Tunnel forwarding method, device and network equipment

A forwarding method and forwarding device technology, applied in the field of data communication, can solve the problem that a security gateway cannot correctly select a tunnel to encapsulate a DHCP response message and the like

Active Publication Date: 2015-11-25
BEIJING XINWANG RUIJIE NETWORK TECH CO LTD
View PDF3 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Since IPSec searches for the DHCP tunnel based on the flow of interest, the flow of interest on the security gateway is actually an access control list (AccessControlList, referred to as ACL) of a fixed port, such as IP: AnytoAny ,destination:UDPport68 (the interested flow means: it can match any UDP packet with any to any IP and the destination port is 68), so when the security gateway establishes DHCP tunnels with multiple clients at the same time, the security gateway cannot Correctly select the tunnel to encapsulate the DHCP response message returned by the DHCP server, so that the DHCP response message returned by the DHCP server cannot be successfully forwarded to the DHCP client

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Tunnel forwarding method, device and network equipment
  • Tunnel forwarding method, device and network equipment
  • Tunnel forwarding method, device and network equipment

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0020] figure 1 It is a flowchart of a tunnel forwarding method provided by an embodiment of the present invention. Such as figure 1 As shown, the method of the present embodiment includes:

[0021] Step 101 , when establishing DHCP tunnels with multiple DHCP clients, activate one of the DHCP tunnels each time according to the activation strategy, and set the status of the other DHCP tunnels to a tentative status.

[0022] The execution subject of this embodiment may be any device that is connected between the DHCP server and the DHCP client and runs IPsec and can provide a DHCP tunnel to the DHCP client, such as a security gateway. In this embodiment, the security gateway is used as the execution subject for description, but it is not limited thereto.

[0023] In this embodiment, the security gateway establishes DHCP tunnels with multiple DHCP clients within a period of time, so there are multiple interest streams on the security gateway, each stream of interest correspond...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a tunnel forwarding method and device as well as network equipment. The method comprises the following steps of: when a DHCP (dynamic host configuration protocol) tunnel is set up by a security gateway with a plurality of dynamic host configuration protocol client sides, activating one DHCP tunnel in each time according to an activating strategy; setting the status of other DHCP tunnels as an interim status; and forwarding a DHCP message between a DHCP server and a DHCP client side corresponding to the DHCP tunnel under the activation state by the DHCP tunnel under the activation state. According to the technical scheme disclosed by the invention, the message between the DHCP server and the DHCP client side can be successfully forwarded under the condition that the security gateway simultaneously sets up the DHCP tunnels with the DHCP client sides.

Description

technical field [0001] The invention relates to data communication technology, in particular to a tunnel forwarding method, device and network equipment. Background technique [0002] Dynamic Host Configuration Protocol (Dynamic Host Configuration Protocol, referred to as DHCP) is mainly used for effective, dynamic, and automatic allocation of Internet Protocol (Internet Protocol, referred to as IP) addresses in the internal network. Internet Protocol Security (IPsec for short) is used to provide security services at the IP layer, and is used to protect one or more paths between hosts, between security gateways, and between security gateways and hosts. [0003] IPSec-based DHCP (DHCPoverIPSec) uses IPSec messages to carry DHCP messages. DHCP messages are encrypted and encapsulated by IPSec to prevent them from being stolen or tampered with during transmission, resulting in disclosure of internal network structure deployment. The principle of DHCPoverIPSec includes: the DHCP...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): H04L12/70
Inventor 张涛
Owner BEIJING XINWANG RUIJIE NETWORK TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap