CN112003771A - Method for realizing intelligent network access of LAN side terminal - Google Patents

Method for realizing intelligent network access of LAN side terminal Download PDF

Info

Publication number
CN112003771A
CN112003771A CN202010864313.7A CN202010864313A CN112003771A CN 112003771 A CN112003771 A CN 112003771A CN 202010864313 A CN202010864313 A CN 202010864313A CN 112003771 A CN112003771 A CN 112003771A
Authority
CN
China
Prior art keywords
address
dhcp
bridge
network
mac address
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202010864313.7A
Other languages
Chinese (zh)
Inventor
魏雪玫
朱志海
赵雅敏
戴阳
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Sichuan Jiuzhou Electronic Technology Co Ltd
Original Assignee
Sichuan Jiuzhou Electronic Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Sichuan Jiuzhou Electronic Technology Co Ltd filed Critical Sichuan Jiuzhou Electronic Technology Co Ltd
Priority to CN202010864313.7A priority Critical patent/CN112003771A/en
Publication of CN112003771A publication Critical patent/CN112003771A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/2854Wide area networks, e.g. public data networks
    • H04L12/2856Access arrangements, e.g. Internet access
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/50Address allocation
    • H04L61/5007Internet protocol [IP] addresses
    • H04L61/5014Internet protocol [IP] addresses using dynamic host configuration protocol [DHCP] or bootstrap protocol [BOOTP]

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Small-Scale Networks (AREA)

Abstract

The invention discloses a method for realizing intelligent network access of a terminal on an LAN (local area network) side, which comprises the steps that the LAN side receives a Client DHCP DISCOVER message; the network bridge analyzes the DISCOVER message and updates the MAC address learning table; after receiving the DISCOVER message, the DHCP Server acquires the Client MAC address and the bridge name information, inquires the user configuration information, matches the MAC address and the physical port name, inquires whether the physical port starts the DHCP Server function, if so, the DHCP Server replies the DHCP OFFER message and allocates the available IP address, otherwise, the DHCP Server loses the message to realize the function of forbidding the automatic allocation of the IP address. The equipment accessing different ports on the same LAN side can choose to automatically obtain the address or configure a static IP address through DHCP.

Description

Method for realizing intelligent network access of LAN side terminal
Technical Field
The invention relates to the technical field of networks, in particular to a method for realizing intelligent network access of a terminal on a LAN (local area network) side.
Background
With the rapid development of the home internet of things, more and more intelligent devices are provided, and the number of intelligent devices (intelligent household appliances, mobile phones, intelligent switches, intelligent cameras and the like) which need to be connected to a home gateway is also increasing continuously. Different intelligent devices have different requirements for the mode of allocating the IP addresses, the home gateway allocates the IP addresses to the devices accessing the gateway in a DHCP or static mode, and the gateway adopting the unified control mode allocates the IP addresses of all the access devices in the same network segment, so that certain limitation is realized. For users with special requirements, for example, if a mixed network environment in which different LANs are mixed together needs to be constructed, IP addresses of different network segments or IP addresses of a specific network segment need to be used, whereas a home gateway in the prior art adopts unified management for 4 LAN ports, if a DHCP Server is started, any intelligent device accessing a home network can automatically acquire the address of the specific same network segment, and for devices with special requirements and needing to configure a specified static IP address, the requirements cannot be met; meanwhile, for numerous household intelligent terminal devices, data isolation cannot be well achieved, and security problems such as illegal access and the like can be caused.
Therefore, how to make the home gateway provide an intelligent access way, a user can choose to join different networks or maintain a specific IP technology according to a specific port or SSID access.
Disclosure of Invention
The invention aims to provide a method for realizing intelligent network access of a terminal on a LAN (local area network) side, which is used for solving the problem that a home gateway cannot simultaneously adopt a DHCP (dynamic host configuration protocol) and a static mode to allocate an IP (Internet protocol) address to equipment accessing the gateway in the prior art.
The invention solves the problems through the following technical scheme:
a method for realizing intelligent network access of a terminal on LAN side comprises the following steps:
step S100: receiving a Client DHCP DISCOVER message by the LAN side;
step S200: the bridge analyzes the DISCOVER message, updates the MAC address learning table, tracks and records the corresponding relation between the MAC address and the port, and forwards the DISCOVER message to the DHCP Server, wherein: the network bridge realizes bridging by adopting virtual network bridge equipment, the virtual bridge equipment is used for binding a plurality of network interfaces of the Ethernet equipment, and after different network interfaces are added to the home gateway, the network interfaces are bound to corresponding virtual bridge equipment;
step S300: after receiving a DISCOVER message forwarded by a network bridge, a DHCP Server acquires a Client MAC address and network bridge name information, stores the Client MAC address and the network bridge name information in a first temporary file, and inquires user configuration information, wherein the user configuration information is stored in a second temporary file and is used for storing a physical port name for a user to start a DHCP function in Web configuration;
step S400: and matching the MAC address and the name of the physical port, inquiring whether the physical port starts a DHCP Server function, if so, replying a DHCP OFFER message by the DHCP Server, and distributing an available IP address, otherwise, losing the message to realize the function of forbidding automatic distribution of the IP address.
In step S200, the corresponding relationship between the MAC address and the port is tracked and recorded, and a data structure is maintained by the bridge tool Brctl, so that the MAC address is matched with the physical port name or SSID name.
Compared with the prior art, the invention has the following advantages and beneficial effects:
the invention provides an intelligent access method, which enables intelligent equipment accessed to different ports of the same LAN side to select to automatically obtain the address of the same network segment through DHCP or select to configure a static IP address, thereby meeting the requirement of building a hybrid network environment; data isolation is realized, and security problems such as illegal access are avoided.
Drawings
FIG. 1 is a schematic diagram of the present invention;
fig. 2 is a flow chart of the use of the present invention.
Detailed Description
The present invention will be described in further detail with reference to examples, but the embodiments of the present invention are not limited thereto.
Example (b):
the home gateway LAN side port provides NAT network address translation function, and can allocate the same network segment address to the network equipment accessing the LAN port by configuring the designated IP address pool in the setting of the LAN port. The home gateway realizes address allocation through a DHCP Server function, and a user can rapidly access a network without manually configuring a network IP, a subnet mask and a DNS Server.
The invention provides a method for realizing intelligent network access of a LAN side terminal, which is used for realizing that whether a DHCP function is supported or not is respectively controlled by a LAN side port, so that a DHCP Server application layer is required to know which physical port or SSID a DHCP DISCOVER broadcast message received from the LAN side comes from, and whether the physical port or SSID starts the DHCP Server function or not is judged.
The DHCP message format is shown in table 1, and as can be seen from this, it only contains the MAC address of the client and does not contain the corresponding physical port information.
Figure BDA0002649224910000031
TABLE 1 DHCP message Format
Therefore, in order to distinguish the DHCP DISCOVER request message received by each ethernet port, attention needs to be paid to the ethernet port receiving the message in the application layer. The scheme utilizes the MAC address learning table maintained by the network bridge, in the application layer network bridge tool Brctl, the corresponding relation between the MAC address and the Ethernet physical port is added, through the corresponding relation, the DHCP Server can easily judge which physical port the received DISCOVER message comes from, the user can realize the function of forbidding a specific port or SSID to use the DHCP Server through a WEB configuration interface, the intelligent access of each intelligent home terminal device can be realized through the function, and the complicated network configuration is not required to be carried out.
Specifically, as shown in fig. 1, after receiving the Client DHCP DISCOVER message, the LAN side parses the DISCOVER broadcast message and updates the MAC address learning table. In the scheme, the Linux kernel realizes bridging through the virtual bridge device, and the virtual bridge device can bind a plurality of Ethernet device interfaces, so that a home gateway user can be bound into corresponding bridge devices after adding different network interfaces.
After the DHCP Server application layer protocol receives the data message forwarded by the bridge, the DHCP Client broadcast message is analyzed, the name of the bridge interface such as br0 can be seen,
the gateway acquires the Client MAC address and the bridge name information from the DHCP Server;
the gateway acquires physical port and physical port name information in a net _ bridge, net _ bridge _ fdb _ entry data structure, updates a Brctl tool showmacs option list, adds a physical port name, and outputs the Brctl showmacs information to a first temporary file by combining output information of an application layer;
a user configures a port with a DHCP function through WEB, and creates a second temporary file to store the name of a physical port configured by the user;
and the gateway matches the MAC address with the physical port name, judges whether the port starts the DHCP Server function, if so, replies a DHCP OFFER message and allocates an available IP address, otherwise, the gateway is directly lost and prohibits the port from allocating the IP address.
The use process is as shown in fig. 2, a user configures a physical port or SSID which disables the DHCP Server function through a page, after a link layer receives a DHCP Client DISCOVER broadcast message, the DHCP Client DISCOVER broadcast message is processed by a bridge, and the Linux bridge works in a MAC-address-based two-layer, so that the corresponding relationship between the MAC address and the port can be tracked and recorded through an MAC address learning table maintained by the bridge, and the MAC address and the physical port name or SSID name are matched by means of a data structure maintained by an application layer bridge tool Brctl. After receiving the Client DISCOVER message forwarded by the network bridge, the DHCP Server queries the configuration information of the user, and if the physical port or SSID sent by the message opens the DHCP Server function, the DHCP OFFER message is normally replied, otherwise, the message is directly discarded to implement the function of forbidding automatic allocation of the IP address for the Client.
Although the present invention has been described herein with reference to the illustrated embodiments thereof, which are intended to be preferred embodiments of the present invention, it is to be understood that the invention is not limited thereto, and that numerous other modifications and embodiments can be devised by those skilled in the art that will fall within the spirit and scope of the principles of this disclosure.

Claims (2)

1. A method for realizing intelligent network access of a terminal on a LAN (local area network) side is characterized by comprising the following steps:
step S100: receiving a Client DHCP DISCOVER message by the LAN side;
step S200: the bridge analyzes the DISCOVER message, updates the MAC address learning table, tracks and records the corresponding relation between the MAC address and the port, and forwards the DISCOVER message to the DHCP Server, wherein: the network bridge realizes bridging by adopting virtual network bridge equipment, the virtual bridge equipment is used for binding a plurality of network interfaces of the Ethernet equipment, and after different network interfaces are added to the home gateway, the network interfaces are bound to corresponding virtual bridge equipment;
step S300: after receiving a DISCOVER message forwarded by a network bridge, a DHCP Server acquires a ClientMAC address and network bridge name information, stores the ClientMAC address and the network bridge name information into a first temporary file, and inquires user configuration information, wherein the user configuration information is stored in a second temporary file and is used for storing a physical port name for a user to start a DHCP function in Web configuration;
step S400: and matching the MAC address and the name of the physical port, inquiring whether the physical port starts a DHCP Server function, if so, replying a DHCP OFFER message by the DHCP Server, and distributing an available IP address, otherwise, losing the message to realize the function of forbidding automatic distribution of the IP address.
2. The method according to claim 1, wherein the step S200 of tracking and recording the mapping relationship between the MAC address and the port maintains a data structure through a bridge tool Brctl, so as to match the MAC address with the physical port name or SSID name.
CN202010864313.7A 2020-08-25 2020-08-25 Method for realizing intelligent network access of LAN side terminal Pending CN112003771A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010864313.7A CN112003771A (en) 2020-08-25 2020-08-25 Method for realizing intelligent network access of LAN side terminal

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010864313.7A CN112003771A (en) 2020-08-25 2020-08-25 Method for realizing intelligent network access of LAN side terminal

Publications (1)

Publication Number Publication Date
CN112003771A true CN112003771A (en) 2020-11-27

Family

ID=73470345

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010864313.7A Pending CN112003771A (en) 2020-08-25 2020-08-25 Method for realizing intelligent network access of LAN side terminal

Country Status (1)

Country Link
CN (1) CN112003771A (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112714027A (en) * 2021-01-26 2021-04-27 浙江简捷物联科技有限公司 Method and system for accessing terminal equipment of Internet of things to gateway
CN114244787A (en) * 2021-12-08 2022-03-25 四川安迪科技实业有限公司 Method and device for realizing high-reliability management port

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040177133A1 (en) * 2002-11-12 2004-09-09 Next Generation Broadband Intelligent configuration bridge system and method for adding supplemental capabilities to an existing high speed data infrastructure
CN1859407A (en) * 2006-02-17 2006-11-08 华为技术有限公司 Method for securing special line user access network
CN106059832A (en) * 2016-08-31 2016-10-26 上海斐讯数据通信技术有限公司 Method and system for automatically judging Internet-surfing way of WAN (Wide Area Network) port
CN107493234A (en) * 2016-06-12 2017-12-19 阿里巴巴集团控股有限公司 A kind of message processing method and device based on virtual bridge
CN108933847A (en) * 2018-06-29 2018-12-04 杭州迪普科技股份有限公司 A kind of method and device that address is quickly distributed

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040177133A1 (en) * 2002-11-12 2004-09-09 Next Generation Broadband Intelligent configuration bridge system and method for adding supplemental capabilities to an existing high speed data infrastructure
CN1859407A (en) * 2006-02-17 2006-11-08 华为技术有限公司 Method for securing special line user access network
CN107493234A (en) * 2016-06-12 2017-12-19 阿里巴巴集团控股有限公司 A kind of message processing method and device based on virtual bridge
CN106059832A (en) * 2016-08-31 2016-10-26 上海斐讯数据通信技术有限公司 Method and system for automatically judging Internet-surfing way of WAN (Wide Area Network) port
CN108933847A (en) * 2018-06-29 2018-12-04 杭州迪普科技股份有限公司 A kind of method and device that address is quickly distributed

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112714027A (en) * 2021-01-26 2021-04-27 浙江简捷物联科技有限公司 Method and system for accessing terminal equipment of Internet of things to gateway
CN114244787A (en) * 2021-12-08 2022-03-25 四川安迪科技实业有限公司 Method and device for realizing high-reliability management port
CN114244787B (en) * 2021-12-08 2023-04-11 四川安迪科技实业有限公司 Method and device for realizing high-reliability management port

Similar Documents

Publication Publication Date Title
EP2253124B1 (en) Method and apparatus for communication of data packets between local networks
EP2267984B1 (en) Address configuring method, apparatus and system
CA2619092C (en) Method of and system for support of user devices roaming between routing realms by a single network server
KR100657316B1 (en) A fast handover method in DHCPv4, handover apparatus thereof and recording medium thereof
EP2756411B1 (en) Deterministic mapping
US7779158B2 (en) Network device
US8265084B2 (en) Local network connecting system local network connecting method and mobile terminal
US20030172170A1 (en) Providing multiple ISP access to devices behind NAT
CN106302839B (en) Internet protocol IP address allocation method and device
US20050182829A1 (en) System for selecting a connectivity mechanism
US20070091908A1 (en) Communication device and communication control method using efficient echonet address determination scheme
CN102761440B (en) Method for establishing channel for managing IPv4 terminal and network gateway
US20120162445A1 (en) Virtual tunnel router, ip camera management server and location-based ip camera service method
JP3538527B2 (en) Wireless communication system and wireless communication method
CN103957288A (en) Method, device and equipment for IP address dynamic allocation
CN106713039B (en) Ethernet port identification method and device and router
JP4600394B2 (en) Network access router, network access method, program, and recording medium
CN110365557B (en) Network interconnection method and device
JP3420512B2 (en) Dynamic domain name system
TW201244426A (en) Gateway and attack avoiding method thereof
CN106255089A (en) A kind of method and apparatus of radio three layer roaming
US7739394B2 (en) Bi-level addressing for internet protocol broadband access
CN101150598A (en) Method for CDMA system to allocate fixing IP address for users
CN112003771A (en) Method for realizing intelligent network access of LAN side terminal
JP3858884B2 (en) Network access gateway, network access gateway control method and program

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20201127

RJ01 Rejection of invention patent application after publication