Unlock instant, AI-driven research and patent intelligence for your innovation.

Address resolution protocol message processing method and switch

A technology of address resolution protocol and processing method, which is applied in the field of method address resolution protocol message processing method and switch field, can solve problems such as user ARP spoofing attack and no solution is proposed, and achieve the effect of protecting the network and related equipment

Active Publication Date: 2013-01-16
ZTE CORP
View PDF2 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0007] Aiming at the problem of ARP spoofing attacks on users in the same broadcast domain under the switch in related technologies, no effective solution has been proposed so far

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Address resolution protocol message processing method and switch
  • Address resolution protocol message processing method and switch
  • Address resolution protocol message processing method and switch

Examples

Experimental program
Comparison scheme
Effect test

example 1

[0045] The following is a detailed description of the process of judging whether an ARP packet needs to be inspected at Layer 2 according to predetermined rules. After copying one copy, perform a second-layer inspection. Figure 4 Shows a schematic flow chart of judging whether layer 2 detection is required according to Example 1, as Figure 4 As shown, the process specifically includes the following processes:

[0046] Step S401, receiving an ARP packet. Due to the need for enhanced DAI detection, that is, the packets detected by the second layer are also ordinary ARP packets without special marks, so they cannot be distinguished according to the packets. It is necessary to determine whether to perform a series of ARP packets in the ARP processing flow. text detection.

[0047] Step S402, judging whether the ARP message is received from the switch attribute port, specifically divided into the following two situations for processing:

[0048] One, the sending interface of ...

example 2

[0058] The following describes in detail the process of performing Layer 2 detection on ARP packets to determine whether the ARP packets are legal. These three kinds of checks are checked in the text legal user binding table, and the above-mentioned DAI validity check can be flexibly and dynamically configured, which can strengthen the defense against ARP message attacks. Figure 5 Shows a schematic flow chart of performing Layer 2 detection on ARP packets according to Example 2, as Figure 5 As shown, the process specifically includes the following processes:

[0059] In step S501, all ARP packets entering this process need to undergo DAI detection, that is, the above-mentioned layer 2 detection. Before performing DAI detection, it is necessary to analyze the ARP message to provide data sources for the following various detection processes, and after the analysis, proceed to the processing of step S502.

[0060] In step S502, a common protocol check is performed on the ARP ...

example 3

[0070] The following describes in detail the processing flow of ARP packets after Layer 2 detection. Figure 6 It shows a schematic diagram of the processing flow of the ARP message according to the example 3 after the two-layer detection, such as Figure 6 As shown, the process specifically includes the following processes:

[0071] In step S601, the ARP message passing the DAI detection, that is, the layer-2 detection enters this step, and the message is forwarded or discarded. If the ARP message is legal, it will be forwarded, otherwise the ARP message will be discarded. When forwarding, it is necessary to judge whether the message is a broadcast message. If it is a broadcast message, then broadcast and forward, that is, enter the processing of step S602; The broadcast message is forwarded by unicast, that is, the process enters step S603.

[0072] Step S602, forwarding the ARP message that needs to be broadcast, and broadcasting and forwarding the message according to th...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses an address resolution protocol message processing method and a switch; the method comprises the following steps: carrying out two-layer detection on the ARP message to judge whether the ARP message is legal, wherein the two-layer detection includes ordinary protocol inspection, DAI (Dynamic ARP Inspection) validity inspection of ARP message and ARP message legal user binding table inspection; and in case that the ARP message is legal, forwarding the ARP message, otherwise, abandoning the ARP message. The invention can effectively detect the ARP aggressive behavior in one switch, thus effectively protecting the network and the associated equipment.

Description

technical field [0001] The present invention relates to the communication field, in particular to a method for processing Address Resolution Protocol (ARP) messages and a switch. Background technique [0002] In the current network technology, terminal devices are distinguished in the network by an Internet Protocol (Internet Protocol, IP for short) address. In a communication system, when a source terminal device initiating communication sends a message to another terminal device, it needs to obtain a Media Access Control (MAC) address of the target terminal device to complete packet encapsulation. It can be seen that, in practical applications, it is often necessary to realize the conversion between the device IP address and the MAC address. [0003] At present, the function of converting the IP address of the target terminal device into a MAC address is mainly implemented through the ARP protocol to ensure the smooth progress of communication. The process of converting ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06H04L12/931H04L29/12
Inventor 郝红杰
Owner ZTE CORP