Method and device for bidirectional forwarding detection authentication security switching

A two-way forwarding detection and security technology, applied in the field of communication, can solve problems such as traffic interruption and route deletion

Active Publication Date: 2019-06-21
NEW H3C TECH CO LTD
View PDF5 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] This application provides a method and device for bidirectional forwarding detection and authentication security switching to solve the problems of traffic interruption and route deletion caused by modifying the BFD authentication mode in the prior art

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and device for bidirectional forwarding detection authentication security switching
  • Method and device for bidirectional forwarding detection authentication security switching
  • Method and device for bidirectional forwarding detection authentication security switching

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0053] The basic idea of ​​this application's two-way forwarding detection and authentication security switch is: after the first network device and the second network device establish a BFD session, they periodically send a two-way BFD message on the channel of the established session, and use the second network device to implement the second network device. In the detection of a network device, if the first network device does not receive the BFD message from the second network device within a certain period of time, it is considered that a certain part of the bidirectional channel has failed.

[0054]The first network device judges the authentication status of the current BFD message. If it is currently in the intermediate state of authentication, it sends two copies of the BFD message to the second network device each time. The first authentication mode is generated, and the second BFD packet is generated according to the second authentication mode after the modification of...

Embodiment 2

[0082] refer to image 3 , which shows a flow chart of a method for bidirectional forwarding detection and authentication security switchover described in Embodiment 2 of the present application, specifically including:

[0083] Step 301: Set an authentication mode switching timeout timer.

[0084] When the first network device enters the authentication intermediate state, start the authentication mode switching timeout timer.

[0085] Step 302: Judging whether the authentication mode switching timeout timer has expired, if it expires, execute step 303, if not, execute step 304.

[0086] Wherein, preferably, the authentication mode switching timeout timer timeout time can be set to 5 minutes, and can also be set in any appropriate way by those skilled in the art, such as the threshold can be set by manual experience, or set for the difference value of historical data The timeout period is not limited by this application.

[0087] Step 303: Determine whether the first networ...

Embodiment 3

[0142] refer to Figure 8 , which shows a structural diagram of a device for bidirectional forwarding detection and authentication security switching in Embodiment 3 of the present application. When the device is the first network device, it may specifically include:

[0143]The authentication status judging module 801 is used to judge the authentication status of the current BFD message. If the authentication status judging module judges that the current BFD message is in the authentication intermediate state, the sending module 802 is executed; otherwise, the authentication module 807 is executed.

[0144] Sending module 802: Send two BFD packets to the second network device each time.

[0145] Wherein, the first BFD message is generated according to the first authentication mode before the modification of the authentication mode, and the second BFD message is generated according to the second authentication mode after the modification of the authentication mode.

[0146] T...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

This application provides a method and device for two-way forwarding detection and authentication security switching, including: the first network device judges the authentication status of the current BFD message, and if it is currently in the middle of the authentication state, it sends two packets to the second network device each time. In the intermediate state of authentication, when the first network device receives the BFD message sent by the second network device, it performs the following steps: judge whether it passes the detection of the first authentication mode, and if it passes, refresh the BFD timeout detection timer; if not passed, then continue to judge whether to pass the detection of the second authentication mode; if passed the detection of the second authentication mode, then refresh the BFD overtime detection timer, make the second authentication mode take effect, and exit the authentication intermediate state, thereby The problem of traffic interruption and route deletion caused by modifying the BFD authentication mode in the prior art is solved.

Description

technical field [0001] The present application relates to the field of communication technologies, and in particular to a method and device for bidirectional forwarding detection authentication security switching. Background technique [0002] Bidirectional Forwarding Detection (BFD for short) is a general, standardized, media-independent and protocol-independent fast fault detection mechanism. MPLS), Pseudowire (Prisoner of War, referred to as PW), Open Shortest Path First (Open Shortest Path First, referred to as OSPF), etc. provide a unified and fast fault detection mechanism, and the fault detection time of BFD is usually in milliseconds. It greatly improves the convergence speed of the protocol and reduces the number of network packet loss and interruption time. [0003] In order to improve its own security, BFD uses an authentication mechanism, which includes Simple Authentication and Message Digest Algorithm MD5 (MD5 for short). Due to the use of the authentication m...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): H04L12/26H04L12/703H04L12/723H04L29/06H04L45/28H04L45/50
CPCH04L43/0811H04L45/28H04L45/50H04L63/08H04L69/22
Inventor 汪江波
Owner NEW H3C TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap