WO2009033335A1 - A method for controlling and managing an optical network unit / optical network terminal - Google Patents

A method for controlling and managing an optical network unit / optical network terminal Download PDF

Info

Publication number
WO2009033335A1
WO2009033335A1 PCT/CN2007/003379 CN2007003379W WO2009033335A1 WO 2009033335 A1 WO2009033335 A1 WO 2009033335A1 CN 2007003379 W CN2007003379 W CN 2007003379W WO 2009033335 A1 WO2009033335 A1 WO 2009033335A1
Authority
WO
WIPO (PCT)
Prior art keywords
optical network
management
terminal
network unit
network terminal
Prior art date
Application number
PCT/CN2007/003379
Other languages
French (fr)
Chinese (zh)
Inventor
Jinshu Lu
Qing Li
Original Assignee
Zte Corporation
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Zte Corporation filed Critical Zte Corporation
Publication of WO2009033335A1 publication Critical patent/WO2009033335A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04QSELECTING
    • H04Q11/00Selecting arrangements for multiplex systems
    • H04Q11/0001Selecting arrangements for multiplex systems using optical switching
    • H04Q11/0062Network aspects
    • H04Q11/0067Provisions for optical access or distribution networks, e.g. Gigabit Ethernet Passive Optical Network (GE-PON), ATM-based Passive Optical Network (A-PON), PON-Ring
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04QSELECTING
    • H04Q11/00Selecting arrangements for multiplex systems
    • H04Q11/0001Selecting arrangements for multiplex systems using optical switching
    • H04Q11/0062Network aspects
    • H04Q2011/0079Operation or maintenance aspects

Definitions

  • the present invention relates to an optical network unit (ONU)/optical network terminal (optical network terminal) in a passive optical network (PON) Terminal, ONT) A method of security management.
  • ONU optical network unit
  • ONT passive optical network
  • BACKGROUND OF THE INVENTION In many current settings, for example, DSL (Digital Subscriber Line) terminal devices, various home gateways, wireless routers, and defective terminal devices, etc., almost all support direct login from the local to Configuration management of data in the device, etc. Since an OLT (Optical Line Terminal) is connected to a plurality of ONTs/ONUs through an Optical Distribution Network (ODN) in an ⁇ system, there are generally 1:32, 1:64 or 1:128.
  • OLT Optical Line Terminal
  • ODN Optical Distribution Network
  • the data sent from the OLT can be received by each ONT/ONU, except that in the PON system, different GEMs are allocated by ⁇ ONT/ONUs (G-PON Encapsulation Method) , GPON encapsulation method) PORT ID (GEM port identification), etc.
  • the ONT/ONU distinguishes whether the delivered data stream belongs to itself according to the GEM PORT ID assigned by the OLT, and if it is its own, accepts the data, if not Discard your own. If an ONT/ONU is not implemented according to the standard process, or it creates a GEM PORT ID that is not its own, it can accept data that is not its own.
  • the OLT is authorized to each ONT/ONU, and then the ONT/ONU is allowed to send data in its authorized time slot. If an ONT/ONU does not send data according to the authorization of the OLT, it will cause uplink data conflict. , affecting normal use.
  • the ONT/ONU is completely passively responding, and is in a subordinate state. All configuration data is sent by the OLT; and the OLT is in an active position to initiate all configuration data. Therefore, if you can log in to the ONT/ONU device from the ONT/ONU at any time and operate the ONT/ONU settings, the data configured to the ONT/ONU is likely to be modified, and the data of the entire PON system is etc.
  • the present invention proposes a scheme for controlling and managing an optical network unit/optical network terminal, which is practical and feasible to implement an optical network unit/light in a passive optical network.
  • Security management of network terminals The present invention provides a method for controlling optical network unit/optical network terminal management, including the following steps: Step 1: After the optical network unit/optical network terminal registers successfully, the optical line terminal acquires the management of the optical network unit/optical network terminal.
  • the optical line terminal configures management rights information for the optical network unit/optical network terminal, and sends the information to the optical network unit/optical network terminal, thereby modifying the optical network unit/light Administrative rights of the network terminal.
  • the management control 4 is configured on the optical network unit/optical network terminal by: loading or unloading the management module; or controlling by using a variable manner.
  • the management control information includes: information indicating an in-band and/or out-of-band management mode supported by the optical network unit/optical network terminal; indicating whether the optical network unit/optical network terminal is allowed to open its in-band and/or Information about the outband management mode; indicates the information of the uplink port and/or user port management mode supported by the optical network unit/optical network terminal; indicates whether the optical network unit/optical network terminal is allowed to open its uplink port and/or user port.
  • the specific management methods include: local serial port login connection, remote login connection, browser interface login connection, simple network management protocol connection, operation and maintenance management in Ethernet passive optical network (EPON) OAM channel management mode, Gigabit no Optical Network Terminal Management Control Interface (OMCI) protocol mode, Physical Layer OAM (PLOAM) message mode, or custom management i" mode in the source optical network (GPON).
  • EPON passive optical network
  • OMCI Gigabit no Optical Network Terminal Management Control Interface
  • PLOAM Physical Layer OAM
  • the way in which the optical line terminal obtains the management control information includes: uploading or direct query.
  • a branch/leaf: method can be adopted, and a managed entity (Managed Entity, ME) can be adopted in the GPON system.
  • ME managed Entity
  • the PLOAM query/setting through the OAM channel can be adopted, and in the GPON system, the query/setting through the OMCI channel or the PLOAM message can be adopted.
  • the following processing is included in the second step: configuring whether to allow management control of the optical network unit/optical network terminal according to the network management command; according to the optical network unit/optical network termination; whether to open the optical network
  • the unit/optical network terminal performs uplink port and/or user port management; and sets a mode for allowing the optical network unit/optical network terminal to log in.
  • the actual situation of the optical network unit/optical network terminal includes at least: an optical network unit/optical network terminal; a location and a type.
  • the method according to the present invention further includes the following steps: the optical line terminal or the network management device modifies the management authority information of the optical network unit/optical network terminal configuration as needed, thereby ensuring the security of the passive optical network. Therefore, with the method of the present invention, the ONT/ONU management can be securely controlled, and the ONT/ONU connected to the PON system can be operated only under the control of the OLT. Security and assurance that the management of the ONT/ONU can be managed in a variety of ways, thus ensuring the security of the entire PON system.
  • FIG. 1 is a flowchart of a method for managing an optical network unit/optical network terminal according to the present invention
  • FIG. 2 is a flowchart of a method for managing an optical network unit/optical network terminal according to an embodiment of the present invention.
  • FIG. 1 is a flow chart of a method of managing an optical network unit/optical network terminal in accordance with the present invention. As shown in FIG.
  • the method includes the following steps: Step S102: After the optical network unit/optical network terminal registers successfully, the optical line terminal acquires management control information of the optical network unit/optical network terminal; Step S104, light The line terminal configures the management authority information for the optical network unit/optical network terminal, and sends the information to the optical network unit/optical network terminal, thereby modifying the management authority of the optical network unit/optical network terminal.
  • Step S102 further includes: Configuring management control information on the optical network unit/optical network terminal: loading or unloading the management module; or controlling by variable mode, wherein the management control information includes: indicating in-band and/or out-of-band supported by the optical network unit/optical network terminal Management mode information; indicates whether the optical network unit/optical network terminal is allowed to open its in-band and/or out-of-band management mode, that is, whether the outside world is allowed to be accessed in the in-band and/or out-of-band manner; Information about the uplink port and/or user port management mode supported by the optical network terminal; indicates whether the optical network list is allowed.
  • the management control information includes: indicating in-band and/or out-of-band supported by the optical network unit/optical network terminal Management mode information; indicates whether the optical network unit/optical network terminal is allowed to open its in-band and/or out-of-band management mode, that is, whether the outside world is allowed to be accessed in the in-band and/or out-of-band manner;
  • the optical network terminal opens the information of the management mode of the uplink port and/or the user port, that is, whether the management channel is allowed to access through the uplink port and/or the user port; indicating the specific management supported by the optical network unit/optical network terminal Information of the mode; indicates whether the optical network unit/optical network terminal is allowed to open the information of its specific management mode, that is, whether the external environment is allowed to be accessed in some way, such as TELNET, etc.; the user name and password in the management mode are specified.
  • Management methods include: local serial port login connection, remote login connection, browser interface login connection, simple network management protocol connection, OAM channel management mode in EPON, OMCI management mode in GPON, PLOAM message mode, or custom management protocol, etc.
  • the way in which the optical line terminal obtains the management control information includes: uploading or direct query.
  • the Branch/Leaf mode can be adopted, and in the GPON system, the ME mode can be implemented.
  • the OAM channel can be used.
  • Query/Setup can be adopted in the GPON system through the OMCI channel or The PLOAM message is queried/set.
  • the following processing is included in step S104: configuring whether to allow management control of the optical network unit/optical network terminal according to the network management command; according to the actual situation of the optical network unit/optical network terminal
  • the optical network unit/optical network terminal performs uplink port and/or user port management; and sets a mode for allowing the optical network unit/optical network terminal to log in.
  • the actual situation of the optical network unit/optical network terminal includes at least: the location and type of the optical network unit/optical network terminal.
  • the method according to the present invention further includes the following steps: the optical line terminal or the network management modifies the management and authority information of the optical network unit/optical network terminal configuration as needed, thereby ensuring the security of the passive optical network.
  • 2 is a flow chart of a method of managing an optical network unit/optical network terminal according to an embodiment of the present invention. As shown in FIG. 2, the method includes the following steps: S202: Supporting control of various management modes on the ONT/ONU, that is, the connection can be allowed and the connection is not allowed in some manner, for example, loading or unloading can be adopted. The way to manage the module is implemented, variables can also be used to control its implementation, and so on;
  • the OLT acquires the management control capability of the ONT/ONU, for example, in the EPON system, by using a Branch/Leaf method, and by an OLT active query method; in the GPON system, the MIB UPLOAD (MIB management object) Upload), or directly query to obtain;
  • MIB UPLOAD MIB management object
  • the OLT sets the management authority of the ONT/ONU according to the requirement, wherein the network management can configure whether to allow the management control thereof, and whether the actual ONT/ONU condition (for example, the placed location, the type of the ONT/ONU) is set Allow in-band/out-of-band management; whether to allow management through its upper port or user port; set the way it allows login, for example, just open some of them, for example, WEB, all other methods are prohibited;
  • the OLT modifies the management authority of the ONT/ONU and the user name and password of the login as needed, and in order to be more secure, the management authority and the login username and password can be modified at any time.
  • the following is an example of the OLT obtaining management control information in ME mode.
  • the ME is used to describe the ONT management control attributes and to control the management attributes of the ONT.
  • An ONT has an attribute entity that defines the following attributes: Managed Entity id: This attribute provides a unique number identifier for each instance of this ME. There is only one instance of this entity, its number is 0x0000, (R) (mandatory) (2 bytes).
  • Management mode This attribute is a bit field attribute used to describe the management mode supported by the ONT.
  • a bit value of 1 indicates that the corresponding option is supported, and a bit value of 0 indicates that the corresponding option is not supported.
  • Management mode control This attribute is a bit field attribute used to control (enable or disable) the management mode options supported by the ONT. A bit value of 1 indicates that the corresponding option is enabled, and a bit value of 0 indicates that the corresponding option is disabled. If the ONT does not support the set options, it will not take effect after the setting.
  • This attribute is a bit field attribute used to describe the management method supported by the ONT. A bit value of 1 indicates that the corresponding option is supported, and a bit value of 0 indicates that the corresponding option is not supported.
  • Management Method Control This attribute is a bit field attribute used to control (enable or disable) management method options supported by the ONT. A bit value of 1 indicates that the corresponding option is enabled, and a bit value of 0 indicates that the corresponding option is disabled. If the ONT does not support the set options, it will not do anything after the settings.
  • Remote login user name This attribute contains a 25-byte ASCII code that describes the username for remote login. A string of less than 25 bytes adds a null character to the end. If the ONT does not support remote login, it is an empty string and will not have any effect after setting, (R, W) (mandatory) (25 bytes).
  • Remote login password This attribute contains a 25-byte ASCII code that describes the password for remote login. A string smaller than 25 bytes adds a null character to the end. If the ONT does not support remote login, it is an empty string and will not have any effect after setting, (R, W) (mandatory) (25 bytes).
  • Browser Login User Name This attribute contains a 25-byte ASCII code for describing browsing. User name for login, a string of less than 25 bytes adds a null character at the end. If the ONT does not support remote login, it is an empty string and will not have any effect after setting, (R, W) (mandatory) (25 bytes).
  • Browser Login Password This attribute contains a 25-byte ASCII code that describes the password for the browser login. A string less than 25 bytes adds a null character to the end. If the ONT does not support browser login, it is an empty string and will not have any effect after setting, (R, W) (mandatory) (25 bytes).
  • Simple Network Management Community This attribute contains a 25-byte ASCII encoding that describes the community in the SNMP protocol. Strings smaller than 25 bytes are added with null characters at the end. If the ONT does not support SNMP management, it is an empty string and will not have any effect after setting, (R, W) (mandatory) (25 bytes).
  • Actions include: Get ( GET ): Get one or more properties; Set (SET): Set one or more properties.
  • Notification Package 4 Attribute Value Change: This notification is used for automatic update of managed entity management control attributes; The notification should be able to identify the attribute and its new value.
  • the AVC (Attribute Value Change) list managed by the managed entity is shown in Table 1. Management controlled AVC list
  • the present invention is mainly directed to the management security of the ONT/ONU in the PON system.
  • the management authority is first controlled. Therefore, the present invention is only adopted. After the authorization of the optical line terminal, the operation management and maintenance of the data on the optical network unit/optical network terminal can be allowed to operate, so that legal management operations and security of operation can be guaranteed.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Small-Scale Networks (AREA)

Abstract

A method for controlling and managing an optical network unit / optical network terminal is provided, including the following steps: step one, after the optical network unit / optical network terminal has registered successfully, the optical line terminal obtains the management and control information of the optical network unit / optical network terminal (S102); step two, the optical line terminal configures the authority information of management for the optical network unit / optical network terminal, and sends it to the optical network unit / optical network terminal to modify the management authority of the optical network unit / optical network terminal (S104). By applying this invention, therefore, only through the authorization of the optical line terminal can operation, management and maintenance of the optical network unit / optical network terminal data be permitted, and accordingly can legitimate managing operations be enabled and operational security ensured.

Description

控制并管理光网络单元 /光网络终端的方法 技术领域 本发明涉及一种对无源光网络 (Passive Optical Network , PON)中的光网 络单元 ( optical network unit, ONU ) /光网络终端 ( optical network terminal, ONT )进行安全管理的方法。 背景技术 在当前的很多设置中, 例如, DSL ( Digital Subscriber Line , 数字用户 线) 的终端设备, 各种家庭网关, 无线路由器., 以及 ΡΟΝ的终端设备等等, 几乎都支持直接从本地登陆到设备中进行数据的配置管理等。 由于在 ΡΟΝ系统中通常一个 OLT ( Optical Line Terminal, 光线路终端) 通过光分配网 (ODN, Optical Distribution Network )连接多个 ONT/ONU,— 般有 1 : 32, 1: 64或者 1 : 128等, 是一种天然的广播树型结构, 从 OLT下 发的数据每个 ONT/ONU均可以接收到, 只不过在 PON系统中通过^ ^个 ONT/ONU分配不同的 GEM ( G-PON Encapsulation Method, GPON封装方 法) PORT ID ( GEM端口标识)等方式, ONT/ONU根据 OLT分配的 GEM PORT ID等来区分下发的数据流是否是属于自己的, 如果是自己的则接受该 数据, 如果不是自己的则丢弃。 如果某个 ONT/ONU不按照标准规定的处理 流程来实现, 或者其在本地创建不属于自己的 GEM PORT ID, 这样可以接 受不是属于自己的数据。对于上行数据,是通过 OLT给各个 ONT/ONU授权, 然后 ONT/ONU在其授权的时隙才允许发送数据, 如果某个 ONT/ONU不按 照 OLT的授权来发送数据, 则会造成上行数据冲突, 影响正常使用。 另外, 在 PON系统中, ONT/ONU完全是被动响应的, 处于从属的地 位, 所有的配置数据等都症该是 OLT下发的; 而 OLT是处于主动地位, 发 起所有的配置数据。 因此,如果在任何时候,都可以从 ONT/ONU本地登陆到 ONT/ONU设 备上去, 操作 ONT/ONU设置, 则配置到 ONT/ONU上的数据等很可能被修 改,对整个 PON系统的数据等的安全性会有很大威胁,甚至会造成整个 PON 系统出现瘫痪。 发明内容 鉴于现有技术中的上述问题,本发明提出了一种控制并管理光网络单元 /光网络终端的方案,用于筒单实用可行地实现对无源光网络中的光网络单元 /光网络终端的安全管理。 本发明提供了一种控制光网络单元 /光网络终端管理的方法, 包括以下 步骤: 步骤一, 在光网络单元 /光网络终端注册成功后, 光线路终端获取光网 络单元 /光网络终端的管理控制信息; 以及步骤二, 所述光线路终端为所述光 网络单元 /光网络终端配置管理.权限信息, 并发送给所述光网络单元 /光网络 终端, 从而修改所述光网络单元 /光网络终端的管理权限。 根据本发明的方法,在所述步骤一之前还包括通过以下方式在光网络单 元 /光网络终端上配置所述管理控制 4言息: 加载或者卸载管理模块; 或采用变 量方式进行控制。 其中, 管理控制信息包括: 表示所述光网络单元 /光网絡终端支持的带 内和 /或带外管理方式的信息; 表示是否允许所述光网络单元 /光网络终端打 开其带内和 /或带外管理方式的信息; 表示光网络单元 /光网络终端支持的上 联口和 /或用户口管理方式的信息; 表示是否允许光网絡单元 /光网络终端打 开其上联口和 /或用户口管理方式的信息; 表示所述光网络单元 /光网络终端 支持的具体管理方式的信息;表示是否允许所述光网絡单元 /光网络终端打开 其具体管理方式的信息; 表示所述具体管理方式下的用户名和密码。 其中, 具体管理方式包括: 本地串口登陆连接、 远程登陆连接、 浏览器 界面登陆连接、 简单网络管理协议连接、 以太网无源光网络 (EPON ) 中的 操作维护管理 OAM 通道管理方式、 吉比特无源光网络 ( GPON ) 中的光网 络终端管理控制接口( OMCI )协议方式、物理层操作管理维护( Physical Layer OAM, PLOAM ) 消息方式、 或自定义管理 i "办议方式。 根据本发明的方法, 光线路终端获取管理控制信息的方式包括: 上载或 直接查询。 在 EPON系统中可以采用分支 /叶子 ( Branch/Leaf:) 方式, 在 GPON系 统中可以采用受管实体 (Managed Entity , ME ) 方式来实现。 在 EPON系统 中可以采用通过 OAM通道进行 PLOAM查询 /设置 ,在 GPON系统中可以采 用通过 OMCI通道或者 PLOAM消息进 4亍查询 /设置。 根据本发明的方法, 在步骤二中包括以下处理: 根据网管命令来配置是 否允许对光网络单元 /光网络终端进行管理控制; 根据光网络单元 /光网络终 理; 是否开启对所述光网络单元 /光网络终端进行上联口和 /或用户口管理; 以及设置允许光网络单元 /光网络终端登陆的方式。 其中, 光网络单元 /光网络终端的实际情况至少包括: 光网络单元 /光网 络终端的; ^置位置和类型。 根据本发明的方法还包括以下步骤:所述光线路终端或者网管根据需要 或者随时修改所述光网絡单元 /光网络终端配置的管理权限信息,从而保证无 源光网络的安全。 因而, 采用本发明的方法, 能够实现对 ONT/ONU管理进行安全控制, 对于接入到 PON系统的 ONT/ONU, 只有在 OLT的 4受.权下才能够^"其管理 进行操作, 从而既保证了安全又保证能够对 ONT/ONU的管理可以采用多种 管理操作方式, 这样就保证了整个 PON系统的安全。 本发明的其它特征和优点将在随后的说明书中阐述, 并且,部分地从说 明书中变得显而易见, 或者通过实施本发明而了解。 本发明的目的和其.他 ·1 "尤 点可通过在所写的说明书、 权利要求书、 以及附图中所特别指出的结构来实 现和获得。 附图说明 附图用来提供对本发明的进一步理解, 并且构成说明书的一部分, 与本 发明的实施例一起用于解释本发明, 并不构成对本发明的限制。 在附图中: 图 1 是 居本发明的光网络单元 /光网络终端的管理方法的流程图; 以 及 图 2是根据本发明实施例的光网络单元 /光网络终端的管理方法的流程 图。 具体实施方式 以下结合附图对本发明的优选实施例进行说明,应当理解, 此处所描述 的优选实施例仅用于说明和解释本发明, 并不用于限定本发明。 图 1 是根据本发明的光网络单元 /光网络终端的管理方法的流程图。 如 图 1所示, 该方法包^ "以下步骤: 步骤 S102, 在光网络单元 /光网络终端注册成功后, 光线路终端获取光 网络单元 /光网络终端的管理控制信息; 步驟 S 104 , 光线路终端为光网络单元 /光网络终端配置管理权限信息, 并发送给光网络单元 /光网络终端, 从而修改光网络单元 /光网络终端的管理 权限。 其中, 步骤 S102还包括先通过以下方式在光网络单元 /光网络终端上配 置管理控制信息: 加载或者卸载管理模块; 或采用变量方式进行控制。 其中, 管理控制信息包括: 表示光网络单元 /光网络终端支持的带内和 / 或带外管理方式的信息;表示是否允许光网络单元 /光网络终端打开其带内和 /或带外管理方式的信息, 即, 是否允许外界采用带内和 /或带外方式接入; 表示光网络单元 /光网络终端支持的上联口和 /或用户口管理方式的信息; 表 示是否允许光网络单元 /光网络终端打开其上联口和 /或用户口管理方式的信 息, 即, 是否允许管理通道通过其上联口和 /或用户口接入; 表示光网络单元 /光网络终端支持的具体管理方式的信息; 表示是否允许光网络单元 /光网络 终端打开其具体管理方式的信息, 即, 是否允许外界采用某种方式接入, 例 如 TELNET等; 表示具. 管理方式下的用户名和密码。 具体管理方式包括: 本地串口登陆连接、 远程登陆连接、 浏览器界面登 陆连接、 简单网络管理协议连接、 EPON 中的 OAM通道管理方式、 GPON 中的 OMCI管理方式以及 PLOAM消息方式、 或自定义管理协议等。 光线路终端获取管理控制信息的方式包括: 上载或直接查询。 在 EPON系统中可以采用 Branch/Leaf方式,在 GPON系统中可以釆用 ME方式来实现。 在 EPON系统中可以采用通过 OAM通道进行查询 /设置, 在 GPON系统中可以采用通过 OMCI通道或者 PLOAM消息进行查询 /设置。 在步骤 S104中包括以下处理: 根据网管命令来配置是否允许对光网络 单元 /光网絡终端进行管理控制; 根据光网络单元 /光网络终端的实际情况设 光网络单元 /光网络终端进行上联口和 /或用户口管理; 以及设置允许光网络 单元 /光网络终端登陆的方式。 其中, 光网络单元 /光网络终端的实际情况至少包括: 光网络单元 /光网 络终端的.放置位置和类型。 根据本发明的方法还包括以下步骤:光线路终端或者网管根据需要或者 随时修改光网络单元 /光网络终端配置的管理,权限信息,从而保证无源光网络 的安全。 图 2是根据本发明实施例的光网络单元 /光网络终端的管理方法的流程 图。 如图 2所示, 包括以下步骤: S202 , 在 ONT/ONU上能够支持对其各种管理方式的控制, 即能够通过 某种方式来实现允许连接和不允许连接, 例如, 可以采用加载或者卸载管理 模块的方式来实现, 也可以采用变量来控制其实现等等; TECHNICAL FIELD The present invention relates to an optical network unit (ONU)/optical network terminal (optical network terminal) in a passive optical network (PON) Terminal, ONT) A method of security management. BACKGROUND OF THE INVENTION In many current settings, for example, DSL (Digital Subscriber Line) terminal devices, various home gateways, wireless routers, and defective terminal devices, etc., almost all support direct login from the local to Configuration management of data in the device, etc. Since an OLT (Optical Line Terminal) is connected to a plurality of ONTs/ONUs through an Optical Distribution Network (ODN) in an ΡΟΝ system, there are generally 1:32, 1:64 or 1:128. , is a natural broadcast tree structure, the data sent from the OLT can be received by each ONT/ONU, except that in the PON system, different GEMs are allocated by ^^ ONT/ONUs (G-PON Encapsulation Method) , GPON encapsulation method) PORT ID (GEM port identification), etc. The ONT/ONU distinguishes whether the delivered data stream belongs to itself according to the GEM PORT ID assigned by the OLT, and if it is its own, accepts the data, if not Discard your own. If an ONT/ONU is not implemented according to the standard process, or it creates a GEM PORT ID that is not its own, it can accept data that is not its own. For the uplink data, the OLT is authorized to each ONT/ONU, and then the ONT/ONU is allowed to send data in its authorized time slot. If an ONT/ONU does not send data according to the authorization of the OLT, it will cause uplink data conflict. , affecting normal use. In addition, in the PON system, the ONT/ONU is completely passively responding, and is in a subordinate state. All configuration data is sent by the OLT; and the OLT is in an active position to initiate all configuration data. Therefore, if you can log in to the ONT/ONU device from the ONT/ONU at any time and operate the ONT/ONU settings, the data configured to the ONT/ONU is likely to be modified, and the data of the entire PON system is etc. The security of this will be a great threat, and even the entire PON system will be paralyzed. SUMMARY OF THE INVENTION In view of the above problems in the prior art, the present invention proposes a scheme for controlling and managing an optical network unit/optical network terminal, which is practical and feasible to implement an optical network unit/light in a passive optical network. Security management of network terminals. The present invention provides a method for controlling optical network unit/optical network terminal management, including the following steps: Step 1: After the optical network unit/optical network terminal registers successfully, the optical line terminal acquires the management of the optical network unit/optical network terminal. Control information; and step 2, the optical line terminal configures management rights information for the optical network unit/optical network terminal, and sends the information to the optical network unit/optical network terminal, thereby modifying the optical network unit/light Administrative rights of the network terminal. According to the method of the present invention, before the step 1, the management control 4 is configured on the optical network unit/optical network terminal by: loading or unloading the management module; or controlling by using a variable manner. The management control information includes: information indicating an in-band and/or out-of-band management mode supported by the optical network unit/optical network terminal; indicating whether the optical network unit/optical network terminal is allowed to open its in-band and/or Information about the outband management mode; indicates the information of the uplink port and/or user port management mode supported by the optical network unit/optical network terminal; indicates whether the optical network unit/optical network terminal is allowed to open its uplink port and/or user port. The information of the management mode; the information indicating the specific management mode supported by the optical network unit/optical network terminal; the information indicating whether the optical network unit/optical network terminal is allowed to open its specific management mode; Username and password. Among them, the specific management methods include: local serial port login connection, remote login connection, browser interface login connection, simple network management protocol connection, operation and maintenance management in Ethernet passive optical network (EPON) OAM channel management mode, Gigabit no Optical Network Terminal Management Control Interface (OMCI) protocol mode, Physical Layer OAM (PLOAM) message mode, or custom management i" mode in the source optical network (GPON). Method according to the present invention The way in which the optical line terminal obtains the management control information includes: uploading or direct query. In the EPON system, a branch/leaf: method can be adopted, and a managed entity (Managed Entity, ME) can be adopted in the GPON system. In the EPON system, the PLOAM query/setting through the OAM channel can be adopted, and in the GPON system, the query/setting through the OMCI channel or the PLOAM message can be adopted. According to the method of the present invention, the following processing is included in the second step: configuring whether to allow management control of the optical network unit/optical network terminal according to the network management command; according to the optical network unit/optical network termination; whether to open the optical network The unit/optical network terminal performs uplink port and/or user port management; and sets a mode for allowing the optical network unit/optical network terminal to log in. The actual situation of the optical network unit/optical network terminal includes at least: an optical network unit/optical network terminal; a location and a type. The method according to the present invention further includes the following steps: the optical line terminal or the network management device modifies the management authority information of the optical network unit/optical network terminal configuration as needed, thereby ensuring the security of the passive optical network. Therefore, with the method of the present invention, the ONT/ONU management can be securely controlled, and the ONT/ONU connected to the PON system can be operated only under the control of the OLT. Security and assurance that the management of the ONT/ONU can be managed in a variety of ways, thus ensuring the security of the entire PON system. Other features and advantages of the present invention will be set forth in the subsequent description and, in part, from It will be apparent from the description, or be understood by <RTIgt;</RTI><RTIgt;</RTI><RTIgt;</RTI><RTIgt;</RTI><RTIgt; And get. The drawings are intended to provide a further understanding of the invention, and are intended to be a part of the description of the invention. In the drawings: FIG. 1 is a flowchart of a method for managing an optical network unit/optical network terminal according to the present invention; and FIG. 2 is a flowchart of a method for managing an optical network unit/optical network terminal according to an embodiment of the present invention. DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS Hereinafter, preferred embodiments of the present invention will be described with reference to the accompanying drawings, which should be understood The preferred embodiments are merely illustrative and illustrative of the invention and are not intended to limit the invention. 1 is a flow chart of a method of managing an optical network unit/optical network terminal in accordance with the present invention. As shown in FIG. 1 , the method includes the following steps: Step S102: After the optical network unit/optical network terminal registers successfully, the optical line terminal acquires management control information of the optical network unit/optical network terminal; Step S104, light The line terminal configures the management authority information for the optical network unit/optical network terminal, and sends the information to the optical network unit/optical network terminal, thereby modifying the management authority of the optical network unit/optical network terminal. Step S102 further includes: Configuring management control information on the optical network unit/optical network terminal: loading or unloading the management module; or controlling by variable mode, wherein the management control information includes: indicating in-band and/or out-of-band supported by the optical network unit/optical network terminal Management mode information; indicates whether the optical network unit/optical network terminal is allowed to open its in-band and/or out-of-band management mode, that is, whether the outside world is allowed to be accessed in the in-band and/or out-of-band manner; Information about the uplink port and/or user port management mode supported by the optical network terminal; indicates whether the optical network list is allowed. The optical network terminal opens the information of the management mode of the uplink port and/or the user port, that is, whether the management channel is allowed to access through the uplink port and/or the user port; indicating the specific management supported by the optical network unit/optical network terminal Information of the mode; indicates whether the optical network unit/optical network terminal is allowed to open the information of its specific management mode, that is, whether the external environment is allowed to be accessed in some way, such as TELNET, etc.; the user name and password in the management mode are specified. Management methods include: local serial port login connection, remote login connection, browser interface login connection, simple network management protocol connection, OAM channel management mode in EPON, OMCI management mode in GPON, PLOAM message mode, or custom management protocol, etc. The way in which the optical line terminal obtains the management control information includes: uploading or direct query. In the EPON system, the Branch/Leaf mode can be adopted, and in the GPON system, the ME mode can be implemented. In the EPON system, the OAM channel can be used. Query/Setup, can be adopted in the GPON system through the OMCI channel or The PLOAM message is queried/set. The following processing is included in step S104: configuring whether to allow management control of the optical network unit/optical network terminal according to the network management command; according to the actual situation of the optical network unit/optical network terminal The optical network unit/optical network terminal performs uplink port and/or user port management; and sets a mode for allowing the optical network unit/optical network terminal to log in. The actual situation of the optical network unit/optical network terminal includes at least: the location and type of the optical network unit/optical network terminal. The method according to the present invention further includes the following steps: the optical line terminal or the network management modifies the management and authority information of the optical network unit/optical network terminal configuration as needed, thereby ensuring the security of the passive optical network. 2 is a flow chart of a method of managing an optical network unit/optical network terminal according to an embodiment of the present invention. As shown in FIG. 2, the method includes the following steps: S202: Supporting control of various management modes on the ONT/ONU, that is, the connection can be allowed and the connection is not allowed in some manner, for example, loading or unloading can be adopted. The way to manage the module is implemented, variables can also be used to control its implementation, and so on;
S204, OLT获取 ONT/ONU的管理控制能力, 例如, 在 EPON系统中 可以通过采用 Branch/Leaf的方式来实现, 通过 OLT主动查询方式来获取; 在 GPON系统中, 可以通过 MIB UPLOAD(MIB管理对象上载), 或者直接 查询方式来获取; S204, the OLT acquires the management control capability of the ONT/ONU, for example, in the EPON system, by using a Branch/Leaf method, and by an OLT active query method; in the GPON system, the MIB UPLOAD (MIB management object) Upload), or directly query to obtain;
S206, OLT根据需要设置 ONT/ONU 的管理权限, 其中, 可以通过网 管来配置是否允许其管理控制, 可以根据实际 ONT/ONU情况 (例如, 放置 的位置, ONT/ONU 的类型), 设置其是否允许带内 /带外管理; 是否允许通 过其上联口或者用户口来管理; 设置其允许登陆的方式, 例如仅仅打开其中 的某种方式, 例如, WEB, 其他方式全部禁止; S206, the OLT sets the management authority of the ONT/ONU according to the requirement, wherein the network management can configure whether to allow the management control thereof, and whether the actual ONT/ONU condition (for example, the placed location, the type of the ONT/ONU) is set Allow in-band/out-of-band management; whether to allow management through its upper port or user port; set the way it allows login, for example, just open some of them, for example, WEB, all other methods are prohibited;
S208 , OLT根据需要修改 ONT/ONU 的管理权限以及其登陆的用户名 和密码等, 为了更加安全, 可以随时修改其管理权限, 以及登陆的用户名和 密码。 以下对 OLT以 ME方式获取管理控制信息进行举例说明。 ME用于描 述 ONT管理控制属性, 以及对 ONT的管理属性进行控制。 一个 ONT存在 一个属性实体, 定义以下属性: 受管实体标识( Managed Entity id ): 该属性为这个 ME的每一个实例提 供唯一的编号标识。 该实体只有一个实例, 其编号是 0x0000, ( R ) (强制) ( 2字节)。 管理方式: 该属性是一个比特位域属性, 用于描述 ONT支持的管理方 式。 比特值为 1表示支持所对应的选项, 比特值为 0表示不支持所对应的选 项。 这些选项如下: 0x1=带内管理方式, 0x2=带外管理方式, 0x4=上联口方 式, 0x8=用户侧管理方式, Ox 10-0x80=保留将来使用,( R ) (强制)( 1字节)。 管理方式控制:该属性是一个比特位域属性,用于控制(使能或者禁止) ONT支持的管理方式选项。 比特值为 1表示使能所对应的选项, 比特值为 0 表示禁止所对应的选项。 如果 ONT 不支持所设置的选项, 设置后也不会起 任'河作用。 这些选项如下: 0x1=带内管理方式, 0x2=带外管理方式, 0x4=上 联口方式, 0x8=用户侧管理方式, Ox 10-0x80=保留将来使用, ( R, W ) (强 制)( 1字节)。 管理方法: 该属性是一个比特位域属性, 用于描述 ONT支持的管理方 法。 比特值为 1表示支持所对应的选项, 比特值为 0表示不支持所对应的选 项。 这些选项如下: 0x1=串口 (CONSOLE ), 0x2=远程登录 (TELNET ), 0x4=浏览器 (WEB ), 0x8=简单网络管理 (SNMP ), 0xl0=ONT管理控制接 口 (OMCI ), 0x20-0x80=保留将来使用, (R) (强制)(1字节)。 管理方法控制:该属性是一个比特位域属性,用于控制(使能或者禁止) ONT支持的管理方法选项。 比特值为 1表示使能所对应的选项, 比特值为 0 表示禁止所对应的选项。 如果 ONT 不支持所设置的选项, 设置后也不会起 任何作用。这些选项如下: 0x1=串口( CONSOLE ), 0x2=远程登录( TELNET ), 0x4=浏览器 ( WEB ), 0x8=简单网络管理 ( SNMP ), 0xl0=ONT管理控制接 口 ( OMCI ), 0x20-0x80=保留将来使用, (R, W) (强制)(1字节)。 远程登录用户名: 该属性包含了 25字节 ASCII编码, 用于描述远程登 录的用户名, 小于 25字节的字符串在尾部添加空字符。 如果 ONT不支持远 程登录, 则为空字符串, 设置后也不会起任何作用, (R, W) (强制)(25个字 节)。 远程登录密码: 该属性包含了 25字节 ASCII编码, 用于描述远程登录 的密码, 小于 25字节的字符串在尾部添加空字符。 如果 ONT不支持远程登 录, 则为空字符串, 设置后也不会起任何作用, (R, W) (强制)(25个字节)。 浏览器登录用户名: 该属性包含了 25字节 ASCII编码, 用于描述浏览 器登录的用户名, 小于 25字节的字符串在尾部添加空字符。 如果 ONT不支 持远程登录, 则为空字符串, 设置后也不会起任何作用, (R, W) (强制)(25 个字节)。 浏览器登录密码: 该属性包含了 25字节 ASCII编码, 用于描述浏览器 登录的密码, 小于 25字节的字符串在尾部添加空字符。 如果 ONT不支持浏 览器登录, 则为空字符串, 设置后也不会起任何作用, (R, W) (强制)(25个 字节)。 简单网络管理共同体: 该属性包含了 25 字节 ASCII 编码, 用于描述 SNMP协议中的共同体,小于 25字节的字符串在尾部添加空字符。如果 ONT 不支持 SNMP管理, 则为空字符串, 设置后也不会起任何作用, (R, W) (强 制)(25个字节)。 动作包括: 获取( GET ): 获得一个或多个属性; 设置 (SET ): 设置一个或多个属性。 通知包 4舌: 属性值更改: 该通知用于受管实体管理控制属性的自动更新; R告。 通知 应能够识別属性及其新值。 受管实体管理控制的 AVC (属性值改变 )列表见 表 1。 管理控制的 AVC列表 S208, the OLT modifies the management authority of the ONT/ONU and the user name and password of the login as needed, and in order to be more secure, the management authority and the login username and password can be modified at any time. The following is an example of the OLT obtaining management control information in ME mode. The ME is used to describe the ONT management control attributes and to control the management attributes of the ONT. An ONT has an attribute entity that defines the following attributes: Managed Entity id: This attribute provides a unique number identifier for each instance of this ME. There is only one instance of this entity, its number is 0x0000, (R) (mandatory) (2 bytes). Management mode: This attribute is a bit field attribute used to describe the management mode supported by the ONT. A bit value of 1 indicates that the corresponding option is supported, and a bit value of 0 indicates that the corresponding option is not supported. These options are as follows: 0x1=in-band management mode, 0x2=out-of-band management mode, 0x4=uplink mode, 0x8=user side management mode, Ox 10-0x80=reserve future use, (R) (mandatory) (1 word Section). Management mode control: This attribute is a bit field attribute used to control (enable or disable) the management mode options supported by the ONT. A bit value of 1 indicates that the corresponding option is enabled, and a bit value of 0 indicates that the corresponding option is disabled. If the ONT does not support the set options, it will not take effect after the setting. These options are as follows: 0x1=in-band management mode, 0x2=out-of-band management mode, 0x4=uplink mode, 0x8=user side management mode, Ox 10-0x80=reserved future use, (R, W) (mandatory) 1 byte). Management Method: This attribute is a bit field attribute used to describe the management method supported by the ONT. A bit value of 1 indicates that the corresponding option is supported, and a bit value of 0 indicates that the corresponding option is not supported. These options are as follows: 0x1=Serial (CONSOLE), 0x2=Telnet (TELNET), 0x4=Browser (WEB), 0x8=Simple Network Management (SNMP), 0xl0=ONT Management Control Interface (OMCI), 0x20-0x80= Reserved for future use, (R) (mandatory) (1 byte). Management Method Control: This attribute is a bit field attribute used to control (enable or disable) management method options supported by the ONT. A bit value of 1 indicates that the corresponding option is enabled, and a bit value of 0 indicates that the corresponding option is disabled. If the ONT does not support the set options, it will not do anything after the settings. These options are as follows: 0x1=Serial (CONSOLE), 0x2=Remote Login (TELNET), 0x4=Browser (WEB), 0x8=Simple Network Management (SNMP), 0xl0=ONT Management Control Interface (OMCI), 0x20-0x80= Reserved for future use, (R, W) (mandatory) (1 byte). Remote login user name: This attribute contains a 25-byte ASCII code that describes the username for remote login. A string of less than 25 bytes adds a null character to the end. If the ONT does not support remote login, it is an empty string and will not have any effect after setting, (R, W) (mandatory) (25 bytes). Remote login password: This attribute contains a 25-byte ASCII code that describes the password for remote login. A string smaller than 25 bytes adds a null character to the end. If the ONT does not support remote login, it is an empty string and will not have any effect after setting, (R, W) (mandatory) (25 bytes). Browser Login User Name: This attribute contains a 25-byte ASCII code for describing browsing. User name for login, a string of less than 25 bytes adds a null character at the end. If the ONT does not support remote login, it is an empty string and will not have any effect after setting, (R, W) (mandatory) (25 bytes). Browser Login Password: This attribute contains a 25-byte ASCII code that describes the password for the browser login. A string less than 25 bytes adds a null character to the end. If the ONT does not support browser login, it is an empty string and will not have any effect after setting, (R, W) (mandatory) (25 bytes). Simple Network Management Community: This attribute contains a 25-byte ASCII encoding that describes the community in the SNMP protocol. Strings smaller than 25 bytes are added with null characters at the end. If the ONT does not support SNMP management, it is an empty string and will not have any effect after setting, (R, W) (mandatory) (25 bytes). Actions include: Get ( GET ): Get one or more properties; Set (SET): Set one or more properties. Notification Package 4: Attribute Value Change: This notification is used for automatic update of managed entity management control attributes; The notification should be able to identify the attribute and its new value. The AVC (Attribute Value Change) list managed by the managed entity is shown in Table 1. Management controlled AVC list
Figure imgf000009_0001
其中, 如果当前 OMCI方法是禁止的, 则 ONT除了响应该 ME--管理 控制的操作(获取或者设置)以外, 不能响应其它任何 ME, 其它任何操作。 当 OLT没有设置过属性 5到 9时, ONT可以改变该属性, 同时上 4艮相应的 AVC, 如果已经设置过某个属性, 则不允许 ONT改变其属性值。 综上所述, 本发明主要是针对 PON系统中对 ONT/ONU管理安全性上 考虑, 在 ONT/ONU接入到 PON系统时, 首先对其管理权限进行控制, 因 此, 采用本发明, 只有通过光线路终端的授权后才能允许操作管理维护光网 络单元 /光网络终端上的数据,这样既可以允许合法的管理操作又保证其操作 的安全性。 以上仅为本发明的优选实施例而已, 并不用于限制本发明, 对于本领域 的技术人员来说, 本发明可以有各种更改和变化。 凡在本发明的精神和原则 之内, 所作的任何修改、 等同替换、 改进等, 均应包含在本发明的保护范围 之内。
Figure imgf000009_0001
Wherein, if the current OMCI method is forbidden, the ONT cannot respond to any other ME, any other operation except the operation (acquisition or setting) of the ME--management control. When the OLT has not set the attributes 5 to 9, the ONT can change the attribute and simultaneously the corresponding AVC. If an attribute has been set, the ONT is not allowed to change its attribute value. In summary, the present invention is mainly directed to the management security of the ONT/ONU in the PON system. When the ONT/ONU accesses the PON system, the management authority is first controlled. Therefore, the present invention is only adopted. After the authorization of the optical line terminal, the operation management and maintenance of the data on the optical network unit/optical network terminal can be allowed to operate, so that legal management operations and security of operation can be guaranteed. The above are only the preferred embodiments of the present invention, and are not intended to limit the present invention, and various modifications and changes can be made to the present invention. Any modifications, equivalent substitutions, improvements, etc. made within the spirit and scope of the present invention are intended to be included within the scope of the present invention.

Claims

权 利 要 求 书 Claim
1. 一种控制并管理光网络单元 /光网络终端的方法, 用于实现对无源光网络 中的光网络单元 /光网络终端的管理, 其特征在于, 包括以下步骤: A method for controlling and managing an optical network unit/optical network terminal for implementing management of an optical network unit/optical network terminal in a passive optical network, comprising the steps of:
步骤一, 在光网络单元 /光网络终端注册成功后, 光线路终端获取 所述光网络单元 /光网络终端的管理控制信息; 以及 步骤二, 所述光线路终端为所述光网络单元 /光网络终端配置管理,权 限信息, 并发送给所述光网络单元 /光网络终端, 从而 改所述光网络单 元 /光网络终端的管理; f又限。  Step 1: After the optical network unit/optical network terminal is successfully registered, the optical line terminal acquires management control information of the optical network unit/optical network terminal; and step 2, the optical line terminal is the optical network unit/light The network terminal configures management, rights information, and sends the information to the optical network unit/optical network terminal, thereby changing the management of the optical network unit/optical network terminal;
2. 根据权利要求 1所述的方法, 其特征在于, 在所述步骤一之前还包括通 过以下方式在所述光网络单元 /光网络终端上配置所述管理控制信息: 加载或者卸载管理模块; 或 The method according to claim 1, wherein before the step 1, the method further comprises: configuring the management control information on the optical network unit/optical network terminal by: loading or unloading a management module; Or
采用变量方式控制。  Controlled by variables.
3. 根据权利要求 1或 2所述的方法, 其特征在于, 所述管理控制信息包括: 表示所述光网络单元 /光网络终端支持的带内和 /或带外管理方式的 信息; 理方式的^ ί言息; The method according to claim 1 or 2, wherein the management control information comprises: information indicating an in-band and/or out-of-band management mode supported by the optical network unit/optical network terminal; ^ ί 言;
表示所述光网络单元 /光网络终端支持的上联口和 /或用户口管理方 式的信息;  Information indicating an uplink port and/or a user port management mode supported by the optical network unit/optical network terminal;
表示是否允许所述光网络单元 /光网络终端打开其上联口和 /或用户 口管理方式的信息;  Determining whether the optical network unit/optical network terminal is allowed to open information of its upper port and/or user port management mode;
表示所述光网络单元 /光网络终端支持的具体管理方式的信息; 表示是否允许所述光网络单元 /光网络终端打开其具体管理方式的 信息;  Information indicating a specific management mode supported by the optical network unit/optical network terminal; information indicating whether the optical network unit/optical network terminal is allowed to open its specific management mode;
表示所述具体管理方式下的用户名和密码。 Indicates the username and password in the specific management mode.
4. 根据权利要求 3所述的方法, 其特征在于, 所述具体管理方式至少包括: 本地串口登陆连接、 远程登陆连接、 浏览器界面登陆连接、 简单网络 理切、议连接、 以太网无源光网络中的操作维护管理通道管理方式、 吉比 特无源光网络中的光网络终端管理控制接口协议方式、 或自定义管理协 议方式。 The method according to claim 3, wherein the specific management mode comprises at least: a local serial port login connection, a remote login connection, a browser interface login connection, a simple network connection, a connection connection, and an Ethernet passive connection. Operation and maintenance management channel management mode in optical network, optical network terminal management control interface protocol mode in Gigabit passive optical network, or custom management protocol mode.
5. 根据权利要求 1所述的方法, 其特征在于, 所述光线路终端获取所述管 理控制信息的方式包括: 上载或直接查询。 The method according to claim 1, wherein the manner in which the optical line terminal acquires the management control information comprises: uploading or directly querying.
6. 根据权利要求 1或 5所迷的方法, 其特征在于, 所述光线路终端获取所 述管理控制信息的方式, 在所述以太网无源光网络系统中采用分支 /叶子 方式, 而在所述吉比特无源光网络系统中采用受管实体方式。 The method according to claim 1 or 5, wherein the optical line terminal acquires the management control information, and adopts a branch/leaf mode in the Ethernet passive optical network system, and The managed entity mode is adopted in the gigabit passive optical network system.
7. 根据权利要求 1或 5所述的方法, 其特征在于, 所述光线路终端获取所 述管理控制信息的方式, 在所述以太网无源光网络系统中通过操作维护 管理通道进 4亍查询 /设置, 而在所迷吉比特无源光网络系统中通过光网络 终端管理控制接口通道或者物理层操作管理维护物理层操作管理维护消 息进行查询 /设置。 The method according to claim 1 or 5, wherein the optical line terminal acquires the management control information, and accesses the maintenance and management channel in the Ethernet passive optical network system. Query/setting, and in the gigabit passive optical network system, the optical network terminal management control interface channel or physical layer operation management and maintenance physical layer operation management maintenance message is queried/set.
8. 根据权利要求 1 所述的方法, 其特征在于, 在所述步驟二中包括以下处 理: 8. The method according to claim 1, wherein the step 2 includes the following processing:
根据网管命令来配置是否允许对所述光网络单元 /光网络终端进行管 理控制;  Configuring whether to allow management of the optical network unit/optical network terminal according to the network management command;
才艮据所述光网络单元 /光网絡终端的实际情况设置是否开启对所述光 网络单元 /光网络终端进行带内和 /或带外管理, 是否开启对所述光网络单 元 /光网络终端进行上联口和 /或用户口管理; 以及  Whether to enable in-band and/or out-of-band management of the optical network unit/optical network terminal according to the actual situation of the optical network unit/optical network terminal, whether to open the optical network unit/optical network terminal Perform uplink and/or user port management;
设置允许所述光网络单元 /光网络终端登陆的方式。  A way of allowing the optical network unit/optical network terminal to log in is set.
9. 根据权利要求 8所述的方法, 其特征在于, 所述光网络单元 /光网络终端 的实际情况至少包括: 所述光网络单元 /光网络终端的放置位置和类型。 The method according to claim 8, wherein the actual situation of the optical network unit/optical network terminal comprises at least: a placement location and a type of the optical network unit/optical network terminal.
10. 根据权利要求 1所述的方法, 其特征在于, 所述光线路终端或者网管根 据需要或者随时修改所述光网络单元 /光网络终端配置的管理权限信息, 从而保证无源光网络的安全。 The method according to claim 1, wherein the optical line terminal or the network management modifies the management authority information of the optical network unit/optical network terminal configuration as needed, thereby ensuring the security of the passive optical network. .
PCT/CN2007/003379 2007-09-14 2007-11-29 A method for controlling and managing an optical network unit / optical network terminal WO2009033335A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN2007101521260A CN101388725B (en) 2007-09-14 2007-09-14 Method for controlling and managing network unit/optical network terminal
CN200710152126.0 2007-09-14

Publications (1)

Publication Number Publication Date
WO2009033335A1 true WO2009033335A1 (en) 2009-03-19

Family

ID=40451553

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2007/003379 WO2009033335A1 (en) 2007-09-14 2007-11-29 A method for controlling and managing an optical network unit / optical network terminal

Country Status (2)

Country Link
CN (1) CN101388725B (en)
WO (1) WO2009033335A1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2458811A4 (en) * 2010-06-03 2017-07-19 ZTE Corporation Method, apparatus and system for processing user identity information in gigabit passive optical network system
CN113490081A (en) * 2021-06-29 2021-10-08 青岛海信宽带多媒体技术有限公司 ONU gateway and PON state lamp lighting method

Families Citing this family (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102291246A (en) * 2010-06-21 2011-12-21 中兴通讯股份有限公司 Selection method and system of optical network unit (ONU) management maintenance mode
CN104243206B (en) * 2014-09-03 2017-12-29 烽火通信科技股份有限公司 Realize the system and method to ONU radio function centralized configuration and managements
WO2017054143A1 (en) * 2015-09-29 2017-04-06 华为技术有限公司 Method, apparatus and system for remotely debugging onu by means of olt
WO2018120179A1 (en) * 2016-12-30 2018-07-05 华为技术有限公司 Optical network unit (onu) management method, apparatus and system
CN109246119B (en) * 2018-09-28 2021-09-14 四川天邑康和通信股份有限公司 PON system with authentication information automatic modification function
AU2019333833B2 (en) * 2019-02-25 2021-05-27 Huawei Technologies Co., Ltd. Topology processing method, apparatus, and system

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2001333087A (en) * 2000-05-19 2001-11-30 Nec Miyagi Ltd Optical pds system
CN1496064A (en) * 2002-09-19 2004-05-12 ���ǵ�����ʽ���� Operation, management and maintenance capability finding method in Ethernet passive optical network
CN1929394A (en) * 2005-09-07 2007-03-14 中兴通讯股份有限公司 Optical network unit remote management method in Ethernet passive optical network system
CN1957635A (en) * 2004-05-13 2007-05-02 西门子公司 Method for remote access of an optical network device in a passive optical network

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2001333087A (en) * 2000-05-19 2001-11-30 Nec Miyagi Ltd Optical pds system
CN1496064A (en) * 2002-09-19 2004-05-12 ���ǵ�����ʽ���� Operation, management and maintenance capability finding method in Ethernet passive optical network
CN1957635A (en) * 2004-05-13 2007-05-02 西门子公司 Method for remote access of an optical network device in a passive optical network
CN1929394A (en) * 2005-09-07 2007-03-14 中兴通讯股份有限公司 Optical network unit remote management method in Ethernet passive optical network system

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2458811A4 (en) * 2010-06-03 2017-07-19 ZTE Corporation Method, apparatus and system for processing user identity information in gigabit passive optical network system
CN113490081A (en) * 2021-06-29 2021-10-08 青岛海信宽带多媒体技术有限公司 ONU gateway and PON state lamp lighting method
CN113490081B (en) * 2021-06-29 2024-05-07 青岛海信宽带多媒体技术有限公司 ONU gateway and PON status lamp lighting method

Also Published As

Publication number Publication date
CN101388725B (en) 2012-05-23
CN101388725A (en) 2009-03-18

Similar Documents

Publication Publication Date Title
WO2009033335A1 (en) A method for controlling and managing an optical network unit / optical network terminal
US11196583B2 (en) Method and system for establishing a service path in a communications network
US10863256B2 (en) Plug-and-play PON systems with autonomous boot mode
EP3154222B1 (en) Service configuration data processing method and apparatus
US9787492B2 (en) Provisioning network devices in Ethernet-based access networks
EP2426866A1 (en) Method and apparatus for authentication in passive optical network and passive optical network thereof
WO2011150620A1 (en) Method and system for identifying accessing network for home gateway
US9755749B2 (en) ONU, communication system and communication method for ONU
WO2012139453A1 (en) Dpoe system and service auto-configuration method and network based thereon
PT2106064E (en) Method, device and system of distributing service
US20110302283A1 (en) Methods And Arrangements In A Passive Optical Network
EP3244571B1 (en) Configuration data distribution method and apparatus
EP3107241A1 (en) Optical network system and management method
ES2950861T3 (en) Service configuration method and apparatus
WO2011127735A1 (en) Gigabit-capable passive optical network system and point-to-point protocol over ehternet configuration method implemented thereby
US20170155449A1 (en) Service Processing Method and Apparatus and Optical Line Terminal
WO2011131141A1 (en) Ethod for authentication of a wireless backup system for an optical network unit
CN102571353B (en) The method of verifying legitimacy of home gateway in passive optical network
WO2013086808A1 (en) Service issue method and device for a gigabit-capable passive optical network
WO2016124075A1 (en) Method and device for controlling management mode of optical network unit in passive optical network
EP2666259B1 (en) Service activation in a passive optical network (pon)
WO2020143639A1 (en) Method, system, and related device for administering optical network unit
JP2017092556A (en) Station side device, information management device, terminal authentication method, and information management method
WO2011094994A1 (en) Method, device and system for controlling authority for accessing optical network unit
WO2011131132A1 (en) Method and system for implementing multicast preview control in optical network

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 07845744

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 07845744

Country of ref document: EP

Kind code of ref document: A1