WO2020038049A1 - 一种通信连接方法、装置、通信设备及计算机可读存储介质 - Google Patents
一种通信连接方法、装置、通信设备及计算机可读存储介质 Download PDFInfo
- Publication number
- WO2020038049A1 WO2020038049A1 PCT/CN2019/089885 CN2019089885W WO2020038049A1 WO 2020038049 A1 WO2020038049 A1 WO 2020038049A1 CN 2019089885 W CN2019089885 W CN 2019089885W WO 2020038049 A1 WO2020038049 A1 WO 2020038049A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- radius
- user terminal
- internet access
- request
- request message
- Prior art date
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0892—Network architectures or network communication protocols for network security for authentication of entities by using authentication-authorization-accounting [AAA] servers or protocols
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/2854—Wide area networks, e.g. public data networks
- H04L12/2856—Access arrangements, e.g. Internet access
- H04L12/2869—Operational details of access network equipments
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements, protocols or services for addressing or naming
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements, protocols or services for addressing or naming
- H04L61/50—Address allocation
Definitions
- This application relates to, but is not limited to, the field of communication technology.
- Remote user authentication Remote user authentication (Remote Authentication, Dial In, User, Service, RADIUS) system is defined by RFC2865 (Request for Comments 2865) and RFC2866 (Request for Comments 2866), which is a client / server (C / S) structure Agreement. Because the RADIUS protocol is simple, clear, and extensible, RADIUS is currently the most widely used authentication, authorization, and accounting (AAA) protocol. The RADIUS application performs authentication, authorization, and accounting on the user terminal on the AAA server. As a RADIUS client, the broadband access device provides services for remote access user terminals to access and interact with the RADIUS server. The RADIUS server stores the identity information, authorization information, and access records of the user terminal, and authenticates, authorizes, and accounts the user terminal.
- RADIUS Remote user authentication
- a RADIUS server legally authenticates user terminal information, it will notify the broadband access device to assign an Internet access service address to the user terminal. After the broadband access device assigns an Internet access service address, the user terminal accesses the Internet according to the Internet access service address. Perform normal data access. If the broadband access device has insufficient Internet-accessible service addresses, the RADIUS server authentication may pass the session and the actual user may not go online normally. The user dials again (sends a RADIUS Access-Request message), the RADIUS server finds that the session already exists, does not allow the user equipment to access, and the user equipment hangs.
- the embodiments of the present application provide a communication connection method, device, communication device, and computer-readable storage medium.
- the technical solution adopted in the embodiments of the present application is to provide a communication connection method, including:
- a first accounting request is sent to the RADIUS server (RADIUS Accounting-Request) message; wherein the first RADIUS Accounting-Request message includes: request information for releasing session resources of the user terminal.
- An embodiment of the present application further provides a broadband access device.
- the broadband access device includes a processor and a memory; the processor is configured to execute a computer program stored in the memory to implement the steps of the foregoing communication connection method. .
- An embodiment of the present application further provides a communication connection method, including:
- the session resources of the user terminal are released based on the first RADIUS Accounting-Request message; wherein the first RADIUS Accounting-Request The message includes request information for releasing session resources of the user terminal.
- An embodiment of the present application further provides a RADIUS server.
- the RADIUS server includes a processor and a memory.
- the processor is configured to execute a program stored in the memory to implement the steps of the foregoing communication connection method.
- An embodiment of the present application further provides a communication connection device, including:
- the release request module is configured to send a first RADIUS to the RADIUS server when it detects that the number of Internet access service addresses to be allocated is insufficient when it receives the first RADIUS Access-Accept message from the user terminal sent by the RADIUS server. Accounting-Request message; wherein the first RADIUS Accounting-Request message includes: request information for releasing session resources of the user terminal.
- An embodiment of the present application further provides a communication connection device, including:
- the release module is configured to release a session resource of a user terminal based on the first RADIUS Accounting-Request message when the first RADIUS Accounting-Request message sent by the broadband access device is received;
- a RADIUS Accounting-Request message includes request information for releasing session resources of the user terminal.
- An embodiment of the present application further provides a computer-readable storage medium, where the computer-readable storage medium stores a computer program, wherein the computer program can be executed by one or more processors to implement the foregoing communication connection method. step.
- the embodiments of the present application have at least the following advantages:
- the communication connection method, device, communication device and computer-readable storage medium described in the embodiments of the present application can effectively avoid the defect that the user device hangs up on the RADIUS server session due to insufficient Internet access service addresses available to the broadband access device.
- FIG. 1 is a flowchart of a method for establishing a communication connection between a user terminal and a RADIUS server through a broadband access device according to an embodiment of the present application;
- FIG. 2 is a flowchart of a process in which a RADIUS server session hangs due to insufficient Internet access service addresses to be allocated by a broadband access device according to an embodiment of the present application;
- FIG. 3 is a process flowchart of a communication connection method according to a second embodiment of the present application.
- FIG. 4 is a flowchart of a communication connection method according to a fourth embodiment of the present application.
- FIG. 5 is a flowchart of a communication connection method according to a fifth embodiment of the present application.
- FIG. 6 is a schematic structural diagram of a communication connection device according to a seventh embodiment of the present application.
- FIG. 7 is a schematic structural diagram of a communication connection device according to a ninth embodiment of the present application.
- FIG. 8 is a schematic structural diagram of a broadband access device according to a tenth embodiment of the present application.
- FIG. 9 is a schematic structural diagram of a RADIUS server according to the eleventh embodiment of the present application.
- the process for a user terminal to establish a communication connection with a RADIUS server through a broadband access device includes:
- Step S101 The user terminal sends an Internet access authentication request to the broadband access device, where the Internet access authentication request carries username and password information; the broadband access device constructs a RADIUS Access-Request according to the RADIUS protocol standard based on the received Internet access authentication request ( Authentication Request) message, and sends a RADIUS Access-Request message with username and password information to the RADIUS server.
- the broadband access device constructs a RADIUS Access-Request according to the RADIUS protocol standard based on the received Internet access authentication request ( Authentication Request) message, and sends a RADIUS Access-Request message with username and password information to the RADIUS server.
- Step S102 When the RADIUS server receives the RADIUS Access-Request message, based on the user name and password information in the local pre-stored data, verify the username and password information carried in the RADIUS Access-Request message; In the case, the RADIUS server generates session resource information of the user terminal, and responds to a RADIUS Access-Accept (authentication passed) message to the broadband access device according to the RADIUS protocol standard.
- Step S103 The broadband access device receives a RADIUS Access-Accept message, and assigns an Internet access service address to the user terminal; sends the authentication result and Internet access service address to the user terminal; and the broadband access device sends a RADIUS Accounting-Request (accounting (Request) message to the RADIUS server to notify the RADIUS server to start accounting for Internet access in the user; the RADIUS server responds to the RADIUS Accounting-Response (accounting response) message to the broadband access device.
- RADIUS Accounting-Request accounting (accounting (Request) message to the RADIUS server to notify the RADIUS server to start accounting for Internet access in the user
- the RADIUS server responds to the RADIUS Accounting-Response (accounting response) message to the broadband access device.
- the user terminal establishes a communication connection with the RADIUS server through the broadband access device.
- the process of hanging the RADIUS server session due to insufficient Internet access service addresses to be allocated by the broadband access device includes:
- Step S201 The user terminal sends an Internet access authentication request to the broadband access device, where the Internet access authentication request carries username and password information; the broadband access device constructs a RADIUS Access-Request message based on the RADIUS protocol standard based on the Internet access authentication request received Send a RADIUS Access-Request message with username and password information to the RADIUS server.
- Step S202 When the RADIUS server receives the RADIUS Access-Request message, based on the user name and password information in the local pre-stored data, verify the username and password information carried in the RADIUS Access-Request message; if the RADIUS Access-Request message passes the verification, In the case, the RADIUS server generates session resource information of the user terminal, and responds to a RADIUS Access-Accept message to the broadband access device according to the RADIUS protocol standard.
- Step S203 The broadband access device receives a RADIUS Access-Accept message, and when an Internet access service address is allocated to the user terminal, it detects that the number of Internet access service addresses to be allocated is insufficient, and sends an Internet access service address allocation exception message to the user terminal. For the user terminal to allocate abnormal information based on the Internet access service address and initiate an Internet access authentication request again; the broadband access device issues an alert to the administrator, asking the administrator to add an Internet access service address.
- Step S204 The user terminal sends an Internet access authentication request to the broadband access device, wherein the Internet access authentication request carries username and password information; the broadband access device constructs a RADIUS Access-Request message according to the RADIUS protocol standard based on the Internet access authentication request received Send a RADIUS Access-Request message with username and password information to the RADIUS server.
- Step S205 When the RADIUS server receives the RADIUS Access-Request message, based on the user name and password information in the local pre-stored data, verify the username and password information carried in the RADIUS Access-Request message; because the RADIUS server already has a session for the user terminal Therefore, under the judgment of a single user and a single session, the RADIUS server does not allocate session resource information to the user terminal, and responds to a RADIUS Access-Reject (authentication rejection) message to the broadband access device according to the RADIUS protocol standard.
- the RADIUS server receives the RADIUS Access-Request message, based on the user name and password information in the local pre-stored data, verify the username and password information carried in the RADIUS Access-Request message; because the RADIUS server already has a session for the user terminal Therefore, under the judgment of a single user and a single session, the RADIUS server does not allocate session resource information to the user terminal, and responds to a RADIUS Access-Reject (authentic
- Step S206 The broadband access server receives the RADIUS Access-Reject message, and does not assign a new Internet access service address to the user terminal, and sends abnormal information about the Internet access service address allocation to the user terminal for the user terminal to use based on the The Internet access service address was allocated abnormal information, and an Internet access authentication request was initiated again.
- the user terminal repeatedly initiates an Internet access authentication request.
- the RADIUS server continuously performs authentication rejection under the judgment of a single user and a single session, and the user terminal hangs on the RADIUS server.
- the first embodiment of the present application is a communication connection method applied to a broadband access device.
- the method includes the following specific steps:
- the first RADIUS Accounting-Request message When receiving the first RADIUS Access-Accept message from the user terminal sent by the RADIUS server, when it is detected that the number of Internet access service addresses to be allocated is insufficient, the first RADIUS Accounting-Request message is sent to the RADIUS server for The RADIUS server releases the session resources of the user terminal based on the first RADIUS Accounting-Request message.
- the first RADIUS Accounting-Request message includes request information for releasing the session resources of the user terminal.
- the above steps include:
- the first RADIUS Accounting-Request message When receiving the first RADIUS Access-Accept message from the user terminal sent by the RADIUS server, when it is detected that the number of Internet access service addresses to be allocated is insufficient, the first RADIUS Accounting-Request message is sent to the RADIUS server for The RADIUS server releases the session resources of the user terminal based on the first RADIUS Accounting-Request message.
- the first RADIUS Accounting-Request message includes: vendor-defined attribute 26-251 (ZTE_ACCT_Address_Change), and the attribute value is 10. It is used by the RADIUS server to identify the manufacturer-defined attribute 26-251 with the assigned attribute content of 10 as the request information for releasing the session resource of the user terminal.
- the RADIUS server can release the session resources of the user terminal based on the first RADIUS Accounting-Request message. Effectively avoiding the defect that the user terminal hangs up in the RADIUS server when the user terminal initiates an Internet access authentication request again, and effectively improves the reliability and stability of the user terminal obtaining an Internet access service address for Internet access.
- the communication connection method of the first embodiment of the present application can effectively avoid the defect that the user equipment hangs on the RADIUS server session due to insufficient Internet access service addresses available to the broadband access device.
- the second embodiment of the present application is a communication connection method applied to a broadband access device. As shown in FIG. 3, the method includes the following steps:
- Step S401 When receiving the first RADIUS Access-Accept message from the user terminal sent by the RADIUS server, when detecting that the number of Internet access service addresses to be allocated is insufficient, send a first RADIUS Accounting-Request message to the RADIUS server. For the RADIUS server to release the session resource of the user terminal based on the first RADIUS Accounting-Request message; wherein the first RADIUS Accounting-Request message includes request information for releasing the session resource of the user terminal.
- step S401 includes:
- the first RADIUS Accounting-Request message When receiving the first RADIUS Access-Accept message from the user terminal sent by the RADIUS server, when it is detected that the number of Internet access service addresses to be allocated is insufficient, the first RADIUS Accounting-Request message is sent to the RADIUS server for The RADIUS server releases the session resources of the user terminal based on the first RADIUS Accounting-Request message, and configures an Internet access service address for the user terminal.
- the first RADIUS Accounting-Request message includes: releasing the session of the user terminal. Request information for resources, and request information for the Internet access service address of the user terminal.
- step S401 includes:
- the first RADIUS Accounting-Request message When receiving the first RADIUS Access-Accept message from the user terminal sent by the RADIUS server, when it is detected that the number of Internet access service addresses to be allocated is insufficient, the first RADIUS Accounting-Request message is sent to the RADIUS server for Based on the first RADIUS Accounting-Request message, the RADIUS server releases the session resources of the user terminal and configures the Internet access service address for the user terminal.
- the first RADIUS Accounting-Request message includes: vendor-defined attribute 26- 251 (ZTE_ACCT_Address_Change), the content of the assigned attribute is 11, for the RADIUS server to identify the manufacturer-defined attribute 26-251 of the assigned attribute as the request information for releasing the user terminal's session resources, and the Internet access service of the user terminal Request information for the address.
- the RADIUS server can release the session resources of the user terminal based on the first RADIUS Accounting-Request message. Effectively avoiding the defect that the user terminal hangs up in the RADIUS server when the user terminal initiates an Internet access authentication request again, and effectively improves the reliability and stability of the user terminal obtaining an Internet access service address for Internet access.
- Step S402 Send the Internet access service address allocation exception information to the user terminal for the user terminal to initiate an Internet access authentication request based on the Internet access service address allocation exception information.
- the Internet access authentication request includes, but is not limited to, authentication information of the user terminal; the authentication information includes, but is not limited to, user name information and login password information of the user terminal.
- the user terminal can initiate an Internet access authentication request again, avoiding that the user terminal cannot perform the operation according to the allocated Internet access service address when the Internet access service address to be allocated is insufficient. Defects of Internet access.
- step S403 when an Internet access authentication request is received, a RADIUS Access-Request message configured based on the Internet access authentication request is sent to the RADIUS server.
- Step S404 Receive a second RADIUS Access-Accept message carrying the Internet access service address sent by the RADIUS server, and assign the Internet access service address to the user terminal.
- the broadband access device By configuring the Internet access service address for the user terminal through the RADIUS server when the number of Internet access service addresses to be allocated is insufficient, it is possible to effectively prevent the broadband access device from still failing to allocate the Internet to the user terminal when the user terminal initiates an Internet access authentication request again.
- the defect of accessing business addresses effectively improves the reliability and stability of user terminals obtaining Internet access business addresses for Internet access.
- Step S405 Send an Internet access service address to the user terminal for the user terminal to perform Internet access based on the Internet access service address.
- the communication connection method in the second embodiment of the present application can effectively avoid the defect that the user equipment hangs on the RADIUS server session due to insufficient Internet access service addresses available to the broadband access device.
- the third embodiment of the present application is a communication connection method applied to a RADIUS server.
- the method includes the following steps:
- step S501 when receiving the first RADIUS Accounting-Request message sent by the broadband access device, based on the first RADIUS Accounting-Request message, the session resources of the user terminal are released.
- the first RADIUS Accounting-Request message includes : Request information for releasing the session resource of the user terminal.
- step S501 includes: upon receiving the first RADIUS Accounting-Request message sent by the broadband access device, releasing session resources of the user terminal based on the first RADIUS Accounting-Request message; wherein the first RADIUS Accounting- The Request message includes: vendor-defined attribute 26-251 (ZTE_ACCT_Address_Change) with an assigned attribute content of 10 for the RADIUS server to identify the vendor-defined attribute 26-251 with an assigned attribute content of 10 as releasing the session resources of the user terminal Request information.
- vendor-defined attribute 26-251 ZTE_ACCT_Address_Change
- the session resources of the user terminal can be released, which can effectively avoid
- the defect that the RADIUS server session hangs up effectively improves the reliability and stability of the user terminal obtaining the Internet access service address for Internet access.
- the communication connection method according to the third embodiment of the present application can effectively avoid the defect that the user equipment hangs on the RADIUS server session due to insufficient Internet access service addresses available to the broadband access device.
- the fourth embodiment of the present application is a communication connection method applied to a RADIUS server. As shown in FIG. 4, the method includes the following steps:
- Step S601 When receiving the first RADIUS Accounting-Request message sent by the broadband access device, based on the first RADIUS Accounting-Request message, release the session resources of the user terminal and configure an Internet access service address for the user terminal;
- the first RADIUS Accounting-Request message includes request information for releasing session resources of the user terminal and request information for an Internet access service address of the user terminal.
- step S601 includes: upon receiving the first RADIUS Accounting-Request message sent by the broadband access device, based on the first RADIUS Accounting-Request message, releasing the session resource of the user terminal; wherein the first RADIUS Accounting- The Request message includes: vendor-defined attribute 26-251 (ZTE_ACCT_Address_Change), the content of the assigned attribute is 11, for the RADIUS server to identify the vendor-defined attribute 26-251 of the assigned attribute content 11 as releasing the session resource of the user terminal Request information, and request information for an Internet access service address of the user terminal.
- vendor-defined attribute 26-251 ZTE_ACCT_Address_Change
- the session resources of the user terminal can be released, which can effectively avoid
- the defect that the RADIUS server session hangs up effectively improves the reliability and stability of the user terminal obtaining the Internet access service address for Internet access.
- Step S602 When receiving the RADIUS Access-Request message sent by the broadband access device, send a second RADIUS Access-Accept message carrying the Internet access service address to the broadband access device; for the broadband access device to send the second The Internet access service address carried in the RADIUS Access-Accept message is assigned an Internet access service address for the user terminal.
- the broadband access device By configuring the Internet access service address for the user terminal through the RADIUS server when the Internet access service address to be allocated by the broadband access device is insufficient, the broadband access device cannot effectively prevent the user terminal from initiating an Internet access authentication request again.
- the defect of the user terminal assigning the Internet access service address effectively improves the reliability and stability of the user terminal obtaining the Internet access service address for Internet access.
- the communication connection method according to the fourth embodiment of the present application can effectively avoid the defect that the user equipment hangs on the RADIUS server session due to insufficient Internet access service addresses available to the broadband access device.
- a fifth embodiment of the present application is based on the foregoing embodiment, and uses a communication connection method as an example.
- An application example of the present application is described with reference to FIG. 5.
- step S701 when the broadband access device receives the RADIUS Access-Accept message sent by the RADIUS server, it analyzes the RADIUS Access-Accept message and executes Step S702.
- step S702 the broadband access device determines whether there is an idle Internet access service address for allocation. If there is an idle Internet access service address, step S703 is performed; if there is no idle Internet access service address, step S706 is performed.
- Step S703 The broadband access device extracts Internet access service address resources from the idle Internet access service addresses, and allocates Internet access service addresses to user terminals, and executes step S704.
- step S704 the broadband access device notifies the user terminal of the allocated Internet access service address through the RADIUS protocol, completes the process of distributing the Internet access service address, and executes step S705.
- step S705 the user terminal obtains the Internet access service address to perform the Internet access service normally, and the process ends.
- step S706 if the broadband access device does not have a free Internet access address, the broadband access device notifies the user terminal that the Internet access has failed this time, and the user terminal is requested to perform an Internet access authentication request again, and step S707 is performed.
- step S707 the broadband access device judges the mode of insufficient Internet access service address resources. If an Internet access service address mode is added for the administrator, step S708 is performed; if the Internet access service address mode is issued for the RADIUS server, step S714 is performed.
- step S708 a vendor-defined attribute is constructed, and the value of ZTE_ACCT_Address_Change is set to 10.
- a RADIUS Accounting-Request message carrying the vendor-defined attribute is constructed, and step S709 is executed.
- step S709 the broadband access device sends a RADIUS Accounting-Request message to the RADIUS server, notifies the RADIUS server that the access device has no available idle Internet access service address, requests the RADIUS server to release the session resources of the user terminal, and executes step S710.
- step S710 the RADIUS server releases the suspended session resources of the user terminal, and responds to the broadband access device with a RADIUS Accounting-Response message, and executes step S711.
- step S711 the administrator adds a new Internet access service address pool resource to the broadband access device, and executes step S712.
- Step S712 The broadband access device receives a new Internet access authentication request from the user terminal, processes the request according to the RADIUS protocol, and executes step S713.
- step S713 the broadband access device obtains an Internet access service address from the idle Internet access service address pool to allocate an Internet access service address to the user terminal, and executes step S704.
- step S714 a vendor-defined attribute is constructed, and the value of ZTE_ACCT_Address_Change is set to 11.
- a RADIUS Accounting-Request message carrying the vendor-defined attribute is constructed, and step S715 is executed.
- Step S715 The broadband access device sends a RADIUS Accounting-Request message to the RADIUS server to notify the RADIUS server that the broadband access device has no available idle Internet access service address, requests the RADIUS server to release the session resources of the user terminal, and requests the RADIUS server to respond next time. Send the assigned Internet access service address directly, and execute step S716.
- step S716 the RADIUS server releases the dead session resource of the user terminal, and responds to the RADIUS Accounting-Response message, and executes step S717.
- step S717 the administrator adds an Internet access service address resource to the RADIUS server, and executes step S718.
- Step S718 The broadband access device receives a new Internet access authentication request from the user terminal, processes the request according to the RADIUS protocol, and executes step S719.
- step S719 the broadband access device extracts an Internet access service address from the RADIUS Access-Accept message returned by the RADIUS server, and performs Internet access service address allocation for the user terminal, and executes step S704.
- the communication connection method according to the fifth embodiment of the present application can effectively avoid the defect that the user equipment hangs on the RADIUS server session due to insufficient Internet access service addresses of the broadband access device.
- a sixth embodiment of the present application is a communication connection device provided in a broadband access device.
- the device includes the following components:
- the release request module is configured to send a first RADIUS Accounting- to the RADIUS server when it detects that the number of Internet access service addresses to be allocated is insufficient when the first RADIUS Access-Accept message from the user terminal sent by the RADIUS server is received.
- the Request message is used by the RADIUS server to release the session resource of the user terminal based on the first RADIUS Accounting-Request message.
- the first RADIUS Accounting-Request message includes request information for releasing the session resource of the user terminal.
- release request module configured as:
- the first RADIUS Accounting-Request message When receiving the first RADIUS Access-Accept message from the user terminal sent by the RADIUS server, when it is detected that the number of Internet access service addresses to be allocated is insufficient, the first RADIUS Accounting-Request message is sent to the RADIUS server for The RADIUS server releases the session resources of the user terminal based on the first RADIUS Accounting-Request message.
- the first RADIUS Accounting-Request message includes: vendor-defined attribute 26-251 (ZTE_ACCT_Address_Change), and the attribute value is 10. It is used by the RADIUS server to identify the manufacturer-defined attribute 26-251 with the assigned attribute content of 10 as the request information for releasing the session resource of the user terminal.
- the RADIUS server can release the session resources of the user terminal based on the first RADIUS Accounting-Request message. Effectively avoiding the defect that the user terminal hangs up in the RADIUS server when the user terminal initiates an Internet access authentication request again, and effectively improves the reliability and stability of the user terminal obtaining an Internet access service address for Internet access.
- the communication connection device can effectively avoid the defect that the user equipment hangs on the RADIUS server session due to insufficient Internet access service addresses of the broadband access equipment.
- the seventh embodiment of the present application is a communication connection device, as shown in FIG. 6, which is installed in a broadband access device.
- the device includes the following components:
- the release requesting module 100 is configured to send a first RADIUS Accounting to the RADIUS server when it detects that the number of Internet access service addresses to be allocated is insufficient when receiving the first RADIUS Access-Accept message from the user terminal sent by the RADIUS server.
- the release request module 100 is configured as:
- the first RADIUS Accounting-Request message When receiving the first RADIUS Access-Accept message from the user terminal sent by the RADIUS server, when it is detected that the number of Internet access service addresses to be allocated is insufficient, the first RADIUS Accounting-Request message is sent to the RADIUS server for The RADIUS server releases the session resources of the user terminal based on the first RADIUS Accounting-Request message, and configures an Internet access service address for the user terminal.
- the first RADIUS Accounting-Request message includes: releasing the session of the user terminal. Request information for resources, and request information for the Internet access service address of the user terminal.
- the release request module 100 is configured as:
- the first RADIUS Accounting-Request message When receiving the first RADIUS Access-Accept message from the user terminal sent by the RADIUS server, when it is detected that the number of Internet access service addresses to be allocated is insufficient, the first RADIUS Accounting-Request message is sent to the RADIUS server for Based on the first RADIUS Accounting-Request message, the RADIUS server releases the session resources of the user terminal and configures the Internet access service address for the user terminal.
- the first RADIUS Accounting-Request message includes: vendor-defined attribute 26- 251 (ZTE_ACCT_Address_Change), the content of the assigned attribute is 11, for the RADIUS server to identify the manufacturer-defined attribute 26-251 of the assigned attribute as the request information for releasing the user terminal's session resources, and the Internet access service of the user terminal Request information for the address.
- the RADIUS server can release the session resources of the user terminal based on the first RADIUS Accounting-Request message. Effectively avoiding the defect that the user terminal hangs up in the RADIUS server when the user terminal initiates an Internet access authentication request again, and effectively improves the reliability and stability of the user terminal obtaining an Internet access service address for Internet access.
- the first feedback module 200 is configured to send Internet access service address allocation exception information to the user terminal for the user terminal to initiate an Internet access authentication request based on the Internet access service address allocation exception information.
- the Internet access authentication request includes, but is not limited to, authentication information of the user terminal; the authentication information includes, but is not limited to, user name information and login password information of the user terminal.
- the user terminal can initiate an Internet access authentication request again, avoiding that the user terminal cannot perform the operation according to the allocated Internet access service address when the Internet access service address to be allocated is insufficient. Defects of Internet access.
- the authentication request module 300 is configured to send a RADIUS Access-Request packet configured based on the Internet access authentication request to the RADIUS server when the Internet access authentication request is received.
- the allocation module 400 is configured to receive a second RADIUS Access-Accept message carrying an Internet access service address sent by a RADIUS server, and allocate the Internet access service address to a user terminal.
- the broadband access device By configuring the Internet access service address for the user terminal through the RADIUS server when the number of Internet access service addresses to be allocated is insufficient, it is possible to effectively prevent the broadband access device from still failing to allocate the Internet to the user terminal when the user terminal initiates an Internet access authentication request again.
- the defect of accessing business addresses effectively improves the reliability and stability of user terminals obtaining Internet access business addresses for Internet access.
- the second feedback module 500 is configured to send an Internet access service address to the user terminal for the user terminal to perform Internet access based on the Internet access service address.
- the communication connection device in the seventh embodiment of the present application can effectively avoid the defect that the user equipment hangs on the RADIUS server session due to insufficient Internet access service addresses available to the broadband access device.
- An eighth embodiment of the present application is a communication connection device provided on a RADIUS server.
- the device includes the following components:
- the release module is configured to release the session resource of the user terminal when the first RADIUS Accounting-Request message sent by the broadband access device is received, where the first RADIUS Accounting-Request message includes: releasing the session resource of the user terminal Request information.
- the release module is configured to release the session resources of the user terminal when the first RADIUS Accounting-Request message sent by the broadband access device is received.
- the first RADIUS Accounting-Request message includes: vendor-defined attribute 26 -251 (ZTE_ACCT_Address_Change), the content of the assignment attribute is 10, for the RADIUS server to identify the vendor-defined attribute 26-251 of the assignment attribute content of 10 as the request information for releasing the session resource of the user terminal.
- the session resources of the user terminal can be released, which can effectively avoid
- the defect that the RADIUS server session hangs up effectively improves the reliability and stability of the user terminal obtaining the Internet access service address for Internet access.
- the communication connection device can effectively avoid the defect that the user equipment hangs on the RADIUS server session due to insufficient Internet access service addresses available to the broadband access device.
- a ninth embodiment of the present application is a communication connection device. As shown in FIG. 7, the communication connection device is set on a RADIUS server.
- the device includes the following components:
- the release module 10 is configured to release the session resource of the user terminal based on the first RADIUS Accounting-Request message when the first RADIUS Accounting-Request message sent by the broadband access device is received; wherein, the first RADIUS Accounting-Request The message includes request information for releasing session resources of the user terminal.
- the release module 10 is configured to release the session resources of the user terminal based on the first RADIUS Accounting-Request message when the first RADIUS Accounting-Request message sent by the broadband access device is received; wherein, the first RADIUS Accounting The -Request message includes: vendor-defined attribute 26-251 (ZTE_ACCT_Address_Change), the content of the assigned attribute is 10, for the RADIUS server to recognize the vendor-defined attribute 26-251 of the attribute 10, which is used to release the session resources of the user terminal Request information.
- vendor-defined attribute 26-251 ZTE_ACCT_Address_Change
- the session resources of the user terminal can be released, which can effectively avoid
- the defect that the RADIUS server session hangs up effectively improves the reliability and stability of the user terminal obtaining the Internet access service address for Internet access.
- the configuration module 20 is configured to configure an Internet access service address for the user terminal based on the first RADIUS Accounting-Request message; wherein the first RADIUS Accounting-Request message further includes: request information for the Internet access service address of the user terminal .
- the third feedback module 30 is configured to send a second RADIUS Access-Accept message carrying the Internet access service address to the broadband access device when the authentication request RADIUS Access-Request message sent by the broadband access device is received. For the broadband access device to allocate the Internet access service address carried in the second RADIUS Access-Accept message to the user terminal to allocate the Internet access service address.
- the broadband access device By configuring the Internet access service address for the user terminal through the RADIUS server when the Internet access service address to be allocated by the broadband access device is insufficient, the broadband access device cannot effectively prevent the user terminal from initiating an Internet access authentication request again.
- the defect of the user terminal assigning the Internet access service address effectively improves the reliability and stability of the user terminal obtaining the Internet access service address for Internet access.
- the communication connection device of the ninth embodiment of the present application can effectively avoid the defect that the user equipment hangs on the RADIUS server session due to insufficient Internet access service addresses available to the broadband access device.
- a tenth embodiment of the present application includes the following components:
- the processor 501 and the memory 502 may be connected through a bus or other manners.
- the processor 501 may be a general-purpose processor, such as a central processing unit (CPU), a digital signal processor (DSP), an application specific integrated circuit (ASIC), or One or more integrated circuits configured to implement embodiments of the present application.
- the memory 502 is configured to store executable instructions of the processor 501, that is, a computer program.
- the memory 502 is configured to store a program code and transmit the program code to the processor 501.
- the memory 502 may include volatile memory (Volatile Memory), such as Random Access Memory (RAM); the memory 502 may also include non-volatile memory (Non-Volatile Memory), such as Read-only memory (Read- Only Memory (ROM), Flash Memory (Flash), Hard Disk Drive (HDD), or Solid State Drive (SSD);
- volatile memory such as Random Access Memory (RAM)
- non-Volatile Memory such as Read-only memory (Read- Only Memory (ROM), Flash Memory (Flash), Hard Disk Drive (HDD), or Solid State Drive (SSD)
- ROM Read-only memory
- Flash Flash Memory
- HDD Hard Disk Drive
- SSD Solid State Drive
- the memory 502 may also include a combination of the above types of memories.
- the processor 501 is configured to call a computer program stored in the memory 502 and execute part or all of the steps in any one of the first embodiment of the present application to the second embodiment of the present application.
- the broadband access device described in the tenth embodiment of the present application can effectively avoid the defect that the user equipment hangs on the RADIUS server session due to insufficient Internet access service addresses of the broadband access device.
- a RADIUS server as shown in FIG. 9, includes the following components:
- the processor 601 may be a general-purpose processor, such as a central processing unit, a digital signal processor, an application-specific integrated circuit, or one or more integrated circuits configured to implement the embodiments of the present application.
- the memory 602 is configured to store executable instructions of the processor 601, that is, a computer program.
- the memory 602 is configured to store a program code and transmit the program code to the processor 601.
- the memory 602 may include volatile memory, such as RAM; the memory 602 may also include non-volatile memory, such as ROM, Flash Memory, HDD, or SSD; the memory 602 may further include a combination of the above-mentioned types of memory.
- the processor 601 is configured to call a computer program stored in the memory 602 and execute some or all of the steps in any one of the third embodiment of the present application to the fourth embodiment of the present application.
- the broadband access device described in the eleventh embodiment of the present application can effectively avoid the defect that the user device hangs on the RADIUS server session due to insufficient Internet access service addresses available to the broadband access device.
- a twelfth embodiment of the present application is a computer-readable storage medium.
- the computer storage medium may be a RAM memory, a flash memory, a ROM memory, an EPROM memory, an EEPROM memory, a register, a hard disk, a mobile hard disk, a CD-ROM, or any other form of storage medium known in the art.
- the computer-readable storage medium stores one or more programs, and the one or more programs can be executed by one or more processors to implement any one of the first embodiment to the fifth embodiment of the present application. Some or all steps.
- the computer-readable storage medium stores one or more programs, and the one or more programs can be executed by one or more processors, which can effectively avoid the Internet available due to the broadband access device. Insufficient access service addresses cause the user device to hang up on the RADIUS server session.
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Business, Economics & Management (AREA)
- Accounting & Taxation (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer And Data Communications (AREA)
- Mobile Radio Communication Systems (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
Description
Claims (10)
- 一种通信连接方法,包括:当接收到远程用户拨号认证RADIUS服务器发送的用户终端的第一认证通过RADIUS Access-Accept报文时,在检测到待分配的互联网访问业务地址不足的情况下,向所述RADIUS服务器发送第一计费请求RADIUS Accounting-Request报文;其中,所述第一RADIUS Accounting-Request报文包括:释放所述用户终端的会话资源的请求信息。
- 根据权利要求1所述的方法,其中,在检测到待分配的互联网访问业务地址不足的情况下,所述方法还包括:向所述用户终端发送互联网访问业务地址分配异常信息,以供所述用户终端基于所述互联网访问业务地址分配异常信息,发起互联网访问认证请求。
- 根据权利要求2所述的方法,其中,所述第一RADIUS Accounting-Request报文还包括:所述用户终端的互联网访问业务地址的请求信息;在向所述用户终端发送互联网访问业务地址分配异常信息之后,所述方法还包括:当接收到所述互联网访问认证请求时,将基于所述互联网访问认证请求配置的认证请求RADIUS Access-Request报文发送至所述RADIUS服务器;接收所述RADIUS服务器发送的携带互联网访问业务地址的第二RADIUS Access-Accept报文,并将所述互联网访问业务地址分配给所述用户终端;向所述用户终端发送所述互联网访问业务地址,以供所述用户终端基于所述互联网访问业务地址,进行互联网访问。
- 一种通信连接方法,包括:当接收到所述宽带接入设备发送的第一计费请求RADIUS Accounting-Request报文时,基于所述第一RADIUS Accounting-Request报文,释放用户终端的会话资源;其中,所述第一RADIUS Accounting-Request报文包括:释放所述用户终端的会话资源的请求信息。
- 根据权利要求4所述的方法,其中,所述第一RADIUS Accounting-Request报文还包括:所述用户终端的互联网访问业务地址的请求信息;所述方法还包括:为所述用户终端配置互联网访问业务地址;当接收到所述宽带接入设备发送的认证请求RADIUS Access-Request报文时,向所述宽带接入设备发送携带所述互联网访问业务地址的第二RADIUS Access-Accept报文。
- 一种通信连接装置,包括:释放请求模块,配置为当接收到远程用户拨号认证RADIUS服务器发送的用户终端的第一认证通过RADIUS Access-Accept报文时,在检测到待分配的互联网访问业务地址不足的情况下,向所述RADIUS服务器发送第一计费请求RADIUS Accounting-Request报文;其中,所述第一RADIUS Accounting-Request报文包括:释放所述用户终端的会话资源的请求信息。
- 一种通信连接装置,包括:释放模块,配置为当接收到所述宽带接入设备发送的第一计费请求RADIUS Accounting-Request报文时,基于所述第一RADIUS Accounting-Request报文,释放用户终端的会话资源;其中,所述第一RADIUS Accounting-Request报文包括:释放所述用户终端的会话资源的请求信息。
- 一种宽带接入设备,包括:处理器和存储器;所述处理器配置为执行存储器中存储的计算机程序,以实现权利要求1至3任一项所述的通信 连接方法的步骤。
- 一种远程用户拨号认证RADIUS服务器,包括:处理器和存储器;所述处理器配置为执行存储器中存储的计算机程序,以实现权利要求4至5任一项所述的通信连接方法的步骤。
- 一种计算机可读存储介质,所述计算机可读存储介质存储有计算机程序;其中,所述计算机程序可被一个或者多个处理器执行,以实现权利要求1至3任一项所述的通信连接方法的步骤,或者以实现权利要求4至5任一项所述的通信连接方法的步骤。
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810947840.7A CN110855596B (zh) | 2018-08-20 | 2018-08-20 | 一种通信连接方法、装置、通信设备及计算机可读存储介质 |
CN201810947840.7 | 2018-08-20 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2020038049A1 true WO2020038049A1 (zh) | 2020-02-27 |
Family
ID=69592389
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/CN2019/089885 WO2020038049A1 (zh) | 2018-08-20 | 2019-06-03 | 一种通信连接方法、装置、通信设备及计算机可读存储介质 |
Country Status (2)
Country | Link |
---|---|
CN (1) | CN110855596B (zh) |
WO (1) | WO2020038049A1 (zh) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN114500395A (zh) * | 2021-12-29 | 2022-05-13 | 联通智网科技股份有限公司 | 一种流量管控方法、装置和设备 |
CN115442256A (zh) * | 2022-08-05 | 2022-12-06 | 武汉思普崚技术有限公司 | 用于监听用户上下线的稳定性测试的方法及相关设备 |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101965054A (zh) * | 2009-07-21 | 2011-02-02 | 中兴通讯股份有限公司 | 一种释放用户会话的方法及系统 |
WO2012028008A1 (zh) * | 2010-08-31 | 2012-03-08 | 中兴通讯股份有限公司 | 一种异构网络的控制方法和系统 |
CN103687070A (zh) * | 2012-09-17 | 2014-03-26 | 中兴通讯股份有限公司 | 资源的释放方法、消息的处理方法、twag及终端 |
CN106331192A (zh) * | 2015-06-23 | 2017-01-11 | 中兴通讯股份有限公司 | 网络协议ip地址分配方法及装置 |
Family Cites Families (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1213565C (zh) * | 2002-03-04 | 2005-08-03 | 华为技术有限公司 | 实现认证授权计费过程中实时修改业务的方法 |
CN101047745A (zh) * | 2006-04-14 | 2007-10-03 | 华为技术有限公司 | 在远程认证拨号用户业务环境下支持计费通知的方法 |
FR2904503A1 (fr) * | 2006-07-28 | 2008-02-01 | France Telecom | Procede d'acces par un client a un service au travers d'un reseau, par utilisation combinee d'un protocole de configuration dynamique et d'un protocole point a point, equipement et programme d'ordinateur correspondants |
CN101883111B (zh) * | 2010-06-25 | 2015-06-10 | 中兴通讯股份有限公司 | 一种处理在线业务日志的计费服务器及方法 |
CN102299803A (zh) * | 2011-09-09 | 2011-12-28 | 北京星网锐捷网络技术有限公司 | 安全认证方法及装置、认证设备及认证服务器 |
CN103490935B (zh) * | 2013-09-30 | 2017-04-12 | 华为技术有限公司 | 用户会话监测方法及设备 |
-
2018
- 2018-08-20 CN CN201810947840.7A patent/CN110855596B/zh active Active
-
2019
- 2019-06-03 WO PCT/CN2019/089885 patent/WO2020038049A1/zh active Application Filing
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101965054A (zh) * | 2009-07-21 | 2011-02-02 | 中兴通讯股份有限公司 | 一种释放用户会话的方法及系统 |
WO2012028008A1 (zh) * | 2010-08-31 | 2012-03-08 | 中兴通讯股份有限公司 | 一种异构网络的控制方法和系统 |
CN103687070A (zh) * | 2012-09-17 | 2014-03-26 | 中兴通讯股份有限公司 | 资源的释放方法、消息的处理方法、twag及终端 |
CN106331192A (zh) * | 2015-06-23 | 2017-01-11 | 中兴通讯股份有限公司 | 网络协议ip地址分配方法及装置 |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN114500395A (zh) * | 2021-12-29 | 2022-05-13 | 联通智网科技股份有限公司 | 一种流量管控方法、装置和设备 |
CN114500395B (zh) * | 2021-12-29 | 2023-10-31 | 联通智网科技股份有限公司 | 一种流量管控方法、装置和设备 |
CN115442256A (zh) * | 2022-08-05 | 2022-12-06 | 武汉思普崚技术有限公司 | 用于监听用户上下线的稳定性测试的方法及相关设备 |
CN115442256B (zh) * | 2022-08-05 | 2023-08-29 | 武汉思普崚技术有限公司 | 用于监听用户上下线的稳定性测试的方法及相关设备 |
Also Published As
Publication number | Publication date |
---|---|
CN110855596A (zh) | 2020-02-28 |
CN110855596B (zh) | 2022-03-04 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN110800331B (zh) | 网络验证方法、相关设备及系统 | |
US11916912B2 (en) | Method and system for providing secure access to IoT devices using access control | |
US20140052860A1 (en) | Ip address allocation | |
WO2017114362A1 (zh) | 一种报文转发方法、装置和系统 | |
EP3614649A1 (en) | Ip address allocation method and device | |
WO2017215492A1 (zh) | 设备检测方法及装置 | |
US10425537B2 (en) | Method, apparatus, and system for allocating phone number | |
CN110266761B (zh) | 负载均衡应用创建方法、装置、计算机设备及存储介质 | |
WO2020038049A1 (zh) | 一种通信连接方法、装置、通信设备及计算机可读存储介质 | |
WO2020224341A1 (zh) | 一种tls加密流量识别方法及装置 | |
US20210321253A1 (en) | Virtual tenant for multiple dwelling unit | |
WO2018227802A1 (zh) | 一种权限获取方法、装置、设备和存储介质 | |
WO2023134557A1 (zh) | 一种基于工业互联网标识的处理方法及装置 | |
WO2015100874A1 (zh) | 家庭网关接入管理方法和系统 | |
WO2020048177A1 (zh) | 机顶盒管理方法、装置、设备及存储介质 | |
CN110120932B (zh) | 多路径建立方法及装置 | |
JP4833249B2 (ja) | 接続制御システム、接続制御方法および接続制御プログラム | |
WO2011017921A1 (zh) | 一种访问拜访地服务提供商的系统及方法 | |
WO2016179960A1 (zh) | 域名系统dns解析处理方法及装置 | |
CN114710302A (zh) | 互联网访问的控制方法及其控制装置 | |
US20160014543A1 (en) | Simultaneous multiline m2m activation | |
US10382431B2 (en) | Network hop count network location identifier | |
WO2013034108A1 (zh) | 一种构建云服务的系统及方法 | |
US20230412424A1 (en) | System and Method for Virtual Local Area Network (VLAN) Assignment | |
WO2022222524A1 (zh) | 一种访问控制方法和相关设备 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 19851137 Country of ref document: EP Kind code of ref document: A1 |
|
WWE | Wipo information: entry into national phase |
Ref document number: 2101000956 Country of ref document: TH |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
32PN | Ep: public notification in the ep bulletin as address of the adressee cannot be established |
Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205A DATED 24/06/2021) |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 19851137 Country of ref document: EP Kind code of ref document: A1 |