公开(公告)号：US12238142B2

公开(公告)日：2025-02-25

申请号：US17883800

申请日：2022-08-09

Applicant: HUAWEI TECHNOLOGIES CO., LTD.

Inventor： Yinxi Zhang ,  Bin Yu ,  Liang Xia ,  Yinggen Wu

IPC: H04L9/40

Abstract: A method and an apparatus for controlling a network service of an Internet of things terminal, and a related storage medium are disclosed. In the method, after receiving a uniform resource locator (URL) sent by an Internet of things terminal in an authentication process, a network management device obtains a manufacturer usage descriptions (MUD) file based on the URL, and parses the MUD file to obtain content of at least one field included in the MUD file, where the MUD file includes at least one of: a first-type field or a second-type field, the first-type field is used to describe a security isolation requirement, and the second-type field is used to describe a quality assurance requirement.

公开(公告)号：US11888652B2

公开(公告)日：2024-01-30

申请号：US17490555

申请日：2021-09-30

Applicant: Huawei Technologies Co., Ltd.

Inventor： Bin Yu

IPC: H04L12/46 ,  H04L41/0803

CPC classification number: H04L12/4675 ,  H04L12/4645 ,  H04L41/0803

Abstract: A Virtual eXtensible Local Area Network (VXLAN) method comprises obtaining, by a network device, a mapping from a virtual local area network identifier VLAN ID to a VXLAN network identifier VNI; receiving, by the network device through a port, an Ethernet frame forwarded by an access device, where a VLAN tag field in the Ethernet frame includes the VLAN ID; adding, by the network device, a VXLAN header to the Ethernet frame based on the VLAN ID and the mapping to obtain a VXLAN packet, where a VNI field in the VXLAN header includes the VNI; and sending, by the network device, the VXLAN packet.

公开(公告)号：US20230148392A1

公开(公告)日：2023-05-11

申请号：US18148914

申请日：2022-12-30

Applicant: HUAWEI TECHNOLOGIES CO., LTD.

Inventor： Bin Yu ,  Wenjun Chang ,  Xingjian He ,  Wei Chen ,  Donghui Wang

IPC: H04L47/2425 ,  H04L47/2408 ,  H04L47/2475 ,  H04L47/41

CPC classification number: H04L47/2433 ,  H04L47/2408 ,  H04L47/2475 ,  H04L47/41

Abstract: This application discloses a network and a data transmission method and apparatus, and belongs to the field of communication technologies. The network includes a core device and an edge device. The edge device identifies a service type of a first service packet from the core device, and reports a service type identifier of the first packet to the core device. The core device determines a priority corresponding to the service type identifier based on a stored service priority correspondence, and forwards, based on the priority, a service packet belonging to a same service flow as the first service packet. A strong service identification capability of the edge device is used to precisely identify thousands of service types, and a strong entry storage capability of the core device is used to store a correspondence that records thousands of service types and priorities. This effectively avoids problems such as transmission congestion and a packet loss that are caused by an incapability of precisely identifying a service type and allocation of a same priority to service packets of different service types.

公开(公告)号：USRE49428E1

公开(公告)日：2023-02-21

申请号：US15681593

申请日：2017-08-21

Applicant: HUAWEI TECHNOLOGIES CO., LTD.

Inventor： Chunyan Ma ,  Bin Yu

IPC: H04L29/12 ,  H04L65/1016 ,  H04L65/1043

Abstract: A method for implementing an IP Multimedia Subsystem (IMS) registration, includes: a Home Subscriber Server (HSS) recording a current registration state of a User Equipment (UE) in response to receiving a Multimedia Authentication Request (MAR) initiated by a Service Call Session Control Function (S-CSCF) selected for the UE when a first Register request is sent by the UE; in response to receiving a second Register request initiated by an Interrogating Call Session Control Function (I-CSCF), the HSS sends the S-CSCF Name to the I-CSCF when the current registration state of the UE is an assigned S-CSCF state. By the scheme, a same S-CSCF is ensured to be used in the two User Authentication Request/User Authentication Answer (UAR/UAA) procedures of the initial IMS registration procedure, and the initial IMS registration of the UE is implemented successfully.

公开(公告)号：US20210218599A1

公开(公告)日：2021-07-15

申请号：US17188438

申请日：2021-03-01

Applicant: Huawei Technologies Co., Ltd.

Inventor： Bin Yu

IPC: H04L12/46 ,  H04L12/24

Abstract: A Virtual eXtensible Local Area Network (VXLAN) method comprises obtaining, by a network device, a mapping from a virtual local area network identifier VLAN ID to a VXLAN network identifier VNI; receiving, by the network device through a port, an Ethernet frame forwarded by an access device, where a VLAN tag field in the Ethernet frame includes the VLAN ID; adding, by the network device, a VXLAN header to the Ethernet frame based on the VLAN ID and the mapping to obtain a VXLAN packet, where a VNI field in the VXLAN header includes the VNI; and sending, by the network device, the VXLAN packet.

公开(公告)号：US10142217B2

公开(公告)日：2018-11-27

申请号：US14949451

申请日：2015-11-23

Applicant: Huawei Technologies Co., Ltd.

Inventor： Bin Yu ,  Xiaohu Tang ,  Ting Xu

IPC: H04L12/705 ,  H04L12/721 ,  H04L12/741 ,  G06F11/00 ,  H04L12/753 ,  H04L29/06

Abstract: A loop avoidance method, device and system. The system includes a first network device and a second network device in an internal network, a first Ethernet port and a second Ethernet port of the two network devices are of a first type, and loop avoidance priorities of the Ethernet ports are different from each other; root media access control (MAC) addresses of the two network devices are the same, and are different from respective network bridge MAC addresses; the second network device receives a loop detection frame from the first Ethernet port through the second Ethernet port, where a source address of the loop detection frame is the root MAC address, and blocks the second Ethernet port according to the loop avoidance priority. A network device blocks, according to a loop avoidance priority, an Ethernet port connected to an external network to avoid changing a topology of an internal network.

公开(公告)号：US09883010B2

公开(公告)日：2018-01-30

申请号：US14272613

申请日：2014-05-08

Applicant: Huawei Technologies Co., Ltd.

Inventor： Zhichong Han ,  Bin Yu

IPC: G06F15/173 ,  G06F15/16 ,  H04L29/06 ,  H04L29/12 ,  H04L12/26

CPC classification number: H04L67/42 ,  H04L43/08 ,  H04L61/103 ,  H04L61/2015 ,  H04L63/0876 ,  H04L63/1483 ,  H04L63/162

Abstract: A method, an apparatus, a device, and a system for generating a Dynamic Host Configuration Protocol snooping (DHCP) Snooping binding table. The method includes: constructing a request packet for obtaining information about a DHCP client, and sending the request packet to a DHCP server; receiving a response packet corresponding to the request packet, and extracting the information about the client from the response packet, where the information about the client includes the client's Internet Protocol (IP) address and Media Access Control (MAC) address; and obtaining the client's virtual local area network (VLAN) number and ingress port number through the MAC address, and generating the DHCP Snooping binding table. The technical solutions solve the problem that traffic of some clients is lost due to a lack of a DHCP Snooping binding table of these clients in a process of enabling DHCP Snooping.

公开(公告)号：US20160149799A1

公开(公告)日：2016-05-26

申请号：US14949451

申请日：2015-11-23

Applicant: Huawei Technologies Co., Ltd.

Inventor： Bin Yu ,  Xiaohu Tang ,  Ting Xu

IPC: H04L12/705 ,  H04L12/741 ,  H04L12/721

CPC classification number: H04L45/18 ,  H04L45/48 ,  H04L45/66 ,  H04L45/74 ,  H04L45/745 ,  H04L69/16 ,  H04L69/22

Abstract: A loop avoidance method, device and system. The system includes a first network device and a second network device in an internal network, a first Ethernet port and a second Ethernet port of the two network devices are of a first type, and loop avoidance priorities of the Ethernet ports are different from each other; root media access control (MAC) addresses of the two network devices are the same, and are different from respective network bridge MAC addresses; the second network device receives a loop detection frame from the first Ethernet port through the second Ethernet port, where a source address of the loop detection frame is the root MAC address, and blocks the second Ethernet port according to the loop avoidance priority. A network device blocks, according to a loop avoidance priority, an Ethernet port connected to an external network to avoid changing a topology of an internal network.

Abstract translation: 循环回避方法，设备和系统。 该系统包括内部网络中的第一网络设备和第二网络设备，两个网络设备的第一以太网端口和第二以太网端口是第一类型，并且以太网端口的回路优先级彼此不同 ; 两个网络设备的根媒体访问控制（MAC）地址相同，与各自的网桥MAC地址不同; 第二网络设备通过第二以太网端口从第一以太网端口接收环路检测帧，其中环路检测帧的源地址是根MAC地址，并且根据回路优先级阻塞第二以太网端口。 网络设备根据环路回避优先级阻塞连接到外部网络的以太网端口，以避免改变内部网络的拓扑。

公开(公告)号：US20140161121A1

公开(公告)日：2014-06-12

申请号：US14182598

申请日：2014-02-18

Applicant: Huawei Technologies Co., Ltd.

Inventor： Yulou Yin ,  Bin Yu

IPC: H04L29/06

CPC classification number: H04L63/083 ,  H04L12/4641 ,  H04L63/08 ,  H04L63/0892 ,  H04L63/164 ,  H04L63/168 ,  H04L65/1069 ,  H04L65/1076 ,  H04M1/2535 ,  H04W12/06

Abstract: A method for authenticating an IP phone and negotiating a voice domain includes receiving an authentication request packet sent by an IP Phone, encapsulating a user name and password of the IP Phone in a RADIUS request packet, and sending the RADIUS packet encapsulating the user name and password of the IP Phone to a RADIUS server. If a result of the authentication performed by the RADIUS server on the IP Phone is that the authentication succeeds, sending a Voice VLAN value to the IP Phone through an extensible authentication protocol EAP extension packet. In the present application, dynamic security authentication and negotiation functions between a client and a server, and rapid deployment of an internal network of an enterprise may be implemented.

Abstract translation: 一种用于认证IP电话和协商语音域的方法包括接收由IP电话发送的认证请求包，将IP电话的用户名和密码封装在RADIUS请求包中，并发送封装该用户名的RADIUS包，以及 IP电话的密码到RADIUS服务器。 如果IP电话上的RADIUS服务器进行认证的结果是认证成功，则通过可扩展认证协议EAP扩展报文将语音VLAN值发送到IP电话。 在本应用中，可以实现客户端与服务器之间的动态安全认证和协商功能，以及企业内部网络的快速部署。

公开(公告)号：US11973649B2

公开(公告)日：2024-04-30

申请号：US18148541

申请日：2022-12-30

Applicant: HUAWEI TECHNOLOGIES CO., LTD.

Inventor： Bin Yu ,  Wenjun Chang ,  Zhihong Lin ,  Hanyu Wei

IPC: H04L41/08

CPC classification number: H04L41/0886 ,  H04L41/0889

Abstract: A network configuration method and apparatus are provided. The method includes: a first execution device sends to a management device, a device discovery message which is a layer 2 packet and includes a first port identifier, wherein a port identified by the first port identifier is a port, in an up state, of the first execution device. The first execution device receives from the management device a first configuration message which is a layer 2 packet and includes a configuration parameter which is for a second execution device and includes an internet protocol address of the second execution device that is connected to the port identified by the first port identifier. The first execution device sends the first configuration message through the port. According to the application, large amount of manpower is saved and network configuration efficiency is improved.