Unlock instant, AI-driven research and patent intelligence for your innovation.

A method and device for generating a security entry

A technology of safety tables and table items, applied in the field of communication, can solve problems such as legitimate upstream discarding, and achieve the effect of avoiding discarding

Active Publication Date: 2017-12-15
NEW H3C TECH CO LTD
View PDF4 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] In view of this, the present application provides a method and device for generating a security entry to solve the problem that the legal upstream flow is discarded

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A method and device for generating a security entry
  • A method and device for generating a security entry
  • A method and device for generating a security entry

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0019] In order to make the object, technical solution and advantages of the present invention clearer, the technical solution of the present invention will be described in detail below with reference to the accompanying drawings and examples.

[0020] An embodiment of the present application provides a method for generating a security entry, which is applied to a switching device running a DHCP snooping function. When the switching device receives an unknown unicast packet through the uplink port, it learns a DHCP snooping entry for the destination IP address of the unknown unicast packet, and generates a security entry according to the learned DHCP snooping entry. The embodiment provided by the present application can generate the security entry of the downlink host as soon as possible according to the downlink flow, so as to avoid discarding of the legitimate uplink flow.

[0021] see figure 1 , figure 1 This is a schematic diagram of a DHCP network. figure 1 Switching d...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The present invention provides a method for generating a security entry, the method comprising: when a switching device receives an unknown unicast message through an uplink port, broadcasting and sending the unicast message, and performing DHCP snooping entry learning, if the DHCP snooping entry corresponding to the IP address is learned, then generate a security entry corresponding to the IP address, so that the unicast report whose source IP address is the IP address is received through the downlink port The text is not discarded. Based on the same inventive idea, the present application also proposes a security entry generating device, which can generate the security entry of the downlink host as soon as possible according to the downstream flow, so as to avoid discarding of the legal upstream flow.

Description

technical field [0001] The present invention relates to the field of communication technology, in particular to a method and device for generating a security entry. Background technique [0002] Dynamic Host Configuration Protocol (Dynamic Host Configuration Protocol, DHCP) snooping (Snooping) is a kind of security feature of DHCP, DHCP Snooping is by monitoring DHCP request message and the DHCP response message that trusted port receives, records DHCP Snooping entry, The content of the entry includes the client's Media Access Control (MAC) address, the Internet Protocol (Internet Protocol, IP) address assigned by the DHCP server to the DHCP client, the port connected to the DHCP client, and the virtual local area network (Virtual Local Area Network, VLAN). ) and other information. [0003] The DHCP snooping feature can be used together with the security feature to filter access to the network by illegal users who forge IP addresses. Use DHCP snooping entries to generate s...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/12H04L12/741H04L45/74
CPCH04L45/54H04L61/5014
Inventor 何川
Owner NEW H3C TECH CO LTD