CN101141492B - Method and system for implementing DHCP address safety allocation - Google Patents
Method and system for implementing DHCP address safety allocation Download PDFInfo
- Publication number
- CN101141492B CN101141492B CN200710153081.9A CN200710153081A CN101141492B CN 101141492 B CN101141492 B CN 101141492B CN 200710153081 A CN200710153081 A CN 200710153081A CN 101141492 B CN101141492 B CN 101141492B
- Authority
- CN
- China
- Prior art keywords
- dhcp
- address
- server
- client
- message
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Landscapes
- Small-Scale Networks (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The present invention relates to a method for realizing a DHCP address safety distribution and a system. The core of the present invention is that a DHCP (Dynamic host computer configuration protocol) client side sends a DHCP finding message though an access network; when the access network gets the port information and other identification information of the DHCP client side, and a certification is performed based on the identification information; at last, a DHCP server distributes the address information only to the DHCP client side passed by the certification. Therefore, the present invention can perform an access certification to a user according to the location information, and distributes an IP address only for the legible user and the terminal, thereby to greatly enhance the safety of distributing the address though a DHCP way. Moreover, the present invention can enable the address to be managed by an AAA server, or the address is distributed after the AAA server certification succeeds.
Description
Technical field
The present invention relates to network communications technology field, relate in particular to a kind of method and system that realize dhcp address safety distribution.
Background technology
Along with the day by day maturation of the access technologies such as ADSL (ADSL (Asymmetric Digital Subscriber Line)), Ethernet, broadband access is more and more universal, meanwhile, IPTV (Internet Protocol Television) video of carrying out at broadband access network and VoIP (IP-based voice) business are also more and more.Carrying out of each business need to adopt special terminal to realize, and as video traffic need to use STB (Set Top Box), voice service need to be used IAD (integrated access equipment), etc.Each special-purpose terminal needed to obtain the address information of local terminal before commencing business, and afterwards, just can utilize the address information of local terminal to carry out every business.
In communication network, the mode that each terminal is obtained IP address is conventionally based on DHCP (DHCP) agreement and realizes; Traditional business of networking adopts PPPoE (Ethernet encapsulation point end-to-end protocol (EEP)) mode to realize conventionally, and need to complete certification to access user by aaa server, and distributing IP address.Aaa server is generally RADIUS (remote authentication) server, may be also other certificate servers.
Authenticate by radius server, and the network communicating system structure of obtaining IP address information by Dynamic Host Configuration Protocol server is as shown in Figure 1, wherein:
Dynamic Host Configuration Protocol server: for the server of management ip address, the address assignment request of responsive computer, for computer distributes suitable IP address;
Dhcp client: use DHCP agreement to obtain the terminal of the network parameters such as IP address, comprise computer, STB, IAD etc.;
Radius server: remote dial-in user's authentication server, for account number and the password of leading subscriber, completes the certification to access user;
BRAS: Broadband Remote Access Server, consumer wideband user's access-in management, to PPPoE user, BRAS, as radius client, initiates authentication request to radius server, and for DHCP user, BRAS completes dhcp relay feature;
Access Network: the network in the middle of from subscriber household to BRAS;
Access node: the equipment being directly connected with subscriber's line in Access Network, as ADSL access device DSLAM;
OSS system: OSS, for the system of Operator Specific Service granting and service management.
In Fig. 1, as dhcp client STB, IAD etc., can use DHCP agreement to distribute corresponding IP address for it by disposing Dynamic Host Configuration Protocol server in network.
The handling process that in Fig. 1, each dhcp client obtains address is specifically as shown in Figure 2:
The start of step 21:DHCP client, sends DHCP and finds message, searches the DHCP server of service can be provided;
Step 22:BRAS, as DHCP relay, finds that by DHCP message relay arrives the Dynamic Host Configuration Protocol server of appointment;
Step 23:DHCP server returns to DHCP message is provided, and representing oneself can be to client distributing IP address;
Step 24:DHCP client is sent DHCP request message, and DHCP request message is relayed to Dynamic Host Configuration Protocol server by BRAS;
The IP address that step 25:DHCP server-assignment is suitable, returns to dhcp response message.
Like this, dhcp client just obtains IP address, and can access network, obtains network service.
Can find out from above-mentioned dhcp address assigning process, obtain by DHCP mode at dhcp client in the processing procedure of IP address, disabled user can get corresponding IP address easily, obtains network service.Like this, be easy to occur hacker's malice and exhaust IP address resource, the problem of attacking network, and, after assault network, cannot follow the trail of it.
In addition, operator need to be used Dynamic Host Configuration Protocol server management dhcp client user's IP address, uses radius server management pppoe client user's IP address, has two cover IP address resource management mechanism, and data are disperseed, and management cost is high.
Summary of the invention
In view of the existing problem of above-mentioned prior art, the object of this invention is to provide a kind of method and system that realize dhcp address safety distribution, thereby can ensure that the fail safe that Dynamic Host Configuration Protocol server carries out the process of address assignment can be ensured effectively.
The object of the invention is to be achieved through the following technical solutions:
The embodiment of the present invention provides a kind of DHCP certificate server of realizing dhcp address safety distribution, comprising:
Dynamic Host Configuration Protocol server module: receive the DHCP request message that dhcp client is sent via access node or access server, and the address information receiving with authentication charging AAA client modules responds described dhcp client;
Protocol conversion module: the DHCP for the corresponding dhcp client sent from access node or access server finds message, obtain the information that aaa authentication needs, generate aaa authentication message, and the authentication response message receiving according to AAA client modules, generate DHCP message is provided, and send, wherein, DHCP finds that message comprises the Option82 option of the positional information of identifying user; Described aaa authentication message comprises the MAC Address of described Option82 option and dhcp client;
AAA client modules: for communicating between the message identifying based on the generation of DHCP protocol conversion module and aaa server, obtain the authentication result to described dhcp client, and give protocol conversion module and Dynamic Host Configuration Protocol server module, wherein, the authentication result of described dhcp client is judged according to described Option82 option and described MAC Address by described aaa server.
The embodiment of the present invention provides a kind of method that realizes dhcp address safety distribution based on above-mentioned Dynamic Host Configuration Protocol server, comprising:
A, dynamic host configuration protocol DHCP client send DHCP by access network and find message;
B, access network side are obtained the identifying information of described dhcp client, and based on described identifying information, described dhcp client are carried out to authentication processing by described DHCP certificate server;
C, the dhcp client passing through for certification, distribute address information by described DHCP certificate server for it.
The embodiment of the present invention provides a kind of system that realizes dhcp address safety distribution, comprise: dhcp client, access network and above-mentioned DHCP certificate server, dhcp client is communicated by letter and is obtained address information with DHCP certificate server by access network, simultaneously, the DHCP that DHCP certificate server is used for the dhcp client that access network is obtained finds that message carries out legitimacy authentication processing, and the dhcp client that certification is passed through carries out address assignment.
As seen from the above technical solution provided by the invention, the present invention can carry out access authentication to user according to positional information, and is only legal user, terminal distribution IP address, thereby has strengthened greatly the fail safe that distributes address by DHCP mode;
And, in the present invention, address unification can be managed by radius server, i.e. Dynamic Host Configuration Protocol server and radius server unified management IP address, has reduced the cost of network management; And can utilize the original safety measure of radius server, and control user and obtain the quantity of IP address, effectively prevent that malice from exhausting address and attacking; Even if there is network attack or other network security problems, also can track according to IP address user's physical location, can effectively frighten assault behavior;
Simultaneously; the present invention also has good compatibility; be that the present invention is in implementation procedure; do not newly increase any interface and order for OSS system; the service dispense management process of the service management flow to dhcp client user and original pppoe client is in full accord, has protected the investment of operator.
Brief description of the drawings
Fig. 1 is the structural representation of broadband access system;
Fig. 2 is the process schematic diagram that obtains address by Dynamic Host Configuration Protocol server;
Fig. 3 is DHCP certificate server structural representation Fig. 1 of the present invention;
Fig. 4 is DHCP certificate server structural representation Fig. 2 of the present invention;
Fig. 5 is structural representation Fig. 1 of system of the present invention;
Fig. 6 is the dhcp address assigning process schematic diagram 1 based on system shown in Figure 5;
Fig. 7 is the dhcp address assigning process schematic diagram 2 based on system shown in Figure 5;
Fig. 8 is structural representation Fig. 2 of system of the present invention;
Fig. 9 is the dhcp address assigning process schematic diagram based on system shown in Figure 8.
Embodiment
Core of the present invention is to obtain in the process of address information to Dynamic Host Configuration Protocol server at dhcp client, has increased the processing procedure of the legitimacy certification to dhcp client, thereby has prevented the attack of disabled user to Dynamic Host Configuration Protocol server; In addition, based on above-mentioned core concept, the address administration of Dynamic Host Configuration Protocol server and certificate server can also be united, be convenient to the management of address.Described certificate server comprises the aaa servers such as radius server, certainly, can be also the similar certificate server of other functions.
The invention provides the method that realizes dhcp address safety distribution, mainly comprise:
(1) dhcp client sends DHCP by access network and finds message;
(2) access server of network side (as BRAS, access node etc.) according to as described in DHCP find the ingress port information of message determine as described in the identifying information of dhcp client, as the port numbers of dhcp client, VPI/VCI (VPI), VLAN ID (VLAN ID) information etc., and based on described identifying information, and the identifying information of pre-configured validated user authenticates this dhcp client;
Take radius server as example as certificate server, specifically can utilize the identifying information of described client to initiate authentication request to remote dial certification radius server by the access node in access network or access server, and the legitimacy of described client be authenticated according to the identifying information of the validated user of preserving by radius server;
Certainly, the gateway that is specifically designed to certification also can be set, the information by it according to configuration is carried out corresponding authentication processing.
(3) DHCP of dhcp client certification being passed through finds that message sends to Dynamic Host Configuration Protocol server, and distributes address information by Dynamic Host Configuration Protocol server for it, and concrete address allocation procedure is identical with existing address allocation procedure, therefore do not describe in detail.
For realizing said method provided by the invention, the Dynamic Host Configuration Protocol server accordingly with authentication function can be set in network, thereby make it find can first carry out authentication processing after message receiving the DHCP that dhcp client sends, after certification is passed through, then distribute corresponding address information for it.
The invention provides two kinds of DHCP certificate servers with authentication function, be described respectively below in conjunction with accompanying drawing.
The first have authentication function DHCP certificate server adopt be to pass through certificate server, as radius server is realized the certification to dhcp client, its concrete structure as shown in Figure 3, is example taking radius server as certificate server in figure, specifically comprises:
Dynamic Host Configuration Protocol server module: for the dhcp client distributing IP address that certification is passed through, be specially and receive the DHCP request message that dhcp client is sent via access node or access server, and for it distributes corresponding IP address information, what described IP address was that radius client module receives is the IP address information that the client passed through of certification is returned by radius server;
Protocol conversion module: the DHCP for the corresponding dhcp client sent from access node or access server finds that message obtains the information that RADIUS authentication needs, and generates the RADIUS authentication message for dhcp client is authenticated; Simultaneously, protocol conversion module also needs the authentication response message response dhcp client receiving according to radius client module, be specially the response message of the dhcp client passing through for certification, need protocol conversion module to generate corresponding DHCP message is provided, and send to corresponding dhcp client, represent that it can be assigned with corresponding IP address;
Radius client module: for communicating between the message identifying based on the generation of DHCP protocol conversion module and radius server, thereby realize the processing procedure authenticating for DHCP client, concrete authenticate ruler can carry out legitimacy certification according to the rule of setting in radius server, then, obtain the authentication result to described dhcp client, authentication result comprises that radius server is the IP address that this client is distributed, and Dynamic Host Configuration Protocol server module need to be given in this IP address; Meanwhile, the response message of the dhcp client passing through for certification need to transfer to protocol conversion module to carry out follow-up processing, sends DHCP to dhcp client message is provided.
Now, DHCP certificate server is operated under gateway mode, and described DHCP certificate server is supported DHCP agreement and radius protocol, and from the angle of dhcp client and BRAS, DHCP certificate server is Dynamic Host Configuration Protocol server; From the angle of radius server, DHCP certificate server is radius client.
Concrete processing procedure comprises: DHCP certificate server is processed the DHCP message that DHCP relay forwards, according to the identifying information of the client of carrying in message, generate RADIUS message and initiate certification to radius server, radius server judges user's legitimacy according to the user data of configured in advance, complete certification, and to user assignment IP address, DHCP certificate server is received after the authentication response message of radius server, return to DHCP message to dhcp client, carry the IP address of being distributed by RADIUS, final dhcp client obtains IP address.
What the second had that the DHCP certificate server of authentication function adopts is, in this locality, authentication function is set, and realizes authentication processing, and its concrete structure as shown in Figure 4, comprising:
Identification processing module: for obtaining the identifying information of the dhcp client of initiating dhcp process, and according to the identifying information of the validated user of its preservation, described client is carried out to legitimacy certification, authentication result is issued to Dynamic Host Configuration Protocol server module, the identifying information of described validated user is preserved by corresponding memory module again;
Dynamic Host Configuration Protocol server module: obtain the authentication result of identification processing module to dhcp client, and for sending DHCP, the dhcp client passing through provides message to authentication result, represent that Dynamic Host Configuration Protocol server can distribute corresponding IP address for it, and can be in the time that dhcp client be sent DHCP request message, for it distributes corresponding IP address, realize the function of Dynamic Host Configuration Protocol server.
Now, DHCP certificate server works under server mode, is equivalent to have the Dynamic Host Configuration Protocol server of safety certification function, can complete independently for the certification of client and the work of address assignment.
Above-mentioned two kinds of DHCP certificate servers with authentication function can be arranged in any network that need to apply Dynamic Host Configuration Protocol server, to realize corresponding address allocation function.
The present invention also provides has the system that dhcp address distributes the dhcp address the realized safety distribution of authentication function accordingly, the structure of described system as shown in Figure 5 and Figure 8, specifically comprise: dhcp client, access network and DHCP certificate server, the DHCP that described DHCP certificate server is used for the dhcp client that access network is obtained finds that message carries out legitimacy certification, and the dhcp client that certification is passed through carries out address assignment processing.
In system of the present invention, described DHCP certificate server can adopt following two kinds of modes to authenticate dhcp client, and distributes corresponding IP address, is specially:
A kind of is that the identifying information of dhcp client is sent to radius server by authentication request packet, and by radius server, it is authenticated, and distribute corresponding IP address by radius server for it, or radius server only carries out authentication processing, and still distributes corresponding IP address by Dynamic Host Configuration Protocol server; Herein, only describe concrete application example of the present invention using radius server as certificate server, and be not limited in this;
Another kind is that the identifying information of dhcp client is carried out to legitimacy certification according to the identifying information of the validated user of this locality preservation, and is that the dhcp client that certification is passed through is to distribute corresponding IP address by Dynamic Host Configuration Protocol server.
In described system, specifically access node and BRAS support catching of DHCP message, and insert Option82 option, so that can get the identifying information of corresponding dhcp client after the DHCP message described in the reception of DHCP certificate server, in Option82 option, identify the positional information as the user of identifying information, specifically comprise port information, VPI/VCI information, the information such as VLAN ID; Can in DHCP message, insert Option82 option at access node, can also insert Option82 option to DHCP message at BRAS.
Based on said system, the present invention also provides the method that realizes accordingly dhcp address safety distribution, will be described in detail below.
First, work under gateway mode with DHCP certificate server, and certificate server is that radius server is example, described method described, as shown in Fig. 5, Fig. 6 and Fig. 7, specifically describe as follows:
As shown in Figure 5 and Figure 6, when the method specific implementation, comprise the following steps:
Step 61: when user opens an account, operator increases a user data in radius server, account number is user's positional information, and coded system is consistent with the Option82 option that access node and BRAS insert, and can select to record the MAC Address of terminal (STB, IAD).
When step 62:DHCP client need to be obtained IP address information, dhcp client need to send DHCP to BRAS and find message;
Step 63:BRAS is as DHCP relay, catch DHCP message, and in message, insert Option82 option, then the DHCP that carries customer position information is found to message sends to DHCP certificate server, described Option82 option has identified user's positional information, as port information, VPI/VCI, VLAN ID etc.;
Step 64:DHCP certificate server is received the DHCP message that BRAS relaying is come, therefrom take out the MAC Address of Option82 option and terminal, generate radius protocol message, and send to radius server, the content that in message, account number is option82, the MAC Address that Calling-Station-ID (calling station point identification) attribute is terminal;
Radius server is received authentication request, authenticates according to the information in database, judges user's legitimacy according to account number, and can be according to MAC Address, judge the legitimacy of terminal, if certification is passed through, distribute an IP address to user, return authentication response message, referring to step 65;
Step 65: after certification is passed through, radius server will be to DHCP certificate server return authentication response message, and is carrying the IP address of distributing to client in message;
DHCP certificate server receives after authentication response message, therefrom extracts the IP address that RADIUS distributes, and uses the dhcp process of standard, gives dhcp client distributing IP address, referring to following steps:
Step 66:DHCP certificate server receives after described response message, sends DHCP to dhcp client message is provided;
Described in step 67:DHCP client, DHCP provides after message, sends DHCP request message to DHCP certificate server;
Step 68:DHCP certificate server sends to dhcp client by the IP address information of sending from radius server by dhcp response message.
What in above-mentioned steps 63, describe is that BRAS inserts Option82 option, in actual application, as shown in Figure 7, also can be by DSLAM (Digital Subscriber Line Access Multiplexer), insert Option82 option by access node, BRAS only makes DHCP relay, and other handling processes are identical with the processing procedure of foregoing description.
In said process, if radius server only carries out authentication processing, and still distribute corresponding IP address by Dynamic Host Configuration Protocol server, step 65 to the processing procedure of step 68 is: when message that radius server passes through to Dynamic Host Configuration Protocol server return authentication, Dynamic Host Configuration Protocol server sends DHCP to dhcp client message is provided, and distributes corresponding IP address by the follow-up described dhcp client that is treated to identical with existing address allocation procedure.
Afterwards, then work under server mode as example taking DHCP certificate server, described method described, as shown in Figure 8 and Figure 9, specifically describe as follows:
Step 91: when user opens an account, operator increases data in DHCP certificate server, the positional information of recording user, coded system is consistent with the Option82 option that access node and BRAS insert, and can select to record the MAC Address of terminal (STB, IAD).
When step 92:DHCP client need to be obtained IP address information, dhcp client need to send DHCP to BRAS and find message;
Step 93:BRAS is as DHCP relay, catch DHCP message, and in message, insert Option82 option, then the DHCP that carries customer position information is found to message sends to DHCP certificate server, described Option82 option has identified user's positional information, as port information, VPI/VCI, VLAN ID etc.;
DHCP certificate server is received the DHCP message that BRAS relaying is come, therefrom take out as the Option82 option of identifying information and the MAC Address of terminal, and inquire about local data base, the identifying information of the validated user of preserving according to this locality authenticates DHCP client's identifying information, if certification is passed through, return to DHCP to dhcp client message is provided, referring to step 94;
Step 94:DHCP certificate server sends DHCP to dhcp client message is provided;
Described in step 95:DHCP client, DHCP provides after message, sends DHCP request message to DHCP certificate server;
Step 96:DHCP certificate server is dhcp client distributing IP address information, and sends to dhcp client by dhcp response message.
Equally, what the step 93 in Fig. 9 was described is that BRAS inserts Option82 option, in actual application, also can insert Option82 option by access node DSLAM, and BRAS only makes DHCP relay, and other flow processs are identical.
In sum, the present invention has strengthened the fail safe that DHCP mode is distributed address greatly, and can carry out access authentication to user according to positional information, and only to legal user, legal terminal distribution IP address, effectively to prevent that malice from exhausting address and attacking.And, there is network attack or other network security problems, also can track according to IP address user's physical location, can effectively frighten assault behavior.
The above; only for preferably embodiment of the present invention, but protection scope of the present invention is not limited to this, is anyly familiar with in technical scope that those skilled in the art disclose in the present invention; the variation that can expect easily or replacement, within all should being encompassed in protection scope of the present invention.Therefore, protection scope of the present invention should be as the criterion with the protection range of claim.
Claims (4)
1. a DHCP certificate server of realizing dhcp address safety distribution, is characterized in that, described DHCP certificate server comprises:
Dynamic Host Configuration Protocol server module: receive the DHCP request message that dhcp client is sent via access node or access server, for described dhcp client distributing IP address, what described IP address was that radius client module receives is the IP address information that the client passed through of certification is returned by radius server;
Protocol conversion module: the DHCP for the corresponding dhcp client sent from access node or access server finds message, obtain the information that aaa authentication needs, generate aaa authentication message, and the authentication response message receiving according to AAA client modules, generate DHCP message is provided, and send; Wherein, DHCP finds that message comprises the Option82 option of the positional information of identifying user; Described aaa authentication message comprises the MAC Address of described Option82 option and dhcp client;
AAA client modules: for communicating between the message identifying based on the generation of DHCP protocol conversion module and aaa server, obtain the authentication result to described dhcp client, and give protocol conversion module and Dynamic Host Configuration Protocol server module, wherein, the authentication result of described dhcp client is judged according to described Option82 option and described MAC Address by described aaa server.
2. a method that realizes dhcp address safety distribution by DHCP certificate server claimed in claim 1, is characterized in that, comprising:
Described dhcp client sends described DHCP by access network and finds message.
3. the method that realizes dhcp address safety distribution according to claim 2, is characterized in that, in described Option82 option, has identified the positional information as the user of identifying information, specifically comprises port information, VPI/VCI information and VLAN id information.
4. realize the system of dhcp address safety distribution for one kind, it is characterized in that, comprise: dhcp client, access network and DHCP certificate server claimed in claim 1, dhcp client is communicated by letter and is obtained address information with DHCP certificate server by access network, simultaneously, DHCP certificate server is for receiving the DHCP request message that dhcp client is sent via access node or access server, for described dhcp client distributing IP address, what described IP address was that radius client module receives is the IP address information that the client passed through of certification is returned by radius server.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN200710153081.9A CN101141492B (en) | 2005-04-29 | 2005-04-29 | Method and system for implementing DHCP address safety allocation |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN200710153081.9A CN101141492B (en) | 2005-04-29 | 2005-04-29 | Method and system for implementing DHCP address safety allocation |
Related Parent Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNB2005100694174A Division CN100388739C (en) | 2005-04-29 | 2005-04-29 | Method and system for contributing DHCP addresses safely |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101141492A CN101141492A (en) | 2008-03-12 |
| CN101141492B true CN101141492B (en) | 2014-11-05 |
Family
ID=39193230
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN200710153081.9A Active CN101141492B (en) | 2005-04-29 | 2005-04-29 | Method and system for implementing DHCP address safety allocation |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101141492B (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US9900050B2 (en) | 2014-12-23 | 2018-02-20 | Aten International Co., Ltd. | Communication verification system and method of using the same |
Families Citing this family (14)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102378165B (en) * | 2010-08-16 | 2014-06-11 | 中兴通讯股份有限公司 | Identity authentication method and system of evolved node B |
| CN102244866B (en) | 2011-08-18 | 2016-01-20 | 杭州华三通信技术有限公司 | Gate verification method and access controller |
| CN102710811B (en) * | 2012-06-14 | 2016-02-03 | 杭州华三通信技术有限公司 | Realize method and the switch of dhcp address safety distribution |
| CN103297562A (en) * | 2013-05-31 | 2013-09-11 | 深圳市共进电子股份有限公司 | Method, equipment and system for realizing Option82 processing based on kernel |
| CN104333854B (en) * | 2013-07-22 | 2017-12-12 | 中国电信股份有限公司 | WiFi charging methods and system |
| CN104506667B (en) * | 2014-12-22 | 2018-10-12 | 迈普通信技术股份有限公司 | A kind of distribution method and device of port resource, user authentication management device |
| CN104754072B (en) * | 2015-03-04 | 2018-07-24 | 新华三技术有限公司 | A kind of method and apparatus of address distribution |
| CN107888460B (en) * | 2016-09-29 | 2020-12-11 | 新华三技术有限公司 | Method and device for accessing client to network |
| CN106411928A (en) * | 2016-10-28 | 2017-02-15 | 上海斐讯数据通信技术有限公司 | Authentication method and device of client access server and VDI system |
| CN107547322B (en) * | 2017-06-30 | 2020-10-27 | 新华三技术有限公司 | Message processing method and device and broadband remote access server BRAS |
| CN110933199B (en) * | 2019-11-28 | 2022-08-26 | 杭州迪普科技股份有限公司 | Address allocation method and device |
| CN113438333B (en) * | 2021-06-07 | 2022-12-20 | 中国联合网络通信集团有限公司 | Network address allocation method, device and equipment |
| CN113765904B (en) * | 2021-08-26 | 2023-03-31 | 新华三大数据技术有限公司 | Authentication method and device |
| CN114915612B (en) * | 2022-04-22 | 2024-03-15 | 绿盟科技集团股份有限公司 | Host access method, host to be accessed and DHCP server |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2003081875A1 (en) * | 2002-03-27 | 2003-10-02 | Siemens Aktiengesellschaft | Aaa server system for efficient access control and address assignment |
| CN1450766A (en) * | 2002-04-10 | 2003-10-22 | 深圳市中兴通讯股份有限公司 | User management method based on dynamic mainframe configuration procotol |
| CN1458761A (en) * | 2002-05-15 | 2003-11-26 | 华为技术有限公司 | Broadband network access method |
| CN1464715A (en) * | 2002-06-28 | 2003-12-31 | 华为技术有限公司 | Address allocation and service method based on multi-internet service provider |
-
2005
- 2005-04-29 CN CN200710153081.9A patent/CN101141492B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2003081875A1 (en) * | 2002-03-27 | 2003-10-02 | Siemens Aktiengesellschaft | Aaa server system for efficient access control and address assignment |
| CN1450766A (en) * | 2002-04-10 | 2003-10-22 | 深圳市中兴通讯股份有限公司 | User management method based on dynamic mainframe configuration procotol |
| CN1458761A (en) * | 2002-05-15 | 2003-11-26 | 华为技术有限公司 | Broadband network access method |
| CN1464715A (en) * | 2002-06-28 | 2003-12-31 | 华为技术有限公司 | Address allocation and service method based on multi-internet service provider |
Non-Patent Citations (2)
| Title |
|---|
| 全文. * |
| 同上. * |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US9900050B2 (en) | 2014-12-23 | 2018-02-20 | Aten International Co., Ltd. | Communication verification system and method of using the same |
Also Published As
| Publication number | Publication date |
|---|---|
| CN101141492A (en) | 2008-03-12 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN100388739C (en) | Method and system for contributing DHCP addresses safely | |
| CN101141492B (en) | Method and system for implementing DHCP address safety allocation | |
| CN101110847B (en) | Method, device and system for obtaining medium access control address | |
| US6282575B1 (en) | Routing mechanism for networks with separate upstream and downstream traffic | |
| EP1936883B1 (en) | Service provisioning method and system thereof | |
| CN100437550C (en) | Ethernet confirming access method | |
| US20070011301A1 (en) | Provisioning relay and re-direction server for service implementation on generic customer premises equipment | |
| CN101789906A (en) | Method and system for access authentication of user | |
| CN103039038A (en) | Method and system for efficient use of a telecommunication network and the connection between the telecommunications network and a customer premises equipment | |
| CN101662511A (en) | Network address distributing method, DHCP server, access system and method thereof | |
| CN110958272B (en) | Identity authentication method, identity authentication system and related equipment | |
| CN103414709A (en) | User identity binding and user identity binding assisting method and device | |
| CN101252587B (en) | User terminal access right identifying method and apparatus | |
| US8769623B2 (en) | Grouping multiple network addresses of a subscriber into a single communication session | |
| CN102231725A (en) | Method, equipment and system for authenticating dynamic host configuration protocol message | |
| CN103069750B (en) | The method and system of the connection for being efficiently used between communication network and this communication network and customer rs premise equipment | |
| US20110142048A1 (en) | System and method for providing common carrier selection service in distribution network | |
| JP4028421B2 (en) | Voice communication gate device address management method, management device, and program | |
| CN103001931A (en) | Communication system of terminals interconnected among different networks | |
| CN103001928A (en) | Communication method of terminals interconnected among different networks | |
| CN115278373B (en) | Internet television networking method and system | |
| CN102130976B (en) | Method and system for accessing soft switch network at terminal as well as terminal | |
| CN103001927B (en) | A kind of position information processing method and system | |
| CN101415032B (en) | Three-layer private wire access method, apparatus and system | |
| CN103095857A (en) | Method of accessing and quitting network and sending messages and network side equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant |