Anti-attack processing method of three-layer ethernet switchboard

Abstract

The present invention discloses a three-layer internet switch anti-attack processing method which includes: (a) the data packet which is sent by a certain device is received by the switch and if the target device of the data packet exists in the direct interconnection segment of the switch and the ARP information of the target device of the data packet is not learned by the switch, an ARP requestis sent to the target IP address of the data packet; (b) if the switch does not receive any ARP response after the ARP request is sent, a rout of the target IP address is established so that the process of the message during the transferring of the message by the switch through the direct interconnection route is ADANDON. If the switch receives the data packet, which is sent by the device in the direct interconnection segment, at a certain time, then the switch has already learned the ARP information and MAC information of the device; if the route exit established by the IP address of the device is judged to be different from the corresponding exit of the MAC address in the MAC information table of the device, the route exit is changed into the corresponding exit of the MAC address in theMAC information table of the device.

Description

technical field [0001] The invention relates to the Ethernet communication technology, in particular to an attack prevention processing method in a network segment directly connected to a three-layer Ethernet switch. Background technique [0002] With the rapid development of the Internet, Ethernet networks have gradually become an indispensable tool in people's daily work and life, so the demand and processing capacity of Ethernet switches are also increasing. At the same time, various manufacturers are trying to reduce costs. Improve the cost performance of products. With the rapid improvement of ASIC chip design technology, the second and third layer forwarding of Ethernet switches are basically completed by the chip, and the CPU basically does not process data forwarding on the switch, and is only responsible for some functions such as control management and forwarding table generation. In terms of cost, the performance of the generally selected CPU is not very high, bu...

AI Technical Summary

Problems solved by technology

Then these data streams finally impact the CPU. When the CPU sees that there is no ARP for the destination IP of the data stream, the CPU will keep sending ARP requests to this IP, but it will definitely not receive the ARP response, so the direct route of the IP If it cannot be established all the time, the data flow will always impact the CPU continuously, which will affect the normal sending and receiving and processing of other protocol packets sent to the CPU, and will also cause the CPU to be occupied for a long time while other events cannot be processed normally, etc. , the consequences are very serious

Images