A WAY TO TRACK FRAGMENTS OF PACKETS IN NETWORK TRAFFIC Russian patent published in 2022 - IPC H04L47/10 

FIELD: monitoring system.

SUBSTANCE: the invention relates to methods for high-speed search and tracking of fragmented IP traffic in high-load networks. A method for tracking packet fragments in network traffic is proposed, which consists in searching for all fragments of an IP packet and providing the same processing method for them, in which: the packet analysis unit extracts Ethernet, IP and TCP / UDP headers, header fields from the packet "Identifier" and "Fragment Offset" and the formation of a descriptor based on them, transferring the packet to the packet buffer, and the descriptor to the descriptor buffer; the fragment analysis block checks the flag for the presence of fragments of the IP packet, the fields "Identifier" and "Fragment offset", if the packet is fragmented and the fragment offset is 0, then an entry is created in RAM-memory containing "Identifier", "Fragment offset", IP - addresses and TCP / UDP ports of the recipient and sender, if the packet is fragmented and the "Fragment Offset" is not equal to 0, then the RAM memory is searched for an entry with matching IP addresses and the “Identifier”, and the TCP / UDP ports of the recipient and sender from RAM memory are written to the packet descriptor, the HASH calculation unit receives the mentioned descriptor from the fragment analysis unit and, based on it calculates the total HASH sum of the packet, and the balancing block distributes the packets between the output interfaces based on the total HASH sum received.

EFFECT: provision of pre-processing of traffic with a guarantee of the integrity of information flows transmitted via TCP/UDP sessions when processing fragmented IP packets.

1 cl, 4 dwg