CN102281182B - Message processing method, access controller, access point and system in access network - Google Patents
Message processing method, access controller, access point and system in access network Download PDFInfo
- Publication number
- CN102281182B CN102281182B CN201010195893.1A CN201010195893A CN102281182B CN 102281182 B CN102281182 B CN 102281182B CN 201010195893 A CN201010195893 A CN 201010195893A CN 102281182 B CN102281182 B CN 102281182B
- Authority
- CN
- China
- Prior art keywords
- information
- access point
- access controller
- subscriber equipment
- access
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Landscapes
- Mobile Radio Communication Systems (AREA)
Abstract
The embodiment of the invention provides a message processing method, an access controller, an access point and a system in an access network. The access network comprises the access controller, the access point and user equipment, wherein the access point is connected with the access controller. The method comprises the following steps of: receiving a control message from the access point through a data channel between the access controller and the access point by the access controller, wherein the control message carries on-line information of the user equipment and virtual local area network identifier information of the data channel; and after determining to allow the user equipment to be associated or reassociated according to the on-line information, learning the virtual local area network identifier information. According to the embodiment of the invention, under the networking scene of a fit access point, when data are forwarded in a non-tunnel way and the first data message is initiated by the access controller, the access controller can learn the virtual local area network which is used when the downlink data is transmitted, and particularly, under the condition that an intermediate network is subjected to virtual local area network conversion, the downlink service can be ensured to be carried out smoothly.
Description
Technical field
The present invention relates to communication technical field, relate in particular to message processing method, access controller, access point and system in a kind of access network.
Background technology
In wireless network, access point (Access Point; Hereinafter to be referred as: AP) wireless user thousands of, that spread all over is everywhere had access to spider lines.At first, each AP is a stand-alone network elements, and management is the customer group of access separately, and this AP is called as " fat AP (Fat AP) ".Along with the extensive use of wireless network, AP is more and more.Huge " fat AP " management of quantity is got up very inconvenient.There is afterwards centralized control formula access controller (Access Controller; Hereinafter to be referred as: AC), AC can manage a group AP concentratedly, is subject to the AP of AC management to be called as " thin AP (Fit AP) ".
Under centralized control, AC manages AP by thin AP management agreement; Control and provisioning of wireless access points (Control And Provisioning of Wireless Access Points; Hereinafter to be referred as: CAPWAP) be the widely used thin AP management agreement that is also sole criterion.CAPWAP sets up based on User Datagram Protoco (UDP) (User Datagram Protocol between AC and AP equipment; Hereinafter to be referred as CAPWAP tunnel UDP), this CAPWAP tunnel is divided into controls tunnel and data tunnel two kinds.
In the networking scene of thin AP, between AP and AC, can be two layers or three-layer network; And the pass-through mode of business datum has tunnel forwarding and non-tunnel to forward two kinds.Under tunnel pass-through mode, business datum is encapsulated in the data tunnel based on UDP and is directly transparent to AC, is not subject to the impact of go-between.But at AC, concentrate forwarding service data, and this business datum adopts non-tunnel pass-through mode when AP and AC go-between forward, the VLAN of business datum (Virtual Local Area Network; Hereinafter to be referred as: VLAN), be likely changed.And the VLAN that the VLAN that AC adopts when sending downlink service data should carry with uplink business data is identical.
Sometimes, first message of data channel is initiated by AC, and at this moment AC cannot be known the VLAN adopting while sending downlink service data; For the problems referred to above, prior art does not provide a kind of effective solution.
Summary of the invention
The embodiment of the present invention provides message processing method, access controller, access point and the system in a kind of access network, to realize the VLAN adopting when access controller is known transmission downlink service data.
The embodiment of the present invention provides the message processing method in a kind of access network, described access network comprises access controller, access point and subscriber equipment, described subscriber equipment is connected with described access point, and described access point is connected with described access controller, and described method comprises:
Described access controller receives the control message from described access point by the data channel between described access controller and described access point, and described control message carries the information of reaching the standard grade of described subscriber equipment and the VLAN ID information of described data channel;
After described in described access controller basis, the information of reaching the standard grade is determined the described user device association of permission or series of fortified passes connection, described VLAN ID information is learnt.
The embodiment of the present invention also provides a kind of access controller, comprising:
Message receiver module, for the data channel by between described access controller and access point, receive the control message from described access point, described control message carries the information of reaching the standard grade of subscriber equipment and the VLAN ID information of described data channel that described access point connects;
Study module, after determining the described user device association of permission or series of fortified passes connection in the information of reaching the standard grade described in basis, learns described VLAN ID information.
The embodiment of the present invention also provides a kind of access point, comprising:
Receiver module, for receiving association request message or the reassociation requests message of subscriber equipment;
Sending module, sends and controls message to described access controller for the data channel by between access controller and described access point, and described control message carries the information of reaching the standard grade of described subscriber equipment and the VLAN ID information of described data channel.
The embodiment of the present invention also provides a kind of connecting system, comprising: access controller, access point and subscriber equipment, and described subscriber equipment is connected with described access point, and described access point is connected with described access point controller;
Described access point, the association request message or the reassociation requests message that for receiving subscriber equipment, send, sent and control message to described access controller by the data channel between described access point and described access controller;
Described access controller, for receiving described control message, described control message carries the information of reaching the standard grade of described subscriber equipment and the VLAN ID information of described data channel; After determining the described user device association of permission or series of fortified passes connection according to the described information of reaching the standard grade, described VLAN ID information is learnt.
Pass through the embodiment of the present invention, access controller receives the control message from access point by the data channel between this access controller and access point, determine permission user device association or series of fortified passes connection according to the information of reaching the standard grade in this control message after, VLAN ID information in this control message is learnt, thereby realized under the networking scene of thin access point, when non-tunnel pass-through mode for data acquisition, and when first data message is initiated by access controller, this access controller can be known the VLAN using while sending downlink data, particularly at go-between, carried out under VLAN change over condition, guaranteed carrying out smoothly of downlink business.
Accompanying drawing explanation
In order to be illustrated more clearly in the embodiment of the present invention or technical scheme of the prior art, to the accompanying drawing of required use in embodiment or description of the Prior Art be briefly described below, apparently, accompanying drawing in the following describes is some embodiments of the present invention, for those of ordinary skills, do not paying under the prerequisite of creative work, can also obtain according to these accompanying drawings other accompanying drawing.
Fig. 1 is the schematic diagram of an embodiment of application scenarios of the present invention;
Fig. 2 is the flow chart of the embodiment of message processing method in access network of the present invention;
Fig. 3 is the flow chart of another embodiment of message processing method in access network of the present invention;
Fig. 4 is the schematic diagram of another embodiment of application scenarios of the present invention;
Fig. 5 is the structural representation of an embodiment of access controller of the present invention;
Fig. 6 is the structural representation of another embodiment of access controller of the present invention;
Fig. 7 is the structural representation of an embodiment of access point of the present invention;
Fig. 8 is the structural representation of another embodiment of access point of the present invention;
Fig. 9 is the structural representation of an embodiment of connecting system of the present invention.
Embodiment
For making object, technical scheme and the advantage of the embodiment of the present invention clearer, below in conjunction with the accompanying drawing in the embodiment of the present invention, technical scheme in the embodiment of the present invention is clearly and completely described, obviously, described embodiment is the present invention's part embodiment, rather than whole embodiment.Embodiment based in the present invention, the every other embodiment that those of ordinary skills obtain under the prerequisite of not making creative work, belongs to the scope of protection of the invention.
Access controller can manage one or more access point, also can associated one or more subscriber equipment under access point, and the subscriber equipment here can be work station (Station; Hereinafter to be referred as: STA).
User equipment searches, can be by sending association request message to this access point, to ask to access this access point after access point.Access point can report access controller by the related information of this subscriber equipment, if related information is to report access controller by the control channel between access point and access controller, so for ensuing verification process, due to wireless local area network authentication infrastructure (the WirelessLocal Area Network Authentication Infrastructure of authentication; Hereinafter to be referred as: WAI) message or the Extensible Authentication Protocol based on local area network (LAN) (Extensible Authentication Protocol over LocalArea Network; Hereinafter to be referred as: EAPol) message is to be issued by the data channel between access point and access controller, however access controller do not know the vlan information of data channel, therefore, access controller does not know this issues message identifying toward which data channel.
And situation about switching between access point for subscriber equipment, if subscriber equipment adopts 802.1X authentication mode, switch so after access point, subscriber equipment does not need to carry out loaded down with trivial details 802.1X authentication and Key exchange again, accelerated switch speed, just because of subscriber equipment, do not need to carry out 802.1X authentication and Key exchange, so when access controller sends datagram to subscriber equipment by data channel, equally do not know the vlan information of data channel yet, do not know this toward which data channel sends datagram yet.
Given this, the embodiment of the present invention provides the message processing method in a kind of access network, can realize under the networking scene of thin access point, when non-tunnel pass-through mode for data acquisition, and when first data message is initiated by access controller, this access controller can be known the VLAN using while sending downlink data, particularly at go-between, has carried out under VLAN change over condition, has guaranteed carrying out smoothly of downlink business.Message processing method in the access network that the embodiment of the present invention provides can be in the application scenarios shown in Fig. 1, Fig. 1 is the schematic diagram of an embodiment of application scenarios of the present invention, as shown in Figure 1, in this application scenarios, can comprise subscriber equipment, access point and access controller, wherein, subscriber equipment is connected with access point, and access point is connected with access controller.The implementing procedure of the message processing method in the access network below embodiment of the present invention being provided is introduced.
Fig. 2 is the flow chart of the embodiment of message processing method in access network of the present invention, and as shown in Figure 2, the message processing method in this access network can comprise:
In the present embodiment, this controls message can be CAPWAP message, and the information of reaching the standard grade of subscriber equipment can comprise media interviews control (the Media Access Control of this subscriber equipment; Hereinafter to be referred as: MAC) address, service set (Service Set Identification; Hereinafter to be referred as: SSID) and related information; Or the information of reaching the standard grade of this subscriber equipment can comprise MAC Address, the SSID of this subscriber equipment, the identification information of former access point and heavy related information;
The VLAN ID information that this control message carries data channel can be: the information of virtual local area network in the Ethernet head of CAPWAP message is set to the VLAN ID information of this data channel; Can guarantee that like this this CAPWAP message forwards along this data channel, and the VLAN ID information of this data channel is sent to access controller.
In the present embodiment, access point can be by being made as control message by the value of type of message cell in CAPWAP message, and identifying this CAPWAP message is the control message that carries the information of reaching the standard grade of subscriber equipment and the VLAN ID information of data channel.
In the present embodiment, after VLAN ID information is learnt, access controller sends datagram to data channel corresponding to this VLAN ID information.
In addition, in the present embodiment, after access controller is determined permission user device association or series of fortified passes connection according to the above-mentioned information of reaching the standard grade, access controller can also authenticate subscriber equipment according to the above-mentioned information of reaching the standard grade; Thereby realized VLAN and sought process and the unification of UE identifying procedure, simplified flow process.
In above-described embodiment, access controller receives the control message from access point by the data channel between this access controller and access point, determine permission user device association or series of fortified passes connection according to the information of reaching the standard grade in this control message after, VLAN ID information in this control message is learnt, thereby realized under the networking scene of thin access point, when non-tunnel pass-through mode for data acquisition, and when first data message is initiated by access controller, this access controller can be known the VLAN using while sending downlink data, particularly at go-between, carried out under VLAN change over condition, guaranteed carrying out smoothly of downlink business.
Fig. 3 is the flow chart of another embodiment of message processing method in access network of the present invention, and as shown in Figure 3, the message processing method in this access network can comprise:
Step 301, AP receives subscriber equipment (User Equipment; Hereinafter to be referred as: the association request message or the reassociation requests message that UE) send.
Step 302, the authentication mode that the association request message that AP basis receives or reassociation requests message are determined UE.
Particularly, AP can be according to the SSID of this UE carrying in association request message or reassociation requests message, in the authentication mode of preserving in this locality, search, obtain the authentication mode corresponding with this SSID, the authentication mode that this SSID is corresponding is the authentication mode of this UE, wherein, the local authentication mode of preserving is to obtain and preserve the configuration data that issues from AC of this AP; Or, AP can be according to the SSID of this UE carrying in association request message or reassociation requests message, to AC, ask the authentication mode that this SSID is corresponding, and receive authentication mode corresponding to this SSID that this AC returns, the authentication mode that this SSID is corresponding is the authentication mode of this UE; Two kinds of examples of the authentication mode that to be only below AP determine UE according to the association request message receiving or reassociation requests message, the embodiment of the present invention is not construed as limiting this, as long as the authentication mode that the association request message that AP basis receives or reassociation requests message can be determined UE.
Step 303, AP sends and controls message to AC according to the authentication mode of this UE, and this control message carries the VLAN identification information of UE upstream data passage.
Wherein, UE upstream data passage is the data channel between AC and AP.
Particularly, the authentication mode when this subscriber equipment is authentication mode or WLAN authentication and privacy infrastructure (the Wireless LAN Authentication and PrivacyInfrastructure based on 802.1X; Hereinafter to be referred as: WAPI) during authentication mode, AP sends and controls message to AC.
Step 304, the VLAN identification information carrying in AC study record controls message, and when sending downlink data, use the data channel that this VLAN identification information is corresponding.
Step 305, AC, according to the associated or heavy related information of controlling the UE carrying in message, after determining that this UE of permission carries out association or series of fortified passes connection, triggers the identifying procedure of this UE.
In the present embodiment, except VLAN identification information, above-mentioned control message can also carry the associated or heavy related information of UE, after receiving control message, AC can, according to the associated or heavy related information of this UE, after determining that this UE of permission carries out association or series of fortified passes connection, trigger the identifying procedure of this UE, thereby realized VLAN and sought process and the unification of UE identifying procedure, simplified flow process.In addition, this control message can also carry this UE other access informations except associated or heavy related information, such as: the information such as the MAC Address of this subscriber equipment, SSID and former associated AP (under the situation of this UE in series of fortified passes connection), for the handling process of reaching the standard grade of this UE, use.
The present embodiment is not construed as limiting the execution sequence of step 304 and step 305, and step 304 and step 305 can successively be carried out, also can executed in parallel.
Above-described embodiment has been realized under the networking scene of thin AP, when non-tunnel pass-through mode for data acquisition, and when first data message is initiated by AC, this AC can be known the VLAN using while sending downlink data, particularly at go-between, carried out under VLAN change over condition, guaranteed carrying out smoothly of downlink business.
It should be noted that, the present invention is embodiment illustrated in fig. 3 is only a kind of example of the present invention, certainly the embodiment of the present invention is not limited in this, in step 303, AP not only can send and control message to AC according to the authentication mode of UE, the condition that AP send to control message to AC can be also: anyly by AC, first initiate AC and AP, or the protocol interaction between AC and UE, and this protocol interaction is at UE, just to have reached the standard grade before also not sending uplink data messages to carry out; In this case, after receiving the association request or reassociation requests of UE transmission, AP just can send and control message to AC.
Message processing method in Fig. 2 of the present invention and the access network providing embodiment illustrated in fig. 3 also can be applicable in the application scenarios shown in Fig. 4 of the present invention, Fig. 4 is the schematic diagram of another embodiment of application scenarios of the present invention, application scenarios shown in Fig. 4 is an example of the networking scene of thin AP, as shown in Figure 4, in the networking scene of this thin AP, non-tunnel pass-through mode for data acquisition, UE 1 access AP 1, AP 1 is used VLAN 1; UE 2 access AP 2, AP 2 is used VLAN 2; AP 1 and AP 2 are by LAN switch (Local Area Network Switch; Hereinafter to be referred as: LSW) and Layer 2 switch, realize the communication connection with AC; This Layer 2 switch has carried out VLAN conversion, has converted VLAN 1 to VLAN 11, has converted VLAN 2 to VLAN 22.
One of ordinary skill in the art will appreciate that: all or part of step that realizes said method embodiment can complete by the relevant hardware of program command, aforesaid program can be stored in a computer read/write memory medium, this program, when carrying out, is carried out the step that comprises said method embodiment; And aforesaid storage medium comprises: various media that can be program code stored such as ROM, RAM, magnetic disc or CDs.
Fig. 5 is the structural representation of an embodiment of access controller of the present invention, and the access controller in the present embodiment can be realized the present invention's flow process embodiment illustrated in fig. 2.As shown in Figure 5, this access controller can comprise: message receiver module 51 and study module 52.
Wherein, message receiver module 51, for the data channel by between access controller and access point, receive the control message from access point, this control message carries the information of reaching the standard grade of subscriber equipment and the VLAN ID information of this data channel that this access point connects;
In the present embodiment, this controls message can be CAPWAP message, and the information of reaching the standard grade of subscriber equipment can comprise MAC Address, SSID and the related information of this subscriber equipment; Or the information of reaching the standard grade of this subscriber equipment can comprise MAC Address, the SSID of this subscriber equipment, the identification information of former access point and heavy related information;
The VLAN ID information that this control message carries data channel can be: the information of virtual local area network in the Ethernet head of CAPWAP message is set to the VLAN ID information of this data channel; Can guarantee that like this this CAPWAP message forwards along this data channel, and the VLAN ID information of this data channel is sent to access controller.
In above-described embodiment, message receiver module 51 receives the control message from access point by the data channel between this access controller and access point, study module 52 is after determining permission user device association or series of fortified passes connection according to the information of reaching the standard grade in this control message, VLAN ID information in this control message is learnt, thereby realized under the networking scene of thin access point, when non-tunnel pass-through mode for data acquisition, and when first data message is initiated by access controller, this access controller can be known the VLAN using while sending downlink data, particularly at go-between, carried out under VLAN change over condition, guaranteed carrying out smoothly of downlink business.
Fig. 6 is the structural representation of another embodiment of access controller of the present invention, compares with the access controller shown in Fig. 5, and difference is, the access controller shown in Fig. 6 can also comprise: authentication module 53 and data transmission blocks 54.
Wherein, authentication module 53, for authenticating subscriber equipment according to the information of reaching the standard grade;
Data transmission blocks 54, for sending datagram to data channel corresponding to VLAN ID information.
Above-mentioned access controller has been realized under the networking scene of thin access point, when non-tunnel pass-through mode for data acquisition, and when first data message is initiated by access controller, this access controller can be known the VLAN using while sending downlink data, particularly at go-between, carried out under VLAN change over condition, guaranteed carrying out smoothly of downlink business.
Fig. 7 is the structural representation of an embodiment of access point of the present invention, and as shown in Figure 7, this access point can comprise: receiver module 71 and sending module 72;
Wherein, receiver module 71, for receiving association request message or the reassociation requests message of subscriber equipment;
Sending module 72, sends and controls message to access controller for the data channel by between access controller and this access point, and this control message carries the information of reaching the standard grade of subscriber equipment and the VLAN ID information of this data channel.
In above-mentioned access point, receiver module 71 is after receiving the association request message or reassociation requests message of subscriber equipment, sending module 72 is sent and controls message to access controller by the data channel between access controller and this access point, this control message carries the information of reaching the standard grade of subscriber equipment and the VLAN ID information of this data channel, after receiving this control message, access controller is according to the information of reaching the standard grade of subscriber equipment, after determining permission user device association or series of fortified passes connection, access controller just can be learnt above-mentioned VLAN ID information, and when sending downlink data, use VLAN corresponding to this VLAN ID information, thereby realized under the networking scene of thin access point, when non-tunnel pass-through mode for data acquisition, and when first data message is initiated by access controller, this access controller can be known the VLAN using while sending downlink data, particularly at go-between, carried out under VLAN change over condition, guaranteed carrying out smoothly of downlink business.
Fig. 8 is the structural representation of another embodiment of access point of the present invention, compares with the access point shown in Fig. 7, and difference is, the access point shown in Fig. 8 can further include: judge module 73;
Wherein, judge module 73, for after receiver module 71 receives association request message, determines the authentication mode of subscriber equipment according to this association request message, and judges whether to need to send control message according to the authentication mode of this subscriber equipment; Or, for after receiver module 71 is received reassociation requests message, according to this reassociation requests message, determine the authentication mode of subscriber equipment, and judge whether to need to send control message according to the authentication mode of this subscriber equipment.
Wherein, judge module 73 is being determined the authentication mode of subscriber equipment, and judges whether to need to send while controlling message according to the authentication mode of this subscriber equipment, can, with reference to the present invention's execution mode providing embodiment illustrated in fig. 3, not repeat them here.
Above-mentioned access point has been realized under the networking scene of thin access point, when non-tunnel pass-through mode for data acquisition, and when first data message is initiated by access controller, this access controller can be known the VLAN using while sending downlink data, particularly at go-between, carried out under VLAN change over condition, guaranteed carrying out smoothly of downlink business.
Fig. 9 is the structural representation of an embodiment of connecting system of the present invention, and as shown in Figure 9, this connecting system can comprise: access point 91, access controller 92 and subscriber equipment 93; Wherein, subscriber equipment 93 is connected with access point 91, and access point 91 is connected with access controller 92;
Access point 91, the association request message or the reassociation requests message that for receiving subscriber equipment 93, send, sent and control message to access controller 92 by the data channel between access point 91 and access controller 92;
In the present embodiment, further, this connecting system can also comprise: switching equipment 94; This switching equipment 94 connects access point 91 and access controller 92, for carry out VLAN conversion between access point 91 and access controller 92.
Particularly, access point 91 can be realized by the access point shown in Fig. 7 of the present invention or Fig. 8; Access controller 92 can be realized by the access controller shown in Fig. 5 of the present invention or Fig. 6.
In above-mentioned connecting system, access controller 92 receives the control message from access point 91 by the data channel between this access controller 92 and access point 91, determine permission subscriber equipment 93 associations or series of fortified passes connection according to the information of reaching the standard grade in this control message after, VLAN ID information in this control message is learnt, thereby realized under the networking scene of thin access point, when non-tunnel pass-through mode for data acquisition, and when first data message is initiated by access controller 92, this access controller 92 can be known the VLAN using while sending downlink data, particularly at go-between, carried out under VLAN change over condition, guaranteed carrying out smoothly of downlink business.
It will be appreciated by those skilled in the art that accompanying drawing is the schematic diagram of a preferred embodiment, the module in accompanying drawing or flow process might not be that enforcement the present invention is necessary.
It will be appreciated by those skilled in the art that the module in the device in embodiment can be distributed in the device of embodiment according to embodiment description, also can carry out respective change and be arranged in the one or more devices that are different from the present embodiment.The module of above-described embodiment can be merged into a module, also can further split into a plurality of submodules.
Finally it should be noted that: above embodiment only, in order to technical scheme of the present invention to be described, is not intended to limit; Although the present invention is had been described in detail with reference to previous embodiment, those of ordinary skill in the art is to be understood that: its technical scheme that still can record aforementioned each embodiment is modified, or part technical characterictic is wherein equal to replacement; And these modifications or replacement do not make the essence of appropriate technical solution depart from the spirit and scope of various embodiments of the present invention technical scheme.
Claims (11)
1. the message processing method in an access network, described access network comprises access controller, access point and subscriber equipment, and described subscriber equipment is connected with described access point, and described access point is connected with described access controller, it is characterized in that, described method comprises:
Described access controller receives the control message from described access point by the data channel between described access controller and described access point, and described control message carries the information of reaching the standard grade of described subscriber equipment and the VLAN ID information of described data channel;
After described in described access controller basis, the information of reaching the standard grade is determined the described user device association of permission or series of fortified passes connection, described VLAN ID information is learnt.
2. method according to claim 1, is characterized in that, described access controller according to described in after the information of reaching the standard grade determines and allows described user device association or series of fortified passes connection, after described VLAN ID information is learnt, also comprise:
Described in described access controller basis, the information of reaching the standard grade authenticates described subscriber equipment.
3. method according to claim 1, is characterized in that, described described VLAN ID information is learnt after, also comprise:
Described access controller sends datagram to data channel corresponding to described VLAN ID information.
4. according to the method described in claim 1-3 any one, it is characterized in that, described control message is control and provisioning of wireless access points message, and the information of reaching the standard grade of described subscriber equipment comprises the media access control address of described subscriber equipment, service set and related information; Or the information of reaching the standard grade of described subscriber equipment comprises identification information and the heavy related information of the media access control address of described subscriber equipment, service set, former access point.
5. an access controller, is characterized in that, comprising:
Message receiver module, for the data channel by between described access controller and access point, receive the control message from described access point, described control message carries the information of reaching the standard grade of subscriber equipment and the VLAN ID information of described data channel that described access point connects;
Study module, after determining the described user device association of permission or series of fortified passes connection in the information of reaching the standard grade described in basis, learns described VLAN ID information.
6. access controller according to claim 5, is characterized in that, also comprises:
Authentication module, for reaching the standard grade described in basis, information authenticates described subscriber equipment.
7. according to the access controller described in claim 5 or 6, it is characterized in that, also comprise:
Data transmission blocks, for sending datagram to data channel corresponding to described VLAN ID information.
8. an access point, is characterized in that, comprising:
Receiver module, for receiving association request message or the reassociation requests message of subscriber equipment;
Sending module, sends and controls message to described access controller for the data channel by between access controller and described access point, and described control message carries the information of reaching the standard grade of described subscriber equipment and the VLAN ID information of described data channel.
9. access point according to claim 8, is characterized in that, also comprises:
Judge module, for after described receiver module is received described association request message, determines the authentication mode of described subscriber equipment according to described association request message, and judges whether to send described control message according to the authentication mode of described subscriber equipment; Or, after receiving described reassociation requests message at described receiver module, according to described reassociation requests message, determine the authentication mode of described subscriber equipment, and judge whether to send described control message according to the authentication mode of described subscriber equipment.
10. a connecting system, is characterized in that, comprising: access controller, access point and subscriber equipment, and described subscriber equipment is connected with described access point, and described access point is connected with described access controller;
Described access point, the association request message or the reassociation requests message that for receiving subscriber equipment, send, sent and control message to described access controller by the data channel between described access point and described access controller;
Described access controller, for receiving described control message, described control message carries the information of reaching the standard grade of described subscriber equipment and the VLAN ID information of described data channel; After determining the described user device association of permission or series of fortified passes connection according to the described information of reaching the standard grade, described VLAN ID information is learnt.
11. systems according to claim 10, is characterized in that, also comprise:
Switching equipment, described switching equipment connects described access point and described access controller, for carry out VLAN conversion between described access point and described access controller.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201010195893.1A CN102281182B (en) | 2010-06-08 | 2010-06-08 | Message processing method, access controller, access point and system in access network |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201010195893.1A CN102281182B (en) | 2010-06-08 | 2010-06-08 | Message processing method, access controller, access point and system in access network |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN102281182A CN102281182A (en) | 2011-12-14 |
| CN102281182B true CN102281182B (en) | 2014-03-26 |
Family
ID=45106377
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201010195893.1A Active CN102281182B (en) | 2010-06-08 | 2010-06-08 | Message processing method, access controller, access point and system in access network |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102281182B (en) |
Families Citing this family (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102647715A (en) * | 2012-03-27 | 2012-08-22 | 华为技术有限公司 | Method for delivering authentication target MAC (Media Access Control) address of EAP (Extensible Authentication Protocol) authentication |
| CN102612033B (en) * | 2012-03-29 | 2015-07-08 | 北京傲天动联技术股份有限公司 | Mobile phone with thin wireless access point and communication method for mobile phone |
| CN103686854B (en) * | 2012-09-17 | 2018-05-04 | 中兴通讯股份有限公司 | The method and apparatus for controlling AP |
| CN103796267B (en) * | 2013-03-28 | 2015-04-15 | 深圳光启创新技术有限公司 | Communication system applied to traffic system of operation line |
| CN103313308B (en) * | 2013-06-18 | 2016-06-29 | 杭州华三通信技术有限公司 | A kind of data transmission method and equipment |
| US10485043B2 (en) * | 2016-10-28 | 2019-11-19 | Hewlett Packard Enterprise Development Lp | Multi-connection access point |
Family Cites Families (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101146045B (en) * | 2007-10-11 | 2011-03-23 | 杭州华三通信技术有限公司 | Radio LAN and its access method and access device |
| CN101447887B (en) * | 2007-11-27 | 2012-06-27 | 华为技术有限公司 | Method for user on-line notification and device thereof |
| CN101711031B (en) * | 2009-12-23 | 2012-07-11 | 杭州华三通信技术有限公司 | Portal authenticating method during local forwarding and access controller (AC) |
-
2010
- 2010-06-08 CN CN201010195893.1A patent/CN102281182B/en active Active
Also Published As
| Publication number | Publication date |
|---|---|
| CN102281182A (en) | 2011-12-14 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN102281182B (en) | Message processing method, access controller, access point and system in access network | |
| CN101795465B (en) | Method and equipment for group management of APs | |
| US9071968B2 (en) | Method, apparatus, and system for centralized 802.1X authentication in wireless local area network | |
| CN102523628B (en) | A kind of trunking method of wireless relay apparatus and wireless relay apparatus | |
| EP3010297B1 (en) | Method for changing cell state, user equipment, and base station | |
| CN107864508A (en) | A kind of pre-synchronization method and device of radio roaming authentication state | |
| EP3562185B1 (en) | Method and device for joining access node group | |
| CN103281692B (en) | Method for fast roaming between a kind of AC and equipment | |
| US20180367981A1 (en) | Fabric aware smart client steering for service provider wi-fi networks | |
| US9591562B2 (en) | Provisioning access point bandwidth based on predetermined events | |
| CN102014391A (en) | Wireless network safety access method, system and wireless controller | |
| CN110086839A (en) | A kind of dynamic access method and device of remote equipment | |
| US11405783B2 (en) | Access control method and device | |
| WO2015139434A1 (en) | Method and apparatus for determining a security algorithm | |
| US20160301673A1 (en) | Method for Realizing Secure Communications among Machine Type Communication Devices and Network Entity | |
| CN106488547B (en) | STA authentication data management method, device and equipment | |
| US20200374770A1 (en) | Automatic neighbor relationships for a 5g air interface or other next generation network interfaces | |
| CN113747496B (en) | Switching method, network equipment and system in multi-connection network | |
| EP3419248A1 (en) | Data processing method self-adaptive to access network architectures, access network architecture, and storage medium | |
| CN111866872B (en) | Communication method and device | |
| Gilani et al. | Mobility scenarios into future wireless access network | |
| CN103973570B (en) | A kind of method of message transmissions, AP and system | |
| CN102223705B (en) | Multi-cell network of home base station and realization method of same | |
| TWI600341B (en) | Wireless access setting device | |
| US20240089930A1 (en) | Configuration method, allocation method, apparatus, device, and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |