CN101355489B - User management method based on dynamic host configuration protocol prefix proxy - Google Patents

User management method based on dynamic host configuration protocol prefix proxy Download PDF

Info

Publication number
CN101355489B
CN101355489B CN2007101304818A CN200710130481A CN101355489B CN 101355489 B CN101355489 B CN 101355489B CN 2007101304818 A CN2007101304818 A CN 2007101304818A CN 200710130481 A CN200710130481 A CN 200710130481A CN 101355489 B CN101355489 B CN 101355489B
Authority
CN
China
Prior art keywords
router
identification information
prefix
proxy
message
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
CN2007101304818A
Other languages
Chinese (zh)
Other versions
CN101355489A (en
Inventor
曹文利
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
ZTE Corp
Original Assignee
ZTE Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by ZTE Corp filed Critical ZTE Corp
Priority to CN2007101304818A priority Critical patent/CN101355489B/en
Publication of CN101355489A publication Critical patent/CN101355489A/en
Application granted granted Critical
Publication of CN101355489B publication Critical patent/CN101355489B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Landscapes

  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention discloses a user management method based on dynamic host configuration protocol (DHCP) prefix proxy, comprising the following steps: (1) a proxy router acquires identification information of a request router, wherein the identification information is corresponding to an IPv6 address prefix; (2) the proxy router carries out certification, authorization and charging for a user according to the identification information; and (3) the proxy router applies a control strategy to a proxy user according to the IPv6 address prefix. The user management method realizes user management which uses DHCP prefix proxy and is based on the IPv6 address prefix, and is convenient for developing IPv6 access services.

Description

User management method based on dynamic host configuration protocol prefix proxy
Technical field
The present invention relates to network communications technology field, relate more specifically to a kind of user management method based on dynamic host configuration protocol prefix proxy.
Background technology
DHCP (Dynamic Host Configuration Protocol, DHCP) prefix proxy provides a kind of use DHCP agreement to come the mechanism of automatic Agent IP v6 (Internet Protocol, internet protocol version 6) address prefix.By this mechanism, the IPv6 address prefix can be acted on behalf of to the request router from agent router, the request router can generate longer prefix to acting on behalf of the address prefix that comes in its network, and acts on behalf of once more, perhaps distributes to the miscellaneous equipment in its network.Agent router does not need to know the network topology at request router place.Agent router is a router of taking on Dynamic Host Configuration Protocol server, the response prefix request, and it is provider's edge device normally, as NAS (Network Access Server, network access server); The request router is a router of taking on dhcp client, the request prefix assignment, and it is ustomer premises access equipment normally, as customer router.Provider's edge device can be ustomer premises access equipment agency and managing I Pv6 address prefix automatically like this, makes things convenient for carrying out of IPv6 access.
The signaling process of DHCP prefix proxy as shown in Figure 1, concrete steps are as follows:
Step 11, the request router sends solicitation message (Solicit);
Step 12, agent router comprise agency's prefix by (Advertise) response request router that gives out information in the message;
Step 13, request server send a request message (Request) ask prefix;
Step 14, agent router are returned the prefix of request router solicitation by answer message (Reply);
Step 15 is carried out transfer of data between agent router and the request router;
Step 16, before each lifetime of acting on behalf of prefix stops, the request router by comprise prefix renewal/heavily tying up message (Renew/Rebind) comes the extend request lifetime;
Step 17, agent router prolong agency's prefix by answer message;
Step 18, last-minute plea router are come the prefix of acting on behalf of of the request of giving back to agent router by release message (Release).
Along with the IPv6 network begins to dispose, operator begins progressively to provide IPv6 access service to the user.By previously described DHCP prefix proxy mechanism, ISP (ISP) can automatically act on behalf of the user network to IPv6 to the IPv6 address prefix, the address prefix that comes of assignment agent voluntarily again in IPv6 user network inside conveniently provides the IPv6 access service.But the management to DHCP user all is based on the management of IP address user at present, does not also form standard at present for the user management method based on the IPv6 address prefix, so can not support carrying out of IPv6 access service well.
Summary of the invention
Technical problem to be solved by this invention is to provide a kind of user management method based on dynamic host configuration protocol prefix proxy, has realized using the user management based on the IPv6 address prefix of DHCP prefix proxy, makes things convenient for carrying out of IPv6 access service.
For addressing the above problem, the invention provides a kind of user management method based on dynamic host configuration protocol prefix proxy, may further comprise the steps:
(1) agent router obtains asking the identification information of router, and described identification information is corresponding with the IPv6 address prefix;
(2) agent router carries out authentication according to described identification information to the user;
(3) agent router is according to the user applying control strategy of IPv6 address prefix to the agency.
User management method based on dynamic host configuration protocol prefix proxy of the present invention, wherein, in step (1), the method for the DHCP protocol massages that described agent router receives by inspection obtains asking the identification information of router.
User management method based on dynamic host configuration protocol prefix proxy of the present invention, wherein, the identification information of described request router comprises: be included in circuit identifier among the Option 82 in the DHCP message and/or distal marker, agent circuit sign and/or act on behalf of distal marker, be included in Option 60, the source MAC in the DHCP message, the source IP address in the message in the DHCP message or receive the interface identifier of message.
User management method based on dynamic host configuration protocol prefix proxy of the present invention, wherein, the interface identifier of described reception message comprises VLAN, asynchronous transfer mode, virtual path/Virtual Channel or port-mark.
User management method based on dynamic host configuration protocol prefix proxy of the present invention, wherein, in step (2), agent router passes to aaa server with described identification information, authenticates, authorizes and charge by aaa server.
User management method based on dynamic host configuration protocol prefix proxy of the present invention, wherein, the aaa protocol attribute by aaa protocol attribute or expansion carries described identification information and passes to aaa server.
User management method based on dynamic host configuration protocol prefix proxy of the present invention, wherein, described aaa protocol attribute comprises NAS-Port-Id, NAS-Port, RADIUS or Diameter.
User management method based on dynamic host configuration protocol prefix proxy of the present invention, wherein, step (3) further comprises: agent router is with the session of IPv6 address prefix identifying user.
User management method based on dynamic host configuration protocol prefix proxy of the present invention, wherein, in step (3), described control strategy comprises traffic policy or quality of service policy.
Adopt the method for the invention, compared with prior art, realized using the user management based on the IPv6 address prefix of DHCP prefix proxy, make things convenient for carrying out of IPv6 access service.
Description of drawings
Fig. 1 is the signaling process figure of existing DHCP prefix proxy;
Fig. 2 be the described method of the embodiment of the invention based on the structure chart of network configuration;
Fig. 3 be the described method of the embodiment of the invention based on the signaling process figure of DHCP prefix proxy;
Fig. 4 is the operational flowchart of the described method of the embodiment of the invention.
Embodiment
The present invention is in order to solve the drawback that conventional solution exists, further set forth a kind of user management method of the present invention by following examples based on dynamic host configuration protocol prefix proxy, below embodiment is described in detail, but not as a limitation of the invention.
As shown in Figure 2, the described method of the embodiment of the invention based on the structure chart of network configuration, this network configuration comprises that main frame 21, home gateway 22, DSLAM 23 (Digital Subscriber LineAccess Multiplexer, Digital Subscriber Line Access Multiplexer), network access server NAS 24, Internet (internet) 25 and AAA (authentication) server 26 constitute.Wherein, home gateway 22 has DHCP request router feature, and NAS24 has the DHCP proxy router feature, and DSLAM 23 is the access nodes between home gateway 22 and the NAS 24, and aaa server 26 has authentication and accounting server function.
In the present embodiment, with request router corresponding equipment be home gateway 22, with the agent router corresponding equipment be NAS 24.
The described method of the embodiment of the invention based on the DHCP prefix proxy signaling process as shown in Figure 3, concrete steps are as follows:
Step 31, home gateway sends solicitation message;
Step 32, NAS comprises agency's prefix by the responsivehomes gateway that gives out information in the message;
Step 33, home gateway send a request message and ask prefix;
Step 34, NAS returns the prefix of home gateway request by answer message;
Step 35 is carried out transfer of data between NAS and the home gateway;
Step 36, before each lifetime of acting on behalf of prefix stops, home gateway by comprise prefix renewal/heavily tying up message comes the extend request lifetime;
Step 37, NAS prolongs agency's prefix by answer message;
Step 38, last home gateway comes the prefix of acting on behalf of of the request of giving back to NAS by release message.
As shown in Figure 4, the embodiment of the invention said method comprising the steps of:
Step 41, agent router obtain asking the identification information of router; Described identification information is corresponding with the IPv6 address prefix;
In the present embodiment, with request router corresponding equipment be home gateway, with the agent router corresponding equipment be NAS.
In this step, the method for the DHCP protocol massages that NAS receives by inspection obtains the identification information of home gateway.The identification information of home gateway comprises following content:
1) is included in circuit identifier (Circuit-id) and/or distal marker (Remote-id) among the Option (option) 82 in the DHCP message, agent circuit sign (Agent Circuit-id) and/or act on behalf of distal marker (Agent Remote-id);
2) be included in Option 60 in the DHCP message;
3) the source MAC in the DHCP message (Media Access Control, medium access control) address;
4) source IP address in the message;
5) interface identifier of reception message, as VLAN Id (Virtual Local Area Network, VLAN), ATM (Asynchronous Transfer Mode, asynchronous transfer mode) VPI/VCI (Virtual Path Identifier/Virtual Channel Identifier, virtual path/Virtual Channel), port-mark etc.
As shown in Figure 3, the method for the imploring protocol massages of DHCP that receives by inspection of NAS 40 obtains the above-mentioned identification information of home gateway 20.
Step 42, agent router comes described identification information part or all as authentification of user and charge information the user is carried out authentication;
In this step, NAS is described identification information part or all as authentification of user and charge information, can carry out local authentication, mandate and charging, perhaps these information are passed to AAA (Authentication, Authorization and Accounting, authentication is authorized and charging) server, carry out authentication by aaa server.The method that described identification information is passed to aaa server is to carry described identification information and pass to aaa server by existing aaa protocol attribute or by the aaa protocol attribute that expands.Existing aaa protocol attribute includes but not limited to NAS-Port-Id or NAS-Port.Aaa protocol comprises RADIUS (Remote Authentication Dial In User Service, remote customer dialing authentication system), Diameter (diameter is the upgraded version of radius protocol) agreement.
As shown in Figure 3, NAS receives the imploring message of DHCP, and after obtaining the identification information of home gateway, send the authentication request packet of the identification information that is comprising home gateway to aaa server, after the aaa server authentication is passed through, comprising the authentication of acting on behalf of prefix information to the NAS response and accepting message, the prefix of acting on behalf of that NAS will obtain is again acted on behalf of to home gateway by the messages such as issue of DHCP.After prefix proxy was given home gateway, NAS 40 notice aaa servers chargeed and begin.Home gateway discharge by DHCP message give back act on behalf of prefix after, NAS notice aaa server charges and finishes.
Step 43, agent router according to agency prefix come to agency user's applying control strategy;
In this step, NAS according to agency prefix come to agency user's applying control strategy.Wherein, NAS comes the identifying user session with agency's prefix, and comes applying control strategy with agency's prefix, and described control strategy can be traffic policy or QoS (Quality of Service, service quality) strategy etc.
As shown in Figure 3, when carrying out transfer of data between NAS and home gateway, NAS identifies session between them for the address prefix of home gateway according to the agency, and comes applying control strategy with this.
Certainly; the present invention also can have other various embodiments; under the situation that does not deviate from spirit of the present invention and essence thereof; those of ordinary skill in the art can make various corresponding changes and modification according to the present invention, but these corresponding changes and modification all should belong to the protection range of the appended claim of the present invention.

Claims (7)

1. the user management method based on dynamic host configuration protocol prefix proxy is characterized in that, may further comprise the steps:
(1) agent router obtains asking the identification information of router, and described identification information is corresponding with the IPv6 address prefix; The method of the DHCP protocol massages that described agent router receives by inspection obtains asking the identification information of router; The identification information of described request router comprises: be included in circuit identifier among the Option 82 in the DHCP message and/or distal marker, agent circuit sign and/or act on behalf of distal marker, be included in Option 60, the source MAC in the DHCP message, the source IP address in the message in the DHCP message or receive the interface identifier of message;
(2) agent router carries out authentication according to described identification information to the user;
(3) agent router is according to the user applying control strategy of IPv6 address prefix to the agency.
2. method according to claim 1 is characterized in that the interface identifier of described reception message comprises VLAN, asynchronous transfer mode, virtual path/Virtual Channel or port-mark.
3. method according to claim 1 is characterized in that, in step (2), agent router passes to aaa server with described identification information, authenticates, authorizes and charge by aaa server.
4. method according to claim 3 is characterized in that, the aaa protocol attribute by aaa protocol attribute or expansion carries described identification information and passes to aaa server.
5. method according to claim 4 is characterized in that, described aaa protocol attribute comprises NAS-Port-Id, NAS-Port, RADIUS or Diameter.
6. method according to claim 1 is characterized in that, step (3) further comprises: agent router is with the session of IPv6 address prefix identifying user.
7. method according to claim 1 is characterized in that, in step (3), described control strategy comprises traffic policy or quality of service policy.
CN2007101304818A 2007-07-23 2007-07-23 User management method based on dynamic host configuration protocol prefix proxy Expired - Fee Related CN101355489B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN2007101304818A CN101355489B (en) 2007-07-23 2007-07-23 User management method based on dynamic host configuration protocol prefix proxy

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN2007101304818A CN101355489B (en) 2007-07-23 2007-07-23 User management method based on dynamic host configuration protocol prefix proxy

Publications (2)

Publication Number Publication Date
CN101355489A CN101355489A (en) 2009-01-28
CN101355489B true CN101355489B (en) 2011-08-10

Family

ID=40308092

Family Applications (1)

Application Number Title Priority Date Filing Date
CN2007101304818A Expired - Fee Related CN101355489B (en) 2007-07-23 2007-07-23 User management method based on dynamic host configuration protocol prefix proxy

Country Status (1)

Country Link
CN (1) CN101355489B (en)

Families Citing this family (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101626406B (en) * 2009-08-20 2011-09-07 杭州华三通信技术有限公司 DHCP address pool configuration method, DHCP address assignment method, DHCP address assignment system and DHCP server
CN102014343A (en) * 2009-09-04 2011-04-13 华为技术有限公司 Group policy and charging rule treatment method and device, and communication system
CN102143050A (en) * 2010-09-29 2011-08-03 华为终端有限公司 Network connection processing method and device for internet protocol version 6 (IPv6) network
CN102739813B (en) * 2011-04-13 2014-10-22 国基电子(上海)有限公司 Network server with IPv6 network prefix distribution function and method thereof
CN103354550A (en) * 2013-07-03 2013-10-16 杭州华三通信技术有限公司 Authorization control method and device based on terminal information
CN104869177A (en) * 2014-02-21 2015-08-26 中兴通讯股份有限公司 Local area network information issuing method and device
CN107547467B (en) * 2016-06-23 2021-09-24 中兴通讯股份有限公司 Circuit authentication processing method, system and controller
CN113783974B (en) * 2021-09-09 2023-06-13 烽火通信科技股份有限公司 Method and device for dynamically issuing MAP domain rule

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1531263A (en) * 2003-03-14 2004-09-22 ������������ʽ���� Communication system, connector, communication method and identifying method
CN1859420A (en) * 2006-03-06 2006-11-08 华为技术有限公司 Device and method for obtaining IPV6 prefix

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1531263A (en) * 2003-03-14 2004-09-22 ������������ʽ���� Communication system, connector, communication method and identifying method
CN1859420A (en) * 2006-03-06 2006-11-08 华为技术有限公司 Device and method for obtaining IPV6 prefix

Also Published As

Publication number Publication date
CN101355489A (en) 2009-01-28

Similar Documents

Publication Publication Date Title
CN101355489B (en) User management method based on dynamic host configuration protocol prefix proxy
EP1876754B1 (en) Method system and server for implementing dhcp address security allocation
US7616615B2 (en) Packet forwarding apparatus for connecting mobile terminal to ISP network
US6587882B1 (en) Mobile IP communication scheme using visited site or nearby network as temporal home network
US8189567B2 (en) Method and nodes for registering a terminal
US8887234B2 (en) Network service selection and authentication and stateless auto-configuration in an IPv6 access network
CN102045314B (en) The method of anonymous communication, register method, information transceiving method and system
EP1936883B1 (en) Service provisioning method and system thereof
WO2009117960A1 (en) Method for accessing network, authentication method, communication system and related equipment
CN102957759A (en) Distribution method and system for IPv6 (internet protocol version 6) address prefixes
CN103516760A (en) Virtual network system accessing method, device and system
US20130070769A1 (en) Method and system for identification of packet gateways supporting different service types
CN1972225B (en) Method for interacting user information between different sub-systems in next generation network
KR101143898B1 (en) Method and apparatus for verification of dynamic host configuration protocol dhcp release message
CN100525179C (en) Method for preventing IP address leakage
WO2003067837A2 (en) Dynamic host configuration protocol lease time determination
CN102761425B (en) Charging method and device
CN101971569A (en) Method and device for transferring packet in ipv6 access node
KR101367387B1 (en) Appatus and method for user authentication to support PMIPv6 in Next Generation Networks
KR100625240B1 (en) Apparatus and method of internet protocol address management in high speed portable internet
CN113746736B (en) Method, device and communication system for sending and receiving message
CN1652535B (en) Method for managing network layer address
CN111447293A (en) User statistical method, device, equipment and machine readable storage medium
JP2004056382A (en) Network system and network branching apparatus
CN100373879C (en) Wideband access net with three layer access point and its IP address distributing method

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20110810

Termination date: 20200723

CF01 Termination of patent right due to non-payment of annual fee