CN103095654B - Virtual local area network (VLAN) configuration method, wireless access point and network control point - Google Patents
Virtual local area network (VLAN) configuration method, wireless access point and network control point Download PDFInfo
- Publication number
- CN103095654B CN103095654B CN201110341796.3A CN201110341796A CN103095654B CN 103095654 B CN103095654 B CN 103095654B CN 201110341796 A CN201110341796 A CN 201110341796A CN 103095654 B CN103095654 B CN 103095654B
- Authority
- CN
- China
- Prior art keywords
- vlan
- marks
- network control
- control point
- wap
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Landscapes
- Mobile Radio Communication Systems (AREA)
Abstract
The invention relates to a virtual local area network (VLAN) configuration method, a wireless access point and a network control point. The wireless access point receives a first authentication protocol message sent by first user equipment (UE), wherein the first authentication protocol message contains identification information on the first UE. The wireless access point distributes first VLAN identification for the identification information of the first UE. The wireless access point sends a mapping relationship between the identification information of the first UE and the first VLAN identification to a network control point. Thus, both the wireless access point and the network control point obtain the mapping relationship between the identification information of the first UE and the first VLAN identification so that the wireless access point can identify a data message sent by the first UE with the first VLAN identification so that the network control point can identify.
Description
Technical field
The present embodiments relate to the communications field, more particularly to a kind of method, the nothing of configuring virtual LAN vlan information
Line access point and network control point.
Background technology
With the continuous popularization of intelligent terminal, the generation of various access ways, and the demand of new business so that mobile
Data traffic gradually increases.Simultaneously service plane tends to unified, carries more flattening, thus brings mobile and fixed network
Fusion.The current network integration is accomplished that the intercommunication between mobile and fixed network, is related to control plane and transport plane
Intercommunication.
At present, user equipment (English full name is User Equipment, and english abbreviation is UE) has plurality of access modes, wraps
(English full name is 3rd Generation Partnership Project, and english abbreviation is to include third generation partner program
3GPP) access, WLAN (English full name is Wireless Local Area Network, and english abbreviation is WLAN) connects
Enter and accessed etc. with microcell base station (English full name be Femtocell).The bearer network that WLAN is accessed or Femtocell is accessed is solid
Determine network, user equipment can pass through WLAN or Femtocell access networks, there is provided internet service or mobile service.
Under mobile and fixed network fusion scene, need mutually coordinated to ensure to use between mobile network and fixed network
The normal offer of family business and the normal management to user.Under existing movement and fixed network fusion scene, user equipment
When by fixed network access to mobile network, due to WAP, such as RG, nat feature has above been usually deployed, and NAT
Function can mask the information with regard to UE carried in the data message that UE sends so that network control point is according in data message
The data separation with regard to UE for carrying belongs to the data message of different UE, so as to not realize carrying out flowtube by granularity of UE
Reason.
The content of the invention
One purpose of the embodiment of the present invention be provide the method for configuring virtual LAN vlan information, WAP and
Network control point.
The technical scheme of the embodiment of the present invention is as follows:
One embodiment of the present of invention discloses a kind of method of configuring virtual LAN vlan information, including:
WAP receives the first authentication protocol message that first user equipment UE sends, the first authentication protocol report
Text carries the identification information of a UE;
The WAP is that the identification information of a UE distributes the first virtual LAN VLAN mark;
The WAP sends the mapping relations that the identification information of a UE and a VLAN are identified
To network control point.
One embodiment of the present of invention discloses a kind of method of configuring virtual LAN vlan information, including:
Network control point receives the first authentication protocol message from WAP, and the first authentication protocol message carries the
The identification information of one user equipment (UE);
The network control point is that the identification information of a UE distributes the first virtual LAN VLAN mark;
The network control point is to third generation partner program authentication, authorization, accounting 3GPP aaa servers or width
Band forum AAA server BBF AAA send the first certification request;
The network control point receives the first certification and rings from the 3GPP aaa servers or the BBF aaa servers
Should;
The network control point to the WAP forwards first authentication response, it is described be forwarded first recognize
The mapping relations of identification information and the VLAN mark of a UE are carried in card response.
One embodiment of the present of invention discloses a kind of WAP, including:
Protocol massages receiving unit, for receiving the first authentication protocol message of first user equipment UE transmission, described the
One authentication protocol message carries the identification information of a UE;
VLAN ID allocation unit, for distributing the first VLAN for the identification information of a UE
VLAN is identified;
Mapping relations transmitting element, for the mapping that the identification information of a UE and a VLAN are identified to be closed
System is sent to network control point.
One embodiment of the present of invention discloses a kind of network control point, including:
Protocol massages receiving unit, for receiving the first authentication protocol message, the first certification association from WAP
View message carries the identification information of first user equipment UE;
VLAN ID allocation unit, for distributing the first VLAN for the identification information of a UE
VLAN is identified;
Certification request transmitting element, for third generation partner program authentication, authorization, accounting 3GPPAAA servers
Or Broadband Forum AAA server BBF AAA send the first certification request;
Authentication response receiving unit, for receiving the from the 3GPP aaa servers or the BBF aaa servers
One authentication response;
Authentication response retransmission unit, it is described to be forwarded for forwarding first authentication response to the WAP
The first authentication response in carry a UE identification information and a VLAN mark mapping relations.
In one embodiment of the invention, WAP and network control point have known the mark of a UE
With the mapping relations of VLAN marks, possess WAP and use described in a VLAN mark for marking
The ability of the data message that the first UE sends, possesses the VLAN that can be carried according to data message to make network control point
Mark determines the data message sent by a UE.
Description of the drawings
Fig. 1 show method schematic diagram in first embodiment of the invention;
Fig. 2 show method schematic diagram in second embodiment of the invention;
Fig. 3 show schematic device in third embodiment of the invention;
Fig. 4 show schematic device in fifth embodiment of the invention.
Specific embodiment
Below in conjunction with the accompanying drawings the present invention is launched with specific embodiment to describe in detail.But it is noted that these following realities
Example is applied, only helps understand technical scheme institute illustrated example, be not intended to limit the present invention.
The first embodiment of the present invention
101st, WAP receives first user equipment (English full name is User Equipment, and english abbreviation is UE)
The the first authentication protocol message for sending, the first authentication protocol message carries the identification information of a UE.According to one
Identification information, can uniquely determine a UE.WAP before the first authentication protocol message is received
Complete the certification of the carrier network being located to WAP.
The WAP can be access point (English full name is Access Point, and english abbreviation is AP) or integrated
(English is complete for the home gateway of AP (English full name is Residential Gateway, and english abbreviation is RG) or microcell base station
Referred to as Femtocell).
Preferably, the first authentication protocol message is that (English full name is Extensible to Extensible Authentication Protocol
Authentication Protocol, english abbreviation is EAP) message, the EAP messages can use different EAP authentication classes
Type, such as using the EAP authentication based on SIM.Preferably, the identification information of a UE is the SIM of a UE
Number, such as (English full name is Subscriber Identity Module, and english abbreviation is for client identification module in mobile phone
SIM) the card number of card.
102nd, WAP is that the identification information of a UE distributes the first VLAN (English full name is
Virtual Local Area Network, English abbreviation is VLAN) mark.
Due to the identification information according to a UE, a UE can be uniquely determined, therefore for the mark of a UE
Information is distributed VLAN marks and is actually assigned with VLAN marks for a UE.
After the VLAN marks are distributed, the identification information and a VLAN of a UE have been there is
The mapping relations of mark, that is, the mapping relations of a UE and VLAN marks.
Preferably, in the present embodiment, WAP can distribute different VLAN marks for each UE in multiple UE
Know, i.e., one UE mark and the 1 of a VLAN mark:1 mapping, the part or all of UE distribution in alternatively multiple UE is same
VLAN is identified, i.e., the N of N number of UE marks and a VLAN mark:1 mapping, wherein N is the quantity of the part or all of UE.
103rd, WAP sends the mapping relations that the identification information of a UE and a VLAN are identified
To network control point.
Alternatively, the WAP can (English full name be Remote using remote customer dialing authentication service
Authentication Dial In User Service, english abbreviation is RADIUS) protocol massages carrying the first UE
The mapping relations of identification information and VLAN marks, it is also possible to which (English full name is using DHCP
Dynamic Host Configuration Protocol, english abbreviation is DHCP) message carries the mark letter of a UE
The mapping relations of breath and VLAN marks, (English full name is Point to Point can also to use peer-peer protocol
Protocol, english abbreviation is PPP) mapping of message identification information and the VLAN mark that carries the UE closes
System.
When the mapping relations of identification information and the VLAN mark that a UE is carried using DHCP message,
The identification information and described first of the first UE is carried by option in DHCP message (English full name is Option) field
The mapping relations of VLAN marks.
Preferably, the Option fields can be the fields of Option 82.Many height defined in the fields of Option 82
Option, at least one proxy information field is included per individual sub- option, per three that the form of individual sub- option is sub- option/length/value
Tuple.The present embodiment is extended to the fields of Option 82.
A kind of extended mode includes:A new sub- option is defined, for carrying identification information and the institute of a UE
State the mapping relations of VLAN marks.
Another kind of extended mode includes:Two new sub- options are defined, one of them is used to carry the mark of a UE
Knowledge information, another is used to carry the VLAN marks.Because the two new sub- options belong to Option 82, because
The identification information of this UE and VLAN marks there are in fact mapping relations, i.e. Option 82 and carry
The mapping relations of the identification information of the first UE and VLAN marks.
The network control point can be wideband network gateway (English full name be Broadband Network Gateway,
English abbreviation is BNG) or (English full name is Access Controller, and english abbreviation is to be integrated with access controller
AC BNG).
The BNG be UE with Broadband Forum (English full name is Broad Band Forum, and english abbreviation is BBF) certification,
Authorize and charging (English full name is Authentication Authorization Accounting, and english abbreviation is AAA) clothes
(English full name is 3rd Generation Partnership Project, and English contracts for business device or third generation partner program
It is written as 3GPP) aaa server needs the agency that uses during carrying out user authentication.Wherein described BBF aaa servers are
Refer to fixed network aaa server.The BNG is also referred to as Broadband Remote Access Server, and (English full name is Broadband
Remote Access Server, english abbreviation is BRAS).
So, after the completion of step 103, WAP and network control point known the mark of a UE and
The mapping relations of the first VLAN mark, possess WAP and use described in a VLAN mark for marking the
The ability of the data message that one UE sends, possesses the VLAN marks that can be carried according to data message to make network control point
The data message sent by a UE is determined in knowledge.
Furthermore, it is necessary to explanation, in the present embodiment, " first " and/or " second " is not offered as sequencing relation.
Preferably, in this embodiment, WAP is described first after the data message for receiving UE transmissions
The data message that UE sends encapsulates VLAN mark, generates the first vlan data message, and by a VLAN numbers
Send to network control point according to message.
Alternatively, network control point was received and marked based on a UE before the first vlan data message is received
The first flow management strategy that knowledge is issued;The network control point identifies the mark of inquiry the first UE according to a UE
The mapping relations of information and VLAN marks, determine the first flow management strategy with the first vlan data report
Text is corresponding;The network control point is managed according to the first flow management strategy to the first vlan data message
Reason.
Alternatively, the network control point was received and is based on described first before the first vlan data message is received
The first flow management strategy that VLAN marks are issued;The network control point determines described first according to VLAN marks
Flow management strategy is corresponding with the first vlan data message;The network control point manages plan according to the first flow
Slightly the first vlan data message is managed.
Preferably, in this embodiment, WAP is described first after the protocol massages for receiving UE transmissions
The protocol massages that UE sends encapsulate the VLAN marks, generate a VLAN protocol massages, and a VLAN is assisted
View message is sent to network control point.
Alternatively, methods described can also include:The WAP sends described wireless to the network control point
Access point is the mapping relations of the public network port number of the UE distribution and VLAN marks.So, when the net
Network control point receives the public network port number that destination slogan is that the WAP is the UE distribution from network side
The first message of network side when, it may be determined that the message of the network side first is corresponding with the VLAN marks, so as to enter
One step determines that the first flow management strategy is corresponding with the message of the network side first according to VLAN marks.This
Sample, the network control point just can manage the message of network side first using the first flow management strategy.
Alternatively, methods described can also include:The WAP includes described to network control point transmission
WAP is a UE element groups of the public network IP address of the public network port number of the UE distribution and WAP
With the mapping relations of VLAN marks.So, it is when the network control point receives destination slogan from network side
The WAP is the public network port number of the UE distribution, and purpose IP address are the public network IP of the WAP
During first message of network side of address, it may be determined that the message of the network side first is corresponding with the VLAN marks, from
And further determine that the first flow management strategy is corresponding with the message of the network side first according to VLAN marks.
So, the network control point just can manage the message of network side first using the first flow management strategy.
From the foregoing, it will be observed that WAP can be from UE according to the mapping relations of the mark of the UE and VLAN marks
The data message packaging V LAN marks that side joint is received, network control point can determine number according to the VLAN marks that data message is carried
According to the corresponding UE of message.The data message that thus can be identified to belonging to different UE according to VLAN is managed respectively, so as to
Solve the problems, such as that fixed network can not be distinguished data flow based on UE and is managed in prior art.
The second embodiment of the present invention
201st, network control point (English full name is Broadband Network Gateway, and English abbreviation is BNG) is from nothing
Line access point receives the first authentication protocol message, and the first authentication protocol message carries first user equipment, and (English full name is
User Equipment, english abbreviation is UE) identification information.
Alternatively, the first authentication protocol message is that (English full name is Remote for remote customer dialing authentication service
Authentication Dial In User Service, english abbreviation is RADIUS) protocol massages.
The WAP can be access point (English full name is Access Point, and english abbreviation is AP) or integrated
(English is complete for the home gateway of AP (English full name is Residential Gateway, and english abbreviation is RG) or microcell base station
Referred to as Femtocell).
The network control point can be wideband network gateway (English full name be Broadband Network Gateway,
English abbreviation is BNG) or (English full name is Access Controller, and english abbreviation is to be integrated with access controller
AC BNG).
The BNG be UE with Broadband Forum (English full name is Broad Band Forum, and english abbreviation is BBF) certification,
Authorize and charging (English full name is Authentication Authorization Accounting, and english abbreviation is AAA) clothes
(English full name is 3rd Generation Partnership Project, and English contracts for business device or third generation partner program
It is written as 3GPP) aaa server needs the agency that uses during carrying out user authentication.Wherein described BBF aaa servers are
Refer to fixed network aaa server.The BNG is also referred to as Broadband Remote Access Server, and (English full name is Broadband
Remote Access Server, english abbreviation is BRAS).
202nd, network control point is that the identification information of a UE distributes the first VLAN (English full name is
Virtual Local Area Network, English abbreviation is VLAN) mark.
Due to the identification information according to a UE, a UE can be uniquely determined, therefore for the mark of a UE
Information is distributed VLAN marks and is actually assigned with VLAN marks for a UE.
After the VLAN marks are distributed, the identification information and a VLAN of a UE have been there is
The mapping relations of mark, that is, the mapping relations of a UE and VLAN marks.
Preferably, in the present embodiment, network control point can distribute different VLAN marks for each UE in multiple UE
Know, i.e., one UE mark and the 1 of a VLAN mark:1 mapping, the part or all of UE distribution in alternatively multiple UE is same
VLAN is identified, i.e., the N of N number of UE marks and a VLAN mark:1 mapping, wherein N is the quantity of the part or all of UE.
203rd, network control point sends the first certification request to 3GPP aaa servers or BBF aaa servers.
Alternatively, identification information and the VLAN mark of a UE can be carried in first certification request
The mapping relations of knowledge, it is also possible to do not carry the mapping relations of identification information and the VLAN mark of a UE.
204th, network control point receives the first authentication response from 3GPP aaa servers or BBF aaa servers.
When the mapping of identification information and the VLAN mark that a UE is carried in first certification request
During relation, the mapping that identification information and the VLAN mark of a UE is also carried in first authentication response is closed
System.
When reflecting for identification information and the VLAN mark that a UE is not carried in first certification request
When penetrating relation, do not carry in first authentication response yet a UE identification information and a VLAN mark reflect
Penetrate relation.
205th, network control point forwards first authentication response, first certification being forwarded to ring to WAP
Middle should carry the mapping relations of identification information and the VLAN mark of a UE.
Alternatively, when network control point rings from the first certification that 3GPP aaa servers or BBF aaa servers are received
Should in when having carried the mapping relations of identification information and VLAN mark of a UE, then network control point
The identification information and described first of a UE need not additionally be added during first authentication response is forwarded
The mapping relations of VLAN marks.
Alternatively, when network control point rings from the first certification that 3GPP aaa servers or BBF aaa servers are received
When the mapping relations of identification information and VLAN mark of a UE are not carried in answering, then network control point is needed
To be the mapping relations of identification information and the VLAN mark that first authentication response adds a UE, and will
The first authentication response for carrying the mapping relations of identification information and the VLAN mark of a UE is transmitted to nothing
Line access point.
After step 205 is completed, because network control point is assigned with the mark and a VLAN of a UE
The mapping relations of mark, and WAP is sent it to, therefore, possess WAP and use a VLAN
The data message ability that a UE described in mark for marking sends, possessing network control point can take according in data message
First VLAN of band identifies the ability to identifying the data message that a UE sends.
Furthermore, it is necessary to explanation, in the present embodiment, " first " and/or " second " is not offered as sequencing relation.
Alternatively, the network control point is receiving the first of carrying the first VLAN marks from the WAP
Before vlan data message, the first flow management strategy issued based on UE marks, the first-class buret are received
Reason strategy carries the UE marks;
The network control point identifies the identification information and described first of inquiry the first UE according to a UE
The mapping relations of VLAN marks, determine that the first flow management strategy is corresponding with the first vlan data message;
The network control point is managed according to the first flow management strategy to the first vlan data message.
Alternatively, the network control point is receiving the first of carrying the first VLAN marks from the WAP
Before vlan data message, the first flow management strategy issued based on VLAN marks, the first flow are received
Management strategy carries the VLAN marks;
The network control point determines the first flow management strategy and described first according to VLAN marks
Vlan data message is corresponding;
The network control point is managed according to the first flow management strategy to the first vlan data message.
Alternatively, the network control point further receives the public network end that the WAP is the UE distribution
Slogan;The network control point sets up the mapping relations of the public network port number of a UE and VLAN marks.This
Sample, when the network control point from network side receive destination slogan be the WAP be UE distribution
During first message of network side of public network port number, can be with reflecting that the public network port number of a UE and a VLAN are identified
The relation of penetrating determines that the message of the network side first is corresponding with the VLAN marks, so as to further according to described first
VLAN marks determine that the first flow management strategy is corresponding with the message of the network side first.So, the network control point
Just the message of network side first can be managed using the first flow management strategy.
Alternatively, the network control point further receives the public network end that the WAP is the UE distribution
The public network IP address of slogan and WAP;The network control point is set up includes the public network for UE distribution
The mapping relations of the first UE elements group of the public network IP address of port numbers and WAP and VLAN marks.This
Sample, when the network control point from network side receive destination slogan be the WAP be UE distribution
Public network port number, when purpose IP address are first message of network side of the public network IP address of the WAP, can basis
Including it is described for a UE distribution public network port number and WAP public network IP address a UE elements group and
The mapping relations of the first VLAN marks determine that the message of the network side first is corresponding with the VLAN marks, so as to
Further determine that the first flow management strategy is corresponding with the message of the network side first according to VLAN marks.This
Sample, the network control point just can manage the message of network side first using the first flow management strategy.
From the foregoing, it will be observed that when the network control point can identify the number that a UE sends from multiple data messages
After according to message, the network control point just can be managed to the data message that a UE sends, existing so as to solve
There is fixed network in technology that data flow and the problem being managed can not be distinguished based on UE.
The third embodiment of the present invention
Present embodiment discloses a kind of WAP 10, the WAP include protocol massages receiving unit 11,
VLAN ID allocation unit 12 and mapping relations transmitting element 13.
The protocol massages receiving unit 11 be used for receive first user equipment (English full name be User Equipment,
English abbreviation is UE) the first authentication protocol message for sending, the first authentication protocol message carries the mark of a UE
Information.According to an identification information, a UE can be uniquely determined.WAP is receiving first authentication protocol
The certification of the carrier network being located to WAP is had been completed before message.
The WAP can be access point (English full name is Access Point, and english abbreviation is AP) or integrated
(English is complete for the home gateway of AP (English full name is Residential Gateway, and english abbreviation is RG) or microcell base station
Referred to as Femtocell).
Preferably, the first authentication protocol message is that (English full name is Extensible to Extensible Authentication Protocol
Authentication Protocol, english abbreviation is EAP) message, the EAP messages can use different EAP authentication classes
Type, such as using the EAP authentication based on SIM.
Preferably, the identification information of a UE is the number of the SIM of a UE, such as client knows in mobile phone
The card number of other module (English full name is Subscriber Identity Module, and english abbreviation is SIM) card.
The VLAN ID allocation unit 12 is used to distribute the first virtual office for the identification information of a UE
Domain net (English full name is Virtual Local Area Network, and English abbreviation is VLAN) mark.
Due to the identification information according to a UE, a UE can be uniquely determined, therefore for the mark of a UE
Information is distributed VLAN marks and is actually assigned with VLAN marks for a UE.
After the VLAN marks are distributed, the identification information and a VLAN of a UE have been there is
The mapping relations of mark, that is, the mapping relations of a UE and VLAN marks.
Preferably, in the present embodiment, WAP can distribute different VLAN marks for each UE in multiple UE
Know, i.e., one UE mark and the 1 of a VLAN mark:1 mapping, the part or all of UE distribution in alternatively multiple UE is same
VLAN is identified, i.e., the N of N number of UE marks and a VLAN mark:1 mapping, wherein N is the quantity of the part or all of UE.
The mapping relations transmitting element 13 is used for identify the identification information of a UE and a VLAN
Mapping relations are sent to network control point.
Alternatively, the mapping relations transmitting element 13 can (English full name be using remote customer dialing authentication service
Remote Authentication Dial In User Service, english abbreviation is RADIUS) protocol massages carry described
The mapping relations of the identification information of the first UE and VLAN marks, it is also possible to using DHCP (English
Full name is Dynamic Host Configuration Protocol, and english abbreviation is DHCP) message carrying the first UE
The mapping relations of identification information and VLAN marks, (English full name is Point to can also to use peer-peer protocol
Point Protocol, english abbreviation is PPP) message carries identification information and the VLAN mark of the UE
Mapping relations.
When the mapping relations of identification information and the VLAN mark that a UE is carried using DHCP message,
The identification information and described first of the first UE is carried by option in DHCP message (English full name is Option) field
The mapping relations of VLAN marks.
Preferably, the Option fields can be the fields of Option 82.Many height defined in the fields of Option 82
Option, at least one proxy information field is included per individual sub- option, per three that the form of individual sub- option is sub- option/length/value
Tuple.The present embodiment is extended to the fields of Option 82.
A kind of extended mode includes:A new sub- option is defined, for carrying identification information and the institute of a UE
State the mapping relations of VLAN marks.
Another kind of extended mode includes:Two new sub- options are defined, one of them is used to carry the mark of a UE
Knowledge information, another is used to carry the VLAN marks.Because the two new sub- options belong to Option 82, because
The identification information of this UE and VLAN marks there are in fact mapping relations, i.e. Option 82 and carry
The mapping relations of the identification information of the first UE and VLAN marks.
The network control point can be wideband network gateway (English full name be Broadband Network Gateway,
English abbreviation is BNG) or (English full name is Access Controller, and english abbreviation is to be integrated with access controller
AC BNG).
The BNG be UE with Broadband Forum (English full name is Broad Band Forum, and english abbreviation is BBF) certification,
Authorize and charging (English full name is Authentication Authorization Accounting, and english abbreviation is AAA) clothes
(English full name is 3rd Generation Partnership Project, and English contracts for business device or third generation partner program
It is written as 3GPP) aaa server needs the agency that uses during carrying out user authentication.Wherein described BBF aaa servers are
Refer to fixed network aaa server.The BNG is also referred to as Broadband Remote Access Server, and (English full name is Broadband
Remote Access Server, english abbreviation is BRAS).
Because WAP is assigned with the mapping relations of the mark of a UE and VLAN marks, and will
It is sent to network control point, therefore WAP possesses using a UE described in a VLAN mark for marking
The data message for sending, so that network control point possesses the ability that can be identified.
Furthermore, it is necessary to explanation, in the present embodiment, " first " and/or " second " is not offered as sequencing relation.
Alternatively, the mapping relations transmitting element is additionally operable to send the WAP to the network control point and is
The public network port number of the first UE distribution and the mapping relations of VLAN marks.
Alternatively, the mapping relations transmitting element is additionally operable to be sent to the network control point includes the wireless access
Point for the public network IP address of the public network port number and WAP of UE distribution a UE elements group and described the
The mapping relations of one VLAN marks.
Preferably, in this embodiment, WAP also includes signal generating unit and data packet sending unit.
The signal generating unit is used for after the data message for receiving UE transmissions, is the data that a UE sends
Message encapsulates the VLAN marks, generates the first vlan data message;
The data message transmitting element is used to the first vlan data message is sent to the network control point.
Alternatively, the WAP also includes protocol massages signal generating unit and protocol massages transmitting element.
The protocol massages signal generating unit is used for after the protocol massages for receiving UE transmissions, is that a UE sends out
The data message for sending encapsulates the VLAN marks, generates a VLAN protocol massages;
The protocol massages transmitting element is used to a VLAN protocol massages are sent to the network control point.
Fourth embodiment of the invention
Fourth embodiment of the invention discloses a kind of network system, and the network system is included disclosed in 3rd embodiment
WAP and network control point.
Alternatively, the network control point can include the first management Policy receipt unit, the first query unit and first
Administrative unit.
The first Policy receipt unit was used for before the first vlan data message is received, and received based on described the
The first flow management strategy that one UE marks are issued;
First query unit is used to identify the identification information of inquiry the first UE and described according to a UE
The mapping relations of the first VLAN marks, determine that the first flow management strategy is corresponding with the first vlan data message;
First administrative unit is used to enter the first vlan data message according to the first flow management strategy
Row management.
Alternatively, alternatively, the network control point can include the second management Policy receipt unit, the second query unit
With the second administrative unit.
The second management Policy receipt unit was used for before the first vlan data message is received, and receives and is based on institute
State the first flow management strategy that VLAN marks are issued;
Second query unit is used to determine the first flow management strategy and institute according to VLAN marks
State the first vlan data message corresponding;
Second administrative unit is used for the network control point according to the first flow management strategy to described first
Vlan data message is managed.
In the present embodiment, WAP can be according to the mapping relations of the mark of the UE and VLAN marks
From the data message packaging V LAN marks that UE side joints are received, network control point can be identified come really according to the VLAN that data message is carried
Determine the corresponding UE of data message.The data message that thus can be identified to belonging to different UE according to VLAN is managed respectively,
Fixed network can not be distinguished data flow based on UE and is managed in so as to solve the problems, such as prior art.
The fifth embodiment of the present invention
(English full name is Broadband Network Gateway, English present embodiment discloses a kind of network control point 20
Text is referred to as BNG), the network control point includes protocol massages receiving unit 21, VLAN ID allocation unit 22, recognizes
Card request transmitting unit 23, authentication response receiving unit 24 and authentication response retransmission unit 25.
The protocol massages receiving unit 21 is used to receive the first authentication protocol message from WAP, and described first recognizes
Card protocol massages carry the identification information of first user equipment (English full name is User Equipment, and english abbreviation is UE).
Alternatively, the first authentication protocol message is that (English full name is Remote for remote customer dialing authentication service
Authentication Dial In User Service, english abbreviation is RADIUS) protocol massages.
The WAP can be access point (English full name is Access Point, and english abbreviation is AP) or integrated
(English is complete for the home gateway of AP (English full name is Residential Gateway, and english abbreviation is RG) or microcell base station
Referred to as Femtocell).
The network control point can be wideband network gateway (English full name be Broadband Network Gateway,
English abbreviation is BNG) or (English full name is Access Controller, and english abbreviation is to be integrated with access controller
AC BNG).
The BNG be UE with Broadband Forum (English full name is Broad Band Forum, and english abbreviation is BBF) certification,
Authorize and charging (English full name is Authentication Authorization Accounting, and english abbreviation is AAA) clothes
(English full name is 3rd Generation Partnership Project, and English contracts for business device or third generation partner program
It is written as 3GPP) aaa server needs the agency that uses during carrying out user authentication.Wherein described BBF aaa servers are
Refer to fixed network aaa server.The BNG is also referred to as Broadband Remote Access Server, and (English full name is Broadband
Remote Access Server, english abbreviation is BRAS).
The VLAN ID allocation unit 22 is used to distribute the first virtual office for the identification information of a UE
Domain net (English full name is Virtual Local Area Network, and English abbreviation is VLAN) mark.
Due to the identification information according to a UE, a UE can be uniquely determined, therefore for the mark of a UE
Information is distributed VLAN marks and is actually assigned with VLAN marks for a UE.
After the VLAN marks are distributed, the identification information and a VLAN of a UE have been there is
The mapping relations of mark, that is, the mapping relations of a UE and VLAN marks.
Preferably, in the present embodiment, the VLAN ID allocation unit 22 can be each in multiple UE
UE distributes the 1 of different VLAN marks, i.e., one UE mark and a VLAN mark:1 mapping, the part in alternatively multiple UE
Or whole UE distributes the N of same VLAN marks, i.e., N number of UE marks and a VLAN mark:1 mapping, wherein N is the part
Or the quantity of whole UE.
The certification request transmitting element 23 is used to recognize to 3GPP aaa servers or BBF aaa servers transmission first
Card request.
Alternatively, identification information and the VLAN mark of a UE can be carried in first certification request
The mapping relations of knowledge, it is also possible to do not carry the mapping relations of identification information and the VLAN mark of a UE.
The authentication response receiving unit 24 is used to from 3GPP aaa servers or BBF aaa servers reception first recognize
Card response.
When the mapping of identification information and the VLAN mark that a UE is carried in first certification request
During relation, the mapping that identification information and the VLAN mark of a UE is also carried in first authentication response is closed
System.
When reflecting for identification information and the VLAN mark that a UE is not carried in first certification request
When penetrating relation, do not carry in first authentication response yet a UE identification information and a VLAN mark reflect
Penetrate relation.
The authentication response retransmission unit 25 is used to forward first authentication response to WAP, described to be forwarded
The first authentication response in carry a UE identification information and a VLAN mark mapping relations.
Alternatively, when network control point rings from the first certification that 3GPP aaa servers or BBF aaa servers are received
When the mapping relations of identification information and VLAN mark of a UE have been carried in answering, then the certification rings
Retransmission unit 25 is answered additionally to add the identification information of a UE during first authentication response is forwarded
With the mapping relations of VLAN marks.
Alternatively, when network control point rings from the first certification that 3GPP aaa servers or BBF aaa servers are received
Should in when not carrying the mapping relations of identification information and VLAN mark of a UE, then the authentication response
Retransmission unit 25 needs what the identification information and a VLAN that add a UE for first authentication response were identified
Mapping relations, and the first certification of the mapping relations of identification information and the VLAN mark of a UE will be carried
Response is transmitted to WAP.
Because network control point is assigned with the mapping relations of the mark of a UE and VLAN marks, and will
It is sent to WAP, therefore, possess WAP and use first described in a VLAN mark for marking
The data message ability that UE sends, possessing network control point can be according to the VLAN mark carried in data message
Know the ability to identifying the data message that a UE sends.
Furthermore, it is necessary to explanation, in the present embodiment, " first " and/or " second " is not offered as sequencing relation.
Alternatively, the network control point also includes that unit is set up in the first receiving unit and mapping relations configuration.Described
One receiving unit is used to receive the public network port number that the WAP is the UE distribution, the mapping relations configuration
Unit is set up for setting up the mapping relations of public network port number and the VLAN mark of a UE.Or, it is described
First receiving unit is used to receive the public network port number and WAP that the WAP is the UE distribution
Public network IP address, mapping relations configuration set up unit for set up include it is described for a UE distribute public network port number with
The mapping relations of the first UE elements group of the public network IP address of WAP and VLAN marks.
Alternatively, the network control point also includes the first management Policy receipt unit, the first query unit and first pipe
Reason unit.
The first management Policy receipt unit is used to receive carrying the first VLAN marks from the WAP
Before the first vlan data message known, receive based on the UE first flow management strategies that issue of mark, described the
One flow management strategy carries the UE marks;
First query unit is used to identify the identification information of inquiry the first UE and described according to a UE
The mapping relations of the first VLAN marks, determine that the first flow management strategy is corresponding with the first vlan data message;
First administrative unit is used to enter the first vlan data message according to the first flow management strategy
Row management.
Alternatively, the network control point also includes the second management Policy receipt unit, the second query unit and second pipe
Reason unit.
The second management Policy receipt unit is used to receive carrying the first VLAN marks from the WAP
Before the first vlan data message known, the first flow management strategy issued based on VLAN marks is received, it is described
First flow management strategy carries the VLAN marks;
Second query unit is used to determine the first flow management strategy and institute according to VLAN marks
State the first vlan data message corresponding;
Second administrative unit is used to enter the first vlan data message according to the first flow management strategy
Row management.
From the foregoing, it will be observed that when the network control point can identify the number that a UE sends from multiple data messages
After according to message, the network control point just can be managed to the data message that a UE sends, existing so as to solve
There is fixed network in technology that data flow and the problem being managed can not be distinguished based on UE.
Additionally, the unit disclosed in each embodiment of the invention can be hardware cell, software list can be
Unit, the unit that can also be combined into for hardware and software.
One of ordinary skill in the art will appreciate that:Realizing all or part of step of said method embodiment can pass through
Completing, aforesaid program can be stored in a computer read/write memory medium the related hardware of programmed instruction, the program
Upon execution, the step of including said method embodiment is performed;And aforesaid storage medium includes:ROM, RAM, magnetic disc or light
Disk etc. is various can be with the medium of store program codes.
The above, the only present invention preferably specific embodiment, but protection scope of the present invention is not limited thereto,
It is any be familiar with the people of the technology disclosed herein technical scope in, the change or replacement that can be readily occurred in all should be covered
Within protection scope of the present invention.
Claims (44)
1. a kind of method of configuring virtual LAN vlan information, it is characterised in that include:
WAP receives the first certification association that first user equipment UE is sent when by fixed network access to mobile network
View message, the first authentication protocol message carries the identification information of a UE;
The WAP is that the identification information of a UE distributes the first virtual LAN VLAN mark;
The mapping relations that the identification information of the first UE and a VLAN are identified are sent to net by the WAP
Network control point;
The WAP is that the data message that a UE sends is sealed after the data message for receiving UE transmissions
The VLAN marks are filled, the first vlan data message is generated, and the first vlan data message is sent to the net
Network control point, makes VLAN mark of the network control point in the first vlan data message determine by described
The data message that first UE sends.
2. method according to claim 1, it is characterised in that methods described also includes:
The WAP sends the public network end that the WAP is the UE distribution to the network control point
The mapping relations of slogan and VLAN marks;
Or,
The WAP sends the public affairs for including that the WAP is the UE distribution to the network control point
The mapping of the first UE elements group of the public network IP address of net port numbers and the WAP and VLAN marks is closed
System.
3. method according to claim 1 and 2, it is characterised in that methods described also includes:
The WAP receives the second authentication protocol message that the 2nd UE sends, and the second authentication protocol message carries institute
State the identification information of the 2nd UE;
The WAP is that the identification information of the 2nd UE distributes the VLAN marks;
The mapping relations that the identification information of the 2nd UE and a VLAN are identified are sent to net by the WAP
Network control point.
4. method according to claim 1 and 2, it is characterised in that
The WAP services the mark that radius protocol message carries a UE using remote customer dialing authentication
The mapping relations of information and VLAN marks;
Or,
The WAP carries the identification information of the UE and described using dynamic host configuration protocol DHCP message
The mapping relations of the first VLAN marks;
Or,
The WAP carries the identification information and a VLAN of a UE using peer-peer protocol PPP messages
The mapping relations of mark.
5. according to the method described in claim 3, it is characterised in that
The WAP services the mark that radius protocol message carries a UE using remote customer dialing authentication
The mapping relations of information and VLAN marks;
Or,
The WAP carries the identification information of the UE and described using dynamic host configuration protocol DHCP message
The mapping relations of the first VLAN marks;
Or,
The WAP carries the identification information and a VLAN of a UE using peer-peer protocol PPP messages
The mapping relations of mark.
6. method according to claim 1, it is characterised in that methods described also includes:
The network control point received what is issued based on UE marks before the first vlan data message is received
First flow management strategy, the first flow management strategy carries the UE marks;
The network control point identifies the identification information and VLAN marks of inquiry the first UE according to a UE
The mapping relations of knowledge, determine that the first flow management strategy is corresponding with the first vlan data message;
The network control point is managed according to the first flow management strategy to the first vlan data message.
7. method according to claim 3, it is characterised in that methods described also includes:
The network control point received what is issued based on UE marks before the first vlan data message is received
First flow management strategy, the first flow management strategy carries the UE marks;
The network control point identifies the identification information and VLAN marks of inquiry the first UE according to a UE
The mapping relations of knowledge, determine that the first flow management strategy is corresponding with the first vlan data message;
The network control point is managed according to the first flow management strategy to the first vlan data message.
8. method according to claim 4, it is characterised in that methods described also includes:
The network control point received what is issued based on UE marks before the first vlan data message is received
First flow management strategy, the first flow management strategy carries the UE marks;
The network control point identifies the identification information and VLAN marks of inquiry the first UE according to a UE
The mapping relations of knowledge, determine that the first flow management strategy is corresponding with the first vlan data message;
The network control point is managed according to the first flow management strategy to the first vlan data message.
9. method according to claim 1, it is characterised in that methods described also includes:
The network control point was received and issued based on VLAN marks before the first vlan data message is received
First flow management strategy, the first flow management strategy carries the UE marks;
The network control point determines the first flow management strategy and a VLAN according to VLAN marks
Data message is corresponding;
The network control point is managed according to the first flow management strategy to the first vlan data message.
10. method according to claim 3, it is characterised in that methods described also includes:
The network control point was received and issued based on VLAN marks before the first vlan data message is received
First flow management strategy, the first flow management strategy carries the UE marks;
The network control point determines the first flow management strategy and a VLAN according to VLAN marks
Data message is corresponding;
The network control point is managed according to the first flow management strategy to the first vlan data message.
11. methods according to claim 4, it is characterised in that methods described also includes:
The network control point was received and issued based on VLAN marks before the first vlan data message is received
First flow management strategy, the first flow management strategy carries the UE marks;
The network control point determines the first flow management strategy and a VLAN according to VLAN marks
Data message is corresponding;
The network control point is managed according to the first flow management strategy to the first vlan data message.
12. methods according to any one of claim 1,2 or 5, it is characterised in that methods described also includes:
The WAP is the UE protocol massages encapsulation after a UE protocol massages are generated for a UE
The first VLAN marks, generate a VLAN protocol massages, and a VLAN protocol massages are sent to the network
Control point.
13. methods according to claim 3, it is characterised in that methods described also includes:
The WAP is the UE protocol massages encapsulation after a UE protocol massages are generated for a UE
The first VLAN marks, generate a VLAN protocol massages, and a VLAN protocol massages are sent to the network
Control point.
14. methods according to claim 4, it is characterised in that methods described also includes:
The WAP is the UE protocol massages encapsulation after a UE protocol massages are generated for a UE
The first VLAN marks, generate a VLAN protocol massages, and a VLAN protocol massages are sent to the network
Control point.
A kind of 15. methods of configuring virtual LAN vlan information, it is characterised in that include:
Network control point receives the first authentication protocol message from WAP, and the first authentication protocol message carries first and uses
The identification information of family equipment UE;
The network control point is that the identification information of a UE distributes the first virtual LAN VLAN mark;
The network control point to third generation partner program authentication, authorization, accounting 3GPP aaa servers or broadband are discussed
Altar AAA server BBF AAA send the first certification request;
The network control point receives the first authentication response from the 3GPP aaa servers or the BBF aaa servers;
The network control point to the WAP forwards first authentication response, first certification being forwarded to ring
Middle should carry the mapping relations of identification information and the VLAN mark of a UE.
16. methods according to claim 15, it is characterised in that methods described also includes:
The network control point receives the public network port number that the WAP is the UE distribution;
The network control point sets up the mapping relations of the public network port number of a UE and VLAN marks;
Or,
The network control point receives the public network port number and WAP that the WAP is the UE distribution
Public network IP address;
The network control point sets up the public network for including the public network port number for UE distribution and WAP
The mapping relations of the first UE elements group of IP address and VLAN marks.
17. methods according to claim 15 or 16, it is characterised in that methods described also includes:
The network control point receives the second authentication protocol message from the WAP, and the second authentication protocol message is taken
Identification information with second user equipment UE;
The network control point is that the identification information of the 2nd UE distributes the VLAN marks;
The network control point to the 3GPP aaa servers or the BBF AAA send the second certification request;
The network control point receives the second authentication response from the 3GPP aaa servers or the BBF aaa servers;
The network control point to the WAP forwards second authentication response, second certification being forwarded to ring
Middle should carry the mapping relations of identification information and the VLAN mark of the 2nd UE.
18. methods according to claim 15 or 16, it is characterised in that
The first authentication protocol message is that remote customer dialing authentication services radius protocol message.
19. methods according to claim 17, it is characterised in that
The first authentication protocol message is that remote customer dialing authentication services radius protocol message.
20. methods according to claim 15,16 or any one of 19, methods described also includes:
The network control point carries the first vlan data report of the VLAN marks receiving from the WAP
Before text, the first flow management strategy issued based on UE marks is received, the first flow management strategy is carried
The first UE marks;
The network control point identifies the identification information and VLAN marks of inquiry the first UE according to a UE
The mapping relations of knowledge, determine that the first flow management strategy is corresponding with the first vlan data message;
The network control point is managed according to the first flow management strategy to the first vlan data message.
21. methods according to claim 17, methods described also includes:
The network control point carries the first vlan data report of the VLAN marks receiving from the WAP
Before text, the first flow management strategy issued based on UE marks is received, the first flow management strategy is carried
The first UE marks;
The network control point identifies the identification information and VLAN marks of inquiry the first UE according to a UE
The mapping relations of knowledge, determine that the first flow management strategy is corresponding with the first vlan data message;
The network control point is managed according to the first flow management strategy to the first vlan data message.
22. methods according to claim 18, methods described also includes:
The network control point carries the first vlan data report of the VLAN marks receiving from the WAP
Before text, the first flow management strategy issued based on UE marks is received, the first flow management strategy is carried
The first UE marks;
The network control point identifies the identification information and VLAN marks of inquiry the first UE according to a UE
The mapping relations of knowledge, determine that the first flow management strategy is corresponding with the first vlan data message;
The network control point is managed according to the first flow management strategy to the first vlan data message.
23. methods according to claim 15,16 or any one of 19, methods described also includes:
The network control point carries the first vlan data report of the VLAN marks receiving from the WAP
Before text, the first flow management strategy issued based on VLAN marks is received, the first flow management strategy is taken
With VLAN marks;
The network control point determines the first flow management strategy and a VLAN according to VLAN marks
Data message is corresponding;
The network control point is managed according to the first flow management strategy to the first vlan data message.
24. methods according to claim 17, methods described also includes:
The network control point carries the first vlan data report of the VLAN marks receiving from the WAP
Before text, the first flow management strategy issued based on VLAN marks is received, the first flow management strategy is taken
With VLAN marks;
The network control point determines the first flow management strategy and a VLAN according to VLAN marks
Data message is corresponding;
The network control point is managed according to the first flow management strategy to the first vlan data message.
25. methods according to claim 18, methods described also includes:
The network control point carries the first vlan data report of the VLAN marks receiving from the WAP
Before text, the first flow management strategy issued based on VLAN marks is received, the first flow management strategy is taken
With VLAN marks;
The network control point determines the first flow management strategy and a VLAN according to VLAN marks
Data message is corresponding;
The network control point is managed according to the first flow management strategy to the first vlan data message.
26. a kind of WAPs, it is characterised in that include:
Protocol massages receiving unit, for receiving what first user equipment UE was sent when by fixed network access to mobile network
First authentication protocol message, the first authentication protocol message carries the identification information of a UE;
VLAN ID allocation unit, for distributing the first virtual LAN VLAN mark for the identification information of a UE
Know;
Mapping relations transmitting element, for the mapping relations that the identification information of a UE and a VLAN are identified to be sent out
Give network control point;
Signal generating unit, the data message for after the data message for receiving UE transmissions, being the UE transmissions is sealed
The VLAN marks are filled, the first vlan data message is generated;
Data message transmitting element, for the first vlan data message to be sent to the network control point, makes the net
VLAN mark of the network control point in the first vlan data message determines the data sent by a UE
Message.
27. WAPs according to claim 26, it is characterised in that
It is a UE that the mapping relations transmitting element is additionally operable to send the WAP to the network control point
The mapping relations of the public network port number of distribution and VLAN marks;
Or,
The mapping relations transmitting element is additionally operable to be sent to the network control point includes that the WAP is described the
The first UE elements group and VLAN marks of the public network port number of one UE distribution and the public network IP address of WAP
Mapping relations.
28. WAPs according to claim 26 or 27, it is characterised in that
The protocol massages receiving unit is additionally operable to receive the second authentication protocol message that the 2nd UE sends, the second certification association
View message carries the identification information of the 2nd UE;
The VLAN ID allocation unit is additionally operable to distribute the VLAN marks for the identification information of the 2nd UE
Know;
The mapping relations transmitting element is additionally operable to the mapping for identifying the identification information of the 2nd UE and a VLAN
Relation is sent to network control point.
29. WAPs according to claim 26 or 27, it is characterised in that
The mapping relations transmitting element carries a UE using remote customer dialing authentication service radius protocol message
Identification information and a VLAN mark mapping relations;
Or,
The mapping relations transmitting element carries the identification information of a UE using dynamic host configuration protocol DHCP message
With the mapping relations of VLAN marks;
Or,
The mapping relations transmitting element carries the identification information and described the of the UE using peer-peer protocol PPP messages
The mapping relations of one VLAN marks.
30. WAPs according to claim 28, it is characterised in that
The mapping relations transmitting element carries a UE using remote customer dialing authentication service radius protocol message
Identification information and a VLAN mark mapping relations;
Or,
The mapping relations transmitting element carries the identification information of a UE using dynamic host configuration protocol DHCP message
With the mapping relations of VLAN marks;
Or,
The mapping relations transmitting element carries the identification information and described the of the UE using peer-peer protocol PPP messages
The mapping relations of one VLAN marks.
31. WAPs according to any one of claim 26,27 or 30, it is characterised in that the wireless access
Point also includes:
Protocol massages signal generating unit, for after the protocol massages for receiving UE transmissions, being number that the UE sends
The VLAN marks are encapsulated according to message, a VLAN protocol massages are generated;
Protocol massages transmitting element, for a VLAN protocol massages to be sent to the network control point.
32. WAPs according to claim 28, it is characterised in that the WAP also includes:
Protocol massages signal generating unit, for after the protocol massages for receiving UE transmissions, being number that the UE sends
The VLAN marks are encapsulated according to message, a VLAN protocol massages are generated;
Protocol massages transmitting element, for a VLAN protocol massages to be sent to the network control point.
33. WAPs according to claim 29, it is characterised in that the WAP also includes:
Protocol massages signal generating unit, for after the protocol massages for receiving UE transmissions, being number that the UE sends
The VLAN marks are encapsulated according to message, a VLAN protocol massages are generated;
Protocol massages transmitting element, for a VLAN protocol massages to be sent to the network control point.
34. a kind of network control points, it is characterised in that include:
Protocol massages receiving unit, for receiving the first authentication protocol message, the first authentication protocol report from WAP
Text carries the identification information of first user equipment UE;
VLAN ID allocation unit, for distributing the first virtual LAN VLAN mark for the identification information of a UE
Know;
Certification request transmitting element, for third generation partner program authentication, authorization, accounting 3GPPAAA servers or
Broadband Forum AAA server BBF AAA send the first certification request;
Authentication response receiving unit, recognizes for receiving first from the 3GPP aaa servers or the BBF aaa servers
Card response;
Authentication response retransmission unit, for forwarding first authentication response to the WAP, it is described be forwarded the
The mapping relations of identification information and the VLAN mark of a UE are carried in one authentication response.
35. network control points according to claim 34, it is characterised in that the network control point is also received including first
Unit is set up in unit and mapping relations configuration,
First receiving unit is used to receive the public network port number that the WAP is the UE distribution;
What the public network port number and a VLAN that mapping relations configuration sets up unit for setting up a UE was identified reflects
Penetrate relation;
Or,
First receiving unit is used to receiving the public network port number that the WAP is UE distribution and wireless
The public network IP address of access point;
Mapping relations configuration set up unit for set up include it is described for a UE distribute public network port number and wirelessly connect
The mapping relations of the first UE elements group of the public network IP address of access point and VLAN marks.
36. network control points according to claim 34 or 35, it is characterised in that
The protocol massages receiving unit is additionally operable to receive the second authentication protocol message from the WAP, and described second recognizes
Card protocol massages carry the identification information of second user equipment UE;
The VLAN ID allocation unit is additionally operable to distribute the VLAN marks for the identification information of the 2nd UE
Know;
The certification request transmitting element is additionally operable to send the second certification to the 3GPP aaa servers or the BBF AAA
Request;
The authentication response receiving unit is additionally operable to receive the from the 3GPP aaa servers or the BBF aaa servers
Two authentication responses;
The authentication response retransmission unit is additionally operable to forward second authentication response to the WAP, described to be forwarded
The second authentication response in carry the 2nd UE identification information and a VLAN mark mapping relations.
37. network control points according to claim 34 or 35, it is characterised in that
The first authentication protocol message is that remote customer dialing authentication services radius protocol message.
38. according to the network control point described in claim 36, it is characterised in that
The first authentication protocol message is that remote customer dialing authentication services radius protocol message.
39. network control points according to claim 34,35 or any one of 38, it is characterised in that also include:
First management Policy receipt unit, for receiving the first of carrying the first VLAN marks from the WAP
Before vlan data message, the first flow management strategy issued based on UE marks, the first-class buret are received
Reason strategy carries the UE marks;
First query unit, for identifying the identification information and a VLAN of inquiry the first UE according to a UE
The mapping relations of mark, determine that the first flow management strategy is corresponding with the first vlan data message;
First administrative unit, is managed according to the first flow management strategy to the first vlan data message.
40. network control points according to claim 36, it is characterised in that also include:
First management Policy receipt unit, for receiving the first of carrying the first VLAN marks from the WAP
Before vlan data message, the first flow management strategy issued based on UE marks, the first-class buret are received
Reason strategy carries the UE marks;
First query unit, for identifying the identification information and a VLAN of inquiry the first UE according to a UE
The mapping relations of mark, determine that the first flow management strategy is corresponding with the first vlan data message;
First administrative unit, is managed according to the first flow management strategy to the first vlan data message.
41. network control points according to claim 37, it is characterised in that also include:
First management Policy receipt unit, for receiving the first of carrying the first VLAN marks from the WAP
Before vlan data message, the first flow management strategy issued based on UE marks, the first-class buret are received
Reason strategy carries the UE marks;
First query unit, for identifying the identification information and a VLAN of inquiry the first UE according to a UE
The mapping relations of mark, determine that the first flow management strategy is corresponding with the first vlan data message;
First administrative unit, is managed according to the first flow management strategy to the first vlan data message.
42. network control points according to claim 34,35 or any one of 38, it is characterised in that also include:
Second management Policy receipt unit, for receiving the first of carrying the first VLAN marks from the WAP
Before vlan data message, the first flow management strategy issued based on VLAN marks, the first flow are received
Management strategy carries the VLAN marks;
Second query unit, for determining the first flow management strategy and described first according to VLAN marks
Vlan data message is corresponding;
Second administrative unit, for being managed to the first vlan data message according to the first flow management strategy.
43. network control points according to claim 36, it is characterised in that also include:
Second management Policy receipt unit, for receiving the first of carrying the first VLAN marks from the WAP
Before vlan data message, the first flow management strategy issued based on VLAN marks, the first flow are received
Management strategy carries the VLAN marks;
Second query unit, for determining the first flow management strategy and described first according to VLAN marks
Vlan data message is corresponding;
Second administrative unit, for being managed to the first vlan data message according to the first flow management strategy.
44. network control points according to claim 37, it is characterised in that also include:
Second management Policy receipt unit, for receiving the first of carrying the first VLAN marks from the WAP
Before vlan data message, the first flow management strategy issued based on VLAN marks, the first flow are received
Management strategy carries the VLAN marks;
Second query unit, for determining the first flow management strategy and described first according to VLAN marks
Vlan data message is corresponding;
Second administrative unit, for being managed to the first vlan data message according to the first flow management strategy.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201110341796.3A CN103095654B (en) | 2011-10-31 | 2011-11-02 | Virtual local area network (VLAN) configuration method, wireless access point and network control point |
Applications Claiming Priority (4)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201110337966.0 | 2011-10-31 | ||
| CN201110337966 | 2011-10-31 | ||
| CN2011103379660 | 2011-10-31 | ||
| CN201110341796.3A CN103095654B (en) | 2011-10-31 | 2011-11-02 | Virtual local area network (VLAN) configuration method, wireless access point and network control point |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN103095654A CN103095654A (en) | 2013-05-08 |
| CN103095654B true CN103095654B (en) | 2017-04-26 |
Family
ID=48207796
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201110341796.3A Active CN103095654B (en) | 2011-10-31 | 2011-11-02 | Virtual local area network (VLAN) configuration method, wireless access point and network control point |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103095654B (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106921473A (en) * | 2015-12-28 | 2017-07-04 | 华为技术有限公司 | A kind of data transmission method and relevant device of track traffic WLAN |
Families Citing this family (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104639360B (en) * | 2013-11-14 | 2019-03-29 | 中兴通讯股份有限公司 | The method and network element device of network is added in a kind of control network element device |
| CN106105380B (en) * | 2014-03-05 | 2020-02-14 | 华为技术有限公司 | Data forwarding control method, system, controller and access device |
| CN104065552B (en) * | 2014-06-26 | 2017-06-23 | 福建星网锐捷网络有限公司 | A kind of data transmission method and equipment |
| CN104506667B (en) * | 2014-12-22 | 2018-10-12 | 迈普通信技术股份有限公司 | A kind of distribution method and device of port resource, user authentication management device |
| CN107733764B (en) * | 2016-08-11 | 2020-10-09 | 中国电信股份有限公司 | Method, system and related equipment for establishing virtual extensible local area network tunnel |
| CN107920004B (en) * | 2016-10-11 | 2022-07-08 | 中兴通讯股份有限公司 | Network connection method, device and system of gateway |
| CN108370595B (en) * | 2016-10-28 | 2021-09-28 | 慧与发展有限责任合伙企业 | Multi-connection access point |
| CN110650076B (en) | 2018-06-26 | 2021-12-24 | 华为技术有限公司 | VXLAN implementation method, network equipment and communication system |
| CN112333711B (en) * | 2020-10-30 | 2022-04-01 | 新华三大数据技术有限公司 | Wireless network providing method, device and storage medium |
| CN114500175B (en) * | 2022-02-21 | 2022-09-16 | 北京至周科技有限公司 | Communication method for reversely dividing home VLAN based on IP address of user equipment |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101087251A (en) * | 2007-06-30 | 2007-12-12 | 华为技术有限公司 | A message forwarding method, system and communication device |
| CN101227477A (en) * | 2008-02-01 | 2008-07-23 | 中兴通讯股份有限公司 | Method for implementing subscriber terminal access authentication |
| CN101237378A (en) * | 2008-03-11 | 2008-08-06 | 杭州华三通信技术有限公司 | Mapping method and device of virtual LAN |
Family Cites Families (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP4738901B2 (en) * | 2005-06-07 | 2011-08-03 | 株式会社日立製作所 | VLANID dynamic allocation method and packet transfer apparatus |
| CN101252587B (en) * | 2008-04-18 | 2011-04-13 | 杭州华三通信技术有限公司 | User terminal access right identifying method and apparatus |
| CN102215515B (en) * | 2010-04-07 | 2013-12-04 | 华为技术有限公司 | Data processing method, communication system and related equipment |
-
2011
- 2011-11-02 CN CN201110341796.3A patent/CN103095654B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101087251A (en) * | 2007-06-30 | 2007-12-12 | 华为技术有限公司 | A message forwarding method, system and communication device |
| CN101227477A (en) * | 2008-02-01 | 2008-07-23 | 中兴通讯股份有限公司 | Method for implementing subscriber terminal access authentication |
| CN101237378A (en) * | 2008-03-11 | 2008-08-06 | 杭州华三通信技术有限公司 | Mapping method and device of virtual LAN |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106921473A (en) * | 2015-12-28 | 2017-07-04 | 华为技术有限公司 | A kind of data transmission method and relevant device of track traffic WLAN |
| CN106921473B (en) * | 2015-12-28 | 2020-03-31 | 华为技术有限公司 | Data transmission method of rail transit wireless local area network and related equipment |
Also Published As
| Publication number | Publication date |
|---|---|
| CN103095654A (en) | 2013-05-08 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103095654B (en) | Virtual local area network (VLAN) configuration method, wireless access point and network control point | |
| CN109548008B (en) | Method and equipment for identifying and controlling remote user equipment by network side | |
| US7920518B2 (en) | System and method for concurrently utilizing multiple system identifiers | |
| US7522907B2 (en) | Generic wlan architecture | |
| US7016361B2 (en) | Virtual switch in a wide area network | |
| CN102045314B (en) | The method of anonymous communication, register method, information transceiving method and system | |
| JP4616732B2 (en) | Packet transfer device | |
| CN101766017B (en) | Apparatus and method to support VOIP calls for mobile subscriber stations | |
| US8396027B2 (en) | Communication control system, communication system and communication control method | |
| JPH11289353A (en) | Accounting system for network | |
| JP2000022758A (en) | Interworking function selection system in network | |
| JPH11331276A (en) | Registration method for network | |
| JPH11275155A (en) | Message in network and communications system | |
| JPH11275154A (en) | Message distribution sequence | |
| JPH11275156A (en) | Communication using pier-to-pier protocol server | |
| CN103546984A (en) | Method and equipment for accessing mobile communication system | |
| CN103004155B (en) | Process is through the Network of fixing access | |
| CN102695236B (en) | A kind of data routing method and system | |
| CN102202389B (en) | A kind of method and system gateway being realized to management | |
| CN101656964B (en) | The implementation method of Wi-Fi metropolitan area network and home gateway | |
| CN1192565C (en) | Internet access method based on radio block network gateway | |
| Leu et al. | Running cellular/PWLAN services: practical considerations for cellular/PWLAN architecture supporting interoperator roaming | |
| CN100579070C (en) | Method and system of implementing network access | |
| CN1671119A (en) | Method and system for transparently and safely interconnecting WLAN radio access network with GPRS/GSM core network | |
| CN103975641B (en) | A kind of session establishing method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |