Abstract:
Embodiments of the present application provide an NDM file protection method and apparatus. The method includes: a sending device generates integrity information of an NDM file, and sends the NDM file and the integrity information of the NDM file to a receiving device, so that the receiving device verifies, according to the integrity information, whether the NDM file is tampered with.
Abstract:
Embodiments of the present invention relate to the field of security channel multiplexing, and disclose a method and an apparatus for multiplexing a HIP security channel. A method includes: receiving a message for requesting to transmit data; detecting whether a HIP security channel is established with the HIP host; if true, transmitting control signaling to the HIP host, where the control signaling is used to request to multiplex the HIP security channel to transmit data of the traditional host; if a response message returned from the HIP host is received, transmitting the data of the traditional host to the HIP host through the HIP security channel. With embodiments of the present invention, the quantity of HIP security channels established between the HIP proxy and the HIP host and the loads of maintaining the security channel can be reduced, and the utilization of the HIP security channel is increased.
Abstract:
This application provides a certificate obtaining method, an authentication method, and a network device, to improve control over operation permission of an APP on an API. The certificate is used for permission authentication when the APP accesses an API of a controller. The certificate includes one or more of (a) to (c): (a) information about operation permission of the APP on N application programming interfaces APIs of the controller, (b) identifiers of L APIs that are of the N APIs and that the APP has permission to operate, and (c) identifiers of R APIs that are of the N APIs and that the APP has no permission to operate.
Abstract:
The present disclosure discloses a method for processing a host route in a virtual subnet, a related device and a communications system. The method includes: receiving, by a first provider edge device, a packet for address resolution, where a virtual subnet site in which the first provider edge device is located further includes at least one second provider edge device; determining, by the first provider edge device, whether a source MAC address carried in the packet is a virtual MAC address; and when it is determined that the source MAC address is a virtual MAC address, skipping performing at least one of the following operations: saving a local CE host routing table entry corresponding to a source IP address carried in the packet, or distributing, in the virtual subnet based on a routing protocol of a layer 3 VPN, a local CE host route corresponding to the IP address.
Abstract:
This application provides a method for implementing a Layer 3 virtual private network (L3VPN) and an apparatus. The method includes receiving, by a first PE, an attachment notification packet sent by a first terminal device, a first site attaches to an L3VPN by using the first PE; a second site attaches to the L3VPN by using a second PE, and a first terminal device attaches to a second site before attaching to the first site. The method also includes obtaining, by the first PE, an IP address of a second terminal device, and the second terminal device attaches to the second Site; and sending, by the first PE, a binding update notification packet to the first terminal device, where the binding update notification packet carries a MAC address of the first PE and the IP address of the second terminal device.
Abstract:
The present invention discloses a network transaction control method. The network transaction control method includes: sending, by a network controller, according to a network transaction, an operation set package including at least one operation instruction to at least two forwarding devices, where: the operation set package includes an atomic operation identifier; receiving an execution status message fed back by each forwarding device; and if it is determined, according to each execution status message, that an operation result of any operation instruction executed by any forwarding device is: execution failed, separately sending a rollback control instruction including the atomic operation identifier to each forwarding device for which no execution failure is determined, so as to instruct each forwarding device to restore to a state that is prior to execution of each operation instruction.