公开(公告)号：US10819832B2

公开(公告)日：2020-10-27

申请号：US15344193

申请日：2016-11-04

Applicant: Huawei Technologies Co., Ltd.

Inventor： Yibin Xu ,  Bing Sun

IPC: H04L29/06 ,  H04L12/823 ,  H04L29/08 ,  H04L12/701 ,  H04L12/863

Abstract: A packet processing method, apparatus, and device are disclosed. The method includes: receiving, by a forwarding plane, an item from a control plane of the forwarding plane, where the item includes an identifier of a connected terminal; receiving an access protocol packet; when the access protocol packet is not an authentication start packet, determining, by the forwarding plane according to the identifier of the connected terminal, whether a terminal served by the access protocol packet is the connected terminal; and discarding, by the forwarding plane, the access protocol packet when the access protocol packet is not the authentication start packet and when the terminal served by the access protocol packet is not the connected terminal. The method improves user experience.

公开(公告)号：US20200177600A1

公开(公告)日：2020-06-04

申请号：US16786568

申请日：2020-02-10

Applicant: Huawei Technologies Co., Ltd.

Inventor： Yibin Xu ,  Donghui Wang ,  Rong Yang

IPC: H04L29/06 ,  H04W12/06 ,  H04W12/00 ,  H04L29/08

Abstract: A method and an apparatus for granting network permission to a terminal include receiving, by an authentication device, a network permission request packet sent by a terminal, granting, by the authentication device, first network permission to the terminal receiving, by the authentication device, a first authentication failure message sent by a server after granting the first network permission to the terminal, and withdrawing, by the authentication device, the first network permission of the terminal based on the first authentication failure message. Therefore, the authentication device can grant the network permission to the terminal before receiving an authentication result sent by the server, and withdraw the network permission in time when receiving the first authentication failure message sent by the server.

公开(公告)号：US10178129B2

公开(公告)日：2019-01-08

申请号：US15153195

申请日：2016-05-12

Applicant: Huawei Technologies Co., Ltd.

Inventor： Yibin Xu ,  Bing Sun ,  Jun Li

IPC: H04L29/06

Abstract: A network security method and a device relating to the field of network communication where the method includes, recording a correspondence between an Internet Protocol (IP) address and an security group tag (SGT), and executing a network security policy on a receiver of a data packet according to the recorded correspondence between the IP address and the SGT such that SGT information of the receiver does not need to be specially propagated, thereby decreasing network resource consumption and reducing network complexity.

公开(公告)号：US09787536B2

公开(公告)日：2017-10-10

申请号：US14712235

申请日：2015-05-14

Applicant: Huawei Technologies Co., Ltd.

Inventor： Yibin Xu ,  Bing Sun

IPC: H04L12/24 ,  H04L12/741 ,  H04L29/06 ,  H04L12/06 ,  H04L12/08 ,  H04W12/06 ,  H04W12/08

CPC classification number: H04L41/0803 ,  H04L41/0806 ,  H04L41/0816 ,  H04L41/0893 ,  H04L45/74 ,  H04L63/20 ,  H04W12/06 ,  H04W12/08

Abstract: A method and an apparatus for configuring a packet forwarding manner. The method includes receiving, by a control node (CN), a connection establishment request packet from a client device, and acquiring a user attribute according to the request packet; according to the user attribute and a forwarding policy, acquiring, by the first CN, a packet forwarding manner corresponding to the client device, where the forwarding policy includes a packet forwarding manner corresponding to the user attribute; and after authentication succeeds, sending, by the first CN, a message carrying the acquired packet forwarding manner to a wireless access point (AP) associated with the client device, so as to instruct the wireless AP to create a forwarding entry of the client device, where the forwarding entry includes the packet forwarding manner. The present invention implements user-based control of a packet forwarding manner, simplifying configuration and maintenance.

公开(公告)号：US09774563B2

公开(公告)日：2017-09-26

申请号：US14992085

申请日：2016-01-11

Applicant: Huawei Technologies Co., Ltd.

Inventor： Chunning Wang ,  Yibin Xu

IPC: H04L12/28 ,  H04L12/56 ,  H04L29/12 ,  H04L12/46 ,  H04L12/18 ,  H04L29/08

CPC classification number: H04L61/1511 ,  H04L12/18 ,  H04L12/4641 ,  H04L61/1541 ,  H04L61/6013 ,  H04L67/16

Abstract: A packet transmission method, apparatus, and system in a multicast domain name system (mDNS), which are used to resolve a network bandwidth waste problem due to much service information needs to be transmitted in an mDNS-based network. The method includes, converting, by a relay, a known-answer service query packet that is sent by a user terminal and used to query service information in an mDNS, into a unicast known-answer service query packet and sending the unicast known-answer service query packet to a gateway, receiving, by the relay, a unicast known-answer service answer packet that is sent by the gateway and includes service information unknown to the user terminal, and converting, by the relay, the unicast known-answer service answer packet into a multicast known-answer service answer packet and sending the multicast known-answer service answer packet to the user terminal.