CN103684861A - Method and device for processing network configuration and communication system - Google Patents

Method and device for processing network configuration and communication system Download PDF

Info

Publication number
CN103684861A
CN103684861A CN201310652734.3A CN201310652734A CN103684861A CN 103684861 A CN103684861 A CN 103684861A CN 201310652734 A CN201310652734 A CN 201310652734A CN 103684861 A CN103684861 A CN 103684861A
Authority
CN
China
Prior art keywords
port
vlan
user
sub
default
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201310652734.3A
Other languages
Chinese (zh)
Other versions
CN103684861B (en
Inventor
余峥嵘
龙黎江
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Star Net Ruijie Networks Co Ltd
Original Assignee
Beijing Star Net Ruijie Networks Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Star Net Ruijie Networks Co Ltd filed Critical Beijing Star Net Ruijie Networks Co Ltd
Priority to CN201310652734.3A priority Critical patent/CN103684861B/en
Publication of CN103684861A publication Critical patent/CN103684861A/en
Application granted granted Critical
Publication of CN103684861B publication Critical patent/CN103684861B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Landscapes

  • Data Exchanges In Wide-Area Networks (AREA)
  • Small-Scale Networks (AREA)

Abstract

The invention provides a method and device for processing network configuration and a communication system. The method includes the steps that an access device in a network is found by a core device through a device cluster management protocol, and a management channel connected with the access device is established; port information of the access device is studied through the management channel, so that the access device is virtualized into a board card of the core device; an IP application request sent by user equipment through the management channel is received, and a corresponding IP address is distributed to the user equipment according to the IP application request; user identification in the IP application request is related with a default sub virtual local area network, a first port connected into the user equipment and a corresponding first access device are identified, default permission information of the default sub virtual local area network is configured to the first port through the management channel, and accordingly the first access device can conduct corresponding processing on a resource access request according to the default permission information on the first port when the resource access request sent by the user equipment is received through the first port.

Description

Network configuration processing method and device and communication system
Technical Field
The present invention relates to communications technologies, and in particular, to a method and an apparatus for processing network configuration, and a communications system.
Background
At present, fig. 1 is a schematic diagram of a conventional three-layer network architecture in the prior art, and fig. 2 is a schematic diagram of a flattened network architecture in the prior art, as shown in fig. 1 and fig. 2, the flattening of the network refers to creating a network structure with strong core and weak access, and transforming the network structure from the conventional three-layer network architecture of "core + aggregation + access" to a two-layer architecture of "core + access". In a flat network, as shown in fig. 2, the flat network mainly includes a core device and an access device; the core device is used as a strong core and is a high-end device to realize the uniform processing of all network services, and the access device only directly sends all network services to the core device to perform the uniform processing and then performs the uniform processing and forwarding on the core device to realize the uniform control processing of all services of the whole network by the core device, so that the network services are centralized and unified.
However, the existing flat network deployment needs to be completed one by one based on devices, a specified user can only access a specified network, and when the user access position changes, the corresponding network deployment accessed by the user needs to be manually adjusted. Particularly, the adaptivity of user post adjustment and non-position adjustment and the skip of user departments cannot be automatically completed, and complex and large amount of network deployment configuration work is required to complete, so that the existing flat network deployment has large workload, the user management is complex, and the adaptivity of network deployment cannot be realized.
Disclosure of Invention
The invention provides a network configuration processing method and device and a communication system, which are used for solving the problem of large workload of flat network deployment in the prior art.
The first aspect of the present invention provides a method for processing network configuration, including:
the core equipment adopts an equipment cluster management protocol to discover access equipment in a network and establish a management channel with the access equipment;
the core equipment learns the port information of the access equipment through the management channel so as to virtualize the access equipment into a board card of the core equipment;
the core equipment receives a protocol IP application request which is sent by user equipment through the management channel and is interconnected between networks, and allocates a corresponding IP address for the user equipment according to the IP application request;
the core equipment establishes an association relation between the user identification in the IP application request and a default sub-virtual local area VLAN, identifies a first port accessed by the user equipment and corresponding first access equipment, and configures default permission information on the default sub-VLAN to the first port through the management channel so that the first access equipment can correspondingly process the resource access request according to the default permission information on the first port when receiving the resource access request sent by the user equipment through the first port.
Another aspect of the present invention provides a method for processing a network configuration, including:
the access equipment receives a protocol IP application request which is sent by user equipment through a first port and is interconnected between networks, and sends the IP application request to the core equipment through a management channel which is established with the core equipment; the core device allocates a corresponding IP address for the device according to the IP application request, and establishes an association relationship between the user identifier in the IP application request and a default sub-VLAN;
the access equipment forwards the received IP address sent by the core equipment to the user equipment through the management channel;
the access device receives default permission information on the default sub-virtual local area VLAN, which is sent by the core device through the management channel, and configures the default permission information identifier to the first port;
and the access equipment receives a resource access request sent by the user equipment through the first port, and correspondingly processes the resource access request according to the default permission information.
Yet another aspect of the present invention provides a network configuration processing apparatus, including:
the device cluster management module is used for establishing a management channel with the access device;
the learning processing module is used for learning the port information of the access equipment through the management channel so as to virtualize the access equipment into a board card of the core equipment;
the receiving and sending module is used for receiving a protocol IP application request which is sent by the user equipment through the management channel and is interconnected among networks;
the IP address allocation module is used for allocating a corresponding IP address for the user equipment according to the IP application request;
the configuration processing module is used for establishing an association relation between the user identifier in the IP application request and a default sub-virtual local area VLAN, and identifying a first port accessed by the user equipment and corresponding first access equipment;
the transceiver module is configured to configure the default permission information on the default sub-VLAN to the first port through the management channel, so that when the first access device receives a resource access request sent by the user device through the first port, the first access device performs corresponding processing on the resource access request according to the default permission information on the first port.
Still another aspect of the present invention is to provide a network configuration processing apparatus, including:
the system comprises a receiving and sending module, a core device and a service module, wherein the receiving and sending module is used for receiving a protocol IP application request which is sent by user equipment through a first port and is interconnected between networks, and sending the IP application request to the core device through a management channel which is established with the core device; the core device allocates a corresponding IP address for the device according to the IP application request, and establishes an association relationship between the user identifier in the IP application request and a default sub-virtual local area VLAN;
the transceiver module is further configured to forward the received IP address sent by the core device to the user equipment through the management channel;
the transceiver module is further configured to receive default permission information on the default sub-VLAN, which is sent by the core device through the management channel;
the configuration module is used for configuring the default authority information identifier to the first port;
the transceiver module is further configured to receive a resource access request sent by the user equipment through the first port;
and the processing module is used for correspondingly processing the resource access request according to the default authority information.
Yet another aspect of the present invention provides a communication system including: a core device and an access device; wherein the core device is a processing apparatus configured for a network as described in the above further aspect; the access device is a processing apparatus configured for a network as described in the above further aspect.
The invention has the technical effects that: discovering access equipment in a network by core equipment by adopting an equipment cluster management protocol, establishing a management channel with the access equipment, learning port information of the access equipment through the management channel to virtualize the access equipment into a board card of the core equipment, allocating an IP address for user equipment after receiving an IP application request sent by the user equipment, establishing an association relation between a user identifier in the IP application request and a default sub-VLAN, identifying a first port accessed by the user equipment and corresponding first access equipment, configuring default authority information on the default sub-VLAN to the first port through the management channel so that the first access equipment can correspondingly process a resource access request according to the default authority information on the first port when receiving the resource access request sent by the user equipment through the first port, therefore, the deployment of the existing flat network is not required to be finished one by one based on equipment, namely, the connection port of the flat network is automatically deployed according to the request of a user, so that the problem of large workload of the deployment of the flat network in the prior art is solved, and the adaptability of the network deployment is effectively improved.
Drawings
FIG. 1 is a schematic diagram of a conventional three-layer network architecture in the prior art;
FIG. 2 is a diagram illustrating a prior art flat network architecture;
FIG. 3 is a flow chart of one embodiment of a method of processing a network configuration of the present invention;
FIG. 4 is a flow chart of another embodiment of a method of processing a network configuration of the present invention;
FIG. 5 is a flow chart of yet another embodiment of a method of processing a network configuration of the present invention;
FIG. 6 is a flow chart of yet another embodiment of a method of processing a network configuration of the present invention;
FIG. 7 is a flow chart of yet another embodiment of a method of processing a network configuration of the present invention;
FIG. 8 is a block diagram of one embodiment of a processing device of the network configuration of the present invention;
FIG. 9 is a schematic diagram of another embodiment of a processing device of the network configuration of the present invention;
fig. 10 is a schematic structural diagram of a processing device of a network configuration according to another embodiment of the present invention.
Detailed Description
Fig. 3 is a flowchart of an embodiment of a processing method for network configuration according to the present invention, and as shown in fig. 3, the method of the embodiment includes:
step 101, a core device discovers an access device in a network by using a device cluster management protocol, and establishes a management channel with the access device.
In this embodiment, the cluster management Protocol may specifically be a Link Layer Discovery Protocol (LLDP) extended cluster Protocol, may also be an extension of a Virtual Switching Unit (VSU) Protocol, and may also be other private implementation manners, and the specific implementation manner is not limited in this embodiment.
In addition, in this embodiment, the core device is formed by aggregating a plurality of devices or a plurality of boards, which may also be referred to as a main chassis; the access device is also formed by aggregating a plurality of devices or a plurality of boards, and the aggregation protocol of the devices is not limited, and the access device can also be called an interface chassis. The core equipment uniformly controls and manages all the access equipment, and further, the uniform management and control of the whole park network are realized.
Preferably, after the core device discovers the access device in the network by using the device cluster management protocol, a data channel may be established with the access device. The core device can learn the port information of the access device through the management channel and realize the issuing of the authority and the request response. The core device can realize the forwarding of the network message through the data channel.
Step 102, the core device learns the port information of the access device through the management channel, so as to virtualize the access device into a board card of the core device.
In this embodiment, the core device may automatically identify port information of the access device according to a network topology scheme, where the port may be an interconnection port with the access device and a user port of the access device and the user device; and the interconnection port can be configured as a Trunk port, and the user port can be configured as an ACCESS port. In addition, the port information of the access device may specifically be information such as the number of ports thereof, and the rate and bandwidth of each port.
In addition, in this embodiment, the core device learns the port information of the access device through the management channel, so that all the access devices virtualize a board card of the core device, that is, the access device seen on the core device is a board card on the core device, and the access device can be regarded as an extension of a port of the core device, thereby forming a concept of one machine and one network.
Step 103, the core device receives an Internet Protocol (IP) application request sent by the user device through the management channel, and allocates a corresponding IP address to the user device according to the IP application request.
Step 104, the core device establishes an association relationship between the user identifier in the IP application request and a Virtual Local Area Network (VLAN), identifies a first port to which the user device is accessed and a corresponding first access device, and configures default permission information on the default VLAN to the first port through the management channel, so that when the first access device receives a resource access request sent by the user device through the first port, the resource access request is correspondingly processed according to the default permission information on the first port.
In this embodiment, the user identifier may be specifically a user name. The first port is the user port. In addition, the implementation manner of identifying the first port accessed by the user equipment and the corresponding first access equipment is as follows: if the core device manages the user topology information, the core device can directly inquire the user topology information through the IP address so as to identify a first port accessed by the user device and a corresponding first access device; if the core device does not manage the user topology information, it can search through an Address Resolution Protocol (ARP) and a Media Access Control (MAC) entry, specifically, first search for a corresponding ARP through an IP address to obtain an MAC address of the user device, and search for an MAC entry according to the MAC address to identify a first port accessed by the user device and a corresponding first Access device.
In this embodiment, a core device uses a device cluster management protocol to discover an access device in a network, and establishes a management channel with the access device, learns port information of the access device through the management channel to virtualize the access device into a board of the core device, after receiving an IP application request sent by a user device, allocates an IP address to the device, establishes an association relationship between an identifier of a user in the IP application request and a default sub-VLAN, identifies a first port accessed by the user device and a corresponding first access device, configures default permission information on the default sub-VLAN to the first port through the management channel, so that when the first access device receives a resource access request sent by the user device through the first port, the resource access request is correspondingly processed according to the default permission information on the first port, therefore, the deployment of the existing flat network is not required to be finished one by one based on equipment, namely, the connection port of the flat network is automatically deployed according to the request of a user, so that the problem of large workload of the deployment of the flat network in the prior art is solved, and the adaptability of the network deployment is effectively improved.
Fig. 4 is a flowchart of another embodiment of a processing method of network configuration according to the present invention, as shown in fig. 4, the method includes:
step 201, the core device discovers the access device in the network by using a device cluster management protocol, and establishes a management channel with the access device.
In this embodiment, the cluster management Protocol may specifically be a Link Layer Discovery Protocol (LLDP) extended cluster Protocol, may also be an extension of a Virtual Switching Unit (VSU) Protocol, and may also be other private implementation manners, and the specific implementation manner is not limited in this embodiment.
In addition, in this embodiment, the core device is formed by aggregating a plurality of devices or a plurality of boards, which may also be referred to as a main chassis; the access device is also formed by aggregating a plurality of devices or a plurality of boards, and the aggregation protocol of the devices is not limited, and the access device can also be called an interface chassis. The core equipment uniformly controls and manages all the access equipment, and further, the uniform management and control of the whole park network are realized.
Preferably, after the core device discovers the access device in the network by using the device cluster management protocol, a data channel may be established with the access device. The core device can learn the port information of the access device through the management channel and realize the issuing of the authority and the request response. The core device can realize the forwarding of the network message through the data channel.
Step 202, the core device learns the port information of the access device through the management channel, so as to virtualize the access device into a board card of the core device.
In this embodiment, the core device may automatically identify port information of the access device according to a network topology scheme, where the port may be an interconnection port with the access device and a user port of the access device and the user device; and the interconnection port can be configured as a Trunk port, and the user port can be configured as an ACCESS port. In addition, the port information of the access device may specifically be information such as the number of ports thereof, and the rate and bandwidth of each port.
Step 203, the core device obtains default authority information, organization structure information of the department and authority information corresponding to the identification of the department; the organizational structure information for the department includes an identification of the department and an identification of the user under the department.
In this embodiment, in order to perform authority control on a department, for different departments, there should be differentiation of network authorities, that is, different authorities need to be set for different departments, for example: a certain department cannot access a certain network resource; or, different departments correspond to different network speed limits, different network storm control and the like.
In addition, the default authority information is synchronized to the default sub-VLAN, and users which are not authenticated all belong to the default sub-VLAN.
Step 204, the core device creates a main VLAN, creates a corresponding sub-VLAN for each department identifier, and configures the authority information corresponding to the department identifier to the corresponding sub-VLAN.
Step 205, the core device creates a default sub-VLAN, and configures the default permission information to the default sub-VLAN.
Wherein the default sub-VLAN and the sub-VLAN are respectively associated with the primary VLAN.
In this embodiment, the VLAN mapping adopts a Super VLAN manner, that is, two-layer isolation between users is realized by Sub (Sub) VLANs, and the entire network has only one Super VLAN. Specifically, a Primary (Primary) VLAN is automatically created, and a default sub-VLAN is created at the same time for mapping of a default department, and when a user fails to pass authentication, the user is placed in the default department, that is, the user and the default sub-VLAN establish an association relationship.
In addition, a sub-VLAN is created for each department, and the authority information of each department is configured to the corresponding sub-VLAN. It should be noted that the default sub-VLAN and the sub-VLAN are respectively associated with the primary VLAN.
Step 206, the core device receives an IP application request sent by the user device, and allocates a corresponding IP address to the user device according to the IP application request.
In this embodiment, since there is a Super VLAN in the entire network, for unified management, all users are under the Sub VLAN of the Super VLAN, and a Dynamic Host Configuration Protocol (DHCP) address is created for the Primary VLAN for IP address allocation of the users in the entire network, that is, all users in the Sub VLAN allocate an IP from an address pool corresponding to the Primary VLAN. In addition, there are two ways to deploy IP address pools, one is to allocate a large address pool, for example: a 16-bit masked address space from which all users allocate IPs; another is to deploy multiple address pools corresponding to a Primary VLAN, for example: each address pool is a 24-mask address space, and in order to realize that a plurality of address pools correspond to a Primary VLAN, a plurality of Second IPs need to be created for the Primary VLAN, and each Second IP corresponds to one address pool network segment.
Step 207, the core device establishes an association relationship between the user identifier in the IP application request and a default sub-VLAN, identifies a first port to which the user device is accessed and a corresponding first access device, and configures default permission information on the default sub-VLAN to the first port through the management channel, so that when the first access device receives a resource access request sent by the user device through the first port, the resource access request is correspondingly processed according to the default permission information on the first port.
In this embodiment, since the user is not authenticated, the association relationship between the user identifier and the default sub-VLAN is established first, and the default permission information on the default sub-VLAN is configured to the first port, so that the resource access request sent through the first port needs to be processed correspondingly according to the default permission information.
Fig. 5 is a flowchart of a processing method for network configuration according to another embodiment of the present invention, on the basis of the embodiment shown in fig. 4, as shown in fig. 5, after step 207, the method further includes:
step 208, the core device receives an authentication request sent by the user device through the first port and the corresponding first access device, where the authentication request includes an identifier of the user.
Step 209, the core device authenticates the user identifier according to the authentication request, and returns the acquired authentication response to the user device.
Step 210, the core device obtains a first department to which the identifier of the user belongs, obtains a first sub-VLAN corresponding to the first department, establishes an association relationship between the identifier of the user and the first sub-VLAN, and deletes the association relationship between the identifier of the user and the default sub-VLAN.
Step 211, the core device configures the acquired first permission information on the first sub-VLAN to the first port to replace the default permission information on the first port, so that when the first access device receives the resource access request sent by the user device through the first port, the first access device performs corresponding processing on the resource access request according to the first permission information on the first port.
In this embodiment, after the authentication is passed, the department to which the user belongs may be acquired through the user identifier, and the sub-VLAN control of the department is issued, that is, the authority information on the sub-VLAN of the department is configured to the first port, so as to execute the authority control of the department.
Fig. 6 is a flowchart of a processing method for network configuration according to still another embodiment of the present invention, and on the basis of the embodiment shown in fig. 5, as shown in fig. 6, after step 211, the method further includes:
step 212, the core device receives a handover request sent by the user equipment, where the handover request includes: an identification of the user and an identification of the corresponding second department.
Step 213, the core device obtains a second sub-VLAN corresponding to the identifier of the second department, establishes an association between the identifier of the user and the second sub-VLAN, and deletes the association between the identifier of the user and the first sub-VLAN.
Step 214, the core device configures the acquired second permission information on the second sub-VLAN to the first port to replace the first permission information on the first port, so that when the first access device receives the resource access request sent by the user device through the first port, the first access device performs corresponding processing on the resource access request according to the second permission information on the first port.
In this embodiment, after the department to which the user belongs is switched, since the network relocation to which the user accesses can be automatically realized through the core device, the adaptivity of the network relocation is effectively improved.
In addition, it should be noted that, after step 207, automatic deployment of the core device may also be implemented when the department to which the user belongs is switched, and the implementation principle is similar to that in steps 212 to 214, and is not described herein again.
Fig. 7 is a flowchart of a processing method of network configuration according to still another embodiment of the present invention, and as shown in fig. 7, the method of this embodiment includes:
301, an access device receives an IP application request sent by a user device through a first port, and sends the IP application request to a core device through a management channel established with the core device; the core device allocates a corresponding IP address to the user device according to the IP application request, and establishes an association relationship between the user identifier in the IP application request and the default sub-VLAN.
In this embodiment, the core device may execute the technical solution of any one of the method embodiments shown in fig. 1 to fig. 4, and the implementation principles thereof are similar and will not be described herein again.
Step 302, the access device forwards the received IP address sent by the core device to the user equipment through the management channel.
Step 303, the access device receives the default permission information on the default sub-VLAN sent by the core device through the management channel, and configures the default permission information identifier to the first port.
Step 304, the access device receives the resource access request sent by the user device through the first port, and performs corresponding processing on the resource access request according to the default permission information.
In this embodiment, an access device receives an IP application request sent by a user device through a first port, where the IP application request includes an identifier of a user, and sends the IP application request to a core device; for the core device to allocate the corresponding IP address for the user device according to the IP application request, and establishes association relation between the user identification in the IP application request and the default sub-VLAN, forwards the received IP address sent by the core device to the user device, receives the default authority information on the default sub-VLAN sent by the core device, configuring the default authority information to the first port, receiving a resource access request sent by the user equipment through the first port, and according to the default authority information, the resource access request is processed correspondingly, so that the existing flat network deployment does not need to be finished one by one on the basis of equipment, the core device automatically deploys the connection port according to the request of the user, so that the problem of large workload of flat network deployment in the prior art is solved, and the adaptability of network deployment is effectively improved.
Further, in another embodiment of the present invention, on the basis of the embodiment shown in fig. 7, after step 303 or step 304, the method may further include:
the access device receives an authentication request sent by the user device through the first port, wherein the authentication request comprises: an identity of the user; sending the authentication request to the core device, so that the core device authenticates the user identifier according to the authentication request, acquires a first department to which the user identifier belongs and a first sub-VLAN corresponding to the first department identifier, establishes an association relationship between the user identifier and the first sub-VLAN, and deletes the association relationship between the user identifier and the default sub-VLAN;
the access equipment sends the received authentication response to the user equipment;
the access device receives first permission information on the first sub-VLAN, which is sent by the core device through the management channel, and configures the first permission information to the first port to replace the default permission information on the first port;
when the access device receives the resource access request sent by the user device through the first port, the access device performs corresponding processing on the resource access request according to the first permission information.
Preferably, the method may further include:
the access device receives a handover request sent by the user equipment through the first port, wherein the handover request comprises: the identity of the user and the identity of the corresponding second department; sending the switching request to the core device, so that the core device acquires a second sub-VLAN corresponding to the identifier of a second department according to the switching request, establishes an association relationship between the identifier of the user and the second sub-VLAN, and deletes the association relationship between the identifier of the user and the default sub-VLAN or the association relationship between the identifier of the user and the first sub-VLAN;
the access device receives second permission information on the second sub-VLAN, which is sent by the core device through the management channel, and configures the second permission information on the first port to replace the default permission information on the first port or the first permission information on the first port;
when the access device receives the resource access request carrying the identifier of the user, which is sent by the user device through the first port, the access device performs corresponding processing on the resource access request according to the second permission information.
Those of ordinary skill in the art will understand that: all or a portion of the steps of implementing the above-described method embodiments may be performed by hardware associated with program instructions. The program may be stored in a computer-readable storage medium. When executed, the program performs steps comprising the method embodiments described above; and the aforementioned storage medium includes: various media that can store program codes, such as ROM, RAM, magnetic or optical disks.
Fig. 8 is a schematic structural diagram of an embodiment of a processing device configured by a network according to the present invention, and as shown in fig. 8, the device of the embodiment includes: a discovery processing module 11, a learning processing module 12, a transceiver module 13, an IP address allocation module 14 and a configuration processing module 15; the discovery processing module 11 is configured to discover an access device in a network by using a device cluster management protocol, and establish a management channel with the access device; the learning processing module 12 is configured to learn, through the management channel, port information of the access device, so as to virtualize the access device as a board card of the core device; the transceiver module 13 is configured to receive an IP application request sent by user equipment; the IP address allocating module 14 is configured to allocate a corresponding IP address to the user equipment according to the IP application request; the configuration processing module 15 is configured to establish an association relationship between the user identifier in the IP application request and a default sub-VLAN, and identify a first port to which the user equipment is accessed and a corresponding first access device; the transceiver module 13 is configured to configure the default permission information on the default sub-VLAN to the first port through the management channel, so that when the first access device receives the resource access request sent by the user device through the first port, the first access device performs corresponding processing on the resource access request according to the default permission information on the first port.
The processing apparatus of the network configuration in this embodiment is specifically a core device, and may execute the technical solution of the method embodiment shown in fig. 3, which is similar to the implementation principle, and is not described here again.
In this embodiment, a core device uses a device cluster management protocol to discover an access device in a network, and establishes a management channel with the access device, learns port information of the access device through the management channel to virtualize the access device into a board of the core device, after receiving an IP application request sent by a user device, allocates an IP address to the device, establishes an association relationship between an identifier of a user in the IP application request and a default sub-VLAN, identifies a first port accessed by the user device and a corresponding first access device, configures default permission information on the default sub-VLAN to the first port through the management channel, so that when the first access device receives a resource access request sent by the user device through the first port, the resource access request is correspondingly processed according to the default permission information on the first port, therefore, the deployment of the existing flat network is not required to be finished one by one based on equipment, namely, the connection port of the flat network is automatically deployed according to the request of a user, so that the problem of large workload of the deployment of the flat network in the prior art is solved, and the adaptability of the network deployment is effectively improved.
Fig. 9 is a schematic structural diagram of another embodiment of a processing apparatus of a network configuration according to the present invention, and based on the embodiment shown in fig. 8, as shown in fig. 9, the transceiver module 13 is further configured to receive an authentication request sent by the user equipment through the first port and the corresponding first access device, where the authentication request includes an identifier of the user.
The apparatus of this embodiment further comprises: the authentication module 16 is configured to authenticate the identifier of the user according to the authentication request; the transceiver module 13 is further configured to return the acquired authentication response to the user equipment; the configuration processing module 15 is further configured to obtain a first department to which the identifier of the user belongs, obtain a first sub-VLAN corresponding to the first department, establish an association relationship between the identifier of the user and the first sub-VLAN, and delete the association relationship between the identifier of the user and the default sub-VLAN; the transceiver module 13 is further configured to configure the acquired first permission information on the first sub-VLAN to the first port through the management channel to replace the default permission information on the first port, so that when the first access device receives the resource access request sent by the user device through the first port, the first access device performs corresponding processing on the resource access request according to the first permission information on the first port.
Preferably, the transceiver module 13 is further configured to receive a handover request sent by the ue, where the handover request includes: the identity of the user and the identity of the corresponding second department;
the configuration processing module 15 is further configured to obtain a second sub-VLAN corresponding to the identifier of the second department, establish an association relationship between the identifier of the user and the second sub-VLAN, and delete the association relationship between the identifier of the user and the default sub-VLAN; the transceiver module 13 is further configured to configure the acquired second permission information on the second sub-VLAN to the first port to replace the default permission information on the first port, so that when the first access device receives the resource access request sent by the user equipment through the first port, the first access device performs corresponding processing on the resource access request according to the second permission information on the first port.
Or, the configuration processing module 15 is further configured to obtain a second sub-VLAN corresponding to the identifier of the second department, establish an association between the identifier of the user and the second sub-VLAN, and delete the association between the identifier of the user and the first sub-VLAN; the transceiver module 13 is further configured to configure the acquired second permission information on the second sub-VLAN to the first port to replace the first permission information on the first port, so that when the first access device receives the resource access request sent by the user equipment through the first port, the first access device performs corresponding processing on the resource access request according to the second permission information on the first port.
Preferably, the transceiver module 13 is further configured to obtain default permission information, organization structure information of a department, and permission information corresponding to an identifier of the department; the organizational structure information for the department includes an identification of the department and an identification of the user under the department.
The apparatus further comprises: a VLAN creation module 17 and a permission configuration module 18; the VLAN creating module 17 is configured to create a main VLAN, and create a corresponding sub-VLAN for each department identifier; the authority configuration module 18 is configured to configure authority information corresponding to the department identifier to the corresponding sub-VLANs; the VLAN creating module 17 is further configured to create a default sub-VLAN; the permission configuration module 18 is further configured to configure the default permission information on the default sub-VLAN; wherein the default sub-VLAN and the sub-VLAN are respectively associated with the primary VLAN.
The processing device of the network configuration of this embodiment may execute the technical solution of any one of the method embodiments shown in fig. 4 to 6, and the implementation principles thereof are similar and will not be described herein again.
Fig. 10 is a schematic structural diagram of another embodiment of a processing device configured by a network according to the present invention, and as shown in fig. 10, the device of the present embodiment includes: a transceiver module 21, a configuration module 22 and a processing module 23; the transceiver module 21 is configured to receive an IP application request sent by a user equipment through a first port, and send the IP application request to a core device through a management channel established with the core device; the core device allocates a corresponding IP address for the device according to the IP application request, and establishes an association relationship between the user identifier in the IP application request and a default sub-VLAN; the transceiver module 21 is further configured to forward the received IP address sent by the core device through the management channel to the user equipment; the transceiver module 21 is further configured to receive default permission information on the default sub-VLAN, which is sent by the core device through the management channel; the configuration module 22 is configured to configure the default permission information identifier on the first port; the transceiver module 21 is further configured to receive a resource access request sent by the user equipment through the first port; the processing module 23 is configured to perform corresponding processing on the resource access request according to the default permission information.
The processing apparatus of the network configuration in this embodiment is specifically an access device, and may execute the technical solution of the method embodiment shown in fig. 7, which has similar implementation principles and is not described herein again.
In this embodiment, an access device receives an IP application request sent by a user device through a first port, where the IP application request includes an identifier of a user, and sends the IP application request to a core device; for the core device to allocate the corresponding IP address for the user device according to the IP application request, and establishes association relation between the user identification in the IP application request and the default sub-VLAN, forwards the received IP address sent by the core device to the user device, receives the default authority information on the default sub-VLAN sent by the core device, configuring the default authority information to the first port, receiving a resource access request sent by the user equipment through the first port, and according to the default authority information, the resource access request is processed correspondingly, so that the existing flat network deployment does not need to be finished one by one on the basis of equipment, the core device automatically deploys the connection port according to the request of the user, so that the problem of large workload of flat network deployment in the prior art is solved, and the adaptability of network deployment is effectively improved.
Further, in another embodiment of the present invention, on the basis of the example shown in fig. 10, the transceiver module 21 is further configured to receive an authentication request sent by the user equipment through the first port, where the authentication request includes: an identity of the user; sending the authentication request to the core device, so that the core device authenticates the user identifier according to the authentication request, acquires a first department to which the user identifier belongs and a first sub-VLAN corresponding to the first department identifier, establishes an association relationship between the user identifier and the first sub-VLAN, and deletes the association relationship between the user identifier and the default sub-VLAN; the transceiver module 21 is further configured to send the received authentication response to the ue; the transceiver module 21 is further configured to receive first permission information on the first sub-VLAN sent by the core device through the management channel; the configuration module 22 is further configured to configure the first permission information to the first port to replace the default permission information on the first port; the transceiver module 21 is further configured to receive a resource access request sent by the user equipment through the first port; the processing module 23 is further configured to perform corresponding processing on the resource access request according to the first permission information.
Preferably, the transceiver module 21 is further configured to receive a handover request sent by the ue through the first port, where the handover request includes: the identity of the user and the identity of the corresponding second department; sending the switching request to the core device, so that the core device acquires a second sub-VLAN corresponding to the identifier of a second department according to the switching request, establishes an association relationship between the identifier of the user and the second sub-VLAN, and deletes the association relationship between the identifier of the user and the default sub-VLAN or the association relationship between the identifier of the user and the first sub-VLAN; the transceiver module 21 is further configured to receive second permission information on the second sub-VLAN and an identifier of a corresponding user, which are sent by the core device through the management channel; the configuration module 22 is further configured to configure the second permission information and the corresponding identifier of the user to the first port to replace the default permission information on the first port or the first permission information on the first port; the transceiver module 21 is further configured to receive a resource access request sent by the user equipment through the first port; the processing module 23 is further configured to perform corresponding processing on the resource access request according to the second permission information.
The present invention also provides a communication system comprising: a core device and an access device; wherein the core device is a processing apparatus configured as the network shown in fig. 8 or 9; the access device is a processing apparatus configured by a network as shown in fig. 10, and the implementation principle is similar, which is not described herein again.
Finally, it should be noted that: the above embodiments are only used to illustrate the technical solution of the present invention, and not to limit the same; while the invention has been described in detail and with reference to the foregoing embodiments, it will be understood by those skilled in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some or all of the technical features may be equivalently replaced; and the modifications or the substitutions do not make the essence of the corresponding technical solutions depart from the scope of the technical solutions of the embodiments of the present invention.

Claims (15)

1. A method for processing network configuration, comprising:
the core equipment adopts an equipment cluster management protocol to discover access equipment in a network and establish a management channel with the access equipment;
the core equipment learns the port information of the access equipment through the management channel so as to virtualize the access equipment into a board card of the core equipment;
the core equipment receives a protocol IP application request which is sent by user equipment through the management channel and is interconnected between networks, and allocates a corresponding IP address for the user equipment according to the IP application request;
the core equipment establishes an association relation between the user identification in the IP application request and a default sub-virtual local area VLAN, identifies a first port accessed by the user equipment and corresponding first access equipment, and configures default permission information on the default sub-VLAN to the first port through the management channel so that the first access equipment can correspondingly process the resource access request according to the default permission information on the first port when receiving the resource access request sent by the user equipment through the first port.
2. The method of claim 1, wherein the core device identifies a first port and a corresponding first access device accessed by the user device, and after configuring the default privilege information on the default sub-VLAN to the first port through the management channel, the method further comprises:
the core equipment receives an authentication request sent by the user equipment through the first port and corresponding first access equipment, wherein the authentication request comprises the identification of the user;
the core equipment authenticates the user identification according to the authentication request and returns the acquired authentication response to the user equipment;
the core equipment acquires a first department to which the user identification belongs, acquires a first sub-VLAN corresponding to the first department, establishes an association relationship between the user identification and the first sub-VLAN, and deletes the association relationship between the user identification and the default sub-VLAN;
the core device configures the acquired first permission information on the first sub-VLAN to the first port through the management channel to replace the default permission information on the first port, so that when the first access device receives a resource access request sent to the first port by the user device, the first access device performs corresponding processing on the resource access request according to the first permission information on the first port.
3. The method according to claim 1 or 2, wherein the core device identifies a first port and a corresponding first access device accessed by the user device, and after configuring the default permission information on the default sub-VLAN to the first port through the management channel, or after configuring the acquired first permission information on the first sub-VLAN to the first port through the management channel to replace the default permission information on the first port, the method further comprises:
the core device receives a handover request sent by the user equipment, wherein the handover request comprises: the identity of the user and the identity of the corresponding second department;
the core device acquires a second sub-VLAN corresponding to an identifier of a second department, establishes an association relationship between the identifier of the user and the second sub-VLAN, deletes the association relationship between the identifier of the user and the default sub-VLAN, and configures acquired second permission information on the second sub-VLAN to the first port to replace the default permission information on the first port, so that when the first access device receives a resource access request sent by the user device through the first port, the resource access request is correspondingly processed according to the second permission information on the first port; or,
the core device obtains a second sub-VLAN corresponding to an identifier of a second department, establishes an association relationship between the identifier of the user and the second sub-VLAN, deletes the association relationship between the identifier of the user and the first sub-VLAN, and configures the obtained second permission information on the second sub-VLAN to the first port to replace the first permission information on the first port, so that when the first access device receives a resource access request sent by the user device through the first port, the resource access request is correspondingly processed according to the second permission information on the first port.
4. The method of claim 1, wherein before the core device receives the IP application request sent by the user equipment, the method further comprises:
the core equipment acquires default authority information, organization structure information of a department and authority information corresponding to a department identifier; the organization structure information of the department comprises the identification of the department and the identification of the user under the department;
the core equipment creates a main VLAN, creates corresponding sub-VLANs for the identification of each department respectively, and configures the authority information corresponding to the identification of the department to the corresponding sub-VLANs respectively;
the core equipment creates a default sub-VLAN and configures the default authority information to the default sub-VLAN;
wherein the default sub-VLAN and the sub-VLAN are associated with a primary VLAN, respectively.
5. A method for processing network configuration, comprising:
the access equipment receives a protocol IP application request which is sent by user equipment through a first port and is interconnected between networks, and sends the IP application request to the core equipment through a management channel which is established with the core equipment; the core device allocates a corresponding IP address for the device according to the IP application request, and establishes an association relationship between the user identifier in the IP application request and a default sub-VLAN;
the access equipment forwards the received IP address sent by the core equipment to the user equipment through the management channel;
the access device receives default permission information on the default sub-virtual local area VLAN, which is sent by the core device through the management channel, and configures the default permission information identifier to the first port;
and the access equipment receives a resource access request sent by the user equipment through the first port, and correspondingly processes the resource access request according to the default permission information.
6. The method of claim 5, further comprising:
the access device receives an authentication request sent by the user device through the first port, wherein the authentication request comprises: an identity of the user; sending the authentication request to the core device, so that the core device authenticates the user identifier according to the authentication request, acquires a first department to which the user identifier belongs and a first sub-VLAN corresponding to the first department identifier, establishes an association relationship between the user identifier and the first sub-VLAN, and deletes the association relationship between the user identifier and the default sub-VLAN;
the access equipment sends the received authentication response to the user equipment;
the access device receives first permission information on the first sub-VLAN, which is sent by the core device through the management channel, and configures the first permission information to the first port to replace the default permission information on the first port;
when the access device receives a resource access request sent by the user device through the first port, the access device performs corresponding processing on the resource access request according to the first permission information.
7. The method of claim 5 or 6, further comprising:
the access device receives a handover request sent by the user equipment through the first port, where the handover request includes: the identity of the user and the identity of the corresponding second department; sending the switching request to the core device, so that the core device acquires a second sub-VLAN corresponding to an identifier of a second department according to the switching request, establishes an association relationship between the identifier of the user and the second sub-VLAN, and deletes the association relationship between the identifier of the user and the default sub-VLAN or the association relationship between the identifier of the user and the first sub-VLAN;
the access device receives second permission information on the second sub-VLAN, which is sent by the core device through the management channel, and configures the second permission information on the first port to replace the default permission information on the first port or the first permission information on the first port;
when the access device receives a resource access request sent by the user device through the first port, the access device performs corresponding processing on the resource access request according to the second permission information.
8. A processing apparatus for network configuration, comprising:
the device cluster management module is used for establishing a management channel with the access device;
the learning processing module is used for learning the port information of the access equipment through the management channel so as to virtualize the access equipment into a board card of the core equipment;
the receiving and sending module is used for receiving a protocol IP application request which is sent by the user equipment through the management channel and is interconnected among networks;
the IP address allocation module is used for allocating a corresponding IP address for the user equipment according to the IP application request;
the configuration processing module is used for establishing an association relation between the user identifier in the IP application request and a default sub-virtual local area VLAN, and identifying a first port accessed by the user equipment and corresponding first access equipment;
the transceiver module is configured to configure the default permission information on the default sub-VLAN to the first port through the management channel, so that when the first access device receives a resource access request sent by the user device through the first port, the first access device performs corresponding processing on the resource access request according to the default permission information on the first port.
9. The apparatus of claim 8, wherein the transceiver module is further configured to receive an authentication request sent by the user equipment through the first port and a corresponding first access device, and wherein the authentication request includes an identifier of the user;
the apparatus further comprises:
the authentication module is used for authenticating the user identification according to the authentication request;
the transceiver module is further configured to return the acquired authentication response to the user equipment;
the configuration processing module is further configured to obtain a first department to which the user identifier belongs, obtain a first sub-VLAN corresponding to the first department, establish an association relationship between the user identifier and the first sub-VLAN, and delete the association relationship between the user identifier and the default sub-VLAN;
the transceiver module is further configured to configure the acquired first permission information on the first sub-VLAN to the first port through the management channel to replace the default permission information on the first port, so that when the first access device receives a resource access request sent by the user equipment through the first port, the first access device performs corresponding processing on the resource access request according to the first permission information on the first port.
10. The apparatus according to claim 8 or 9, wherein the transceiver module is further configured to receive a handover request sent by the ue, and the handover request includes: the identity of the user and the identity of the corresponding second department;
the configuration processing module is further configured to obtain a second sub-VLAN corresponding to an identifier of a second department, establish an association relationship between the identifier of the user and the second sub-VLAN, and delete the association relationship between the identifier of the user and the default sub-VLAN; the transceiver module is further configured to configure the acquired second permission information on the second sub-VLAN to the first port to replace the default permission information on the first port, so that when the first access device receives a resource access request sent by the user equipment through the first port, the first access device performs corresponding processing on the resource access request according to the second permission information on the first port;
or,
the configuration processing module is further configured to obtain a second sub-VLAN corresponding to an identifier of a second department, establish an association relationship between the identifier of the user and the second sub-VLAN, and delete the association relationship between the identifier of the user and the first sub-VLAN; the transceiver module is further configured to configure the acquired second permission information on the second sub-VLAN to the first port to replace the first permission information on the first port, so that when the first access device receives a resource access request sent by the user equipment through the first port, the first access device performs corresponding processing on the resource access request according to the second permission information on the first port.
11. The apparatus according to claim 8, wherein the transceiver module is further configured to obtain default permission information, organization structure information of a department, and permission information corresponding to an identifier of the department; the organization structure information of the department comprises the identification of the department and the identification of the user under the department;
the apparatus further comprises:
VLAN establishes the module, is used for establishing a main VLAN, and establish the correspondent sub VLAN for the label of each said department separately;
the authority configuration module is used for respectively configuring the authority information corresponding to the department identifier to the corresponding sub-VLAN;
the VLAN creating module is also used for creating a default sub-VLAN;
the permission configuration module is further used for configuring the default permission information to the default sub-VLAN;
wherein the default sub-VLAN and the sub-VLAN are associated with a primary VLAN, respectively.
12. A processing apparatus for network configuration, comprising:
the system comprises a receiving and sending module, a core device and a service module, wherein the receiving and sending module is used for receiving a protocol IP application request which is sent by user equipment through a first port and is interconnected between networks, and sending the IP application request to the core device through a management channel which is established with the core device; the core device allocates a corresponding IP address for the device according to the IP application request, and establishes an association relationship between the user identifier in the IP application request and a default sub-virtual local area VLAN;
the transceiver module is further configured to forward the received IP address sent by the core device to the user equipment through the management channel;
the transceiver module is further configured to receive default permission information on the default sub-VLAN, which is sent by the core device through the management channel;
the configuration module is used for configuring the default authority information identifier to the first port;
the transceiver module is further configured to receive a resource access request sent by the user equipment through the first port;
and the processing module is used for correspondingly processing the resource access request according to the default authority information.
13. The apparatus of claim 12, wherein the transceiver module is further configured to receive an authentication request sent by the ue through the first port, and wherein the authentication request includes: an identity of the user; sending the authentication request to the core device, so that the core device authenticates the user identifier according to the authentication request, acquires a first department to which the user identifier belongs and a first sub-VLAN corresponding to the first department identifier, establishes an association relationship between the user identifier and the first sub-VLAN, and deletes the association relationship between the user identifier and the default sub-VLAN;
the transceiver module is further configured to send the received authentication response to the user equipment;
the transceiver module is further configured to receive first permission information on the first sub-VLAN, which is sent by the core device through the management channel;
the configuration module is further configured to configure the first permission information to the first port to replace the default permission information on the first port;
the transceiver module is further configured to receive a resource access request sent by the user equipment through the first port;
the processing module is further configured to perform corresponding processing on the resource access request according to the first permission information.
14. The apparatus according to claim 12 or 13, wherein the transceiver module is further configured to receive a handover request sent by the ue through the first port, where the handover request includes: the identity of the user and the identity of the corresponding second department; sending the switching request to the core device, so that the core device acquires a second sub-VLAN corresponding to an identifier of a second department according to the switching request, establishes an association relationship between the identifier of the user and the second sub-VLAN, and deletes the association relationship between the identifier of the user and the default sub-VLAN or the association relationship between the identifier of the user and the first sub-VLAN;
the transceiver module is further configured to receive second permission information on the second sub-VLAN, which is sent by the core device through the management channel;
the configuration module is further configured to configure the second permission information to the first port to replace the default permission information on the first port or the first permission information on the first port;
the transceiver module is further configured to receive a resource access request sent by the user equipment through the first port;
and the processing module is also used for correspondingly processing the resource access request according to the second authority information.
15. A communication system, comprising: a core device and an access device; wherein the core device is a processing apparatus configured by the network according to any one of claims 8 to 11; the access device is a processing apparatus configured for the network according to any one of claims 12 to 14.
CN201310652734.3A 2013-12-05 2013-12-05 Method and device for processing network configuration and communication system Active CN103684861B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201310652734.3A CN103684861B (en) 2013-12-05 2013-12-05 Method and device for processing network configuration and communication system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201310652734.3A CN103684861B (en) 2013-12-05 2013-12-05 Method and device for processing network configuration and communication system

Publications (2)

Publication Number Publication Date
CN103684861A true CN103684861A (en) 2014-03-26
CN103684861B CN103684861B (en) 2017-05-24

Family

ID=50321242

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201310652734.3A Active CN103684861B (en) 2013-12-05 2013-12-05 Method and device for processing network configuration and communication system

Country Status (1)

Country Link
CN (1) CN103684861B (en)

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105376132A (en) * 2015-10-27 2016-03-02 上海斐讯数据通信技术有限公司 Client based VLAN (Virtual Local Area Network) configuring system and method
CN105610669A (en) * 2015-12-28 2016-05-25 湖南基石通信技术有限公司 Address distribution method and device for Supervlan flattened network
WO2016206562A1 (en) * 2015-06-23 2016-12-29 华为技术有限公司 Method, device and system for configuring user equipment forwarding table
CN108833362A (en) * 2018-05-23 2018-11-16 邱婧 A kind of equipment access authority control method, apparatus and system
CN110175824A (en) * 2019-05-22 2019-08-27 上海盛付通电子支付服务有限公司 For carrying out the equipment and resource allocation method of resource distribution
CN110519404A (en) * 2019-08-02 2019-11-29 锐捷网络股份有限公司 A kind of policy management method based on SDN, device and electronic equipment

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101427523B (en) * 2006-12-27 2011-07-06 华为技术有限公司 A business-binding method and device
CN102326370A (en) * 2011-08-05 2012-01-18 华为技术有限公司 Message processing method, apparatus and system
US20130034015A1 (en) * 2011-08-05 2013-02-07 International Business Machines Corporation Automated network configuration in a dynamic virtual environment
CN103095495A (en) * 2013-01-06 2013-05-08 华为技术有限公司 Network implementation configuration method, device and system

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101427523B (en) * 2006-12-27 2011-07-06 华为技术有限公司 A business-binding method and device
CN102326370A (en) * 2011-08-05 2012-01-18 华为技术有限公司 Message processing method, apparatus and system
US20130034015A1 (en) * 2011-08-05 2013-02-07 International Business Machines Corporation Automated network configuration in a dynamic virtual environment
CN103095495A (en) * 2013-01-06 2013-05-08 华为技术有限公司 Network implementation configuration method, device and system

Cited By (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2016206562A1 (en) * 2015-06-23 2016-12-29 华为技术有限公司 Method, device and system for configuring user equipment forwarding table
US11005706B2 (en) 2015-06-23 2021-05-11 Huawei Technolgoies Co., Ltd. Method for configuring forwarding table for user equipment, apparatus, and system
CN105376132A (en) * 2015-10-27 2016-03-02 上海斐讯数据通信技术有限公司 Client based VLAN (Virtual Local Area Network) configuring system and method
CN105376132B (en) * 2015-10-27 2019-08-16 上海斐讯数据通信技术有限公司 System and method based on client configuring virtual LAN
CN105610669A (en) * 2015-12-28 2016-05-25 湖南基石通信技术有限公司 Address distribution method and device for Supervlan flattened network
CN108833362A (en) * 2018-05-23 2018-11-16 邱婧 A kind of equipment access authority control method, apparatus and system
CN108833362B (en) * 2018-05-23 2021-05-07 邱婧 Equipment access authority control method, device and system
CN110175824A (en) * 2019-05-22 2019-08-27 上海盛付通电子支付服务有限公司 For carrying out the equipment and resource allocation method of resource distribution
CN110519404A (en) * 2019-08-02 2019-11-29 锐捷网络股份有限公司 A kind of policy management method based on SDN, device and electronic equipment
CN110519404B (en) * 2019-08-02 2022-04-26 锐捷网络股份有限公司 SDN-based policy management method and device and electronic equipment

Also Published As

Publication number Publication date
CN103684861B (en) 2017-05-24

Similar Documents

Publication Publication Date Title
CN104468574B (en) A kind of method, system and device of virtual machine dynamic access IP address
CN107733670B (en) Forwarding strategy configuration method and device
US20200128614A1 (en) Session processing method and device
US9628328B2 (en) Network controller with integrated resource management capability
CN105284080B (en) The virtual network management method and data center systems of data center
CN103684861A (en) Method and device for processing network configuration and communication system
CN107241454B (en) A kind of method, apparatus that realizing address administration, aaa server and SDN controller
CN106302839B (en) Internet protocol IP address allocation method and device
EP3493483A1 (en) Virtual broadband access method, controller, and system
CN107547351B (en) Address allocation method and device
CN114342332B (en) Communication method, device and system
CN102739505B (en) Method and system for controlling virtual channel flow in data center network
CN113765874B (en) Private network and dual-mode networking method based on 5G mobile communication technology
US12058514B2 (en) Virtual tenant for multiple dwelling unit
CN103368780B (en) A kind of service control method and equipment
US20140181279A1 (en) Virtual Console-Port Management
CN104349511B (en) The distribution method and device of AP addresses in wlan network
CN106792821B (en) Access control method and device based on virtual gateway
CN103001953A (en) Method and device for allocating network resources of virtual machines
CN108259633B (en) Method, system and device for realizing management message three-layer communication
CN107343058B (en) IP address distribution system and working method thereof
WO2020259085A1 (en) Network slice-based data processing method and apparatus
WO2024000975A1 (en) Session establishment system and method, electronic device, and storage medium
EP3836487A1 (en) Internet access behavior management system, device and method
JP5937563B2 (en) Communication base station and control method thereof

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant