Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Access control list capacity test method, equipment and computer storage medium

A test method and technology of the device under test, applied in digital transmission systems, data exchange networks, electrical components, etc., can solve the problems of complex and difficult configuration of verification traffic and black hole traffic, avoid manual configuration of verification traffic and black hole traffic, reduce Human resource burden and the effect of reducing human resource consumption

Active Publication Date: 2021-11-19
CHINA MOBILE COMM LTD RES INST +1
View PDF5 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] The disadvantage of the ACL capacity test method in the prior art is that in order to facilitate the generation of ACL verification traffic, the ACL rules in the test are generated according to certain rules, and the device under test can easily perform ACL through the configuration of the ACL anti-mask (wildcard mask). The rule entries are aggregated, and the ACL entries actually delivered to the device storage space are far smaller than the test requirements
If irregular ACL rules are used for verification, the test instrument cannot automatically generate verification traffic and black hole traffic that precisely match the ACL rules. Usually, manual configuration of verification traffic and black hole traffic is required. When the ACL capacity is larger, the verification traffic and black hole traffic The configuration is more complex and difficult

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Access control list capacity test method, equipment and computer storage medium
  • Access control list capacity test method, equipment and computer storage medium
  • Access control list capacity test method, equipment and computer storage medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0033] Before describing the ACL capacity testing scheme of the embodiment of the present invention, firstly, the current ACL capacity testing method will be described.

[0034] When an IP packet arrives at the interface of the device, the device will extract the specific fields of the IP packet, such as source address, destination address, source port, destination port, etc., and search the ACL associated with the interface to obtain the rules matching the information. Do corresponding processing (such as matching or discarding) according to the ACL rules. For example: access-list 100 permit tcp192.168.10.0 0.0.0.255 172.16.1.0 0.0.0.0 eq 80 This ACL rule numbered 100 means that the 192.168.10.0 / 24 network is allowed to access the 172.16.1.0 server through the WEB80 port ( Use an inverse mask in an access control list to mark whether one or more addresses are allowed or denied, 0 means bits to check, 1 means don't check bits to ignore).

[0035] The ACL capacity test is to v...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The embodiment of the invention discloses an ACL capacity testing method, equipment and computer storage medium. The method includes: generating discrete ACL rules based on a discrete routing pool, and generating verification traffic and blackhole traffic; the black hole traffic represents traffic not covered by the discrete ACL rules; combining the ACL rules, the verification traffic, and The ACL black hole traffic is sent to the port under test of the device under test, so that the port under test of the device under test performs data matching based on the ACL rule, the verification traffic, and the black hole traffic; The matching quantity of the ACL rule of the device, and the ACL capacity is determined based on the matching quantity.

Description

technical field [0001] The invention relates to testing technology, in particular to a testing method, equipment and computer storage medium for the capacity of an Access Control List (ACL, Access Control List). Background technique [0002] ACL is a set of rules established on IP network communication nodes such as routers, switches, and firewalls to filter traffic passing through communication nodes. [0003] The disadvantage of the ACL capacity test method in the prior art is that in order to facilitate the generation of ACL verification traffic, the ACL rules in the test are generated according to certain rules, and the device under test can easily perform ACL through the configuration of the ACL anti-mask (wildcard mask). The rule entries are aggregated, and the ACL entries actually delivered to the device storage space are far smaller than the test requirements. If irregular ACL rules are used for verification, the test instrument cannot automatically generate verific...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06H04L12/24H04L12/26
CPCH04L41/0803H04L43/0876H04L63/101
Inventor 汪滢杨海俊
Owner CHINA MOBILE COMM LTD RES INST
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com