CN100531204C - Method, system and application for checking multicast user underling terminal device validity - Google Patents
Method, system and application for checking multicast user underling terminal device validity Download PDFInfo
- Publication number
- CN100531204C CN100531204C CNB2005100857097A CN200510085709A CN100531204C CN 100531204 C CN100531204 C CN 100531204C CN B2005100857097 A CNB2005100857097 A CN B2005100857097A CN 200510085709 A CN200510085709 A CN 200510085709A CN 100531204 C CN100531204 C CN 100531204C
- Authority
- CN
- China
- Prior art keywords
- multicast
- terminal equipment
- message
- access device
- pppoe
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention relates to a method for checking if the multicast user terminal is valid, and relative system, access device and terminal device. Wherein, said method is characterized in that: processing PPPOE dial authentication on said terminal; after successful authentication, packing the IGMP into report into PPPOE conversation report format to be sent to the access device; the access device, according to the IGMP added report to check the terminal device that sending said report as the valid terminal. In said invention, the access device can obtain the multicast authority of user, based on which and/or the online time of terminal device adds into the multicast group, to realize several charging methods; the access device can process the multicast flow data report, to avoid invalid user.
Description
Technical field
The present invention relates to network communications technology field, relate in particular to a kind of method, system and application of checking multicast user underling terminal device validity.
Background technology
At present Web TV adopts the multicast mode to commence business mostly, utilize the multicast mode effectively the Control Network transmission bandwidth, alleviate the router load, but how existence guarantees the problem that the user is legal.
The common means of the legal problem of current effective solution user are to adopt PPPOE (Point-to-PointProtocol Over Ethernet, peer-peer protocol on the Ethernet) agreement, below the PPPOE agreement is simply introduced, and then do one at IGMP (Internet GroupManagement Protocol, the Internet group management protocol of the multicast group) agreement that the multicast mode adopts and simply introduce.
Adopt the PPPOE agreement, at first will learn about PPP (Point-to-Point Protocol, peer-peer protocol) agreement.Ppp protocol provides a kind of standard mode of transmitting the data message of multiple network layer protocol on point-to-point link.Ppp protocol has CHAP (Challenge HandshakeAuthentication Protocol, the PAP that ciphertext transmits), PAP (PasswordAuthentication Protocol, password authentication protocol) indentification protocol has better guaranteed the fail safe of network.
The form of the data message of ppp protocol is as follows:
| Flag | Addr | Ctrl | Protocol area |
1Byte 1Byte 1Byte 2Byte
| Data area | CRC | Flag |
Default 1500Byte 2Byte 1Byte
More typical Protocol area (protocol domain) type value is as follows:
| 0xC021 | What carry in the information field is the data message of LCP |
| 0xC023 | What carry in the information field is the message identifying of PAP agreement |
| 0xC223 | What carry in the information field is the message identifying of CHAP agreement |
| 0x8021 | What carry in the information field is the data message of Network Control Protocol |
| 0x0021 | What carry in the information field is the IP datagram literary composition |
Between the both sides that ppp protocol requires to communicate is the relation of point-to-point, be unsuitable for the Ethernet of broadcast-type and the network of other multipoint access type, so just produced the PPPOE agreement, this agreement is divided into discovery stage and PPP session stage, it not only provides a kind of broadband access means for the user, access control and the charging that can also provide convenience simultaneously.Each user need set up the session of a unique PPP, so must know MAC (Media AccessControl, the medium access control) address of remote access concentrator before the session foundation, and the PPPOE agreement can be by finding that agreement get access to.
Because PPPOE is carried in Ethernet (Ethernet) message, and the Ethernet message format is as follows:
| DstAC | SrcAC | Frame Type | Data area | CRC |
6Byte 6Byte 2Byte <=1500Byte 4Byte
Therefore, corresponding PPPOE finds that the message format in stage is:
| Ethernet broadcasting MAC Address | The Ethernet Hosts MAC Address | 0x8863 | Data area | CRC |
The message format of corresponding PPPOE session stage is:
| The Ethernet unicast mac address | The Ethernet Hosts MAC Address | 0x8864 | Data area | CRC |
When main frame wished to begin a PPPOE session, it at first will carry out the MAC Address that the other side is discerned in a discovery procedure, set up a unique PPPOE SESSION ID (session identification) then.PPPOE uses one to find that agreement solves this problem, and it is based on CLIENT.Because the broadcast characteristic of Ethernet, main frame in this process (client) can be found all LACs (server), and selects one of them, sets up point-to-point connection according to obtaining information between.After a PPP session is established, just finished the whole discovery stage of PPPOE.After the session stage of PPPOE begins, just transmit PPP information between main frame and the LAC, carry out every negotiation and the transfer of data of PPP according to ppp protocol.In this stage data packets for transmission, must be included in the SESSION ID that the discovery stage determines and remain unchanged.Under the normal condition, the end of session stage is finished by ppp protocol control, but in PPPOE, defined a PADT (PPPOE ActiveDiscovery Terminate, the PPPOE session discovery stage stops) bag is used for end session, and whenever what main frame or LAC can be after the PPP session begin comes end session by sending this packet.
The message format of PPPOE Data area (data field) is as follows:
0 3 7 15 31
In case after the PPPOE session is set up, just begin between main frame and the LAC (server) to transmit PPP information according to ppp protocol, all ethernet frames all are single addresses.At this moment, the ETHER_TYPE value is 0x8864, and code value is 0x00, and SESSION ID remains unchanged in the whole session process.At the PPPOE session stage, the Net Info (payload) of message is exactly a PPP information in the PPPOE data field.
After introducing the PPPOE message, introduce the IGMP agreement again.
In the ICP/IP protocol system, IGMP has experienced three versions of IGMP V1/V2/V3.Content of the present invention is for convenience of description done a simple introduction (introducing the form of member's report message) to the agreement of three kinds of versions earlier simply.
The protocol format of IGMP V1 version is as follows:
0 3 7 15 31
Wherein, Version: equal 1.
Type:1, Host Membership Query, the multicast member inquiry; 2, Host MembershipReport, the multicast member report.
Checksum (check word): 16 detections that are IGMP message-length (the whole pay(useful) load of IP bag).This territory is made as 0, when the calculation check word this territory is wrapped in together and calculates.When transmitting bag, must calculate this check word and be inserted in this territory and go.When receiving bag, this check word must be tested before handling this bag.
Group Address: multicast ip address.
The protocol format of IGMP V2 version is as follows:
0 7 15 31
Wherein, Type: the relevant alternately of 3 kinds of IGMP message and main frame and router arranged:
0x11 (member relation inquiry): the subtype that two member relation inquiries are arranged: general inquiry, whether be used for understanding a group has the member in adjacent network; Group-specific query is used for understanding in the specific group of adjacent network whether the member is arranged.These two message are distinguished by group address.
0x16: version 2 member relation report.
0x17: leave group.
For with IGMP V 1 compatibility, also have an other additional News Category: 0x12=version 1 member report.
Member relation report in the document refers to " report " in fact.When not defining version number, then be applicable to two versions simultaneously.The type of message that can not discern should be ignored it.
The form of IGMP V3 agreement member report message is as follows:
0 7 15 31
From the form of top agreement as can be seen, with respect to the V2 version, V3 has done very big change.V2 member's report message once can only be reported a multicast address, and V3 member's report message once can be reported a plurality of members, by " Number of Group Records " territory mandatory member's number.And each member is by " Group Record " domain representation, and it not only includes only multicast IP address, can also comprise a lot of extraneous informations.
Group Record form is as follows:
0 7 15 31
More than introduced the IGMP agreement, the terminal equipment that will introduce multicast user underling below adds the process of multicast group (being multicast data flow) by realizing the IGMP agreement, as shown in Figure 1, comprises the steps:
1, when the terminal equipment of multicast user underling need add a multicast group, sends IGMP to access device and join message;
2, after access device receives that this IGMP joins message, this terminal equipment is added in its multicast forward table, and corresponding multicast data flow is issued to described terminal equipment by described multicast user;
3, after this terminal equipment added multicast group, access device sent the igmp querying message every the regular period, inquired about this terminal equipment and whether was also receiving this multicast data flow.If this terminal equipment need continue to remain on this multicast group, must respond an IGMP and join message.
Add the process of multicast from above-mentioned multicast user, there is following shortcoming in prior art:
1, because the terminal equipment of access device restriction can only be distinguished a port of access device, as ADSL (Asymmetric Digital Subscriber Line, asymmetric digital subscriber line), VDSL (very high speed digital subscriber ling, Very-high-speed Digital Subscriber Line), GSHDSL (General Single pair High speed Digital Subscriber Line, common single pair high bit rate digital subscriber loop), therefore for MODEM (modulator-demodulator, be multicast user alleged among the present invention) situation of a plurality of terminal equipments of subordinate, as home gateway, be that the multicast user forms local area network (LAN) down, access device then can not control terminal the program request behavior, because no matter be which terminal equipment carries out program request, access device all can only recognize the multicast user, and can not recognize concrete which terminal equipment of multicast user underling, so access device can't guarantee the legitimacy of multicast user underling terminal device; The quantity of uncontrollable multicast user underling terminal device;
2, may be used identical or similar equipment to connect by the disabled user owing to be connected to the circuit of terminal equipment, thereby legal multicast user's rights and interests are suffered damage, therefore can not prevent the problem of invalid user stealing Internet resources;
3, because access device can't effectively be discerned the presence of multicast user underling terminal device, can only charge according to the monthly payment mode usually, be not easy to realize multiple charging way.
Summary of the invention
In view of above-mentioned existing in prior technology problem, method, system and the access device and the terminal equipment that the purpose of this invention is to provide a kind of checking multicast user terminal device validity, access device is legal terminal equipment according to the IGMP that the is encapsulated as PPPOE session stage message format terminal equipment of determining to send this message that joins message, thereby has guaranteed the legitimacy of the terminal equipment of multicast user underling.
The objective of the invention is to be achieved through the following technical solutions:
The invention provides a kind of method of checking multicast user underling terminal device validity, comprising:
The terminal equipment of A, multicast user underling carries out peer-peer protocol PPPOE dialing authentication on the Ethernet;
B, described terminal equipment join message Internet group management protocol of the multicast group IGMP after the success of PPPOE dialing authentication and are encapsulated as PPPOE session stage message format and send to access device;
C, access device join message to the received IGMP that is encapsulated as PPPOE session stage message format according to user multicast power and handle, judge whether terminal equipment has the authority that adds corresponding multicast group, if described user multicast power allows desired multicast group in the joining message of terminal equipment transmission, the terminal equipment of then determining this message of transmission is legal terminal equipment, and described terminal equipment is added in its multicast forward table.
Described step B comprises:
Described terminal equipment carries out multicast authentication after PPPOE dialing authentication success, and after the multicast authentication success IGMP is joined message and be encapsulated as PPPOE session stage message format and send to access device; Whether described multicast authentication has the authority of opening multicast for the described terminal equipment of checking.
The step that described terminal equipment carries out multicast authentication specifically comprises:
The PPPOE server carries out multicast authentication according to the multicast authentication information of terminal equipment input, verifies whether described terminal equipment has the authority of opening multicast.
Described step C also comprises: described access device obtains described user multicast power, specifically comprises:
The session identification SESSION ID that sets up when the PPPOE server carries out the PPPOE dialing authentication according to described terminal equipment obtains described multicast user's multicast authority in the server of storage user multicast power, then the multicast authority that obtains is issued to access device; Perhaps,
After the success of terminal equipment PPPOE dialing authentication, access device determines that it is that first IGMP that described terminal equipment adds multicast group is when joining message that the IGMP that is encapsulated as PPPOE session stage message format that its terminal equipment that receives sends joins message, SESSION ID during access device joins message this IGMP is encapsulated as the IPOE message format, reports the PPPOE server;
The PPPOE server obtains described multicast user's multicast authority according to this SESSION ID in the server of storage user multicast power, then the multicast authority that obtains is issued to access device.
This method also comprises:
The SESSION ID that sets up when access device carries out the PPPOE authentication according to described terminal equipment controls described multicast user's terminal equipment quantity.
This method also comprises:
Add the line duration of multicast group and/or described multicast user's multicast authority according to described terminal equipment, described multicast user is chargeed.
This method also comprises:
Message mutual between access device and the described terminal equipment is encapsulated as the transmission of PPPOE session stage message format.
Message mutual between described access device and the described terminal equipment comprises:
Multicast data flow data message, igmp querying message, IGMP joins message and/or IGMP leave message.
The present invention also provides a kind of system of checking multicast user underling terminal device validity, and described system comprises: IGMP protocol massages package module and terminal device validity are confirmed module;
Described IGMP protocol massages package module is arranged at terminal equipment, is used for that the IGMP protocol massages that the terminal equipment of PPPOE dialing authentication success sends is encapsulated as PPPOE session stage message format and sends to terminal device validity and confirm module;
Described terminal device validity confirms that module is arranged at access device, be used for the received IGMP that is encapsulated as PPPOE session stage message format being joined message and handle according to user multicast power, judge whether terminal equipment has the authority that adds corresponding multicast group, if described user multicast power allows desired multicast group in the joining message of terminal equipment transmission, the terminal equipment of then determining this message of transmission is legal terminal equipment, and described terminal equipment is added in its multicast forward table.
Described system also comprises:
The message package module, this module is arranged at access device, is used for the message that access device sends to terminal equipment is encapsulated as the transmission of PPPOE session stage message format.
The present invention also provides a kind of access device, comprising:
Terminal device validity is confirmed module, be used for the received IGMP that is encapsulated as PPPOE session stage message format being joined message and handle according to user multicast power, judge whether terminal equipment has the authority that adds corresponding multicast group, if described user multicast power allows desired multicast group in the joining message of terminal equipment transmission, the terminal equipment of then determining this message of transmission is legal terminal equipment, and described terminal equipment is added in its multicast forward table.
Described access device also comprises:
The message package module is used for the message that access device sends to terminal equipment is encapsulated as the transmission of PPPOE session stage message format.
Described access device also comprises: control terminal quantity module is used for carrying out according to terminal equipment the SESSION ID control multicast user's that PPPOE when authentication set up terminal equipment quantity.
As seen from the above technical solution provided by the invention, the present invention has the following advantages:
1, which terminal equipment that links to each other with the multicast user adds multicast group, all must be through adding multicast group after the success of PPPOE dialing authentication, thereby all terminal equipments that guarantee multicast user underling all are legal, and quantity that can limiting terminal equipment;
2, because the PPPOE server presence of monitoring group broadcasting user underling terminal device in real time, can carry out metered according to the line duration that the user adds multicast group, if access device has obtained user multicast power, can also realize pressing pay per channel according to the multicast group of user's program request, therefore realize multiple charging way easily, perhaps, can also not only press the time but also press pay per channel;
3, because terminal equipment needs process PPPOE authentication and multicast authentication before adding multicast group, and authentication information, such as: account number and password etc. is private, therefore, even the disabled user is connected to access device to circuit by illegal means, the disabled user can not pass through multicast authentication so, and its IGMP joins message and can not generate, thereby can not add multicast group, therefore can effectively prevent invalid user stealing Internet resources problem; Access device is that PPPOE protocol massages form is handed down to terminal equipment with the multicast data flow data encapsulation, also can effectively prevent invalid user stealing Internet resources problem;
If the message that 4 terminal equipments send all is the PPPOE encapsulation format, then improved the adaptability of terminal equipment.
Description of drawings
Fig. 1 is the flow chart that the described terminal equipment of prior art adds multicast group;
Fig. 2 is the process chart of method of the present invention;
Fig. 3 is the structural representation of system of the present invention.
Embodiment
Core concept of the present invention is: the terminal equipment of multicast user underling carries out the PPPOE dialing authentication, behind the authentication success, IGMP joined message to be encapsulated as PPPOE session stage message format and to send to access device, and access device is legal terminal equipment according to the IGMP that the is encapsulated as PPPOE session stage message format terminal equipment of determining to send this message that joins message.
With the IGMP reason that is encapsulated as PPPOE protocol massages form that joins message be:
Still send according to general Ethernet message if IGMP joins message, then access device does not know that whether terminal equipment is by the PPPOE dialing authentication; Be encapsulated as the mode of PPPOE protocol massages form and adopt IGMP joined message, just guaranteed that terminal equipment must authenticate by PPPOE, and from this process as can be seen, IGMP must be joined message is encapsulated as the data message form of PPPOE session stage agreement.
Therefore, can guarantee the legitimacy of multicast user underling terminal device by said process, thereby realize controllable multicast at access device.
In the present invention, can also take other measures further to confirm the legitimacy of multicast user underling terminal device, such as:
After the success of terminal equipment PPPOE dialing authentication, the PPPOE server can also require its input multicast authentication information to carry out multicast authentication, verifies whether described terminal equipment has the authority of opening multicast;
Described multicast information comprises: information such as multicast account number and multicast password.
After the success of described terminal equipment multicast authentication, IGMP being joined message is encapsulated as PPPOE session stage message format and sends to access device again;
Access device is legal terminal equipment according to the IGMP that the is encapsulated as PPPOE session stage message format terminal equipment of determining to send this message that joins message.
Perhaps,
Access device is after the success of terminal equipment PPPOE dialing authentication, perhaps after terminal equipment PPPOE dialing authentication and multicast authentication success, obtain described multicast user's multicast authority, judge that described multicast user underling terminal device has the authority of some channel of program request;
Access device is legal terminal equipment according to the multicast authority that obtains and the IGMP that the is encapsulated as PPPOE session stage message format terminal equipment of determining to send this message that joins message, and determines promptly whether the terminal equipment that sends message has the authority of certain channel program of program request.
When terminal equipment carried out PPPOE authentication and/or multicast authentication, password wherein can adopt modes such as PAP that password authentication protocol, ciphertext transmit or extendible authentication protocol to encrypt transmission.
Therefore, in the present invention, the terminal equipment quantity of the SESSION ID control multicast user underling of setting up when access device can carry out the PPPOE dialing authentication according to terminal equipment.
The PPPOE server can add the line duration of multicast group (being receiving group stream) according to terminal equipment, the multicast user is realized metered, perhaps according to user's multicast authority, the multicast user is realized pressing pay per channel, perhaps not only press the time but also press pay per channel, can realize multiple charging way.
In the present invention, message mutual between access device and the described terminal equipment can also be encapsulated as the transmission of PPPOE session stage message format.
Message mutual between described access device and the described terminal equipment comprises:
Multicast data flow data message, igmp querying message, IGMP joins message and/or IGMP leave message;
The igmp querying message comprises: general inquiry message and/or group-specific query message etc.
If access device is encapsulated as PPPOE session stage message format with the multicast data flow data message and is issued to described terminal equipment by described multicast user, can prevent effectively that the disabled user from adding multicast group, usurps the Internet resources problem.
If the message that terminal equipment sends all is the PPPOE encapsulation format, then can improve the adaptability of terminal equipment.
Because the data field of the protocol massages of PPPOE session stage is the data message of ppp protocol, therefore the IGMP protocol massages is put into the data field of ppp protocol and can be realized the IGMP protocol massages is encapsulated as PPPOE session stage message format.
It is as follows that the IGMP protocol massages is encapsulated as the long form of data message of ppp protocol:
Wherein the value of Protocol area (protocol domain) can be the 0x0021 of present agreement regulation, and its implication is general IP message, also can be other value that agreement is not used, such as 0xC021,0xC023,0xC223,0xC8021 etc.;
The data field of ppp protocol is replaced by IP heading and IGMP protocol massages.
The PPPOE session stage message format of terminal equipment and/or access device transmission is exactly like this:
The IGMP protocol massages of the source MAC of purpose ethernet mac address+terminal equipment+0x8864+PPP agreement carrying.
In addition, the protocol massages of described PPPOE session stage can be any protocol data message of PPPOE session stage.
For the present invention there being further understanding, method of the present invention is described in detail below in conjunction with accompanying drawing.
The specific implementation of the method for the invention may further comprise the steps as shown in Figure 2:
Step 21: the terminal equipment of multicast user underling carries out the PPPOE dialing authentication;
Step 22: after the described terminal equipment PPPOE dialing authentication success, PPPOE server requirement terminal equipment is imported multicast authentication information again, such as information such as account number, passwords, carries out multicast authentication;
Step 23: access device obtains user multicast power;
After described terminal equipment PPPOE authentication and the multicast authentication success, the PPPOE server carries out the multicast authority that SESSION ID that PPPOE when authentication set up obtains described multicast user in the server of storage user multicast power according to terminal equipment, and the multicast authority with described user is issued to access device then;
User multicast power all can be stored in RADIUS (Remote Authorization Dial InUser Service, the remote authentication dial-in user service) server, be convenient to centralized management.
Step 24: described terminal equipment joins message IGMP and is encapsulated as PPPOE session stage message format and sends to access device;
Step 25: access device joins message to the IGMP that receives according to user multicast power and handles;
Access device judges according to the user multicast power that obtains whether terminal equipment has the authority that adds corresponding multicast group;
If the user multicast power that access device obtains allows desired multicast group in the joining message of terminal equipment transmission, then access device determines that the terminal equipment of this message of transmission is legal terminal equipment, described terminal equipment is added in its multicast forward table, and transmit corresponding multicast data flow to router solicitation;
Otherwise access device determines that the terminal equipment of this message of transmission is not legal terminal equipment, this is joined message do not carry out any processing.
Step 26: when the multicast data flow data message when router is issued to access device, access device is encapsulated as PPPOE session stage message format with the multicast data flow data message, be forwarded to described multicast user then, the multicast user is issued to described terminal equipment with this multicast data flow again, and terminal equipment then successfully adds multicast group.
Step 27: the program request state of access device inquiry terminal equipment, and carry out respective handling according to the reaction of terminal equipment;
After described terminal equipment receives described multicast data flow data message (promptly adding the multicast group success), access device regularly is encapsulated as the igmp querying message PPPOE session stage message format and sends to terminal equipment, and whether inquiry terminal equipment is also receiving this multicast data flow;
If need continuing reception, terminal equipment remains on this multicast group (promptly continuing to receive current multicast data flow), then responding an IGMP who is encapsulated as PPPOE session stage message format joins message, access device does not carry out any processing to terminal equipment after receiving that this IGMP joins message; When terminal equipment does not want to continue the current multicast data flow of program request, then do not respond IGMP and join message;
According to the IGMP agreement, if terminal equipment does not respond number of times that IGMP joins message reach predetermined threshold value after, think that then described terminal equipment has left multicast group, access device is deleted described terminal equipment from multicast forward table.
Step 28: terminal equipment sends IGMP agreement leave message to access device;
When the version of the IGMP agreement of using as the multicast user is not V1, when multicast user's terminal equipment does not want to continue the current multicast group of program request, then send an IGMP leave message that is encapsulated as PPPOE session stage message format to access device.
Step 29: access device carries out respective handling to IGMP agreement leave message.
After access device is received IGMP agreement leave message, issue as required be encapsulated as PPPOE session stage message format the spy to the group polling message to terminal equipment, if terminal equipment does not respond an IGMP who is encapsulated as PPPOE session stage message format and joins message, then the terminal use is deleted from multicast forward table; Join message if responded an IGMP who is encapsulated as PPPOE session stage message format, then keep terminal use's program request state.
In the above-described embodiments, described access device can and obtain user multicast power in a different manner on different opportunitys, such as:
After the success of described terminal equipment PPPOE dialing authentication, IGMP joined message to be encapsulated as PPPOE session stage message format and to send to access device;
Access device determines that it is first IGMP of described this multicast data flow of terminal equipment program request when joining message that its this IGMP that receives joins message, and the SESSION ID during access device joins message this IGMP is packaged into the IPOE message, reports the PPPOE server;
The PPPOE server obtains user's multicast authority according to this SESSION ID in the clothes device of storage user multicast power, the multicast authority with this user is issued to access device then.
The present invention also provides a kind of system of checking multicast user terminal device validity, and as shown in Figure 3, this system comprises: IGMP protocol massages package module and terminal device validity are confirmed module;
Described IGMP protocol massages package module is arranged at terminal equipment, is used for that the IGMP protocol massages that the terminal equipment of PPPOE dialing authentication success sends is encapsulated as PPPOE session stage message format and sends to terminal device validity and confirm module; Wherein, described IGMP protocol massages comprises: IGMP joins message and IGMP leave message.
Described terminal device validity confirms that module is arranged at access device, and being used for according to the IGMP that is encapsulated as PPPOE session stage message format that the receives terminal equipment of determining to send this message that joins message is legal terminal equipment.
Described system also comprises:
The message package module, this module is arranged at access device, is used for the message that access device sends to terminal equipment is encapsulated as the transmission of PPPOE session stage message format.
Wherein, described message comprises: multicast data flow data message, IGMP general inquiry message and IGMP group-specific query message.
The present invention also provides a kind of access device, and described access device comprises:
Terminal device validity is confirmed module, and being used for according to the IGMP that is encapsulated as PPPOE session stage message format that the receives terminal equipment of determining to send this message that joins message is legal terminal equipment.
Described access device also comprises: the message package module is used for the message that access device sends to terminal equipment is encapsulated as the transmission of PPPOE session stage message format.
Described access device also comprises: control terminal quantity module is used for carrying out according to terminal equipment the SESSION ID control multicast user's that PPPOE when authentication set up terminal equipment quantity.
The present invention also provides a kind of terminal equipment, and described terminal equipment comprises:
IGMP protocol massages package module is used for that the IGMP protocol massages that the terminal equipment of PPPOE dialing authentication success sends is encapsulated as PPPOE session stage message format and sends to access device.
In sum, the present invention not only can guarantee the legitimacy of multicast user underling terminal device, the quantity of the terminal equipment of control multicast user underling, and realize multiple charging way easily, can also effectively prevent the problem of invalid user stealing Internet resources, thereby the rights and interests that ensure legal multicast user are not encroached on.
The above; only for the preferable embodiment of the present invention, but protection scope of the present invention is not limited thereto, and anyly is familiar with those skilled in the art in the technical scope that the present invention discloses; the variation that can expect easily or replacement all should be encompassed within protection scope of the present invention.Therefore, protection scope of the present invention should be as the criterion with the protection range of claim.
Claims (13)
1, a kind of method of checking multicast user underling terminal device validity is characterized in that, comprising:
The terminal equipment of A, multicast user underling carries out peer-peer protocol PPPOE dialing authentication on the Ethernet;
B, described terminal equipment join message Internet group management protocol of the multicast group IGMP after the success of PPPOE dialing authentication and are encapsulated as PPPOE session stage message format and send to access device;
C, access device join message to the received IGMP that is encapsulated as PPPOE session stage message format according to user multicast power and handle, judge whether terminal equipment has the authority that adds corresponding multicast group, if described user multicast power allows desired multicast group in the joining message of terminal equipment transmission, the terminal equipment of then determining this message of transmission is legal terminal equipment, and described terminal equipment is added in its multicast forward table.
2, method according to claim 1 is characterized in that, described step B comprises:
Described terminal equipment carries out multicast authentication after PPPOE dialing authentication success, and after the multicast authentication success IGMP is joined message and be encapsulated as PPPOE session stage message format and send to access device; Whether described multicast authentication has the authority of opening multicast for the described terminal equipment of checking.
3, method according to claim 2 is characterized in that, the step that described terminal equipment carries out multicast authentication specifically comprises:
The PPPOE server carries out multicast authentication according to the multicast authentication information of terminal equipment input, verifies whether described terminal equipment has the authority of opening multicast.
4, method according to claim 1 is characterized in that, described step C also comprises: described access device obtains described user multicast power, specifically comprises:
The session identification SESSION ID that sets up when the PPPOE server carries out the PPPOE dialing authentication according to described terminal equipment obtains described multicast user's multicast authority in the server of storage user multicast power, then the multicast authority that obtains is issued to access device; Perhaps,
After the success of terminal equipment PPPOE dialing authentication, access device determines that it is that first IGMP that described terminal equipment adds multicast group is when joining message that the IGMP that is encapsulated as PPPOE session stage message format that its terminal equipment that receives sends joins message, SESSION ID during access device joins message this IGMP is encapsulated as the IPOE message format, reports the PPPOE server;
The PPPOE server obtains described multicast user's multicast authority according to this SESSION ID in the server of storage user multicast power, then the multicast authority that obtains is issued to access device.
5, according to claim 1,2 or 3 described methods, it is characterized in that this method also comprises:
The SESSION ID that sets up when access device carries out the PPPOE authentication according to described terminal equipment controls described multicast user's terminal equipment quantity.
6, according to claim 1,2 or 3 described methods, it is characterized in that this method also comprises:
Add the line duration of multicast group and/or described multicast user's multicast authority according to described terminal equipment, described multicast user is chargeed.
7, according to claim 1,2 or 3 described methods, it is characterized in that this method also comprises:
Message mutual between access device and the described terminal equipment is encapsulated as the transmission of PPPOE session stage message format.
8, method according to claim 7 is characterized in that, message mutual between described access device and the described terminal equipment comprises:
Multicast data flow data message, igmp querying message, IGMP joins message and/or IGMP leave message.
9, a kind of system of checking multicast user underling terminal device validity is characterized in that, described system comprises:
IGMP protocol massages package module and terminal device validity are confirmed module;
Described IGMP protocol massages package module is arranged at terminal equipment, is used for that the IGMP protocol massages that the terminal equipment of PPPOE dialing authentication success sends is encapsulated as PPPOE session stage message format and sends to terminal device validity and confirm module;
Described terminal device validity confirms that module is arranged at access device, be used for the received IGMP that is encapsulated as PPPOE session stage message format being joined message and handle according to user multicast power, judge whether terminal equipment has the authority that adds corresponding multicast group, if described user multicast power allows desired multicast group in the joining message of terminal equipment transmission, the terminal equipment of then determining this message of transmission is legal terminal equipment, and described terminal equipment is added in its multicast forward table.
10, system according to claim 9 is characterized in that, described system also comprises:
The message package module, this module is arranged at access device, is used for the message that access device sends to terminal equipment is encapsulated as the transmission of PPPOE session stage message format.
11, a kind of access device is characterized in that, described access device comprises:
Terminal device validity is confirmed module, be used for the received IGMP that is encapsulated as PPPOE session stage message format being joined message and handle according to user multicast power, judge whether terminal equipment has the authority that adds corresponding multicast group, if described user multicast power allows desired multicast group in the joining message of terminal equipment transmission, the terminal equipment of then determining this message of transmission is legal terminal equipment, and described terminal equipment is added in its multicast forward table.
12, access device according to claim 11 is characterized in that, described access device also comprises:
The message package module is used for the message that access device sends to terminal equipment is encapsulated as the transmission of PPPOE session stage message format.
13, according to claim 11 or 12 described access devices, it is characterized in that described access device also comprises:
Control terminal quantity module is used for carrying out according to terminal equipment the SESSION ID control multicast user's that PPPOE when authentication set up terminal equipment quantity.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB2005100857097A CN100531204C (en) | 2005-07-29 | 2005-07-29 | Method, system and application for checking multicast user underling terminal device validity |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB2005100857097A CN100531204C (en) | 2005-07-29 | 2005-07-29 | Method, system and application for checking multicast user underling terminal device validity |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN1866952A CN1866952A (en) | 2006-11-22 |
| CN100531204C true CN100531204C (en) | 2009-08-19 |
Family
ID=37425836
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNB2005100857097A Active CN100531204C (en) | 2005-07-29 | 2005-07-29 | Method, system and application for checking multicast user underling terminal device validity |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN100531204C (en) |
Families Citing this family (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102378115A (en) * | 2010-08-16 | 2012-03-14 | 杭州华三通信技术有限公司 | Control method of multicast access, system and device thereof |
| CN103139085A (en) * | 2013-02-27 | 2013-06-05 | 华为技术有限公司 | Method for implementation of multicast service in network, access device and system |
| CN103441893A (en) * | 2013-08-16 | 2013-12-11 | 大连梯耐德网络技术有限公司 | User internet-surfing behavior analysis method based on broadcast television network |
-
2005
- 2005-07-29 CN CNB2005100857097A patent/CN100531204C/en active Active
Also Published As
| Publication number | Publication date |
|---|---|
| CN1866952A (en) | 2006-11-22 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| EP2036283B1 (en) | Method and apparatus for reliably delivering multicast data | |
| US6181697B1 (en) | Method for a unicast endpoint client to access a multicast internet protocol (IP) session and to serve as a redistributor of such session | |
| US20070280230A1 (en) | Method and system for service discovery across a wide area network | |
| US6289377B1 (en) | Dynamic network configuration of a one-way adapter using a proxy agent that communicates with a resource server through a configured return path adapter | |
| CN1192574C (en) | Controlled group broadcasting system and its realizing method | |
| CN101102291B (en) | Method for realizing user Internet access based on PPPOE agent function | |
| CN1879379A (en) | Ethernet DSL access multiplexer and method providing dynamic service selection and end-user configuration | |
| WO2005119968A1 (en) | A method for transmitting the policy information between the network devices | |
| CN101299671A (en) | Method and device for transmitting and receiving multicast data packet | |
| US20080130547A1 (en) | Delegated Authentication Method for Secure Mobile Multicasting | |
| WO2010075771A1 (en) | Extranet networking method, system and device for multicast virtual private network | |
| WO2011143880A1 (en) | Method and system for transmitting wireless multicast data | |
| US20080062999A1 (en) | Method for providing broadband communication service | |
| JP2004172932A (en) | Data distribution system | |
| WO2007000120A1 (en) | An authentication access system, method and server | |
| CN105812252A (en) | Home gateway, system and method for accessing multicast service by terminal | |
| US20100027444A1 (en) | Method and system for establishing connections for wireless network devices | |
| WO2014153860A1 (en) | Network access method, gateway and system | |
| CN101808256B (en) | Passive optical network system with multicast authentication and control functions and implementing method thereof | |
| CN102368707B (en) | Method, equipment and system for multicast control | |
| CN100531204C (en) | Method, system and application for checking multicast user underling terminal device validity | |
| KR100496985B1 (en) | A IP Multicast Service Method using Virtual LAN(VLAN) | |
| WO2008040244A1 (en) | Multicast/broadcast system and method for transferring multicast/broadcast service | |
| WO2008052475A1 (en) | A method, system and device for multicast authenticating | |
| EP2043300B1 (en) | Data transmission network, method, network element and pro-gram |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant |