公开(公告)号：US20170353431A1

公开(公告)日：2017-12-07

申请号：US15175100

申请日：2016-06-07

Applicant: ABB Technology AG

Inventor： Danurahardjo Tjahjono ,  Prabhat Regmi

IPC: H04L29/06 ,  H04L12/741 ,  H04L12/931 ,  H04L29/08 ,  H04L12/707

CPC classification number: H04L63/0227 ,  H04L12/4641 ,  H04L45/22 ,  H04L45/745 ,  H04L49/354 ,  H04L63/10 ,  H04L63/20 ,  H04L69/325 ,  H04L2012/445

Abstract: One or more techniques and/or systems are provided for network isolation. For example, nodes within a mesh of devices may be configured with routing rules, main routing tables, and alternative routing tables, such as at a layer-3 network layer. The routing rules may specify that packets received from downstream are to be routed upstream to either a gateway or a backhaul device for evaluation as to whether such packets are allowed to be communicated back downstream to destination recipients using main routing tables. An isolation rule may be configured to specify whether to block or allow packets. In an example, the gateway may either block or allow packets based upon whether a source and destination are within a same virtual local area network or are within different virtual local area networks. In this way, selective device isolation may be provided, such as at the layer-3 network layer.

公开(公告)号：US10148618B2

公开(公告)日：2018-12-04

申请号：US15175100

申请日：2016-06-07

Applicant: ABB Technology AG

Inventor： Danurahardjo Tjahjono ,  Prabhat Regmi

IPC: H04L29/06 ,  H04L12/707 ,  H04L12/931 ,  H04L29/08 ,  H04L12/46 ,  H04L12/741

Abstract: One or more techniques and/or systems are provided for network isolation. For example, nodes within a mesh of devices may be configured with routing rules, main routing tables, and alternative routing tables, such as at a layer-3 network layer. The routing rules may specify that packets received from downstream are to be routed upstream to either a gateway or a backhaul device for evaluation as to whether such packets are allowed to be communicated back downstream to destination recipients using main routing tables. An isolation rule may be configured to specify whether to block or allow packets. In an example, the gateway may either block or allow packets based upon whether a source and destination are within a same virtual local area network or are within different virtual local area networks. In this way, selective device isolation may be provided, such as at the layer-3 network layer.