CN106961371B - Package turns the method passed and package turns to pass device - Google Patents
Package turns the method passed and package turns to pass device Download PDFInfo
- Publication number
- CN106961371B CN106961371B CN201610015632.4A CN201610015632A CN106961371B CN 106961371 B CN106961371 B CN 106961371B CN 201610015632 A CN201610015632 A CN 201610015632A CN 106961371 B CN106961371 B CN 106961371B
- Authority
- CN
- China
- Prior art keywords
- mentioned
- package
- pppoe
- l2tp
- chap
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/46—Interconnection of networks
- H04L12/4633—Interconnection of networks using encapsulation techniques, e.g. tunneling
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/16—Implementing security features at a particular protocol layer
- H04L63/164—Implementing security features at a particular protocol layer at the network layer
Abstract
A kind of package turns the method and package turn biography device of biography.The above method turns to pass in device for a package, and the above method includes: the CHAP inquiry package for receiving a L2TP Network Server in the form of a L2TP package and being transmitted;Above-mentioned CHAP inquiry package is Resealed, and forwards above-mentioned CHAP to inquire package to PPPoE user's terminal in the form of a PPPoE package;It receives the CHAP from above-mentioned PPPoE user's terminal and responds package;Above-mentioned CHAP response package is Resealed, and forwards above-mentioned CHAP to respond package to above-mentioned L2TP Network Server in the form of above-mentioned L2TP package;Receive the CHAP success package transmitted from above-mentioned L2TP Network Server;And Reseal above-mentioned CHAP success package, and forward above-mentioned CHAP success package to above-mentioned PPPoE user's terminal in the form of above-mentioned PPPoE package, it is connect and L2TP connection with establishing a PPP with above-mentioned PPPoE user's terminal and above-mentioned L2TP Network Server respectively.The present invention can avoid the point-to-point tunnel that PPPoE agreement is only used for two interlayers, also increase package safety in a network.
Description
Technical field
Turn the method passed the present invention relates to package and package turns to pass device, and in particular in a PPPoE (PPP over
Ethernet: the peer-peer protocol on ether) and L2TP (Layer 2Tunnel Protocol: Level 2 Tunnel Protocol) between seal
Packet turns the method passed and package turns to pass device.
Background technique
A kind of ether with the continuous development of computer technology and network technology, as high-efficiency and economic network communication technology
Net has had been more and more widely used.Local area network based on ethernet technology has been dispersed throughout in various businesses and office system,
Also it is widely used in family.In order to utilize existing network structure, research staff has developed a kind of new PPPoE technology,
Do not changed with reaching or seldom changes network configuration and keep the low cost of network operation.By combining most economical Ethernet skill
The scalability and management control function of art and ppp protocol, network operator can be disposed using reliable and known technology
High speed internet business.
But as technology further develops, PPPoE is not available still in some scenes.As shown in Figure 1, PPPoE is used
The PPPoE Request Packet that person's terminal is transmitted can not be by route network address conversion (Network Address layer by layer
Translation, NAT), it reaches a PPPoE server and is proved.Turn the method and device passed therefore, it is necessary to a kind of package
In the use habit for not changing PPPoE user's terminal, under the conditions of arranging net for network operator readily in a PPPoE and
Turn to pass package between L2TP.
Accordingly, it is desirable to provide a kind of package turns the method passed and package turns to pass device to solve the above problems.
Summary of the invention
The present invention provides a kind of method and device that package turn passes.
The present invention proposes that a kind of package turns the method passed, and the above method turns to pass in device for a package, above method packet
It includes: receiving CHAP inquiry (Challenge) package that a L2TP Network Server is transmitted in the form of a L2TP package;Again
Above-mentioned CHAP inquiry package is encapsulated, and forwards above-mentioned CHAP to inquire package to PPPoE user end in the form of a PPPoE package
End;It receives the CHAP from above-mentioned PPPoE user's terminal and responds package;Reseal above-mentioned CHAP response package, and with
Above-mentioned L2TP package form forwards above-mentioned CHAP to respond package to above-mentioned L2TP Network Server;It receives and comes from above-mentioned L2TP network
The CHAP success package that server is transmitted;And above-mentioned CHAP success package is Resealed, and with above-mentioned PPPoE package shape
Formula forwards above-mentioned CHAP success package to above-mentioned PPPoE user's terminal, with respectively with above-mentioned PPPoE user's terminal and above-mentioned
L2TP Network Server establishes a PPP connection and L2TP connection.
In some embodiments, wherein above-mentioned the step of Resealing above-mentioned CHAP inquiry package further include: in decapsulation
State CHAP inquiry package;Remove a public network IP, a Udp header and the L2TP header of above-mentioned CHAP inquiry package;And it uses
One Ethernet (ether) header and a PPPoE header Reseal above-mentioned CHAP inquiry package.In some embodiments, wherein
Above-mentioned the step of Resealing above-mentioned CHAP response package further include: decapsulate above-mentioned CHAP response package;Remove above-mentioned CHAP
Respond the Ethernet header and a PPPoE header of package;And use a public network IP, a Udp header and a L2TP header
Reseal above-mentioned CHAP response package.In some embodiments, wherein the above-mentioned step for Resealing above-mentioned CHAP success package
Suddenly further include: decapsulate above-mentioned CHAP success package;Remove a public network IP, the Udp header and one of above-mentioned CHAP success package
L2TP header;And above-mentioned CHAP success package is Resealed using an Ethernet header and a PPPoE header.In some realities
It applies in example, the above method further include: receive the PPPoE data packet from above-mentioned PPPoE user's terminal;It decapsulates above-mentioned
PPPoE data packet;Remove the Ethernet header, a PPPoE header and a PPP header of above-mentioned PPPoE data packet;Make
The above-mentioned PPPoE data packet decapsulated is re-packaged into a L2TP with a public network IP, a Udp header and a L2TP header
Package;And above-mentioned L2TP package is transmitted to above-mentioned L2TP Network Server.In some embodiments, the above method further include:
Receive the L2TP package from above-mentioned L2TP Network Server;Decapsulate above-mentioned L2TP package;Remove above-mentioned L2TP package
One public network IP, a Udp header and a L2TP header;It will be upper using an Ethernet header, a PPPoE header and a PPP header
It states the L2TP package decapsulated and is re-packaged into a PPPoE data packet;And the above-mentioned PPPoE data packet of transmission is to above-mentioned
PPPoE user's terminal.In some embodiments, the above method further include: receive one from above-mentioned PPPoE user's terminal
PADT package;Judge whether a destination address is that above-mentioned package turns to pass a MAC of a LAN interface of device in above-mentioned PADT package
Address;And when above-mentioned purpose address is above-mentioned MAC Address, disconnect above-mentioned PPP connection and above-mentioned L2TP connection.In some realities
It applies in example, the above method further include: receive the PADR package from above-mentioned PPPoE user's terminal: judging above-mentioned PADR envelope
Whether one destination address of packet is that above-mentioned package turns to pass a MAC Address of a LAN interface of device;And work as above-mentioned purpose address
When for above-mentioned MAC Address, the MAC Address of a PPPoE server, a MAC Address and one for above-mentioned PPPoE user's terminal are recorded
Pppoe session ID, and a PADS package is returned to above-mentioned PPPoE user's terminal, so that above-mentioned PPPoE user's terminal is initiated
One L2TP dialing process.In some embodiments, wherein above-mentioned CHAP response package includes at least corresponding above-mentioned PPPoE user
A user name and a password for terminal.
The present invention proposes that a kind of package turns to pass device, above-mentioned package turn to pass device include: a control circuit, a processor with
An and memory;Above-mentioned processor is installed into above-mentioned control circuit;Above-mentioned memory install into above-mentioned control circuit and
It is coupled to above-mentioned processor;Wherein above-mentioned processor configuration is held to execute the program code that one is stored in above-mentioned memory
Row: the CHAP inquiry package that a L2TP Network Server is transmitted is received in the form of a L2TP package;It Reseals above-mentioned
CHAP inquires package, and forwards above-mentioned CHAP to inquire package to PPPoE user's terminal in the form of a PPPoE package;It receives
A CHAP from above-mentioned PPPoE user's terminal responds package;Above-mentioned CHAP response package is Resealed, and with above-mentioned L2TP
Package form forwards above-mentioned CHAP to respond package to above-mentioned L2TP Network Server;It receives and comes from above-mentioned L2TP Network Server institute
The CHAP success package of transmission;And above-mentioned CHAP success package is Resealed, and in the form of above-mentioned PPPoE package in forwarding
CHAP success package is stated to above-mentioned PPPoE user's terminal, with respectively with above-mentioned PPPoE user's terminal and above-mentioned L2TP network
Server establishes a PPP connection and L2TP connection.
Package of the present invention turns the method and device passed and utilizes characteristic of the L2TP three layer tunnel across routing, PPPoE package weight
It is newly packaged into L2TP package, and by TCP/IP package, the core across network operator is routed, discussed with L2TP Network Server
Card.Therefore, turning the method and device passed using package of the present invention can avoid the point-to-point tunnel that PPPoE agreement is only used for two interlayers
Road also increases package safety in a network.
To enable the above and other objects, features and advantages of the disclosure to be clearer and more comprehensible, preferably implementation is cited below particularly out
Example, and cooperate appended attached drawing, it is described in detail below.
Detailed description of the invention
The schematic diagram for the PPPoE Request Packet that the PPPoE user's terminal that Fig. 1 shows is transmitted.
Fig. 2 shows communication system schematic diagram described in an embodiment according to the present invention.
Fig. 3 indicates that package described in an embodiment according to the present invention turns to pass the simplification functional block diagram of device in another way.
Fig. 4, which is shown, to be turned to pass device triggering one in a PPPoE discovery phase package described in an embodiment according to the present invention
The information sequence figure of L2TP connection request.
Fig. 5, which is shown, to be turned to pass device turn biography package in a PPPoE demonstration stage package described in an embodiment according to the present invention
Information sequence figure.
Fig. 6, which is shown, to be turned to pass device turn biography PPPoE in a data transfer phase package described in an embodiment according to the present invention
Data packet to L2TP Network Server information sequence figure.
Fig. 7, which is shown, to be turned to pass device turn biography L2TP envelope in a data transfer phase package described in an embodiment according to the present invention
It wraps to the information sequence figure of PPPoE user's terminal.
Fig. 8 shows that package described in an embodiment according to the present invention turns the encapsulation and decapsulation that pass device to data packet
Schematic diagram.
Fig. 9 shows the information sequence figure that PPPoE user's terminal disconnects described in an embodiment according to the present invention.
Figure 10 shows that the package according to one embodiment of the disclosure turns the method flow diagram passed.
Figure 11 shows that the package according to one embodiment of the disclosure turns to pass the method flow diagram that device disconnects.
Primary clustering symbol description:
200 communication systems
210 PPPoE user's terminals
220 packages turn to pass device
230 L2TP Network Server
240 servers
300 packages turn to pass device
302 control circuits
304 central processing units
306 memories
308 program codes
310 transceivers
400 information sequence figures
S405, S410, S415, S420, S425, step
S430、S435、S440、S445
500 information flow charts
S505, S510, S515, S520, S525, step
S530、S535、S540、S545
600 information flow charts
S605, S610, S615, S620 step
700 information flow charts
S705, S710, S715, S720 step
800 schematic diagrames
810 PPPoE data packets
820 L2TP packages
830 PPPoE data packets
840 L2TP packages
900 information flow charts
S905, S910, S915 step
1000 method flow diagrams
S1005, S1010, S1015, S1020, S1025, step
S1030
1100 method flow diagrams
S1105, S1110, S1115, S1120 step
Specific embodiment
In order to which the purpose of the present invention, feature and advantage can be clearer and more comprehensible, preferred embodiment is cited below particularly, and cooperate
Appended attached drawing Fig. 2 to Figure 11, is described in detail.This specification provides different embodiments to illustrate the skill of different embodiments
Art feature.Wherein, each component in embodiment is configured to purposes of discussion, is not intended to limit the invention.And it is attached in embodiment
The part of figure grade repeats, and is the relevance being not meant as between different embodiments to simplify the explanation.
Fig. 2 shows 200 schematic diagram of communication system described in an embodiment according to the present invention.Communication system 200 includes one
PPPoE user's terminal 210, a package turn pass device 220, a L2TP Network Server (L2TP Network Server,
LNS) 230 and a server 240.Server 240 can be located in Ethernet or other private networks, and server 240 and PPPoE are used
Data transmission between person's terminal 210 needs to turn to pass device 220 by package and L2TP Network Server 230 is forwarded biography
It is defeated.PPPoE user's terminal 210 is in ether access net, is connected to package by an interchanger (figure is not shown) and turns to pass device
220.It is IP bearer network that package, which turns to pass the network between device 220 and L2TP Network Server 230,.L2TP Tunnel turns in package
It passes and is established between device 220 and L2TP Network Server 230, and carrying is based on PPP (Point to Point on L2TP Tunnel
Protocol, point-to-point protocol) session.Multiple sessions can be carried in one L2TP Tunnel.Specifically, package turns to pass device
220 can establish connection by interchanger at least PPPoE user's terminal 210.The data of PPPoE user's terminal 210
Ethernet encapsulation standard can be used to be packaged for package, wherein above-mentioned Ethernet encapsulation standard generally includes an Ethernet
Header, a PPPoE header and a PPP header.Package turns to pass device 220 to the data envelope for receiving PPPoE user's terminal 210
Decapsulated after packet, can record a MAC Address of the server 240 in above-mentioned header, PPPoE user's terminal 210 one
MAC Address and pppoe session ID.Package turns to pass Ethernet header and PPPoE header that device 220 removes data packet, so
One L2TP is re-packaged into the above-mentioned data packet decapsulated using a public network IP, a Udp header and a L2TP header afterwards
Package, and it is sent to L2TP Network Server 230.L2TP Network Server 230 receives package and turns to pass the data that device 220 transmits
Package is sent to server 240 after carrying out L2TP decapsulation.It is worth noting that, package turns to pass device 220 be that a L2TP connect
Enter the devices such as hub (L2TP Access Concentrator, LAC).
Next, Fig. 3 indicates that package described in an embodiment according to the present invention turns to pass device in another way refering to Fig. 3
300 simplification functional block diagram.In Fig. 3, package, which turns biography device 300, can be used to embody the package in Fig. 2 turn biography device 220.
Package turns to pass device 300 to may include a control circuit 302, a central processing unit (Central Processing Unit, CPU)
304, a memory 306, a program code 308 and a transceiver 310.Control circuit 302 passes through centre in memory 306
It manages device 304 and executes program code 308, and controlled with this and turn to pass operation conducted in device 300 in package.Transceiver 310 exists
This, which is used as, receives and sends wireless signal, and received signal is sent to control circuit 302, and wirelessly output control electricity
Signal caused by road 302.
Fig. 4, which is shown, to be turned to pass device triggering one in a PPPoE discovery phase package described in an embodiment according to the present invention
Information sequence Figure 40 0 of L2TP connection request, and please refer to Fig. 2.Firstly, in step S405, the transmission of PPPoE user's terminal
One PADI (PPPoE Active Discovery Initiation) package, wherein above-mentioned PADI package must include at least a clothes
Service type TAG, to indicate the requested service of PPPoE user's terminal.In step S410, turn to pass device reception in package
After PADI package, judge whether the destination address in PADI package is a unicast address.If being judged as unicast address, package
Turn to pass the above-mentioned PADI package of device discarding.Otherwise, in step S415, package turns to pass one PADO (PPPoE of device construction
Active Discovery Offer) package, and it is back to PPPoE user's terminal.
Then, in the step s 420, PPPoE user's terminal transmits a PADR (PPPoE Active Discovery
Request) package turns to pass device to package.In step S425, PPPoE user's terminal judges a mesh of above-mentioned PADR package
Address whether be package turn pass device a LAN interface a MAC Address.If the destination address of PADR package is not that package turns
When passing the MAC Address of the LAN interface of device, package turns biography device and then abandons above-mentioned PADR package (figure is not shown).Otherwise, in step
In rapid S430, package turns to pass the MAC Address of device record server, the MAC Address of PPPoE user's terminal and a PPPoE meeting
Talk about ID.In step S435, package turns to pass device one L2TP SCCRQ (Start-Control-Request) of transmission to L2TP net
Network server.In step S440, package turns to pass the l2tp session ID that device reception L2TP Network Server is returned.In step
In rapid S445, package turn biography device transmission one PADS (PPPoE Active Discovery Session) package to PPPoE makes
User's terminal, so that PPPoE user's terminal can initiate a L2TP dialing process.
Fig. 5, which is shown, to be turned to pass device turn biography package in a PPPoE demonstration stage package described in an embodiment according to the present invention
Information sequence Figure 50 0, and please refer to Fig. 2.Firstly, package is turned biography device and is connect in the form of a L2TP package in step S505
Receive the CHAP inquiry package that a L2TP Network Server is transmitted.In step S510, package turns biography device and Reseals
CHAP inquires package.It is described in more detail, package turns biography device and first decapsulates to CHAP inquiry package, removes above-mentioned CHAP
Inquire a public network IP, a Udp header and the L2TP header of package, and obtain PPP header therein, an Intranet IP and one is ask
Ask data.Package turns biography device and then uses an Ethernet header and a PPPoE header to PPP header, Intranet IP and inquiry
Data Reseal, i.e., increase Ethernet header and PPPoE header before PPP header, Intranet IP and inquiry data.
Then, in step S515, package is turned biography device and the CHAP Resealed is forwarded to inquire in the form of a PPPoE package
Package is to PPPoE user's terminal.In step S520, package turns to pass a CHAP of the device reception from PPPoE user terminal
Package is responded, wherein CHAP responds the user name and a password that package includes at least corresponding PPPoE user's terminal.In step
In S525, package turns biography device and Reseals CHAP response package.It is described in more detail, package turns to pass device to CHAP response envelope
Packet is first decapsulated, and the Ethernet header and a PPPoE header of above-mentioned CHAP response package are removed, and is obtained therein
One PPP header, an Intranet IP and a response data.Package turns biography device and then uses a public network IP, a Udp header and a L2TP
Header Reseals PPP header, Intranet IP and inquiry data, i.e., increases public network before PPP header, Intranet IP and response data
IP, Udp header and L2TP header.
Come again, in step S530, package is turned biography device and the CHAP Resealed is forwarded to respond in the form of L2TP package
Package is to L2TP Network Server.In step S535, package turns to pass what device reception was transmitted from L2TP Network Server
One CHAP success package.In step S540, package turns biography device and Reseals CHAP success package.It is described in more detail, seals
Packet turns biography device and first decapsulates to CHAP success package, removes a public network IP, the Udp header of above-mentioned CHAP success package
And a L2TP header, and obtain PPP header therein, the inquiry data of an Intranet IP and one.Package turns biography device and then uses
One Ethernet header and a PPPoE header Reseal PPP header, Intranet IP and successful data, i.e., in PPP header, interior
Increase Ethernet header and PPPoE header before netting IP and successful data.
Finally, package is turned biography device and is forwarded CHAP success package to PPPoE in the form of PPPoE package in step S545
User's terminal is connect and L2TP connection with establishing a PPP with PPPoE user's terminal and L2TP Network Server respectively.
Fig. 6, which is shown, to be turned to pass device turn biography PPPoE in a data transfer phase package described in an embodiment according to the present invention
Data packet and please refers to Fig. 2 to information sequence Figure 60 0 of L2TP Network Server.Firstly, in step s 605, package turns
It passes device and receives the PPPoE data packet from PPPoE user's terminal.In step S610, package turns to pass device deblocking
PPPoE data packet is filled, that is, removes an Ethernet header, a PPPoE header and the PPP header of PPPoE data packet, and
The above-mentioned PPPoE data packet decapsulated is re-packaged into one using a public network IP, a Udp header and a L2TP header
L2TP package.In step S615, package turns to pass device transmission L2TP package to L2TP Network Server.In L2TP network service
After device receives L2TP package, then it can be considered as normal L2TP package to L2TP package and handle.In step S620, L2TP net
Network server is converted to Ethernet (ether) package after L2TP package is carried out L2TP decapsulation, and directly transmits Ethernet
Package is to the server for being located at Ethernet or private network.
Fig. 7, which is shown, to be turned to pass device turn biography L2TP envelope in a data transfer phase package described in an embodiment according to the present invention
It wraps to information sequence Figure 70 0 of PPPoE user's terminal, and please refers to Fig. 2.Firstly, in step S705, L2TP network service
Device receives the Ethernet package from server.In step S710, L2TP Network Server carries out Ethernet package
Transmission L2TP package turns to pass device to package after L2TP encapsulation.In step S715, package turns to pass device decapsulation L2TP package,
A public network IP, a Udp header and the L2TP header of L2TP package are removed, and is marked using an Ethernet header, a PPPoE
The above-mentioned L2TP package decapsulated is re-packaged into a PPPoE data packet by head and a PPP header.In step S720,
Package turns to pass device transmission PPPoE data packet to PPPoE user's terminal.
Fig. 8 shows that package described in an embodiment according to the present invention turns the encapsulation and decapsulation that pass device to data packet
Schematic diagram 800, and please refer to Fig. 6~Fig. 7.PPPoE user's terminal can transmit PPPoE data packet 810 after the demonstration stage.
Turn to pass device specifically, PPPoE user's terminal stamps corresponding PPPoE and encapsulate and be sent to package according to type of service,
Above-mentioned 810 format of PPPoE data packet is an Ethernet header, a PPPoE header, a PPP header, the number of an Intranet IP and one
According to.
Package turns after passing the above-mentioned PPPoE data packet 810 of device reception, carries out L2TP and Reseals, generates L2TP envelope
Packet 820, and turn to pass L2TP package 820 to L2TP Network Server.Above-mentioned 820 format of L2TP package is a public network IP, Udp mark
Head, a L2TP header, a PPP header, an Intranet IP and a data.
Similarly, L2TP Network Server can transmit a L2TP package 840.Specifically, L2TP Network Server according to
Type of service stamp corresponding L2TP encapsulate and be sent to package turn pass device, above-mentioned 840 format of L2TP package be a public network IP,
One Udp header, a L2TP header, a PPP header, an Intranet IP and a data.
Package turns after passing the above-mentioned L2TP package 840 of device reception, carries out PPPoE and Reseals, generates PPPoE data envelope
Packet 830, and turn to pass PPPoE data packet 830 to PPPoE user's terminal.Above-mentioned 830 format of PPPoE data packet is one
Ethernet header, a PPPoE header, a PPP header, an Intranet IP and a data.
Fig. 9 shows the information sequence figure that PPPoE user's terminal disconnects described in an embodiment according to the present invention
900, and please refer to Fig. 2.In step S905, package turns to pass a PADT of the device reception from PPPoE user's terminal
(PPPoE Active Discovery Terminate) package.In step S910, package turns biography device and judges PADT package
In a destination address whether be package turn pass device LAN interface MAC Address.When the destination address in PADT package is package
When turning to pass the MAC Address of the LAN interface of device, in step S915, package turns to pass device disconnection PPP connection and L2TP connection.
In another embodiment, when the destination address in PADT package is not that package turns to pass the MAC Address of the LAN interface of device, envelope
Packet turns biography device and then abandons PADT package (figure is not shown).
Figure 10 shows that the package according to one embodiment of the disclosure turns the method flow diagram 1000 passed, and please refers to Fig. 5.
The above method turns to pass in device for a package.In step S1005, package is turned biography device and is received one in the form of a L2TP package
The CHAP that L2TP Network Server is transmitted inquires package.In step S1010, package turn biography device Reseals above-mentioned
CHAP inquires package, and forwards above-mentioned CHAP to inquire package to PPPoE user's terminal in the form of a PPPoE package.In step
In rapid S1015, package turns to pass CHAP response package of the device reception from above-mentioned PPPoE user's terminal.Then, in step
In S1020, package turns biography device and Reseals above-mentioned CHAP response package, and above-mentioned CHAP is forwarded in the form of above-mentioned L2TP package
Package is responded to above-mentioned L2TP Network Server.Come again, in step S1025, package turns to pass device reception from above-mentioned L2TP
The CHAP success package that network server is transmitted.Finally, package turn biography device Reseals above-mentioned in step S1030
CHAP success package, and forward in the form of above-mentioned PPPoE package above-mentioned CHAP success package to above-mentioned PPPoE user's terminal,
It is connect and L2TP connection with establishing a PPP with above-mentioned PPPoE user's terminal and above-mentioned L2TP Network Server respectively.
Figure 11 shows that the package according to one embodiment of the disclosure turns to pass the method flow diagram 1100 that device disconnects,
And please refer to Fig. 9.The above method turns to pass in device for a package.In step S1105, package turns to pass device reception from upper
State a PADT package of PPPoE user's terminal.In step S1110, package turns biography device and judges a purpose in PADT package
Whether address is that package turns to pass a MAC Address of a LAN interface of device.(the step when above-mentioned purpose address is above-mentioned MAC Address
"Yes" in rapid S1110), in step S1115, package turns to pass device disconnection PPP connection and L2TP connection.Work as above destination
When location is not above-mentioned MAC Address ("No" in step S1110), in step S1120, package turns to pass device discarding PADT envelope
Packet.
In addition, central processing unit 304 also executable program code 308 movement described in above-described embodiment and step is presented
Suddenly or the description of other contents in the description.
Therefore, package of the present invention turns the method and device passed using characteristic of the L2TP three layer tunnel across routing, and PPPoE is sealed
Packet Reseals into L2TP package, and by TCP/IP package, the core across network operator is routed, with L2TP network service
Device demonstration.Therefore, turning the method and device passed using package of the present invention can avoid the point-to-point that PPPoE agreement is only used for two interlayers
Tunnel also increases package safety in a network.
Above embodiments are described using multiple angles.Obviously teaching here can be presented in many ways, and in example
Disclosed any certain architectures or function are only a representative situation.According to the teaching of this paper, anyone skilled in the art
It should be understood that independently different presentations can be made using other certain forms or comprehensive diversified forms in content presented herein.It illustrates
It is bright, it can be realized in accordance with any mode is noted above using certain device or some way.The implementation of one device or a kind of mode
Execution can with any other framework or functionality, again or framework and functionality are realized previously discussed a kind of or more
Kind is formal.
Those skilled in the art will be appreciated that information and signal can be showed with a variety of different science and technology and skill.Citing, above
Describe all data that may be referred to, instruction, order, information, signal, position, symbol and chip (chip) can volt,
Electric current, electromagnetic wave, magnetic field or magnetic grain, light field or light bead or any of the above combination are presented.
Those skilled in the art also it will be appreciated that be described herein various illustrative logical blocks, module, processor, device,
Circuit and algorithm steps and the available electronic hardware of various situations disclosed above (such as source code or other skills
Art design number implement, simulation implement, or both combination), various forms of programs or with instruction as the design linked
The combination of code (being referred to as " software " or " software module " for convenience in the inner text), or both.This hardware and soft to clearly illustrate
Interchangeability between part, the descriptive component of a variety of tools, square, module, circuit and step above description generally with
Based on its functionality.No matter this function is presented with hardware or software form, by specific application of the view filling on total system and
Depending on design limitation.Those skilled in the art can be that each specific application realize the function of description in a variety of different ways,
But this decision realized is not to be read as deviateing range disclosed herein.
In addition, the logical blocks of multiple declaration, module and circuit and various situations disclosed herein may be implemented in
Integrated circuit (integrated circuit, IC), access terminal, access point;Or by integrated circuit, access terminal, access point
It executes.Integrated circuit can by general service processor, digital signal processor (digital signal processor, DSP),
Application-specific integrated circuit (application specific integrated circuit, ASIC), field-programmable gate array
Arrange (field programmable gate array, FPGA) or other programmable logic devices, discrete gate (discrete
Gate) or transistor logic (transistor logic), discrete hardware components, electronic building brick, optical module, mechanical component,
Or any above combined design is to complete the function of describing in this text;And it may execute and be present in integrated circuit, collection
The actuating code or instruction all having outside at circuit, or both.General service processor may be microprocessor, it is also possible to being any
Conventional processors, controller, microcontroller or state machine.Processor can be made of the combination of computer equipment, such as: number
The combination of word signal processor (DSP) and a microcomputer, multiple groups microcomputer, one group to multiple groups microcomputer and a number
Signal processor core or any other similar configuration.
Herein any specific order of disclosed program or the step of being layered it is pure be an example way.Based in design
Preference, it is necessary to which the step of recognizing any specific order in program or layering can be in the range disclosed in this file by again
It arranges.Adjoint claim to a method shows the component of various steps with an example sequence, should not be shown also therefore by this
Particular order or stratum limited.
Although the disclosure is disclosed as above with implementing example, it is not intended to limit the invention, any this field skill
Art personnel, without departing from the spirit and scope of the disclosure, should can do it is a little change and retouch, therefore it is of the invention
Protection scope should regard subject to appended claims institute defender.
Claims (18)
1. a kind of package turns the method passed, the above method turns to pass in device for a package, and the above method includes:
A L2TP Network Server is transmitted one is received in the form of a L2TP (2 Tunnel Protocol of Layer) package
CHAP inquires package;
Above-mentioned CHAP inquiry package is Resealed, and forwarding is above-mentioned in the form of a PPPoE (PPP over Ethernet) package
CHAP inquires package to PPPoE user's terminal;
It receives the CHAP from above-mentioned PPPoE user's terminal and responds package;
Above-mentioned CHAP response package is Resealed, and above-mentioned CHAP is forwarded in the form of above-mentioned L2TP package to respond package to above-mentioned
L2TP Network Server;
Receive the CHAP success package transmitted from above-mentioned L2TP Network Server;And
Above-mentioned CHAP success package is Resealed, and forwards in the form of above-mentioned PPPoE package above-mentioned CHAP success package to above-mentioned
PPPoE user's terminal is connect with establishing a PPP with above-mentioned PPPoE user's terminal and above-mentioned L2TP Network Server respectively
An and L2TP connection.
2. package as described in claim 1 turns the method passed, wherein above-mentioned the step of Resealing above-mentioned CHAP inquiry package
Further include:
Decapsulate above-mentioned CHAP inquiry package;
Remove a public network IP, a UDP header and the L2TP header of above-mentioned CHAP inquiry package;And
Above-mentioned CHAP inquiry package is Resealed using an Ethernet header and a PPPoE header.
3. package as described in claim 1 turns the method passed, wherein above-mentioned the step of Resealing above-mentioned CHAP response package
Further include:
Decapsulate above-mentioned CHAP response package;
Remove the Ethernet header and a PPPoE header of above-mentioned CHAP response package;And
Above-mentioned CHAP response package is Resealed using a public network IP, a UDP header and a L2TP header.
4. package as described in claim 1 turns the method passed, wherein above-mentioned the step of Resealing above-mentioned CHAP success package
Further include:
Decapsulate above-mentioned CHAP success package;
Remove a public network IP, a UDP header and the L2TP header of above-mentioned CHAP success package;And
Above-mentioned CHAP success package is Resealed using an Ethernet header and a PPPoE header.
5. package as described in claim 1 turns the method passed, further includes:
Receive the PPPoE data packet from above-mentioned PPPoE user's terminal;
Decapsulate above-mentioned PPPoE data packet;
Remove the Ethernet header, a PPPoE header and a PPP header of above-mentioned PPPoE data packet;
The above-mentioned PPPoE data packet decapsulated is re-packaged into using a public network IP, a UDP header and a L2TP header
One L2TP package;And
Above-mentioned L2TP package is transmitted to above-mentioned L2TP Network Server.
6. package as described in claim 1 turns the method passed, further includes:
Receive the L2TP package from above-mentioned L2TP Network Server;
Decapsulate above-mentioned L2TP package;
Remove a public network IP, a UDP header and the L2TP header of above-mentioned L2TP package;
The above-mentioned L2TP package decapsulated is Resealed using an Ethernet header, a PPPoE header and a PPP header
For a PPPoE data packet;And
Above-mentioned PPPoE data packet is transmitted to above-mentioned PPPoE user's terminal.
7. package as described in claim 1 turns the method passed, further includes:
Receive a PADT (the PPPoE Active Discovery Terminate) envelope from above-mentioned PPPoE user's terminal
Packet;
Judge whether a destination address is that above-mentioned package turns to pass a MAC Address of a LAN interface of device in above-mentioned PADT package;
And
When above-mentioned purpose address is above-mentioned MAC Address, above-mentioned PPP connection and above-mentioned L2TP connection are disconnected.
8. package as described in claim 1 turns the method passed, further includes:
Receive a PADR (PPPoE Active Discovery Request) package from above-mentioned PPPoE user's terminal:
Whether the destination address for judging above-mentioned PADR package is that above-mentioned package turns to pass a MAC Address of a LAN interface of device;
And
When above-mentioned purpose address is above-mentioned MAC Address, the MAC Address of a server, above-mentioned PPPoE user's terminal are recorded
One MAC Address and a pppoe session ID, and it is supreme to return a PADS (PPPoE Active Discovery Session) package
PPPoE user's terminal is stated, so that above-mentioned PPPoE user's terminal initiates a L2TP dialing process.
9. package as described in claim 1 turns the method passed, wherein above-mentioned CHAP response package is above-mentioned including at least correspondence
A user name and a password for PPPoE user's terminal.
10. a kind of package turns to pass device, above-mentioned package turns biography device and includes:
One control circuit;
One processor, above-mentioned processor are installed into above-mentioned control circuit;And
One memory, above-mentioned memory are installed into above-mentioned control circuit and are coupled to above-mentioned processor;
Wherein above-mentioned processor configuration is executed to execute the program code that one is stored in above-mentioned memory:
A L2TP Network Server is transmitted one is received in the form of a L2TP (2 Tunnel Protocol of Layer) package
CHAP inquires package;
Above-mentioned CHAP inquiry package is Resealed, and forwarding is above-mentioned in the form of a PPPoE (PPP over Ethernet) package
CHAP inquires package to PPPoE user's terminal;
It receives the CHAP from above-mentioned PPPoE user's terminal and responds package;
Above-mentioned CHAP response package is Resealed, and above-mentioned CHAP is forwarded in the form of above-mentioned L2TP package to respond package to above-mentioned
L2TP Network Server;
Receive the CHAP success package transmitted from above-mentioned L2TP Network Server;And
Above-mentioned CHAP success package is Resealed, and forwards in the form of above-mentioned PPPoE package above-mentioned CHAP success package to above-mentioned
PPPoE user's terminal is connect with establishing a PPP with above-mentioned PPPoE user's terminal and above-mentioned L2TP Network Server respectively
An and L2TP connection.
11. package as claimed in claim 10 turns to pass device, wherein above-mentioned the step of Resealing above-mentioned CHAP inquiry package
Further include:
Decapsulate above-mentioned CHAP inquiry package;
Remove a public network IP, a UDP header and the L2TP header of above-mentioned CHAP inquiry package;And
Above-mentioned CHAP inquiry package is Resealed using an Ethernet header and a PPPoE header.
12. package as claimed in claim 10 turns to pass device, wherein above-mentioned the step of Resealing above-mentioned CHAP response package
Further include:
Decapsulate above-mentioned CHAP response package;
Remove the Ethernet header and a PPPoE header of above-mentioned CHAP response package;And
Above-mentioned CHAP response package is Resealed using a public network IP, a UDP header and a L2TP header.
13. package as claimed in claim 10 turns to pass device, wherein above-mentioned the step of Resealing above-mentioned CHAP success package
Further include:
Decapsulate above-mentioned CHAP success package;
Remove a public network IP, a UDP header and the L2TP header of above-mentioned CHAP success package;And
Above-mentioned CHAP success package is Resealed using an Ethernet header and a PPPoE header.
14. package as claimed in claim 10 turns to pass device, wherein above-mentioned processor executes above procedure code also to execute:
Receive the PPPoE data packet from above-mentioned PPPoE user's terminal;
Decapsulate above-mentioned PPPoE data packet;
Remove the Ethernet header, a PPPoE header and a PPP header of above-mentioned PPPoE data packet;
The above-mentioned PPPoE data packet decapsulated is re-packaged into using a public network IP, a UDP header and a L2TP header
One L2TP package;And
Above-mentioned L2TP package is transmitted to above-mentioned L2TP Network Server.
15. package as claimed in claim 10 turns to pass device, wherein above-mentioned processor executes above procedure code also to execute:
Receive the L2TP package from above-mentioned L2TP Network Server;
Decapsulate above-mentioned L2TP package;
Remove a public network IP, a UDP header and the L2TP header of above-mentioned L2TP package;
The above-mentioned L2TP package decapsulated is Resealed using an Ethernet header, a PPPoE header and a PPP header
For a PPPoE data packet;And
Above-mentioned PPPoE data packet is transmitted to above-mentioned PPPoE user's terminal.
16. package as claimed in claim 10 turns to pass device, wherein above-mentioned processor executes above procedure code also to execute:
Receive a PADT (the PPPoE Active Discovery Terminate) envelope from above-mentioned PPPoE user's terminal
Packet;
Judge whether a destination address is that above-mentioned package turns to pass a MAC Address of a LAN interface of device in above-mentioned PADT package;
And
When above-mentioned purpose address is above-mentioned MAC Address, above-mentioned PPP connection and above-mentioned L2TP connection are disconnected.
17. package as claimed in claim 10 turns to pass device, wherein above-mentioned processor executes above procedure code also to execute:
Receive a PADR (PPPoE Active Discovery Request) package from above-mentioned PPPoE user's terminal:
Whether the destination address for judging above-mentioned PADR package is that above-mentioned package turns to pass a MAC Address of a LAN interface of device;
And
When above-mentioned purpose address is above-mentioned MAC Address, the MAC Address of a server, above-mentioned PPPoE user's terminal are recorded
One MAC Address and a pppoe session ID, and it is supreme to return a PADS (PPPoE Active Discovery Session) package
PPPoE user's terminal is stated, so that above-mentioned PPPoE user's terminal initiates a L2TP dialing process.
18. package as claimed in claim 10 turns to pass device, wherein above-mentioned CHAP response package is above-mentioned including at least correspondence
A user name and a password for PPPoE user's terminal.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610015632.4A CN106961371B (en) | 2016-01-11 | 2016-01-11 | Package turns the method passed and package turns to pass device |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610015632.4A CN106961371B (en) | 2016-01-11 | 2016-01-11 | Package turns the method passed and package turns to pass device |
Publications (2)
Publication Number | Publication Date |
---|---|
CN106961371A CN106961371A (en) | 2017-07-18 |
CN106961371B true CN106961371B (en) | 2019-10-15 |
Family
ID=59481197
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201610015632.4A Active CN106961371B (en) | 2016-01-11 | 2016-01-11 | Package turns the method passed and package turns to pass device |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106961371B (en) |
Families Citing this family (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113014507B (en) * | 2019-12-19 | 2022-09-23 | 中国电信股份有限公司 | Traffic processing method, device, system and computer readable storage medium |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1781278A (en) * | 2003-05-21 | 2006-05-31 | 思科技术公司 | System and method for providing end to end authentication in a network environment |
CN101447976A (en) * | 2007-11-26 | 2009-06-03 | 华为技术有限公司 | Method for accessing dynamic IP session, system and device thereof |
CN101511086A (en) * | 2009-04-01 | 2009-08-19 | 神州数码网络(北京)有限公司 | Wireless safety networking system and method for financial grid point terminal |
CN102457444A (en) * | 2010-10-22 | 2012-05-16 | 中兴通讯股份有限公司 | System and method for combining fixed network and mobile network |
CN103650424A (en) * | 2013-08-20 | 2014-03-19 | 华为技术有限公司 | Implementation method and server of home gateway service function |
Family Cites Families (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8345604B2 (en) * | 2007-06-07 | 2013-01-01 | Qualcomm Incorporated | Effectuating establishment of internet protocol security tunnels for utilization in a wireless communication environment |
WO2014028568A1 (en) * | 2012-08-15 | 2014-02-20 | The Procter & Gamble Company | Systems, models and methods for identifying and evaluating skin-active agents effective for treating an array of skin disorders |
-
2016
- 2016-01-11 CN CN201610015632.4A patent/CN106961371B/en active Active
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1781278A (en) * | 2003-05-21 | 2006-05-31 | 思科技术公司 | System and method for providing end to end authentication in a network environment |
CN101447976A (en) * | 2007-11-26 | 2009-06-03 | 华为技术有限公司 | Method for accessing dynamic IP session, system and device thereof |
CN101511086A (en) * | 2009-04-01 | 2009-08-19 | 神州数码网络(北京)有限公司 | Wireless safety networking system and method for financial grid point terminal |
CN102457444A (en) * | 2010-10-22 | 2012-05-16 | 中兴通讯股份有限公司 | System and method for combining fixed network and mobile network |
CN103650424A (en) * | 2013-08-20 | 2014-03-19 | 华为技术有限公司 | Implementation method and server of home gateway service function |
Also Published As
Publication number | Publication date |
---|---|
CN106961371A (en) | 2017-07-18 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
EP1844402B1 (en) | Techniques for migrating a point to point protocol to a protocol for an access network | |
US9294393B1 (en) | Interconnecting virtual private networks | |
JP4527721B2 (en) | Apparatus and method for improving remote LAN connectivity using tunneling | |
JP2008035037A5 (en) | ||
EP2224645A1 (en) | A method and equipment for transmitting a message based on the layer-2 tunnel protocol | |
US11824685B2 (en) | Method for implementing GRE tunnel, access point and gateway | |
WO2011140843A1 (en) | Method, apparatus and system for forwarding messages | |
JP2007104440A (en) | Packet transmission system, its method, and tunneling device | |
CN107026784A (en) | A kind of remote dummy private network gateway apparatus and implementation method | |
JP5506933B2 (en) | Method and system for realizing network intercommunication | |
CN104144157B (en) | A kind of TCP session establishing method, device, multihome node and satellite node | |
CN108306755B (en) | Method and system for establishing management channel | |
WO2008028383A1 (en) | Method for identifying the layer 3 protocol in l2vpn heterogeneous medium interconnection and the apparatus and system thereof | |
US20070071035A1 (en) | LAC-based LFI support for tunneled PPP sessions | |
CN106961371B (en) | Package turns the method passed and package turns to pass device | |
CN102882733B (en) | A kind of cross-over NAT equipment realizes WEB network management method | |
CN106059885A (en) | Method and system for processing CAPWAP message by wireless controller | |
CN107690005A (en) | Method and apparatus for forwarding packets through network address translation | |
CN101465858A (en) | Method for implementing private network penetration of monitoring business, network appliance and server | |
CN101160904A (en) | Method and apparatus for implementing signaling proxy | |
EP2858415B1 (en) | Multi-link-based data transmission method and device | |
CN106506718A (en) | IVI transition methods and network system based on the pure IPv6 networks of multiple NAT | |
CN101150510B (en) | A method and device for realizing GRE protocol compatible IPinIP protocol | |
CN102457582A (en) | Method for realizing communication between host devices and network side device | |
CN101150530B (en) | Forwarding system, method and forward unit agent under forward control separation architecture |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |