Detailed Description
In order to make the objects, technical solutions and advantages of the present invention clearer, the technical solutions of the present invention will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present invention. It is clear that the various embodiments described below are only some of the embodiments of the invention. Based on the embodiments of the present invention described below, even if no creative work is done, a person skilled in the art can obtain other embodiments capable of solving the technical problems of the present invention and achieving the technical effects of the present invention by equivalent transformation of part or even all of the technical features, and it is obvious that the various embodiments transformed by the present invention do not depart from the scope of the present invention.
Fig. 1 shows an architecture diagram used by a terminal to connect to a network according to an embodiment of the present invention, and as shown in fig. 1, whether an AP is connected to the Internet determines whether the terminal is capable of accessing the Internet. In the embodiment of the invention, the AP is always connected to the internet.
Specifically, in the process of powering on the AP to Access an AC (Access Controller) in the Internet, the AP may obtain an IP address of the AP from the DNS server in a Dynamic Host Configuration Protocol (DHCP) manner.
Thus, the terminal accesses the AP in an unencrypted manner or already in an authenticated manner, so that the AP assigns to the terminal an IP address used for accessing the network. However, in the conventional technology, after the terminal obtains the IP address used by the access network to which the AP is assigned, the terminal does not necessarily have the capability of accessing the Internet. For example, as shown in fig. 2, the terminal searches for an AP capable of connecting, and after connecting to the AP and obtaining an IP address, the terminal sends a request for obtaining the IP address of the DNS server to the DNS server, and the DNS server may return the IP address of the DNS server to the terminal according to the request. It may also happen that the terminal does not receive the IP address of the DNS server returned by the DNS server at all after sending multiple requests. Therefore, if the terminal acquires the IP address of the DNS server, it is considered that the terminal has the capability of accessing the Internet, otherwise, the terminal does not have the capability of accessing the Internet.
Further, as shown in fig. 3, fig. 3 is a scene diagram illustrating a convergence of a Wifi network and a 3G network according to an embodiment of the present invention, and performs unified authentication and access to a packet service (PS service) in a network environment covered by the 3G and Wifi network shown in fig. 3.
Specifically, the terminal may be a mobile phone with underlying operating software, or a notebook computer or the like containing a data card.
When the terminal accesses a core network from a Wireless L optical Area network (W L AN), the terminal can access existing services, such as mobile data services, Internet and enterprise data applications.
Of course, the seamless roaming between 3G and W L AN may include that the terminal automatically selects 3G and W L AN, automatically authenticates using a Subscriber Identity Module (SIM) card or a Universal Subscriber Identity Module (USIM) card, and does not need to manually input a user name and a password, for example, AN Authentication method using PPP Extended Authentication Protocol (EAP) or Authentication and KEY agreement (EAP).
Further, the terminal may access the Internet through authentication and authentication of EAP/AKA as shown in fig. 4, and fig. 4 shows a scene diagram of the terminal accessing the Internet network. Fig. 4 provides an EAP/AKA Wifi network authentication method that eliminates the step of a user entering a username and password in a terminal.
Generally, a terminal accesses AN Internet network and can be divided into three stages, wherein the first stage comprises accessing W L AN authentication and authorization, namely authentication is carried out on a Home L registration (H L R) through AC/3GPP AAA based on EAP-SIM/AKA, the second stage comprises accessing Packet Service (PS) core network authentication and authorization, authentication is carried out on H L R through PDG/3GPP AAA based on EAP-SIM/AKA, and the third stage comprises establishing AN IPsec Internet Protocol security (IPsec Internet Protocol security) tunnel for accessing PS services after authentication is successful.
In the embodiment of the invention, after the terminal searches the Wifi access point, the terminal can send the network access capacity request to the Wifi access point, so that the Wifi access point can determine whether the Wifi access point can access the network to a DNS server on the network side according to the network access capacity request, and if the domain name system server determines that the Wifi access point can access the network, the Wifi access point receives a successful response which is returned by the domain name system server and can access the network, thereby realizing that the terminal can have the capacity of accessing the Internet after being connected with the Wifi access point.
As shown in fig. 5, fig. 5 is a flowchart illustrating a wireless network access method according to an embodiment of the present invention. The wireless network access method in the present embodiment is as follows.
501. And the Wifi access point receives a network access capability request sent by the terminal, and determines whether the Wifi access point can access the network or not to a DNS (domain name system) server at the network side according to the network access capability request.
It can be understood that, after the terminal searches for the AP, as shown in fig. 6A, each searched AP is displayed in an interface of an application program of the terminal, at this time, each AP may receive a network access capability request sent by the terminal, and then determine whether the Wifi access point can access the network to the DNS server on the network side according to the network access capability request.
For example, the Wifi access point queries the DNS server whether the IP address of the current DNS server is valid, i.e. the IP address of the ping DNS server is needed.
502. And if the DNS server determines that the Wifi access point can access the network, the Wifi access point receives a successful response which is returned by the DNS server and can access the network.
In practical application, if the DNS server determines that the Wifi access point can access the network, the Wifi access point may receive a successful response that is returned by the DNS server and that can access the network within a preset time period.
Of course, if the Wifi access point does not receive a successful response returned by the DNS server to enable network access, or if the Wifi access point receives a failed response returned by the DNS server to disable network access, it may be understood that the terminal does not have the capability of accessing the network after connecting to the AP.
Further, if the Wifi access point does not receive a successful response returned by the DNS server and capable of accessing the network within the preset time length, it can also be understood that the terminal does not have the capability of accessing the network after connecting to the AP.
For example, if the DNS server determines that the IP address of the current DNS server is valid, the Wifi access point receives a successful response including the IP address sent by the DNS server; that is, the Wifi access point can connect to the DNS server by pinging the IP address of the DNS server, and at this time, the terminal may have the capability of accessing the network after connecting to the AP.
It should be noted that the aforementioned preset time period may be configured in the AP by the user, and is set according to actual needs, such as 3s, 2s, and the like.
503. And the Wifi access point sends a response message capable of accessing the network to the terminal according to the successful response.
That is, the Wifi access point transmits a response message capable of accessing the network to the terminal according to the successful response, so that the terminal accesses the network according to the response message after accessing the Wifi access point when the IP address of the DNS server is included in the response message.
As shown in fig. 6B, each AP that is searched and enables the terminal to have the capability of accessing the network may have an icon (e.g., a shaded circle in fig. 6B) for automatically acquiring the Internet access capability, so as to indicate that the terminal can directly access the network after accessing the Wifi access point.
In practical applications, the basic information displayed by the Wifi access point searched by the terminal may include: SSID of the Wifi access point, encryption information, icons which have automatically acquired Internet access capability, and the like.
It can be known from the foregoing embodiment that, in the wireless network access method of this embodiment, the terminal sends the network access capability request to the Wifi access point, so that the Wifi access point determines whether the Wifi access point can access the network to the DNS server on the network side according to the network access capability request, and if the DNS server determines that the Wifi access point can access the network, the Wifi access point receives a successful response that is returned by the DNS server and that can access the network, and then sends a response message that can access the network to the terminal according to the successful response, so that the terminal has the capability of accessing the internet after accessing the Wifi access point, and the use performance of the terminal is improved.
Further, the Wifi access point receives a network access capability request sent by the terminal, where the network access capability request may include an identifier of the terminal, and at this time, before step 502 in the foregoing embodiment, the wireless network access method may further include the following step 501a, as shown in fig. 7.
501a, the Wifi access point determines that the SIM card of the terminal has been authenticated by the network side communication network element according to the identifier of the terminal.
For example, the identifier of the terminal may be an International Mobile Subscriber Identity (IMSI) of the terminal.
In addition, the network side communication network element is as follows: an Access Controller (AC), a Broadband Remote Access Server (BRAS), a Portal Server (Portal Server), an Authentication, Authorization and Accounting Server (AAA Server), etc. may interactively implement Authentication and Authorization of the SIM card of the terminal.
The authentication and authorization method of the network side communication network element to the SIM card of the terminal in this embodiment is an existing authentication method, and as described in fig. 4, a brief description of the Wifi network authentication method of EAP/AKA is provided, and this embodiment does not describe it in detail.
It should be noted that, if the authentication of the network side communication network element for the SIM card of the terminal fails, the Wifi access point no longer determines to the DNS server whether the Wifi access point can access the network according to the network access capability request.
Preferably, when a terminal in practical application searches for a Wifi access point, a group of socket interactions may be performed between the terminal and the Wifi access point to enable the terminal to be connected to the Wifi access point, so that the network access capability request may be carried in a socket sent by an existing terminal, so that the Wifi access point determines whether the Wifi access point can access the network to a DNS server on a network side according to the network access capability request, and thus, whether the terminal has the capability of accessing the internet after accessing the Wifi access point is determined. The format of a set of sockets is illustrated in FIG. 6C, which may include: protocol version information, negotiation data information of the terminal and the AP, identification of the terminal, length information of data, and/or information whether the data is encrypted, and the like. Fig. 6C is only an illustration, and the format of the socket in practice can be set according to actual needs.
The wireless network access method can enable the terminal to have the capability of accessing the network after the terminal is accessed to the AP, so that the use performance of the terminal is improved.
As shown in fig. 8, fig. 8 is a flowchart illustrating a wireless network access method according to an embodiment of the present invention. The wireless network access method in the present embodiment is as follows.
801. And the Wifi access point receives a network access capability request sent by the terminal.
802. And the Wifi access point inquires the DNS about whether the IP address of the current DNS is valid.
803. And if the DNS server determines that the IP address of the current DNS server is valid, the Wifi access point receives a successful response which is sent by the DNS server and comprises the IP address.
804. And sending a response message including the IP address of the DNS server to the terminal according to the successful response including the IP address.
Further, as shown in fig. 9A, the above-mentioned wireless network access method further includes, as follows, step 805.
805. And if the network access capability request sent by the terminal is received again within the preset time, directly sending a response message to the terminal.
The response message is the message that the Wifi access point can access the network, which is determined by the Wifi access point according to the network access capability request sent by the terminal at the previous time.
That is, after receiving a network access request transmitted by a terminal and transmitting a response message to the terminal, if the network access request of the terminal is received again within a preset time (e.g., 1 minute), the response message including the IP address of the DNS server acquired last time is directly transmitted to the terminal.
The preset time in this step is configured in advance in the AP by the user, and is set according to actual needs, such as 5s, 10s, and the like.
Preferably, in another embodiment, as shown in fig. 9B, the above-mentioned wireless network access method further includes, as follows, step 806.
806. And the Wifi access point receives a connection request sent by the terminal and used for connecting the Wifi access point, and allocates an identifier used when the terminal accesses the network for the terminal according to the connection request.
For example, in this step, the identifier used by the Wifi access point to allocate the terminal to access the network according to the connection request may be an IP address of the terminal.
As can be seen from the foregoing embodiments, in the wireless network access method of this embodiment, the terminal sends the network access capability request to the Wifi access point, so that the Wifi access point queries the effective IP address of the current DNS server, and then sends the queried IP address of the DNS server to the terminal, so that the terminal has the capability of accessing the internet after being connected to the Wifi access point, thereby achieving the purpose of accessing the internet quickly and accessing the network quickly.
As shown in fig. 10, fig. 10 is a flowchart illustrating a wireless network access method according to an embodiment of the present invention. The wireless network access method in this embodiment is as follows.
1001. And the terminal sends a network access capability request to the Wifi access point.
1002. And the terminal receives a response message sent by the Wifi access point according to the network access capability request, wherein the response message is a response message which is sent by the Wifi access point to a DNS server at the network side after the Wifi access point determines that the Wifi access point can access the network according to the network access capability request and can access the network.
For example, the Wifi access point queries the DNS server whether the IP address of the current DNS server is valid according to a network access capability request sent by the terminal;
furthermore, when the DNS server determines that the IP address of the current DNS server is valid, the Wifi access point receives a successful response which is sent by the DNS server and comprises the IP address; and transmits a response message including the IP address of the DNS server to the terminal according to the success response including the IP address of the DNS server.
The response message in this step includes: IP address of DNS server.
Further, the wireless network access method further includes steps 1003 and 1004, which are not shown in the following figures.
1003. And the terminal sends a connection request for connecting the Wifi access point to the Wifi access point.
1004. And the terminal receives the identifier which is distributed by the Wifi access point for the terminal according to the connection request and is used when the terminal accesses the network.
It should be noted that the identifier used when the terminal accesses the network here may be an IP address.
Of course, in practical applications, the above-mentioned wireless network access method further includes step 1005, which is not shown in the following figures.
1005. And if the network access capability request is sent to the Wifi access point again within the preset time, receiving a response message sent by the Wifi access point, wherein the response message is a message which is determined by the Wifi access point according to the network access capability request sent by the terminal at the previous time and can access the network by the Wifi access point.
As can be seen from the foregoing embodiments, in the wireless network access method of this embodiment, the terminal sends the network access capability request to the Wifi access point, so that the terminal has the capability of accessing the internet after accessing the Wifi access point.
According to another aspect of the present invention, the present invention further provides a Wifi access point, as shown in fig. 11, the Wifi access point in this embodiment includes: a receiving unit 1101, a determining unit 1102, and a transmitting unit 1103;
the receiving unit 1101 is configured to receive a network access capability request sent by a terminal;
the determining unit 1102 is configured to determine whether the Wifi access point can access the network from the network side domain name system server according to the network access capability request;
the receiving unit 1101 is further configured to receive a successful response returned by the DNS server to enable the access to the network when the determining unit 1102 determines that the Wifi access point can access the network;
the sending unit 1103 is configured to send a response message capable of accessing the network to the terminal according to the success response.
Preferably, the determining unit 1102 is further configured to determine that the SIM card of the terminal has obtained authentication of the network-side communication network element according to the identifier of the terminal.
In practical applications, the determining unit 1102 is specifically configured to query the DNS server whether the internet protocol address of the current DNS server is valid;
correspondingly, the receiving unit 1101 is specifically configured to receive a successful response including an IP address sent by the DNS server when the determining unit 1102 determines that the IP address of the current DNS server is valid;
accordingly, the sending unit 1103 is specifically configured to send a response message including the IP address of the DNS server to the terminal according to the successful response including the IP address of the DNS server.
In other embodiments, the receiving unit 1101 is further configured to receive a connection request sent by the terminal for connecting to a Wifi access point;
correspondingly, the Wifi access point further comprises: and the allocation unit is used for allocating identifiers used when the terminal accesses the network, such as IP addresses used by the terminal, to the terminal according to the connection request.
As can be seen from the foregoing embodiments, in the Wifi access point of this embodiment, the receiving unit receives the network access capability request sent by the terminal, and the determining unit determines whether the Wifi access point can access the network to the network side domain name system server according to the network access capability request, so that the receiving unit receives a successful response that can access the network and is returned by the DNS server when the determining unit determines that the Wifi access point can access the network, and sends a response message that can access the network to the terminal through the sending unit, so that the terminal directly has the capability of accessing the internet after connecting to the Wifi access point.
According to another aspect of the present invention, the present invention further provides a terminal, as shown in fig. 12, the terminal in this embodiment, including: a transmitting unit 1201 and a receiving unit 1202;
the sending unit 1201 is configured to send a network access capability request to the Wifi access point;
the receiving unit 1202 is configured to receive a response message sent by the Wifi access point according to the network access capability request, where the response message is a response message that is sent by the Wifi access point to the terminal after determining that the Wifi access point can access the network according to the network access capability request to a domain name system server on a network side.
For example, the foregoing network access capability request includes: protocol version information, negotiation data information of the terminal and the AP, an identification of the terminal, length information of the data, and/or information whether the data is encrypted.
Further, the sending unit 1201 is further configured to send a connection request for connecting to a Wifi access point to the Wifi access point; the receiving unit 1202 is further configured to receive an identifier, which is allocated by the Wifi access point to the terminal according to the connection request and is used when the terminal accesses the network.
It can be known from the foregoing embodiment that, the terminal of this embodiment can send the network access capability request to the Wifi access point through the sending unit after being connected to the Wifi access point, and then can receive the response message sent by the Wifi access point according to the network access capability request through the receiving unit, and then the terminal can have the capability of accessing the internet after being connected to the Wifi access point.
As shown in fig. 13, fig. 13 is a schematic structural diagram of a terminal according to an embodiment of the present invention.
The terminal comprises a Wifi module, and the structure of the terminal can be divided into 3 layers, namely an operating system layer, a service/drive layer and an application layer from bottom to top.
Operating system layer: the method is used for realizing cross-platform compatibility of the terminal, and the driving units of the Wifi modules of the operating systems may not be uniform, for example, the receiving and sending of messages of the operating systems are different. In practical applications, an adaptation layer (such as an Operating System (OS) adaptation shown in the figure) crossing the Operating systems may be set to implement applications of different terminals.
Service/driver layer: programs in the layer are all operated in the service and drive layer, so that unauthorized user process or service access and even kernel process damage are avoided, and system security is improved. This layer includes system kernel, third party adaptation, file system, device driver loading and management, network management and services, etc. The most critical 3 sub-parts of the layer are respectively an SD main controller driver, a hardware interface layer and a network function layer from bottom to top.
The SD main controller drives: the device is responsible for abstracting and packaging hardware, on one hand, the initialization of the hardware is completed, and on the other hand, the device is used for providing data transmission for an upper layer, namely an SD bus export interface.
Hardware interface layer: the SD main controller is a bridge between the SD main controller and the network function layer and changes along with the change of the interface mode. This layer needs to pay attention to the communication efficiency of the upper and lower layers to be connected.
A network function layer: it is responsible for providing network functions, such as initialization of modules, data receiving and transmitting, and exporting interfaces to the upper layer protocol stack.
An application layer: most of the application layers are in user processes, which can also be called user mode layers, and users can use colorful applications.
It should be noted that the foregoing operating system layer and service/driver layer are basically the same as the structure of the existing terminal, and in the embodiment, in the Wifi AP list display of the application layer, display information of the AP may be added, for example, content such as an icon for displaying whether the access capability of accessing the Internet is provided is added.
In this embodiment, the above description is made by using only the terminal. In other embodiments, any client including the Wifi module can also implement the method for accessing the wireless network, which is not limited in this embodiment, and both the method for implementing the wireless network access through the client including the Wifi module and the method for accessing the wireless network belong to the protection scope of the present invention.
Those of ordinary skill in the art will understand that: all or a portion of the steps of implementing the above-described method embodiments may be performed by hardware associated with program instructions. The program may be stored in a computer-readable storage medium. When executed, the program performs steps comprising the method embodiments described above; and the aforementioned storage medium includes: various media that can store program codes, such as ROM, RAM, magnetic or optical disks.
Finally, it should be noted that: the above embodiments are only used to illustrate the technical solution of the present invention, and not to limit the same; while the invention has been described in detail and with reference to the foregoing embodiments, it will be understood by those skilled in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some or all of the technical features may be equivalently replaced; and the modifications or the substitutions do not make the essence of the corresponding technical solutions depart from the scope of the technical solutions of the embodiments of the present invention.