CN103347010A - Access authentication processing method of multi-service-provider PPPoE in zone network - Google Patents
Access authentication processing method of multi-service-provider PPPoE in zone network Download PDFInfo
- Publication number
- CN103347010A CN103347010A CN2013102479035A CN201310247903A CN103347010A CN 103347010 A CN103347010 A CN 103347010A CN 2013102479035 A CN2013102479035 A CN 2013102479035A CN 201310247903 A CN201310247903 A CN 201310247903A CN 103347010 A CN103347010 A CN 103347010A
- Authority
- CN
- China
- Prior art keywords
- bag
- access device
- service
- session
- pppoe
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Abstract
The invention discloses an access authentication processing method of multi-service-provider PPPoE in a zone network. The method comprises the following steps that step1, a subscriber main station sends out a PADI packet to request needed services from an access device; step2, after the access device receives the PADI packet within a service range, PADO packets are sent out to respond to the request; step3, the subscriber main station selects an appropriate access device from a plurality of PADO packets, and then a PADR packet is sent to the selected access device, and the service type requested from the access device is determined; step4, the access device is ready for launching a PPP conversation after receiving the PADR packet, the access device sends out a PADS packet, and after the subscriber main station receives PADS packet confirmation, two parties enter a PPP conversation stage. According to the access authentication processing method, co-construction and sharing of resources of circuits is achieved, waste of software and hardware resources of the circuits is avoided, cost is saved, and great convenience is achieved.
Description
Technical field
The present invention relates to a kind of access authentication processing method of Internet service provider, be specifically related to the access authentication processing method of the PPPoE of many service providers in a kind of garden network.
Background technology
PPP (Point-to-Point Protocol peer-peer protocol), a kind of two-layer protocol, usually be deployed in private wire network and as required above the circuit network, PPP has a lot of abundant optional attributes, as support multi-protocols, optional authentication service be provided, in every way packed data, support dynamic address to consult, support multilink bundle etc.These abundant options have strengthened the function of PPP.Simultaneously, no matter be that synchronization link between async dialup circuit or the router all can use.Therefore, be widely used in each big operator.
Utilize Ethernet (Ethernet) resource, carry out the mode that the user authenticates access at ether online operation PPP and be called PPPoE.
Because domestic each big operator or Access Service Provider, it or all lays own circuit alone when entering the garden access authentication service is provided, cause the software and hardware resources waste of circuit; Have only a family to enter, other operators or Access Service Provider are carried out exclusive, can't carry out Joint construction and sharing to the resource of circuit.
Summary of the invention
For addressing the above problem, the purpose of this invention is to provide the access authentication processing method of the PPPoE of many service providers in a kind of garden network, solution a plurality of Access Service Providers in same garden network use the PPPoE access authentication simultaneously.
The apprizing system of sample treatment plant reaches above-mentioned technique effect for realizing above-mentioned technical purpose, and the present invention is achieved through the following technical solutions:
The access authentication processing method of the PPPoE of many service providers in a kind of garden network may further comprise the steps:
The step 1) subscriber's main station sends PPPOE and effectively finds initial package, be the PADI bag, the Ethernet destination address is broadcast address 0xffffffff, the CODE field is 0x09, SESSION_ID is 0x0000, PADI comprises the label of one or more service name types, and the service that provides is provided to the access device proposition;
Step 2) after access device is received PADI bag in service range, send PPPOE and effectively find to provide bag, it is the PADO bag, with response request, its CODE field is 0x07, SESSION_ID still is 0x0000, and PADO comprises label and one or more service name type label of an access device name type, and the type service that provides to subscriber's main station is provided;
The step 3) subscriber's main station is selected a suitable access device in a plurality of PADO bags of receiving, the principle of selecting is the content according to access device name type label in the PADO bag and service name type label, send PPPOE to selected access device then and effectively find the request bag, it is the PADR bag, its CODE field is 0x19, SESSION_ID still is 0x0000, PADR comprises a service name type label, determine the type service to the access device request, when a subscriber's main station is not received the PADO bag in definite time, can retransmit a PADI bag, wait for the time of twice simultaneously, this process repeats repeatedly as required;
The step 4) access device is received PADR bag back preparation beginning PPP session, it sends a PPPOE and effectively finds session affirmation bag, it is the PADS bag, its CODE field is 0x65, SESSION_ID is the unique PPPOE session identification number that access device produces, 0xffff is as reserved resource, can not be used at present and make SESSION_ID, the label that PADS comprises a service name type is provided by the service that provides to subscriber's main station, after subscriber's main station receives that the PADS bag is confirmed, both sides just enter the PPP session stage, can not identify the label of the service name type in the PADR bag when access device, then can return a PADS bag that comprises the service name error label, its SESSION_ID remains 0x0000, when subscriber's main station is confiscated PADS bag in definite time, and confiscate the PADO bag and do same the processing.
Further, also have a kind of PPPOE effectively to find to stop bag, the PADT bag, PPP session set up the back it either party sends at any time by subscriber's main station or access device, indication PPP session stops, the PADT bag is without any need for label, and its CODE field is 0xa7, and SESSION_ID is the session identification number that needs the PPP session of termination.
Further, all access devices are not empty and are revised as the service specified title the service name of BRAS equipment, when BRAS equipment is resolved service name the set empty service name of client and the service name of other non-access device are abandoned, do not respond.
The invention has the beneficial effects as follows:
The present invention has realized the resource of circuit is carried out Joint construction and sharing, has avoided the waste of the software and hardware resources of circuit, has saved cost, brings great convenience.
Above-mentioned explanation only is the general introduction of technical solution of the present invention, for can clearer understanding technological means of the present invention, and can be implemented according to the content of specification, below with preferred embodiment of the present invention describe in detail as after.The specific embodiment of the present invention is provided in detail by following examples.
Embodiment
Below in conjunction with embodiment, describe the present invention in detail.
The access authentication processing method of the PPPoE of many service providers in a kind of garden network may further comprise the steps:
The step 1) subscriber's main station sends PPPOE and effectively finds initial package, be the PADI bag, the Ethernet destination address is broadcast address 0xffffffff, the CODE field is 0x09, SESSION_ID is 0x0000, PADI comprises the label of one or more service name types, and the service that provides is provided to the access device proposition;
Step 2) after access device is received PADI bag in service range, send PPPOE and effectively find to provide bag, it is the PADO bag, with response request, its CODE field is 0x07, SESSION_ID still is 0x0000, and PADO comprises label and one or more service name type label of an access device name type, and the type service that provides to subscriber's main station is provided;
The step 3) subscriber's main station is selected a suitable access device in a plurality of PADO bags of receiving, the principle of selecting is the content according to access device name type label in the PADO bag and service name type label, send PPPOE to selected access device then and effectively find the request bag, it is the PADR bag, its CODE field is 0x19, SESSION_ID still is 0x0000, PADR comprises a service name type label, determine the type service to the access device request, when a subscriber's main station is not received the PADO bag in definite time, can retransmit a PADI bag, wait for the time of twice simultaneously, this process repeats repeatedly as required;
The step 4) access device is received PADR bag back preparation beginning PPP session, it sends a PPPOE and effectively finds session affirmation bag, it is the PADS bag, its CODE field is 0x65, SESSION_ID is the unique PPPOE session identification number that access device produces, 0xffff is as reserved resource, can not be used at present and make SESSION_ID, the label that PADS comprises a service name type is provided by the service that provides to subscriber's main station, after subscriber's main station receives that the PADS bag is confirmed, both sides just enter the PPP session stage, can not identify the label of the service name type in the PADR bag when access device, then can return a PADS bag that comprises the service name error label, its SESSION_ID remains 0x0000, when subscriber's main station is confiscated PADS bag in definite time, and confiscate the PADO bag and do same the processing.
Further, also have a kind of PPPOE effectively to find to stop bag, the PADT bag, PPP session set up the back it either party sends at any time by subscriber's main station or access device, indication PPP session stops, the PADT bag is without any need for label, and its CODE field is 0xa7, and SESSION_ID is the session identification number that needs the PPP session of termination.
Further, all access devices are not empty and are revised as the service specified title the service name of BRAS equipment, when BRAS equipment is resolved service name the set empty service name of client and the service name of other non-access device are abandoned, do not respond.
Embodiment:
Be example (definition with arrange) with Juniper MX
The definition of show protocols pppoe // service
Service-name-tables table-test { // definition service-name table (group)
Service test { // definition ServiceName test by name
Terminate;
//Allow
}
Service any { ServiceName name of // Fei Ben Access Service Provider
Drop; // abandon
}
Service empty { // empty ServiceName name
Drop; // abandon
}
}
The above only for the preferred embodiment of invention, is not limited to the present invention, and for a person skilled in the art, the present invention can have various changes and variation.Within the spirit and principles in the present invention all, any modification of doing, be equal to replacement, improvement etc., all should be included within protection scope of the present invention.
Claims (3)
1. the access authentication processing method of the PPPoE of many service providers in the garden network is characterized in that, may further comprise the steps:
The step 1) subscriber's main station sends PPPOE and effectively finds initial package, be the PADI bag, the Ethernet destination address is broadcast address 0xffffffff, the CODE field is 0x09, SESSION_ID is 0x0000, PADI comprises the label of one or more service name types, and the service that provides is provided to the access device proposition;
Step 2) after access device is received PADI bag in service range, send PPPOE and effectively find to provide bag, it is the PADO bag, with response request, its CODE field is 0x07, SESSION_ID still is 0x0000, and PADO comprises label and one or more service name type label of an access device name type, and the type service that provides to subscriber's main station is provided;
The step 3) subscriber's main station is selected a suitable access device in a plurality of PADO bags of receiving, the principle of selecting is the content according to access device name type label in the PADO bag and service name type label, send PPPOE to selected access device then and effectively find the request bag, it is the PADR bag, its CODE field is 0x19, SESSION_ID still is 0x0000, PADR comprises a service name type label, determine the type service to the access device request, when a subscriber's main station is not received the PADO bag in definite time, can retransmit a PADI bag, wait for the time of twice simultaneously, this process repeats repeatedly as required;
The step 4) access device is received PADR bag back preparation beginning PPP session, it sends a PPPOE and effectively finds session affirmation bag, it is the PADS bag, its CODE field is 0x65, SESSION_ID is the unique PPPOE session identification number that access device produces, 0xffff is as reserved resource, can not be used at present and make SESSION_ID, the label that PADS comprises a service name type is provided by the service that provides to subscriber's main station, after subscriber's main station receives that the PADS bag is confirmed, both sides just enter the PPP session stage, can not identify the label of the service name type in the PADR bag when access device, then can return a PADS bag that comprises the service name error label, its SESSION_ID remains 0x0000, when subscriber's main station is confiscated PADS bag in definite time, and confiscate the PADO bag and do same the processing.
2. the access authentication processing method of the PPPoE of many service providers in the garden according to claim 1 network, it is characterized in that: also have a kind of PPPOE effectively to find to stop bag, the PADT bag, PPP session set up the back it either party sends at any time by subscriber's main station or access device, indication PPP session stops, the PADT bag is without any need for label, and its CODE field is 0xa7, and SESSION_ID is the session identification number that needs the PPP session of termination.
3. the access authentication processing method of the PPPoE of many service providers in the garden according to claim 1 network, it is characterized in that: all access devices are not empty and are revised as the service specified title the service name of BRAS equipment, when BRAS equipment is resolved service name the set empty service name of client and the service name of other non-access device are abandoned, do not respond.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2013102479035A CN103347010A (en) | 2013-06-21 | 2013-06-21 | Access authentication processing method of multi-service-provider PPPoE in zone network |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2013102479035A CN103347010A (en) | 2013-06-21 | 2013-06-21 | Access authentication processing method of multi-service-provider PPPoE in zone network |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN103347010A true CN103347010A (en) | 2013-10-09 |
Family
ID=49281784
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2013102479035A Pending CN103347010A (en) | 2013-06-21 | 2013-06-21 | Access authentication processing method of multi-service-provider PPPoE in zone network |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103347010A (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104902007A (en) * | 2015-04-17 | 2015-09-09 | 莫年发 | Shared link accessing method of PPPOE service providers |
| CN105515797A (en) * | 2015-12-15 | 2016-04-20 | 福建星网锐捷网络有限公司 | Campus network user authentication charging method, device and system |
| CN110958272A (en) * | 2015-06-04 | 2020-04-03 | 华为技术有限公司 | Identity authentication method, identity authentication system and related equipment |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20100325295A1 (en) * | 2009-06-17 | 2010-12-23 | Takatoshi Kajiwara | Communication apparatus |
| CN102238075A (en) * | 2010-05-05 | 2011-11-09 | 杭州华三通信技术有限公司 | IPv6 (Internet Protocol version 6) routing establishing method based on Ethernet Point-to-Point Protocol and access server |
-
2013
- 2013-06-21 CN CN2013102479035A patent/CN103347010A/en active Pending
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20100325295A1 (en) * | 2009-06-17 | 2010-12-23 | Takatoshi Kajiwara | Communication apparatus |
| CN102238075A (en) * | 2010-05-05 | 2011-11-09 | 杭州华三通信技术有限公司 | IPv6 (Internet Protocol version 6) routing establishing method based on Ethernet Point-to-Point Protocol and access server |
Non-Patent Citations (3)
| Title |
|---|
| LINQO: "PPPoE协议简介", 《CHINAUNIX》 * |
| LINQO: "PPPoE协议简介", 《CHINAUNIX》, 5 March 2007 (2007-03-05), pages 1 * |
| WANGGUAN: "Configuring PPPoE Service Name Tables", 《CHINAUNIX》 * |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104902007A (en) * | 2015-04-17 | 2015-09-09 | 莫年发 | Shared link accessing method of PPPOE service providers |
| CN104902007B (en) * | 2015-04-17 | 2018-05-22 | 莫年发 | The method that PPPOE agreements multi-operator accesses shared link |
| CN110958272A (en) * | 2015-06-04 | 2020-04-03 | 华为技术有限公司 | Identity authentication method, identity authentication system and related equipment |
| CN110958272B (en) * | 2015-06-04 | 2021-10-15 | 华为技术有限公司 | Identity authentication method, identity authentication system and related equipment |
| CN105515797A (en) * | 2015-12-15 | 2016-04-20 | 福建星网锐捷网络有限公司 | Campus network user authentication charging method, device and system |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103812960B (en) | Network address translation for the application of subscriber-aware service | |
| US7792972B2 (en) | Packet forwarding control method and packet forwarding apparatus | |
| US20160380884A1 (en) | Flow-Based Distribution in Hybrid Access Networks | |
| CN104125191B (en) | Processing method, equipment and the system of point-to-point protocol based on Ethernet | |
| US20070274290A1 (en) | Apparatus and method for packet forwarding in layer 2 network | |
| EP3151510A2 (en) | Mac (l2) level authentication, security and policy control | |
| CN100534055C (en) | Method for implementing network access through broadband router | |
| EP3863246B1 (en) | Service traffic processing method and apparatus | |
| CN103067307B (en) | A kind of broad band access method and system | |
| CN105264835A (en) | Gre tunnel implementation method, access device and convergence gateway | |
| EP3300307A1 (en) | Method for providing hybrid network connectivity to at least one client device being connected to a telecommunications network using a customer premises equipment device or functionality, telecommunications network, logical or physical central office point of delivery, and system for providing hybrid network connectivity to at least one client device, program and computer program product | |
| US11265244B2 (en) | Data transmission method, PNF SDN controller, VNF SDN controller, and data transmission system | |
| CN102223270A (en) | Method for detecting net playing mode of router | |
| CN104541483A (en) | Method and system to enable re-routing for home networks upon connectivity failure | |
| CN102833339B (en) | CDN (Content Delivery Network) and network fused service control method and service control equipment | |
| CN103347010A (en) | Access authentication processing method of multi-service-provider PPPoE in zone network | |
| EP3758307A1 (en) | Method for implementing gre tunnel, access point and gateway | |
| CN108200199A (en) | SiteServer LBS and method in IPV4 over IPV6 tunnels scene | |
| US20070071035A1 (en) | LAC-based LFI support for tunneled PPP sessions | |
| CN101087232B (en) | An access method, system and device based on Ethernet point-to-point protocol | |
| CN1968284B (en) | Label switching router of dynamic construction with label switching protocol (LSP) interface | |
| CN104410576B (en) | Hybrid conditional policies route system and method | |
| KR20140054425A (en) | Method and apparatus for network dialing | |
| CN106506718B (en) | IVI transition method and network system based on the pure IPv6 network of multiple NAT | |
| EP3355522B1 (en) | Access aggregation system and bonding client |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20131009 |