Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Method for updating network security table and network device and dynamic host configuration protocol (DHCP) server

A technology for network security and network equipment, applied in the field of updating network security tables, can solve the problems that ARP request messages are easy to counterfeit, legitimate messages cannot pass through the second switch 103, and virtual machines 106 cannot normally access the network, etc., to achieve The effect of ensuring reliability and network security

Inactive Publication Date: 2013-05-08
HUAWEI TECH CO LTD
View PDF8 Cites 10 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] However, the inventors of the present application have found in long-term research and development that ARP request messages are easy to counterfeit, and if a large number of counterfeit ARP request messages are sent to the second switch 103, invalid IP addresses and MAC addresses will fill up the ARP security table , so that legal packets cannot pass through the second switch 103, and thus the virtual machine 106 cannot normally access the network

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for updating network security table and network device and dynamic host configuration protocol (DHCP) server
  • Method for updating network security table and network device and dynamic host configuration protocol (DHCP) server
  • Method for updating network security table and network device and dynamic host configuration protocol (DHCP) server

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0039] see figure 2 , figure 2 It is a schematic structural diagram of the embodiment of the network system of the present invention. As shown in the figure, the network system 20 includes a first network device 21 , a second network device 22 , a first server 25 , a second server 26 and a DHCP server 24 .

[0040] The first server 25 accesses the network through the first network device 21 . A virtual machine 23 initially runs on the first server 25 . The second server 26 accesses the network through the second network device 22 . Wherein, both the first network device 21 and the second network device 22 have enabled the network security function, that is, filtering illegal messages according to the network security table. The security entry of the virtual machine 23 is stored in the network security table of the first network device 21 , therefore, the virtual machine 23 can access the network through the first network device 21 .

[0041] In order to reduce the load ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a method for updating network security table, a network device and a dynamic host configuration protocol (DHCP) server. When a virtual machine moves in a management domain of a network device, the network device analyses a first received request message from the virtual machine, an internet protocol (IP) address and a medium access control (MAC) address of the virtual machine are obtained, when a security table item including the IP address and the MAC address doesn't exist in a network security table of the network device, the network device sends a second request message generated according to the IP address and the MAC address to the DHCP server, so that the DHCP server is enabled to launch mandatory communication between the DHCP server and the virtual machine, the network device monitors an interactive message between the DHCP server and the virtual machine to obtain the security table item of the virtual machine, the network security table is updated according to the security table item. Through the above mode, the method for updating network security table, the network device and the DHCP server ensure that the virtual machine can access the network normally when the virtual machine moves in the management domain of the network device, reliability of the network security table is also ensured, and therefore network security is ensured.

Description

technical field [0001] The invention relates to the technical field of network security, in particular to a method for updating a network security table, a network device, and a DHCP (Dynamic Host Configuration Protocol, Dynamic Host Configuration Protocol) server. Background technique [0002] A virtual machine refers to a complete computer system that is simulated by software and has complete hardware system functions and runs in a completely isolated environment. Currently, people often provide services to users through virtual machines. Since virtual machines must run on physical servers, as more and more virtual machines are loaded on the physical servers, the load increases. It is necessary to perform load sharing on the physical servers, or to back up data on the physical servers. When performing load sharing or data backup on a physical server, it is necessary to migrate a virtual machine running on one physical server to another physical server to maintain uninterr...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06
Inventor 于斌陈光荣
Owner HUAWEI TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products