Through the whitelist function, dynamic link protection protects application layer data that is based on sessions. This way, the existing services can run normally when attacks begin.
The packet for setting up a neighbor of the routing protocol is reliable.
When the device detects that the session for a certain protocol is set up, information about this session is synchronized to the whitelist. Then, packets that match the characteristics of the session are delivered with high priority and high bandwidth to ensure the reliability and stability of related services. When the device detects that the session for a certain protocol is removed, the device deletes information about the session from the whitelist.
Dynamic link protection protects the protocol whose session is set up. In this manner, packets that match the characteristics of the session are delivered with high priority. If the session for a packet is set up, a whitelist is sent to the forwarding layer. When the device receives the protocol packet, it checks whether the packet matches the ACL.
If the session for the packet is set up, the packet matches the ACL. The packet is sent to the control layer with high bandwidth and high priority.
If the packet does not match the ACL, it is sent to the control layer with the original bandwidth and priority for the protocol.