[go: up one dir, main page]

WO2012119386A1 - Procédé, dispositif et système d'authentification dans un réseau d'accès - Google Patents

Procédé, dispositif et système d'authentification dans un réseau d'accès Download PDF

Info

Publication number
WO2012119386A1
WO2012119386A1 PCT/CN2011/078317 CN2011078317W WO2012119386A1 WO 2012119386 A1 WO2012119386 A1 WO 2012119386A1 CN 2011078317 W CN2011078317 W CN 2011078317W WO 2012119386 A1 WO2012119386 A1 WO 2012119386A1
Authority
WO
WIPO (PCT)
Prior art keywords
authentication server
authentication
mac address
user terminal
packet
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/CN2011/078317
Other languages
English (en)
Chinese (zh)
Inventor
李克嘉
赵胜涛
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Huawei Technologies Co Ltd
Original Assignee
Huawei Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Technologies Co Ltd filed Critical Huawei Technologies Co Ltd
Priority to CN2011800018495A priority Critical patent/CN103392333A/zh
Priority to PCT/CN2011/078317 priority patent/WO2012119386A1/fr
Publication of WO2012119386A1 publication Critical patent/WO2012119386A1/fr
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/10Mapping addresses of different types
    • H04L61/103Mapping addresses of different types across network layers, e.g. resolution of network layer into physical layer addresses or address resolution protocol [ARP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/50Address allocation
    • H04L61/5007Internet protocol [IP] addresses
    • H04L61/5014Internet protocol [IP] addresses using dynamic host configuration protocol [DHCP] or bootstrap protocol [BOOTP]

