CN106332078A - Dot1x user authentication system, method and system - Google Patents
Dot1x user authentication system, method and system Download PDFInfo
- Publication number
- CN106332078A CN106332078A CN201510364689.0A CN201510364689A CN106332078A CN 106332078 A CN106332078 A CN 106332078A CN 201510364689 A CN201510364689 A CN 201510364689A CN 106332078 A CN106332078 A CN 106332078A
- Authority
- CN
- China
- Prior art keywords
- authentication server
- authentication
- switch
- host
- backup
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 50
- 230000008569 process Effects 0.000 abstract description 18
- 230000006855 networking Effects 0.000 abstract 1
- 238000010586 diagram Methods 0.000 description 3
- 230000003993 interaction Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000006467 substitution reaction Methods 0.000 description 2
- 230000001360 synchronised effect Effects 0.000 description 2
- 230000002159 abnormal effect Effects 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 239000002699 waste material Substances 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L1/00—Arrangements for detecting or preventing errors in the information received
- H04L1/22—Arrangements for detecting or preventing errors in the information received using redundant apparatus to increase reliability
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/08—Access security
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer And Data Communications (AREA)
- Telephonic Communication Services (AREA)
Abstract
The invention provides a dot1x user authentication system, method and system. The method comprises the following steps: a plurality of switches are arranged in the system; the plurality of switches comprise a host, the host is used for determining a main authentication server and a backup authentication server in other switches based on a selection parameter; the main authentication server is used for authenticating a user based on a received authentication protocol message and sending authentication data to the backup authentication server for backup, so that when the working state of the main authentication server does not satisfy preset requirements, the backup authentication server authenticates the backup authentication data under the control of the host. Therefore, the reliability of the user authentication process can be improved, the networking experience of network users can be improved, and the structural cost of the dot1x system is reduced.
Description
Technical Field
The invention relates to the technical field of communication, in particular to a dot1x user authentication system, method and system.
Background
The IEEE802LAN/WAN Committee has proposed the 802.1X protocol (dot1X) to address the security issues of wireless local area networks. The 802.1X protocol is widely applied to the ethernet as a common access control mechanism of a local area network port, and mainly solves the problems of authentication and security in the ethernet. If the user equipment connected to the port can pass the authentication, the user equipment can access the resources in the network; if the authentication cannot be passed, the access cannot be performed.
As shown in fig. 1, the architecture of the existing 802.1X protocol generally includes three important parts: a client (provisioning System), an Authentication System (Authentication System), and an Authentication Server (Authentication Server System). The client system is generally a user terminal system, and the terminal system usually needs to install a client software, and the user initiates an authentication process of the 802.1X protocol by starting the client software. To support port-based access control, the client system needs to support Extended Authentication Protocol (EAPOL). The authentication system is typically a network device, such as a switch, that supports the 802.1X protocol. The authentication server may store information about the user, such as the user's priority, the user's access control list, and so on. When the user passes the authentication, the authentication server transmits the relevant information of the user to the authentication system, the authentication system constructs a dynamic access control list, and the subsequent flow of the user is supervised by the parameters.
There are two common 802.1X authentication methods, one is remote authentication and the other is local authentication. The Remote Authentication process is completed between the switch Authentication system and the Remote server, and supports protocols such as Remote Authentication Dial-In User Service (RADIUS), Terminal Access Controller Access Control System (TACACS), and the like.
In a common RADIUS authentication process, an authentication server is an RADIUS server, an EAPOL format is used between a client and an authentication system to encapsulate EAP protocol transmission authentication information, and the authentication system and the authentication server transmit authentication information through an RADIUS protocol.
In the existing 802.1X protocol architecture, the authentication system is implemented based on a Virtual Switching Cluster (VSC) protocol, that is, the authentication system includes multiple switches, but usually only one switch of the multiple switches is used as a host to perform a corresponding authentication process, such as data reception and interaction with an authentication server, and other switches are not really operated as standby devices, which results in waste of system resources. However, in the existing 802.1X protocol architecture, an authentication server needs to be separately set up outside the authentication system to store the user database information for user authentication charging, and the cost of the existing 802.1X protocol architecture is high due to the high price of the authentication server. When the authentication server is deployed, the users of a plurality of authentication systems need to be served simultaneously, so that the online interaction of the users is more, and the online speed of the users is influenced. Sometimes, the data of the user is lost, and the authentication server suspends the user, so that the user cannot be online again.
Disclosure of Invention
The invention provides a dot1x user authentication system, method and system, so that the reliability of the network user authentication process can be improved, the internet experience of the network user can be improved, and the cost of the dot1x system can be reduced.
The scheme provided by the invention is as follows:
the embodiment of the invention provides a dot1x user authentication system which specifically comprises a plurality of switches; the plurality of switches comprise a host, the host is used for determining a first switch as a main authentication server and a second switch as a backup authentication server based on a selection parameter, and the first switch and the second switch are other switches except the host in the plurality of switches;
the main authentication server is used for authenticating a user based on the received authentication protocol message and sending authentication data to the backup authentication server for backup so that the backup authentication server performs authentication by using the backup authentication data under the control of the host when the working state of the main authentication server does not meet the preset requirement.
Preferably, the selection parameter is determined based on externally input control information; or,
the selection parameter is determined based on the working state of the other switches.
Preferably, the working state is an idle state of the other switches;
the idle state is determined based on the CPU load of the other switches.
Preferably, the host determines the operating state of the other switch based on the operating state information periodically reported by the other switch.
Preferably, when the host does not receive the working state information reported by the main authentication server within the preset time, the working state of the main authentication server is determined to be not in accordance with the preset requirement, the current backup authentication generator is determined as the main authentication server, and the backup authentication server is selected and determined in other switches based on the selection parameter.
The embodiment of the invention also provides a dot1x user authentication method, which is applied to a dot1x user authentication system, wherein the dot1x user authentication system comprises a plurality of switches, the switches comprise a host, the host is used for determining a first switch as a main authentication server and a second switch as a backup authentication server based on a selection parameter, and the first switch and the second switch are other switches except the host in the switches;
the method comprises the following steps:
the main authentication server authenticates the user based on the received authentication protocol message, and sends the authentication data to the backup authentication server for backup, so that when the working state of the main authentication server does not meet the preset requirement, the backup authentication server performs authentication by using the backup authentication data under the control of the host.
Preferably, the method comprises:
the host computer determines selection parameters based on externally input control information; or,
the host determines the selection parameter based on the operating state of the other switch.
Preferably, the working state is an idle state of the other switches;
the method further comprises the following steps: determining an idle state of the other switch based on the CPU load of the other switch.
Preferably, the method further comprises: and the host determines the working states of the other switches based on the working state information periodically reported by the other switches.
Preferably, the determining, by the host, the operating state of the other switch based on the operating state information reported by the other switch includes:
and when the host does not receive the working state information reported by the main authentication server within the preset time, determining that the working state of the main authentication server does not meet the preset requirement.
The embodiment of the invention also provides a dot1x user authentication system, which comprises a user side and the dot1x user authentication system provided by the embodiment of the invention.
From the above, it can be seen that, in the dot1x user authentication system, method and system provided by the present invention, a plurality of switches are arranged inside the system; the plurality of switches comprise a host, the host is used for determining a first switch as a main authentication server and a second switch as a backup authentication server based on a selection parameter, and the first switch and the second switch are other switches except the host in the plurality of switches; the main authentication server is used for authenticating a user based on the received authentication protocol message and sending authentication data to the backup authentication server for backup so that the backup authentication server performs authentication by using the backup authentication data under the control of the host when the working state of the main authentication server does not meet the preset requirement. Therefore, the reliability of the authentication process of the network user can be improved, the internet surfing experience of the network user is improved, and the structure cost of the dot1x system is reduced.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to these drawings without creative efforts.
FIG. 1 is a diagram of a prior art dot1x user authentication architecture;
fig. 2 is a schematic structural diagram of a dot1x user authentication system according to an embodiment of the present invention;
fig. 3 is a schematic flowchart of a dot1x user authentication method according to an embodiment of the present invention;
fig. 4 is a schematic diagram of a dot1x user authentication architecture according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions of the embodiments of the present invention will be clearly and completely described below with reference to the drawings of the embodiments of the present invention. It is to be understood that the embodiments described are only a few embodiments of the present invention, and not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the described embodiments of the invention, are within the scope of the invention.
Unless defined otherwise, technical or scientific terms used herein shall have the ordinary meaning as understood by one of ordinary skill in the art to which this invention belongs. The use of "first," "second," and similar terms in the description and claims of the present application do not denote any order, quantity, or importance, but rather the terms are used to distinguish one element from another. Also, the use of the terms "a" or "an" and the like do not denote a limitation of quantity, but rather denote the presence of at least one. The terms "connected" or "coupled" and the like are not restricted to physical or mechanical connections, but may include electrical connections, whether direct or indirect. "upper", "lower", "left", "right", and the like are used merely to indicate relative positional relationships, and when the absolute position of the object being described is changed, the relative positional relationships are changed accordingly.
An embodiment of the present invention provides a dot1x user authentication system, as shown in fig. 2, where the system may specifically include multiple switches (switches shown as 201, 202, 203, and 204 in fig. 2), that is, the dot1x user authentication system virtualizes multiple switches as one device by supporting a Virtual Switch Cluster (VSC) protocol.
The switches include a host 201 (the host may be designated in advance or selected based on a standard), the host 201 is configured to determine, based on a selection parameter, a first switch as the primary authentication server 202, a second switch as the backup authentication server 203, and the first switch and the second switch are other switches of the switches except the host 201;
the main authentication server 202 is configured to authenticate a user based on the received authentication protocol packet, and send the authentication data to the backup authentication server 203 for backup, so that when the operating state of the main authentication server 202 does not meet the preset requirement, the backup authentication server 203 performs authentication by using the backed-up authentication data under the control of the host 201.
The dot1x user authentication system provided by the embodiment of the invention uses the switch in the system as the authentication server, so that an external authentication server is not needed, the purchase cost of the external authentication server is saved, and the cost of the dot1x user authentication system is reduced.
In addition, the system realizes the redundant backup of the authentication server in the system through the arrangement of the main authentication server and the backup authentication server, can ensure the normal realization of the authentication process of the network user while fully utilizing the internal resources of the system, improves the reliability of the authentication process of the network user, and improves the internet surfing experience of the network user.
In an embodiment, the host 201 may determine the selection parameters of the primary authentication server 202 and the backup authentication server 203 based on externally input control information or based on the operating status information of other switches in the system, so that the selection of the authentication servers can be flexibly and accurately implemented.
In the embodiment of the present invention, the working states of the other switches may specifically be idle states of the other switches, and may also be software and hardware configuration states, working condition states, and other states of the other switches. The idle state may be determined based on parameters such as CPU loads of other switches.
In a specific implementation, the host 201 may determine the operating states of the other switches based on the operating state information periodically reported by the other switches, so as to implement the selection of the master authentication server and the backup authentication server in the initial operating state of the system, and dynamically implement the switching between the master authentication server and the backup authentication server and the selection determination of the backup authentication server in the operating process of the system. The specific implementation process will be described in detail in the following section.
The embodiment of the invention also provides a dot1x user authentication method which can be particularly applied to the dot1x user authentication system provided by the embodiment of the invention.
The method specifically comprises the following steps:
the main authentication server 202 authenticates the user based on the received authentication protocol message, and sends the authentication data to the backup authentication server 203 for backup, so that when the working state of the main authentication server 202 does not meet the preset requirement, the backup authentication server 203 performs authentication by using the backed-up authentication data under the control of the host 201.
In a specific embodiment, the method may further include:
the host 201 determines a selection parameter based on externally input control information; or,
the host 201 determines the selection parameters based on the operating state of the other switches.
The working state related to the embodiment of the invention can be specifically the idle state of other switches;
in a specific embodiment, the method may further include: determining an idle state of the other switch based on the CPU load of the other switch.
In a specific embodiment, the method may further include: the host 201 determines the operating states of the other switches based on the operating state information periodically reported by the other switches.
In the method, when the host 201 does not receive the working state information reported by the main authentication server 202 within the preset time, the host 201 may determine that the working state of the main authentication server 202 does not meet the preset requirement, and the subsequent host 201 may determine the current backup authentication server 202 as the main authentication server 201, and select another switch as the backup authentication server 202 based on the selection parameter, thereby implementing dynamic switching selection of the main authentication server and the backup authentication server.
The following takes the above-mentioned method provided by the embodiment of the present invention and the system provided by the above-mentioned embodiment of the present invention as an example, and a detailed description is given to a specific implementation process of the method (i.e. a specific application process of the system).
As shown in fig. 3, this embodiment may specifically include:
step 301, selection of the primary authentication server and the backup authentication server.
In the initial stage of system operation, the host 201(Master) and other switches start operating normally, and the host 201 starts to execute the initial selection determination steps of the primary authentication server 202 and the backup authentication server 203.
In the specific selection determination, the host 201 may determine a selection parameter based on externally input control information or operating status information (e.g., hello message) reported by the switch A, B, C in fig. 1, so as to determine which of the other switches the primary authentication server 202 and the backup authentication server 203 are specifically configured.
In this embodiment, the CPU load of switch a is set to be the lowest, switch B is set to be the next highest, and switch C is set to be the highest, so that host 201 determines switch a as the initial primary authentication server and switch B as the initial backup authentication server, so that switch A, B can be constructed as the authentication system for the primary-backup relationship, and meanwhile, a synchronization relationship between the two can be established to realize backup of authentication data.
In a specific implementation, the host 201 may send a notification message to the switch a, so that the switch a senses that the switch a itself exists as the master authentication server 202, and the host 201 may make the switch a have the function of the master authentication server 202 by loading and starting resources such as software and hardware, or the host 201 may make the switch a have the function of the master authentication server 202 by deploying software and hardware, for example, make the switch a have the priority of a user, an access control list of the user, and the like. The host 202 can make switch B sense that it exists as the backup authentication server 203 and make switch B function as the backup authentication server 203 by the same operation procedure.
In step 302, the master authentication server 202 receives an authentication protocol packet.
Specifically, after the switch a senses that it is the main authentication server 202, it starts the freeradius process and informs other switches in the system, that is, member devices, where the switch a is the main authentication server 202 (that is, an authentication system), and after receiving the notification, the other switches in the system send the received authentication protocol packet sent by the client 401 to the switch a, that is, the main authentication server 202.
In step 303, the main authentication server 202 authenticates the user based on the received authentication protocol packet, and sends the authentication data to the backup server 203, i.e. switch B, to perform synchronous backup of the authentication data.
For the authentication result, the master authentication server 202 may return to the client 401 through other switches. And, for the authenticated user, the authentication system (e.g. the master authentication server 202) constructs a dynamic access control list, and the subsequent network access process of the user is supervised based on the access control list.
It should be noted that, in the implementation process of the above steps 301, 302, and 303, other switches in the system, for example, the switch A, B, C, may still report the operating state information of the CPU load to the host 201, so that the host 201 can know the operating state of the member device in the system in real time, so that the host 201 can determine whether to perform dynamic switching between the master authentication server and the backup authentication server.
Step 304, in a preset time, when the host 201 does not receive the working state information reported by the main authentication server 202, the host 201 starts the switching of the main authentication server and the selection and determination operation of the backup authentication server 203.
Specifically, after the host 201 does not receive the hello packet sent by the main authentication server 202 for a long time, it determines that the switch a, i.e., the main authentication server 202 is suspended or abnormal, and notifies the switch B, i.e., the initial backup authentication server 203, to switch to the working state of the main authentication server 202, and meanwhile, the host 201 may also select a backup authentication server, e.g., the switch C, for the switch B (at this time, the main authentication server 202) based on externally input control information or working state information reported by other switches.
The operations of steps 302, 303, and 304 may be repeatedly executed subsequently, that is, after receiving the switching notification, the switch B immediately starts the freeradius process, and notifies other switches, that is, member devices, in the system, where the switch B is a main authentication server (that is, an authentication system), and after receiving the notification, the other switches in the system send the received authentication protocol packet sent by the client 401 to the switch B, that is, the main authentication server 202, that is, the switch B authenticates the user based on the received authentication protocol packet, and at the same time, sends the authentication data to the backup server, that is, the switch C, to perform synchronous backup of the authentication data. Therefore, dynamic switching of the main authentication server and the backup authentication server is realized, normal realization of a user authentication process is ensured, reliability of user authentication is improved, and internet experience of a user is improved.
The embodiment of the present invention further provides a dot1x user authentication system, as shown in fig. 4, the embodiment structure may specifically include a user end 301, and the dot1x user authentication system provided in the embodiment of the present invention.
The above description is only a preferred embodiment of the present invention, and it should be noted that, for those skilled in the art, various modifications and substitutions can be made without departing from the technical principle of the present invention, and these modifications and substitutions should also be regarded as the protection scope of the present invention.
Claims (11)
1. A dot1x user authentication system, comprising a plurality of switches;
the plurality of switches comprise a host, the host is used for determining a first switch as a main authentication server and a second switch as a backup authentication server based on a selection parameter, and the first switch and the second switch are other switches except the host in the plurality of switches;
the main authentication server is used for authenticating a user based on the received authentication protocol message and sending authentication data to the backup authentication server for backup so that the backup authentication server performs authentication by using the backup authentication data under the control of the host when the working state of the main authentication server does not meet the preset requirement.
2. The system of claim 1, wherein the selection parameter is determined based on externally input control information; or,
the selection parameter is determined based on the working state of the other switches.
3. The system of claim 2, wherein the operating state is an idle state of the other switch;
the idle state is determined based on the CPU load of the other switches.
4. The system of claim 2, wherein the host determines the operating state of the other switch based on the operating state information periodically reported by the other switch.
5. The system of claim 4, wherein when the host does not receive the working state information reported by the main authentication server within a preset time, it is determined that the working state of the main authentication server does not meet a preset requirement, the current backup authentication generator is determined as the main authentication server, and based on the selection parameter, the backup authentication server is selected and determined in other switches.
6. A dot1x user authentication method is applied to a dot1x user authentication system, the dot1x user authentication system comprises a plurality of switches, the switches comprise a host, the host is used for determining a first switch as a main authentication server and a second switch as a backup authentication server based on a selection parameter, and the first switch and the second switch are other switches except the host in the switches;
the method comprises the following steps:
the main authentication server authenticates the user based on the received authentication protocol message, and sends the authentication data to the backup authentication server for backup, so that when the working state of the main authentication server does not meet the preset requirement, the backup authentication server performs authentication by using the backup authentication data under the control of the host.
7. The method of claim 6, wherein the method comprises:
the host computer determines selection parameters based on externally input control information; or,
the host determines the selection parameter based on the operating state of the other switch.
8. The method of claim 7, wherein the operating state is an idle state of the other switch;
the method further comprises the following steps: determining an idle state of the other switch based on the CPU load of the other switch.
9. The method of claim 7, wherein the method further comprises: and the host determines the working states of the other switches based on the working state information periodically reported by the other switches.
10. The method of claim 9, wherein the host determining the operational status of the other switch based on the operational status information reported by the other switch comprises:
and when the host does not receive the working state information reported by the main authentication server within the preset time, determining that the working state of the main authentication server does not meet the preset requirement.
11. A dot1x user authentication system comprising a client, further comprising the dot1x user authentication system of claim 1.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510364689.0A CN106332078B (en) | 2015-06-26 | 2015-06-26 | dot1x user authentication system, method and device |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510364689.0A CN106332078B (en) | 2015-06-26 | 2015-06-26 | dot1x user authentication system, method and device |
Publications (2)
Publication Number | Publication Date |
---|---|
CN106332078A true CN106332078A (en) | 2017-01-11 |
CN106332078B CN106332078B (en) | 2020-05-05 |
Family
ID=57721487
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201510364689.0A Active CN106332078B (en) | 2015-06-26 | 2015-06-26 | dot1x user authentication system, method and device |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106332078B (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107623593A (en) * | 2017-08-31 | 2018-01-23 | 北京华为数字技术有限公司 | The method and apparatus of two-node cluster hot backup based on CU separation |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1484412A (en) * | 2002-09-20 | 2004-03-24 | 华为技术有限公司 | Method for realizing 802.1 X communication based on group management |
US20080134288A1 (en) * | 2002-01-07 | 2008-06-05 | Halasz David E | ENHANCED TRUST RELATIONSHIP IN AN IEEE 802.1x NETWORK |
CN101277308A (en) * | 2008-05-23 | 2008-10-01 | 杭州华三通信技术有限公司 | Method for insulating inside and outside networks, authentication server and access switch |
CN101707522A (en) * | 2009-09-29 | 2010-05-12 | 北京星网锐捷网络技术有限公司 | Method and system for authentication and connection |
CN103731310A (en) * | 2013-12-31 | 2014-04-16 | 华为技术有限公司 | Message transmitting method and device |
-
2015
- 2015-06-26 CN CN201510364689.0A patent/CN106332078B/en active Active
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20080134288A1 (en) * | 2002-01-07 | 2008-06-05 | Halasz David E | ENHANCED TRUST RELATIONSHIP IN AN IEEE 802.1x NETWORK |
CN1484412A (en) * | 2002-09-20 | 2004-03-24 | 华为技术有限公司 | Method for realizing 802.1 X communication based on group management |
CN101277308A (en) * | 2008-05-23 | 2008-10-01 | 杭州华三通信技术有限公司 | Method for insulating inside and outside networks, authentication server and access switch |
CN101707522A (en) * | 2009-09-29 | 2010-05-12 | 北京星网锐捷网络技术有限公司 | Method and system for authentication and connection |
CN103731310A (en) * | 2013-12-31 | 2014-04-16 | 华为技术有限公司 | Message transmitting method and device |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107623593A (en) * | 2017-08-31 | 2018-01-23 | 北京华为数字技术有限公司 | The method and apparatus of two-node cluster hot backup based on CU separation |
CN107623593B (en) * | 2017-08-31 | 2021-06-15 | 北京华为数字技术有限公司 | Method and equipment for hot standby of dual computers based on CU separation |
Also Published As
Publication number | Publication date |
---|---|
CN106332078B (en) | 2020-05-05 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11223514B2 (en) | Method and system of a dynamic high-availability mode based on current wide area network connectivity | |
CN101557405B (en) | Portal authentication method and corresponding gateway equipment and server thereof | |
CN103746812B (en) | A kind of access authentication method and system | |
EP3068093B1 (en) | Security authentication method and bidirectional forwarding detection method | |
US10764939B2 (en) | Network function processing method and related device | |
US9325685B2 (en) | Authentication switch and network system | |
US10083098B1 (en) | Network function virtualization (NFV) virtual network function (VNF) crash recovery | |
CN107948063B (en) | Method for establishing aggregation link and access equipment | |
CN105430016A (en) | Network access authentication method and system | |
CN111194035B (en) | Network connection method, device and storage medium | |
EP3629535A1 (en) | Method, device, and system for implementing mux machine | |
WO2015088324A2 (en) | System and method for managing a faulty node in a distributed computing system | |
CN109495431B (en) | Access control method, device and system and switch | |
CN115567383A (en) | Network configuration method, host server, device, and storage medium | |
CN108600156B (en) | Server and security authentication method | |
CN104410990B (en) | Realize the method and system of access authentication server switching | |
CN106332078B (en) | dot1x user authentication system, method and device | |
CN107306289B (en) | Load balancing method and device based on cloud computing | |
RU2693903C1 (en) | Method, apparatus and processing system for expanded port | |
CN103138961A (en) | Server control method, controlled server and central control server | |
CN113420275B (en) | Data connection processing method, related device and computer program product | |
CN109379383B (en) | Virtual private network VPN client and implementation method | |
US10277700B2 (en) | Control plane redundancy system | |
CN106330415B (en) | Disaster recovery method, device and communication system | |
CN103338117A (en) | Management method, management device and management system of virtual switch |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |