PACKET ACCESS CONTROL METHOD, FORWARDING ENGINE, AND COMMUNICATION APPARATUS
First Claim
1. A packet access control method, comprising:
- querying an Access Control List (ACL) according to information on a received packet if the received packet does not need to be forwarded, and processing the packet according to an ACL rule if the packet hits the ACL rule, or sending the packet to a control plane through bandwidth available from a first bandwidth parameter if no ACL rule is hit, whereinthe information on the packet comprises at least one of the following;
source IP address, destination IP address, source port, destination port and protocol number.
1 Assignment
0 Petitions
Accused Products
Abstract
A packet access control method includes: setting a first bandwidth parameter, and judging whether a received packet needs to be forwarded according to information on the received packet; querying the ACL according to the information on the packet if the packet does not need to be forwarded; performing a corresponding action if the packet hits an ACL rule, or sending the packet to the control plane by applying the first bandwidth parameter if the packet hits no ACL rule. Moreover, a packet forwarding engine and communication apparatus is provided. Through the method, packet forwarding engine and communication apparatus under the present invention, both precise control and service operation stability are implemented, thus improving stability of the apparatus and availability of the whole network.
78 Citations
19 Claims
-
1. A packet access control method, comprising:
-
querying an Access Control List (ACL) according to information on a received packet if the received packet does not need to be forwarded, and processing the packet according to an ACL rule if the packet hits the ACL rule, or sending the packet to a control plane through bandwidth available from a first bandwidth parameter if no ACL rule is hit, wherein the information on the packet comprises at least one of the following;
source IP address, destination IP address, source port, destination port and protocol number. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A packet access control method, comprising:
-
querying an Access Control List (ACL) according to information on a received packet if the received packet does not need to be forwarded; sending the packet to a control plane through bandwidth available from a first bandwidth parameter if the packet hits no ACL rule; and sending the packet to the control plane through the bandwidth available from a second bandwidth parameter if the packet hits an ACL rule, wherein the bandwidth available from the second bandwidth parameter is higher than the bandwidth available from the first bandwidth parameter. - View Dependent Claims (8)
-
-
9. A packet forwarding engine, comprising:
-
a setting module, adapted to set bandwidth parameters; a storing module, adapted to store and update an Access Control List (ACL); a receiving module, adapted to receive a packet; a forwarding judging module, adapted to judge whether the packet needs to be forwarded according to information on the packet received by the receiving module; an access control module, adapted to query ACL rules in the ACL, and query the ACL rules stored in the storing module according to the information on the packet after the forwarding judging module determines that the packet does not need to be forwarded; and a processing module, adapted to process the packet received by the receiving module according to a hit ACL rule if the ACL rule is hit, or send the packet received by the receiving module to a control plane by applying a first bandwidth parameter set by the setting module if no ACL rule is hit. - View Dependent Claims (10, 11, 12, 13)
-
-
14. A communication apparatus, comprising:
-
a control unit, adapted to configure an Access Control List (ACL) and process a packet; and a data unit, adapted to;
set a bandwidth parameter and judge whether a received packet needs to be forwarded according to information on the received packet;
query the ACL configured by the control unit according to the information on the packet if the packet does not need to be forwarded; and
perform a corresponding operation if an ACL rule is hit, or send the packet to the control unit by applying the set bandwidth parameter if no ACL rule is hit. - View Dependent Claims (15, 16, 17, 18, 19)
-
Specification