Mitigating effects of flooding attacks on a forwarding database
US10708299B2 · kind B2 · utility
Assignee
Inventor
Key dates
| Filing date | Jun 14, 2018 |
| Grant date | Jul 7, 2020 |
| Priority date | — |
| Expiry date | Jan 16, 2039 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L2101/622
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
Systems and methods for mitigating effects of source-Media Access Control (MAC) flooding attacks on a forwarding database (FDB) that maps MAC addresses to enhanced MAC Virtual Local Area Network (EMACVLAN) sub-interfaces of a physical Ethernet interface are provided. A Virtual Domain (VDOM) operating in transparent mode receives an ingress packet by an internal switch running on the virtualized network device via a sub-interface. When an entry, corresponding to a source MAC address of the ingress packet, does not exist in the FDB, an appropriate entry is created in the FDB and the entry is queued for confirmation at a tail of an ephemeral queue. When a total number of entries contained in the FDB reaches a predetermined threshold, an unconfirmed entry at a head of the queue is removed from the FDB. When the entry is confirmed, it is retained in the FDB and is unlinked from the queue.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.