CN116781497A - Abnormal feedback and fault positioning method, network node and storage medium - Google Patents
Abnormal feedback and fault positioning method, network node and storage medium Download PDFInfo
- Publication number
- CN116781497A CN116781497A CN202210238228.9A CN202210238228A CN116781497A CN 116781497 A CN116781497 A CN 116781497A CN 202210238228 A CN202210238228 A CN 202210238228A CN 116781497 A CN116781497 A CN 116781497A
- Authority
- CN
- China
- Prior art keywords
- address
- node
- message forwarding
- message
- pseudo
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 60
- 238000003860 storage Methods 0.000 title claims abstract description 16
- 230000002159 abnormal effect Effects 0.000 title abstract description 7
- 230000006870 function Effects 0.000 claims description 16
- 238000004590 computer program Methods 0.000 claims description 10
- 238000010586 diagram Methods 0.000 description 19
- 230000004807 localization Effects 0.000 description 9
- 238000012544 monitoring process Methods 0.000 description 5
- 238000012545 processing Methods 0.000 description 5
- 238000013507 mapping Methods 0.000 description 4
- 230000004044 response Effects 0.000 description 3
- 230000004888 barrier function Effects 0.000 description 2
- 238000005242 forging Methods 0.000 description 2
- 238000011835 investigation Methods 0.000 description 2
- 230000008569 process Effects 0.000 description 2
- 238000004519 manufacturing process Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000009467 reduction Effects 0.000 description 1
- 230000001360 synchronised effect Effects 0.000 description 1
- 239000002699 waste material Substances 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/06—Management of faults, events, alarms or notifications
- H04L41/0677—Localisation of faults
Abstract
The disclosure provides an abnormal feedback and fault positioning method, a network node and a storage medium, and relates to the technical field of network security. An anomaly feedback method of the present disclosure includes: under the condition that the message forwarding node determines that the message forwarding is overtime, determining the pseudo address of the message forwarding node; generating timeout information by taking the pseudo address as a source address; and feeding back the timeout information to the source node of the message. By such a method, the security of the network is improved.
Description
Technical Field
The disclosure relates to the technical field of network security, in particular to an abnormal feedback and fault positioning method, a network node and a storage medium.
Background
When a network fails, the related art uses the Tracert protocol to perform network failure removal. Each router on the message forwarding path can feed back its own IP (Internet Protocol ) address to the sending end of the message, and the network management node can determine the relevant fault node based on the message carrying the IP address, so as to perform fault location operation.
Disclosure of Invention
It is an object of the present disclosure to improve network security.
According to an aspect of some embodiments of the present disclosure, an anomaly feedback method is provided, including: under the condition that the message forwarding node determines that the message forwarding is overtime, determining the pseudo address of the message forwarding node; generating timeout information by taking the pseudo address as a source address; and feeding back the timeout information to the source node of the message.
In some embodiments, the source node of the message includes a network management node, and the network management node determines an address of the message forwarding node corresponding to the pseudo address according to the timeout information.
In some embodiments, determining the pseudo address of the packet forwarding node includes: the message forwarding node determines the pseudo address according to the corresponding relation between the address of the pre-stored message forwarding node and the pseudo address.
In some embodiments, the packet forwarding node and/or the network management node pre-stores a correspondence between the pseudo address and the address of the packet forwarding node.
In some embodiments, the anomaly feedback method further comprises: the message forwarding nodes receive the corresponding relations from the network management nodes, wherein the network management nodes synchronize the corresponding relations to each message forwarding node.
In some embodiments, after receiving a message and performing an operation of subtracting 1 from a TTL (Time To Live) value, if the TTL is determined To be 0, the message forwarding node determines that the message forwarding is overtime.
In some embodiments, the Ping (Packet Internet Groper, internet packet explorer) function of the packet forwarding node can be configured to an on state.
According to an aspect of some embodiments of the present disclosure, a fault localization method is provided, including: the network management node obtains overtime information from the message forwarding node; determining a source address carried by the overtime information, wherein the message forwarding node generates the overtime information under the condition that the message forwarding overtime is determined, and the source address is a pseudo address of the source node of the overtime information; and determining the address of the message forwarding node according to the source address.
In some embodiments, the network management node pre-stores the corresponding relationship between the pseudo address and the address of the message forwarding node; determining the address of the message forwarding node according to the source address comprises: and matching the source address with a pre-stored pseudo address, and determining a message forwarding address corresponding to the pseudo address matched with the source address.
In some embodiments, the fault localization method further comprises: and the network management node performs network fault positioning according to the address of the message forwarding node.
According to an aspect of some embodiments of the present disclosure, there is provided a message forwarding node, including: a pseudo address determining unit configured to determine a pseudo address of the message forwarding node in case of timeout of message forwarding; a timeout information generation unit configured to generate timeout information using the pseudo address as a source address; and the feedback unit is configured to feed back the timeout information to the source node of the message.
In some embodiments, the message forwarding further comprises: and the forwarding timeout determining unit is configured to determine that the message is forwarded timeout if the TTL is determined to be 0 after receiving the message and executing the operation of subtracting 1 from the TTL.
In some embodiments, the message forwarding further comprises: and the Ping function unit is configured to be allowed to be set to an on state, and receives Ping messages and feeds back in the on state.
According to an aspect of some embodiments of the present disclosure, there is provided a network management node, including: the overtime information receiving unit is configured to acquire overtime information from the message forwarding node; the message forwarding node generates timeout information under the condition that the message forwarding timeout is determined, and the source address is the pseudo address of the source node of the timeout information; and an address determination unit configured to determine an address of the message forwarding node based on the source address.
In some embodiments, the network management node further comprises: the relation storage unit is configured to store the corresponding relation between the pseudo address and the address of the message forwarding node; the address determining unit is configured to match the source address with a pre-stored pseudo address and determine a message forwarding address corresponding to the pseudo address matched with the source address.
In some embodiments, the network management node further comprises: and the fault locating unit is configured to perform network fault locating according to the address of the message forwarding node.
According to an aspect of some embodiments of the present disclosure, there is provided a network node comprising: a memory; and a processor coupled to the memory, the processor configured to perform any of the methods above based on instructions stored in the memory.
According to an aspect of some embodiments of the present disclosure, a computer-readable storage medium is presented, on which computer program instructions are stored, which instructions, when executed by a processor, implement the steps of any one of the methods above.
According to an aspect of some embodiments of the present disclosure, there is provided a network system comprising: the message forwarding nodes are configured to execute any one of the abnormal feedback methods; and a network management node configured to perform any one of the above fault locating methods.
Drawings
The accompanying drawings, which are included to provide a further understanding of the disclosure, illustrate and explain the present disclosure, and together with the description serve to explain the present disclosure. In the drawings:
FIG. 1 is a flow chart of some embodiments of the anomaly feedback method of the present disclosure.
Fig. 2 is a flow chart of some embodiments of the fault localization method of the present disclosure.
FIG. 3A is a schematic diagram of some embodiments of the anomaly feedback and fault localization methods of the present disclosure.
FIG. 3B is a schematic diagram of further embodiments of the anomaly feedback and fault localization methods of the present disclosure.
Fig. 4 is a schematic diagram of some embodiments of a packet forwarding node of the present disclosure.
Fig. 5 is a schematic diagram of some embodiments of a network management node of the present disclosure.
Fig. 6 is a schematic diagram of some embodiments of a network node of the present disclosure.
Fig. 7 is a schematic diagram of further embodiments of a network node of the present disclosure.
Fig. 8 is a schematic diagram of some embodiments of a network system of the present disclosure.
Detailed Description
The technical scheme of the present disclosure is described in further detail below through the accompanying drawings and examples.
The inventors have found that ICMP (Internet Control Message Protocol ) reply messages pose two risks after route tracing is initiated:
1) The ICMP response message is intercepted maliciously, the IP address of the operator equipment is obtained, and then the operator equipment resources can be consumed in a mode of densely forging the ping message;
2) Based on the real IP address in the ICMP response message, the user can construct the topological structure of the operator network, and the security and business risk are high.
In order to solve the above-mentioned problems, the present disclosure proposes an abnormal feedback method and a corresponding fault locating method, which avoid address leakage caused by ICMP response messages.
On the packet forwarding node side, a flowchart of some embodiments of the anomaly feedback method of the present disclosure is shown in fig. 1.
In step 112, the message forwarding node determines a pseudo address of the message forwarding node if it is determined that the message forwarding is timeout. In some embodiments, the message forwarding node may be a router, and in some embodiments, the message forwarding node may be an operator network router.
In some embodiments, the packet forwarding node may store its own pseudo address, and determine its own pseudo address by querying the store. In some embodiments, the message forwarding node may pre-store a corresponding relationship between a real address and a pseudo address of the message forwarding node, and determine the pseudo address according to the pre-stored corresponding relationship between the address (real address) of the message forwarding node and the pseudo address. In step 114, the message forwarding node uses the pseudo address as a source address and generates timeout information. In some embodiments, the message forwarding node uses the source node address of the message with the forwarding timeout as the destination address.
In step 116, timeout information is fed back to the source node of the message so that the network management node determines the address of the message forwarding node corresponding to the pseudo address. In some embodiments, the network management node may obtain the timeout information by listening. In some embodiments, the network management node may monitor the downlink outlet of the network to the user, and acquire the timeout information.
In some embodiments, the network management node may be a source node of the message forwarded with the timeout, so that the timeout information may be directly fed back to the network management node, and compared with a manner of acquiring the timeout information through monitoring, consumption of network management resources can be avoided.
Based on the above embodiment, the timeout information does not carry the real address information of the message forwarding node, if the timeout information is revealed, the disclosure is a pseudo IP address, and a hacker cannot attack the message forwarding node through the pseudo IP address, so that DDOS (Distributed denial of service attack ) attack of the hacker is fundamentally prevented, and the security of the network is improved.
In some embodiments, the network management node may pre-store the correspondence between the address and the pseudo address of each packet forwarding node and synchronize the address and pseudo address to each packet forwarding node, so that the packet forwarding node can determine its pseudo address according to the synchronized correspondence when determining that the packet forwarding is overtime. By the method, consistency of the corresponding relation stored in the network management node and the message forwarding node can be ensured, the pseudo address can be correctly restored to the real address, and the network management fault positioning accuracy is improved.
In some embodiments, the Ping function of the message forwarding node may be set to a continuously on state, so as to improve the flexibility of the setting. In the related art, in order to prevent hackers from forging dense Ping or tracert messages to consume equipment resources, an operator network device may set a Ping disabling function, or may greatly reduce the number of times that an ICMP echo message is generated by the network by limiting the number of Ping message processing per second, thereby limiting the consumption of equipment computing resources. However, in the case that a hacker counterfeits a dense Ping message, a normal Ping message is submerged in the counterfeited message with a high probability, and cannot be responded to. In the method, the hacker cannot acquire the address of the message forwarding node through the timeout information, and cannot attack the message forwarding node through the pseudo address, so that the starting of the Ping function cannot cause the condition of being attacked by the hack to forge the dense Ping message, and network security is ensured, and meanwhile, network fault positioning convenience and efficiency are improved. In some embodiments, the Ping function of the message forwarding node is set to be in an on state, so that the network management node is convenient for monitoring the message forwarding node and fault positioning and fault removing operations.
On the network management node side, a flowchart of some embodiments of the fault localization method of the present disclosure is shown in fig. 2.
In step 222, the network management node obtains timeout information from the message forwarding node. In some embodiments, the message forwarding node generates timeout information if it determines that the message forwarding is timeout. In some embodiments, the message forwarding node may generate and transmit timeout information based on the manner in the embodiment shown in fig. 1. In some embodiments, the network management node may extract the time-out information forwarded in the network, for example by listening to obtain the time-out information. In some embodiments, the network management node may monitor the downlink outlet of the network to the user, and acquire the timeout information. In some embodiments, the message with the overtime forwarding may be a message sent by a network management node, and the destination address of the overtime information is the network management node, so that the monitoring operation is not required to be executed, and the consumption of resources of the network management node is avoided.
In step 224, the network management node determines a source address carried by the timeout information, where the source address is a pseudo address of the message forwarding node.
In step 226, the address of the message forwarding node is determined based on the source address. In some embodiments, the network management node may pre-store the correspondence between each pseudo address and the address of the message forwarding node, perform an address matching operation with each pseudo address in the correspondence by using the source address determined in step 224 as a matching object, and determine the address of the message forwarding node corresponding to the successfully matched pseudo address, that is, the real address of the source node of the timeout information. In some embodiments, the pseudo address in the network management node and the address of the packet forwarding node may be stored in the form of a mapping table.
Based on the mode in the above embodiment, the overtime information does not need to carry the real address of the message forwarding node, and the network management node can restore the address based on the pseudo address carried in the overtime information and the corresponding relation stored by itself, so as to determine the real address of the message forwarding node, thereby fundamentally preventing DDOS attack of hackers and improving the security of the network while realizing the overtime information tracing. In some embodiments, the network management node is a network management device of an operator, so that the security of the network of the operator is improved, a great amount of resource waste caused by the topology leakage and attack of the network of the operator is avoided, and the reliability of the service of the operator is improved.
In some embodiments, as shown in FIG. 2, the fault localization method further includes step 228. In step 228, the network management node performs network failure location according to the address of the message forwarding node. Based on the mode in the embodiment, the network management node can utilize the address of the message forwarding node obtained by matching to conduct investigation, and the network obstacle removing efficiency is improved. In some embodiments, the Ping function of the message forwarding node is continuously turned on, and the network management node can check by using the Ping function according to the forwarding path, so that the network security is ensured, and meanwhile, the barrier removal efficiency and convenience are further improved.
A schematic diagram of some embodiments of the anomaly feedback and fault localization methods of the present disclosure is shown in fig. 3A.
User 301 sends a message to user 302, such as an echo request message, ttl=3, icmp type=8, for route tracking. Router 311 receives the message to find that the destination address is not itself, and forwards the message to next hop router 312 with TTL-1=2. Router 312 receives the message to find that the destination address is not itself, and forwards TTL-1=1 and the message to next hop router 313. The router 313 determines ttl=1, performs TTL-1=0, discards the packet, and uses the source address (address of the user 301) in the packet as the destination address. Unlike the related art carrying the own real address of the router 313, in the present disclosure, the router 313 queries the stored mapping relationship between the own real address and the pseudo address, and sends the own pseudo IP address as the source address to the user 301 as a TTL timeout message with ICMP type=11. Based on the manner in this embodiment, after the user 301 obtains the ICMP over-time packet, the source address of the over-time packet is read from the IP packet header, where the address is a pseudo address of the router 313, so that the user 301 cannot obtain the real address of the router 313, thereby avoiding the user from building a topology structure of the operator network and improving protection of the operator network.
A schematic diagram of further embodiments of the anomaly feedback and fault localization methods of the present disclosure is shown in fig. 3B. When n is greater than 3, for example, and the ttl=3 of the packet received by the router 311 is similar to the procedure in the embodiment shown in fig. 3A, the router 313 determines ttl=1, executes TTL-1=0, discards the packet, uses the source address (address of the network management node 32) in the packet as the destination address, and uses the pseudo IP address of the router 313 as the source address to send the TTL timeout packet of ICMP type=11 to the network management node 32. The network management node can restore the pseudo IP address to a real address by means of the corresponding relationship stored in the network management node, so as to determine the real address of the router 313, and use the real address as the information of network fault location.
In addition, for the embodiment shown in fig. 3A and 3B, if the timeout message is acquired by a hacker, the attack initiated by the hacker is directed to the wrong address. In some embodiments, a hacker may launch an attack on himself with a pseudo address of 127.0.0.1. In some embodiments, the pseudo address of one of the message forwarding nodes may be set to 127.0.0.1, so that the hacker device is interfered, and network security is further improved. In addition, after the network management node obtains the ICMP timeout message, the source address of the timeout message is read from the IP message header, and the address is used as a pseudo address to query the mapping table of the pseudo address and the real address of the router, so as to obtain the address of the router 313, and promote normal fault location work.
A schematic diagram of some embodiments of a packet forwarding node 41 of the present disclosure is shown in fig. 4.
The pseudo address determining unit 411 can determine a pseudo address of a message forwarding node in case of a message forwarding timeout.
The timeout information generation unit 412 can generate timeout information using the pseudo address as a source address. In some embodiments, the timeout information generating unit 412 takes the source node address of the message with the forwarding timeout as the destination address, and carries the first 64 bits of the message with the forwarding timeout, and in some embodiments, the first 64 bits of the message include the source address and the destination address of the message with the forwarding timeout, so as to facilitate tracing the source of the message.
The feedback unit 413 can feed back the timeout information to the source node of the message. In some embodiments, after receiving the timeout information, the network management node may determine an address of the packet forwarding node corresponding to the pseudo address.
If the overtime information is revealed, the revealed false IP address is revealed, and a hacker cannot attack the message forwarding node through the false IP address, so that DDOS attack of the hacker is fundamentally prevented, and the security of the network is improved.
In some embodiments, as shown in fig. 4, the packet forwarding node 41 may further include a forwarding timeout determining unit 414, capable of performing an operation on TTL-1, and determining that the packet forwarding is timeout if ttl=0 is obtained after performing the operation of ttl=ttl-1. In some embodiments, the type identifier carried in the timeout information generated by the timeout information generating unit 412 is 11.
The message forwarding node can improve the ICMP overtime (TTL exceeded) message in the related technology, avoid potential safety hazards caused by the fact that the overtime message leaks the real address of the network equipment, and improve network security.
In some embodiments, as shown in fig. 4, the message forwarding node 41 may further include a Ping function unit 415 that is continuously turned on and capable of receiving Ping messages and feeding back. In the method, the hacker cannot acquire the address of the message forwarding node through the overtime information, and cannot attack the message forwarding node through the pseudo IP address, so that the starting of the Ping function cannot cause the condition of being attacked by the hack dense Ping message, and the message forwarding node ensures the network security and improves the convenience and efficiency of network barrier removal.
A schematic diagram of some embodiments of the network management node 52 of the present disclosure is shown in fig. 5.
The timeout information receiving unit 521 is capable of obtaining timeout information from a message forwarding node that, in some embodiments, generates timeout information if it is determined that the message forwarding is timeout. In some embodiments, the timeout information receiving unit 521 may extract the forwarded timeout information in the network, for example, by listening to obtain the timeout information. In some embodiments, the timeout information receiving unit 521 may monitor the downlink outlet of the network to the user to obtain the timeout information.
The pseudo address obtaining unit 522 can determine a source address carried by the timeout information, where the source address is a pseudo address of the packet forwarding node.
The address determination unit 523 is capable of determining an address of the message forwarding node based on the source address. In some embodiments, address determination unit 523 may initiate a query to the relevant database to determine the address of the message forwarding node associated with the source address.
By adopting the network management node, the real address of the message forwarding node is not required to be carried in the overtime information, the network management node can restore the address based on the pseudo address carried in the overtime information, and the real address of the message forwarding node is determined, so that the overtime information is traced, and meanwhile, DDOS attack of hackers is fundamentally prevented, and the security of the network is improved.
In some embodiments, as shown in fig. 5, the network management node 52 may further include a relationship storage unit 524 capable of storing a correspondence between the pseudo address and the address of the packet forwarding node. In some embodiments, the pseudo address and the address of the packet forwarding node may be stored in the form of a mapping table. The address determining unit 523 may perform an address matching operation with each pseudo address in the corresponding relationship by using the source address determined by the pseudo address obtaining unit 522 as a matching object based on the corresponding relationship between each pseudo address and the address of the packet forwarding node, and determine the address of the packet forwarding node corresponding to the successfully matched pseudo address, that is, the real address of the source node of the timeout information.
The network management node can conveniently perform address restoration operation, and the reliability and the efficiency of determining the real address of the message forwarding node are improved.
In some embodiments, as shown in fig. 5, the packet forwarding node may further include a fault location unit 525 capable of performing network fault location based on the address of the packet forwarding node. The network management node can utilize the address of the message forwarding node obtained by matching to conduct investigation, and the network obstacle removing efficiency is improved.
In some embodiments, the network management node may include a message sending unit capable of sending a message to the message forwarding node, and if the message forwarding is overtime, the overtime information receiving unit 521 of the network management node receives overtime information from the message forwarding node. The network management node does not need to acquire the overtime information in the network through monitoring, so that the consumption of the network management node resources by monitoring operation is avoided, and the network management node resources are saved.
In some embodiments, the network management node may further include a synchronization unit, which is capable of synchronizing the correspondence between the address of the packet forwarding node and the pseudo address to each packet forwarding node, so as to ensure consistency of the correspondence between the network management node and the packet forwarding node, ensure that the pseudo address can be correctly restored to a real address, and improve reliability of the system.
A schematic structural diagram of one embodiment of a network node of the present disclosure is shown in fig. 6. The network node may be a message forwarding node as mentioned above, or may be a network management node, including a memory 601 and a processor 602. Wherein: the memory 601 may be a magnetic disk, flash memory or any other non-volatile storage medium. The memory is used to store instructions in the corresponding embodiments of the anomaly feedback method or the network fault location method above. The processor 602 is coupled to the memory 601 and may be implemented as one or more integrated circuits, such as a microprocessor or microcontroller. The processor 602 is configured to execute instructions stored in the memory to enhance security of the network.
In one embodiment, as also shown in fig. 7, a network node 700 includes a memory 701 and a processor 702. The processor 702 is coupled to the memory 701 through a BUS 703. The network node 700 may also be connected to external storage 705 via a storage interface 704 for invoking external data, and to a network or another computer system (not shown) via a network interface 706. And will not be described in detail herein.
In this embodiment, the data instruction is stored in the memory, and then the processor processes the instruction, so that the security of the network can be improved.
In another embodiment, a computer readable storage medium has stored thereon computer program instructions which, when executed by a processor, implement the steps of the method of the corresponding embodiment of the anomaly feedback method or network fault location method. It will be apparent to those skilled in the art that embodiments of the present disclosure may be provided as a method, apparatus, or computer program product. Accordingly, the present disclosure may take the form of an entirely hardware embodiment, an entirely software embodiment, or an embodiment combining software and hardware aspects. Furthermore, the present disclosure may take the form of a computer program product embodied on one or more computer-usable non-transitory storage media (including, but not limited to, disk storage, CD-ROM, optical storage, etc.) having computer-usable program code embodied therein.
A schematic diagram of some embodiments of the network system of the present disclosure is shown in fig. 8.
The plurality of message forwarding nodes 811 to 81n, n being a positive integer greater than 1, each of the message forwarding nodes may be any one of the above-mentioned, and execute any one of the above-mentioned abnormal feedback methods.
The network management node 82 may be any of the above network management nodes, and may perform any of the above fault locating methods.
In such a network system, the overtime information generated by the message forwarding node does not carry the real address information of the message forwarding node, and the network management node can perform address reduction based on the pseudo address carried in the overtime information to determine the real address of the message forwarding node, so that the overtime information tracing is realized, and meanwhile, DDOS attack of hackers is fundamentally prevented, and the security of the network is improved.
In some embodiments, one of the message forwarding nodes 811-81 n has a pseudo address of 127.0.0.1, so that a hacker attacking the node initiates an attack to itself, and the equipment of the hacker is interfered, thereby further improving network security.
The present disclosure is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to embodiments of the disclosure. It will be understood that each flow and/or block of the flowchart illustrations and/or block diagrams, and combinations of flows and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
Thus far, the present disclosure has been described in detail. In order to avoid obscuring the concepts of the present disclosure, some details known in the art are not described. How to implement the solutions disclosed herein will be fully apparent to those skilled in the art from the above description.
The methods and apparatus of the present disclosure may be implemented in a number of ways. For example, the methods and apparatus of the present disclosure may be implemented by software, hardware, firmware, or any combination of software, hardware, firmware. The above-described sequence of steps for the method is for illustration only, and the steps of the method of the present disclosure are not limited to the sequence specifically described above unless specifically stated otherwise. Furthermore, in some embodiments, the present disclosure may also be implemented as programs recorded in a recording medium, the programs including machine-readable instructions for implementing the methods according to the present disclosure. Thus, the present disclosure also covers a recording medium storing a program for executing the method according to the present disclosure.
Finally, it should be noted that: the above embodiments are merely for illustrating the technical solution of the present disclosure and are not limiting thereof; although the present disclosure has been described in detail with reference to preferred embodiments, those of ordinary skill in the art will appreciate that: modifications may be made to the specific embodiments of the disclosure or equivalents may be substituted for part of the technical features; without departing from the spirit of the technical solutions of the present disclosure, it should be covered in the scope of the technical solutions claimed in the present disclosure.
Claims (19)
1. An anomaly feedback method comprising:
under the condition that the message forwarding node determines that the message forwarding is overtime, determining a pseudo address of the message forwarding node;
generating timeout information by taking the pseudo address as a source address;
and feeding back the timeout information to the source node of the message.
2. The method of claim 1, wherein the source node of the message comprises a network management node that determines an address of a message forwarding node corresponding to the pseudo address according to the timeout information.
3. The method of claim 1, wherein the determining the pseudo address of the packet forwarding node comprises: the message forwarding node determines the pseudo address according to the corresponding relation between the address of the pre-stored message forwarding node and the pseudo address.
4. The method according to claim 1, wherein the message forwarding node and/or the network management node pre-stores a correspondence between a pseudo address and an address of the message forwarding node.
5. The method of claim 4, further comprising: the message forwarding node receives the corresponding relation from the network management node, wherein the network management node synchronizes the corresponding relation to each message forwarding node.
6. The method of claim 1, wherein,
and after the message forwarding node receives the message and executes the operation of subtracting 1 from the TTL, if the TTL is determined to be 0, determining that the message forwarding is overtime.
7. The method of claim 1, wherein the packet-forwarding node internet packet explorer Ping function is configurable to an on state.
8. A fault location method, comprising:
the network management node obtains overtime information from the message forwarding node;
determining a source address carried by the overtime information, wherein the message forwarding node generates the overtime information under the condition of determining that the message forwarding is overtime, and the source address is a pseudo address of the source node of the overtime information;
and determining the address of the message forwarding node according to the source address.
9. The method of claim 8, wherein the network management node pre-stores a correspondence between a pseudo address and an address of a message forwarding node;
the determining the address of the message forwarding node according to the source address comprises: and matching the source address with a pre-stored pseudo address, and determining a message forwarding address corresponding to the pseudo address matched with the source address.
10. The method of claim 8, further comprising:
and the network management node performs network fault positioning according to the address of the message forwarding node.
11. A message forwarding node, comprising:
a pseudo address determining unit configured to determine a pseudo address of the message forwarding node in case of timeout of message forwarding;
a timeout information generation unit configured to generate timeout information using the pseudo address as a source address;
and the feedback unit is configured to feed back the timeout information to the source node of the message.
12. The node of claim 11, further comprising:
and the forwarding timeout determining unit is configured to determine that the message is forwarded timeout if the TTL is determined to be 0 after receiving the message and executing the operation of subtracting 1 from the TTL.
13. The node of claim 11, further comprising:
the internet packet explorer Ping function unit is configured to be allowed to be set to an on state in which Ping messages are received and fed back.
14. A network management node, comprising:
the overtime information receiving unit is configured to acquire overtime information from the message forwarding node;
a pseudo address obtaining unit, configured to determine a source address carried by the timeout information, where the message forwarding node generates the timeout information when determining that the message forwarding is timeout, and the source address is a pseudo address of the source node of the timeout information;
and the address determining unit is configured to determine the address of the message forwarding node according to the source address.
15. The node of claim 14, further comprising: the relation storage unit is configured to store the corresponding relation between the pseudo address and the address of the message forwarding node;
the address determining unit is configured to match the source address with a pre-stored pseudo address and determine a message forwarding address corresponding to the pseudo address matched with the source address.
16. The node of claim 14, further comprising: and the fault locating unit is configured to perform network fault locating according to the address of the message forwarding node.
17. A network node, comprising:
a memory; and
a processor coupled to the memory, the processor configured to perform the method of any of claims 1-10 based on instructions stored in the memory.
18. A computer readable storage medium having stored thereon computer program instructions which, when executed by a processor, implement the steps of the method of any of claims 1 to 10.
19. A network system, comprising:
a plurality of message forwarding nodes configured to perform the method of any of claims 1-7; and
a network management node configured to perform the method of any of claims 8 to 10.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210238228.9A CN116781497A (en) | 2022-03-10 | 2022-03-10 | Abnormal feedback and fault positioning method, network node and storage medium |
| PCT/CN2022/104130 WO2023168872A1 (en) | 2022-03-10 | 2022-07-06 | Anomaly feedback method, fault location method, network node, and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210238228.9A CN116781497A (en) | 2022-03-10 | 2022-03-10 | Abnormal feedback and fault positioning method, network node and storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN116781497A true CN116781497A (en) | 2023-09-19 |
Family
ID=87937063
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210238228.9A Pending CN116781497A (en) | 2022-03-10 | 2022-03-10 | Abnormal feedback and fault positioning method, network node and storage medium |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN116781497A (en) |
| WO (1) | WO2023168872A1 (en) |
Family Cites Families (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103188716B (en) * | 2011-12-29 | 2018-08-03 | 中兴通讯股份有限公司 | RUDP periodic line fault location methods and device |
| CN109831378B (en) * | 2019-01-31 | 2021-03-19 | 新华三技术有限公司 | Message timeout response method and device |
| CN113315744A (en) * | 2020-07-21 | 2021-08-27 | 阿里巴巴集团控股有限公司 | Programmable switch, flow statistic method, defense method and message processing method |
| CN113542056A (en) * | 2021-06-18 | 2021-10-22 | 新华三技术有限公司 | Fault detection method, forwarding device and storage medium |
-
2022
- 2022-03-10 CN CN202210238228.9A patent/CN116781497A/en active Pending
- 2022-07-06 WO PCT/CN2022/104130 patent/WO2023168872A1/en unknown
Also Published As
| Publication number | Publication date |
|---|---|
| WO2023168872A1 (en) | 2023-09-14 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11303528B2 (en) | Communications connection detection method and apparatus | |
| EP2725743B1 (en) | Methods and device for processing location information about fault point | |
| US10084706B2 (en) | Method and device for processing service function chaining | |
| KR101617393B1 (en) | Multiple connection system and method for service using internet protocol | |
| CN106789625B (en) | Loop detection method and device | |
| US9049241B2 (en) | Peer discovery and secure communication in failover schemes | |
| US10813156B2 (en) | Method and apparatus for processing network connection | |
| CN104883360A (en) | ARP spoofing fine-grained detecting method and system | |
| CN110011941B (en) | Message forwarding method and device | |
| CN102571488B (en) | Failure processing method, device and system for encryption card | |
| WO2020173424A1 (en) | Message processing method, and gateway device | |
| CN109842686B (en) | Load balancing system for realizing cross-regional cluster scheduling | |
| US10097418B2 (en) | Discovering network nodes | |
| US10680930B2 (en) | Method and apparatus for communication in virtual network | |
| CN109962879B (en) | Security defense method and controller for distributed reflective denial of service (DRDoS) | |
| CN107682226B (en) | NAT (network Address translation) board monitoring method and device | |
| WO2022132653A1 (en) | Secure messaging for outage events | |
| EP3944582B1 (en) | Monitoring of abnormal host | |
| CN116781497A (en) | Abnormal feedback and fault positioning method, network node and storage medium | |
| CN110661628B (en) | Method, device and system for realizing data multicast | |
| CN107453998B (en) | Method and device for transmitting message | |
| CN114255020A (en) | Block chain transaction processing method, device, equipment and storage medium based on multiple chains | |
| CN109361781B (en) | Message forwarding method, device, server, system and storage medium | |
| CN111835544B (en) | Monitoring method and system of virtual router based on user mode protocol stack | |
| CN110300033B (en) | Packet loss information recording method, network equipment and network system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |