CN112003771A - Method for realizing intelligent network access of LAN side terminal - Google Patents
Method for realizing intelligent network access of LAN side terminal Download PDFInfo
- Publication number
- CN112003771A CN112003771A CN202010864313.7A CN202010864313A CN112003771A CN 112003771 A CN112003771 A CN 112003771A CN 202010864313 A CN202010864313 A CN 202010864313A CN 112003771 A CN112003771 A CN 112003771A
- Authority
- CN
- China
- Prior art keywords
- address
- dhcp
- bridge
- network
- mac address
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/2854—Wide area networks, e.g. public data networks
- H04L12/2856—Access arrangements, e.g. Internet access
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements, protocols or services for addressing or naming
- H04L61/50—Address allocation
- H04L61/5007—Internet protocol [IP] addresses
- H04L61/5014—Internet protocol [IP] addresses using dynamic host configuration protocol [DHCP] or bootstrap protocol [BOOTP]
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Small-Scale Networks (AREA)
Abstract
The invention discloses a method for realizing intelligent network access of a terminal on an LAN (local area network) side, which comprises the steps that the LAN side receives a Client DHCP DISCOVER message; the network bridge analyzes the DISCOVER message and updates the MAC address learning table; after receiving the DISCOVER message, the DHCP Server acquires the Client MAC address and the bridge name information, inquires the user configuration information, matches the MAC address and the physical port name, inquires whether the physical port starts the DHCP Server function, if so, the DHCP Server replies the DHCP OFFER message and allocates the available IP address, otherwise, the DHCP Server loses the message to realize the function of forbidding the automatic allocation of the IP address. The equipment accessing different ports on the same LAN side can choose to automatically obtain the address or configure a static IP address through DHCP.
Description
Technical Field
The invention relates to the technical field of networks, in particular to a method for realizing intelligent network access of a terminal on a LAN (local area network) side.
Background
With the rapid development of the home internet of things, more and more intelligent devices are provided, and the number of intelligent devices (intelligent household appliances, mobile phones, intelligent switches, intelligent cameras and the like) which need to be connected to a home gateway is also increasing continuously. Different intelligent devices have different requirements for the mode of allocating the IP addresses, the home gateway allocates the IP addresses to the devices accessing the gateway in a DHCP or static mode, and the gateway adopting the unified control mode allocates the IP addresses of all the access devices in the same network segment, so that certain limitation is realized. For users with special requirements, for example, if a mixed network environment in which different LANs are mixed together needs to be constructed, IP addresses of different network segments or IP addresses of a specific network segment need to be used, whereas a home gateway in the prior art adopts unified management for 4 LAN ports, if a DHCP Server is started, any intelligent device accessing a home network can automatically acquire the address of the specific same network segment, and for devices with special requirements and needing to configure a specified static IP address, the requirements cannot be met; meanwhile, for numerous household intelligent terminal devices, data isolation cannot be well achieved, and security problems such as illegal access and the like can be caused.
Therefore, how to make the home gateway provide an intelligent access way, a user can choose to join different networks or maintain a specific IP technology according to a specific port or SSID access.
Disclosure of Invention
The invention aims to provide a method for realizing intelligent network access of a terminal on a LAN (local area network) side, which is used for solving the problem that a home gateway cannot simultaneously adopt a DHCP (dynamic host configuration protocol) and a static mode to allocate an IP (Internet protocol) address to equipment accessing the gateway in the prior art.
The invention solves the problems through the following technical scheme:
a method for realizing intelligent network access of a terminal on LAN side comprises the following steps:
step S100: receiving a Client DHCP DISCOVER message by the LAN side;
step S200: the bridge analyzes the DISCOVER message, updates the MAC address learning table, tracks and records the corresponding relation between the MAC address and the port, and forwards the DISCOVER message to the DHCP Server, wherein: the network bridge realizes bridging by adopting virtual network bridge equipment, the virtual bridge equipment is used for binding a plurality of network interfaces of the Ethernet equipment, and after different network interfaces are added to the home gateway, the network interfaces are bound to corresponding virtual bridge equipment;
step S300: after receiving a DISCOVER message forwarded by a network bridge, a DHCP Server acquires a Client MAC address and network bridge name information, stores the Client MAC address and the network bridge name information in a first temporary file, and inquires user configuration information, wherein the user configuration information is stored in a second temporary file and is used for storing a physical port name for a user to start a DHCP function in Web configuration;
step S400: and matching the MAC address and the name of the physical port, inquiring whether the physical port starts a DHCP Server function, if so, replying a DHCP OFFER message by the DHCP Server, and distributing an available IP address, otherwise, losing the message to realize the function of forbidding automatic distribution of the IP address.
In step S200, the corresponding relationship between the MAC address and the port is tracked and recorded, and a data structure is maintained by the bridge tool Brctl, so that the MAC address is matched with the physical port name or SSID name.
Compared with the prior art, the invention has the following advantages and beneficial effects:
the invention provides an intelligent access method, which enables intelligent equipment accessed to different ports of the same LAN side to select to automatically obtain the address of the same network segment through DHCP or select to configure a static IP address, thereby meeting the requirement of building a hybrid network environment; data isolation is realized, and security problems such as illegal access are avoided.
Drawings
FIG. 1 is a schematic diagram of the present invention;
fig. 2 is a flow chart of the use of the present invention.
Detailed Description
The present invention will be described in further detail with reference to examples, but the embodiments of the present invention are not limited thereto.
Example (b):
the home gateway LAN side port provides NAT network address translation function, and can allocate the same network segment address to the network equipment accessing the LAN port by configuring the designated IP address pool in the setting of the LAN port. The home gateway realizes address allocation through a DHCP Server function, and a user can rapidly access a network without manually configuring a network IP, a subnet mask and a DNS Server.
The invention provides a method for realizing intelligent network access of a LAN side terminal, which is used for realizing that whether a DHCP function is supported or not is respectively controlled by a LAN side port, so that a DHCP Server application layer is required to know which physical port or SSID a DHCP DISCOVER broadcast message received from the LAN side comes from, and whether the physical port or SSID starts the DHCP Server function or not is judged.
The DHCP message format is shown in table 1, and as can be seen from this, it only contains the MAC address of the client and does not contain the corresponding physical port information.
TABLE 1 DHCP message Format
Therefore, in order to distinguish the DHCP DISCOVER request message received by each ethernet port, attention needs to be paid to the ethernet port receiving the message in the application layer. The scheme utilizes the MAC address learning table maintained by the network bridge, in the application layer network bridge tool Brctl, the corresponding relation between the MAC address and the Ethernet physical port is added, through the corresponding relation, the DHCP Server can easily judge which physical port the received DISCOVER message comes from, the user can realize the function of forbidding a specific port or SSID to use the DHCP Server through a WEB configuration interface, the intelligent access of each intelligent home terminal device can be realized through the function, and the complicated network configuration is not required to be carried out.
Specifically, as shown in fig. 1, after receiving the Client DHCP DISCOVER message, the LAN side parses the DISCOVER broadcast message and updates the MAC address learning table. In the scheme, the Linux kernel realizes bridging through the virtual bridge device, and the virtual bridge device can bind a plurality of Ethernet device interfaces, so that a home gateway user can be bound into corresponding bridge devices after adding different network interfaces.
After the DHCP Server application layer protocol receives the data message forwarded by the bridge, the DHCP Client broadcast message is analyzed, the name of the bridge interface such as br0 can be seen,
the gateway acquires the Client MAC address and the bridge name information from the DHCP Server;
the gateway acquires physical port and physical port name information in a net _ bridge, net _ bridge _ fdb _ entry data structure, updates a Brctl tool showmacs option list, adds a physical port name, and outputs the Brctl showmacs information to a first temporary file by combining output information of an application layer;
a user configures a port with a DHCP function through WEB, and creates a second temporary file to store the name of a physical port configured by the user;
and the gateway matches the MAC address with the physical port name, judges whether the port starts the DHCP Server function, if so, replies a DHCP OFFER message and allocates an available IP address, otherwise, the gateway is directly lost and prohibits the port from allocating the IP address.
The use process is as shown in fig. 2, a user configures a physical port or SSID which disables the DHCP Server function through a page, after a link layer receives a DHCP Client DISCOVER broadcast message, the DHCP Client DISCOVER broadcast message is processed by a bridge, and the Linux bridge works in a MAC-address-based two-layer, so that the corresponding relationship between the MAC address and the port can be tracked and recorded through an MAC address learning table maintained by the bridge, and the MAC address and the physical port name or SSID name are matched by means of a data structure maintained by an application layer bridge tool Brctl. After receiving the Client DISCOVER message forwarded by the network bridge, the DHCP Server queries the configuration information of the user, and if the physical port or SSID sent by the message opens the DHCP Server function, the DHCP OFFER message is normally replied, otherwise, the message is directly discarded to implement the function of forbidding automatic allocation of the IP address for the Client.
Although the present invention has been described herein with reference to the illustrated embodiments thereof, which are intended to be preferred embodiments of the present invention, it is to be understood that the invention is not limited thereto, and that numerous other modifications and embodiments can be devised by those skilled in the art that will fall within the spirit and scope of the principles of this disclosure.
Claims (2)
1. A method for realizing intelligent network access of a terminal on a LAN (local area network) side is characterized by comprising the following steps:
step S100: receiving a Client DHCP DISCOVER message by the LAN side;
step S200: the bridge analyzes the DISCOVER message, updates the MAC address learning table, tracks and records the corresponding relation between the MAC address and the port, and forwards the DISCOVER message to the DHCP Server, wherein: the network bridge realizes bridging by adopting virtual network bridge equipment, the virtual bridge equipment is used for binding a plurality of network interfaces of the Ethernet equipment, and after different network interfaces are added to the home gateway, the network interfaces are bound to corresponding virtual bridge equipment;
step S300: after receiving a DISCOVER message forwarded by a network bridge, a DHCP Server acquires a ClientMAC address and network bridge name information, stores the ClientMAC address and the network bridge name information into a first temporary file, and inquires user configuration information, wherein the user configuration information is stored in a second temporary file and is used for storing a physical port name for a user to start a DHCP function in Web configuration;
step S400: and matching the MAC address and the name of the physical port, inquiring whether the physical port starts a DHCP Server function, if so, replying a DHCP OFFER message by the DHCP Server, and distributing an available IP address, otherwise, losing the message to realize the function of forbidding automatic distribution of the IP address.
2. The method according to claim 1, wherein the step S200 of tracking and recording the mapping relationship between the MAC address and the port maintains a data structure through a bridge tool Brctl, so as to match the MAC address with the physical port name or SSID name.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202010864313.7A CN112003771A (en) | 2020-08-25 | 2020-08-25 | Method for realizing intelligent network access of LAN side terminal |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202010864313.7A CN112003771A (en) | 2020-08-25 | 2020-08-25 | Method for realizing intelligent network access of LAN side terminal |
Publications (1)
Publication Number | Publication Date |
---|---|
CN112003771A true CN112003771A (en) | 2020-11-27 |
Family
ID=73470345
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202010864313.7A Pending CN112003771A (en) | 2020-08-25 | 2020-08-25 | Method for realizing intelligent network access of LAN side terminal |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN112003771A (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112714027A (en) * | 2021-01-26 | 2021-04-27 | 浙江简捷物联科技有限公司 | Method and system for accessing terminal equipment of Internet of things to gateway |
CN114244787A (en) * | 2021-12-08 | 2022-03-25 | 四川安迪科技实业有限公司 | Method and device for realizing high-reliability management port |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20040177133A1 (en) * | 2002-11-12 | 2004-09-09 | Next Generation Broadband | Intelligent configuration bridge system and method for adding supplemental capabilities to an existing high speed data infrastructure |
CN1859407A (en) * | 2006-02-17 | 2006-11-08 | 华为技术有限公司 | Method for securing special line user access network |
CN106059832A (en) * | 2016-08-31 | 2016-10-26 | 上海斐讯数据通信技术有限公司 | Method and system for automatically judging Internet-surfing way of WAN (Wide Area Network) port |
CN107493234A (en) * | 2016-06-12 | 2017-12-19 | 阿里巴巴集团控股有限公司 | A kind of message processing method and device based on virtual bridge |
CN108933847A (en) * | 2018-06-29 | 2018-12-04 | 杭州迪普科技股份有限公司 | A kind of method and device that address is quickly distributed |
-
2020
- 2020-08-25 CN CN202010864313.7A patent/CN112003771A/en active Pending
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20040177133A1 (en) * | 2002-11-12 | 2004-09-09 | Next Generation Broadband | Intelligent configuration bridge system and method for adding supplemental capabilities to an existing high speed data infrastructure |
CN1859407A (en) * | 2006-02-17 | 2006-11-08 | 华为技术有限公司 | Method for securing special line user access network |
CN107493234A (en) * | 2016-06-12 | 2017-12-19 | 阿里巴巴集团控股有限公司 | A kind of message processing method and device based on virtual bridge |
CN106059832A (en) * | 2016-08-31 | 2016-10-26 | 上海斐讯数据通信技术有限公司 | Method and system for automatically judging Internet-surfing way of WAN (Wide Area Network) port |
CN108933847A (en) * | 2018-06-29 | 2018-12-04 | 杭州迪普科技股份有限公司 | A kind of method and device that address is quickly distributed |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112714027A (en) * | 2021-01-26 | 2021-04-27 | 浙江简捷物联科技有限公司 | Method and system for accessing terminal equipment of Internet of things to gateway |
CN114244787A (en) * | 2021-12-08 | 2022-03-25 | 四川安迪科技实业有限公司 | Method and device for realizing high-reliability management port |
CN114244787B (en) * | 2021-12-08 | 2023-04-11 | 四川安迪科技实业有限公司 | Method and device for realizing high-reliability management port |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
EP2253124B1 (en) | Method and apparatus for communication of data packets between local networks | |
EP2267984B1 (en) | Address configuring method, apparatus and system | |
CA2619092C (en) | Method of and system for support of user devices roaming between routing realms by a single network server | |
KR100657316B1 (en) | A fast handover method in DHCPv4, handover apparatus thereof and recording medium thereof | |
EP2756411B1 (en) | Deterministic mapping | |
US7779158B2 (en) | Network device | |
US8265084B2 (en) | Local network connecting system local network connecting method and mobile terminal | |
US20030172170A1 (en) | Providing multiple ISP access to devices behind NAT | |
CN106302839B (en) | Internet protocol IP address allocation method and device | |
US20050182829A1 (en) | System for selecting a connectivity mechanism | |
US20070091908A1 (en) | Communication device and communication control method using efficient echonet address determination scheme | |
CN102761440B (en) | Method for establishing channel for managing IPv4 terminal and network gateway | |
US20120162445A1 (en) | Virtual tunnel router, ip camera management server and location-based ip camera service method | |
JP3538527B2 (en) | Wireless communication system and wireless communication method | |
CN103957288A (en) | Method, device and equipment for IP address dynamic allocation | |
CN106713039B (en) | Ethernet port identification method and device and router | |
JP4600394B2 (en) | Network access router, network access method, program, and recording medium | |
CN110365557B (en) | Network interconnection method and device | |
JP3420512B2 (en) | Dynamic domain name system | |
TW201244426A (en) | Gateway and attack avoiding method thereof | |
CN106255089A (en) | A kind of method and apparatus of radio three layer roaming | |
US7739394B2 (en) | Bi-level addressing for internet protocol broadband access | |
CN101150598A (en) | Method for CDMA system to allocate fixing IP address for users | |
CN112003771A (en) | Method for realizing intelligent network access of LAN side terminal | |
JP3858884B2 (en) | Network access gateway, network access gateway control method and program |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20201127 |
|
RJ01 | Rejection of invention patent application after publication |