公开(公告)号：US07936670B2

公开(公告)日：2011-05-03

申请号：US11733904

申请日：2007-04-11

申请人： John Paul Cazares ,  Jade W. Clifford ,  Charles Steven Lingafelt ,  Robert Barry Sisk

发明人： John Paul Cazares ,  Jade W. Clifford ,  Charles Steven Lingafelt ,  Robert Barry Sisk

IPC分类号： G06F21/20

CPC分类号： H04L12/4666 ,  H04L63/08 ,  H04L63/0876

摘要： System method and program for controlling access to a VLAN via a port of a VLAN switch system. In response to receipt of a message packet at the port, the switch system determines if a MAC address of the packet matches a MAC address for which the port has been programmed to recognize as a MAC address of a device authorized to communicate with the port. The MAC address of the packet does not match a MAC address for which the port has been programmed to recognize as a MAC address of a device authorized to communicate with the port. In response, the switch system blocks the packet if a rate of ill-formed packets and/or packets from an unrecognized MAC address exceeds a threshold pass rate. The threshold pass rate can be adjusted based on the rate of change of receipt of ill-formed packets and/or packets from an unrecognized MAC address.

摘要翻译： 用于通过VLAN交换机系统的端口控制对VLAN的访问的系统方法和程序。 响应于在端口处接收到消息分组，交换机系统确定分组的MAC地址是否与端口已经被编程的MAC地址匹配以被识别为被授权与端口通信的设备的MAC地址。 数据包的MAC地址与端口已被编程为识别为被授权与端口通信的设备的MAC地址的MAC地址不匹配。 作为响应，如果来自不可识别的MAC地址的不正确的分组和/或分组的速率超过阈值合格率，则交换机系统阻塞分组。 可以基于从不可识别的MAC地址接收到不合格的分组和/或分组的变化率来调整阈值合格率。

公开(公告)号：US20080253380A1

公开(公告)日：2008-10-16

申请号：US11733904

申请日：2007-04-11

申请人： John Paul Cazares ,  Jade W. Clifford ,  Charles Steven Lingafelt ,  Robert Barry Sisk

发明人： John Paul Cazares ,  Jade W. Clifford ,  Charles Steven Lingafelt ,  Robert Barry Sisk

IPC分类号： H04L12/28

CPC分类号： H04L12/4666 ,  H04L63/08 ,  H04L63/0876

摘要： System method and program for controlling access to a VLAN via a port of a VLAN switch system. In response to receipt of a message packet at the port, the switch system determines if a MAC address of the packet matches a MAC address for which the port has been programmed to recognize as a MAC address of a device authorized to communicate with the port. The MAC address of the packet does not match a MAC address for which the port has been programmed to recognize as a MAC address of a device authorized to communicate with the port. In response, the switch system blocks the packet if a rate of ill-formed packets and/or packets from an unrecognized MAC address exceeds a threshold pass rate. The threshold pass rate can be adjusted based on the rate of change of receipt of ill-formed packets and/or packets from an unrecognized MAC address.

摘要翻译： 用于通过VLAN交换机系统的端口控制对VLAN的访问的系统方法和程序。 响应于在端口处接收到消息分组，交换机系统确定分组的MAC地址是否与端口已经被编程的MAC地址匹配以被识别为被授权与端口通信的设备的MAC地址。 数据包的MAC地址与端口已被编程为识别为被授权与端口通信的设备的MAC地址的MAC地址不匹配。 作为响应，如果来自不可识别的MAC地址的不正确的分组和/或分组的速率超过阈值合格率，则交换机系统阻塞分组。 可以基于从不可识别的MAC地址接收到不合格的分组和/或分组的变化率来调整阈值合格率。