FIELD: routing systems.
SUBSTANCE: method of checking the connectivity of network nodes using a dedicated communication channel includes writing in the ARP tables of communication nodes MAC addresses and their corresponding IP addresses, neighbour communication nodes connected to them through open communication channels, setting up dedicated communication channels between two neighbouring communication nodes; communication nodes sending Hello packets to their neighbouring nodes, including the identifier of the communication node (Router ID), MAC address and its corresponding IP address, verification by the recipient communication node of the MAC and IP addresses received in the Hello packet-request with data recorded in the ARP table, and Router ID with data allowed/set to establish a neighbourhood, whereas the exchange is carried out over a dedicated communication channel. If the specified data match, the receiving communication node sends a Hello-confirmation packet to the sending communication node indicating its identifier, MAC and IP addresses, upon receipt of which the sending communication node sends a Hello-confirmation packet to the receiving communication node indicating it as a neighbour, after which both communication nodes go into the neighbourhood established state. In case of violation of the neighbourhood with a communication node, this node is removed from the list of allowed neighbour communication nodes, and the entire procedure for establishing a neighbourhood starts again. The reasons for violation of the neighbourhood can be a connection break, a timeout of the Hello-confirmation packet, removal of a network communication node from the ARP table, a change in the entry in the ARP table concerning the communication node, replacement of the communication node.
EFFECT: no exchange of data necessary for the construction and operation of Ethernet\IP networks with unauthorized network devices.
2 cl, 5 dwg
| Title | Year | Author | Number |
|---|---|---|---|
| METHOD OF CREATING A SECURE L2-CONNECTION BETWEEN PACKET SWITCHED NETWORKS | 2018 |
|
RU2694585C1 |
| METHOD OF COMPUTER NETWORKS PROTECTION | 2018 |
|
RU2680038C1 |
| METHOD OF PROTECTING COMPUTER NETWORKS | 2018 |
|
RU2690749C1 |
| METHOD OF PROTECTING COMPUTER NETWORKS | 2018 |
|
RU2686023C1 |
| NETWORK SYSTEM, METHOD, DEVICE AND PROGRAM | 2013 |
|
RU2616169C2 |
| METHOD AND SYSTEM FOR ORGANIZATION OF PROTECTED INFORMATION EXCHANGE, USING BLOCKCHAIN TECHNOLOGY AND DISTRIBUTED DATA STORAGE SYSTEMS | 2021 |
|
RU2782153C2 |
| METHOD OF PROTECTING COMPUTER NETWORKS FROM UNAUTHORISED SCANNING AND BLOCKING OF NETWORK SERVICES (VERSIONS) | 2011 |
|
RU2469390C1 |
| DIRECT INTERCONNECTION GATEWAY | 2018 |
|
RU2740035C1 |
| METHOD OF PROTECTING COMPUTER NETWORKS | 2018 |
|
RU2696330C1 |
| METHOD, DEVICE AND SYSTEM FOR ROUTING DATA BETWEEN NETWORK SEGMENTS | 2010 |
|
RU2544766C2 |
