发明名称 |
Method and apparatus for fragmenting and reassembling internet key exchange data packets |
摘要 |
A method and apparatus for fragmenting and reassembling IKE protocol data packets that exceed a Maximum Transmission Unit is provided. A transmitting node determines whether to fragment IKE data depending on whether the receiving node has the capability to receive and reassemble fragmented data packets. The transmitting node detects whether fragmentation is appropriate and then intercepts and fragments appropriate IKE payloads for transmission over a network. The invention further includes a method and apparatus for reassembling fragmented IKE payloads. The receiving node discards certain packets according to a set of predetermined rules that are designed to prevent denial of service attacks and other similar attacks. No modification is required to the existing IKE protocol or to other lower level networking protocols.
|
申请公布号 |
US7500102(B2) |
申请公布日期 |
2009.03.03 |
申请号 |
US20020056889 |
申请日期 |
2002.01.25 |
申请人 |
MICROSOFT CORPORATION |
发明人 |
SWANDER BRIAN;HUITEMA CHRISTIAN |
分类号 |
H04L9/00;H04L12/56;H04L1/00;H04L29/06;H04L29/12 |
主分类号 |
H04L9/00 |
代理机构 |
|
代理人 |
|
主权项 |
|
地址 |
|