packet;
specifically, the network packet in the embodiment of the present application refers to a data packet transmitted by using a specified Protocol in a network, such as an ICMP (Internet Control Message Protocol) packet, a DNS (Domain Name System) packet, a game packet, and the like, where the packets all follow a certain network Protocol when being transmitted in a network link and carry corresponding packet information, such as a Protocol type, an identity, an IP address, and the like, and the determination process of the abnormal packet in the step S102 may be implemented according to the corresponding packet information, so as to determine whether the packet is an abnormal packet, and when the packet is determined to be an abnormal packet, the following step S106 is continuously executed to forward the abnormal packet.
And step S106, searching the routing information corresponding to the abnormal identifier in a preset routing table, and forwarding the network packet according to the searched routing information.
Specifically, the preset routing table is usually a routing table pre-stored in the network device, and includes an abnormal identifier and routing information corresponding to the abnormal identifier, so that when the corresponding routing information is found, a next hop of the abnormal packet can be determined according to the found routing information, so as to forward the abnormal packet.
According to the data packet forwarding method provided by the embodiment of the application, the network packet received by the network equipment can be acquired, and when the network packet is judged to be an abnormal packet, an abnormal identifier is set for the abnormal packet; and then, searching the routing information corresponding to the abnormal identifier in a preset routing table, and forwarding the network packet according to the searched routing information, wherein the mode of searching the routing information for the abnormal packet can still forward the network packet when the network packet is abnormal, so that the smoothness of the network is ensured, and the experience degree of a user is improved.
In actual use, the network device generally includes a physical entity device connected to the network, such as a switch, a bridge, a router, a gateway, etc., and, in order to provide a secure network use environment for users, the network device is generally configured with a firewall architecture, and the firewall architecture generally includes a plurality of detection nodes, each of which is further registered with a preset callback function, and the plurality of detection nodes are connected in turn to form a propagation link of a network packet.
For convenience of understanding, fig. 2 shows a schematic diagram of a firewall architecture, and in particular, in the embodiment of the present application, the firewall architecture is exemplified as a Linux kernel network filter firewall architecture, which is equivalent to a filter architecture and can analyze and process a received network packet. In a specific implementation, the firewall architecture may have a plurality of nodes on a link of the receiving, sending, and routing of the network packet, and the detection node in the embodiment of the present application is a part or all of the plurality of nodes, so as to implement the method for forwarding the data packet provided in the embodiment of the present application.
In practical use, the Netfilter firewall is usually a packet processing module inside the kernel layer of the Linux operating system, and usually has the following functions: network address translation, packet content modification, packet filtering, etc., and the above nodes are also called mount points or callback function points, so as to mount the registered callback functions, and when the network packet arrives at these locations, the callback number can be actively called, so as to change the routing direction when the network packet is routed. Specifically, as shown IN fig. 2, the nodes of the Linux kernel netfilter firewall architecture include PRE _ ROUTING, LOCAL _ IN, LOCAL _ OUT, FORWARD, POST _ ROUTING, and the like, and IN the embodiment of the present application, determining the abnormality of the network packet and forwarding the network packet are implemented based on these nodes. Therefore, on the basis of fig. 1 and fig. 2, fig. 3 further shows a flowchart of another packet forwarding method, and further describes the data forwarding process of the embodiment of the present application, as shown in fig. 3, including the following steps:
step S302, acquiring a network packet received by the network equipment;
specifically, based on the firewall architecture shown in fig. 2, a network packet may enter the network device at the two-layer processing module, and then be transmitted to the next node along the propagation link according to the direction indicated by the arrow, so as to further perform the following steps.
Step S304, extracting the packet information of the network packet; wherein, the package information includes at least one of the following: protocol type and identity ID;
step S306, judging whether the network packet is an abnormal packet according to the packet information;
step S308, if yes, setting an abnormal identifier for the abnormal packet;
in actual use, considering that the protocol types of the network packets can be various, therefore, for the network packets of different protocol types, when judging whether the network packets are abnormal packets, the judging process is also different, specifically, if the protocol type of the network packet is an ICMP packet, after extracting packet information, the category identification of the ICMP packet can be obtained; then judging whether the category identification is a preset abnormal identification; if yes, determining that the network packet is an abnormal packet.
Further, in order to determine whether the ICMP packet is an abnormal packet, a comparison table of the category identifier of the ICMP packet is generally stored in advance in the network device, so that when packet information of the network packet is extracted, whether the category identifier is an abnormal identifier is determined in an inquiry manner, and then whether the ICMP packet is an abnormal packet is determined.
For ease of understanding, table 1 shows a table of mapping class identifiers of ICMP packets, as shown in table 1:
in table 1, the Message Type in the first column is a class identifier, and the second column is a corresponding ICMP Message function, generally, if the class identifier of the ICMP packet extracted in step S304 is the class identifier in the first column, it may be determined that the ICMP packet is an abnormal packet, then step S308 is continuously performed to set an abnormal identifier for the abnormal packet, if the class identifier of the ICMP packet extracted in step S304 is not any one of the class identifiers in the first column in table 1, it is described that the ICMP packet is a normal network packet, then the network packet is normally forwarded according to the propagation link shown in fig. 2, and at this time, each node of the firewall architecture processes and forwards the network packet according to a conventional processing method.
It should be understood that table 1 shows only one possible comparison table of class identifiers of ICMP packets, and in other embodiments, the content of the comparison table may be set according to actual use situations, for example, the class identifiers may also have other identifiers, or some disabled identifiers are removed, and the like, and the present application is not limited thereto.
In actual use, based on the firewall architecture shown in fig. 2, the processing procedure of the ICMP packet may be implemented at the PRE _ ROUTING node, and at this time, the PRE _ ROUTING node is used as a detection node in the embodiment of the present application, and may detect the class identifier of the ICMP packet, so as to determine whether the ICMP packet is an abnormal packet.
Further, if the protocol type of the network packet is a DNS packet, acquiring a DNS code of the DNS packet; judging whether the DNS code is a preset abnormal code or not; if yes, determining that the network packet is an abnormal packet.
In a specific implementation, the network device may also pre-store an abnormal code table of the DNS packet, and when it is determined that the network packet is the DNS packet according to the protocol type of the packet information, may further obtain a DNS code of the DNS packet, and determine whether the DNS packet is the abnormal packet by querying the abnormal code table.
Further, the DNS code generally refers to RCODE in the DNS packet, and the processing procedure for the DNS packet may also be implemented in the PRE _ ROUTING node of the firewall architecture shown in fig. 2, where the PRE _ ROUTING node is still a detection node in the embodiment of the present application, and may detect the DNS code of the DNS packet, and further determine whether the DNS packet is an abnormal packet.
In addition, the forwarding method of the data packet provided in the embodiment of the present application may further process the game packet, specifically, if the identity ID of the network packet is the game packet, determine whether a time interval for receiving the game packet is greater than a preset time interval; if yes, determining that the network packet is an abnormal packet.
Specifically, taking the game packet of the hand game as an example, most of the present hand games themselves also have the function of detecting the network latency, mainly through several common ways to detect, for example, establishing a special UDP port to receive and send the game packet at a specific timing, or sending the game packet with a fixed size at a specific timing, and so on. In the embodiment of the present invention, the Linux kernel netfilter firewall architecture is used to monitor the entry and exit of all game packets at the kernel end, so that, in the embodiment of the present invention, through the steps S304 to S306, the kernel end determines which network packets are game packets for the hand game application by determining the identity ID, specifically, whether the current network is abnormal can be determined by the special timing monitoring behavior of each game, for example, whether the time interval for receiving the game packet is greater than the preset time interval or not can be determined by the special timing monitoring behavior. If the time interval is larger than the preset time interval, the network is abnormal, the received network packet is an abnormal packet at the moment, different mark values can be marked on the next network packet, and different routing tables can be inquired by matching different mark values, so that the data packet can access the network through different interfaces.
Specifically, based on the firewall architecture shown IN fig. 2, the processing of the game packet may be performed at the LOCAL _ IN node IN fig. 2, and after the network packet enters the network device through the data packet entry IN fig. 2, the network packet may be transmitted to the LOCAL _ IN node through the PRE _ ROUTING node along the propagation link, and then it is determined at the LOCAL _ IN node whether the time interval for receiving the game packet is greater than the preset time interval, and if so, it is determined that the network packet is an abnormal packet.
In addition, for the game package, the game type can be judged through the package information carried by the game package, so as to detect whether the game sends a special UDP package behavior, and if the timed sending behavior is detected, whether the compartment time of each package is regular can be judged according to the behavior. If not, the network environment may be poor at that time, resulting in packet loss or delay. For example, a game application a sends a 60-length packet every 3 seconds, so we should monitor that a 60-length udp packet is received every 3 seconds at the kernel. If the time interval is suddenly lengthened or lost, it can be determined that the network quality is poor and causes a delay, and at this time, the following step S310 can be continuously executed to forward the game packet to maintain the game experience.
Step S310, searching for routing information corresponding to the abnormal identifier in a preset routing table, and forwarding the network packet according to the searched routing information.
Specifically, in this step, the step of forwarding the network packet according to the found routing information includes: switching a first network currently used by the network equipment to a standby second network according to the searched routing information; and forwarding the network packet through the second network according to the routing information.
In practical use, the first network and the second network may be a wireless wifi network and a telecommunication data network, and therefore, the first network is switched to the standby second network, and the wireless wifi network is switched to the telecommunication data network. The first network and the second network can also be a 5G telecommunication data network and a 4G telecommunication data network, so that the first network is switched to the standby second network, and the wireless 5G telecommunication data network is switched to the 4G telecommunication data network.
Further, after the first network currently used by the network device is switched to the standby second network, the number of network packets forwarded through the second network can be continuously recorded; if the number of the network packets forwarded by the second network exceeds a preset number threshold, the second network can be further switched to the first network, namely, switching between the wireless wifi network and the telecommunication data network is realized, or switching between the 5G telecommunication data network and the 4G telecommunication data network is realized.
In practical use, the above-mentioned switching process is rather a fallback mechanism, so as to prevent the network from returning to the first network interface for transmission after switching to the second network, and in a specific implementation, one interface that automatically switches back can try to transmit in every 10 or 20 packets/DNS queries/transmissions. If the first interface has normal interaction, the subsequent network packet can be switched back to the first network for transmission. If the first network is still abnormal, the second network interface is continuously used for sending the network packet, so that the normal network sending is kept.
Further, on the basis of the foregoing embodiments, an embodiment of the present application further provides a forwarding apparatus for a data packet, which is applied to a network device, and as shown in fig. 4, the apparatus includes:
a determining module 40, configured to obtain a network packet received by the network device, and determine whether the network packet is an abnormal packet;
a setting module 42, configured to set an abnormal identifier for the abnormal packet if the determination result of the determining module is yes;
a forwarding module 44, configured to search routing information corresponding to the abnormal identifier in a preset routing table, and forward the network packet according to the searched routing information.
The forwarding device for the data packet provided in the embodiment of the present application has the same technical features as the forwarding method for the data packet provided in the above embodiment, so that the same technical problems can be solved, and the same technical effects can be achieved.
Further, an embodiment of the present application further provides a network device, which includes a memory, a processor, and a computer program stored in the memory and executable on the processor, and when the processor executes the computer program, the method described in fig. 1 or fig. 3 is implemented.
Further, an embodiment of the present application further provides a schematic structural diagram of a network device, as shown in fig. 5, which is a schematic structural diagram of the network device, where the network device includes a processor 101 and a memory 100, the memory 100 stores computer-executable instructions capable of being executed by the processor 101, and the processor 101 executes the computer-executable instructions to implement the forwarding method of the data packet.
In the embodiment shown in fig. 5, the network device further comprises a bus 102 and a communication interface 103, wherein the processor 101, the communication interface 103 and the memory 100 are connected by the bus 102.
The Memory 100 may include a high-speed Random Access Memory (RAM) and may further include a non-volatile Memory (non-volatile Memory), such as at least one disk Memory. The communication connection between the network element of the system and at least one other network element is realized through at least one communication interface 103 (which may be wired or wireless), and the internet, a wide area network, a local network, a metropolitan area network, and the like can be used. The bus 102 may be an ISA (Industry Standard Architecture) bus, a PCI (Peripheral Component Interconnect) bus, an EISA (Extended Industry Standard Architecture) bus, or the like. The bus 102 may be divided into an address bus, a data bus, a control bus, etc. For ease of illustration, only one double-headed arrow is shown in FIG. 5, but this does not indicate only one bus or one type of bus.
The processor 101 may be an integrated circuit chip having signal processing capabilities. In implementation, the steps of the above method may be performed by integrated logic circuits of hardware or instructions in the form of software in the processor 101. The Processor 101 may be a general-purpose Processor, and includes a Central Processing Unit (CPU), a Network Processor (NP), and the like; the device can also be a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), a Field Programmable Gate Array (FPGA) or other Programmable logic device, a discrete Gate or transistor logic device, or a discrete hardware component. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like. The steps of the method disclosed in connection with the embodiments of the present application may be directly implemented by a hardware decoding processor, or implemented by a combination of hardware and software modules in the decoding processor. The software module may be located in ram, flash memory, rom, prom, or eprom, registers, etc. storage media as is well known in the art. The storage medium is located in the memory, and the processor 101 reads the information in the memory, and completes the steps of the packet forwarding method of the foregoing embodiment in combination with the hardware thereof.
Further, an embodiment of the present application also provides a computer-readable storage medium, on which a computer program is stored, where the computer program is executed by a processor to perform the method shown in fig. 1 or fig. 3.
The method, the apparatus, and the computer program product for network device for forwarding a data packet provided in this embodiment of the present application include a computer-readable storage medium storing a program code, where instructions included in the program code may be used to execute the method described in the foregoing method embodiment, and specific implementation may refer to the method embodiment, which is not described herein again.
It can be clearly understood by those skilled in the art that, for convenience and brevity of description, the specific working processes of the network device and the apparatus described above may refer to the corresponding processes in the foregoing method embodiments, and are not described herein again.
In addition, in the description of the embodiments of the present application, unless otherwise explicitly specified or limited, the terms "mounted," "connected," and "connected" are to be construed broadly, e.g., as meaning either a fixed connection, a removable connection, or an integral connection; can be mechanically or electrically connected; they may be connected directly or indirectly through intervening media, or they may be interconnected between two elements. The specific meaning of the above terms in the present application can be understood in specific cases to those skilled in the art.
The functions, if implemented in the form of software functional units and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present application or portions thereof that substantially contribute to the prior art may be embodied in the form of a software product stored in a storage medium and including instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present application. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and other various media capable of storing program codes.
In the description of the present application, it is noted that the terms "first", "second", and "third" are used for descriptive purposes only and are not to be construed as indicating or implying relative importance.
Finally, it should be noted that: the above examples are only specific embodiments of the present application, and are not intended to limit the technical solutions of the present application, and the scope of the present application is not limited thereto, although the present application is described in detail with reference to the foregoing examples, those skilled in the art should understand that: any person skilled in the art can modify or easily conceive the technical solutions described in the foregoing embodiments or equivalent substitutes for some technical features within the technical scope disclosed in the present application; such modifications, changes or substitutions do not depart from the spirit and scope of the exemplary embodiments of the present application, and are intended to be covered by the scope of the present application. Therefore, the protection scope of the present application shall be subject to the protection scope of the claims.
Claims (11)
1. A method for forwarding a data packet, applied to a network device, the method comprising:
acquiring a network packet received by the network equipment, and judging whether the network packet is an abnormal packet or not;
if yes, setting an abnormal identifier for the abnormal packet;
and searching the routing information corresponding to the abnormal identifier in a preset routing table, and forwarding the network packet according to the searched routing information.
2. The method of claim 1, wherein the network device is configured with a firewall architecture, the firewall architecture comprises a plurality of detection nodes, each detection node is registered with a preset callback function, and the plurality of detection nodes are connected in sequence to form a propagation link of the network packet.
3. The method of claim 2, wherein the step of determining whether the network packet is an abnormal packet comprises:
extracting the packet information of the network packet; wherein the packet information includes at least one of: protocol type and identity ID;
and judging whether the network packet is an abnormal packet or not according to the packet information.
4. The method of claim 3, wherein the step of determining whether the network packet is an abnormal packet according to the packet information comprises:
if the protocol type of the network packet is an ICMP packet, acquiring the category identification of the ICMP packet;
judging whether the category identification is a preset abnormal identification;
if so, determining that the network packet is an abnormal packet.
5. The method of claim 3, wherein the step of determining whether the network packet is an abnormal packet according to the packet information comprises:
if the protocol type of the network packet is a DNS packet, acquiring a DNS code of the DNS packet;
judging whether the DNS code is a preset abnormal code or not;
if so, determining that the network packet is an abnormal packet.
6. The method of claim 3, wherein the step of determining whether the network packet is an abnormal packet according to the packet information comprises:
if the identity ID of the network packet is a game packet, judging whether the time interval for receiving the game packet is greater than a preset time interval;
if so, determining that the network packet is an abnormal packet.
7. The method according to claim 1, wherein the step of forwarding the network packet according to the found routing information comprises:
switching a first network currently used by the network equipment to a standby second network according to the searched routing information;
and forwarding the network packet through the second network according to the routing information.
8. The method of claim 7, further comprising:
after a first network currently used by the network equipment is switched to a standby second network, recording the number of the network packets forwarded by the second network;
and if the number of the network packets forwarded by the second network exceeds a preset number threshold, switching the second network to the first network.
9. An apparatus for forwarding a data packet, applied to a network device, the apparatus comprising:
the judging module is used for acquiring the network packet received by the network equipment and judging whether the network packet is an abnormal packet or not;
the setting module is used for setting an abnormal identifier for the abnormal packet when the judgment result of the judging module is yes;
and the forwarding module is used for searching the routing information corresponding to the abnormal identifier in a preset routing table and forwarding the network packet according to the searched routing information.
10. A network device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, wherein the processor implements the method of any of claims 1-8 when executing the computer program.
11. A computer-readable storage medium, characterized in that a computer program is stored on the computer-readable storage medium, which computer program, when being executed by a processor, is adapted to carry out the method of any of the preceding claims 1-8.
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202010595491.4A CN113839860A (en) | 2020-06-24 | 2020-06-24 | Data packet forwarding method and device and network equipment |
PCT/CN2021/102033 WO2021259352A1 (en) | 2020-06-24 | 2021-06-24 | Data packet forwarding method and apparatus, and network device |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202010595491.4A CN113839860A (en) | 2020-06-24 | 2020-06-24 | Data packet forwarding method and device and network equipment |
Publications (1)
Publication Number | Publication Date |
---|---|
CN113839860A true CN113839860A (en) | 2021-12-24 |
Family
ID=78964994
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202010595491.4A Pending CN113839860A (en) | 2020-06-24 | 2020-06-24 | Data packet forwarding method and device and network equipment |
Country Status (2)
Country | Link |
---|---|
CN (1) | CN113839860A (en) |
WO (1) | WO2021259352A1 (en) |
Families Citing this family (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN114584485B (en) * | 2022-01-30 | 2023-10-31 | 阿里巴巴(中国)有限公司 | Method, apparatus, device and computer readable storage medium for detecting edge network quality |
CN115396337B (en) * | 2022-08-10 | 2023-06-06 | 广州天懋信息系统股份有限公司 | Routing anomaly detection method, system, storage medium and electronic equipment |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20080212609A1 (en) * | 2007-03-02 | 2008-09-04 | Hitachi Communication Technologies, Ltd. | ICMP translator |
CN101355494A (en) * | 2007-07-25 | 2009-01-28 | 华为技术有限公司 | Transmission method, system and router based on BGP |
US20140211772A1 (en) * | 2013-01-31 | 2014-07-31 | Hon Hai Precision Industry Co., Ltd. | Multi-wan device and method of updating routing table |
CN105429880A (en) * | 2014-09-03 | 2016-03-23 | 国基电子(上海)有限公司 | Network equipment and method for performing router forwarding by network equipment |
CN106972956A (en) * | 2017-03-08 | 2017-07-21 | 北京航天自动控制研究所 | The control method and device of the network equipment |
Family Cites Families (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102457430B (en) * | 2010-10-20 | 2015-04-08 | 正文科技股份有限公司 | Network package processing method and routing equipment |
US10382321B1 (en) * | 2017-03-28 | 2019-08-13 | Juniper Networks, Inc. | Aggregate link bundles in label switched paths |
CN107342979A (en) * | 2017-06-02 | 2017-11-10 | 华为技术有限公司 | Handle the method and terminal device of package |
-
2020
- 2020-06-24 CN CN202010595491.4A patent/CN113839860A/en active Pending
-
2021
- 2021-06-24 WO PCT/CN2021/102033 patent/WO2021259352A1/en active Application Filing
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20080212609A1 (en) * | 2007-03-02 | 2008-09-04 | Hitachi Communication Technologies, Ltd. | ICMP translator |
CN101355494A (en) * | 2007-07-25 | 2009-01-28 | 华为技术有限公司 | Transmission method, system and router based on BGP |
US20140211772A1 (en) * | 2013-01-31 | 2014-07-31 | Hon Hai Precision Industry Co., Ltd. | Multi-wan device and method of updating routing table |
CN105429880A (en) * | 2014-09-03 | 2016-03-23 | 国基电子(上海)有限公司 | Network equipment and method for performing router forwarding by network equipment |
CN106972956A (en) * | 2017-03-08 | 2017-07-21 | 北京航天自动控制研究所 | The control method and device of the network equipment |
Non-Patent Citations (1)
Title |
---|
BEHROUZ A.FOROUZAN,SOPHIA CHUNG FEGAN著;谢希仁译: "《TCP/IP协议族》", 30 September 2001, 清华大学出版社 * |
Also Published As
Publication number | Publication date |
---|---|
WO2021259352A1 (en) | 2021-12-30 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US10798060B2 (en) | Network attack defense policy sending method and apparatus, and network attack defending method and apparatus | |
US9923984B2 (en) | Methods, systems, and computer readable media for remote authentication dial in user service (RADIUS) message loop detection and mitigation | |
US8281397B2 (en) | Method and apparatus for detecting spoofed network traffic | |
US10148573B2 (en) | Packet processing method, node, and system | |
US20110093612A1 (en) | Device, method and computer readable medium for bgp route monitoring | |
JPWO2005036831A1 (en) | Frame relay device | |
US7854000B2 (en) | Method and system for addressing attacks on a computer connected to a network | |
CN106656857B (en) | Message speed limiting method and device | |
US20060133287A1 (en) | Frame forwarding device and method for staying loop of frame | |
CN112994983B (en) | Flow statistical method and device and electronic equipment | |
EP2506506A1 (en) | Method, apparatus and system for controlling network traffic switch | |
CN111200611B (en) | Method and device for verifying intra-domain source address based on boundary interface equivalence class | |
CN113839860A (en) | Data packet forwarding method and device and network equipment | |
CN111010409A (en) | Encryption attack network flow detection method | |
CN113595891A (en) | Data communication method and device and electronic equipment | |
CN111327545B (en) | Data sending method and device, network system and switch | |
WO2019096104A1 (en) | Attack prevention | |
JP3581345B2 (en) | Packet transfer device and packet transfer method | |
CN107690004A (en) | The processing method and processing device of address analysis protocol message | |
CN111953810B (en) | Method, device and storage medium for identifying proxy internet protocol address | |
CN106254433B (en) | Method and device for establishing TCP communication connection | |
CN111327530B (en) | Data sending method and device, network system and switch | |
CN110808967B (en) | Detection method for challenging black hole attack and related device | |
CN107528929B (en) | ARP (Address resolution protocol) entry processing method and device | |
CN112787925A (en) | Congestion information collection method, optimal path determination method and network switch |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20211224 |