WO2013020267A1 - Ip地址分配方法和系统以及设备 - Google Patents
Ip地址分配方法和系统以及设备 Download PDFInfo
- Publication number
- WO2013020267A1 WO2013020267A1 PCT/CN2011/078118 CN2011078118W WO2013020267A1 WO 2013020267 A1 WO2013020267 A1 WO 2013020267A1 CN 2011078118 W CN2011078118 W CN 2011078118W WO 2013020267 A1 WO2013020267 A1 WO 2013020267A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- address
- request
- access device
- virtual private
- pool
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements, protocols or services for addressing or naming
- H04L61/50—Address allocation
- H04L61/5061—Pools of addresses
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements, protocols or services for addressing or naming
- H04L61/50—Address allocation
- H04L61/5007—Internet protocol [IP] addresses
- H04L61/5014—Internet protocol [IP] addresses using dynamic host configuration protocol [DHCP] or bootstrap protocol [BOOTP]
Definitions
- the embodiments of the present invention relate to communication technologies, and in particular, to an IP address allocation method and system, and a device. Background technique
- VPN virtual private network
- public network usually the Internet
- VPN Internet Protocol
- remote users, company branches, business partners, and suppliers can establish trusted and secure connections with the company's intranet and ensure secure data transmission.
- the basic network operator provides the VPN service mainly by applying for the VPN self-service implementation method.
- the service front-end service platform technology is adopted, and the client applies for the VPN self-service implementation.
- the back-end centralized processing module is used to automatically plan the VPN.
- the configuration parameters are automatically delivered to avoid manual configuration operations by the carrier.
- the back-end authentication management module is used to authenticate the user name and password.
- the VPN client can use the dynamic host setting protocol (Dynamic Host).
- the configuration protocol (referred to as: DHCP) applies the Internet Protocol (IP) address to the user edge device (Customer Edge; CE for the VPN access device) to self-build the VPN network required by the user.
- IP Internet Protocol
- the VPN network required for self-service construction meets the following configuration conditions:
- the network segments of each network access part of the user are different;
- Each access circuit occupies one network segment and corresponds to a local area network ( Local Area Network; Abbreviation: LAN) or Virtual Local Area Network (Virtual Local Area Network; Abbreviation: VLAN).
- the VPN site ie, the VPN network
- the VPN site dynamically joined by each VPN client may have the same network segment IP address, and the IP address of the uplink port of each user-side CE is the same as the IP address of the VPN access device port.
- the embodiment of the present invention provides an IP address allocation method, system, and device, which are used to solve the problem that each dynamically joined VPN site in the prior art may have an IP address assigned to the same network segment and an uplink port of each user side CE.
- the IP address is the same as the IP address of the VPN access device port.
- An embodiment of the present invention provides an IP address allocation method, including:
- the VPN access device receives the IP address request sent by the DHCP client.
- the VPN access device obtains an unallocated IP address pool from the address pool allocation module configured in the DHCP server according to the IP address request;
- the VPN access device selects an unassigned IP address from the IP address pool to the DHCP client, and then selects an unassigned IP address to the VPN access device.
- the embodiment of the invention further provides an IP address allocation method, including:
- the DHCP server receives the IP address request or the IP address pool request sent by the VPN access device.
- the DHCP server obtains an unassigned IP address from the pre-configured address pool allocation module according to the IP address request or the IP address pool request. Pooling, and sending the IP address pool to the VPN access device.
- An embodiment of the present invention provides a VPN access device, including:
- a receiving module configured to receive an IP address request sent by a DHCP client
- An IP address pool obtaining module configured to obtain an unallocated IP address pool from the address pool allocation module configured in the DHCP server according to the IP address request;
- An allocation processing module configured to select an unassigned IP address from the pool of IP addresses to
- the embodiment of the invention provides a DHCP server, including:
- the receiving module is configured to receive an IP address request or an IP address pool request sent by the VPN access device, and an address pool allocation module, configured to pre-configure and store the IP address pool;
- the sending module is configured to obtain an unallocated IP address pool from the address pool allocation module according to the IP address request or the IP address pool request, and send the IP address pool to the VPN access device.
- An embodiment of the present invention provides an address allocation system, including: a DHCP client, the foregoing DHCP access device, and the foregoing DHCP server.
- the IP address allocation method, system, and device of the embodiment of the present invention receive the IP address request sent by the DHCP client through the VPN access device, and obtain an unoriginal from the address pool allocation module configured in the DHCP server according to the IP address request. Allocating an IP address pool, and selecting an unassigned IP address from the IP address pool to the DHCP client, and then selecting an unassigned IP address to the VPN access device, thereby solving each of the prior art
- a dynamically added VPN site may have the same IP address assigned to the same network segment, and the IP address of the uplink port of each user-side CE is the same as the IP address of the VPN access device port.
- FIG. 1 is a flowchart of an embodiment of an IP address allocation method according to the present invention.
- FIG. 2 is a flowchart of another embodiment of an IP address pool allocation method according to the present invention.
- FIG. 3 is a schematic diagram of a network architecture of an IP address allocation system on which an IP address allocation method according to the present invention is based;
- FIG. 4 is a signaling flowchart of still another embodiment of an IP address allocation method according to the present invention
- FIG. 5 is a signaling flowchart of another embodiment of an IP address allocation method according to the present invention
- FIG. 4 is a signaling flowchart of still another embodiment of an IP address allocation method according to the present invention
- FIG. 5 is a signaling flowchart of another embodiment of an IP address allocation method according to the present invention
- FIG. 6 is a signaling flowchart of still another embodiment of an IP address allocation method according to the present invention.
- FIG. 7 is a schematic structural diagram of an embodiment of a VPN access device according to the present invention.
- FIG. 8 is a schematic structural diagram of another embodiment of a VPN access device according to the present invention.
- FIG. 9 is a schematic structural diagram of still another embodiment of a VPN access device according to the present invention.
- FIG. 10 is a schematic structural diagram of still another embodiment of a VPN access device according to the present invention.
- FIG. 11 is a schematic structural diagram of an embodiment of a DHCP server according to the present invention.
- FIG. 12 is a schematic structural diagram of another embodiment of a DHCP server according to the present invention. detailed description
- FIG. 1 is a flowchart of an embodiment of an IP address allocation method according to the present invention. As shown in FIG. 1, the method in this embodiment includes:
- Step 101 The VPN access device receives an IP address request sent by the DHCP client.
- the DHCP client authenticates using the 802.1 Ethernet port authentication protocol. After the authentication is passed, the DHCP protocol can be used to send an IP address request to the VPN access device. That is, the IP address request can be specifically a DHCP request protocol. 4 ⁇ .
- Step 102 The VPN access device obtains an unallocated IP address pool from the address pool allocation module configured in the DHCP server according to the IP address request.
- an address pool allocation module is configured in the DHCP server.
- the IP address pool is pre-configured and stored in the address pool allocation module, and the IP addresses in each IP address pool are all in the same network segment. After receiving the IP address request sent by the VPN access device, the IP address can be requested according to the IP address.
- the address pool allocation module obtains an unallocated IP address pool, and sends the unallocated IP address pool to the VPN access device.
- Step 103 The VPN access device selects an unassigned IP address from the IP address pool to the DHCP client, and then selects an unassigned IP address to the VPN access device.
- the VPN access device receives the IP address request sent by the DHCP client, and obtains an unallocated IP address pool from the address pool allocation module configured in the DHCP server according to the IP address request.
- an unassigned IP address pool is selected for the DHCP client, and an unassigned IP address is selected for the VPN access device, thereby solving the problem that each dynamically joined VPN site in the prior art may be There is a problem that the IP addresses of the same network segment are allocated, and the IP address of the uplink port of each user-side CE is the same as the IP address of the VPN access device port.
- the method may further include:
- the VPN access device determines, according to the option flag field, whether the IP address request is based on an IP address request in a VPN service scenario.
- step 102 a specific implementation of step 102 is:
- the VPN access device sends the IP address request to the DHCP server, so that the DHCP server obtains the request from the configured address pool allocation module according to the IP address request.
- the VPN access device receives an unallocated IP address pool sent by the DHCP server.
- the DHCP client may add an option flag bit field in the IP address request, for example: "option”, when the IP address request sent by the DHCP client is a normal IP address request, the option flag is set. The field is not set, that is, the "option” flag is 0. When the IP address request sent by the DHCP client is based on an IP address request in the VPN service scenario, the option flag field is set, that is, the "option” flag is 1. .
- the VPN access device When the VPN access device receives the IP address request sent by the DHCP client, it determines the IP address. Whether the option flag field in the address request is set, for example: When the "option" flag is 0, it indicates that the IP address request is a normal IP address request, and is processed according to the normal processing flow, for example, from DHCP. The sever obtains an IP address and assigns the IP address to the DHCP client. When the "option" flag is 1, it indicates that the IP address request is an IP address request based on the VPN service scenario, and then the DHCP sever is configured. The address pool allocation module performs an IP address request to obtain an unallocated IP address pool that is not allocated in the address pool allocation module.
- the method further includes:
- the VPN access device obtains a Media Access Control (MAC) address of the DHCP client.
- MAC Media Access Control
- the VPN access device determines, according to the MAC address, whether the IP address request is based on an IP address request in a VPN service scenario.
- the option flag field is added to the IP address request, and the option flag field is set.
- the DHCP client uses the 802.1 Ethernet port authentication protocol for authentication, and after the authentication is passed, the VPN access device can store the DC address of the DCHP client. After the VPN access device obtains the MAC address of the DCHP client, it can query whether the MAC address has been stored before. If it is stored, it is determined that the IP address request is based on the IP address request in the VPN service scenario; That means that the DHCP client does not pass the authentication, and it is determined that the IP address request is a normal IP address request.
- step 102 may be specifically as follows:
- the VPN access device sends the processed IP address request to the DHCP server, so that the DHCP server obtains an unallocated IP address pool from the configured address pool allocation module according to the processed IP address request, and sends the IP address to the DHCP server.
- VPN access device ;
- the VPN access device receives an unallocated IP address pool sent by the DCHP server.
- the VPN access device receives the IP address request sent by the DHCP client, and obtains The MAC address of the DHCP client, and according to the MAC address, the IP address request is from the user who uses the VPN service scenario. If the IP address request is from a user using the VPN service scenario, the IP address request is based on the VPN service scenario.
- the IP address request the VPN access device may add an option flag field in the IP address request, for example: "option”, and set the option flag field, that is, the "option" flag is 1, after processing The IP address request is sent to the DCHP server.
- the DCHP server After receiving the processed IP address request, the DCHP server determines whether the option flag field in the processed IP address request is set, if the option flag field is set, that is, " The option" flag is 1, and an unallocated IP address pool is obtained from the address pool allocation module, and the unallocated IP address pool is sent to the VPN access device.
- the method further includes:
- the VPN access device obtains the MAC address of the DHCP client.
- the VPN access device determines, according to the MAC address, whether the IP address request is based on an IP address request in a VPN service scenario.
- the IP address pool request is generated.
- step 102 may be specifically as follows:
- the VPN access device sends an IP address pool request to the DCHP server, so that the DCHP server obtains an unallocated IP address pool from the configured address pool allocation module according to the IP address pool request, and sends the packet to the VPN access device.
- the VPN access device receives an unallocated IP address pool sent by the DCHP server.
- the VPN access device receives the IP address request sent by the DHCP client, obtains the MAC address of the DHCP client, and determines, according to the MAC address, the IP address request from the user who uses the VPN service scenario, if the IP address If the request is from a user who uses the VPN service scenario, the IP address request is based on the IP address request in the VPN service scenario, and an IP address pool request is generated, and the IP address pool request is sent to the DCHP server, and the DCHP server receives the IP address. Address pool request Then, an unallocated IP address pool is obtained from the address pool allocation module, and the unallocated IP address pool is sent to the VPN access device.
- step 103 may be:
- the VPN access device selects an IP address from the IP address pool, and sets an unassigned IP address to the DCHP client, and configures the IP address with the GW identifier on the VPN access device.
- the DHCP server may also address the IP address of the user, select an ⁇ address, and set the GW identifier to the IP address, so that the IP with the GW identifier is set.
- the address is configured on the VPN access device.
- FIG. 2 is a flowchart of another embodiment of an IP address pool allocation method according to the present invention. As shown in FIG. 2, the method in this embodiment includes:
- Step 201 The DHCP server receives an IP address request or an IP address pool request sent by the VPN access device.
- Step 202 The DHCP server obtains an unallocated IP address pool from the pre-configured address pool allocation module according to the IP address request or the IP address pool request, and sends the IP address pool to the VPN access device.
- the VPN access device may perform the technical solution of the method embodiment shown in FIG. 1 , and the implementation principles thereof are similar, and details are not described herein again.
- the DHCP server receives the IP address request or the IP address pool request sent by the VPN access device, and obtains an unallocated from the pre-configured address pool allocation module according to the IP address request or the IP address pool request. IP address pool, and send the IP address pool to the VPN access device, for the VPN access device to select an unassigned IP address from the IP address pool to the DHCP client, and then select an unassigned IP address.
- the address is given to the VPN access device, so that each of the dynamically joined VPN sites in the prior art may have an IP address assigned to the same network segment, and an IP address of the uplink port of each user-side CE and the VPN access device. The problem that the port IP address is the same.
- the method can also include:
- the DHCP server divides and processes the IP addresses stored in the address pool allocation module to obtain multiple IP address pools.
- the method may further include: the DHCP server selects an IP address from each IP address pool in the address pool allocation module, and sets an IP address to the GW identifier, where the IP address of the GW identifier is configured for configuration. Give the VPN access device.
- the VPN access device after the VPN access device receives an unallocated IP address pool, it can select an unset GW identifier from the IP address pool, and the unassigned IP address is sent to the DCHP client, and The IP address with the GW identifier is configured on the VPN access device.
- the method may further include:
- the DHCP server determines, according to the option flag bit field, whether the IP address request is based on an IP address request in the VPN service scenario;
- step 202 may be:
- the DHCP server determines that the IP address request is based on the IP address request in the VPN service scenario, the DHCP server obtains an unallocated IP address pool from the pre-configured address pool allocation module, and sends the IP address pool to the VPN access device. .
- the VPN access device receives the IP address request sent by the DHCP client, and determines, according to the user name in the IP address request, the IP address request from the user who uses the VPN service scenario, if the IP address request comes from If the IP address request is based on the IP address request in the VPN service scenario, the VPN access device may add an option flag field in the IP address request, for example: "option”, and The option flag bit field is set, that is, the "option" flag is 1, and the processed IP address request is sent to the DCHP server, and after receiving the processed IP address request, the DCHP server determines the processed IP address request.
- an option flag field in the IP address request for example: "option”
- the option flag bit field is set, that is, the "option" flag is 1, and the processed IP address request is sent to the DCHP server, and after receiving the processed IP address request, the DCHP server determines the processed IP address request.
- the option flag field is set, if the option flag field is set, that is, the "option" flag is 1, an unallocated IP address pool is obtained from the address pool allocation module, and the unallocated IP address pool is obtained. Send to VPN access Ready. After obtaining the unallocated IP address pool, the VPN access device selects an unassigned IP address from the IP address pool to the DHCP client, and then selects an unassigned IP address for the VPN access device.
- the IP address allocation system includes: a DHCP client 11, a VPN access device 12, and a DHCP server 13, wherein An address pool allocation module may be configured in the DHCP server 13, and a plurality of IP address pools are pre-configured and stored in the address pool allocation module.
- FIG. 4 is a signaling flowchart of still another embodiment of an IP address allocation method according to the present invention.
- the method in this embodiment includes:
- Step 301 The DHCP client sends an IP address request to the VPN access device.
- the IP address request includes an option flag bit field.
- the DHCP client may add an option flag bit field in the IP address request, for example: "option”, when the IP address request sent by the DHCP client is a normal IP address request, the option flag is set. The field is not set, that is, the "option” flag is 0. When the IP address request sent by the DHCP client is based on an IP address request in the VPN service scenario, the option flag field is set, that is, the "option” flag is 1. .
- Step 302 The VPN access device determines, according to the option flag field, whether the IP address request is an IP address request in a VPN service scenario.
- Step 303 If the VPN access device determines that the IP address requests the IP address request in the VPN service scenario, the VPN access device sends an IP address request to the DHCP server.
- Step 304 After receiving the IP address request, the DHCP server determines, according to the option flag bit field in the IP address request, whether the IP address request is based on an IP address request in a VPN service scenario, and if the IP address request is determined to be Based on the IP address request in the VPN service scenario, an unallocated IP address pool is obtained from the address pool allocation module, and the unallocated IP address pool is sent to the VPN access device.
- one of the unallocated IP address pools is provided with an IP address of the GW identifier.
- Step 305 The VPN access device selects an unassigned IP address from the IP address pool to the DHCP client, and sets the IP address with the GW identifier to the VPN access device.
- the VPN access device receives the IP address request sent by the DHCP client, where the IP address request includes an option flag bit field, and determines, according to the option flag field, whether the IP address request is based on a VPN service scenario.
- the IP address request in the middle if yes, the IP address pool request is sent to the DHCP server.
- the DHCP server determines whether the IP address request is based on the VPN service according to the option flag field in the IP address request.
- the IP address request in the scenario if it is determined that the IP address is requested in the VPN service scenario, the configured address pool allocation module obtains an unallocated IP address pool, and selects one from the IP address pool.
- the unassigned IP address pool is assigned to the DHCP client, and an unassigned IP address is selected for the VPN access device. This solves the problem that each dynamically joined VPN site in the prior art may have the same network segment IP address. , and the IP address of the uplink port of each user-side CE is the same as the IP address of the VPN access device port.
- FIG. 5 is a signaling flowchart of another embodiment of an IP address allocation method according to the present invention.
- the method in this embodiment includes:
- Step 401 The DHCP client sends an IP address request to the VPN access device.
- Step 402 The VPN access device obtains the MAC address of the DHCP client, and determines, according to the MAC address, whether the IP address request is based on an IP address request in a VPN service scenario.
- Step 403 If the VPN access device determines that the IP address is requested in the VPN service scenario.
- the option flag field is added to the IP address request, and the option flag field is set, and the processed IP address request is sent to the DHCP server.
- Step 404 After receiving the processed IP address pool request, the DHCP server determines, according to the option flag bit field in the processed IP address request, whether the processed IP address request is based on an IP address in a VPN service scenario. request.
- Step 405 The DHCP server determines that the IP address request is based on a VPN service scenario.
- the IP address request obtains an unallocated IP address pool from the pre-configured address pool allocation module, and sends the IP address pool to the VPN access device.
- the VPN access device receives the IP address request sent by the DHCP client, and obtains
- the MAC address of the DHCP client, and according to the MAC address, the IP address request is from the user who uses the VPN service scenario. If the IP address request is from a user using the VPN service scenario, the IP address request is based on the VPN service scenario. IP address request, then the VPN access device is in the
- the option flag field can be added to the IP address request, for example: "option”, and the option flag field is set, that is, the "option” flag is 1, and the processed IP address request is sent to the DCHP server.
- the DCHP server determines whether the option flag bit field in the processed IP address request is set. If the option flag bit field is set, that is, the "option" flag is 1, the slave address is The pool allocation module obtains an unallocated IP address pool and sends the unallocated IP address pool to the VPN access device.
- Step 406 The VPN access device selects an IP address that is not set with the GW identifier from the IP address pool, and the unassigned IP address is sent to the DHCP client, and the IP address with the GW identifier is configured on the VPN access device.
- the VPN access device receives the IP address request sent by the DHCP client, obtains the MAC address of the DHCP client, and determines, according to the MAC address, whether the IP address request is based on an IP address in the VPN service scenario.
- Request if yes, add an option flag field in the IP address request, set the option flag field, and then send the processed IP address request to the DHCP server, from the address pool allocation module configured in the DHCP server Obtain an unallocated IP address pool, and select an unassigned IP address pool from the IP address pool to the DHCP client, and then select an unassigned IP address for the VPN access device.
- each dynamically joined VPN site may have the same IP address assigned to the same network segment, and the IP address of the uplink port of each user-side CE is the same as the IP address of the VPN access device port.
- FIG. 6 is a signaling flowchart of still another embodiment of an IP address allocation method according to the present invention.
- the method in this embodiment includes: Step 501: The DHCP client sends an IP address request to the VPN access device.
- the IP address request includes an option flag bit field.
- the DHCP client may add an option flag bit field in the IP address request, for example: "option”, when the IP address request sent by the DHCP client is a normal IP address request, the option flag is set. The field is not set, that is, the "option” flag is 0. When the IP address request sent by the DHCP client is based on an IP address request in the VPN service scenario, the option flag field is set, that is, the "option” flag is 1. .
- Step 502 The VPN access device sends the IP address request to the DHCP server.
- Step 503 After receiving the IP address request, the DHCP server determines, according to the option flag bit field in the IP address request, whether the processed IP address request is based on an IP address request in a VPN service scenario.
- Step 504 If the DHCP server determines that the IP address request is based on the IP address request in the VPN service scenario, the DHCP server obtains an unallocated IP address pool from the pre-configured address pool allocation module, and sends the IP address pool to the IP address pool. VPN access device.
- the DCHP server determines whether the option flag bit field in the processed IP address request is set. If the option flag bit field is set, that is, the "option" flag is 1, the slave address is The pool allocation module obtains an unallocated IP address pool, and sends the unallocated IP address pool to the VPN access device.
- Step 505 The VPN access device selects an IP address that is not set with the GW identifier from the IP address pool, and the unassigned IP address is sent to the DHCP client, and the IP address with the GW identifier is configured on the VPN access device.
- the VPN access device receives the IP address request sent by the DHCP client, the IP address request includes an option flag bit field, and the IP address request is transparently transmitted to the DHCP server, and the DHCP server according to the option flag
- the field determines whether the IP address request is based on an IP address request in the VPN service scenario. If yes, an unallocated IP address pool is obtained from the configured address pool allocation module, and sent to the VPN access device to enable VPN access. Select a device from the IP address pool. An unassigned IP address pool is assigned to the DHCP client, and an unassigned IP address is selected for the VPN access device.
- FIG. 7 is a schematic structural diagram of an embodiment of a VPN access device according to the present invention.
- the VPN access device in this embodiment includes: a receiving module 21, an IP address pool obtaining module 22, and an allocation processing module 23, where
- the receiving module 21 is configured to receive an IP address request sent by the DHCP client
- the IP address pool obtaining module 22 is configured to obtain an unallocated IP address pool from the address pool allocation module configured in the DHCP server according to the IP address request.
- the allocation processing module 23 is configured to select an unassigned IP address from the IP address pool to the DHCP client, and then select an unassigned IP address to the VPN access device.
- the VPN access device in this embodiment can perform the technical solution of the method embodiment shown in FIG. 1. The principle is similar, and details are not described herein again.
- the VPN access device receives the IP address request sent by the DHCP client, and obtains an unallocated IP address pool from the address pool allocation module configured in the DHCP server according to the IP address request.
- an unassigned IP address pool is selected for the DHCP client, and an unassigned IP address is selected for the VPN access device, thereby solving the problem that each dynamically joined VPN site in the prior art may be There is a problem that the IP addresses of the same network segment are allocated, and the IP address of the uplink port of each user-side CE is the same as the IP address of the VPN access device port.
- FIG. 8 is a schematic structural diagram of another embodiment of a VPN access device according to the present invention.
- the VPN access device further includes: a determining module 24, configured to determine, according to the option flag bit field, whether the IP address request is based on an IP address request in a VPN service scenario.
- the IP address pool obtaining module 22 includes a sending unit 221 and a receiving unit 222, where the sending unit 221 is configured to send the IP address request to the DHCP if the determining module 24 determines that the IP address requests the IP address request in the VPN service scenario.
- the receiving unit 222 is configured to receive an unallocated IP address pool sent by the DHCP server.
- the allocation processing module 23 is specifically configured to select an unassigned GW identifier from the IP address pool, and assign an unassigned IP address to the DHCP client, and configure the IP address with the GW identifier to be configured on the VPN access device.
- FIG. 9 is a schematic structural diagram of still another embodiment of a VPN access device according to the present invention.
- the VPN access device further includes: MAC address acquisition.
- the IP address request processing module 27 is configured to: if the determining module 26 determines that the IP address requests the IP address request in the VPN service scenario, add an option flag bit field in the IP address request, and set the option flag bit The field is set.
- the IP address pool obtaining module 22 includes a sending unit 223 and a receiving unit 224, wherein the sending unit 223 is configured to send the IP address request processed by the IP address request processing module 27 to the DCHP server for the DCHP server to process according to the IP address.
- the address request obtains an unallocated IP address pool from the configured address pool allocation processing module and sends it to the VPN access device.
- the receiving unit 224 is configured to receive an unallocated IP address pool sent by the DCHP server.
- the allocation processing module 23 is specifically configured to select an unassigned GW identifier from the IP address pool, and assign an unassigned IP address to the DHCP client, and configure the IP address with the GW identifier to be configured on the VPN access device.
- FIG. 10 is a schematic structural diagram of still another embodiment of a VPN access device according to the present invention.
- the VPN access device further includes: MAC address acquisition.
- the request generating module 30 is configured to generate an IP address pool request if the determining module 29 determines that the IP address requests the IP address request in the VPN service scenario.
- the IP address pool obtaining module 22 includes a sending unit 225 and a receiving unit 226, where the sending unit 225 is configured to send the IP address pool request generated by the IP address pool request generating module 30 to the DCHP server for the DCHP server to use the IP address pool.
- the request is to obtain an unallocated IP address pool from the configured address pool allocation processing module and send it to the VPN access device.
- the receiving unit 226 is configured to receive an unallocated IP address pool sent by the DCHP server.
- the allocation processing module 23 is specifically configured to select an unassigned GW identifier from the IP address pool, and assign an unassigned IP address to the DHCP client, and configure the IP address with the GW identifier to be configured on the VPN access device.
- FIG. 11 is a schematic structural diagram of an embodiment of a DHCP server according to the present invention.
- the DHCP server of this embodiment includes: a receiving module 31, an address pool allocating module 32, and a sending module 33, where the receiving module 31 is used.
- Receiving an IP address request or an IP address pool request sent by the VPN access device the address pool allocation module 32 is configured to pre-configure and store the IP address pool; and the sending module 33 is configured to allocate from the address pool according to the IP address request or the IP address pool request.
- the module obtains an unallocated IP address pool and sends the IP address pool to the VPN access device.
- the DHCP server of this embodiment can perform the technical solution of the method embodiment shown in FIG. 2, and the implementation principle is similar, and details are not described herein again.
- the DHCP server receives the IP address request or the IP address pool request sent by the VPN access device, and obtains an unallocated from the pre-configured address pool allocation module according to the IP address request or the IP address pool request. IP address pool, and send the IP address pool to the VPN access device, for the VPN access device to select an unassigned IP address from the IP address pool to the DHCP client, and then select an unassigned The IP address is assigned to the VPN access device, so that each of the dynamically joined VPN sites in the prior art may have an IP address assigned to the same network segment, and the IP address of the uplink port of each user-side CE is connected to the VPN. The problem that the IP address of the incoming device port is the same.
- FIG. 12 is a schematic structural diagram of another embodiment of a DHCP server according to the present invention.
- the DHCP server may further include: an address pool processing module 34, configured to divide and process an IP address stored in the address pool allocation module 32 according to the network segment, Obtain multiple IP address pools.
- the address pool processing module 34 is further configured to select an IP address from each IP address pool in the address pool allocation module 32, and set an IP address to the GW identifier, where the IP address of the GW identifier is set. Configured for VPN access devices.
- the DHCP server further includes: a determining module 35, configured to determine, according to the option flag bit field, whether the IP address request is based on an IP address request in the VPN service scenario; 33 is specifically configured to: if the determining module 35 determines that the IP address request is based on the IP address request in the VPN service scenario, obtain an unallocated IP address pool from the pre-configured address pool allocation module, and send the IP address pool to The VPN access device.
- a determining module 35 configured to determine, according to the option flag bit field, whether the IP address request is based on an IP address request in the VPN service scenario
- 33 is specifically configured to: if the determining module 35 determines that the IP address request is based on the IP address request in the VPN service scenario, obtain an unallocated IP address pool from the pre-configured address pool allocation module, and send the IP address pool to The VPN access device.
- the present invention also provides an IP address allocation system, including a DHCP client, a DHCP access device, and a DHCP server.
- the DHCP access device may be a DHCP access device as shown in any of FIG. 7 to FIG.
- the implementation principle of the DHCP server shown in FIG. 11 or FIG. 12 is similar, and details are not described herein again.
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Small-Scale Networks (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
本发明提供一种IP地址分配方法和系统以及设备,该方法包括:VPN接入设备接收DHCP客户端发送的IP地址请求;根据IP地址请求,从DHCP server中配置的地址池分配模块中获取一个未分配的IP地址池;IP地址池中,选择一个未分配的IP地址给DHCP客户端,并再选择一个未分配的IP地址给VPN接入设备。
Description
IP地址分配方法和系统以及设备 技术领域
本发明实施例涉及通信技术, 尤其涉及一种 IP地址分配方法和系统以 及设备。 背景技术
虚拟专用网络(Virtual Private Network; 简称: VPN )可以看作是通过一个 公用网络(通常是因特网)建立的一个临时的、 安全的连接, 是一条穿过公用 网络的安全、 稳定的隧道, 一条特殊的专线。 通过 VPN, 可以帮助远程用户、 公司分支机构、 商业伙伴以及供应商同公司的内部网建立可信的安全连接, 并 保证数据的安全传输。
目前, 基础网络运营商提供 VPN业务的方式主要为客户申请 VPN 自助实 现方法, 具体的, 采用业务前端业务平台技术手段, 客户申请 VPN自助实现, 同时, 采用后端集中处理模块, 自动规划 VPN, 自动下发配置参数, 以免除运 营商的手工配置操作, 另外, 采用后端认证管理模块, 对用户的用户名和密码 进行认证,在认证通过后, VPN客户端可以使用动态主机设置协议( Dynamic Host Configuration Protocol;简称: DHCP )向 VPN接入设备为用户边缘设备( Customer Edge; 简称: CE )进行互联网协议(Internet Protocol; 简称: IP )地址申请, 从而自助地构建用户所需要的 VPN网络。
在实现本发明过程中, 发明人发现现有技术中至少存在如下问题: 自助构 建用户所需要的 VPN网络满足如下配置条件:
1、 用户的每个网络接入部分的网段各不相同;
2、 每个用户侧 CE的上联口的 IP地址与 VPN接入设备端口 IP地址不同; 3、 每个接入电路(Attachment Circuit; 简称: AC ) 占用一个网段, 且对应 于一个局域网( Local Area Network; 简称: LAN )或者虚拟局域网( Virtual Local
Area Network; 简称: VLAN ) 。
但是, 每个 VPN客户端动态加入的 VPN站点 (即 VPN网络 )可能会存在 分配相同网段 IP地址, 以及每个用户侧 CE的上联口的 IP地址与 VPN接入设 备端口 IP地址相同的问题, 从而不满足 VPN站点的配置条件。 发明内容
本发明实施例提供一种 IP地址分配方法和系统以及设备, 用以解决现有技 术中每个动态加入的 VPN站点可能会存在分配相同网段 IP地址,以及每个用户 侧 CE的上联口的 IP地址与 VPN接入设备端口 IP地址相同的问题。
本发明实施例提供一种 IP地址分配方法, 包括:
VPN接入设备接收 DHCP客户端发送的 IP地址请求;
所述 VPN接入设备根据所述 IP地址请求,从 DHCP server中配置的地址池 分配模块中获取一个未分配的 IP地址池;
所述 VPN接入设备从所述 IP地址池中, 选择一个未分配的 IP地址给所述 DHCP客户端, 并再选择一个未分配的 IP地址给所述 VPN接入设备。
本发明实施例还提供一种 IP地址分配方法, 包括:
DHCP server接收 VPN接入设备发送的 IP地址请求或者 IP地址池请求; 所述 DHCP server根据所述 IP地址请求或者 IP地址池请求, 从预先配置的地 址池分配模块中获取一个未分配的 IP地址池,并将所述 IP地址池发送给所述 VPN 接入设备。
本发明实施例提供一种 VPN接入设备, 包括:
接收模块, 用于接收 DHCP客户端发送的 IP地址请求;
IP地址池获取模块, 用于根据所述 IP地址请求, 从 DHCP server中配置的 地址池分配模块中获取一个未分配的 IP地址池;
分配处理模块, 用于从所述 IP地址池中, 选择一个未分配的 IP地址给所述
DHCP客户端, 并再选择一个未分配的 IP地址给所述 VPN接入设备。
本发明实施例提供一种 DHCP server, 包括:
接收模块,用于接收 VPN接入设备发送的 IP地址请求或者 IP地址池请求; 地址池分配模块, 用于预先配置并存储 IP地址池;
发送模块, 用于根据所述 IP地址请求或者 IP地址池请求,从所述地址池分配 模块中获取一个未分配的 IP地址池, 并将所述 IP地址池发送给所述 VPN接入设 备。
本发明实施例提供一种地址分配系统, 包括: DHCP客户端、 上述所述的 DHCP接入设备和上述所述的 DHCP server。
本发明实施例的 IP地址分配方法和系统以及设备,通过 VPN接入设备接收 DHCP客户端发送的 IP地址请求 , 并根据该 IP地址请求 , 从 DHCP server中配 置的地址池分配模块中获取一个未分配的 IP地址池, 并从 IP地址池中, 选择一 个未分配的 IP地址给 DHCP客户端, 并再选择一个未分配的 IP地址给该 VPN 接入设备, 从而解决了现有技术中每个动态加入的 VPN站点可能会存在分配相 同网段 IP地址, 以及每个用户侧 CE的上联口的 IP地址与 VPN接入设备端口 IP地址相同的问题。 附图说明
为了更清楚地说明本发明实施例或现有技术中的技术方案, 下面将对实施 例或现有技术描述中所需要使用的附图作一简单地介绍, 显而易见地, 下面描 述中的附图是本发明的一些实施例, 对于本领域普通技术人员来讲, 在不付出 创造性劳动性的前提下, 还可以根据这些附图获得其他的附图。
图 1为本发明 IP地址分配方法的一个实施例的流程图;
图 2为本发明 IP地址池分配方法的另一个实施例的流程图;
图 3为本发明 IP地址分配方法所基于的 IP地址分配系统的网络架构示意 图;
图 4为本发明 IP地址分配方法的再一个实施例的信令流程图;
图 5为本发明 IP地址分配方法的另一个实施例的信令流程图;
图 6为本发明 IP地址分配方法的又一个实施例的信令流程图;
图 7为本发明 VPN接入设备的一个实施例的结构示意图;
图 8为本发明 VPN接入设备的另一个实施例的结构示意图;
图 9为本发明 VPN接入设备的又一个实施例的结构示意图;
图 10为本发明 VPN接入设备的还一个实施例的结构示意图;
图 11为本发明 DHCP server的一个实施例的结构示意图;
图 12为本发明 DHCP server的另一个实施例的结构示意图。 具体实施方式
为使本发明实施例的目的、 技术方案和优点更加清楚, 下面将结合本发明 实施例中的附图, 对本发明实施例中的技术方案进行清楚、 完整地描述, 显然, 所描述的实施例是本发明一部分实施例, 而不是全部的实施例。 基于本发明中 的实施例, 本领域普通技术人员在没有作出创造性劳动前提下所获得的所有其 他实施例, 都属于本发明保护的范围。
图 1为本发明 IP地址分配方法的一个实施例的流程图, 如图 1所示, 本实 施例的方法包括:
步骤 101、 VPN接入设备接收 DHCP客户端发送的 IP地址请求。
在本实施例中, DHCP客户端在采用 802.1以太网端口认证协议进行认证, 在认证通过后, 可以使用 DHCP协议向 VPN接入设备发送 IP地址请求, 即该 IP地址请求可以具体为 DHCP请求协议 4艮文。
步骤 102、 VPN接入设备根据该 IP地址请求, 从 DHCP server中配置的地 址池分配模块中获取一个未分配的 IP地址池。
在本实施例中 , DHCP server中配置有地址池分配模块, 该地址池分配模块 中预先配置并存储了多个 IP地址池,每个 IP地址池中的 IP地址均为同一网段。 当接收到 VPN接入设备发送的 IP地址请求后, 可以根据该 IP地址请求, 从地
址池分配模块中获取一个未分配的 IP地址池,并将该未分配的 IP地址池发送给 VPN接入设备。
步骤 103、 VPN接入设备从 IP地址池中,选择一个未分配的 IP地址给 DHCP 客户端, 并再选择一个未分配的 IP地址给该 VPN接入设备。
在本实施例中 , 通过 VPN接入设备接收 DHCP客户端发送的 IP地址请求 , 并根据该 IP地址请求, 从 DHCP server中配置的地址池分配模块中获取一个未 分配的 IP地址池, 并从 IP地址池中, 选择一个未分配的 IP地址池给 DHCP客 户端, 并再选择一个未分配的 IP地址给该 VPN接入设备,从而解决了现有技术 中每个动态加入的 VPN站点可能会存在分配相同网段 IP地址,以及每个用户侧 CE的上联口的 IP地址与 VPN接入设备端口 IP地址相同的问题。
进一步的, 在本发明的另一个实施例中, 在上述图 1所示实施例的基础上, 当该 IP地址请求包括选项标志位字段时 , 该方法还可以包括:
VPN接入设备根据该选项标志位字段,判断该 IP地址请求是否是基于 VPN 业务场景中的 IP地址请求。
则步骤 102的一种具体实现方式为:
VPN接入设备若判断出 IP地址请求 于 VPN业务场景中的 IP地址请求, 则发送该 IP地址请求给 DHCP server,以供该 DHCP server根据该 IP地址请求, 从配置的地址池分配模块中获取一个未分配的 IP地址池,并发送给该 VPN接入 设备;
VPN接入设备接收该 DHCP server发送的一个未分配的 IP地址池。
在本实施例中, DHCP客户端在 IP地址请求中可以增加选项标志位字段, 例如: "option" , 当 DHCP客户端发送的 IP地址请求是一个普通的 IP地址请 求时, 则将选项标志位字段不置位, 即 "option" 标志为 0; 当 DHCP客户端发 送的 IP地址请求是一个基于 VPN业务场景中的 IP地址请求时, 则将选项标志 位字段置位, 即 "option" 标志为 1.
当 VPN接入设备接收到 DHCP客户端发送的 IP地址请求后 , 判断该 IP地
址请求中的选项标志位字段是否置位, 例如: 当 "option" 标志为 0, 则说明该 IP地址请求是一个普通的 IP地址请求,则按照普通的处理流程处理,举例来说, 从 DHCP sever中获取一个 IP地址, 并将该 IP地址分配给 DHCP客户端; 当 "option" 标志为 1 , 则说明该 IP地址请求是一个基于 VPN业务场景中的 IP地 址请求,则向 DHCP sever中配置的地址池分配模块中进行 IP地址的申请, 以获 取地址池分配模块中未分配的一个未分配的 IP地址池。
进一步的, 在本发明的又一个实施例中, 在上述图 1所示实施例的基础上, 该方法还包括:
VPN接入设备获取 DHCP客户端的介质访问控制层( Media Access Control; 简称: MAC )地址;
VPN接入设备根据该 MAC地址,判断该 IP地址请求是否是基于 VPN业务 场景中的 IP地址请求;
VPN接入设备若判断出该 IP地址请求 于 VPN业务场景中的 IP地址请 求, 则在 IP地址请求中增加选项标志位字段, 并将该选项标志位字段置位。
具体的,在本实施例中, 当 DHCP客户端采用 802.1以太网端口认证协议进 行认证, 并在认证通过后, VPN接入设备可以将该 DCHP客户端的 MAC地址 进行存储。 当 VPN接入设备获取 DCHP客户端的 MAC地址后, 可以查询是否 之前已存储过该 MAC地址, 若存储过, 则判断出该 IP地址请求是基于 VPN业 务场景中的 IP地址请求;若没有存储过,即说明该 DHCP客户端没有认证通过, 则判断出该 IP地址请求是普通 IP地址请求。
则步骤 102的另一种实现方式可以具体为:
VPN接入设备将处理后的 IP地址请求发送给 DHCP server, 以供该 DHCP server 据该处理后的 IP地址请求, 从配置的地址池分配模块中获取一个未分 配的 IP地址池, 并发送给 VPN接入设备;
VPN接入设备接收 DCHP server发送的一个未分配的 IP地址池。
在本实施例中 , VPN接入设备接收 DHCP客户端发送的 IP地址请求, 获取
DHCP客户端的 MAC地址, 并根据该 MAC地址,判断该 IP地址请求来自使用 VPN业务场景的用户, 若该 IP地址请求来自使用 VPN业务场景的用户, 则说 明该 IP地址请求是基于 VPN业务场景中的 IP地址请求,则 VPN接入设备在该 IP地址请求中可以增加选项标志位字段, 例如: "option" , 并将选项标志位字 段置位, 即 "option"标志为 1 , 在将处理后的 IP地址请求发送给 DCHP server, DCHP server接收到该处理后的 IP地址请求后 , 判断该处理后的 IP地址请求中 的选项标志位字段是否置位, 若选项标志位字段置位, 即 "option" 标志为 1 , 则从地址池分配模块中获取一个未分配的 IP地址池,并将该未分配的 IP地址池 发送给 VPN接入设备。
更进一步的, 在本发明的还一个实施例中, 在上述图 1 所示实施例的基础 上, 该方法还包括:
VPN接入设备获取 DHCP客户端的 MAC地址;
VPN接入设备根据该 MAC地址,判断该 IP地址请求是否是基于 VPN业务 场景中的 IP地址请求;
VPN接入设备若判断出该 IP地址请求 于 VPN业务场景中的 IP地址请 求, 则生成 IP地址池请求。
则步骤 102的另一种实现方式可以具体为:
VPN接入设备将 IP地址池请求发送给 DCHP server, 以供 DCHP server根 据 IP地址池请求,从配置的地址池分配模块中获取一个未分配的 IP地址池, 并 发送给 VPN接入设备;
VPN接入设备接收 DCHP server发送的一个未分配的 IP地址池。
在本实施例中 , VPN接入设备接收 DHCP客户端发送的 IP地址请求, 获取 DHCP客户端的 MAC地址, 并根据该 MAC地址,判断该 IP地址请求来自使用 VPN业务场景的用户, 若该 IP地址请求来自使用 VPN业务场景的用户, 则说 明该 IP地址请求是基于 VPN业务场景中的 IP地址请求 ,则生成 IP地址池请求 , 并将 IP地址池请求发送给 DCHP server, DCHP server接收到该 IP地址池请求
后,从地址池分配模块中获取一个未分配的 IP地址池, 并将该未分配的 IP地址 池发送给 VPN接入设备。
更进一步的, 在本发明的再一个实施例中, 在上述实施例的基础上, 步骤 103的一种具体实现方式可以为:
VPN接入设备从 IP地址池中 , 选择一个未设置 GW标识, 且未分配的 IP 地址给 DCHP客户端,并将设置有 GW标识的 IP地址配置在该 VPN接入设备。
在本实施例中, DHCP server可以 ϋ址也^ "酉己才莫 中的 个 IP 也址也中 , 选择一个 ιρ地址, 并将该 IP地址设置 GW标识, 以使得该设置有 GW标识的 IP地址配置在 VPN接入设备。
图 2为本发明 IP地址池分配方法的另一个实施例的流程图, 如图 2所示, 本实施例的方法包括:
步骤 201、 DHCP server接收 VPN接入设备发送的 IP地址请求或者 IP地址 池请求。
步骤 202、 DHCP server根据该 IP地址请求或者 IP地址池请求, 从预先配 置的地址池分配模块中获取一个未分配的 IP地址池, 并将该 IP地址池发送给 VPN接入设备。
在本实施例中, VPN接入设备可以执行图 1所示方法实施例的技术方案, 其实现原理相类似, 此处不再赘述。
在本实施例中 ,通过 DHCP server接收 VPN接入设备发送的 IP地址请求或 者 IP地址池请求, 并根据该 IP地址请求或者 IP地址池请求, 从预先配置的地 址池分配模块中获取一个未分配的 IP地址池, 并将 IP地址池发送给 VPN接入 设备,以供该 VPN接入设备从 IP地址池中,选择一个未分配的 IP地址给 DHCP 客户端,并再选择一个未分配的 IP地址给该 VPN接入设备,从而解决了现有技 术中每个动态加入的 VPN站点可能会存在分配相同网段 IP地址,以及每个用户 侧 CE的上联口的 IP地址与 VPN接入设备端口 IP地址相同的问题。
进一步的, 在本发明的又一实施例中, 在上述图 2 所示实施例的基础上,
该方法还可以包括:
DHCP server根据网段, 对地址池分配模块中存储的 IP地址进行划分处理, 获取多个 IP地址池。
另外, 该方法还可以进一步包括: DHCP server从地址池分配模块中的每个 IP地址池中, 选择一个 IP地址, 并将 IP地址设置 GW标识, 其中, 设置有 GW 标识的 IP地址用于配置给 VPN接入设备。
在本实施例中, 当 VPN接入设备接收到给一个未分配的 IP地址池后,可以 从该 IP地址池中, 选择一个未设置 GW标识, 且未分配的 IP地址给 DCHP客 户端 , 并将设置有 GW标识的 IP地址配置在该 VPN接入设备。
更进一步的, 在本发明的还一个实施例中, 在上述图 2所示实施例的基础 上, 当 IP地址请求包括选项标志位字段, 则该方法还可以包括:
DHCP server根据选项标志位字段, 判断 IP地址请求是否是基于 VPN业务 场景中的 IP地址请求;
则步骤 202的一种具体实现方式可以为:
DHCP server若判断出 IP地址请求是基于 VPN业务场景中的 IP地址请求, 则从预先配置的地址池分配模块中获取一个未分配的 IP地址池,并将该 IP地址 池发送给 VPN接入设备。
在本实施例中 , VPN接入设备接收 DHCP客户端发送的 IP地址请求, 并根 据该 IP地址请求中的用户名, 判断该 IP地址请求来自使用 VPN业务场景的用 户, 若该 IP地址请求来自使用 VPN业务场景的用户, 则说明该 IP地址请求是 基于 VPN业务场景中的 IP地址请求,则 VPN接入设备在该 IP地址请求中可以 增加选项标志位字段, 例如: "option" , 并将选项标志位字段置位, 即 "option" 标志为 1 , 在将处理后的 IP地址请求发送给 DCHP server, DCHP server接收到 该处理后的 IP地址请求后,判断该处理后的 IP地址请求中的选项标志位字段是 否置位, 若选项标志位字段置位, 即 "option" 标志为 1 , 则从地址池分配模块 中获取一个未分配的 IP地址池, 并将该未分配的 IP地址池发送给 VPN接入设
备。 VPN接入设备获取到该未分配的一个 IP地址池后, 从该 IP地址池中选择 一个未分配的 IP地址给 DHCP客户端 ,并再选择一个未分配的 IP地址给该 VPN 接入设备。
图 3为本发明 IP地址分配方法所基于的 IP地址分配系统的网络架构示意 图, 如图 3所示, IP地址分配系统包括: DHCP客户端 11、 VPN接入设备 12 和 DHCP server 13 , 其中, 该 DHCP server 13中可以设置有地址池分配模块, 该地址池分配模块中预先配置并存储有多个 IP地址池。
图 4为本发明 IP地址分配方法的再一个实施例的信令流程图, 在上述图 3 所示的基础上, 如图 4所示, 本实施例的方法包括:
步骤 301、 DHCP客户端发送 IP地址请求给 VPN接入设备。 该 IP地址请 求包括选项标志位字段。
在本实施例中, DHCP客户端在 IP地址请求中可以增加选项标志位字段, 例如: "option" , 当 DHCP客户端发送的 IP地址请求是一个普通的 IP地址请 求时, 则将选项标志位字段不置位, 即 "option" 标志为 0; 当 DHCP客户端发 送的 IP地址请求是一个基于 VPN业务场景中的 IP地址请求时, 则将选项标志 位字段置位, 即 "option" 标志为 1.
步骤 302、 VPN接入设备根据该选项标志位字段, 判断该 IP地址请求是否 于 VPN业务场景中的 IP地址请求。
步骤 303、 VPN接入设备若判断出 IP地址请求 于 VPN业务场景中的 IP地址请求, 则发送 IP地址请求给 DHCP server。
步骤 304、 DHCP server接收到该 IP地址请求后 , 根据该 IP地址请求中的 选项标志位字段, 判断该 IP地址请求是否是基于 VPN业务场景中的 IP地址请 求, 若判断出该 IP地址请求是基于 VPN业务场景中的 IP地址请求, 则从地址 池分配模块中获取一个未分配的 IP地址池, 并将该未分配的 IP地址池发送给 VPN接入设备。
在本实施例中, 未分配的 IP地址池中一个设置有 GW标识的 IP地址。
步骤 305、 VPN接入设备从 IP地址池中, 选择一个未设置有 GW标识, 且 未分配的 IP地址给 DHCP客户端, 并将设置有 GW标识的 IP地址给 VPN接入 设备。
在本实施例中 , 通过 VPN接入设备接收 DHCP客户端发送的 IP地址请求, 该 IP地址请求中包括选项标志位字段,并根据该选项标志位字段判断该 IP地址 请求是否是基于 VPN业务场景中的 IP地址请求, 若是, 则发送 IP地址池请求 给 DHCP server, DHCP server接收到该 IP地址请求后, 根据该 IP地址请求中 的选项标志位字段, 判断该 IP地址请求是否是基于 VPN业务场景中的 IP地址 请求, 若判断出该 IP地址请求 于 VPN业务场景中的 IP地址请求, 则配置 的地址池分配模块中获取一个未分配的 IP地址池, 并从 IP地址池中, 选择一个 未分配的 IP地址池给 DHCP客户端, 并再选择一个未分配的 IP地址给该 VPN 接入设备, 从而解决了现有技术中每个动态加入的 VPN站点可能会存在分配相 同网段 IP地址, 以及每个用户侧 CE的上联口的 IP地址与 VPN接入设备端口 IP地址相同的问题。
图 5为本发明 IP地址分配方法的另一个实施例的信令流程图, 在上述图 3 所示的基础上, 如图 5所示, 本实施例的方法包括:
步骤 401、 DHCP客户端发送 IP地址请求给 VPN接入设备。
步骤 402、 VPN接入设备获取该 DHCP客户端的 MAC地址,并根据该 MAC 地址, 判断该 IP地址请求是否是基于 VPN业务场景中的 IP地址请求。
步骤 403、 VPN接入设备若判断出 IP地址请求 于 VPN业务场景中的
IP地址请求, 则在该 IP地址请求中增加选项标志位字段, 并将该选项标志位字 段置位, 再将处理后的 IP地址请求发送给 DHCP server。
步骤 404、 DHCP server接收到该处理后的 IP地址池请求后, 根据该处理后 的 IP地址请求中的选项标志位字段, 判断该处理后的 IP地址请求是否是基于 VPN业务场景中的 IP地址请求。
步骤 405、 DHCP server若判断出所述 IP地址请求是基于 VPN业务场景中
的 IP地址请求,则从预先配置的地址池分配模块中获取一个未分配的 IP地址池, 并将该 IP地址池发送给 VPN接入设备。
在本实施例中 , VPN接入设备接收 DHCP客户端发送的 IP地址请求, 获取
DHCP客户端的 MAC地址, 并根据该 MAC地址,判断该 IP地址请求来自使用 VPN业务场景的用户, 若该 IP地址请求来自使用 VPN业务场景的用户, 则说 明该 IP地址请求是基于 VPN业务场景中的 IP地址请求,则 VPN接入设备在该
IP地址请求中可以增加选项标志位字段, 例如: "option" , 并将选项标志位字 段置位, 即 "option"标志为 1 , 在将处理后的 IP地址请求发送给 DCHP server,
DCHP server接收到该处理后的 IP地址请求后 , 判断该处理后的 IP地址请求中 的选项标志位字段是否置位, 若选项标志位字段置位, 即 "option" 标志为 1 , 则从地址池分配模块中获取一个未分配的 IP地址池,并将该未分配的 IP地址池 发送给 VPN接入设备。
步骤 406、 VPN接入设备从该 IP地址池中, 选择一个未设置 GW标识, 且 未分配的 IP地址给 DHCP客户端, 并将设置有 GW标识的 IP地址配置在 VPN 接入设备。
在本实施例中 , 通过 VPN接入设备接收 DHCP客户端发送的 IP地址请求, 获取该 DHCP客户端的 MAC地址, 并根据该 MAC地址, 判断该 IP地址请求 是否是基于 VPN业务场景中的 IP地址请求, 若是, 则在该 IP地址请求中增加 选项标志位字段, 并将该选项标志位字段置位, 再将处理后的 IP地址请求发送 给 DHCP server, 从 DHCP server中配置的地址池分配模块中获取一个未分配的 IP地址池, 并从 IP地址池中, 选择一个未分配的 IP地址池给 DHCP客户端, 并再选择一个未分配的 IP地址给该 VPN接入设备,从而解决了现有技术中每个 动态加入的 VPN站点可能会存在分配相同网段 IP地址, 以及每个用户侧 CE的 上联口的 IP地址与 VPN接入设备端口 IP地址相同的问题。
图 6为本发明 IP地址分配方法的又一个实施例的信令流程图, 在上述图 3 所示的基础上, 如图 6所示, 本实施例的方法包括:
步骤 501、 DHCP客户端发送 IP地址请求给 VPN接入设备。 该 IP地址请 求包括选项标志位字段。
在本实施例中, DHCP客户端在 IP地址请求中可以增加选项标志位字段, 例如: "option" , 当 DHCP客户端发送的 IP地址请求是一个普通的 IP地址请 求时, 则将选项标志位字段不置位, 即 "option" 标志为 0; 当 DHCP客户端发 送的 IP地址请求是一个基于 VPN业务场景中的 IP地址请求时, 则将选项标志 位字段置位, 即 "option" 标志为 1.
步骤 502、 VPN接入设备将该 IP地址请求发送给 DHCP server。
步骤 503、 DHCP server接收到该 IP地址请求后 , 根据该 IP地址请求中的 选项标志位字段, 判断该处理后的 IP地址请求是否是基于 VPN业务场景中的 IP地址请求。
步骤 504、 DHCP server若判断出该 IP地址请求是基于 VPN业务场景中的 IP地址请求, 则从预先配置的地址池分配模块中获取一个未分配的 IP地址池, 并将该 IP地址池发送给 VPN接入设备。
DCHP server接收到该处理后的 IP地址请求后 , 判断该处理后的 IP地址请 求中的选项标志位字段是否置位, 若选项标志位字段置位, 即 "option" 标志为 1 , 则从地址池分配模块中获取一个未分配的 IP地址池, 并将该未分配的 IP地 址池发送给 VPN接入设备。
步骤 505、 VPN接入设备从该 IP地址池中, 选择一个未设置 GW标识, 且 未分配的 IP地址给 DHCP客户端, 并将设置有 GW标识的 IP地址配置在 VPN 接入设备。
在本实施例中 , 通过 VPN接入设备接收 DHCP客户端发送的 IP地址请求, 该 IP地址请求包括选项标志位字段, 并将该 IP地址请求透传给 DHCP server, DHCP server根据该选项标志位字段判断该 IP地址请求是否是基于 VPN业务场 景中的 IP地址请求, 若是, 从配置的地址池分配模块中获取一个未分配的 IP地 址池, 并发送给 VPN接入设备, 以使得 VPN接入设备从 IP地址池中, 选择一
个未分配的 IP地址池给 DHCP客户端,并再选择一个未分配的 IP地址给该 VPN 接入设备, 从而解决了现有技术中每个动态加入的 VPN站点可能会存在分配相 同网段 IP地址, 以及每个用户侧 CE的上联口的 IP地址与 VPN接入设备端口 IP地址相同的问题。
图 7为本发明 VPN接入设备的一个实施例的结构示意图, 如图 7所示, 本 实施例的 VPN接入设备包括: 接收模块 21、 IP地址池获取模块 22和分配处理 模块 23 , 其中, 接收模块 21用于接收 DHCP客户端发送的 IP地址请求; IP地 址池获取模块 22用于根据该 IP地址请求,从 DHCP server中配置的地址池分配 模块中获取一个未分配的 IP地址池; 分配处理模块 23用于从该 IP地址池中, 选择一个未分配的 IP地址给 DHCP客户端, 并再选择一个未分配的 IP地址给 VPN接入设备。
本实施例的 VPN接入设备可以执行图 1所示方法实施例的技术方案, 其实 现原理相类似, 此处不再赘述。
在本实施例中 , 通过 VPN接入设备接收 DHCP客户端发送的 IP地址请求, 并根据该 IP地址请求 , 从 DHCP server中配置的地址池分配模块中获取一个未 分配的 IP地址池, 并从 IP地址池中, 选择一个未分配的 IP地址池给 DHCP客 户端, 并再选择一个未分配的 IP地址给该 VPN接入设备,从而解决了现有技术 中每个动态加入的 VPN站点可能会存在分配相同网段 IP地址,以及每个用户侧 CE的上联口的 IP地址与 VPN接入设备端口 IP地址相同的问题。
进一步的, 图 8为本发明 VPN接入设备的另一个实施例的结构示意图, 在 上述图 7所示实施例的基础上, 如图 8所示, 当 IP地址请求包括选项标志位字 段, 则 VPN接入设备还包括: 判断模块 24, 用于根据选项标志位字段, 判断 IP 地址请求是否是基于 VPN业务场景中的 IP地址请求。 则 IP地址池获取模块 22 包括发送单元 221和接收单元 222, 其中, 发送单元 221用于若判断模块 24判 断出 IP地址请求 于 VPN业务场景中的 IP地址请求,则发送该 IP地址请求 给 DHCP server, 以供 DHCP server根据该 IP地址请求,从配置地址池分配模块
中获取一个未分配的 IP地址池, 并发送给 VPN接入设备;接收单元 222用于接 收 DHCP server发送的一个未分配的 IP地址池。
另外, 该分配处理模块 23具体用于从 IP地址池中, 选择一个未设置 GW 标识, 且未分配的 IP地址给 DHCP客户端, 并将设置有 GW标识的 IP地址配 置在 VPN接入设备。
更进一步的, 图 9为本发明 VPN接入设备的又一个实施例的结构示意图, 在上述图 7所示实施例的基础上, 如图 9所示, VPN接入设备还包括: MAC地 址获取模块 25、 判断模块 26和 IP地址请求处理模块 27, 其中, MAC地址获取 模块 25用于获取 DCHP客户端的 MAC地址;判断模块 26用于根据该 MAC地 址, 判断 IP地址请求是否是基于 VPN业务场景中的 IP地址请求; IP地址请求 处理模块 27用于若判断模块 26判断出 IP地址请求 于 VPN业务场景中的 IP地址请求, 则在 IP地址请求中增加选项标志位字段, 并将选项标志位字段置 位。
则 IP地址池获取模块 22包括发送单元 223和接收单元 224, 其中, 发送单 元 223用于将 IP地址请求处理模块 27处理后的 IP地址请求发送给 DCHP server, 以供 DCHP server根据处理后的 IP地址请求, 从配置的地址池分配处理模块中 获取一个未分配的 IP地址池,并发送给 VPN接入设备;接收单元 224用于接收 DCHP server发送的一个未分配的 IP地址池。
另外, 该分配处理模块 23具体用于从 IP地址池中, 选择一个未设置 GW 标识, 且未分配的 IP地址给 DHCP客户端, 并将设置有 GW标识的 IP地址配 置在 VPN接入设备。
更进一步的, 图 10为本发明 VPN接入设备的还一个实施例的结构示意图, 在上述图 7所示实施例的基础上, 如图 10所示, VPN接入设备还包括: MAC 地址获取模块 28、 判断模块 29和 IP地址池请求生成模块 30, 其中, MAC地址 获取模块 28用于获取 DCHP客户端的 MAC地址;判断模块 29用于根据该 MAC 地址, 判断 IP地址请求是否是基于 VPN业务场景中的 IP地址请求; IP地址池
请求生成模块 30用于若判断模块 29判断出 IP地址请求 于 VPN业务场景中 的 IP地址请求, 则生成 IP地址池请求。
则 IP地址池获取模块 22包括发送单元 225和接收单元 226, 其中, 发送单 元 225用于将 IP地址池请求生成模块 30生成的 IP地址池请求发送给 DCHP server, 以供 DCHP server根据 IP地址池请求, 从配置的地址池分配处理模块中 获取一个未分配的 IP地址池,并发送给 VPN接入设备;接收单元 226用于接收 DCHP server发送的一个未分配的 IP地址池。
另外, 该分配处理模块 23具体用于从 IP地址池中, 选择一个未设置 GW 标识, 且未分配的 IP地址给 DHCP客户端, 并将设置有 GW标识的 IP地址配 置在 VPN接入设备。
图 11为本发明 DHCP server的一个实施例的结构示意图,如图 11所示,本 实施例的 DHCP server包括: 接收模块 31、 地址池分配模块 32和发送模块 33 , 其中,接收模块 31用于接收 VPN接入设备发送的 IP地址请求或者 IP地址池请 求; 地址池分配模块 32用于预先配置并存储 IP地址池; 发送模块 33用于根据 IP地址请求或者 IP地址池请求,从地址池分配模块中获取一个未分配的 IP地址 池, 并将 IP地址池发送给 VPN接入设备。
本实施例的 DHCP server可以执行图 2所示方法实施例的技术方案,其实现 原理相类似, 此处不再赘述。
在本实施例中 ,通过 DHCP server接收 VPN接入设备发送的 IP地址请求或 者 IP地址池请求, 并根据该 IP地址请求或者 IP地址池请求, 从预先配置的地 址池分配模块中获取一个未分配的 IP地址池, 并将 IP地址池发送给所述 VPN 接入设备, 以供该 VPN接入设备从 IP地址池中, 选择一个未分配的 IP地址给 DHCP客户端, 并再选择一个未分配的 IP地址给该 VPN接入设备,从而解决了 现有技术中每个动态加入的 VPN站点可能会存在分配相同网段 IP地址,以及每 个用户侧 CE的上联口的 IP地址与 VPN接入设备端口 IP地址相同的问题。
进一步的, 图 12为本发明 DHCP server的另一个实施例的结构示意图, 在
上述图 11所示实施例的基础上, 如图 12所示, DHCP server还可以包括: 地址 池处理模块 34, 用于根据网段, 对地址池分配模块 32中存储的 IP地址进行划 分处理, 获取多个 IP地址池。
另外, 该地址池处理模块 34还用于从地址池分配模块 32中的每个 IP地址 池中, 选择一个 IP地址, 并将 IP地址设置 GW标识,, 其中, 设置有 GW标识 的 IP地址用于配置给 VPN接入设备。
进一步的, 当 IP地址请求包括选项标志位字段, 则 DHCP server还包括: 判断模块 35, 用于根据选项标志位字段, 判断 IP地址请求是否是基于 VPN业 务场景中的 IP地址请求;则发送模块 33具体用于若判断模块 35判断出 IP地址 请求是基于 VPN业务场景中的 IP地址请求,则从预先配置的地址池分配模块中 获取一个未分配的 IP地址池, 并将 IP地址池发送给所述 VPN接入设备。
本发明还提供了一种 IP地址分配系统, 包括 DHCP客户端、 DHCP接入设 备和 DHCP server, 该 DHCP接入设备可以为图 7至图 10任一所示的 DHCP接 入设备, DHCP server可以为图 11或图 12所示的 DHCP server, 其实现原理相 类似, 此处不再赘述。
本领域普通技术人员可以理解: 实现上述方法实施例的全部或部分步骤可 以通过程序指令相关的硬件来完成, 前述的程序可以存储于一计算机可读取存 储介质中, 该程序在执行时, 执行包括上述方法实施例的步骤; 而前述的存储 介质包括: ROM、 RAM, 磁碟或者光盘等各种可以存储程序代码的介质。
最后应说明的是: 以上实施例仅用以说明本发明的技术方案, 而非对其限 制; 尽管参照前述实施例对本发明进行了详细的说明, 本领域的普通技术人员 应当理解: 其依然可以对前述各实施例所记载的技术方案进行修改, 或者对其 中部分技术特征进行等同替换; 而这些修改或者替换, 并不使相应技术方案的 本质脱离本发明各实施例技术方案的精神和范围。
Claims
1、 一种 IP地址分配方法, 其特征在于, 包括:
虚拟专用网络接入设备接收动态主机设置协议客户端发送的 IP地址请求; 所述虚拟专用网络接入设备根据所述 IP地址请求,从动态主机设置协议服 务器中配置的地址池分配模块中获取一个未分配的 IP地址池;
所述虚拟专用网络接入设备从所述 IP地址池中, 选择一个未分配的 IP地 址给所述动态主机设置协议客户端,并再选择一个未分配的 IP地址给所述虚拟 专用网络接入设备。
2、 根据权利要求 1所述的 IP地址分配方法, 其特征在于, 所述 IP地址请 求包括选项标志位字段, 则所述虚拟专用网络接入设备根据所述 IP地址请求, 从动态主机设置协议服务器中配置的地址池分配模块中获取一个未分配的 IP 地址池, 包括:
所述虚拟专用网络接入设备若根据所述 IP地址请求中的选项标志位字段 判断出所述 IP地址请求是基于虚拟专用网络业务场景中的 IP地址请求, 则发 送所述 IP地址请求给动态主机设置协议服务器,以供所述动态主机设置协议服 务器根据所述 IP地址请求, 从配置的地址池分配模块中获取一个未分配的 IP 地址池, 并发送给所述虚拟专用网络接入设备;
所述虚拟专用网络接入设备接收所述动态主机设置协议服务器发送的所述 一个未分配的 IP地址池。
3、 根据权利要求 1所述的 IP地址分配方法, 其特征在于, 则所述方法还 包括:
所述虚拟专用网络接入设备获取所述动态主机设置协议客户端的介质访问 控制层地址, 并根据所述介质访问控制层地址, 判断所述 IP地址请求是否是基 于虚拟专用网络业务场景中的 IP地址请求;
所述虚拟专用网络接入设备若判断出所述 IP 地址请求是基于虚拟专用网 络业务场景中的 IP地址请求, 则在所述 IP地址请求中增加选项标志位字段, 并将所述选项标志位字段置位; 则所述虚拟专用网络接入设备根据所述 IP地址请求,从动态主机设置协议 服务器中配置的地址池分配模块中获取一个未分配的 IP地址池, 包括:
所述虚拟专用网络接入设备将处理后的 IP地址请求发送给动态主机设置 协议服务器, 以供所述动态主机设置协议服务器根据所述处理后的 IP地址请 求, 从配置的地址池分配模块中获取一个未分配的 IP地址池, 并发送给所述虚 拟专用网络接入设备;
所述虚拟专用网络接入设备接收所述动态主机设置协议服务器发送的所述 一个未分配的 IP地址池。
4、 根据权利要求 1所述的 IP地址分配方法, 其特征在于, 所述方法还包 括:
所述虚拟专用网络接入设备获取所述动态主机设置协议客户端的介质访问 控制层地址, 并根据所述介质访问控制层地址, 判断所述 IP地址请求是否是基 于虚拟专用网络业务场景中的 IP地址请求;
所述虚拟专用网络接入设备若判断出所述 IP 地址请求是基于虚拟专用网 络业务场景中的 IP地址请求, 则生成 IP地址池请求;
则所述虚拟专用网络接入设备根据所述 IP地址请求,从动态主机设置协议 服务器中配置的地址池分配模块中获取一个未分配的 IP地址池, 包括:
所述虚拟专用网络接入设备将所述 IP 地址池请求发送给动态主机设置协 议服务器, 以供所述动态主机设置协议服务器根据所述 IP地址池请求, 从配置 的地址池分配模块中获取一个未分配的 IP地址池,并发送给所述虚拟专用网络 接入设备;
所述虚拟专用网络接入设备接收所述动态主机设置协议服务器发送的所述 一个未分配的 IP地址池。
5、 根据权利要求 1至 4任一项所述的 IP地址分配方法, 其特征在于, 所 述虚拟专用网络接入设备从所述 IP地址池中, 选择一个未分配的 IP地址给所 述动态主机设置协议客户端,并再选择一个未分配的 IP地址给所述虚拟专用网 络接入设备, 包括: 所述虚拟专用网络接入设备从所述 IP 地址池中, 选择一个未设置网关标 识, 且未分配的 IP地址给所述 DHCP客户端, 并将设置有网关标识的 IP地址 配置在所述虚拟专用网络接入设备。
6、 一种 IP地址分配方法, 其特征在于, 包括:
动态主机设置协议服务器接收虚拟专用网络接入设备发送的 IP地址请求 或者 IP地址池请求;
所述动态主机设置协议服务器根据所述 IP地址请求或者 IP地址池请求, 从预先配置的地址池分配模块中获取一个未分配的 IP地址池, 并将所述 IP地 址池发送给所述虚拟专用网络接入设备。
7、 根据权利要求 6所述的 IP地址分配方法, 其特征在于, 还包括: 所述动态主机设置协议服务器根据网段, 对所述地址池分配模块中存储的 IP地址进行划分处理, 获取多个 IP地址池。
8、 根据权利要求 7所述的 IP地址分配方法, 其特征在于, 还包括: 所述动态主机设置协议服务器从所述地址池分配模块中的每个 IP地址池 中, 选择一个 IP地址, 并将所述 IP地址设置网关标识, 其中, 所述设置有网 关标识的 IP地址用于配置给虚拟专用网络接入设备。
9、 根据权利要求 7或 8所述的 IP地址分配方法, 其特征在于, 所述 IP地 址请求包括选项标志位字段, 则所述方法还包括:
所述动态主机设置协议服务器根据所述选项标志位字段,判断所述 IP地址 请求是否 于虚拟专用网络业务场景中的 IP地址请求;
则所述动态主机设置协议服务器根据所述 IP地址请求,从预先配置的地址 池分配模块中获取一个未分配的 IP地址池, 并将所述 IP地址池发送给所述虚 拟专用网络接入设备, 包括:
所述动态主机设置协议服务器若判断出所述 IP 地址请求是基于虚拟专用 网络业务场景中的 IP地址请求,则从预先配置的地址池分配模块中获取一个未 分配的 IP地址池, 并将所述 IP地址池发送给所述虚拟专用网络接入设备。
10、 一种虚拟专用网络接入设备, 其特征在于, 包括: 接收模块, 用于接收动态主机设置协议客户端发送的 IP地址请求; IP地址池获取模块,用于根据所述 IP地址请求,从动态主机设置协议服务 器中配置的地址池分配模块中获取一个未分配的 IP地址池;
分配处理模块, 用于从所述 IP地址池中, 选择一个未分配的 IP地址给所 述动态主机设置协议客户端 ,并再选择一个未分配的 IP地址给所述虚拟专用网 络接入设备。
11、根据权利要求 10所述的虚拟专用网络接入设备, 其特征在于, 所述 IP 地址请求包括选项标志位字段, 则所述虚拟专用网络接入设备还包括:
判断模块, 用于根据所述选项标志位字段, 判断所述 IP地址请求是否是基 于虚拟专用网络业务场景中的 IP地址请求;
则所述 IP地址池获取模块包括:
发送单元,用于若所述判断模块判断出所述 IP地址请求 于虚拟专用网 络业务场景中的 IP地址请求, 则发送所述 IP地址请求给动态主机设置协议服 务器, 以供所述动态主机设置协议服务器根据所述 IP地址请求, 从配置地址池 分配模块中获取一个未分配的 IP地址池, 并发送给所述虚拟专用网络接入设 备;
接收单元, 用于接收所述动态主机设置协议服务器发送的所述一个未分配 的 IP地址池。
12、 根据权利要求 10所述的虚拟专用网络接入设备, 其特征在于, 所述虚 拟专用网络接入设备还包括:
介质访问控制层地址获取模块, 用于获取所述 DHCP客户端的介质访问控 制层地址;
判断模块, 用于根据所述介质访问控制层地址, 判断所述 IP地址请求是否 是基于虚拟专用网络业务场景中的 IP地址请求;
IP地址请求处理模块,用于若所述判断模块判断出所述 IP地址请求是基于 虚拟专用网络业务场景中的 IP地址请求, 则在所述 IP地址请求中增加选项标 志位字段, 并将所述选项标志位字段置位; 则所述 IP地址池获取模块具体包括:
发送单元, 用于将所述 IP地址请求处理模块处理后的 IP地址请求发送给 动态主机设置协议服务器, 以供所述动态主机设置协议服务器根据所述处理后 的 IP地址请求, 从配置的地址池分配模块中获取一个未分配的 IP地址池, 并 发送给所述虚拟专用网络接入设备;
接收单元, 用于接收所述动态主机设置协议服务器发送的所述一个未分配 的 IP地址池。
13、 根据权利要求 10所述的虚拟专用网络接入设备, 其特征在于, 所述虚 拟专用网络接入设备还包括:
介质访问控制层地址获取模块, 用于获取所述 DHCP客户端的介质访问控 制层地址;
判断模块, 用于根据所述介质访问控制层地址, 判断所述 IP地址请求是否 是基于虚拟专用网络业务场景中的 IP地址请求;
IP地址池请求生成模块,用于若所述判断模块判断出所述 IP地址请求是基 于虚拟专用网络业务场景中的 IP地址请求, 则生成 IP地址池请求;
则所述 IP地址池获取模块具体包括:
发送单元, 用于将所述 IP地址池请求发送给动态主机设置协议服务器, 以 供所述动态主机设置协议服务器根据所述 IP地址池请求,从配置的地址池分配 模块中获取一个未分配的 IP地址池, 并发送给所述虚拟专用网络接入设备; 接收单元, 用于接收所述动态主机设置协议服务器发送的所述一个未分配 的 IP地址池。
14、 根据权利要求 10至 13任一项所述的虚拟专用网络接入设备, 其特征 在于, 所述分配处理模块具体用于从所述 IP地址池中, 选择一个未设置网关标 识, 且未分配的 IP地址给所述动态主机设置协议客户端, 并将设置有网关标识 的 IP地址配置在所述虚拟专用网络接入设备。
15、 一种动态主机设置协议服务器, 其特征在于, 包括:
接收模块, 用于接收虚拟专用网络接入设备发送的 IP地址请求或者 IP地 址池请求;
地址池分配模块, 用于预先配置并存储 IP地址池;
发送模块, 用于根据所述 IP地址请求或者 IP地址池请求, 从所述地址池 分配模块中获取一个未分配的 IP地址池, 并将所述 IP地址池发送给所述虚拟 专用网络接入设备。
16、 根据权利要求 15所述的动态主机设置协议服务器, 其特征在于, 还包 括:
地址池处理模块, 用于根据网段, 对所述地址池分配模块中存储的 IP地址 进行划分处理, 获取多个 IP地址池。
17、 根据权利要求 16所述的动态主机设置协议服务器, 其特征在于, 所述 地址池处理模块还用于从所述地址池分配模块中的每个 IP地址池中,选择一个 IP地址, 并将所述 IP地址设置网关标识,, 其中, 所述设置有网关标识的 IP地 址用于配置给虚拟专用网络接入设备。
18、根据权利要求 16或 17所述的动态主机设置协议服务器, 其特征在于, 所述 IP地址请求包括选项标志位字段, 则所述动态主机设置协议服务器还包 括:
判断模块, 用于根据所述选项标志位字段, 判断所述 IP地址请求是否是基 于虚拟专用网络业务场景中的 IP地址请求;
则所述发送模块具体用于若所述判断模块判断出所述 IP 地址请求是基于 虚拟专用网络业务场景中的 IP地址请求,则从预先配置的地址池分配模块中获 取一个未分配的 IP地址池, 并将所述 IP地址池发送给所述虚拟专用网络接入 设备。
19、 一种 IP地址分配系统, 其特征在于, 包括: 动态主机设置协议客 户端、如权利要求 10至 14任一项所述的虚拟专用网络接入设备和如权利要 求 15至 18任一项所述的动态主机设置协议服务器。
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
PCT/CN2011/078118 WO2013020267A1 (zh) | 2011-08-08 | 2011-08-08 | Ip地址分配方法和系统以及设备 |
CN201180004010.7A CN103039059B (zh) | 2011-08-08 | 2011-08-08 | Ip地址分配方法和系统以及设备 |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
PCT/CN2011/078118 WO2013020267A1 (zh) | 2011-08-08 | 2011-08-08 | Ip地址分配方法和系统以及设备 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2013020267A1 true WO2013020267A1 (zh) | 2013-02-14 |
Family
ID=47667850
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/CN2011/078118 WO2013020267A1 (zh) | 2011-08-08 | 2011-08-08 | Ip地址分配方法和系统以及设备 |
Country Status (2)
Country | Link |
---|---|
CN (1) | CN103039059B (zh) |
WO (1) | WO2013020267A1 (zh) |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104104749A (zh) * | 2014-07-29 | 2014-10-15 | 浙江宇视科技有限公司 | 一种隧道ip地址的分配方法及装置 |
WO2018039901A1 (zh) * | 2016-08-30 | 2018-03-08 | 深圳前海达闼云端智能科技有限公司 | 用于ip地址分配的方法、装置、系统和计算机程序产品 |
WO2023221508A1 (zh) * | 2022-05-18 | 2023-11-23 | 天翼云科技有限公司 | 一种浮动ip分配方法、装置、电子设备及存储介质 |
Families Citing this family (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108243078B (zh) * | 2016-12-23 | 2020-01-03 | 新华三技术有限公司 | 地址分配方法和装置 |
CN109451093B (zh) * | 2018-12-13 | 2022-01-28 | 新华三技术有限公司 | 一种环回口地址分配方法及装置 |
CN109561170B (zh) * | 2018-12-25 | 2021-10-08 | 迈普通信技术股份有限公司 | 地址池创建方法、装置、地址池管理系统及储存介质 |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1949784A (zh) * | 2005-10-12 | 2007-04-18 | 华为技术有限公司 | Dhcp中继为dhcp客户端请求ip地址的方法 |
CN102025798A (zh) * | 2010-12-15 | 2011-04-20 | 华为技术有限公司 | 地址分配处理方法、装置和系统 |
Family Cites Families (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8249081B2 (en) * | 2006-09-29 | 2012-08-21 | Array Networks, Inc. | Dynamic virtual private network (VPN) resource provisioning using a dynamic host configuration protocol (DHCP) server, a domain name system (DNS) and/or static IP assignment |
JP4773987B2 (ja) * | 2007-02-01 | 2011-09-14 | アラクサラネットワークス株式会社 | 端末所属切換システム |
CN101656763B (zh) * | 2009-09-11 | 2013-03-13 | 华为技术有限公司 | 一种ip地址自动分配方法、客户端及服务器 |
-
2011
- 2011-08-08 WO PCT/CN2011/078118 patent/WO2013020267A1/zh active Application Filing
- 2011-08-08 CN CN201180004010.7A patent/CN103039059B/zh not_active Expired - Fee Related
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1949784A (zh) * | 2005-10-12 | 2007-04-18 | 华为技术有限公司 | Dhcp中继为dhcp客户端请求ip地址的方法 |
CN102025798A (zh) * | 2010-12-15 | 2011-04-20 | 华为技术有限公司 | 地址分配处理方法、装置和系统 |
Non-Patent Citations (1)
Title |
---|
YANG HONGJUN: "Principle Analysis of the DHCP Over IPSec VPN", COMPUTER SECURITY, 30 September 2010 (2010-09-30), pages 66 * |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104104749A (zh) * | 2014-07-29 | 2014-10-15 | 浙江宇视科技有限公司 | 一种隧道ip地址的分配方法及装置 |
CN104104749B (zh) * | 2014-07-29 | 2018-01-05 | 浙江宇视科技有限公司 | 一种隧道ip地址的分配方法及装置 |
WO2018039901A1 (zh) * | 2016-08-30 | 2018-03-08 | 深圳前海达闼云端智能科技有限公司 | 用于ip地址分配的方法、装置、系统和计算机程序产品 |
WO2023221508A1 (zh) * | 2022-05-18 | 2023-11-23 | 天翼云科技有限公司 | 一种浮动ip分配方法、装置、电子设备及存储介质 |
Also Published As
Publication number | Publication date |
---|---|
CN103039059B (zh) | 2015-07-08 |
CN103039059A (zh) | 2013-04-10 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US8966075B1 (en) | Accessing a policy server from multiple layer two networks | |
WO2013020267A1 (zh) | Ip地址分配方法和系统以及设备 | |
US20130205025A1 (en) | Optimized Virtual Private Network Routing Through Multiple Gateways | |
CN107241454B (zh) | 一种实现地址管理的方法、装置、aaa服务器及sdn控制器 | |
WO2013067904A1 (zh) | 用于域间虚拟专用网络对接的方法和设备 | |
WO2013056585A1 (zh) | 一种虚拟私云接入认证方法及相关装置 | |
WO2016179950A1 (zh) | 互联网协议ip地址的分配方法及装置 | |
WO2013071765A1 (zh) | 为用户终端分配ip地址的方法、装置和系统 | |
WO2016184368A1 (zh) | 用于对用户的业务进行授权的方法、装置及系统 | |
WO2016192608A2 (zh) | 身份认证方法、身份认证系统和相关设备 | |
WO2014075312A1 (zh) | 一种网络穿越服务的提供方法、装置及系统 | |
WO2011103840A2 (zh) | 虚拟私云的连接方法及隧道代理服务器 | |
WO2013107138A1 (zh) | 一种Wifi终端访问不同业务域的方法和装置 | |
WO2012149718A1 (zh) | 云计算系统中云终端访问云服务器的方法及云计算系统 | |
WO2010048874A1 (zh) | 一种ip会话标识方法、装置和系统 | |
US12058514B2 (en) | Virtual tenant for multiple dwelling unit | |
WO2014079335A1 (zh) | Ip报文处理方法、装置及网络系统 | |
WO2012130049A1 (zh) | 地址处理方法及装置 | |
WO2011140919A1 (zh) | 接入业务批发网络的方法、设备、服务器和系统 | |
WO2014029367A1 (zh) | 一种动态配置方法及装置、系统 | |
WO2011147343A1 (zh) | Ip网络中地址分配方法、设备及系统 | |
WO2014110984A1 (zh) | 用户终端接入网络的认证方法及装置 | |
CN107547403B (zh) | 报文转发方法、协助方法、装置、控制器及主机 | |
JP5613915B2 (ja) | Ipアドレスを割り当て、取得するための方法および装置 | |
WO2011095079A1 (zh) | 一种ip地址分配方法、装置及系统 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
WWE | Wipo information: entry into national phase |
Ref document number: 201180004010.7 Country of ref document: CN |
|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 11870566 Country of ref document: EP Kind code of ref document: A1 |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 11870566 Country of ref document: EP Kind code of ref document: A1 |