CN102281182A - Message processing method, access controller, access point and system in access network - Google Patents
Message processing method, access controller, access point and system in access network Download PDFInfo
- Publication number
- CN102281182A CN102281182A CN2010101958931A CN201010195893A CN102281182A CN 102281182 A CN102281182 A CN 102281182A CN 2010101958931 A CN2010101958931 A CN 2010101958931A CN 201010195893 A CN201010195893 A CN 201010195893A CN 102281182 A CN102281182 A CN 102281182A
- Authority
- CN
- China
- Prior art keywords
- information
- access point
- access controller
- subscriber equipment
- access
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Abstract
The embodiment of the invention provides a message processing method, an access controller, an access point and a system in an access network. The access network comprises the access controller, the access point and user equipment, wherein the access point is connected with the access controller. The method comprises the following steps of: receiving a control message from the access point through a data channel between the access controller and the access point by the access controller, wherein the control message carries on-line information of the user equipment and virtual local area network identifier information of the data channel; and after determining to allow the user equipment to be associated or reassociated according to the on-line information, learning the virtual local area network identifier information. According to the embodiment of the invention, under the networking scene of a fit access point, when data are forwarded in a non-tunnel way and the first data message is initiated by the access controller, the access controller can learn the virtual local area network which is used when the downlink data is transmitted, and particularly, under the condition that an intermediate network is subjected to virtual local area network conversion, the downlink service can be ensured to be carried out smoothly.
Description
Technical field
The present invention relates to communication technical field, relate in particular to message processing method, access controller, access point and system in a kind of access network.
Background technology
In wireless network, access point (Access Point; Hereinafter to be referred as: AP) wireless user thousands of, that spread all over is everywhere had access to spider lines.At first, each AP is a stand-alone network elements, the customer group that management inserts separately, and this AP is called as " fat AP (Fat AP) ".Along with the extensive use of wireless network, AP is more and more.Huge " fat AP " management of quantity is got up very inconvenient.Centralized control formula access controller (Access Controller had appearred afterwards; Hereinafter to be referred as: AC), AC can manage a group AP concentratedly, is subjected to the AP of AC management to be called as " thin AP (Fit AP) ".
Under centralized control, AC manages AP by thin AP management agreement; Control and provisioning of wireless access points (Control And Provisioning of Wireless Access Points; Hereinafter to be referred as: CAPWAP) be the widely used thin AP management agreement that also is the sole criterion change.CAPWAP sets up between AC and AP equipment based on User Datagram Protoco (UDP) (User Datagram Protocol; Hereinafter to be referred as: CAPWAP tunnel UDP), this CAPWAP tunnel are divided into two kinds of control tunnel and data tunnels.
In the networking scene of thin AP, can two layers or three-layer network between AP and the AC; And the pass-through mode of business datum has tunnel forwarding and non-tunnel to transmit two kinds.Under the tunnel pass-through mode, business datum is encapsulated in based on directly being transparent to AC in the data tunnel of UDP, is not subjected to the influence of go-between.But concentrate to transmit business datum at AC, and this business datum adopts non-tunnel pass-through mode when AP and AC go-between are transmitted, the VLAN of business datum (Virtual Local Area Network; Hereinafter to be referred as: VLAN), might be changed.And the VLAN that AC adopts when sending downlink service data should be identical with the VLAN that uplink business data carries.
Sometimes, first message of data channel is initiated by AC, and at this moment AC can't be known the VLAN that adopts when sending downlink service data; At the problems referred to above, prior art does not provide a kind of effective solution.
Summary of the invention
The embodiment of the invention provides message processing method, access controller, access point and the system in a kind of access network, with the VLAN of realizing that access controller adopts when knowing the transmission downlink service data.
The embodiment of the invention provides the message processing method in a kind of access network, described access network comprises access controller, access point and subscriber equipment, described subscriber equipment links to each other with described access point, and described access point links to each other with described access controller, and described method comprises:
Described access controller is by the control message of the reception of the data channel between described access controller and the described access point from described access point, and described control message carries the information of reaching the standard grade of described subscriber equipment and the VLAN ID information of described data channel;
Described access controller is determined to allow according to the described information of reaching the standard grade after described user device association or the series of fortified passes connection described VLAN ID information to be learnt.
The embodiment of the invention also provides a kind of access controller, comprising:
The message receiver module, be used for receiving control message from described access point by the data channel between described access controller and the access point, described control message carries the information of reaching the standard grade of the subscriber equipment that described access point connects and the VLAN ID information of described data channel;
Study module is used for after determining to allow described user device association or series of fortified passes connection according to the described information of reaching the standard grade described VLAN ID information being learnt.
The embodiment of the invention also provides a kind of access point, comprising:
Receiver module is used to receive the association request message or the reassociation requests message of subscriber equipment;
Sending module is used for sending the control message by the data channel between access controller and the described access point to described access controller, and described control message carries the information of reaching the standard grade of described subscriber equipment and the VLAN ID information of described data channel.
The embodiment of the invention also provides a kind of connecting system, comprising: access controller, access point and subscriber equipment, and described subscriber equipment links to each other with described access point, and described access point links to each other with described access point controller;
Described access point is used to receive association request message or the reassociation requests message that subscriber equipment sends, and sends the control message by the data channel between described access point and the described access controller to described access controller;
Described access controller is used to receive described control message, and described control message carries the information of reaching the standard grade of described subscriber equipment and the VLAN ID information of described data channel; After definite described user device association of permission of the described information of reaching the standard grade or series of fortified passes connection, described VLAN ID information is learnt.
Pass through the embodiment of the invention, access controller is by the control message of the reception of the data channel between this access controller and the access point from access point, determine to allow user device association or series of fortified passes connection according to the information of reaching the standard grade in this control message after, VLAN ID information in this control message is learnt, thereby realized under the networking scene of thin access point, when the non-tunnel of The data pass-through mode, and when first data message is initiated by access controller, this access controller can be known the VLAN that uses when sending downlink data, particularly carried out under the VLAN change over condition, guaranteed carrying out smoothly of downlink business at go-between.
Description of drawings
In order to be illustrated more clearly in the embodiment of the invention or technical scheme of the prior art, to do one to the accompanying drawing of required use in embodiment or the description of the Prior Art below introduces simply, apparently, accompanying drawing in describing below is some embodiments of the present invention, for those of ordinary skills, under the prerequisite of not paying creative work, can also obtain other accompanying drawing according to these accompanying drawings.
Fig. 1 is the schematic diagram of an embodiment of application scenarios of the present invention;
Fig. 2 is the flow chart of the embodiment of message processing method in the access network of the present invention;
Fig. 3 is the flow chart of another embodiment of message processing method in the access network of the present invention;
Fig. 4 is the schematic diagram of another embodiment of application scenarios of the present invention;
Fig. 5 is the structural representation of an embodiment of access controller of the present invention;
Fig. 6 is the structural representation of another embodiment of access controller of the present invention;
Fig. 7 is the structural representation of an embodiment of access point of the present invention;
Fig. 8 is the structural representation of another embodiment of access point of the present invention;
Fig. 9 is the structural representation of an embodiment of connecting system of the present invention.
Embodiment
For the purpose, technical scheme and the advantage that make the embodiment of the invention clearer, below in conjunction with the accompanying drawing in the embodiment of the invention, technical scheme in the embodiment of the invention is clearly and completely described, obviously, described embodiment is the present invention's part embodiment, rather than whole embodiment.Based on the embodiment among the present invention, the every other embodiment that those of ordinary skills are obtained under the prerequisite of not making creative work belongs to the scope of protection of the invention.
Access controller can manage one or more access point, also can related one or more subscriber equipment under the access point, and the subscriber equipment here can be work station (Station; Hereinafter to be referred as: STA).
User equipment searches can insert this access point with request by sending association request message to this access point behind access point.Access point can report access controller with the related information of this subscriber equipment, if related information is to report access controller by the control channel between access point and the access controller, so for ensuing verification process, because wireless local area network authentication infrastructure (the WirelessLocal Area Network Authentication Infrastructure of authentication; Hereinafter to be referred as: WAI) message or based on Extensible Authentication Protocol (the Extensible Authentication Protocol over LocalArea Network of local area network (LAN); Hereinafter to be referred as: EAPol) message is to be issued by the data channel between access point and the access controller, however access controller and do not know the vlan information of data channel, therefore, access controller does not know this issues message identifying toward which data channel.
And situation about between access point, switching for subscriber equipment, if subscriber equipment adopts the 802.1X authentication mode, after switching access point so, subscriber equipment does not need to carry out loaded down with trivial details 802.1X authentication and Key exchange again, accelerated switch speed, do not need to carry out 802.1X authentication and Key exchange just because of subscriber equipment, so when access controller sends datagram to subscriber equipment by data channel, equally do not know the vlan information of data channel yet, do not know this toward which data channel sends datagram yet.
Given this, the embodiment of the invention provides the message processing method in a kind of access network, can be implemented under the networking scene of thin access point, when the non-tunnel of The data pass-through mode, and when first data message is initiated by access controller, this access controller can be known the VLAN that uses when sending downlink data, has particularly carried out under the VLAN change over condition at go-between, has guaranteed carrying out smoothly of downlink business.Message processing method in the access network that the embodiment of the invention provides can be used for application scenarios shown in Figure 1, Fig. 1 is the schematic diagram of an embodiment of application scenarios of the present invention, as shown in Figure 1, can comprise subscriber equipment, access point and access controller in this application scenarios, wherein, subscriber equipment links to each other with access point, and access point links to each other with access controller.The implementing procedure of the message processing method in the access network that the embodiment of the invention is provided is introduced below.
Fig. 2 is the flow chart of the embodiment of message processing method in the access network of the present invention, and as shown in Figure 2, the message processing method in this access network can comprise:
In the present embodiment, this control message can be the CAPWAP message, and the information of reaching the standard grade of subscriber equipment can comprise media interviews control (the Media Access Control of this subscriber equipment; Hereinafter to be referred as: MAC) address, service set (Service Set Identification; Hereinafter to be referred as: SSID) and related information; Perhaps, the information of reaching the standard grade of this subscriber equipment can comprise the identification information and the series of fortified passes connection information of MAC Address, the SSID of this subscriber equipment, former access point;
This control message carry data channel VLAN ID information can for: the information of virtual local area network in the Ethernet head of CAPWAP message is set to the VLAN ID information of this data channel; Can guarantee this CAPWAP message like this along this data channel forwarding, and the VLAN ID information of this data channel is sent to access controller.
In the present embodiment, access point can be made as the control message by the value with type of message cell in the CAPWAP message, identifies this CAPWAP message and be the control message of the VLAN ID information of the information of reaching the standard grade of carrying subscriber equipment and data channel.
In the present embodiment, after VLAN ID information was learnt, access controller sent datagram to the data channel of this VLAN ID information correspondence.
In addition, in the present embodiment, after access controller determined to allow user device association or series of fortified passes connection according to the above-mentioned information of reaching the standard grade, access controller can also authenticate subscriber equipment according to the above-mentioned information of reaching the standard grade; Thereby realized that VLAN seeks process and the unification of UE identifying procedure, has simplified flow process.
In the foregoing description, access controller is by the control message of the reception of the data channel between this access controller and the access point from access point, determine to allow user device association or series of fortified passes connection according to the information of reaching the standard grade in this control message after, VLAN ID information in this control message is learnt, thereby realized under the networking scene of thin access point, when the non-tunnel of The data pass-through mode, and when first data message is initiated by access controller, this access controller can be known the VLAN that uses when sending downlink data, particularly carried out under the VLAN change over condition, guaranteed carrying out smoothly of downlink business at go-between.
Fig. 3 is the flow chart of another embodiment of message processing method in the access network of the present invention, and as shown in Figure 3, the message processing method in this access network can comprise:
Step 301, AP receives subscriber equipment (User Equipment; Hereinafter to be referred as: UE) association request message of Fa Songing or reassociation requests message.
Step 302, the authentication mode that association request message that the AP basis receives or reassociation requests message are determined UE.
Particularly, AP can be according to the SSID of this UE that carries in association request message or the reassociation requests message, in the authentication mode that preserve this locality, search, obtain the authentication mode corresponding with this SSID, the authentication mode of this SSID correspondence is the authentication mode of this UE, wherein, the local authentication mode of preserving is that this AP obtains from the configuration data that AC issues and preserves; Perhaps, AP can be according to the SSID of this UE that carries in association request message or the reassociation requests message, ask the authentication mode of this SSID correspondence to AC, and receive the authentication mode of this SSID correspondence that this AC returns, the authentication mode of this SSID correspondence is the authentication mode of this UE; Two kinds of examples of the authentication mode that below only to be AP determine UE according to the association request message that receives or reassociation requests message, the embodiment of the invention does not limit this, as long as the authentication mode that association request message that the AP basis receives or reassociation requests message can be determined UE.
Step 303, AP sends the control message according to the authentication mode of this UE to AC, and this control message carries the VLAN identification information of UE upstream data passage.
Wherein, UE upstream data passage is the data channel between AC and the AP.
Particularly, when the authentication mode of this subscriber equipment be authentication mode or WLAN authentication and privacy infrastructure (Wireless LAN Authentication and PrivacyInfrastructure based on 802.1X; Hereinafter to be referred as: WAPI) during authentication mode, AP sends the control message to AC.
Step 304, the VLAN identification information that carries in AC study and the record controls message, and when sending downlink data, use the data channel of this VLAN identification information correspondence.
Step 305, AC determines to allow this UE to carry out triggering the identifying procedure of this UE after association or the series of fortified passes connection according to association or the series of fortified passes connection information of the UE that carries in the control message.
In the present embodiment, except that the VLAN identification information, above-mentioned control message can also carry association or the series of fortified passes connection information of UE, receive after the control message, AC can determine to allow this UE to carry out triggering the identifying procedure of this UE after association or the series of fortified passes connection according to association or the series of fortified passes connection information of this UE, thereby realized that VLAN seeks process and the unification of UE identifying procedure, has simplified flow process.In addition, this control message can also carry this UE other access informations except that association or series of fortified passes connection information, for example: the MAC Address of this subscriber equipment, SSID and former related AP information such as (being in as this UE under the situation of series of fortified passes connection), use for the handling process of reaching the standard grade of this UE.
Present embodiment does not limit the execution sequence of step 304 and step 305, and step 304 and step 305 can successively be carried out, can executed in parallel yet.
The foregoing description has been realized under the networking scene of thin AP, when the non-tunnel of The data pass-through mode, and when first data message is initiated by AC, this AC can be known the VLAN that uses when sending downlink data, particularly carried out under the VLAN change over condition, guaranteed carrying out smoothly of downlink business at go-between.
Need to prove, the present invention is embodiment illustrated in fig. 3 only to be a kind of example of the present invention, certainly the embodiment of the invention is not limited in this, in the step 303, AP not only can send the control message to AC according to the authentication mode of UE, the condition that AP sends the control message to AC also can for: anyly initiate AC and AP earlier, the perhaps protocol interaction between AC and the UE, and this protocol interaction is just to have reached the standard grade at UE to carry out before also not sending uplink data messages by AC; In this case, receive after the association request or reassociation requests of UE transmission, AP just can send the control message to AC.
Message processing method in Fig. 2 of the present invention and the access network that provides embodiment illustrated in fig. 3 also can be applicable in the present invention's application scenarios shown in Figure 4, Fig. 4 is the schematic diagram of another embodiment of application scenarios of the present invention, application scenarios shown in Figure 4 is an example of the networking scene of thin AP, as shown in Figure 4, in the networking scene of this thin AP, the non-tunnel of The data pass-through mode, UE 1 inserts AP 1, and AP 1 uses VLAN 1; UE 2 inserts AP 2, and AP 2 uses VLAN 2; AP 1 and AP 2 are by LAN switch (Local Area Network Switch; Hereinafter to be referred as: LSW) and Layer 2 switch, realize and the communicating to connect of AC; This Layer 2 switch has carried out the VLAN conversion, has converted VLAN 1 to VLAN 11, has converted VLAN 2 to VLAN 22.
One of ordinary skill in the art will appreciate that: all or part of step that realizes said method embodiment can be finished by the relevant hardware of program command, aforesaid program can be stored in the computer read/write memory medium, this program is carried out the step that comprises said method embodiment when carrying out; And aforesaid storage medium comprises: various media that can be program code stored such as ROM, RAM, magnetic disc or CD.
Fig. 5 is the structural representation of an embodiment of access controller of the present invention, and the access controller in the present embodiment can be realized the flow process that the present invention is embodiment illustrated in fig. 2.As shown in Figure 5, this access controller can comprise: message receiver module 51 and study module 52.
Wherein, message receiver module 51, be used for receiving control message from access point by the data channel between access controller and the access point, this control message carries the information of reaching the standard grade of the subscriber equipment that this access point connects and the VLAN ID information of this data channel;
In the present embodiment, this control message can be the CAPWAP message, and the information of reaching the standard grade of subscriber equipment can comprise MAC Address, SSID and the related information of this subscriber equipment; Perhaps, the information of reaching the standard grade of this subscriber equipment can comprise the identification information and the series of fortified passes connection information of MAC Address, the SSID of this subscriber equipment, former access point;
This control message carry data channel VLAN ID information can for: the information of virtual local area network in the Ethernet head of CAPWAP message is set to the VLAN ID information of this data channel; Can guarantee this CAPWAP message like this along this data channel forwarding, and the VLAN ID information of this data channel is sent to access controller.
In the foregoing description, message receiver module 51 is by the control message of the reception of the data channel between this access controller and the access point from access point, study module 52 is after determining to allow user device association or series of fortified passes connection according to the information of reaching the standard grade in this control message, VLAN ID information in this control message is learnt, thereby realized under the networking scene of thin access point, when the non-tunnel of The data pass-through mode, and when first data message is initiated by access controller, this access controller can be known the VLAN that uses when sending downlink data, particularly carried out under the VLAN change over condition, guaranteed carrying out smoothly of downlink business at go-between.
Fig. 6 compares with access controller shown in Figure 5 for the structural representation of another embodiment of access controller of the present invention, and difference is that access controller shown in Figure 6 can also comprise: authentication module 53 and data transmission blocks 54.
Wherein, authentication module 53 is used for according to the information of reaching the standard grade subscriber equipment being authenticated;
Data transmission blocks 54 is used for sending datagram to the data channel of VLAN ID information correspondence.
Above-mentioned access controller has been realized under the networking scene of thin access point, when the non-tunnel of The data pass-through mode, and when first data message is initiated by access controller, this access controller can be known the VLAN that uses when sending downlink data, particularly carried out under the VLAN change over condition, guaranteed carrying out smoothly of downlink business at go-between.
Fig. 7 is the structural representation of an embodiment of access point of the present invention, and as shown in Figure 7, this access point can comprise: receiver module 71 and sending module 72;
Wherein, receiver module 71 is used to receive the association request message or the reassociation requests message of subscriber equipment;
Sending module 72 is used for sending the control message by the data channel between access controller and this access point to access controller, and this control message carries the information of reaching the standard grade of subscriber equipment and the VLAN ID information of this data channel.
In the above-mentioned access point, receiver module 71 is after association request message that receives subscriber equipment or reassociation requests message, sending module 72 sends the control message by the data channel between access controller and this access point to access controller, this control message carries the information of reaching the standard grade of subscriber equipment and the VLAN ID information of this data channel, receive after this control message, access controller is according to the information of reaching the standard grade of subscriber equipment, determine to allow after user device association or the series of fortified passes connection, access controller just can be learnt above-mentioned VLAN ID information, and when sending downlink data, use this VLAN ID information corresponding virtual local area network (LAN), thereby realized under the networking scene of thin access point, when the non-tunnel of The data pass-through mode, and when first data message is initiated by access controller, this access controller can be known the VLAN that uses when sending downlink data, particularly carried out under the VLAN change over condition, guaranteed carrying out smoothly of downlink business at go-between.
Fig. 8 compares with access point shown in Figure 7 for the structural representation of another embodiment of access point of the present invention, and difference is that access point shown in Figure 8 can further include: judge module 73;
Wherein, judge module 73 is used for after receiver module 71 receives association request message, determines the authentication mode of subscriber equipment according to this association request message, and judges whether that according to the authentication mode of this subscriber equipment needs send the control message; Perhaps, be used for after receiver module 71 is received reassociation requests message, determine the authentication mode of subscriber equipment, and judge whether that according to the authentication mode of this subscriber equipment needs send the control message according to this reassociation requests message.
Wherein, judge module 73 is being determined the authentication mode of subscriber equipment, and when judging whether that according to the authentication mode of this subscriber equipment needs send the control message, can not repeat them here with reference to the present invention's execution mode that provides embodiment illustrated in fig. 3.
Above-mentioned access point has been realized under the networking scene of thin access point, when the non-tunnel of The data pass-through mode, and when first data message is initiated by access controller, this access controller can be known the VLAN that uses when sending downlink data, particularly carried out under the VLAN change over condition, guaranteed carrying out smoothly of downlink business at go-between.
Fig. 9 is the structural representation of an embodiment of connecting system of the present invention, and as shown in Figure 9, this connecting system can comprise: access point 91, access controller 92 and subscriber equipment 93; Wherein, subscriber equipment 93 links to each other with access point 91, and access point 91 links to each other with access controller 92;
In the present embodiment, further, this connecting system can also comprise: switching equipment 94; This switching equipment 94 connects access point 91 and access controller 92, is used for carrying out between access point 91 and access controller 92 the VLAN conversion.
Particularly, access point 91 can be realized by Fig. 7 of the present invention or access point shown in Figure 8; Access controller 92 can be realized by Fig. 5 of the present invention or access controller shown in Figure 6.
In the above-mentioned connecting system, access controller 92 is by the control message of the reception of the data channel between this access controller 92 and the access point 91 from access point 91, determine to allow subscriber equipment 93 associations or series of fortified passes connection according to the information of reaching the standard grade in this control message after, VLAN ID information in this control message is learnt, thereby realized under the networking scene of thin access point, when the non-tunnel of The data pass-through mode, and when first data message is initiated by access controller 92, this access controller 92 can be known the VLAN that uses when sending downlink data, particularly carried out under the VLAN change over condition, guaranteed carrying out smoothly of downlink business at go-between.
It will be appreciated by those skilled in the art that accompanying drawing is the schematic diagram of a preferred embodiment, module in the accompanying drawing or flow process might not be that enforcement the present invention is necessary.
It will be appreciated by those skilled in the art that the module in the device among the embodiment can be distributed in the device of embodiment according to the embodiment description, also can carry out respective change and be arranged in the one or more devices that are different from present embodiment.The module of the foregoing description can be merged into a module, also can further split into a plurality of submodules.
It should be noted that at last: above embodiment only in order to technical scheme of the present invention to be described, is not intended to limit; Although with reference to previous embodiment the present invention is had been described in detail, those of ordinary skill in the art is to be understood that: it still can be made amendment to the technical scheme that aforementioned each embodiment put down in writing, and perhaps part technical characterictic wherein is equal to replacement; And these modifications or replacement do not make the essence of appropriate technical solution break away from the spirit and scope of various embodiments of the present invention technical scheme.
Claims (11)
1. the message processing method in the access network, described access network comprises access controller, access point and subscriber equipment, and described subscriber equipment links to each other with described access point, and described access point links to each other with described access controller, it is characterized in that described method comprises:
Described access controller is by the control message of the reception of the data channel between described access controller and the described access point from described access point, and described control message carries the information of reaching the standard grade of described subscriber equipment and the VLAN ID information of described data channel;
Described access controller is determined to allow according to the described information of reaching the standard grade after described user device association or the series of fortified passes connection described VLAN ID information to be learnt.
2. method according to claim 1 is characterized in that, described access controller is determined to allow according to the described information of reaching the standard grade also to comprise after described user device association or the series of fortified passes connection:
Described access controller authenticates described subscriber equipment according to the described information of reaching the standard grade.
3. method according to claim 1 is characterized in that, described described VLAN ID information is learnt after, also comprise:
Described access controller sends datagram to the data channel of described VLAN ID information correspondence.
4. according to any described method of claim 1-3, it is characterized in that, described control message is the control and provisioning of wireless access points message, and the information of reaching the standard grade of described subscriber equipment comprises the media access control address of described subscriber equipment, service set and related information; Perhaps, the information of reaching the standard grade of described subscriber equipment comprises the identification information and the series of fortified passes connection information of media access control address, the service set of described subscriber equipment, former access point.
5. an access controller is characterized in that, comprising:
The message receiver module, be used for receiving control message from described access point by the data channel between described access controller and the access point, described control message carries the information of reaching the standard grade of the subscriber equipment that described access point connects and the VLAN ID information of described data channel;
Study module is used for after determining to allow described user device association or series of fortified passes connection according to the described information of reaching the standard grade described VLAN ID information being learnt.
6. access controller according to claim 5 is characterized in that, also comprises:
Authentication module is used for according to the described information of reaching the standard grade described subscriber equipment being authenticated.
7. according to claim 5 or 6 described access controllers, it is characterized in that, also comprise:
Data transmission blocks is used for sending datagram to the data channel of described VLAN ID information correspondence.
8. an access point is characterized in that, comprising:
Receiver module is used to receive the association request message or the reassociation requests message of subscriber equipment;
Sending module is used for sending the control message by the data channel between access controller and the described access point to described access controller, and described control message carries the information of reaching the standard grade of described subscriber equipment and the VLAN ID information of described data channel.
9. access point according to claim 8 is characterized in that, also comprises:
Judge module is used for after described receiver module is received described association request message, determines the authentication mode of described subscriber equipment according to described association request message, and judges whether that according to the authentication mode of described subscriber equipment needs send described control message; Perhaps, be used for after described receiver module is received described reassociation requests message, determine the authentication mode of described subscriber equipment, and judge whether that according to the authentication mode of described subscriber equipment needs send described control message according to described reassociation requests message.
10. a connecting system is characterized in that, comprising: access controller, access point and subscriber equipment, and described subscriber equipment links to each other with described access point, and described access point links to each other with described access controller;
Described access point is used to receive association request message or the reassociation requests message that subscriber equipment sends, and sends the control message by the data channel between described access point and the described access controller to described access controller;
Described access controller is used to receive described control message, and described control message carries the information of reaching the standard grade of described subscriber equipment and the VLAN ID information of described data channel; After definite described user device association of permission of the described information of reaching the standard grade or series of fortified passes connection, described VLAN ID information is learnt.
11. system according to claim 10 is characterized in that, also comprises:
Switching equipment, described switching equipment connect described access point and described access controller, are used for carrying out between described access point and described access controller the VLAN conversion.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201010195893.1A CN102281182B (en) | 2010-06-08 | 2010-06-08 | Message processing method, access controller, access point and system in access network |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201010195893.1A CN102281182B (en) | 2010-06-08 | 2010-06-08 | Message processing method, access controller, access point and system in access network |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN102281182A true CN102281182A (en) | 2011-12-14 |
| CN102281182B CN102281182B (en) | 2014-03-26 |
Family
ID=45106377
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201010195893.1A Active CN102281182B (en) | 2010-06-08 | 2010-06-08 | Message processing method, access controller, access point and system in access network |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102281182B (en) |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102612033A (en) * | 2012-03-29 | 2012-07-25 | 北京傲天动联技术有限公司 | Mobile phone with thin wireless access point and communication method for mobile phone |
| CN102647715A (en) * | 2012-03-27 | 2012-08-22 | 华为技术有限公司 | Method for delivering authentication target MAC (Media Access Control) address of EAP (Extensible Authentication Protocol) authentication |
| CN103313308A (en) * | 2013-06-18 | 2013-09-18 | 杭州华三通信技术有限公司 | Data transmission method and device |
| CN103686854A (en) * | 2012-09-17 | 2014-03-26 | 中兴通讯股份有限公司 | Method and device for controlling AP |
| CN103796267A (en) * | 2013-03-28 | 2014-05-14 | 深圳光启创新技术有限公司 | Communication system applied to traffic system of operation line |
| CN113746716A (en) * | 2016-10-28 | 2021-12-03 | 慧与发展有限责任合伙企业 | Multi-connection access point |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101146045A (en) * | 2007-10-11 | 2008-03-19 | 杭州华三通信技术有限公司 | Radio LAN and its access method and access device |
| CN101447887A (en) * | 2007-11-27 | 2009-06-03 | 华为技术有限公司 | Method for user on-line notification and device thereof |
| CN101711031A (en) * | 2009-12-23 | 2010-05-19 | 杭州华三通信技术有限公司 | Portal authenticating method during local forwarding and access controller (AC) |
-
2010
- 2010-06-08 CN CN201010195893.1A patent/CN102281182B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101146045A (en) * | 2007-10-11 | 2008-03-19 | 杭州华三通信技术有限公司 | Radio LAN and its access method and access device |
| CN101447887A (en) * | 2007-11-27 | 2009-06-03 | 华为技术有限公司 | Method for user on-line notification and device thereof |
| CN101711031A (en) * | 2009-12-23 | 2010-05-19 | 杭州华三通信技术有限公司 | Portal authenticating method during local forwarding and access controller (AC) |
Cited By (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102647715A (en) * | 2012-03-27 | 2012-08-22 | 华为技术有限公司 | Method for delivering authentication target MAC (Media Access Control) address of EAP (Extensible Authentication Protocol) authentication |
| CN102612033A (en) * | 2012-03-29 | 2012-07-25 | 北京傲天动联技术有限公司 | Mobile phone with thin wireless access point and communication method for mobile phone |
| CN102612033B (en) * | 2012-03-29 | 2015-07-08 | 北京傲天动联技术股份有限公司 | Mobile phone with thin wireless access point and communication method for mobile phone |
| CN103686854A (en) * | 2012-09-17 | 2014-03-26 | 中兴通讯股份有限公司 | Method and device for controlling AP |
| CN103796267A (en) * | 2013-03-28 | 2014-05-14 | 深圳光启创新技术有限公司 | Communication system applied to traffic system of operation line |
| CN103796267B (en) * | 2013-03-28 | 2015-04-15 | 深圳光启创新技术有限公司 | Communication system applied to traffic system of operation line |
| CN103313308A (en) * | 2013-06-18 | 2013-09-18 | 杭州华三通信技术有限公司 | Data transmission method and device |
| CN103313308B (en) * | 2013-06-18 | 2016-06-29 | 杭州华三通信技术有限公司 | A kind of data transmission method and equipment |
| CN113746716A (en) * | 2016-10-28 | 2021-12-03 | 慧与发展有限责任合伙企业 | Multi-connection access point |
| CN113746716B (en) * | 2016-10-28 | 2023-03-31 | 慧与发展有限责任合伙企业 | Multi-connection access point |
Also Published As
| Publication number | Publication date |
|---|---|
| CN102281182B (en) | 2014-03-26 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11129216B2 (en) | Initial access and radio resource management for integrated access and backhaul (IAB) wireless networks | |
| CN102523628B (en) | A kind of trunking method of wireless relay apparatus and wireless relay apparatus | |
| US9071968B2 (en) | Method, apparatus, and system for centralized 802.1X authentication in wireless local area network | |
| CN102281182B (en) | Message processing method, access controller, access point and system in access network | |
| CN101795465A (en) | Method and equipment for group management of APs | |
| US20210022013A1 (en) | Facilitating model-driven automated cell allocation in fifth generation (5g) or other advanced networks | |
| US10485043B2 (en) | Multi-connection access point | |
| EP3182791A1 (en) | Terminal-based communication method and terminal | |
| CN101917272A (en) | Secret communication method and system among neighboring user terminals | |
| WO2021232852A1 (en) | Method and apparatus for terminal to access network | |
| CN103281692B (en) | Method for fast roaming between a kind of AC and equipment | |
| US11265708B2 (en) | Method and device for joining access node group | |
| CN102014391A (en) | Wireless network safety access method, system and wireless controller | |
| WO2015139434A1 (en) | Method and apparatus for determining a security algorithm | |
| US10462842B2 (en) | Method and apparatus for transmitting S1AP signaling | |
| CN106488547B (en) | STA authentication data management method, device and equipment | |
| US20200374770A1 (en) | Automatic neighbor relationships for a 5g air interface or other next generation network interfaces | |
| US20210195431A1 (en) | Data processing method adapted to access network architecture, access network architecture system and storage medium | |
| CN113747496B (en) | Switching method, network equipment and system in multi-connection network | |
| CN103973570B (en) | A kind of method of message transmissions, AP and system | |
| CN102223705B (en) | Multi-cell network of home base station and realization method of same | |
| US20240089930A1 (en) | Configuration method, allocation method, apparatus, device, and storage medium | |
| WO2017128625A1 (en) | Service configuration method and apparatus, and management network element | |
| US11968658B2 (en) | Partitioning radio resources to enable neutral host operation for a radio access network | |
| WO2022227088A1 (en) | Integrated access and backhaul communication |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |