Single broadcast reverse path repeating method

A reverse path forwarding and unicast technology, applied in the field of network communication, can solve the problem of not being able to strictly prevent source IP address spoofing attacks and insecure inspection, and achieve the effect of improving inspection speed and ensuring security.

Active Publication Date: 2006-03-22
NEW H3C TECH CO LTD
View PDF0 Cites 33 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

But such a check is insecure and cannot strictly prevent source IP address spoofing attacks

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Single broadcast reverse path repeating method
  • Single broadcast reverse path repeating method
  • Single broadcast reverse path repeating method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0054] The core of the present invention is to set up URPF (Unicast Reverse Path Forwarding) information table in network equipment, set whether to allow forwarding mark in this information table; After the interface of network equipment receives IP data stream, according to IP data stream Query the URPF information table for the source IP address and destination IP address; if there is a corresponding entry in the URPF information table, decide to forward or discard the IP data flow according to the forwarding flag corresponding to the entry; if there is no corresponding entry in the URPF information table URPF checks the source IP address in the IP data flow, decides to forward or discard the IP data flow according to the inspection result, and adds the corresponding entry in the URPF information table.

[0055] In the present invention, a URPF (Unicast Reverse Path Forwarding) information table needs to be established in the network equipment. This table can be stored in ha...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

This invention discloses a unicast reverse route transmission method, which contains establishing unicast reverse route transmission URPF information list in network equipment, setting allowing or not allowing transmission mark in said information list, inquiring URPF information list according to source and destination IP address after receiving data stream, if there is corresponded item in said list, determining transmitting or dropping said IP data stream according to transmission mark, if there is not corresponded item, making URPF check to source and destination address in IP data stream, determining transmitting or dropping said IP data stream, and increasing corresponded item in URPF information list. Said invention can effective prevent the attack from report message of fake source IP address and insure the normal IP report message transmission.

Description

technical field [0001] The invention relates to the technical field of network communication, in particular to a unicast reverse path forwarding method. Background technique [0002] With the rapid development of the network and the increasing popularity of network applications, various network security threats are also coming, and network security has become an increasingly urgent need. For example, attacks against protocols such as http (hypertext transfer protocol), ftp (file transfer protocol), and dns (domain name system) can steal the permissions of ordinary users or even super users, and arbitrarily modify information content, causing huge harm. Source IP address spoofing is also a common attack method in the network. Since the source IP address can be easily modified by the sender, many network attackers will use this feature to carry out anonymous attacks. [0003] For example, figure 1 The attack model shown: [0004] Forge a message with the source address of 1...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L12/56H04L12/24H04L12/70
Inventor 周迪
Owner NEW H3C TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap