Method for suppressing mac address attack in evi network and edge device ed

Abstract

The invention discloses a method of inhabiting MAC address attack in EVI (Ethernet Virtualization Interconnection) network. The method comprises steps: a priority field is added to an MAC table entry, and priority information is added to an LSP message of an EVI-ISIS protocol; when an edge device learns the MAC address from the local or the MAC address with normal priority from the LSP message, if the local MAC table has the MAC address table entry with the same authorized VLAN ID and the same MAC address and the local MAC address is the high priority showing the normal traffic flow, the MAC address table entry with high priority is updated to be in an unavailable state, and the learnt MAC address table entry is recorded and is set to be normal priority; and when MAC attack is detected, the MAC address table entry with high priority is updated to be in a dynamic learning state, and the MAC address table entry with the same VLAN ID and the MAC address in the local MAC table is updated to be in an unavailable state. The invention also discloses an edge device (ED). Thus, MAC address attack can be inhabited, the utilization rate of device CPU resources is recued, missing of data packets is reduced, and normal forwarding of data stream is guided.

Description

technical field [0001] The present application relates to the technical field of network security, in particular to a method for suppressing MAC address attacks in an EVI network and an edge device ED. Background technique [0002] With the popularity of cloud computing concept, data center network technology has ushered in a drastic change. A large number of new technology standards have emerged in recent years, and EVI (Ethernet Virtualization Interconnection, Ethernet Virtualization Interconnection) technology has also followed. produce. [0003] EVI is an advanced "MAC in IP" technology. It is a layer-2 virtual private network VPN technology based on IP core network. interconnection function. EVI only maintains routing and forwarding information on edge devices at the site, without changing the routing and forwarding information inside the site and the IP core network. [0004] The network model after deploying EVI is as follows: figure 1 As shown, the EVI network (E...

AI Technical Summary

Problems solved by technology

When there is a MAC address attack in the site, that is, when different ports in the same site keep entering the same MAC address as the existing host MAC, the ED device in this site will continuously update the local MAC, send LSP, delete local MAC operations, when there is external data flow to the MAC, this data flow will also be switched between different ports of the site, and the data will sometimes be forwarded to the MAC when attacking The false host corresponding to the false MAC address entered, resulting in the loss of data packets and affecting the normal forwarding of business traffic

[0012] To sum up, currently in the EVI network, when the host is migrated, if a MAC address attack occurs, it will occupy a large amount of CPU resources of the device, and will cause the loss of data packets, affecting the normal forwarding of data traffic.

Images