CN101453415A - Protection method, system and equipment for access network - Google Patents

Protection method, system and equipment for access network Download PDF

Info

Publication number
CN101453415A
CN101453415A CNA2007101958094A CN200710195809A CN101453415A CN 101453415 A CN101453415 A CN 101453415A CN A2007101958094 A CNA2007101958094 A CN A2007101958094A CN 200710195809 A CN200710195809 A CN 200710195809A CN 101453415 A CN101453415 A CN 101453415A
Authority
CN
China
Prior art keywords
message
access
session
sharing
indication
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CNA2007101958094A
Other languages
Chinese (zh)
Inventor
阳振庭
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Huawei Technologies Co Ltd
Original Assignee
Huawei Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Technologies Co Ltd filed Critical Huawei Technologies Co Ltd
Priority to CNA2007101958094A priority Critical patent/CN101453415A/en
Publication of CN101453415A publication Critical patent/CN101453415A/en
Pending legal-status Critical Current

Links

Images

Landscapes

  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention discloses a method for protecting an access network, which comprises the following steps: receiving an access session message which carries with sharing processing indication information and is used for the negotiation and the establishment of an access session; and performing sharing processing on the access session message according to the sharing processing indication information in the access session message. The invention discloses a system and a device for protecting the access network. Through expanding an access session to access a scene and using load sharing to protect the network, the method enhances the reliability and the expandability of the network and improves the degree of satisfaction of users.

Description

A kind of guard method of access network, system and equipment
Technical field
The present invention relates to communication technical field, relate in particular to a kind of guard method, system and equipment of access network.
Background technology
Along with the application popularization of broadband network, network insertion management and control become the important component part of broadband network management and control, and broadband access management and control comprise user access administration and service deployment control.User access administration is generally controlled and is managed the user who inserts by setting up the access session, mainly comprises access authentication, mandate, charging etc.The main mode of current broadband access management and control is by setting up PPP (Point to Point Protocol, point-to-point protocol) access control and management are carried out in session, as: PPPoE (PPP over Ethernet, PPP based on Ethernet) or PPPoA (PPP over ATM, PPP based on asynchronous transfer mode), not only a kind of broadband access means are provided for the user, access control and the charging that can also provide convenience simultaneously, but because some limitation that the PPP session inserts, the IP session inserts has become PPP evolution direction.Service deployment control refers generally to the deployment control of professional Control Parameter at Access Network, comprise QoS (Quality of Service, service quality) parameter control, the line diagnosis test, multicast authority control, as DPI (Deep packet inspection, deep-packet detection) policy control such as, the service deployment control of Access Network is in the past mostly by network management protocol configuration and management, as SNMP (SimpleNetwork Management Protocol, Simple Network Management Protocol), driving along with the demand for control that becomes more meticulous of network, the real-time and dynamic controlling mechanism has become following trend, as L2CM (Layer 2Control Mechanism, two layers of controlling mechanism) control or ANCP (Access Node ControlProtocol, the access point control protocol) control, L2CM or ANCP are used for the service deployment control of Access Network, as management and the control of edge node for access, comprise and to insert the parameter configuration of session to access node access node.
Fig. 1 has described the generic structure that inserts and has inserted the position that session and L2CM mechanism or ANCP are controlled at Access Network.Wherein, user terminal generally comprises UE (User Equipment, subscriber equipment), RG (Residential Gateway, home gateway) equipment; Access node comprises DSLAM (DigitalSubscriber Line Access Multiplexer, Digital Subscriber Line Access Multiplexer), BS (Base Station, wireless base station) etc.; The cut-in convergent node comprises Ethernet switch etc.; Edge node for access comprises IAD, BNG (Broadband Network Gateway, wideband network gateway) and BRAS (BroadbandRemote Access Server, Broadband Remote Access Server) NAS (Network Access Server, network access server) equipment or IP edge device etc. such as.
The access session refers to be based upon the connection between user terminal and the edge node for access, as IP session (Session), the network insertion session with an IP address correlation has been represented in the IP session, be based on the Session of IP, the IP address is the key of identification IP Session, the IP address is generally by DHCP (Dynamic HostConfiguration Protocol, DHCP) server dynamic assignment, IP Session is used for management and the control that network inserts the user, as authentication, mandate, charging etc.IP Session mainly comprises the termination of keeping of the foundation of Session or generation, Session or state detection and Session.
In realizing process of the present invention, the inventor finds to exist in the prior art following defective:
Along with network capacity constantly increases, require network to have high scalability requirement and reliability, the load sharing protection is a key property of network, in the mechanism that present IP session inserts and the L2CM/ANCP control architecture does not provide load sharing to protect.
Summary of the invention
The embodiment of the invention provides a kind of guard method, system and equipment of access network, inserts the mechanism that the load sharing protection is provided for the IP session.
The embodiment of the invention provides a kind of guard method of access network, may further comprise the steps:
Reception is used to consult to set up the access conversation message message that inserts session, and described access conversation message message carries shares the processing indication information;
Handle the indication information execution according to sharing in the described access conversation message message and share the described access conversation message message of processing.
The embodiment of the invention also provides a kind of access session load sharing control device, comprising:
Catch receiving element, be used to catch receive and be used to consult to set up the access conversation message message that inserts session, described access conversation message message carries shares the processing indication information, and described access conversation message message comprises from the access session of user terminal finds message packet or from the access session of the Dynamic Host Configuration Protocol server message that gives information;
The load control unit is used for obtaining to share according to described access conversation message message handling indication;
Message processing unit is used for handling the indication information execution according to sharing of described access conversation message message and shares the described access conversation message message of processing.
The embodiment of the invention also provides a kind of protection system of access network, comprises user terminal, Dynamic Host Configuration Protocol server and access session load sharing control device,
Described user terminal is used for inserting the session message alternately by inserting session load sharing control device and described Dynamic Host Configuration Protocol server;
Described access session load sharing control device is used to receive the access conversation message message that is used to consult to set up the access session, and described access conversation message message carries shares the processing indication information; Handle the indication information execution according to sharing in the described access conversation message message and share the described access conversation message message of processing.
In the embodiments of the invention, insert session access scene by expanding, applied load is shared protecting network, strengthens the reliability and the extensibility of network, improves user's satisfaction.
Description of drawings
Fig. 1 inserts the universal stand composition in the prior art;
Fig. 2 is an Access Network protection system structure chart in the embodiment of the invention;
Fig. 3 A is that AN realizes inserting session load sharing control flow chart in the embodiment of the invention;
Fig. 3 B is a dhcp message message schematic diagram in the embodiment of the invention;
Fig. 4 uses DHCP to set up the flow chart of IP session when AN realizes inserting session in the embodiment of the invention;
Fig. 5 is the flow chart that AEN realizes inserting the control of session load sharing in the embodiment of the invention;
Fig. 6 uses DHCP to set up IP session flow chart when AEN realizes inserting session in the embodiment of the invention;
Fig. 7 uses PPPoE to set up the flow chart of PPP session in the embodiment of the invention;
Fig. 8 is that AEN or AN insert the conversation message message according to sharing the strategy time-delay in the embodiment of the invention, and terminal is chosen the control flow chart of load sharing;
Fig. 9 is to be access session load sharing control system Organization Chart under ANCP or L2CM control in the embodiment of the invention;
Figure 10 shares the protection flow chart under the ANCP control in the embodiment of the invention;
Figure 11 inserts session load control unit figure in the embodiment of the invention.
Embodiment
Session inserts the protection system basic framework as shown in Figure 2 in the embodiment of the invention; there is two AEN (Access Edge Node at least in Access Network; edge node for access); the up connection IP network of AEN (as core network); AEN also connects DHCP or AAA (Authentication; Authorization andAccounting; checking; authorize and charging) server; it is integrated or be embedded in the AEN equipment that DHCP or aaa server also can be used as functional module; the descending connection of AEN AN (Access Node; access node); comprise between AN and the AEN and converge net or direct circuit; there is communication path in each AN with two AEN at least; AN and AEN can take the link redundancy protection; be connected to different AEN as AN by different links or path; wherein; link or path comprise VLAN (Virtual Local Area Network; be VLAN); PVC (Permanent Virtual Circuit; PVC); LSP (LabelSwitching Path, tag path exchange); port etc.User terminal (UE or RG) is connected by line attachment with AN, as DSL (Digital Subscriber Line, Digital Subscriber Line), PON (PassiveOptical Network, EPON) Wireline or WIFI (Wireless Fidelity such as, Wireless Fidelity) or WIMAX (Worldwide Interoperability for Microwave Access, worldwide interoperability for microwave inserts) wait radiolink, a user terminal and an AEN foundation access session.
In the embodiment of the invention, AN realizes inserting the control flow of session load sharing, as shown in Figure 3A, may further comprise the steps:
S301, AN receives the access session discovery message packet that user terminal sends, described access session finds that message comprises that DHCP finds (Discovery/Solicit) message, DHCP asks (Request) message, DHCP authenticates (AUTH) message, DHCP information (Information) message, the PADI of PPPoE (PPPoE Active Discovery Initialization, activate and find start packet) message, 802.1x the EAPoL Start Extensible Authentication Protocol of the Ethernet (insert beginning) message, ARP request (Request/Reply) etc., AN catches described access session by ACL mechanism such as (Access Control List, Access Control List (ACL)) and finds message packet.Insert session and find that message packet is that user terminal and AEN consult to set up the access conversation message message that inserts session, be used for the network equipment that user terminal is sought can provide access service (set up and insert session) for user terminal.
S302, AN be according to sharing strategy, obtains described message packet and share and handle indication, share handle that indication comprises the message forwarding purpose share parameter such as group id.AN at first obtains and shares decision parameters, shares parameter that decision parameters comprise heading (Header), access interface that AN receives this message, message message parameter etc.; Heading comprises Ethernet stem, IP stem etc., and the Ethernet stem comprises source MAC (Medium Access Control, medium access control) address, target MAC (Media Access Control) address, EtherType, VLAN sign, and the IP stem comprises source IP address, purpose IP address; The message message parameter comprises the DHCPoption parameter, as DHCP Option60/62 etc., Fig. 3 B has described the message of common dhcp message, the message of dhcp message comprises 311 link layer stems, 312 IP stems, 313 UDP (user datagramprotocol, User Datagram Protoco (UDP)) stem, 314 dhcp messages.311 link layer stems can be the Ethernet stems, comprise 311a purpose MAC (DMAC) and 311b source MAC (SMAC) and 311c EtherType at least, and the Ethernet stem can also comprise 311d VLAN sign (Tag); The 312IP stem comprises 312a purpose IP (Destination Address) and 312b source IP (Source Address) at least; 313 UDP stems comprise 313a source port (Source Port) and 313b destination interface (Destination Port) at least; 314 dhcp messages comprise 314aDHCP type of message and 314b Transaction Identifier (Transaction ID) at least, and 314 dhcp messages can also comprise 314c option 60 (options 60), 314d option 62 (options 62), 314e option 82 (options 82).AN obtain share decision parameters can be from the dhcp message field value of getting parms.
The described strategy of sharing comprises Hash (Hash) algorithm or condition (condition) decision-making.Described Hash (Hash) algorithm, as: (access interface XOR source MAC) %N 4, XOR presentation logic XOR, N are represented to insert the session purpose and are shared the group sum, and N generally can be the number (number) of corresponding A EN.
Condition (condition) decision-making, as: source MAC from 0ABC-9DEF-0000 to 0ABC-9DEF-A0D3 or source MAC/ mask be that the access session purpose of 0ABC-9DEF-0000/0ABC-9DEF-FFFF correspondence is shared group 1, share the corresponding AEN of group for one, an AEN comprises that is at least shared a group.Sharing strategy can be according to the actual conditions flexible configuration, share tactful purpose and find that for inserting session message packet chooses (or determining) and share and handle indication exactly, promptly choose a purpose and share group, sharing decision parameters can choose as required according to specific implementation, shares decision parameters and can comprise the parameters such as priority of working as preload and sharing group of sharing group.
AN obtains described message and shares and handle indication and specifically comprise Hash (Hash) algorithm of definition or condition (condition) decision function (function) according to sharing strategy, at function the inside implementation algorithm formula (formula), to share decision parameters as input parameter, and calculate purpose and share group id.
S303, AN handles indication to the purpose of appointment or next redirect literary composition of transmitting messages according to sharing, and promptly AN is forwarded to the AEN equipment that purpose is shared the group id correspondence with message.AN can share group information by buffer memory, share group information and comprise the forward-path of sharing the group correspondence, as the forward-path of sharing group 1 correspondence is that VLAN 100 or the forwarding outlet of sharing group 1 correspondence are port 2 etc., share group information and further can also comprise and share group address, share group address and comprise MAC Address or IP address.AN E-Packets and comprises and handle message or send message, and described processing message comprises modifications or adaptive heading, if according to the target MAC (Media Access Control) address of the Ethernet stem of sharing group information modification message for sharing the group MAC Address.Send message and comprise that AN sends message from the forward-path of sharing group information of correspondence.
Table 1 has been described the common group information table of sharing, and group information table content is shared in the AN storage:
Share group id (Loadsharing group ID) Share group priority (0 to 255) Share group and work as preload Forward-path (outlet) Share group address
1 200 10000 VLAN 100 0efc-9123-abc d
2 100 50000 VLAN 400 0efc-9123-abc e
Table 1
Share group priority and represent to share the preferential selection rank of group, the general group of sharing of high priority of selecting is handled the access session, share the current load of group and represent to share the current access session number of having set up, the control that can share according to actual load by this parameter.
In the embodiment of the invention, use flow process that DHCP sets up the IP session as shown in Figure 4.Wherein, AN carries out load sharing control, and the purpose of the IP session that AN decision-making user terminal is set up is shared group, may further comprise the steps:
Step s401, user terminal send to AN and insert session discovery message packet, find (Discovery) message as DHCP, insert session and find that message packet is used for consulting foundation and inserts session.
Step s402, AN receives that user terminal sends DHCP and finds (Discovery) message, AN at first obtains and shares decision parameters, again according to sharing the strategic decision-making function, calculate and comprise that purpose shares sharing of group and handle indication, sharing the corresponding group information of sharing of group according to purpose then transmits, the present embodiment purpose is shared group and is AEN1, AN finds (Discovery) forwards to AEN1 with DHCP, and AN can find that the 313b destination interface (DestinationPort) of (Discovery) message packet catches this message for designated value according to DHCP.
Step s403, AEN1 transmits DHCP according to DHCP relay (Relay) agreement regulation to Dynamic Host Configuration Protocol server and finds (Discovery) message, if the embedded Dynamic Host Configuration Protocol server of AEN1, then AEN1 handles DHCP by API (Application Program Interface, application programming interfaces) indication or notice Dynamic Host Configuration Protocol server and finds (Discovery) message.
Step s404, dhcp server response DHCP finds (Discovery) message, promptly sends DHCP to AEN1 (Offer) is provided message.
Step s405, AEN1 transmits DHCP according to DHCP relay (Relay) agreement regulation to user terminal (Offer) is provided message.
Step s406, user terminal receive that DHCP provides (Offer) message, proceed configuring negotiation, promptly send DHCP request (Request) message to AEN1.
Step s407, AEN1 transmits DHCP request (Request) message according to DHCP relay (Relay) agreement regulation to Dynamic Host Configuration Protocol server.
Step s408, dhcp server response DHCP request message promptly sends DHCP to AEN1 and confirms (ACK) message.
Step s409, AEN1 transmits the DHCP acknowledge message according to DHCP relay (Relay) agreement regulation to user terminal, and AEN1 can create the IP session according to DHCP ACK message parameter; User terminal is received the DHCP acknowledge message, parameters such as configuration of IP address, and IP inserts and finishes.
In the embodiment of the invention, AEN realizes inserting the control flow of session load sharing, as shown in Figure 5, may further comprise the steps:
Step s501, AEN receive and insert the conversation message message.Insert the conversation message message and comprise that inserting session finds message packet or insert the session message that gives information.Described access session is found message packet from user terminal, and AEN catches described access session by means such as ACL and finds message packet; Described access session gives information message from network comtrol servers such as DHCP, comprising: DHCP provides (Offer/Advertise) message etc.Inserting the session message that gives information generally is that response inserts session and finds message packet, and the foundation that inserts session generally at first all is that user terminal sends earlier and inserts session and find message packet, and network equipment response inserts the session message that gives information then.
Step s502, AEN obtains sharing of message packet and handles indication according to sharing policy calculation, handle the definite processing mode of indication according to sharing to message, belong to local AEN (being that current AEN exists the group of sharing of sharing the processing indication) if share the group id of sharing of handling indication, then changeing step s503 handles, if not, then changeing step s504 handles.AEN at first obtains and shares decision parameters, shares decision parameters and comprises that heading, AEN receive the link of this message, message message parameter etc.; Heading comprises Ethernet stem, IP stem etc., and the link that AEN receives this message comprises that AEN receives the receiving port or the VLAN of this message, can also comprise the 314e option 82 shown in Fig. 3 b (options 82) parameter value.The described strategy of sharing comprises Hash (Hash) algorithm or condition (condition) decision-making.Share strategy can by the configuration, configuration share strategy can be kept at share the group information table in.
Described Hash (Hash) algorithm (formula) is as ((source or purpose MAC) %N 4) calculate and share the group id of sharing of handling indication, judge then that obtain described shared and handle sharing group id and whether existing of indication in this locality, if, then share and handle indication and comprise and share group id and indication is handled in local transfer, if not, then share and handle indication and comprise and abandon handling indication, wherein N represents to insert the session purpose and shares the group sum in Hash (Hash) algorithm (formula), and N generally can be the number (number) of corresponding A EN.
Condition (condition) decision-making as: source MAC from 0ABC-9DEF-0000 to 0ABC-9DEF-A0D3 or source MAC/ mask be that this locality of 0ABC-9DEF-0000/0ABC-9DEF-FFFF correspondence continues to handle.AEN specifically comprises Hash (Hash) algorithm of definition or condition (condition) decision function (function), realizes sharing the computing formula (formula) of strategy in the function the inside, will share decision parameters as input parameter, calculates the result.
Step s503, AEN handles the access session of receiving and finds or the message that gives information, comprise the access session is found that message packet is forwarded to network comtrol servers such as DHCP, perhaps message packet is found in the access session of AEN response user terminal, perhaps will provide message to be forwarded to user terminal from the access session of network comtrol servers such as DHCP.If the embedded Dynamic Host Configuration Protocol server of AEN, then AEN handles by API indication Dynamic Host Configuration Protocol server, and described indication comprises that specifically AEN inserts the session discovery or the message that gives information is notified the Dynamic Host Configuration Protocol server module as the API parameter.
Step s504, the access session that AEN abandons receiving is found or the message that gives information, comprise that AEN does not continue to transmit the access session discovery or the message that gives information that (abandoning) receives, if abandoning receiving, AEN inserts the session message that gives information, AEN comprises that also cleaning inserts the give information message relating information of message of session, as insert the give information access session of message correspondence of session and find the message packet related information, comprise map informations such as 314b Transaction Identifier (Transaction ID) and terminal MAC Address.
In the embodiment of the invention, use flow process that DHCP sets up the IP session as shown in Figure 6, wherein, AEN carries out load sharing control, and the purpose of the IP session that AEN decision-making user terminal is set up is shared group, may further comprise the steps:
Step s601, user terminal send to AN and insert session discovery message packet, set up IP with network negotiate and insert session, find (Discovery) message as DHCP.
Step s602, AN receive the dhcp discover message that user terminal sends, and AN is forwarded to AEN1 and AEN2 with dhcp discover message, and the do not make a strategic decision purpose of dhcp discover message of AN is shared group, and AN shares groups (AEN1 and AEN2) forwarding with message packet to a plurality of.
Step s603, AEN1 receives dhcp discover message, AEN1 at first obtains and shares decision parameters, handle indication according to sharing sharing of this message of strategic decision-making function calculation again, the processing purpose of indicating of sharing that promptly calculates is shared group in this locality, and AEN1 transmits dhcp discover message according to the DHCP relay agreement to Dynamic Host Configuration Protocol server.
Step s604, AEN2 receives dhcp discover message, and AEN2 at first obtains and shares decision parameters, and it is not local sharing group according to the purpose of sharing this message of strategic decision-making function calculation again, and AEN2 abandons dhcp discover message.
Step s605, the dhcp server response dhcp discover message promptly sends DHCP to AEN1 and gives information.
Step s606, AEN1 transmits DHCP according to the DHCP relay agreement to user terminal and gives information.
Step s607, user terminal receive that DHCP gives information, and continue to send the DHCP request message to AEN1.
Step s608, AEN1 transmits the DHCP request message according to DHCP relay agreement regulation to Dynamic Host Configuration Protocol server.
Step s609, dhcp server response DHCP request message promptly sends the DHCP acknowledge message to AEN1.
Step s610, AEN1 transmits the DHCP acknowledge message and creates the IP session to user terminal; User terminal is received the DHCP acknowledge message, parameters such as configuration of IP address, and IP inserts and finishes (being that IP session foundation is finished).
In the embodiment of the invention, use flow process that PPPoE sets up the PPP session as shown in Figure 7, AEN carries out load sharing control, and the purpose of the PPP session that AEN decision-making user terminal is set up is shared group, may further comprise the steps:
Step s701, user terminal send PADI (Active Discovery Initialization activates and finds start packet) message, consult to set up the PPP session.
Step s702 and rapid s703 AN receive that user terminal sends PADI message, and to AEN1 and AEN2, the AN PADI that do not make a strategic decision finds that the purpose of message shares group to AN with the PADI forwards, and AN shares groups (AEN) forwarding with message packet to a plurality of.AEN1 receives PADI message, and AEN1 at first obtains and shares decision parameters, shares group in this locality according to the purpose of sharing this message of strategic decision-making function calculation again, and AEN1 continues to handle this message packet.AEN2 receives PADI message, and AEN2 at first obtains and shares decision parameters, and it is not local sharing group according to the purpose of sharing this message of strategic decision-making function calculation again, and AEN2 does not handle PADI message (abandoning PADI message).
Step s704, AEN1 is by API indication PPPoE resume module PADI message, and the PPPoE module responds PADO (Active Discovery Offer activates and finds to provide grouping) message to user terminal.
Step s705, user terminal sends PADR (PPPoE Active Discovery Request, PPPoE activate and find the request grouping) request to AEN1.
Step s706 after AEN1 receives PADR, begins to prepare to enter the PPP session stage.AEN1 produces this section pppoe session of a session identification with unique sign it and user terminal.And this specific session identification is included in session confirms to send back to user terminal among the bag PADS.
Step s707, user terminal and AEN1 continue to consult to set up the PPP session by LCP (Link Control Protocol, LCP).
In the embodiment of the invention, AEN or AN insert the conversation message message according to sharing the strategy time-delay, and terminal is chosen the control of load sharing, as shown in Figure 8, may further comprise the steps:
Step s801, AEN or AN receive that inserting session finds or provide message.The access session discovery message packet of message packet from user terminal found in described access session, and AEN or AN catch described access session by means such as ACL and find message packet.Described access session provides message from network comtrol servers such as DHCP, comprising: DHCP provides (Offer/Advertise) message etc.
Step s802, AEN or AN share the processing indication according to sharing the policy calculation message, share in the present embodiment handling being designated as delay process and delay time parameter, and delay process refers to that AEN or AN are postponing to handle this message again after a period of time.AEN or AN at first obtain and share decision parameters, share access interface or link, message message parameter that parameter, AEN or AN that decision parameters comprise heading receive this message, share the current actual load (as there being session number) of group etc., the described strategy of sharing comprises the time-delay decision making algorithm.Described time-delay decision making algorithm such as L/X, actual load (session number that AEN exists) is organized in sharing that the L sign is current, and X is a constant ,/expression division arithmetic.Sharing strategy can be according to the actual conditions flexible configuration, share tactful specific implementation and comprise definition time-delay decision function (function), at function the inside implementation algorithm formula (formula), will share decision parameters as input parameter, calculate the delay time parameter.
Step s803, AEN or AN time-delay expire, and AEN or AN handle the message of buffer memory, and AEN or AN time-delay trigger specific implementation and comprise that timer triggers.The message that AEN or AN handle buffer memory comprises that AN transfers into session discovery message packet, AEN to network comtrol server forwarding access session discovery message packet to AEN, AN or AN transmit the access session to user terminal message are provided, and AEN response and transmission insert session message is provided.
In the embodiment of the invention; access session load sharing control system framework under ANCP or L2CM control as shown in Figure 9; AN and AEN exist ANCP or L2CM control connection; ANCP or L2CM control connection comprise the kinds of protect type; as 1:1 or 1+1 or N:1 etc., ANCP1 and ANCP2 protect control connection each other as shown in Figure 9.
In the embodiment of the invention, the implementing procedure of sharing protection under the ANCP control may further comprise the steps as shown in figure 10:
Step s1001, AN and AEN1 consult to set up ANCP or L2CM control connection, specifically can be TCP (Transmission Control Protocol, transmission control protocol) carrying GSMP (General SwitchManagement Protocol, general switch management protocol) agreement connects, this connection is used to dispose access session policy, as: the strategy of the multicast authority control table of access session, bandwidth parameter, load sharing etc.
Step s1002, AN and AEN2 set up ANCP or L2CM control connection.
Step s1003, AEN1 issues configuration parameter to AN, and configuration parameter comprises the strategy or the parameter of load sharing.
Step s1004, AN responds configure-ack to AEN1.
Step s1005, AEN2 issues configuration parameter to AN, and configuration parameter comprises the strategy or the parameter of load sharing.
Step s1006, AN responds configure-ack to AEN2.
Step s1007, AN sends the topology report to AEN1, as the access interface state, AN detects topological reporting event, obtain report information, according to sharing ANCP or the L2CM control connection that strategy is chosen report, send the topology report then by ANCP or L2CM control connection.The topology reporting event comprises that the access interface state changes (as activation or deexcitation) or ANCP or the establishment of L2CM control connection and finishes, and report information comprises port status parameter (as parameters such as Interface status and agreed bandwidth), shares strategy as (access interface) %N 4, XOR presentation logic XOR, N are represented ANCP or L2CM control connection sum.
Step s1008, AN sends the topology report to AEN2.
The embodiment of the invention provides a kind of protection system of access network, comprise user terminal, Dynamic Host Configuration Protocol server and access session load sharing control device, described user terminal is used for inserting the session message alternately by inserting session load sharing control device and described Dynamic Host Configuration Protocol server; Described access session load sharing control device is used to receive the access conversation message message that is used to consult to set up the access session, and described access conversation message message carries shares the processing indication information; Handle the indication information execution according to sharing in the described access conversation message message and share the described access conversation message message of processing.
Described access conversation message message is to find message packet from the access session of user terminal; Describedly handle indication and handle described access conversation message message and specifically comprise: will find that the access conversation message message of message packet is forwarded to Dynamic Host Configuration Protocol server from the access session of user's terminal according to described sharing; Or message packet is found in the access session of response user terminal.
Described access conversation message message is the message that gives information from the access session of Dynamic Host Configuration Protocol server, describedly handles indication and handles described access conversation message message and specifically comprise according to described sharing: the access conversation message message of the message that will give information from the access session of Dynamic Host Configuration Protocol server is forwarded to user terminal.
Wherein, insert session load sharing control device 200, as shown in figure 11, comprising:
Catch receiving element 210, be used to catch receive and be used to consult to set up the access conversation message message that inserts session, described access conversation message message carries shares the processing indication information, and described access conversation message message comprises from the access session of user terminal finds message packet or from the access session of the Dynamic Host Configuration Protocol server message that gives information.
Load control unit 220 is used for obtaining to share and handling indication according to inserting the conversation message message, described share handle indication comprise abandon handling indication, indication, delay process indication are handled in transfer.
Message processing unit 230 is used for handling the indication information execution according to sharing of described access conversation message message and shares the described access conversation message message of processing.
Aforesaid access session load sharing control device 200 also comprises:
Memory cell 240 is used for storage and shares the group information table, and the described group information table of sharing comprises and shares the group information parameter.
The control unit 220 of load described in the aforesaid access session load sharing control device 200 specifically comprises:
Decision parameters extract subelement 221, are used for catching the described access conversation message message of reception and extracting and share decision parameters according to the described receiving element of catching;
Decision-making computation subunit 222 is used for the described decision parameters of sharing are passed through hash algorithm or conditional decision, obtains described sharing and handles indication.
Message processing unit 230 specifically comprises described in the aforesaid access session load sharing control device 200:
First handles subelement 231, be used for sharing processing indication forwarding or processing access conversation message message according to the transfer processing, described forwarding or processing insert the conversation message message and specifically comprise: will insert session discovery message packet and be forwarded to next jumping or indicate the purpose functional module of access session discovery message packet to handle;
Or the described access session message that gives information is forwarded to user terminal.
Handle the access session described in the subelement 231 as first and find that message packet is forwarded to next jumping and specifically comprises: described access session load sharing control device 200 is access node, and then next is jumped and is the edge access node; Described access session load sharing control device 200 is the edge access node, and then next is jumped and is Dynamic Host Configuration Protocol server or aaa server.
Handle the indication access session described in the subelement 231 as first and find that the purpose functional module processing of message packet comprises indication dhcp server functionality module or PPPoE resume module.
Processing unit 230 specifically comprises described in the aforesaid access session load sharing control device 200:
Second handles subelement 232, is used for handling indication and handling and insert the conversation message message according to abandoning handling sharing, and abandons handling from the access session of user terminal and finds message packet or from the access session of the Dynamic Host Configuration Protocol server message that gives information.
Message processing unit 230 also comprises described in the aforesaid access session load sharing control device 200:
The 3rd handles subelement 233, is used for according to the described access conversation message of delay process indication buffer memory message, and the delay time of described delay process indication expires, and indication first is handled subelement and handled described access conversation message message.
In the embodiments of the invention, insert session access scene by expanding, applied load is shared protecting network, strengthens the reliability and the extensibility of network, improves user's satisfaction.
Through the above description of the embodiments, those skilled in the art can be well understood to the present invention and can realize by the mode that software adds essential general hardware platform, can certainly pass through hardware, but the former is better execution mode under a lot of situation.Based on such understanding, the part that technical scheme of the present invention contributes to prior art in essence in other words can embody with the form of software product, this computer software product is stored in the storage medium, comprise that some instructions are with so that a computer equipment (can be a personal computer, server, the perhaps network equipment etc.) carry out the described method of each embodiment of the present invention.
More than disclosed only be several specific embodiment of the present invention, still, the present invention is not limited thereto, any those skilled in the art can think variation all should fall into protection scope of the present invention.

Claims (15)

1, a kind of guard method of access network is characterized in that, may further comprise the steps:
Reception is used to consult to set up the access conversation message message that inserts session, and described access conversation message message carries shares the processing indication information;
Handle the indication information execution according to sharing in the described access conversation message message and share the described access conversation message message of processing.
2, the guard method of access network according to claim 1 is characterized in that, the described processing indication information of sharing obtains by following steps:
Obtain according to described access conversation message message and to share decision parameters;
The described decision parameters of sharing by hash algorithm or conditional decision algorithm, are obtained the described processing indication information of sharing.
3, the guard method of access network according to claim 1; it is characterized in that; described share handling be designated as the delay process indication, describedly handle indication information according to sharing in the described access conversation message message and carry out to share and handle described access conversation message message and specifically comprise:
According to the described message packet of described delay process indication buffer memory;
Delay time in described delay process indication expires, and sends the access conversation message message of described buffer memory.
4, the guard method of access network according to claim 1; it is characterized in that; described share handling be designated as transfer and handle indication, describedly handle indication information according to sharing in the described access conversation message message and carry out to share and handle described access conversation message message and specifically comprise:
Handle the corresponding group information of sharing of group of sharing of indication revises or adaptive described access conversation message heading according to transfer;
The group of sharing of handling indication according to described transfer sends message.
5, the guard method of access network according to claim 1; it is characterized in that; described share handling be designated as transfer and handle indication, describedly handle indication information according to sharing in the described access conversation message message and carry out to share and handle described access conversation message message and specifically comprise:
To find that the access conversation message message of message packet is forwarded to Dynamic Host Configuration Protocol server from the access session of user's terminal; Or message packet is found in the access session of response user terminal; Or
The access conversation message message of message of will giving information from the access session of Dynamic Host Configuration Protocol server is forwarded to user terminal.
6, a kind of access session load sharing control device is characterized in that, comprising:
Catch receiving element, be used to catch receive and be used to consult to set up the access conversation message message that inserts session, described access conversation message message carries shares the processing indication information, and described access conversation message message comprises from the access session of user terminal finds message packet or from the access session of the Dynamic Host Configuration Protocol server message that gives information;
The load control unit is used for obtaining to share according to described access conversation message message handling indication;
Message processing unit is used for handling the indication information execution according to sharing of described access conversation message message and shares the described access conversation message message of processing.
7, as device as described in the claim 6, it is characterized in that, also comprise:
Memory cell is used for storage and shares the group information table, and the described group information table of sharing comprises and shares the group information parameter.
8, as device as described in the claim 6, it is characterized in that described load control unit specifically comprises:
Decision parameters extract subelement, are used for catching the described access conversation message message of reception and extracting and share decision parameters according to the described receiving element of catching;
The decision-making computation subunit is used for the described decision parameters of sharing are passed through hash algorithm or conditional decision, obtains described sharing and handles indication.
9, as device as described in the claim 6, it is characterized in that described message processing unit specifically comprises:
First handles subelement, be used for sharing processing indication forwarding or processing access conversation message message according to the transfer processing, described forwarding or processing insert the conversation message message and specifically comprise: will insert session discovery message packet and be forwarded to next jumping or indicate the purpose functional module of access session discovery message packet to handle;
Or described access conversation message message is for from inserting the session message that gives information, and the described access session message that gives information is forwarded to user terminal.
10, as device as described in the claim 6, it is characterized in that described message processing unit specifically comprises:
Second handles subelement, is used for handling indication and handling and insert the conversation message message according to abandoning handling sharing, and abandons handling from the access session of user terminal and finds message packet or from the access session of the Dynamic Host Configuration Protocol server message that gives information.
11, as device as described in claim 6 or 9, it is characterized in that described message processing unit also comprises:
The 3rd handles subelement, is used for according to the described access conversation message of delay process indication buffer memory message, and the delay time of described delay process indication expires, and indication first is handled subelement and handled described access conversation message message.
12, a kind of protection system of access network is characterized in that, comprises user terminal, Dynamic Host Configuration Protocol server and access session load sharing control device,
Described user terminal is used for inserting the session message alternately by inserting session load sharing control device and described Dynamic Host Configuration Protocol server;
Described access session load sharing control device is used to receive the access conversation message message that is used to consult to set up the access session, and described access conversation message message carries shares the processing indication information; Handle the indication information execution according to sharing in the described access conversation message message and share the described access conversation message message of processing.
As the protection system of access network as described in the claim 12, it is characterized in that 13, described access conversation message message is to find message packet from the access session of user terminal; Described execution is shared the described access conversation message message of processing and is specifically comprised:
To find that the access conversation message message of message packet is forwarded to Dynamic Host Configuration Protocol server from the access session of user's terminal; Or message packet is found in the access session of response user terminal.
As the protection system of access network as described in the claim 12, it is characterized in that 14, described access conversation message message is the message that gives information of the access session from Dynamic Host Configuration Protocol server, described execution is shared and is handled described access conversation message message and specifically comprise:
The access conversation message message of message of will giving information from the access session of Dynamic Host Configuration Protocol server is forwarded to user terminal.
15, as the protection system of access network as described in each in the claim 12 to 14, it is characterized in that described access session load sharing control device is access node or edge node for access.
CNA2007101958094A 2007-11-29 2007-11-29 Protection method, system and equipment for access network Pending CN101453415A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CNA2007101958094A CN101453415A (en) 2007-11-29 2007-11-29 Protection method, system and equipment for access network

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CNA2007101958094A CN101453415A (en) 2007-11-29 2007-11-29 Protection method, system and equipment for access network

Publications (1)

Publication Number Publication Date
CN101453415A true CN101453415A (en) 2009-06-10

Family

ID=40735445

Family Applications (1)

Application Number Title Priority Date Filing Date
CNA2007101958094A Pending CN101453415A (en) 2007-11-29 2007-11-29 Protection method, system and equipment for access network

Country Status (1)

Country Link
CN (1) CN101453415A (en)

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101877845A (en) * 2009-12-01 2010-11-03 中国电信股份有限公司 WLAN (Wireless Local Area Network) access gateway as well as billing system and method by scenes
CN102143055A (en) * 2010-11-26 2011-08-03 华为技术有限公司 Business control method and device for access node
CN102209040A (en) * 2011-07-12 2011-10-05 杭州华三通信技术有限公司 Multi-network-port-based load sharing method and device
WO2012119386A1 (en) * 2011-08-12 2012-09-13 华为技术有限公司 Authentication method, device and system in access network
CN103178971A (en) * 2011-12-20 2013-06-26 华为技术有限公司 Passive optical network (PON) protecting method and device
CN103685588A (en) * 2012-09-10 2014-03-26 中兴通讯股份有限公司 Bridge packet forwarding method and device for wireless network equipment in client mode
CN107196813A (en) * 2011-10-04 2017-09-22 瞻博网络公司 Method and apparatus for two layers of enterprise network infrastructure of self-organizing
CN107547318A (en) * 2016-06-28 2018-01-05 中兴通讯股份有限公司 A kind of message transmission control method, device and broadband access system
CN107567706A (en) * 2015-05-05 2018-01-09 意大利电信股份公司 Session of subscriber in communication network is distributed again

Cited By (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101877845A (en) * 2009-12-01 2010-11-03 中国电信股份有限公司 WLAN (Wireless Local Area Network) access gateway as well as billing system and method by scenes
CN101877845B (en) * 2009-12-01 2013-04-24 中国电信股份有限公司 WLAN (Wireless Local Area Network) access gateway as well as billing system and method by scenes
CN102143055A (en) * 2010-11-26 2011-08-03 华为技术有限公司 Business control method and device for access node
US9325580B2 (en) 2010-11-26 2016-04-26 Huawei Technologies Co., Ltd. Method and apparatus for service control on access node
CN102143055B (en) * 2010-11-26 2013-10-09 华为技术有限公司 Business control method and device for access node
CN102209040B (en) * 2011-07-12 2013-12-25 杭州华三通信技术有限公司 Multi-network-port-based load sharing method and device
CN102209040A (en) * 2011-07-12 2011-10-05 杭州华三通信技术有限公司 Multi-network-port-based load sharing method and device
WO2012119386A1 (en) * 2011-08-12 2012-09-13 华为技术有限公司 Authentication method, device and system in access network
CN103392333A (en) * 2011-08-12 2013-11-13 华为技术有限公司 Authentication method, device and system in access network
CN107196813A (en) * 2011-10-04 2017-09-22 瞻博网络公司 Method and apparatus for two layers of enterprise network infrastructure of self-organizing
CN103178971B (en) * 2011-12-20 2015-12-16 华为技术有限公司 PON guard method and device
CN103178971A (en) * 2011-12-20 2013-06-26 华为技术有限公司 Passive optical network (PON) protecting method and device
CN103685588A (en) * 2012-09-10 2014-03-26 中兴通讯股份有限公司 Bridge packet forwarding method and device for wireless network equipment in client mode
CN107567706A (en) * 2015-05-05 2018-01-09 意大利电信股份公司 Session of subscriber in communication network is distributed again
CN107547318A (en) * 2016-06-28 2018-01-05 中兴通讯股份有限公司 A kind of message transmission control method, device and broadband access system

Similar Documents

Publication Publication Date Title
CN101453415A (en) Protection method, system and equipment for access network
US7733859B2 (en) Apparatus and method for packet forwarding in layer 2 network
CN103812960B (en) Network address translation for the application of subscriber-aware service
EP1648134B1 (en) Network service selection and authentication and stateless auto-configuration in an IPv6 access network
CN105637805B (en) Enhance mobile alternate channel to solve the node failure in wired networks
JP4394590B2 (en) Packet relay apparatus and communication bandwidth control method
JP4919608B2 (en) Packet transfer device
CN108092893B (en) Special line opening method and device
Wu et al. CNGI-CERNET2: an IPv6 deployment in China
WO2017137008A1 (en) Virtual network apparatus, and related method
JP5987122B2 (en) Network address translated device identification for device specific traffic flow steering
EP2099180B1 (en) Switching device and method for Layer-2 forwarding of OAM frames with multicast Layer-3 addresses
CN102084638A (en) Deterministic session load-balancing and redundancy of access servers in a computer network
WO2004006544A1 (en) System and method for dynamic simultaneous connection to multiple service providers
US11757832B2 (en) IP address allocation system and method
JP2001308935A (en) Communication system, communication method and communication apparatus
US20070195804A1 (en) Ppp gateway apparatus for connecting ppp clients to l2sw
CN101426004A (en) Three layer conversation access method, system and equipment
JP2007536851A (en) Session-based packet switching equipment
CN107925626A (en) SDN securities
EP1898594A2 (en) A method for providing broadband communication services
US20140204876A1 (en) Systems and methods for transporting data across an air interface using reduced address headers
US20070162607A1 (en) Insertion of protocol messages through a shim
EP1798900A1 (en) Access multiplexer
CN101087232B (en) An access method, system and device based on Ethernet point-to-point protocol

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C12 Rejection of a patent application after its publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20090610