CN103684861A - Method and device for processing network configuration and communication system - Google Patents
Method and device for processing network configuration and communication system Download PDFInfo
- Publication number
- CN103684861A CN103684861A CN201310652734.3A CN201310652734A CN103684861A CN 103684861 A CN103684861 A CN 103684861A CN 201310652734 A CN201310652734 A CN 201310652734A CN 103684861 A CN103684861 A CN 103684861A
- Authority
- CN
- China
- Prior art keywords
- port
- vlan
- user
- sub
- default
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000012545 processing Methods 0.000 title claims abstract description 84
- 238000000034 method Methods 0.000 title claims abstract description 39
- 238000004891 communication Methods 0.000 title claims abstract description 9
- 230000004044 response Effects 0.000 claims description 10
- 230000008520 organization Effects 0.000 claims description 6
- 230000008569 process Effects 0.000 claims description 5
- 238000010586 diagram Methods 0.000 description 10
- 238000003672 processing method Methods 0.000 description 7
- 230000004931 aggregating effect Effects 0.000 description 4
- 230000002776 aggregation Effects 0.000 description 3
- 238000004220 aggregation Methods 0.000 description 3
- 238000013507 mapping Methods 0.000 description 2
- 230000004069 differentiation Effects 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000002955 isolation Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 230000001360 synchronised effect Effects 0.000 description 1
- 230000001131 transforming effect Effects 0.000 description 1
Images
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
- Small-Scale Networks (AREA)
Abstract
The invention provides a method and device for processing network configuration and a communication system. The method includes the steps that an access device in a network is found by a core device through a device cluster management protocol, and a management channel connected with the access device is established; port information of the access device is studied through the management channel, so that the access device is virtualized into a board card of the core device; an IP application request sent by user equipment through the management channel is received, and a corresponding IP address is distributed to the user equipment according to the IP application request; user identification in the IP application request is related with a default sub virtual local area network, a first port connected into the user equipment and a corresponding first access device are identified, default permission information of the default sub virtual local area network is configured to the first port through the management channel, and accordingly the first access device can conduct corresponding processing on a resource access request according to the default permission information on the first port when the resource access request sent by the user equipment is received through the first port.
Description
Technical Field
The present invention relates to communications technologies, and in particular, to a method and an apparatus for processing network configuration, and a communications system.
Background
At present, fig. 1 is a schematic diagram of a conventional three-layer network architecture in the prior art, and fig. 2 is a schematic diagram of a flattened network architecture in the prior art, as shown in fig. 1 and fig. 2, the flattening of the network refers to creating a network structure with strong core and weak access, and transforming the network structure from the conventional three-layer network architecture of "core + aggregation + access" to a two-layer architecture of "core + access". In a flat network, as shown in fig. 2, the flat network mainly includes a core device and an access device; the core device is used as a strong core and is a high-end device to realize the uniform processing of all network services, and the access device only directly sends all network services to the core device to perform the uniform processing and then performs the uniform processing and forwarding on the core device to realize the uniform control processing of all services of the whole network by the core device, so that the network services are centralized and unified.
However, the existing flat network deployment needs to be completed one by one based on devices, a specified user can only access a specified network, and when the user access position changes, the corresponding network deployment accessed by the user needs to be manually adjusted. Particularly, the adaptivity of user post adjustment and non-position adjustment and the skip of user departments cannot be automatically completed, and complex and large amount of network deployment configuration work is required to complete, so that the existing flat network deployment has large workload, the user management is complex, and the adaptivity of network deployment cannot be realized.
Disclosure of Invention
The invention provides a network configuration processing method and device and a communication system, which are used for solving the problem of large workload of flat network deployment in the prior art.
The first aspect of the present invention provides a method for processing network configuration, including:
the core equipment adopts an equipment cluster management protocol to discover access equipment in a network and establish a management channel with the access equipment;
the core equipment learns the port information of the access equipment through the management channel so as to virtualize the access equipment into a board card of the core equipment;
the core equipment receives a protocol IP application request which is sent by user equipment through the management channel and is interconnected between networks, and allocates a corresponding IP address for the user equipment according to the IP application request;
the core equipment establishes an association relation between the user identification in the IP application request and a default sub-virtual local area VLAN, identifies a first port accessed by the user equipment and corresponding first access equipment, and configures default permission information on the default sub-VLAN to the first port through the management channel so that the first access equipment can correspondingly process the resource access request according to the default permission information on the first port when receiving the resource access request sent by the user equipment through the first port.
Another aspect of the present invention provides a method for processing a network configuration, including:
the access equipment receives a protocol IP application request which is sent by user equipment through a first port and is interconnected between networks, and sends the IP application request to the core equipment through a management channel which is established with the core equipment; the core device allocates a corresponding IP address for the device according to the IP application request, and establishes an association relationship between the user identifier in the IP application request and a default sub-VLAN;
the access equipment forwards the received IP address sent by the core equipment to the user equipment through the management channel;
the access device receives default permission information on the default sub-virtual local area VLAN, which is sent by the core device through the management channel, and configures the default permission information identifier to the first port;
and the access equipment receives a resource access request sent by the user equipment through the first port, and correspondingly processes the resource access request according to the default permission information.
Yet another aspect of the present invention provides a network configuration processing apparatus, including:
the device cluster management module is used for establishing a management channel with the access device;
the learning processing module is used for learning the port information of the access equipment through the management channel so as to virtualize the access equipment into a board card of the core equipment;
the receiving and sending module is used for receiving a protocol IP application request which is sent by the user equipment through the management channel and is interconnected among networks;
the IP address allocation module is used for allocating a corresponding IP address for the user equipment according to the IP application request;
the configuration processing module is used for establishing an association relation between the user identifier in the IP application request and a default sub-virtual local area VLAN, and identifying a first port accessed by the user equipment and corresponding first access equipment;
the transceiver module is configured to configure the default permission information on the default sub-VLAN to the first port through the management channel, so that when the first access device receives a resource access request sent by the user device through the first port, the first access device performs corresponding processing on the resource access request according to the default permission information on the first port.
Still another aspect of the present invention is to provide a network configuration processing apparatus, including:
the system comprises a receiving and sending module, a core device and a service module, wherein the receiving and sending module is used for receiving a protocol IP application request which is sent by user equipment through a first port and is interconnected between networks, and sending the IP application request to the core device through a management channel which is established with the core device; the core device allocates a corresponding IP address for the device according to the IP application request, and establishes an association relationship between the user identifier in the IP application request and a default sub-virtual local area VLAN;
the transceiver module is further configured to forward the received IP address sent by the core device to the user equipment through the management channel;
the transceiver module is further configured to receive default permission information on the default sub-VLAN, which is sent by the core device through the management channel;
the configuration module is used for configuring the default authority information identifier to the first port;
the transceiver module is further configured to receive a resource access request sent by the user equipment through the first port;
and the processing module is used for correspondingly processing the resource access request according to the default authority information.
Yet another aspect of the present invention provides a communication system including: a core device and an access device; wherein the core device is a processing apparatus configured for a network as described in the above further aspect; the access device is a processing apparatus configured for a network as described in the above further aspect.
The invention has the technical effects that: discovering access equipment in a network by core equipment by adopting an equipment cluster management protocol, establishing a management channel with the access equipment, learning port information of the access equipment through the management channel to virtualize the access equipment into a board card of the core equipment, allocating an IP address for user equipment after receiving an IP application request sent by the user equipment, establishing an association relation between a user identifier in the IP application request and a default sub-VLAN, identifying a first port accessed by the user equipment and corresponding first access equipment, configuring default authority information on the default sub-VLAN to the first port through the management channel so that the first access equipment can correspondingly process a resource access request according to the default authority information on the first port when receiving the resource access request sent by the user equipment through the first port, therefore, the deployment of the existing flat network is not required to be finished one by one based on equipment, namely, the connection port of the flat network is automatically deployed according to the request of a user, so that the problem of large workload of the deployment of the flat network in the prior art is solved, and the adaptability of the network deployment is effectively improved.
Drawings
FIG. 1 is a schematic diagram of a conventional three-layer network architecture in the prior art;
FIG. 2 is a diagram illustrating a prior art flat network architecture;
FIG. 3 is a flow chart of one embodiment of a method of processing a network configuration of the present invention;
FIG. 4 is a flow chart of another embodiment of a method of processing a network configuration of the present invention;
FIG. 5 is a flow chart of yet another embodiment of a method of processing a network configuration of the present invention;
FIG. 6 is a flow chart of yet another embodiment of a method of processing a network configuration of the present invention;
FIG. 7 is a flow chart of yet another embodiment of a method of processing a network configuration of the present invention;
FIG. 8 is a block diagram of one embodiment of a processing device of the network configuration of the present invention;
FIG. 9 is a schematic diagram of another embodiment of a processing device of the network configuration of the present invention;
fig. 10 is a schematic structural diagram of a processing device of a network configuration according to another embodiment of the present invention.
Detailed Description
Fig. 3 is a flowchart of an embodiment of a processing method for network configuration according to the present invention, and as shown in fig. 3, the method of the embodiment includes:
In this embodiment, the cluster management Protocol may specifically be a Link Layer Discovery Protocol (LLDP) extended cluster Protocol, may also be an extension of a Virtual Switching Unit (VSU) Protocol, and may also be other private implementation manners, and the specific implementation manner is not limited in this embodiment.
In addition, in this embodiment, the core device is formed by aggregating a plurality of devices or a plurality of boards, which may also be referred to as a main chassis; the access device is also formed by aggregating a plurality of devices or a plurality of boards, and the aggregation protocol of the devices is not limited, and the access device can also be called an interface chassis. The core equipment uniformly controls and manages all the access equipment, and further, the uniform management and control of the whole park network are realized.
Preferably, after the core device discovers the access device in the network by using the device cluster management protocol, a data channel may be established with the access device. The core device can learn the port information of the access device through the management channel and realize the issuing of the authority and the request response. The core device can realize the forwarding of the network message through the data channel.
Step 102, the core device learns the port information of the access device through the management channel, so as to virtualize the access device into a board card of the core device.
In this embodiment, the core device may automatically identify port information of the access device according to a network topology scheme, where the port may be an interconnection port with the access device and a user port of the access device and the user device; and the interconnection port can be configured as a Trunk port, and the user port can be configured as an ACCESS port. In addition, the port information of the access device may specifically be information such as the number of ports thereof, and the rate and bandwidth of each port.
In addition, in this embodiment, the core device learns the port information of the access device through the management channel, so that all the access devices virtualize a board card of the core device, that is, the access device seen on the core device is a board card on the core device, and the access device can be regarded as an extension of a port of the core device, thereby forming a concept of one machine and one network.
Step 103, the core device receives an Internet Protocol (IP) application request sent by the user device through the management channel, and allocates a corresponding IP address to the user device according to the IP application request.
In this embodiment, the user identifier may be specifically a user name. The first port is the user port. In addition, the implementation manner of identifying the first port accessed by the user equipment and the corresponding first access equipment is as follows: if the core device manages the user topology information, the core device can directly inquire the user topology information through the IP address so as to identify a first port accessed by the user device and a corresponding first access device; if the core device does not manage the user topology information, it can search through an Address Resolution Protocol (ARP) and a Media Access Control (MAC) entry, specifically, first search for a corresponding ARP through an IP address to obtain an MAC address of the user device, and search for an MAC entry according to the MAC address to identify a first port accessed by the user device and a corresponding first Access device.
In this embodiment, a core device uses a device cluster management protocol to discover an access device in a network, and establishes a management channel with the access device, learns port information of the access device through the management channel to virtualize the access device into a board of the core device, after receiving an IP application request sent by a user device, allocates an IP address to the device, establishes an association relationship between an identifier of a user in the IP application request and a default sub-VLAN, identifies a first port accessed by the user device and a corresponding first access device, configures default permission information on the default sub-VLAN to the first port through the management channel, so that when the first access device receives a resource access request sent by the user device through the first port, the resource access request is correspondingly processed according to the default permission information on the first port, therefore, the deployment of the existing flat network is not required to be finished one by one based on equipment, namely, the connection port of the flat network is automatically deployed according to the request of a user, so that the problem of large workload of the deployment of the flat network in the prior art is solved, and the adaptability of the network deployment is effectively improved.
Fig. 4 is a flowchart of another embodiment of a processing method of network configuration according to the present invention, as shown in fig. 4, the method includes:
step 201, the core device discovers the access device in the network by using a device cluster management protocol, and establishes a management channel with the access device.
In this embodiment, the cluster management Protocol may specifically be a Link Layer Discovery Protocol (LLDP) extended cluster Protocol, may also be an extension of a Virtual Switching Unit (VSU) Protocol, and may also be other private implementation manners, and the specific implementation manner is not limited in this embodiment.
In addition, in this embodiment, the core device is formed by aggregating a plurality of devices or a plurality of boards, which may also be referred to as a main chassis; the access device is also formed by aggregating a plurality of devices or a plurality of boards, and the aggregation protocol of the devices is not limited, and the access device can also be called an interface chassis. The core equipment uniformly controls and manages all the access equipment, and further, the uniform management and control of the whole park network are realized.
Preferably, after the core device discovers the access device in the network by using the device cluster management protocol, a data channel may be established with the access device. The core device can learn the port information of the access device through the management channel and realize the issuing of the authority and the request response. The core device can realize the forwarding of the network message through the data channel.
Step 202, the core device learns the port information of the access device through the management channel, so as to virtualize the access device into a board card of the core device.
In this embodiment, the core device may automatically identify port information of the access device according to a network topology scheme, where the port may be an interconnection port with the access device and a user port of the access device and the user device; and the interconnection port can be configured as a Trunk port, and the user port can be configured as an ACCESS port. In addition, the port information of the access device may specifically be information such as the number of ports thereof, and the rate and bandwidth of each port.
In this embodiment, in order to perform authority control on a department, for different departments, there should be differentiation of network authorities, that is, different authorities need to be set for different departments, for example: a certain department cannot access a certain network resource; or, different departments correspond to different network speed limits, different network storm control and the like.
In addition, the default authority information is synchronized to the default sub-VLAN, and users which are not authenticated all belong to the default sub-VLAN.
Step 205, the core device creates a default sub-VLAN, and configures the default permission information to the default sub-VLAN.
Wherein the default sub-VLAN and the sub-VLAN are respectively associated with the primary VLAN.
In this embodiment, the VLAN mapping adopts a Super VLAN manner, that is, two-layer isolation between users is realized by Sub (Sub) VLANs, and the entire network has only one Super VLAN. Specifically, a Primary (Primary) VLAN is automatically created, and a default sub-VLAN is created at the same time for mapping of a default department, and when a user fails to pass authentication, the user is placed in the default department, that is, the user and the default sub-VLAN establish an association relationship.
In addition, a sub-VLAN is created for each department, and the authority information of each department is configured to the corresponding sub-VLAN. It should be noted that the default sub-VLAN and the sub-VLAN are respectively associated with the primary VLAN.
Step 206, the core device receives an IP application request sent by the user device, and allocates a corresponding IP address to the user device according to the IP application request.
In this embodiment, since there is a Super VLAN in the entire network, for unified management, all users are under the Sub VLAN of the Super VLAN, and a Dynamic Host Configuration Protocol (DHCP) address is created for the Primary VLAN for IP address allocation of the users in the entire network, that is, all users in the Sub VLAN allocate an IP from an address pool corresponding to the Primary VLAN. In addition, there are two ways to deploy IP address pools, one is to allocate a large address pool, for example: a 16-bit masked address space from which all users allocate IPs; another is to deploy multiple address pools corresponding to a Primary VLAN, for example: each address pool is a 24-mask address space, and in order to realize that a plurality of address pools correspond to a Primary VLAN, a plurality of Second IPs need to be created for the Primary VLAN, and each Second IP corresponds to one address pool network segment.
Step 207, the core device establishes an association relationship between the user identifier in the IP application request and a default sub-VLAN, identifies a first port to which the user device is accessed and a corresponding first access device, and configures default permission information on the default sub-VLAN to the first port through the management channel, so that when the first access device receives a resource access request sent by the user device through the first port, the resource access request is correspondingly processed according to the default permission information on the first port.
In this embodiment, since the user is not authenticated, the association relationship between the user identifier and the default sub-VLAN is established first, and the default permission information on the default sub-VLAN is configured to the first port, so that the resource access request sent through the first port needs to be processed correspondingly according to the default permission information.
Fig. 5 is a flowchart of a processing method for network configuration according to another embodiment of the present invention, on the basis of the embodiment shown in fig. 4, as shown in fig. 5, after step 207, the method further includes:
step 208, the core device receives an authentication request sent by the user device through the first port and the corresponding first access device, where the authentication request includes an identifier of the user.
Step 209, the core device authenticates the user identifier according to the authentication request, and returns the acquired authentication response to the user device.
Step 211, the core device configures the acquired first permission information on the first sub-VLAN to the first port to replace the default permission information on the first port, so that when the first access device receives the resource access request sent by the user device through the first port, the first access device performs corresponding processing on the resource access request according to the first permission information on the first port.
In this embodiment, after the authentication is passed, the department to which the user belongs may be acquired through the user identifier, and the sub-VLAN control of the department is issued, that is, the authority information on the sub-VLAN of the department is configured to the first port, so as to execute the authority control of the department.
Fig. 6 is a flowchart of a processing method for network configuration according to still another embodiment of the present invention, and on the basis of the embodiment shown in fig. 5, as shown in fig. 6, after step 211, the method further includes:
In this embodiment, after the department to which the user belongs is switched, since the network relocation to which the user accesses can be automatically realized through the core device, the adaptivity of the network relocation is effectively improved.
In addition, it should be noted that, after step 207, automatic deployment of the core device may also be implemented when the department to which the user belongs is switched, and the implementation principle is similar to that in steps 212 to 214, and is not described herein again.
Fig. 7 is a flowchart of a processing method of network configuration according to still another embodiment of the present invention, and as shown in fig. 7, the method of this embodiment includes:
301, an access device receives an IP application request sent by a user device through a first port, and sends the IP application request to a core device through a management channel established with the core device; the core device allocates a corresponding IP address to the user device according to the IP application request, and establishes an association relationship between the user identifier in the IP application request and the default sub-VLAN.
In this embodiment, the core device may execute the technical solution of any one of the method embodiments shown in fig. 1 to fig. 4, and the implementation principles thereof are similar and will not be described herein again.
Step 302, the access device forwards the received IP address sent by the core device to the user equipment through the management channel.
Step 303, the access device receives the default permission information on the default sub-VLAN sent by the core device through the management channel, and configures the default permission information identifier to the first port.
Step 304, the access device receives the resource access request sent by the user device through the first port, and performs corresponding processing on the resource access request according to the default permission information.
In this embodiment, an access device receives an IP application request sent by a user device through a first port, where the IP application request includes an identifier of a user, and sends the IP application request to a core device; for the core device to allocate the corresponding IP address for the user device according to the IP application request, and establishes association relation between the user identification in the IP application request and the default sub-VLAN, forwards the received IP address sent by the core device to the user device, receives the default authority information on the default sub-VLAN sent by the core device, configuring the default authority information to the first port, receiving a resource access request sent by the user equipment through the first port, and according to the default authority information, the resource access request is processed correspondingly, so that the existing flat network deployment does not need to be finished one by one on the basis of equipment, the core device automatically deploys the connection port according to the request of the user, so that the problem of large workload of flat network deployment in the prior art is solved, and the adaptability of network deployment is effectively improved.
Further, in another embodiment of the present invention, on the basis of the embodiment shown in fig. 7, after step 303 or step 304, the method may further include:
the access device receives an authentication request sent by the user device through the first port, wherein the authentication request comprises: an identity of the user; sending the authentication request to the core device, so that the core device authenticates the user identifier according to the authentication request, acquires a first department to which the user identifier belongs and a first sub-VLAN corresponding to the first department identifier, establishes an association relationship between the user identifier and the first sub-VLAN, and deletes the association relationship between the user identifier and the default sub-VLAN;
the access equipment sends the received authentication response to the user equipment;
the access device receives first permission information on the first sub-VLAN, which is sent by the core device through the management channel, and configures the first permission information to the first port to replace the default permission information on the first port;
when the access device receives the resource access request sent by the user device through the first port, the access device performs corresponding processing on the resource access request according to the first permission information.
Preferably, the method may further include:
the access device receives a handover request sent by the user equipment through the first port, wherein the handover request comprises: the identity of the user and the identity of the corresponding second department; sending the switching request to the core device, so that the core device acquires a second sub-VLAN corresponding to the identifier of a second department according to the switching request, establishes an association relationship between the identifier of the user and the second sub-VLAN, and deletes the association relationship between the identifier of the user and the default sub-VLAN or the association relationship between the identifier of the user and the first sub-VLAN;
the access device receives second permission information on the second sub-VLAN, which is sent by the core device through the management channel, and configures the second permission information on the first port to replace the default permission information on the first port or the first permission information on the first port;
when the access device receives the resource access request carrying the identifier of the user, which is sent by the user device through the first port, the access device performs corresponding processing on the resource access request according to the second permission information.
Those of ordinary skill in the art will understand that: all or a portion of the steps of implementing the above-described method embodiments may be performed by hardware associated with program instructions. The program may be stored in a computer-readable storage medium. When executed, the program performs steps comprising the method embodiments described above; and the aforementioned storage medium includes: various media that can store program codes, such as ROM, RAM, magnetic or optical disks.
Fig. 8 is a schematic structural diagram of an embodiment of a processing device configured by a network according to the present invention, and as shown in fig. 8, the device of the embodiment includes: a discovery processing module 11, a learning processing module 12, a transceiver module 13, an IP address allocation module 14 and a configuration processing module 15; the discovery processing module 11 is configured to discover an access device in a network by using a device cluster management protocol, and establish a management channel with the access device; the learning processing module 12 is configured to learn, through the management channel, port information of the access device, so as to virtualize the access device as a board card of the core device; the transceiver module 13 is configured to receive an IP application request sent by user equipment; the IP address allocating module 14 is configured to allocate a corresponding IP address to the user equipment according to the IP application request; the configuration processing module 15 is configured to establish an association relationship between the user identifier in the IP application request and a default sub-VLAN, and identify a first port to which the user equipment is accessed and a corresponding first access device; the transceiver module 13 is configured to configure the default permission information on the default sub-VLAN to the first port through the management channel, so that when the first access device receives the resource access request sent by the user device through the first port, the first access device performs corresponding processing on the resource access request according to the default permission information on the first port.
The processing apparatus of the network configuration in this embodiment is specifically a core device, and may execute the technical solution of the method embodiment shown in fig. 3, which is similar to the implementation principle, and is not described here again.
In this embodiment, a core device uses a device cluster management protocol to discover an access device in a network, and establishes a management channel with the access device, learns port information of the access device through the management channel to virtualize the access device into a board of the core device, after receiving an IP application request sent by a user device, allocates an IP address to the device, establishes an association relationship between an identifier of a user in the IP application request and a default sub-VLAN, identifies a first port accessed by the user device and a corresponding first access device, configures default permission information on the default sub-VLAN to the first port through the management channel, so that when the first access device receives a resource access request sent by the user device through the first port, the resource access request is correspondingly processed according to the default permission information on the first port, therefore, the deployment of the existing flat network is not required to be finished one by one based on equipment, namely, the connection port of the flat network is automatically deployed according to the request of a user, so that the problem of large workload of the deployment of the flat network in the prior art is solved, and the adaptability of the network deployment is effectively improved.
Fig. 9 is a schematic structural diagram of another embodiment of a processing apparatus of a network configuration according to the present invention, and based on the embodiment shown in fig. 8, as shown in fig. 9, the transceiver module 13 is further configured to receive an authentication request sent by the user equipment through the first port and the corresponding first access device, where the authentication request includes an identifier of the user.
The apparatus of this embodiment further comprises: the authentication module 16 is configured to authenticate the identifier of the user according to the authentication request; the transceiver module 13 is further configured to return the acquired authentication response to the user equipment; the configuration processing module 15 is further configured to obtain a first department to which the identifier of the user belongs, obtain a first sub-VLAN corresponding to the first department, establish an association relationship between the identifier of the user and the first sub-VLAN, and delete the association relationship between the identifier of the user and the default sub-VLAN; the transceiver module 13 is further configured to configure the acquired first permission information on the first sub-VLAN to the first port through the management channel to replace the default permission information on the first port, so that when the first access device receives the resource access request sent by the user device through the first port, the first access device performs corresponding processing on the resource access request according to the first permission information on the first port.
Preferably, the transceiver module 13 is further configured to receive a handover request sent by the ue, where the handover request includes: the identity of the user and the identity of the corresponding second department;
the configuration processing module 15 is further configured to obtain a second sub-VLAN corresponding to the identifier of the second department, establish an association relationship between the identifier of the user and the second sub-VLAN, and delete the association relationship between the identifier of the user and the default sub-VLAN; the transceiver module 13 is further configured to configure the acquired second permission information on the second sub-VLAN to the first port to replace the default permission information on the first port, so that when the first access device receives the resource access request sent by the user equipment through the first port, the first access device performs corresponding processing on the resource access request according to the second permission information on the first port.
Or, the configuration processing module 15 is further configured to obtain a second sub-VLAN corresponding to the identifier of the second department, establish an association between the identifier of the user and the second sub-VLAN, and delete the association between the identifier of the user and the first sub-VLAN; the transceiver module 13 is further configured to configure the acquired second permission information on the second sub-VLAN to the first port to replace the first permission information on the first port, so that when the first access device receives the resource access request sent by the user equipment through the first port, the first access device performs corresponding processing on the resource access request according to the second permission information on the first port.
Preferably, the transceiver module 13 is further configured to obtain default permission information, organization structure information of a department, and permission information corresponding to an identifier of the department; the organizational structure information for the department includes an identification of the department and an identification of the user under the department.
The apparatus further comprises: a VLAN creation module 17 and a permission configuration module 18; the VLAN creating module 17 is configured to create a main VLAN, and create a corresponding sub-VLAN for each department identifier; the authority configuration module 18 is configured to configure authority information corresponding to the department identifier to the corresponding sub-VLANs; the VLAN creating module 17 is further configured to create a default sub-VLAN; the permission configuration module 18 is further configured to configure the default permission information on the default sub-VLAN; wherein the default sub-VLAN and the sub-VLAN are respectively associated with the primary VLAN.
The processing device of the network configuration of this embodiment may execute the technical solution of any one of the method embodiments shown in fig. 4 to 6, and the implementation principles thereof are similar and will not be described herein again.
Fig. 10 is a schematic structural diagram of another embodiment of a processing device configured by a network according to the present invention, and as shown in fig. 10, the device of the present embodiment includes: a transceiver module 21, a configuration module 22 and a processing module 23; the transceiver module 21 is configured to receive an IP application request sent by a user equipment through a first port, and send the IP application request to a core device through a management channel established with the core device; the core device allocates a corresponding IP address for the device according to the IP application request, and establishes an association relationship between the user identifier in the IP application request and a default sub-VLAN; the transceiver module 21 is further configured to forward the received IP address sent by the core device through the management channel to the user equipment; the transceiver module 21 is further configured to receive default permission information on the default sub-VLAN, which is sent by the core device through the management channel; the configuration module 22 is configured to configure the default permission information identifier on the first port; the transceiver module 21 is further configured to receive a resource access request sent by the user equipment through the first port; the processing module 23 is configured to perform corresponding processing on the resource access request according to the default permission information.
The processing apparatus of the network configuration in this embodiment is specifically an access device, and may execute the technical solution of the method embodiment shown in fig. 7, which has similar implementation principles and is not described herein again.
In this embodiment, an access device receives an IP application request sent by a user device through a first port, where the IP application request includes an identifier of a user, and sends the IP application request to a core device; for the core device to allocate the corresponding IP address for the user device according to the IP application request, and establishes association relation between the user identification in the IP application request and the default sub-VLAN, forwards the received IP address sent by the core device to the user device, receives the default authority information on the default sub-VLAN sent by the core device, configuring the default authority information to the first port, receiving a resource access request sent by the user equipment through the first port, and according to the default authority information, the resource access request is processed correspondingly, so that the existing flat network deployment does not need to be finished one by one on the basis of equipment, the core device automatically deploys the connection port according to the request of the user, so that the problem of large workload of flat network deployment in the prior art is solved, and the adaptability of network deployment is effectively improved.
Further, in another embodiment of the present invention, on the basis of the example shown in fig. 10, the transceiver module 21 is further configured to receive an authentication request sent by the user equipment through the first port, where the authentication request includes: an identity of the user; sending the authentication request to the core device, so that the core device authenticates the user identifier according to the authentication request, acquires a first department to which the user identifier belongs and a first sub-VLAN corresponding to the first department identifier, establishes an association relationship between the user identifier and the first sub-VLAN, and deletes the association relationship between the user identifier and the default sub-VLAN; the transceiver module 21 is further configured to send the received authentication response to the ue; the transceiver module 21 is further configured to receive first permission information on the first sub-VLAN sent by the core device through the management channel; the configuration module 22 is further configured to configure the first permission information to the first port to replace the default permission information on the first port; the transceiver module 21 is further configured to receive a resource access request sent by the user equipment through the first port; the processing module 23 is further configured to perform corresponding processing on the resource access request according to the first permission information.
Preferably, the transceiver module 21 is further configured to receive a handover request sent by the ue through the first port, where the handover request includes: the identity of the user and the identity of the corresponding second department; sending the switching request to the core device, so that the core device acquires a second sub-VLAN corresponding to the identifier of a second department according to the switching request, establishes an association relationship between the identifier of the user and the second sub-VLAN, and deletes the association relationship between the identifier of the user and the default sub-VLAN or the association relationship between the identifier of the user and the first sub-VLAN; the transceiver module 21 is further configured to receive second permission information on the second sub-VLAN and an identifier of a corresponding user, which are sent by the core device through the management channel; the configuration module 22 is further configured to configure the second permission information and the corresponding identifier of the user to the first port to replace the default permission information on the first port or the first permission information on the first port; the transceiver module 21 is further configured to receive a resource access request sent by the user equipment through the first port; the processing module 23 is further configured to perform corresponding processing on the resource access request according to the second permission information.
The present invention also provides a communication system comprising: a core device and an access device; wherein the core device is a processing apparatus configured as the network shown in fig. 8 or 9; the access device is a processing apparatus configured by a network as shown in fig. 10, and the implementation principle is similar, which is not described herein again.
Finally, it should be noted that: the above embodiments are only used to illustrate the technical solution of the present invention, and not to limit the same; while the invention has been described in detail and with reference to the foregoing embodiments, it will be understood by those skilled in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some or all of the technical features may be equivalently replaced; and the modifications or the substitutions do not make the essence of the corresponding technical solutions depart from the scope of the technical solutions of the embodiments of the present invention.
Claims (15)
1. A method for processing network configuration, comprising:
the core equipment adopts an equipment cluster management protocol to discover access equipment in a network and establish a management channel with the access equipment;
the core equipment learns the port information of the access equipment through the management channel so as to virtualize the access equipment into a board card of the core equipment;
the core equipment receives a protocol IP application request which is sent by user equipment through the management channel and is interconnected between networks, and allocates a corresponding IP address for the user equipment according to the IP application request;
the core equipment establishes an association relation between the user identification in the IP application request and a default sub-virtual local area VLAN, identifies a first port accessed by the user equipment and corresponding first access equipment, and configures default permission information on the default sub-VLAN to the first port through the management channel so that the first access equipment can correspondingly process the resource access request according to the default permission information on the first port when receiving the resource access request sent by the user equipment through the first port.
2. The method of claim 1, wherein the core device identifies a first port and a corresponding first access device accessed by the user device, and after configuring the default privilege information on the default sub-VLAN to the first port through the management channel, the method further comprises:
the core equipment receives an authentication request sent by the user equipment through the first port and corresponding first access equipment, wherein the authentication request comprises the identification of the user;
the core equipment authenticates the user identification according to the authentication request and returns the acquired authentication response to the user equipment;
the core equipment acquires a first department to which the user identification belongs, acquires a first sub-VLAN corresponding to the first department, establishes an association relationship between the user identification and the first sub-VLAN, and deletes the association relationship between the user identification and the default sub-VLAN;
the core device configures the acquired first permission information on the first sub-VLAN to the first port through the management channel to replace the default permission information on the first port, so that when the first access device receives a resource access request sent to the first port by the user device, the first access device performs corresponding processing on the resource access request according to the first permission information on the first port.
3. The method according to claim 1 or 2, wherein the core device identifies a first port and a corresponding first access device accessed by the user device, and after configuring the default permission information on the default sub-VLAN to the first port through the management channel, or after configuring the acquired first permission information on the first sub-VLAN to the first port through the management channel to replace the default permission information on the first port, the method further comprises:
the core device receives a handover request sent by the user equipment, wherein the handover request comprises: the identity of the user and the identity of the corresponding second department;
the core device acquires a second sub-VLAN corresponding to an identifier of a second department, establishes an association relationship between the identifier of the user and the second sub-VLAN, deletes the association relationship between the identifier of the user and the default sub-VLAN, and configures acquired second permission information on the second sub-VLAN to the first port to replace the default permission information on the first port, so that when the first access device receives a resource access request sent by the user device through the first port, the resource access request is correspondingly processed according to the second permission information on the first port; or,
the core device obtains a second sub-VLAN corresponding to an identifier of a second department, establishes an association relationship between the identifier of the user and the second sub-VLAN, deletes the association relationship between the identifier of the user and the first sub-VLAN, and configures the obtained second permission information on the second sub-VLAN to the first port to replace the first permission information on the first port, so that when the first access device receives a resource access request sent by the user device through the first port, the resource access request is correspondingly processed according to the second permission information on the first port.
4. The method of claim 1, wherein before the core device receives the IP application request sent by the user equipment, the method further comprises:
the core equipment acquires default authority information, organization structure information of a department and authority information corresponding to a department identifier; the organization structure information of the department comprises the identification of the department and the identification of the user under the department;
the core equipment creates a main VLAN, creates corresponding sub-VLANs for the identification of each department respectively, and configures the authority information corresponding to the identification of the department to the corresponding sub-VLANs respectively;
the core equipment creates a default sub-VLAN and configures the default authority information to the default sub-VLAN;
wherein the default sub-VLAN and the sub-VLAN are associated with a primary VLAN, respectively.
5. A method for processing network configuration, comprising:
the access equipment receives a protocol IP application request which is sent by user equipment through a first port and is interconnected between networks, and sends the IP application request to the core equipment through a management channel which is established with the core equipment; the core device allocates a corresponding IP address for the device according to the IP application request, and establishes an association relationship between the user identifier in the IP application request and a default sub-VLAN;
the access equipment forwards the received IP address sent by the core equipment to the user equipment through the management channel;
the access device receives default permission information on the default sub-virtual local area VLAN, which is sent by the core device through the management channel, and configures the default permission information identifier to the first port;
and the access equipment receives a resource access request sent by the user equipment through the first port, and correspondingly processes the resource access request according to the default permission information.
6. The method of claim 5, further comprising:
the access device receives an authentication request sent by the user device through the first port, wherein the authentication request comprises: an identity of the user; sending the authentication request to the core device, so that the core device authenticates the user identifier according to the authentication request, acquires a first department to which the user identifier belongs and a first sub-VLAN corresponding to the first department identifier, establishes an association relationship between the user identifier and the first sub-VLAN, and deletes the association relationship between the user identifier and the default sub-VLAN;
the access equipment sends the received authentication response to the user equipment;
the access device receives first permission information on the first sub-VLAN, which is sent by the core device through the management channel, and configures the first permission information to the first port to replace the default permission information on the first port;
when the access device receives a resource access request sent by the user device through the first port, the access device performs corresponding processing on the resource access request according to the first permission information.
7. The method of claim 5 or 6, further comprising:
the access device receives a handover request sent by the user equipment through the first port, where the handover request includes: the identity of the user and the identity of the corresponding second department; sending the switching request to the core device, so that the core device acquires a second sub-VLAN corresponding to an identifier of a second department according to the switching request, establishes an association relationship between the identifier of the user and the second sub-VLAN, and deletes the association relationship between the identifier of the user and the default sub-VLAN or the association relationship between the identifier of the user and the first sub-VLAN;
the access device receives second permission information on the second sub-VLAN, which is sent by the core device through the management channel, and configures the second permission information on the first port to replace the default permission information on the first port or the first permission information on the first port;
when the access device receives a resource access request sent by the user device through the first port, the access device performs corresponding processing on the resource access request according to the second permission information.
8. A processing apparatus for network configuration, comprising:
the device cluster management module is used for establishing a management channel with the access device;
the learning processing module is used for learning the port information of the access equipment through the management channel so as to virtualize the access equipment into a board card of the core equipment;
the receiving and sending module is used for receiving a protocol IP application request which is sent by the user equipment through the management channel and is interconnected among networks;
the IP address allocation module is used for allocating a corresponding IP address for the user equipment according to the IP application request;
the configuration processing module is used for establishing an association relation between the user identifier in the IP application request and a default sub-virtual local area VLAN, and identifying a first port accessed by the user equipment and corresponding first access equipment;
the transceiver module is configured to configure the default permission information on the default sub-VLAN to the first port through the management channel, so that when the first access device receives a resource access request sent by the user device through the first port, the first access device performs corresponding processing on the resource access request according to the default permission information on the first port.
9. The apparatus of claim 8, wherein the transceiver module is further configured to receive an authentication request sent by the user equipment through the first port and a corresponding first access device, and wherein the authentication request includes an identifier of the user;
the apparatus further comprises:
the authentication module is used for authenticating the user identification according to the authentication request;
the transceiver module is further configured to return the acquired authentication response to the user equipment;
the configuration processing module is further configured to obtain a first department to which the user identifier belongs, obtain a first sub-VLAN corresponding to the first department, establish an association relationship between the user identifier and the first sub-VLAN, and delete the association relationship between the user identifier and the default sub-VLAN;
the transceiver module is further configured to configure the acquired first permission information on the first sub-VLAN to the first port through the management channel to replace the default permission information on the first port, so that when the first access device receives a resource access request sent by the user equipment through the first port, the first access device performs corresponding processing on the resource access request according to the first permission information on the first port.
10. The apparatus according to claim 8 or 9, wherein the transceiver module is further configured to receive a handover request sent by the ue, and the handover request includes: the identity of the user and the identity of the corresponding second department;
the configuration processing module is further configured to obtain a second sub-VLAN corresponding to an identifier of a second department, establish an association relationship between the identifier of the user and the second sub-VLAN, and delete the association relationship between the identifier of the user and the default sub-VLAN; the transceiver module is further configured to configure the acquired second permission information on the second sub-VLAN to the first port to replace the default permission information on the first port, so that when the first access device receives a resource access request sent by the user equipment through the first port, the first access device performs corresponding processing on the resource access request according to the second permission information on the first port;
or,
the configuration processing module is further configured to obtain a second sub-VLAN corresponding to an identifier of a second department, establish an association relationship between the identifier of the user and the second sub-VLAN, and delete the association relationship between the identifier of the user and the first sub-VLAN; the transceiver module is further configured to configure the acquired second permission information on the second sub-VLAN to the first port to replace the first permission information on the first port, so that when the first access device receives a resource access request sent by the user equipment through the first port, the first access device performs corresponding processing on the resource access request according to the second permission information on the first port.
11. The apparatus according to claim 8, wherein the transceiver module is further configured to obtain default permission information, organization structure information of a department, and permission information corresponding to an identifier of the department; the organization structure information of the department comprises the identification of the department and the identification of the user under the department;
the apparatus further comprises:
VLAN establishes the module, is used for establishing a main VLAN, and establish the correspondent sub VLAN for the label of each said department separately;
the authority configuration module is used for respectively configuring the authority information corresponding to the department identifier to the corresponding sub-VLAN;
the VLAN creating module is also used for creating a default sub-VLAN;
the permission configuration module is further used for configuring the default permission information to the default sub-VLAN;
wherein the default sub-VLAN and the sub-VLAN are associated with a primary VLAN, respectively.
12. A processing apparatus for network configuration, comprising:
the system comprises a receiving and sending module, a core device and a service module, wherein the receiving and sending module is used for receiving a protocol IP application request which is sent by user equipment through a first port and is interconnected between networks, and sending the IP application request to the core device through a management channel which is established with the core device; the core device allocates a corresponding IP address for the device according to the IP application request, and establishes an association relationship between the user identifier in the IP application request and a default sub-virtual local area VLAN;
the transceiver module is further configured to forward the received IP address sent by the core device to the user equipment through the management channel;
the transceiver module is further configured to receive default permission information on the default sub-VLAN, which is sent by the core device through the management channel;
the configuration module is used for configuring the default authority information identifier to the first port;
the transceiver module is further configured to receive a resource access request sent by the user equipment through the first port;
and the processing module is used for correspondingly processing the resource access request according to the default authority information.
13. The apparatus of claim 12, wherein the transceiver module is further configured to receive an authentication request sent by the ue through the first port, and wherein the authentication request includes: an identity of the user; sending the authentication request to the core device, so that the core device authenticates the user identifier according to the authentication request, acquires a first department to which the user identifier belongs and a first sub-VLAN corresponding to the first department identifier, establishes an association relationship between the user identifier and the first sub-VLAN, and deletes the association relationship between the user identifier and the default sub-VLAN;
the transceiver module is further configured to send the received authentication response to the user equipment;
the transceiver module is further configured to receive first permission information on the first sub-VLAN, which is sent by the core device through the management channel;
the configuration module is further configured to configure the first permission information to the first port to replace the default permission information on the first port;
the transceiver module is further configured to receive a resource access request sent by the user equipment through the first port;
the processing module is further configured to perform corresponding processing on the resource access request according to the first permission information.
14. The apparatus according to claim 12 or 13, wherein the transceiver module is further configured to receive a handover request sent by the ue through the first port, where the handover request includes: the identity of the user and the identity of the corresponding second department; sending the switching request to the core device, so that the core device acquires a second sub-VLAN corresponding to an identifier of a second department according to the switching request, establishes an association relationship between the identifier of the user and the second sub-VLAN, and deletes the association relationship between the identifier of the user and the default sub-VLAN or the association relationship between the identifier of the user and the first sub-VLAN;
the transceiver module is further configured to receive second permission information on the second sub-VLAN, which is sent by the core device through the management channel;
the configuration module is further configured to configure the second permission information to the first port to replace the default permission information on the first port or the first permission information on the first port;
the transceiver module is further configured to receive a resource access request sent by the user equipment through the first port;
and the processing module is also used for correspondingly processing the resource access request according to the second authority information.
15. A communication system, comprising: a core device and an access device; wherein the core device is a processing apparatus configured by the network according to any one of claims 8 to 11; the access device is a processing apparatus configured for the network according to any one of claims 12 to 14.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201310652734.3A CN103684861B (en) | 2013-12-05 | 2013-12-05 | Method and device for processing network configuration and communication system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201310652734.3A CN103684861B (en) | 2013-12-05 | 2013-12-05 | Method and device for processing network configuration and communication system |
Publications (2)
Publication Number | Publication Date |
---|---|
CN103684861A true CN103684861A (en) | 2014-03-26 |
CN103684861B CN103684861B (en) | 2017-05-24 |
Family
ID=50321242
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201310652734.3A Active CN103684861B (en) | 2013-12-05 | 2013-12-05 | Method and device for processing network configuration and communication system |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN103684861B (en) |
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN105376132A (en) * | 2015-10-27 | 2016-03-02 | 上海斐讯数据通信技术有限公司 | Client based VLAN (Virtual Local Area Network) configuring system and method |
CN105610669A (en) * | 2015-12-28 | 2016-05-25 | 湖南基石通信技术有限公司 | Address distribution method and device for Supervlan flattened network |
WO2016206562A1 (en) * | 2015-06-23 | 2016-12-29 | 华为技术有限公司 | Method, device and system for configuring user equipment forwarding table |
CN108833362A (en) * | 2018-05-23 | 2018-11-16 | 邱婧 | A kind of equipment access authority control method, apparatus and system |
CN110175824A (en) * | 2019-05-22 | 2019-08-27 | 上海盛付通电子支付服务有限公司 | For carrying out the equipment and resource allocation method of resource distribution |
CN110519404A (en) * | 2019-08-02 | 2019-11-29 | 锐捷网络股份有限公司 | A kind of policy management method based on SDN, device and electronic equipment |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101427523B (en) * | 2006-12-27 | 2011-07-06 | 华为技术有限公司 | A business-binding method and device |
CN102326370A (en) * | 2011-08-05 | 2012-01-18 | 华为技术有限公司 | Message processing method, apparatus and system |
US20130034015A1 (en) * | 2011-08-05 | 2013-02-07 | International Business Machines Corporation | Automated network configuration in a dynamic virtual environment |
CN103095495A (en) * | 2013-01-06 | 2013-05-08 | 华为技术有限公司 | Network implementation configuration method, device and system |
-
2013
- 2013-12-05 CN CN201310652734.3A patent/CN103684861B/en active Active
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101427523B (en) * | 2006-12-27 | 2011-07-06 | 华为技术有限公司 | A business-binding method and device |
CN102326370A (en) * | 2011-08-05 | 2012-01-18 | 华为技术有限公司 | Message processing method, apparatus and system |
US20130034015A1 (en) * | 2011-08-05 | 2013-02-07 | International Business Machines Corporation | Automated network configuration in a dynamic virtual environment |
CN103095495A (en) * | 2013-01-06 | 2013-05-08 | 华为技术有限公司 | Network implementation configuration method, device and system |
Cited By (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2016206562A1 (en) * | 2015-06-23 | 2016-12-29 | 华为技术有限公司 | Method, device and system for configuring user equipment forwarding table |
US11005706B2 (en) | 2015-06-23 | 2021-05-11 | Huawei Technolgoies Co., Ltd. | Method for configuring forwarding table for user equipment, apparatus, and system |
CN105376132A (en) * | 2015-10-27 | 2016-03-02 | 上海斐讯数据通信技术有限公司 | Client based VLAN (Virtual Local Area Network) configuring system and method |
CN105376132B (en) * | 2015-10-27 | 2019-08-16 | 上海斐讯数据通信技术有限公司 | System and method based on client configuring virtual LAN |
CN105610669A (en) * | 2015-12-28 | 2016-05-25 | 湖南基石通信技术有限公司 | Address distribution method and device for Supervlan flattened network |
CN108833362A (en) * | 2018-05-23 | 2018-11-16 | 邱婧 | A kind of equipment access authority control method, apparatus and system |
CN108833362B (en) * | 2018-05-23 | 2021-05-07 | 邱婧 | Equipment access authority control method, device and system |
CN110175824A (en) * | 2019-05-22 | 2019-08-27 | 上海盛付通电子支付服务有限公司 | For carrying out the equipment and resource allocation method of resource distribution |
CN110519404A (en) * | 2019-08-02 | 2019-11-29 | 锐捷网络股份有限公司 | A kind of policy management method based on SDN, device and electronic equipment |
CN110519404B (en) * | 2019-08-02 | 2022-04-26 | 锐捷网络股份有限公司 | SDN-based policy management method and device and electronic equipment |
Also Published As
Publication number | Publication date |
---|---|
CN103684861B (en) | 2017-05-24 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN104468574B (en) | A kind of method, system and device of virtual machine dynamic access IP address | |
CN107733670B (en) | Forwarding strategy configuration method and device | |
US20200128614A1 (en) | Session processing method and device | |
US9628328B2 (en) | Network controller with integrated resource management capability | |
CN105284080B (en) | The virtual network management method and data center systems of data center | |
CN103684861A (en) | Method and device for processing network configuration and communication system | |
CN107241454B (en) | A kind of method, apparatus that realizing address administration, aaa server and SDN controller | |
CN106302839B (en) | Internet protocol IP address allocation method and device | |
EP3493483A1 (en) | Virtual broadband access method, controller, and system | |
CN107547351B (en) | Address allocation method and device | |
CN114342332B (en) | Communication method, device and system | |
CN102739505B (en) | Method and system for controlling virtual channel flow in data center network | |
CN113765874B (en) | Private network and dual-mode networking method based on 5G mobile communication technology | |
US12058514B2 (en) | Virtual tenant for multiple dwelling unit | |
CN103368780B (en) | A kind of service control method and equipment | |
US20140181279A1 (en) | Virtual Console-Port Management | |
CN104349511B (en) | The distribution method and device of AP addresses in wlan network | |
CN106792821B (en) | Access control method and device based on virtual gateway | |
CN103001953A (en) | Method and device for allocating network resources of virtual machines | |
CN108259633B (en) | Method, system and device for realizing management message three-layer communication | |
CN107343058B (en) | IP address distribution system and working method thereof | |
WO2020259085A1 (en) | Network slice-based data processing method and apparatus | |
WO2024000975A1 (en) | Session establishment system and method, electronic device, and storage medium | |
EP3836487A1 (en) | Internet access behavior management system, device and method | |
JP5937563B2 (en) | Communication base station and control method thereof |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |