CN105228154A - A kind of wireless broadband network system and method based on PPPoE certification - Google Patents

A kind of wireless broadband network system and method based on PPPoE certification Download PDF

Info

Publication number
CN105228154A
CN105228154A CN201510512223.0A CN201510512223A CN105228154A CN 105228154 A CN105228154 A CN 105228154A CN 201510512223 A CN201510512223 A CN 201510512223A CN 105228154 A CN105228154 A CN 105228154A
Authority
CN
China
Prior art keywords
vlan
port
wireless broadband
base station
broadband base
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201510512223.0A
Other languages
Chinese (zh)
Inventor
吴伟
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Wang Xiaoxue
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Priority to CN201510512223.0A priority Critical patent/CN105228154A/en
Publication of CN105228154A publication Critical patent/CN105228154A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/08Access security
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L47/00Traffic control in data switching networks
    • H04L47/70Admission control; Resource allocation
    • H04L47/82Miscellaneous aspects
    • H04L47/825Involving tunnels, e.g. MPLS
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W72/00Local resource management
    • H04W72/50Allocation or scheduling criteria for wireless resources
    • H04W72/56Allocation or scheduling criteria for wireless resources based on priority criteria
    • H04W72/566Allocation or scheduling criteria for wireless resources based on priority criteria of the information or information source or recipient
    • H04W72/569Allocation or scheduling criteria for wireless resources based on priority criteria of the information or information source or recipient of the traffic information
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • H04L12/4633Interconnection of networks using encapsulation techniques, e.g. tunneling

Abstract

The invention provides a kind of wireless broadband network system and method based on PPPoE certification.Wherein, this system comprises described user CPE, for accessing with subscriber equipmenies such as PC, and for wireless base station eat dishes without rice or wine access; Described data to be mapped in the identical passage of the VLANID value of configured wireless broadband base station for the access VLANID in described cpe device transparent data by described wireless broadband base station respectively; Described convergence switch, forwards and next legal inner VLAN for restraining, and adds vlan information and forms outside VLAN; Described PPPoE server, whether legal for judging the information such as user name, password of received packet, and forward the packet to PDN.Present invention achieves wireless network signal and can have effective safety protecting mechanism; There is provided a kind of wireless broadband network system of modified model dispatching algorithm, the problem of many wireless users collaborative work under solution Ethernet protocol.

Description

A kind of wireless broadband network system and method based on PPPoE certification
Technical field
The present invention relates to a kind of wireless broadband network communication technology, particularly relate to the PPPoE authenticate wireless broadband network system separated with VLAN, promote network system and the method for existing WAP (wireless access protocol) performance.
Background technology
PPPoE refers to that PointtopointoverEthernet protocol technology is the technology that one relays PPP (pointtopoint) frame information in ethernet networks, is especially widely used in the certification of the broadband access methods such as FTTH, FTTB, xDSL of each telecom operators.The PC surfed the Net by various broadband access method is mostly connected with the Internet by Ethernet card (Ethernet), use ppp protocol, i.e. PointtopointProtocol (peer-peer protocol), this agreement has the function of notice IP address.PPPoverEthernet (PPPoE) agreement, it is the technology relaying PPP frame information in Ethernet, still the common TCP/IP mode of same use, PPPoE can not change original local area network topologies, do not change the implementation method of the media access control sublayer of physical layer and data link layer, it is the secondary encapsulation packet on current internet protocol basis.The Chinese " VLAN " by name of VLAN (VirtualLocalAreaNetwork).VLAN (VLAN) is one group of equipment in logic and user, these equipment and user be not by the restriction of physical location, according to factors such as function and applications, they can be organized, communication each other just looks like that they are the same in the same physical local area network segment, VLAN of gaining the name thus.Vlan technology is operated in the layers 2 and 3 of OSI Reference Model, and a VLAN is exactly a broadcast domain.In a computer network, a double layer network can be divided into multiple different broadcast domain, and specific user's group that broadcast domain is corresponding, under default situations, these different broadcast domains are mutually isolated, thus reach the object of user-isolated broadcast packet.Wireless network transmits data aloft by radio wave, as long as can transmit in coverage and receive data.Therefore, the wireless network safety issue that there is access control and maintain secrecy: search is attacked, information leakage is attacked, wireless identity checking spoofing attack, network adapter with distort and the security threat such as Denial of Service attack.The opening Design that wireless medium signal is propagated due to it, makes it be difficult to implement effective protection to transmission medium thus cause signal transmission may be intercepted and captured by other people in the process of transmission.Therefore how to be wireless network signal when networking and network design to implement effective safety protecting mechanism and just become the key subjects that active wireless network faces.Different from these mobile broadbands such as 3G, 4G, IEEE802.11 family agreement is WiMAX---the access way of-this " nomadic " formula popular at present.As everyone knows, Ethernet uses Carrier Sense Multiple Access and collision detection (CSMA/CD) technology to carry out a shared channel resource.The mode of operation all fours of wireless ethernet and wired ethernet, what all adopt band collision detection intercepts multiple access mechanism: if find line be busy in intercepting, again intercept after then waiting for a time delay, if still hurry, then continue to postpone to wait for, until other user CPE (CustomerPremiseEquipment) send end 9.6 μ s ability transmission information (guarantee enough distances that signal can effectively transmit, namely coverage distance is generally no more than 2.9 kilometers).The Time Inconsistency of each time delay, by back off algorithm determination delay value.If find data collision in process of transmitting, first send blockage information, strengthening conflict, then carry out monitoring work, to treat that next time resends.In real network, Ethernet may work compare compared with normal when user CPE is fewer.But, when user CPE obviously increases, each user data may can be sent at random, the probability producing collision increases, and can cause and constantly repeat to dodge, constantly retransmit again, cause more serious collision, i.e. the network degenerate problem of so-called network throughput decline generation.Facts have proved, when the distance when between multiple user CPE is more than 50 meters, well can not intercepts other users whether send information because distance or occlusion issue always exist certain or certain user CPE; When these users can't hear the information of any transmission, just start transmission, run into conflict and " evade yielding ", be i.e. so-called " concealed nodes " problem, this phenomenon exacerbates network degenerate problem again further.
In view of above-mentioned, how to find a kind of not same area VLAN that can realize to carry out the system and method for PPPoE dialing, make wireless network signal implement there is effective safety protecting mechanism; Under how solving Ethernet (Ethernet) agreement, many wireless users mode of operation becomes those skilled in the art's two problems urgently to be resolved hurrily.
Summary of the invention
In view of with the difficult point of above-mentioned technology; the object of the present invention is to provide a kind of not same area VLAN that can realize to carry out the system and method for PPPoE dialing, for solve telecom operators large-scale broadband network in wireless network signal implement to have the problem of effective safety protecting mechanism.A kind of wireless broadband network system of modified model dispatching algorithm is provided, while guarantee throughput of wireless networks is maximum, also ensure that user has equal opportunity to be called, the problem of many wireless users collaborative work under solution Ethernet (Ethernet) agreement.
The invention provides one and have effective safety protecting mechanism wireless broadband network system (networking structure is shown in Fig. 1); it is characterized in that; the PPPoE network system of described different VLAN comprises: more than one the user CPE, wireless broadband base station, convergence switch, the PPPoE server that are connected with wireless broadband base station; wherein
Described user CPE, for accessing with subscriber equipmenies such as PC, and for wireless base station eat dishes without rice or wine access;
Described wireless broadband base station, there are for receiving described user's cpe device transparent transmission the data of different access VLANID mark, described data are mapped to respectively in the identical passage of the VLANID value of configured wireless broadband base station according to the access VLANID in described cpe device transparent data, described wireless broadband base station judges whether that the data allowing this VLANID enter, if allowed, be forwarded to convergence switch, otherwise abandon;
Described convergence switch, for restraining all by the legal inner VLAN that wireless broadband base station forwards, vlan information is added further in the basis of inner VLAN, forms outside VLAN;
Described PPPoE server, for resolving ectonexine VLAN, judges that whether the information such as the user name of received packet, password legal, and will after legitimate authentication message repeating to PDN.
The top layer framework of user CPE, wireless broadband base station adopts the generic structure (see Fig. 4) of Atheros, primarily of four part compositions:
One, operating system abstract layer, this is a kind of API structure for calling, response when converting system calling to for primitive of operating system.Such as register read-write translates into packet in wireless buffer memory, and various task control.
Two, the driving interface of 802.11, high-rise APP is transferred to the conversion of fusion architecture " generalized calls " by this, and passes to MAC layer use.
Three, the first half of MAC layer, which includes in IEEE802.11xx agreement and applies about the process of wireless broadband base station BS and user CPE, and provide the interface of protocol stack.Under normal circumstances, protocol stack comprises 802.11 state machines, scans and need other equipment that IEEE802.11 supports.
Four, the latter half of MAC layer, wherein comprises hardware abstraction HAL layer and device object ATH layer, and this one deck take hardware as core.Hardware abstraction HAL layer provides the bottom primitive of chip, usually by bottom layer driving directly and HAL mutual.
Device object ATH layer comprises:
ATHDEV module, realizes transmission and receives, and converges, and the generation of RIFD, MIMO, beacon, cache management, wireless awakening support and universal input output.
RateControl (rate control algorithm), if channel changes, rate control algorithm can automatically increase or decrease speed to ensure and transmit the most reliably.
PacketLoging (bag record), provides a bottom control mechanism to catch such as to launch, receives, speed upgrades, converges, ANI etc.
Place mat sublayer: make an amendment relative to existing top layer MAC interface, matting layer adopts standard agreement to communicate with HAL, ATH layer, to obtain state.
For achieving the above object and other relevant objects, the invention provides a kind of also method based on PPPoE authenticate wireless broadband network, it is characterized in that, the PPPoE network system of described different VLAN comprises: more than one the user CPE, wireless broadband base station, convergence switch, the PPPoE server that are connected with wireless broadband base station, and described method comprises:
The setting of described user CPE comprises: cable port type is set to access type, and cable port communicates with user PC with stripping vlan information by adding; Radio port type is set to hybrid type, by a kind of modified model dispatching algorithm transmitting-receiving message, port allow institute receive transmission message all information of described wireless broadband base station wireless connections are being forwarded by the VLAN of specific ID, this VLANID called after inner VLAN.
The setting of described wireless broadband base station port comprises: radio port type is set to hybrid type, by the message that user CPE described in a kind of modified model dispatching algorithm transparent transmission, verification, error correction forwards, untag configuration on wireless receiving port need not be considered, untag configuration is only worked to during transmission message; Cable port allow institute receive transmission all information that message is connecting described wireless broadband base station forwarded by inner VLAN, judge whether this hybrid port allows the data of this VLAN to enter, if allowed, forwards, otherwise abandons.
The setting of described convergence switch port comprises: port type is set to hybrid type, and port convergence, all by the legal inner VLAN that wireless broadband base station forwards, vlan information is added further in the basis of inner VLAN, forms outside VLAN;
The setting of described PPPoE Service-Port comprises: port type is set to hybrid type, and port allows the message received after PPPoE server account and cipher authentication, being forwarded to PDN to all information.
Compare the existing 802.11 CSMA/CD algorithms adopted, proportional fair algorithm (ProportionalFair, PF) be a kind of dispatching algorithm of compromise, its objective is while guarantee throughput of wireless networks is maximum, also ensure that user has equal opportunity to be called.The several because have of PF dispatching algorithm are affected, quality of wireless channel, user CPE buffer update state, the average scheduled time of each user in wireless broadband network system, and QOS parameter etc.
PF has better fairness compared with traditional MAXC/I, algorithm not only considers the difference in multi-user's gain, also consider that single user brings the impact of time difference under channel fade conditions, PF algorithm can select reasonable time point, suitable user, suitable resource to carry out transfer of data.
PF algorithm carries out User Priority sequence according to formula below:
FF = ∑ i = 1 n MCS ( i , t ) × m 1 + HistoryThroughput
MCS (i, t): the configuration of radio frequency speed is realized by MCS (ModulationandCodingScheme, modulation and coding strategy) index value.A kind of representation that MCS modulating-coding table is 802.11n communication speed and proposes.MCS, using the row of the paid close attention to factor affecting communication speed as table, using MCS index as row, forms a Speedometer Drive.Following table is shown as the theoretical throughput rate table of comparisons of MCS rank.
M: the artificial priority weighting revised.When CPE accesses wireless broadband base station, level of priority information is consulted by inner, with
The MCS rank theoretical throughput table of comparisons
Request method is told wireless broadband base station and is recorded in scheduling parameter table, and this parameter determines the weight distributing to each CPE.
HistoryThroughput = ( 1 - α ) × HistoryThroughput ( 1 - α ) × HistoryThroughput + α × MCS ( i , t )
α is filtering factor, and usual value is 0.01 to 0.05, MCS (i, t) is the transmission bandwidth that a upper TTI has dispatched rear actual allocated, if CPE not scheduling in a upper TTI, uses first expression formula; If be scheduled in a upper TTI moment, used second expression formula.
From long-term angle, PF algorithm can ensure that the user CPE in wireless broadband base station coverage can be scheduled with identical bandwidth, is therefore considered to fair dispatching algorithm.Meanwhile, PF algorithm also can obtain a relatively high system throughput when the carrier/interface ratio of scheduled user is relatively good.
In a network, the CPE that enlivens in numerous user CPE is divided into active set (Activeset) by wireless broadband base station, normally sends the CPE of data or frequent initiating communication request, such as video traffic, online game, voip etc. always; The CPE of removing active set is divided into residual set (Remainingset), normally stops people's website or low frequency of utilization website, such as Email, HttP business.See Fig. 5.
Wireless broadband base station bears controller function, Activeset, Remainingset is indicated according to MAC Address, usually with the format management of a form, also just like parameters such as priority in form.
Inquiry starts, and wireless broadband base station, according to the priority sequencing of dispatching algorithm, is first selected a transmission that priority is the highest polling signal from Activeset, processed a polling algorithm;
When poll Activeset does not respond or time-out, then epicycle poll failure website is transferred to Remainingset from Activeset;
After the poll 2 of the whole website of existing Activeset is taken turns, from Remainingset, and then according to priority select a website again send first time poll, then enter response and wait for.Wireless broadband base station will be for further processing according to response results.
If response is from Remainingset, then processes the data received at once and website is moved to Activeset, and starting next cycle Activeset is inquired about; Do not have data to need to send if inquired about in the buffer memory of website in Remainingset, this website is continued to stay in Remainingset.See Fig. 6.
Alternatively, described user CPE, wireless broadband base station, convergence switch comprise with the setting of the port that PPPoE server (BAS) is connected: port type is set to trunk type, allow institute receive transmission message all information of described connection are being forwarded by VLAN; Described wireless broadband base station connection belongs to the corresponding VLAN of described VLANID to be had and only has a user CPE.
Alternatively, described wireless broadband base station connects multiple VLAN, the described convergence switch port be connected with wireless broadband base station port arranges and comprises: port type is set to hybrid type, and port is allow to forward described all needs of user CPE connection and the VLAN of PPPoE server communication.
Alternatively, it is all different that described PPPoE server place VLAN and other ports of described convergence switch arrange corresponding VLAN, or described PPPoE server place VLAN is one of VLAN corresponding to VLANID that described convergence switch port is arranged.
The present invention also provides the PPPoE network method of a kind of not same area VLAN in wireless broadband network, be applied to and include in the PPPoE network of multiple VLAN, the PPPoE network method of described not same area VLAN comprises: the wireless broadband base station be connected with PPPoE server described, convergence switch port are arranged, comprise: port type is set to hybrid type, port is set to allow the message relevant to the VLAN preset to forward, and described default VLAN comprises the VLAN of needs that all described wireless broadband base stations are connected by port and PPPoE server communication.
Alternatively, the PPPoE network method of described not same area VLAN also comprises: it is all different that described PPPoE server place VLAN and other ports of described convergence switch arrange corresponding VLAN, or described PPPoE server place VLAN is VLAN corresponding to VLANID that arrange of other ports of described convergence switch any one.
Alternatively, the PPPoE network method of described not same area VLAN also comprises: the PPPoE message that user CPE sends is that the convergence switch port repeat of the ID of described VLAN is in PPPoE server by ectonexine VLANID.
Alternatively, the PPPoE network method of described not same area VLAN also comprises: the PPPoE message that described PPPoE server sends is forwarded to all described needs of convergence switch port connection and the VLAN of PPPoE server communication by described convergence switch.
As mentioned above, the PPPoE network system of user CPE of the present invention, wireless broadband base station, not same area VLAN and method, have following beneficial effect: by user CPE, wireless broadband base station to the process of VLAN message institute tape label, allow the broadcasting packet of PPPoE can process not same area VLAN.It also avoid in local area network (LAN) because ARP cheats the problem of could not get on to the Net simultaneously.
Accompanying drawing explanation
Fig. 1 is shown as the module diagram of an embodiment of the PPPoE network system of not same area VLAN of the present invention.
Fig. 2 is shown as the topological structure schematic diagram of an embodiment of the PPPoE network system of not same area VLAN of the present invention.
Fig. 3 is shown as the schematic flow sheet of an embodiment of the PPPoE network method of not same area VLAN of the present invention.
Fig. 4 is shown as the generic structure of Atheros
Fig. 5 is shown as the query specification of active set (Activeset) and residual set (Remainingset)
Fig. 6 is shown as proportional fair algorithm (ProportionalFair, PF) scheduling flow
Fig. 7 is shown as PPPoE process of establishing
S1 ~ S3 step
Embodiment
Below by way of specific instantiation, embodiments of the present invention are described, those skilled in the art the content disclosed by this specification can understand other advantages of the present invention and effect easily.The present invention can also be implemented or be applied by embodiments different in addition, and the every details in this specification also can based on different viewpoints and application, carries out various modification or change not deviating under spirit of the present invention.
It should be noted that, the diagram provided in the present embodiment only illustrates basic conception of the present invention in a schematic way, then only the assembly relevant with the present invention is shown in graphic but not component count, shape and size when implementing according to reality is drawn, it is actual when implementing, and the kenel of each assembly, quantity and ratio can be a kind of change arbitrarily, and its assembly layout kenel also may be more complicated.
The invention provides a kind of user CPE, wireless broadband base station.Described user CPE, wireless broadband base station support three kinds of port modes, comprise access, trunk, hybrid.Three kinds of Linktypes (see table 2) of switch ports themselves, ethernet port has three kinds of Linktypes: access, trunk, hybird.
Access interface: access port can only carry the flow of a vlan, be generally used for the interface that switch is connected with PC, when access interface receives a Frame, first judge whether vlan information, if not, stamp the PVID of oneself, if had, directly abandon; When access interface will forward a Frame, the vlan first judging this Frame whether with oneself at a vlan, if so, then peel off vlan information, then forward, if not, then abandon.
Trunk interface: trunk interface can carry the flow of multiple vlan, only allows acquiescence vlan not marking.Be generally used for the interface be connected with other switch.When trunk interface receives a Frame, first judge whether to allow the flow of this vlan to pass through, if allowed, be then forwarded to corresponding interface, processed by corresponding interface, if do not allowed, then abandon.When trunk interface sends Frame, judge whether equally to allow this vlan to pass through, if allowed, be forwarded to corresponding interface, processed by corresponding interface, if do not allowed, then directly abandon.
Hybrid interface: hybrid interface can carry the flow of multiple vlan, can be used on the interface be connected with PC or switch, is can to any vlan marking (Tag) or not marking (unTag) with the maximum difference of trunk interface.When hybrid interface Frame, first judge whether this Frame has vlan information, if had, then see that whether this interface is to this vlan marking, if to this vlan marking, be then forwarded directly to corresponding interface, processed by corresponding interface; If not specifically to this vlan marking, then abandoned.Because under default situations, hybrid interface only allows the Frame giving tacit consent to vlan to pass through, if other vlan will be allowed to pass through, and will to corresponding vlan marking.If the Frame received is without any mark, be then labeled as the PVID of oneself.Interface configures role just permission and the problem not allowing the Frame of this vlan to pass through is marked to some vlan, interface is configured to only work when interface sends Frame to during some vlan not marking, when interface receives data, be inoperative.When hybrid interface sends Frame, if this Frame has mark, then judge the mark vlan of this Frame with oneself whether at same vlan, if at same vlan, then forward after removing mark; If this Frame not at same vlan, then judges that interface is mark to this Frame or does not mark, if do not mark with oneself, forward again after then removing mark, if mark, then directly forward, be mark if do not clearly state, still do not mark, then directly abandon.If the Frame sent does not mark, then directly forward.
In one embodiment, a port of described wireless broadband base station is connected with PPPoE server, radio port is connected with user CPE, wherein: the setting of the described wireless broadband base station port be connected with PPPoE server comprises: port type is set to hvbrid type, port allows the VLAN of all needs of message and the PPPoE server communication received to forward; The radio port of the described wireless broadband base station connecting user CPE is arranged and comprises: port type is set to hybrid type, port arranges and allows to forward VLANID corresponding VLAN and described PPPoE server place VLAN.Following table is shown as the Different treatments of different port types to message
The present invention also provides the PPPoE network system of a kind of not same area VLAN.In one embodiment, as shown in Figure 1, the PPPoE network system of described not same area VLAN comprises user CPE, wireless broadband base station, Packet Transport Network, convergence switch and PPPoE server (BAS).Wherein:
In one embodiment, the topological structure of the PPPoE network system of described not same area VLAN as shown in Figure 2, wherein, wireless broadband base station is that support hybrid, to meet a 802.11 process transformations wireless router, is connected respectively with user CPE, convergence switch and PPPoE server.Wherein the configuration of convergence switch is as follows:
Vlan10 (creating VLAN10)
Interfaceg0/1 (enter G0/1 port, connect access user port)
Switchpvid10 (putting g0/1 under VLAN10)
Interfaceg0/2 (connecting wireless broadband base station port)
Switchmodetrunk (port being set to trunk pattern)
Interfacegigabitethernet1/0/3 (connecting PPPoE Service-Port)
Portlink-typehybird
Porthybirdvlan1020untagged
Only a VLAN is configured in Fig. 3.If need more VLAN to configure, as long as the cable port of wireless broadband base station, radio port port arrangement are become hybird port, and this port is arranged allow to forward this port newly-increased corresponding VLAN and described PPPoE server place VLAN.In one embodiment, if convergence switch only uses as Layer 2 switch, simple trunk port arrangement can be carried out; If also divided multiple VLAN under convergence switch, its port be connected with wireless broadband base station also will make hybird port, configures accordingly.In the present embodiment, namely the subscriber's main station of the corresponding VLAN of user CPE of access wireless broadband base station can configure fixing IP and surf the Net, and also PPPoE can be adopted to connect by VLAN and dial up on the telephone.
PPPoE process of establishing can be divided into Discovery (discovery) stage and PPP session stage (see Fig. 7).When a PC looks on the bright side of things a beginning pppoe session, first it must carry out discovery phase to identify the ethernet mac address of opposite end, and set up the SESSON_ID of a PPPoE.The Discovery stage is a stateless stage, and this stage mainly selects access server, determines the PPP Session ID SessionID that will set up, and obtains the link information of the other side's point-to-point simultaneously; The PPP process of PPP session stage operative norm.Complete when this stage, the SESSON_ID of PPPoE and the ethernet address of opposite end are all known in the two ends of communication, and they together define a unique pppoe session.These steps comprise PC and broadcast an initiation packet (PADI), one or more PPPoE server sends respond packet (PADO), PC sends request grouping (PADR) to the server chosen, and the PPPoE server chosen sends an acknowledgment packet (PADS) to PC.When PC receives the confirmation grouping, it can start to carry out PPP session stage.When PPPoE server sends out acknowledgment packet, it can start PPP session.
The present invention also provides the PPPoE network method of a kind of not same area VLAN, is applied to and includes in the PPPoE network of multiple VLAN, and the PPPoE network method of described not same area VLAN comprises:
Step S1, the wireless broadband base station port be connected with convergence switch is arranged, comprise: port type is set to hybrid type, port is set to allow to forward default message, and described default VLAN comprises the VLAN of all needs of being connected by port and PPPoE server communication.
Step S2, the wireless broadband base station port be connected with user CPE is arranged, comprise: port type is set to hybrid type, port arranges the VLANID that wireless broadband base station allows to use, and port arranges and allows to need the VLAN with PPPoE server communication to forward.
Step S3, arranges for the user's CPE port be connected with PC, comprising: port type is set to access type, and port is set to allow to forward the default message of user.
In sum, the wireless broadband network system and method for the PPPoE certification of a kind of not same area VLAN of the present invention can by the process to VLAN message institute tape label, allow the broadcasting packet of PPPoE can in different vlan communication, make user realize penetrating VLAN and carry out PPPoE and dial up on the telephone.Avoid in the local area network (LAN) of multi-VLAN because network security problems such as ARP deceptions simultaneously.
So the present invention effectively overcomes various shortcoming of the prior art and tool high industrial utilization.
Above-described embodiment is illustrative principle of the present invention and effect thereof only, but not for limiting the present invention.Any person skilled in the art scholar all without prejudice under spirit of the present invention and category, can modify above-described embodiment or changes.Therefore, such as have in art usually know the knowledgeable do not depart from complete under disclosed spirit and technological thought all equivalence modify or change, must be contained by claim of the present invention.

Claims (10)

1. the wireless broadband network system based on PPPoE certification, it is characterized in that, the PPPoE network system of described different VLAN comprises: more than one the user CPE, wireless broadband base station, convergence switch, the PPPoE server that are connected with wireless broadband base station, wherein
Described user CPE, for accessing with subscriber equipmenies such as PC, and for wireless base station eat dishes without rice or wine access;
Described wireless broadband base station, there are for receiving described user's cpe device transparent transmission the data of different access VLANID mark, described data are mapped to respectively in the identical passage of the VLANID value of configured wireless broadband base station according to the access VLANID in described cpe device transparent data, described wireless broadband base station judges whether that the data allowing this VLANID enter, if allowed, be forwarded to convergence switch, otherwise abandon;
Described convergence switch, for restraining all by the legal inner VLAN that wireless broadband base station forwards, vlan information is added further in the basis of inner VLAN, forms outside VLAN;
Described PPPoE server, for resolving ectonexine VLAN, judges that whether the information such as the user name of received packet, password legal, and will after legitimate authentication message repeating to PDN.
2. system according to claim 1, is characterized in that, described user CPE includes line cap and radio port: cable port is access type, for the unique interface of described network system and subscriber equipment; Radio port is hybrid type, port for allow receive send message forward in the inner VLAN of all messages connected described wireless broadband base station by specific ID.
3. system according to claim 1, is characterized in that, described wireless broadband base station includes line cap and radio port: whether radio port is valid data for screening user's message, the message that described in transparent transmission, verification, error correction, user CPE forwards; Cable port for allow receive send all information that message is connecting described wireless broadband base station forwarded by inner VLAN, judge whether this hybrid port allows the data of this VLAN to enter, if allowed, forwards, otherwise abandons.
4. the system according to Claims 2 or 3, is characterized in that, described user CPE and wireless broadband base station are also for optimizing, improving, improve scheduling interface-free resources efficiency.
5. the method based on the wireless broadband network of PPPoE certification, it is characterized in that, the PPPoE network system of described different VLAN comprises: more than one the user CPE, wireless broadband base station, convergence switch, the PPPoE server that are connected with wireless broadband base station, and described method comprises:
The setting of described user CPE comprises: cable port type is set to access type, and cable port communicates with user PC with stripping vlan information by adding; Radio port type is set to hybrid type, by a kind of modified model dispatching algorithm transmitting-receiving message, port allow institute receive transmission message all information of described wireless broadband base station wireless connections are being forwarded by the VLAN of specific ID, this VLANID called after inner VLAN
The setting of described wireless broadband base station port comprises: radio port type is set to hybrid type, by the message that user CPE described in a kind of modified model dispatching algorithm transparent transmission, verification, error correction forwards, untag configuration on wireless receiving port need not be considered, untag configuration is only worked to during transmission message; Cable port allow institute receive transmission all information that message is connecting described wireless broadband base station forwarded by inner VLAN, judge whether this hybrid port allows the data of this VLAN to enter, if allowed, forwards, otherwise abandons,
The setting of described convergence switch port comprises: port type is set to hyhrid type, and port convergence, all by the legal inner VLAN that wireless broadband base station forwards, vlan information is added further in the basis of inner VLAN, forms outside VLAN;
The setting of described PPPoE Service-Port comprises: port type is set to hybrid type, and port allows the message received after PPPoE server account and cipher authentication, being forwarded to PDN to all information.
6. method according to claim 5, is characterized in that, described method also comprises:
Described user CPE, wireless broadband base station, convergence switch also comprise with the setting of the port that PPPoE server (BAS) is connected: port type is set to trunk type, allow institute receive transmission message all information of described connection are being forwarded by VLAN; Described wireless broadband base station connection belongs to the corresponding VLAN of described VLANID to be had and only has a user CPE.
7. method according to claim 5, is characterized in that, described method also comprises:
The wireless broadband base station be connected with PPPoE server described, convergence switch port are arranged, comprise: port type is set to hybrid type, port is set to allow the message relevant to the VLAN preset to forward, and described default VLAN comprises the VLAN of needs that all described wireless broadband base stations are connected by port and PPPoE server communication.
8. method according to claim 5, is characterized in that, described method also comprises:
It is all different that described PPPoE server place VLAN and other ports of described convergence switch arrange corresponding VLAN, or described PPPoE server place VLAN is one that described convergence switch port sends out VLAN corresponding to the VLANID that puts.
9. method according to claim 5, it is characterized in that, in a network, numerous user CPE is divided into active set (Activeset) by wireless broadband base station, residual set (Remainingset), and with the format management of a form, also as parameters such as priority in form; To active set give according to priority give more preferably enquiry machine meeting, give more air transmission resource, and give the user CPE mechanism transformed mutually at active set, residual set along with data mode in buffer memory.
10. method according to claim 9, is characterized in that, PF algorithm carries out User Priority sequence according to formula below:
FF = Σ i = 1 n MCS ( i , t ) × m 1 + HistoryThroughput
MCS (i, t): the configuration of radio frequency speed is realized by MCS (ModulationandCodingScheme, modulation and coding strategy) index value;
M: the artificial priority weighting revised, this parameter determines the weight distributing to each CPE.
HistoryThroughput = ( 1 - α ) × HistoryThroughput ( 1 - α ) × HistoryThroughput + α × MCS ( i , t )
α is filtering factor, and usual value is 0.01 to 0.05.
CN201510512223.0A 2015-08-15 2015-08-15 A kind of wireless broadband network system and method based on PPPoE certification Pending CN105228154A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201510512223.0A CN105228154A (en) 2015-08-15 2015-08-15 A kind of wireless broadband network system and method based on PPPoE certification

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201510512223.0A CN105228154A (en) 2015-08-15 2015-08-15 A kind of wireless broadband network system and method based on PPPoE certification

Publications (1)

Publication Number Publication Date
CN105228154A true CN105228154A (en) 2016-01-06

Family

ID=54996767

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201510512223.0A Pending CN105228154A (en) 2015-08-15 2015-08-15 A kind of wireless broadband network system and method based on PPPoE certification

Country Status (1)

Country Link
CN (1) CN105228154A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108282462A (en) * 2017-12-25 2018-07-13 曙光信息产业(北京)有限公司 A kind of device of isolation service network and management net

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060002351A1 (en) * 2004-07-01 2006-01-05 Telefonaktiebolaget L M Ericsson (Publ) IP address assignment in a telecommunications network using the protocol for carrying authentication for network access (PANA)
CN101022460A (en) * 2007-03-06 2007-08-22 华为技术有限公司 Identifying method and system
CN101166093A (en) * 2007-08-22 2008-04-23 杭州华三通信技术有限公司 An authentication method and system
CN101789906A (en) * 2010-02-24 2010-07-28 杭州华三通信技术有限公司 Method and system for access authentication of user
CN104660527A (en) * 2015-03-20 2015-05-27 上海斐讯数据通信技术有限公司 Service switch, virtual local area network (VLAN)-spanning point-to-point protocol over Ethernet (PPPoE) network system and VLAN-spanning PPPoE network method

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060002351A1 (en) * 2004-07-01 2006-01-05 Telefonaktiebolaget L M Ericsson (Publ) IP address assignment in a telecommunications network using the protocol for carrying authentication for network access (PANA)
CN101022460A (en) * 2007-03-06 2007-08-22 华为技术有限公司 Identifying method and system
CN101166093A (en) * 2007-08-22 2008-04-23 杭州华三通信技术有限公司 An authentication method and system
CN101789906A (en) * 2010-02-24 2010-07-28 杭州华三通信技术有限公司 Method and system for access authentication of user
CN104660527A (en) * 2015-03-20 2015-05-27 上海斐讯数据通信技术有限公司 Service switch, virtual local area network (VLAN)-spanning point-to-point protocol over Ethernet (PPPoE) network system and VLAN-spanning PPPoE network method

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
刘颖: "QinQ隧道技术在宽带城域网组网中的应用", 《中国优秀硕士学位论文全文数据库》 *

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108282462A (en) * 2017-12-25 2018-07-13 曙光信息产业(北京)有限公司 A kind of device of isolation service network and management net
CN108282462B (en) * 2017-12-25 2021-08-31 中科曙光信息产业成都有限公司 Device for isolating service network and management network

Similar Documents

Publication Publication Date Title
Gast 802.11 wireless networks: the definitive guide
Cena et al. Seamless link-level redundancy to improve reliability of industrial Wi-Fi networks
CN105230068B (en) Data transmission method and equipment
CN106717053A (en) Integrated circuit for wireless communication, wireless communication terminal, and wireless communication method
CN109889499A (en) File transmitting method and relevant apparatus
CN101022394A (en) Method for realizing virtual local network aggregating method and converging exchanger
CN103404179A (en) Wireless local area network cooperated data transmission method, device and system
EP3190830A1 (en) Service processing method and device
WO2012028030A1 (en) Method for multi-user acknowledgement feedback, and station for feeding back acknowledgment
CN105245695B (en) A kind of method and system improving wechat AirKiss compatibility
CN104168273B (en) The method and system of TCP agent are realized under a kind of thin ap mode
EP1714257A2 (en) Method and system for multicast scheduling in a wlan
US10856204B2 (en) Network master device and network communication method for realizing cooperative service set
CN106454812A (en) Method and device for receiving data
JP2010056819A (en) Communication network system for virtual private network, line connection device, and band control method
CN105228154A (en) A kind of wireless broadband network system and method based on PPPoE certification
CN107371267B (en) A kind of data transmission method and terminal
CN110012506A (en) A kind of data transmission method and communication equipment
CN115087994A (en) Method and system for privacy preserving information exchange
CN100356725C (en) Managing method for network facilities
CN104066204B (en) Data back system under dual-mode base station
Li et al. System design for multiple users cooperative communication in LTE
CN104349399B (en) A kind of method and wlan system that up-downgoing covering matching is realized in wlan system
Balkonis WIFI evolution “beyond WIFI 6”
KR100423392B1 (en) An Interface Device for Wireless LAN Access Point

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
TA01 Transfer of patent application right

Effective date of registration: 20181204

Address after: 750000 No. 9 Lansheng West Street, Yinchuan City, Ningxia Hui Autonomous Region

Applicant after: Wang Xiaoxue

Address before: 124010 Wu Wei, Operations and Maintenance Department, Unicom, Zhaojia Development Zone, Panjin City, Liaoning Province

Applicant before: Wu Wei

TA01 Transfer of patent application right
WD01 Invention patent application deemed withdrawn after publication

Application publication date: 20160106

WD01 Invention patent application deemed withdrawn after publication