CN105191227A - 一种流表项管理方法及设备 - Google Patents
一种流表项管理方法及设备 Download PDFInfo
- Publication number
- CN105191227A CN105191227A CN201480000415.7A CN201480000415A CN105191227A CN 105191227 A CN105191227 A CN 105191227A CN 201480000415 A CN201480000415 A CN 201480000415A CN 105191227 A CN105191227 A CN 105191227A
- Authority
- CN
- China
- Prior art keywords
- controller
- flow table
- table item
- interchanger
- management
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/12—Discovery or management of network topologies
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
- H04L45/38—Flow based routing
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/28—Restricting access to network management systems or functions, e.g. using authorisation function to access network configuration
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
- H04L45/64—Routing or path finding of packets in data switching networks using an overlay routing layer
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
- H04L45/645—Splitting route computation layer and forwarding layer, e.g. routing according to path computational element [PCE] or based on OpenFlow functionality
- H04L45/655—Interaction between route computation entities and forwarding entities, e.g. for route determination or for flow table update
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
- H04L63/0263—Rule management
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/105—Multiple levels of security
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L69/00—Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
- H04L69/08—Protocols for interworking; Protocol conversion
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Business, Economics & Management (AREA)
- General Business, Economics & Management (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
一种流表项管理方法及设备,任一交换机在接收到与其相连接的任一控制器发起的针对任一流表项的管理指令后,可首先根据获取到的所述任一控制器相对所述任一交换机的管理权限等级以及所述任一流表项的安全等级,判断所述任一控制器相对所述任一交换机的管理权限等级是否不低于所述任一流表项对应于所述任一控制器发起的管理指令的安全等级,并在确定判断结果为是时,确定所述任一控制器具备对所述任一流表项进行相应管理的权限,并根据所述任一控制器发起的管理指令对所述任一流表项进行相应管理,从而在避免了对流表项进行随意删除或修改等操作现象的基础上,达到了有效保护流表项、进而提高***安全性的目的。
Description
PCT国内申请,说明书已公开。
Claims (1)
- PCT国内申请,权利要求书已公开。
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
PCT/CN2014/075481 WO2015157935A1 (zh) | 2014-04-16 | 2014-04-16 | 一种流表项管理方法及设备 |
Publications (2)
Publication Number | Publication Date |
---|---|
CN105191227A true CN105191227A (zh) | 2015-12-23 |
CN105191227B CN105191227B (zh) | 2018-09-21 |
Family
ID=54323371
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201480000415.7A Active CN105191227B (zh) | 2014-04-16 | 2014-04-16 | 一种流表项管理方法及设备 |
Country Status (4)
Country | Link |
---|---|
US (1) | US10693731B2 (zh) |
EP (2) | EP3503479B1 (zh) |
CN (1) | CN105191227B (zh) |
WO (1) | WO2015157935A1 (zh) |
Families Citing this family (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US10404577B2 (en) * | 2014-08-28 | 2019-09-03 | Hewlett Packard Enterprise Development Lp | Network compatibility determination based on flow requirements of an application and stored flow capabilities of a software-defined network |
US10432510B2 (en) * | 2015-01-30 | 2019-10-01 | Hewlett Packard Enterprise Development Lp | Forwarding table of hybrid software defined networking switch |
CN107360043A (zh) * | 2017-08-25 | 2017-11-17 | 中国联合网络通信集团有限公司 | 一种在sdn中更改转发设备配置信息的方法及装置 |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1852261A (zh) * | 2006-05-26 | 2006-10-25 | 杭州华为三康技术有限公司 | 维护邻居表项的方法 |
CN101631116A (zh) * | 2009-08-10 | 2010-01-20 | 中国科学院地理科学与资源研究所 | 一种分布式双重授权及访问控制方法和*** |
CN102859952A (zh) * | 2010-04-19 | 2013-01-02 | 日本电气株式会社 | 交换机和流表控制方法 |
WO2013042598A1 (en) * | 2011-09-22 | 2013-03-28 | Nec Corporation | Communication terminal, communication method, and program |
Family Cites Families (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP4196732B2 (ja) * | 2003-05-26 | 2008-12-17 | 日本電気株式会社 | データ転送装置及びプログラム |
GB0425113D0 (en) * | 2004-11-13 | 2004-12-15 | Ibm | A method of determining access rights to IT resources |
US7809123B2 (en) * | 2006-08-02 | 2010-10-05 | At&T Intellectual Property I, L.P. | Method and system for determining independent authorization levels in a VPN |
US8261090B1 (en) * | 2011-09-28 | 2012-09-04 | Google Inc. | Login to a computing device based on facial recognition |
US9866500B2 (en) * | 2012-02-29 | 2018-01-09 | Nec Corporation | Communication apparatus, communication method, communication system and program |
CN104272676A (zh) * | 2012-05-01 | 2015-01-07 | 日本电气株式会社 | 通信***、访问控制装置、交换机、网络控制方法及程序 |
WO2014153759A1 (zh) * | 2013-03-28 | 2014-10-02 | 华为技术有限公司 | 一种访问控制权限管理方法和装置 |
CN104348750B (zh) * | 2013-07-31 | 2019-07-26 | 中兴通讯股份有限公司 | OpenFlow网络中QoS的实现方法及装置 |
CN104426815B (zh) * | 2013-08-27 | 2019-07-09 | 中兴通讯股份有限公司 | 一种sdn中流表下发的方法和***、of控制器和of交换机 |
US20150169345A1 (en) * | 2013-12-18 | 2015-06-18 | International Business Machines Corporation | Software-defined networking (sdn) for management of traffic between virtual processors |
-
2014
- 2014-04-16 EP EP18203642.6A patent/EP3503479B1/en active Active
- 2014-04-16 WO PCT/CN2014/075481 patent/WO2015157935A1/zh active Application Filing
- 2014-04-16 EP EP14889738.2A patent/EP3119043B1/en active Active
- 2014-04-16 CN CN201480000415.7A patent/CN105191227B/zh active Active
-
2016
- 2016-10-14 US US15/293,376 patent/US10693731B2/en active Active
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1852261A (zh) * | 2006-05-26 | 2006-10-25 | 杭州华为三康技术有限公司 | 维护邻居表项的方法 |
CN101631116A (zh) * | 2009-08-10 | 2010-01-20 | 中国科学院地理科学与资源研究所 | 一种分布式双重授权及访问控制方法和*** |
CN102859952A (zh) * | 2010-04-19 | 2013-01-02 | 日本电气株式会社 | 交换机和流表控制方法 |
WO2013042598A1 (en) * | 2011-09-22 | 2013-03-28 | Nec Corporation | Communication terminal, communication method, and program |
Also Published As
Publication number | Publication date |
---|---|
EP3503479B1 (en) | 2020-09-23 |
US20170034005A1 (en) | 2017-02-02 |
EP3119043A4 (en) | 2017-04-19 |
EP3119043A1 (en) | 2017-01-18 |
US10693731B2 (en) | 2020-06-23 |
EP3503479A1 (en) | 2019-06-26 |
EP3119043B1 (en) | 2019-01-09 |
WO2015157935A1 (zh) | 2015-10-22 |
CN105191227B (zh) | 2018-09-21 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN109614226B (zh) | 一种基于Kubernetes的有状态应用存储管理方法 | |
EP3310083A1 (en) | Authorization processing method and device | |
CN109284140B (zh) | 配置方法及相关设备 | |
CN105191227A (zh) | 一种流表项管理方法及设备 | |
CN105337831A (zh) | 虚拟专用网络的实现方法及客户端设备 | |
CN109495422A (zh) | 虚拟防火墙的配置方法、装置以及计算机可读存储介质 | |
CN107276798A (zh) | 一种虚拟化网络服务功能链的实现方法及装置 | |
CN106407203A (zh) | 一种对目标终端进行识别的方法和设备 | |
CN102685267B (zh) | 一种桌面云集群运行态下的ip地址泄露防止方法 | |
CN105072036A (zh) | 一种多实例路由单元的拟态路由决策方法 | |
CN106250356A (zh) | 基于Hash表的继电保护装置抽象对象的快速解析方法 | |
CN112272190A (zh) | 一种数据访问方法和装置 | |
CN102654895A (zh) | 一种生成扫描目录树的方法及装置 | |
CN109981476A (zh) | 一种负载均衡方法和装置 | |
CN106911634A (zh) | 一种登录方法和设备 | |
CN103595618A (zh) | 一种用于保持即时通信会话连续性的方法、服务器及*** | |
CN106130969B (zh) | 一种云计算网络的安全控制方法、及*** | |
CN108259454A (zh) | 一种Portal认证方法和装置 | |
CN105871928B (zh) | 一种分布式网络的安全控制方法及*** | |
CN106454878A (zh) | 一种更新监控任务的方法和装置 | |
CN105160377A (zh) | 一种产品包装关系记录实时生成***及方法 | |
CN114172816A (zh) | 一种网络仿真测试平台 | |
US10348559B2 (en) | Method for creating port group on SDN, SDN controller, and network system | |
CN104023086B (zh) | 一种web集群代码更新方法、装置及*** | |
CN105827667A (zh) | 一种http访问控制方法、服务器及监控*** |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |