CN101043331A - System and method for distributing address for network equipment - Google Patents
System and method for distributing address for network equipment Download PDFInfo
- Publication number
- CN101043331A CN101043331A CN 200610061448 CN200610061448A CN101043331A CN 101043331 A CN101043331 A CN 101043331A CN 200610061448 CN200610061448 CN 200610061448 CN 200610061448 A CN200610061448 A CN 200610061448A CN 101043331 A CN101043331 A CN 101043331A
- Authority
- CN
- China
- Prior art keywords
- address
- network equipment
- dhcp
- message
- server
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Abstract
The invention discloses a system and method to distribute the address for the network device, said system includes network device, accessing parts and DHCP safe strategy sever, the said DHCP safe strategy sever inspects the context which is sent by the network device, and distribute the IP address for the legal user. Said method includes the accessing parts generates the certification request context when the physical position information of user inserts into the network device, and the certification request context is sent to the DHCP safe strategy sever to do safety checking, and distribute the IP address for the legal user who passed the checking. Using the system and method provided by the invention, it can reinforce the security, convenience and reasonableness to distribute the address for the network device.
Description
Technical field
The present invention relates to network communications technology field, relate in particular to a kind of system and method that distributes the address for the network equipment.
Background technology
The mode that traditional business of networking is obtained the IP address adopts PPP (peer-peer protocol) mode to realize usually, and need dock access customer by aaa server and finish authentication, and the distributing IP address.Aaa server is generally RADIUS (remote authentication) server, also may be other certificate servers.The ppp protocol bottom, also can be carried by ATM as the PPPoE agreement usually by Ethernet bearing.
Maturation along with access technologies such as ADSL (ADSL (Asymmetric Digital Subscriber Line)), Ethernets, broadband access is more and more universal, also more and more in IPTV (Internet Protocol Television) video and VoIP (IP-based voice) voice service that broadband access network is carried out, the terminal of these service needed special uses, use STB (set-top box) as video traffic, voice service is used IAD (integrated access equipment), and the mode that these terminals are obtained the IP address generally adopts DHCP (Dynamic Host Configuration Protocol DHCP).
Authenticate by radius server, and the network communicating system structure of obtaining the IP address information by Dynamic Host Configuration Protocol server is as shown in Figure 1, wherein:
PPPoE: bearing point end-to-end protocol (EEP) on Ethernet, by the PPPoE agreement, the network equipment can authenticate Internet user's username and password and the distributing IP address.
DHCP: DHCP, be used for the parameters such as IP address of dynamic auto configuration computer, use the computer booting of DHCP agreement after, can obtain the required parameters of online such as IP address from Dynamic Host Configuration Protocol server, avoid the loaded down with trivial details work of manual configuration.
Radius server: remote dial-in user's authentication server, be used for the account number and the password of leading subscriber, finish the authentication of butt joint access customer.
Dynamic Host Configuration Protocol server: be used for the server of management ip address, the address assignment request of responsive computer is distributed suitable IP address to computer.Current also have some Dynamic Host Configuration Protocol server to have the security strategy function, mainly is to rely on some option record of DHCP and identification client terminal to make security inspection.
Pppoe client: using the terminal of PPPoE agreement access network, generally is computer, also may be terminals such as STB, IAD.
Dhcp client: DHCP Client, use the DHCP agreement to obtain the various client terminals of network parameters such as IP address, comprise computer, STB, IAD etc.
Radius client: the parts of initiating authentication request to radius server.
DHCP relay: DHCP Relay, it is that the function that the back sends is transmitted or handled to mutual message between a kind of Dynamic Host Configuration Protocol server that will be in different segment and dhcp client.The DHCP dynamic assignment is to finish by Dynamic Host Configuration Protocol server with as the DHCP message interaction between the client terminal of dhcp client, and the DHCP message is a broadcasting packet, can not cross over the network segment client terminal is carried out IP address assignment.But because the restriction of resource is very unpractical for each network segment distributes a Dynamic Host Configuration Protocol server, and for the consideration of fail safe, Dynamic Host Configuration Protocol server is in an independent network segment usually.So just need Dynamic Host Configuration Protocol server to provide service for client not at its network segment.DHCP relay has been for the dhcp broadcast message provides forwarding capability between the network segment, and the client terminal that makes Dynamic Host Configuration Protocol server be embodied as not at the network segment same with it provides service.
Dhcp relay agent: DHCP Relay Agent, have the parts or the module of dhcp relay feature, be transparent for dhcp client and Dynamic Host Configuration Protocol server, it has binding DHCPOption82 function.In broadband access equipment, usually with Broadband Remote Access Server BRAS as dhcp relay agent, and it has than the more intelligent function of common DHCP relay equipment, as record with check client's log-on message.
BRAS: Broadband Remote Access Server, be used for broadband user's access-in management, to PPPoE user, BRAS initiates authentication request as radius client to radius server, and for DHCP user, BRAS finishes dhcp relay feature.
Access Network: the network in the middle of from the subscriber household to BRAS.
Access node: the equipment that directly links to each other with subscriber's line in the Access Network has DHCP OPtions82 binding function, as ADSL access device DSLAM.
The OSS system: OSS is used for the system of Operator Specific Service granting and service management.
DHCP option: DHCP Options, a control domain field in the DHCP message is used for carrying the parameter field of DHCP configuration parameter and other control information.
DHCP Option 82:DHCP option a kind of, be DHCP Relay Agent InformationOPtion (dhcp relay agent information option), it has write down agent circuit ID (Agent Circuit ID) information or has acted on behalf of remote ident (Agent Remote ID) information, has of overall importance, uniqueness, in order to some uniqueness information such as the positional information or the Modem ID of identification link or remote customer devices.Normally be tied in the middle of the DHCP message by dhcp relay agent or other access node.
As Fig. 1, terminals such as STB, IAD, PC are connected on the BRAS by Access Network, and wherein PC adopts the PPP over Ethernet online, and STB, IAD surf the Net by the DHCP mode.
For dhcp client (STB and IAD), BRAS removes the DHCP message relay as DHCP relay to Dynamic Host Configuration Protocol server, and the security strategy of some address assignment can be done by operator on Dynamic Host Configuration Protocol server, determines how to give user's distributing IP address;
For pppoe client (PC), BRAS communicates by letter with radius server, and radius server is finished authentication according to pc user's account number and password to the user, and gives user's distributing IP address.
Obtain after the IP address, STB, IAD, PC can normally commence business.
For the network equipment distributes address mode as can be seen, distribute the address fail safe not enough for the network equipment from above-mentioned at present; And user side is existing obtains the terminal of address by PPPoE, and the terminal of obtaining the address by DHCP is also arranged, and does not have unified server admin to distribute the address, has obviously also increased management costs and workload.
Summary of the invention
The invention provides a kind of system and method, be intended to unified management and be network equipment distributing IP address rationally, safely for network equipment distribution address.
The objective of the invention is to be achieved through the following technical solutions:
A kind of system that distributes the address for the network equipment, comprise the network equipment, also comprise safety check module and address assignment module, described safety check module is carried out safety inspection, the network equipment distributing IP address that described address assignment module is passed through inspection to the message that the described network equipment sends.
Described safety check module and address assignment module are arranged at the DHCP Security Policy Server.
Also comprise aaa server and R2D protocol gateway, described aaa server is used for the access of the network equipment is authenticated, and the Address requests message that will authenticate the network equipment transmission of passing through is dealt into the R2D protocol gateway, described R2D protocol gateway is converted to the DHCP message with the Address requests message that described aaa server sends, and to described DHCP Security Policy Server request distributing IP address.
Described system also comprises the access parts, and described access parts are access node or access server, and described access node or access server are inserted into the authentication request packet that the network equipment sends with user's physical location information.
Described DHCP Security Policy Server comprises:
Memory module is used to deposit the physical location information of validated user;
Safety check module is used for the physical location information according to the validated user of memory module, checks whether the described network equipment is validated user;
Address assignment module, the validated user distributing IP address that is used to safety inspection to pass through.
Described R2D protocol gateway comprises:
The RADIUS interface module is used to receive the Address requests message of sending from described aaa server, and will receive return to described aaa server by described DHCP Security Policy Server IP address allocated information;
Protocol conversion module is used for described Address requests message is converted to the DHCP message, and the address response message that the dhcp response message is converted to described aaa server;
The DHCP interface module is used for communicating between DHCP message that protocol conversion module is generated and DHCP Security Policy Server; And the dhcp response message that receives the transmission of DHCP Security Policy Server.
A kind of method for network equipment distribution address comprises:
A, the message that the network equipment is sent carry out safety inspection;
B, the network equipment distributing IP address that inspection is passed through.
Also being included in the message that the network equipment is sent before the steps A sends to aaa server and carries out access authentication.
Described access parts are access node or access server, and described access node or access server are inserted into the authentication request packet that the network equipment sends with user's physical location information.
Described aaa server is a radius server, then described method also comprises: the content of the Nas-Port-id option of RADIUS Address requests message is changed into the Option82 information of DHCP message, the Calling-Station-ID of RADIUS message is changed into Client MAC and/or Option61 in the DHCP message.
Physical location information and described DHCP message that described steps A is specially the validated user that will preserve compare, and be consistent with information in the described DHCP message as if the physical location information of the validated user of described preservation, then carries out step B.
Described method comprises that also decision distributes the quantity of address for validated user.
A kind of method that detects network security, described method compares for the physical location information of the information in the message that the network equipment is reported with the validated user of preserving in advance, if the information in the message that the described network equipment reports is consistent with the physical location information of the described validated user of preserving in advance, then safety inspection is passed through.
As seen from the above technical solution provided by the invention, the present invention is network equipment distributing IP address again after carrying out safety inspection by Dynamic Host Configuration Protocol server, thereby has strengthened the fail safe that distributes the address for the network equipment greatly; In addition, among the present invention the address unification is distributed and management by Dynamic Host Configuration Protocol server, not only reduced the cost and the workload of network management, and can make full use of the advantage that the DHCP mode is distributed the address, prevent address conflict on the network; Simultaneously; the present invention also has favorable compatibility, i.e. the present invention does not increase any interface and order newly for the OSS system in implementation procedure; service dispense management process to client user's service management flow and existing client end is in full accord, has protected the investment of operator.
Description of drawings
Fig. 1 is the structural representation of broadband access system;
Fig. 2 is the schematic diagram of system of the present invention;
Fig. 3 is the internal structure schematic diagram of R2D protocol gateway of the present invention and DHCP Security Policy Server;
Fig. 4 is the realization flow figure of the first embodiment of the present invention;
Fig. 5 is the realization flow figure of the second embodiment of the present invention.
Embodiment
Core concept of the present invention is that the PPPoE message of the network equipment and the unification of DHCP message are issued the DHCP Security Policy Server, after formulating relevant safety inspection strategy and check by the DHCP Security Policy Server, the network equipment distributing IP address that inspection is passed through.
As shown in Figure 2, the invention provides a kind of system, comprising: the network equipment, access parts, radius server, R2D protocol gateway and DHCP Security Policy Server for network equipment distribution address;
The described network equipment comprises pppoe client or dhcp client for using the terminal of PPPoE agreement or DHCP agreement access network, as computer, STB, and terminals such as IAD;
Described access parts comprise access node and BRAS;
Described access node is the equipment that directly links to each other with subscriber's line in the Access Network, and as ADSL access device DSLAM, access node of the present invention also has the function of inserting user's physical location information in the PPPoE message;
Described BRAS, it is Broadband Remote Access Server, the access-in management that is used for the broadband user, BRAS is as radius client, initiate authentication request to radius server, BRAS of the present invention also has the function of inserting user's physical location information in the RADIUS message, and BRAS is as dhcp client, to DHCP Security Policy Server request distributing IP address;
Described radius server, the account number and the password that are used for leading subscriber, finish the authentication of butt joint access customer, described radius server also can be other aaa server (AuthenticationAuthorization and Accounting, authentication);
Described R2D protocol gateway is supported radius protocol and DHCP agreement, it serves as the role of a DHCP proxy, act on behalf of PPPoE user to DHCP Security Policy Server request IP address, and the user's physical location information that carries in the RADIUS message that radius server is received, be that the content of Nas-Port-id (the user's physical port information in the Radius message) option of RADIUS message changes into Option82 information (user's physical port information of carrying in the DHCP message) and is inserted in the DHCP message and goes, Calling-Station-ID (normally MAC Address) is changed into Client MAC and/or Option61 (terminal identification information of carrying in the DHCP message) in the DHCP message, do fail safe for the DHCP Security Policy Server and detect;
Described DHCP Security Policy Server carries out the security strategy inspection according to relevant information, for the DHCP message, check by after BRAS directly is handed down in the address; For the PPPoE message, check by the address being handed down to the R2D protocol gateway, by the R2D protocol gateway address information that issues is inserted into the PPPoE message then, finally be handed down to PPPoE user.
As shown in Figure 3, R2D protocol gateway of the present invention comprises RADIUS interface module, protocol conversion module and DHCP interface module;
Described RADIUS interface module, the RADIUS Address requests message that reception is sent from radius server, and be that it distributes corresponding IP address information, what described IP address received for the RADIUS interface module is the IP address information that client that safety inspection is passed through is distributed and returned by the DHCP Security Policy Server;
Described protocol conversion module, be used for the RADIUS message is converted to the DHCP message, being specially content with the Nas-Port-id option of RADI US Address requests message changes into Option82 information and is inserted in the DHCP message and goes, Calling-Station-ID is changed into ClientMAC and/or Option61 in the DHCP message, do fail safe for the DHCP Security Policy Server and detect; Simultaneously, protocol conversion module also needs to be converted to the RADIUS message according to the dhcp response message that the DHCP interface module receives;
Described DHCP interface module is used for communicating between DHCP message that protocol conversion module is generated and DHCP Security Policy Server; And the dhcp response message that receives the transmission of DHCP Security Policy Server.
As shown in Figure 3, DHCP Security Policy Server of the present invention comprises: database, safety check module and address assignment module;
Described database is preserved the positional information of validated user, as user's physical port information, terminal type information, terminal identification information etc.;
Described safety check module, formulate inspection policy, judge the legitimacy of the physical port of terminal, decision distributes the address and distributes what addresses, be specially and make comparisons with the positional information of the validated user of preserving in the database from the user's physical location information the DHCP message that the DHCP interface module receives;
Described address assignment module is used for the validated user distributing IP address that safety inspection is passed through.
Utilize system of the present invention, the present invention also provides a kind of method for network equipment distribution address, and as shown in Figure 4, for pppoe client, the realization flow of method of the present invention is as follows:
S1, access contact receive the PPPoE authentication request packet, and user's physical location information is inserted wherein, form PPPoE+ authentication request packet (user's physical location information is carried in the expansion of PPPoE message);
S2, BRAS change into the Radius request message that carries user's physical location information with the PPPoE+ authentication request packet, send to the authentication that radius server carries out the user name password;
After S3, RADIUS authentication pass through, radius server will be sent out a RADIUS Address requests message that carries user's physical location information Nas-Port-id and give the R2D protocol gateway;
After S4, R2D protocol gateway are received RADIUS Address requests message, act on behalf of PPPoE user to DHCP Security Policy Server applied address, Calling-Station-ID in the RADIUS Address requests message is changed into Client MAC and/or Option61 in the DHCP message, and the Nas-Port-id information in the RADIUS Address requests message changed into the option 82 of DHCP message, initiate the application IP addresses request to the DHCP Security Policy Server;
S5, DHCP Security Policy Server are formulated inspection policy, judge the legitimacy of the physical port of terminal, decision distributes the address and distributes what addresses, detects by just giving and distributes the address, and send the dhcp response message that carries the IP address to the R2D protocol gateway;
After S6, R2D protocol gateway are received the response message of DHCP Security Policy Server, IP address allocated is inserted in the response message of RADIUS, returns to BRAS again, finish entire PP P flow process, give user's distributing IP address by radius server.
In the foregoing description, be in the PPPoE message, to insert user's physical location information by access node, also can in the RADIUS message, insert user's physical location information among the present invention by BRAS, as shown in Figure 5, promptly be the realization flow figure that in the RADIUS message, inserts user's physical location information by BRAS, other steps are similar to the above embodiments, do not repeat them here.
For dhcp client, then the DHCP message is directly issued the DHCP Security Policy Server by BRAS, by the DHCP Security Policy Server it is carried out security inspection, the client that inspection is passed through is distributed the address, detailed process repeats no more.
The above; only for the preferable embodiment of the present invention, but protection scope of the present invention is not limited thereto, and anyly is familiar with those skilled in the art in the technical scope that the present invention discloses; the variation that can expect easily or replacement all should be encompassed within protection scope of the present invention.Therefore, protection scope of the present invention should be as the criterion with the protection range of claim.
Claims (13)
1, a kind of system that distributes the address for the network equipment, comprise the network equipment, it is characterized in that, also comprise safety check module and address assignment module, described safety check module is carried out safety inspection, the network equipment distributing IP address that described address assignment module is passed through inspection to the message that the described network equipment sends.
2, the system for network equipment distribution address as claimed in claim 1 is characterized in that described safety check module and address assignment module are arranged at the DHCP Security Policy Server.
3, the system that distributes the address for the network equipment as claimed in claim 2, it is characterized in that, also comprise aaa server and R2D protocol gateway, described aaa server is used for the access of the network equipment is authenticated, and the Address requests message that will authenticate the network equipment transmission of passing through is dealt into the R2D protocol gateway, described R2D protocol gateway is converted to the DHCP message with the Address requests message that described aaa server sends, and to described DHCP Security Policy Server request distributing IP address.
4, the system that distributes the address for the network equipment as claimed in claim 1, it is characterized in that, described system also comprises the access parts, described access parts are access node or access server, and described access node or access server are inserted into the authentication request packet that the network equipment sends with user's physical location information.
5, the system for network equipment distribution address as claimed in claim 2 is characterized in that described DHCP Security Policy Server comprises:
Memory module is used to deposit the physical location information of validated user;
Safety check module is used for the physical location information according to the validated user of memory module, checks whether the described network equipment is validated user;
Address assignment module, the validated user distributing IP address that is used to safety inspection to pass through.
6, the system for network equipment distribution address as claimed in claim 3 is characterized in that described R2D protocol gateway comprises:
The RADIUS interface module is used to receive the Address requests message of sending from described aaa server, and will receive return to described aaa server by described DHCP Security Policy Server IP address allocated information;
Protocol conversion module is used for described Address requests message is converted to the DHCP message, and the address response message that the dhcp response message is converted to described aaa server;
The DHCP interface module is used for communicating between DHCP message that protocol conversion module is generated and DHCP Security Policy Server; And the dhcp response message that receives the transmission of DHCP Security Policy Server.
7, a kind of method for network equipment distribution address is characterized in that, comprising:
A, the message that the network equipment is sent carry out safety inspection;
B, the network equipment distributing IP address that inspection is passed through.
8, method of distributing the address for the network equipment as claimed in claim 7 is characterized in that, also is included in the message that the network equipment is sent before the steps A and sends to aaa server and carry out access authentication.
9, the method for network equipment distribution address as claimed in claim 8 is characterized in that, comprises that also the physical location information with the user is inserted into the authentication request packet that the network equipment sends.
10, method of distributing the address for the network equipment as claimed in claim 8, it is characterized in that, described aaa server is a radius server, then described method also comprises: the content of the Nas-Port-id option of RADIUS Address requests message is changed into the Option82 information of DHCP message, the Calling-Station-ID of RADIUS message is changed into Client MAC and/or Option61 in the DHCP message.
11, method of distributing the address for the network equipment as claimed in claim 10, it is characterized in that, physical location information and described DHCP message that described steps A is specially the validated user that will preserve compare, if the physical location information of the validated user of described preservation is consistent with the information in the described DHCP message, then carry out step B.
12, the method for network equipment distribution address as claimed in claim 7 is characterized in that, described method comprises that also decision distributes the quantity of address for validated user.
13, a kind of method that detects network security, it is characterized in that, described method compares for the physical location information of the information in the message that the network equipment is reported with the validated user of preserving in advance, if the information in the message that the described network equipment reports is consistent with the physical location information of the described validated user of preserving in advance, then safety inspection is passed through.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 200610061448 CN101043331A (en) | 2006-06-30 | 2006-06-30 | System and method for distributing address for network equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 200610061448 CN101043331A (en) | 2006-06-30 | 2006-06-30 | System and method for distributing address for network equipment |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN101043331A true CN101043331A (en) | 2007-09-26 |
Family
ID=38808566
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN 200610061448 Pending CN101043331A (en) | 2006-06-30 | 2006-06-30 | System and method for distributing address for network equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101043331A (en) |
Cited By (19)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101217575B (en) * | 2008-01-18 | 2010-07-28 | 杭州华三通信技术有限公司 | An IP address allocation and device in user end certification process |
| CN101917435A (en) * | 2010-08-17 | 2010-12-15 | 中国电信股份有限公司 | Method and system for implementing VOIP user authentication |
| CN102025475A (en) * | 2009-09-23 | 2011-04-20 | 中兴通讯股份有限公司 | Address allocation method, apparatus and system in hot backup scene |
| CN101515927B (en) * | 2008-02-26 | 2012-02-08 | 杭州华三通信技术有限公司 | Isolation mode supportive internet access control method, system and equipment |
| WO2012022155A1 (en) * | 2010-08-16 | 2012-02-23 | 中兴通讯股份有限公司 | Identity authentication method and system for evolved node b |
| CN102484657A (en) * | 2009-09-16 | 2012-05-30 | 西门子公司 | A method of running a substation of an electric power supply system |
| CN101388907B (en) * | 2008-10-28 | 2012-07-04 | 中国电信股份有限公司 | Internet customer attribute information transmitting method and network apparatus |
| WO2013034108A1 (en) * | 2011-09-08 | 2013-03-14 | 北京智慧风云科技有限公司 | Cloud service establishment system and method |
| CN103001927A (en) * | 2011-09-09 | 2013-03-27 | 中兴通讯股份有限公司 | Method and system for processing location information |
| CN103179224A (en) * | 2013-03-08 | 2013-06-26 | 华为技术有限公司 | Method, client side and server for configuring IP (internet protocol) addresses |
| CN103685147A (en) * | 2012-08-31 | 2014-03-26 | 中国联合网络通信集团有限公司 | Safety processing method, equipment and system for network access |
| CN103685257A (en) * | 2013-12-06 | 2014-03-26 | 上海斐讯数据通信技术有限公司 | DHCP network protection system and method |
| CN104394242A (en) * | 2014-11-21 | 2015-03-04 | 华为技术有限公司 | IP (internet protocol) address allocation method and device |
| CN105101199A (en) * | 2014-05-21 | 2015-11-25 | 西安中兴新软件有限责任公司 | Single sign-on authentication method, equipment and system |
| CN106850439A (en) * | 2017-01-06 | 2017-06-13 | 青岛海信宽带多媒体技术有限公司 | A kind of routing iinformation adding method and Set Top Box |
| WO2017143903A1 (en) * | 2016-02-23 | 2017-08-31 | 华为技术有限公司 | Method, device and system for access control |
| CN111988219A (en) * | 2020-08-29 | 2020-11-24 | 西南交通大学 | Multi-interface multi-protocol wireless gateway system based on 5G and communication method |
| CN114363294A (en) * | 2020-09-27 | 2022-04-15 | 华为云计算技术有限公司 | Tenant server management method, device and system |
| CN114915612A (en) * | 2022-04-22 | 2022-08-16 | 绿盟科技集团股份有限公司 | Host access method, host to be accessed and DHCP server |
-
2006
- 2006-06-30 CN CN 200610061448 patent/CN101043331A/en active Pending
Cited By (26)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101217575B (en) * | 2008-01-18 | 2010-07-28 | 杭州华三通信技术有限公司 | An IP address allocation and device in user end certification process |
| CN101515927B (en) * | 2008-02-26 | 2012-02-08 | 杭州华三通信技术有限公司 | Isolation mode supportive internet access control method, system and equipment |
| CN101388907B (en) * | 2008-10-28 | 2012-07-04 | 中国电信股份有限公司 | Internet customer attribute information transmitting method and network apparatus |
| CN102484657A (en) * | 2009-09-16 | 2012-05-30 | 西门子公司 | A method of running a substation of an electric power supply system |
| CN102025475A (en) * | 2009-09-23 | 2011-04-20 | 中兴通讯股份有限公司 | Address allocation method, apparatus and system in hot backup scene |
| WO2012022155A1 (en) * | 2010-08-16 | 2012-02-23 | 中兴通讯股份有限公司 | Identity authentication method and system for evolved node b |
| CN102378165A (en) * | 2010-08-16 | 2012-03-14 | 中兴通讯股份有限公司 | Identity authentication method and system of evolved node B |
| CN102378165B (en) * | 2010-08-16 | 2014-06-11 | 中兴通讯股份有限公司 | Identity authentication method and system of evolved node B |
| CN101917435A (en) * | 2010-08-17 | 2010-12-15 | 中国电信股份有限公司 | Method and system for implementing VOIP user authentication |
| WO2013034108A1 (en) * | 2011-09-08 | 2013-03-14 | 北京智慧风云科技有限公司 | Cloud service establishment system and method |
| CN103001927A (en) * | 2011-09-09 | 2013-03-27 | 中兴通讯股份有限公司 | Method and system for processing location information |
| CN103685147A (en) * | 2012-08-31 | 2014-03-26 | 中国联合网络通信集团有限公司 | Safety processing method, equipment and system for network access |
| CN103179224B (en) * | 2013-03-08 | 2017-01-25 | 华为技术有限公司 | Method, client side and server for configuring IP (internet protocol) addresses |
| CN103179224A (en) * | 2013-03-08 | 2013-06-26 | 华为技术有限公司 | Method, client side and server for configuring IP (internet protocol) addresses |
| CN103685257A (en) * | 2013-12-06 | 2014-03-26 | 上海斐讯数据通信技术有限公司 | DHCP network protection system and method |
| CN103685257B (en) * | 2013-12-06 | 2018-04-06 | 上海斐讯数据通信技术有限公司 | A kind of DHCP network protection system and method |
| CN105101199A (en) * | 2014-05-21 | 2015-11-25 | 西安中兴新软件有限责任公司 | Single sign-on authentication method, equipment and system |
| CN104394242A (en) * | 2014-11-21 | 2015-03-04 | 华为技术有限公司 | IP (internet protocol) address allocation method and device |
| WO2017143903A1 (en) * | 2016-02-23 | 2017-08-31 | 华为技术有限公司 | Method, device and system for access control |
| US11095478B2 (en) | 2016-02-23 | 2021-08-17 | Huawei Technologies Co., Ltd. | Access control method, apparatus, and system |
| CN106850439A (en) * | 2017-01-06 | 2017-06-13 | 青岛海信宽带多媒体技术有限公司 | A kind of routing iinformation adding method and Set Top Box |
| CN111988219A (en) * | 2020-08-29 | 2020-11-24 | 西南交通大学 | Multi-interface multi-protocol wireless gateway system based on 5G and communication method |
| CN114363294A (en) * | 2020-09-27 | 2022-04-15 | 华为云计算技术有限公司 | Tenant server management method, device and system |
| CN114363294B (en) * | 2020-09-27 | 2024-03-15 | 华为云计算技术有限公司 | Management method, device and system of tenant server |
| CN114915612A (en) * | 2022-04-22 | 2022-08-16 | 绿盟科技集团股份有限公司 | Host access method, host to be accessed and DHCP server |
| CN114915612B (en) * | 2022-04-22 | 2024-03-15 | 绿盟科技集团股份有限公司 | Host access method, host to be accessed and DHCP server |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101043331A (en) | System and method for distributing address for network equipment | |
| EP1876754B1 (en) | Method system and server for implementing dhcp address security allocation | |
| CN101110847B (en) | Method, device and system for obtaining medium access control address | |
| CN101141492B (en) | Method and system for implementing DHCP address safety allocation | |
| US8484695B2 (en) | System and method for providing access control | |
| CN1309233C (en) | Method for supporting PPPoA on wideband switch-in equipment | |
| US20080192751A1 (en) | Method and system for service provision | |
| CN1889484A (en) | Identification insertion system and identification inserting method thereof | |
| CN1184776C (en) | Method for the point-to-point protocol log-on user to obtain Internet protocol address | |
| CN1553691A (en) | High-capacity wide-band inserting method and system | |
| CN1471259A (en) | User authentication system and user authentication method | |
| US20110202670A1 (en) | Method, device and system for identifying ip session | |
| CN1753390A (en) | Method of implementing business discrimination and business service quality control on broadband network | |
| CN1713629A (en) | Realization of user login name and IP address binding | |
| CN1805396A (en) | Method for implementing network access through broadband router | |
| CN1859409A (en) | Method and system for improving network dynamic host configuration DHCP safety | |
| WO2012034413A1 (en) | Method for dual stack user management and broadband access server | |
| CN1835514A (en) | Management method of broadband access of DHCP customer's terminal mode | |
| CN1553674A (en) | Method for wideband connection server to obtain port numbers of its uers | |
| CN101075924A (en) | Method for accessing server by customer end | |
| CN101052015A (en) | User access method for IP network | |
| CN1248455C (en) | Customer access management system for wideband network | |
| CN1885763A (en) | Method for preventing IP address leakage | |
| CN101065949A (en) | Method for configuring a device using DHCP via PPPoE | |
| CN1805377A (en) | Network system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Open date: 20070926 |