DDoS traffic re-injection method, SDN controller, and network system
A traffic re-injection and controller technology, applied in the field of communication, can solve the problems of a large amount of resource investment and high operating costs, and achieve the effect of reducing costs
- Summary
- Abstract
- Description
- Claims
- Application Information
AI Technical Summary
Problems solved by technology
Method used
Image
Examples
Embodiment 1
[0040] Embodiment 1. Embodiments of the present invention provide a DDoS traffic reinjection method, such as figure 1 Shown include:
[0041] S101. When receiving an Address Resolution Protocol (English full name: Address Resolution Protocol, ARP for short) message reported by the cleaning device forwarded by the central SDN forwarding device, deliver the first Openflow flow table to the central SDN forwarding device.
[0042] Wherein, the first Openflow flow table is used to instruct the central SDN forwarding device to send a message carrying a virtual physical address (English full name: Medium Access Control, referred to as: MAC) address to the cleaning device; wherein, the message carrying the virtual MAC address is used for Instruct the cleaning device to send the cleaned DDoS traffic to the central SDN forwarding device; the central SDN forwarding device matches the cleaned DDoS traffic with the protocol (English full name: Internet Protocol, referred to as: IP) between...
Embodiment 2
[0050] Embodiment 2. The embodiment of the present invention provides an SDN controller 10, such as image 3 Shown include:
[0051] The data processing module 101 is configured to deliver the first Openflow flow table to the central SDN forwarding device when receiving the ARP message reported by the cleaning device forwarded by the central SDN forwarding device.
[0052] Wherein, the first Openflow flow table is used to instruct the central SDN forwarding device to send a message carrying a virtual MAC address to the cleaning device; wherein, the message carrying a virtual MAC address is used to instruct the cleaning device to send the cleaned DDoS traffic to the central SDN Forwarding device; the central SDN forwarding device performs destination IP matching on the cleaned DDoS traffic; the central SDN forwarding device performs Vxlan encapsulation on the DDoS traffic after destination IP matching according to the first Openflow flow table, generates the first traffic and r...
Embodiment 3
[0076] Embodiment 3. The embodiment of the present invention provides a computer-readable storage medium that stores one or more programs, and the one or more programs include instructions. When the instructions are executed by a computer, the computer executes any of the methods provided in Embodiment 1. Item DDoS traffic re-injection method. For the specific DDoS traffic reinjection method, refer to the relevant description in the first method embodiment, and will not be repeated here.
[0077] The steps of the methods described in conjunction with the disclosure of the present invention may be implemented by means of hardware, or may be implemented by means of a processor executing software instructions. The software instructions can be composed of corresponding software modules, and the software modules can be stored in RAM, flash memory, ROM, erasable programmable read-only memory (easable programmable ROM, EPROM), electrically erasable programmable read-only memory (elec...
PUM
Abstract
Description
Claims
Application Information
- R&D Engineer
- R&D Manager
- IP Professional
- Industry Leading Data Capabilities
- Powerful AI technology
- Patent DNA Extraction
Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.
© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com