CN105306619A - Management method of AC for multiple AP in NAT - Google Patents
Management method of AC for multiple AP in NAT Download PDFInfo
- Publication number
- CN105306619A CN105306619A CN201510675482.5A CN201510675482A CN105306619A CN 105306619 A CN105306619 A CN 105306619A CN 201510675482 A CN201510675482 A CN 201510675482A CN 105306619 A CN105306619 A CN 105306619A
- Authority
- CN
- China
- Prior art keywords
- message
- capwap
- sessionid
- tunnel
- nat
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements, protocols or services for addressing or naming
- H04L61/09—Mapping addresses
- H04L61/25—Mapping addresses of the same type
- H04L61/2503—Translation of Internet protocol [IP] addresses
- H04L61/256—NAT traversal
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W24/00—Supervisory, monitoring or testing arrangements
- H04W24/02—Arrangements for optimising operational condition
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W92/00—Interfaces specially adapted for wireless communication networks
- H04W92/04—Interfaces between hierarchically different network devices
- H04W92/12—Interfaces between hierarchically different network devices between access points and access point controllers
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W84/00—Network topologies
- H04W84/02—Hierarchically pre-organised networks, e.g. paging networks, cellular networks, WLAN [Wireless Local Area Network] or WLL [Wireless Local Loop]
- H04W84/10—Small scale networks; Flat hierarchical networks
- H04W84/12—WLAN [Wireless Local Area Networks]
Abstract
The invention discloses a management method of AC for multiple AP in NAT. The management method comprises the following steps: at first, achieving a process of finding the AC by the AP according to a capwap standard protocol; then modifying a message at a Join Request stage according to the capwap standard protocol, carrying a Session ID message in the message to uniquely mark a CAPWAP tunnel communicating with a certain AP, recording the corresponding relationship by the AC, continuously maintaining the corresponding relationship, and replying a normal Join Request reply message; achieving two groups of messages of configuration release and state update of the AP according to the capwap standard protocol; and in a normal operation process of the AP and the AC, modifying the capwap standard protocol, namely modifying a Data Channel Keep Alive message, and carrying SessionID in the Data Channel Keep Alive message to guarantee the normal use of a data tunnel. The management method of AC for multiple AP in NAT can be used for solving the problem that the AP and the AC cannot penetrate through the NAT.
Description
Technical field
The invention belongs to WLAN (wireless local area network) field, particularly relate to a kind of AC for the management method of many AP being positioned at NAT inside.
Background technology
WLAN (WirelessLocalAreaNetwork, WLAN (wireless local area network)) provide a kind of wireless connection service of local area network (LAN), AP (AccessPoint, WAP (wireless access point)) be wireless transmitting-receiving equipments in WLAN (wireless local area network), for becoming wireless signal to send the data transaction received from cable network such as internet Internet, converting the wireless signal received to data and being forwarded to cable network.
WiFi network for present operation character is more and more general, and the increasing problem of node of AP, the centralized management of AP becomes one of its most important characteristic.By CAPWAP (ControlAndProvisioningofWirelessAccessPointsProtocolSpec ification, the control of WAP (wireless access point) and configuration protocol) tunneling technique realize Centralized WLAN network in, if AP be deployed in NAT device after with AC (ACAccesscontroller, wireless controller) be connected, between AP and AC, message interaction can passing through NAT (NetworkAddressTranslation, network address translation) then to need some special processings to support.In this case, present identical IP address after the message being hidden in NAT all AP behind crosses NAT, AC is owing to differentiating AP by the source IP of message thus produce some difficulties in process.
Summary of the invention
In order to overcome the deficiencies in the prior art, the invention provides a kind of AC for the management method of many AP being positioned at NAT inside, it can solve between AP and AC can not the problem of passing through NAT.
A kind of AC that the present invention proposes, for the management method of many AP being positioned at NAT inside, comprises the following steps:
S1, according to capwap standard agreement, realize AP and find the process of AC;
S2, foundation capwap standard agreement, the message in JoinRequest stage is transformed, in message, bring SessionID message into identify the CAPWAP tunnel communicated with some AP uniquely, AC can record this corresponding relation, and this corresponding relation of persistence maintenance, reply normal JoinRequest response message;
S3, foundation capwap standard agreement, realize configuration distributing and state updating two groups of messages of AP;
S4, in AP and AC normal course of operation, the standard agreement of capwap to be improved, namely transform DataChannelKeepAlive message, in DataChannelKeepAlive message, carry sessionID to ensure the normal use of data tunnel.
Further, in described step S2, the SessionID message needing AP to bring in JoinRequest message in the process adding AC identifies the CAPWAP tunnel communicated with some AP uniquely, and realizes the CAPWAP control channel of this AP and the binding of data channel.
Further, front 6 bytes of described SessionID directly insert the MAC Address of AP, and rear 10 byte random numbers are filled.
Further, described step S4 comprises:
In AP side, after receiving the ChangeStateEventResponse message that AC responds to it, namely send DataChannelKeepAlive message to AC and enter RUN state from DataCheck state, after the DataChannelKeepAlive of AC side responds, just setting up CAPWAP tunnel until receive;
In AC side, by the time to receive DataChannelKeepAlive message and just enter RUN state from DataCheck state after have sent ChangeStateEventResponse message to AP.Meanwhile, AC sets up data tunnel and responds a DataChannelKeepAlive message to AP.
Preferably, described DataChannelKeepAlive message is two-way alternately.
Preferably, described DataChannelKeepAlive message is CAPWAP data message, and the K position in CAPWAP head must put 1, on AP in line process, AC needs the SessionID in the KeepAlive message sent by AP come from which AP with this message of identification and learn by the source port number extracted in message the port numbers that the data tunnel of AP uses.
Further, described AC is also included in startup control tunnel keepalive mechanism in NAT abnormal restarting situation for the management method of the many AP being positioned at NAT inside, and under described control tunnel keepalive mechanism, AP and AC comprises following change:
The sessionId characterizing AP session is carried in A1, echorequest, for characterizing this echo message for which AP keep-alive, after AC receives echorequest, judge whether sessionId mates, if coupling, reply echoresponse and reset tunnel state timer; If do not mate, directly abandon, wait for tunnel state time-out;
Whether the strategy that A2, AP carry sessionId in echorequest is consistent with keepalive;
SessionId field is not carried in A3, echoresponse.
Disclosing based on technique scheme, adopting described AC provided by the invention can to solve between AP and AC for the management method of the many AP in NAT inside can not the problem of passing through NAT.
Accompanying drawing explanation
Fig. 1 schematic network structure that to be a kind of AC provided by the invention be suitable for for the management method of the many AP being positioned at NAT inside;
Fig. 2 is the mutual schematic diagram of AP and AC in the present invention;
Fig. 3 is method flow schematic diagram of the present invention;
Fig. 4 is the form schematic diagram of SessionID message element in the present invention;
Fig. 5 is the form schematic diagram of DataChannelKeepAlive message in the present invention;
Fig. 6 is the form schematic diagram of sessionId message element in echo of the present invention.
Embodiment
Below in conjunction with accompanying drawing, embodiments of the invention are described in detail.
For described AC provided by the invention for be positioned at NAT inside many AP management method be suitable for schematic network structure as Fig. 1, comprise an AC and multiple AP node, between AC and AP, be provided with NAT, SAT be use AP obtain network connection terminal equipment.
Please refer to Fig. 2 and Fig. 3, described AC, for the management method of many AP being positioned at NAT inside, comprises the following steps:
S1, according to capwap standard agreement, realize AP and find the process of AC;
S2, foundation capwap standard agreement, the message in JoinRequest stage is transformed, in message, bring SessionID message into identify the CAPWAP tunnel communicated with some AP uniquely, AC can record this corresponding relation, and this corresponding relation of persistence maintenance, reply normal JoinRequest response message;
S3, foundation capwap standard agreement, realize configuration distributing and state updating two groups of messages of AP;
S4, in AP and AC normal course of operation, the standard agreement of capwap to be improved, namely transform DataChannelKeepAlive message, in DataChannelKeepAlive message, carry sessionID to ensure the normal use of data tunnel.
In described step S2, the SessionID message needing AP to bring in JoinRequest message in the process adding AC identifies the CAPWAP tunnel communicated with some AP uniquely, and realize the CAPWAP control channel of this AP and the binding of data channel, the message format of its SessionID refers to Fig. 4.
The SessionID field length of described SessionID message element is 128-bit (16 byte), do not lose SessionID uniqueness and randomness again for simplicity, front 6 bytes of described SessionID directly insert the MAC Address of AP, and rear 10 byte random numbers are filled.
The data tunnel of AP and AC is set up to have been come by a DataChannelKeepAlive message interaction of reaching the standard grade at AP between stage AP and AC.
In AP side, after receiving the ChangeStateEventResponse message that AC responds to it, namely send DataChannelKeepAlive message to AC and enter RUN state from DataCheck state.But AP should until receive just set up CAPWAP tunnel after the DataChannelKeepAlive of AC side respond, this is because AP should not do any hypothesis (such as suppose that the source port number of the control channel message sent by AC side uses CAPWAP agreement to provide 5246 to the port numbers in the message in the CAPWAP data channel received from AC or control channel, and the source port number of data channel message uses CAPWAP agreement to provide 5247), this be also be hidden in NAT device for compatible AC-3 after application scenarios, although AC hides usage behind the nat very rare.
In AC side, by the time to receive DataChannelKeepAlive message and just enter RUN state from DataCheck state after have sent ChangeStateEventResponse message to AP.Meanwhile, AC sets up data tunnel and responds a DataChannelKeepAlive message to AP.
By analysis, the effect of KeepAlive message can be summed up as following 3 points:
The intermediate line link of 1.AP and AC when creating data tunnel due to both may dispose NAT device, therefore two sides can not do any hypothesis to the port numbers of opposite end in CAPWAP data tunnel message, and therefore AP and AC needs to set up the data tunnel with opposite end by the actual peer port number in KeepAlive message.
2.AP and AC needs to carry out keep-alive by KeepAlive message.AP and AC sends notice intermediate equipment by the periodicity of KeepAlive message, especially NAT, and the communication at two ends is not complete, needs for two ends preserving sessions resource.The communication of AP and AC is kept silent and is released to its dynamic resource distributed (if NAT can be AP or AC monthly dynamics half-session slogan) to make intermediate equipment (as NAT) be unlikely to think like this.
3.AP and AC needs to be conversated renewal by KeepAlive message.Between AP and AC, such as there is NAT device, (AP can hide behind the nat, AC also can hide behind the nat) time, by KeepAlive message regularly to make opposite end can perceive NAT device immediately be alternately the situation that opposite end AC or AP has redistributed dynamic end slogan.
In order to compatible AP hides behind the nat and hiding these the two kinds of application scenarios behind the nat of AC simultaneously, the interactive specification of DataChannelKeepAlive message is two-way by we.
The schematic diagram of the form of DataChannelKeepAlive message refers to Fig. 5.DataChannelKeepAlive message format is immediately following after CAPWAP head, MessageElementLength indicates the total length of all message elements that KeepAlive message comprises, MessageElement [0..N] is message element tabular, it is similar that each message element and CAPWAP control message, provides with TLV form.Wherein must comprise SessionID message element.
It should be noted that KeepAlive message is CAPWAP data message, and the K position in CAPWAP head must put 1.On AP in line process, AC needs the SessionID in the KeepAlive message sent by AP come from which AP with this message of identification and learn by the source port number extracted in message the port numbers that the data tunnel of AP uses.
In NAT abnormal restarting situation; NAT can control tunnel port numbers for all AP remap; but AP and AC can not perceive this kind of exception; the phenomenon that this exception the most often occurs: the control tunnel port numbers between AP; mutual exchange; problem a: AP1 can be brought like this to use the control port of AP2 to be AP2 keep-alive, and AP2 uses the port of AP1 to be AP1 keep-alive, and final all AP cannot normally work
In order to head it off, AP and AC does following change:
The sessionId characterizing AP session is carried in A1, echorequest, for characterizing this echo message for which AP keep-alive, after AC receives echorequest, judge whether sessionId mates, if coupling, reply echoresponse and reset tunnel state timer; If do not mate, directly abandon, wait for tunnel state time-out;
Whether the strategy that A2, AP carry sessionId in echorequest is consistent with keepalive;
SessionId field is not carried in A3, echoresponse.
In echo, sessionId form refer to Fig. 6.Wherein:
VendorIdentifier:0x00706582, shows Hamming vendor identification, later can other vendor identification marks compatible;
ElementID:101, characterizes this manufacturer's field, for showing AP identity;
The AP identity field of SessionID:16 byte length is consistent with the sessionId in Join.
To sum up, can to solve between AP and AC for the management method of the many AP in NAT inside can not the problem of passing through NAT for described AC provided by the invention.
The above; be only the present invention's preferably embodiment; but protection scope of the present invention is not limited thereto; anyly be familiar with those skilled in the art in the technical scope that the present invention discloses; be equal to according to technical scheme of the present invention and inventive concept thereof and replace or change, all should be encompassed within protection scope of the present invention.
Claims (7)
1. AC is for the management method of many AP being positioned at NAT inside, it is characterized in that, comprises the following steps:
S1, according to capwap standard agreement, realize AP and find the process of AC;
S2, foundation capwap standard agreement, the message in JoinRequest stage is transformed, in message, bring SessionID message into identify the CAPWAP tunnel communicated with some AP uniquely, AC can record this corresponding relation, and this corresponding relation of persistence maintenance, reply normal JoinRequest response message;
S3, foundation capwap standard agreement, realize configuration distributing and state updating two groups of messages of AP;
S4, in AP and AC normal course of operation, the standard agreement of capwap to be improved, namely transform DataChannelKeepAlive message, in DataChannelKeepAlive message, carry sessionID to ensure the normal use of data tunnel.
2. a kind of AC according to claim 1 is for the management method of many AP being positioned at NAT inside, it is characterized in that, in described step S2, the SessionID message needing AP to bring in JoinRequest message in the process adding AC identifies the CAPWAP tunnel communicated with some AP uniquely, and realizes the CAPWAP control channel of this AP and the binding of data channel.
3. a kind of AC according to claim 2 is for the management method of many AP being positioned at NAT inside, and it is characterized in that, front 6 bytes of described SessionID directly insert the MAC Address of AP, and rear 10 byte random numbers are filled.
4. a kind of AC according to claim 1 is for the management method of many AP being positioned at NAT inside, and it is characterized in that, described step S4 comprises:
In AP side, after receiving the ChangeStateEventResponse message that AC responds to it, namely send DataChannelKeepAlive message to AC and enter RUN state from DataCheck state, after the DataChannelKeepAlive of AC side responds, just setting up CAPWAP tunnel until receive;
In AC side, by the time to receive DataChannelKeepAlive message and just enter RUN state from DataCheck state after have sent ChangeStateEventResponse message to AP.Meanwhile, AC sets up data tunnel and responds a DataChannelKeepAlive message to AP.
5. a kind of AC according to claim 4 is for the management method of many AP being positioned at NAT inside, it is characterized in that, described DataChannelKeepAlive message be two-way alternately.
6. a kind of AC according to claim 4 is for the management method of many AP being positioned at NAT inside, it is characterized in that, described DataChannelKeepAlive message is CAPWAP data message, and the K position in CAPWAP head must put 1, on AP in line process, AC needs the SessionID in the KeepAlive message sent by AP come from which AP with this message of identification and learn by the source port number extracted in message the port numbers that the data tunnel of AP uses.
7. a kind of AC according to claim 1 is for the management method of many AP being positioned at NAT inside; it is characterized in that; also be included in and start control tunnel keepalive mechanism in NAT abnormal restarting situation, under described control tunnel keepalive mechanism, AP and AC comprises following change:
The sessionId characterizing AP session is carried in A1, echorequest, for characterizing this echo message for which AP keep-alive, after AC receives echorequest, judge whether sessionId mates, if coupling, reply echoresponse and reset tunnel state timer; If do not mate, directly abandon, wait for tunnel state time-out;
Whether the strategy that A2, AP carry sessionId in echorequest is consistent with keepalive;
SessionId field is not carried in A3, echoresponse.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510675482.5A CN105306619A (en) | 2015-10-19 | 2015-10-19 | Management method of AC for multiple AP in NAT |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510675482.5A CN105306619A (en) | 2015-10-19 | 2015-10-19 | Management method of AC for multiple AP in NAT |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN105306619A true CN105306619A (en) | 2016-02-03 |
Family
ID=55203357
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510675482.5A Pending CN105306619A (en) | 2015-10-19 | 2015-10-19 | Management method of AC for multiple AP in NAT |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105306619A (en) |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109195199A (en) * | 2018-09-27 | 2019-01-11 | 新华三技术有限公司 | A kind of management method and device of AP |
| CN110062059A (en) * | 2019-04-25 | 2019-07-26 | 武汉思创易控科技有限公司 | Data transmission interaction method and system for port network |
| CN114006788A (en) * | 2020-11-30 | 2022-02-01 | 易识科技(广东)有限责任公司 | Control method and system for establishing bidirectional tunnel |
| CN114158036A (en) * | 2021-12-06 | 2022-03-08 | 成都飞鱼星科技股份有限公司 | Method, device, system and medium for configuring and managing AP |
| CN114244803A (en) * | 2020-11-30 | 2022-03-25 | 易识科技(广东)有限责任公司 | Tunnel penetration control method and system |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101917439A (en) * | 2010-08-24 | 2010-12-15 | 杭州华三通信技术有限公司 | Data transmission method and equipment |
| CN102143604A (en) * | 2010-02-02 | 2011-08-03 | 杭州华三通信技术有限公司 | Method, system and device for recovering control and provisioning for wireless access point (CAPWAP) tunnel |
| CN102333335A (en) * | 2011-10-20 | 2012-01-25 | 华为技术有限公司 | Service recovery method, equipment and system for wireless local area network (WLAN) |
| CN103036648A (en) * | 2012-12-13 | 2013-04-10 | 福建星网锐捷网络有限公司 | Control and provisioning of wireless access point (CAPWAP) message processing method and processing device |
| CN103747535A (en) * | 2013-12-10 | 2014-04-23 | 福建星网锐捷网络有限公司 | Method, apparatus and system for recovering CAPWAP control channel |
| WO2015127852A1 (en) * | 2014-02-28 | 2015-09-03 | 华为技术有限公司 | Method and apparatus for establishing wireless local area network tunnel and access network system |
-
2015
- 2015-10-19 CN CN201510675482.5A patent/CN105306619A/en active Pending
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102143604A (en) * | 2010-02-02 | 2011-08-03 | 杭州华三通信技术有限公司 | Method, system and device for recovering control and provisioning for wireless access point (CAPWAP) tunnel |
| CN101917439A (en) * | 2010-08-24 | 2010-12-15 | 杭州华三通信技术有限公司 | Data transmission method and equipment |
| CN102333335A (en) * | 2011-10-20 | 2012-01-25 | 华为技术有限公司 | Service recovery method, equipment and system for wireless local area network (WLAN) |
| CN103036648A (en) * | 2012-12-13 | 2013-04-10 | 福建星网锐捷网络有限公司 | Control and provisioning of wireless access point (CAPWAP) message processing method and processing device |
| CN103747535A (en) * | 2013-12-10 | 2014-04-23 | 福建星网锐捷网络有限公司 | Method, apparatus and system for recovering CAPWAP control channel |
| WO2015127852A1 (en) * | 2014-02-28 | 2015-09-03 | 华为技术有限公司 | Method and apparatus for establishing wireless local area network tunnel and access network system |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109195199A (en) * | 2018-09-27 | 2019-01-11 | 新华三技术有限公司 | A kind of management method and device of AP |
| CN110062059A (en) * | 2019-04-25 | 2019-07-26 | 武汉思创易控科技有限公司 | Data transmission interaction method and system for port network |
| CN110062059B (en) * | 2019-04-25 | 2021-09-28 | 武汉思创易控科技有限公司 | Data transmission interaction method and system for port network |
| CN114006788A (en) * | 2020-11-30 | 2022-02-01 | 易识科技(广东)有限责任公司 | Control method and system for establishing bidirectional tunnel |
| CN114244803A (en) * | 2020-11-30 | 2022-03-25 | 易识科技(广东)有限责任公司 | Tunnel penetration control method and system |
| CN114158036A (en) * | 2021-12-06 | 2022-03-08 | 成都飞鱼星科技股份有限公司 | Method, device, system and medium for configuring and managing AP |
| CN114158036B (en) * | 2021-12-06 | 2024-01-23 | 成都飞鱼星科技股份有限公司 | Method, equipment, system and medium for configuration management of AP |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN105306619A (en) | Management method of AC for multiple AP in NAT | |
| US9220054B2 (en) | Enhanced service discovery mechanism in wireless communication system | |
| CN101764751B (en) | Method, system and equipment for forwarding roaming messages for wireless user terminal travelling across VLAN | |
| CN100471162C (en) | Method for releasing and processing virtual circuit information and supplier edge device | |
| US20170302476A1 (en) | Associating VXLANS With Tunnels | |
| PL1735963T3 (en) | Identification method and apparatus for establishing host identity protocol (hip) connections between legacy and hip nodes | |
| CN104812094A (en) | Method and apparatus for establishing connection between devices | |
| CN103873472A (en) | Method for automatically having access to network | |
| US9736876B1 (en) | Method and apparatus for establishing links and maintaining consistent link information between stations | |
| CN101656764A (en) | Method, system and device for keeping session of DHCP user active | |
| CN105264869B (en) | A kind of system and method for IP address distribution | |
| CN106101297B (en) | A kind of message answer method and device | |
| CN104580029A (en) | Address distribution method and device | |
| CN104618375A (en) | Method and device for discovering network devices | |
| CN107613023B (en) | Equipment connection method and device | |
| CN104618522A (en) | Automatic updating method for IP address of terminal and Ethernet access device | |
| CN105634805A (en) | Method for performing unified configuration on additional equipment by master control equipment under wireless networking environment | |
| CN101534257B (en) | Method, system and equipment for processing message | |
| CN107172573B (en) | zigbee terminal communication data processing method | |
| WO2018072544A1 (en) | Information transmission method and station | |
| CN103312600B (en) | A kind of industrial bus gateway apparatus realizing the control of I/O rank based on wide area network application | |
| CN104144403B (en) | A kind of communication means and equipment, system | |
| CN112533304B (en) | Ad hoc network management method, device, system, electronic equipment and storage medium | |
| WO2016180141A1 (en) | Virtual machine state management method and device | |
| CN104486252B (en) | A kind of method and device of thin-client access standard client |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20160203 |
|
| RJ01 | Rejection of invention patent application after publication |