CN113660358A - Method for distributing different Ipv6PD prefixes to drop-on equipment by gateway - Google Patents
Method for distributing different Ipv6PD prefixes to drop-on equipment by gateway Download PDFInfo
- Publication number
- CN113660358A CN113660358A CN202110963503.9A CN202110963503A CN113660358A CN 113660358 A CN113660358 A CN 113660358A CN 202110963503 A CN202110963503 A CN 202110963503A CN 113660358 A CN113660358 A CN 113660358A
- Authority
- CN
- China
- Prior art keywords
- message
- prefix
- ipv6pd
- ipv6
- proc
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements, protocols or services for addressing or naming
- H04L61/50—Address allocation
- H04L61/5007—Internet protocol [IP] addresses
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2101/00—Indexing scheme associated with group H04L61/00
- H04L2101/60—Types of network addresses
- H04L2101/604—Address structures or formats
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2101/00—Indexing scheme associated with group H04L61/00
- H04L2101/60—Types of network addresses
- H04L2101/618—Details of network addresses
- H04L2101/659—Internet protocol version 6 [IPv6] addresses
Abstract
The invention discloses a method for distributing different IPv6PD prefixes for a down-hanging device by a gateway.A Local Area Network (LAN) side interface name which is obtained by Wide Area Network (WAN) connection and is bound with the IPv6 prefix address and the WAN connection is transmitted into a linux inner core by an application layer through a process control (PROC) file system; when the bridging device sends messages to all the LAN side drop devices, checking and filtering are carried out, IPv6PD prefix addresses and interface names carried in RA messages are compared with information which is transmitted to a kernel by an application layer through a PROC file, if the IPv6 addresses and the interface names are consistent, the messages are allowed to pass, and otherwise, the messages are discarded. The invention can acquire IPv6PD prefix addresses corresponding to WAN connection for LAN side interface drop devices binding different WAN connections, thereby realizing services such as normal internet surfing and the like by enabling the drop devices binding different WAN connections to be connected out from the corresponding WAN.
Description
Technical Field
The invention relates to the technical field of broadband access, in particular to a method for distributing different Ipv6PD prefixes to a down-hanging device by a gateway.
Background
With the exhaustion of the IPv4 address, the country is popularizing the IPv6 technology, and telecommunication operators also require gateways to support acquisition and distribution of IPv6 addresses in home gateway procurement.
The gateway establishes a WAN (Wide Area network) connection, and acquires an IPv6 global address and an IPv6PD (prefix deletion) prefix address from an operator server. The IPv6 global address is used as an address on a gateway WAN side interface, IPv6PD prefix addresses are distributed to all LAN (local Area network) side interfaces for use, the gateway simply processes the IPv6PD prefix addresses (the IPv6PD prefix addresses are less than 64 bits to complement 0 and complement 64 bits), then the formed new IPv6PD prefix addresses are written into a configuration file of a radvd process, RA (router advertisement) multicast messages (carrying IPv6PD prefix information in the messages) are sent through the radvd process, an interface bound by the radvd process is a bridge device interface br0, and all LAN side interfaces (LAN1, LAN 2.) of the gateway are under the bridge device br 0. When the radvd process sends an RA message, all LAN side interfaces receive the message, all LAN side down-hanging devices acquire the same prefix, and devices such as a PC (personal computer) down-hanging on the LAN side interface form a 128-bit IPv6 address according to the 64-bit prefix address and information such as their own MAC address or serial number.
The existing problem is that when a gateway establishes a plurality of WAN connections and each WAN connection is bound with different LAN side interfaces, if IPv6PD prefix obtained by a certain WAN connection is allocated to all LAN side interfaces for use, after a data packet sent by a LAN interface down-hanging device bound to other WAN connections is connected out from the bound WAN, and after the data packet is sent to a server corresponding to the WAN connection, the server cannot identify the data packet of the prefix address, and the data packet is discarded, and the server can only identify the data packet of the IPv6 prefix address specified by the server, and the prefix address is issued to the corresponding WAN connection. And finally, the hanging device on the LAN side interface cannot surf the Internet from the bound WAN connection.
Disclosure of Invention
The present invention is directed to provide a method for a gateway to assign different Ipv6PD prefixes to a drop device, so as to solve the problems in the foregoing background art.
In order to achieve the purpose, the invention provides the following technical scheme:
a method for distributing different Ipv6PD prefixes to a down-hanging device by a gateway comprises the following steps:
step one, after the WAN connection acquires an IPv6PD prefix address, writing the address into a configuration file radvd _ x.conf of a radvd process, then writing the address into a PROC file/PROC/prefix/PD _ prefix _ x of linux through an echo command by utilizing a PROC file system function of the linux, then writing a LAN side interface name bound with the WAN connection into the PROC file, and finally starting the radvd process, wherein different WAN connections correspond to different PROC files.
Step two, calling __ br _ delivery () function in net/bridge/br _ forward.c files by a linux kernel, and sending messages to all LAN side interfaces, wherein the __ br _ delivery function prototype is as follows:
static void__br_deliver(const struct net_bridge_port*to,struct sk_buff*skb);
acquiring a name sent to a certain LAN side interface at the moment from a first parameter to of a __ br _ driver function by using a to- > dev- > name pointer, then analyzing and judging a second parameter skb of the __ br _ driver function, firstly acquiring link layer header data of the message by using an eth _ hdr (skb) function, wherein the link layer header data carries data types IPv4, IPv6, arp and the like of the message, then judging whether the message is an IPv 3874 message, if the message is an IPv 5 message, acquiring network layer header data of IPv6 by using an IPv6_ hdr (skb) function, wherein the network layer header data carries data types tcp, udp, icmpv6 and the like of a transmission layer, and because RA message data belongs to an icmpv6 type, if the data of the network layer header data carries the data of the transmission layer is an icmpv 4 type, continuing to judge an mphv () 6 and acquire an mpicv () header data 6 by using an mpv 463623, the data types carried in the icmpv6 message include RA (router Solicitation message), RS message and the like, if the icmpv6 message carries the RA message, the next operation is carried out
Thirdly, extracting an IPv6PD prefix address carried in the RA message from the RA message by using a get _ prefix () function, then comparing the LAN side interface name obtained from a first parameter in __ br _ sender () with the content in a PROC file/PROC/prefix/PD _ prefix _ x, if the IPv6 address and the interface name are consistent, allowing the message to pass through, and if not, discarding the message.
Compared with the prior art, the invention has the advantages that: the IPv6PD prefix address corresponding to the WAN connection can be acquired for the LAN side interface drop device bound with different WAN connections, so that the drop device bound with different WAN connections can be connected out from the corresponding WAN to carry out services such as normal Internet surfing and the like; in addition, under the condition that different upper servers corresponding to different WAN connections provide different functions, a foundation is provided for the fact that the lower hanging device can realize different functions when being connected to different LAN ports of the gateway.
Drawings
Fig. 1 is a schematic system architecture diagram of the method of the present invention.
Fig. 2 is a flow chart of a method for a gateway to assign different Ipv6PD prefixes to drop devices.
Detailed Description
The technical solution of the present patent will be described in further detail with reference to the following embodiments.
Referring to fig. 1, in a method for a gateway to allocate different Ipv6PD prefixes to an off-hook device, a LAN-side interface 1 is bound to a WAN-side interface 1, and a LAN-side interface 2 is bound to a WAN-side interface 2; the PC1 is connected below the LAN1 port to obtain the IPV6PD 1 prefix obtained by the WAN1 side interface 1 from the upper server, and the PC2 is connected below the LAN side interface 2 to obtain the IPV6PD 2 prefix obtained by the WAN side interface 2 from the upper server.
The gateway acquires an IPv6PD 1 prefix from a server through a WAN side interface 1, then writes the prefix address into a radvd _1.conf configuration file, writes the prefix address into a linux kernel PROC file/PROC/prefix/PD _ prefix _1, also writes a LAN side interface name 'LAN 1' bound with the WAN side interface 1 into/PROC/prefix/PD _ prefix _1, and transmits the prefix address and the bound LAN side interface information to the linux kernel through the PROC file; then starting the radvd process to send RA (router advertisement) multicast message, where the configuration file of the radvd process is radvd _1. conf.
Similarly, after the WAN side interface 2 acquires the IPv6PD 2 prefix address, it writes the address into the radvd _2.conf configuration file, writes the prefix address into the linux kernel PROC file/PROC/prefix/PD _ prefix _2, and also writes the LAN side interface name "LAN 2" bound to the WAN side interface 2 into/PROC/prefix/PD _ prefix _2, and then starts the radvd process to send the ra (router advertisement) multicast packet, where the configuration file of the radvd process is radvd _2. conf.
Through the above steps, the gateway has two radvd processes, each sending an RA multicast packet carrying an IPv6PD 1 prefix and an IPv6PD 2 prefix, because the interfaces bound by the two radvd processes are all bridging devices br0, and all LAN side interfaces are under br0, the gateway sends RA packets to all LAN side interfaces, and at this time, the PC1 and the PC2 receive two sets of RA multicast packets carrying IPv6PD 1 prefixes and IPv6PD 2 prefixes, thereby generating two IPv6 addresses. In order to enable the PC1 to receive only the RA message carrying the IPv6PD 1 prefix and the PC2 to receive only the RA message carrying the IPv6PD 2 prefix, all RA messages sent to the LAN side are filtered in a linux kernel net/bridge/br _ forward.c file.
Each time the bridge device br0 sends an RA message to one LAN-side device, it will call the __ br _ deleier function in the br _ forward.c file once, and will transfer two parameters, namely the name of the LAN-side interface and the data message carried in the skb _ buff structure, to this function. Firstly checking whether the message is an RA message, if so, taking out an IPv6 prefix address in the message, comparing the address with the LAN side interface name transmitted to the function with a/PROC/prefix/lower file transmitted from an application layer through a PROC file, if the IPv6 address and the interface name are consistent, allowing the message to pass, otherwise, discarding the message, thereby realizing that the PC1 only receives the RA message carrying the IPv6PD 1 prefix, and the PC2 only receives the RA message carrying the IPv6PD 2 prefix. Namely, the distribution of the corresponding IPv6PD prefix for the LAN port lower hanging equipment bound with different WAN connections is realized.
The specific implementation flow of the present invention as shown in fig. 2 comprises the following steps:
1. after the WAN connection acquires the IPv6PD prefix address, writing the address into a configuration file radvd _ x.conf of a radvd process, writing the address into a PROC file/PROC/prefix/PD _ prefix _ x of linux through an echo command by utilizing the PROC file system function of the linux, writing the LAN side interface name bound with the WAN connection into the PROC file, and finally starting the radvd process, wherein different WAN connections correspond to different PROC files.
2. The linux kernel calls __ br _ delivery () function in the net/bridge/br _ forward.c file to send messages to all LAN side interfaces, and the __ br _ delivery function prototype is as follows:
static void__br_deliver(const struct net_bridge_port*to,structsk_buff*skb);
acquiring a name sent to a certain LAN side interface at the moment from a first parameter to of a __ br _ driver function by using a to- > dev- > name pointer, then analyzing and judging a second parameter skb of the __ br _ driver function, firstly acquiring link layer header data of the message by using an eth _ hdr (skb) function, wherein the link layer header data carries data types IPv4, IPv6, arp and the like of the message, then judging whether the message is an IPv 3874 message, if the message is an IPv 5 message, acquiring network layer header data of IPv6 by using an IPv6_ hdr (skb) function, wherein the network layer header data carries data types tcp, udp, icmpv6 and the like of a transmission layer, and because RA message data belongs to an icmpv6 type, if the data of the network layer header data carries the data of the transmission layer is an icmpv 4 type, continuing to judge an mphv () 6 and acquire an mpicv () header data 6 by using an mpv 463623, the data types carried in the icmpv6 message include RA (router Solicitation message), RS message and the like, and if the icmpv6 message carries an RA message, the next operation is performed.
3. The IPv6PD prefix address carried in the RA message is taken out from the RA message by using a get _ prefix () function, then the LAN side interface name obtained from a first parameter in __ br _ sender () is combined with the contents in a PROC file/PROC/prefix/PD _ prefix _ x for comparison, if the IPv6 address and the interface name are consistent, the message is allowed to pass, otherwise, the message is discarded, so that the aim that the PC1 in the graph 1 only receives the RA message carrying the IPv6PD 1 prefix and the PC2 only receives the RA message carrying the IPv6PD 2 prefix is achieved.
Although the preferred embodiments of the present patent have been described in detail, the present patent is not limited to the above embodiments, and various changes can be made without departing from the spirit of the present patent within the knowledge of those skilled in the art.
Claims (5)
1. A method for distributing different IPv6PD prefixes for a drop device by a gateway is characterized in that an application layer transmits an IPv6 prefix address acquired by WAN connection and a LAN side interface name bound with the WAN connection into a linux inner core through a PROC file system; when the bridging device sends messages to all the LAN side drop devices, checking and filtering are carried out, IPv6PD prefix addresses and interface names carried in RA messages are compared with information which is transmitted to a kernel by an application layer through a PROC file, if the IPv6 addresses and the interface names are consistent, the messages are allowed to pass, and otherwise, the messages are discarded.
2. The method for the gateway to assign different Ipv6PD prefixes to the drop device according to claim 1, wherein the method comprises the following specific steps:
s1, after the WAN connection acquires the IPv6PD prefix address, writing the address into a configuration file radvd _ x.conf of a radvd process, then writing the address into a PROC file/PROC/prefix/PD _ prefix _ x of linux through an echo command by utilizing the PROC file system function of linux, then writing the LAN side interface name bound with the WAN connection into the PROC file, and finally starting the radvd process, wherein different WAN connections correspond to different PROC files;
s2, calling a __ br _ delivery () function in a net/bridge/br _ forward.c file by a linux kernel, sending messages to all LAN side interfaces, and filtering all RA messages;
s3, extracting the IPv6PD prefix address carried in the RA message from the RA message by using a get _ prefix () function, then comparing the LAN side interface name obtained from the first parameter in __ br _ sender () with the content in the PROC file/PROC/prefix/PD _ prefix _ x, if the IPv6 address and the interface name are consistent, allowing the message to pass through, otherwise, discarding the message.
3. The method for a gateway to assign different Ipv6PD prefixes to drop devices according to claim 2, wherein the __ br _ deliverer function prototype is as follows:
static void__br_deliver(const struct net_bridge_port*to,struct sk_buff*skb);
the name sent to a certain LAN side interface at the moment is obtained from the first parameter to of the __ br _ delivery function by using a to- > dev- > name pointer, and then the second parameter skb of the __ br _ delivery function is analyzed and judged.
4. The method of claim 3, wherein the RA packets are filtered as follows:
firstly, acquiring link layer head data of the message through an eth _ hdr (skb) function, wherein the link layer head data carries data types IPv4, IPv6 and arp of the message; and then judging whether the message is an IPv6 message, if the message is an IPv6 message, obtaining network layer header data of the IPv6 by utilizing an IPv6_ hdr (skb) function, wherein the network layer header data carries data types tcp, udp and icmpv6 of a transmission layer, because the RA message data belongs to an icmpv6 type, if the data type of the transmission layer carried in the network layer header data is icmpv6, continuing to judge and check, obtaining icmpv6 message header data by utilizing icmp6_ hdr (), and if the message of the icmpv6 carries the RA message, further processing the RA message.
5. The method as claimed in claim 1, wherein the bridging device calls the __ br _ delayer function in br _ forward.c. file once every RA message sent by the bridging device to a LAN-side device, and passes to this function both the name of the LAN-side interface and the data message parameters carried in the skb _ buff structure.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110963503.9A CN113660358B (en) | 2021-08-20 | 2021-08-20 | Method for gateway to allocate different IPv6PD prefixes for down-hanging equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110963503.9A CN113660358B (en) | 2021-08-20 | 2021-08-20 | Method for gateway to allocate different IPv6PD prefixes for down-hanging equipment |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN113660358A true CN113660358A (en) | 2021-11-16 |
| CN113660358B CN113660358B (en) | 2023-06-20 |
Family
ID=78491853
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110963503.9A Active CN113660358B (en) | 2021-08-20 | 2021-08-20 | Method for gateway to allocate different IPv6PD prefixes for down-hanging equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113660358B (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115695303A (en) * | 2023-01-05 | 2023-02-03 | 北京中科网威信息技术有限公司 | DHCPv6 server linkage route advertisement starting and stopping system and method |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102340452A (en) * | 2011-10-14 | 2012-02-01 | 中兴通讯股份有限公司 | Single-Internet protocol version 6 (IPv6)-address-prefix-based routing transmission method and wireless equipment |
| CN102892108A (en) * | 2011-07-18 | 2013-01-23 | 中兴通讯股份有限公司 | Multiple address prefix distributing method and system |
| US20160036772A1 (en) * | 2014-07-31 | 2016-02-04 | Qualcomm Incorporated | Technique to Prevent IPv6 Address Exhaustion in Prefix Delegation Mode for Mobile Access Point Routers |
| CN106789528A (en) * | 2016-12-13 | 2017-05-31 | 上海市共进通信技术有限公司 | The method and apparatus that many bridges are surfed the Net are realized by kernel |
-
2021
- 2021-08-20 CN CN202110963503.9A patent/CN113660358B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102892108A (en) * | 2011-07-18 | 2013-01-23 | 中兴通讯股份有限公司 | Multiple address prefix distributing method and system |
| CN102340452A (en) * | 2011-10-14 | 2012-02-01 | 中兴通讯股份有限公司 | Single-Internet protocol version 6 (IPv6)-address-prefix-based routing transmission method and wireless equipment |
| US20160036772A1 (en) * | 2014-07-31 | 2016-02-04 | Qualcomm Incorporated | Technique to Prevent IPv6 Address Exhaustion in Prefix Delegation Mode for Mobile Access Point Routers |
| CN106789528A (en) * | 2016-12-13 | 2017-05-31 | 上海市共进通信技术有限公司 | The method and apparatus that many bridges are surfed the Net are realized by kernel |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115695303A (en) * | 2023-01-05 | 2023-02-03 | 北京中科网威信息技术有限公司 | DHCPv6 server linkage route advertisement starting and stopping system and method |
| CN115695303B (en) * | 2023-01-05 | 2023-03-10 | 北京中科网威信息技术有限公司 | DHCPv6 server linkage route advertisement starting and stopping system and method |
Also Published As
| Publication number | Publication date |
|---|---|
| CN113660358B (en) | 2023-06-20 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US8238336B2 (en) | Method for forwarding data packet, system, and device | |
| CN100558081C (en) | The keepalive method of address repeat listing and system | |
| EP2253124B1 (en) | Method and apparatus for communication of data packets between local networks | |
| CN1146809C (en) | Integrated IP network | |
| CN102347993B (en) | Network communication method and equipment | |
| CN101075962B (en) | Method and apparatus for realizing DHCP repeater in two-layer network exchanger | |
| US20080107112A1 (en) | Network device and packet forwarding method thereof | |
| DE60300035T2 (en) | Communication system for establishing a PPPoE-like connection between IEEE1394-based peers and IP-based peers | |
| CN100536438C (en) | Method for testing DHCPv6 service and client | |
| EP2838242B1 (en) | Method and apparatus for preventing network-side media access control address from being counterfeited | |
| CN113660358A (en) | Method for distributing different Ipv6PD prefixes to drop-on equipment by gateway | |
| CN1599361A (en) | Method of transmitting packet data on network | |
| US20080049765A1 (en) | Method and system for inter working a point-to-point link and a LAN service | |
| CN101465858B (en) | Method for implementing private network penetration of monitoring business, network appliance and server | |
| Graham | TCP/IP addressing: designing and optimizing your IP addressing scheme | |
| US6829235B1 (en) | Telecommunications network with parallel session function | |
| US20070127456A1 (en) | Communications apparatus and method | |
| US20030067927A1 (en) | Provisioning a media terminal adapter | |
| JP4143479B2 (en) | Communication system between subscriber terminals | |
| Hamarsheh et al. | Configuring hosts to auto-detect (IPv6, IPv6-in-IPv4, or IPv4) network connectivity | |
| CN109768933B (en) | Message forwarding method and device based on L2TP network | |
| CN104040986B (en) | Message forwarding method and device | |
| JP2005072701A (en) | Interface providing apparatus | |
| KR20030039348A (en) | Method and System for data flow separation on network using Host routing and IP aliasing technique | |
| EP2169916A1 (en) | Method and device for data processing in a network component and communication system comprising such device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |