Electrical computers and digital processing systems: multicomput – Computer-to-computer data routing – Routing data updating
Reexamination Certificate
2007-01-23
2007-01-23
Najjar, Saleh (Department: 2155)
Electrical computers and digital processing systems: multicomput
Computer-to-computer data routing
Routing data updating
C709S238000, C370S244000, C370S331000, C370S351000
Reexamination Certificate
active
10273946
ABSTRACT:
Disclosed is a method for routing data packets, as is a data packet router (10) that operates in accordance with the invention. The method includes establishing an ingress filter (20) in individual ones of a plurality of line cards (14) installed within a router and automatically maintaining a content of an ingress filter table (20A) of each ingress filter in each line card at least partially in accordance with data packets passing through individual ones of the line cards, where the content includes an identification of source addresses of hosts (16) coupled to the router. The method further compares a source address of an incoming packet to a line card to the content of the ingress filter table of that line card, and is thus enabled to detect the presence of an IP packet containing a spoofed IP host address. For a first occurrence of a packet having an IP source address that is not found in the ingress filter table, the packet is forwarded to a route processor (12) for analysis. The method further includes changing the content of the ingress filter table based on a result of the analysis to add the source address to the content of the ingress filter table, if the route processor has knowledge that the IP source address is associated with a valid host. At least some of the packets are Internet Protocol control packets, such as Routing Protocol Update packets, Dynamic Host Configuration Protocol packets, BootTP packets and Address Resolution Protocol packets. At least some of the hosts may be mobile hosts capable of connection and disconnection at different points in a subnet (22).
REFERENCES:
patent: 5845087 (1998-12-01), Trehus
patent: 5951649 (1999-09-01), Dobbins et al.
patent: 6697872 (2004-02-01), Moberg et al.
patent: 6708218 (2004-03-01), Ellington et al.
patent: 2002/0021675 (2002-02-01), Feldmann
patent: 2003/0014665 (2003-01-01), Anderson et al.
patent: 2003/0110289 (2003-06-01), Kamboh et al.
patent: 2003/0110464 (2003-06-01), Davidson et al.
patent: 2003/0224788 (2003-12-01), Leung et al.
patent: 2004/0006640 (2004-01-01), Inderieden et al.
patent: 2004/0006725 (2004-01-01), Lakshmanamurthy et al.
Harrington & Smith ,LLP
Najjar Saleh
Nguyen ThuHa
LandOfFree
Method and apparatus for providing automatic ingress filtering does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method and apparatus for providing automatic ingress filtering, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method and apparatus for providing automatic ingress filtering will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3761929