Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Method, device and system for assuring correct execution

A technology with correct execution order, applied in the field of network communication, it can solve the problems of reversed execution order of ACL rules and inability to meet customer needs, etc.

Active Publication Date: 2009-08-19
HEWLETT-PACKARD ENTERPRISE DEV LP
View PDF5 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0016] However, see figure 1 , since the mask corresponding to rule 3 is the same as the first issued rule 1, the MASK entry and RULE entry corresponding to rule 3 are both before the MASK entry and RULE entry corresponding to rule 2. In this way, when After the network device receives a message that can match rule 3 and rule 2 at the same time on port 1, because the actions in rule 3 and rule 2 conflict, it will only execute the rule matched according to the first established MASK entry 1. The action in 3 is to forward the packet, but not to execute the action in rule 2 matched according to the mask entry 2 established later, that is, to discard the packet. In this way, the problem of executing the ACL rules is reversed. That is to say, in the actual service implementation, the network device does not execute the service processing corresponding to rule 1, rule 2 and rule 3 in sequence according to the implementation requirements of the ACL rules
[0017] When the execution sequence of the ACL rules is reversed, if the two ACL rules with the reverse execution order intersect and the actions conflict, for example, for rule 2 and rule 3, rule 2 and rule 3 intersect and the actions conflict, the rule 2 requires discarding packets whose IP addresses meet rule 2.2.11.3 / 32, but rule 3 requires forwarding packets whose IP addresses meet rule 2.2.11.3 / 32, then, after executing the two ACL rules in reverse order, then Cannot perform correct business processing on messages, unable to meet customer needs

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method, device and system for assuring correct execution
  • Method, device and system for assuring correct execution
  • Method, device and system for assuring correct execution

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0056] The present invention proposes a method for ensuring correct execution of ACL rules, the core idea of ​​which is: compare all ACL rules issued to any port of a network device, and judge whether there are any two ACL rules whose execution order is reversed, If so, the two ACL rules are adjusted according to the principle that the rules are delivered first and then take effect; the network device sets hardware entries corresponding to the port according to all adjusted ACL rules.

[0057] Correspondingly, the present invention also proposes a device for ensuring correct execution of ACL rules. Figure 2A is a structural schematic diagram of a device for ensuring correct execution in the present invention. see Figure 2A , in the present invention, the device for ensuring correct execution of ACL rules includes: an interaction unit and an adjustment unit, wherein,

[0058] The interaction unit is used to sequentially receive all ACL rules delivered to any port of the net...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

A method for ensuring correct execution includes comparing all rules down-sent on any port of network device to judge whether any two rules are upside down in execution order or not and regulating any two rules according to principle of first down-send rule to be firstly validated if it is then down-sending all regulated rules on said port of network device in sequence for ensuring correct service treatment on message. The unit used fro realizing said method is also disclosed.

Description

technical field [0001] The invention relates to network communication technology, in particular to a method, device and system for ensuring correct implementation of access control list (ACL) rules. Background technique [0002] At present, in order to enable network devices to perform various business processes according to user requirements when receiving packets, for example, to be able to redirect received packets or discard received packets, etc., it is usually necessary to The corresponding ACL rules are delivered to the ports of the device, and the service processing requirements of various packets are recorded in the ACL rules. When a network device receives a packet on a port, it first matches the packet with the ACL rule corresponding to the port, and performs corresponding service processing on the packet according to the matched ACL rule. [0003] In the network device, in order to record all ACL rules issued to each port, hardware entries are set for each port,...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06H04L12/56
Inventor 王明辉赵品
Owner HEWLETT-PACKARD ENTERPRISE DEV LP
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com