CN102238527B - Method, system and access point for wireless roaming user to access network - Google Patents
Method, system and access point for wireless roaming user to access network Download PDFInfo
- Publication number
- CN102238527B CN102238527B CN201010156365.5A CN201010156365A CN102238527B CN 102238527 B CN102238527 B CN 102238527B CN 201010156365 A CN201010156365 A CN 201010156365A CN 102238527 B CN102238527 B CN 102238527B
- Authority
- CN
- China
- Prior art keywords
- wireless client
- message
- address
- dhcp
- dynamic host
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Landscapes
- Mobile Radio Communication Systems (AREA)
Abstract
The invention discloses a method, a system and an access point for a wireless roaming user to access network. The method comprises the following steps: an Access Point (AP) receives an association request transmitted by a wireless client, and if finding out that the wireless client is a roaming user, counterfeits the wireless client to exchange a Dynamic host configuration protocol (DHCP) message with a DHCP server so as to request the DHCP server to provide an IP address for the wireless client; the uplink access switch of the AP intercepts the IP address provided for the wireless client by the DHCP server and performs access control on the wireless client according to the IP address. The method, the system and the access point disclosed by the invention enable the wireless client to access network even after roaming to a new AP.
Description
Technical field
The present invention relates to DHCP (DHCP, Dynamic Host ConfigurationProtocol) intercept technical field, be specifically related to method, system and the access point (AP, Access Point) of wireless roaming user accesses network.
Background technology
In campus network, generally adopt the mode of DHCP+WEB authentication to realize user's safety certification.Authentication control point is located at the authentication gateway in campus.In order to take precautions against the attacks such as address resolution protocol (ARP, AddressResolution Protocol), DHCP, generally intercept (Snooping) security feature at access switch deploy DHCP.
Fig. 1 is the operation flow schematic diagram that existing DHCP intercepts, and as shown in Figure 1, its concrete steps are as follows:
Step 101: client 1 is reached the standard grade, broadcast DHCP finds (Discovery) message, comprises media access control (MAC, the Media Access Control) address of client 1 in this message.
Step 102: all Dynamic Host Configuration Protocol server that receive DHCP Discovery message check the configuration of self, if there is effective DHCP action scope and IP address more than needed, broadcast DHCP (Offer) message is provided, this message comprises: the MAC Address of client 1, the IP address of the client 1 that this Dynamic Host Configuration Protocol server provides, the IP address of this Dynamic Host Configuration Protocol server, the subnet mask of the client 1 that this Dynamic Host Configuration Protocol server provides, other action scope option is for example: domain name system (DNS, Domain NameSystem) server, gateway, WINS server etc., the lease time limit etc.
Dynamic Host Configuration Protocol server can be left the IP address that client 1 provides for client 1, this IP address can not offered to other client again.
Step 103: client 1 receives the DHCP Offer message that first Dynamic Host Configuration Protocol server returns, accept the IP address in this message, broadcast DHCP request (Request) message, to tell all Dynamic Host Configuration Protocol server oneself to accept the lease of a Dynamic Host Configuration Protocol server, this message comprises: IP address in the MAC Address of client 1, the lease of acceptance, provide the IP address of the Dynamic Host Configuration Protocol server of this lease etc.
Other Dynamic Host Configuration Protocol server receives after this DHCP Request message, will regain the IP address oneself retaining for client 1, use to other client.
Step 104: provide the received Dynamic Host Configuration Protocol server of lease to receive the DHCPRequest message that client 1 is sent, broadcast DHCP confirms (ACK) message, to carry out last confirmation, this message comprises: the MAC Address of client 1, the IP address of the client 1 that Dynamic Host Configuration Protocol server provides, lease time limit and other transmission control protocol (TCP, Transferring Control Protocol)/IP option information.
Step 105: the access switch of client 1 is intercepted the mutual DHCP message of client 1 and Dynamic Host Configuration Protocol server, from DHCP ACK message, extract the IP address of client 1 and the corresponding relation of MAC Address, this corresponding relation is bundled in the Access Control List (ACL) (ACL, Access ControlList) of self.
Step 106: access switch receives ARP request message or the data message that client 1 is sent, and the source IP address in this message, source MAC are mated one by one with ACL list item.
For example: in the time that client 1 wants client 2 to send datagram, the MAC Address of self only having preserved the IP address of client 2 if find and do not preserve client 2, can broadcast arp request message, with the MAC Address of requesting client 2, the object IP address of message is the IP address of client 2.
Step 107: access switch judges whether to match, if so, performs step 108; Otherwise, execution step 109.
Step 108: access switch forwards the ARP request message or the data message that receive, and this flow process finishes.
Step 109: access switch thinks that this ARP request message or data message are invalid packet, abandons this ARP request message or data message.
In thin (Fit) access point (AP, Access Point) networking, can adopt to concentrate to forward or local pass-through mode.Concentrated forwarding is that wireless management frames and Frame are all delivered to access controller (AC, Access Controller) and focused on; Local forwarding:
1) user's management frames, as 802.11 management, control message and 802.1x protocol massages etc., configure by WAP (wireless access point) (CAPWAP is provided, Configuration and Provisioning forWireless Access Points) tunnel passes to AC and focuses on, to realize user's authentication, mandate etc.
2) user's Frame, comprises 802.11 data and 802.3 data messages from cable network, resolves, the processing such as encapsulation, and directly forwarded by AP in AP this locality.Meanwhile, customer flow information will be circulated a notice of to AC in the mode of management frames by CAPWAP tunnel, to realize the application such as charging, load balancing.
The signal of AP that self current connection detected when wireless client is during lower than certain thresholding, can scanning there is identical expansion service difference number (ESSID, Extended Service Set Identifier) other AP, and choose the AP that signal strength signal intensity is stronger and initiate association, whole process is to complete at bottom.
Fig. 2 has provided wireless client terminal roam process schematic diagram under the local forwarding of Fit AP networking, as shown in Figure 2, when wireless client roams into another one AP from an AP, if the wireless client 1 in Fig. 2 is from AP1 roams into AP2, because wireless client 1 can initiatively not initiated DHCP request, on the up access switch of AP2, there is no the IP address of wireless client 1 and the corresponding relation of MAC Address, therefore, the data message that wireless client 1 sends all can be dropped, and causing cannot accesses network after wireless roaming subscriber.Under Fat AP networking, also there is identical problem.
Summary of the invention
The invention provides method, system and the AP of wireless roaming user accesses network, so that make can accesses network after wireless client terminal roam.
Technical scheme of the present invention is achieved in that
A method for wireless roaming user accesses network, the method comprises:
Access point AP receives the wireless client association request of sending, and finds that described wireless client is for roamer, and the mutual DHCP message of counterfeit described wireless client and Dynamic Host Configuration Protocol server, to ask Dynamic Host Configuration Protocol server to provide IP address as described wireless client;
The up access switch of AP is intercepted the IP address that Dynamic Host Configuration Protocol server provides for wireless client, according to this IP address to the control that conducts interviews of described wireless client.
The up access switch of described AP is intercepted Dynamic Host Configuration Protocol server and is comprised for the IP address that wireless client provides: the up access switch of AP is intercepted DHCP message mutual between AP and Dynamic Host Configuration Protocol server, the corresponding relation that obtains the MAC Address of IP address that Dynamic Host Configuration Protocol server provides for described wireless client and described wireless client from DHCP message, is tied to self by this corresponding relation;
The up access switch of described AP conducts interviews to control to described wireless client according to this IP address and comprises: the up access switch of AP receives ARP request message or the data message that described wireless client is sent, source IP address in this message and source MAC are mated with the IP address of the wireless client of self binding and the corresponding relation of MAC Address, if match, forward this message; Otherwise, abandon this message.
Described AP is thin AP,
After described AP receives the association request that wireless client sends, find that described wireless client further comprises for before roamer:
AP forwards this association request to AC, and AC receives this association request, finds that described wireless client, for roamer, issues the permission roamer incoming instruction of the MAC Address of carrying described wireless client to AP, and AP receives this instruction;
And AP, according to described permission roamer incoming instruction, confirms that described wireless client is for roamer.
Described AP is fat AP,
And described AP finds that described wireless client comprises for roamer:
The associated wireless client client information that AP sends according to the front place AP of described wireless client terminal roam, find associated with other AP before described wireless client on, confirm that described wireless client is for roamer.
The counterfeit described wireless client of described AP and the mutual DHCP message of Dynamic Host Configuration Protocol server comprise:
AP broadcast DHCP finds message, comprises the MAC Address of described wireless client in this message;
Receive the Dynamic Host Configuration Protocol server of DHCP discovery message according to the MAC Address of the wireless client in this message, an IP address is provided, this IP address is carried to DHCP to be provided in message, broadcasts this DHCP message is provided;
AP receives the DHCP that first Dynamic Host Configuration Protocol server returns message is provided, accept the IP address in this message, broadcast DHCP request message, this message comprises: IP address in the MAC Address of described wireless client, the lease of acceptance, provide the IP address of the Dynamic Host Configuration Protocol server of this lease;
Provide the received Dynamic Host Configuration Protocol server of lease to receive DHCP request message, broadcast DHCP confirmation message, this message comprises: the MAC Address of described wireless client, the IP address of the described wireless client that Dynamic Host Configuration Protocol server provides.
A kind of AP, comprising:
The first module, receives the association request that wireless client is sent, and finds that described wireless client, for roamer, sends the counterfeit indication of DHCP of the MAC Address of carrying described wireless client to the second module;
The second module, receives the counterfeit indication of DHCP of sending of the first module, and the mutual DHCP message of counterfeit described wireless client and Dynamic Host Configuration Protocol server, to ask Dynamic Host Configuration Protocol server to provide IP address as described wireless client.
Described AP is thin AP,
Described the first module comprises:
The first submodule, receives the association request that wireless client is sent, and this association request is transmitted to AC;
The second submodule, receives the permission roamer incoming instruction that AC returns, and sends the counterfeit indication of DHCP of the MAC Address of carrying described wireless client to the second module.
Described AP is fat AP;
And described the first module comprises:
The first submodule, receives the association request that wireless client is sent, and searches the MAC Address of this wireless client in the second submodule, if find, sends the counterfeit indication of DHCP of the MAC Address of carrying described wireless client to the second module;
The second submodule, the MAC Address of preserving the associated wireless client that other AP sends.
Described the second module comprises:
The 3rd submodule, receives the counterfeit instruction of DHCP that the first module is sent, and broadcast DHCP finds message, comprises the MAC Address of described wireless client in this message;
The 4th submodule, receive the DHCP that first Dynamic Host Configuration Protocol server returns message is provided, accept the IP address in this message, broadcast DHCP request message, this message comprises: IP address in the MAC Address of described wireless client, the lease of acceptance, provide the IP address of the Dynamic Host Configuration Protocol server of this lease; Receive the DHCP confirmation message that Dynamic Host Configuration Protocol server is sent.
Realize a system for wireless roaming user accesses network, this system comprises:
AP, receives the association request that wireless client is sent, and finds that described wireless client is for roamer, and the mutual DHCP message of counterfeit described wireless client and Dynamic Host Configuration Protocol server, to ask Dynamic Host Configuration Protocol server that IP address is provided;
Access switch, intercepts mutual DHCP message between the AP of access self and Dynamic Host Configuration Protocol server, obtains the IP address that Dynamic Host Configuration Protocol server provides for wireless client from DHCP message, according to this IP address to the control that conducts interviews of described wireless client.
Compared with prior art, in the present invention, when a wireless client is from an AP roams into the 2nd AP, the 2nd AP can counterfeit this wireless client to Dynamic Host Configuration Protocol server IP address requesting, thereby the up access switch that makes the 2nd AP can listen to the IP address that Dynamic Host Configuration Protocol server provides for this wireless client, thereby can be to the control that conducts interviews of this wireless client, thereby make this wireless client normal accesses network still after roaming.
Accompanying drawing explanation
Fig. 1 is the operation flow schematic diagram that existing DHCP intercepts;
Fig. 2 is existing wireless client terminal roam process schematic diagram;
The flow chart of the wireless roaming user accesses network that Fig. 3 provides for the embodiment of the present invention;
The local flow chart that forwards wireless roaming user accesses network under networking of Fit AP that Fig. 4 provides for the embodiment of the present invention one;
The flow chart of wireless roaming user accesses network under the Fat AP networking that Fig. 5 provides for the embodiment of the present invention two
The composition diagram of the AP that Fig. 6 provides for the embodiment of the present invention;
The system composition diagram of realizing wireless roaming user accesses network that Fig. 7 provides for the embodiment of the present invention.
Embodiment
Below in conjunction with drawings and the specific embodiments, the present invention is further described in more detail.
The flow chart of the wireless roaming user accesses network that Fig. 3 provides for the embodiment of the present invention, as shown in Figure 3, its concrete steps are as follows:
Step 301: arbitrary wireless client (being made as wireless client 1) detect self current connection AP (being made as AP1) signal a little less than, start to have with AP1 in active scan network other AP of identical ESSID.
Step 302: wireless client 1, in all AP that scan, is selected an AP (being made as AP2), initiates associated request message to AP2, carries the MAC Address of wireless client 1 in this message.
Step 303:AP2 receives associated request message, finds that wireless client 1 be roamer, and counterfeit wireless client 1 and the mutual DHCP message of Dynamic Host Configuration Protocol server, to ask Dynamic Host Configuration Protocol server to provide IP address as wireless client 1.
The up access switch of step 304:AP2 is intercepted DHCP message mutual between AP2 and Dynamic Host Configuration Protocol server, the corresponding relation that obtains the MAC Address of IP address that Dynamic Host Configuration Protocol server provides for wireless client 1 and wireless client 1 from DHCP message, is tied to self by this corresponding relation.
The up access switch of step 305:AP2 receives ARP request message or the data message that wireless client 1 is sent, source IP address, the source MAC of finding this message mate with the IP address of the wireless client 1 of self binding and the corresponding relation of MAC Address, forward this ARP request message or data message.
The local flow chart that forwards wireless roaming user accesses network under networking of Fit AP that Fig. 4 provides for the embodiment of the present invention one, as shown in Figure 4, its concrete steps are as follows:
Step 401: arbitrary wireless client (being made as wireless client 1) detect self current connection Fit AP (being made as AP1) signal a little less than, start to have with AP1 in active scan network other Fit AP of identical ESSID.
Step 402: wireless client 1, in all Fit AP that scan, is selected a Fit AP (being made as AP2), initiates associated request message to AP2, carries the MAC Address of wireless client 1 in this message.
Step 403:AP2 receives associated request message, forwards the packet to AC.
Step 404:AC receives associated request message, according to the MAC Address of the wireless client 1 in message, find that wireless client 1 is roamer, allow wireless client 1 to access, issue and allow roamer's incoming instruction, the MAC Address of carrying wireless client 1 in this instruction to AP2.
AC has preserved the MAC Address of the wireless client associated with each Fit AP, thus AC can learn associated with AP1 before wireless client 1 on, to require to be associated with AP2 at present upper, thereby determine that wireless client 1 is roamer.
Step 405:AP2 receives and allows roamer's incoming instruction, confirms that wireless client 1 is roamer, and counterfeit wireless client 1 is broadcasted DHCP Discovery message, comprises the MAC Address of wireless client 1 in this message.
Step 406: receive the Dynamic Host Configuration Protocol server of DHCP Discovery message according to the MAC Address of the wireless client 1 in this message, an IP address is provided, this IP address is carried in DHCP Offer message, broadcast this DHCP Offer message.
Dynamic Host Configuration Protocol server in the time that IP address is provided take MAC Address as foundation, for same MAC Address, the IP address providing is always identical, and therefore here, the IP address of being asked can reach the standard grade with wireless client 1 in the IP address that Dynamic Host Configuration Protocol server is distributed to wireless client 1 time is identical.
Step 407:AP2 receives the DHCP Offer message that first Dynamic Host Configuration Protocol server returns, accept the IP address in this message, broadcast DHCP Request message, this message comprises: IP address in the MAC Address of wireless client 1, the lease of acceptance, provide the IP address of the Dynamic Host Configuration Protocol server of this lease etc.
Step 408: provide the received Dynamic Host Configuration Protocol server of lease to receive DHCP Request message, broadcast DHCP ACK message, this message comprises: the MAC Address of wireless client 1, the IP address of the wireless client 1 that Dynamic Host Configuration Protocol server provides.
The up access switch of step 409:AP2 is intercepted by DHCP, extracts the IP address of wireless client 1 and the corresponding relation of MAC from DHCP ACK message, this corresponding relation is added in the ACL of self.
The up access switch of step 410:AP2 receives ARP request message or the data message that wireless client 1 is sent, and finds that the source IP address of this message, source MAC mate with the ACL list item of self, forward this ARP request message or data message.
The flow chart of wireless roaming user accesses network under the Fat AP networking that Fig. 5 provides for the embodiment of the present invention two, as shown in Figure 5, its concrete steps are as follows:
Step 501: arbitrary wireless client (being made as wireless client 1) detect self current connection Fat AP (being made as AP1) signal a little less than, start to have with AP1 in active scan network other Fat AP of identical ESSID.
Step 502: wireless client 1, in all Fat AP that scan, is selected a Fat AP (being made as AP2), initiates associated request message to AP2, carries the MAC Address of wireless client 1 in this message.
Step 503:AP2 receives associated request message, according to the MAC Address of the wireless client 1 in message, find that wireless client 1 is roamer, allow wireless client 1 to access, and counterfeit wireless client 1 broadcasts DHCP Discovery message, in this message, comprise the MAC Address of wireless client 1.
By agreement (IAPP between access point, Inter-Access Point Protocol) each AP timing by the wireless client client information associated with self as: MAC Address is synchronized to other AP, therefore, the associated wireless client client information that AP2 can synchronously come by AP1, on learning that wireless client 1 is before associated with AP1, thereby determine that wireless client 1 is roamer.
Step 504: receive the Dynamic Host Configuration Protocol server of DHCP Discovery message according to the MAC Address of the wireless client 1 in this message, an IP address is provided, this IP address is carried in DHCP Offer message, broadcast this DHCP Offer message.
Step 505:AP2 receives the DHCP Offer message that first Dynamic Host Configuration Protocol server returns, accept the IP address in this message, broadcast DHCP Request message, this message comprises: IP address in the MAC Address of wireless client 1, the lease of acceptance, provide the IP address of the Dynamic Host Configuration Protocol server of this lease etc.
Step 506: provide the received Dynamic Host Configuration Protocol server of lease to receive DHCP Request message, broadcast DHCP ACK message, this message comprises: the MAC Address of wireless client 1, the IP address of the wireless client 1 that Dynamic Host Configuration Protocol server provides.
The up access switch of step 507:AP2 is intercepted by DHCP, extracts the IP address of wireless client 1 and the corresponding relation of MAC from DHCP ACK message, this corresponding relation is added in the ACL of self.
The up access switch of step 508:AP2 receives ARP request message or the data message that wireless client 1 is sent, and finds that the source IP address of this message, source MAC mate with the ACL list item of self, forward this ARP request message or data message.
The composition diagram of the AP that Fig. 6 provides for the embodiment of the present invention, as shown in Figure 6, it mainly comprises: the first module and the second module, wherein:
The first module: receive the associated request message that wireless client is sent, this wireless client, for roamer, sends the counterfeit indication of DHCP to the second module if find, the MAC Address of this wireless client is carried in this indication.
The second module: receive the counterfeit indication of DHCP of sending of the first module, according to the MAC Address of the wireless client in this indication, the mutual DHCP message of counterfeit this wireless client and Dynamic Host Configuration Protocol server, to ask Dynamic Host Configuration Protocol server to provide IP address as this wireless client.
Wherein, in the time that AP is Fit AP, the first module can comprise:
The first submodule: receive the associated request message that wireless client is sent, this association request message is transmitted to AC.
The second submodule: receive the permission roamer incoming instruction that AC returns, the MAC Address of carrying wireless client in this instruction, sends the counterfeit indication of DHCP of the MAC Address of carrying this wireless client to the second module.
In the time that AP is Fat AP, the first module can comprise:
The first submodule: receive the associated request message that wireless client is sent, in the second submodule, search the MAC Address of the wireless client that this message carries, if find, send the counterfeit indication of DHCP of the MAC Address of carrying this wireless client to the second module;
The second submodule: the MAC Address of preserving the associated wireless client that other AP sends.
Wherein, the second module can comprise: the 3rd submodule and the 4th submodule, wherein:
The 3rd submodule: receive the counterfeit instruction of DHCP that the first module is sent, broadcast DHCPDiscovery message, comprise the MAC Address of described wireless client in this message.
The 4th submodule: receive the DHCP Offer message that first Dynamic Host Configuration Protocol server returns, accept the IP address in this message, broadcast DHCP Request message, this message comprises: IP address in the MAC Address of described wireless client, the lease of acceptance, provide the IP address of the Dynamic Host Configuration Protocol server of this lease; Receive the DHCP ACK message that Dynamic Host Configuration Protocol server is sent.
The system composition diagram of realizing wireless roaming user accesses network that Fig. 7 provides for the embodiment of the present invention, as shown in Figure 7, it mainly comprises: AP and access switch, wherein:
AP: receive the associated request message sent of wireless client, this wireless client is for roamer if find, the mutual DHCP message of counterfeit this wireless client and Dynamic Host Configuration Protocol server, to ask Dynamic Host Configuration Protocol server to provide IP address as this wireless client.
Access switch: intercept mutual DHCP message between the AP of access self and Dynamic Host Configuration Protocol server, from DHCP message, obtain the corresponding relation of the MAC Address of IP address that Dynamic Host Configuration Protocol server provides for wireless client and this wireless client, according to this corresponding relation to the wireless client control that conducts interviews.
The foregoing is only preferred embodiment of the present invention, in order to limit the present invention, within the spirit and principles in the present invention not all, any modification of making, be equal to replacement, improvement etc., within all should being included in the scope of protection of the invention.
Claims (9)
1. a method for wireless roaming user accesses network, is characterized in that, the method comprises:
Access point AP receives the wireless client association request of sending, and finds that described wireless client is for roamer, and the mutual DHCP message of counterfeit described wireless client and Dynamic Host Configuration Protocol server, to ask Dynamic Host Configuration Protocol server to provide IP address as described wireless client;
The up access switch of AP is intercepted the IP address that Dynamic Host Configuration Protocol server provides for wireless client, according to this IP address to the control that conducts interviews of described wireless client;
The up access switch of described AP is intercepted Dynamic Host Configuration Protocol server and is comprised for the IP address that wireless client provides: the up access switch of AP is intercepted DHCP message mutual between AP and Dynamic Host Configuration Protocol server, the corresponding relation that obtains the MAC Address of IP address that Dynamic Host Configuration Protocol server provides for described wireless client and described wireless client from DHCP message, is tied to self by this corresponding relation;
The up access switch of described AP conducts interviews to control to described wireless client according to this IP address and comprises: the up access switch of AP receives ARP request message or the data message that described wireless client is sent, source IP address in this message and source MAC are mated with the IP address of the wireless client of self binding and the corresponding relation of MAC Address, if match, forward this message; Otherwise, abandon this message.
2. method according to claim 1, is characterized in that, described AP is thin AP,
After described AP receives the association request that wireless client sends, find that described wireless client further comprises for before roamer:
AP forwards this association request to AC, and AC receives this association request, finds that described wireless client, for roamer, issues the permission roamer incoming instruction of the MAC Address of carrying described wireless client to AP, and AP receives this instruction;
And AP, according to described permission roamer incoming instruction, confirms that described wireless client is for roamer.
3. the method for claim 1, is characterized in that, described AP is fat AP,
And described AP finds that described wireless client comprises for roamer:
The associated wireless client client information that AP sends according to the front place AP of described wireless client terminal roam, find associated with other AP before described wireless client on, confirm that described wireless client is for roamer.
4. according to the arbitrary described method of claims 1 to 3, it is characterized in that, the counterfeit described wireless client of described AP and the mutual DHCP message of Dynamic Host Configuration Protocol server comprise:
AP broadcast DHCP finds message, comprises the MAC Address of described wireless client in this message;
Receive the Dynamic Host Configuration Protocol server of DHCP discovery message according to the MAC Address of the wireless client in this message, an IP address is provided, this IP address is carried to DHCP to be provided in message, broadcasts this DHCP message is provided;
AP receives the DHCP that first Dynamic Host Configuration Protocol server returns message is provided, accept the IP address in this message, broadcast DHCP request message, this message comprises: IP address in the MAC Address of described wireless client, the lease of acceptance, provide the IP address of the Dynamic Host Configuration Protocol server of this lease;
Provide the received Dynamic Host Configuration Protocol server of lease to receive DHCP request message, broadcast DHCP confirmation message, this message comprises: the MAC Address of described wireless client, the IP address of the described wireless client that Dynamic Host Configuration Protocol server provides.
5. an AP, is characterized in that, comprising:
The first module, receives the association request that wireless client is sent, and finds that described wireless client, for roamer, sends the counterfeit indication of DHCP of the MAC Address of carrying described wireless client to the second module;
The second module, receives the counterfeit indication of DHCP of sending of the first module, and the mutual DHCP message of counterfeit described wireless client and Dynamic Host Configuration Protocol server, to ask Dynamic Host Configuration Protocol server to provide IP address as described wireless client.
6. AP according to claim 5, is characterized in that, described AP is thin AP,
Described the first module comprises:
The first submodule, receives the association request that wireless client is sent, and this association request is transmitted to AC;
The second submodule, receives the permission roamer incoming instruction that AC returns, and sends the counterfeit indication of DHCP of the MAC Address of carrying described wireless client to the second module.
7. AP according to claim 5, is characterized in that, described AP is fat AP;
And described the first module comprises:
The first submodule, receives the association request that wireless client is sent, and searches the MAC Address of this wireless client in the second submodule, if find, sends the counterfeit indication of DHCP of the MAC Address of carrying described wireless client to the second module;
The second submodule, the MAC Address of preserving the associated wireless client that other AP sends.
8. according to the arbitrary described AP of claim 5 to 7, it is characterized in that, described the second module comprises:
The 3rd submodule, receives the counterfeit instruction of DHCP that the first module is sent, and broadcast DHCP finds message, comprises the MAC Address of described wireless client in this message;
The 4th submodule, receive the DHCP that first Dynamic Host Configuration Protocol server returns message is provided, accept the IP address in this message, broadcast DHCP request message, this message comprises: IP address in the MAC Address of described wireless client, the lease of acceptance, provide the IP address of the Dynamic Host Configuration Protocol server of this lease; Receive the DHCP confirmation message that Dynamic Host Configuration Protocol server is sent.
9. a system that realizes wireless roaming user accesses network, is characterized in that, this system comprises:
AP, receives the association request that wireless client is sent, and finds that described wireless client is for roamer, and the mutual DHCP message of counterfeit described wireless client and Dynamic Host Configuration Protocol server, to ask Dynamic Host Configuration Protocol server that IP address is provided;
Access switch, intercepts mutual DHCP message between the AP of access self and Dynamic Host Configuration Protocol server, obtains the IP address that Dynamic Host Configuration Protocol server provides for wireless client from DHCP message, according to this IP address to the control that conducts interviews of described wireless client;
And, described access switch is further used for, when intercepting mutual DHCP message between the AP of access self and Dynamic Host Configuration Protocol server, obtain the IP address that Dynamic Host Configuration Protocol server provides for wireless client from DHCP message time, intercept DHCP message mutual between AP and Dynamic Host Configuration Protocol server, the corresponding relation that obtains the MAC Address of IP address that Dynamic Host Configuration Protocol server provides for described wireless client and described wireless client from DHCP message, is tied to self by this corresponding relation;
In the time described wireless client being conducted interviews to control according to this IP address, receive ARP request message or data message that described wireless client is sent, source IP address in this message and source MAC are mated with the IP address of the wireless client of self binding and the corresponding relation of MAC Address, if match, forward this message; Otherwise, abandon this message.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201010156365.5A CN102238527B (en) | 2010-04-22 | 2010-04-22 | Method, system and access point for wireless roaming user to access network |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201010156365.5A CN102238527B (en) | 2010-04-22 | 2010-04-22 | Method, system and access point for wireless roaming user to access network |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN102238527A CN102238527A (en) | 2011-11-09 |
| CN102238527B true CN102238527B (en) | 2014-07-02 |
Family
ID=44888631
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201010156365.5A Active CN102238527B (en) | 2010-04-22 | 2010-04-22 | Method, system and access point for wireless roaming user to access network |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102238527B (en) |
Families Citing this family (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105792174A (en) * | 2014-12-26 | 2016-07-20 | 华为技术有限公司 | Wireless local area network roaming method, access point and wireless controller |
| CN106231005A (en) * | 2016-08-29 | 2016-12-14 | 上海斐讯数据通信技术有限公司 | A kind of DHCP collocation method, client and access point |
| CN107484206B (en) * | 2017-05-03 | 2020-12-18 | 北京星网锐捷网络技术有限公司 | Method and device for realizing link load balance in wireless local area network |
| CN107360266B (en) * | 2017-06-16 | 2020-06-16 | 北京星网锐捷网络技术有限公司 | Method and system for realizing terminal STA roaming in large two-layer network |
| CN107222856B (en) * | 2017-06-16 | 2020-01-21 | 北京星网锐捷网络技术有限公司 | Method and device for realizing roaming between wireless controllers (AC) |
| CN107911276B (en) * | 2017-12-27 | 2020-08-07 | 迈普通信技术股份有限公司 | Request response method, wireless controller, wireless access point and request response system |
| CN111356126B (en) * | 2018-12-20 | 2022-08-30 | 中兴通讯股份有限公司 | Method, device and gateway for realizing wireless roaming |
| CN114401511B (en) * | 2022-01-04 | 2023-06-09 | 烽火通信科技股份有限公司 | Network terminal seamless roaming method and AC equipment |
| US20230370453A1 (en) * | 2022-05-13 | 2023-11-16 | Cisco Technology, Inc. | Authentication and enforcement of differentiated policies for a bridge mode virtual machine behind a wireless host in a mac based authentication network |
| CN115665814A (en) * | 2022-12-22 | 2023-01-31 | 新华三技术有限公司 | Roaming method and device and electronic equipment |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP1574010A1 (en) * | 2002-12-16 | 2005-09-14 | Cisco Technology, Inc. | Inter-proxy communication protocol for mobile ip |
| CN1842995A (en) * | 2003-06-24 | 2006-10-04 | 特鲁波斯网络公司 | A method of wireless roaming |
| CN101204066A (en) * | 2005-04-27 | 2008-06-18 | 讯宝科技公司 | Method, system and apparatus for layer 3 roaming in wireless local area networks (WLANs) |
| CN101510902A (en) * | 2009-03-25 | 2009-08-19 | 杭州华三通信技术有限公司 | Method, system and equipment for preventing wireless client terminal from disconnection during internet process |
-
2010
- 2010-04-22 CN CN201010156365.5A patent/CN102238527B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP1574010A1 (en) * | 2002-12-16 | 2005-09-14 | Cisco Technology, Inc. | Inter-proxy communication protocol for mobile ip |
| CN1842995A (en) * | 2003-06-24 | 2006-10-04 | 特鲁波斯网络公司 | A method of wireless roaming |
| CN101204066A (en) * | 2005-04-27 | 2008-06-18 | 讯宝科技公司 | Method, system and apparatus for layer 3 roaming in wireless local area networks (WLANs) |
| CN101510902A (en) * | 2009-03-25 | 2009-08-19 | 杭州华三通信技术有限公司 | Method, system and equipment for preventing wireless client terminal from disconnection during internet process |
Also Published As
| Publication number | Publication date |
|---|---|
| CN102238527A (en) | 2011-11-09 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN102238527B (en) | Method, system and access point for wireless roaming user to access network | |
| US9306902B2 (en) | Embedded thin DHCP for wi-fi direct to provide an IP address during connection establishment | |
| EP2950499B1 (en) | 802.1x access session keepalive method, device, and system | |
| CN102007752B (en) | Home agent discovery upon changing mobility management scheme | |
| CN106576242B (en) | User equipment identification valid for heterogeneous networks | |
| CN101272305B (en) | Access point/user set network entry method, access point and network management device | |
| KR100710530B1 (en) | Method for configuration and registration of internet protocol address in a wireless mobile communication system with a connection oriented radio link | |
| US20050233729A1 (en) | Method and control member for controlling access to a radio communication cellular system through a wireless local netwrok | |
| TW200644515A (en) | An apparatus, system and method capable of pre-allocating and communicating IP address information during wireless communication | |
| JP6063564B2 (en) | Method, apparatus and system for accessing a mobile network | |
| WO2009008627A2 (en) | A method of establishing fast security association for handover between heterogeneous radio access networks | |
| JP2013503522A (en) | HANDOVER METHOD AND HANDOVER DEVICE | |
| KR20070089377A (en) | Method and system for transmitting/receiving data in the heterogeneous communication systems | |
| EP2643962A1 (en) | Methods and arrangements for enabling data transmission between a mobile device and a static destination address | |
| EP2615788A1 (en) | Method for dual stack user management and broadband access server | |
| CN103796281A (en) | Management method, device and system for packet-data network type | |
| CN101459972B (en) | Method and access gateway for implementing user access holding in WiMAX system | |
| EP2456156B1 (en) | Attachment method and system with identifier and location splitting in next generation network | |
| CN101087242B (en) | Device and method for self enumeration of heterogeneous network in dual stack node | |
| KR101466889B1 (en) | System and method for searching session id in wireless mobile ip communication system | |
| US20110264775A1 (en) | Method and apparatus for supporting mipv6 service in a wireless communication network | |
| KR100619385B1 (en) | Method for forming and transmitting network/ip imformation for interworking network between portable internet and mobile communication network | |
| EP2506489A1 (en) | Wireless authentication terminal | |
| EP2477429B1 (en) | Method, apparatus and system for home agent obtaining mobile node-home agent key in proxy mobile internet protocol | |
| KR20170115945A (en) | Non access stratum based access method and terminal supporting the same |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CP03 | Change of name, title or address | ||
| CP03 | Change of name, title or address |
Address after: 310052 Binjiang District Changhe Road, Zhejiang, China, No. 466, No. Patentee after: Xinhua three Technology Co., Ltd. Address before: 310053 Hangzhou hi tech Industrial Development Zone, Zhejiang province science and Technology Industrial Park, No. 310 and No. six road, HUAWEI, Hangzhou production base Patentee before: Huasan Communication Technology Co., Ltd. |