A traffic forwarding method includes determining, by a first network device, a first address resolution protocol (ARP) entry of the access device, where the first ARP entry is used to indicate a mapping relationship among a media access control (MAC) address, an Internet Protocol (IP) address, and an egress port, the egress port includes a standby egress port, and the first network device is connected to the protection link through the standby egress port, receiving traffic sent by a network side, determining whether a fault exists in the first multi-chassis link aggregation group (MC-LAG) link, and when the first network device determines that a fault exists in the first MC-LAG link, sending the traffic to the second network device through the protection link based on a standby egress port number in the first ARP entry, where the standby egress port number is used to indicate the standby egress port.

The present invention provides a wireless communication method of an access point. The wireless communication method comprises the steps of: establishing a cache table comprising a plurality of reference MAC and corresponding PMKs and reference PMKIDs; receiving an association request from a station; reading a MAC address of the station and a PMKID from the association request; if the MAC address of the station and the PMKID do not match items of the cache table, performing a calculation on the PMKID to obtain an original PMKID; determining if the original PMKID matches any one of the reference PMKIDs within the cache table; and if the original PMKID matches one reference PMKID within the cache table, determining that the reference MAC recorded in the cache table and the MAC address belong to the same station.

There is disclosed in one example a gateway apparatus, including: a hardware platform including a processor and a memory; and instructions stored within the memory to instruct the processor to: provide a domain name system (DNS) server, the DNS server to provide an encrypted DNS service, and to cache resolved domain names; receive an outgoing network packet; determine a destination address of the outgoing network packet; and upon determining that the destination address was not cached, apply a security policy.

A network security device has at least one Fully Qualified Domain Name (FQDN) access policy that permits traffic to flow to at least one resource associated with at least one FQDN. The network security device receives, from a managed endpoint device, a packet directed to the at least one resource associated with the at least one FQDN. The network security device obtains DNS information associated with the managed endpoint device and, based on the domain name system (DNS) information, substitutes a network address of the at least one resource into the at least one FQDN access policy to open a traffic flow to the at least one resource associated with the at least one FQDN. The network security device then provides the packet to the at least one resource associated with the at least one FQDN.

A network security device has at least one Fully Qualified Domain Name (FQDN) access policy that permits traffic to flow to at least one resource associated with at least one FQDN. The network security device receives, from a managed endpoint device, a packet directed to the at least one resource associated with the at least one FQDN. The network security device obtains DNS information associated with the managed endpoint device and, based on the domain name system (DNS) information, substitutes a network address of the at least one resource into the at least one FQDN access policy to open a traffic flow to the at least one resource associated with the at least one FQDN. The network security device then provides the packet to the at least one resource associated with the at least one FQDN.

Disclosed are an information processing method and a related network device. The method comprises: a session management function (SMF) obtaining first address information of a local domain name system (DNS) server; sending the first address information to an uplink classifier; and sending, by means of an access and mobility management function (AMF), the first address information to a user equipment (UE), wherein the first address information is used for the UE to update the IP address of local DNS server.

A communication apparatus that transmits data outside via different communication interfaces performs operations, including setting an interface correspondence between a domain name identifying a domain and a communication interface for use with an external apparatus belonging to the domain, generating, from the set interface correspondence, a setting indicating a Domain Name System (DNS) server correspondence between the domain name and the DNS server to which name resolution for a host name of the external apparatus is to be transferred, and activating a DNS cache server that operates from the generated setting. A DNS client requested for the host name resolution by an application of the communication apparatus transmits a name resolution request to the DNS cache server. Based on the received host name, the DNS cache server determines an external DNS server to which the name resolution is requested, and requests the determined external DNS server for the name resolution.

A communication apparatus that transmits data outside via different communication interfaces performs operations, including setting an interface correspondence between a domain name identifying a domain and a communication interface for use with an external apparatus belonging to the domain, generating, from the set interface correspondence, a setting indicating a Domain Name System (DNS) server correspondence between the domain name and the DNS server to which name resolution for a host name of the external apparatus is to be transferred, and activating a DNS cache server that operates from the generated setting. A DNS client requested for the host name resolution by an application of the communication apparatus transmits a name resolution request to the DNS cache server. Based on the received host name, the DNS cache server determines an external DNS server to which the name resolution is requested, and requests the determined external DNS server for the name resolution.

A network communication device includes a plurality of ports, a memory, and a processor. The plurality of ports is configured to receive a packet. A memory is configured to store a first lookup table and a second lookup table. An entry of the first lookup table includes a flag field. An entry of the second lookup table includes an entry address of the first lookup table. The processor is coupled to the memory and the plurality of ports. The network communication device is configured to: analyze the packet by a software or hardware to obtain a source Media Access Control (MAC) address; obtain, according to the source MAC address of the packet, the entry of the first lookup table; read the flag field of the entry; and determine, according to the flag field, whether the entry is referred by the second lookup table.

Provided is an Address Resolution Protocol (ARP) learning method, which includes: determining, by a forwarding chip, an IP address of a target device; when an MAC address corresponding to the IP address of the target device is not stored in an ARP forwarding table, generating and broadcasting, by the forwarding chip, an ARP request message, wherein the ARP request message includes the IP address of the target device; receiving, by the forwarding chip, an ARP response message fed back by the target device, wherein the ARP response message includes an MAC address of the target device; and writing, by the forwarding chip, the IP address of the target device and the MAC address corresponding to the IP address into the ARP forwarding table. The present disclosure also provides a node device and a computer-readable medium.