CN108833280B - User management table item issuing method and device and control plane equipment - Google Patents

User management table item issuing method and device and control plane equipment Download PDF

Info

Publication number
CN108833280B
CN108833280B CN201810224966.1A CN201810224966A CN108833280B CN 108833280 B CN108833280 B CN 108833280B CN 201810224966 A CN201810224966 A CN 201810224966A CN 108833280 B CN108833280 B CN 108833280B
Authority
CN
China
Prior art keywords
user
forwarding plane
equipment
forwarding
information
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201810224966.1A
Other languages
Chinese (zh)
Other versions
CN108833280A (en
Inventor
夏添
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
New H3C Security Technologies Co Ltd
Original Assignee
New H3C Security Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by New H3C Security Technologies Co Ltd filed Critical New H3C Security Technologies Co Ltd
Priority to CN201810224966.1A priority Critical patent/CN108833280B/en
Publication of CN108833280A publication Critical patent/CN108833280A/en
Application granted granted Critical
Publication of CN108833280B publication Critical patent/CN108833280B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/74Address processing for routing
    • H04L45/745Address table lookup; Address filtering
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0892Network architectures or network communication protocols for network security for authentication of entities by using authentication-authorization-accounting [AAA] servers or protocols
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/101Access control lists [ACL]

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Accounting & Taxation (AREA)
  • Telephonic Communication Services (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

The embodiment of the invention provides a method and a device for issuing user management table items and control plane equipment, wherein the method for issuing the user management table items comprises the following steps: receiving an online request sent by a user by using user equipment; if the user equipment passes the authentication, generating a user management table item corresponding to the user information carrying the user in the online request; searching equipment information of first forwarding plane equipment corresponding to the user information from a forwarding plane equipment record table, wherein the first forwarding plane equipment is forwarding plane equipment which is accessed by a user by utilizing the user equipment; and sending the user management table entry to the first forwarding plane equipment according to the equipment information. By the scheme, the situation that the user equipment is disconnected from the network can be avoided when the forwarding plane equipment accessed by the user equipment is changed, and the continuity of the user equipment in connection with the network is ensured.

Description

User management table item issuing method and device and control plane equipment
Technical Field
The present invention relates to the field of internet technologies, and in particular, to a method and an apparatus for issuing a user management table entry, and a control plane device.
Background
BRAS (Broadband Remote Access Server) is a novel Access gateway for Broadband network application, provides Access service for users, realizes convergence and forwarding of multiple services, can meet the requirements of different users on transmission capacity and Broadband utilization rate, and is a core device for users to Access a Broadband network.
With the rapid development of internet technology, the demand of people on broadband is continuously increased, the traditional BRAS is faced with the problems of low resource utilization rate, complex management and maintenance and the like, and in order to solve the problems, a switching control separation BRAS system is provided. The transfer Control separation BRAS system includes a CP (Control Plane) device and an UP (User Plane) device. The control plane device is deployed in a TIC (Integrated Cloud core Telecom) and is responsible for user access management, authentication charging, user session, policy management and the like; the forwarding plane equipment is deployed at the edge TIC and is responsible for flow forwarding, user flow control and the like.
A user sends an online request to a control surface device by using user equipment, the control surface device authenticates the user equipment through an Authentication Authorization Accounting (AAA) server after receiving the online request, the control surface device generates a user management table item corresponding to user information of the user carried in the online request after determining that the user equipment is successfully authenticated, and sends the user management table item to forwarding surface equipment accessed by the user equipment, the forwarding surface equipment generates a hardware forwarding table item according to the user management table item after receiving forwarding information allowing forwarding flow, and data flow can be forwarded to the user equipment based on the hardware forwarding table item.
In a relay separation BRAS system, a plurality of forwarding plane devices are often provided, and a user is in a mobile state, when the user moves, the forwarding plane device accessed by the user device is changed from a first forwarding plane device to a second forwarding plane device, and since the control plane device cannot know that the forwarding plane device accessed by the user device changes, and cannot issue a user management table item to the second forwarding plane device, no hardware forwarding table item exists on the second forwarding plane device, so that the user device cannot be connected to a network. Therefore, the user can only re-initiate the connection request through the user equipment, and the control plane device needs to re-generate and issue the user management table entry according to the above steps, and send the newly generated user management table entry to the second forwarding plane device, so as to implement the network connection of the user equipment. Due to the complex process of the user equipment reconnecting the network, when the forwarding plane equipment accessed by the user equipment changes, the situation that the user equipment is disconnected from the network inevitably occurs, and the continuity of the user equipment connecting the network is influenced.
Disclosure of Invention
The embodiment of the invention aims to provide a method and a device for issuing user management table items and a control plane device, so as to avoid the situation that the user equipment is disconnected with a network when the forwarding plane device accessed by the user equipment is changed, and ensure the continuity of the connection of the user equipment with the network. The specific technical scheme is as follows:
in a first aspect, an embodiment of the present invention provides a method for issuing a user management table entry, where the method is applied to a control plane device, and the method includes:
receiving an online request sent by a user by using user equipment;
if the user equipment passes the authentication, generating a user management table item corresponding to the user information carrying the user in the online request;
searching equipment information of first forwarding plane equipment corresponding to the user information from a forwarding plane equipment record table, wherein the first forwarding plane equipment is the forwarding plane equipment which is accessed by the user by utilizing the user equipment;
and sending the user management table entry to the first forwarding plane equipment according to the equipment information.
In a second aspect, an embodiment of the present invention provides a device for issuing a user management table entry, where the device is applied to a control plane device, and the device includes:
the receiving module is used for receiving an online request sent by a user by utilizing user equipment;
a generating module, configured to generate a user management entry corresponding to the user information that carries the user in the online request if the user equipment passes authentication;
the searching module is used for searching the equipment information of the first forwarding plane equipment corresponding to the user information from a forwarding plane equipment record table, wherein the first forwarding plane equipment is the forwarding plane equipment which is accessed by the user by utilizing the user equipment;
and the sending module is used for sending the user management table item to the first forwarding plane equipment according to the equipment information.
In a third aspect, an embodiment of the present invention provides a control plane apparatus, including a processor and a computer-readable storage medium storing machine-executable instructions executable by the processor, the processor being caused by the machine-executable instructions to: the method steps of the first aspect of the embodiments of the present invention are implemented.
In a fourth aspect, embodiments of the present invention provide a computer-readable storage medium storing machine-executable instructions that, when invoked and executed by a processor, cause the processor to: the method steps of the first aspect of the embodiments of the present invention are implemented.
In the method, the apparatus, and the control surface device for issuing the user management table entry provided in the embodiments of the present invention, after the control surface device receives an online request sent by a user using user equipment and authenticates the user equipment, a user management table entry corresponding to user information of the user carried in the online request is generated, device information of a first forwarding surface device corresponding to the user information is searched from a forwarding surface device record table, and the user management table entry is sent to the first forwarding surface device according to the searched device information, where the first forwarding surface device is a forwarding surface device accessed by the user using the user equipment. The method includes that the user equipment is accessed to a first forwarding plane device, the probability that the user equipment is online by accessing the first forwarding plane device is high, and the accessed first forwarding plane device is not only one, so that a user management table entry is issued to the first forwarding plane device, if the forwarding plane device accessed by the user equipment is changed into any first forwarding plane device, and the first forwarding plane device receives the user management table entry issued by the control plane device, the data traffic can be uninterruptedly forwarded to the user equipment according to a hardware forwarding table entry generated by the user management table entry, namely, the situation that the user equipment is disconnected from a network when the forwarding plane device accessed by the user equipment is changed is avoided, and the continuity that the user equipment is connected with the network is ensured.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts.
Fig. 1 is a schematic diagram of a logical architecture of a prior art handover separation BRAS system;
fig. 2 is a flowchart illustrating a method for issuing a user management table entry according to an embodiment of the present invention;
fig. 3 is a schematic structural diagram of a handover control separation BRAS system according to an embodiment of the present invention;
fig. 4 is a schematic structural diagram of a user management table entry issuing device according to an embodiment of the present invention;
fig. 5 is a schematic structural diagram of a control plane device according to an embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The logical architecture of the handover-split BRAS system is shown in fig. 1, and the handover-split BRAS system includes a control plane device 110 and a plurality of forwarding plane devices 120.
The control plane device 110 is positioned as a user control management component, and mainly includes the following functions: the method supports user management, including user list item management and management of forwarding strategies such as access bandwidth and priority of users; the support is matched with an RADIUS (Remote Authentication Dial In User Server) and the like to finish the Authentication, authorization and charging management of an access User; the method supports the cooperation with a DHCP Server (Dynamic Hostconfiguration Protocol Server) or a local address pool mode to complete the address allocation of users; the method supports the processing of user PPPoE (Point to Point Protocol over Ethernet, Point to Point communication Protocol based on Ethernet)/IPoE (Internet Protocol over Ethernet, Internet Protocol based on Ethernet) dialing messages sent by the forwarding plane equipment, and completes user access; the method supports management of forwarding plane equipment, supports functions of establishment, deletion, keep-alive and the like of a tunnel-based access protocol channel, an Openflow-based control channel and a network configuration-based configuration channel between the control plane equipment and the forwarding plane equipment, distributes a protocol message sent by the forwarding plane equipment, and sends a user management table entry and the like to the forwarding plane equipment. The control plane device may interact with external service systems such as a radius Server, a DHCP Server, and the like, or may interact with a MANO (infrastructure management system).
The forwarding plane device is positioned as a network edge and user policy execution component of the L3 (three-layer network), and mainly comprises the following functions: the method supports the forwarding plane function of the traditional BRAS equipment, and comprises the functions of flow forwarding, QoS (Quality of Service), flow statistics and the like; and supporting the control plane function of the conventional BRAS equipment: routing, MPLS (Multi-Protocol label switching, multicast and multiprotocol label switching), etc.
Although the control plane device can implement that the user does not sense the change of the forwarding plane device by issuing the user management table entry to all the forwarding plane devices which are hung down, the forwarding plane device needs to backup the user management table entries corresponding to the user devices because the number of the user devices connected to the network is increasing day by day, so that the load of the forwarding plane device is too large, and the normal operation of the forwarding plane device is seriously influenced.
In order to avoid the disconnection of the user equipment from the network when the forwarding plane equipment accessed by the user equipment is changed, ensure the continuity of the connection of the user equipment to the network and effectively reduce the load of the forwarding plane equipment. The embodiment of the invention provides a method and a device for issuing user management table items and control plane equipment.
Next, a method for issuing a user management table entry provided by the embodiment of the present invention is first described.
An execution main body of the method for issuing the user management table entry provided by the embodiment of the present invention is a control plane device in the handover control separation BRAS system shown in fig. 1, and a manner of implementing the method for issuing the user management table entry provided by the embodiment of the present invention may be at least one of software, a hardware circuit, and a logic circuit that are provided in the execution main body.
As shown in fig. 2, a method for issuing a user management table entry provided in the embodiment of the present invention may include the following steps:
s201, receiving an online request sent by a user by using user equipment.
For a dynamic broadband user (e.g., IPoE user), before the user needs to access a network, the user equipment sends an online request to an accessed forwarding plane device, where the online request carries user information of the user, such as geographical location information and IP address information of the user. And after receiving the online request, the forwarding plane equipment sends the online request to the control plane equipment.
S202, if the user equipment passes the authentication, a user management table item corresponding to the user information carried in the online request is generated.
After receiving the online request, the control surface equipment can correspondingly generate a user name and a password based on user information carried in the online request, and initiate an authentication request to an AAA server based on the generated user name and password; for a static broadband user, the control plane device may directly send configured authentication information of the user to the AAA server for authentication. After the AAA server completes the authentication and authorization operation, it feeds back an authentication passing message to the control plane device, so that the control plane device notifies the user of going online, and the AAA server performs operations such as access control and charging on the user according to the authorization result. The control plane device may determine whether the user equipment passes the authentication by determining whether the authentication pass message is received. After the user is determined to pass the authentication, generating a corresponding user management table item based on the user information of the user carried in the online request, wherein the user management table item includes but is not limited to: user information of the user and an authentication passing identifier allowing the user equipment to be on-line. And the generated user management table entry is used for informing the forwarding plane equipment which user equipment can be online by accessing the forwarding plane equipment.
S203, the device information of the first forwarding plane device corresponding to the user information is searched from the forwarding plane device record table.
The first forwarding plane device is a forwarding plane device accessed by a user device. The forwarding plane device record table dynamically records the corresponding relationship between the device information of the forwarding plane device accessed by the user by using the user device and the user information of the user, and because the probability that the forwarding plane device accessed by the user by using the user device is accessed as the access device again by the user device is higher, the corresponding relationship between the device information of the forwarding plane device and the user information is recorded in the forwarding plane device record table.
As shown in fig. 3, in the handover separation BRAS system in a certain area, when a user 1 has accessed forwarding plane devices UP1 and UP2 by using a user device, a corresponding relationship between user information of the user 1 and device information of UP1 and a corresponding relationship between user information of the user 1 and device information of UP2 are recorded in a forwarding plane device record table; when the user 2 has accessed the forwarding plane devices UP3 and UP4 by using the user device, the corresponding relationship between the user information of the user 2 and the device information of UP3 and the corresponding relationship between the user information of the user 2 and the device information of UP4 are recorded in the forwarding plane device record table.
The forwarding plane device record table records a corresponding relationship between device information of the forwarding plane device accessed by the user and the user information, and as shown in table 1, the forwarding plane device record table records: the corresponding relation between the user information XXX and the device information UP1/UP2 shows that the user with the user information XXX accesses the forwarding plane device with the device information UP1 and the forwarding plane device with the device information UP2 by using the user device; the correspondence between the user information YYY and the device information UP3/UP4 indicates that the user with the user information YYY has access to the forwarding plane device with the device information UP3 and the forwarding plane device with the device information UP4 by using the user device. The user information may be information that uniquely identifies the user, such as a user name, and the device information of the forwarding plane device may be information that uniquely identifies the forwarding plane device, such as a name of the forwarding plane device, an IP address of the forwarding plane device, and an MAC address of the forwarding plane device.
TABLE 1
User information of a user Device information of forwarding plane device
XXX UP1/UP2
YYY UP3/UP4
The forwarding plane device record table may be a dynamically updated record table, that is, information recorded in the forwarding plane device record table may be dynamically added or deleted based on a real-time situation that the user equipment accesses the forwarding plane device.
Optionally, for the forwarding plane device record table, the following dynamic update may be performed:
and if the equipment information of the first forwarding plane equipment corresponding to the user information is not found from the forwarding plane equipment record table, adding the corresponding relation between the user information and the equipment information of the second forwarding plane equipment currently accessed by the user by using the user equipment into the forwarding plane equipment record table.
If the device information of the first forwarding plane device is not found from the forwarding plane device record table, it indicates that the forwarding plane device which the user has accessed is not recorded in the forwarding plane device record table. Therefore, the correspondence between the device information and the user information of the second forwarding plane device currently accessed by the user by using the user device can be added to the forwarding plane device record table. And when the user requests to be online again, the next time, the equipment information of the second forwarding plane equipment is regarded as the equipment information of the first forwarding plane equipment in the forwarding plane equipment record table, and the user management table entry is issued to the first forwarding plane equipment according to the equipment information of the first forwarding plane equipment.
Optionally, for the forwarding plane device record table, the following dynamic update may also be performed:
based on the user information, searching the equipment information of a second forwarding plane equipment which is accessed by the user at present by utilizing the user equipment from the forwarding plane equipment record table;
and if the equipment information of the second forwarding plane equipment is not found in the forwarding plane equipment record table, adding the corresponding relation between the user information and the equipment information of the second forwarding plane equipment in the forwarding plane equipment record table.
When a user requests to go online, the forwarding plane device accessed by the user device may also be a new forwarding plane device, that is, although the first forwarding plane device is recorded in the forwarding plane device record table, the device information of the first forwarding plane device is not the device information of the second forwarding plane device currently accessed by the user device, so that in order to ensure that the user can continuously go online when moving to the range covered by the second forwarding plane device again in the subsequent process, the corresponding relationship between the device information of the second forwarding plane device and the user information needs to be added to the forwarding plane device record table.
Optionally, for the forwarding plane device record table, the following dynamic update may also be performed:
counting a first time length that a user continues not to access a fourth forwarding surface device by using user equipment, wherein the fourth forwarding surface device is a forwarding surface device with any device information corresponding to the user information of the user in a forwarding surface device record table;
and if the first time length reaches the preset time length, deleting the corresponding relation between the user information and the equipment information of the fourth forwarding plane equipment from the forwarding plane equipment record table.
If the user equipment does not access the fourth forwarding plane device within the preset time, it indicates that the possibility that the user equipment accesses the fourth forwarding plane device is smaller and smaller, and in order to release the storage space of the control plane device and reduce the record of the device information of the forwarding plane device with smaller access possibility, the corresponding relationship between the user information and the device information of the fourth forwarding plane device may be deleted from the forwarding plane device record table.
For example, if the preset time duration is set to 10 days, and the user with the user information XXX does not access UP2 within 10 days using the user equipment, but the user with the user information YYY currently accesses UP2 using the user equipment, table 1 may be updated to table 2.
TABLE 2
User information of a user Device information of forwarding plane device
XXX UP1
YYY UP3/UP4/UP2
After the forwarding plane device record table is generated, the recorded information is continuously updated and increased, which easily causes that excessive redundant information exists in the forwarding plane device record table and affects the memory of the control plane device.
Optionally, for the forwarding plane device record table, the following dynamic update may also be performed:
counting a second duration added with a first corresponding relation in a forwarding plane device record table, wherein the first corresponding relation is a corresponding relation between user information and device information of any forwarding plane device;
and if the second duration reaches the preset aging time, deleting the first corresponding relation from the forwarding plane equipment record table.
Because the preset aging time corresponds to each piece of information one to one, the corresponding relationship between the user information, the preset forwarding domain, and the device information of the forwarding plane device can be represented by a table entry, and therefore, the preset aging time can be added to the corresponding table entry of the forwarding plane device record table, for example, as shown in table 3.
TABLE 3
User information of a user Device information of forwarding plane device Presetting aging time
XXX UP1/UP2 30 days
YYY UP3/UP4 60 days
When the added time length of the table entry of the user information XXX reaches 30 days, deleting the table entry from the forwarding plane equipment recording table, namely deleting the corresponding relation between the user information XXX and the equipment information UP1/UP 2; when the added time length of the table entry of the user information YYY reaches 60 days, deleting the table entry from the forwarding plane equipment recording table, namely deleting the corresponding relation between the user information YYY and the equipment information UP3/UP 4. The deletion of the table entry may be notified by an authorization server such as an AAA server when the user logs off or the authority expires, or may be notified by manually issuing a deletion command.
And S204, sending the user management table entry to the first forwarding plane equipment according to the equipment information.
If the device information of the first forwarding plane device can be found from the forwarding plane device record table, it indicates that the user device has accessed the forwarding plane device and connected to the network, and in order to allow the forwarding plane device accessed the user device to forward the user traffic, the control plane device issues the generated user management table entry to the first forwarding plane device according to the device information.
In most cases, the moving range of the user is small, the change of the user equipment accessing the forwarding plane equipment is mainly concentrated among some fixed forwarding plane equipment, and the forwarding plane equipment has the characteristics of closer geographical position, frequent interaction and the like. Therefore, when a network architecture is constructed, a forwarding domain table may be preset based on a preset rule, where the preset rule may be to set forwarding plane devices within a certain geographic location range as the same forwarding domain, the forwarding domain table records the preset forwarding domains and device information of the forwarding plane devices included in each preset forwarding domain, and each entry in the forwarding domain table represents a corresponding relationship between the preset forwarding domain and the device information of the forwarding plane devices included in the preset forwarding domain. As shown in table 4, the forwarding field UP _ a includes a forwarding plane device whose device information is UP1 and a forwarding plane device whose device information is UP 2; the forwarding field UP _ B includes a forwarding plane device whose device information is UP3 and a forwarding plane device whose device information is UP 4.
TABLE 4
Preset forwarding domain Device information of forwarding plane device
UP_A UP1/UP2
UP_B UP3/UP4
Optionally, the method for issuing the user management table entry may further include:
determining second forwarding plane equipment which is currently accessed by a user by utilizing user equipment;
determining a forwarding domain to which the second forwarding plane device belongs from a preset forwarding domain table, and acquiring device information of a third forwarding plane device, except the first forwarding plane device and the second forwarding plane device, included in the forwarding domain to which the second forwarding plane device belongs from the forwarding domain table;
and sending the user management table entry to the third forwarding plane equipment according to the equipment information of the third forwarding plane equipment.
The forwarding domain table is used for recording preset forwarding domains and device information of forwarding plane devices included in each preset forwarding domain.
In an example, the order of the step of determining that the user uses the second forwarding plane device currently accessed by the user equipment, determining the forwarding domain to which the second forwarding plane device belongs from the preset forwarding domain table, and acquiring the device information of the third forwarding plane device is not limited, that is, the step of determining that the user uses the second forwarding plane device currently accessed by the user equipment, determining the forwarding domain of the second forwarding plane device from the preset forwarding domain table, and acquiring the device information of the third forwarding plane device is performed regardless of whether the device information of the first forwarding plane device corresponding to the user information is found from the forwarding plane device record table, so that the user management entry can be sent to the third forwarding plane device when the user management entry can be sent to the first forwarding plane device, and regardless of whether the forwarding plane device accessed by the user equipment is changed from the second forwarding plane device to the first forwarding plane device or the third forwarding plane device, uninterrupted forwarding of data traffic to the user equipment may be achieved.
In another example, the step of determining that the user utilizes the second forwarding plane device currently accessed by the user equipment, determining the forwarding domain to which the second forwarding plane device belongs from the preset forwarding domain table, and acquiring the device information of the third forwarding plane device may further include, after the device information of the first forwarding plane device corresponding to the user information is not found from the forwarding plane device record table, that is, the forwarding plane device record table does not contain the device information of the first forwarding plane device corresponding to the user information of the user, and at this time, user management table entries can be sent to the third forwarding plane device in the forwarding domain to which the second forwarding plane device currently accessed by the user device belongs according to the device information recorded in the forwarding domain table, therefore, if the forwarding plane device accessed by the user equipment is changed from the second forwarding plane device to the third forwarding plane device, uninterrupted forwarding of the data traffic to the user equipment can be realized. The method can effectively reduce the quantity of the user management table items sent by the control plane equipment to the forwarding plane equipment.
All the forwarding plane devices receiving the user management table entry may generate a hardware forwarding table entry according to the user management table entry, where user information, interface information, and the like of the user are recorded in the hardware forwarding table entry, and the hardware forwarding table entry is used to guide the forwarding plane device to which user device the data traffic is forwarded. Therefore, when a user moves from a range covered by one forwarding plane device to a range covered by another forwarding plane device which generates a hardware forwarding table, the forwarding plane device can directly perform routing according to the hardware forwarding table and forward the user traffic because the hardware forwarding table is generated. When the user position changes and the forwarding plane equipment accessed by the user equipment changes, the network is not disconnected, re-authentication is not needed, and the user cannot perceive the change of the forwarding plane equipment.
By applying the embodiment, after the control plane device receives an online request sent by a user by using user equipment and authenticates the user equipment, a user management table item corresponding to user information of the user carried in the online request is generated, the device information of a first forwarding plane device corresponding to the user information is searched from a forwarding plane device record table, and the user management table item is sent to the first forwarding plane device according to the searched device information, wherein the first forwarding plane device is a forwarding plane device accessed by the user equipment within a preset time length. The method includes that the user equipment is accessed to a first forwarding plane device, the probability that the user equipment is online by accessing the first forwarding plane device is high, and the accessed first forwarding plane device is not only one, so that a user management table entry is issued to the first forwarding plane device, if the forwarding plane device accessed by the user equipment is changed into any first forwarding plane device, and the first forwarding plane device receives the user management table entry issued by the control plane device, the data traffic can be uninterruptedly forwarded to the user equipment according to a hardware forwarding table entry generated by the user management table entry, namely, the situation that the user equipment is disconnected from a network when the forwarding plane device accessed by the user equipment is changed is avoided, and the continuity that the user equipment is connected with the network is ensured. And only the forwarding plane device which the user device has accessed and the forwarding plane device in the forwarding domain dynamically back up the user management table entry, thereby effectively reducing the load of the forwarding plane device.
Because the forwarding domain table is preset, the forwarding domain table records the preset forwarding domains and the device information of the forwarding plane device included in each preset forwarding domain, and besides issuing the user management table entry to the first forwarding plane device, the user management table entry also needs to be issued to the forwarding plane device in the forwarding domain table, so as to ensure that the data traffic can be continuously forwarded to the user device no matter which forwarding plane device the user device accesses is changed into.
Corresponding to the foregoing method embodiment, an embodiment of the present invention provides a user management table entry issuing device, and as shown in fig. 4, the user management table entry issuing device may include:
a receiving module 410, configured to receive an online request sent by a user by using user equipment;
a generating module 420, configured to generate a user management entry corresponding to the user information that carries the user in the online request if the user equipment passes authentication;
a searching module 430, configured to search, from a forwarding plane device record table, device information of a first forwarding plane device corresponding to the user information, where the first forwarding plane device is a forwarding plane device that the user has accessed by using a user device;
a sending module 440, configured to send the user management entry to the first forwarding plane device according to the device information.
Optionally, the apparatus may further include:
a determining module, configured to determine a second forwarding plane device currently accessed by the user by using the user equipment;
an obtaining module, configured to determine, from a preset forwarding domain table, a forwarding domain to which the second forwarding plane device belongs, and obtain, from the forwarding domain table, device information of a third forwarding plane device included in the forwarding domain to which the second forwarding plane device belongs, the third forwarding plane device being other than the first forwarding plane device and the second forwarding plane device;
the sending module 440 may be further configured to send the user management entry to the third forwarding plane device according to the device information of the third forwarding plane device;
the forwarding domain table is used for recording preset forwarding domains and device information of forwarding plane devices included in each preset forwarding domain.
Optionally, the apparatus may further include:
and the adding module is used for adding the corresponding relation between the user information and the equipment information of the second forwarding plane equipment which is accessed by the user at present by using the user equipment into the forwarding plane equipment record table if the equipment information of the first forwarding plane equipment corresponding to the user information is not searched from the forwarding plane equipment record table.
Optionally, the searching module 430 may be further configured to search, based on the user information, device information of a second forwarding plane device currently accessed by the user by using the user device from the forwarding plane device record table;
the apparatus may further include:
and an adding module, configured to add, if the device information of the second forwarding plane device is not found in the forwarding plane device record table, a corresponding relationship between the user information and the device information of the second forwarding plane device in the forwarding plane device record table.
Optionally, the apparatus may further include:
a counting module, configured to count a first duration that the user continues to access a fourth forwarding plane device by using the user equipment, where the fourth forwarding plane device is a forwarding plane device having any device information corresponding to the user information of the user in the forwarding plane device record table;
and the deleting module is used for deleting the corresponding relation between the user information and the equipment information of the fourth forwarding surface equipment from the forwarding surface equipment record table if the first time length reaches a preset time length.
Optionally, the apparatus may further include:
a counting module, configured to count a second duration to which a first corresponding relationship is added in the forwarding plane device record table, where the first corresponding relationship is a corresponding relationship between the user information and device information of any forwarding plane device;
and the deleting module is used for deleting the first corresponding relation from the forwarding surface equipment record table if the second duration reaches the preset aging time.
By applying the embodiment, after the control plane device receives an online request sent by a user by using user equipment and authenticates the user equipment, a user management table item corresponding to user information of the user carried in the online request is generated, the device information of a first forwarding plane device corresponding to the user information is searched from a forwarding plane device record table, and the user management table item is sent to the first forwarding plane device according to the searched device information, wherein the first forwarding plane device is a forwarding plane device accessed by the user equipment within a preset time length. The method includes that the user equipment is accessed to a first forwarding plane device, the probability that the user equipment is online by accessing the first forwarding plane device is high, and the accessed first forwarding plane device is not only one, so that a user management table entry is issued to the first forwarding plane device, if the forwarding plane device accessed by the user equipment is changed into any first forwarding plane device, and the first forwarding plane device receives the user management table entry issued by the control plane device, the data traffic can be uninterruptedly forwarded to the user equipment according to a hardware forwarding table entry generated by the user management table entry, namely, the situation that the user equipment is disconnected from a network when the forwarding plane device accessed by the user equipment is changed is avoided, and the continuity that the user equipment is connected with the network is ensured. And only the forwarding plane device which the user device has accessed and the forwarding plane device in the forwarding domain dynamically back up the user management table entry, thereby effectively reducing the load of the forwarding plane device.
Because the forwarding domain table is preset, the forwarding domain table records the preset forwarding domains and the device information of the forwarding plane device included in each preset forwarding domain, and besides issuing the user management table entry to the first forwarding plane device, the user management table entry also needs to be issued to the forwarding plane device in the forwarding domain table, so as to ensure that the data traffic can be continuously forwarded to the user device no matter which forwarding plane device the user device accesses is changed into.
An embodiment of the present invention further provides a control plane device, as shown in fig. 5, including a processor 501 and a computer-readable storage medium 502, where the computer-readable storage medium 502 stores machine-executable instructions that can be executed by the processor 501, and the processor 501 is caused by the machine-executable instructions to implement all steps of the method for issuing the user management table entry provided in the embodiment of the present invention.
The computer-readable storage medium may include a RAM (Random Access Memory) and a NVM (Non-volatile Memory), such as at least one disk Memory. Alternatively, the computer readable storage medium may be at least one memory device located remotely from the processor.
The Processor may be a general-purpose Processor, including a Central Processing Unit (CPU), a Network Processor (NP), and the like; but also a DSP (Digital Signal Processor), an ASIC (Application Specific Integrated Circuit), an FPGA (Field-Programmable Gate Array) or other Programmable logic device, discrete Gate or transistor logic device, discrete hardware component.
In this embodiment, the processor of the control plane device can realize, by reading the computer program stored in the computer-readable storage medium and running the computer program: after the control plane device receives an online request sent by a user device by using the user device and passes authentication on the user device, a user management table item corresponding to user information of the user carried in the online request is generated, the device information of a first forwarding plane device corresponding to the user information is searched from a forwarding plane device record table, the user management table item is sent to the first forwarding plane device according to the searched device information, and the first forwarding plane device is the forwarding plane device which is accessed by the user device within preset duration. The method includes that the user equipment is accessed to a first forwarding plane device, the probability that the user equipment is online by accessing the first forwarding plane device is high, and the accessed first forwarding plane device is not only one, so that a user management table entry is issued to the first forwarding plane device, if the forwarding plane device accessed by the user equipment is changed into any first forwarding plane device, and the first forwarding plane device receives the user management table entry issued by the control plane device, the data traffic can be uninterruptedly forwarded to the user equipment according to a hardware forwarding table entry generated by the user management table entry, namely, the situation that the user equipment is disconnected from a network when the forwarding plane device accessed by the user equipment is changed is avoided, and the continuity that the user equipment is connected with the network is ensured.
In addition, corresponding to the method for issuing the user management table entry provided in the foregoing embodiment, an embodiment of the present invention provides a computer-readable storage medium, which stores machine-executable instructions, and when the computer-readable storage medium is called and executed by a processor, the machine-executable instructions cause the processor to implement all the steps of the method for issuing the user management table entry provided in the embodiment of the present invention.
In this embodiment, when running, the computer-readable storage medium executes the application program of the user management table entry issuing method provided in the embodiment of the present invention, so that the following can be implemented: after the control plane device receives an online request sent by a user device by using the user device and passes authentication on the user device, a user management table item corresponding to user information of the user carried in the online request is generated, the device information of a first forwarding plane device corresponding to the user information is searched from a forwarding plane device record table, the user management table item is sent to the first forwarding plane device according to the searched device information, and the first forwarding plane device is the forwarding plane device which is accessed by the user device within preset duration. The method includes that the user equipment is accessed to a first forwarding plane device, the probability that the user equipment is online by accessing the first forwarding plane device is high, and the accessed first forwarding plane device is not only one, so that a user management table entry is issued to the first forwarding plane device, if the forwarding plane device accessed by the user equipment is changed into any first forwarding plane device, and the first forwarding plane device receives the user management table entry issued by the control plane device, the data traffic can be uninterruptedly forwarded to the user equipment according to a hardware forwarding table entry generated by the user management table entry, namely, the situation that the user equipment is disconnected from a network when the forwarding plane device accessed by the user equipment is changed is avoided, and the continuity that the user equipment is connected with the network is ensured.
As for the control plane device and the computer-readable storage medium, since the content of the related method is substantially similar to that of the foregoing method embodiment, the description is relatively simple, and for the relevant points, reference may be made to part of the description of the method embodiment.
It is noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.
All the embodiments in the present specification are described in a related manner, and the same and similar parts among the embodiments may be referred to each other, and each embodiment focuses on the differences from the other embodiments. In particular, as for the apparatus, the control plane device and the computer-readable storage medium embodiments, since they are substantially similar to the method embodiments, the description is relatively simple, and in relation to the description, reference may be made to the part of the method embodiments.
The above description is only for the preferred embodiment of the present invention, and is not intended to limit the scope of the present invention. Any modification, equivalent replacement, or improvement made within the spirit and principle of the present invention shall fall within the protection scope of the present invention.

Claims (14)

1. A user management table item issuing method is applied to control plane equipment, and the method comprises the following steps:
receiving an online request sent by a user by using user equipment;
if the user equipment passes the authentication, generating a user management table item corresponding to the user information of the user carried in the online request;
searching device information of first forwarding plane equipment corresponding to the user information from a forwarding plane equipment record table, wherein the first forwarding plane equipment is forwarding plane equipment accessed by the user by using the user equipment, and the first forwarding plane equipment is different from current forwarding plane equipment accessed by the user by using the user equipment;
and sending the user management table entry to the first forwarding plane equipment according to the equipment information.
2. The method of claim 1, further comprising:
determining a second forwarding plane device currently accessed by the user by using the user device;
determining a forwarding domain to which the second forwarding plane device belongs from a preset forwarding domain table, and acquiring device information of a third forwarding plane device, which is included in the forwarding domain to which the second forwarding plane device belongs, except the first forwarding plane device and the second forwarding plane device from the forwarding domain table;
sending the user management table entry to the third forwarding plane device according to the device information of the third forwarding plane device;
the forwarding domain table is used for recording preset forwarding domains and device information of forwarding plane devices included in each preset forwarding domain.
3. The method according to claim 1 or 2, characterized in that the method further comprises:
and if the equipment information of the first forwarding plane equipment corresponding to the user information is not found from the forwarding plane equipment record table, adding the corresponding relation between the user information and the equipment information of the second forwarding plane equipment currently accessed by the user by using the user equipment into the forwarding plane equipment record table.
4. The method according to claim 1 or 2, characterized in that the method further comprises:
based on the user information, searching the device information of a second forwarding plane device which is accessed by the user at present by utilizing the user device from the forwarding plane device record table;
and if the device information of the second forwarding plane device is not found in the forwarding plane device record table, adding the corresponding relation between the user information and the device information of the second forwarding plane device in the forwarding plane device record table.
5. The method according to claim 1 or 2, characterized in that the method further comprises:
counting a first time length that the user utilizes the user equipment and continuously does not access a fourth forwarding surface device, wherein the fourth forwarding surface device is the forwarding surface device with any device information corresponding to the user information of the user in the forwarding surface device record table;
and if the first time length reaches a preset time length, deleting the corresponding relation between the user information and the equipment information of the fourth forwarding plane equipment from the forwarding plane equipment record table.
6. The method according to claim 1 or 2, characterized in that the method further comprises:
counting a second duration of adding a first corresponding relation in the forwarding plane equipment record table, wherein the first corresponding relation is the corresponding relation between the user information and the equipment information of any forwarding plane equipment;
and if the second duration reaches the preset aging time, deleting the first corresponding relation from the forwarding plane equipment record table.
7. A user management table item issuing device is applied to a control plane device, and the device comprises:
the receiving module is used for receiving an online request sent by a user by utilizing user equipment;
a generating module, configured to generate a user management entry corresponding to the user information of the user carried in the online request if the user equipment passes authentication;
a searching module, configured to search, from a forwarding plane device record table, device information of a first forwarding plane device corresponding to the user information, where the first forwarding plane device is a forwarding plane device that has been accessed by a user by using a user device, and the first forwarding plane device is different from a current forwarding plane device that is accessed by the user by using the user device;
and the sending module is used for sending the user management table item to the first forwarding plane equipment according to the equipment information.
8. The apparatus of claim 7, further comprising:
a determining module, configured to determine a second forwarding plane device currently accessed by the user by using the user equipment;
an obtaining module, configured to determine, from a preset forwarding domain table, a forwarding domain to which the second forwarding plane device belongs, and obtain, from the forwarding domain table, device information of a third forwarding plane device included in the forwarding domain to which the second forwarding plane device belongs, the third forwarding plane device being other than the first forwarding plane device and the second forwarding plane device;
the sending module is further configured to send the user management table entry to the third forwarding plane device according to the device information of the third forwarding plane device;
the forwarding domain table is used for recording preset forwarding domains and device information of forwarding plane devices included in each preset forwarding domain.
9. The apparatus of claim 7 or 8, further comprising:
and the adding module is used for adding the corresponding relation between the user information and the equipment information of the second forwarding plane equipment which is accessed by the user at present by using the user equipment into the forwarding plane equipment record table if the equipment information of the first forwarding plane equipment corresponding to the user information is not searched from the forwarding plane equipment record table.
10. The apparatus according to claim 7 or 8,
the searching module is further configured to search, based on the user information, device information of a second forwarding plane device currently accessed by the user by using the user device from the forwarding plane device record table;
the device further comprises:
and an adding module, configured to add, if the device information of the second forwarding plane device is not found in the forwarding plane device record table, a corresponding relationship between the user information and the device information of the second forwarding plane device in the forwarding plane device record table.
11. The apparatus of claim 7 or 8, further comprising:
a counting module, configured to count a first duration that the user continues to access a fourth forwarding plane device by using the user equipment, where the fourth forwarding plane device is a forwarding plane device having any device information corresponding to the user information of the user in the forwarding plane device record table;
and the deleting module is used for deleting the corresponding relation between the user information and the equipment information of the fourth forwarding surface equipment from the forwarding surface equipment record table if the first time length reaches a preset time length.
12. The apparatus of claim 7 or 8, further comprising:
a counting module, configured to count a second duration to which a first corresponding relationship is added in the forwarding plane device record table, where the first corresponding relationship is a corresponding relationship between the user information and device information of any forwarding plane device;
and the deleting module is used for deleting the first corresponding relation from the forwarding surface equipment record table if the second duration reaches the preset aging time.
13. A control surface device comprising a processor and a computer-readable storage medium storing machine-executable instructions executable by the processor, the processor being caused by the machine-executable instructions to: carrying out the method steps of any one of claims 1 to 6.
14. A computer-readable storage medium having stored thereon machine-executable instructions that, when invoked and executed by a processor, cause the processor to: carrying out the method steps of any one of claims 1 to 6.
CN201810224966.1A 2018-03-19 2018-03-19 User management table item issuing method and device and control plane equipment Active CN108833280B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810224966.1A CN108833280B (en) 2018-03-19 2018-03-19 User management table item issuing method and device and control plane equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810224966.1A CN108833280B (en) 2018-03-19 2018-03-19 User management table item issuing method and device and control plane equipment

Publications (2)

Publication Number Publication Date
CN108833280A CN108833280A (en) 2018-11-16
CN108833280B true CN108833280B (en) 2020-02-04

Family

ID=64155063

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810224966.1A Active CN108833280B (en) 2018-03-19 2018-03-19 User management table item issuing method and device and control plane equipment

Country Status (1)

Country Link
CN (1) CN108833280B (en)

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111835643B (en) * 2019-04-22 2021-10-19 华为技术有限公司 Method for managing MAC table, network device, storage medium and program product
CN113037630B (en) * 2019-12-24 2023-07-07 中兴通讯股份有限公司 Table entry issuing method and device and table entry processing method and device
CN113055191B (en) * 2019-12-27 2023-08-01 中兴通讯股份有限公司 Forwarding method and device and forwarding plane of broadband remote access server
CN114079613B (en) * 2020-08-14 2023-07-18 华为技术有限公司 Communication method and related equipment
CN115150216B (en) * 2021-03-31 2024-03-19 中国电信股份有限公司 Flow forwarding system, method and control plane equipment of vBRAS

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2014131462A1 (en) * 2013-03-01 2014-09-04 Nokia Solutions And Networks Oy Software defined networking for edge nodes
WO2015010730A1 (en) * 2013-07-24 2015-01-29 Nokia Solutions And Networks Gmbh & Co. Kg Network consolidation by means of virtualization
WO2015104546A1 (en) * 2014-01-08 2015-07-16 Vodafone Ip Licensing Limited Telecommunications networks

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102075341B (en) * 2009-11-25 2015-06-10 中兴通讯股份有限公司 Method and system for main-standby synchronization
CN102164094B (en) * 2011-05-30 2014-04-23 北京星网锐捷网络技术有限公司 Multi-link traffic reallocation method and device
CN107623593B (en) * 2017-08-31 2021-06-15 北京华为数字技术有限公司 Method and equipment for hot standby of dual computers based on CU separation
CN107566292B (en) * 2017-09-19 2020-12-25 新华三技术有限公司 Message forwarding method and device
CN107634907B (en) * 2017-10-25 2020-04-28 新华三技术有限公司 Data forwarding method and device for L2VPN (layer two virtual private network)

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2014131462A1 (en) * 2013-03-01 2014-09-04 Nokia Solutions And Networks Oy Software defined networking for edge nodes
WO2015010730A1 (en) * 2013-07-24 2015-01-29 Nokia Solutions And Networks Gmbh & Co. Kg Network consolidation by means of virtualization
WO2015104546A1 (en) * 2014-01-08 2015-07-16 Vodafone Ip Licensing Limited Telecommunications networks

Also Published As

Publication number Publication date
CN108833280A (en) 2018-11-16

Similar Documents

Publication Publication Date Title
CN108833280B (en) User management table item issuing method and device and control plane equipment
US20220107848A1 (en) Edge service providing method and apparatus, and device
WO2022206260A1 (en) Address information sending method and apparatus, address information obtaining method and apparatus, device, and medium
WO2021043191A1 (en) Domain name system server determination method, request processing method and apparatus, and system
TWI675572B (en) Network service system and network service method
CA2321396C (en) Mobile communications service system, mobile communications service method, authentication apparatus, and home agent apparatus
US8433793B2 (en) Dispatching method, dispatching apparatus and dispatching system
US8681779B2 (en) Triple play subscriber and policy management system and method of providing same
EP2124385B1 (en) Method, device and system for multicast service authorization controlling
CN108667575B (en) Backup method and device for BRAS transfer control separation
JP2007143172A (en) Unified directory and presence system for universal access to telecommunication service
CN103825975A (en) Cdn node distribution server and system
CN111225016B (en) Network service system and network service method
CN103428302A (en) Domain name resolution method, server and system
US8094674B2 (en) Method and system for implementing network device access management
US20120303795A1 (en) Qos control in wireline subscriber management
US9900804B2 (en) Method and device for processing to share network resources, and method, device and system for sharing network resources
US7848258B2 (en) Dynamically transitioning static network addresses
US9985877B2 (en) Customer premises equipment virtualization
WO2018113633A1 (en) Packet forwarding method, packet forwarding controller, bras, and computer storage medium
CN111064594B (en) Gateway information processing method, gateway, account management system and storage medium
CN108306807B (en) Account opening management method and device
CN111917858B (en) Remote management system, method, device and server
US11849163B2 (en) Redundant video stream generation
WO2023088411A1 (en) Method and apparatus for sending instruction, and method and apparatus for sending information

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant