[go: up one dir, main page]

WO2010020074A1 - Procédé et dispositif d'assistance à l'exploitation du dispositif terminal dans le réseau dans un réseau d'accès - Google Patents

Procédé et dispositif d'assistance à l'exploitation du dispositif terminal dans le réseau dans un réseau d'accès Download PDF

Info

Publication number
WO2010020074A1
WO2010020074A1 PCT/CN2008/001500 CN2008001500W WO2010020074A1 WO 2010020074 A1 WO2010020074 A1 WO 2010020074A1 CN 2008001500 W CN2008001500 W CN 2008001500W WO 2010020074 A1 WO2010020074 A1 WO 2010020074A1
Authority
WO
WIPO (PCT)
Prior art keywords
network
terminal device
local area
identification information
wireless local
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/CN2008/001500
Other languages
English (en)
Chinese (zh)
Inventor
马松伟
张青山
姚春燕
宾梵翔
温海波
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Nokia Shanghai Bell Co Ltd
Alcatel Lucent SAS
Original Assignee
Alcatel Lucent Shanghai Bell Co Ltd
Alcatel Lucent SAS
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Alcatel Lucent Shanghai Bell Co Ltd, Alcatel Lucent SAS filed Critical Alcatel Lucent Shanghai Bell Co Ltd
Priority to PCT/CN2008/001500 priority Critical patent/WO2010020074A1/fr
Priority to CN200880130012.9A priority patent/CN102067527B/zh
Publication of WO2010020074A1 publication Critical patent/WO2010020074A1/fr
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/02Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/03Protecting confidentiality, e.g. by encryption
    • H04W12/033Protecting confidentiality, e.g. by encryption of the user plane, e.g. user's traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W84/00Network topologies
    • H04W84/02Hierarchically pre-organised networks, e.g. paging networks, cellular networks, WLAN [Wireless Local Area Network] or WLL [Wireless Local Loop]
    • H04W84/10Small scale networks; Flat hierarchical networks
    • H04W84/12WLAN [Wireless Local Area Networks]

Definitions

  • the present invention relates to an access network, and more particularly to a method and apparatus for assisting a terminal device in a wireless local area network to operate on a network in an access network.
  • WLAN Wireless Local Area Network
  • AP wireless hotspots
  • DSL Digital Subscriber Line
  • DSLAM Digital Subscriber Line Access port of Access Multiplexer
  • the terminal device After the terminal device is connected to the specific WLAN, various operations (Operation) are performed for the telecommunication network such as the MAN (Medical Area Network, MAN). Access authentication, obtaining authorization, obtaining the IP address of the device, and exchanging data services, etc., must interact with various network operation servers in the network to obtain operational services and support provided by the operation server.
  • the terminal device needs to interact with an access server such as a remote access server (BRAS) to perform authentication, authorization, accounting, and the like, and also perform data services between the PKP protocol and the BRAS.
  • the terminal device also needs to interact with the Dynamic Host Configuration Protocol (DHCP) server to obtain a network address such as an IP address.
  • DHCP Dynamic Host Configuration Protocol
  • the DSLAM connected to the terminal device is connected to the network operation server, and the terminal device passes through the DSLAM through the WLAN to which the terminal device belongs, and accesses the DHCP server and the BRAS.
  • a network operation server such as a server interacts.
  • operators hope to provide wireless access services for multiple terminal devices in multiple WLANs through a small number of APs. Therefore, the operator wants to be able to determine the corresponding network operation mode for the terminal device according to the WLAN condition to which each terminal device belongs.
  • the BRAS hopes to determine the access authority and the charging rate of the terminal device according to the information of the WLAN. Etc.;
  • DHCP wants to assign IP addresses of the same subnet to terminal devices on the same WLAN to improve Layer 2 Mobility.
  • multiple WLANs to which a plurality of terminal devices belong are connected through the same AP and DSLAM, and then to the telecommunication network, and the AP is generally connected to a corresponding port of the DSLAM through only one DSL.
  • the DSLAM forwards a DHCP request from a terminal device to a network operation server, such as a PPPoE (Point-to-Point Protocol over Ethernet) discovery phase request to the BRAS, or forwards a DHCP request to the DHCP server, which uses only circuit identification ( The circuit ID or the remote ID identifies the DSL or DSLAM port to which the AP to which the terminal device belongs, but cannot provide information about the different WLANs to which the terminal device belongs to the BRAS access server or DHCP server.
  • the server makes the network operation server unable to determine different operation modes for the terminal device according to the WLA information, and provides different operation support and services.
  • the DSLAM cannot encrypt and encapsulate the message sent by the network operation server to the terminal device in the WLAN according to the WLAN information, thereby reducing the security and operability of the access network.
  • the present invention proposes that the access device receives the network operation request message from the terminal device, acquires the identification information of the wireless local area network to which the access device belongs, and then the network corresponding to the network operation request message.
  • the operation request, the identification information of the wireless local area network is provided to the network operation server corresponding to the network operation request; the network operation server receives the network operation request of the terminal device from the access device, and the identification information of the wireless local area network to which the terminal device belongs, Then based on the wireless LAN
  • the identification information determines the operation mode of the terminal device in the network according to the network operation request.
  • a method for assisting a terminal device to access a network in an access device of a communication network wherein the terminal device is connected to the access device through a wireless local area network to which the terminal device belongs.
  • the method includes: a. receiving a network access request message from the terminal device, and acquiring identification information of the wireless local area network; b. receiving a network access request corresponding to the access request message, and the wireless local area network
  • the identification information is provided to a network access server corresponding to the network access request.
  • a method for assisting a terminal device to operate in a network in a network access server of a communication network wherein the terminal device passes through a wireless local area network and an access device to which the terminal device belongs Connected, the method includes: A. receiving a network operation request of the terminal device from the access device, and identifier information of a wireless local area network to which the terminal device belongs; B. based on the identifier information of the wireless local area network, according to The network operation request determines a manner in which the terminal device operates in the network.
  • an apparatus for assisting a terminal device to operate in a network in an access device of a communication network wherein the access device communicates with the wireless local area network to which the access device belongs
  • the access device is connected, the device includes: an identifier information acquiring device, configured to receive a network operation request message from the terminal device, and obtain identification information of the wireless local area network; and first providing means, configured to operate the network And the network operation request corresponding to the request message is provided to the network operation server corresponding to the network operation request.
  • a device for assisting a terminal device to operate in a network in a network operation server of a communication network wherein the terminal device passes the wireless local area network and the access device to which the terminal device belongs Connected, the device includes: a first receiving device, configured to receive a network operation request of the terminal device from the access device, and identifier information of a wireless local area network to which the terminal device belongs; And determining, according to the network operation request, how the terminal device operates in the network according to the identifier information of the wireless local area network.
  • the network operation server such as the BRAS access server and the DHCP server can determine an appropriate operation mode according to the WLAN information of the terminal device, for example, determining its access authority, rate, assigning an IP address thereto, and the like.
  • the DSLAM 3 ⁇ 4 performs related processing such as encryption and encapsulation corresponding to the WLAN on the data packet sent by the network operation server to the terminal device of the WLAN according to the WLAN information, and forwards the processed data packet on an appropriate channel to ensure that Security of packet transmission.
  • FIG. 1 is a schematic diagram showing the topology of the terminal device 3a in the WLAN ⁇ interacting with the BRAS 2 through the DSLAM 1;
  • FIG. 2 is a flow chart of a method for DSLAM 1 and BRAS 2 to assist a terminal device 3a to access a network, in accordance with an embodiment of the present invention
  • FIG. 3 is a flow chart showing a method of accessing a network by the DSLAM 1 and the BRAS 2 auxiliary terminal device 3a according to another embodiment of the present invention
  • FIG. 4 shows a block diagram of an apparatus for accessing a network by a DSLAM 1 and a BRAS 2 secondary terminal device 3a, in accordance with an embodiment of the present invention
  • Figure 5 shows a block diagram of an apparatus for accessing a network by DSLAM 1 and BRAS 2 secondary terminal equipment 3a in accordance with another embodiment of the present invention.
  • FIG. 1 shows a schematic diagram of a topology structure in which a terminal device in a WLAN interacts with a BRAS 2 through a DSLAM 1.
  • the WLANs ⁇ and ⁇ may be WiFi networks based on the IEEE 802.11 standard.
  • the terminal device in the illustrated WiFi network interacts with the BRAS through the DSLAM.
  • the present invention is also applicable to other types of wireless networks, access devices, and network operation servers. This specification will be hereinafter described in other operating scenarios. Explain.
  • FIG. 2 is a flow chart of a method in which DSLAM 1 and BRAS 2 assist terminal device 3a access the network, in accordance with an embodiment of the present invention.
  • both WLAN ⁇ and WLAN ⁇ are WLANs provided by a hotel through its AP 4, where WLAN a is a public WLAN for hotel guests to access freely, WLAN ⁇ is the hotel's internal WLAN.
  • the terminal device 3a is a terminal device of the hotel guest, such as a notebook computer, a PDA, etc., which is within the coverage of the AP 4, and acquires information about the WLAN ⁇ and ⁇ that the AP 4 can provide, and the selection thereof.
  • Free WLAN ⁇ as its suitable access network.
  • the methods and processes for a specific terminal device to access the WLAN are well known to those skilled in the art, and the present invention is not described herein.
  • the WLANs ⁇ and ⁇ provided by the AP 4 have different WLAN identifiers, such as SSID a and SSID P respectively ; after the terminal device 3a selects to access the WLAN a, it corresponds to the identifier SSID a of the WLAN.
  • the data communication between the terminal device 3a and the AP 4 carries the SSID a information.
  • the terminal device 3a can start access authentication based on the PPPoE and the BRAS to further access the telecommunication network.
  • the terminal device 3a is to perform the operation of the PPPoE discovery phase, that is, to find the BRAS 2 for authentication, and obtain a session identifier for the session with the BRAS 2.
  • PADI PPPoE Active Discovery Initiation
  • the terminal device Since the terminal device does not know the MAC (Media Access Control) address of all available BRASs including BRAS 2, it uses the broadcast address (the MAC address is ff:ff:ff:ff:ff) in the PADI message.
  • the PADI message also contains the MAC address of the terminal device 3a itself. Moreover, the terminal device 3a encapsulates the request message into a WLAN data packet, and then sends the request message to the AP 4 through a device such as a wireless network card.
  • the AP 4 After receiving the WLAN data packet sent by the terminal device 3a, the AP 4 decapsulates the WLAN data packet to obtain the PADI message. Then, the AP 4 is based on the Control and Provisioning of Wireless Access Points (CAPWAP) protocol, and provides PADI messages to the DSLAM through the DSL and DSLAM 1 port I between the DSLAM and the DSLAM 1 1.
  • CAPWAP Control and Provisioning of Wireless Access Points
  • the data packet of the CAPWAP protocol further includes an identifier SSID a of the WLAN.
  • the DSLAM 1 acquires a PADI message from the terminal device 3a, which also acquires the identity SSID a of the WLAN ⁇ to which the terminal device 3a belongs. Specifically, the DSLAM 1 obtains the BRAS request message in the CAPWAP-based data packet sent by the AP 4, and obtains the identifier SSID a of the WLAN a from the data packet. It can be understood by those skilled in the art that the method for the DSLAM 1 to obtain the identifier of the WLAN to which the terminal device 3a belongs is not limited to the method in which the AP 4 is included in the CAPWAP message, which may also be used in other manners, for example, by the terminal.
  • the device 3a directly includes the SSID a of the WLAN ⁇ in the PADI message it transmits.
  • step S11 the DSLAM 1 associates the PADI corresponding to the PADI message of the terminal device 3a with the WLAN to which the terminal device 3a belongs.
  • BRAS 2 the DSLAM 1 associates the PADI corresponding to the PADI message of the terminal device 3a with the WLAN to which the terminal device 3a belongs.
  • the DSLAM 1 can augment the agent circuit ID in the existing PPPoE Tag to include the identification information of the WLAN.
  • the extended proxy circuit identifier can be defined as follows:
  • Access-Node-Identifier is the identification information of the DSLAM itself; eth indicates that the AP communicates with the DSLAM based on Ethernet; WiFi indicates the WLAN in the AP The device communicates with it; slot represents the board number of the service board to which the DSL is connected between the DSLAM and the AP; port represents the port number of the service board; vkn-id is the Ethernet-related VLAN (virtual area network) identifier; and the SSID is Where the terminal device that sent the request is located WLAN identification information.
  • can also communicate with the DSLAM based on the ATM mode, in which case the extended proxy circuit identifier can become:
  • the atm indicates that the AP communicates with the ATM based on the ATM (Asynchronous Transfer Mode); the vpi and the vci are the virtual path identifiers and the virtual link identifiers of the ATM; the other parameters are similar to those in the Ethernet case, and are not described here.
  • DSLAM 1 provides this extended proxy circuit identification to BRAS 2 using the reserved words in the PADI in the existing PPPoE. That is, the DSLAM 1 can add the proxy circuit identifier including the SSID a to the PADI message of the terminal device 3a, and transmit the obtained PADI to the BRAS 2.
  • step S20 BRAS 2 from the receiving terminal device 3a of DSLAM 1 BRAS request, the WLAN ⁇ terminal device identification information belongs 3a SSID a.
  • the BRAS 2 extracts the identifier of the WLAN ⁇ to which the terminal device 3a belongs in the PADI request.
  • Information SSID a is a .
  • the manner in which the above-mentioned DSLAM 1 provides the PADI corresponding to the PADI message of the terminal device 3a and the SSID a information of the WLAN ⁇ to which the terminal device 3a belongs to the BRAS 2 is not limited to the use of the PPPoE tag in the embodiment. the way.
  • step S21 based on the SSID a , the BRAS 2 determines whether it can access the network through the BRAS based on the PPPoE, the rate of its access to the network, and the like based on the PADI of the terminal device 3a.
  • the terminal device 3a is accessed through the free WLAN ⁇ , and then it determines that its rate is zero, but its access rate and access rights are limited.
  • the BRAS 2 Preferably, after the access mode is determined, in step S22, the BRAS 2 generates a PPPoE activity discovery provision corresponding to the PADI according to the access mode of the terminal device 3a determined in step S21, such as rate, rate, authority, etc. (PPPoE) Active Discovery Offer, PADO) message.
  • the PADO message includes the MAC of the terminal device 3a carried in the PADI The address, so that the PADO message can be sent back to the terminal device 3a.
  • the PADO message also includes the MAC address of the BRAS 2, so that the terminal device 3a can directly interact with the BRAS 2 according to the MAC address, and does not need to send a broadcast message. It is worth noting that the PADO message generally does not include the proxy circuit identification information provided by the DSLAM 1 including the SSID a .
  • step S23 the BRAS 2 sends the generated PADO message to the DSLAM.
  • step S12 the DSLAM 1 receives the PADO message from the BRAS 2 corresponding to the PADI message of the terminal device 3a.
  • the DSLAM 1 also acquires the identification information of the WLAN to which the terminal device 3a corresponding to the response message belongs.
  • the DSLAM 1 previously receives the PADI of the terminal device 3a, and the information such as the MAC (Media Access Control) address of the terminal device 3a carried in the request.
  • the DSLAM 1 Upon receiving the PADO message, the DSLAM 1 extracts the MAC address of the terminal device 3a carried in the PADO message, and searches for the SSID a associated with the MAC of the terminal device 3a in the PADO.
  • the DSLAM 1 provides the PADO corresponding to the PADO message to the terminal device 3a according to the SSID a of the WLAN a.
  • the DSLAM 1 may associate the MAC address of the SSIDa or the terminal device 3a with the information such as the board number and the port number of the DSL connected to the AP 4 on the DSLAM.
  • the DSLAM 1 directly processes the PADO message according to the terminal device 3a or WLAN ⁇ and its agreed encryption and encapsulation manner, and the processed PADO is processed.
  • the board and port connected to the AP 4 are sent to the AP 4, and then sent to the terminal device 3a to ensure that the PADO arrives at the terminal device 3a normally and securely.
  • the PADO message sent by the BRAS does not include information such as the WLAN identity, and the DSLAM obtains the corresponding WLAN identity according to the PADO message. It can be understood that the BRAS can also improve the protocol, and add information such as the WLAN identity to the PADO message, so the DSLAM can directly extract the WLAN identity from the PADO message.
  • the terminal device 3a determines whether to access the network through the BRAS 2 according to the PADO; if it determines to pass the BRAS 2 access, it generates a PPPoE Active Discovery Request (PPPoE Active Discovery Request) , abbreviated as PADR) message, which contains the MAC address of BRAS 2 carried in PADO.
  • PPPoE Active Discovery Request PPPoE Active Discovery Request
  • 3a DSLAM 1 belongs to the auxiliary WLAN terminal 3a and the terminal device PADR information supplied to the SSID a BRAS 2; BRAS 2 PADR then the information terminal apparatus 3a according to the SSID a, which is determined with the terminal
  • the device 3a performs session identification information based on PPPoE communication, such as a Session ID.
  • the Discovery Session-confirmation (PADS) message provides the PADS information to the terminal device 3a via the DSLAM 1 in a manner similar to the above. So far, the PPPoE discovery phase of the terminal device 3a ends, which can already access the network through the BRAS 2. Specifically, the terminal device 3a performs PPPoE-based data interaction with the BRAS 2 according to the Session ID carried in the PADS, generally speaking, The PPPoE data packet between the terminal device 3a and the BRAS 2 carries the session ID.
  • the auxiliary terminal device 3a of the present invention is described by the scheme in which the DSLAM 1 interacts with the BRAS 2 to access the network. It can be understood that the present invention is also applicable to authentication and communication of ATM-based PPP (PPP over ATM, PPPoA for short). The invention can also be used in other network operation scenarios, such as the DHCP phase.
  • the terminal device 3a in the DHCP phase, interacts with the DHCP server via the DSLAM 1 to obtain an IP address to access the network. The steps performed by the devices in the DHCP phase are similar.
  • the DSLAM 1 can extend the proxy circuit identifier of the DHCP Option 82 to carry the identification information of the WLAN to which the terminal device 3a belongs, such as the SSID, and the terminal device 3a.
  • the DHCP request is sent to the DHCP server together; the DHCP server allocates the IP address of the same subnet to the terminal device of the same SSID according to the SSID a , to improve Layer 2 Mobility, and generates feedback to the terminal device 3a including The DHCP response message identified by the proxy circuit; after receiving the DHCP response message with the proxy circuit identifier, the DSLAM 1 deletes the proxy circuit identifier from the message, and The remaining DHCP message information is provided to the terminal device 3a, and the user is assisted in completing the DHCP process.
  • the present invention can be applied to the DHCP and the steps in the PPPoE discovery phase according to the above detailed description. In other network operation scenarios. Any technical solution based on the inventive concept of performing differentiated operation services according to different WLANs to which the terminal device belongs is within the scope of the present invention and claims. Based on the foregoing solution, according to the present invention, the terminal device can further assist the terminal device to interact with the BRAS based on the PPPoE to perform data service communication with the network such as the metropolitan area network.
  • the DSLAM 1 receives the PADS message from the BRAS 2, as shown in FIG. 3, in step S14, the DSLAM 1 extracts the session identifier of the PPPoE session from the PADS message. Information, such as Session ID.
  • step S15 the DSLAM 1 associates the session ID with the identification information SSID a of the WLAN to which the terminal device 3a corresponding to the acquired PADS belongs.
  • the manner in which the DSLAM 1 obtains the same may be similar to the manner in the foregoing step S12, and details are not described herein.
  • the terminal device 3a completes its PPPoE discovery phase operation and starts a PPPoE session with the BRAS 2 based on the Session ID.
  • step S16 the The session ID of the corresponding session of the packet.
  • step S17 the DSLAM 1 determines the identification information SSID of the WLAN associated with the session ID according to its association relationship between the storage session ID and the SSID.
  • the DSLAM 1 provides the data packet to the corresponding terminal device through the corresponding WLAN according to the determined identification information SSID of the WLAN.
  • the DSLAM 1 performs related processing on the data packet according to the corresponding terminal device or the corresponding WLAN and its agreed encryption and encapsulation manner, and sends the processed data packet to the corresponding AP through the board and port connected to the corresponding AP, and then Send to the corresponding terminal device.
  • the access device such as DSLAM can assist the access server such as BRAS to communicate with the terminal device belonging to the wireless local area network.
  • FIG. 4 shows a block diagram of an apparatus for accessing a network by DSLAM 1 and BRAS 2 assisted terminal equipment 3a in accordance with an embodiment of the present invention.
  • the DSLAM 1 includes a device 10 for assisting a terminal device to operate in a network, and includes an identification information acquiring device 100 and a first providing device 101, and preferably, a first obtaining device 102 and a second providing device 103;
  • 2 includes means 20 for assisting the terminal device to operate in the network, comprising a first receiving device 200 and an operational mode determining device 201, preferably further comprising a response message generating device 202 and a first transmitting device 203.
  • a method of accessing the network by the DSLAM 1 and the BRAS 2 auxiliary terminal device 3a according to the present invention will be described in detail below with reference to Figs. 1 and 4. It should be understood by those skilled in the art that the present invention is not limited to the terminal device in the WiFi network shown in FIG. 1 interacting with the BRAS through the DSLAM. The present invention is also applicable to other types of wireless networks, access devices, and network operation servers. This specification will be described later in the following in other operating scenarios.
  • both WLAN a and WLAN ⁇ are WLANs provided by a hotel through its , 4, where WLAN ⁇ is a public WLAN for hotel guests to access freely, WLAN ⁇ is the hotel's internal WLAN.
  • the terminal device 3a is a terminal device of the hotel guest, such as a notebook computer, a PDA, etc., which is within the coverage of the AP 4, and acquires information about the WLAN ⁇ and ⁇ that the AP 4 can provide, and the selection thereof.
  • Free WLAN ⁇ as its suitable access network.
  • the method and process for a specific terminal device to access the WLA through ⁇ are well known to those skilled in the art, and the present invention does not In the narrative.
  • the WLANs ⁇ and ⁇ provided by the AP 4 respectively have different WLAN identifiers, such as SSID a and SSIDp; after the terminal device 3a selects to access the WLAN ⁇ , it corresponds to the identifier SSID a of the WLAN ⁇ , The data communication between the terminal device 3a and the AP 4 carries the SSID a information.
  • the terminal device 3a can start access authentication based on PPPoE and BRAS to further access the telecommunication network.
  • the terminal device 3a is to perform the operation of the PPPoE discovery phase, that is, to find the BRAS 2 for authentication, and obtain a session identifier for the session with the BRAS 2.
  • PPDI PPPoE Active Discovery Initiation
  • the terminal device Since the terminal device does not know the MAC (Media Access Control) address of all available BRASs including BRAS 2, it uses the broadcast address (the MAC address is ff:ff:ff:ff:ff) in the PADI message.
  • the PADI message also contains the MAC address of the terminal device 3a itself. Moreover, the terminal device 3a encapsulates the request message into a WLAN data packet, and then sends the request message to the AP 4 through a device such as a wireless network card.
  • the AP 4 After receiving the WLAN data packet sent by the terminal device 3a, the AP 4 decapsulates the WLAN data packet to obtain the PADI message. Then, the AP 4 is based on the Control and Provisioning of Wireless Access Points (CAPWAP) protocol, and provides PADI messages to the DSLAM through the DSL and DSLAM 1 port I between the DSLAM and the DSLAM 1 1.
  • CAPWAP Control and Provisioning of Wireless Access Points
  • the data packet of the CAPWAP protocol further includes an identifier SSID a of the WLAN.
  • the identification information acquisition device 100 of the device 10 of the DSLAM 1 acquires a PADI message from the terminal device 3a, which also acquires the identification SSID a of the WLAN ⁇ to which the terminal device 3a belongs. Specifically, the identifier information obtaining apparatus 100 acquires the BRAS request message in the CAPWAP-based data packet sent by the AP 4, and acquires the identifier SSID a of the WLAN a from the data packet. It can be understood by those skilled in the art that the method for the identifier information obtaining apparatus 100 to acquire the identifier of the WLAN to which the terminal device 3a belongs is not limited to the method in which the AP 4 is included in the CAPWAP message, which may be other methods. For example, the terminal device 3a directly includes the SSID a of the WLAN ⁇ in the PADI message it transmits. Medium.
  • the first providing device 101 supplies the PADI corresponding to the PADI message of the terminal device 3a and the SSID a information of the WLAN ⁇ to which the terminal device 3a belongs to the BRAS 2.
  • the first providing device 101 may augment the agent circuit ID in the existing PPPoE Tag to include the identification information of the WLAN.
  • the extended proxy circuit identifier can be defined as follows:
  • Access-Node-Identifier is the identification information of the DSLAM itself; eth indicates that the AP communicates with the DSLAM based on Ethernet; WiFi indicates the AP's subordinate The device in the WLAN communicates with the device; the slot indicates the board number of the service board to which the DSL is connected between the DSLAM and the AP; the port indicates the port number of the service board; the vlan-id is the Ethernet-related VLAN (virtual local area network) identifier; The SSID is the identification information of the WLAN where the terminal device that sent the request is located.
  • the AP can communicate with the DSLAM based on the ATM mode.
  • the extended proxy circuit identifier can become:
  • the atm indicates that the AP communicates with the ATM based on the ATM (Asynchronous Transfer Mode); the vpi and the vci are the virtual path identifiers and the virtual link identifiers of the ATM; the other parameters are similar to those in the Ethernet case, and are not described here.
  • the first providing means 101 provides the extended proxy circuit identification to the BRAS 2 using the reserved words in the PADI in the existing PPPoE. That is, the first providing device 101 may add the proxy circuit identifier including the SSID a to the PADI message of the terminal device 3a, and transmit the obtained PADI to the BRAS 2.
  • the first receiving means 20 of the BRAS 200 receives the terminal apparatus 2 from the DSLAM 1 BRAS 3a of the request, the WLAN ⁇ 3a belongs terminal device identification information SSID a.
  • the first receiving device 200 extracts the WLAN to which the terminal device 3a belongs in the PADI request.
  • Identification information SSID a is included in the PADI.
  • the manner in which the first providing apparatus 101 provides the PADI corresponding to the PADI message of the terminal device 3a and the SSID of the WLAN ⁇ to which the terminal device 3a belongs to the BRAS 2 is not limited to the use in the embodiment.
  • the operation mode determining means 201 determines whether it can access the network through the BRAS based on the PPPoE, the rate of its access to the network, and the like based on the PADI of the terminal device 3a. For example, according to SSID a , it is known that the terminal device 3a is accessed through the free WLAN ⁇ , and then it determines that its rate is zero, but its access rate and access rights are limited.
  • the device 20 of the BRAS 2 further includes a response message generating device 202, which determines the access mode of the terminal device 3a determined by the device 201 according to the operation mode, such as a rate, a rate, a permission, etc., and generates a PADI.
  • the corresponding PPPoE Active Discovery Offer (PADO) message is provided.
  • the PADO message includes the MAC address of the terminal device 3a carried in the PADI so that the PADO message can be sent back to the terminal device 3a.
  • the PADO message further includes the MAC address of the BRAS 2, so that the terminal device 3a can directly interact with the BRAS 2 after the MAC address, and no longer need to send a broadcast message. It is worth noting that the PADO message generally does not include the proxy circuit identification information provided by the DSLAM 1 including the SSID a .
  • the first transmitting device 203 transmits the generated PADO message to the DSLAM 1.
  • the device 10 of the DSLAM 1 further includes a first obtaining means 102 which receives a PADO message from the BRAS 2 corresponding to the PADI message of the terminal device 3a.
  • the first obtaining device 102 also acquires the identification information of the WLAN to which the terminal device 3a corresponding to the response message belongs.
  • the PADO message does not contain the proxy circuit identifier
  • the DSLAM 1 when the DSLAM 1 previously receives the PADI of the terminal device 3a, it acquires information such as the MAC (Media Access Control) address of the terminal device 3a carried in the request.
  • the SSID a when receiving the PADO message, the first obtaining means 102 extracts the MAC address of the terminal device 3a carried in the PADO message, and searches for the SSID a associated with the MAC of the terminal device 3a in the PADO.
  • the second providing device 103 according to the SSID a of the WLAN a will be associated with the PADO
  • the PADO corresponding to the message is provided to the terminal device 3a.
  • the DSLAM 1 may previously associate the MAC address of the SSID a or the terminal device 3a with the information such as the board number and the port number of the DSL connected to the AP 4 on the DSLAM.
  • the second providing device 103 directly processes the PADO message according to the terminal device 3a or WLAN ⁇ and its agreed encryption and encapsulation manner, and processes the PADO message.
  • the PADO is sent to the AP 4 on the board and port connected to the ⁇ 4, and then sent to the terminal device 3a to ensure that the PADO arrives at the terminal device 3a normally and securely.
  • the PADO message sent by the BRAS does not include the WLAN identity and the like, and the first obtaining device 102 obtains the corresponding WLAN identity according to the PADO message. It can be understood that the BRAS can also improve the protocol, and add information such as the WLAN identity to the PADO message, so the first obtaining device 102 can directly extract the WLAN identity from the PADO message.
  • the terminal device 3a determines whether to access the network through the BRAS 2 according to the PADO; if it determines to access through the BRAS 2, it generates a PPPoE Active Discovery Request (PPPoE Active Discovery Request,
  • PPPoE Active Discovery Request The cartridge is called a PADR message, which contains the MAC address of the BRAS 2 carried in the PADO.
  • 3a DSLAM 1 belongs to the auxiliary WLAN terminal device 3a and the PADR information provided to the terminal device SSID a BRAS 2; BRAS 2 PADR then the information terminal apparatus 3a according to the SSID a, which is determined with the terminal
  • the device 3a performs session identification information based on PPPoE communication, such as a Session ID.
  • the Discovery Session-confirmation (PADS) message provides the PADS information to the terminal device 3a via the DSLAM 1 in a manner similar to the above.
  • the PPPoE discovery phase of the terminal device 3a ends, which can already access the network through the BRAS 2.
  • the terminal device 3a performs PPPoE-based data interaction with the BRAS 2 according to the Session ID carried in the PADS, generally speaking,
  • the PPPoE data packet between the terminal device 3a and the BRAS 2 carries the session ID.
  • the auxiliary terminal device 3a of the present invention is described by the scheme in which the DSLAM 1 interacts with the BRAS 2 to access the network.
  • the present invention is also applicable to authentication and communication of ATM-based PPP (PPP over ATM, PPPoA for short).
  • the invention can also be used in other network operation scenarios, such as the DHCP phase.
  • the terminal device 3a interacts with the DHCP server via the DSLAM 1 to obtain an IP address to access the network.
  • the steps performed by the devices in the DHCP phase are similar.
  • the DSLAM 1 can extend the proxy circuit identifier of the DHCP Option 82 to carry the identification information of the WLAN to which the terminal device 3a belongs, such as the SSID, and the terminal device 3a.
  • the DHCP request is sent to the DHCP server together; the DHCP server allocates the IP address of the same subnet to the terminal device of the same SSID according to the SSID a , to improve Layer 2 Mobility, and generates feedback to the terminal device 3a including The DHCP response message identified by the proxy circuit; after receiving the DHCP response message with the proxy circuit identifier, the DSLAM 1 deletes the proxy circuit identifier from the message, and provides the remaining DHCP response information to the terminal device 3a to assist the
  • the DHCP procedure is described in detail, and those skilled in the art can apply the present invention to DHCP and other network operation scenarios according to the steps of the PPPoE discovery phase of the present invention detailed above. Any technical solution based on the inventive concept of performing differentiated operation services according to different WL ANs to which the terminal device belongs is within the scope of the present invention and claims.
  • the terminal device can further assist the terminal device to interact with the BRAS based on the PPPoE to perform data service communication with the network such as the metropolitan area network.
  • the apparatus 10 of the DSLAM 1 further includes an extracting means 104, a processing means 105, a session identification acquiring means 106, an identification information determining means 107 and a third providing means 108.
  • the extracting device 104 extracts the session identification information of the PPPoE session, such as the Session ID, from the PADS message.
  • the processing device 105 associates the session ID with the identification information SSID a of the WLAN to which the terminal device 3a corresponding to the acquired PADS belongs. DSLAM 1 got this
  • the manner of the foregoing may be similar to that of the foregoing first obtaining device 102, and details are not described herein.
  • the terminal device 3a completes the operation of its PPPoE discovery phase, and starts a PPPoE session with the BRAS 2 based on the Session ID.
  • the session identifier obtaining device 106 extracts the data packet from the terminal. The session ID of the corresponding session of the packet.
  • the identification information determining means 107 determines the identification information SSID of the WLAN associated with the Session ID based on the association relationship between the storage session ID and the SSID.
  • the third providing device 108 provides the data packet to the corresponding terminal device through the corresponding WLAN according to the determined identification information SSID of the WLAN. For example, the third providing device 108 performs related processing on the data packet according to the corresponding encryption or encapsulation mode of the corresponding terminal device or the corresponding WLAN, and sends the processed data packet to the corresponding board and port connected to the corresponding AP. The AP is then sent to the corresponding terminal device.
  • an access device such as a DSLAM can assist an access server such as a BRAS to communicate with a terminal device belonging to a wireless local area network.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

L'invention résout le problème de l'état de la technique selon lequel le serveur d'exploitation de réseau ne peut pas acquérir les informations de réseau local sans fil (WLAN) des dispositifs terminaux d'exploitation de réseau demandant un service d'accès ou de transfert de données etc., et ne peut pas déterminer leurs modes de fonctionnement conformément à leur WLAN, et porte sur un procédé et un appareil pour assister l'exploitation du dispositif terminal dans le réseau dans un réseau d'accès, dans lesquels le dispositif d'accès acquiert les informations d'identifiant WLAN du terminal, et fournit les informations d'identifiant et sa requête d'exploitation de réseau au serveur d'exploitation de réseau; le serveur d'exploitation de réseau reçoit la requête d'exploitation de réseau du dispositif terminal et les informations d'identifiant du WLAN provenant du dispositif d'accès, détermine le mode de fonctionnement du dispositif terminal dans le réseau sur la base des informations d'identifiant du WLAN. En outre, le dispositif d'accès effectue le processus de cryptage et d'encapsulation associé correspondant à son WLAN pour les paquets de données que le serveur d'accès d'exploitation de réseau envoie au dispositif terminal, et peut assurer la transmission normale et sécurisée des paquets de données.
PCT/CN2008/001500 2008-08-20 2008-08-20 Procédé et dispositif d'assistance à l'exploitation du dispositif terminal dans le réseau dans un réseau d'accès Ceased WO2010020074A1 (fr)

Priority Applications (2)

Application Number Priority Date Filing Date Title
PCT/CN2008/001500 WO2010020074A1 (fr) 2008-08-20 2008-08-20 Procédé et dispositif d'assistance à l'exploitation du dispositif terminal dans le réseau dans un réseau d'accès
CN200880130012.9A CN102067527B (zh) 2008-08-20 2008-08-20 接入网中用于辅助终端设备在网络中运作的方法及装置

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2008/001500 WO2010020074A1 (fr) 2008-08-20 2008-08-20 Procédé et dispositif d'assistance à l'exploitation du dispositif terminal dans le réseau dans un réseau d'accès

Publications (1)

Publication Number Publication Date
WO2010020074A1 true WO2010020074A1 (fr) 2010-02-25

Family

ID=41706810

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2008/001500 Ceased WO2010020074A1 (fr) 2008-08-20 2008-08-20 Procédé et dispositif d'assistance à l'exploitation du dispositif terminal dans le réseau dans un réseau d'accès

Country Status (2)

Country Link
CN (1) CN102067527B (fr)
WO (1) WO2010020074A1 (fr)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112751735B (zh) * 2021-01-04 2022-03-25 烽火通信科技股份有限公司 一种在宽带接入设备中实现pppoa功能的方法与装置
CN112910882B (zh) * 2021-01-28 2022-08-12 山东有人物联网股份有限公司 网络管理方法、装置、系统及计算机可读存储介质

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1604548A (zh) * 2003-09-30 2005-04-06 华为技术有限公司 无线局域网中用户终端选择接入移动网的快速交互方法
WO2006005999A1 (fr) * 2004-06-29 2006-01-19 Nokia Corporation Utilisation amelioree d'un identificateur d'acces reseau dans un wlan
CN1759620A (zh) * 2003-02-06 2006-04-12 讯宝科技公司 虚拟无线局域网络
CN1859335A (zh) * 2005-04-30 2006-11-08 华为技术有限公司 无线局域网中无线局域网接入网关策略加载方法

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1759620A (zh) * 2003-02-06 2006-04-12 讯宝科技公司 虚拟无线局域网络
CN1604548A (zh) * 2003-09-30 2005-04-06 华为技术有限公司 无线局域网中用户终端选择接入移动网的快速交互方法
WO2006005999A1 (fr) * 2004-06-29 2006-01-19 Nokia Corporation Utilisation amelioree d'un identificateur d'acces reseau dans un wlan
CN1859335A (zh) * 2005-04-30 2006-11-08 华为技术有限公司 无线局域网中无线局域网接入网关策略加载方法

Also Published As

Publication number Publication date
CN102067527B (zh) 2014-07-30
CN102067527A (zh) 2011-05-18

Similar Documents

Publication Publication Date Title
US11197238B2 (en) Network access method, device, and system
US6061650A (en) Method and apparatus for transparently providing mobile network functionality
CN102572830B (zh) 终端接入认证的方法及用户端设备
US7155526B2 (en) Method and system for transparently and securely interconnecting a WLAN radio access network into a GPRS/GSM core network
US20080225749A1 (en) Auto-configuration of a network device
KR101678720B1 (ko) 광대역 네트워크 시스템 및 그 실현 방법
WO2018192528A1 (fr) Procédé et appareil d'accès à un réseau, et dispositif de réseau
CN101199166A (zh) 在宽带接入中的操作员工作室选择
WO2009049557A1 (fr) Procédé, système et dispositif de communication à base de conversion d'authentification
WO2012034413A1 (fr) Procédé de gestion d'utilisateur de double pile et serveur d'accès à large bande
WO2010000157A1 (fr) Procédé de configuration, équipement et système de dispositif d'accès
CN101026620A (zh) Ppp网关装置
KR100590875B1 (ko) 디.에이치.씨.피 스푸핑 서버가 포함된 피.피.피.오.이방식의 디지털 가입자 회선 모뎀 및 그 시스템, 그리고이를 이용하여 인터넷에 접속하는 방법
CN115002933B (zh) 一种会话建立系统、方法、电子设备及存储介质
US8458773B2 (en) Method, device, and system for authentication
CN102067527B (zh) 接入网中用于辅助终端设备在网络中运作的方法及装置
WO2011032478A1 (fr) Procédé, dispositif et terminal pour obtenir un identifiant de terminal
US20070162616A1 (en) Method and system for implementing automated service provisioning on a ppp access terminal
CN101577915B (zh) Dsl网络接入的认证方法以及系统
CN102577299B (zh) 简化的接入网认证信息承载协议
CN101365238B (zh) 一种会话转换的方法及装置
WO2006119690A1 (fr) Procede et systeme pour cpecf (fonction de configuration d'equipement dans les locaux du client) pour obtenir des informations sur l'equipement du terminal et le configurer
JP4495049B2 (ja) パケット通信サービスシステム、パケット通信サービス方法、エッジ側ゲートウェイ装置、およびセンタ側ゲートウェイ装置
WO2013034056A1 (fr) Procédé et système pour traiter des informations de localisation
CN102160400B (zh) 用于获取对移动终端进行定位所需的信息的方法和装置

Legal Events

Date Code Title Description
WWE Wipo information: entry into national phase

Ref document number: 200880130012.9

Country of ref document: CN

121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 08783666

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 08783666

Country of ref document: EP

Kind code of ref document: A1