WO2004068795A1 - Ipアドレス重複監視装置、ipアドレス重複監視方法、ipアドレス重複監視プログラム - Google Patents
Ipアドレス重複監視装置、ipアドレス重複監視方法、ipアドレス重複監視プログラム Download PDFInfo
- Publication number
- WO2004068795A1 WO2004068795A1 PCT/JP2003/000855 JP0300855W WO2004068795A1 WO 2004068795 A1 WO2004068795 A1 WO 2004068795A1 JP 0300855 W JP0300855 W JP 0300855W WO 2004068795 A1 WO2004068795 A1 WO 2004068795A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- service
- address
- service request
- address duplication
- monitoring device
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/46—Interconnection of networks
- H04L12/4604—LAN interconnection over a backbone network, e.g. Internet, Frame Relay
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements, protocols or services for addressing or naming
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements, protocols or services for addressing or naming
- H04L61/09—Mapping addresses
- H04L61/10—Mapping addresses of different types
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements, protocols or services for addressing or naming
- H04L61/35—Network arrangements, protocols or services for addressing or naming involving non-standard use of addresses for implementing network functionalities, e.g. coding subscription information within the address or functional addressing, i.e. assigning an address to a function
Definitions
- IP address duplication monitoring device IP address duplication monitoring method, IP address duplication monitoring program
- the present invention relates to a technology for monitoring the operation and failure detection of an IP (Internet Protocol) network, and in particular, an IP address duplication monitoring device for monitoring that an IP address is duplicated on an IP network, It relates to an address duplication monitoring method and an IP address duplication monitoring program.
- IP Internet Protocol
- IP address duplication monitoring is performed by installing a monitoring device for IP address duplication monitoring in the same LAN as the device to be monitored.
- the monitoring device monitors by checking the correspondence between the IP address and the address below the IP address. For example, in the case of Ethernet, the correspondence between the IP address and the MAC (Media Access Control) address is checked. If there are two or more ARP responses to an ARP (Address Resolution Protocol) request for a certain IP address, it can be determined that IP address duplication has occurred. It can monitor and detect duplicate IP addresses.
- ARP Address Resolution Protocol
- the present invention has been made to solve such a problem, and a network separated by a router without installing a monitoring device for IP address duplication monitoring in a network in which a monitoring target device is installed. It is an object of the present invention to provide an IP address duplication monitoring device, an IP address duplication monitoring method, and an IP address duplication monitoring program capable of detecting an IP address duplication from an external network. Disclosure of the invention
- the present invention is capable of communicating with a network having a router having an ARP cache that holds a set of an IP address, a lower layer address lower than the IP layer, and a powerful group for a certain period of time, and is connected to the network.
- An IP address duplication monitoring device that monitors the monitored device for IP address duplication, wherein the service request issuing unit transmits a plurality of service requests to the monitored device, and is obtained as a result of the service request. Instructing a service request to the service response analysis unit receiving the service response and the service request issuing unit at predetermined time intervals, comparing the plurality of service responses obtained from the service response analysis unit, and performing the comparison. And a monitoring unit that determines whether there is IP address duplication based on the result of (1).
- the monitoring unit issues a first service request instruction to the service request issuing unit, and after a predetermined time interval, issues a second service request instruction. And comparing the first service response obtained in response to the instruction of the first service request with the second service response obtained in response to the instruction of the second service request. It is assumed that.
- IP address duplication can be detected by comparing two service responses.
- the lower layer address is a MAC address.
- the monitoring unit issues a service request instruction to a service that returns a service response unique to the monitoring target device.
- a service response from the monitored device or a service from a device in the same network is selected. Response can be determined.
- the service that returns a service response specific to the monitored device returns a service response that includes an OS purge and a kernel version. ftp, pop, dns, or a service or application unique to the monitored device that is not provided by another device in the network, or a top page of www.
- a service response from the monitored device or a service from a device in the same network is selected. Response can be determined.
- the monitoring unit issues an instruction of the first service request after confirming that the ARP cache of the router is cleared. It is assumed that. According to such a configuration, two service requests may be routed to different devices when an IP address is duplicated, according to the 'ARP response obtained from the ARP request after the ARP cache is cleared. By doing so, it is possible to detect duplicate IP addresses.
- the time interval is such that the router receives the first service request, transmits an ARP request, receives an ARP response, and performs routing of the service request.
- the time until the execution is set to a minimum value, and the time interval at which the router clears the ARP cache is set to a maximum value.
- the monitoring unit may be configured so that the first service response is a normal service response, and the second service response is a normal service response, and When the first service response and the second service response have the same content, it is characterized in that it is determined that there is no .1 P address duplication.
- the monitoring unit when the monitoring target device provides a plurality of services, the monitoring unit may be configured to provide the first service corresponding to each of the plurality of services. Instructing a service request and instructing the second service request corresponding to each of the plurality of services, comparing the obtained service responses for each service, and determining whether an IP address is duplicated based on the result of the comparison. It is characterized by making a judgment.
- the monitoring unit may be configured to: A set of a first service request instruction and a second service request instruction is repeatedly performed a plurality of times, and a plurality of obtained service responses are compared. Based on the result of the comparison, the presence or absence of IP address duplication is determined. Is determined.
- the monitoring unit when the monitoring target device provides a plurality of services, the first service request corresponding to each of the plurality of services. Instruction of the second service request corresponding to each of the plurality of services, and a set of the instruction of the first service request and the instruction of the second service request is repeated a plurality of times. It is characterized in that a comparison of the obtained service responses is performed for each service, and the presence or absence of an IP address duplication is determined based on the result of the comparison.
- the present invention relates to a monitoring target device connected to a network having a router having an ARP cache that holds a set of an IP address and a lower address which is an address lower than the IP layer for a certain period of time.
- An IP address duplication monitoring method for monitoring duplication of IP addresses from outside the network comprising the steps of: issuing a service request instruction to the service request issuing unit at predetermined time intervals; and according to the instruction of the service request. Transmitting a service request to the monitored device; receiving a service response obtained as a result of the service request; comparing the plurality of received service responses; based on a result of the comparison And judging the presence or absence of duplication of the IP address.
- the present invention provides a network having a router having an ARP cache that holds a set of an IP address and a lower layer address which is an address lower than the IP layer for a certain period.
- the IP address duplication stored in the computer readable medium is executed.
- a monitoring program instructing the service request issuing unit at a predetermined time interval to issue a service request; transmitting a service request to the monitored device according to the service request instruction; Receiving a service response resulting from the service request; and comparing the plurality of received service responses;
- the computer-readable medium may be a portable storage medium such as a CD-ROM, a flexible disk, a DVD disk, a magneto-optical disk, an IC card, or a computer program.
- a portable storage medium such as a CD-ROM, a flexible disk, a DVD disk, a magneto-optical disk, an IC card, or a computer program.
- FIG. 1 is a block diagram showing a system configuration example in which an IP address duplication monitoring device according to the present embodiment is installed.
- FIG. 2 is a functional block diagram showing a configuration example of the IP address duplication monitoring device according to the present embodiment.
- FIG. 3 is a block diagram showing a configuration example of the immediately preceding router.
- FIG. 4 is a flowchart showing an example of the operation of the IP address duplication monitoring device according to the present embodiment.
- FIG. 5 is a table showing an example of a monitoring determination result.
- FIG. 6 is a diagram showing an example of a normal service response for each service.
- FIG. 1 is a block diagram showing an example of a system configuration in which an IP address duplication monitoring device according to the present embodiment is installed.
- the IP address duplication monitoring device 1 is connected to the monitoring target device 4 via, for example, a plurality of routers 2 and the immediately preceding router 3.
- the immediately preceding router 3 is a router located on the route from the IP address duplication monitoring device 1 to the monitoring target device 4 and located immediately before the monitoring target device 4.
- the immediately preceding router 3 is connected to the same LAN device 5 in addition to the monitored device 4.
- FIG. 2 is a functional block diagram showing a configuration example of the IP address duplication monitoring device according to the present embodiment.
- the IP address duplication monitoring device 1 includes a service request issuing unit 11, a service response analyzing unit 12, and a monitoring unit 13.
- the IP address of the monitoring target device 4 and the service provided by the monitoring target device 4 are registered in the monitoring unit 13 in advance.
- the monitoring unit 13 instructs the service request issuing unit 11 twice for the same service request.
- the first service request and the second service request are separated by a predetermined time interval.
- the service request issuing unit 11 connects to the service providing port of the monitored device 4 according to the instruction of the monitoring unit 13 and sends the service request generated by the service protocol to the monitored device. This is transmitted to the IP address of 4.
- the service provided by the monitored device 4 is HTTP (Hypertext Transfer Protocol) and connected to the HTTP port (normally TCP 80).
- the request issuing unit 11 outputs the contents of the transmitted service request to the service response analyzing unit 12.
- the service response analysis unit 12 receives a response to the service request from the service request issuing unit 11, and outputs the received response to the monitoring unit 13.
- a first response is received for a first service request and a second response is received for a second service request. The answer is received.
- the monitoring unit 13 determines the possibility of IP address duplication by comparing the two service responses. The above operation is repeated as many times as the number of IP addresses to be monitored, and when it is completed, the operation is repeated at appropriate time intervals.
- the immediately preceding router 3 used in the present embodiment implements ARP (RFC 826), and MUST have the condition of “2.3.2.2.1” in the quotation of RFC 1122 shown below, “2.3.2.2.2” SHOULD be satisfied.
- ARP Address Resolution Protocol
- FIG. 3 is a block diagram showing a configuration example of the immediately preceding router.
- the immediately preceding router 3 includes an input / output interface 31, a CPU 32, and a memory 33.
- the memory 33 has an ARP cache.
- the ARP cache has an ARP cache table as a table for storing a pair of an IP address and a MAC address. In this embodiment, it is necessary to clear the ARP cache before monitoring IP address duplication. As a method of clearing the ARP cache, for example, there is a technique of operating using Te1net, but this is not specified here.
- the service request and the service response, and the ARP request and the ARP response are transmitted and received via the input / output interface 31.
- the immediately preceding router 3 receives the service request from the IP address duplication monitoring device 1, the CPU 32 stores the IP address indicated by the service request in the ARP cache. Search from a table.
- the CPU 32 routes the service request to the MAC address corresponding to the IP address.
- the CPU 32 broadcasts the ARP request of the IP address indicated by the service request.
- the CPU 32 writes the MAC address obtained by the ARP response into the ARP cache table in combination with the IP address indicated by the service request, and writes the MAC address to the MAC address. Notify service requests.
- the CPU 32 transmits a service response to the IP address duplication monitoring device 1 that has transmitted the service request.
- the above is the operation of the immediately preceding router 3.
- the operation of the service request routing actually performed by the immediately preceding router 3 will be described in detail with reference to FIG.
- the IP address of the monitored device 4 is A
- the MAC address of the monitored device 4 is X
- the MAC address of the device 5 on the same LAN is Y.
- the router 3 Immediately before receiving the first service request from the IP address duplication monitoring device 1 to the monitoring target device 4, the router 3 broadcasts the ARP request of the IP address A because the ARP cache has been cleared. The monitored device 4 having received the ARP request transmits its own MAC address X to the immediately preceding router 3 as an ARP response.
- the router 3 immediately before receiving the ARP response from the monitored device 4 puts the IP address A and the MAC address X in the ARP cache table and sends the first to the monitored device 4 having the MAC address X. Route service requests.
- the monitoring target device 4 that has received the first service request transmits a service response to the first service request to the IP address duplication monitoring device 1.
- the translator 3 sends the second service to the monitored device 4 having the MAC address X according to the ARP cache table. Route requests.
- the monitoring target device 4 that has received the second service request transmits a service response to the second service request to the IP address duplication monitoring device 1.
- the same IP address A is set to the monitoring target device 4 and the same LAN device 5.
- the router 3 processes the ARP request of the IP address A because the ARP cache has been cleared.
- the monitored device 4 that has received the ARP request transmits its own MAC address X to the immediately preceding router 3 as an ARP response.
- the device 5 on the same LAN that has received the ARP request transmits its own MAC address Y to the immediately preceding router 3 as an ARP response.
- the immediately preceding router 3 sets the IP address A and the MAC address X in the ARP cache table. And routes the first service request to the monitored device 4 having the MAC address X.
- the monitored device 4 that has received the first service request transmits a service response to the first service request to the IP address duplication monitoring device 1.
- the ARP response from the same LAN interior ft5 of the two ARP responses is later received by the immediately preceding router 3, and the immediately preceding router 3 adds the MAC address Y to the MAC address X previously stored in the ARP cache table. Overwrite.
- the router 3 routes the second service request to the same LAN device 5 having the MAC address Y according to the overwritten ARP cache table.
- the device 5 in the same LAN that has received the second service request transmits a service response to the second service request to the IP address duplication monitoring device 1.
- the IP address duplication monitoring device 1 transmits two service requests and compares the service responses to the two service requests by using the overwriting phenomenon of the ARP cache table, thereby obtaining the IP address duplication. To monitor.
- Confirmation means for monitoring this IP address duplication are at the IP layer or higher, such as passing through a router, and theoretically, up to 256 hops, the upper limit of the TTL (Time To Live) setting of the IP header. It is possible to monitor IP address duplication from the ground.
- TTL Time To Live
- the time interval Tr may be any value between the minimum value and the maximum value described below.
- the minimum value is determined by the ARP response to the ARP request in the immediately preceding router 3 and the time required for processing. According to “2.3.2.2” of RFC 1122, “ARP resolution waiting queue of at least one packet” is required, but the operation in case of two or more packets is not specified. Subsequent buckets may be discarded. Therefore, it is better that the IP address duplication monitoring device 1 does not transmit the second service request until the immediately preceding router 3 processes the first service request.
- the minimum value of this time interval T r is usually enough for 1 second. Also, depending on the implementation of the immediately preceding router 3, it may be acceptable to transmit continuously. In that case, the minimum value of the time interval Tr is 0 seconds.
- the maximum value is determined by the clear interval of the ARP cache in the immediately preceding router 3. According to “2.3.2.2.1- (1) Timeoutj” of RFC 1122, the clear interval only states that it should be “order of minutes” and depends on the ARP implementation. Therefore, it is desirable to set the maximum value of the time interval T r to 1 minute, which will surely be cached.
- the time interval Tr is 1 second Tr and 1 minute.
- the IP address duplication monitoring device 1 confirms that the ARP cache of the immediately preceding router 3 has been cleared (S1).
- the IP address duplication monitoring device 1 transmits a first service request to the IP address A of the monitoring target device 4 (S2), and after the time interval Tr elapses, the monitoring target device 4 A second service request is sent to IP address A (S3).
- the IP address duplication monitoring device 1 that has received the service response to the first service request holds the received service response as the first service response (S4).
- the IP address duplication monitoring device 1 that has received the service response to the second service request holds the received service response as the second service response (S5
- the IP address duplication monitoring device 1 compares the held first service response with the second service response (S6). If the comparison results are the same (S 6
- the service request uses a service (OSI (Open System Interconnection) reference model layer 3 or higher) provided by the monitored device 4.
- the monitoring target device 4 is often a server for monitoring, and the service port of that server is always available for monitoring.
- the candidates include I CMP (Internet Control Message Protocol) ec ho, ping), telnet, smtp (Simple Mail Transfer Protocol), op (Post Office Protocol), snm p (Simple Network Management Protocol), ftp ( There are various protocols such as File Transfer Protocol (www) and www (World Wide Web) (http).
- FIG. 5 is a table showing an example of a monitoring determination result. This table shows the combination of two service responses to two service requests, and the corresponding judgment result.
- a service response to a service request may be a normal service response, which is a normal service response, or a connection rejection, or a timeout.
- At least one of the two service responses fails to connect, it is determined that there is a duplicate or the service is down. Also, at least one of the two service responses If the service is out of service, it is determined that there is duplication or the service is overloaded. Service load and service down can be excluded by another confirmation method, so that it is not necessary to consider IP address duplication at the same time. As a confirmation method, for example, using the log of the monitoring target device 4 and letting the administrator check whether it is in a normal operation state, whether the service is down, the service is overloaded, or there is duplication Can be isolated. Therefore, if at least one of the two service responses is a connection failure or timeout, it can be determined that there is an overlap.
- both of the two service responses are normal service responses, but the two normal service responses are the same, it is determined that there is no duplication or that there is duplication.
- the device 5 in the same LAN as the monitored device 4 accidentally opens the same service port and the returned normal service response happens to be the same, if two normal service responses are the same even if there is a duplication, Become.
- the normal service response such as I CMP e cho (ping)
- an application such as http is operated with the default settings
- FIG. 6 is a diagram showing an example of a normal service response for each service.
- Dd d. Ddd. Dd d. Ddd indicates an IP address
- XXX. XXX. XXX indicates an FQDN.
- Fig. 6 (a) is an example of a normal service response for te1 net.
- the normal service response of te 1 net includes OS purge and kernel version.
- Fig. 6 (b) is an example of a normal service response of ftp.
- Fig. 6 (c) is an example of a normal service response of pop.
- the normal service response of ftp and the normal service response of pop include FQDN and server version.
- Fig. 6 (e) is an example of a normal service response from www. Since the top page of www is usually a monitored server, it is not normally operated by default. Therefore, the result will be different unless the same page is mirrored by a device with a duplicate IP address.
- the monitoring unit 13 further uses the following two determination methods.
- the two judgment methods are (1) a method of judging from a plurality of judgment results obtained by periodic and repeated monitoring, and (2) a method of using ports of multiple services.
- Method (1) utilizes the instability of the service response caused by the ARP response described above. If the IP address is duplicated, the service response to the service request can be anything other than a timeout even if the monitored device 4 is operating normally. Therefore, in the monitoring, the operation of transmitting a service request twice and receiving two service responses is repeated as one set, and a plurality of sets are repeated.
- the monitoring unit 13 collects a plurality of sets of two service responses, compares the plurality of service responses, and determines whether or not the IP address is duplicately set based on the comparison result. If there is only one set of normal service response and connection failure in a plurality of service response sets, it can be said that the IP address is likely to be duplicated by itself, but if there is more than one, it can be determined to be extremely suspicious.
- Method (2) performs a similar check on multiple service ports.
- the HTTP port of the monitored device 4 is used, but other service ports of the monitored device 4, such as te1net and ftp, are similarly used, and a plurality of services are checked.
- the detection accuracy of duplicate IP addresses can be improved.
- the monitored device 4 having an IP address connects to multiple ports that are providing services, and sends each service request generated by the protocol of those services to the monitored device.
- the monitoring unit 13 compares the obtained set of service responses for each service, and determines whether or not the IP address is duplicately set based on a plurality of comparison results. For example, if the service response by HTTP is connection failure, it is difficult to separate from the service down of HTTP by this alone, but if the service response of other service port also fails connection at the same time, multiple services Is unlikely to stop, so there is a high possibility that IP addresses will be duplicated. In this case as well, the administrator can check whether or not the system is operating normally by using the logs of the monitored device 4 to determine whether the service is down, the service is overloaded, or there is duplication. Can be divided.
- the method (2) it is possible to eliminate service down and high service load, and to improve the detection accuracy of IP address duplication.
- the two methods (1) and (2) can be used. By using them at the same time, the detection accuracy of the IP address duplication by the monitoring unit 13 is further improved.
- HT TP is selected as the service request of the service protocol in the present embodiment, this is a port where the monitored device provides the service and has a characteristic normality such as including the host name. Anything that returns a service response is acceptable. For example, t e 1 n e t, f t p, h t t p, s nmp, and dns are good examples.
- the monitoring target device may be any device as long as it executes a service that provides a characteristic normal service response as described above.
- te 1 net and s nmp may be available, including switches, routers, firewalls, DNS, SSL (Secure Sockets Layer) accelerators, cache servers, and web servers that can be configured for management. , Load balancer, mail server, and other various servers. However, those that cannot be used because they are blocked by a firewall are excluded.
- the HTTP port of the web server is generally open for the purpose of use for the firewall on the monitoring route, and therefore the present invention is most suitable for monitoring the web server.
- IP address duplication occurs in the network.
- the present invention monitors IP address duplication regardless of the configuration, such as hubs, switching hubs, and bridges, as well as networks between bases using VLANs (Virtual LANs) and VPNs (Virtual Private Networks). Is possible.
- the ⁇ ⁇ layer when there is an IP address duplication at the time of address resolution such as Ethernet FDDI (Fiber Distributed Data Interface), which is a layer below the IP layer, for example, the first and second layers in the OSI reference model, the ⁇ ⁇ layer
- Ethernet FDDI Fiber Distributed Data Interface
- the present invention can be applied as it is if the response address of the lower layer changes.
Abstract
Description
Claims
Priority Applications (4)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
AU2003303845A AU2003303845A1 (en) | 2003-01-29 | 2003-01-29 | Ip address duplication monitoring apparatus, ip address duplication monitoring method, and ip address duplication monitoring program |
JP2004567521A JP3794424B2 (ja) | 2003-01-29 | 2003-01-29 | Ipアドレス重複監視装置、ipアドレス重複監視方法、ipアドレス重複監視プログラム |
PCT/JP2003/000855 WO2004068795A1 (ja) | 2003-01-29 | 2003-01-29 | Ipアドレス重複監視装置、ipアドレス重複監視方法、ipアドレス重複監視プログラム |
US11/132,201 US20050207447A1 (en) | 2003-01-29 | 2005-05-19 | IP address duplication monitoring device, IP address duplication monitoring method and IP address duplication monitoring program |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
PCT/JP2003/000855 WO2004068795A1 (ja) | 2003-01-29 | 2003-01-29 | Ipアドレス重複監視装置、ipアドレス重複監視方法、ipアドレス重複監視プログラム |
Related Child Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US11/132,201 Continuation US20050207447A1 (en) | 2003-01-29 | 2005-05-19 | IP address duplication monitoring device, IP address duplication monitoring method and IP address duplication monitoring program |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2004068795A1 true WO2004068795A1 (ja) | 2004-08-12 |
Family
ID=32800806
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/JP2003/000855 WO2004068795A1 (ja) | 2003-01-29 | 2003-01-29 | Ipアドレス重複監視装置、ipアドレス重複監視方法、ipアドレス重複監視プログラム |
Country Status (3)
Country | Link |
---|---|
JP (1) | JP3794424B2 (ja) |
AU (1) | AU2003303845A1 (ja) |
WO (1) | WO2004068795A1 (ja) |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2001244945A (ja) * | 2000-02-29 | 2001-09-07 | Nec Corp | アドレス解決プロトコルを用いたipアドレス重複検出方法 |
JP2002325077A (ja) * | 2001-04-25 | 2002-11-08 | Hitachi Software Eng Co Ltd | ネットワーク管理方法及びネットワーク管理装置 |
-
2003
- 2003-01-29 AU AU2003303845A patent/AU2003303845A1/en not_active Abandoned
- 2003-01-29 JP JP2004567521A patent/JP3794424B2/ja not_active Expired - Fee Related
- 2003-01-29 WO PCT/JP2003/000855 patent/WO2004068795A1/ja active Application Filing
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2001244945A (ja) * | 2000-02-29 | 2001-09-07 | Nec Corp | アドレス解決プロトコルを用いたipアドレス重複検出方法 |
JP2002325077A (ja) * | 2001-04-25 | 2002-11-08 | Hitachi Software Eng Co Ltd | ネットワーク管理方法及びネットワーク管理装置 |
Also Published As
Publication number | Publication date |
---|---|
JPWO2004068795A1 (ja) | 2006-05-25 |
AU2003303845A1 (en) | 2004-08-23 |
JP3794424B2 (ja) | 2006-07-05 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US20050207447A1 (en) | IP address duplication monitoring device, IP address duplication monitoring method and IP address duplication monitoring program | |
US8615010B1 (en) | System and method for managing traffic to a probe | |
US7693045B2 (en) | Verifying network connectivity | |
US8898265B2 (en) | Determining data flows in a network | |
US8176544B2 (en) | Network security system having a device profiler communicatively coupled to a traffic monitor | |
US7639624B2 (en) | Method and system for monitoring network connectivity | |
JP2010541441A (ja) | 分散ネットワーク内の無許可ルータを検出するためのコンピュータによって実行される方法、データ処理システム、およびコンピュータ・プログラム(ルータ検出) | |
US7782877B2 (en) | Network-based dedicated backup service | |
US20030126248A1 (en) | Method to automatically configure network routing device | |
WO2005107296A2 (en) | Network security system | |
JPH1127320A (ja) | パケット中継制御方法,パケット中継装置およびプログラム記憶媒体 | |
US20130054828A1 (en) | Information processing device, computer-readable recording medium, and control method | |
US10795912B2 (en) | Synchronizing a forwarding database within a high-availability cluster | |
Ubaid et al. | Mitigating address spoofing attacks in hybrid SDN | |
US11153350B2 (en) | Determining on-net/off-net status of a client device | |
Cisco | Global Configuration Mode Commands | |
Cisco | Using the CSS Logging Features | |
Cisco | Log Messages | |
JP3794424B2 (ja) | Ipアドレス重複監視装置、ipアドレス重複監視方法、ipアドレス重複監視プログラム | |
Cisco | Troubleshooting TCP/IP | |
Cisco | General Commands | |
US20120096548A1 (en) | Network attack detection | |
KR100386923B1 (ko) | 듀얼 라인 기반 백업 및 로드 밸런싱 방법 및 장치 | |
JP7000863B2 (ja) | マルウェア検査支援プログラム、マルウェア検査支援方法および通信装置 | |
Huang et al. | A network processor-based fault-tolerance architecture for critical network equipments |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AK | Designated states |
Kind code of ref document: A1 Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ OM PH PL PT RO RU SC SD SE SG SK SL TJ TM TN TR TT TZ UA UG US UZ VC VN YU ZA ZM ZW |
|
AL | Designated countries for regional patents |
Kind code of ref document: A1 Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IT LU MC NL PT SE SI SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG |
|
121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
WWE | Wipo information: entry into national phase |
Ref document number: 2004567521 Country of ref document: JP |
|
WWE | Wipo information: entry into national phase |
Ref document number: 11132201 Country of ref document: US |
|
122 | Ep: pct application non-entry in european phase |