[go: up one dir, main page]

WO2011069419A1 - Procédé, dispositif et système de traitement de messages ipv6 - Google Patents

Procédé, dispositif et système de traitement de messages ipv6 Download PDF

Info

Publication number
WO2011069419A1
WO2011069419A1 PCT/CN2010/079261 CN2010079261W WO2011069419A1 WO 2011069419 A1 WO2011069419 A1 WO 2011069419A1 CN 2010079261 W CN2010079261 W CN 2010079261W WO 2011069419 A1 WO2011069419 A1 WO 2011069419A1
Authority
WO
WIPO (PCT)
Prior art keywords
ipv6
header
extension header
access
message
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/CN2010/079261
Other languages
English (en)
Chinese (zh)
Inventor
郑若滨
李宏宇
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Huawei Technologies Co Ltd
Original Assignee
Huawei Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Technologies Co Ltd filed Critical Huawei Technologies Co Ltd
Priority to EP10835454.9A priority Critical patent/EP2495926B1/fr
Publication of WO2011069419A1 publication Critical patent/WO2011069419A1/fr
Priority to US13/482,742 priority patent/US8917723B2/en
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/16Implementation or adaptation of Internet protocol [IP], of transmission control protocol [TCP] or of user datagram protocol [UDP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/50Address allocation
    • H04L61/5007Internet protocol [IP] addresses
    • H04L61/5014Internet protocol [IP] addresses using dynamic host configuration protocol [DHCP] or bootstrap protocol [BOOTP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/02Details
    • H04L12/16Arrangements for providing special services to substations
    • H04L12/18Arrangements for providing special services to substations for broadcast or conference, e.g. multicast
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/50Address allocation
    • H04L61/5076Update or notification mechanisms, e.g. DynDNS
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/16Implementation or adaptation of Internet protocol [IP], of transmission control protocol [TCP] or of user datagram protocol [UDP]
    • H04L69/167Adaptation for transition between two IP versions, e.g. between IPv4 and IPv6
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/22Parsing or analysis of headers
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2101/00Indexing scheme associated with group H04L61/00
    • H04L2101/60Types of network addresses
    • H04L2101/618Details of network addresses
    • H04L2101/659Internet protocol version 6 [IPv6] addresses
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general

Definitions

  • the present invention relates to the Internet technology, and in particular, to a method, a device, and a system for processing an IPv6 packet. Background technique
  • DSL Digital Subscriber Line
  • CPN Customer Premises Network
  • UE User Equipment
  • RG Residential Gateway
  • U is the RG and the Access Node (AN), such as the digital subscriber line In the access network (AN), the AN and the broadband connection are used in the access network (AN).
  • the Broadband Remote Access Server (BRAS) or the Broadband Network Gateway (BNG) is an aggregation network, and V is the Ethernet convergence reference point between the AN and the BRAS/BNG in the access network;
  • A10 is the access network.
  • SP Service provider
  • SP Service provider
  • SP Service Provider
  • SP Application Service Provider
  • NSP Network Service Provider
  • the AN can be an Optical Line Termination (OLT) or an Optical Network Unit (ONU), and a PON is used between the CPN and the access network. Access technology interconnections.
  • OLT Optical Line Termination
  • ONU Optical Network Unit
  • IPv4 Internet Protocol Version 4
  • IPv4 Internet Protocol Version 4
  • IPv6 Internet Protocol Version 4
  • the performance of IPv6 in many aspects is still not perfect. For example, there is no guarantee Security, authentication, or authorization, etc.; and, because the network does not recognize the type of user equipment, the same IPv6 prefix is assigned to different users, which affects normal routing. This has become one of the problems to be solved in the industry.
  • an embodiment of the present invention provides a method, a device, and a system for processing an IPv6 packet, which are used for securing access, authentication, and authorization in an IPv6 network, and are different terminals. Different IP v6 address prefixes are assigned to ensure normal network routing.
  • An embodiment of the present invention provides a method for processing an IPv6 packet of the sixth edition of the Internet Protocol, where the method includes:
  • the embodiment of the present invention further provides a method for processing an IPv6 packet of the sixth edition of the Internet Protocol, including: receiving an IPv6 packet carrying the access line information or device information, and obtaining the access line information or device information;
  • the embodiment of the invention further provides a network device, where the device includes:
  • An information adding unit configured to add access line information for the Internet Protocol version 6 IPv6 message; and a forwarding unit, configured to forward, by the extended header adding unit, the access line information
  • the embodiment of the invention further provides a terminal, where the terminal includes:
  • An extension header adding unit configured to add at least one IPv6 extension header for the Internet Protocol version 6 IPv64 , text, where the IPv6 extension header carries device information;
  • a forwarding unit configured to forward an IPv6 packet that is added by the extended header adding unit to the IPv6 extended header.
  • An embodiment of the present invention further provides a network server, where the server includes: a receiving unit, configured to receive an Internet Protocol version 6 carrying access line information or device information
  • the processing unit is configured to search for a corresponding relationship according to the access line information or the device information, to perform corresponding operations on the IPv6 packet.
  • An embodiment of the present invention further provides an IPv6 network system, where the system includes a terminal and/or a network device, and a network server.
  • the terminal is configured to add at least one IPv6 extension header to the IPv6 packet, where the IPv6 extension header carries the device information, and forwards the IPv6 packet to which the IPv6 extension header is added.
  • the network device is configured to add the access line information to the IPv6 packet; and forward the IPv6 packet to which the IPv6 extension header is added;
  • the network server is configured to receive an IPv6 packet carrying the access line information or the device information, and perform a corresponding operation on the IPv6 packet according to the access line information or the device information.
  • the technical solution provided by the embodiment of the present invention can enable the device that receives the IPv6 packet to perform the IPv6 report by using the access line information and/or the device information by carrying the access line information and/or the device information in the IPv6 packet. Access, authentication, and authorization of texts, or assign different IPv6 address prefixes to different terminals.
  • the technical solution of the embodiment of the present invention can ensure the security, authentication, and authorization of the access in the IPv6 network, and assign different IP v6 address prefixes to different terminals to ensure normal routing of the network.
  • FIG. 1 is a schematic diagram of a general reference architecture of a DSL network based on IPv4;
  • FIG. 2 is a schematic flowchart of a method for processing an IPv6 packet according to Embodiment 1 of the present invention
  • FIG. 3 is a schematic flowchart of a method for processing an IPv6 packet according to Embodiment 2 of the present invention.
  • FIG. 4 is a schematic diagram of an extension loop multicast using an access loop identifier in a PON system according to Embodiment 3 of the present invention. Method flow diagram;
  • FIG. 5 is a schematic flowchart of a method for an access node to add an access loop identifier extension header to a DHCP message according to Embodiment 3 of the present invention
  • FIG. 6 is a schematic diagram of a method for a relay agent function to be located at an access node according to Embodiment 3 of the present invention
  • FIG. 7 is a schematic structural diagram of a network device according to Embodiment 4 of the present invention.
  • FIG. 8 is a schematic structural diagram of a terminal according to Embodiment 5 of the present invention.
  • FIG. 9 is a schematic structural diagram of a network server according to Embodiment 6 of the present invention.
  • the method for processing an IPv6 packet according to the first embodiment of the present invention includes: Step 21: Add access line information or device information to an IPv6 packet;
  • Step 22 Forward the IPv6 packet to which the access line information or device information is added.
  • the access line information includes an Access Loop ID (ALI) or other required access line information.
  • ALI Access Loop ID
  • the above-mentioned access line information or device information may be added in an IPv6 message by adding an extension header; the extension header may use a new extension header, or use an existing extension header, for example, using a hop-by-hop option header (Hop- The by-Hop Options Header) carries the access loop identifier.
  • Hop- The by-Hop Options Header carries the access loop identifier.
  • Information carrying the above extended headers may be required to be inspected and processed by each node on the path.
  • IPv6 packet When the IPv6 packet is an Internet Control Message Protocol Version (ICMPv6) message, it can also be carried in the ICMPv6 relay message, and the access line information is added to the ICMPv6 relay message to be in the IPv6 packet. Add access line information.
  • ICMPv6 Internet Control Message Protocol Version
  • a first IPv6 extended header with an access loop identifier, or an access loop identifier extension header is added to the IPv6 packet.
  • the first IPv6 extension header may further include other required information, such as a Next Header and an extended header length (Hdr Ext Len).
  • Hdr Ext Len an extended header length
  • the foregoing adding the access line information in the IPv6 packet may be implemented by the relay agent function, and the relay agent function may be located on the access node or the IP edge node of the access network, or at the same time on the access node and the IP edge node.
  • the relay agent function obtains access line information from the corresponding network device, for example, the access node or the IP edge node saves the access line information, such as the access loop identifier, and the relay agent function from the access node and/or IP
  • the access loop identifier is obtained on the edge node.
  • the relay agent function can add the access line information to the IPv6 packet by adding the extension header of the access loop identifier to the IPv6 packet or by carrying the ICMPv6 message in the ICMPv6 relay message.
  • the access line information can be used to guarantee the security, authentication or authorization of the access, and can also be used to assign an IPv6 address prefix to the terminal.
  • the method further includes: the second relay agent function receiving the IPv6 packet including the first IPv6 extension header; the second relay agent The function deletes the first IPv6 extension header in the IPv6 packet, and forwards the IPv6 packet.
  • the second relay agent function and the relay agent function may be relay agent functions located in different network devices, such as the relay agent function being the relay agent function located in the ONU, and the second relay agent function being located in the OLT. Following the proxy function.
  • the above device information includes a Vendor Class ID or other required device information.
  • the terminal saves its own device information.
  • the terminal adds a second IPv6 extension header with a device type identifier, or a device type identifier extension header, to the IPv6 packet.
  • the second IPv6 extension header may also include other required information, such as a Next Header and an extended header length.
  • the above device information can be used to ensure the security, authentication or authorization of the access, and can also be used to assign an IPv6 address prefix to the terminal.
  • the technical solution provided by the embodiment of the present invention adds an IPv6 extension header to an IPv6 packet, and carries the access line information and/or device information in the IPv6 extension header, or the ICMPv6 message and the access ring roadmap.
  • the information carried in the ICMPv6 relay message ensures that the device receiving the IPv6 packet can perform access, authentication and authorization of the IPv6 packet by using the access line information, and/or use the device information to assign different terminals to different terminals. IP v6 address prefix.
  • the technical solution of the embodiment of the present invention can ensure the security, authentication, and authorization of the access in the IPv6 network, and assign different IP v6 address prefixes to different terminals to ensure normal routing of the network.
  • the method for processing an IPv6 packet according to Embodiment 2 of the present invention includes: Step 31: Receive an IPv6 packet carrying access line information or device information, and obtain the access line information or Device Information;
  • Step 32 Search for the corresponding relationship according to the access line information or the device information, so as to perform corresponding operations on the IPv6 packet.
  • an IPv6 packet having at least one IPv6 extension header may be received, where the IPv6 extension header carries access line information or device information, and the access line information or device is obtained according to the IPv6 extension header. And receiving the IPv6 packet carrying the ICMPv6 message, the IPv6 packet carrying the ICMPv6 message and the access loop information by using the ICMPv6 relay message, and extracting the access line information from the ICMPv6 relay message.
  • the operations of the foregoing steps 31 and 32 may be implemented by a network server or a network device having the same function.
  • the specific devices that perform the foregoing operations in different network architectures may be different, such as an OLT in the PON or an IP address. Edge nodes, etc.
  • the correspondences found by different extension headers may be different, and the operations performed are different.
  • the correspondence may be saved and maintained by the OLT or IP edge node, or may be saved by other devices in the network. And maintained, and the OLT or IP edge node obtains the required correspondence from the device when performing step 32.
  • the IPv6 extension header is the first IPv6 extension header that carries the access loop identifier
  • the first correspondence is maintained, and the IPv6 packet is accessed, authenticated, or authorized.
  • the corresponding relationship is the corresponding relationship required for access, authentication, or authorization by using the access loop identifier.
  • the first correspondence may be an access loop identifier and an access permit or may be authenticated or authorized.
  • the correspondence between the packets such as the access line multicast permission table in the multicast scenario. For example, in a multicast scenario, based on the above The IPv6 extension header carrying the access line information, finds the access line multicast permission table, determines whether access is allowed, and if so, allows access, and if not, denies access.
  • the second correspondence is maintained to allocate the IPv6 address prefix for the IPv64 ⁇ text, and the second correspondence is implemented by using the device type identifier.
  • the second correspondence is the relationship between the device type identifier and the IPv6 address prefix allowed to be allocated.
  • the technical solution provided by the embodiment of the present invention can perform the access, authentication, and authorization of the IPv6 packet by using the access line information and/or the device information in the IPv6 packet, or assign different IPv6 address prefixes to different terminals.
  • the technical solution of the embodiment of the invention can ensure the security, authentication and authorization of the access in the IPv6 network, and assign different IP v6 address prefixes to different terminals to ensure the normal routing of the network.
  • the embodiment of the present invention mainly takes a scenario of adding a new access loop identifier extension header (hereinafter also referred to as a first IPv6 extension header) and/or a device type identifier extension header (hereinafter also referred to as a second IPv6 extension header) as an example. Be explained.
  • the access loop identifier and/or device type identifier information can also be extended and carried in the existing IPv6 extension header. It will be understood that those skilled in the art can learn the processing methods of other similar IPv6 extension headers by the following description.
  • the relay agent function implements the addition or deletion of the access loop identity extension header.
  • the relay agent function has the capability of processing the IPv6 extension header, and the relay proxy function may be located at the access node or the IP edge node of the access network. on.
  • the following is an example in which the relay agent function is located on the access node and the IPv6 packet is an Internet Control Message Protocol (ICMP).
  • ICMP Internet Control Message Protocol
  • IPv6 packets that have not been added to the access loop identity extension header before the access node are displayed.
  • Table 2 shows the packet after the access node adds the access loop identifier extension header to the IPv6 packet.
  • the access node directly adds the access loop identifier extension header to the IPv6 packet header, and is IPv6.
  • the Next Header of the packet header indicates that the IPv6 extended header carried by the packet is used to carry the access loop identification information, and can be represented as a Next Header ⁇ Access Loop ID.
  • IPv6 Header IPv6 Header
  • ICMP Message ICMP Message
  • IPv6 header IPv6 Header
  • the access node may add an access loop identifier extension header to the packet to carry the access loop identifier information when receiving each IPv6 packet.
  • the access node may also forward the IPv6 packet only when the IPv6 packet is forwarded. Add an Access Loop ID extension header.
  • the IPv64 message can be a Router Solicitation (RS) message, a Router Advertisement (RA) message, a Neighbor Solicitation (NS) message, or Neighbor Advertisements (NA). ) or Multicast Listener Discovery (MLD) messages.
  • RS Router Solicitation
  • RA Router Advertisement
  • NS Neighbor Solicitation
  • NA Neighbor Advertisements
  • MLD Multicast Listener Discovery
  • Table 3 shows the specific structure of an access loop identifier extension header, including Next Header, extended header length, access loop type, and access loop identifier, but is not limited thereto.
  • the specific structure of the extension header is adjusted.
  • the extension header may not carry the information of the access loop type, and the access network may be informed by the context information in the network.
  • the access loop identifier extension header includes 32 ⁇ n bits, 31 to 24 bits in the first row are allocated to the Next Header, and 23 to 16 bits in the first row are allocated to the extension. Head length, assigning 15 to 8 bits in the first line to the access loop type, which may be DSL, Passive Optical Network (PON) or Ethernet (Ethernet), etc., and the remaining bits Reserved for the access loop identifier.
  • the access loop type which may be DSL, Passive Optical Network (PON) or Ethernet (Ethernet), etc.
  • the access loop identifier may include an agent circuit identifier (Agent Circuit ID) and/or a proxy remote ID (Agent Remote ID);
  • Different access loop types may have different access loop identification coding formats.
  • the coding format of the access loop identifier is as follows:
  • ANI_port [: ANI_XPI.ANI_XCI]
  • the encoding method uses ASCII code.
  • eth port type, ATM-based DSL interface
  • AccessNodeldentifier The access node identifier (such as a DSLAM device), a string of up to 50 characters in length, with no spaces in the string;
  • ANI_rack access node rack number (such as DSLAM equipment supporting tight coupling) 0 ⁇ 15;
  • ANI_ frame access node chassis number 0 ⁇ 31;
  • ANI_ slot access node slot number 0 ⁇ 127;
  • ANI_subslot access node sub-slot number 0 ⁇ 31;
  • ANI_port Access node port number 0 ⁇ 255;
  • XPI Optional, such as interface type is atm, XPI corresponds to VPI, XPI is 0 ⁇ 255; if interface type is eth, XPI corresponds to PVLAN, XPI is 0 ⁇ 4095;
  • ANI—XCI If the interface type is atm, XCI corresponds to VCI, XCI is 0 ⁇ 65535; if the interface type is eth, XCI corresponds to CVLAN, XCI is 0 ⁇ 4095; ANI XPI.ANI XCI, which mainly carries the service information of the CPE side, can be used to identify future service type requirements, such as identifying specific services in a multi-P VC application.
  • the interface type is ATM
  • the AccessNodeIdentifier, ANI_rack, ANI_frame, ANI_slot, ANI_subslot, and ANI_port fields can be filled in with 0.
  • the access node is an optical network unit/optical path termination point.
  • the encoding method uses ASCII code.
  • Each line in the above format represents a string.
  • the strings are separated by a space. There can be no spaces in the middle of the string.
  • ⁇ ⁇ means that the content is mandatory; , indicating a side-by-side relationship, choose one more; "[]” means that the content is optional. " ⁇ ⁇ ", "
  • AccessNodeldentifier The identifier of the access node (such as the OLT device), which is a string of up to 50 characters. There must be no spaces in the middle of the string. The device identification method of the access node is not specified.
  • ANI_rack Access node rack number (such as OLT device supporting tight coupling) 0 ⁇ 15.
  • ANI_ frame Access node chassis number 0 ⁇ 31.
  • ANI_ slot Access node slot number 0 ⁇ 127.
  • ANI_subslot Access node subslot number 0 ⁇ 31.
  • ANI_port Access node port number 0 ⁇ 255.
  • ONUJD The identifier of the ONU, the length is 24 characters.
  • the specific ONU identification method is not specified (you can use the MAC address of the ONU, for example, 0000000000001A2B3C4D5E6F; you can also use the logical identifier of the ONU, such as SH_EPON_0000000098765432, where "SH” means Shanghai, "EPON” means EPON ONU, "00000098765432" is the serial number of the ONU); if the ONU is SFU, HGU or SBU, the field following this field may not be included.
  • ONU_Slot MDU/MTU type ONU slot number 0 ⁇ 15.
  • ONU_Subslot MDU/MTU type ONU sub-slot number 0 ⁇ 15.
  • Port—ID MDU/MTU type ONU port number 0 ⁇ 128.
  • trk ONU user port type: atm refers to the ATM protocol DSL interface (such as ADSL2+), eth refers to the ordinary Ethernet interface, trk refers to the trunk type Ethernet interface, and the PTM mode VDSL2 interface should be eth or trk. Types of.
  • Port XPI.Port XCI is mainly used for user-side service information of MDU/MTU-type ONU ports carrying DSL interfaces. It can be used to identify future service type requirements, such as identifying specific services in multi-PVC or multi-VLAN applications. among them:
  • Port XPI Optional, for example, the interface type of the ONU is DSL interface, Port_XPI corresponds to the VPI of the interface, XPI is 0 ⁇ 255; if the interface type is eth or trk, Port_XPI corresponds to S VLAN, and the valid value is 0 ⁇ 4095 ( 4096 means no S VLAN);
  • Port XCI Optional, for example, the interface type of the ONU is DSL interface, Port_XCI corresponds to the VCI of the interface, and the value is 0 ⁇ 65535; if the interface type is eth or trk, Port_XCI corresponds to C VLAN, and the valid value is 0. ⁇ 4095.
  • LN EP GP indicates the access technology adopted by the user; LN indicates LAN access, EP indicates EPON technology, and GP indicates GPON technology.
  • VLAN ID value is filled in 4096.
  • the S VLAN is 4096.
  • the C VLAN is the VLAN ID of the user. The value is 0 to 4095.
  • the broadband user access line (port) information encoding format in the LAN system uses the PON system broadband user access line (port) information encoding format.
  • the coding format of the access line identifier is as follows:
  • ONU_Slot/ONU_Subslot/Port_ID ⁇ atm
  • the encoding method uses ASCII code.
  • Each line in the above format represents a string.
  • the strings are separated by a space. There can be no spaces in the middle of the string.
  • ⁇ ⁇ means that the content is mandatory; "" indicates a side-by-side relationship, choose one more; "[]” means that the content is optional. " ⁇ ⁇ ", "
  • AccessNodeldentifier The identifier of the access node (such as the campus corridor switch device) is a string of up to 50 characters. There is no space in the string. The method for identifying the access device is not specified.
  • ANI_rack Access node rack number (such as support for tightly coupled corridor switch equipment) 0 ⁇ 15.
  • ANI_ frame Access node chassis number 0 ⁇ 31.
  • ANI_ slot Access node slot number 0 ⁇ 127.
  • ANI_subslot Access node subslot number 0 ⁇ 31.
  • ANI_port Access node port number 0 ⁇ 255.
  • ONUJD The identifier of the corridor switch, the length is 24 characters.
  • the identification method of the specific corridor switch is not specified (for example, the network management IP of the corridor switch can be used, or the number of the corridor switch in the resource management system can be used).
  • ONU_Slot The slot number of the corridor switch is 0 ⁇ 15.
  • ONU_Subslot Sub-slot number 0 ⁇ 15 of the corridor switch.
  • Port— ID The port number of the corridor switch is 0 ⁇ 128.
  • hyd ⁇ Type of the user port of the corridor switch.
  • the value of this field in Option 82 for IPTV address allocation is "trk” or “hyd,,, “trk” Trunk-type Ethernet interface (the same port may have PPPoE Internet access service); "hyd” identifies the hybrid port of the Hybrid type. (On the UNI interface of the corridor switch, the Internet service is untagged, and the corridor switch is tagged with it; IPTV The business is tagged).
  • Port XPI The current unified value is 4096 (meaning there is no SVLAN);
  • Port XCI Corresponding to the IPTV service VLAN, the valid value is 0 ⁇ 4095;
  • LN EP GP Indicates the access technology used by this user.
  • the value in the LAN system is "LN".
  • LN the concept of rack, frame, and subslot is not required.
  • the corresponding location should be filled with 0, and the invalid VLAN ID value should be filled with 4096.
  • the S VLAN is 4096
  • the C VLAN is the VLAN ID of the user. The value is 0 to 4095.
  • the foregoing relay agent function may include a multi-level relay agent, and each level of the relay agent may add or delete an IPv6 extension header of the current level to add or delete an access loop of the current level. Identification information.
  • the relay agent at each level can add the access loop identifier extension header of the current level to the IPv6 packet as follows:
  • the current level relay agent directly adds the access loop identifier extension header of the current level after the access loop identifier extension header of the upper level, where the Next Header in the access loop identifier extension header of the upper level is set. Set to indicate the access loop identifier extension header of the current level; or,
  • the current level relay agent modifies the access loop identifier extension header of the upper level, and adds the current level access loop identifier to the access loop identifier of the access loop identifier extension header of the upper level, but does not increase New IPv6 extension header.
  • the relay agent function adds the access loop identifier extension header to the IPv6 packet and forwards the IPv6 packet.
  • the relay agent function may delete the access ring in the IPv6 packet, if necessary, such as considering network security factors. After the path identifier is extended, the IPv6 packet is forwarded to the next network device.
  • the relay agent function can delete the access loop identifier extension headers one by one according to the order of the extension headers, for example, according to the principle that the added packets are deleted first.
  • the access loop identifier extension headers are deleted layer by layer.
  • the location and number of bits of the access loop identifier extension header to be deleted may also be set, and the extension header added first but required to be deleted early may be directly deleted.
  • the relay agent function deletes each access loop identifier one by one.
  • the network server When the network server receives the foregoing IPv6 packet with at least one access loop identifier extension header, the network server searches for the first corresponding relationship maintained according to the access loop identifier extension header, to report the IPv6 packet.
  • the text performs the corresponding operation.
  • the first correspondence may be an access line multicast permission table, and the network server queries the access line multicast permission table according to the access loop identifier in the extension header to determine whether to allow multicast operation.
  • Device type identifier extension header For example, the first correspondence may be an access line multicast permission table, and the network server queries the access line multicast permission table according to the access loop identifier in the extension header to determine whether to allow multicast operation.
  • the terminal When the terminal initiates an IPv6 packet, the terminal adds a Vendor Class ID extension header to the IPv6 packet.
  • the Next Header in the IPv6 packet header of the IPv6 packet indicates that the IPv6 extended header carried in the IPv6 packet is a device type identifier extension header.
  • the device type identifier extension header includes a Next Header, an extended header length, and a device type identifier.
  • the device type identifier indicates the type of the terminal device and can include the device type option (Vendor) Class Option ).
  • IPv6 header IPv6 Header
  • the device type identifier extension header includes 32xn bits, 31 to 24 bits in the first row are assigned to the Next Header, and 23 to 16 bits in the first row are allocated to the extended header length. , the remaining bits are reserved for the device type identifier.
  • the user terminal sends the IPv6 packet with the device type identifier to the network, and the device in the network transparently transmits the packet.
  • the IP edge node can identify the type of the user terminal and the user service according to the device type identifier extension header in the packet.
  • the IP edge node uses the device type identifier to search for the second corresponding relationship that is maintained, and allocates different IPv6 address prefixes for different services of the user terminal. For example, the IP edge node queries the terminal type and the address prefix according to the learned terminal type. Relationship, and assign an IPv6 address prefix to the message accordingly.
  • Step 1 The multicast terminal sends a multicast listener discovery (MLD JOIN) message to the ONU.
  • MLD JOIN multicast listener discovery
  • Step 2 The ONU adds an access loop identifier extension header to the received IP address of the MLD JOIN message, and the access loop identifier extension header carries an access loop identifier (ALI).
  • ALI access loop identifier
  • Step 3 The OLT determines whether the MLD JOIN message can be authorized according to the ALI and access line multicast permission table.
  • the access line multicast permission table corresponding to each access line is maintained on the OLT, and the OLT queries the access line multicast permission table according to the access line identifier.
  • Step 4 If the corresponding access line does not allow the multicast address requested by the MLD JOIN message, then
  • the OLT discards the MLD JOIN message.
  • Step 5 If the corresponding access line allows the multicast address requested by the MLD JOIN message, the OLT passes the Operations Administration and Maintenance (OAM) or the Optical Network Unit Management and Control Interface (OMCI). a protocol, for example, the OLT sends an Extended Multicast Control OAM message and authorizes the ONU to configure a corresponding Multicast Entry;
  • OAM Operations Administration and Maintenance
  • OMCI Optical Network Unit Management and Control Interface
  • Step 6 Referring to FIG. 4, in this scenario, when the corresponding access line allows the multicast address requested by the MLD JOIN message, the method further includes: determining whether the requested multicast address in the MLD JOIN message first appears in the foregoing On the OLT.
  • Step 7 If the multicast address requested by the MLD JOIN message is first generated on the OLT, the OLT may forward the MLD message to the previous node, such as a multicast router. Before forwarding, the OLT deletes the access line identity extension header. If the multicast address requested by the above MLD JOIN message does not appear for the first time on the OLT, the MLD JOIN message is discarded.
  • Both the OLT and ONU support the relay agent function.
  • the above operation implements access and authorization of the MLD JOIN message through the access loop identifier extension header, thereby ensuring network security.
  • the MLD JOIN message carrying the access loop identifier extension header may be further used by a management or control node in the network to collect the user's joining and leaving of the multicast group.
  • the BRAS can use the access loop identifier in the MLD JOIN message to count which users join or leave the multicast group.
  • DHCP dynamic host configuration protocol
  • Step 1 The home gateway or user terminal (ie DHCP client) sends a DHCP message to the access node.
  • DHCPv6 is used as an example.
  • the DHCP message and its IPv6 packet format are as shown in Table 6.
  • the DHCP message includes the DHCP extension header option (Option).
  • Step 2 The access node adds an access loop identifier extension header to the received IP packet of the DHCP message.
  • the access loop identifier extension header carries the access loop identifier (ALI).
  • ALI access loop identifier
  • the access node forwards the DHCP message to the IP edge node.
  • the access node supports the relay agent function.
  • Step 3 After receiving the DHCP message, the IP edge node inserts the access loop identifier into the DHCP message according to the access loop identifier extension header of the IP packet where the DHCP message is located. For example, the IP edge node extracts the access loop identifier and deletes the access loop identifier extension header of the IP packet where the DHCP message is located, and encapsulates the DHCP message and the access loop identifier in the transit proxy message, and then forwards the packet to the DHCP server. . Before forwarding, the IP edge node can authenticate or authorize according to the access loop identity to the AAA server.
  • the IP edge node supports a relay agent function, and the relay agent function supported on the IP edge node may be referred to as a second relay agent function with respect to the relay agent function on the access node.
  • the IP edge node can insert the access loop identifier into the DHCP message in at least the following two ways. The following two methods are described by using DHCPv6 as an example. method one
  • the IP edge node deletes the access loop identifier extension header in the received DHCP v6 message
  • the IPv6 message is encapsulated into a relay message option (Relay Message Option) and placed in the relay agent message (Relay Agent).
  • the transit agent message is composed of a relay agent MSG Header and an option (Option).
  • the IP edge node adds the access loop identifier to the loop proxy ID in the form of Option, such as the interface identifier option (Interface-id option), according to the access loop identifier extension header of the IP packet in which the DHCPv6 message is located.
  • Option such as the interface identifier option (Interface-id option)
  • the IP edge node after receiving the DHCPv6 message, extracts the access loop identifier in the access loop identifier extension header of the IP packet where the DHCPv6 message is located, and deletes the access loop identifier extension header.
  • the access loop ID is added directly to the Option-id option, such as the Interface-id option.
  • Step 4 After receiving the DHCP message from the IP edge node, the DHCP server performs corresponding processing according to the access loop identifier. For example, the IP address/prefix allocation or the access control is performed according to the access loop identifier.
  • the DHCP server replies to the DHCP client with the DHCP message carrying the access loop identifier, taking DHCPv6 as an example.
  • the DHCP server sends the replied DHCP message to the IP edge node.
  • the IP edge node adds the access loop identifier extension header to the IP packet according to the access loop identifier carried in the DHCP message.
  • Step 6 After receiving the DHCP message, the access node forwards the access loop identification information in the extension header of the IP packet to the corresponding home gateway or user on the corresponding access line. terminal. Before forwarding, the access loop identifier extension header in the IP packet can be deleted for security reasons.
  • the embodiment of the present invention provides a method for using an IPv6 packet to be an ICMPv6 message.
  • the new ICMPv6 message carries the existing ICMPv6 message and carries the method of accessing the loop identifier.
  • the case where the ICMPv6 relay message is an ICMPv6 relay message is taken as an example, and the specific name of the new message is not limited herein.
  • the data sender signs the ICMPv6 message, and the data receiver knows whether the data has been tampered with by verifying the signature. When the signature is consistent, the data is not tampered with, and it is allowed to be safe. data. If the access loop identification information is added directly to the ICMPv6 message, the integrity of the ICMPv6 message is destroyed. The data receiver will find out that the ICMPv6 message has been modified by signature verification, but it is impossible to know whether this modification has other illegal tampering besides adding the access line identification information.
  • the ICMPv6 message is carried in the ICMPv6 relay message as it is, and the data receiver extracts the ICMPv6 message from the ICMPv6 relay message and performs signature verification, so that the ICMPv6 message can be found to be tampered with.
  • the data receiver can also obtain access line identification information from the ICMPv6 relay message for access security, authentication or authorization.
  • the above-mentioned operation of carrying the access loop identifier by the ICMPv6 relay message can be implemented by the relay agent function.
  • the scenario in which the relay agent function is located on the access node is taken as an example.
  • the method specifically includes the following steps:
  • Step 1 The home gateway or the user terminal sends an ICMPv6 message to the access node.
  • the format of the ICMPv6 message and its IPv6 packet is shown in Table 10.
  • NextHeader is 58.
  • Step 2 The access node carries the received ICMPv6 message from the user terminal/home gateway to the ICMPv6 relay message, and adds an access loop ID (Access Loop ID) to the ICMPv6 relay message; the access node uses the ICMPv6
  • the transit message is forwarded to the IP edge node.
  • the value of the Code field is set to 0, indicating that the ICMPv6 message from the user to the router is transited.
  • Table 11 shows the structure of the ICMPv6 message carrying the ICMPv6 message and the access ring identifier.
  • the ICMP v6 relay message header is composed of an ICMP v6 Relay Message Header and an option (Option).
  • Table 12 shows the specific structure of the ICMPv6 relay message.
  • the Type field is the type of the ICMP v6 message, indicating that the message is an ICMP v6 relay message.
  • the Code field indicates the direction of the ICMPv6 relay: The Code value is 0, indicating that the ICMPv6 message from the user to the router is transited; the Code value is 1, indicating Transfer ICMP v6 messages from the router to the user;
  • the Type field indicates an existing ICMPv6 message
  • the Code field indicates that the ICMPv6 relay is performed.
  • Checksum is a checksum
  • Client IP/MAC address Option is used to indicate the IP/MAC address of the ICMP sender. Usually, it is carried only when the Code value is 0.
  • the Relay Option is mandatory and carries the ICMPv6 message that is transferred.
  • the specific format of the ICMPv6 message is the same as the information except the IPv6 header in Table 10.
  • IPv6 pseudo-header Option The school-sum for the Relay Option.
  • the specific format of the IP v6 pseudo-header option is shown in Table 13 below: Table 13
  • Application layer packet length (Upper-Layer Packet Length)
  • the destination address in the IPv6 pseudo-header option is the IP address of the final destination of the route extension header; the application-layer packet length (Upper-Layer Packet Length) contains the ICMPv6 before the transit. Header and payload length.
  • the destination IP address and source IP address of the ICMPv6 relay message can be used for the purpose of the original ICMPv6 message.
  • the IP address and the source IP address are forwarded.
  • the ICMPv6 relay message can be sent without the IPv6 pseudo-message header.
  • the ICMPv6 relay message extracts the information of the original IPv6 packet header of the original ICMPv6 message as the IPv6 pseudo-message header. It is carried in the ICMPv6 relay message, and then adds a new IPv6 header before the ICMPv6 relay message.
  • the destination IP address is the IP edge node address
  • the source IP address is the access node address
  • the user IP/MAC address option is set. Source IP/MAC address of the original ICMPv6 message.
  • Step 3 After receiving the ICMPv6 relay message, the IP edge node extracts the ICMPv6 message and the access loop identifier from the user terminal/home gateway from the ICMPv6 relay message, and needs to check the checksum of the ICMPv6 message from the user terminal/home gateway.
  • the access loop identifier for example, performing authentication or authorization according to the access loop identifier to the AAA server, or performing IP address prefix allocation according to the access loop identifier;
  • the IP edge node replies to the user terminal/home gateway by using the ICMPv6 message, and the ICMPv6 message also needs to be carried in the ICMPv6 relay message, and carries the access in the ICMPv6 relay message.
  • the IP edge node forwards the ICMPv6 relay message to the access node.
  • the value of the Code field is set to 1, indicating that the ICMPv6 packet from the router to the user is transited.
  • the source IP address of the ICMPv6 relay message is the IP edge node address, and the destination IP address is the user terminal/home gateway address.
  • the ICMPv6 relay message can be without the IPv6 pseudo-message header option; or the IP address of the ICMPv6 relay message.
  • the source IP address of the packet is the IP edge node address, and the destination IP address is the address of the access node.
  • the ICMPv6 relay message needs to carry the information that will reply the user terminal/home gateway with the IPv6 header of the ICMPv6 message as IPv6.
  • the pseudo-message header is carried in the ICMPv6 relay message.
  • the source IP address of the IPv6 pseudo-message header is the IP edge node address, and the destination IP address is the user terminal/home gateway address.
  • the verification of the checksum of the ICMP v6 message of the user terminal/home gateway may be performed according to the IPv6 pseudo-message header option and the ICMPv6 header of the user terminal/home gateway; if the ICMPv6 relay message does not have the IPv6 pseudo-message header option Then, an IPv6 pseudo-message header is generated according to the IPv6 header of the ICMPv6 relay message, and then the IPv6 pseudo-message header and the ICMPv6 header of the user terminal/home gateway are verified.
  • Step 4 After receiving the ICMP v6 Relay message, the access node extracts the ICMPv6 message and the access loop identifier from the user terminal/home gateway, and sends an ICMPv6 message to the user terminal/home gateway according to the access loop identifier. The corresponding access line is forwarded to the home gateway or the user terminal. If the IP address of the IP packet where the ICMPv6 relay message is located is the IP edge node address, the destination IP address is the user terminal/home gateway address, and the access node can The IPv6 header of the ICMPv6 relay message is forwarded.
  • the access node extracts the IPv6 pseudo packet header from the ICMPv6 relay message to construct a new IPv6 packet header.
  • the source IP address is an IP edge node address
  • the destination IP address is a user terminal/home gateway address
  • an ICMPv6 message replying to the user terminal/home gateway is sent.
  • the technical solution provided by the embodiment of the present invention can enable the device that receives the IPv6 packet to utilize the access line information and/or the device letter by carrying the access line information and/or the device information in the IPv6 extension header. Perform IPv6 packet access, authentication, and authorization, or assign different IPv6 address prefixes to different terminals.
  • the technical solution of the embodiment of the present invention can ensure the security, authentication, and authorization of the access in the IPv6 network, and assign different IP v6 address prefixes to different terminals to ensure normal routing of the network.
  • a fourth embodiment of the present invention provides a network device.
  • the device includes: an information adding unit 71, configured to add access line information for an IPv6 packet;
  • the forwarding unit 72 is configured to forward the IPv6 message added by the information adding unit 71 to the access line information.
  • the information adding unit 71 is specifically configured to add at least one IPv6 extension header to the IPv6 packet to add the access line information in the IPv6 packet; the added IPv6 extension header includes the access loop identifier, and the next A header Next Header and an extended header length; wherein, the Next Header indicates information of the next extended header, and the access line information includes an access loop identifier.
  • the information adding unit 71 is specifically configured to carry the ICMPv6 message in the ICMPv6 relay message to add the access line information in the IPv6 packet, where the IPv6 packet is an ICMPv6 message, and the ICMPv6 relay message is used.
  • An access loop identifier is carried, and the access line information includes the access loop identifier.
  • the information adding unit 71 includes a current level adding module and an upper level adding module, where the upper level adding module is configured to add a previous level IPv6 extended header to the IPv6 packet, where the current The level adding module is configured to add a current level IPv6 extension header to the IPv6 packet by using at least one of the following manners:
  • the device may further include: a receiving and deleting unit, configured to receive the IPv6 packet with the first IPv6 extended header, delete the first IPv6 extended header in the IPv6 packet, and forward the Said IPv6 message.
  • a receiving and deleting unit configured to receive the IPv6 packet with the first IPv6 extended header, delete the first IPv6 extended header in the IPv6 packet, and forward the Said IPv6 message.
  • each functional module and unit in the embodiment of the apparatus of the present invention reference is made to the method embodiment of the present invention.
  • the functional modules and units in the device embodiment of the present invention may be implemented separately or integrated in one or more units.
  • the network device described above can be implemented by an access node and/or an IP edge node of the access network.
  • the technical solution provided by the embodiment of the present invention can enable the device that receives the IPv6 packet to perform the IPv6 report by using the access line information and/or the device information by carrying the access line information and/or the device information in the IPv6 extension header. Access, authentication, and authorization of texts, or assign different IPv6 address prefixes to different terminals.
  • the technical solution of the embodiment of the present invention can ensure the security, authentication, and authorization of the access in the IPv6 network, and assign different IP v6 address prefixes to different terminals to ensure normal routing of the network.
  • a fifth embodiment of the present invention provides a terminal. As shown in FIG. 8, the terminal includes:
  • the extension header adding unit 81 is configured to add at least one IPv6 extension header for the IPv6 packet, where the IPv6 extension header carries device information.
  • the forwarding unit 82 is configured to forward the IPv6 packet that is added by the header adding unit 81 to the IPv6 extended header.
  • IPv6 extension header added by the extension header adding unit 81 includes a device type identifier
  • Next Header indicates information of the next extended header, and the device information includes a device type identifier.
  • each unit of the terminal in the device embodiment of the present invention refers to the method embodiment of the present invention.
  • the functional modules and units in the device embodiment of the present invention may be implemented separately or integrated in one or more units.
  • the technical solution provided by the embodiment of the present invention adds an IPv6 extension header to an IPv6 packet, carries the access line information and/or device information in the IPv6 extension header, and performs IPv6 packet by using the access line information and/or the device information. Access, authentication and authorization, or assign different IP v6 address prefixes to different terminals.
  • the technical solution of the embodiment of the present invention can ensure the security, authentication, and authorization of the access in the IPv6 network, and assign different IP v6 address prefixes to different terminals to ensure normal routing of the network.
  • the sixth embodiment of the present invention further provides a network server. As shown in FIG. 9, the server includes: a receiving unit 91, configured to receive an IPv6 packet carrying access line information or device information, to obtain the access line. Information or equipment information;
  • the processing unit 92 is configured to search for a corresponding relationship according to the access line information or device information, to perform corresponding operations on the IPv6 packet.
  • the receiving unit 91 is configured to receive an IPv6 packet with at least one IPv6 extended header, where the IPv6 extended header carries access line information or device information, and obtains the access line information according to the IPv6 extended header. Or equipment information; or,
  • IPv6 packet carrying an ICMPv6 message Receiving an IPv6 packet carrying an ICMPv6 message, the IPv6 packet carrying the ICMPv6 message and the access loop information by using the ICMPv6 relay message, and extracting the access line information from the ICMPv6 relay message.
  • the processing unit 92 is configured to: according to the access line information or the device information, search for a first correspondence, to access, authenticate, or authorize the IPv6 packet, where the IPv6 extension header a first IPv6 extension header, where the first IPv6 extension header carries an access loop identifier, a next header Next Header, and an extended header length, where the access line information includes the access loop identifier; or,
  • the processing unit 92 is configured to search for the second correspondence according to the access line information or the device information, to allocate an IPv6 address prefix to the IPv6 packet, where the IPv6 extension header is a second IPv6 extension header,
  • the second IPv6 extension header carries a device type identifier, a Next Header, and an extended header length, and the device information includes the device type identifier.
  • the processing unit 92 can also have both of the functions described above.
  • each unit of the network server in the device embodiment of the present invention refers to the method embodiment of the present invention.
  • the functional modules and units in the device embodiment of the present invention may be implemented separately or integrated in one or more units.
  • the device provided by the embodiment of the present invention can enable the device that receives the IPv6 packet to perform IPv6 by using the access line information and/or the device information, by carrying the access line information and/or the device information in the IPv6 packet. Packet access, authentication, and authorization, or assign different IPv6 address prefixes to different terminals.
  • the technical solution of the embodiment of the present invention can ensure security, authentication, and authorization of access in an IPv6 network, and Different IP v6 address prefixes are assigned to different terminals to ensure normal routing of the network.
  • An embodiment of the present invention further provides an IPv6 network system, where the system includes a terminal and/or a network device, and a network server.
  • the terminal is configured to add at least one IPv6 extension header to the IPv6 packet, where the IPv6 extension header carries the device information, and forwards the IPv6 packet to which the IPv6 extension header is added.
  • the network device is configured to add at least one IPv6 extension header to the IPv6 packet, where the IPv6 extension header carries the access line information, and forwards the IPv6 packet with the IPv6 extension header added;
  • the network server is configured to receive an IPv6 packet carrying the access line information or the device information, and perform a corresponding operation on the IPv6 packet according to the access line information or the device information.
  • the device provided by the embodiment of the present invention can enable the device that receives the IPv6 packet to perform IPv6 reporting by using the access line information and/or the device information by carrying the access line information and/or the device information in the IPv6 packet. Access, authentication, and authorization of texts, or assign different IPv6 address prefixes to different terminals.
  • the technical solution of the embodiment of the present invention can ensure the security, authentication, and authorization of the access in the IPv6 network, and assign different IP v6 address prefixes to different terminals to ensure normal routing of the network.
  • the present invention can be implemented by means of software plus the necessary general hardware platform. Based on such understanding, the technical solution of the present invention, which is essential or contributes to the prior art, may be embodied in the form of a software product, which may be stored in a storage medium such as a ROM/RAM, a disk, An optical disk or the like includes instructions for causing a computer device (which may be a personal computer, server, or network device, etc.) to perform the methods described in various embodiments of the present invention or portions of the embodiments.
  • a computer device which may be a personal computer, server, or network device, etc.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

La présente invention porte sur un procédé, un dispositif et un système de traitement de messages IPv6, qui concernent le domaine technique de l'Internet. La présente invention peut assurer la sécurité, l'authentification ainsi que l'autorisation d'accès dans un réseau IPv6, et alloue différents préfixes d'adresse IPv6 à différents terminaux, ce qui assure un routage normal dans le réseau. Le procédé de traitement de messages IPv6 décrit par les modes de réalisation de la présente invention consiste à : ajouter des informations de liaison d'accès ou des informations de dispositif dans un message IPv6; envoyer le message IPv6 auquel sont ajoutées les informations de liaison d'accès ou les informations de dispositif; de plus, recevoir le message IPv6 auquel sont ajoutées les informations de liaison d'accès ou les informations de dispositif, et obtenir les informations de liaison d'accès ou les informations de dispositif; selon les informations de liaison d'accès ou les informations de dispositif, rechercher la corrélation afin de réaliser des opérations correspondantes sur le message IPv6. La présente invention est conçue pour une situation de traitement de messages dans le réseau IPv6.
PCT/CN2010/079261 2009-12-07 2010-11-30 Procédé, dispositif et système de traitement de messages ipv6 Ceased WO2011069419A1 (fr)

Priority Applications (2)

Application Number Priority Date Filing Date Title
EP10835454.9A EP2495926B1 (fr) 2009-12-07 2010-11-30 Procédé, dispositif et système de traitement de messages ipv6
US13/482,742 US8917723B2 (en) 2009-12-07 2012-05-29 Method, device, and system for processing IPv6 packet

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN2009102240935A CN102088391B (zh) 2009-12-07 2009-12-07 一种IPv6报文的处理方法、设备和系统
CN200910224093.5 2009-12-07

Related Child Applications (1)

Application Number Title Priority Date Filing Date
US13/482,742 Continuation US8917723B2 (en) 2009-12-07 2012-05-29 Method, device, and system for processing IPv6 packet

Publications (1)

Publication Number Publication Date
WO2011069419A1 true WO2011069419A1 (fr) 2011-06-16

Family

ID=44100012

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2010/079261 Ceased WO2011069419A1 (fr) 2009-12-07 2010-11-30 Procédé, dispositif et système de traitement de messages ipv6

Country Status (4)

Country Link
US (1) US8917723B2 (fr)
EP (2) EP2790381B1 (fr)
CN (1) CN102088391B (fr)
WO (1) WO2011069419A1 (fr)

Families Citing this family (21)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102215124B (zh) * 2011-06-08 2013-06-05 华为技术有限公司 一种故障处理方法、汇聚节点及光网络保护系统
US9497076B2 (en) 2012-03-12 2016-11-15 ZTE Portugal-Projectos de Telecomunições Unipessoal Lda Dual-stack support for demarc auto configuration (DAC) mechanism in DOCSIS provisioning of EPON (DPOE) network
CN102710802B (zh) * 2012-05-07 2017-10-17 中兴通讯股份有限公司 IPv6配置信息提供装置及获取方法
CN108322400B (zh) * 2012-06-05 2021-06-08 华为技术有限公司 报文处理方法、系统及路由设备
CN103841024B (zh) * 2012-11-27 2017-07-21 中国电信股份有限公司 一种家庭网关实现数据分流的方法和家庭网关
CN108566451B (zh) 2014-03-11 2021-05-14 华为技术有限公司 一种消息处理方法、接入控制器及网络节点
CN105099914B (zh) * 2014-04-24 2018-12-25 华为技术有限公司 一种指示组播转发表项的方法及设备
US9762683B2 (en) * 2014-09-30 2017-09-12 A 10 Networks, Incorporated Use of packet header extension for geolocation/geotargeting
US10257099B2 (en) 2014-09-30 2019-04-09 A 10 Networks, Incorporated Applications of processing packets which contain geographic location information of the packet sender
CN113225238B (zh) * 2015-07-17 2022-08-26 华为技术有限公司 消息传输方法、接入节点、接入控制器及接入系统
WO2017166148A1 (fr) * 2016-03-31 2017-10-05 华为技术有限公司 Procédé de transmission de données et dispositif associé
CN109495594B (zh) * 2017-09-11 2022-03-29 华为技术有限公司 一种数据传输方法、pnf sdn控制器、vnf sdn控制器及系统
CN113472650B (zh) * 2020-03-31 2025-06-24 华为技术有限公司 报文处理方法、设备、系统及存储介质
CN113765865B (zh) * 2020-06-05 2022-12-27 华为技术有限公司 一种报文处理方法、设备及系统
CN114189905B (zh) * 2020-09-15 2024-06-18 华为技术有限公司 一种报文处理方法及相关设备
CN114629843A (zh) * 2020-12-11 2022-06-14 华为技术有限公司 一种报文处理方法及装置
CN114710781A (zh) * 2020-12-16 2022-07-05 华为技术有限公司 一种终端识别方法及装置
CN113300961B (zh) * 2021-05-14 2022-07-08 烽火通信科技股份有限公司 一种IPv4接入策略路由下发控制的方法与系统
CN115714655A (zh) * 2021-08-19 2023-02-24 中国移动通信有限公司研究院 一种报文发送方法、装置及存储介质
CN114095158B (zh) * 2021-11-04 2025-01-03 中国电信股份有限公司 网络切片选择方法、系统、设备及存储介质
US11888648B1 (en) * 2022-09-29 2024-01-30 Amazon Technologies, Inc. Software-enabled access point (SoftAP) based bridging of devices in two wireless networks

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1863199A (zh) * 2005-09-30 2006-11-15 华为技术有限公司 宽带网络中开展业务的方法
CN1897589A (zh) * 2005-07-13 2007-01-17 上海贝尔阿尔卡特股份有限公司 在通信网络中支持IPv6无状态地址配置的接入装置、路由设备及其方法
CN101047614A (zh) * 2006-05-01 2007-10-03 华为技术有限公司 一种IPv6网络环境中流传输路径建立方法和数据传输系统

Family Cites Families (19)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6553565B2 (en) 1999-04-23 2003-04-22 Sun Microsystems, Inc Method and apparatus for debugging optimized code
US7047519B2 (en) 2001-09-26 2006-05-16 International Business Machines Corporation Dynamic setting of breakpoint count attributes
EP1543655B1 (fr) * 2002-09-24 2016-03-09 Orange Telecommunications
US7336619B2 (en) * 2002-10-25 2008-02-26 General Instrument Corporation Method for converting an IP measurement protocol packet to a data packet
US7299456B2 (en) 2003-09-18 2007-11-20 International Business Machines Corporation Run into function
KR101086397B1 (ko) * 2003-12-02 2011-11-23 삼성전자주식회사 Ip 패킷의 에러 처리 장치 및 방법, 그리고 상기 방법을실행하는 프로그램을 기록한 컴퓨터로 읽을 수 있는 기록매체
US20060193316A1 (en) * 2005-02-25 2006-08-31 Allen Mark R Autonomous network topology and method of operating same
CN100571196C (zh) * 2005-03-22 2009-12-16 华为技术有限公司 移动IPv6报文穿越防火墙的实现方法
CN1937541B (zh) * 2005-09-20 2010-08-11 华为技术有限公司 一种网络性能测试方法
WO2007037334A1 (fr) * 2005-09-28 2007-04-05 Kddi Corporation Appareil d'envoi de contenu, récepteur de contenu, procédé d'envoi de contenu et procédé de réception de contenu
US8447898B2 (en) * 2005-10-28 2013-05-21 Microsoft Corporation Task offload to a peripheral device
WO2007049826A2 (fr) * 2005-10-28 2007-05-03 Matsushita Electric Industrial Co., Ltd. Appareil de commande de detection de boucle de tunnelisation
CN1972225B (zh) 2005-11-24 2010-09-15 华为技术有限公司 下一代网络中不同子系统之间交互用户信息的方法
US20080159287A1 (en) * 2006-12-29 2008-07-03 Lucent Technologies Inc. EFFICIENT PERFORMANCE MONITORING USING IPv6 CAPABILITIES
CN101316257B (zh) * 2007-05-31 2012-08-22 华为技术有限公司 数字用户线接入复用器、光网络单元、光线路终端和基站
KR100933365B1 (ko) * 2007-09-28 2009-12-22 한국전자통신연구원 액세스 네트워크의 자원 관리 시스템 및 방법
CN101547383B (zh) * 2008-03-26 2013-06-05 华为技术有限公司 一种接入认证方法及接入认证系统以及相关设备
CN101873515B (zh) * 2009-04-21 2013-12-04 华为技术有限公司 无源光网络的ipv6协议消息传输方法、系统及装置
US8619797B2 (en) * 2009-05-12 2013-12-31 Futurewei Technologies, Inc. Using internet protocol version six (IPv6) tunnel for access identifier transport

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1897589A (zh) * 2005-07-13 2007-01-17 上海贝尔阿尔卡特股份有限公司 在通信网络中支持IPv6无状态地址配置的接入装置、路由设备及其方法
CN1863199A (zh) * 2005-09-30 2006-11-15 华为技术有限公司 宽带网络中开展业务的方法
CN101047614A (zh) * 2006-05-01 2007-10-03 华为技术有限公司 一种IPv6网络环境中流传输路径建立方法和数据传输系统

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See also references of EP2495926A4 *

Also Published As

Publication number Publication date
EP2790381B1 (fr) 2015-05-20
EP2495926B1 (fr) 2014-09-10
CN102088391A (zh) 2011-06-08
CN102088391B (zh) 2013-09-11
US20120236864A1 (en) 2012-09-20
US8917723B2 (en) 2014-12-23
EP2790381A1 (fr) 2014-10-15
EP2495926A4 (fr) 2012-09-05
EP2495926A1 (fr) 2012-09-05

Similar Documents

Publication Publication Date Title
WO2011069419A1 (fr) Procédé, dispositif et système de traitement de messages ipv6
CN102246461B (zh) 一种地址重复检测代理方法、装置及系统
CN102045314B (zh) 匿名通信的方法、注册方法、信息收发方法及系统
US7860117B2 (en) Communication proxy method, device and system
CN101022394B (zh) 一种实现虚拟局域网聚合的方法及汇聚交换机
US6888834B1 (en) System and method for providing wireless internet services
KR101455219B1 (ko) 패킷을 포워딩하기 위한 방법, 장치 및 시스템
CN110611893B (zh) 为漫游无线用户设备扩展订户服务
CN101119252B (zh) 接入网络系统、接入装置、arp代理方法和ip桥接转发方法
US8599860B2 (en) Multiple prefix connections with translated virtual local area network
US8630285B2 (en) Method, system, and apparatus for transmitting IPV6 message in passive optical network
EP1875668B1 (fr) Système et procédé échelonnables pour un trafic d'abonné dsl sur un réseau ethernet
WO2018041152A1 (fr) Séparation d'une fonction de plan de commande et d'une fonction de plan de réacheminement d'un serveur d'accès distant à large bande
WO2012163178A1 (fr) Procédé, dispositif et unité de commande de nœud de bord pour la sélection d'un nœud de bord
WO2007124679A1 (fr) Procédé et système de communication en réseau
WO2011044808A1 (fr) Procédé et système de suivi de communication anonyme
CN101459591B (zh) 在无源光网络接入设备上实现用户端口定位的方法
CN102308523A (zh) 数据通信网络配置方法、网关网元及数据通信系统
CN102055637A (zh) 宽带网络系统及其实现方法
CN102098278B (zh) 用户接入方法、系统及接入服务器、接入设备
WO2011050676A1 (fr) Procédé de communication anonyme, procédé d'enregistrement et d'annulation, et noeud d'accès
CN101026620A (zh) Ppp网关装置
CN102487344B (zh) 身份位置分离网络的监听方法和系统
WO2006122502A1 (fr) Méthode de transmission de message en couche 2 et dispositif d’accès
WO2011032478A1 (fr) Procédé, dispositif et terminal pour obtenir un identifiant de terminal

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 10835454

Country of ref document: EP

Kind code of ref document: A1

WWE Wipo information: entry into national phase

Ref document number: 2010835454

Country of ref document: EP

NENP Non-entry into the national phase

Ref country code: DE