CN118250692A - Cross-network-segment roaming method and device and electronic equipment - Google Patents
Cross-network-segment roaming method and device and electronic equipment Download PDFInfo
- Publication number
- CN118250692A CN118250692A CN202410325265.2A CN202410325265A CN118250692A CN 118250692 A CN118250692 A CN 118250692A CN 202410325265 A CN202410325265 A CN 202410325265A CN 118250692 A CN118250692 A CN 118250692A
- Authority
- CN
- China
- Prior art keywords
- sta
- aps
- authentication key
- roaming
- same
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 70
- 238000004590 computer program Methods 0.000 claims description 9
- 230000006855 networking Effects 0.000 claims description 6
- 230000000694 effects Effects 0.000 abstract description 6
- 238000000060 site-specific infrared dichroism spectroscopy Methods 0.000 description 20
- 230000008569 process Effects 0.000 description 16
- 230000011664 signaling Effects 0.000 description 15
- 238000004891 communication Methods 0.000 description 11
- 230000004044 response Effects 0.000 description 10
- 238000010586 diagram Methods 0.000 description 8
- 238000012545 processing Methods 0.000 description 7
- 238000007726 management method Methods 0.000 description 4
- 230000006870 function Effects 0.000 description 3
- 238000013459 approach Methods 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 230000007246 mechanism Effects 0.000 description 2
- 230000003287 optical effect Effects 0.000 description 2
- 238000000926 separation method Methods 0.000 description 2
- 230000005641 tunneling Effects 0.000 description 2
- 101100048435 Caenorhabditis elegans unc-18 gene Proteins 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 238000013507 mapping Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000000644 propagated effect Effects 0.000 description 1
- 239000004065 semiconductor Substances 0.000 description 1
- 239000000758 substrate Substances 0.000 description 1
- 230000001360 synchronised effect Effects 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
- 238000012795 verification Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
- H04W12/069—Authentication using certificates or pre-shared keys
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W36/00—Hand-off or reselection arrangements
- H04W36/0005—Control or signalling for completing the hand-off
- H04W36/0055—Transmission or use of information for re-establishing the radio link
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W48/00—Access restriction; Network selection; Access point selection
- H04W48/08—Access restriction or access information delivery, e.g. discovery data delivery
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W48/00—Access restriction; Network selection; Access point selection
- H04W48/16—Discovering, processing access restriction or access information
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The embodiment of the application provides a method and a device for roaming across network segments and electronic equipment. According to the embodiment, by introducing the concept of the roaming group, at least two network segments where different APs are located in the roaming group are different, when any AP in the roaming group is accessed to a terminal first, the terminal can replace other APs in different network segments in the roaming group to generate pre-authentication keys for quick connection of the terminal, and then the pre-authentication keys for quick connection of the terminal, which are generated for other APs in different network segments in the roaming group, are sent to other APs through an AC, so that when the terminal roams to the AP to be accessed to the terminal across the network segments, the other APs can directly utilize the pre-authentication keys for quick connection of the terminal, which are received before, to carry out quick connection on the terminal, so that the terminal can still be accessed to the network rapidly even after the terminal roams across the network segments, the seamless roaming effect is achieved, and the existing problem of network connection interruption or delay is avoided.
Description
Technical Field
The present application relates to the field of communications technologies, and in particular, to a method and an apparatus for roaming across network segments, and an electronic device.
Background
With the continuous development of communication technology, wireless communication applications are becoming more and more popular. In practical applications, when a wireless terminal (STA) moves in a coverage area of a wireless communication network corresponding to different wireless Access Points (APs), the AP with the greatest signal strength nearby is automatically found, and is automatically switched from a currently connected AP to the AP, so that data is transmitted and received through the AP, and the process can be considered as wireless roaming. For example, when the STA starts to roam, for example, to the vicinity of AP2, the STA switches from AP1 to AP2, which may be considered wireless roaming.
Currently, for each AP in the same network segment, after one AP accesses a terminal through a four-way handshake, it exchanges the Key of the terminal (the Key for fast connection to the terminal) with other APs in the same network segment through a Key (Key) exchange manner, so that when the terminal roams to other APs in the same network segment, the terminal is fast connected based on the exchanged Key. However, for different network segments, such as roaming of the terminal across the network segments, quick connection of the terminal cannot be achieved, and the APs of the different network segments are required to perform authentication connection on the terminal in a four-way handshake manner, which may cause short network connection interruption or delay.
Disclosure of Invention
In view of this, the present application provides a method, apparatus and electronic device for roaming across network segments, so as to implement fast connection between STA and any AP in a roaming group during roaming, so as to avoid the problem of network connection interruption or delay.
The embodiment of the application provides a network connection method, which is applied to any AP in any roaming group, wherein at least two different APs in the roaming group are different in network segment, and each AP in the roaming group is configured with the same SSID; the method comprises the following steps:
After a connection is successfully established between any AP in the roaming group and a first STA based on a first instruction sent by the first STA, generating a pre-authentication key for the AP to quickly connect the first STA according to the AP identification of the AP, and generating a pre-authentication key for the other AP to quickly connect the first STA according to the AP identification of any other AP in different network segments with the AP in the same roaming group; different APs in the same roaming group have different pre-authentication keys for fast connection to the first STA; the first instruction is sent on the premise that the first STA does not establish connection with any other AP in the same roaming group, and the first instruction is used for triggering the first STA to establish connection with the AP;
And sending the pre-authentication key which is used for carrying out quick connection on the first STA by other APs which are in different network segments with the AP in the roaming group to other APs through a wireless controller (Access Controller, AC) used for carrying out management control on the AP, so that when the other APs access the first STA which is roaming across the network segments, the first STA is quickly connected based on the received pre-authentication key which is used for carrying out quick connection on the first STA, and the first STA is quickly accessed to the network after roaming across the network segments.
The embodiment of the application also provides a cross-network segment roaming method, which is applied to the AC, wherein the AC is used for managing and controlling the APs, more than two APs are deployed in the same roaming group, at least two different APs in the roaming group are different in network segment, and each AP in the roaming group is configured with the same SSID, and the method comprises the following steps of;
Receiving a pre-authentication key which is sent by a first AP in a roaming group, is in the same roaming group as the first AP and is in different network segments with the first AP, and is used for carrying out quick connection on a first wireless terminal STA by other APs; after the first AP successfully establishes connection with the first STA based on a first instruction sent by the first STA, generating a pre-authentication key for each AP to rapidly connect the first STA according to the AP identifications of other APs in the same roaming group; different APs in the same roaming group have different pre-authentication keys for fast connection to the first STA; the first instruction is used for triggering the first STA to establish connection with the first AP;
And correspondingly transmitting pre-authentication keys which are in the same roaming group with the first AP and are used for carrying out quick connection on the first STA by other APs in different network segments to other APs, so that when any other AP in the same roaming group accesses the first STA which is roaming across the network segments, the first STA is quickly connected based on the received pre-authentication keys which are used for carrying out quick connection on the first STA, and the first STA is quickly accessed to the network after roaming across the network segments.
The embodiment of the application also provides a cross-network segment roaming device, which is configured at any AP in any roaming group, at least two different APs in the roaming group are different in network segment, and each AP in the roaming group is configured with the same SSID, and the device comprises:
The key generation module is used for generating a pre-authentication key for the AP to rapidly connect the first STA according to the AP identification of the AP after the AP successfully establishes connection with the first STA based on a first instruction sent by the first wireless terminal STA, and generating a pre-authentication key for the other AP to rapidly connect the first STA according to the AP identification of any one of other APs in different network segments with the AP in the same roaming group; different APs in the same roaming group have different pre-authentication keys for fast connection to the first STA; the first instruction is sent on the premise that the first STA does not establish connection with any other AP in the same roaming group, and the first instruction is used for triggering the first STA to establish connection with the AP;
And the first sending module is used for correspondingly sending the pre-authentication key for the other APs in different network segments in the roaming group to the other APs through the wireless controller AC for managing and controlling the AP, so that the other APs can quickly connect the first STA based on the received pre-authentication key for the quick connection of the first STA when accessing the first STA roaming across the network segments, and the first STA can quickly access the networking after roaming across the network segments.
The embodiment of the application also provides a cross-network segment roaming device, which is applied to the AC, wherein the AC is used for managing and controlling the wireless Access Points (APs), more than two APs are deployed in the same roaming group, at least two different APs in the roaming group are different in network segment, and each AP in the roaming group is configured with the same SSID; the device comprises:
the device comprises a receiving module, a first wireless terminal STA, a second wireless terminal STA, a first authentication module and a second authentication module, wherein the receiving module is used for receiving a pre-authentication key which is sent by a first AP in a roaming group, is in the same roaming group with the first AP and is in different network segments with the first AP, and is used for carrying out quick connection on the first wireless terminal STA by other APs; after the first AP successfully establishes connection with the first STA based on a first instruction sent by the first STA, generating a pre-authentication key for each AP to rapidly connect the first STA according to the AP identifications of other APs in the same roaming group; different APs in the same roaming group have different pre-authentication keys for fast connection to the first STA; the first instruction is used for triggering the first STA to establish connection with the first AP;
and the second sending module is used for correspondingly sending a pre-authentication key which is used for carrying out quick connection on the first STA by other APs which are in the same roaming group and are in different network segments to other APs, so that when any other AP in the same roaming group accesses the first STA which is in cross-network segment roaming, the first STA is quickly connected based on the received pre-authentication key which is used for carrying out quick connection on the first STA, and the first STA is quickly accessed to a network after the first STA is in cross-network segment roaming.
The embodiment of the application also provides electronic equipment, which comprises:
A processor and a memory for storing computer program instructions which, when executed by the processor, cause the processor to perform the steps of the method as above.
Embodiments of the present application also provide a computer readable storage medium storing computer program instructions which, when executed, enable the steps of the method as above to be carried out.
As can be seen from the above technical solutions, in this embodiment, by introducing the concept of a roaming group, at least two different APs in the roaming group are located in different network segments, when any AP in the roaming group accesses a terminal first, it can replace other APs in different network segments in the roaming group to generate a pre-authentication key for quick connection to the terminal, and then send the pre-authentication key for quick connection to the terminal generated by other APs in different network segments in the roaming group to other APs through AC, so that when the terminal roams across network segments to the AP, the other APs directly use the pre-authentication key for quick connection to the terminal, which is received before, to connect the terminal quickly, so that the terminal can access the network quickly even after roaming across network segments, thereby achieving the effect of seamless roaming and avoiding the existing problem of network connection interruption or delay.
It is to be understood that both the foregoing general description and the following detailed description are exemplary and explanatory only and are not restrictive of the application as claimed.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the application and together with the description, serve to explain the principles of the application.
Fig. 1 is a flow chart of a cross-network-segment roaming method according to an embodiment of the present application.
Fig. 2 is a flow chart of another cross-network-segment roaming method according to an embodiment of the present application.
Fig. 3 is a schematic implementation diagram of network communication in an ac+ap networking environment according to an embodiment of the present application.
Fig. 4 is a schematic diagram illustrating implementation of a roaming method according to an embodiment of the present application.
Fig. 5 is a schematic diagram illustrating an implementation of another roaming method according to an embodiment of the present application.
Fig. 6 is a schematic structural diagram of a cross-network-segment roaming device according to an embodiment of the present application.
Fig. 7 is a schematic structural diagram of another cross-network-segment roaming device according to an embodiment of the present application.
Fig. 8 is a schematic structural diagram of an electronic device according to an embodiment of the present application.
Detailed Description
Reference will now be made in detail to exemplary embodiments, examples of which are illustrated in the accompanying drawings. When the following description refers to the accompanying drawings, the same numbers in different drawings refer to the same or similar elements, unless otherwise indicated. The implementations described in the following exemplary examples do not represent all implementations consistent with the application. Rather, they are merely examples of apparatus and methods consistent with aspects of the application as detailed in the accompanying claims.
The terminology used herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the application. As used in this specification and the appended claims, the singular forms "a," "an," and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. It should also be understood that the term "and/or" as used herein refers to and encompasses any or all possible combinations of one or more of the associated listed items.
It should be understood that although the terms first, second, third, etc. may be used herein to describe various information, these information should not be limited by these terms. These terms are only used to distinguish one type of information from another. For example, first information may also be referred to as second information, and similarly, second information may also be referred to as first information, without departing from the scope of the application. The word "if" as used herein may be interpreted as "at … …" or "at … …" or "in response to a determination" depending on the context.
In order to facilitate understanding of the technical solution of the embodiment of the present application, the technical concept related to the embodiment of the present application is explained below.
Roaming: when there are multiple APs with the same SSID in the network environment and their micro units overlap each other within a certain range, a wireless user can move within the coverage area of the entire wireless local area network (Wireless Local Area Network, WLAN), and a wireless terminal (such as a wireless network card) can automatically discover an AP with the highest signal strength nearby and send and receive data through the AP, so as to maintain uninterrupted network connection, which is called wireless roaming.
SSID: the service set identifier may also be considered to represent the name of the wireless network. Each wireless network has a unique SSID identifying and distinguishing between the different wireless networks.
And (3) STA: wireless terminals such as smartphones, notebook computers, wireless network cards, etc.
AP: a wireless access point refers to a device for implementing a Wireless Local Area Network (WLAN).
AC: a wireless controller refers to a network device for managing and controlling a plurality of APs in a Wireless Local Area Network (WLAN).
Direct connection AP: refers to an AP that is wired to a local area network (Local Area Network, LAN) interface of an AC, and can acquire an internet protocol (Internet Protocol, IP) address from the AC, where the acquired IP address and the IP address of the LAN interface of the AC are in the same network segment.
Network segment: refers to a set of IP address ranges in a network, which have the same network prefix.
Side-hanging AP: the method comprises the steps of obtaining an IP address from an upper router of an AC by the AP on the side of a wired connection to an AC wide area network (Wide Area Network, WAN), wherein the obtained IP address and the IP address of a WAN interface of the AC are in the same network segment.
The capwap protocol: control and configuration protocol of the wireless access point.
Roaming group: when the APs register to the AC through the capwap protocol or other private tunnel protocols, all the APs are added into a roaming group, and in general, the SSID of the APs in the roaming group is identical, and the passwords can be identical or different; the APs in a roaming group may be in different network segments, such as having both a direct AP and a side-hanging AP in a roaming group.
Seamless roaming: by which it is meant that in a wireless communication network, a mobile device can freely switch between different wireless Access Points (APs), the switching process is fast and smooth, and the user does not feel substantially any connection interruption or delay.
In order to better understand the technical solution provided by the embodiments of the present application and make the above objects, features and advantages of the embodiments of the present application more obvious, the technical solution in the embodiments of the present application will be described in further detail below with reference to the accompanying drawings.
Referring to fig. 1, fig. 1 is a flow chart of a cross-network-segment roaming method according to an embodiment of the present application. The method is applied to any AP in any roaming group, at least two different APs in the roaming group are different in network segment, each AP in the roaming group is configured with the same SSID, and the APs in the different roaming groups are configured with different SSIDs;
as shown in fig. 1, the process may include the steps of:
S101, after connection is successfully established with a first STA based on a first instruction sent by the first STA, generating a pre-authentication key for the AP to rapidly connect the first STA according to an AP identification of the AP, and generating a pre-authentication key for the other APs to rapidly connect the first STA according to the AP identification of any other AP in different network segments with the AP in the same roaming group; different APs in the same roaming group have different pre-authentication keys for fast connection to the first STA; the first instruction is sent on the premise that the first STA does not establish connection with any other AP in the same roaming group, and the first instruction is used for triggering the first STA to establish connection with the AP.
Here, the present AP refers to an AP that successfully establishes a connection with the first STA at present. As for the AP identification in the present embodiment, the present embodiment is not particularly limited, and may be, for example, a Media Access Control (MAC) address of the AP.
In this embodiment, the first instruction is sent on the premise that the first STA does not establish a connection with any other AP in the same roaming group, and the AP needs to authenticate the identity of the first STA, and only the STA passing the authentication can access the AP, so as an embodiment, the first instruction may be an authentication request instruction sent by the first STA to the AP for authenticating the identity of the first STA. On this basis, as an embodiment, the specific implementation manner of successfully establishing the connection between the first instruction sent by the first STA and the first STA is many, for example, after the AP receives the first instruction sent by the first STA, the AP may verify the identity of the first STA based on the first instruction, and if the identity of the first STA is verified, the AP returns an authentication response instruction indicating that the identity verification is successful to the first STA; after receiving the authentication response instruction sent by the AP, the first STA sends an association request instruction for requesting to establish connection with the AP; after receiving the association request instruction, the AP establishes connection with the first STA and returns an association response instruction indicating that the connection establishment is successful, so that the connection establishment between the first STA and the AP is completed.
In this embodiment, after the connection between the AP and the first STA is successfully established, there are many specific implementations of generating the pre-authentication key for the AP to perform the quick connection on the first STA according to the AP identifier of the AP, for example, a symmetric key (PAIRWISE MASTER KEY, PMK) is generated based on the SSID of the AP, then a reference key PMK-R0 is generated according to the PMK, the AP identifier of the AP (e.g., the MAC address of the AP), the STA identifier of the first STA (e.g., the MAC address of the first STA), and finally a pre-authentication key for the AP to perform the quick connection on the first STA is generated according to the PMK-R0, the AP identifier of the AP, and the STA identifier of the first STA.
Similarly, the principle of generating the pre-authentication key for the other APs to perform the fast connection to the first STA according to the AP identifier of any other AP in the same roaming group and in a different network segment with the AP is similar, and will not be described again.
In this embodiment, the pre-authentication key generated by the AP and used for the AP to perform the fast connection to the first STA and the pre-authentication key generated by the AP and used for other APs to perform the fast connection to the first STA may also be obtained by the first STA synchronously, for example, the first STA may obtain through a four-way handshake with the AP, which is not limited in this embodiment.
It can be appreciated that, because the SSID of the AP is adopted in the generation process of the pre-authentication key, the SSID of different roaming groups is different, so that the generated pre-authentication key cannot be used for APs of other roaming groups.
S102, through an AC for managing and controlling the AP, the pre-authentication key for the other APs in different network segments in the roaming group to perform quick connection with the first STA is correspondingly sent to the other APs, so that when the other APs access the first STA roaming across the network segment, the first STA is quickly connected based on the received pre-authentication key for the quick connection with the first STA, and the first STA is quickly accessed to the network after roaming across the network segment.
In this embodiment, through the AC for performing management control on the AP, the pre-authentication key that is used for performing quick connection with the first STA by other APs in the same roaming group and in different network segments is sent to other APs, so that when any other AP in the same roaming group accesses the first STA that roams across the network segments, the first STA is quickly connected based on the received pre-authentication key that is used for performing quick connection with the first STA, and after the first STA roams across the network segments, the first STA is quickly accessed to the network.
Alternatively, as an embodiment, the pre-authentication key corresponding to the first STA by each AP in the same network segment in the roaming group to which the AP belongs may also be sent to each AP by the AC. Therefore, whether any AP in the same roaming group is in the same network segment with the AP or not, the fast connection with the first STA can be realized based on the pre-authentication key for fast connecting the first STA by the AP in the roaming process of the first STA, so that the effect of seamless roaming across network segments is achieved.
As an embodiment, the foregoing specific implementation manner of sending the pre-authentication key corresponding to the first STA by the other APs to the other APs through the AC is many, for example, the pre-authentication key corresponding to the first STA by the other APs is carried in the second instruction and sent to the AC, so that the AC sends the pre-authentication key corresponding to the first STA by the APs to the APs. The format of the second instruction accords with the requirements of a protocol between the AP and the AC; here, the protocol between the AP and the AC may be preconfigured by the AC, for example, may be a capwap protocol, or may be other private tunneling protocols. The second instruction at least carries the STA identifier of the first STA and the pre-authentication key, so as to establish a mapping relationship between the STA and the pre-authentication key.
Thus, the flow shown in fig. 1 is completed.
As can be seen from the flow shown in fig. 1, after any AP in any roaming group establishes a connection with a first STA based on a first instruction sent by the first STA, a pre-authentication key for the AP to quickly connect with the first STA is generated according to the AP identifier of any AP in the same roaming group, and the pre-authentication keys for the other APs in the same roaming group to quickly connect with the first STA are correspondingly sent to the other APs through the AC, so that when the AP accesses a roaming STA, the first STA can be quickly connected based on the received pre-authentication key for quickly connecting with the first STA, thereby achieving the effect of seamless roaming and avoiding the problem of network connection interruption or delay existing in the prior art.
In this embodiment, as an embodiment, the method further includes: receiving, by the AC, a pre-authentication key generated by any one of the other APs in the same roaming group and used for the AP to perform a fast connection with the second STA; when the second STA roams to the AP from other APs in the same roaming group across network segments, the second STA is quickly connected based on the received pre-authentication key for the AP to quickly connect the second STA, so that the second STA quickly accesses the network after roaming across the network segments.
The second STA is different from the first STA, and the present AP is not the first AP that establishes a connection with the second STA in the roaming group to which the present AP belongs, so the present AP receives, through the AC, the pre-authentication key generated by the first AP that establishes a connection with the second STA in the roaming group to which the present AP belongs and used for the present AP to perform the fast connection with the second STA. As an embodiment, the pre-authentication key for the AP to quickly connect to the second STA may be generated by other APs in the same network segment or by other APs in different network segments. Therefore, when the second STA roams from other APs in the same roaming group to the AP from the same network segment, the AP can quickly connect the second STA based on the received pre-authentication key for the AP to quickly connect the second STA, so that the second STA quickly accesses the network after roaming from the same network segment or the same network segment.
As an embodiment, the implementation manner of the fast connection to the second STA based on the received pre-authentication key for the fast connection to the second STA by the AP is many, for example, when the connection request from the second STA to the AP is received, if the pre-authentication key for the fast connection to the second STA exists locally by the AP, the connection is successfully established with the second STA. For example, when a connection request of the second STA to the AP is received, at least the STA identifier of the second STA and the pre-authentication key for fast connection to the second STA are carried in the connection request, if the pre-authentication key for fast connection to the second STA exists locally in the AP, the connection request is compared with the pre-authentication key carried in the connection request, and if the connection request is consistent, the connection with the second STA can be successfully established.
Optionally, as an embodiment, after sending the pre-authentication key corresponding to the other APs (including the AP spanning the network segment and the same network segment) in the same roaming group with the AP to the other APs, the method further includes:
If the message that the pre-authentication key is successfully issued by the AC is not received within the set time period, the AP which fails in issuing the pre-authentication key is indicated to exist (for example, the pre-authentication key does not exist in the signaling received by the AP because the signaling used by the AC for issuing the pre-authentication key has packet loss problem, or the pre-authentication key issued by the AC cannot be received by the AP which is offline, etc.), the AC is informed to continuously issue the pre-authentication key which is fast connected with the first STA to each AP which fails in issuing the pre-authentication key in the same roaming group with the AP until the number of times of notification reaches the set value, so that each AP in the roaming group can be effectively ensured to receive the pre-authentication key which is fast connected with the first STA, and the success rate of issuing the pre-authentication key is improved. The AC feeds back a message of successful issuing of the pre-authentication key after successful issuing of the pre-authentication key to other APs in the same roaming group with the AP.
Here, the set time period and the set value may be flexibly set in advance according to actual requirements, for example, the set time period may be 5 seconds, 6 seconds, or the like; the set value may be 3 times, 4 times, etc.
Optionally, as an embodiment, after receiving the pre-authentication key generated by any AP in the same roaming group for the AP to fast connect to the second STA, the method further includes: and feeding back a message that the pre-authentication key is successfully issued to the AC so that the AC can know that the pre-authentication key is successfully issued to the AP. In this way, by feeding back the message that the pre-authentication key is successfully issued to the AC, the AC can acquire which APs in the roaming group successfully receive the pre-authentication key and which APs do not receive the message of the pre-authentication key; based on the above, the AC may feed back the acquired message to the AP generating the pre-authentication key in the roaming group, so as to trigger the AP to notify the AC to continuously issue the pre-authentication key for fast connection to the second STA to each AP that fails to issue the pre-authentication key in the roaming group until the notification times reach the set value; or the AC can also continuously issue the pre-authentication key which is used for carrying out quick connection on the second STA for each AP which is failed to issue the pre-authentication key in the roaming group based on the acquired information until the times of issuing the pre-authentication key reach the set times; thus, the success rate of issuing the pre-authentication key can be effectively improved.
Referring to fig. 2, fig. 2 is a flow chart of another cross-network-segment roaming method according to an embodiment of the present application. The method is applied to the AC, the AC is used for managing and controlling the APs, wherein more than two APs are deployed in the same roaming group, at least two different APs in the roaming group are different in network segment, each AP in the roaming group is configured with the same SSID, and the APs in the different roaming groups are configured with different SSIDs;
as shown in fig. 2, the process may include the steps of:
S201, receiving a pre-authentication key which is sent by a first AP in a roaming group and is used for carrying out quick connection on a first wireless terminal STA by other APs which are in the same roaming group as the first AP and are in different network segments with the first AP; after the first AP successfully establishes connection with the first STA based on a first instruction sent by the first STA, generating a pre-authentication key for each AP to rapidly connect the first STA according to the AP identifications of other APs in the same roaming group; different APs in the same roaming group have different pre-authentication keys for fast connection to the first STA; the first instruction is used for triggering the first STA to establish connection with the first AP.
In this embodiment, after the first AP successfully establishes a connection with the first STA based on the first instruction sent by the first STA, the specific implementation manner of generating the pre-authentication key for the respective APs to perform the fast connection with the first STA according to the AP identifiers of the other APs in the same roaming group may be referred to the related content described in S101, which is not described herein.
Optionally, as an embodiment, the specific implementation manner of receiving the pre-authentication key sent by the first AP in the roaming group and used for performing the fast connection with the first STA by other APs in the same roaming group is many, for example, the second instruction sent by the first AP is received through the connection between the AC and the first AP; the second instruction indicates a pre-authentication key for other APs in the same roaming group as the first AP to make a fast connection with the first STA; the second instruction at least carries the STA identifier of the first STA and the pre-authentication key, and the format of the second instruction accords with the requirement of a protocol between the first AP and the AC; and analyzing a pre-authentication key for the other APs in the same roaming group with the first AP to quickly connect with the first STA from the second instruction.
In this embodiment, the second instruction may be an instruction for notifying the AC to synchronously issue a pre-authentication key for fast connection to the first STA to other APs in the same roaming group with the first AP; the second instruction carries at least an STA identification of the first STA and a pre-authentication key for use in fast connection with the first STA by other APs in the same roaming group as the first AP.
Optionally, as an embodiment, after the pre-authentication key that is fast connected to the first STA by each other AP in the same roaming group with the first AP is analyzed from the second instruction, the analyzed pre-authentication key and the STA identifier of the first STA may be saved to a designated linked list for later use.
S202, correspondingly sending pre-authentication keys which are used for carrying out quick connection on the first STA by other APs which are in the same roaming group and are in different network segments with the first AP to other APs, so that when any other AP in the same roaming group accesses the first STA which is roaming across the network segments, the first STA is quickly connected based on the received pre-authentication keys which are used for carrying out quick connection on the first STA, and the first STA is quickly accessed to a network after roaming across the network segments.
Optionally, in this embodiment, the pre-authentication key sent by the first AP in the roaming group and used for performing quick connection with the first STA by other APs in the same roaming group and the same network segment with the first AP may also be received; and sending the pre-authentication key for the other APs in the same network segment with the AP in the roaming group to the other APs correspondingly, so that when the other APs access the first STA roaming in the same network segment, the first STA is quickly connected based on the received pre-authentication key for the quick connection of the first STA, and the first STA is quickly accessed to the network after roaming in the same network segment.
It can be seen that, in this embodiment, after receiving the pre-authentication key for fast connection to the first wireless STA by each of the other APs in the same roaming group as the first AP (including the AP of the same network segment and the AP of a different network segment) sent by the first AP in the roaming group, the pre-authentication key for fast connection to the first STA by each of the other APs in the same roaming group as the first AP may be sent to each of the other APs, so that when any one of the other APs in the same roaming group accesses the roaming first STA, the fast connection to the first STA is performed based on the received pre-authentication key for fast connection to the first STA. Therefore, whether any AP in the same roaming group is in the same network segment with the AP or not, the fast connection with the first STA can be realized based on the pre-authentication key for fast connecting the first STA by the AP in the roaming process of the first STA, so that the effect of seamless roaming across network segments is achieved.
Optionally, as an embodiment, after sending the pre-authentication key corresponding to the other APs in the same roaming group as the first AP for the fast connection of the first STA to the other APs, the method further includes: receiving a message that the pre-authentication key fed back by any AP is successfully issued; it can be understood that if the AC does not receive the message fed back by the AP indicating that the pre-authentication key delivery is successful, it indicates that the pre-authentication key delivery of the AP to the first STA is failed.
If it is determined based on the received message that the other APs in the same roaming group as the first AP are successfully issued the pre-authentication key, feeding back a message that the pre-authentication key is successfully issued to the first AP. Otherwise, each AP which is in the same roaming group with the first AP and has failure in issuing the pre-authentication key continues to issue the pre-authentication key which is used for fast connecting the first STA until the number of times of issuing the pre-authentication key reaches the set number of times. The number of times may be, for example, 3 times, 4 times, etc., and is not particularly limited herein.
Alternatively, as an embodiment, the AC may obtain the states (including online and offline) of the APs (including other APs in the same roaming group as the first AP) managed and controlled by the AC, where online AP refers to an AP that establishes a connection with the AC and is in an active state, offline AP refers to an AP that loses a connection with the AC or fails to properly establish a connection, and offline AP cannot communicate with the AC. On this basis, in order to ensure the success rate of the pre-authentication key delivery, the AC may deliver the pre-authentication key for the online AP to which the online AP is fast connected to the first STA, for any online AP for which the pre-authentication key delivery fails, until the number of delivery times reaches a set number of delivery times (e.g., 3 times, 4 times, etc.) or a message that the pre-authentication key delivered successfully is received, which is fed back by the online AP. And the AC issues the pre-authentication key which is used for rapidly connecting the offline AP to the first STA to any offline AP with failed pre-authentication key issue to the offline AP when the offline AP state is found to be online until the issuing times reach the set issuing times (such as 3 times, 4 times and the like) or a message that the pre-authentication key fed back by the offline AP is successfully issued is received.
In order to facilitate understanding of the specific implementation process of the above-mentioned cross-network segment roaming method, the following description will be given by way of example through specific embodiments.
In this embodiment, referring to the networking shown in fig. 3, AP1 (i.e., directly connected to wireless access point 1), AP2 (i.e., directly connected to wireless access point 2), and AP3 (i.e., indirectly connected to wireless access point 3) are all uniformly managed by AC, where AP1, AP2, and AP3 have the same SSID, and the passwords may be the same or different. The AP1 and the AP2 are directly connected to the LAN interfaces (LAN interface 1 is LAN1, LAN interface 2 is LAN 2) of the AC and are in a 192.168.7.X network segment (namely, the corresponding website of the AP1 is 192.168.7.5, and the corresponding website of the AP2 is 192.168.7.6); the AP3 is connected to the WAN side of the AC and is in 192.168.100.X network segment (i.e. the corresponding website of the AP3 is 192.168.100.123). Since AP1 and AP2 are in the same network segment, seamless roaming can be achieved. Referring to fig. 4, this embodiment provides a roaming method, taking STA (i.e. wireless terminal) connected to AP1 (i.e. wireless access point 1) as an example, the specific implementation procedure of the method is as follows:
(1) The STA is connected with the AP1 nearby the AP1, and the STA can complete four-section handshake with the AP 1;
Specifically, for example, as shown in fig. 4, the STA sends an Auth Request (i.e. an authentication Request for the STA) to the AP1, the AP1 sends an Auth Response (i.e. an authentication Response for the STA) to the STA after determining that the STA authentication is successful, the STA sends AP1Assoc Request (i.e. an association Request for requesting to establish a connection with AP 1) to the AP1, and the AP1 sends Assoc Response (i.e. an association Response for successfully establishing a connection with AP 1) to the STA after determining that the STA authentication is successful.
(2) After the STA connects to AP1, AP1 generates a pre-authentication key that can be used for subsequent fast authentication. AP1 will then notify all APs in the Local Area Network (LAN) of this event (i.e., the event indicating STA access) (as in fig. 4, only AP2 can receive).
(3) After receiving the event, AP2 (i.e., wireless access point 2) initiates a key exchange with AP1 (since AP1 and AP2 are in the same network segment, two-layer interworking can be directly performed) for subsequent fast authentication.
(4) The STA then moves closer to AP2, and the STA disconnects from AP1 (Disassoc), and the STA starts to establish a connection with AP2, sends Reassoc Request (i.e., a re-association request for fast roaming) to AP2, and then does not need to perform a four-segment handshake with AP2, but directly uses the pre-authentication key obtained before the key exchange with AP1 to establish a connection, and returns Reassoc Response (re-association response for fast roaming) to the STA, indicating that the connection is successfully established. Thus greatly accelerating reconnection speed and achieving the effect of seamless roaming.
However, in the above scheme, STA can achieve seamless roaming between AP1 and AP2, but between AP1 and AP3 (i.e. wireless access point 3), seamless roaming cannot be achieved between AP2 and AP3, because AP1 and AP2 are both in 192.168.7.X network segment, and AP3 is in 192.168.100.X network segment, i.e. AP1 and AP2 are in AC internal network, and AP3 is in AC external network (i.e. not in the same network segment as AP1 and AP 2), so AP3 cannot communicate directly with AP1 and AP2, and thus exchange of key information cannot be achieved. Only between APs in the same network segment can the exchange of key information be completed.
For example, the STA accesses the AP1 first, so that the AP1 can complete key information exchange with the AP2, and seamless roaming can be realized when the STA slowly approaches the AP 2; the STA is firstly accessed into the AP2, so that the AP2 can complete key information exchange with the AP1, and seamless roaming can be realized when the STA is slowly close to the AP 1; if the STA accesses the AP3 first, the AP3 itself will also generate the pre-authentication key, but because the AP3 cannot communicate with the AP1 and the AP2 directly, the AP1 and the AP2 cannot learn the pre-authentication key corresponding to the STA, and then the STA cannot establish a fast connection directly through the pre-authentication key when approaching the AP1 or the AP2 slowly, so that seamless roaming cannot be achieved.
In order to solve the above problem and realize seamless roaming of STAs between APs crossing network segments, another roaming method is proposed in the embodiment of the present application, and as shown in fig. 5, the method describes a process of seamless roaming of STAs from AP1 to AP3, and the specific implementation process is as follows:
(1) The STA connects AP1 in the vicinity of AP1 and the STA will complete a four-segment handshake with AP 1.
(2) After the STA connects to AP1, AP1 generates a pre-authentication key that is used to quickly authenticate the STA later to establish a connection. The AP1 may generate a pre-authentication key for the AP1 to quickly connect to the STA according to the AP identifier of the AP1, and generate a pre-authentication key for the other APs to quickly connect to the STA according to the AP identifier (e.g., the MAC address of the AP) of any other AP (e.g., AP2, AP 3) in the same roaming group; the pre-authentication keys for the different APs in the same roaming group to make the fast connection to the first STA are different.
(3) AP1 informs the AC of the synchronized pre-authentication key to all APs in the roaming group to which AP1 belongs through a specific signaling (i.e., newly added signaling 1).
(5) The AC distributes the pre-authentication key to all APs (i.e., AP1, AP2, AP 3) in the roaming group through a specific signaling (i.e., newly added signaling 2).
Then, the STA slowly approaches to the AP3, the STA will disconnect from the AP1, and the STA will start to establish a connection with the AP3, so that four-segment handshaking is no longer needed between the STA and the AP3, and only a pre-authentication key is needed to perform rapid authentication.
Further, the embodiment of the application also provides a protection mechanism to ensure that the AP informs the AC of the success rate of distributing the pre-authentication key. Both the AP and the AC need to participate in this mechanism, and the implementation is as follows.
1. The AP side:
the STA connects to a certain AP (whether a direct AP or a side-hung AP); the AP generates a pre-authentication key; the AP signals the AC to synchronize the pre-authentication key to all APs in the roaming group via a specific signaling.
If the AP obtains the pre-authentication key issued by the AC, replying a message that the AC pre-authentication key is issued successfully, and ending the flow; if the message that the pre-authentication key of each AP in the roaming group fed back by the AC is successfully issued is not received within a set period of time (such as 3 seconds, 5 seconds, etc.), the AP will notify the AC to continuously issue the pre-authentication key for quick connection to the STA to each AP that fails to issue the pre-authentication key in the same roaming group as the AP until the notification times reach the set value (such as 3 times, 4 times, etc.); if the notification times reach the set value or the message that the pre-authentication key of each AP in the roaming group fed back by the AC is successfully issued is not received, the failure is considered, and the flow is also terminated. (it will be appreciated that after failure, for those APs that do not distribute a successful pre-authentication key, a four-way handshake may be used to establish a connection when the STA establishes a connection with the AP.)
2. AC side:
The AC receives a request signaling reported by a certain AP for distributing a pre-authentication key to each AP in a roaming group to which the AP belongs; analyzing the MAC address and pre-authentication key information of the STA in the signaling and storing the MAC address and the pre-authentication key information into a chain table; distributing pre-authentication keys to all APs in the roaming group; if reply messages of all the APs are obtained, which means that all the APs have received the pre-authentication key, the process is ended; for an unreflected online AP, the AC issues it once every set time (e.g. 10 minutes) until successful; whereas for an AP that is already offline, the AC will issue a pre-authentication key to it when it finds that the AP is next re-online.
In this embodiment, two signaling are added, signaling 1 is used for informing the AC of the pre-authentication key information corresponding to all the APs in the roaming group and synchronizing STAs, and signaling 2 is used for distributing the pre-authentication key information corresponding to the STAs to all the APs by the AC; the two signaling can be based on the capwap protocol or other private tunneling protocols. The two signaling at least comprise the following fields:
MAC address of STA;
Pre-authentication keys.
The embodiment can realize seamless roaming of the wireless terminal among the cross-network-segment APs by adding two signaling. And because the seamless roaming is not limited by the same local area network any more, the AP can access the AC more freely, so that the load of the AC is reduced to a certain extent, and all data messages of the AP do not need the AC to be forwarded after the AP accesses the AC in a side hanging mode.
Thus, the description of the method provided in this embodiment is completed, and the following describes the network connection system provided in this embodiment of the present application:
Referring to fig. 6, fig. 6 is a schematic structural diagram of a cross-network-segment roaming device according to an embodiment of the present application.
As shown in fig. 6, the cross-network-segment roaming device is configured at any AP in any roaming group, where at least two different APs in the roaming group are located in different network segments, each AP in the roaming group is configured with the same SSID, and APs in different roaming groups are configured with different SSIDs.
The cross-network segment roaming apparatus 600 includes: a key generation module 601 and a first transmission module 602;
The key generation module 601 is configured to generate, by using the key generation module, a pre-authentication key for the AP to perform quick connection with the first STA according to an AP identifier of the AP after the AP successfully establishes a connection with the first STA based on a first instruction sent by the first wireless terminal STA, and generate, by using the AP identifier of any one of the other APs in the same roaming group and in different network segments with the AP, a pre-authentication key for the other APs to perform quick connection with the first STA; different APs in the same roaming group have different pre-authentication keys for fast connection to the first STA; the first instruction is sent on the premise that the first STA does not establish connection with any other AP in the same roaming group, and the first instruction is used for triggering the first STA to establish connection with the AP;
the first sending module 602 is configured to send, through the wireless controller AC for managing and controlling the AP, a pre-authentication key for fast connecting the first STA by each of other APs in the roaming group and in different network segments to each of the other APs, so that each of the other APs, when accessing the first STA roaming across the network segments, fast connects the first STA based on the received pre-authentication key for fast connecting the first STA, and fast accesses the network after the first STA roaming across the network segments.
As an embodiment, the key generating module 601 further generates a pre-authentication key for the other AP to perform the fast connection to the first STA according to the AP identifier of any other AP in the same roaming group and in the same network segment with the AP.
The first sending module 602 is configured to send, through the wireless controller AC for performing management control on the AP, a pre-authentication key for performing quick connection with the first STA by each other AP in the same network segment in the roaming group to each other AP, so that when each other AP accesses the first STA roaming in the same network segment, the first STA is quickly connected based on the received pre-authentication key for performing quick connection with the first STA, and the first STA is quickly accessed to the network after roaming in the same network segment.
As an embodiment, the apparatus further comprises:
the key receiving module is used for receiving a pre-authentication key which is generated by any one of other APs in the same roaming group and used for the AP to quickly connect the second STA through the AC;
And the connection module is used for carrying out quick connection on the second STA based on the received pre-authentication key for the AP to carry out quick connection on the second STA when the second STA roams to the AP from other APs in the same roaming group to the AP in a cross-network-segment manner, so that the second STA can quickly access the networking after roaming in the cross-network-segment manner.
As one embodiment, the method for sending, by the AC for performing management control on the AP, a pre-authentication key corresponding to a pre-authentication key for performing fast connection with the first STA by each of other APs in the same roaming group with the AP to each of the other APs includes:
Carrying a pre-authentication key for carrying out quick connection on the first STA by other APs in the same roaming group in a second instruction and sending the pre-authentication key to the AC so that the AC correspondingly sends the pre-authentication key for carrying out quick connection on the first STA by the APs to the APs; the format of the second instruction accords with the requirement of a protocol between the AP and the AC, and the second instruction at least carries the STA identifier of the first STA and the pre-authentication key.
As one embodiment, after sending the pre-authentication key corresponding to the other APs in the same roaming group that are in the same roaming group and that are fast connected to the first STA, the apparatus further includes:
A notification module, configured to notify the AC to continue to issue the pre-authentication key for fast connection to the first STA to each AP that fails to issue the pre-authentication key in the same roaming group as the AP if a message that the pre-authentication key fed back by the AC is issued successfully is not received within a set period of time, until the notification number reaches a set value; the AC feeds back a message of successful issuing of the pre-authentication key after successful issuing of the pre-authentication key to other APs in the same roaming group as the AP.
As one embodiment, after receiving the pre-authentication key generated by any one of the other APs in the same roaming group for the AP to fast connect to the second STA, the method further includes:
and the issuing module is used for feeding back a message of successful issuing of the pre-authentication key to the AC so that the AC can acquire that the pre-authentication key is successfully issued to the AP.
Referring to fig. 7, fig. 7 is a schematic structural diagram of another cross-network-segment roaming device according to an embodiment of the present application.
As shown in fig. 7, the cross-network segment roaming device 700 is configured in an AC, where the AC is used for managing and controlling APs, where more than two APs are deployed in the same roaming group, at least two different APs in the roaming group are located in different network segments, each AP in the roaming group is configured with the same SSID, and APs in different roaming groups are configured with different SSIDs; the cross-network segment roaming apparatus 700 includes:
A receiving module 701, configured to receive a pre-authentication key sent by a first AP in a roaming group, where the pre-authentication key is sent by the first AP and is in the same roaming group as the first AP, and is in a different network segment from the first AP, where the pre-authentication key is used for performing quick connection with a first wireless terminal STA; after the first AP successfully establishes connection with the first STA based on a first instruction sent by the first STA, generating a pre-authentication key for each AP to rapidly connect the first STA according to the AP identifications of other APs in the same roaming group; different APs in the same roaming group have different pre-authentication keys for fast connection to the first STA; the first instruction is used for triggering the first STA to establish connection with the first AP;
The second sending module 702 is configured to send a pre-authentication key that is used for performing a fast connection with the first STA by each other AP in the same roaming group and different network segments to each other AP, so that when any other AP in the same roaming group accesses the first STA that roams across network segments, the first STA is fast connected based on the received pre-authentication key that is used for performing a fast connection with the first STA, and after the first STA roams across network segments, the first STA is fast accessed to a network.
As an embodiment, the receiving module 701 further receives a pre-authentication key sent by a first AP in a roaming group and used for fast connection with a first STA by other APs in the same roaming group and the same network segment;
The second sending module 702 further sends the pre-authentication key corresponding to the first STA by each other AP in the roaming group, which is in the same network segment as the AP, to each other AP, so that when each other AP accesses the first STA roaming in the same network segment, the first STA is quickly connected based on the received pre-authentication key for quickly connecting the first STA, so that the first STA quickly accesses the network after roaming in the same network segment.
As an embodiment, the apparatus further comprises:
the message receiving module is used for receiving a message that the pre-authentication key fed back by any AP is successfully issued;
And the feedback module is used for feeding back a message of successful issuing of the pre-authentication key to the first AP after determining that other APs in the same roaming group with the first AP are successfully issued based on the received message, otherwise, continuously issuing the pre-authentication key for quick connection with the first STA to each AP which is in the same roaming group with the first AP and has failed issuing of the pre-authentication key until the number of times of issuing the pre-authentication key reaches the set number of times.
The implementation process of the functions and roles of each module in the above device is specifically shown in the implementation process of the corresponding steps in the above method, and will not be described herein again.
For embodiments of the device, reference is made to the description of method embodiments for the relevant points, since they essentially correspond to the method embodiments. The apparatus embodiments described above are merely illustrative, wherein the modules illustrated as separate components may or may not be physically separate, and the components shown as modules may or may not be physical, i.e., may be located in one place, or may be distributed over a plurality of network modules. Some or all of the modules may be selected according to actual needs to achieve the purposes of the present application. Those of ordinary skill in the art will understand and implement the present application without undue burden.
Referring to fig. 8, a schematic hardware structure of an electronic device according to an exemplary embodiment of the application is shown. The electronic device may include a processor 801, a communication interface 802, a memory 803, and a communication bus 804. The processor 801, the communication interface 802, and the memory 803 complete communication with each other through the communication bus 804. Wherein the memory 803 has stored thereon a computer program; the processor 801 may perform the steps of the method described in the above embodiments by executing a program stored on the memory 803. The electronic device may further include other hardware according to the actual function of the electronic device, which will not be described in detail.
Embodiments of the subject matter and functional operations described in this disclosure may be implemented in the following: digital electronic circuitry, tangibly embodied computer software or firmware, computer hardware including the structures disclosed in this application and structural equivalents thereof, or a combination of one or more of them. Embodiments of the subject matter described in this specification can be implemented as one or more computer programs, i.e., one or more modules of computer program instructions encoded on a tangible, non-transitory program carrier for execution by, or to control the operation of, data processing apparatus. Alternatively or additionally, the program instructions may be encoded on a manually-generated propagated signal, e.g., a machine-generated electrical, optical, or electromagnetic signal, that is generated to encode and transmit information to suitable receiver apparatus for execution by data processing apparatus. The computer storage medium may be a machine-readable storage device, a machine-readable storage substrate, a random or serial access memory device, or a combination of one or more of them.
The processes and logic flows described in this application can be performed by one or more programmable computers executing one or more computer programs to perform corresponding functions by operating on input data and generating output. The processes and logic flows can also be performed by, and apparatus can also be implemented as, special purpose logic circuitry, e.g., an FPGA (field programmable gate array) or an ASIC (application-specific integrated circuit).
Computers suitable for executing computer programs include, for example, general purpose and/or special purpose microprocessors, or any other type of central processing unit. Typically, the central processing unit will receive instructions and data from a read only memory and/or a random access memory. The essential elements of a computer include a central processing unit for carrying out or executing instructions and one or more memory devices for storing instructions and data. Typically, a computer will also include, or be operatively coupled to receive data from or transfer data to, or both, one or more mass storage devices for storing data, e.g., magnetic, magneto-optical disks, or optical disks, etc. However, a computer does not have to have such a device. Furthermore, the computer may be embedded in another device, such as a mobile phone, a Personal Digital Assistant (PDA), a mobile audio or video player, a game console, a Global Positioning System (GPS) receiver, or a portable storage device such as a Universal Serial Bus (USB) flash drive, to name a few.
Computer readable media suitable for storing computer program instructions and data include all forms of non-volatile memory, media and memory devices including, for example, semiconductor memory devices (e.g., EPROM, EEPROM, and flash memory devices), magnetic disks (e.g., internal hard disk or removable disks), magneto-optical disks, and CD-ROM and DVD-ROM disks. The processor and the memory can be supplemented by, or incorporated in, special purpose logic circuitry.
While this application contains many specific implementation details, these should not be construed as limitations on the scope of any application or of what may be claimed, but rather as features of specific embodiments of particular applications. Certain features that are described in this application in the context of separate embodiments can also be implemented in combination in a single embodiment. On the other hand, the various features described in the individual embodiments may also be implemented separately in the various embodiments or in any suitable subcombination. Furthermore, although features may be acting in certain combinations and even initially claimed as such, one or more features from a claimed combination can in some cases be excised from the combination, and the claimed combination may be directed to a subcombination or variation of a subcombination.
Similarly, although operations are depicted in the drawings in a particular order, this should not be understood as requiring that such operations be performed in the particular order shown or in sequential order, or that all illustrated operations be performed, to achieve desirable results. In some cases, multitasking and parallel processing may be advantageous. Moreover, the separation of various system modules and components in the embodiments described above should not be understood as requiring such separation in all embodiments, and it should be understood that the described program components and systems can generally be integrated together in a single software product or packaged into multiple software products.
Thus, particular embodiments of the subject matter have been described. Other embodiments are within the scope of the following claims. In some cases, the actions recited in the claims can be performed in a different order and still achieve desirable results. Furthermore, the processes depicted in the accompanying drawings are not necessarily required to be in the particular order shown, or sequential order, to achieve desirable results. In some implementations, multitasking and parallel processing may be advantageous.
The foregoing description of the preferred embodiments of the application is not intended to be limiting, but rather to enable any modification, equivalent replacement, improvement or the like to be made within the spirit and principles of the application.
Claims (11)
1. The method is applied to any wireless Access Point (AP) in any roaming group, wherein at least two different APs in the roaming group are different in network segment, and each AP in the roaming group is configured with the same Service Set Identifier (SSID); the method comprises the following steps:
After a connection is successfully established between any AP in the roaming group and a first STA based on a first instruction sent by the first wireless terminal STA, generating a pre-authentication key for the AP to quickly connect the first STA according to the AP identification of the AP, and generating a pre-authentication key for the other AP to quickly connect the first STA according to the AP identification of any other AP in different network segments with the AP in the same roaming group; different APs in the same roaming group have different pre-authentication keys for fast connection to the first STA; the first instruction is sent on the premise that the first STA does not establish connection with any other AP in the same roaming group, and the first instruction is used for triggering the first STA to establish connection with the AP;
And sending the pre-authentication key which is used for carrying out quick connection on the first STA by other APs which are in different network segments with the AP in the roaming group to other APs through a wireless controller AC used for carrying out management control on the AP, so that when the other APs access the first STA which is roaming across the network segments, the first STA is quickly connected based on the received pre-authentication key which is used for carrying out quick connection on the first STA, and the first STA is quickly accessed to the network after roaming across the network segments.
2. The method according to claim 1, characterized in that the method further comprises:
Receiving, by the AC, a pre-authentication key generated by any one of the other APs in the same roaming group and used for the AP to perform a fast connection with the second STA;
When the second STA roams to the AP from other APs in the same roaming group across network segments, the second STA is quickly connected based on the received pre-authentication key for the AP to quickly connect the second STA, so that the second STA quickly accesses the network after roaming across the network segments.
3. The method according to claim 1, characterized in that the method further comprises:
generating a pre-authentication key for the other APs to rapidly connect the first STA according to the AP identification of any other AP in the same roaming group and in the same network segment with the AP;
and sending the pre-authentication key for the other APs in the same network segment with the AP in the roaming group to the other APs in a corresponding manner through a wireless controller AC for managing and controlling the AP, so that the other APs can quickly connect the first STA on the basis of the received pre-authentication key for the quick connection of the first STA when accessing the first STA roaming in the same network segment, and the first STA can quickly access the networking after roaming in the same network segment.
4. A method according to any one of claims 1 to 3, wherein after sending the pre-authentication key for the other APs to fast connect to the first STA to the other APs, the method further comprises:
If the message that the pre-authentication key fed back by the AC is successfully issued is not received within a set time period, notifying the AC to continuously issue the pre-authentication key which is used for carrying out quick connection on the first STA to each AP which is in the same roaming group with the AP and has failed in issuing the pre-authentication key until the notification times reach a set value; and the AC feeds back a message of successful issuing of the pre-authentication key after successful issuing of the pre-authentication key to other APs in the same roaming group with the AP.
5. The method of claim 2, wherein upon receiving a pre-authentication key generated by any AP in the same roaming group for the AP to fast connect to the second STA, the method further comprises:
And feeding back a message that the pre-authentication key is successfully issued to the AC so that the AC can know that the pre-authentication key is successfully issued to the AP.
6. The method is applied to a wireless controller (AC), wherein the AC is used for managing and controlling wireless Access Points (APs), more than two APs are deployed in the same roaming group, at least two different APs in the roaming group are located in different network segments, and each AP in the roaming group is configured with the same Service Set Identifier (SSID);
Receiving a pre-authentication key which is sent by a first AP in a roaming group, is in the same roaming group as the first AP and is in different network segments with the first AP, and is used for carrying out quick connection on a first wireless terminal STA by other APs; after the first AP successfully establishes connection with the first STA based on a first instruction sent by the first STA, generating a pre-authentication key for each AP to rapidly connect the first STA according to the AP identifications of other APs in the same roaming group; different APs in the same roaming group have different pre-authentication keys for fast connection to the first STA; the first instruction is used for triggering the first STA to establish connection with the first AP;
And correspondingly transmitting pre-authentication keys which are in the same roaming group with the first AP and are used for carrying out quick connection on the first STA by other APs in different network segments to other APs, so that when any other AP in the same roaming group accesses the first STA which is roaming across the network segments, the first STA is quickly connected based on the received pre-authentication keys which are used for carrying out quick connection on the first STA, and the first STA is quickly accessed to the network after roaming across the network segments.
7. The method according to claim 6, characterized in that the method further comprises:
Receiving a pre-authentication key which is sent by a first AP in a roaming group, is in the same roaming group as the first AP and is used for carrying out quick connection on a first STA by other APs in the same network segment;
And correspondingly transmitting a pre-authentication key for the first STA to other APs in the roaming group, wherein the pre-authentication key is used for the other APs in the same network segment to perform quick connection with the first STA, so that when the other APs access the first STA roaming in the same network segment, the first STA is quickly connected based on the received pre-authentication key for the quick connection with the first STA, and the first STA is quickly accessed to a network after roaming in the same network segment.
8. The method according to claim 6 or 7, wherein after sending the pre-authentication key corresponding to the other APs in the same roaming group as the first AP for the fast connection of the first STA to the other APs, the method further comprises:
Receiving a message that the pre-authentication key fed back by any AP is successfully issued;
And if the received message is used for determining that other APs in the same roaming group with the first AP are successfully issued the pre-authentication key, feeding back the message of successful issuing of the pre-authentication key to the first AP, otherwise, continuing issuing the pre-authentication key which is used for carrying out quick connection on the first STA to the APs which are in the same roaming group with the first AP and have failed issuing of the pre-authentication key until the times of issuing the pre-authentication key reach the set times.
9. A cross-network segment roaming device, characterized in that the device is configured at any wireless access point AP in any roaming group, at least two different APs in the roaming group are located in different network segments, and each AP in the roaming group is configured with the same service set identifier SSID; the device comprises:
The key generation module is used for generating a pre-authentication key for the AP to rapidly connect the first STA according to the AP identification of the AP after the AP successfully establishes connection with the first STA based on a first instruction sent by the first wireless terminal STA, and generating a pre-authentication key for the other AP to rapidly connect the first STA according to the AP identification of any one of other APs in different network segments with the AP in the same roaming group; different APs in the same roaming group have different pre-authentication keys for fast connection to the first STA; the first instruction is sent on the premise that the first STA does not establish connection with any other AP in the same roaming group, and the first instruction is used for triggering the first STA to establish connection with the AP;
And the first sending module is used for correspondingly sending the pre-authentication key for the other APs in different network segments in the roaming group to the other APs through the wireless controller AC for managing and controlling the AP, so that the other APs can quickly connect the first STA based on the received pre-authentication key for the quick connection of the first STA when accessing the first STA roaming across the network segments, and the first STA can quickly access the networking after roaming across the network segments.
10. A cross-network segment roaming device, wherein the device is configured in a wireless controller AC, the AC is configured to manage and control wireless access points APs, wherein more than two APs are deployed in a same roaming group, at least two different APs in the roaming group are located in different network segments, and each AP in the roaming group is configured with a same service set identifier SSID, the device comprises:
the device comprises a receiving module, a first wireless terminal STA, a second wireless terminal STA, a first authentication module and a second authentication module, wherein the receiving module is used for receiving a pre-authentication key which is sent by a first AP in a roaming group, is in the same roaming group with the first AP and is in different network segments with the first AP, and is used for carrying out quick connection on the first wireless terminal STA by other APs; after the first AP successfully establishes connection with the first STA based on a first instruction sent by the first STA, generating a pre-authentication key for each AP to rapidly connect the first STA according to the AP identifications of other APs in the same roaming group; different APs in the same roaming group have different pre-authentication keys for fast connection to the first STA; the first instruction is used for triggering the first STA to establish connection with the first AP;
and the second sending module is used for correspondingly sending a pre-authentication key which is used for carrying out quick connection on the first STA by other APs which are in the same roaming group and are in different network segments to other APs, so that when any other AP in the same roaming group accesses the first STA which is in cross-network segment roaming, the first STA is quickly connected based on the received pre-authentication key which is used for carrying out quick connection on the first STA, and the first STA is quickly accessed to a network after the first STA is in cross-network segment roaming.
11. An electronic device, comprising:
A processor; and
A memory in which computer program instructions are stored which, when executed by the processor, cause the processor to perform the steps of the method of any one of claims 1 to 8.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202410325265.2A CN118250692A (en) | 2024-03-20 | 2024-03-20 | Cross-network-segment roaming method and device and electronic equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202410325265.2A CN118250692A (en) | 2024-03-20 | 2024-03-20 | Cross-network-segment roaming method and device and electronic equipment |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN118250692A true CN118250692A (en) | 2024-06-25 |
Family
ID=91552093
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202410325265.2A Pending CN118250692A (en) | 2024-03-20 | 2024-03-20 | Cross-network-segment roaming method and device and electronic equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN118250692A (en) |
-
2024
- 2024-03-20 CN CN202410325265.2A patent/CN118250692A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US8462735B2 (en) | Multiple simultaneous wireless connections in a wireless local area network | |
| EP1741232B1 (en) | Wlan handover | |
| JP4216255B2 (en) | Processing method for service connection between wireless local area network and user terminal device | |
| KR101490243B1 (en) | A Method of establishing fast security association for handover between heterogeneous radio access networks | |
| JP6120865B2 (en) | Method and apparatus for managing security key for communication authentication with terminal in wireless communication system | |
| EP2469961B1 (en) | Method, apparatus and network system for tunnel establishment | |
| CN104221467A (en) | Wireless communication devices and methods for forming peer-to-peer (P2P) wireless connections between devices | |
| US7630712B2 (en) | Method for reconnecting a mobile terminal in a wireless network | |
| CN1989756A (en) | Framework of media-independent pre-authentication support for pana | |
| CN102196520B (en) | Leave over and advanced access service network internetworking | |
| US9686722B2 (en) | Method and device for accounting in WiFi roaming based on AC and AP interworking | |
| WO2014048288A1 (en) | Network switching method and device | |
| CN106572148A (en) | Intelligent product network configuration method and network configuration system | |
| US8478276B1 (en) | Methods for transferring a communication session between companion devices | |
| EP2432262B1 (en) | Method and system for switching station in centralized wlan when wpi is performed by access controller | |
| US8750521B2 (en) | Method and system for station switching when wireless terminal point completes WPI in convergent WLAN | |
| CN110086839B (en) | Dynamic access method and device for remote equipment | |
| CN102164368A (en) | Method for accessing a wireless local area network and communication system | |
| EP3562185B1 (en) | Method and device for joining access node group | |
| CN103281692A (en) | Fast roaming method and equipment between ACs (Alternating Currents) | |
| CN102170670A (en) | Method, system and device for cell switch and close subscriber group information sending | |
| US20150305074A1 (en) | Content delivery method | |
| US9420465B2 (en) | Method and apparatus for device collaboration via a hybrid network | |
| JP2007282129A (en) | Radio information transmission system, radio communication terminal, and access point | |
| CN118250692A (en) | Cross-network-segment roaming method and device and electronic equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |