Unlock instant, AI-driven research and patent intelligence for your innovation.

Security rule updating method and device based on port change

A port and rule technology, which is applied in the field of security rule update methods and devices based on port changes, can solve the problems of long effective time of security rules and affecting message processing efficiency, etc.

Active Publication Date: 2021-04-09
RUIJIE NETWORKS CO LTD
View PDF8 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] The embodiment of the present invention provides a method and device for updating security rules based on port changes, which is used to solve the problem of long effective time of security rules in the prior art, and further The problem that greatly affects the processing efficiency of the message

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Security rule updating method and device based on port change
  • Security rule updating method and device based on port change
  • Security rule updating method and device based on port change

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0035] Aiming at the problem that the security rules in the prior art take a long time to take effect, which greatly affects the processing efficiency of the message, the embodiment of the present invention provides a method for updating security rules based on port changes, which is applied to network devices, and the network devices include Set a user ID and a hardware ID respectively for at least one port and at least one aggregated port, and the flow of the method is as follows figure 1 As shown, the execution steps are as follows:

[0036] S11: Monitor whether a port join command, a port exit command or a message to be forwarded is received, and if a port join command or a port exit command is received, execute S12; if a message to be forwarded is received, execute S13.

[0037] Since the network device includes ports and aggregated ports, when the user needs to set the port to join or exit the aggregated port, it needs to send a port join command or a port exit command, ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a security rule updating method and device based on port change. The method comprises the steps of monitoring whether a port adding instruction, a port quitting instruction or a to-be-forwarded message is received or not; if a port adding instruction or a port quitting instruction is received, updating a pre-established software mapping relationship between the user identifier and the hardware identifier and a pre-established hardware mapping relationship between the user identifier and the hardware identifier according to the port adding instruction or the port quitting instruction, wherein the user identifiers in the hardware mapping relationship are in one-to-one correspondence with the hardware identifiers; and if a to-be-forwarded message is received, determining a first hardware identifier of an entrance of the to-be-forwarded message according to the hardware mapping relationship, and processing the to-be-forwarded message based on a first table entry corresponding to the first hardware identifier in an access control list. In the scheme, the effective time of the security rule is greatly shortened, and the message processing efficiency is greatly improved.

Description

technical field [0001] The invention relates to the field of communication technology, in particular to a method and device for updating security rules based on port changes. Background technique [0002] The access control list (Access Control Lists, ACL) controls the packets received by the port of the network device by defining some security rules, and the result of the control is forwarding or discarding. Aggregate port (Aggregate Port, AP) is to bundle multiple physical links together to form a logical link, which can be used to expand link bandwidth and provide higher connection reliability. [0003] Current switching chips can apply security rules to ports to control access to input and output packets of the ports, that is, configure security rules for each port in the ACL. Specifically include: if the port does not belong to any aggregation port, add the entry corresponding to the security rule of the port in the ACL; if the port joins a certain aggregation port, de...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L12/935G06F8/65G06F21/73H04L49/111
CPCH04L63/101H04L49/3009G06F8/65G06F21/73G06F2221/2141Y02D30/50
Inventor 陈介平
Owner RUIJIE NETWORKS CO LTD