Definitions

  • the present invention relates to the field of communications, and in particular, to an authentication method, device, and system in an access network. Background technique
  • Ethernet over IP IP over IP
  • PPOE Ethernet bearer-to-peer protocol
  • the IPOE mode authentication is mainly implemented by the Dynamic Host Configuration Protocol (DHCP).
  • DHCP was originally mainly used for local area network (LAN) applications.
  • LAN local area network
  • the automatic discovery mechanism was used to try to contact the DHCP server on the network.
  • the DHCP client When the DHCP client logs in to the network for the first time, it sends a DHCP DISCOVER packet to the network. Since the DHCP client does not know which network it belongs to, the source address of the DHCP DISCOVER packet is 0.0.0.0 and the destination address. Then it is 255.255.255.255, and then attach the information of DHCP discover to broadcast to the network.
  • the DHCP server listens to the DHCP DISCOVER packet sent by the DHCP client, it selects the first vacant IP from the address range that has not yet been leased, and responds to the DHCP client with a DHCP.
  • OFFER message according to the DHCP server settings, the DHCP OFFER message will contain a lease term information.
  • the DHCP client receives responses from multiple DHCP servers on the network, it will only pick one of the DHCP OFFERs (usually the one that arrived first) and will send a DHCP REQUEST message to the network, telling all DHCP servers that it will accept Which DHCP server provides the IP address.
  • DHCP itself does not have the function to be used for authentication, but DHCP can cooperate with other technologies to implement authentication, such as DHCP+WEB mode, DHCP+client mode, and use of DHCP+OPTION extension word. Segments are authenticated, all of which are collectively referred to as DHCP+ authentication.
  • the OPTION fields used as DHCP extensions are mainly OPTION60 and OPTION82.
  • the information of the Vendor and the Service Option in the OPTION60 is the information carried by the user terminal when the DHCP request is initiated.
  • the network device only needs to transparently transmit.
  • the function is to identify the type of the user terminal, thereby identifying the user service type, and the DHCP server. Different service IP addresses can be assigned accordingly.
  • the OPTION82 information is inserted by the network device in the DHCP message sent by the user terminal, and is mainly used to identify the access location of the user terminal.
  • the PPPOE workflow consists of two P-segments for discovery and session.
  • the client host broadcasts a PADI message with the destination address being the broadcast address of the Ethernet network, the CODE field value being 0x09, and the SESSION-ID field value being 0x0000.
  • PADI is used to make the requested services to the access server.
  • the access server receives the PADI message and sends a PADO message in response to the request.
  • the value of the CODE field is 0x07, and the value of the SESSION-ID field is still 0x0000.
  • PADO contains a tag for the access server name type and one or more service name type tags indicating the types of services that can be provided to the client host.
  • the client host selects a suitable PADO in multiple PADO packets that may be received, and then sends a PPPOE valid discovery request PADR message to the selected access server, where the CODE field is 0x19, and the SESSIONJD field value is still 0x0000.
  • the PADR must contain a service name type tag that determines the type of service requested from the access server.
  • the access server After receiving the PADR packet, the access server prepares to start the PPP session. It sends a PPPOE valid discovery session to acknowledge the PADS packet.
  • the value of the CODE field is 0x65
  • the value of the SESSION-ID field is a unique PPPOE session identification number generated by the access server.
  • An embodiment of the present invention provides an authentication method in an access network, where the access network includes multiple authentication servers, and the method includes:
  • An embodiment of the present invention provides an access device, where the access device is connected to multiple authentication servers, and the access device includes:
  • a first network side port configured to send a discovery packet to the multiple authentication servers
  • a second network-side port configured to receive a response packet of the authentication server, obtain a MAC address of the authentication server that sends the response packet from the response packet, and store the obtained MAC address of the authentication server in the authentication server list.
  • the packet processing unit receives the discovery packet from the user terminal, selects one MAC address from the plurality of MAC addresses of the authentication server list, and sends the discovery packet from the user terminal to the corresponding authentication according to the selected MAC address.
  • the server authenticates the user terminal.
  • An embodiment of the present invention provides an authentication system in an access network, including an access device and multiple authentication servers, where the access device is connected to the multiple authentication servers.
  • the access device sends a discovery packet to the multiple authentication servers, receives a response packet from the authentication server, and obtains a MAC address of the authentication server that sends the response packet from the response packet. Storing the obtained MAC address of the authentication server in the authentication server list; receiving the discovery message from the user terminal, selecting one MAC address from the multiple MAC addresses of the authentication server list, and coming from the user according to the selected MAC address The discovery message of the terminal is sent to the corresponding authentication server to authenticate the user terminal.
  • the method, the device, and the device provided by the embodiment of the present invention are controlled by the access device, and can implement the controllable load sharing in multiple authentication servers.
  • the unicast of the discovery packet of the user terminal to the corresponding authentication server is performed. , can eliminate too many OFFER messages, reducing the waste of bandwidth and CPU resources.
  • FIG. 1 is a network architecture diagram according to an embodiment of the present invention
  • FIG. 3 is an interaction diagram of a method according to an embodiment of the present invention.
  • FIG. 5 is a schematic structural diagram of an access device according to an embodiment of the present invention. Specific embodiment
  • An embodiment of the present invention provides an authentication method in an access network, where the access network is as shown in FIG. 1.
  • the access device 10 is connected to multiple authentication servers 20, 22, and 24.
  • Step 200 Send a discovery packet to the multiple authentication servers.
  • the access device 10 may send a DHCP-based discovery message or a PPPOE-based discovery message to multiple authentication servers 20, 22, and 24.
  • Step 202 Receive a response packet of the authentication server, obtain a MAC address of the authentication server from the response packet, and store the obtained MAC address in the authentication server list.
  • Step 204 Receive a discovery message from the user terminal, select a MAC address from multiple MAC addresses in the authentication server list, and send the discovery message from the user terminal to the corresponding authentication server for authentication.
  • the access device may select one MAC address from the multiple MAC addresses according to the port attribute of the connection user terminal, the weight attribute of the authentication server, the parity of the MAC address of the authentication server, and a combination of one or more of the Hash algorithms. .
  • an embodiment of the present invention can effectively implement the controllable load sharing in multiple authentication servers.
  • the unicasting of the discovery message of the user terminal to the corresponding authentication server can eliminate excessive response packets. Reduce bandwidth and waste of CPU resources.
  • an embodiment of the present invention provides an authentication method in an access network, where the access network is as shown in FIG. 1.
  • the authentication server is a DHCP server.
  • the method includes:
  • Step 300 The access device constructs a DHCP DISCOVER message to be broadcast in the network.
  • the source address of the DHCP DISCOVER packet constructed by the access device is 0.0.0.0, and the destination address is
  • Step 302 The access device receives the DHCP OFFER packet of the DHCP server, extracts the MAC address in the packet, and saves the MAC address in the authentication server list.
  • the structure of the authentication server list can be as follows:
  • the access device can also extract the IP address of the DHCP server from the DHCP OFFER packet.
  • the IP address obtained is saved in the list of authentication servers.
  • Step 304 The access device receives the DHCP DISCOVER message sent by the user terminal; the source address of the DHCP DISCOVER message from the user terminal is 0.0.0.0, and the destination address is
  • Step 306 Select a MAC address from the list of authentication servers, and send the DHCP DSCOVER packet from the user terminal to the corresponding DHCP server.
  • the access device replaces the destination address of the DHCP DISCOVER packet of the user terminal with the selected MAC address, and unicasts the DHCP DISCOVER text to the corresponding DHCP server.
  • the access device may adopt an average allocation. For example, if the DHCP DISCOVER message of the first user terminal is unicast to the first DHCP server, the DHCP DISCOVER message of the second user terminal is unicast to the second DHCP server, and so on.
  • the access device may also be based on the weight attribute of the DHCP server. For example, a weight value is set for each DHCP server, and the weight is divided according to the weight value. For example, if the weight of the DHCP server 30 is 2, the DHCP server sends a DHCP DISCOVER packet to the next DHCP server.
  • the access device may also select a corresponding DHCP server according to the parity of the port that receives the DHCP DISCOVER message.
  • the policy needs to configure the correspondence between the port parity and the MAC address of the DHCP server on the access device in advance. .
  • the access device can also adopt the Hash algorithm to select a MAC address according to the result of the Hash algorithm. This policy needs to configure the correspondence between the Hash algorithm result and the MAC on the access device.
  • the access device can also adopt the method of time sharing. For example, if a DHCP server is selected first, the DHCP DISCOVER packet of the user terminal is sent to the DHCP server. If the OFFER packet of the DHCP server is not received within a certain period of time, the switch is switched. Go to the next DHCP Server.
  • Step 308 Regularly broadcast a DHCP DISCOVER message or send a Ping detection message, and update the authentication server list according to the received response message.
  • the time when the access device periodically broadcasts DHCP DISCOVER packets can be set, for example, once every hour, and the list of authentication servers is updated according to the received OFFER packets.
  • the access device can also ping the DHCP server in the authentication server list. Specifically, you can set a counter to send ping probe packets to each DHCP server. The number of response timeouts of the server is counted. If the access device receives a response message from a DHCP server, the counter is cleared and the ping detection of the DHCP server is stopped. If the response is not received for a certain period of time (such as 5 seconds) The DHCP server response message adds 1 to the counter and continues to send the Ping probe. If the response timeout count exceeds 3 times, the DHCP server is considered to be in an abnormal state.
  • the access device determines that a DHCP server is in an abnormal state
  • the user terminal that is in the DHCP server is notified to re-apply for an IP address.
  • the access device may send a ForceRenew packet to the user terminal to notify the user terminal to release the applied application. IP address and re-apply for an IP address.
  • the authentication method provided in this embodiment obtains the MAC address of the DHCP server by constructing a DHCP DISCOVER message, and after receiving the DHCP DISCOVER message of the user terminal, the DHCP DISCOVER message is unicast to a DHCP server, which can be effectively Controllable load sharing in the DHCP server can also eliminate excessive OFFER messages and reduce the waste of bandwidth and CPU resources.
  • An embodiment of the present invention provides an authentication method. The method provided may be based on the architecture of FIG. 1.
  • the authentication server in this embodiment may be a Broadband Remote Access Server (BRAS).
  • BRAS Broadband Remote Access Server
  • the methods provided include:
  • Step 400 The access device constructs a PADI message and broadcasts in the network.
  • the destination address is the broadcast address of the Ethernet.
  • the CODE field value is 0x09, and the SESSION-ID field value is 0x0000.
  • Step 402 The access device receives the responding PADO packet, obtains the MAC address of the BRAS, and saves the obtained MAC address in the authentication server list.
  • Step 404 Receive a PADI message of the user terminal.
  • Step 406 Select a MAC address from the list of authentication servers, and receive the received PADI message. Forwarded to the corresponding BRAS;
  • the access device After receiving the PADI message from the user terminal, the access device replaces the broadcast address in the PADI message with the selected MAC address and sends it to the corresponding BRAS.
  • the access device may adopt an average allocation method, such as unicasting the PADI message of the first user terminal to the first BRAS, and unicasting the PADI message of the second user terminal to the second BRAS. , And so on.
  • the access device may also be based on the weight attribute of the BRAS, such as setting a weight value for each BRAS on the access device, and performing traffic distribution according to the weight value. For example, if the weight of the BRAS 30 is 2, the PRAS message is unicast twice to the BRAS 30 before switching to the next BRAS.
  • the access device may also select a corresponding BRAS according to the parity of the port that receives the PADI message.
  • the policy needs to configure the correspondence between the port and the MAC of the BRAS on the access device.
  • the access device can also adopt the Hash algorithm to select a MAC address according to the result of the Hash algorithm. This policy needs to configure the correspondence between the Hash algorithm result and the MAC on the access device.
  • the access device can also adopt the method of time sharing. For example, first select a BRAS, and send the PADI message of the user terminal to the BRAS. If the PADO packet of the BRAS is not received within a certain period of time, switch to the next BRAS. .
  • the access device can also select the corresponding MAC address according to the OPTION 60 information in the PADI message. This policy needs to configure the correspondence between the OPTION 60 and the MAC on the access device.
  • Step 408 Send a Ping detection packet to the BRAS in the authentication server list, and update the authentication server list according to the response message of the BRAS.
  • a counter is set to send a Ping probe packet to each BRAS, and the interval for sending the Ping detection packet may be 1 second, and the response timeout number of each BRAS is counted, if the access device receives a certain BRAS.
  • the response message clears the counter and stops the ping detection of the BRAS; if the response message of the BRAS is not received after a certain time (such as 0.5 seconds), the counter is incremented by 1, and the ping detection packet is continuously sent. If the response timeout count exceeds 2 times, the BRAS is considered to be in an abnormal state.
  • the access device determines that a certain BRAS is in an abnormal state, the MAC address of the corresponding BRAS is deleted from the authentication server list, and the user terminal belonging to the BRAS is notified to go offline again. Specifically, the access device sends the PADT to the user terminal. Message. The user terminal will enter after receiving the PADT message. Line redial.
  • the authentication method provided in this embodiment obtains the MAC address of the BRAS by constructing a PADI message, and after receiving the PADI message of the user terminal, unicasts the PADI message to a BRAS, which can be effectively implemented in multiple BRASs. Controlled load sharing can also eliminate excessive PADO packets, reducing bandwidth and CPU resource waste.
  • An embodiment of the present invention provides an access device, where the access device is connected to multiple authentication servers, as shown in FIG. 5, including:
  • the first network side port 500 is configured to send a discovery packet to the multiple authentication servers.
  • the first network side port 500 can send a DHCP based discovery message or a PPPOE based discovery message to multiple authentication servers.
  • the second network side port 502 is configured to receive a response packet of the authentication server, obtain a MAC address of the authentication server that sends the response packet from the response packet, and store the obtained MAC address of the authentication server in the authentication server. List.
  • the first network side port 500 in this embodiment may be further configured to send a probe packet to the multiple authentication servers to detect the status of the multiple authentication servers, and refresh the list of the authentication servers according to the detection result.
  • the ping probe packet is sent to multiple authentication servers, and the authentication server list is updated according to the response packet.
  • the first network side port 500 can also periodically broadcast a discovery message to the network, and update the authentication server list according to the response message.
  • the message processing unit 504 receives the discovery message from the user terminal, selects one MAC address from the plurality of MAC addresses of the authentication server list, and sends the discovery message from the user terminal to the corresponding one according to the selected MAC address.
  • the authentication server authenticates the user terminal.
  • the message processing unit 504 may: after receiving the discovery message from the user terminal, replace the broadcast address in the discovery message with the selected MAC address, and send the message to the corresponding authentication server.
  • the access device in this embodiment may be a Digital Subscriber Line Access Multiplexer (DSLAM), an Optical Line Terminal (OLT), or an Integrated Service Access Network (Multi-Service Access Network). , MSAN) equipment, etc.
  • DSLAM Digital Subscriber Line Access Multiplexer
  • OLT Optical Line Terminal
  • Multi-Service Access Network Multi-Service Access Network
  • MSAN Integrated Service Access Network
  • the access device acquires the MAC address of the authentication server by constructing the discovery packet. After receiving the discovery packet of the user terminal, the device unicasts the packet to an authentication server, which can effectively implement load balancing in multiple authentication servers and eliminate excessive response packets. Packets, reducing bandwidth and waste of CPU resources.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Small-Scale Networks (AREA)
  • Computer And Data Communications (AREA)

Abstract

L'invention concerne un procédé, un dispositif et un système d'authentification dans un réseau d'accès. Le procédé comprend les étapes consistant à : envoyer un message de découverte à une pluralité de serveurs d'authentification ; recevoir un message de réponse en provenance d'un serveur d'authentification, obtenir à partir du message de réponse l'adresse MAC du serveur d'authentification qui l'envoie et conserver l'adresse MAC obtenue du serveur d'authentification dans une liste de serveurs d'authentification ; recevoir un message de découverte en provenance d'un terminal d'utilisateur, sélectionner une adresse MAC parmi une pluralité d'adresses MAC figurant dans la liste de serveurs d'authentification et envoyer le message de découverte en provenance du terminal d'utilisateur au serveur d'authentification correspondant selon l'adresse MAC sélectionnée de façon à authentifier le terminal d'utilisateur.
PCT/CN2011/078317 2011-08-12 2011-08-12 Procédé, dispositif et système d'authentification dans un réseau d'accès Ceased WO2012119386A1 (fr)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN2011800018495A CN103392333A (zh) 2011-08-12 2011-08-12 一种接入网络中的认证方法、设备和系统
PCT/CN2011/078317 WO2012119386A1 (fr) 2011-08-12 2011-08-12 Procédé, dispositif et système d'authentification dans un réseau d'accès

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2011/078317 WO2012119386A1 (fr) 2011-08-12 2011-08-12 Procédé, dispositif et système d'authentification dans un réseau d'accès

Publications (1)

Publication Number Publication Date
WO2012119386A1 true WO2012119386A1 (fr) 2012-09-13

Family

ID=46797443

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2011/078317 Ceased WO2012119386A1 (fr) 2011-08-12 2011-08-12 Procédé, dispositif et système d'authentification dans un réseau d'accès

Country Status (2)

Country Link
CN (1) CN103392333A (fr)
WO (1) WO2012119386A1 (fr)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113556337A (zh) * 2021-07-20 2021-10-26 迈普通信技术股份有限公司 终端地址识别方法、网络系统、电子设备及存储介质
CN114501445A (zh) * 2022-01-06 2022-05-13 新华三技术有限公司合肥分公司 一种接入控制方法及装置
CN118740804A (zh) * 2024-07-22 2024-10-01 武汉烽火技术服务有限公司 一种olt系统的用户地址快速回收与分配方法及装置
WO2024208290A1 (fr) * 2023-04-07 2024-10-10 华为技术有限公司 Procédé et appareil de détection de dispositif, dispositif et support d'enregistrement lisible par ordinateur
WO2025000379A1 (fr) * 2023-06-29 2025-01-02 新华三技术有限公司 Procédé et appareil d'authentification de terminal, dispositif d'accès et support

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110121202B (zh) * 2018-02-07 2021-06-15 成都鼎桥通信技术有限公司 接入方法及终端设备
CN113132294B (zh) * 2019-12-30 2022-05-13 中国移动通信集团四川有限公司 一种数据包的过滤方法、系统及装置

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101098347A (zh) * 2006-06-28 2008-01-02 华为技术有限公司 一种给用户终端分配ip地址的方法
CN101453415A (zh) * 2007-11-29 2009-06-10 华为技术有限公司 一种接入网络的保护方法、系统及设备
US20110072120A1 (en) * 2009-09-22 2011-03-24 Ambit Microsystems (Shanghai) Ltd. Router and method for configuring ip addresses of the router

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101009627A (zh) * 2006-12-27 2007-08-01 华为技术有限公司 一种业务绑定的方法和设备
CN101350842A (zh) * 2008-08-13 2009-01-21 成都华程信息技术有限公司 基于网关模式的集群管理

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101098347A (zh) * 2006-06-28 2008-01-02 华为技术有限公司 一种给用户终端分配ip地址的方法
CN101453415A (zh) * 2007-11-29 2009-06-10 华为技术有限公司 一种接入网络的保护方法、系统及设备
US20110072120A1 (en) * 2009-09-22 2011-03-24 Ambit Microsystems (Shanghai) Ltd. Router and method for configuring ip addresses of the router

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113556337A (zh) * 2021-07-20 2021-10-26 迈普通信技术股份有限公司 终端地址识别方法、网络系统、电子设备及存储介质
CN114501445A (zh) * 2022-01-06 2022-05-13 新华三技术有限公司合肥分公司 一种接入控制方法及装置
CN114501445B (zh) * 2022-01-06 2024-02-09 新华三技术有限公司合肥分公司 一种接入控制方法及装置
WO2024208290A1 (fr) * 2023-04-07 2024-10-10 华为技术有限公司 Procédé et appareil de détection de dispositif, dispositif et support d'enregistrement lisible par ordinateur
WO2025000379A1 (fr) * 2023-06-29 2025-01-02 新华三技术有限公司 Procédé et appareil d'authentification de terminal, dispositif d'accès et support
CN118740804A (zh) * 2024-07-22 2024-10-01 武汉烽火技术服务有限公司 一种olt系统的用户地址快速回收与分配方法及装置

Also Published As

Publication number Publication date
CN103392333A (zh) 2013-11-13

Similar Documents

Publication Publication Date Title
CN102084638B (zh) 计算机网络中接入服务器的确定性会话负载平衡和冗余
US7733859B2 (en) Apparatus and method for packet forwarding in layer 2 network
CN101106512B (zh) 一种QinQ终结配置的处理方法和设备
WO2012119386A1 (fr) Procédé, dispositif et système d'authentification dans un réseau d'accès
CN101883158B (zh) 获取虚拟局域网标识和网络协议地址的方法及客户端
EP2012485A1 (fr) Procédé de gestion, appareil et système de connexion de session
WO2009094928A1 (fr) Procédé et équipement de transmission d'un message basé sur le protocole de tunnel de niveau 2
CN101076978B (zh) 一种用于在服务器间分配负载的方法
CN101478576A (zh) 选择服务网络的方法、装置和系统
CN105637805A (zh) 增强移动备用信道以解决有线线路网络中的节点故障
CN103503422A (zh) 自动连接选择
US11582113B2 (en) Packet transmission method, apparatus, and system utilizing keepalive packets between forwarding devices
WO2008138196A1 (fr) Procédé et dispositif permettant de rapporter des informations
CN101471936A (zh) 建立ip会话的方法、装置及系统
WO2012109917A1 (fr) Procédé, appareil et système de transfert de messages dans un réseau
US20080285569A1 (en) Device for Session-Based Packet Switching
WO2012034413A1 (fr) Procédé de gestion d'utilisateur de double pile et serveur d'accès à large bande
WO2015018069A1 (fr) Procédé, dispositif et système pour acquérir un service par un terminal de réseau
CN100561969C (zh) 一种基于PPPoE的宽带接入方法
CN101447887B (zh) 一种通知用户上线的方法及装置
WO2008151548A1 (fr) Procédé et appareil pour empêcher l'usurpation de l'adresse de commande d'accès au support (mac) côté réseau
JP5604389B2 (ja) 通信システム、ルータ装置及びルータ切替方法
WO2012126335A1 (fr) Procédé de contrôle d'accès, dispositif d'accès et système
CN101188628B (zh) 发放业务信息的方法和系统、网络设备
WO2008141572A1 (fr) Procédé et système servant à réaliser un contrôle d'entretien sur des sessions clients

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 11860346

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 11860346

Country of ref document: EP

Kind code of ref document: A1