WO2021259352A1 - Data packet forwarding method and apparatus, and network device - Google Patents

Data packet forwarding method and apparatus, and network device Download PDF

Info

Publication number
WO2021259352A1
WO2021259352A1 PCT/CN2021/102033 CN2021102033W WO2021259352A1 WO 2021259352 A1 WO2021259352 A1 WO 2021259352A1 CN 2021102033 W CN2021102033 W CN 2021102033W WO 2021259352 A1 WO2021259352 A1 WO 2021259352A1
Authority
WO
WIPO (PCT)
Prior art keywords
packet
network
abnormal
identifier
routing information
Prior art date
Application number
PCT/CN2021/102033
Other languages
French (fr)
Chinese (zh)
Inventor
刘韦宏
Original Assignee
深圳市万普拉斯科技有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 深圳市万普拉斯科技有限公司 filed Critical 深圳市万普拉斯科技有限公司
Publication of WO2021259352A1 publication Critical patent/WO2021259352A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/40Network security protocols
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/28Routing or path finding of packets in data switching networks using route fault recovery
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0227Filtering policies

Definitions

  • This application relates to the field of communication technology, and in particular to a method, device and network equipment for forwarding data packets.
  • the quality of the communication link can be judged through the quality parameters of the link, and network switching can be performed when it is judged that the currently used communication link has poor network quality, so as to ensure the normality of the link.
  • the delay data of the network cannot be counted. Therefore, when the network is completely disconnected, it is difficult to achieve a perfect network distribution, which leads to the unsmooth network and reduces the user experience.
  • this application provides a data packet forwarding method, device and network equipment to alleviate the above technical problems.
  • an embodiment of the present application provides a data packet forwarding method, which is applied to a network device, and the method includes: obtaining a network packet received by the network device, and determining whether the network packet is an abnormal packet; if so, An abnormal identifier is set for the abnormal packet; routing information corresponding to the abnormal identifier is searched in a preset routing table, and the network packet is forwarded according to the found routing information.
  • an embodiment of the present application provides a data packet forwarding device, which is applied to a network device, and the device includes: a judgment module for obtaining a network packet received by the network device, and judging whether the network packet is abnormal Packet; a setting module for setting an abnormality identifier for the abnormal packet when the judgment result of the judgment module is yes; a forwarding module for looking up routing information corresponding to the abnormality identifier in a preset routing table, The network packet is forwarded according to the found routing information.
  • an embodiment of the present application provides a network device including a memory, a processor, and a computer program stored on the memory and capable of running on the processor.
  • the processor executes the computer program, Implement the method described in the first aspect above.
  • an embodiment of the present application provides a computer-readable storage medium with a computer program stored on the computer-readable storage medium, and the computer program executes the method described in the first aspect when the computer program is run by a processor.
  • the data packet forwarding method, device, and network equipment provided in the embodiments of the present application can obtain the network packet received by the network device, and when it is determined that the network packet is an abnormal packet, set an abnormality identifier for the abnormal packet;
  • the routing information corresponding to the abnormal identifier is searched in the routing table, and the network packet is forwarded according to the found routing information, and the network packet can still be forwarded, thereby ensuring the smoothness of the network and improving the user experience.
  • FIG. 1 is a flowchart of a data packet forwarding method provided by an embodiment of the application
  • Figure 2 is a schematic diagram of a firewall architecture provided by an embodiment of the application.
  • FIG. 3 is a flowchart of another data packet forwarding method provided by an embodiment of the application.
  • FIG. 4 is a schematic structural diagram of a data packet forwarding apparatus provided by an embodiment of the application.
  • FIG. 5 is a schematic structural diagram of a network device provided by an embodiment of this application.
  • the quality of the link is usually judged by the quality parameter of the link, for example, a judgment is made for the delay of the application and so on.
  • the delay cannot be judged. For example, when the network is completely disconnected, it is impossible to count the delay data for TCP (Transmission Control Protocol) interaction. Therefore, when the network is completely disconnected, it cannot be done. A perfect network distribution.
  • the data packet forwarding method, device, and network equipment provided by the embodiments of the present application can effectively alleviate the above-mentioned technical problems.
  • an embodiment of the present application provides a method for forwarding a data packet, which is applied to a network device, as shown in FIG. 1 is a flowchart of a method for forwarding a data packet, and the method includes the following steps.
  • Step S102 Obtain the network packet received by the network device, and determine whether the network packet is an abnormal packet.
  • Step S104 if yes, set an abnormality flag for the abnormal packet.
  • the network packet in the embodiment of this application refers to a data packet transmitted in a network using a specified protocol, such as ICMP (Internet Control Message Protocol, Internet Control Message Protocol) packet, DNS (Domain Name System Service Protocol) , Domain Name System) packets, game packets, etc., these packets follow a certain network protocol when they are transmitted on the network link, and carry corresponding packet information, such as protocol type, identification, IP address, etc., the above steps
  • the judging process of the abnormal packet in S102 can be realized according to the corresponding packet information, and then judge whether it is an abnormal packet, and if it is judged to be an abnormal packet, continue to execute the following step S106 to forward the abnormal packet.
  • Step S106 searching for routing information corresponding to the abnormal identifier in the preset routing table, and forwarding the network packet according to the found routing information.
  • the preset routing table is usually a routing table pre-stored in the network device, including an abnormal identifier and routing information corresponding to the abnormal identifier, so that when the corresponding routing information is found, it can be based on the search
  • the arrived routing information determines the next hop of the abnormal packet to facilitate the forwarding of the abnormal packet.
  • the data packet forwarding method provided by the embodiment of the application can obtain the network packet received by the network device, and when it is determined that the network packet is an abnormal packet, set an abnormal identifier for the abnormal packet; The routing information corresponding to the abnormal identifier is forwarded to the network packet according to the found routing information.
  • the above is the method of searching routing information for the abnormal packet, which can still forward the network packet when the network packet is abnormal, thereby ensuring the network's integrity Smooth, improve user experience.
  • the above-mentioned network equipment usually includes physical physical equipment connected to the network, such as switches, bridges, routers, gateways, etc., and, in order to provide users with a safe network environment, the network equipment is usually configured with a firewall architecture , And the firewall architecture generally includes multiple detection nodes, each detection node is also registered with a preset callback function, and multiple detection nodes are connected in sequence to form a network packet propagation link.
  • FIG. 2 shows a schematic diagram of a firewall architecture.
  • the firewall architecture is Linux kernel netfilter firewall architecture as an example for description.
  • the firewall architecture is equivalent to a filter architecture. Analyze and process the received network packets.
  • the firewall architecture is implemented based on the netfilter firewall technology, which can implement all packets in and out on the kernel side.
  • the firewall architecture may have multiple nodes on the link for sending, receiving, and routing network packets.
  • the detection node in the embodiment of the present application is a part or all of the multiple nodes to achieve this The data packet forwarding method provided in the application embodiment.
  • the Netfilter firewall is usually a data packet processing module inside the core layer of the Linux operating system, which usually has the following functions: network address translation, data packet content modification, and data packet filtering, etc., and the above nodes are also called Mount point, or callback function point, in order to mount the registered callback function.
  • Mount point or callback function point, in order to mount the registered callback function.
  • FIG. 3 also shows a flowchart of another data packet forwarding method, which further explains the data forwarding process of the embodiment of the present application, as shown in FIG. 3, including The following steps.
  • Step S302 Obtain the network packet received by the network device.
  • network packets can enter the network device in the layer 2 processing module, and then be transmitted along the propagation link to the next node in the direction indicated by the arrow to further perform the following steps .
  • Step S304 Extract the packet information of the network packet; where the packet information includes at least one of the following: protocol type and identity ID.
  • Step S306 Determine whether the network packet is an abnormal packet according to the packet information.
  • the protocol type is an ICMP packet
  • the category identifier of the ICMP packet can be obtained; then it is determined whether the category identifier is a preset abnormal identifier; if it is, the network packet is determined to be an abnormal packet.
  • a comparison table of the type identification of the ICMP packet is generally pre-stored in the network equipment, so that when the packet information of the network packet is extracted, it is judged whether the type identification is It is an abnormal identification, and then it is determined whether the ICMP packet is an abnormal packet.
  • Table 1 shows a comparison table of the category identifiers of ICMP packets, as shown in Table 1:
  • Timestamp request time label requirements 14 Timestamp reply
  • Information request 16 Information reply 17
  • Address mask request 18 Address mask reply Address mask reply
  • the Message Type in the first column is the category identifier
  • the second column is the corresponding ICMP message function.
  • the category identifier of the ICMP packet extracted in step S304 is the category identifier in the first column, It can be determined that the ICMP packet is an abnormal packet, and then continue to step S308 to set an abnormality identifier for the abnormal packet.
  • the category identifier of the ICMP packet extracted in step S304 is not any of the category identifiers in the first column of Table 1, It means that the ICMP packet is a normal network packet, and it can be forwarded normally according to the propagation link shown in Figure 2.
  • each node of the firewall architecture processes and forwards the network packet according to the conventional processing method.
  • Table 1 shows is only a feasible comparison table for the category identifiers of ICMP packets.
  • the content of the comparison table can be set according to actual usage.
  • the logo, or remove some disabled logos, etc., are specifically set according to actual usage conditions, which are not limited in the embodiments of the present application.
  • the above processing of ICMP packets can be implemented in the PRE_ROUTING node.
  • the PRE_ROUTING node is used as a detection node in the embodiment of the present application, which can detect the category identifier of the ICMP packet. , And then determine whether the ICMP packet is an abnormal packet.
  • the DNS code of the DNS packet is obtained; and it is determined whether the DNS code is a preset abnormal code; if it is, it is determined that the network packet is an abnormal packet.
  • the above-mentioned network device will also pre-store the abnormal code table of the DNS packet.
  • the network packet is a DNS packet based on the protocol type of the packet information
  • it can further obtain the DNS code of the DNS packet and query the abnormal code Table to determine whether the DNS packet is an abnormal packet.
  • the above DNS code usually refers to the RCODE in the DNS packet.
  • the above processing process for the DNS packet can also be implemented in the PRE_ROUTING node of the firewall architecture shown in FIG. 2. At this time, the PRE_ROUTING node is still a detection node in the embodiment of the present application.
  • the DNS code of the DNS packet can be checked to determine whether the DNS packet is an abnormal packet.
  • the data packet forwarding method provided by the embodiment of the application can also process game packets. Specifically, if the identity ID of the above network packet is a game packet, it is determined whether the time interval for receiving the game packet is greater than the preset Time interval; if it is, it is determined that the network packet is an abnormal packet.
  • the special timing monitoring behavior determines whether the time interval for receiving the game packet is greater than The preset time interval and so on. If it is greater than the preset time interval, it means that the network is abnormal. At this time, the received network packet is an abnormal packet. At this time, the next network packet can be marked with different mark values, and different mark values can be matched to query different ones.
  • the routing table allows data packets to go to different interfaces to access the network.
  • the above processing of game packets can be performed at the LOCAL_IN node in Figure 2.
  • the network packets After the network packets enter the network device through the data packet entry in Figure 2, they can be propagated along The link is transmitted to the LOCAL_IN node via the PRE_ROUTING node, and the LOCAL_IN node determines whether the time interval for receiving the game packet is greater than the preset time interval, and if so, it is determined that the network packet is an abnormal packet.
  • the game type can also be determined through the packet information carried in the game packet, so as to detect whether the game sends a special UDP packet behavior. If the timing sending behavior is detected, you can use this Behavior to determine whether the interval time of each packet is regular. If it is irregular, it means that the network environment may be poor at that time, leading to packet loss or delay.
  • a game application sends a 60-length packet every 3 seconds, so we should be able to monitor on the kernel side that a 60-length udp packet is received every 3 seconds. If suddenly the interval time is prolonged or lost, we can judge that the network quality is poor and the delay is caused. At this time, we can continue to perform the following step S310 to forward the game packet to maintain the game experience.
  • step S310 the routing information corresponding to the abnormal identifier is searched in the preset routing table, and the network packet is forwarded according to the searched routing information.
  • the step of forwarding the network packet according to the found routing information includes: switching the first network currently used by the network device to the backup second network according to the found routing information; The routing information forwards network packets.
  • the above-mentioned first network and second network may be a wireless wifi network and a telecommunication data network. Therefore, the first network is switched to the standby second network, which may be the wireless wifi network is switched to the telecommunication data network.
  • the above-mentioned first and second networks may also be 5G telecommunication data networks and 4G telecommunication data networks. Therefore, the switching of the first network to the backup second network may be the switching of the wireless 5G telecommunication data network to the 4G telecommunication data network.
  • the number of network packets forwarded through the second network can be continued to be recorded; if the number of network packets forwarded by the second network exceeds the preset number Threshold, the second network can be further switched to the first network, that is, switching between a wireless wifi network and a telecommunication data network, or switching between a 5G telecommunication data network and a 4G telecommunication data network can be realized.
  • the above switching process is quite an exit mechanism, so as not to return to the first network interface for transmission after the network is switched to the second network, it can be implemented every 10 or 20 packets/DNS query / During transmission, an interface automatically switched back to try to transmit. If there is normal interaction on the first interface, the subsequent network packets can be switched back to the first network for transmission. If the first network is still abnormal, continue to use the second network interface to send network packets, so as to keep the network sending normally.
  • an embodiment of the present application also provides a data packet forwarding device, which is applied to network equipment.
  • a schematic structural diagram of a data packet forwarding device includes The following modules.
  • the judging module 40 is configured to obtain the network packet received by the network device, and determine whether the network packet is an abnormal packet.
  • the setting module 42 is configured to set an abnormality identifier for the abnormal packet when the judgment result of the judgment module is yes.
  • the forwarding module 44 is configured to search for routing information corresponding to the abnormal identifier in a preset routing table, and forward the network packet according to the searched routing information.
  • the data packet forwarding device provided in the embodiment of the present application has the same technical features as the data packet forwarding method provided in the foregoing embodiment, so it can also solve the same technical problem and achieve the same technical effect.
  • an embodiment of the present application also provides a network device, including a memory, a processor, and a computer program stored on the memory and capable of running on the processor, and the processor implements the foregoing when the computer program is executed.
  • a network device including a memory, a processor, and a computer program stored on the memory and capable of running on the processor, and the processor implements the foregoing when the computer program is executed. The method described in Figure 1 or Figure 3.
  • an embodiment of the present application also provides a schematic structural diagram of a network device. As shown in FIG. 5, it is a schematic structural diagram of the network device.
  • the network device includes a processor 101 and a memory 100, and the memory 100 stores A computer-executable instruction executed by the processor 101, and the processor 101 executes the computer-executable instruction to implement the foregoing data packet forwarding method.
  • the network device further includes a bus 102 and a communication interface 103, where the processor 101, the communication interface 103, and the memory 100 are connected through the bus 102.
  • the memory 100 may include a high-speed random access memory (RAM, Random Access Memory), and may also include a non-volatile memory (non-volatile memory), such as at least one disk memory.
  • the communication connection between the system network element and at least one other network element is realized through at least one communication interface 103 (which may be wired or wireless), and the Internet, a wide area network, a local network, a metropolitan area network, etc. may be used.
  • the bus 102 may be an ISA (Industry Standard Architecture) bus, a PCI (Peripheral Component Interconnect, peripheral component interconnection standard) bus, or an EISA (Extended Industry Standard Architecture) bus or the like.
  • the bus 102 can be divided into an address bus, a data bus, a control bus, and the like. For ease of presentation, only one bidirectional arrow is used to indicate in FIG. 5, but it does not mean that there is only one bus or one type of bus.
  • the processor 101 may be an integrated circuit chip with signal processing capabilities. In the implementation process, the steps of the foregoing method may be completed by an integrated logic circuit of hardware in the processor 101 or instructions in the form of software.
  • the aforementioned processor 101 may be a general-purpose processor, including a central processing unit (Central Processing Unit, CPU for short), a network processor (Network Processor, NP), etc.; it may also be a digital signal processor (Digital Signal Processor, DSP for short), etc. ), Application Specific Integrated Circuit (ASIC), Field-Programmable Gate Array (FPGA) or other programmable logic devices, discrete gates or transistor logic devices, discrete hardware components.
  • the general-purpose processor may be a microprocessor or the processor may also be any conventional processor or the like.
  • the steps of the method disclosed in the embodiments of the present application may be directly embodied as being executed and completed by a hardware decoding processor, or executed and completed by a combination of hardware and software modules in the decoding processor.
  • the software module can be located in a mature storage medium in the field, such as random access memory, flash memory, read-only memory, programmable read-only memory, or electrically erasable programmable memory, registers.
  • the storage medium is located in the memory, and the processor 101 reads the information in the memory, and completes the steps of the data packet forwarding method of the foregoing embodiment in combination with its hardware.
  • an embodiment of the present application also provides a computer-readable storage medium, and the computer-readable storage medium stores a computer program, and the computer program executes the method shown in FIG. 1 or FIG. 3 when the computer program is run by a processor.
  • the data packet forwarding method, device, and computer program product of the network device provided by the embodiments of the present application include a computer-readable storage medium storing program code, and the instructions included in the program code can be used to execute the instructions in the previous method embodiments.
  • program code storing program code
  • the instructions included in the program code can be used to execute the instructions in the previous method embodiments.
  • the terms “installed”, “connected”, and “connected” should be understood in a broad sense, for example, it may be a fixed connection or a detachable connection. , Or integrally connected; it can be a mechanical connection or an electrical connection; it can be directly connected or indirectly connected through an intermediate medium, and it can be the internal communication between two components.
  • installed should be understood in a broad sense, for example, it may be a fixed connection or a detachable connection. , Or integrally connected; it can be a mechanical connection or an electrical connection; it can be directly connected or indirectly connected through an intermediate medium, and it can be the internal communication between two components.
  • the function is implemented in the form of a software functional unit and sold or used as an independent product, it can be stored in a computer readable storage medium.
  • the technical solution of this application essentially or the part that contributes to the existing technology or the part of the technical solution can be embodied in the form of a software product, and the computer software product is stored in a storage medium, including Several instructions are used to make a computer device (which may be a personal computer, a server, or a network device, etc.) execute all or part of the steps of the methods described in the various embodiments of the present application.
  • the aforementioned storage media include: U disk, mobile hard disk, read-only memory (ROM, Read-Only Memory), random access memory (RAM, Random Access Memory), magnetic disks or optical disks and other media that can store program codes. .

Abstract

The present application relates to the technical field of communications and provides a data packet forwarding method and apparatus, and a network device. The method comprises: obtaining a network packet received by a network device, and determining whether the network packet is an abnormal packet; if yes, setting an abnormal identifier for the abnormal packet; and searching in a preset routing table for routing information corresponding to the abnormal identifier, and forwarding the network packet according to the found routing information.

Description

数据包的转发方法、装置及网络设备Data packet forwarding method, device and network equipment
交叉引用cross reference
本发明要求在2020年06月24日提交中国专利局、申请号为202010595491.4、发明名称为“数据包的转发方法、装置及网络设备”的中国专利申请的优先权,该申请的全部内容通过引用结合在本发明中。The present invention claims the priority of a Chinese patent application filed with the Chinese Patent Office, the application number is 202010595491.4, and the invention title is "Data packet forwarding method, device and network equipment" on June 24, 2020. The entire content of the application is by reference Incorporate in the present invention.
技术领域Technical field
本申请涉及通信技术领域,尤其是涉及一种数据包的转发方法、装置及网络设备。This application relates to the field of communication technology, and in particular to a method, device and network equipment for forwarding data packets.
背景技术Background technique
目前,对于通信链路的品质,可以通过链路的质量参数进行判断,并在判断出当前使用的通信链路存在网络质量不佳的情况下能够进行网络切换,以便于保证链路的通常。At present, the quality of the communication link can be judged through the quality parameters of the link, and network switching can be performed when it is judged that the currently used communication link has poor network quality, so as to ensure the normality of the link.
但是,在有些情况下,是难以获取到链路的质量参数的,例如,在网络完全不通时,则无法统计网络的延迟数据。因此,在遇到网络完全不通的时候,就难以做到一个完美的网络分配,导致网络不顺畅,降低了用户的体验度。However, in some cases, it is difficult to obtain the quality parameters of the link. For example, when the network is completely disconnected, the delay data of the network cannot be counted. Therefore, when the network is completely disconnected, it is difficult to achieve a perfect network distribution, which leads to the unsmooth network and reduces the user experience.
发明内容Summary of the invention
有鉴于此,本申请提供一种数据包的转发方法、装置及网络设备,以缓解上述技术问题。In view of this, this application provides a data packet forwarding method, device and network equipment to alleviate the above technical problems.
第一方面,本申请实施例提供了一种数据包的转发方法,应用于网络设备,该方法包括:获取所述网络设备接收的网络封包,判断所述网络封包是否为异常封包;如果是,为所述异常封包设置异常标识;在预设的路由表中查找与所述异常标识对应的路由信息,根据查找到的所述路由信息对所述网 络封包进行转发。In the first aspect, an embodiment of the present application provides a data packet forwarding method, which is applied to a network device, and the method includes: obtaining a network packet received by the network device, and determining whether the network packet is an abnormal packet; if so, An abnormal identifier is set for the abnormal packet; routing information corresponding to the abnormal identifier is searched in a preset routing table, and the network packet is forwarded according to the found routing information.
第二方面,本申请实施例提供了一种数据包的转发装置,应用于网络设备,该装置包括:判断模块,用于获取所述网络设备接收的网络封包,判断所述网络封包是否为异常封包;设置模块,用于所述判断模块的判断结果为是时,为所述异常封包设置异常标识;转发模块,用于在预设的路由表中查找与所述异常标识对应的路由信息,根据查找到的所述路由信息对所述网络封包进行转发。In the second aspect, an embodiment of the present application provides a data packet forwarding device, which is applied to a network device, and the device includes: a judgment module for obtaining a network packet received by the network device, and judging whether the network packet is abnormal Packet; a setting module for setting an abnormality identifier for the abnormal packet when the judgment result of the judgment module is yes; a forwarding module for looking up routing information corresponding to the abnormality identifier in a preset routing table, The network packet is forwarded according to the found routing information.
第三方面,本申请实施例提供了一种网络设备,包括存储器、处理器及存储在所述存储器上并可在所述处理器上运行的计算机程序,所述处理器执行所述计算机程序时实现上述第一方面所述的方法。In the third aspect, an embodiment of the present application provides a network device including a memory, a processor, and a computer program stored on the memory and capable of running on the processor. When the processor executes the computer program, Implement the method described in the first aspect above.
第四方面,本申请实施例提供了一种计算机可读存储介质,所述计算机可读存储介质上存储有计算机程序,所述计算机程序被处理器运行时执行上述第一方面所述的方法。In a fourth aspect, an embodiment of the present application provides a computer-readable storage medium with a computer program stored on the computer-readable storage medium, and the computer program executes the method described in the first aspect when the computer program is run by a processor.
本申请实施例提供的数据包的转发方法、装置及网络设备,能够获取到网络设备接收的网络封包,并在判断出网络封包为异常封包时,为异常封包设置异常标识;进而在预设的路由表中查找与该异常标识对应的路由信息,根据查找到的路由信息对网络封包进行转发,仍然能够对网络封包进行转发,进而保证网络的顺畅,提高用户的体验度。The data packet forwarding method, device, and network equipment provided in the embodiments of the present application can obtain the network packet received by the network device, and when it is determined that the network packet is an abnormal packet, set an abnormality identifier for the abnormal packet; The routing information corresponding to the abnormal identifier is searched in the routing table, and the network packet is forwarded according to the found routing information, and the network packet can still be forwarded, thereby ensuring the smoothness of the network and improving the user experience.
为使本申请的实施方案更明显易懂,下文以各个实施例,并配合所附附图,作详细说明如下。In order to make the implementation scheme of the present application more obvious and understandable, the following detailed descriptions are given in the following with various embodiments and accompanying drawings.
附图说明Description of the drawings
为了更清楚地说明本申请具体实施方式或现有技术中的技术方案,下面将对具体实施方式或现有技术描述中所需要使用的附图作简单地介绍,显而易见地,下面描述中的附图是本申请的一些实施方式,对于本领域技术人员来讲,在不付出创造性劳动的前提下,还可以根据这些附图获得其他的附图。In order to more clearly illustrate the specific embodiments of this application or the technical solutions in the prior art, the following will briefly introduce the drawings that need to be used in the specific embodiments or the description of the prior art. Obviously, the appendix in the following description The drawings are some embodiments of the application. For those skilled in the art, other drawings can be obtained based on these drawings without creative work.
图1为本申请实施例提供的一种数据包的转发方法的流程图;FIG. 1 is a flowchart of a data packet forwarding method provided by an embodiment of the application;
图2为本申请实施例提供的一种防火墙架构的示意图;Figure 2 is a schematic diagram of a firewall architecture provided by an embodiment of the application;
图3为本申请实施例提供的另一种数据包的转发方法的流程图;FIG. 3 is a flowchart of another data packet forwarding method provided by an embodiment of the application;
图4为本申请实施例提供的一种数据包的转发装置的结构示意图;FIG. 4 is a schematic structural diagram of a data packet forwarding apparatus provided by an embodiment of the application;
图5为本申请实施例提供的一种网络设备的结构示意图。FIG. 5 is a schematic structural diagram of a network device provided by an embodiment of this application.
具体实施方式detailed description
为使本申请实施例的技术方案更加清楚,下面将结合附图对本申请的技术方案进行清楚、完整地描述,显然,所描述的实施例是本申请一部分实施例,而不是全部的实施例。基于本申请中的实施例,本领域技术人员在没有做出创造性劳动前提下所获得的所有其他实施例,都属于本申请保护的范围。In order to make the technical solutions of the embodiments of the present application clearer, the technical solutions of the present application will be described clearly and completely with reference to the accompanying drawings. Obviously, the described embodiments are part of the embodiments of the present application, rather than all of them. Based on the embodiments in this application, all other embodiments obtained by those skilled in the art without creative work shall fall within the protection scope of this application.
目前,现有技术中,多通过链路的质量参数来判断该链路的品质,例如,针对应用的延迟做一个判断等等。但是有些情况是无法判断延迟性的,如在网络完全不通时,是无法针对TCP(Transmission Control Protocol,传输控制协议)交互来统计延迟数据,因此在遇到网络完全不通的时候,就无法做到一个完美的网络分配。At present, in the prior art, the quality of the link is usually judged by the quality parameter of the link, for example, a judgment is made for the delay of the application and so on. However, in some cases, the delay cannot be judged. For example, when the network is completely disconnected, it is impossible to count the delay data for TCP (Transmission Control Protocol) interaction. Therefore, when the network is completely disconnected, it cannot be done. A perfect network distribution.
此外,还有的方案是针对TCP本身就有统计每个TCP流的RTT(Round Trip Time,往返传输时间)时间,通过统计这些RTT时间,也可以判断出当前的网络质量,RTT越高代表该网络质量越差。但是这种方式也具有一定的局限性,例如,在当前手游盛行的时代,由于大多数的手游实现方式都是使用UDP(User Datagram Protocol,用户数据报协议)的协议去实现,使得统计RTT时间的技术仅限于侦测TCP类型的封包,并无法针对UDP类型的封包做判断,这是因为UDP协议不具备所谓的RTT时间,因此,对于UDP协议的情形,则难以通过统计RTT时间的方式来判断链路的品质。In addition, there are other solutions that count the RTT (Round Trip Time) time of each TCP stream for the TCP itself. By counting these RTT times, the current network quality can also be judged. The higher the RTT, the higher the RTT. The worse the network quality. However, this method also has certain limitations. For example, in the current era of mobile games, most of the implementations of mobile games are implemented using UDP (User Datagram Protocol, User Datagram Protocol) protocol to achieve statistics. The RTT time technology is limited to detecting TCP-type packets, and cannot be judged for UDP-type packets. This is because the UDP protocol does not have the so-called RTT time. Therefore, in the case of the UDP protocol, it is difficult to count the RTT time. Way to judge the quality of the link.
基于此,本申请实施例提供的一种数据包的转发方法、装置及网络设备,可以有效缓解上述技术问题。Based on this, the data packet forwarding method, device, and network equipment provided by the embodiments of the present application can effectively alleviate the above-mentioned technical problems.
为便于对本实施例进行理解,首先对本申请实施例所公开的一种数据包的转发方法进行详细介绍。In order to facilitate the understanding of this embodiment, a method for forwarding a data packet disclosed in the embodiment of the present application is first introduced in detail.
具体地,本申请实施例提供了一种数据包的转发方法,该方法应用于网络设备,如图1所示的一种数据包的转发方法的流程图,该方法包括以下步骤。Specifically, an embodiment of the present application provides a method for forwarding a data packet, which is applied to a network device, as shown in FIG. 1 is a flowchart of a method for forwarding a data packet, and the method includes the following steps.
步骤S102,获取网络设备接收的网络封包,判断该网络封包是否为异常封包。Step S102: Obtain the network packet received by the network device, and determine whether the network packet is an abnormal packet.
步骤S104,如果是,为异常封包设置异常标识。Step S104, if yes, set an abnormality flag for the abnormal packet.
具体地,本申请实施例中的网络封包,指的是在网络中用指定的协议传输的数据包,如,ICMP(Internet Control Message Protocol,Internet控制报文协议)封包、DNS(域名系统服务协议,Domain Name System)封包、游戏封包等等,这些封包在网络链路中传输时都遵循一定的网络协议,并携带相应的封包信息,如,协议类型、身份标识、IP地址等等,上述步骤S102中的异常封包的判断过程,则可以根据相应的封包信息实现,进而判断出是否为异常封包,并在判断出为异常封包的情况下,继续执行下述步骤S106,对异常封包进行转发。Specifically, the network packet in the embodiment of this application refers to a data packet transmitted in a network using a specified protocol, such as ICMP (Internet Control Message Protocol, Internet Control Message Protocol) packet, DNS (Domain Name System Service Protocol) , Domain Name System) packets, game packets, etc., these packets follow a certain network protocol when they are transmitted on the network link, and carry corresponding packet information, such as protocol type, identification, IP address, etc., the above steps The judging process of the abnormal packet in S102 can be realized according to the corresponding packet information, and then judge whether it is an abnormal packet, and if it is judged to be an abnormal packet, continue to execute the following step S106 to forward the abnormal packet.
步骤S106,在预设的路由表中查找与异常标识对应的路由信息,根据查找到的路由信息对网络封包进行转发。Step S106, searching for routing information corresponding to the abnormal identifier in the preset routing table, and forwarding the network packet according to the found routing information.
具体地,该预设的路由表,通常是预先存储在网络设备中的路由表,包括异常标识,以及,与异常标识对应的路由信息,以便于在查找到相应的路由信息时,能够根据查找到的路由信息确定出该异常封包的下一跳,以便于进行异常封包的转发。Specifically, the preset routing table is usually a routing table pre-stored in the network device, including an abnormal identifier and routing information corresponding to the abnormal identifier, so that when the corresponding routing information is found, it can be based on the search The arrived routing information determines the next hop of the abnormal packet to facilitate the forwarding of the abnormal packet.
本申请实施例提供的数据包的转发方法,能够获取到网络设备接收的网络封包,并在判断出网络封包为异常封包时,为异常封包设置异常标识;进而在预设的路由表中查找与该异常标识对应的路由信息,根据查找到的路由信息对网络封包进行转发,上述为异常封包查找路由信息的方式,能够在网 络封包出现异常时,仍然能够对网络封包进行转发,进而保证网络的顺畅,提高用户的体验度。The data packet forwarding method provided by the embodiment of the application can obtain the network packet received by the network device, and when it is determined that the network packet is an abnormal packet, set an abnormal identifier for the abnormal packet; The routing information corresponding to the abnormal identifier is forwarded to the network packet according to the found routing information. The above is the method of searching routing information for the abnormal packet, which can still forward the network packet when the network packet is abnormal, thereby ensuring the network's integrity Smooth, improve user experience.
在实际使用时,上述网络设备通常包括连接到网络中的物理实体设备,如交换机、网桥、路由器、网关等等,并且,为了给用户提供安全的网络使用环境,网络设备通常配置有防火墙架构,而防火墙架构一般包括多个检测节点,每个检测节点还注册有预设的回调函数,多个检测节点依次连接,以组成网络封包的传播链路。In actual use, the above-mentioned network equipment usually includes physical physical equipment connected to the network, such as switches, bridges, routers, gateways, etc., and, in order to provide users with a safe network environment, the network equipment is usually configured with a firewall architecture , And the firewall architecture generally includes multiple detection nodes, each detection node is also registered with a preset callback function, and multiple detection nodes are connected in sequence to form a network packet propagation link.
为了便于理解,图2示出了一种防火墙架构的示意图,具体地,本申请实施例中以该防火墙架构为Linux kernel netfilter防火墙架构为例进行说明,该防火墙架构相当于是一个过滤器架构,能够对接收到的网络封包进行分析处理,具体地,该防火墙架构是基于netfilter防火墙技术实现的,可以在内核kernel端实现所有封包的进出。具体实现时,该防火墙架构在网络封包的收发及路由的链路上,可以有多个节点,本申请实施例中的检测节点,则是多个节点中的部分或者全部的节点,以实现本申请实施例提供的数据包的转发方法。For ease of understanding, FIG. 2 shows a schematic diagram of a firewall architecture. Specifically, in the embodiment of the present application, the firewall architecture is Linux kernel netfilter firewall architecture as an example for description. The firewall architecture is equivalent to a filter architecture. Analyze and process the received network packets. Specifically, the firewall architecture is implemented based on the netfilter firewall technology, which can implement all packets in and out on the kernel side. In specific implementation, the firewall architecture may have multiple nodes on the link for sending, receiving, and routing network packets. The detection node in the embodiment of the present application is a part or all of the multiple nodes to achieve this The data packet forwarding method provided in the application embodiment.
在实际使用时,该Netfilter防火墙通常是Linux操作系统核心层内部的一个数据包处理模块,通常具有如下功能:网络地址转换、数据包内容修改,以及数据包过滤等等,而上述节点也称为挂载点,或者,回调函数点,以便于挂载注册的回调函数,当网络封包到达这些位置的时候,可以主动调用回头调数,以便于能在网络封包路由的时候改变路由方向。具体地,如图2所示,Linux kernel netfilter防火墙架构的节点包括PRE_ROUTING、LOCAL_IN、LOCAL_OUT、FORWARD、POST_ROUTING等,而本申请实施例中,判断网络封包的异常,以及,对网络封包的转发过程,都是基于这些节点实现的。因此,在图1和图2的基础上,图3还示出了另一种数据包的转发方法的流程图,对本申请实施例的数据转发过程进行进一步的说明,如图3所示,包括以下步骤。In actual use, the Netfilter firewall is usually a data packet processing module inside the core layer of the Linux operating system, which usually has the following functions: network address translation, data packet content modification, and data packet filtering, etc., and the above nodes are also called Mount point, or callback function point, in order to mount the registered callback function. When the network packet arrives at these locations, you can actively call back to adjust the number, so that the routing direction can be changed when the network packet is routed. Specifically, as shown in Figure 2, the nodes of the Linux kernel netfilter firewall architecture include PRE_ROUTING, LOCAL_IN, LOCAL_OUT, FORWARD, POST_ROUTING, etc., and in the embodiment of this application, the abnormality of the network packet is judged, and the process of forwarding the network packet, All are based on these nodes. Therefore, on the basis of FIG. 1 and FIG. 2, FIG. 3 also shows a flowchart of another data packet forwarding method, which further explains the data forwarding process of the embodiment of the present application, as shown in FIG. 3, including The following steps.
步骤S302,获取网络设备接收的网络封包。Step S302: Obtain the network packet received by the network device.
具体地,基于图2所示的防火墙架构,网络封包可以在二层处理模块进入到该网络设备,然后按照箭头所指的方向沿着传播链路传输到下一个节点,以进一步执行后面的步骤。Specifically, based on the firewall architecture shown in Figure 2, network packets can enter the network device in the layer 2 processing module, and then be transmitted along the propagation link to the next node in the direction indicated by the arrow to further perform the following steps .
步骤S304,提取网络封包的封包信息;其中,封包信息包括以下至少之一:协议类型和身份ID。Step S304: Extract the packet information of the network packet; where the packet information includes at least one of the following: protocol type and identity ID.
步骤S306,根据封包信息判断该网络封包是否为异常封包。Step S306: Determine whether the network packet is an abnormal packet according to the packet information.
步骤S308,如果是,为异常封包设置异常标识。Step S308, if yes, set an exception flag for the abnormal packet.
在实际使用时,考虑到网络封包的协议类型可以有多种,因此,对于不同协议类型的网络封包,在判断是否为异常封包时,其判断过程也有一定的区别,具体地,如果网络封包的协议类型为ICMP封包,则在提取到封包信息之后,可以获取该ICMP封包的类别标识;然后判断该类别标识是否为预设的异常标识;如果是,则确定网络封包为异常封包。In actual use, considering that there can be multiple types of network packets If the protocol type is an ICMP packet, after extracting the packet information, the category identifier of the ICMP packet can be obtained; then it is determined whether the category identifier is a preset abnormal identifier; if it is, the network packet is determined to be an abnormal packet.
进一步,为了便于判断该ICMP封包是否为异常封包,网络设备中一般预先存储有ICMP封包的类别标识的对照表,以便于在提取到网络封包的封包信息时,通过查询的方式判断该类别标识是否为异常标识,进而确定出ICMP封包是否为异常封包。Further, in order to facilitate the judgment of whether the ICMP packet is an abnormal packet, a comparison table of the type identification of the ICMP packet is generally pre-stored in the network equipment, so that when the packet information of the network packet is extracted, it is judged whether the type identification is It is an abnormal identification, and then it is determined whether the ICMP packet is an abnormal packet.
为了便于理解,表1示出了一种ICMP封包的类别标识的对照表,如表1所示:For ease of understanding, Table 1 shows a comparison table of the category identifiers of ICMP packets, as shown in Table 1:
Message TypeMessage Type ICMP讯息功能ICMP message function
00 Echo Reply回显应答Echo Reply
33 Destination Unreachable目的地无法到达Destination Unreachable
44 Source quench来源抑制Source quench
55 Redirect改变传输路径Redirect changes the transmission path
88 Echo request回显请求Echo request
1111 Time Exceeded for a datagram溢时传输Time Exceeded for a datagram overflow transmission
1212 Parametre Problem On a datagram参数问题Parametre Problem On a datagram parameter problem
1313 Timestamp request时间标签要求Timestamp request time label requirements
1414 Timestamp reply时间标签回复Timestamp reply
1515 Information request资讯要求Information request
1616 Information reply资讯回复Information reply
1717 Address mask request地址掩码请求Address mask request
1818 Address mask reply地址掩码应答Address mask reply Address mask reply
其中,上述表1中,第一列的Message Type为类别标识,第二列为对应的ICMP讯息功能,通常,如果步骤S304中提取到的ICMP封包的类别标识为第一列中的类别标识,则可以确定该ICMP封包为异常封包,然后继续执行步骤S308,为异常封包设置异常标识,如果步骤S304中提取到的ICMP封包的类别标识并不是表1中第一列中的任何一个类别标识,则说明该ICMP封包为正常的网络封包,则按照图2所示的传播链路正常转发即可,此时防火墙架构的各个节点按照常规的处理方式对网络封包进行处理和转发。Among them, in the above Table 1, the Message Type in the first column is the category identifier, and the second column is the corresponding ICMP message function. Generally, if the category identifier of the ICMP packet extracted in step S304 is the category identifier in the first column, It can be determined that the ICMP packet is an abnormal packet, and then continue to step S308 to set an abnormality identifier for the abnormal packet. If the category identifier of the ICMP packet extracted in step S304 is not any of the category identifiers in the first column of Table 1, It means that the ICMP packet is a normal network packet, and it can be forwarded normally according to the propagation link shown in Figure 2. At this time, each node of the firewall architecture processes and forwards the network packet according to the conventional processing method.
应当理解,表1示出的仅仅是一种可行的ICMP封包的类别标识的对照表,在其他实施方式中,该对照表的内容可以根据实际使用情况进行设置,如类别标识还可以有其他的标识,或者去掉一些已停用的标识等等,具体根据实际使用情况进行设置,本申请实施例对此不进行限制。It should be understood that what Table 1 shows is only a feasible comparison table for the category identifiers of ICMP packets. In other embodiments, the content of the comparison table can be set according to actual usage. For example, there may be other types of category identifiers. The logo, or remove some disabled logos, etc., are specifically set according to actual usage conditions, which are not limited in the embodiments of the present application.
在实际使用时,基于图2所示的防火墙架构,上述对ICMP封包的处理过程可以在PRE_ROUTING节点实现,此时PRE_ROUTING节点作为本申请实施例的一个检测节点,可以对ICMP封包的类别标识进行检测,进而确定该ICMP封包是否为异常封包。In actual use, based on the firewall architecture shown in Figure 2, the above processing of ICMP packets can be implemented in the PRE_ROUTING node. At this time, the PRE_ROUTING node is used as a detection node in the embodiment of the present application, which can detect the category identifier of the ICMP packet. , And then determine whether the ICMP packet is an abnormal packet.
进一步,如果上述网络封包的协议类型为DNS封包,则获取DNS封包的DNS代码;并判断该DNS代码是否为预设的异常代码;如果是,则确定该网络封包为异常封包。Further, if the protocol type of the network packet is a DNS packet, the DNS code of the DNS packet is obtained; and it is determined whether the DNS code is a preset abnormal code; if it is, it is determined that the network packet is an abnormal packet.
具体实现时,上述网络设备也会预先存储DNS封包的异常代码表当通过封包信息的协议类型判断出该网络封包为DNS封包时,则可以进一步获取该DNS封包的DNS代码,并通过查询异常代码表来确定该DNS封包是否为异常封包。In specific implementation, the above-mentioned network device will also pre-store the abnormal code table of the DNS packet. When it is determined that the network packet is a DNS packet based on the protocol type of the packet information, it can further obtain the DNS code of the DNS packet and query the abnormal code Table to determine whether the DNS packet is an abnormal packet.
进一步,上述DNS代码通常指DNS封包中的RCODE,上述对DNS封包的处理过程,也可以在图2所示的防火墙架构的PRE_ROUTING节点实现,此时PRE_ROUTING节点仍然是本申请实施例的一个检测节点,可以对DNS封包的DNS代码进行检测,进而确定该DNS封包是否为异常封包。Further, the above DNS code usually refers to the RCODE in the DNS packet. The above processing process for the DNS packet can also be implemented in the PRE_ROUTING node of the firewall architecture shown in FIG. 2. At this time, the PRE_ROUTING node is still a detection node in the embodiment of the present application. , The DNS code of the DNS packet can be checked to determine whether the DNS packet is an abnormal packet.
此外,本申请实施例提供的数据包的转发方法,还可以对游戏封包进行处理,具体地,如果上述网络封包的身份ID为游戏封包,则判断接收该游戏封包的时间间隔是否大于预设的时间间隔;如果是,则确定网络封包为异常封包。In addition, the data packet forwarding method provided by the embodiment of the application can also process game packets. Specifically, if the identity ID of the above network packet is a game packet, it is determined whether the time interval for receiving the game packet is greater than the preset Time interval; if it is, it is determined that the network packet is an abnormal packet.
具体地,以手游的游戏封包为例,现在的手游本身大多数也具备侦测网络等待时间的功能,主要是透过常见的几种方式来侦测,如,建立特殊的UDP端口来专门定时收送游戏封包、或者定时发送固定大小的游戏封包等等。而本申请实施例则利用Linux kernel netfilter防火墙架构,在kernel端监控所有游戏封包的进出,因此,本申请实施例中,可以通过上述步骤S304~步骤S306,在kernel端通过判断身份ID来判断出哪些网络封包为手游应用的游戏封包,具体地,可以通过每款游戏的特殊定时监测行为来判断出当前网络是否异常,如,通过特殊定时监测行为来判断接收该游戏封包的时间间隔是否大于预设的时间间隔等等。若大于预设的时间间隔,则说明网络异常,此时接收的网络封包为异常封包,此时,可以将接下来的网络封包,打上不同的mark值,透过匹配不同的mark值,查询不同的路由表,使数据包可以走不同的接口访问网络。Specifically, taking the game packets of mobile games as an example, most of the current mobile games themselves also have the function of detecting network latency, mainly through several common methods, such as establishing a special UDP port. Specially send and receive game packets regularly, or send fixed-size game packets regularly, and so on. The embodiment of this application uses the Linux kernel netfilter firewall architecture to monitor the entry and exit of all game packets on the kernel side. Therefore, in this embodiment of the application, the above steps S304 to S306 can be used to determine the identity ID on the kernel side. Which network packets are game packets for mobile game applications? Specifically, you can determine whether the current network is abnormal through the special timing monitoring behavior of each game. For example, through the special timing monitoring behavior to determine whether the time interval for receiving the game packet is greater than The preset time interval and so on. If it is greater than the preset time interval, it means that the network is abnormal. At this time, the received network packet is an abnormal packet. At this time, the next network packet can be marked with different mark values, and different mark values can be matched to query different ones. The routing table allows data packets to go to different interfaces to access the network.
具体地,基于图2所示的防火墙架构,上述对游戏封包的处理过程,可以在图2中的LOCAL_IN节点进行,网络封包通过图2中的数据包入口进入 到网络设备之后,可以沿着传播链路经PRE_ROUTING节点传输至LOCAL_IN节点,进而在该LOCAL_IN节点判断接收游戏封包的时间间隔是否大于预设的时间间隔,如果是,则确定网络封包为异常封包。Specifically, based on the firewall architecture shown in Figure 2, the above processing of game packets can be performed at the LOCAL_IN node in Figure 2. After the network packets enter the network device through the data packet entry in Figure 2, they can be propagated along The link is transmitted to the LOCAL_IN node via the PRE_ROUTING node, and the LOCAL_IN node determines whether the time interval for receiving the game packet is greater than the preset time interval, and if so, it is determined that the network packet is an abnormal packet.
此外,对于游戏封包,还可以透过该游戏封包携带的封包信息判断游戏类型,由此来检测该游戏是否发送特殊的UDP封包行为,若侦测到定时发送的行为,就可以藉由这样的行为来判断每个封包的间格时间是否规律。假如不规律,代表当时网络环境可能较差,导致封包丢失或者延迟。举例:A游戏应用,每3秒会发送一个长度为60的封包,所以我们在kernel端应该可以监控到每3秒会有一个长度为60的udp封包接收进来。若突然这个间格时间拉长了或者丢失了,我们就可以判断为网络质量差导致延迟,此时,则可以继续执行下述步骤S310,对游戏封包进行转发,来保持游戏体验。In addition, for game packets, the game type can also be determined through the packet information carried in the game packet, so as to detect whether the game sends a special UDP packet behavior. If the timing sending behavior is detected, you can use this Behavior to determine whether the interval time of each packet is regular. If it is irregular, it means that the network environment may be poor at that time, leading to packet loss or delay. Example: A game application sends a 60-length packet every 3 seconds, so we should be able to monitor on the kernel side that a 60-length udp packet is received every 3 seconds. If suddenly the interval time is prolonged or lost, we can judge that the network quality is poor and the delay is caused. At this time, we can continue to perform the following step S310 to forward the game packet to maintain the game experience.
步骤S310,在预设的路由表中查找与异常标识对应的路由信息,根据查找到的路由信息对所述网络封包进行转发。In step S310, the routing information corresponding to the abnormal identifier is searched in the preset routing table, and the network packet is forwarded according to the searched routing information.
具体地,该步骤中,根据查找到的路由信息对网络封包进行转发的步骤包括:根据查找到的路由信息将网络设备当前使用的第一网络切换至备用的第二网络;通过第二网络按照路由信息对网络封包进行转发。Specifically, in this step, the step of forwarding the network packet according to the found routing information includes: switching the first network currently used by the network device to the backup second network according to the found routing information; The routing information forwards network packets.
在实际使用时,上述在第一网络和第二网络可以是无线wifi网络和电信数据网络,因此,第一网络切换至备用的第二网络,可以是无线wifi网络切换至电信数据网络。上述在第一网络和第二网络还可以是5G电信数据网络和4G电信数据网络,因此,第一网络切换至备用的第二网络,可以是无线5G电信数据网络切换至4G电信数据网络。In actual use, the above-mentioned first network and second network may be a wireless wifi network and a telecommunication data network. Therefore, the first network is switched to the standby second network, which may be the wireless wifi network is switched to the telecommunication data network. The above-mentioned first and second networks may also be 5G telecommunication data networks and 4G telecommunication data networks. Therefore, the switching of the first network to the backup second network may be the switching of the wireless 5G telecommunication data network to the 4G telecommunication data network.
进一步,将网络设备当前使用的第一网络切换至备用的第二网络之后,还可以继续记录通过第二网络转发的网络封包的数量;如果第二网络转发的网络封包的数量超过预设的数量阈值,还可以进一步将第二网络切换至第一网络,即,实现无线wifi网络和电信数据网络之间进行切换,或实现5G电信数据网络和4G电信数据网络之间进行切换。Further, after switching the first network currently used by the network device to the backup second network, the number of network packets forwarded through the second network can be continued to be recorded; if the number of network packets forwarded by the second network exceeds the preset number Threshold, the second network can be further switched to the first network, that is, switching between a wireless wifi network and a telecommunication data network, or switching between a 5G telecommunication data network and a 4G telecommunication data network can be realized.
在实际使用时,上述切换过程相当是退场机制,以免网络切换到第二个网络后,就无法返回第一个网络接口做传送,具体实现时,可以在每10个或20个封包/DNS query/传送中,自动切回的一个接口尝试做传送。若第一个接口有正常交互,则可以将之后的网络封包切回第一网络进行发送。若第一网络依旧异常,则继续保持使用第二网络接口发送网络封包,以此来保持网络发送正常。In actual use, the above switching process is quite an exit mechanism, so as not to return to the first network interface for transmission after the network is switched to the second network, it can be implemented every 10 or 20 packets/DNS query / During transmission, an interface automatically switched back to try to transmit. If there is normal interaction on the first interface, the subsequent network packets can be switched back to the first network for transmission. If the first network is still abnormal, continue to use the second network interface to send network packets, so as to keep the network sending normally.
进一步,在上述实施例的基础上,本申请实施例还提供了一种数据包的转发装置,应用于网络设备,如图4所示的一种数据包的转发装置的结构示意图,该装置包括以下模块。Further, on the basis of the above-mentioned embodiment, an embodiment of the present application also provides a data packet forwarding device, which is applied to network equipment. As shown in FIG. 4, a schematic structural diagram of a data packet forwarding device includes The following modules.
判断模块40,用于获取所述网络设备接收的网络封包,判断所述网络封包是否为异常封包。The judging module 40 is configured to obtain the network packet received by the network device, and determine whether the network packet is an abnormal packet.
设置模块42,用于所述判断模块的判断结果为是时,为所述异常封包设置异常标识。The setting module 42 is configured to set an abnormality identifier for the abnormal packet when the judgment result of the judgment module is yes.
转发模块44,用于在预设的路由表中查找与所述异常标识对应的路由信息,根据查找到的所述路由信息对所述网络封包进行转发。The forwarding module 44 is configured to search for routing information corresponding to the abnormal identifier in a preset routing table, and forward the network packet according to the searched routing information.
本申请实施例提供的数据包的转发装置,与上述实施例提供的数据包的转发方法具有相同的技术特征,所以也能解决相同的技术问题,达到相同的技术效果。The data packet forwarding device provided in the embodiment of the present application has the same technical features as the data packet forwarding method provided in the foregoing embodiment, so it can also solve the same technical problem and achieve the same technical effect.
进一步,本申请实施例还提供了一种网络设备,包括存储器、处理器及存储在所述存储器上并可在所述处理器上运行的计算机程序,该处理器执行所述计算机程序时实现上述图1或图3所述的方法。Further, an embodiment of the present application also provides a network device, including a memory, a processor, and a computer program stored on the memory and capable of running on the processor, and the processor implements the foregoing when the computer program is executed. The method described in Figure 1 or Figure 3.
进一步,本申请实施例还提供了一种网络设备的结构示意图,如图5所示,为该网络设备的结构示意图,其中,该网络设备包括处理器101和存储器100,该存储器100存储有能够被该处理器101执行的计算机可执行指令,该处理器101执行该计算机可执行指令以实现上述数据包的转发方法。Further, an embodiment of the present application also provides a schematic structural diagram of a network device. As shown in FIG. 5, it is a schematic structural diagram of the network device. The network device includes a processor 101 and a memory 100, and the memory 100 stores A computer-executable instruction executed by the processor 101, and the processor 101 executes the computer-executable instruction to implement the foregoing data packet forwarding method.
在图5示出的实施方式中,该网络设备还包括总线102和通信接口103, 其中,处理器101、通信接口103和存储器100通过总线102连接。In the embodiment shown in FIG. 5, the network device further includes a bus 102 and a communication interface 103, where the processor 101, the communication interface 103, and the memory 100 are connected through the bus 102.
其中,存储器100可能包含高速随机存取存储器(RAM,Random Access Memory),也可能还包括非不稳定的存储器(non-volatile memory),例如至少一个磁盘存储器。通过至少一个通信接口103(可以是有线或者无线)实现该系统网元与至少一个其他网元之间的通信连接,可以使用互联网,广域网,本地网,城域网等。总线102可以是ISA(Industry Standard Architecture,工业标准体系结构)总线、PCI(Peripheral Component Interconnect,外设部件互连标准)总线或EISA(Extended Industry Standard Architecture,扩展工业标准结构)总线等。所述总线102可以分为地址总线、数据总线、控制总线等。为便于表示,图5中仅用一个双向箭头表示,但并不表示仅有一根总线或一种类型的总线。The memory 100 may include a high-speed random access memory (RAM, Random Access Memory), and may also include a non-volatile memory (non-volatile memory), such as at least one disk memory. The communication connection between the system network element and at least one other network element is realized through at least one communication interface 103 (which may be wired or wireless), and the Internet, a wide area network, a local network, a metropolitan area network, etc. may be used. The bus 102 may be an ISA (Industry Standard Architecture) bus, a PCI (Peripheral Component Interconnect, peripheral component interconnection standard) bus, or an EISA (Extended Industry Standard Architecture) bus or the like. The bus 102 can be divided into an address bus, a data bus, a control bus, and the like. For ease of presentation, only one bidirectional arrow is used to indicate in FIG. 5, but it does not mean that there is only one bus or one type of bus.
处理器101可能是一种集成电路芯片,具有信号的处理能力。在实现过程中,上述方法的各步骤可以通过处理器101中的硬件的集成逻辑电路或者软件形式的指令完成。上述的处理器101可以是通用处理器,包括中央处理器(Central Processing Unit,简称CPU)、网络处理器(Network Processor,简称NP)等;还可以是数字信号处理器(Digital Signal Processor,简称DSP)、专用集成电路(Application Specific Integrated Circuit,简称ASIC)、现场可编程门阵列(Field-Programmable Gate Array,简称FPGA)或者其他可编程逻辑器件、分立门或者晶体管逻辑器件、分立硬件组件。通用处理器可以是微处理器或者该处理器也可以是任何常规的处理器等。结合本申请实施例所公开的方法的步骤可以直接体现为硬件译码处理器执行完成,或者用译码处理器中的硬件及软件模块组合执行完成。软件模块可以位于随机存储器,闪存、只读存储器,可编程只读存储器或者电可擦写可编程存储器、寄存器等本领域成熟的存储介质中。该存储介质位于存储器,处理器101读取存储器中的信息,结合其硬件完成前述实施例的数据包的转发方法的步骤。The processor 101 may be an integrated circuit chip with signal processing capabilities. In the implementation process, the steps of the foregoing method may be completed by an integrated logic circuit of hardware in the processor 101 or instructions in the form of software. The aforementioned processor 101 may be a general-purpose processor, including a central processing unit (Central Processing Unit, CPU for short), a network processor (Network Processor, NP), etc.; it may also be a digital signal processor (Digital Signal Processor, DSP for short), etc. ), Application Specific Integrated Circuit (ASIC), Field-Programmable Gate Array (FPGA) or other programmable logic devices, discrete gates or transistor logic devices, discrete hardware components. The general-purpose processor may be a microprocessor or the processor may also be any conventional processor or the like. The steps of the method disclosed in the embodiments of the present application may be directly embodied as being executed and completed by a hardware decoding processor, or executed and completed by a combination of hardware and software modules in the decoding processor. The software module can be located in a mature storage medium in the field, such as random access memory, flash memory, read-only memory, programmable read-only memory, or electrically erasable programmable memory, registers. The storage medium is located in the memory, and the processor 101 reads the information in the memory, and completes the steps of the data packet forwarding method of the foregoing embodiment in combination with its hardware.
进一步,本申请实施例还提供一种计算机可读存储介质,所述计算机可 读存储介质上存储有计算机程序,所述计算机程序被处理器运行时执行上述图1或图3所示的方法。Further, an embodiment of the present application also provides a computer-readable storage medium, and the computer-readable storage medium stores a computer program, and the computer program executes the method shown in FIG. 1 or FIG. 3 when the computer program is run by a processor.
本申请实施例所提供的数据包的转发方法、装置及网络设备的计算机程序产品,包括存储了程序代码的计算机可读存储介质,所述程序代码包括的指令可用于执行前面方法实施例中所述的方法,具体实现可参见方法实施例,在此不再赘述。The data packet forwarding method, device, and computer program product of the network device provided by the embodiments of the present application include a computer-readable storage medium storing program code, and the instructions included in the program code can be used to execute the instructions in the previous method embodiments. For the specific implementation of the method described above, please refer to the method embodiment, which will not be repeated here.
所属领域的技术人员可以清楚地了解到,为描述的方便和简洁,上述描述的网络设备和装置的具体工作过程,可以参考前述方法实施例中的对应过程,在此不再赘述。Those skilled in the art can clearly understand that, for the convenience and conciseness of description, the specific working process of the network equipment and device described above can refer to the corresponding process in the foregoing method embodiment, which will not be repeated here.
另外,在本申请实施例的描述中,除非另有明确的规定和限定,术语“安装”、“相连”、“连接”应做广义理解,例如,可以是固定连接,也可以是可拆卸连接,或一体地连接;可以是机械连接,也可以是电连接;可以是直接相连,也可以通过中间媒介间接相连,可以是两个元件内部的连通。对于本领域技术人员而言,可以具体情况理解上述术语在本申请中的具体含义。In addition, in the description of the embodiments of the present application, unless otherwise clearly specified and limited, the terms "installed", "connected", and "connected" should be understood in a broad sense, for example, it may be a fixed connection or a detachable connection. , Or integrally connected; it can be a mechanical connection or an electrical connection; it can be directly connected or indirectly connected through an intermediate medium, and it can be the internal communication between two components. For those skilled in the art, the specific meaning of the above-mentioned terms in this application can be understood under specific circumstances.
所述功能如果以软件功能单元的形式实现并作为独立的产品销售或使用时,可以存储在一个计算机可读取存储介质中。基于这样的理解,本申请的技术方案本质上或者说对现有技术做出贡献的部分或者该技术方案的部分可以以软件产品的形式体现出来,该计算机软件产品存储在一个存储介质中,包括若干指令用以使得一台计算机设备(可以是个人计算机,服务器,或者网络设备等)执行本申请各个实施例所述方法的全部或部分步骤。而前述的存储介质包括:U盘、移动硬盘、只读存储器(ROM,Read-Only Memory)、随机存取存储器(RAM,Random Access Memory)、磁碟或者光盘等各种可以存储程序代码的介质。If the function is implemented in the form of a software functional unit and sold or used as an independent product, it can be stored in a computer readable storage medium. Based on this understanding, the technical solution of this application essentially or the part that contributes to the existing technology or the part of the technical solution can be embodied in the form of a software product, and the computer software product is stored in a storage medium, including Several instructions are used to make a computer device (which may be a personal computer, a server, or a network device, etc.) execute all or part of the steps of the methods described in the various embodiments of the present application. The aforementioned storage media include: U disk, mobile hard disk, read-only memory (ROM, Read-Only Memory), random access memory (RAM, Random Access Memory), magnetic disks or optical disks and other media that can store program codes. .
在本申请的描述中,需要说明的是,术语“第一”、“第二”、“第三”仅用于描述,而不能理解为指示或暗示相对重要性。In the description of this application, it should be noted that the terms "first", "second", and "third" are only used for description, and cannot be understood as indicating or implying relative importance.
最后应说明的是:以上实施例,仅为本申请的具体实施方式,用以说明 本申请的技术方案,而非对其限制,本申请的保护范围并不局限于此,尽管参照前述实施例对本申请进行了详细的说明,本领域技术人员应当理解:任何熟悉本技术领域的技术人员在本申请揭露的技术范围内,其依然可以对前述实施例所记载的技术方案进行修改或可轻易想到变化,或者对其中部分技术特征进行等同替换;而这些修改、变化或者替换,并不使相应技术方案的本质脱离本申请实施例技术方案的精神和范围,都应涵盖在本申请的保护范围之内。因此,本申请的保护范围应以权利要求的保护范围为准。Finally, it should be noted that the above examples are only specific implementations of the application, which are used to illustrate the technical solutions of the application, not to limit it. The protection scope of the application is not limited thereto, although referring to the foregoing examples This application has been described in detail, and those skilled in the art should understand that any person skilled in the art within the technical scope disclosed in this application can still modify the technical solutions described in the foregoing embodiments or can easily imagine Changes, or equivalent replacements of some of the technical features; these modifications, changes, or replacements do not cause the essence of the corresponding technical solutions to deviate from the spirit and scope of the technical solutions of the embodiments of this application, and should be covered by the scope of protection of this application Inside. Therefore, the protection scope of this application shall be subject to the protection scope of the claims.

Claims (11)

  1. 一种数据包的转发方法,其中,应用于网络设备,所述方法包括:A method for forwarding data packets, wherein, when applied to a network device, the method includes:
    获取所述网络设备接收的网络封包,判断所述网络封包是否为异常封包;Acquiring the network packet received by the network device, and determining whether the network packet is an abnormal packet;
    如果是,为所述异常封包设置异常标识;If yes, set an exception identifier for the abnormal packet;
    在预设的路由表中查找与所述异常标识对应的路由信息,根据查找到的所述路由信息对所述网络封包进行转发。The routing information corresponding to the abnormal identifier is searched in a preset routing table, and the network packet is forwarded according to the searched routing information.
  2. 根据权利要求1所述的方法,其中,所述网络设备配置有防火墙架构,所述防火墙架构包括多个检测节点,每个所述检测节点注册有预设的回调函数,多个所述检测节点依次连接,以组成所述网络封包的传播链路。The method according to claim 1, wherein the network device is configured with a firewall architecture, the firewall architecture includes a plurality of detection nodes, each of the detection nodes is registered with a preset callback function, and a plurality of the detection nodes Connect sequentially to form the propagation link of the network packet.
  3. 根据权利要求2所述的方法,其中,判断所述网络封包是否为异常封包的步骤包括:The method according to claim 2, wherein the step of determining whether the network packet is an abnormal packet comprises:
    提取所述网络封包的封包信息;其中,所述封包信息包括以下至少之一:协议类型和身份ID;Extract the packet information of the network packet; wherein, the packet information includes at least one of the following: protocol type and identity ID;
    根据所述封包信息判断所述网络封包是否为异常封包。Determine whether the network packet is an abnormal packet according to the packet information.
  4. 根据权利要求3所述的方法,其中,根据所述封包信息判断所述网络封包是否为异常封包的步骤包括:The method according to claim 3, wherein the step of judging whether the network packet is an abnormal packet according to the packet information comprises:
    如果所述网络封包的协议类型为ICMP封包,获取所述ICMP封包的类别标识;If the protocol type of the network packet is an ICMP packet, acquiring the category identifier of the ICMP packet;
    判断所述类别标识是否为预设的异常标识;Judging whether the category identifier is a preset abnormal identifier;
    如果是,确定所述网络封包为异常封包。If it is, it is determined that the network packet is an abnormal packet.
  5. 根据权利要求3所述的方法,其中,根据所述封包信息判断所述网络封包是否为异常封包的步骤包括:The method according to claim 3, wherein the step of judging whether the network packet is an abnormal packet according to the packet information comprises:
    如果所述网络封包的协议类型为DNS封包,获取所述DNS封包的DNS代码;If the protocol type of the network packet is a DNS packet, obtain the DNS code of the DNS packet;
    判断所述DNS代码是否为预设的异常代码;Judging whether the DNS code is a preset abnormal code;
    如果是,确定所述网络封包为异常封包。If it is, it is determined that the network packet is an abnormal packet.
  6. 根据权利要求3所述的方法,其中,根据所述封包信息判断所述网络封包是否为异常封包的步骤包括:The method according to claim 3, wherein the step of judging whether the network packet is an abnormal packet according to the packet information comprises:
    如果所述网络封包的身份ID为游戏封包,判断接收所述游戏封包的时间间隔是否大于预设的时间间隔;If the identity ID of the network packet is a game packet, determining whether the time interval for receiving the game packet is greater than a preset time interval;
    如果是,确定所述网络封包为异常封包。If it is, it is determined that the network packet is an abnormal packet.
  7. 根据权利要求1所述的方法,其中,根据查找到的所述路由信息对所述网络封包进行转发的步骤包括:The method according to claim 1, wherein the step of forwarding the network packet according to the found routing information comprises:
    根据查找到的所述路由信息将所述网络设备当前使用的第一网络切换至备用的第二网络;Switch the first network currently used by the network device to the backup second network according to the found routing information;
    通过所述第二网络按照所述路由信息对所述网络封包进行转发。The network packet is forwarded according to the routing information through the second network.
  8. 根据权利要求7所述的方法,其中,所述方法还包括:The method according to claim 7, wherein the method further comprises:
    将所述网络设备当前使用的第一网络切换至备用的第二网络之后,记录通过所述第二网络转发的所述网络封包的数量;After switching the first network currently used by the network device to the backup second network, recording the number of the network packets forwarded through the second network;
    如果所述第二网络转发的所述网络封包的数量超过预设的数量阈值,将所述第二网络切换至所述第一网络。If the number of the network packets forwarded by the second network exceeds a preset number threshold, the second network is switched to the first network.
  9. 一种数据包的转发装置,其中,应用于网络设备,所述装置包括:A data packet forwarding device, which is applied to network equipment, and the device includes:
    判断模块,用于获取所述网络设备接收的网络封包,判断所述网络封包是否为异常封包;The judgment module is used to obtain the network packet received by the network device, and judge whether the network packet is an abnormal packet;
    设置模块,用于所述判断模块的判断结果为是时,为所述异常封包设置异常标识;A setting module, which is used to set an abnormal identifier for the abnormal packet when the judgment result of the judgment module is yes;
    转发模块,用于在预设的路由表中查找与所述异常标识对应的路由信息,根据查找到的所述路由信息对所述网络封包进行转发。The forwarding module is configured to search for routing information corresponding to the abnormal identifier in a preset routing table, and forward the network packet according to the searched routing information.
  10. 一种网络设备,包括存储器、处理器及存储在所述存储器上并可在所述处理器上运行的计算机程序,其中,所述处理器执行所述计算机程序时实现上述权利要求1-8任一项所述的方法。A network device, comprising a memory, a processor, and a computer program stored on the memory and running on the processor, wherein the processor implements any of claims 1-8 when the computer program is executed. The method described in one item.
  11. 一种计算机可读存储介质,其中,所述计算机可读存储介质上存储 有计算机程序,所述计算机程序被处理器运行时执行上述权利要求1-8任一项所述的方法。A computer-readable storage medium, wherein a computer program is stored on the computer-readable storage medium, and when the computer program is run by a processor, the method according to any one of claims 1-8 is executed.
PCT/CN2021/102033 2020-06-24 2021-06-24 Data packet forwarding method and apparatus, and network device WO2021259352A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN202010595491.4 2020-06-24
CN202010595491.4A CN113839860A (en) 2020-06-24 2020-06-24 Data packet forwarding method and device and network equipment

Publications (1)

Publication Number Publication Date
WO2021259352A1 true WO2021259352A1 (en) 2021-12-30

Family

ID=78964994

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2021/102033 WO2021259352A1 (en) 2020-06-24 2021-06-24 Data packet forwarding method and apparatus, and network device

Country Status (2)

Country Link
CN (1) CN113839860A (en)
WO (1) WO2021259352A1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114584485A (en) * 2022-01-30 2022-06-03 阿里巴巴(中国)有限公司 Method, device, equipment and computer readable storage medium for detecting edge network quality
CN115396337A (en) * 2022-08-10 2022-11-25 广州天懋信息系统股份有限公司 Routing anomaly detection method, system, storage medium and electronic equipment

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102457430A (en) * 2010-10-20 2012-05-16 正文科技股份有限公司 Network package processing method and routing equipment
US20140211772A1 (en) * 2013-01-31 2014-07-31 Hon Hai Precision Industry Co., Ltd. Multi-wan device and method of updating routing table
CN105429880A (en) * 2014-09-03 2016-03-23 国基电子(上海)有限公司 Network equipment and method for performing router forwarding by network equipment
CN106972956A (en) * 2017-03-08 2017-07-21 北京航天自动控制研究所 The control method and device of the network equipment
CN107342979A (en) * 2017-06-02 2017-11-10 华为技术有限公司 Handle the method and terminal device of package
US10382321B1 (en) * 2017-03-28 2019-08-13 Juniper Networks, Inc. Aggregate link bundles in label switched paths

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8477804B2 (en) * 2007-03-02 2013-07-02 Hitachi, Ltd. ICMP translator
CN101355494B (en) * 2007-07-25 2011-12-07 华为技术有限公司 Transmission method, system and router based on BGP

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102457430A (en) * 2010-10-20 2012-05-16 正文科技股份有限公司 Network package processing method and routing equipment
US20140211772A1 (en) * 2013-01-31 2014-07-31 Hon Hai Precision Industry Co., Ltd. Multi-wan device and method of updating routing table
CN105429880A (en) * 2014-09-03 2016-03-23 国基电子(上海)有限公司 Network equipment and method for performing router forwarding by network equipment
CN106972956A (en) * 2017-03-08 2017-07-21 北京航天自动控制研究所 The control method and device of the network equipment
US10382321B1 (en) * 2017-03-28 2019-08-13 Juniper Networks, Inc. Aggregate link bundles in label switched paths
CN107342979A (en) * 2017-06-02 2017-11-10 华为技术有限公司 Handle the method and terminal device of package

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114584485A (en) * 2022-01-30 2022-06-03 阿里巴巴(中国)有限公司 Method, device, equipment and computer readable storage medium for detecting edge network quality
CN114584485B (en) * 2022-01-30 2023-10-31 阿里巴巴(中国)有限公司 Method, apparatus, device and computer readable storage medium for detecting edge network quality
CN115396337A (en) * 2022-08-10 2022-11-25 广州天懋信息系统股份有限公司 Routing anomaly detection method, system, storage medium and electronic equipment
CN115396337B (en) * 2022-08-10 2023-06-06 广州天懋信息系统股份有限公司 Routing anomaly detection method, system, storage medium and electronic equipment

Also Published As

Publication number Publication date
CN113839860A (en) 2021-12-24

Similar Documents

Publication Publication Date Title
WO2021259352A1 (en) Data packet forwarding method and apparatus, and network device
EP3570516B1 (en) Malicious attack detection method and apparatus
US10178029B2 (en) Forwarding of adaptive routing notifications
US8542684B2 (en) ARP packet processing method, communication system and device
CN107710680B (en) Method and device for sending network attack defense strategy and network attack defense
US7672245B2 (en) Method, device, and system for detecting layer 2 loop
CN106656857B (en) Message speed limiting method and device
CN104283882B (en) A kind of intelligent safety protection method of router
CN109586959B (en) Fault detection method and device
JP2004112791A (en) Method of measuring network operation parameter
US10771374B2 (en) Delay measurement method and device
CN110557342B (en) Apparatus for analyzing and mitigating dropped packets
EP2506506A1 (en) Method, apparatus and system for controlling network traffic switch
CN111064668B (en) Method and device for generating routing table entry and related equipment
CN110677340A (en) Message forwarding method and device
CN108512816B (en) Traffic hijacking detection method and device
WO2019096104A1 (en) Attack prevention
EP3566401B1 (en) Detecting and mitigating loops
JP3581345B2 (en) Packet transfer device and packet transfer method
WO2017219868A1 (en) Arp entry processing method and apparatus
CN110808967B (en) Detection method for challenging black hole attack and related device
CN112612670B (en) Session information statistical method, device, exchange equipment and storage medium
US20220141118A1 (en) Methods and system for securing a sdn controller from denial of service attack
CN111884871B (en) Method and equipment for detecting discarded message of switch
CN110071905A (en) For providing method, border networks and the IP server of connection

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 21827835

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205A DATED 31/03/2023)

122 Ep: pct application non-entry in european phase

Ref document number: 21827835

Country of ref document: EP

Kind code of ref document: A1