[go: up one dir, main page]

CN106878485B - Message processing method and device - Google Patents

Message processing method and device Download PDF

Info

Publication number
CN106878485B
CN106878485B CN201710114258.8A CN201710114258A CN106878485B CN 106878485 B CN106878485 B CN 106878485B CN 201710114258 A CN201710114258 A CN 201710114258A CN 106878485 B CN106878485 B CN 106878485B
Authority
CN
China
Prior art keywords
address
arp
source
target
exists
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201710114258.8A
Other languages
Chinese (zh)
Other versions
CN106878485A (en
Inventor
王阳
廖以顺
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hangzhou H3C Technologies Co Ltd
Original Assignee
Hangzhou H3C Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hangzhou H3C Technologies Co Ltd filed Critical Hangzhou H3C Technologies Co Ltd
Priority to CN201710114258.8A priority Critical patent/CN106878485B/en
Publication of CN106878485A publication Critical patent/CN106878485A/en
Application granted granted Critical
Publication of CN106878485B publication Critical patent/CN106878485B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/10Mapping addresses of different types
    • H04L61/103Mapping addresses of different types across network layers, e.g. resolution of network layer into physical layer addresses or address resolution protocol [ARP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/74Address processing for routing
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/50Address allocation
    • H04L61/5007Internet protocol [IP] addresses
    • H04L61/5014Internet protocol [IP] addresses using dynamic host configuration protocol [DHCP] or bootstrap protocol [BOOTP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/50Address allocation
    • H04L61/5046Resolving address allocation conflicts; Testing of addresses
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2101/00Indexing scheme associated with group H04L61/00
    • H04L2101/60Types of network addresses
    • H04L2101/618Details of network addresses
    • H04L2101/622Layer-2 addresses, e.g. medium access control [MAC] addresses

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The application provides a message processing method and a device, wherein the method comprises the following steps: when an Address Resolution Protocol (ARP) message is received, judging whether lease information corresponding to a source Internet Protocol (IP) address of the ARP message exists or not; if the lease information corresponding to the source IP address exists, the ARP learning is refused according to the ARP message; and if no lease information corresponding to the source IP address exists, performing ARP learning according to the ARP message. By applying the embodiment of the application, the address conflict between the static terminal and the dynamic terminal can be avoided, and the static terminal can be ensured to normally access the network under the condition that the address conflict does not exist.

Description

Message processing method and device
Technical Field
The present application relates to the field of network communication technologies, and in particular, to a method and an apparatus for processing a packet.
Background
A DHCP (Dynamic Host Configuration Protocol) is generally applied to a large-scale local area network environment, and mainly functions to centrally manage and allocate IP addresses, so that a Host in the network environment dynamically obtains information such as an IP (Internet Protocol) address and a Gateway address, and can improve the utilization rate of the addresses.
The DHCP protocol employs a client/server model, with the task of dynamic allocation of host addresses driven by the network host. When the DHCP server receives the information of applying address from the network host, it will send the relevant address configuration information to the network host to realize the dynamic configuration of the network host address information.
Disclosure of Invention
The application provides a message processing method and device, which are used for solving the problem that a static terminal cannot access a network in the prior art.
According to a first aspect of the embodiments of the present application, a method for processing a packet is provided, including:
when an Address Resolution Protocol (ARP) message is received, judging whether lease information corresponding to a source Internet Protocol (IP) address of the ARP message exists or not;
if the lease information corresponding to the source IP address exists, the ARP learning is refused according to the ARP message;
and if no lease information corresponding to the source IP address exists, performing ARP learning according to the ARP message.
According to a second aspect of the embodiments of the present application, there is provided a packet processing apparatus, including:
a receiving unit, configured to receive an ARP packet;
the judging unit is used for judging whether lease information corresponding to a source Internet Protocol (IP) address of the ARP message exists or not when the receiving unit receives the ARP message;
the learning unit is used for refusing to carry out ARP learning according to the ARP message if lease information corresponding to the source IP address exists; and if no lease information corresponding to the source IP address exists, performing ARP learning according to the ARP message.
By applying the embodiment of the application, when the ARP message is received, whether lease information corresponding to the source IP address of the ARP message exists is judged; and refusing to conduct ARP learning according to the ARP message when lease information corresponding to the source IP address exists; and when no lease information corresponding to the source IP address exists, performing ARP learning according to the ARP message, avoiding address conflict between the static terminal and the dynamic terminal, and ensuring that the static terminal can normally access the network under the condition of no address conflict.
Drawings
Fig. 1 is a schematic flowchart of a message processing method according to an embodiment of the present application;
fig. 2 is a schematic architecture diagram of a specific application scenario provided in an embodiment of the present application;
fig. 3 is a schematic structural diagram of a message processing apparatus according to an embodiment of the present application;
fig. 4 is a schematic structural diagram of another message processing apparatus according to an embodiment of the present application;
fig. 5 is a schematic structural diagram of another message processing apparatus according to an embodiment of the present application;
fig. 6 is a schematic structural diagram of another message processing apparatus according to an embodiment of the present application;
fig. 7 is a schematic structural diagram of another message processing apparatus according to an embodiment of the present application.
Detailed Description
In the DHCP networking, a terminal automatically acquires an IP address to be on line usually in a DHCP mode, but some users can configure a static IP address to access the network by themselves in the network, so that the statically configured IP address is likely to conflict with the dynamically allocated IP address in the network, and if the situation occurs, the network access of the user who acquires the IP address in the DHCP mode is influenced by the user who illegally configures the static IP address.
In order to avoid the conflict between the statically configured IP address and the dynamically allocated IP address in the network, the currently adopted scheme usually prohibits the user terminal with the statically configured IP address from getting online, so that the user terminal with the statically configured IP address cannot access the network.
In order to make the technical solutions in the embodiments of the present application better understood and make the above objects, features and advantages of the embodiments of the present application more comprehensible, the technical solutions in the embodiments of the present application are described in further detail below with reference to the accompanying drawings.
Referring to fig. 1, a schematic flow chart of a message processing method according to an embodiment of the present disclosure is shown in fig. 1, where the message processing method may include the following steps:
it should be noted that, in the embodiment of the present application, the message processing method shown in fig. 1 may be applied to a DHCP address assignment device, such as a DHCP server or a DHCP relay, and for convenience of description, the following description takes the execution subject of step 101 to step 103 as an example of the DHCP server.
Step 101, when receiving an ARP message, determining whether lease information corresponding to a source IP address of the ARP message exists. If yes, go to step 102; otherwise, go to step 103.
In the embodiment of the application, when the terminal acquires the IP address in a static configuration mode, the terminal needs to send an ARP message to acquire gateway address information so that the terminal can access the network; the source IP address of the ARP packet is an IP address of the terminal (statically configured IP address), and the source MAC (Media Access Control) address is an MAC address of the terminal.
In addition, when the terminal acquires the IP address from the DHCP server in a DHCP manner, the DHCP server stores lease information corresponding to the IP address.
Correspondingly, in the embodiment of the application, when the DHCP server receives the ARP message sent by the target terminal, the DHCP server may obtain the source IP address of the ARP message, and query local lease information according to the source IP address of the ARP message to determine whether lease information corresponding to the source IP address of the ARP message exists.
The target terminal does not refer to a fixed terminal, but refers to any terminal that acquires an IP address in a static configuration manner.
And 102, refusing to carry out ARP learning according to the ARP message.
In the embodiment of the application, when the DHCP server queries corresponding lease information according to the source IP address of the received ARP packet, that is, when the lease information corresponding to the source IP address of the ARP packet exists, the DHCP server may determine that other terminals having the IP address obtained by the DHCP method are currently performing network access, and at this time, to avoid IP address conflict, the DHCP server may refuse to perform ARP learning according to the ARP packet, for example, the DHCP server may directly discard the ARP packet, and accordingly, the DCHP server may not respond to the ARP packet, and the target terminal may not obtain gateway address information and may not perform network access.
And 103, performing ARP learning according to the ARP message.
In the embodiment of the application, when the DHCP server queries corresponding lease information according to a source IP address of a received ARP packet, that is, when no lease information corresponding to the source IP address of the ARP packet exists, the DHCP server may determine that there is no other terminal that acquires the IP address in a DHCP manner currently performing network access (including that the IP address is not allocated to the terminal in a DHCP manner or the IP address is allocated to the terminal in a DHCP manner, but the terminal is offline, and the like).
It should be noted that, in the embodiment of the present application, after the DHCP server learns the received ARP packet, the source IP address of the ARP packet is recorded, and further, when the DHCP server needs to dynamically allocate an IP address, the recorded IP address is not allocated.
When the DHCP server records the source IP address of the received ARP packet, a static flag may be set, where the static flag is used to identify that the IP address belongs to a statically configured IP address.
It can be seen that, in the method flow shown in fig. 1, when receiving an ARP packet, querying corresponding lease information according to a source IP address of the ARP packet to determine whether a dynamic terminal (a terminal that acquires an IP address by way of DHCP) that is using the IP address exists, and if so, denying ARP learning according to the ARP packet; otherwise, ARP learning is carried out according to the ARP message, so that address conflict between a static terminal (a terminal for acquiring an IP address in a static configuration mode) and a dynamic terminal is avoided, and in addition, the static terminal is allowed to normally access the network under the condition that the dynamic terminal using the same IP address does not exist.
Further, in one embodiment of the present application, when receiving an ARP packet, before the determining whether lease information corresponding to a source IP address of the ARP packet exists, the method may further include:
judging whether a target first type table item exists or not; the target first-type table entry is a first-type table entry of which the recorded IP address is the same as the source IP address of the ARP message and the MAC address is different from the source MAC address of the ARP message; the first type table item is generated according to the IP address and the MAC address corresponding to the lease information;
if the target first type table item exists, the ARP learning is refused according to the ARP message;
and if the target first type table entry does not exist, determining to execute the step of judging whether lease information corresponding to the source IP address of the ARP message exists or not.
In this embodiment, in order to improve the efficiency of the DHCP server determining whether there is a dynamic terminal that conflicts with the IP address of the static terminal, the DHCP server may generate a first type entry according to the IP address and the MAC address corresponding to the local lease information, and the first type entry may record the IP address and the MAC address corresponding to the lease information.
For example, assuming that the DHCP server stores lease information of IP1 (the corresponding MAC address is MAC1) and lease information of IP2 (the corresponding MAC address is MAC2), the DHCP server may issue first-type entries corresponding to the two pieces of lease information, respectively, where one first-type entry records IP1 and MAC1, and the other records IP2 and MAC 2.
It should be noted that, in this embodiment, the first Type entry may also be referred to as a solidified ARP entry, where the solidified ARP entry may include, in addition to an IP address and a MAC address corresponding to lease information, corresponding VLAN information, Interface (Interface) information, solidifying time (Aging), and Type (Type) information, and the format of the solidified ARP entry may be as shown in table 1:
TABLE 1
Figure BDA0001235226670000051
Figure BDA0001235226670000061
Wherein, Aging is the solidification time (also called Aging time) of the corresponding solidified ARP table entry, Type is the Type of the solidified ARP table entry, i.e. solidification Type (Fixing), and the rest parameters (IP, MAC, VLAN and Interface) are the same as the ordinary ARP table entry.
Accordingly, when the DHCP server receives the ARP packet, the DHCP server may first query the first type entry stored locally according to the source IP address and the source MAC address of the ARP packet without querying corresponding lease information, so as to determine whether the first type entry stored locally includes the first type entry (referred to herein as a target first type entry) whose recorded IP address is the same as the source IP address of the ARP packet but whose recorded MAC address is different from the source MAC address of the ARP packet.
If the target first type table entry exists, the DHCP server may determine that the source IP address of the ARP packet has been allocated to another terminal in a DHCP manner, so as to avoid IP address collision and ensure that the dynamic terminal can normally access the network, the DHCP server may not perform ARP learning on the ARP packet, for example, the DHCP server may directly discard the ARP packet.
If the target first type table entry does not exist, the DHCP server can further judge whether lease information corresponding to the source IP address of the ARP message exists.
It should be noted that, in this embodiment, the DHCP server may also generate the corresponding first-type entry according to the IP address and the MAC address corresponding to the queried lease information under the condition that the corresponding lease information is queried according to the source IP address of the received ARP packet, that is, the DHCP server may generate the first-type entry for the lease information in which the address conflict occurs, which may save storage resources and improve the utilization rate of the storage resources.
In addition, in this embodiment of the present application, when the DHCP server receives the ARP packet and finds that a first type entry exists locally, where the IP address and the MAC address included in the first type entry are the same as the source IP address and the source MAC address of the ARP packet, the DHCP server needs to refresh the first type entry according to the ARP packet, that is, reset the curing time of the first type entry.
Further, in this embodiment, in order to ensure that a static terminal using the IP address of the dynamic terminal can normally access the network after the dynamic terminal is offline, when the dynamic terminal is offline, the DHCP server needs to remove the lease information corresponding to the dynamic terminal, and also needs to delete the first type entry corresponding to the lease information, and further, when the DHCP server receives the ARP packet whose source IP address is the IP address of the dynamic terminal again, because there is no corresponding target first type entry and lease information, the DHCP server can learn the ARP packet, so that the static terminal using the IP address can normally access the network.
Further, in another embodiment of the present application, when receiving an ARP packet, before the determining whether lease information corresponding to a source IP address of the ARP packet exists, the method may further include:
judging whether a target second type table item exists or not; the target second type table entry is a second type table entry of which the recorded IP address is the same as the source IP address of the ARP message and the MAC address is the same as the source MAC address of the ARP message; the second type table item is generated according to the source IP address and the source MAC address of the ARP message;
if the target second type table item exists, the ARP learning is refused according to the ARP message;
and if the target second type table item does not exist, determining to execute the step of judging whether lease information corresponding to the source IP address of the ARP message exists or not.
In this embodiment, in order to improve the efficiency of the DHCP server determining whether a dynamic terminal that conflicts with an IP address of a static terminal exists, and meanwhile, avoid an excessive load on a CPU (central processing Unit) of the DHCP server due to repeated ARP attacks of the same static terminal, when the DHCP server receives an ARP packet and determines that lease information corresponding to a source IP address of the ARP packet locally exists, the DHCP server may generate a second type entry according to the source IP address and the MAC address of the ARP packet, where the second type entry may record the source IP address and the source MAC address of the ARP packet, and when the DHCP server receives an ARP packet whose source IP address and source MAC address are respectively the same as the IP address and the MAC address in the second type entry again, the DHCP server may not learn the ARP packet.
For example, when the DHCP server receives an ARP packet whose source IP address and source MAC address are IP1 and MAC1, respectively, and determines that lease information corresponding to IP1 exists locally, the DHCP server may generate a corresponding second type entry according to the source IP address and the source MAC address of the ARP packet, where the second type entry may record the source IP address and the source MAC address of the ARP packet, that is, IP1 and MAC 1.
It should be noted that, in this embodiment, the second type entry may also be referred to as a silent entry, and the silent entry may include an aging time in addition to the IP address and the MAC address, and its format may be as shown in table 2:
TABLE 2
IP MAC Aging
IP1 MAC1 T1
Accordingly, when the DHCP server receives the ARP packet, the DHCP server may first query the locally stored second-type entry according to the source IP address and the source MAC address of the ARP packet instead of querying the corresponding lease information, so as to determine whether the locally stored second-type entry includes the second-type entry (referred to herein as a target second-type entry) in which the recorded IP address is the same as the source IP address of the ARP packet and the recorded MAC address is the same as the source MAC address of the ARP packet.
If the target second type entry exists, the DHCP server may not perform ARP learning on the ARP packet, for example, the DHCP server may directly discard the ARP packet.
If the target second type table entry does not exist, the DHCP server can further judge whether lease information corresponding to the source IP address of the ARP message exists.
Further, in this embodiment, in order to ensure that a static terminal using the IP address of the dynamic terminal can normally access the network after the dynamic terminal is offline, when the dynamic terminal is offline, the DHCP server needs to remove the lease information corresponding to the dynamic terminal, and also needs to delete the second type entry corresponding to the lease information, and further, when the DHCP server receives the ARP packet whose source IP address is the IP address of the dynamic terminal again, because there is no corresponding target second type entry and lease information, the DHCP server can learn the ARP packet, so that the static terminal using the IP address can normally access the network.
It should be noted that, in the embodiment of the present application, the DHCP server may also store the first type entry and the second type entry at the same time.
Correspondingly, in one embodiment, when the DHCP server receives the ARP message, the DHCP server may first determine whether a target first-type entry exists, and if the target first-type entry exists, refuse to perform ARP learning according to the ARP message; if the target first type table item does not exist, further judging whether a target second type table item exists or not; if the target second type table item exists, the ARP learning is refused according to the ARP message; and if the target second type table item does not exist, executing the step of judging whether lease information corresponding to the source IP address of the received ARP message exists or not.
In another embodiment, when the DHCP server receives the ARP message, the DHCP server may first determine whether a target second type entry exists, and if the target second type entry exists, refuse to perform ARP learning according to the ARP message; if the target second type table item does not exist, further judging whether the target first type table item exists or not; if the target first type table item exists, the ARP learning is refused according to the ARP message; and if the target first type table entry does not exist, executing the step of judging whether lease information corresponding to the source IP address of the received ARP message exists or not.
In order to enable those skilled in the art to better understand the technical solutions provided in the embodiments of the present application, the technical solutions provided in the embodiments of the present application are described below with reference to specific application scenarios.
Referring to fig. 2, which is a schematic diagram of an architecture of a specific application scenario provided in an embodiment of the present application, as shown in fig. 2, in the application scenario, an egress router of an enterprise simultaneously serves as a DHCP server to allocate an IP address to a terminal inside the enterprise, and a terminal in an internal network of the enterprise acquires the IP address from the DHCP server through a switch and accesses an external network. Here, the MAC address of PC (Personal Computer) 1 is MAC1, and the MAC address of PC2 is MAC 2.
Based on the application scenario shown in fig. 2, the implementation flow of the message processing scheme provided in the embodiment of the present application is as follows:
suppose that the PC1 acquires the IP1 from the DHCP server by way of DHCP and accesses the external network by using IP1, and accordingly, the DHCP server stores a lease corresponding to the IP1, where the MAC address corresponding to the lease is MAC1, the VLAN is VLAN1, the Interface is Interface1, and the aging time is T1. The user has configured IP1 on PC2 by way of static configuration.
The first embodiment,
1. When a DHCP server receives an ARP message sent by a PC2, a self-maintained solidified ARP table entry is inquired according to a source IP address (namely IP1) and a source MAC address (MAC2) of the ARP message; finding that there is no solidified ARP entry comprising an IP address of IP 1;
2. the DHCP server inquires locally stored lease information according to the IP1 of the ARP message, finds that lease information corresponding to the IP1 locally exists, namely the IP1 is already given to other terminals by the DHCP server in a DHCP mode, and in order to avoid address conflict, the DHCP server does not learn the ARP message and discards the ARP message;
3. the DHCP server generates a solidified ARP entry as shown in table 3 according to lease information corresponding to IP 1:
TABLE 3
IP MAC VLAN Interface Aging Type
IP1 MAC1 VLAN1 Interface1 T1 Fixing
4. When the DHCP server receives the ARP message with the source IP address of IP1 sent by the PC2 again, the DHCP server does not learn the ARP message and discards the ARP message because the solidified ARP table entry which comprises the same IP address as the source IP address of the ARP message and has the MAC address different from the source MAC address of the ARP message exists;
5. assuming that the PC1 is offline at a certain time, the DHCP server clears the lease information corresponding to the IP1 stored locally, and deletes the solidified ARP table entry shown in the table 3; at this time, if the DHCP server receives the ARP packet with the source IP address IP1 sent by the PC2 again, since the fixed ARP entry with the same IP address as the source IP address of the ARP packet and a different MAC address from the source MAC address of the ARP packet cannot be queried, and the lease information corresponding to IP1 cannot be queried, the DHCP server can learn the ARP packet, and the PC2 can normally access the network using IP 1.
If the PC2 is always on-line and the PC1 is on-line again, the device preferentially allocates the original IP address (i.e., IP1) to the PC1, but address conflict is checked during allocation to find that address conflict exists, and at this time, the DHCP server allocates a new IP address to the PC1, so that both the PC1 and the PC2 can normally access the network.
Example II,
1. When a DHCP server receives an ARP message sent by a PC2, inquiring a self-maintained silence table entry according to a source IP address (namely IP1) and a source MAC address (MAC2) of the ARP message; discovering that there is no silence table entry including an IP address of IP1 and a MAC address of MAC 2;
2. the DHCP server inquires locally stored lease information according to the IP1 of the ARP message, finds that lease information corresponding to the IP1 locally exists, namely the IP1 is already given to other terminals by the DHCP server in a DHCP mode, and in order to avoid address conflict, the DHCP server does not learn the ARP message and discards the ARP message;
3. the DHCP server generates a silent table entry as shown in table 4 according to the ARP message:
TABLE 4
IP MAC Aging
IP1 MAC2 T1
4. When the DHCP server receives the ARP message which is sent by the PC2 and has the source IP address of IP1 and the source MAC address of MAC2 again, the DHCP server does not learn the ARP message and discards the ARP message because the included IP address is the same as the source IP address of the ARP message and the MAC address is the same as the source MAC address of the ARP message;
5. assuming that the PC1 goes offline at a certain time, the DHCP server clears lease information corresponding to the locally stored IP1, and deletes the silent table entry shown in table 4; at this time, if the DHCP server receives the ARP packet with the source IP address IP1 and the source MAC address MAC2 sent by the PC2 again, the DHCP server can learn the ARP packet because the IP address included in the ARP packet is the same as the source IP address of the ARP packet, the MAC address is also the same as the source MAC address of the ARP packet, and the silence entry corresponding to the IP1 is also not queried, and thus the PC2 can normally access the network using the IP 1.
If the PC2 is always on-line and the PC1 is on-line again, the device preferentially allocates the original IP address (i.e., IP1) to the PC1, but address conflict is checked during allocation to find that address conflict exists, and at this time, the DHCP server allocates a new IP address to the PC1, so that both the PC1 and the PC2 can normally access the network.
As can be seen from the above description, in the technical solution provided in the embodiment of the present application, when an ARP packet is received, by determining whether lease information corresponding to a source IP address of the ARP packet exists; and refusing to conduct ARP learning according to the ARP message when lease information corresponding to the source IP address exists; and when no lease information corresponding to the source IP address exists, performing ARP learning according to the ARP message, avoiding address conflict between the static terminal and the dynamic terminal, and ensuring that the static terminal can normally access the network under the condition of no address conflict.
Referring to fig. 3, a schematic structural diagram of a message processing apparatus provided in this embodiment is shown, where the message processing apparatus may be applied to a DHCP address assignment device in the foregoing method embodiment, for example, to a DHCP server, and as shown in fig. 3, the message processing apparatus may include:
a receiving unit 310, configured to receive an ARP packet;
a determining unit 320, configured to determine whether lease information corresponding to a source internet protocol IP address of an ARP packet exists when the receiving unit receives the ARP packet;
a learning unit 330, configured to deny performing ARP learning according to the ARP packet if lease information corresponding to the source IP address exists; and if no lease information corresponding to the source IP address exists, performing ARP learning according to the ARP message.
Referring to fig. 4 together, a schematic structural diagram of another message processing apparatus provided in this embodiment of the present application is shown in fig. 4, where, on the basis of the message processing apparatus shown in fig. 3, the message processing apparatus shown in fig. 4 further includes:
a first generating unit 340, configured to generate a first type entry according to the IP address and the MAC address corresponding to the lease information;
correspondingly, the determining unit 320 is further configured to determine whether a target first type entry exists when the receiving unit receives the ARP packet; the target first type table entry is a first type table entry of which the recorded IP address is the same as the source IP address of the ARP message and the MAC address is different from the source MAC address of the ARP message;
the learning unit 330 is further configured to, if the target first type entry exists, refuse to perform ARP learning according to the ARP packet;
the determining unit 320 is further configured to determine whether lease information corresponding to the source IP address of the ARP packet exists if the target first type entry does not exist.
Referring to fig. 5, which is a schematic structural diagram of another message processing apparatus provided in the embodiment of the present application, as shown in fig. 5, on the basis of the message processing apparatus shown in fig. 4, the message processing apparatus shown in fig. 5 further includes:
a first deleting unit 350, configured to delete the target first-type entry when the lease information corresponding to the source IP address is cleared.
Referring to fig. 6 together, a schematic structural diagram of another message processing apparatus provided in this embodiment of the present application is shown in fig. 6, where, on the basis of the message processing apparatus shown in fig. 3, the message processing apparatus shown in fig. 6 further includes:
a second generating unit 360, configured to generate a second type entry according to the source IP address and the source MAC address of the ARP packet;
the determining unit 320 is further configured to determine whether a target second type entry exists when the receiving unit receives the ARP packet; the target second type table entry is a second type table entry of which the recorded IP address is the same as the source IP address of the ARP message and the MAC address is the same as the source MAC address of the ARP message;
the learning unit 330 is further configured to, if the target second type entry exists, refuse to perform ARP learning according to the ARP packet;
the determining unit 320 is further configured to determine whether lease information corresponding to the source IP address of the ARP packet exists if the target second type entry does not exist.
Referring to fig. 7, which is a schematic structural diagram of another message processing apparatus provided in the embodiment of the present application, as shown in fig. 7, on the basis of the message processing apparatus shown in fig. 6, the message processing apparatus shown in fig. 7 further includes:
a second deleting unit 370, configured to delete the target second-type entry when the lease information corresponding to the source IP address is cleared
The implementation process of the functions and actions of each unit in the above device is specifically described in the implementation process of the corresponding step in the above method, and is not described herein again.
For the device embodiments, since they substantially correspond to the method embodiments, reference may be made to the partial description of the method embodiments for relevant points. The above-described embodiments of the apparatus are merely illustrative, and the units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the modules can be selected according to actual needs to achieve the purpose of the scheme of the application. One of ordinary skill in the art can understand and implement it without inventive effort.
As can be seen from the above embodiments, when an ARP packet is received, lease information corresponding to a source IP address of the ARP packet is determined to exist; and refusing to conduct ARP learning according to the ARP message when lease information corresponding to the source IP address exists; and when no lease information corresponding to the source IP address exists, performing ARP learning according to the ARP message, avoiding address conflict between the static terminal and the dynamic terminal, and ensuring that the static terminal can normally access the network under the condition of no address conflict.
Other embodiments of the present application will be apparent to those skilled in the art from consideration of the specification and practice of the invention disclosed herein. This application is intended to cover any variations, uses, or adaptations of the invention following, in general, the principles of the application and including such departures from the present disclosure as come within known or customary practice within the art to which the invention pertains. It is intended that the specification and examples be considered as exemplary only, with a true scope and spirit of the application being indicated by the following claims.
It will be understood that the present application is not limited to the precise arrangements described above and shown in the drawings and that various modifications and changes may be made without departing from the scope thereof. The scope of the application is limited only by the appended claims.

Claims (10)

1. A message processing method is applied to DHCP address allocation equipment, and is characterized in that the method comprises the following steps:
when an Address Resolution Protocol (ARP) message sent by a target terminal is received, judging whether lease information corresponding to a source Internet Protocol (IP) address of the ARP message exists or not; the target terminal is a terminal for acquiring an IP address in a static configuration mode;
if the lease information corresponding to the source IP address exists, the ARP learning is refused according to the ARP message;
and if no lease information corresponding to the source IP address exists, performing ARP learning according to the ARP message.
2. The method according to claim 1, wherein when receiving an ARP packet sent by a target terminal, before determining whether lease information corresponding to a source internet protocol IP address of the ARP packet exists, the method further comprises:
judging whether a target first type table item exists or not; the target first type table entry is a first type table entry of which the recorded IP address is the same as the source IP address of the ARP message and the MAC address is different from the source MAC address of the ARP message; the first type table item is generated according to the IP address and the MAC address corresponding to the lease information;
if the target first type table item exists, the ARP learning is refused according to the ARP message;
and if the target first type table entry does not exist, determining to execute the step of judging whether lease information corresponding to the source IP address of the ARP message exists.
3. The method of claim 2, further comprising:
and deleting the target first type table item when the lease information corresponding to the source IP address is cleared.
4. The method according to claim 1, wherein when receiving an ARP packet sent by a target terminal, before determining whether lease information corresponding to a source internet protocol IP address of the ARP packet exists, the method further comprises:
judging whether a target second type table item exists or not; the target second type table entry is a second type table entry of which the recorded IP address is the same as the source IP address of the ARP message and the MAC address is the same as the source MAC address of the ARP message; the second type table entry is generated according to the source IP address and the source MAC address of the ARP message;
if the target second type table item exists, the ARP learning is refused according to the ARP message;
and if the target second type table item does not exist, determining to execute the step of judging whether lease information corresponding to the source IP address of the ARP message exists.
5. The method of claim 4, further comprising:
and deleting the target second type table item when the lease information corresponding to the source IP address is cleared.
6. A message processing apparatus, wherein the apparatus is applied to a DHCP address assignment device, the apparatus comprising:
a receiving unit, configured to receive an ARP packet;
the judging unit is used for judging whether lease information corresponding to a source Internet Protocol (IP) address of an ARP message exists or not when the receiving unit receives the ARP message sent by a target terminal; the target terminal is a terminal for acquiring an IP address in a static configuration mode;
the learning unit is used for refusing to carry out ARP learning according to the ARP message if lease information corresponding to the source IP address exists; and if no lease information corresponding to the source IP address exists, performing ARP learning according to the ARP message.
7. The apparatus of claim 6, further comprising:
the first generation unit is used for generating a first type table item according to the IP address and the MAC address corresponding to the lease information;
the judging unit is also used for judging whether a target first type table item exists or not when the receiving unit receives the ARP message sent by the target terminal; the IP address recorded in the target first type table entry is the same as the source IP address of the ARP message, and the MAC address is different from the source MAC address of the ARP message;
the learning unit is further configured to refuse to perform ARP learning according to the ARP packet if the target first type entry exists;
the judging unit is further configured to judge whether lease information corresponding to the source IP address of the ARP packet exists if the target first type entry does not exist.
8. The apparatus of claim 7, further comprising:
and the first deleting unit is used for deleting the target first type table item when the lease information corresponding to the source IP address is cleared.
9. The apparatus of claim 6, further comprising:
a second generation unit, configured to generate a second type entry according to the source IP address and the source MAC address of the ARP packet;
the judging unit is also used for judging whether a target second type table item exists or not when the receiving unit receives the ARP message sent by the target terminal; the IP address recorded in the target second type table entry is the same as the source IP address of the ARP message, and the MAC address is the same as the source MAC address of the ARP message;
the learning unit is further configured to refuse to perform ARP learning according to the ARP packet if the target second type entry exists;
the judging unit is further configured to judge whether lease information corresponding to the source IP address of the ARP packet exists if the target second type entry does not exist.
10. The apparatus of claim 9, further comprising:
and the second deleting unit is used for deleting the target second type table item when the lease information corresponding to the source IP address is cleared.
CN201710114258.8A 2017-02-28 2017-02-28 Message processing method and device Active CN106878485B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710114258.8A CN106878485B (en) 2017-02-28 2017-02-28 Message processing method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710114258.8A CN106878485B (en) 2017-02-28 2017-02-28 Message processing method and device

Publications (2)

Publication Number Publication Date
CN106878485A CN106878485A (en) 2017-06-20
CN106878485B true CN106878485B (en) 2020-07-07

Family

ID=59169457

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710114258.8A Active CN106878485B (en) 2017-02-28 2017-02-28 Message processing method and device

Country Status (1)

Country Link
CN (1) CN106878485B (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111683162B (en) * 2020-06-09 2022-10-25 福建健康之路信息技术有限公司 IP address management method based on flow identification
CN111988446B (en) * 2020-08-26 2023-05-23 锐捷网络股份有限公司 Message processing method and device, electronic equipment and storage medium
CN114024932B (en) * 2021-10-29 2024-08-20 济南浪潮数据技术有限公司 Node access control method, node access management method, device and medium

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1738269A (en) * 2004-08-17 2006-02-22 杭州华为三康技术有限公司 Method to allocate protocol relay address table and server address pool for synchronization dynamic host machine
CN1835515A (en) * 2006-04-12 2006-09-20 杭州华为三康技术有限公司 Method and device of going repeating in configuration procedue of dynamic host address
CN101175080A (en) * 2007-07-26 2008-05-07 杭州华三通信技术有限公司 Method and system for preventing ARP message attack
CN101674338A (en) * 2009-10-16 2010-03-17 福建星网锐捷网络有限公司 Recovering method of IP address and DHCP server
CN102281333A (en) * 2010-06-11 2011-12-14 中兴通讯股份有限公司 Method and system for avoiding IP address conflict, DHCP server and DHCP client
CN106131235A (en) * 2016-06-28 2016-11-16 上海斐讯数据通信技术有限公司 A kind of IP address configuration method

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8606940B2 (en) * 2008-02-06 2013-12-10 Alcatel Lucent DHCP address conflict detection/enforcement

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1738269A (en) * 2004-08-17 2006-02-22 杭州华为三康技术有限公司 Method to allocate protocol relay address table and server address pool for synchronization dynamic host machine
CN1835515A (en) * 2006-04-12 2006-09-20 杭州华为三康技术有限公司 Method and device of going repeating in configuration procedue of dynamic host address
CN101175080A (en) * 2007-07-26 2008-05-07 杭州华三通信技术有限公司 Method and system for preventing ARP message attack
CN101674338A (en) * 2009-10-16 2010-03-17 福建星网锐捷网络有限公司 Recovering method of IP address and DHCP server
CN102281333A (en) * 2010-06-11 2011-12-14 中兴通讯股份有限公司 Method and system for avoiding IP address conflict, DHCP server and DHCP client
CN106131235A (en) * 2016-06-28 2016-11-16 上海斐讯数据通信技术有限公司 A kind of IP address configuration method

Also Published As

Publication number Publication date
CN106878485A (en) 2017-06-20

Similar Documents

Publication Publication Date Title
US10187459B2 (en) Distributed load balancing system, health check method, and service node
CN107733670B (en) A forwarding strategy configuration method and device
WO2019144826A1 (en) Network identifier mapping method and system, terminal, and identification gateway
CN106412142B (en) Resource equipment address obtaining method and device
US10791167B2 (en) User migration
US9973399B2 (en) IPV6 address tracing method, apparatus, and system
CN107800625B (en) Message forwarding method and device
CN107094110B (en) DHCP message forwarding method and device
CN104468574A (en) Dynamic IP address acquisition method, system and device for virtual machines
CN106657434B (en) method and device for checking IP address
CN106878480B (en) DHCP service process sharing method and device
CN104579887A (en) Cloud gateway, cloud gateway creation and configuration system and method
CN110995886A (en) Network address management method, device, electronic equipment and medium
CN106878485B (en) Message processing method and device
WO2020181735A1 (en) Method for providing network address translation (nat) service and controller
CN106027354B (en) The reflow method and device of VPN client
CN113014680A (en) Broadband access method, device, equipment and storage medium
US20150237005A1 (en) Address processing
CN105897758A (en) Container access control method and device
CN107046585A (en) Dynamic Host Configuration Protocol server system of selection and device
CN109743357A (en) A kind of successional implementation method of business access and device
WO2017219777A1 (en) Packet processing method and device
CN108667957B (en) IP address allocation method, first electronic device and first server
CN106878479B (en) Address allocation method and device
CN107105072B (en) Method and device for creating ARP (Address resolution protocol) table entry

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant