WO2017215492A1 - Device detection method and apparatus - Google Patents

Device detection method and apparatus Download PDF

Info

Publication number
WO2017215492A1
WO2017215492A1 PCT/CN2017/087342 CN2017087342W WO2017215492A1 WO 2017215492 A1 WO2017215492 A1 WO 2017215492A1 CN 2017087342 W CN2017087342 W CN 2017087342W WO 2017215492 A1 WO2017215492 A1 WO 2017215492A1
Authority
WO
WIPO (PCT)
Prior art keywords
access device
online
arp
access
address
Prior art date
Application number
PCT/CN2017/087342
Other languages
French (fr)
Chinese (zh)
Inventor
江文娜
Original Assignee
中兴通讯股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中兴通讯股份有限公司 filed Critical 中兴通讯股份有限公司
Publication of WO2017215492A1 publication Critical patent/WO2017215492A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/08Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters
    • H04L43/0805Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters by checking availability
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/08Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters
    • H04L43/0805Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters by checking availability
    • H04L43/0811Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters by checking availability by checking connectivity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/10Mapping addresses of different types
    • H04L61/103Mapping addresses of different types across network layers, e.g. resolution of network layer into physical layer addresses or address resolution protocol [ARP]

Definitions

  • the present invention relates to the field of Ethernet communications, and in particular to a device detection method and apparatus.
  • the Institute of Electrical and Electronics Engineers (IEEE) 802.1x protocol optimizes the authentication method and authentication architecture, making it widely used in Ethernet access.
  • the network access server cannot implement the access through the standard protocol packets because the 802.1x client cannot be installed. Control of the device.
  • Media Access Control (MAC) authentication solves the access authentication management of such access devices.
  • MAC Media Access Control
  • the present invention provides a device detection method and apparatus to at least solve the problem that the online state of an access device cannot be detected universally and in a timely manner in the related art.
  • a device detection method including:
  • the address resolution protocol (ARP) detection packet is sent to the access device.
  • ARP address resolution protocol
  • the access device determines an online state of the access device.
  • performing access authentication on the access device includes:
  • obtaining the IP address of the access device includes:
  • the IP address of the access device is parsed according to the ARP request packet.
  • determining, according to the response information of the ARP detection packet, that the access device responds to the online status of the access device includes:
  • the online status of the access device is determined according to the online detection flag bit and the online detection flag bit of the last ARP detection.
  • determining the online state of the access device according to the online detection flag bit and the online detection flag bit of the last ARP detection includes:
  • the foregoing ARP detection packet includes:
  • NAS network access server
  • the ARP detection packet includes: source network protocol IP field and source media access control MAC address.
  • the field and the destination IP address field where the source MAC field is configured as the MAC address of the network access server NAS, and the source IP field is configured as the third layer of the virtual local area network (VLAN) where the access device is located.
  • the interface address or the broadcast IP address; the destination IP address field is configured as the IP address of the access device.
  • a device detecting apparatus including:
  • the sending module is configured to send an address resolution protocol ARP detection packet to the access device after the access authentication of the access device is passed;
  • the determining module is configured to determine an online state of the access device according to the response information of the access device in response to the ARP detection packet.
  • the device further includes:
  • the obtaining module is configured to obtain an IP address of the access device.
  • the determining module includes:
  • the setting unit is configured to set an online detection flag bit of the access device according to the response information of the access device in response to the ARP detection message, where the online detection flag bit is set to be valid when the response information is acquired, when Setting the above online detection flag bit to be invalid when the response information is not acquired;
  • the determining unit is configured to determine the online state of the access device according to the online detection flag bit and the online detection flag bit of the last ARP detection.
  • a storage medium comprising a stored program, wherein the program is executed to perform the method of any of the above.
  • a processor for running a program wherein the program is executed to perform the method of any of the above.
  • the ARP detection packet is sent to the access device, and the access device determines the response device according to the response information of the ARP detection packet.
  • online status The invention solves the problem that the online state of the access device cannot be detected universally and in a timely manner, thereby achieving universal and timely access to the access device.
  • the online status of the backup makes the management of the accounting of the access device more flexible and accurate according to the detected online status.
  • FIG. 1 is a flow chart of a device detecting method according to an embodiment of the present invention.
  • FIG. 2 is a flow chart of a device detection method according to an example of the present invention.
  • FIG. 3 is a block diagram showing the structure of a device detecting apparatus according to an embodiment of the present invention.
  • FIG. 4 is a block diagram showing another structure of a device detecting device according to an embodiment of the present invention.
  • FIG. 1 is a flowchart of a device detection method according to an embodiment of the present invention. As shown in FIG. 1 , the process includes the following steps:
  • Step S102 After the access authentication of the access device passes, send an address resolution protocol ARP detection packet to the access device.
  • Step S104 Determine, according to the response information of the ARP detection packet, the access device determines an online state of the access device.
  • the access device After the access authentication of the access device is passed through the foregoing steps, the access device is configured.
  • the device is configured to send an address resolution protocol (ARP) packet, and the access device determines the online state of the access device according to the response information of the ARP detection packet, which solves the problem that the existing device needs to be deployed in the access device.
  • ARP address resolution protocol
  • the problem of the online status of the access device is detected in a versatile and timely manner, so that the online status of the access device is obtained in a universal and timely manner, and the management of the charging of the access device is more flexible and accurate according to the detected online state.
  • performing access authentication on the access device in step S102 may include performing access authentication on the access device according to the user name and password of the access device that is stored in advance.
  • the method further includes: obtaining an IP address of the access device, before sending the ARP detection packet to the access device.
  • the obtaining the IP address of the access device includes: obtaining an ARP request packet sent by the access device, and parsing the IP address of the access device according to the ARP request packet.
  • the access device initiates an authentication request to the Radius server through a network access server (NAS).
  • NAS network access server
  • the ARP request packet sent by the access device needs to be obtained.
  • the access device obtains the information of the service gateway through the address allocation of the Dynamic Host Configuration Protocol (DHCP).
  • DHCP Dynamic Host Configuration Protocol
  • the access device resolves the gateway information, it must send an ARP request to the gateway. Text.
  • the ARP request packet is obtained by the NAS device, the IP address information of the access device is parsed.
  • the ARP timeout timer is set. If the timer expires, the ARP request packet sent by the access device is not received.
  • step S104 can be implemented by the following scheme:
  • Step A setting an online detection flag bit of the access device according to the response information of the access device in response to the ARP detection message, where the online detection flag is set to be valid when the response information is acquired, when the response information is Setting the above online detection flag is invalid when not acquired;
  • Step B determining the online state of the access device according to the online detection flag bit and the online detection flag bit of the last ARP detection.
  • step B can be specifically implemented by: when the online detection flag is And when the online detection flag bit of the previous ARP detection is invalid, it is determined that the online state of the access device is offline.
  • the ARP detection packet may include: a source network protocol IP field and a source media access control MAC field, where the source IP field and the source MAC field are configured through a specified command line of the network access server NAS; or the ARP detection report
  • the source network protocol IP field, the source media access control MAC field, and the destination IP address field where the source MAC field is configured as the MAC address of the network access server NAS, and the source IP field is configured as the access device.
  • the Layer 3 interface address or the broadcast IP address of the VLAN of the virtual local area network; the destination IP address field is configured as the IP address of the access device.
  • the padding field in the ARP detection packet sent by the NAS device to the access device may be configured through the command line of the NAS. If not specified, the configuration may be as follows: The MAC address of the NAS is used by the MAC. The source IP address is preferred to the Layer 3 interface address of the vlan on the NAS. If no Layer 3 interface is configured, the broadcast IP address is used. The destination IP address field in the ARP packet uses the IP address of the obtained access device. The detection can be performed by using the on-line detection. When the timing interval arrives, the ARP detection packet is sent to the access device. The NAS sets an online detection flag for the access device that is authenticated by the access authentication.
  • the online detection flag is updated according to the response information of the access device. After receiving the ARP response message, the flag is valid and the online detection timer is reset. If the response information is not received, the validity of the online detection flag of the access device is checked before the ARP detection packet is sent again. If the flag is invalid, the online status of the access device is invalid.
  • the NAS will be based on the specific application scenario. The access device manages, for example, when the online management of the access device is determined to be invalid, the MAC address entry on the access device is deleted, and the notification server clears the access device.
  • FIG. 2 is a flowchart of a device detecting method according to an example of the present invention. As shown in FIG. 2, the foregoing process specifically includes the following steps:
  • Step S202 The access device actively initiates an access authentication request.
  • the dumb terminal of the 802.1x client cannot be installed, and the authentication is requested by the MAC authentication method of the NAS.
  • the NAS adds the MAC address of the access device to the MAC address management table of the NAS.
  • Step S204 Start acquiring an ARP request packet timeout timer, and wait for the ARP of the access device. Request a message. After the access device is authenticated and has obtained its own IP address, it will send an ARP request packet to request next hop information. The NAS retrieves the ARP request packet and parses the IP address information of the access device. After the ARP request packet timeout timer expires and the ARP response message is not received, the access device is considered offline.
  • Step S206 After obtaining the IP address of the access device, the NAS enables the online detection timer and sets the online detection flag. When the timing interval arrives, the NAS sends an ARP detection packet, and updates the online detection flag according to the response information.
  • Step S208 Receive the ARP response information, set the online detection flag bit of the access device to be valid, and repeat step S206. If the ARP response packet is not received, but the online detection flag is valid, step S206 is repeated when the timing interval arrives; if the current and previous online detection flag are invalid, the NAS performs offline identification, offline or Redirect and other operations, and notify the server user to go offline.
  • the method according to the above embodiment can be implemented by means of software plus a necessary general hardware platform, and of course, by hardware, but in many cases, the former is A better implementation.
  • the technical solution of the present invention which is essential or contributes to the prior art, may be embodied in the form of a software product stored in a storage medium (such as ROM/RAM, disk,
  • the optical disc includes a plurality of instructions for causing a terminal device (which may be a mobile phone, a computer, a server, or a network device, etc.) to perform the above-described methods of various embodiments of the present invention.
  • a device detecting device is also provided. As shown in FIG. 3, the device is used to implement the foregoing embodiments and preferred embodiments, and details are not described herein.
  • the term "module” may implement a combination of software and/or hardware of a predetermined function.
  • the apparatus described in the following embodiments is preferably implemented in software, hardware, or a combination of software and hardware, is also possible and contemplated.
  • FIG. 3 is a structural block diagram of a device detecting apparatus according to an embodiment of the present invention. As shown in FIG. 3, the device includes the following modules:
  • the sending module 32 is configured to: after the access authentication of the access device passes, The device sends an address resolution protocol ARP detection packet.
  • the determining module 34 is connected to the sending module 32 and configured to determine the online state of the access device according to the response information of the access device in response to the ARP detection message.
  • the sending module 32 sends an address resolution protocol ARP detection packet to the access device, and the determining module 34 responds to the ARP of the sending module 32 according to the access device.
  • the response information of the detection packet determines the online state of the access device, which solves the problem that the existing technology needs to be additionally deployed in the access device, and the online state of the access device cannot be detected in a universal manner and in time, thereby achieving universal
  • the online status of the access device is known in time, and the management of the charging of the access device is more flexible and accurate according to the detected online state.
  • FIG. 4 is another structural block diagram of a device detecting apparatus according to an embodiment of the present invention.
  • the device further includes: an obtaining module 33, configured to acquire the access, in addition to the sending module 32 and the determining module 34. IP address of the device.
  • the determining module 34 includes: a setting unit 342, configured to set an online detection flag of the access device according to the response information of the access device in response to the ARP detection message, where the online detection is set when the response information is acquired. The flag bit is valid, and the online detection flag bit is set to be invalid when the response information is not acquired; the determining unit 344 is connected to the setting unit 342, and is set to be based on the online detection flag bit and the online detection flag bit of the last ARP detection. Determine the online status of the access device.
  • each of the above modules may be implemented by software or hardware.
  • the foregoing may be implemented by, but not limited to, the foregoing modules are all located in the same processor; or, the modules are located in multiple In the processor.
  • the embodiment of the present invention solves the problem that the existing technology needs to be additionally deployed in the access device, and the online state of the access device cannot be detected in a timely manner, thereby achieving universal and timely access.
  • the online status of the device makes the management of the accounting of the access device more flexible and accurate according to the detected online status.
  • Embodiments of the present invention also provide a storage medium including a stored program, wherein the program described above executes the method of any of the above.
  • the foregoing storage medium may include, but is not limited to, a USB flash drive, a Read-Only Memory (ROM), and a Random Access Memory (RAM).
  • ROM Read-Only Memory
  • RAM Random Access Memory
  • Embodiments of the present invention also provide a processor for running a program, wherein the program is executed to perform the steps of any of the above methods.
  • modules or steps of the present invention described above can be implemented by a general-purpose computing device that can be centralized on a single computing device or distributed across a network of multiple computing devices. Alternatively, they may be implemented by program code executable by the computing device such that they may be stored in the storage device by the computing device and, in some cases, may be different from the order herein.
  • the steps shown or described are performed, or they are separately fabricated into individual integrated circuit modules, or a plurality of modules or steps thereof are fabricated as a single integrated circuit module.
  • the invention is not limited to any specific combination of hardware and software.
  • the ARP detection packet is sent to the access device, and the response information of the ARP detection packet is determined according to the access device.
  • the online status of the above access device Solved the existing technology During the operation, the problem of the online status of the access device cannot be detected universally and in a timely manner, so that the online status of the access device can be obtained in a universal and timely manner, and the management of the access device is more flexible according to the detected online state. accurate.

Abstract

Provided are a device detection method and apparatus. The method comprises: when access authentication of an access device is passed, sending an address resolution protocol (ARP) detection message to the access device; and determining an on-line state of the access device according to response information with which the access device responds to the ARP detection message. By means of the present invention, the problems in the prior art of non-commonality and being unable to detect an on-line state of an access device in time are solved, so that the universality and timely acquisition of the on-line state of the access device are achieved, and management, such as the charging of the access device, is more flexible and accurate according to the detected on-line state.

Description

设备检测方法及装置Device detection method and device 技术领域Technical field
本发明涉及以太网通讯领域,具体而言,涉及一种设备检测方法及装置。The present invention relates to the field of Ethernet communications, and in particular to a device detection method and apparatus.
背景技术Background technique
电气和电子工程师协会(Institute of Electrical and Electronics Engineers,简称IEEE)802.1x协议对认证方式和认证体系结构进行了优化,使得该协议在以太网接入中得到广泛的应用。而某些接入设备,如网络协议电话(Internet Protocol phone,简称IPPHONE)等哑终端,由于不能安装802.1x的客户端,网络接入服务器不能通过标准的协议报文交互实现对这类接入设备的控制。媒体访问控制(Media Access Control,简称MAC)认证解决了这类接入设备的接入认证管理,但如何及时检测接入设备的在线状态依然存在问题。已有的在线检测机制,大多需要借助专门的协议实现,需要在哑终端中做特定部署,这样不具备通用性。The Institute of Electrical and Electronics Engineers (IEEE) 802.1x protocol optimizes the authentication method and authentication architecture, making it widely used in Ethernet access. On some of the access devices, such as the Internet Protocol Phone (IPPHONE), the network access server cannot implement the access through the standard protocol packets because the 802.1x client cannot be installed. Control of the device. Media Access Control (MAC) authentication solves the access authentication management of such access devices. However, how to detect the online status of access devices in time is still problematic. Most of the existing online detection mechanisms need to be implemented by special protocols, and specific deployments need to be made in dumb terminals, so that they are not universal.
针对在相关技术中,不能通用且及时地检测接入设备的在线状态问题,尚未提出有效的解决方案。For the related art, the online state problem of the access device cannot be detected universally and in time, and an effective solution has not been proposed.
发明内容Summary of the invention
本发明提供了一种设备检测方法及装置,以至少解决相关技术中不能通用且及时地检测接入设备的在线状态的问题。The present invention provides a device detection method and apparatus to at least solve the problem that the online state of an access device cannot be detected universally and in a timely manner in the related art.
根据本发明实施例的一个方面,提供了一种设备检测方法,包括:According to an aspect of an embodiment of the present invention, a device detection method is provided, including:
当对接入设备的接入认证通过后,向上述接入设备发送地址解析协议(Address Resolution Protocol,简称ARP)检测报文;After the access authentication of the access device is passed, the address resolution protocol (ARP) detection packet is sent to the access device.
根据上述接入设备响应上述ARP检测报文的响应信息确定上述接入设备的在线状态。And determining, according to the response information of the foregoing ARP detection packet, the access device determines an online state of the access device.
在本发明实施例中,对接入设备进行接入认证包括: In the embodiment of the present invention, performing access authentication on the access device includes:
根据预先存储的上述接入设备的用户名及密码对上述接入设备进行接入认征。And accessing the access device according to the user name and password of the foregoing access device stored in advance.
在本发明实施例中,向上述接入设备发送ARP检测报文之前,该方法还包括:In the embodiment of the present invention, before sending the ARP detection packet to the access device, the method further includes:
获取上述接入设备的IP地址。Obtain the IP address of the above access device.
在本发明实施例中,获取上述接入设备的IP地址包括:In the embodiment of the present invention, obtaining the IP address of the access device includes:
获取上述接入设备发出的ARP请求报文;Obtaining an ARP request packet sent by the access device;
根据上述ARP请求报文解析出上述接入设备的IP地址。The IP address of the access device is parsed according to the ARP request packet.
在本发明实施例中,根据上述接入设备响应上述ARP检测报文的响应信息确定上述接入设备的在线状态包括:In the embodiment of the present invention, determining, according to the response information of the ARP detection packet, that the access device responds to the online status of the access device, includes:
根据上述接入设备响应上述ARP检测报文的响应信息设置上述接入设备的在线检测标志位,其中,当上述响应信息被获取时设置上述在线检测标志位为有效,当上述响应信息未被获取时设置上述在线检测标志位为无效;And setting, according to the response information of the ARP detection packet, the online detection flag of the access device, where the online detection flag is set to be valid when the response information is acquired, and the response information is not obtained. When the above online detection flag is set to be invalid;
根据上述在线检测标志位和上一次ARP检测的在线检测标志位判断上述接入设备的在线状态。The online status of the access device is determined according to the online detection flag bit and the online detection flag bit of the last ARP detection.
在本发明实施例中,根据上述在线检测标志位和上一次ARP检测的在线检测标志位判断上述接入设备的在线状态包括:In the embodiment of the present invention, determining the online state of the access device according to the online detection flag bit and the online detection flag bit of the last ARP detection includes:
当上述在线检测标志位和上述上一次ARP检测的在线检测标志位为无效时,判定上述接入设备的在线状态为不在线。When the online detection flag bit and the online detection flag bit of the previous ARP detection are invalid, it is determined that the online state of the access device is offline.
在本发明实施例中,上述ARP检测报文包括:In the embodiment of the present invention, the foregoing ARP detection packet includes:
源网络协议IP字段和源媒体接入控制MAC字段,其中,上述源IP字段和源MAC字段通过网络接入服务器(Network Attached Server,简称NAS)的指定命令行进行配置;或者,a source network protocol IP field and a source media access control MAC field, where the source IP field and the source MAC field are configured through a specified command line of a network access server (NAS); or
上述ARP检测报文包括:源网络协议IP字段、源媒体接入控制MAC 字段和目的IP地址字段,其中,上述源MAC字段配置为网络接入服务器NAS的MAC地址,上述源IP字段配置为上述接入设备所在的虚拟局域网(Virtual Local Area Network,简称VLAN)的三层接口地址或者广播IP地址;上述目的IP地址字段配置为上述接入设备的IP地址。The ARP detection packet includes: source network protocol IP field and source media access control MAC address. The field and the destination IP address field, where the source MAC field is configured as the MAC address of the network access server NAS, and the source IP field is configured as the third layer of the virtual local area network (VLAN) where the access device is located. The interface address or the broadcast IP address; the destination IP address field is configured as the IP address of the access device.
根据本发明实施例的另一方面,提供了一种设备检测装置,包括:According to another aspect of an embodiment of the present invention, a device detecting apparatus is provided, including:
发送模块,设置为当对接入设备的接入认证通过后,向上述接入设备发送地址解析协议ARP检测报文;The sending module is configured to send an address resolution protocol ARP detection packet to the access device after the access authentication of the access device is passed;
确定模块,设置为根据上述接入设备响应上述ARP检测报文的响应信息确定上述接入设备的在线状态。The determining module is configured to determine an online state of the access device according to the response information of the access device in response to the ARP detection packet.
在本发明实施例中,该装置还包括:In the embodiment of the present invention, the device further includes:
获取模块,设置为获取上述接入设备的IP地址。The obtaining module is configured to obtain an IP address of the access device.
在本发明实施例中,确定模块包括:In the embodiment of the present invention, the determining module includes:
设置单元,设置为根据上述接入设备响应上述ARP检测报文的响应信息设置上述接入设备的在线检测标志位,其中,当上述响应信息被获取时设置上述在线检测标志位为有效,当上述响应信息未被获取时设置上述在线检测标志位为无效;The setting unit is configured to set an online detection flag bit of the access device according to the response information of the access device in response to the ARP detection message, where the online detection flag bit is set to be valid when the response information is acquired, when Setting the above online detection flag bit to be invalid when the response information is not acquired;
判断单元,设置为根据上述在线检测标志位和上一次ARP检测的在线检测标志位判断上述接入设备的在线状态。The determining unit is configured to determine the online state of the access device according to the online detection flag bit and the online detection flag bit of the last ARP detection.
根据本发明的又一个实施例,还提供了一种存储介质,所述存储介质包括存储的程序,其中,所述程序运行时执行上述任一项所述的方法。According to still another embodiment of the present invention, there is also provided a storage medium comprising a stored program, wherein the program is executed to perform the method of any of the above.
根据本发明的又一个实施例,还提供了一种处理器,所述处理器用于运行程序,其中,所述程序运行时执行上述任一项所述的方法。According to still another embodiment of the present invention, there is also provided a processor for running a program, wherein the program is executed to perform the method of any of the above.
通过本发明实施例,当对接入设备的接入认证通过后,向接入设备发送地址解析协议ARP检测报文;根据上述接入设备响应ARP检测报文的响应信息确定上述接入设备的在线状态。解决了现有技术中不能通用且及时地检测接入设备的在线状态的问题,进而达到通用且及时的获知到接入设 备的在线状态,根据检测到的在线状态使接入设备的计费等管理更加的灵活准确。After the access authentication of the access device is passed, the ARP detection packet is sent to the access device, and the access device determines the response device according to the response information of the ARP detection packet. online status. The invention solves the problem that the online state of the access device cannot be detected universally and in a timely manner, thereby achieving universal and timely access to the access device. The online status of the backup makes the management of the accounting of the access device more flexible and accurate according to the detected online status.
附图说明DRAWINGS
此处所说明的附图用来提供对本发明的进一步理解,构成本申请的一部分,本发明的示意性实施例及其说明用于解释本发明,并不构成对本发明的不当限定。在附图中:The drawings described herein are intended to provide a further understanding of the invention, and are intended to be a part of the invention. In the drawing:
图1是根据本发明实施例的设备检测方法的流程图;1 is a flow chart of a device detecting method according to an embodiment of the present invention;
图2是根据本发明示例的设备检测方法的流程图;2 is a flow chart of a device detection method according to an example of the present invention;
图3是根据本发明实施例的设备检测装置的结构框图;3 is a block diagram showing the structure of a device detecting apparatus according to an embodiment of the present invention;
图4是根据本发明实施例的设备检测装置的另一结构框图。4 is a block diagram showing another structure of a device detecting device according to an embodiment of the present invention.
具体实施方式detailed description
下文中将参考附图并结合实施例来详细说明本发明。需要说明的是,在不冲突的情况下,本申请中的实施例及实施例中的特征可以相互组合。The invention will be described in detail below with reference to the drawings in conjunction with the embodiments. It should be noted that the embodiments in the present application and the features in the embodiments may be combined with each other without conflict.
需要说明的是,本发明的说明书和权利要求书及上述附图中的术语“第一”、“第二”等是用于区别类似的对象,而不必用于描述特定的顺序或先后次序。It is to be understood that the terms "first", "second" and the like in the specification and claims of the present invention are used to distinguish similar objects, and are not necessarily used to describe a particular order or order.
在本实施例中提供了一种设备检测方法,图1是根据本发明实施例的设备检测方法的流程图,如图1所示,该流程包括如下步骤:A device detection method is provided in this embodiment. FIG. 1 is a flowchart of a device detection method according to an embodiment of the present invention. As shown in FIG. 1 , the process includes the following steps:
步骤S102,当对接入设备的接入认证通过后,向上述接入设备发送地址解析协议ARP检测报文;Step S102: After the access authentication of the access device passes, send an address resolution protocol ARP detection packet to the access device.
步骤S104,根据上述接入设备响应上述ARP检测报文的响应信息确定上述接入设备的在线状态。Step S104: Determine, according to the response information of the ARP detection packet, the access device determines an online state of the access device.
通过上述各个步骤,当对接入设备的接入认证通过后,向上述接入设 备发送地址解析协议ARP检测报文;根据上述接入设备响应上述ARP检测报文的响应信息确定上述接入设备的在线状态,解决了现有技术中需要在接入设备中做额外部署,不能通用且及时地检测接入设备的在线状态的问题,进而达到通用且及时的获知到接入设备的在线状态,根据检测到的在线状态使接入设备的计费等管理更加的灵活准确。After the access authentication of the access device is passed through the foregoing steps, the access device is configured. The device is configured to send an address resolution protocol (ARP) packet, and the access device determines the online state of the access device according to the response information of the ARP detection packet, which solves the problem that the existing device needs to be deployed in the access device. The problem of the online status of the access device is detected in a versatile and timely manner, so that the online status of the access device is obtained in a universal and timely manner, and the management of the charging of the access device is more flexible and accurate according to the detected online state.
在一个可选示例中,步骤S102中对接入设备进行接入认证可以包括:根据预先存储的上述接入设备的用户名及密码对上述接入设备进行接入认证。当对接入设备的接入认证通过后,向上述接入设备发送ARP检测报文之前,该方法还包括:获取上述接入设备的IP地址。获取上述接入设备的IP地址具体包括:获取上述接入设备发出的ARP请求报文;根据上述ARP请求报文解析出上述接入设备的IP地址。In an optional example, performing access authentication on the access device in step S102 may include performing access authentication on the access device according to the user name and password of the access device that is stored in advance. After the access authentication of the access device is passed, the method further includes: obtaining an IP address of the access device, before sending the ARP detection packet to the access device. The obtaining the IP address of the access device includes: obtaining an ARP request packet sent by the access device, and parsing the IP address of the access device according to the ARP request packet.
接入设备通过网络接入服务器(network access server,简称NAS)向Radius服务器发起认证请求。在上述技术方案中,当接入设备的认证请求通过后,需要获取接入设备发出的ARP请求报文。接入设备认证通过后,接入设备通过动态主机配置协议(Dynamic Host Configuration Protocol,简称DHCP)的地址分配会获取业务网关的信息,接入设备解析网关信息时,必然向网关发送一个ARP请求报文。该ARP请求报文被NAS设备获取后,解析出接入设备的IP地址信息。在等待ARP请求报文时,设置有ARP超时定时器,如果定时器超时,仍没有等到接入设备主动发出的ARP请求报文,判定接入设备为不在线状态。The access device initiates an authentication request to the Radius server through a network access server (NAS). In the foregoing technical solution, after the authentication request of the access device is passed, the ARP request packet sent by the access device needs to be obtained. After the access device passes the authentication, the access device obtains the information of the service gateway through the address allocation of the Dynamic Host Configuration Protocol (DHCP). When the access device resolves the gateway information, it must send an ARP request to the gateway. Text. After the ARP request packet is obtained by the NAS device, the IP address information of the access device is parsed. When the ARP request packet is awaiting, the ARP timeout timer is set. If the timer expires, the ARP request packet sent by the access device is not received.
在一个优选的示例中,步骤S104可以通过以下方案实现:In a preferred example, step S104 can be implemented by the following scheme:
步骤A:根据上述接入设备响应上述ARP检测报文的响应信息设置上述接入设备的在线检测标志位,其中,当上述响应信息被获取时设置上述在线检测标志位为有效,当上述响应信息未被获取时设置上述在线检测标志位为无效;Step A: setting an online detection flag bit of the access device according to the response information of the access device in response to the ARP detection message, where the online detection flag is set to be valid when the response information is acquired, when the response information is Setting the above online detection flag is invalid when not acquired;
步骤B:根据上述在线检测标志位和上一次ARP检测的在线检测标志位判断上述接入设备的在线状态。Step B: determining the online state of the access device according to the online detection flag bit and the online detection flag bit of the last ARP detection.
优选的,步骤B具体可以通过以下方案实现:当上述在线检测标志位 和上述上一次ARP检测的在线检测标志位为无效时,判定上述接入设备的在线状态为不在线。ARP检测报文可以包括:源网络协议IP字段和源媒体接入控制MAC字段,其中,上述源IP字段和源MAC字段通过网络接入服务器NAS的指定命令行进行配置;或者,上述ARP检测报文包括:源网络协议IP字段、源媒体接入控制MAC字段和目的IP地址字段,其中,上述源MAC字段配置为网络接入服务器NAS的MAC地址,上述源IP字段配置为上述接入设备所在的虚拟局域网VLAN的三层接口地址或者广播IP地址;上述目的IP地址字段配置为上述接入设备的IP地址。Preferably, step B can be specifically implemented by: when the online detection flag is And when the online detection flag bit of the previous ARP detection is invalid, it is determined that the online state of the access device is offline. The ARP detection packet may include: a source network protocol IP field and a source media access control MAC field, where the source IP field and the source MAC field are configured through a specified command line of the network access server NAS; or the ARP detection report The source network protocol IP field, the source media access control MAC field, and the destination IP address field, where the source MAC field is configured as the MAC address of the network access server NAS, and the source IP field is configured as the access device. The Layer 3 interface address or the broadcast IP address of the VLAN of the virtual local area network; the destination IP address field is configured as the IP address of the access device.
具体的,对于NAS设备给接入设备发送的ARP检测报文中的填充字段,包括源IP和源MAC等,字段可以通过NAS的命令行进行指定配置,如果未指定,可以进行如下配置:源MAC采用NAS的MAC地址,源IP首选NAS上用户接入vlan的三层接口地址,如果没有配置三层接口,则采用广播IP。ARP包中的目的IP地址字段则采用获取到的接入设备的IP地址。检测可以采用定时在线检测,当定时间隔到达时,向接入设备发送ARP检测报文。NAS为接入认证通过的接入设备设置在线检测标志位,当向接入设备每发出一次ARP检测报文时,根据接入设备的响应信息更新该次在线检测标志位。在收到ARP响应信息后,标志位为有效,重置在线检测定时器。没有收到响应信息则在再次发送ARP检测包之前,检查接入设备的在线检测标志位的有效性,如果标志位无效,则判断该接入设备在线状态为无效,NAS将根据具体应用场景对接入设备进行管理,比如当涉及接入设备的计费管理时,判断该接入设备在线状态为无效时,删除接入设备上的MAC地址项,通告服务器清理该接入设备。Specifically, the padding field in the ARP detection packet sent by the NAS device to the access device, including the source IP address and the source MAC address, may be configured through the command line of the NAS. If not specified, the configuration may be as follows: The MAC address of the NAS is used by the MAC. The source IP address is preferred to the Layer 3 interface address of the vlan on the NAS. If no Layer 3 interface is configured, the broadcast IP address is used. The destination IP address field in the ARP packet uses the IP address of the obtained access device. The detection can be performed by using the on-line detection. When the timing interval arrives, the ARP detection packet is sent to the access device. The NAS sets an online detection flag for the access device that is authenticated by the access authentication. When an ARP detection packet is sent to the access device, the online detection flag is updated according to the response information of the access device. After receiving the ARP response message, the flag is valid and the online detection timer is reset. If the response information is not received, the validity of the online detection flag of the access device is checked before the ARP detection packet is sent again. If the flag is invalid, the online status of the access device is invalid. The NAS will be based on the specific application scenario. The access device manages, for example, when the online management of the access device is determined to be invalid, the MAC address entry on the access device is deleted, and the notification server clears the access device.
基于上述技术方案,提供一具体示例,图2是根据本发明示例的设备检测方法的流程图。如图2所示,上述流程具体包括如下步骤:Based on the above technical solution, a specific example is provided, and FIG. 2 is a flowchart of a device detecting method according to an example of the present invention. As shown in FIG. 2, the foregoing process specifically includes the following steps:
步骤S202:接入设备主动发起接入认证请求。不能安装802.1x的客户端的哑终端,通过NAS的MAC认证方式请求认证。接入设备认证通过之后,NAS将接入设备的MAC地址加入NAS的MAC地址管理表。Step S202: The access device actively initiates an access authentication request. The dumb terminal of the 802.1x client cannot be installed, and the authentication is requested by the MAC authentication method of the NAS. After the access device passes the authentication, the NAS adds the MAC address of the access device to the MAC address management table of the NAS.
步骤S204:启动获取ARP请求报文超时定时器,等待接入设备的ARP 请求报文。接入设备在通过认证且已获取到自身IP地址之后,会发送ARP请求报文用于请求下一跳信息。NAS抓取该ARP请求报文,从而解析出该接入设备的IP地址信息。在ARP请求报文超时定时器超时后,依然没有收到用户的ARP响应信息时,接入设备被认为不在线。Step S204: Start acquiring an ARP request packet timeout timer, and wait for the ARP of the access device. Request a message. After the access device is authenticated and has obtained its own IP address, it will send an ARP request packet to request next hop information. The NAS retrieves the ARP request packet and parses the IP address information of the access device. After the ARP request packet timeout timer expires and the ARP response message is not received, the access device is considered offline.
步骤S206:获取到接入设备的IP地址后,NAS使能在线检测定时器,设置在线检测标志位。在定时间隔到达时,NAS发出ARP检测报文,根据响应信息更新在线检测标志位。Step S206: After obtaining the IP address of the access device, the NAS enables the online detection timer and sets the online detection flag. When the timing interval arrives, the NAS sends an ARP detection packet, and updates the online detection flag according to the response information.
步骤S208:收到ARP响应信息,将接入设备的在线检测标志位设置有效,同时重复步骤S206。如果没有收到ARP应答报文,但是在线检测标志位有效,在定时间隔到达时,重复步骤S206;如果本次和上一次在线检测标志位都无效,NAS对用户执行置离线标识、下线或重定向等操作,并通知服务器用户下线。Step S208: Receive the ARP response information, set the online detection flag bit of the access device to be valid, and repeat step S206. If the ARP response packet is not received, but the online detection flag is valid, step S206 is repeated when the timing interval arrives; if the current and previous online detection flag are invalid, the NAS performs offline identification, offline or Redirect and other operations, and notify the server user to go offline.
通过以上的实施方式的描述,本领域的技术人员可以清楚地了解到根据上述实施例的方法可借助软件加必需的通用硬件平台的方式来实现,当然也可以通过硬件,但很多情况下前者是更佳的实施方式。基于这样的理解,本发明的技术方案本质上或者说对现有技术做出贡献的部分可以以软件产品的形式体现出来,该计算机软件产品存储在一个存储介质(如ROM/RAM、磁碟、光盘)中,包括若干指令用以使得一台终端设备(可以是手机,计算机,服务器,或者网络设备等)执行本发明各个实施例上述的方法。Through the description of the above embodiments, those skilled in the art can clearly understand that the method according to the above embodiment can be implemented by means of software plus a necessary general hardware platform, and of course, by hardware, but in many cases, the former is A better implementation. Based on such understanding, the technical solution of the present invention, which is essential or contributes to the prior art, may be embodied in the form of a software product stored in a storage medium (such as ROM/RAM, disk, The optical disc includes a plurality of instructions for causing a terminal device (which may be a mobile phone, a computer, a server, or a network device, etc.) to perform the above-described methods of various embodiments of the present invention.
在本实施例中还提供了一种设备检测装置,如图3所示,该装置用于实现上述实施例及优选实施方式,已经进行过说明的不再赘述。如以下所使用的,术语“模块”可以实现预定功能的软件和/或硬件的组合。尽管以下实施例所描述的装置较佳地以软件来实现,但是硬件,或者软件和硬件的组合的实现也是可能并被构想的。In the embodiment, a device detecting device is also provided. As shown in FIG. 3, the device is used to implement the foregoing embodiments and preferred embodiments, and details are not described herein. As used below, the term "module" may implement a combination of software and/or hardware of a predetermined function. Although the apparatus described in the following embodiments is preferably implemented in software, hardware, or a combination of software and hardware, is also possible and contemplated.
图3是根据本发明实施例的设备检测装置的结构框图,如图3所示,该装置包括如下模块:FIG. 3 is a structural block diagram of a device detecting apparatus according to an embodiment of the present invention. As shown in FIG. 3, the device includes the following modules:
发送模块32,设置为当对接入设备的接入认证通过后,向上述接入设 备发送地址解析协议ARP检测报文;The sending module 32 is configured to: after the access authentication of the access device passes, The device sends an address resolution protocol ARP detection packet.
确定模块34,与发送模块32相连,设置为根据上述接入设备响应上述ARP检测报文的响应信息确定上述接入设备的在线状态。The determining module 34 is connected to the sending module 32 and configured to determine the online state of the access device according to the response information of the access device in response to the ARP detection message.
通过上述各个模块的综合作用,当对接入设备的接入认证通过后,发送模块32向上述接入设备发送地址解析协议ARP检测报文;确定模块34根据接入设备响应发送模块32的ARP检测报文的响应信息确定上述接入设备的在线状态,解决了现有技术中需要在接入设备中做额外部署,不能通用且及时地检测接入设备的在线状态的问题,进而达到通用且及时的获知到接入设备的在线状态,根据检测到的在线状态使接入设备的计费等管理更加的灵活准确。After the access authentication of the access device is passed, the sending module 32 sends an address resolution protocol ARP detection packet to the access device, and the determining module 34 responds to the ARP of the sending module 32 according to the access device. The response information of the detection packet determines the online state of the access device, which solves the problem that the existing technology needs to be additionally deployed in the access device, and the online state of the access device cannot be detected in a universal manner and in time, thereby achieving universal The online status of the access device is known in time, and the management of the charging of the access device is more flexible and accurate according to the detected online state.
图4是根据本发明实施例的设备检测装置的另一结构框图,如图4所示,该装置在发送模块32和确定模块34之外,还包括:获取模块33,设置为获取上述接入设备的IP地址。上述确定模块34包括:设置单元342,设置为根据上述接入设备响应上述ARP检测报文的响应信息设置上述接入设备的在线检测标志位,其中,当上述响应信息被获取时设置上述在线检测标志位为有效,当上述响应信息未被获取时设置上述在线检测标志位为无效;判断单元344,与设置单元342相连,设置为根据上述在线检测标志位和上一次ARP检测的在线检测标志位判断上述接入设备的在线状态。FIG. 4 is another structural block diagram of a device detecting apparatus according to an embodiment of the present invention. As shown in FIG. 4, the device further includes: an obtaining module 33, configured to acquire the access, in addition to the sending module 32 and the determining module 34. IP address of the device. The determining module 34 includes: a setting unit 342, configured to set an online detection flag of the access device according to the response information of the access device in response to the ARP detection message, where the online detection is set when the response information is acquired. The flag bit is valid, and the online detection flag bit is set to be invalid when the response information is not acquired; the determining unit 344 is connected to the setting unit 342, and is set to be based on the online detection flag bit and the online detection flag bit of the last ARP detection. Determine the online status of the access device.
需要说明的是,上述各个模块是可以通过软件或硬件来实现的,对于后者,可以通过以下方式实现,但不限于此:上述模块均位于同一处理器中;或者,上述模块分别位于多个处理器中。It should be noted that each of the above modules may be implemented by software or hardware. For the latter, the foregoing may be implemented by, but not limited to, the foregoing modules are all located in the same processor; or, the modules are located in multiple In the processor.
综上所述,本发明实施例解决了现有技术中需要在接入设备中做额外部署,不能通用且及时地检测接入设备的在线状态的问题,进而达到通用且及时的获知到接入设备的在线状态,根据检测到的在线状态使接入设备的计费等管理更加的灵活准确。In summary, the embodiment of the present invention solves the problem that the existing technology needs to be additionally deployed in the access device, and the online state of the access device cannot be detected in a timely manner, thereby achieving universal and timely access. The online status of the device makes the management of the accounting of the access device more flexible and accurate according to the detected online status.
本发明的实施例还提供了一种存储介质,该存储介质包括存储的程序,其中,上述程序运行时执行上述任一项所述的方法。 Embodiments of the present invention also provide a storage medium including a stored program, wherein the program described above executes the method of any of the above.
可选地,在本实施例中,上述存储介质可以包括但不限于:U盘、只读存储器(Read-Only Memory,简称为ROM)、随机存取存储器(Random Access Memory,简称为RAM)、移动硬盘、磁碟或者光盘等各种可以存储程序代码的介质。Optionally, in the embodiment, the foregoing storage medium may include, but is not limited to, a USB flash drive, a Read-Only Memory (ROM), and a Random Access Memory (RAM). A variety of media that can store program code, such as a hard disk, a disk, or an optical disk.
本发明的实施例还提供了一种处理器,该处理器用于运行程序,其中,该程序运行时执行上述任一项方法中的步骤。Embodiments of the present invention also provide a processor for running a program, wherein the program is executed to perform the steps of any of the above methods.
可选地,本实施例中的具体示例可以参考上述实施例及可选实施方式中所描述的示例,本实施例在此不再赘述。For example, the specific examples in this embodiment may refer to the examples described in the foregoing embodiments and the optional embodiments, and details are not described herein again.
显然,本领域的技术人员应该明白,上述的本发明的各模块或各步骤可以用通用的计算装置来实现,它们可以集中在单个的计算装置上,或者分布在多个计算装置所组成的网络上,可选地,它们可以用计算装置可执行的程序代码来实现,从而,可以将它们存储在存储装置中由计算装置来执行,并且在某些情况下,可以以不同于此处的顺序执行所示出或描述的步骤,或者将它们分别制作成各个集成电路模块,或者将它们中的多个模块或步骤制作成单个集成电路模块来实现。这样,本发明不限制于任何特定的硬件和软件结合。It will be apparent to those skilled in the art that the various modules or steps of the present invention described above can be implemented by a general-purpose computing device that can be centralized on a single computing device or distributed across a network of multiple computing devices. Alternatively, they may be implemented by program code executable by the computing device such that they may be stored in the storage device by the computing device and, in some cases, may be different from the order herein. The steps shown or described are performed, or they are separately fabricated into individual integrated circuit modules, or a plurality of modules or steps thereof are fabricated as a single integrated circuit module. Thus, the invention is not limited to any specific combination of hardware and software.
以上所述仅为本发明的优选实施例而已,并不用于限制本发明,对于本领域的技术人员来说,本发明可以有各种更改和变化。凡在本发明的原则之内,所作的任何修改、等同替换、改进等,均应包含在本发明的保护范围之内。The above description is only the preferred embodiment of the present invention, and is not intended to limit the present invention, and various modifications and changes can be made to the present invention. Any modifications, equivalent substitutions, improvements, etc. made within the scope of the present invention are intended to be included within the scope of the present invention.
工业实用性Industrial applicability
基于本发明实施例提供的上述技术方案,当对接入设备的接入认证通过后,向接入设备发送地址解析协议ARP检测报文;根据上述接入设备响应ARP检测报文的响应信息确定上述接入设备的在线状态。解决了现有技 术中不能通用且及时地检测接入设备的在线状态的问题,进而达到通用且及时的获知到接入设备的在线状态,根据检测到的在线状态使接入设备的计费等管理更加的灵活准确。 According to the foregoing technical solution provided by the embodiment of the present invention, after the access authentication of the access device is passed, the ARP detection packet is sent to the access device, and the response information of the ARP detection packet is determined according to the access device. The online status of the above access device. Solved the existing technology During the operation, the problem of the online status of the access device cannot be detected universally and in a timely manner, so that the online status of the access device can be obtained in a universal and timely manner, and the management of the access device is more flexible according to the detected online state. accurate.

Claims (12)

  1. 一种设备检测方法,包括:A device detection method includes:
    当对接入设备的接入认证通过后,向所述接入设备发送地址解析协议ARP检测报文;After the access authentication of the access device is passed, the address resolution protocol ARP detection packet is sent to the access device;
    根据所述接入设备响应所述ARP检测报文的响应信息确定所述接入设备的在线状态。Determining an online state of the access device according to the response information of the access device in response to the ARP detection packet.
  2. 根据权利要求1所述的方法,其中,对接入设备进行接入认证包括:The method of claim 1, wherein performing access authentication on the access device comprises:
    根据预先存储的所述接入设备的用户名及密码对所述接入设备进行接入认证。And performing access authentication on the access device according to the user name and password of the access device that are stored in advance.
  3. 根据权利要求1所述的方法,其中,向所述接入设备发送ARP检测报文之前,该方法还包括:The method of claim 1, wherein before the sending the ARP detection message to the access device, the method further includes:
    获取所述接入设备的IP地址。Obtain an IP address of the access device.
  4. 根据权利要求3所述的方法,其中,获取所述接入设备的IP地址包括:The method of claim 3, wherein obtaining the IP address of the access device comprises:
    获取所述接入设备发出的ARP请求报文;Obtaining an ARP request packet sent by the access device;
    根据所述ARP请求报文解析出所述接入设备的IP地址。And parsing an IP address of the access device according to the ARP request packet.
  5. 根据权利要求1所述的方法,其中,根据所述接入设备响应所述ARP检测报文的响应信息确定所述接入设备的在线状态包括:The method according to claim 1, wherein determining the online status of the access device according to the response information of the access device in response to the ARP detection message comprises:
    根据所述接入设备响应所述ARP检测报文的响应信息设置所述接入设备的在线检测标志位,其中,当所述响应信息被获取时设置所述在线检测标志位为有效,当所述响应信息未被获取时设置所述在线检测标志位为无效;Setting an online detection flag bit of the access device according to the response information of the access device in response to the ARP detection packet, where the online detection flag bit is set to be valid when the response information is acquired, Setting the online detection flag bit to be invalid when the response information is not acquired;
    根据所述在线检测标志位和上一次ARP检测的在线检测标志位判断所述接入设备的在线状态。Determining an online state of the access device according to the online detection flag bit and an online detection flag bit of the last ARP detection.
  6. 根据权利要求5所述的方法,其中,根据所述在线检测标志位和上一次ARP检测的在线检测标志位判断所述接入设备的在线状态包括: The method according to claim 5, wherein determining the online state of the access device according to the online detection flag bit and the online detection flag bit of the last ARP detection comprises:
    当所述在线检测标志位和所述上一次ARP检测的在线检测标志位为无效时,判定所述接入设备的在线状态为不在线。When the online detection flag bit and the online detection flag bit of the last ARP detection are invalid, it is determined that the online state of the access device is offline.
  7. 根据权利要求1至6任意一项所述的方法,其中,所述ARP检测报文包括:The method according to any one of claims 1 to 6, wherein the ARP detection message comprises:
    源网络协议IP字段和源媒体接入控制MAC字段,其中,所述源IP字段和源MAC字段通过网络接入服务器NAS的指定命令行进行配置;或者,a source network protocol IP field and a source medium access control MAC field, where the source IP field and the source MAC field are configured through a specified command line of the network access server NAS; or
    所述ARP检测报文包括:源网络协议IP字段、源媒体接入控制MAC字段和目的IP地址字段,其中,所述源MAC字段配置为网络接入服务器NAS的MAC地址,所述源IP字段配置为所述接入设备所在的虚拟局域网VLAN的三层接口地址或者广播IP地址;所述目的IP地址字段配置为所述接入设备的IP地址。The ARP detection packet includes: a source network protocol IP field, a source media access control MAC field, and a destination IP address field, where the source MAC field is configured as a MAC address of a network access server NAS, and the source IP field The configuration is the Layer 3 interface address or the broadcast IP address of the virtual local area network VLAN where the access device is located. The destination IP address field is configured as the IP address of the access device.
  8. 一种设备检测装置,包括:A device detecting device comprising:
    发送模块,设置为当对接入设备的接入认证通过后,向所述接入设备发送地址解析协议ARP检测报文;a sending module, configured to send an address resolution protocol ARP detection packet to the access device after the access authentication of the access device is passed;
    确定模块,设置为根据所述接入设备响应所述ARP检测报文的响应信息确定所述接入设备的在线状态。And a determining module, configured to determine an online state of the access device according to the response information of the access device in response to the ARP detection packet.
  9. 根据权利要求8所述的装置,其中,该装置还包括:The device of claim 8 wherein the device further comprises:
    获取模块,设置为获取所述接入设备的IP地址。The obtaining module is configured to obtain an IP address of the access device.
  10. 根据权利要求8所述的装置,其中,所述确定模块包括:The apparatus of claim 8 wherein said determining module comprises:
    设置单元,设置为根据所述接入设备响应所述ARP检测报文的响应信息设置所述接入设备的在线检测标志位,其中,当所述响应信息被获取时设置所述在线检测标志位为有效,当所述响应信息未被获取时设置所述在线检测标志位为无效;a setting unit, configured to set an online detection flag bit of the access device according to the response information of the access device in response to the ARP detection message, where the online detection flag bit is set when the response information is acquired In order to be effective, setting the online detection flag bit to be invalid when the response information is not acquired;
    判断单元,设置为根据所述在线检测标志位和上一次ARP检测的在线检测标志位判断所述接入设备的在线状态。 The determining unit is configured to determine an online state of the access device according to the online detection flag bit and an online detection flag bit of the last ARP detection.
  11. 一种存储介质,所述存储介质包括存储的程序,其中,所述程序运行时执行权利要求1至7中任一项所述的方法。A storage medium, the storage medium comprising a stored program, wherein the program is executed to perform the method of any one of claims 1 to 7.
  12. 一种处理器,所述处理器用于运行程序,其中,所述程序运行时执行权利要求1至7中任一项所述的方法。 A processor for running a program, wherein the program is executed to perform the method of any one of claims 1 to 7.
PCT/CN2017/087342 2016-06-16 2017-06-06 Device detection method and apparatus WO2017215492A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201610430503.1 2016-06-16
CN201610430503.1A CN107517138A (en) 2016-06-16 2016-06-16 Equipment detection method and device

Publications (1)

Publication Number Publication Date
WO2017215492A1 true WO2017215492A1 (en) 2017-12-21

Family

ID=60663889

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2017/087342 WO2017215492A1 (en) 2016-06-16 2017-06-06 Device detection method and apparatus

Country Status (2)

Country Link
CN (1) CN107517138A (en)
WO (1) WO2017215492A1 (en)

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111770194A (en) * 2020-07-13 2020-10-13 太仓市同维电子有限公司 Method for actively triggering lower-hanging equipment to send arp
CN112153067A (en) * 2020-09-28 2020-12-29 周口师范学院 Edge calculation security model based on block chain
CN113709127A (en) * 2021-08-18 2021-11-26 深圳市联软科技股份有限公司 Printer counterfeit detection blocking system and method
CN113923397A (en) * 2021-09-28 2022-01-11 北京字跳网络技术有限公司 Method and device for detecting state of conference room equipment, electronic equipment and storage medium
CN113938460A (en) * 2021-11-25 2022-01-14 湖北天融信网络安全技术有限公司 Network detection method and device, electronic equipment and storage medium
CN115086208A (en) * 2022-06-14 2022-09-20 深信服科技股份有限公司 Network card detection method and device, electronic equipment and storage medium
CN111770194B (en) * 2020-07-13 2024-04-26 太仓市同维电子有限公司 Method for actively triggering down-hanging equipment to send arp

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114124473B (en) * 2021-11-02 2024-02-02 北京天融信网络安全技术有限公司 Port mirror image-based network access authentication system and authentication method
CN117692351A (en) * 2022-09-05 2024-03-12 中兴通讯股份有限公司 Online detection method for access user, electronic equipment and computer readable medium

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1491013A (en) * 2002-10-14 2004-04-21 深圳市中兴通讯股份有限公司 Broadband cut-in user managing method
CN1571358A (en) * 2003-07-19 2005-01-26 华为技术有限公司 Static user access network control method based on MAC address
CN101795300A (en) * 2009-11-11 2010-08-04 福建星网锐捷网络有限公司 IP (Internet Protocol) address recovery method and system, as well as DHCP (Dynamic Host Configuration Protocol) repeater and DHCP server
US20110225292A1 (en) * 2010-03-12 2011-09-15 Gemtek Technology Co., Ltd. Network device and packet transmission method
CN103401729A (en) * 2013-07-30 2013-11-20 上海斐讯数据通信技术有限公司 Method for detecting abnormal offline of authenticate user
CN103560961A (en) * 2013-11-04 2014-02-05 神州数码网络(北京)有限公司 Method for dynamically updating host routing table entries of Ethernet switch and switch

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1756189B (en) * 2004-09-30 2010-04-14 北京航空航天大学 IP network topology discovering method based on SNMP
CN101483676B (en) * 2006-02-17 2011-04-13 华为技术有限公司 Network for securing special line user to access to network
CN100579121C (en) * 2006-02-17 2010-01-06 华为技术有限公司 Method for securing special line user access network
US7948983B2 (en) * 2006-12-21 2011-05-24 Verizon Patent And Licensing Inc. Method, computer program product, and apparatus for providing passive automated provisioning
US8856869B1 (en) * 2009-06-22 2014-10-07 NexWavSec Software Inc. Enforcement of same origin policy for sensitive data
CN102938715B (en) * 2012-11-30 2016-03-30 杭州华三通信技术有限公司 Based on off-line checking method and the equipment of MAC address authentication

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1491013A (en) * 2002-10-14 2004-04-21 深圳市中兴通讯股份有限公司 Broadband cut-in user managing method
CN1571358A (en) * 2003-07-19 2005-01-26 华为技术有限公司 Static user access network control method based on MAC address
CN101795300A (en) * 2009-11-11 2010-08-04 福建星网锐捷网络有限公司 IP (Internet Protocol) address recovery method and system, as well as DHCP (Dynamic Host Configuration Protocol) repeater and DHCP server
US20110225292A1 (en) * 2010-03-12 2011-09-15 Gemtek Technology Co., Ltd. Network device and packet transmission method
CN103401729A (en) * 2013-07-30 2013-11-20 上海斐讯数据通信技术有限公司 Method for detecting abnormal offline of authenticate user
CN103560961A (en) * 2013-11-04 2014-02-05 神州数码网络(北京)有限公司 Method for dynamically updating host routing table entries of Ethernet switch and switch

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111770194A (en) * 2020-07-13 2020-10-13 太仓市同维电子有限公司 Method for actively triggering lower-hanging equipment to send arp
CN111770194B (en) * 2020-07-13 2024-04-26 太仓市同维电子有限公司 Method for actively triggering down-hanging equipment to send arp
CN112153067A (en) * 2020-09-28 2020-12-29 周口师范学院 Edge calculation security model based on block chain
CN112153067B (en) * 2020-09-28 2022-08-12 周口师范学院 Edge computing safety system based on block chain
CN113709127A (en) * 2021-08-18 2021-11-26 深圳市联软科技股份有限公司 Printer counterfeit detection blocking system and method
CN113923397A (en) * 2021-09-28 2022-01-11 北京字跳网络技术有限公司 Method and device for detecting state of conference room equipment, electronic equipment and storage medium
CN113923397B (en) * 2021-09-28 2023-12-19 北京字跳网络技术有限公司 Conference room equipment state detection method and device, electronic equipment and storage medium
CN113938460A (en) * 2021-11-25 2022-01-14 湖北天融信网络安全技术有限公司 Network detection method and device, electronic equipment and storage medium
CN115086208A (en) * 2022-06-14 2022-09-20 深信服科技股份有限公司 Network card detection method and device, electronic equipment and storage medium

Also Published As

Publication number Publication date
CN107517138A (en) 2017-12-26

Similar Documents

Publication Publication Date Title
WO2017215492A1 (en) Device detection method and apparatus
EP2745542B1 (en) Portal authentication method and access controller
US9918353B2 (en) 802.1X access session keepalive method, device, and system
KR101670344B1 (en) Access control method and system, and access point
US10187284B2 (en) Communication device, server device, communication method, and non-transitory computer readable medium
JPWO2008152807A1 (en) MAC address deduplication method, network device management system, server and information device
US20080184354A1 (en) Single sign-on system, information terminal device, single sign-on server, single sign-on utilization method, storage medium, and data signal
US8887237B2 (en) Multimode authentication
US20150381739A1 (en) Network session control
CN101895587A (en) Method, device and system for preventing users from modifying IP addresses privately
US10917406B2 (en) Access control method and system, and switch
WO2016192427A1 (en) Method and device for restoring interface configuration of access point, and home gate way
US20150156630A1 (en) SECURING mDNS IN ENTERPRISE NETWORKS
WO2015117455A1 (en) Network access method, system and terminal device, and computer storage medium
WO2012130048A1 (en) Method and apparatus for initializing gateway in device management system
US8615591B2 (en) Termination of a communication session between a client and a server
EP3319277B1 (en) Provision of access to a network
US20200177600A1 (en) Method and Apparatus for Granting Network Permission to Terminal, and Device
US20110289365A1 (en) Managing a home network
WO2016177185A1 (en) Method and apparatus for processing media access control (mac) address
WO2014135102A1 (en) Wlan user management method, device and system
WO2016078291A1 (en) Method, apparatus and system for accessing file sharing server
WO2017219777A1 (en) Packet processing method and device
EP3273666A1 (en) Method and apparatus for configuring network parameters of local area network
US10491494B2 (en) Captive portal detection

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 17812603

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 17812603

Country of ref document: EP

Kind code of ref document: A1