CN110838981B - Method, device and equipment for user internet route selection and computer readable storage medium - Google Patents
Method, device and equipment for user internet route selection and computer readable storage medium Download PDFInfo
- Publication number
- CN110838981B CN110838981B CN201911011020.8A CN201911011020A CN110838981B CN 110838981 B CN110838981 B CN 110838981B CN 201911011020 A CN201911011020 A CN 201911011020A CN 110838981 B CN110838981 B CN 110838981B
- Authority
- CN
- China
- Prior art keywords
- address
- client
- user name
- authentication
- internet
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
- H04L45/74—Address processing for routing
- H04L45/742—Route cache; Operation thereof
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements, protocols or services for addressing or naming
- H04L61/30—Managing network names, e.g. use of aliases or nicknames
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements, protocols or services for addressing or naming
- H04L61/45—Network directories; Name-to-address mapping
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements, protocols or services for addressing or naming
- H04L61/50—Address allocation
- H04L61/5007—Internet protocol [IP] addresses
- H04L61/5014—Internet protocol [IP] addresses using dynamic host configuration protocol [DHCP] or bootstrap protocol [BOOTP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements, protocols or services for addressing or naming
- H04L61/50—Address allocation
- H04L61/5053—Lease time; Renewal aspects
Abstract
The invention discloses a method, a device, equipment and a computer readable storage medium for selecting a route for user surfing, wherein the method comprises the following steps: storing the corresponding relation between the client user name and the client Internet protocol IP address; and carrying out a matching strategy based on the user name to realize the routing internet surfing. By adopting the method and the device, the client is marked by the user name, the user name is associated with the user name and the IP address, and the Internet routing is carried out based on the user name, so that the problems that the client cannot be locked, the IP address conflicts are caused, the routing strategy is unreliable and the like in the dynamic change process of the IP address can be solved, and the method and the device can be suitable for the scenes that the IP address is dynamically allocated by an intranet, the intranet is DHCP/DHCPv6 topology and the like. Moreover, when the network has a security problem, the client can be traced back to the client easily through the corresponding relation between the stored user name and the IP address, and the method has an effective promoting effect on the audit in the later period or the security problem solving.
Description
Technical Field
The present invention relates to the field of communications, and in particular, to a method, an apparatus, a device, and a computer-readable storage medium for selecting a route for a user to surf internet.
Background
With the development of computers and network technologies, it is common for intranet clients to dynamically select routes to surf the internet through multiple links. The traditional routing equipment has a mature strategy routing technical scheme based on intranet fixed source IP routing, but for the topology using DHCP/DHCPv6 scenario in the intranet local area network, the routing strategy is difficult to ensure reliability due to the periodic change of intranet addresses. And with the increasing popularization of the IPV6 network, the dynamic address allocation scenes in the user intranet are gradually increased in the future. Internet access routing of the IPV6 client and source tracing and auditing of the intranet client are already technical problems faced by current network operation and maintenance personnel.
Disclosure of Invention
The embodiment of the invention provides a method, a device and equipment for selecting a route for user surfing and a computer readable storage medium, which are used for solving the problem of low reliability of a surfing route selection strategy in an intranet dynamic address allocation scene in the prior art.
The embodiment of the invention provides a method for selecting a route for user surfing the Internet, which comprises the following steps:
storing the corresponding relation between the client user name and the client Internet protocol IP address;
and carrying out a matching strategy based on the user name to realize the routing internet surfing.
According to some embodiments of the invention, the method further comprises:
receiving an authentication request of a client, wherein the authentication request carries a user name of the client;
authenticating the user name;
and issuing an authentication response to the client.
According to some embodiments of the invention, the method further comprises:
receiving an IP address request of a client;
configuring an IP address for the client;
and issuing the IP address to the client.
According to some embodiments of the invention, the IP address is a dynamic host configuration protocol, DHCP, address.
In some embodiments of the invention, the method further comprises:
storing the update time of the IP address;
the storing of the corresponding relationship between the client user name and the client internet protocol IP address comprises:
and updating the corresponding relation between the client user name and the client IP address based on the updating time of the IP address.
The embodiment of the present invention further provides a device for selecting a route for a user to surf the internet, including:
the buffer module is used for storing the corresponding relation between the client user name and the client Internet protocol IP address;
and the internet surfing routing module is used for carrying out a matching strategy based on the user name to realize routing internet surfing.
According to some embodiments of the invention, the apparatus further comprises:
the first receiving module is used for receiving an authentication request of a client, wherein the authentication request carries a user name of the client;
the authentication module is used for authenticating the user name;
and the first sending module is used for issuing an authentication response to the client.
According to some embodiments of the invention, the apparatus further comprises:
the second receiving module is used for receiving the IP address request of the client;
the IP address configuration module is used for configuring an IP address for the client;
and the second sending module is used for issuing the IP address to the client.
According to some embodiments of the invention, the IP address is a DHCP address.
In some embodiments of the present invention, the buffering module is further configured to store the update time of the IP address, and update the corresponding relationship between the client user name and the client IP address based on the update time of the IP address.
The embodiment of the present invention further provides a device for selecting a route for a user to surf the internet, including: a memory, a processor and a computer program stored on the memory and executable on the processor, which computer program, when executed by the processor, carries out the steps of the method as described above.
An embodiment of the present invention further provides a computer-readable storage medium, where an implementation program for information transfer is stored, and when the implementation program is executed by a processor, the method implements the steps of the method described above.
By adopting the embodiment of the invention, the client is marked by the user name, the user name is associated with the user name and the IP address, and the Internet routing is carried out based on the user name, so that the problems of incapability of locking the client, IP address conflict, unreliable routing strategy and the like in the dynamic change process of the IP address can be solved, and the method and the device can be suitable for the scenes of dynamically allocating the IP address for the intranet, DHCP/DHCPv6 topology for the intranet and the like. Moreover, when the network has a security problem, the client can be traced back to the client easily through the corresponding relation between the stored user name and the IP address, and the method has an effective promoting effect on the audit in the later period or the security problem solving.
The foregoing description is only an overview of the technical solutions of the present invention, and the embodiments of the present invention are described below in order to make the technical means of the present invention more clearly understood and to make the above and other objects, features, and advantages of the present invention more clearly understandable.
Drawings
Various other advantages and benefits will become apparent to those of ordinary skill in the art upon reading the following detailed description of the preferred embodiments. The drawings are only for purposes of illustrating the preferred embodiments and are not to be construed as limiting the invention. Also, like reference numerals are used to refer to like parts throughout the drawings. In the drawings:
FIG. 1 is a flow chart of a method for routing a user online in an embodiment of the present invention;
FIG. 2 is a flowchart of a method for routing a user online in an embodiment of the present invention;
fig. 3 is a schematic structural diagram of a device for routing a user on the internet in an embodiment of the present invention;
fig. 4 is a schematic structural diagram of a device for routing a user to surf the internet in the embodiment of the present invention.
Detailed Description
Exemplary embodiments of the present disclosure will be described in more detail below with reference to the accompanying drawings. While exemplary embodiments of the present disclosure are shown in the drawings, it should be understood that the present disclosure may be embodied in various forms and should not be limited to the embodiments set forth herein. Rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the scope of the disclosure to those skilled in the art.
On one hand, an embodiment of the present invention provides a method for selecting a route for a user to surf the internet, as shown in fig. 1, where the method includes:
s101, storing a corresponding relation between a client user name and a client Internet Protocol (IP) address;
it should be noted that the "user name" mentioned herein can be understood as an account number that can uniquely identify a user, such as a name, an identification card number, a student card number, etc. The client can be a computer, a mobile device, a tablet computer and other electronic devices with internet access functions. The IP address may be fixed or dynamically allocated to the client, and when the IP address changes dynamically, the correspondence between the stored user name and the IP address is updated with the change of the IP address.
S102, matching strategies are carried out based on the user name, and route selection and internet surfing are achieved.
It will be appreciated that the link configuration policy for the network is assigned based on the client's username. In the actual internet access operation, when the internet access behavior of the IP address of the client is received, the internet access route selection is realized by searching the user name corresponding to the IP address and carrying out the matching strategy based on the user name.
By adopting the embodiment of the invention, the client is marked by the user name, the user name is associated with the user name and the IP address, and the Internet routing is carried out based on the user name, so that the problems of incapability of locking the client, IP address conflict, unreliable routing strategy and the like in the dynamic change process of the IP address can be solved, and the method and the device can be suitable for the scenes of dynamically allocating the IP address for the intranet, DHCP/DHCPv6 topology for the intranet and the like. Moreover, when the network has a security problem, the client can be traced back to the client easily through the corresponding relation between the stored user name and the IP address, and the method has an effective promoting effect on the audit in the later period or the security problem solving.
On the basis of the above-described embodiment, various modified embodiments are further proposed, and it is to be noted herein that, in order to make the description brief, only the differences from the above-described embodiment are described in the various modified embodiments.
According to some embodiments of the invention, the method further comprises:
receiving an authentication request of a client, wherein the authentication request carries a user name of the client;
authenticating the user name;
and issuing an authentication response to the client.
It should be noted that "authentication" mentioned herein may be direct authentication, that is, after receiving an authentication request, the user name may be authenticated, and then an authentication response is fed back; the "authentication" may also be proxy authentication, that is, after receiving an authentication request, sending the authentication request to a module having a direct authentication function, and after completing authentication of the module having the direct authentication function, receiving an authentication response sent by the direct authentication function and returning the authentication response to the client.
For example, pre-storing a preset user name capable of being accessed to the internet, when the client sends an authentication request, comparing the received client user name with the preset user name, if the received user name is any one of the preset user names, indicating that the authentication is passed, and issuing a response that the authentication is passed to the client, and if the received user name is not in the preset user name, indicating that the authentication is not passed, and issuing a response that the authentication is not passed to the client. The authentication method may be performed through DHCP/DHCPv6 service, that is, the device is in the DHCP phase and starts the DHCP/DHCPv6 service authentication function, or may be performed through a web page, and the authentication method is not particularly limited herein.
In some embodiments of the invention, authentication of the username may be accomplished through the DHCP/DHCPv6 service. Further, when the authentication is passed, the corresponding relation between the user name and the IP address is stored, otherwise, the corresponding relation is not stored.
According to some embodiments of the invention, the method further comprises:
receiving an IP address request of a client;
configuring an IP address for a client;
and issuing the IP address to the client.
It should be noted that, in the above embodiments, the allocation of the IP address to the client is only one embodiment of the present invention, and is not limited to the method of the present invention. The IP address of the client may also be obtained by other devices, such as a DHCP server.
In addition, it should be noted that when the method includes configuring an IP address for the client, after configuring the IP address and acquiring the user name of the client, the corresponding relationship between the user name and the IP address may be stored; when the method does not include configuring an IP address for the client, the method further comprises: and acquiring the IP address of the client. For example, an IP address sent by the client is received. As another example, the IP address of the client sent by the device with the IP address configuration function, such as a router and a DHCP server, is received.
According to some embodiments of the invention, the IP address may be a dynamic host configuration protocol, DHCP, address.
DHCP (Dynamic Host Configuration Protocol) is a network Protocol of a local area network, works using UDP Protocol, and has two main uses: an IP address is automatically assigned to an internal network or network service provider as a means of central management of all computers to a user or internal network administrator. The DHCP address has a lease, and the DHCP server allocates the DHCP address to carry the lease, namely, the client can effectively use the DHCP address in the lease.
In some embodiments of the invention, the method further comprises:
storing the update time of the IP address;
storing the corresponding relation between the client user name and the client Internet protocol IP address, comprising:
and updating the corresponding relation between the client user name and the client IP address based on the updating time of the IP address.
It can be understood that the IP address has a lease period, and during the lease period, the IP address has an internet access function. When the lease of the IP address expires, the corresponding relationship between the user name and the IP address needs to be stored again. For example, authentication of the client username can be restarted and the IP address corresponding to the username can be updated. As another example, the IP address may be retrieved, and the correspondence between the IP address and the user name may be updated. By storing the updating time of the IP address, the corresponding relation between the user name and the IP address can be automatically and intelligently updated, so that the corresponding relation between the user name and the IP address is effective.
The method for routing a user's internet according to an embodiment of the present invention is described in detail below with reference to fig. 2. It is to be understood that the following description is illustrative only and is not intended to be in any way limiting. All similar structures and similar variations thereof adopted by the invention are included in the scope of the invention.
In the related art, for a topology using a DHCP/DHCPv6 scenario in an intranet local area network, reliability is hardly guaranteed by a routing policy due to a periodic change of an intranet address. At present, the network internet access routing based on the DHCP/DHCPv6 mainly comprises the following methods: the first method is that the client is configured to be a static address, and then the route selection is carried out based on the address. And secondly, setting the lease time of the DHCP address to be longer, and then carrying out routing based on the address. However, for the first method, the static address is configured in the dynamic address network, so that other addresses are easy to conflict. For the second method, in the wireless network, the mobile terminal is easy to switch the network, and the issue cannot be solved essentially by prolonging the lease.
Based on the above technical problem, an embodiment of the present invention provides a method for selecting a route for a user to surf the internet, which is used to solve the problem of performing policy route selection on a network based on dynamic address network allocation and the problem of locking audit of a source client in a dynamic address network.
Specifically, as shown in fig. 2, the method for routing the user to surf the internet includes:
s201, receiving an IP address request and an authentication request of a client;
the authentication request may carry a user name of the client.
S202, authenticating the user name through DHCP/DHCPv6 service;
s203, judging whether the user name passes the authentication, if so, executing a step S204, otherwise, returning to the step S201;
s204, configuring an IP address for the client, and storing the corresponding relation between the user name and the IP address of the client;
s205, sending an authentication response and an IP address to the client;
s206, receiving an internet surfing request of the client;
wherein, the Internet surfing request carries an IP address;
s207, judging whether the IP address exceeds the lease period, if so, returning to the step S201, otherwise, executing the step S208;
for example, the update time of the IP address (i.e., the lease time of the IP address) may be stored, the aging time of the IP address and the user name may be set synchronously, when the lease time of the IP address expires, the corresponding relationship between the IP address and the user name expires, that is, the aging time is exceeded, and at this time, the corresponding relationship between the IP address and the user name needs to be updated, and the user name needs to be re-authenticated.
Therefore, the corresponding relation cache of the user name and the IP address is dynamically maintained through a DHCP/DHCPv6 interaction process, and only the client which passes the authentication and successfully allocates the address can be registered in the cache table for storing the corresponding relation. TTL exists in corresponding relation cache entries, and the TTL is consistent with the lease period of a DHCP allocated address. When the user generates the internet behavior, the audit can be performed through the log registered by the buffer list and the statistical function.
S208, acquiring an IP address based on the Internet access request, and searching a user name corresponding to the IP address;
s209, matching strategy is carried out based on the user name, and route selection and Internet access are achieved.
By adopting the embodiment of the invention, the requirement of selecting the route based on the internet of the source user can be really realized, the static address can be prevented from being configured in the dynamic address network, the conflict of other addresses can be easily generated, in addition, the source can be accurately traced under the scene of the dynamic address network, the corresponding relation between the role of the source client user in the dynamic address network and the IP can be locked, and thereby, the audit data is provided.
It should be noted that the above-mentioned embodiments are only preferred embodiments of the present invention, and are not intended to limit the present invention, and those skilled in the art can make various modifications and changes. Any modification, equivalent replacement, or improvement made within the spirit and principle of the present invention should be included in the protection scope of the present invention.
On the other hand, an embodiment of the present invention further provides a device 1 for selecting a route for user to surf the internet, as shown in fig. 3, where the device includes:
the buffer module 10 is used for storing the corresponding relationship between the client user name and the client internet protocol IP address;
it should be noted that the "user name" mentioned herein can be understood as an account number that can uniquely identify the user, such as a name, an identification number, a student number, etc. The client can be a computer, a mobile device, a tablet computer and other electronic devices with internet access functions. The IP address may be fixed or dynamically allocated to the client, and when the IP address changes dynamically, the correspondence between the stored user name and the IP address is updated with the change of the IP address.
And the internet route selecting module 20 is used for performing a matching strategy based on the user name to realize route selection and internet surfing.
It will be appreciated that the link configuration policy for the network is assigned based on the client's username. In the actual internet access operation, when the internet access behavior of the IP address of the client is received, the internet access route selection is realized by searching the user name corresponding to the IP address and carrying out the matching strategy based on the user name.
By adopting the embodiment of the invention, the client is marked by the user name, the user name is associated with the user name and the IP address, and the Internet routing is carried out based on the user name, so that the problems of incapability of locking the client, IP address conflict, unreliable routing strategy and the like in the dynamic change process of the IP address can be solved, and the method and the device can be suitable for the scenes of dynamically allocating the IP address for the intranet, DHCP/DHCPv6 topology for the intranet and the like. Moreover, when the network has a security problem, the client can be traced back to the client easily through the corresponding relation between the stored user name and the IP address, and the method has an effective promoting effect on the audit in the later period or the security problem solving.
On the basis of the above-described embodiment, various modified embodiments are further proposed, and it is to be noted herein that, in order to make the description brief, only the differences from the above-described embodiment are described in the various modified embodiments.
According to some embodiments of the invention, the apparatus further comprises:
the first receiving module is used for receiving an authentication request of the client, wherein the authentication request carries a user name of the client;
the authentication module is used for authenticating the user name;
and the first sending module is used for sending the authentication response to the client.
It should be noted that, the "authentication module" mentioned here may have a direct authentication function, that is, the "authentication module" may directly authenticate the user name after receiving the authentication request, and then feed back the authentication response; the "authentication module" may also have an agent authentication function, that is, the "authentication module" does not have a direct authentication function, the "authentication module" needs to send an authentication request to a module having the direct authentication function after receiving the authentication request, and receives an authentication response sent by the direct authentication function and returns the authentication response to the client after the module having the direct authentication function completes authentication. In other words, the "authentication module" has an authentication agent function, and a module that truly realizes the authentication function can be independent of the device 1 for selecting a route for a user to surf the internet.
For example, the authentication module may pre-store a preset user name allowing internet access, when the client sends an authentication request, the authentication module compares the received client user name with the preset user name, if the received user name is any one of the preset user names, the authentication is passed, the authentication module issues a response that the authentication is passed to the client, and if the received user name is not in the preset user name, the authentication is not passed, and the authentication module issues a response that the authentication is not passed to the client. The authentication module can authenticate through the DHCP/DHCPv6 service, that is, the device is in the DHCP phase and starts the DHCP/DHCPv6 service authentication function, or can perform individual authentication through a web page, and the authentication method is not particularly limited herein.
In some embodiments of the invention, the authentication module may be implemented by a DHCP/DHCPv6 service. Further, when the authentication is passed, the authentication module stores the corresponding relationship between the user name and the IP address, otherwise, the corresponding relationship is not stored.
According to some embodiments of the invention, the apparatus further comprises:
the second receiving module is used for receiving the IP address request of the client;
the IP address configuration module is used for configuring an IP address for the client;
and the second sending module is used for sending the IP address to the client.
Here, it should be noted that the use of the words first and second does not indicate any order, and these words may be interpreted as names. The first receiving module and the second receiving module may be the same module or different modules in structure. The first sending module and the second sending module may be the same module or different modules in structure.
In addition, the "IP address configuration module" mentioned here may have a function of directly configuring an IP address, that is, the "IP address configuration module" may directly allocate an IP address to the client after receiving the IP address request; the "IP address configuration module" may also be a module having an IP address relay function, that is, the "IP address configuration module" does not have an IP address direct configuration function, after receiving the IP address request, the "IP address configuration module" needs to send the IP address request to the module having the IP address direct configuration function, and after completing the IP address configuration by the module having the IP address direct configuration function, the "IP address configuration module" receives the IP address sent by the module having the IP address direct configuration function and sends the IP address to the client. In other words, the "IP address configuration module" has an IP address relay function, and a module that really realizes IP address allocation can be independent of the device 1 for user internet routing.
According to further embodiments of the present invention, the apparatus further comprises:
and the acquisition module is used for acquiring the IP address of the client. Thus, when the device does not have the function of configuring the IP address for the client, the IP address of the client needs to be acquired from the client or a device having the function of configuring the IP address, such as a router or a DHCP server.
According to some embodiments of the invention, the IP address may be a DHCP address. The DHCP address has a lease, and the DHCP server allocates the DHCP address to carry the lease, namely, the client can effectively use the DHCP address in the lease.
In some embodiments of the present invention, the buffering module 10 is further configured to store an update time of the IP address, and update the correspondence between the client user name and the client IP address based on the update time of the IP address. It can be understood that the IP address has a lease period, and during the lease period, the IP address has an internet access function. When the lease of the IP address expires, the buffer module 10 needs to restore the corresponding relationship between the user name and the IP address. For example, the buffering module 10 may restart authentication of the client user name and update the IP address corresponding to the user name. As another example, the buffering module 10 may retrieve the IP address and update the correspondence between the IP address and the user name. By storing the updating time of the IP address, the corresponding relation between the user name and the IP address can be automatically and intelligently updated, so that the corresponding relation between the user name and the IP address is effective.
An embodiment of the present invention provides a device 1000 for selecting a route for a user to surf the internet, as shown in fig. 4, including: a memory 1010, a processor 1020, and a computer program stored on the memory 1010 and executable on the processor 1020, the computer program implementing the method steps shown in fig. 1 when executed by the processor 1020:
s101, storing a corresponding relation between a client user name and a client Internet Protocol (IP) address;
s102, matching strategies are carried out based on the user name, and route selection and internet surfing are achieved.
By adopting the embodiment of the invention, the client is marked by the user name, the user name is associated with the user name and the IP address, and the Internet routing is carried out based on the user name, so that the problems of incapability of locking the client, IP address conflict, unreliable routing strategy and the like in the dynamic change process of the IP address can be solved, and the method and the device can be suitable for the scenes of dynamic IP address allocation of an intranet, topology of the intranet such as DHCP/DHCPv6 and the like. Moreover, when the network has a security problem, the client can be traced easily through the corresponding relation between the stored user name and the IP address, and the method has an effective promotion effect on the audit at the later stage or the security problem solving.
According to some embodiments of the invention, the computer program when executed by the processor 1020 implements the method steps as shown in fig. 2:
s201, receiving an IP address request and an authentication request of a client;
the authentication request may carry a user name of the client.
S202, authenticating the user name through DHCP/DHCPv6 service;
s203, judging whether the user name passes the authentication, if so, executing a step S204, otherwise, returning to the step S201;
s204, configuring an IP address for the client, and storing the corresponding relation between the user name and the IP address of the client;
s205, sending an authentication response and an IP address to the client;
s206, receiving an internet surfing request of the client;
wherein, the Internet surfing request carries an IP address;
s207, judging whether the IP address exceeds the lease period, if so, returning to the step S201, otherwise, executing the step S208;
s208, acquiring an IP address based on the Internet access request, and searching a user name corresponding to the IP address;
s209, matching strategy is carried out based on the user name, and route selection and Internet access are achieved.
According to some embodiments of the present invention, the device 1000 for routing a user to surf the internet may be a router, a DHCP server, a gateway, a computer, a router, or the like.
An embodiment of the present invention provides a computer-readable storage medium, where an implementation program for information transmission is stored on the computer-readable storage medium, and when executed by a processor 1020, the implementation program implements the method steps shown in fig. 1:
s101, storing a corresponding relation between a client user name and a client Internet Protocol (IP) address;
s102, matching strategies are carried out based on the user name, and route selection and internet surfing are achieved.
By adopting the embodiment of the invention, the client is marked by the user name, the user name is associated with the user name and the IP address, and the Internet routing is carried out based on the user name, so that the problems of incapability of locking the client, IP address conflict, unreliable routing strategy and the like in the dynamic change process of the IP address can be solved, and the method and the device can be suitable for the scenes of dynamically allocating the IP address for the intranet, DHCP/DHCPv6 topology for the intranet and the like. Moreover, when the network has a security problem, the client can be traced back to the client easily through the corresponding relation between the stored user name and the IP address, and the method has an effective promoting effect on the audit in the later period or the security problem solving.
According to some embodiments of the invention, the program when executed by the processor 1020 implements the method steps shown in FIG. 2:
s201, receiving an IP address request and an authentication request of a client;
the authentication request may carry a user name of the client.
S202, authenticating the user name through DHCP/DHCPv6 service;
s203, judging whether the user name passes the authentication, if so, executing a step S204, otherwise, returning to the step S201;
s204, configuring an IP address for the client, and storing the corresponding relation between the user name and the IP address of the client;
s205, sending an authentication response and an IP address to the client;
s206, receiving an internet surfing request of the client;
wherein, the Internet surfing request carries an IP address;
s207, judging whether the IP address exceeds the lease period, if so, returning to the step S201, otherwise, executing the step S208;
s208, acquiring an IP address based on the Internet access request, and searching a user name corresponding to the IP address;
s209, matching strategy is carried out based on the user name, and route selection and Internet access are achieved.
The computer-readable storage medium of this embodiment includes, but is not limited to: ROM, RAM, magnetic or optical disks, and the like.
It will be apparent to those skilled in the art that the modules or steps of the present invention described above may be implemented by a general purpose computing device, they may be centralized on a single computing device or distributed across a network of multiple computing devices, and alternatively, they may be implemented by program code executable by a computing device, such that they may be stored in a storage device and executed by a computing device, and in some cases, the steps shown or described may be performed in an order different than that described herein, or they may be separately fabricated into individual integrated circuit modules, or multiple ones of them may be fabricated into a single integrated circuit module. Thus, the present invention is not limited to any specific combination of hardware and software.
It should be noted that in the description of the present specification, reference to the description of "one embodiment", "some embodiments", "illustrative embodiments", "examples", "specific examples", or "some examples", etc., means that a particular feature, structure, material, or characteristic described in connection with the embodiment or example is included in at least one embodiment or example of the present invention. In this specification, the schematic representations of the terms used above do not necessarily refer to the same embodiment or example. Furthermore, the particular features, structures, materials, or characteristics described may be combined in any suitable manner in any one or more embodiments or examples.
While embodiments of the invention have been shown and described, it will be understood by those of ordinary skill in the art that: various changes, modifications, substitutions and alterations can be made to the embodiments without departing from the principles and spirit of the invention, the scope of which is defined by the claims and their equivalents.
Claims (8)
1. A method for selecting a route for user to surf the internet is characterized by comprising the following steps:
receiving an IP address request and an authentication request of a client, wherein the authentication request carries a user name of the client;
authenticating the user name;
judging whether the user name passes the authentication, if so, configuring an IP address for the client, and storing the corresponding relation between the user name of the client and the IP address, otherwise, repeatedly executing the steps of receiving the IP address request and the authentication request of the client;
sending an authentication response and the IP address to the client;
receiving an internet access request of the client, wherein the internet access request carries an IP address;
judging whether the IP address exceeds the lease period, if so, repeatedly executing the steps of receiving the IP address request and the authentication request of the client; otherwise, acquiring the IP address based on the Internet access request, and searching a user name corresponding to the IP address;
and carrying out a matching strategy based on the user name to realize the routing internet surfing.
2. The method of claim 1, wherein the IP address is a dynamic host configuration protocol, DHCP, address.
3. The method of claim 2, further comprising:
storing the update time of the IP address;
the storing of the corresponding relationship between the client user name and the client internet protocol IP address comprises:
and updating the corresponding relation between the client user name and the client IP address based on the updating time of the IP address.
4. A device for selecting a route for user surfing the Internet is characterized by comprising:
the buffer module is used for storing the corresponding relation between the client user name and the client Internet protocol IP address; the IP address is also used for judging whether the IP address exceeds a lease period;
the internet surfing routing module is used for carrying out matching strategies based on the user name to realize routing internet surfing;
the first receiving module is used for receiving an authentication request of a client, wherein the authentication request carries a user name of the client;
the second receiving module is used for receiving the IP address request of the client;
the IP address configuration module is used for configuring an IP address for the client;
the authentication module is used for authenticating the user name, controlling the IP address configuration module to configure an IP address for the client when the authentication is passed, storing the corresponding relation between the user name and the IP address, and otherwise, repeatedly executing the steps of receiving an IP address request and an authentication request of the client;
the first sending module is used for issuing an authentication response to the client;
the second sending module is used for issuing the IP address to the client;
the acquisition module is used for acquiring the IP address of the client;
judging whether the IP address exceeds the lease period, if so, repeatedly executing the steps of receiving the IP address request and the authentication request of the client; otherwise, based on the Internet access request, the IP address is obtained, and the user name corresponding to the IP address is searched.
5. The apparatus of claim 4, wherein the IP address is a DHCP address.
6. The apparatus of claim 5, wherein the buffering module is further configured to store an update time of the IP address, and update the correspondence between the client username and the client IP address based on the update time of the IP address.
7. An apparatus for routing a user's internet, comprising: memory, processor and computer program stored on the memory and executable on the processor, which computer program, when executed by the processor, carries out the steps of the method according to any one of claims 1 to 3.
8. A computer-readable storage medium, on which an information transfer implementing program is stored, which, when being executed by a processor, implements the steps of the method according to any one of claims 1 to 3.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911011020.8A CN110838981B (en) | 2019-10-23 | 2019-10-23 | Method, device and equipment for user internet route selection and computer readable storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911011020.8A CN110838981B (en) | 2019-10-23 | 2019-10-23 | Method, device and equipment for user internet route selection and computer readable storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN110838981A CN110838981A (en) | 2020-02-25 |
| CN110838981B true CN110838981B (en) | 2022-06-24 |
Family
ID=69575783
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201911011020.8A Active CN110838981B (en) | 2019-10-23 | 2019-10-23 | Method, device and equipment for user internet route selection and computer readable storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN110838981B (en) |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101039328A (en) * | 2006-03-17 | 2007-09-19 | 武汉烽火网络有限责任公司 | Multi-protocol network terminal service shunting method and apparatus thereof |
| CN104038482A (en) * | 2014-05-23 | 2014-09-10 | 深信服网络科技(深圳)有限公司 | Multi-circuit circuit selection method and device |
Family Cites Families (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101252592B (en) * | 2008-04-14 | 2012-12-05 | 工业和信息化部电信传输研究所 | Method and system for tracing network source of IP network |
| CN101924801B (en) * | 2010-05-21 | 2013-04-24 | 中国科学院计算机网络信息中心 | IP (Internet Protocol) address management method and system as well as DHCP (Dynamic Host Configuration Protocol) server |
-
2019
- 2019-10-23 CN CN201911011020.8A patent/CN110838981B/en active Active
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101039328A (en) * | 2006-03-17 | 2007-09-19 | 武汉烽火网络有限责任公司 | Multi-protocol network terminal service shunting method and apparatus thereof |
| CN104038482A (en) * | 2014-05-23 | 2014-09-10 | 深信服网络科技(深圳)有限公司 | Multi-circuit circuit selection method and device |
Also Published As
| Publication number | Publication date |
|---|---|
| CN110838981A (en) | 2020-02-25 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9143389B2 (en) | Methods, appratuses, and computer program products for determining a network interface to access a network resource | |
| US8605582B2 (en) | IP network system and its access control method, IP address distributing device, and IP address distributing method | |
| CN105763668B (en) | A kind of domain name analytic method and device | |
| CN107360184B (en) | Terminal equipment authentication method and device | |
| KR101034938B1 (en) | System and method for managing ipv6 address and connection policy | |
| US11025584B2 (en) | Client subnet efficiency by equivalence class aggregation | |
| US9319377B2 (en) | Auto-split DNS | |
| CN110677405A (en) | Data processing method and device, electronic equipment and storage medium | |
| US10075410B2 (en) | Apparatus and methods for assigning internetwork addresses | |
| US8549118B2 (en) | Updating a domain name server with information corresponding to dynamically assigned internet protocol addresses | |
| CN111212134A (en) | Request message processing method and device, edge computing system and electronic equipment | |
| US20100091684A1 (en) | System and Method for Discovery of Dynamically Assigned Information Handling System IP Addresses | |
| EP2824872A1 (en) | Host providing system and communication control method | |
| CN105245629A (en) | DHCP-based host communication method and device | |
| US7958220B2 (en) | Apparatus, method and system for acquiring IPV6 address | |
| CN106464745A (en) | Dns server, client and data synchronization method | |
| JP6484166B2 (en) | Name resolution device, name resolution method, and name resolution program | |
| CN106375489B (en) | Method and device for processing Media Access Control (MAC) address | |
| CN110838981B (en) | Method, device and equipment for user internet route selection and computer readable storage medium | |
| TW201611549A (en) | Network device and method for routing | |
| CN103532852A (en) | Routing scheduling method, routing scheduling device and network equipment | |
| CN107360095B (en) | Method for realizing port forwarding in router based on client host name | |
| CN105991466B (en) | Information backup method and device | |
| KR101014251B1 (en) | Method for remote-controlling pc by use of internet protocol address and apparatus thereof | |
| CN110769462A (en) | Network access control method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |