[go: up one dir, main page]

CN117061480A - Address generation method and device and electronic equipment - Google Patents

Address generation method and device and electronic equipment Download PDF

Info

Publication number
CN117061480A
CN117061480A CN202310974948.6A CN202310974948A CN117061480A CN 117061480 A CN117061480 A CN 117061480A CN 202310974948 A CN202310974948 A CN 202310974948A CN 117061480 A CN117061480 A CN 117061480A
Authority
CN
China
Prior art keywords
address
bit
target
filling
network
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202310974948.6A
Other languages
Chinese (zh)
Inventor
郑忠民
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Telecom Technology Innovation Center
China Telecom Corp Ltd
Original Assignee
China Telecom Technology Innovation Center
China Telecom Corp Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Telecom Technology Innovation Center, China Telecom Corp Ltd filed Critical China Telecom Technology Innovation Center
Priority to CN202310974948.6A priority Critical patent/CN117061480A/en
Publication of CN117061480A publication Critical patent/CN117061480A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/25Mapping addresses of the same type
    • H04L61/2596Translation of addresses of the same type other than IP, e.g. translation from MAC to MAC addresses
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/25Mapping addresses of the same type
    • H04L61/2503Translation of Internet protocol [IP] addresses

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Power Engineering (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The application provides an address generation method, an address generation device and electronic equipment, and relates to the technical field of communication. In the method, when a route notification message issued by a network side is determined to be received, an M-bit first address to be selected is selected from a network address sequence of the route notification message, an N-bit second address to be selected from the MAC address is selected, then the M-bit first address to be selected and the N-bit second address to be selected are filled into a target IP address according to a set filling sequence to generate the target IP address, and in this way, a server side cannot obtain a complete MAC address even if performing address reverse pushing based on an EUI-64 protocol, so that the privacy security of terminal equipment can be improved.

Description

Address generation method and device and electronic equipment
Technical Field
The present application relates to the field of communications technologies, and in particular, to an address generating method, an address generating device, and an electronic device.
Background
The internet protocol address (english full name: internet Protocol Address, abbreviated as IP address) is an identifier of the terminal device connected to the internet, and two versions of IP addresses exist, for example, IPv4 and IPv6, and IPv6 is used to solve the problem of IPv4 address exhaustion.
In an IPv6 network, a dynamic host configuration protocol (english: dynamic Host Configuration Protocol, abbreviated: DHCP) server may be used to configure IPv6 addresses, IP prefixes, and/or other configured network protocols required by terminal devices operating on the IPv6 network; in addition, in order to facilitate that the terminal device can automatically generate an IPv6 address for communication when no DHCP server exists in the IPv6 network, the EUI-64 protocol in which the stateless IPv6 address is automatically configured may also be used.
The EUI-64 protocol firstly converts a 48-bit media access control address (English: media Access Control Address, abbreviated as MAC address) of a terminal device according to a set protocol standard, converts the address into an EUI-64 address, then inserts characters with set digits into the EUI-64 address to obtain an interface identifier (64 bits) in the IPv6 address, and finally adds an IPv6 fixed prefix issued by a network side on the basis of the interface identifier to obtain a target IPv6 address.
However, when the terminal device accesses the internet, the server side can perform address reverse pushing according to the EUI-64 protocol through the acquired target IPv6 address of the terminal device by adopting the target IPv6 address generated by the EUI-64 protocol, so as to obtain the MAC address of the terminal device, and the MAC address comprises a 24-bit manufacturer ID identifier and a 24-bit extension identifier, so that the device source of the terminal device can be determined according to the obtained MAC address of the terminal device, and the privacy leakage risk of the terminal device is increased.
Disclosure of Invention
The application provides an address generation method, an address generation device and electronic equipment, which are used for improving the security of the privacy of terminal equipment. The specific technical scheme is as follows:
in a first aspect, the present application provides an address generating method, including:
when a route notification message issued by a network side is determined to be received, selecting an M-bit first address to be selected from a network address sequence of the route notification message, and selecting an N-bit second address to be selected from an MAC address, wherein an address set formed by the N-bit second address to be selected does not contain all manufacturer ID identifiers, the network address sequence represents prefix information of a network to be connected by a terminal device, and M and N are positive integers greater than or equal to zero;
and filling the M-bit first to-be-selected address and the N-bit second to-be-selected address into a target IP address according to a set filling sequence, and generating the target IP address.
Based on the method, the network server can not perform address reverse pushing based on the existing EUI-64 protocol, and an MAC address is obtained; even if the network server can acquire the MAC address, the network server cannot determine the source of the terminal equipment according to the reversely deduced MAC address because the generated target IP address does not contain the complete 24-bit manufacturer ID identifier, so that the privacy security of the terminal equipment is improved.
In one possible implementation, when determining that a route advertisement message sent by a network side is received, selecting an M-bit first address to be selected from a network address sequence of the route advertisement message, and selecting an N-bit second address to be selected from a MAC address, where the method includes:
identifying an identification byte in the route announcement message;
judging whether the value of the newly added flag bit in the identification byte is 1 or not;
if yes, selecting the M-bit first address to be selected from the network address sequence, and selecting the N-bit second address to be selected from the MAC address;
if not, determining an address generation rule taking the EUI-64 protocol as a target IP address.
Based on the method, the terminal equipment can be determined to generate the target IP address (IPv 6 address) by adopting a mode supporting IPv6 address privacy protection or EUI-64 protocol, so that the risk of privacy disclosure of the terminal equipment is reduced.
In one possible implementation, the selecting the M-bit first address from the network address sequence of the route advertisement packet includes:
determining the total address bit number of the selected address to be selected from the network address sequence;
judging whether the total address bit number is in a range of a set address bit number interval;
if yes, selecting the M-bit first address to be selected, which is the same as the total address bit number, from the network address sequence;
if not, the feedback message that the total address bit number does not accord with the target IP address generation rule is sent to the network side.
Based on the method, the first set of the addresses to be selected, which accords with the target IP address generation rule, can be selected from the network address sequence, so that the identifiability of the generated target IP address is ensured.
In one possible implementation, the filling the M-bit first candidate address and the N-bit second candidate address into a target IP address according to a set filling order, and generating the target IP address includes:
filling each bit of first addresses to be selected in the M bits of first addresses to be selected in sequence according to the filling sequence, filling the N bits of second addresses to be selected into N positions of the lower bits of the target IP address, and filling the rest positions of the target IP address by using random numbers to obtain a filled IP address;
judging whether the value of the address type flag bit in the filling IP address is zero or not;
if yes, the filling IP address is used as the target IP address;
if not, setting zero for the value in the address type flag bit to generate the target IP address.
Based on the method, the network server can not perform address reverse pushing based on the existing EUI-64 protocol, and an MAC address is obtained; even if the network server obtains the MAC address, the network server cannot determine the equipment source of the terminal equipment based on the back-pushed MAC address because the target IP address is generated based on the M-bit first candidate address in the network prefix and the N-bit second candidate address in the MAC address, and the N-bit second candidate address does not contain a complete 24-bit manufacturer ID identifier, so that the risk of privacy leakage of the terminal equipment is reduced.
In a second aspect, the present application provides an address generating apparatus, comprising:
the data screening module is used for selecting M-bit first addresses to be selected from a network address sequence of the routing notification message when the routing notification message issued by a network side is determined to be received, and selecting N-bit second addresses to be selected from MAC addresses, wherein an address set formed by the N-bit second addresses to be selected does not contain all manufacturer ID identifiers, the network address sequence represents prefix information of a network to be connected by the terminal equipment, and M and N are positive integers greater than or equal to zero;
and the address generation module is used for filling the M-bit first to-be-selected address and the N-bit second to-be-selected address into a target IP address according to a set filling sequence to generate the target IP address.
In one possible implementation, the data filtering module is specifically configured to:
identifying an identification byte in the route announcement message;
judging whether the value of the newly added flag bit in the identification byte is 1 or not;
if yes, selecting the M-bit first address to be selected from the network address sequence, and selecting the N-bit second address to be selected from the MAC address;
if not, determining an address generation rule taking the EUI-64 protocol as a target IP address.
In one possible implementation, the data filtering module is specifically configured to:
determining the total address bit number of the selected address to be selected from the network address sequence;
judging whether the total address bit number is in a range of a set address bit number interval;
if yes, selecting the M-bit first address to be selected, which is the same as the total address bit number, from the network address sequence;
if not, the feedback message that the total address bit number does not accord with the target IP address generation rule is sent to the network side.
In one possible implementation, the address generation module is specifically configured to:
filling each bit of first addresses to be selected in the M bits of first addresses to be selected in sequence according to the filling sequence, filling the N bits of second addresses to be selected into N positions of the lower bits of the target IP address, and filling the rest positions of the target IP address by using random numbers to obtain a filled IP address;
judging whether the value of the address type flag bit in the filling IP address is zero or not;
if yes, the filling IP address is used as the target IP address;
if not, setting zero for the value in the address type flag bit to generate the target IP address.
In a third aspect, the present application provides an electronic device, comprising:
a memory for storing a computer program;
and the processor is used for realizing the steps of the address generation method when executing the computer program stored in the memory.
In a fourth aspect, the present application provides a computer readable storage medium having stored therein a computer program which when executed by a processor implements the steps of the address generation method described above.
The technical effects of each of the second to fourth aspects and the technical effects that may be achieved by each aspect are referred to above for the technical effects that may be achieved by the first aspect or each possible aspect in the first aspect, and the detailed description is not repeated here.
Drawings
FIG. 1 is a flow chart of an address generation method provided by the application;
FIG. 2 is a schematic diagram of an address generation system according to the present application;
fig. 3 is a flowchart of a method for generating a target IP address according to the present application;
fig. 4 is a schematic structural diagram of an address generating device according to the present application;
fig. 5 is a schematic structural diagram of an electronic device according to the present application.
Detailed Description
In order to make the objects, technical solutions and advantages of the present application more apparent, the present application will be further described in detail with reference to the accompanying drawings. The specific method of operation in the method embodiment may also be applied to the device embodiment or the system embodiment. In the description of the present application, "a plurality of" means "at least two". "and/or", describes an association relationship of an association object, and indicates that there may be three relationships, for example, a and/or B, and may indicate: a exists alone, A and B exist together, and B exists alone. A is connected with B, and can be represented as follows: both cases of direct connection of A and B and connection of A and B through C. In addition, in the description of the present application, the words "first," "second," and the like are used merely for distinguishing between the descriptions and not be construed as indicating or implying a relative importance or order.
Embodiments of the present application will be described in detail below with reference to the accompanying drawings.
The internet protocol address is an identifier of the terminal device connected to the internet, and two versions of IP addresses, for example, IPv4 and IPv6, are available, and IPv6 is used to solve the problem of IPv4 address exhaustion.
In an IPv6 network, a dynamic host configuration protocol server may be used to configure IPv6 addresses, IP prefixes, and/or other configured network protocols required by terminal devices operating on the IPv6 network; in addition, in order to facilitate that the terminal device can automatically generate an IPv6 address for communication when no DHCP server exists in the IPv6 network, the EUI-64 protocol in which the stateless IPv6 address is automatically configured may also be used.
The EUI-64 protocol firstly converts a 48-bit media access control address of a terminal device into an EUI-64 address according to a set protocol standard, then inserts characters with set digits into the EUI-64 address to obtain an interface identifier (64 bits) in an IPv6 address, and finally adds an IPv6 fixed prefix issued by a network side on the basis of the interface identifier to obtain a target IPv6 address.
However, when the terminal device accesses the internet, the server side can perform address reverse pushing according to the EUI-64 protocol through the acquired target IPv6 address of the terminal device by adopting the target IPv6 address generated by the EUI-64 protocol, so as to obtain the MAC address of the terminal device, and the MAC address comprises a 24-bit manufacturer ID identifier and a 24-bit extension identifier, so that the device source of the terminal device can be determined according to the obtained MAC address of the terminal device, and the privacy leakage risk of the terminal device is increased.
In view of this, in order to reduce the risk of privacy disclosure of the terminal device, the server side is reversely pushed based on the EUI-64 protocol, and cannot obtain the complete MAC address, the application provides an address generation method, which specifically includes: when the route notification message sent by the network side is determined to be received, selecting an M-bit first address to be selected from a network address sequence of the route notification message, selecting an N-bit second address to be selected from the MAC address, filling the M-bit first address to be selected and the N-bit second address to be selected into a target IP address according to a set filling sequence, and generating the target IP address.
By the method provided by the application, the terminal equipment can generate a rule according to the set target IP address, and combine the N-bit second address to be selected in the MAC address, and the M-bit first address to be selected in the network address sequence to generate the target IP address; even if the service end can reversely push out the MAC address, the service end cannot determine the equipment source of the terminal equipment according to the reversely pushed out MAC address because the MAC address does not contain a complete manufacturer ID identifier, so that the privacy disclosure risk of the terminal equipment can be reduced.
Referring to fig. 1, a flowchart of an address generation method according to an embodiment of the present application is shown, where the method includes:
s1, when the route notification message sent by the network side is determined to be received, selecting an M-bit first address to be selected from a network address sequence of the route notification message, and selecting an N-bit second address to be selected from the MAC address.
In the first place, the method provided by the application can be applied to the system architecture shown in fig. 2, and the system architecture comprises: the method provided by the application can be operated in the terminal equipment.
The network service side includes a server for providing various types of services to the terminal device, for example, an internet service provider (english full name: internet Service Provider, abbreviated as ICP) for providing an internet access service, a value added service, and an information service to the terminal device or the user side.
The network side may be an interface connected to the upper device or the network, for example, a WAN interface of a router, and the network side periodically sends a route announcement packet (router advertisement) to the terminal device, so as to instruct the host in the link to configure the IP address in what manner.
The terminal equipment comprises various types of hosts, such as fixed or movable network terminals of a PC (personal computer), a tablet, a mobile phone and the like, and can also send a router request (English full name: router Solicitation, short for RS) to the network side so as to acquire router notices (English full name: router Advertisement, short for RA) returned by the network side based on the RS, and further acquire router information in a link.
In the embodiment of the present application, as shown in fig. 3, before the terminal device receives the route notification message sent by the network side, the terminal device automatically generates a link local address for the interface according to the link local address prefix and the link layer address of the interface, or when the terminal device starts the IPv6 protocol stack, each interface of the terminal device automatically configures a link local address when starting, where the link local address is used for communication between the neighbor discovery protocol and the link local node in the stateless automatic configuration process, and a packet using the link local address as a source address or a destination address is not forwarded to other links.
After the terminal equipment generates the link local address, a router request can be sent to the network side, and the network side waits for returning a corresponding route notification message according to the router request; in some embodiments, the network side may also send the route notification message to the terminal device according to the set message sending period, for example, send the route notification message to the terminal device once every 10 minutes, and the size of the message sending period and the manner in which the terminal device obtains the route notification message are not limited in particular.
In the embodiment of the application, when the terminal equipment determines that the route notification message issued by the network side is received, firstly, identification bytes in the route notification message can be identified, wherein the identification bytes are Flag bytes of prefixes (network address sequences) in the RA message, and the identification bytes are shown in the following table 1:
TABLE 1
Wherein, L Flag is a direct connection Flag (on-link Flag), if L Flag takes a value of 1, it indicates that the prefix can be judged as on-link; if not, the prefix is not used as an on-link judgment; AFlag is an automatic configuration mark (Autonomous Address-configuration Flag), and if the value of AFlag is 1, the prefix is used for stateless address configuration; if not, the configuration is the stateful address configuration; r Flag is a router address mark (Router Address Flag) used for mobile IPv6, if R Flag takes a value of 1, the Prefix field not only contains Prefix information, but also contains a router address for sending the RA message; reserved is Reserved bit.
In the embodiment of the application, the P Flag is a new Flag bit provided by the application, and the P Flag is set to 1, which indicates that the terminal equipment can adopt a mode of supporting IPv6 address privacy protection to generate an interface identifier; placing PFlag into O, means that the interface identifier can be generated in the manner of EUI-64 protocol, and the application can enable P Flag, R Flag, a Flag, O Flag in order, compared to existing Flag bytes: 1100:0000, 0xC0, the Flag byte of the present application changes to: 1101:0000, i.e., 0xD0.
As can be seen from table 1, after identifying the identification byte in the route announcement message, the terminal device can determine the mode of generating the target IP address according to the value of the newly added Flag bit (P Flag) in the Flag byte, and the specific steps of determining the mode of generating the target IP address are as follows:
the terminal equipment judges whether the value of the newly added flag bit in the identification byte is 1;
if the value of the newly added flag bit is 1, determining to generate a target IP address in a mode of supporting IPv6 address privacy protection, namely selecting an M-bit first address to be selected from a network address sequence, selecting an N-bit second address to be selected from an MAC address, and generating the target IP address according to the M-bit first address to be selected and the N-bit second address to be selected.
If the value of the newly added flag bit is 0, determining an address generation mode taking the EUI-64 protocol as a target IP address, namely generating the target IP address according to the MAC address containing the 24-bit manufacturer ID identifier and the 24-bit extension identifier and the IPv6 fixed prefix issued by the network side.
By setting the newly added identification bit, the terminal equipment can generate a target IP address according to a mode supporting IPv6 address privacy protection or EUI-64 protocol, and the safety and privacy of the terminal equipment are improved.
In the embodiment of the application, in order to enable the target IP address (IPv 6 address) generated by the terminal equipment to meet the 128-bit requirement and hide the manufacturer ID identifier in the MAC address, the application selects the address to be selected for setting the total address bit number from the network prefix issued by the network side to generate the target IP address, and the specific steps are as follows:
the terminal device first determines the total number of address bits of the candidate address selected from the network address sequence (network Prefix, prefix), and the total number of address bits can be determined according to Prefix length information of the IPv6 address broadcasted by the RA message. For example, the format of the network prefix is: XXXX: XXXX: XXXX: XXXX: XXYY: yyyyy: YY00:0000/L, wherein X, Y represents a hexadecimal integer, X represents a binary number, L represents prefix length information (total address bit number) of an IP address broadcast by the RA message, and when L is 64, the terminal device determines to select XXXX in the network prefix: XXXX: XXXX: XXXX is the first set of addresses to be selected.
The terminal device determines whether the total address bit number is within a set address bit number interval, where the set address bit number interval may be a bit-B bit, and A, B is a positive integer greater than or equal to zero. Preferably, since the prefix length of the IPv6 address currently internationally allocated is 16 at the minimum, a may be set to 16; since the length of the IPv6 address is 128 bits, and in order to be able to trace back the terminal device according to the 24-bit extension identifier (EUI) in the MAC address when the terminal device fails, B may be set to any positive integer greater than 16 and less than or equal to 104.
When the terminal equipment determines that the total address bit number is in the range of the set address bit number interval, the terminal equipment can select M-bit first addresses to be selected, which are the same as the total address bit number, from the network address sequence to obtain a first address set to be selected.
When the terminal equipment determines that the total address bit number is out of the set address bit number interval range, for example, when the total address bit number is 10 or 125, a feedback message that the total address bit number does not accord with the target IP address generation rule is sent to the network side. For example, when determining that the total address bit number is less than or equal to 16, the terminal device may send a first feedback message with too short prefix length of the IP address broadcasted by the RA message to the network side, and prompt the network side to modify the total address length, and send the RA update message again.
When the total address bit number is greater than 104, the terminal device may send a second feedback message with too long prefix length of the IP address broadcasted by the RA message to the network side, which may cause risks for correct identification and security of the terminal, and prompt the network side to modify the total address length, and send the RA update message again.
By the method, the first set of the addresses to be selected, which accords with the target IP address generation rule, can be selected from the network address sequence, and the identifiability of the generated target IP address is ensured.
S2, filling the M-bit first address to be selected and the N-bit second address to be selected into the target IP address according to the set filling sequence, and generating the target IP address.
In the embodiment of the application, in order to reduce the leakage risk of terminal privacy, the server side cannot obtain the complete MAC address by performing address back-pushing based on the EUI-64 protocol, the application sets the 7 th address type identifier in the highest byte (8 bits) of the 48-bit MAC address to zero, and when the address type identifier is 0, the MAC address is characterized as a global address, and in some embodiments, if the target IP address is generated according to the EUI-64 protocolTypically, it is necessary to insert an FF-FE (HEX) between the first 24 bits and the last 24 bits of a 48-bit MAC address, then invert the address type identification to 1, and finally add a fixed 64-bit network prefix to generate an IP address. For example, the MAC address is: 00:11:22:33:44:55, after inserting FF-FE in the MAC address, an interface identifier is obtained: 00:11:22: FF: FE:33:44:55, then inverting the address type identifier (U/L bit) to 1, resulting in an updated interface identifier: 0000 0010:11:22: FF: FE:33:44:55, i.e. 02:11:22: FF: FE:33:44:55, 64 bits total, and finally adding 64 bits of network prefix before updating the interface identifier, to generate the IP address. As can be seen from the above, the 7 th bit address type in the highest byte (8 bits) of the MAC address identifies the 71 st bit (64+7) position in the IP address.
Preferably, the 71 st bit of the generated IP address is set to 0, after the server acquires the terminal IP address, if address back-pushing is performed according to the EUI-64 protocol, the 71 st bit identifier is 1, and the global MAC address used by the global unicast address is not valued, so that the network server cannot perform address back-pushing based on the existing EUI-64 protocol to acquire the MAC address.
In the embodiment of the present application, after obtaining the M-bit first address to be selected, the terminal device may first determine whether M is less than or equal to 70, and when determining that M is less than or equal to 70, that is, the first address to be selected does not include an address type identifier, the terminal device may fill the M-bit first address to be selected into the target IP address according to a set filling sequence. Specifically, the terminal device may fill M-bit first addresses to be selected into the target IP address in order of high byte to low byte of the target IP address as the first M bits of the target IP address, and then fill the positions of the M-th bit to 70-th bit and the positions of the 72-th bit to 104-th bit (remaining positions) in the target IP address using a random number or a fixed value. And finally, selecting an N-bit second address to be selected which does not contain the complete 24-bit manufacturer ID identifier from the MAC address, wherein N is a positive integer greater than or equal to zero, and filling the N-bit second address to be selected into the target IP address.
Preferably, in order to facilitate the failure of the terminal equipment, the method can be based onThe EUI part of the MAC address traces back the terminal equipment, N can take the value of 24, and the EUI part of the MAC address, namely the lower 24 bits in the MAC address, can be selected, the lower 24 bits address of the MAC is filled to the position from the 104 th bit to the 128 th bit of the target IP address, and the target IPv6 address is generated. For example, the network prefix issued by the network side is 2001:1111:2222:33: : and/56, the MAC address of the terminal equipment is 01-00-5e-12-34-56, and the positions from the Mth bit to the 70 th bit and the positions from the 72 th bit to the 104 th bit in the IP address are filled with a fixed value of 0, so that the generated target IP address (IPv 6 address) is: 2001:1111:2222:3300:0000000:0000:0012:3456 the present application does not specifically limit the filling sequence of the first address to be selected, and the corresponding filling sequence may be adjusted according to the actual application requirement.
In the embodiment of the application, when M is determined to be more than 70 (and less than 104), namely the first address to be selected contains an address type identifier, filling the first address to be selected with M bits into a target IP address according to the filling sequence, filling the second address to be selected with N bits into N positions of lower bits of the target IP address, namely positions from 104 th bit to 128 th bit of the target IP address, and filling the M+1th bit to 104 th bit (the rest positions) of the target IP address by using a fixed value or a random number to obtain a filled IP address; finally, judging whether the value of the address type flag bit in the filling IP address is zero, namely judging whether the value of the 71 st flag bit is zero, if so, taking the filling address as a target IP address; if the value of the address type flag bit is not zero, setting the value in the address type flag bit to zero to obtain an updated filling IP address, and taking the updated filling IP address as a target IP address.
Illustratively, assume the prefix: 2001:1111:2222:3344:5566: : and/80, wherein the MAC address of the terminal equipment is 01-00-5e-12-34-56, and the positions from the M+1st bit to the 104 th bit in the IP address are filled with a fixed value of 0, so that the generated filling IP address is 2001:1111:2222:3344:5010166:0000:0012:3456 since the address type flag bit of the generated padding IP address is 0, the padding IP address can be regarded as an IPv6 address; the prefix is assumed to be: 2001:1111:2222:3344:5366: : 80 MAC address of terminal deviceUnchanged, the generated padding IP address is 2001:1111:2222:3344:5001166:0000:0012:3456 since the address type flag bit of the generated padding IP address is 1, the value in the address type flag bit is set to zero, resulting in updating the padding IP address 2001:1111:2222:3344:5000166:0000:0012:3456 taking the updated filler IP address as the target IP address.
In one possible implementation manner, after obtaining the M-bit first to-be-selected address and the N-bit second to-be-selected address, the terminal device may sequentially fill each of the M-bit first to-be-selected addresses into the target IP address in order from the high order to the low order of the target IP address; filling each second to-be-selected address in the N second to-be-selected addresses into N positions of the lower bits of the target IP address, and filling the rest unfilled positions in the target IP address by using random numbers or fixed values to obtain a filled IP address; finally judging whether the value of the address type flag bit in the filling IP address is zero, and taking the filling IP address as a target IP address if the value of the address type flag bit is zero; if the address type flag bit is not zero, setting the value in the address type flag bit to zero to obtain an updated filling IP address, and taking the updated filling IP address as a target IP address.
In summary, the method provided by the application can enable the terminal device to select to generate the target IP address (IPv 6 address) by setting the new flag bit in the identification byte in a manner supporting the privacy protection of the IPv6 address or the EUI-64 protocol, when the terminal device generates the target IP address in a manner supporting the privacy protection of the IPv6 address, the network server can not perform address reverse thrust based on the existing EUI-64 protocol to obtain the MAC address by zeroing the 7 th bit address type identification (71 st bit in the target IP address) in the highest byte of the MAC address, and besides, because the target IP address is generated based on the M-bit first candidate address in the network prefix and the N-bit second candidate address in the MAC address, the N-bit second candidate address does not contain the complete 24-bit vendor ID identifier, even if the network server obtains the MAC address, the complete 24-bit vendor ID identifier can not be obtained based on the reverse thrust MAC address, thereby determining the device source of the terminal device and reducing the risk of terminal device privacy leakage.
Based on the method provided in the foregoing embodiment, the embodiment of the present application further provides an address generating device, as shown in fig. 4, which is a schematic structural diagram of an address generating device in the embodiment of the present application, where the device includes:
the data screening module 401 is configured to, when determining that a route notification packet sent by a network side is received, select an M-bit first address to be selected from a network address sequence of the route notification packet, and select an N-bit second address to be selected from a MAC address, where an address set formed by the N-bit second address to be selected does not include all manufacturer ID identifiers, the network address sequence represents prefix information of a network to be connected by a terminal device, and M and N are positive integers greater than or equal to zero;
and the address generating module 402 is configured to fill the M-bit first candidate address and the N-bit second candidate address into a target IP address according to a set filling sequence, and generate the target IP address.
In one possible implementation, the data filtering module 401 is specifically configured to:
identifying an identification byte in the route announcement message;
judging whether the value of the newly added flag bit in the identification byte is 1 or not;
if yes, selecting the M-bit first address to be selected from the network address sequence, and selecting the N-bit second address to be selected from the MAC address;
if not, determining an address generation rule taking the EUI-64 protocol as a target IP address.
In one possible implementation, the data filtering module 401 is specifically configured to:
determining the total address bit number of the selected address to be selected from the network address sequence;
judging whether the total address bit number is in a range of a set address bit number interval;
if yes, selecting the M-bit first address to be selected, which is the same as the total address bit number, from the network address sequence;
if not, the feedback message that the total address bit number does not accord with the target IP address generation rule is sent to the network side.
In one possible implementation, the address generation module 402 is specifically configured to:
filling each bit of first addresses to be selected in the M bits of first addresses to be selected in sequence according to the filling sequence, filling the N bits of second addresses to be selected into N positions of the lower bits of the target IP address, and filling the rest positions of the target IP address by using random numbers to obtain a filled IP address;
judging whether the value of the address type flag bit in the filling IP address is zero or not;
if yes, the filling IP address is used as the target IP address;
if not, setting zero for the value in the address type flag bit to generate the target IP address.
Based on the same inventive concept, the embodiment of the present application further provides an electronic device, where the electronic device may implement the function of the address generating device, and referring to fig. 5, the electronic device includes:
the embodiment of the present application is not limited to a specific connection medium between the processor 501 and the memory 502, and the processor 501 and the memory 502 are exemplified in fig. 5 by a connection between the processor 501 and the memory 502 through the bus 500. The connection between the other components of bus 500 is shown in bold lines in fig. 5, and is merely illustrative and not limiting. Bus 500 may be divided into an address bus, a data bus, a control bus, etc., and is represented by only one thick line in fig. 5 for ease of illustration, but does not represent only one bus or one type of bus. Alternatively, the processor 501 may be referred to as a controller, and the names are not limited.
In an embodiment of the present application, the memory 502 stores instructions executable by the at least one processor 501, and the at least one processor 501 may perform the address generation method described above by executing the instructions stored in the memory 502. The processor 501 may implement the functions of the various modules in the apparatus shown in fig. 4.
The processor 501 is a control center of the device, and various interfaces and lines can be used to connect various parts of the entire control device, and by executing or executing instructions stored in the memory 502 and invoking data stored in the memory 502, various functions of the device and processing data can be performed to monitor the device as a whole.
In one possible design, processor 501 may include one or more processing units, and processor 501 may integrate an application processor and a modem processor, where the application processor primarily processes operating systems, user interfaces, application programs, and the like, and the modem processor primarily processes wireless communications. It will be appreciated that the modem processor described above may not be integrated into the processor 501. In some embodiments, processor 501 and memory 502 may be implemented on the same chip, or they may be implemented separately on separate chips in some embodiments.
The processor 501 may be a general purpose processor such as a Central Processing Unit (CPU), digital signal processor, application specific integrated circuit, field programmable gate array or other programmable logic device, discrete gate or transistor logic device, discrete hardware components, and may implement or perform the methods, steps and logic blocks disclosed in embodiments of the present application. The general purpose processor may be a microprocessor or any conventional processor or the like. The steps of the address generation method disclosed in connection with the embodiment of the present application may be directly embodied as a hardware processor executing, or may be executed by a combination of hardware and software modules in the processor.
The memory 502, as a non-volatile computer readable storage medium, may be used to store non-volatile software programs, non-volatile computer executable programs, and modules. The Memory 502 may include at least one type of storage medium, and may include, for example, flash Memory, hard disk, multimedia card, card Memory, random access Memory (Random Access Memory, RAM), static random access Memory (Static Random Access Memory, SRAM), programmable Read-Only Memory (Programmable Read Only Memory, PROM), read-Only Memory (ROM), charged erasable programmable Read-Only Memory (Electrically Erasable Programmable Read-Only Memory), magnetic Memory, magnetic disk, optical disk, and the like. Memory 502 is any other medium that can be used to carry or store desired program code in the form of instructions or data structures and that can be accessed by a computer, but is not limited to such. The memory 502 in embodiments of the present application may also be circuitry or any other device capable of performing storage functions for storing program instructions and/or data.
By programming the processor 501, the code corresponding to the address generation method described in the foregoing embodiment may be cured into the chip, so that the chip can execute the steps of the address generation method of the embodiment shown in fig. 1 at runtime. How to design and program the processor 501 is a technique well known to those skilled in the art, and will not be described in detail herein.
Based on the same inventive concept, embodiments of the present application also provide a storage medium storing computer instructions that, when run on a computer, cause the computer to perform the address generation method discussed above.
In some possible embodiments, aspects of the address generation method provided by the present application may also be implemented in the form of a program product comprising program code for causing the control apparatus to carry out the steps of the address generation method according to the various exemplary embodiments of the application as described in the present specification when the program product is run on a device.
It will be appreciated by those skilled in the art that embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present application is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to embodiments of the application. It will be understood that each flow and/or block of the flowchart illustrations and/or block diagrams, and combinations of flows and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
It will be apparent to those skilled in the art that various modifications and variations can be made to the present application without departing from the spirit or scope of the application. Thus, it is intended that the present application also include such modifications and alterations insofar as they come within the scope of the appended claims or the equivalents thereof.

Claims (10)

1. An address generation method, comprising:
when a route notification message issued by a network side is determined to be received, selecting an M-bit first address to be selected from a network address sequence of the route notification message, and selecting an N-bit second address to be selected from an MAC address, wherein an address set formed by the N-bit second address to be selected does not contain all manufacturer ID identifiers, the network address sequence represents prefix information of a network to be connected by a terminal device, and M and N are positive integers greater than or equal to zero;
and filling the M-bit first to-be-selected address and the N-bit second to-be-selected address into a target IP address according to a set filling sequence, and generating the target IP address.
2. The method of claim 1, wherein when determining that the route advertisement message sent by the network side is received, selecting the M-bit first candidate address from the network address sequence of the route advertisement message, and selecting the N-bit second candidate address from the MAC address, includes:
identifying an identification byte in the route announcement message;
judging whether the value of the newly added flag bit in the identification byte is 1 or not;
if yes, selecting the M-bit first address to be selected from the network address sequence, and selecting the N-bit second address to be selected from the MAC address;
if not, determining an address generation rule taking the EUI-64 protocol as a target IP address.
3. The method of claim 1, wherein selecting the M-bit first candidate address from the network address sequence of the route advertisement message comprises:
determining the total address bit number of the selected address to be selected from the network address sequence;
judging whether the total address bit number is in a range of a set address bit number interval;
if yes, selecting the M-bit first address to be selected, which is the same as the total address bit number, from the network address sequence;
if not, the feedback message that the total address bit number does not accord with the target IP address generation rule is sent to the network side.
4. The method of claim 1, wherein the filling the M-bit first candidate address and the N-bit second candidate address into a target IP address in a set filling order, and generating the target IP address, comprises:
filling each bit of first addresses to be selected in the M bits of first addresses to be selected in sequence according to the filling sequence, filling the N bits of second addresses to be selected into N positions of the lower bits of the target IP address, and filling the rest positions of the target IP address by using random numbers to obtain a filled IP address;
judging whether the value of the address type flag bit in the filling IP address is zero or not;
if yes, the filling IP address is used as the target IP address;
if not, setting zero for the value in the address type flag bit to generate the target IP address.
5. An address generation apparatus, comprising:
the data screening module is used for selecting M-bit first addresses to be selected from a network address sequence of the routing notification message when the routing notification message issued by a network side is determined to be received, and selecting N-bit second addresses to be selected from MAC addresses, wherein an address set formed by the N-bit second addresses to be selected does not contain all manufacturer ID identifiers, the network address sequence represents prefix information of a network to be connected by the terminal equipment, and M and N are positive integers greater than or equal to zero;
and the address generation module is used for filling the M-bit first to-be-selected address and the N-bit second to-be-selected address into a target IP address according to a set filling sequence to generate the target IP address.
6. The apparatus of claim 5, wherein the data screening module is specifically configured to:
identifying an identification byte in the route announcement message;
judging whether the value of the newly added flag bit in the identification byte is 1 or not;
if yes, selecting the M-bit first address to be selected from the network address sequence, and selecting the N-bit second address to be selected from the MAC address;
if not, determining an address generation rule taking the EUI-64 protocol as a target IP address.
7. The apparatus of claim 5, wherein the data screening module is specifically configured to:
determining the total address bit number of the selected address to be selected from the network address sequence;
judging whether the total address bit number is in a range of a set address bit number interval;
if yes, selecting the M-bit first address to be selected, which is the same as the total address bit number, from the network address sequence;
if not, the feedback message that the total address bit number does not accord with the target IP address generation rule is sent to the network side.
8. The apparatus of claim 5, wherein the address generation module is specifically configured to:
filling each bit of first addresses to be selected in the M bits of first addresses to be selected in sequence according to the filling sequence, filling the N bits of second addresses to be selected into N positions of the lower bits of the target IP address, and filling the rest positions of the target IP address by using random numbers to obtain a filled IP address;
judging whether the value of the address type flag bit in the filling IP address is zero or not;
if yes, the filling IP address is used as the target IP address;
if not, setting zero for the value in the address type flag bit to generate the target IP address.
9. An electronic device, comprising:
a memory for storing a computer program;
a processor for carrying out the method steps of any one of claims 1-4 when executing a computer program stored on said memory.
10. A computer-readable storage medium, characterized in that the computer-readable storage medium has stored therein a computer program which, when executed by a processor, implements the method steps of any of claims 1-4.
CN202310974948.6A 2023-08-03 2023-08-03 Address generation method and device and electronic equipment Pending CN117061480A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202310974948.6A CN117061480A (en) 2023-08-03 2023-08-03 Address generation method and device and electronic equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202310974948.6A CN117061480A (en) 2023-08-03 2023-08-03 Address generation method and device and electronic equipment

Publications (1)

Publication Number Publication Date
CN117061480A true CN117061480A (en) 2023-11-14

Family

ID=88665591

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202310974948.6A Pending CN117061480A (en) 2023-08-03 2023-08-03 Address generation method and device and electronic equipment

Country Status (1)

Country Link
CN (1) CN117061480A (en)

Similar Documents

Publication Publication Date Title
CN107580079B (en) Message transmission method and device
CN115733784B (en) Compressed route header
CN110417657B (en) A method and device for processing multicast data message
US7860980B2 (en) Information processing device, server, communication system, address decision method, address modification method, and program
US20070104196A1 (en) Apparatus and method for determining public long code mask in a mobile communications system
JP5588345B2 (en) System and method for generating functional addresses
US20050120350A1 (en) Load balancer for multiprocessor platforms
CN108848100A (en) A kind of stateful IPv6 address generating method and device
CN113726654B (en) Message forwarding method and device of SRV6 protocol, electronic equipment and medium
CN113973074B (en) Message processing method and device, electronic equipment and medium
CN110932934A (en) A kind of network packet loss detection method and device
US20160359801A1 (en) Method of and a Processing Device Handling a Protocol Address in a Network
CN109039753A (en) A kind of communication means and communication equipment based on Ethernet
CN108667951B (en) Virtual MAC address mapping method and device, storage medium and relay equipment
JP7116201B2 (en) Message generation method and device and message processing method and device
CN117061480A (en) Address generation method and device and electronic equipment
CN106953849B (en) Data message matching method and device based on IPv6 address
CN107547684B (en) IPv6 address allocation method and device
CN107547687B (en) Message transmission method and device
US20050066055A1 (en) Apparatus and method for configuring internet protocol address of host and service method using the internet protocol address
CN114979090A (en) IPv6 data packet processing method, device, computer equipment and storage medium
US11838263B1 (en) Stateless address auto-configuration with multiple subnet support method and apparatus
CN114531421B (en) Identification coding method and device, electronic equipment and storage medium
KR20030052452A (en) SECURE AUTOMATIC CONFIGURATION METHOD OF MULTICAST ADDRESSES IN IPv6-BASED NODES IN NETWORK LAYER
CN116827860A (en) SRv6 message transmission method, device, node and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination