[go: up one dir, main page]

CN1249572C - Plug-and-play ether net access system and method - Google Patents

Plug-and-play ether net access system and method Download PDF

Info

Publication number
CN1249572C
CN1249572C CNB021160996A CN02116099A CN1249572C CN 1249572 C CN1249572 C CN 1249572C CN B021160996 A CNB021160996 A CN B021160996A CN 02116099 A CN02116099 A CN 02116099A CN 1249572 C CN1249572 C CN 1249572C
Authority
CN
China
Prior art keywords
message
address
user
plug
play
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
CNB021160996A
Other languages
Chinese (zh)
Other versions
CN1458582A (en
Inventor
徐中亚
万斌
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Huawei Technologies Co Ltd
Original Assignee
Huawei Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Technologies Co Ltd filed Critical Huawei Technologies Co Ltd
Priority to CNB021160996A priority Critical patent/CN1249572C/en
Publication of CN1458582A publication Critical patent/CN1458582A/en
Application granted granted Critical
Publication of CN1249572C publication Critical patent/CN1249572C/en
Anticipated expiration legal-status Critical
Expired - Fee Related legal-status Critical Current

Links

Images

Landscapes

  • Small-Scale Networks (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The present invention provides a plug-and-play ethernet access system and a method, wherein a processing module capable of achieving the plug-and-play function is added on the basis of a router or a triplex-layer exchanger of the system; when the module sends the ethernet message to an access device on an access user, a mark for recognizing users is used according to a user's MAC (Medium Access Control) address or a VLANID and MAC address, a user's IP address, gateway address and DNS address are newly generated in the system, and then the user 's message is sent; when the access user receives the ethernet message from the access device, the message is amended, and the ethernet message is sent to the user according to the user's original network configuration.

Description

一种即插即用的以太网接入系统与方法A Plug and Play Ethernet Access System and Method

技术领域technical field

本发明涉及一种即插即用的以太网接入系统与方法,特别是指一种在接入设备不要求对计算机修改网络配置或重新申请IP地址的情况下,实现计算机即插即用的以太网接入系统与方法。The present invention relates to a plug-and-play Ethernet access system and method, in particular to a plug-and-play Ethernet access device that does not require the computer to modify the network configuration or re-apply for an IP address. Ethernet access system and method.

技术背景technical background

由于以太网网络具有传递信息快、成本较低的优点,在生活中得到了广泛的应用,诸如:在宾馆、公共大厅等。Because the Ethernet network has the advantages of fast information transmission and low cost, it has been widely used in daily life, such as in hotels and public halls.

在通常的网络中,网络都是按照网段划分的。不同的网段具有不同的IP地址段,对于接入在同一网段上的计算机要求有相同的网络配置,现有技术中,有两种常用的配置方法:In a common network, the network is divided according to network segments. Different network segments have different IP address segments, and the computers connected to the same network segment are required to have the same network configuration. In the prior art, there are two commonly used configuration methods:

第一种、IP地址的固定配置:即在同一网段下,所有计算机的IP地址是固定的且互不相同,但这些计算机却有着相同的网关地址和DNS(Domain Name Server)服务器地址。The first, fixed configuration of IP address: that is, under the same network segment, the IP addresses of all computers are fixed and different from each other, but these computers have the same gateway address and DNS (Domain Name Server) server address.

第二种、IP地址的动态申请:即在同一网段下,所有计算机的IP地址是通过计算机的操作系统(如:WINDOWS)动态地进行配置,当然这些计算机也有着相同的网关地址和DNS服务器地址。The second type, dynamic application of IP address: that is, under the same network segment, the IP addresses of all computers are dynamically configured through the computer's operating system (such as: WINDOWS). Of course, these computers also have the same gateway address and DNS server address.

但不管采用以上两种方法的何种方法给计算机配置IP地址,当一台计算机从一个网段转移到另一网段中时,在目前的应用中,都必须修改网络配置或重新给计算机申请IP地址,否则计算机便不能在网络中进行正常的网络通讯,这在宾馆、公共大厅等的实际应用中,当计算机从一个网络移到另一网络时,将会存在因修改网络配置或重新给计算机申请IP地址而带来的人力成本增加、时间浪费、效率低等问题。However, no matter which of the above two methods is used to configure an IP address for the computer, when a computer is transferred from one network segment to another, in the current application, the network configuration must be modified or the computer must be re-applied Otherwise, the computer cannot carry out normal network communication in the network. In the actual application of hotels, public halls, etc., when the computer moves from one network to another, there will be problems caused by modifying the network configuration or resetting the IP address. Problems such as increased labor costs, time waste, and low efficiency caused by computer applications for IP addresses.

发明内容Contents of the invention

本发明目的是针对上述现有技术中存在的问题,提出一种在接入设备不要求对计算机修改网络配置或重新申请IP地址的情况下,实现计算机即插即用的以太网接入系统与方法。The purpose of the present invention is to solve the problems existing in the above-mentioned prior art, and to propose a computer plug-and-play Ethernet access system and method.

本发明的目的是通过以下技术方案来达到的:The purpose of the present invention is achieved through the following technical solutions:

在即插即用的以太网接入系统的路由器或三层交换机的基础上,增加一个可实现即插即用处理装置。On the basis of the router or layer-3 switch of the plug-and-play Ethernet access system, a processing device capable of realizing plug-and-play is added.

该系统在接入用户将以太网报文发送给接入设备时,处理方法为:When the access user sends the Ethernet packet to the access device, the processing method of the system is as follows:

首先由即插即用处理装置进行处理,处理后的报文再由路由器或三层交换机进行处理;First, it is processed by the plug-and-play processing device, and the processed message is then processed by a router or a layer-3 switch;

在接入设备的即插即用处理装置中,只根据用户的MAC(MediumAccess Control)地址或者VLAN ID+MAC地址作为识别用户的标记,在系统内部将用户重新生成用户的IP地址、网关地址、DNS地址,然后发送用户的报文。In the plug-and-play processing device of the access device, the user's IP address, gateway address, DNS address, and then send the user's message.

该系统在接入用户接收以太网报文时,处理方法为:When the system accesses the user to receive the Ethernet message, the processing method is as follows:

发送给用户的报文发送给接入设备时,首先由路由器或三层交换机进行处理;处理后的报文再由即插即用处理装置处理;When the message sent to the user is sent to the access device, it is first processed by a router or a layer-3 switch; the processed message is then processed by a plug-and-play processing device;

在接收发送给用户的报文时,先将报文进行修改,然后按照用户原来的网络配置将以太网报文发送给用户。When receiving the message sent to the user, first modify the message, and then send the Ethernet message to the user according to the user's original network configuration.

由于本发明上述技术特征,故,相比现有技术具如下优点:Because above-mentioned technical feature of the present invention, so, compared with prior art, has following advantage:

接入用户不需要修改网络配置或者重新申请IP地址,便能直接、简单地进行网络通讯,特别适合宾馆和公共大厅等网络移动性较大场合的网络接入。Access users do not need to modify the network configuration or re-apply for an IP address, they can directly and simply conduct network communication, which is especially suitable for network access in places with high network mobility such as hotels and public halls.

附图说明Description of drawings

图1是路由器或者三层交换机设备逻辑结构图;Fig. 1 is a router or a three-layer switch device logic structure diagram;

图2是即插即用设备逻辑结构图;Fig. 2 is a logical structure diagram of a plug-and-play device;

图3是ARP报文处理的流程图;Fig. 3 is the flowchart of ARP message processing;

图4是DNS报文处理的流程图;Fig. 4 is a flowchart of DNS message processing;

图5是DHCP地址分配处理的流程图;Fig. 5 is a flowchart of DHCP address allocation processing;

图6是报文转发处理流程图。FIG. 6 is a flow chart of message forwarding processing.

具体实施方式Detailed ways

下面将结合附图对本发明作进一步说明:The present invention will be further described below in conjunction with accompanying drawing:

实施例一:本发明对ARP报文的处理。Embodiment 1: The present invention processes the ARP message.

请参考图2、图3,这种涉及不需修改网络配置或者重新申请IP地址即可实现计算机在接入设备的网络中即插即用的以太网接入系统如图2所示,大的虚线框代表了即插即用接入设备的逻辑结构图。即插即用接入设备只需要在路由器或三层交换机设备内前置一个即插即用处理装置,以用户的MAC地址或者VLAN ID+MAC地址为索引,记录下用户原始IP地址,用户映射后IP地址等信息,用户的映射IP地址需要在同一个网段。即插即用处理装置对用户发送来的报文进行IP地址替换处理,将源IP地址替换为映射地址,将报文发送给路由器或三层交换机处理。对于从网络侧来发送给用户的报文,即插即用处理装置也进行IP地址替换处理,将目的IP地址替换为映射地址,并填充用户的MAC地址,将报文发送给用户。Please refer to Figure 2 and Figure 3, this kind of Ethernet access system that can realize the plug-and-play of computers in the network of access devices without modifying the network configuration or re-applying for IP addresses is shown in Figure 2. The large The dotted box represents the logical structure diagram of the plug-and-play access device. The plug-and-play access device only needs to pre-install a plug-and-play processing device in the router or layer-3 switch equipment, and use the user's MAC address or VLAN ID+MAC address as an index to record the user's original IP address and user mapping. After the IP address and other information, the mapped IP address of the user needs to be on the same network segment. The plug-and-play processing device performs IP address replacement processing on the message sent by the user, replaces the source IP address with the mapped address, and sends the message to a router or a layer-3 switch for processing. For the message sent to the user from the network side, the plug-and-play processing device also performs IP address replacement processing, replaces the destination IP address with the mapped address, fills in the user's MAC address, and sends the message to the user.

接入用户在不同网段4的以太网经输入端口5发送给接入设备时,首先由即插即用模块处理,在接入设备的即插即用模块中,只根据用户的MAC地址或者VLAN ID+MAC地址作为识别用户的标记,在系统内部为用户重新生成用户的IP地址、网关地址、DNS地址,然后发送用户的报文,映射后的用户在同一网段6上,处理后报文再经映射后输入端口7进入路由器或三层交换机进行处理,即先对接收发送给用户的报文进行修改,然后按照用户原来的网络配置经输出端口8将以太网报文发送给予用户。接入用户接收以太网报文的过程则相反(参阅图2)。When the user accesses the Ethernet in different network segments 4 and sends it to the access device through the input port 5, it is first processed by the plug-and-play module. In the plug-and-play module of the access device, only according to the user's MAC address or VLAN ID+MAC address is used as a mark to identify the user, and the user's IP address, gateway address, and DNS address are regenerated within the system, and then the user's message is sent. The mapped user is on the same network segment 6, and the report is processed. After the text is mapped, the input port 7 enters the router or a layer-3 switch for processing, that is, the packet received and sent to the user is modified first, and then the Ethernet packet is sent to the user through the output port 8 according to the user's original network configuration. The process for the access user to receive Ethernet packets is reversed (see Figure 2).

接入设备的网络中,即插即用的报文交互过程如下:In the network of the access device, the plug-and-play message exchange process is as follows:

(1)在路由器或三层交换机设备内前置一个即插即用处理装置,该模块以用户的MAC地址或者VLAN ID+MAC地址为索引,记录下用户原始IP地址,用户映射后IP地址等信息,用户的映射IP地址需要在同一个网段;(1) A plug-and-play processing device is pre-installed in the router or layer-3 switch equipment. This module uses the user's MAC address or VLAN ID+MAC address as an index to record the user's original IP address, the user's mapped IP address, etc. information, the user's mapped IP address needs to be on the same network segment;

(2)即插即用处理装置对用户发送来的报文进行IP地址替换处理,即先将源IP地址替换为映射地址,然后将报文发送给内部的路由器或三层交换机处理。对于从网络侧来发送给用户的报文,即插即用处理装置也进行IP地址替换处理,将目的IP地址替换为映射地址,并填充用户的MAC地址;(2) The plug-and-play processing device performs IP address replacement processing on the message sent by the user, that is, first replaces the source IP address with a mapped address, and then sends the message to an internal router or a layer-3 switch for processing. For the message sent to the user from the network side, the plug-and-play processing device also performs IP address replacement processing, replaces the destination IP address with the mapped address, and fills in the user's MAC address;

(3)接入设备配置一个内部使用网段,当接入计算机开始发送报文时,纪录该计算机的MAC地址和IP地址,同时给用户分配一个内部网段地址,将用户的IP地址修改为内部分配IP地址,将修改后的报文发送出去;(3) The access device is configured with an internal network segment. When the access computer starts to send messages, record the MAC address and IP address of the computer, and at the same time assign an internal network segment address to the user, and change the user's IP address to Internally assign an IP address and send the modified message;

(4)接入设备对于用户的ARP请求报文要进行专门处理。由于用户的IP地址允许是各种各样的,因此网关地址也是各种各样,接入设备对此不限制。用户接在接入设备后,如果用户采用固定IP地址分配方式,则用户如果发送报文到其他网段或者同一个网段的设备,需要发送ARP请求报文请求网关的MAC地址或者同一个网段设备的MAC地址。接入设备收到ARP请求后,应该发送ARP响应报文,代替应答ARP请求,应答的MAC地址为设备本身的MAC地址。从用户的角度看,认为找到了对应设备的MAC地址,可以发送数据报文,数据报文中MAC地址为接入设备的MAC地址。接入设备收到MAC地址为自身的IP报文后,再将用户报文转发出去。(4) The access device shall perform special processing on the user's ARP request message. Since the user's IP address is allowed to be various, the gateway address is also various, and the access device does not limit this. After the user is connected to the access device, if the user adopts the fixed IP address allocation method, if the user sends a message to another network segment or a device on the same network segment, it needs to send an ARP request message to request the MAC address of the gateway or the same network segment. The MAC address of the segment device. After the access device receives the ARP request, it should send an ARP response message instead of responding to the ARP request, and the MAC address of the response is the MAC address of the device itself. From the perspective of the user, it is considered that the MAC address of the corresponding device has been found, and a data packet can be sent, and the MAC address in the data packet is the MAC address of the access device. After the access device receives the IP packet whose MAC address is its own, it forwards the user packet.

实施例二:本发明对DNS报文的处理。Embodiment 2: the processing of the DNS message in the present invention.

请参考图2、图4,这种涉及不需修改网络配置或者重新申请IP地址即可实现计算机在接入设备的网络中即插即用的以太网接入系统,包括:Please refer to Figure 2 and Figure 4, this kind of Ethernet access system that can realize plug-and-play of computers in the network of access devices without modifying network configuration or reapplying for IP addresses, including:

如图2所示,大的虚线框代表了即插即用接入设备的逻辑结构图。即插即用接入设备只需要在路由器或三层交换机设备内前置一个即插即用处理装置,该模块以用户的MAC地址或者VLAN ID+MAC地址为索引,记录下用户原始IP地址,用户映射后IP地址等信息,用户的映射IP地址需要在同一个网段。即插即用处理装置对用户发送来的报文进行IP地址替换处理,将源IP地址替换为映射地址,将报文发送给内部的路由器或三层交换机处理。对于从网络侧来发送给用户的报文,即插即用处理装置也进行IP地址替换处理,将目的IP地址替换为映射地址,并填充用户的MAC地址,将报文发送给用户。As shown in FIG. 2 , the big dashed box represents a logical structure diagram of the plug-and-play access device. The plug-and-play access device only needs to pre-install a plug-and-play processing device in the router or layer-3 switch equipment. This module uses the user's MAC address or VLAN ID+MAC address as an index to record the user's original IP address. For information such as the IP address after user mapping, the mapped IP address of the user must be on the same network segment. The plug-and-play processing device performs IP address replacement processing on the message sent by the user, replaces the source IP address with the mapped address, and sends the message to the internal router or layer-3 switch for processing. For the message sent to the user from the network side, the plug-and-play processing device also performs IP address replacement processing, replaces the destination IP address with the mapped address, fills in the user's MAC address, and sends the message to the user.

接入用户在不同网段4的以太网经输入端口5发送给接入设备时,首先由即插即用模块进行处理,在接入设备的即插即用软件模块中,只根据用户的MAC地址或者VLAN ID+MAC地址作为识别用户的标记,在系统内部为用户重新生成用户的IP地址、网关地址、DNS地址,然后发送用户的报文,映射后的用户在同一网段6上,处理后报文再经映射后输入端口7进入路由器或三层交换机进行处理,对接收发送给用户的报文进行修改,按照用户原来的网络配置经输出端口8将以太网报文发送给予用户。接入用户接收以太网报文的过程则相反(参阅图2)。When the user accesses the Ethernet in different network segments 4 and sends it to the access device through the input port 5, it is first processed by the plug-and-play module. In the plug-and-play software module of the access device, only according to the user's MAC The address or VLAN ID+MAC address is used as a mark to identify the user, and the user's IP address, gateway address, and DNS address are regenerated within the system for the user, and then the user's message is sent. The mapped user is on the same network segment 6 and processed After the message is mapped, the input port 7 enters the router or a layer-3 switch for processing, and the message received and sent to the user is modified, and the Ethernet message is sent to the user through the output port 8 according to the user's original network configuration. The process for the access user to receive Ethernet packets is reversed (see Figure 2).

接入设备的网络中,即插即用的报文交互过程如下:In the network of the access device, the plug-and-play message exchange process is as follows:

(1)在路由器或三层交换机设备内前置一个即插即用处理装置,以用户的MAC地址或者VLAN ID+MAC地址为索引,记录下用户原始IP地址,用户映射后IP地址等信息,用户的映射IP地址需要在同一个网段;(1) A plug-and-play processing device is pre-installed in the router or layer-3 switch equipment, and the user's MAC address or VLAN ID+MAC address is used as an index to record the user's original IP address, the user's mapped IP address and other information, The user's mapped IP address needs to be on the same network segment;

(2)即插即用处理装置对用户发送来的报文进行IP地址替换处理,将源IP地址替换为映射地址,将报文发送给内部路由器或三层交换机处理。对于从网络侧来发送给用户的报文,即插即用处理装置也进行IP地址替换处理,将目的IP地址替换为映射地址,并填充用户的MAC地址;(2) The plug-and-play processing device performs IP address replacement processing on the message sent by the user, replaces the source IP address with the mapped address, and sends the message to an internal router or a layer-3 switch for processing. For the message sent to the user from the network side, the plug-and-play processing device also performs IP address replacement processing, replaces the destination IP address with the mapped address, and fills in the user's MAC address;

(3)接入设备配置一个内部使用网段,当用户通过DNS协议请求域名服务时,接入设备检查并截获该DNS请求报文,修改请求报文的目的IP地址和IP报文的校验和,将该报文转发给该网络真正的DNS服务器,当接收DNS接收报文时,修改DNS响应报文的目的IP地址和IP报文的校验和,发送给原来的计算机。(3) The access device configures an internal network segment. When a user requests a domain name service through the DNS protocol, the access device checks and intercepts the DNS request message, and modifies the destination IP address of the request message and the verification of the IP message. And, forward the message to the real DNS server of the network, when the DNS receives the message, modify the destination IP address of the DNS response message and the checksum of the IP message, and send it to the original computer.

实施例三:本发明支持DHCP方面的地址分配处理。Embodiment 3: The present invention supports address allocation processing in the aspect of DHCP.

请参考图2、图5,这种涉及不需修改网络配置或者重新申请IP地址即可实现计算机在接入设备的网络中即插即用的以太网接入系统如图2所示,大的虚线框代表了即插即用接入设备的逻辑结构图。即插即用接入设备只需要在路由器或三层交换机设备内前置一个即插即用处理装置,该模块以用户的MAC地址或者VLAN ID+MAC地址为索引,记录下用户原始IP地址,用户映射后IP地址等信息,用户的映射IP地址需要在同一个网段。即插即用处理装置对用户发送来的报文进行IP地址替换处理,将源IP地址替换为映射地址,将报文发送给内部的路由器或三层交换机处理。对于从网络侧来发送给用户的报文,即插即用处理装置也进行IP地址替换处理,将目的IP地址替换为映射地址,并填充用户的MAC地址,将报文发送给用户。Please refer to Figure 2 and Figure 5, this kind of Ethernet access system that can realize plug-and-play of computers in the network of access devices without modifying the network configuration or re-applying for IP addresses is shown in Figure 2. The large The dotted box represents the logical structure diagram of the plug-and-play access device. The plug-and-play access device only needs to pre-install a plug-and-play processing device in the router or layer-3 switch equipment. This module uses the user's MAC address or VLAN ID+MAC address as an index to record the user's original IP address. For information such as the IP address after user mapping, the mapped IP address of the user must be on the same network segment. The plug-and-play processing device performs IP address replacement processing on the message sent by the user, replaces the source IP address with the mapped address, and sends the message to the internal router or layer-3 switch for processing. For the message sent to the user from the network side, the plug-and-play processing device also performs IP address replacement processing, replaces the destination IP address with the mapped address, fills in the user's MAC address, and sends the message to the user.

接入用户在不同网段4的以太网经输入端口5发送给接入设备时,首先由即插即用模块进行处理,在接入设备的即插即用软件模块中,只根据用户的MAC地址或者VLAN ID+MAC地址作为识别用户的标记,在系统内部将用户重新生成用户的IP地址、网关地址、DNS地址,然后发送用户的报文,映射后的用户在同一网段6上,处理后报文再经映射后输入端口7进入路由器或三层交换机进行处理,对接收发送给用户的报文进行修改,按照用户原来的网络配置经输出端口8将以太网报文发送给予用户。接入用户接收以太网报文的过程则相反(参阅图2)。When the user accesses the Ethernet in different network segments 4 and sends it to the access device through the input port 5, it is first processed by the plug-and-play module. In the plug-and-play software module of the access device, only according to the user's MAC The address or VLAN ID+MAC address is used as a mark to identify the user, and the user's IP address, gateway address, and DNS address are regenerated within the system, and then the user's message is sent. The mapped user is on the same network segment 6 and processed After the message is mapped, the input port 7 enters the router or a layer-3 switch for processing, and the message received and sent to the user is modified, and the Ethernet message is sent to the user through the output port 8 according to the user's original network configuration. The process for the access user to receive Ethernet packets is reversed (see Figure 2).

接入设备的网络中,即插即用的报文交互过程如下:In the network of the access device, the plug-and-play message exchange process is as follows:

(1)在路由器或三层交换机设备内前置一个即插即用处理装置,该模块以用户的MAC地址或者VLAN ID+MAC地址为索引,记录下用户原始IP地址,用户映射后IP地址等信息,用户的映射IP地址需要在同一个网段;(1) A plug-and-play processing device is pre-installed in the router or layer-3 switch equipment. This module uses the user's MAC address or VLAN ID+MAC address as an index to record the user's original IP address, the user's mapped IP address, etc. information, the user's mapped IP address needs to be on the same network segment;

(2)即插即用处理装置对用户发送来的报文进行IP地址替换处理,将源IP地址替换为映射地址,将报文发送给内部的路由器或三层交换机处理。对于从网络侧来发送给用户的报文,即插即用处理装置也进行IP地址替换处理,将目的IP地址替换为映射地址,并填充用户的MAC地址;(2) The plug-and-play processing device performs IP address replacement processing on the message sent by the user, replaces the source IP address with the mapped address, and sends the message to the internal router or layer-3 switch for processing. For the message sent to the user from the network side, the plug-and-play processing device also performs IP address replacement processing, replaces the destination IP address with the mapped address, and fills in the user's MAC address;

(3)接入设备配置一个内部使用网段,当接入计算机开始发送报文时,纪录该计算机的MAC地址和IP地址,对于采用动态地址分配的用户,接入设备需要支持DHCP Relay功能或者内置DHCP Server功能,提供用户通过DHCP方式分配IP地址。分配的地址就直接是接入设备给用户统一映射的IP地址,将用户的IP地址修改为内部分配IP地址,将修改后的报文发送出去。(3) The access device is configured with an internal network segment. When the access computer starts to send messages, record the MAC address and IP address of the computer. For users who use dynamic address allocation, the access device needs to support the DHCP Relay function or The built-in DHCP Server function allows users to assign IP addresses through DHCP. The assigned address is directly the IP address uniformly mapped by the access device to the user, and the user's IP address is modified to an internally assigned IP address, and the modified message is sent out.

图2、图6示出了本发明报文转发的过程:Fig. 2, Fig. 6 have shown the process of message forwarding of the present invention:

(1)如果接入设备收到的报文是广播报文,判断报文是否为ARP请求报文,如果是,则代替请求设备应答,其MAC地址为接入设备的用户端口MAC地址;(1) If the message received by the access device is a broadcast message, judge whether the message is an ARP request message, if so, then replace the request device to answer, and its MAC address is the user port MAC address of the access device;

(2)如果广播报文是DHCP请求,则按照DHCP的过程进行处理;(2) If the broadcast message is a DHCP request, then process it according to the DHCP process;

(3)如果广播报文不是ARP请求或者DHCP请求,则丢弃。(3) If the broadcast message is not an ARP request or a DHCP request, it is discarded.

(4)如果报文是发送给接入设备的单播报文,判断是否为IP报文,不是则丢弃,如果是,则判断是否为DNS请求报文,如果是则按照DNS的处理方式进行处理;(4) If the message is a unicast message sent to the access device, judge whether it is an IP message, if not, discard it, if it is, then judge whether it is a DNS request message, and if so, process it according to the DNS processing method ;

(5)对于其他类型的IP报文,则转发此报文,将其他的源IP地址修改为内部映射IP地址,然后将此报文交由路由器进行处理。(5) For other types of IP messages, forward the messages, modify other source IP addresses to internally mapped IP addresses, and then hand over the messages to the router for processing.

Claims (9)

1.一种涉及计算机在接入设备网络中即插即用的以太网接入系统,包括有:用户用计算机、对以太网报文作交换处理的路由器或三层交换机,其中,用户计算机接入在不同的网段上,具有不同的网关地址和DNS域名服务器地址,且用户计算机连接到路由器或三层交换机上并通过路由器或者三层交换机进行以太网报文的交换,其特征在于:路由器或三层交换机设备内前置有一个对以太网报文进行处理,实现在接入设备不要求对用户计算机修改网络配置或重新申请IP地址的情况下就直接使用的即插即用处理装置;所述的即插即用处理装置根据用户或者网络的相关地址作为识别用户的标记,在系统内部为用户重新生成用户的IP地址、网关地址、DNS地址;然后将处理后的报文交由路由器或三层交换机进行处理;然后将报文发送到路由器或者三层交换机处理;然后将处理后的报文交由即插即用处理装置进行修改;最后按照接收端原来的网络配置将报文发送给接收端,接收端接收报文。1. A plug-and-play Ethernet access system involving a computer in an access device network, comprising: a user computer, a router or a layer-3 switch for exchanging Ethernet messages, wherein the user computer is connected to In different network segments, with different gateway addresses and DNS domain name server addresses, and the user computer is connected to a router or a layer-3 switch and exchanges Ethernet packets through the router or a layer-3 switch. It is characterized in that: the router Or there is a plug-and-play processing device in the front of the three-layer switch equipment that processes Ethernet packets, and realizes that the access device does not require the user computer to modify the network configuration or re-apply for an IP address; The plug-and-play processing device regenerates the user's IP address, gateway address, and DNS address for the user within the system according to the relevant address of the user or the network as a mark to identify the user; then the processed message is delivered to the router or Layer 3 switch for processing; then send the message to a router or Layer 3 switch for processing; then pass the processed message to the plug-and-play processing device for modification; finally send the message according to the original network configuration of the receiving end To the receiving end, the receiving end receives the message. 2.一种利用权利要求1所述系统对报文进行处理的即插即用的以太网接入方法,特征在于,该方法包括如下步骤:2. a plug-and-play Ethernet access method utilizing the system described in claim 1 to process messages, characterized in that the method comprises the steps: 2a发送报文:首先由即插即用处理装置根据用户或者网络的相关地址作为识别用户的标记,在系统内部为用户重新生成用户的IP地址、网关地址、DNS地址;然后将处理后的报文交由路由器或三层交换机进行处理;最后将报文发送出去;2a Send message: first, the plug-and-play processing device uses the relevant address of the user or the network as a mark to identify the user, and regenerates the user's IP address, gateway address, and DNS address for the user within the system; then the processed report The text is processed by a router or a Layer 3 switch; finally, the text is sent out; 2b接收报文:首先由路由器或者三层交换机处理;然后将处理后的报文交由即插即用处理装置进行修改;最后按照接收端原来的网络配置将报文发送给接收端,接收端接收报文;2b Receiving the message: firstly, it is processed by a router or a layer-3 switch; then the processed message is handed over to a plug-and-play processing device for modification; finally, the message is sent to the receiving end according to the original network configuration of the receiving end, and the receiving end Receive message; 即插即用处理装置对用户发送的报文或网络侧来的报文处理时,是以用户的MAC介质存取控制地址为索引,以记录下用户原始IP地址,用户映射后IP地址信息,其中,用户的映射IP地址需要在同一个网段;When the plug-and-play processing device processes the message sent by the user or the message from the network side, it uses the MAC media access control address of the user as an index to record the original IP address of the user, and the IP address information after user mapping. Among them, the user's mapped IP address needs to be on the same network segment; 即插即用处理装置对用户发送来的报文的处理方法的步骤为:The steps of the processing method of the message sent by the user by the plug-and-play processing device are as follows: 8a进行IP地址替换处理,以将IP地址替换为映射地址;8a performing IP address replacement processing to replace the IP address with the mapped address; 8b报文发送给内部的路由器或三层交换机处理;The 8b message is sent to the internal router or Layer 3 switch for processing; 即插即用处理装置对网络侧来的报文的处理方法的步骤为:The steps of the processing method of the message from the network side by the plug-and-play processing device are as follows: 9a.IP地址替换处理,将目的IP地址根据映射关系修改为用户源IP地址;9a. IP address replacement processing, modifying the destination IP address to the user source IP address according to the mapping relationship; 9b.填充用户的MAC地址,并同时修改IP报文的校验和;9b. Fill in the MAC address of the user, and modify the checksum of the IP message at the same time; 9c.将报文发送给用户。9c. Send the message to the user. 3.如权利要求2所述的即插即用的以太网接入方法,其特征在于:步骤(2a)中的要发送的报文为用户要发送的报文或网络侧来的要发送的报文;步骤(2b)中的接收端为用户或网络。3. The Ethernet access method of plug and play as claimed in claim 2, characterized in that: the message to be sent in the step (2a) is the message to be sent by the user or the message to be sent from the network side message; the receiving end in step (2b) is the user or the network. 4.如权利要求2或3所述的即插即用的以太网接入方法,其特征在于:在步骤(2a)中,当接入设备接收到要发送的报文后,还包括如下步骤:4. The plug and play Ethernet access method as claimed in claim 2 or 3, characterized in that: in step (2a), after the access device receives the message to be sent, it also includes the following steps : 接入设备去判断MAC地址的类型是广播还是单播,如果是广播报文,则按广播报文的处理流程处理;如果是单播报文,则按单播报文的处理流程处理。The access device judges whether the type of the MAC address is broadcast or unicast. If it is a broadcast message, it will be processed according to the processing flow of the broadcast message; if it is a unicast message, it will be processed according to the processing flow of the unicast message. 5.如权利要求4所述的即插即用的以太网接入方法,其特征在于,广播报文的处理方法的步骤为:接入设备判断广播报文的请求类型,如果是ARP地址解析协议请求,则代替被请求设备应答,其MAC地址为接入设备的用户端口MAC地址;如果是DHCP动态主结构协议请求,则按照DHCP的过程进行处理;如果既不是ARP请求或者DHCP请求,则丢弃。5. the plug and play Ethernet access method as claimed in claim 4, is characterized in that, the step of the processing method of broadcast message is: access device judges the request type of broadcast message, if it is ARP address resolution If it is a protocol request, it will respond instead of the requested device, and its MAC address is the user port MAC address of the access device; if it is a DHCP dynamic main structure protocol request, it will be processed according to the DHCP process; if it is neither an ARP request nor a DHCP request, then throw away. 6.如权利要求4所述的即插即用的以太网接入方法,其特征在于,单播报文的处理方法的步骤为:接入设备判断是否为IP报文,不是则丢弃,如果是,则判断是否为DNS请求报文,如果是则按照DNS的处理方式进行处理;如果是其他类型的IP报文,则转发此报文,将其源IP地址修改为内部映射IP地址,然后将此报文交由路由器处理。6. the plug and play Ethernet access method as claimed in claim 4, is characterized in that, the step of the processing method of unicast message is: whether the access device judges whether it is an IP message, if not then discards, if it is , then determine whether it is a DNS request message, and if so, process it according to the DNS processing method; if it is another type of IP message, forward this message, modify its source IP address to an internally mapped IP address, and then set the This message is handed over to the router for processing. 7.如权利要求5所述即插即用的以太网接入方法,其特征在于,对ARP报文的处理方法的步骤为:7. plug and play Ethernet access method as claimed in claim 5, is characterized in that, the step to the processing method of ARP message is: 10a.接收以太网报文;10a. Receive Ethernet packets; 10b.因为用户的IP地址与网关地址均允许是各种各样的,接入设备对此无限制,所以用户在发送报文到其他网段或者同一个网段的设备之前,要发送ARP请求的报文请求,以获得网关的MAC地址或者同一个网段设备的MAC地址;10b. Because the user's IP address and gateway address are allowed to be various, and the access device has no restrictions on this, so the user must send an ARP request before sending a message to another network segment or a device on the same network segment message request to obtain the MAC address of the gateway or the MAC address of the device on the same network segment; 10c.收到ARP请求后,发送ARP响应报文,以代替应答ARP请求,此时,应答的MAC地址为设备本身的MAC地址,即:从用户的角度看,认为找到了对应设备的MAC地址,可以发送数据报文,其中,数据报文中MAC地址为接入设备的MAC地址,接入设备收到MAC地址为自身的IP报文;10c. After receiving the ARP request, send an ARP response message instead of responding to the ARP request. At this time, the MAC address of the response is the MAC address of the device itself, that is, from the user's point of view, it is considered that the MAC address of the corresponding device has been found , can send a data packet, wherein the MAC address in the data packet is the MAC address of the access device, and the access device receives the IP packet whose MAC address is itself; 10d.将用户报文转发出去。10d. Forward the user message. 8.如权利要求6所述即插即用的以太网接入方法,其特征在于,DNS报文的处理方法的步骤为:8. the Ethernet access method of plug and play as claimed in claim 6, is characterized in that, the step of the processing method of DNS message is: 11a检查并截获该DNS请求报文;11a checks and intercepts the DNS request message; 11b修改请求报文的目的IP地址和IP报文的校验和;11b modifying the destination IP address of the request message and the checksum of the IP message; 11c将该报文转发给该网络真正的DNS服务器;11c forwards the message to the real DNS server of the network; 11d接收报文并修改DNS响应报文的目的IP地址和IP报文的校验和,发送给原来的用户计算机。11d receives the message and modifies the destination IP address of the DNS response message and the checksum of the IP message, and sends it to the original user computer. 9.如权利要求6所述即插即用的以太网接入方法,其特征在于:当用户计算机的网络配置是动态获取IP地址方式时,支持接入用户计算机通过DHCP动态地址分配获取IP地址功能,此时DHCP地址分配方法的步骤为:9. The plug-and-play Ethernet access method as claimed in claim 6, characterized in that: when the network configuration of the user computer is to dynamically obtain the IP address mode, the access user computer is supported to obtain the IP address through DHCP dynamic address allocation function, the steps of the DHCP address allocation method are as follows: 12a.用户计算机开机后通过DHCP协议向所在局域网广播查找DHCP服务器,接入设备接收该报文后,响应该报文;12a. After the user computer is turned on, it broadcasts to the local area network through the DHCP protocol to search for the DHCP server, and the access device responds to the message after receiving the message; 12b.用户计算机收到了DHCP服务器响应后,向该DHCP服务器请求分配一个IP地址,接入设备收到该请求报文后,有两种处理方式:12b. After the user computer receives the response from the DHCP server, it requests the DHCP server to assign an IP address. After the access device receives the request message, there are two processing methods: 方式一:应答该报文并直接分配一个IP地址,即:接入设备通知用户计算机的DHCP服务器IP地址是接入设备本身的IP地址;Method 1: Respond to the message and assign an IP address directly, that is, the access device notifies the user that the DHCP server IP address of the computer is the IP address of the access device itself; 方式二:将该请求报文转发给指定的一台DHCP服务器,由该服务器应答,接入设备再将应答报文转发给用户计算机,此时,IP地址是指定的DHCP服务器的;Method 2: forward the request message to a designated DHCP server, and the server will reply, and the access device will forward the reply message to the user computer. At this time, the IP address belongs to the designated DHCP server; 12c.用户计算机获取到IP地址后,以该地址作为发送报文的源IP地址,另外,根据网络配置,用户计算机通过DHCP协议获取DNS的配置信息。12c. After the user computer obtains the IP address, it uses this address as the source IP address for sending the message. In addition, according to the network configuration, the user computer obtains DNS configuration information through the DHCP protocol.
CNB021160996A 2002-05-12 2002-05-12 Plug-and-play ether net access system and method Expired - Fee Related CN1249572C (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CNB021160996A CN1249572C (en) 2002-05-12 2002-05-12 Plug-and-play ether net access system and method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CNB021160996A CN1249572C (en) 2002-05-12 2002-05-12 Plug-and-play ether net access system and method

Publications (2)

Publication Number Publication Date
CN1458582A CN1458582A (en) 2003-11-26
CN1249572C true CN1249572C (en) 2006-04-05

Family

ID=29426511

Family Applications (1)

Application Number Title Priority Date Filing Date
CNB021160996A Expired - Fee Related CN1249572C (en) 2002-05-12 2002-05-12 Plug-and-play ether net access system and method

Country Status (1)

Country Link
CN (1) CN1249572C (en)

Families Citing this family (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP4533247B2 (en) * 2004-06-08 2010-09-01 キヤノン株式会社 Service providing system, service providing method, and service providing apparatus
JP2007066092A (en) * 2005-08-31 2007-03-15 Canon Inc Information processing apparatus, network device, control method therefor, computer program, and computer-readable storage medium
CN101702687B (en) * 2009-11-27 2011-12-14 北京傲天动联技术有限公司 Method for utilizing device with exchange board structure as broadband access server
CN103379186B (en) * 2012-04-26 2016-06-22 安美世纪(北京)科技有限公司 A kind of plug and play cut-in method of hotel public network
CN102780584B (en) * 2012-07-25 2016-06-22 杭州华三通信技术有限公司 Method and device for quickly accessing network management system of Ethernet equipment
CN103209092B (en) * 2013-02-28 2016-03-30 成都西加云杉科技有限公司 Broadcast storm suppressing method and system
CN103354636A (en) * 2013-08-12 2013-10-16 北京傲天动联技术股份有限公司 CPE multi-user access method and equipment thereof
US10536398B2 (en) * 2016-05-12 2020-01-14 Cisco Technology, Inc. Plug and play in a controller based network
CN119496672B (en) * 2024-11-14 2025-10-03 贵州电网有限责任公司 Multi-layer network access adaptation method and system

Also Published As

Publication number Publication date
CN1458582A (en) 2003-11-26

Similar Documents

Publication Publication Date Title
CN1254747C (en) Device and method for assigning virtual addresses to nodes with same addresses automatically
CN101075962A (en) Method and apparatus for realizing DHCP repeater in two-layer network exchanger
CN101052009A (en) Method for realizing internal access by NAT device for private net element using public net address
CN101729606A (en) Method and relevant equipment for realizing network address conversion
CN1249572C (en) Plug-and-play ether net access system and method
CN101184038A (en) User terminal and its information receiving method and sending method
CN1744597A (en) Method for host use obtaining IP address parameters in IPV6 network
CN1270497C (en) Method and device for managing Internet protocol in mobile network by transformation of network address
CN101605090B (en) Method for realizing two-layer middle agent of dynamic host configuration protocol in passive optical network
CN1614942A (en) Method for soluting IP address conflicts in network communication
CN1581872A (en) Method for realizing signaling agency based on MEGACO protocol
CN1859304A (en) Method for realizing neighbour discovery
CN1578296A (en) Method for realizing double-stack transition
CN1286303C (en) Backup method for Ethernet port connected to Internet protocol network
CN1571349A (en) Network access control method based on MAC address
CN101043430A (en) Method for converting network address between equipments
CN1235368C (en) Address conversion method for simultaneously supporting one-to-one and many-to-many under the PAT mode
CN1933477B (en) A method for IPv6 nodes to access IPv4 nodes
CN1728661A (en) Method for Realizing Backup and Load Sharing on Address Resolution Protocol Proxy
CN1292565C (en) Method for responding requests from address analysis protocol of network address conversion virtual address
CN1917512A (en) Method for establishing direct connected peer-to-peer channel
CN1863152A (en) Method for transmitting various messages between internal network users
CN1567873A (en) A method of data transmission on VPN
CN1713586A (en) Realization of virtual group redundancy
CN1909467A (en) Method for identifying multicast by using unicast address in IP network

Legal Events

Date Code Title Description
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20060405

Termination date: 20150512

EXPY Termination of patent right or utility model