ARP message management method based on network equipment

A technology of ARP message and network equipment, which is applied in the field of ARP message management based on network equipment, which can solve the problems of message discarding, network administrator's workload in the early stage and management complexity in the later stage, and achieve the effect of reducing ARP spoofing

Inactive Publication Date: 2015-03-18
BEIJING HUAIJIAO NETWORK TECH SERVICE
View PDF5 Cites 9 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0025] (4) There is no host whose MAC address is AA-AA-AA-AA-AA-AA in the network device, so this message is discarded
However, in practical applications, this will bring a lot of early workload and post-management complexity to network administrators.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • ARP message management method based on network equipment

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0069] This embodiment is to simulate PC1 to send a data message to PC2, and the processing flow is as follows:

[0070] (1) PC1 (192.168.1.1) sends an ARP request message to PC2 (192.168.1.2) to the network.

[0071] (2) The network device verifies the legitimacy of PC1. The network device looks up the IP-MAC correspondence of PC1 from the local IP-MAC correspondence table: 192.168.1.1>>11-11-11-11-11-11. Because the IP-MAC corresponding item of PC1 is not found, the network device adds the corresponding corresponding relationship to the IP-MAC corresponding table.

[0072] (3) The network device responds to the ARP request message. The network device searches the corresponding item of PC2 (192.168.1.2) from the local IP-MAC correspondence table.

[0073] (4) Because the network device fails to find the corresponding item of PC2 in the IP-MAC correspondence table, the network device sends an ARP request packet to the network.

[0074] (5) PC2 sends an ARP response message...

Embodiment 2

[0081] This embodiment is to simulate PC3 to send data message to PC1, and the processing flow is as follows:

[0082] (1) PC3 (192.168.1.3) sends an ARP request message to PC1 (192.168.1.1) to the network.

[0083] (2) The network device verifies the legitimacy of PC3. The network device looks up the IP-MAC correspondence of PC3 from the local IP-MAC correspondence table: 192.168.1.3>>33-33-33-33-33-33. Because the IP-MAC corresponding item of PC3 is not found, the network device adds the corresponding corresponding relationship to the IP-MAC corresponding table.

[0084] (3) The network device responds to the ARP request. The network device finds out the corresponding item of PC1 from the local IP-MAC correspondence table.

[0085] (4) The network device returns an ARP response message to PC3.

[0086] (5) PC3 sends a data message to PC1.

[0087] (6) The network device verifies the legitimacy of PC3 and PC1 in the data message.

[0088] (7) The network device forwards...

Embodiment 3

[0090] In this embodiment, PC3 is simulated to send an ARP spoofing message to PC1, and PC3 is disguised as PC2. The process is as follows:

[0091] (1) PC3 sends an ARP response message to PC1, which indicates that the MAC address of PC2 is 33-33-33-33-33-33

[0092] (2) The network device verifies the legitimacy of PC3 and PC2. It is determined that the sending MAC address is inconsistent with the MAC address in the ARP packet, so the network device discards the ARP reply packet.

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides an ARP message management method based on network equipment, and the method is to solve the problem of network attacks of ARP spoofing and ARP storm and the like. The method comprises the following steps: 1) judging whether a message is an ARP message; 2) judging whether network layer MAC and ARP MAC addresses are consistent; 3) judging whether a source IP address exists in an IP-MAC corresponding table; 4) judging whether the source IP address and a source MAC address exist in the IP-MAC corresponding table; 5) updating life periods of corresponding items of the source IP address and the source MAC address in the IP-MAC corresponding table; 6) adding the source IP address and the source MAC address to the IP-MAC corresponding table; 7) sending an IP conflict ARP message to a source device, and skipping to a step (15); 8) judging whether the message is an ARP request message or a response message; 9) searching whether searched IP information exists in the IP-MAC corresponding table; and 10) returning the ARP response data message.

Description

technical field [0001] The invention relates to an ARP message management method, in particular to a network device-based ARP message management method. Background technique [0002] The basic function of ARP (Address Resolution Protocol, Address Resolution Protocol) is to query the MAC (Media Access Control, Media Access Control) address of the target device through the IP address of the target device, so as to ensure the smooth progress of communication. It is an essential protocol at the network layer in IPv4. [0003] It is stipulated in the Ethernet protocol that if a host in the same LAN wants to communicate directly with another host, it must know the MAC address of the target host. In the TCP / IP protocol, the network layer and transport layer only care about the IP address of the target host. This results in only the IP address of the target host being included when the IP protocol is used in Ethernet. Therefore, a method is needed to obtain the MAC address of the...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/12H04L29/06
CPCH04L61/103H04L63/0876H04L63/1441H04L63/1466H04L61/2535H04L2101/622
Inventor 吴玉松单闽曲长利
Owner BEIJING HUAIJIAO NETWORK TECH SERVICE
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap