Unlock instant, AI-driven research and patent intelligence for your innovation.

A method and terminal for realizing multi-active and high-availability of firewall

A firewall and terminal technology, applied in the field of domain communication, can solve the problem of consuming firewall equipment resources and achieve high availability

Active Publication Date: 2020-03-31
PING AN TECH (SHENZHEN) CO LTD
View PDF6 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Therefore, this HA mode greatly consumes the resources of the firewall device

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A method and terminal for realizing multi-active and high-availability of firewall
  • A method and terminal for realizing multi-active and high-availability of firewall
  • A method and terminal for realizing multi-active and high-availability of firewall

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0032] The following will clearly and completely describe the technical solutions in the embodiments of the present invention with reference to the accompanying drawings in the embodiments of the present invention. Obviously, the described embodiments are some of the embodiments of the present invention, but not all of them. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts belong to the protection scope of the present invention.

[0033] Such as figure 1 As shown, the embodiment of the present invention provides a method for implementing firewall multi-active high availability, the method includes the following steps:

[0034] In step S101, the switch in the untrusted zone sends the request message to the firewall device cluster through a preset load balancing algorithm.

[0035] Specifically, in this step, the request message mainly carries the source IP address; when the...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The embodiment of the present invention discloses a method and a terminal for realizing multi-active high availability of a firewall, wherein the method includes: the SDN controller monitors the request message sent from the firewall device cluster to the trust zone switch; the SDN controller acquires the request according to the request message The incoming port number, firewall device ID, and source IP address of the message form an Auto Last Hop entry; if the trust zone switch sends a reply message to the firewall device cluster, the SDN controller judges the purpose of the reply message based on the Auto Last Hop entry Whether the IP address matches the source IP address; if the destination IP address matches the source IP address, the SDN controller controls the trust zone switch to send the response message according to the corresponding ingress port number and firewall device ID in the Auto Last Hop entry to the corresponding firewall device. The invention realizes the purpose of multi-active high availability of firewall equipment.

Description

technical field [0001] The present invention relates to the technical field of communication, and in particular to a method and a terminal for realizing multi-active high availability of a firewall. Background technique [0002] At present, firewall devices mainly use a high availability (High Available, HA) mode in a master-standby manner. In the process of message forwarding in this mode, since one main firewall device may be equipped with multiple backup firewall devices, when the main firewall device is abnormal during the message forwarding process, the backup firewall device will be activated to take over from the main firewall The original forwarding function of the device. When only one backup firewall device can satisfy the original forwarding function, other backup firewall devices will not be activated and will be in a non-working state. Therefore, this HA mode greatly consumes the resources of the firewall device. Contents of the invention [0003] In view o...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06H04L12/741H04L29/08H04L12/703H04L45/28H04L45/74
Inventor 易仁杰
Owner PING AN TECH (SHENZHEN) CO LTD