Method for preventing attack of counterfeit message and repeater equipment thereof

A relay device and message technology, which is applied in the field of Internet protocol, can solve the problems of lack of deployment, high management cost, and few systems, and achieve the effect of preventing the attack of forged ND messages

Active Publication Date: 2009-11-04
NEW H3C TECH CO LTD
View PDF0 Cites 30 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0027] However, the static address allocation scheme has high management costs for large-scale IPv6 deployment, while the SEND scheme requires the current equipment and hosts to upgrade the IPv6 protocol stack to support the encryption authentication process. Currently, there are few supported systems and the possibility of deployment is lacking. sex

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for preventing attack of counterfeit message and repeater equipment thereof
  • Method for preventing attack of counterfeit message and repeater equipment thereof
  • Method for preventing attack of counterfeit message and repeater equipment thereof

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0046] The core idea of ​​the present invention is: during the process of forwarding the address assignment message between the client device and the DHCPv6 server in the stateful configuration mode, the DCHPv6 relay device records the address assignment message of the client device according to the content in the address assignment message. information, and filter forged ND packets according to the recorded client device information, thereby solving the problem that ND packets on the DHCPv6 relay device are easy to be forged, and resources are easy to be maliciously occupied, leading to network failures.

[0047] image 3 It is a flowchart of a method for preventing forged message attacks according to an embodiment of the present invention. This method is applicable to the networking where the client device and the DHCPv6 server communicate through a DHCPv6 relay device, such as figure 1 shown in the networking, etc., such as image 3 As shown, the method includes:

[0048...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a method for preventing attack of counterfeit message, comprising: DHCPv6 repeater equipment transmits address assignment message which is set between customer premises equipment (CPE) and a DHCPv6 server under a stateful collocation mode; according to the information of the CPE in the transmitted address assignment message, the DHCPv6 repeater equipment can set up and maintain a safety information table; according to the safety information table, the DHCPv6 repeater equipment filters neighbor discovery (ND) message sent by the CPE. The invention also discloses the DHCPv6 repeater equipment. The technical proposal can prevent the DHCPv6 repeater equipment from being attacked by the counterfeit ND message.

Description

technical field [0001] The invention relates to the technical field of Internet Protocol Version 6 (IPv6, Internet Protocol Version 6), in particular to a method for preventing forged message attacks and a relay device. Background technique [0002] The Dynamic Host Configuration Protocol for IPv6 (DHCPv6, Dynamic Host Configuration Protocol for IPv6) is a protocol designed for the IPv6 addressing scheme to assign IPv6 addresses and other network configuration parameters to hosts. [0003] DHCPv6 adopts the client / server communication mode. The client device submits a configuration request to the DHCPv6 server, and the DHCPv6 server returns the corresponding configuration information such as the IP address assigned to the client to realize the dynamic configuration of the IP address and other information. [0004] figure 1 It is a typical networking diagram of running DHCPv6 in the prior art. figure 1 As shown, client devices communicate with a DHCP server through a link-s...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L29/12H04L12/56
CPCH04L61/6059H04L61/2015H04L29/12915H04L63/164H04L63/1441H04L29/12226H04L61/5014H04L2101/659
Inventor 林涛申彦昌
Owner NEW H3C TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products