WO2020078428A1 - Method and device enabling a user to access the internet, broadband remote access server, and storage medium - Google Patents

Method and device enabling a user to access the internet, broadband remote access server, and storage medium Download PDF

Info

Publication number
WO2020078428A1
WO2020078428A1 PCT/CN2019/111704 CN2019111704W WO2020078428A1 WO 2020078428 A1 WO2020078428 A1 WO 2020078428A1 CN 2019111704 W CN2019111704 W CN 2019111704W WO 2020078428 A1 WO2020078428 A1 WO 2020078428A1
Authority
WO
WIPO (PCT)
Prior art keywords
user
online
data message
mark
received
Prior art date
Application number
PCT/CN2019/111704
Other languages
French (fr)
Chinese (zh)
Inventor
王健
朱庆太
Original Assignee
中兴通讯股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中兴通讯股份有限公司 filed Critical 中兴通讯股份有限公司
Publication of WO2020078428A1 publication Critical patent/WO2020078428A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/14Session management
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/08Configuration management of networks or network elements
    • H04L41/0803Configuration setting
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L65/00Network arrangements, protocols or services for supporting real-time applications in data packet communication
    • H04L65/40Support for services or applications
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/14Session management
    • H04L67/143Termination or inactivation of sessions, e.g. event-controlled end of session
    • H04L67/145Termination or inactivation of sessions, e.g. event-controlled end of session avoiding end of session, e.g. keep-alive, heartbeats, resumption message or wake-up for inactive or interrupted session

Definitions

  • the present disclosure relates to the field of communication technology.
  • IPoE technology is a technology in which users use DHCP (Dynamic Host Configuration Protocol) protocol messages to interactively obtain addresses. The user does not need to install any dialing tools, and the user has almost no perception in the process of obtaining the address.
  • BRAS Broadband Remote Access Server
  • BRAS can be responsible for user address allocation, authentication, billing, and authorization.
  • BRAS can be used as a DHCP server (DHCP Server) to assign addresses to users, or as a relay (Relay), through the external DHCP server to assign addresses to users.
  • the BRAS deletes the user entry. After the link is restored, the user has an IP address locally but cannot access the network. Usually, it needs to be renewed after the user renewal time arrives.
  • the lease agreement message is triggered to go online.
  • a user online method including: after a user's network link is restored, receiving a user's data message according to an online mark, and online the user according to the received data message, wherein The on-line mark is used to indicate the type of data message supported for upload.
  • a user online device including: a data message receiving unit for receiving a user's data message according to an online mark after the user's network link is restored; a trigger unit for The user is online according to the received data message, wherein the online mark is used to indicate the type of the data message supported for transmission.
  • a broadband remote access server including a memory and a processor, a computer program capable of running on the processor is stored on the memory, and the computer program is controlled by the computer.
  • the processor executes, the processor executes the user online method as described above.
  • a computer-readable storage medium on which a computer program is stored, and when the computer program is executed by at least one processor, the at least one processor executes the user as described above Online method.
  • FIG. 1 is a flowchart of a user online method according to an embodiment of the present disclosure
  • FIG. 2 is a schematic diagram of a process for a user to access a BRAS device
  • Figure 3 is a schematic diagram of users going online based on the Forcerenew protocol
  • FIG. 4 is a schematic diagram of a BRAS system according to an embodiment of the present disclosure.
  • FIG. 5 is a detailed flowchart of a user online method according to an embodiment of the present disclosure.
  • FIG. 6 is a schematic structural diagram of a user online device according to an embodiment of the present disclosure.
  • FIG. 7 is a schematic structural diagram of a broadband remote access server according to an embodiment of the present disclosure.
  • FIG. 1 is a flowchart of a user online method according to an embodiment of the present disclosure.
  • the method includes steps S101 and S102.
  • step S101 after the user's network link is restored, the user's data message is received according to the online mark.
  • step S102 the user is online according to the received data message.
  • the on-line mark is used to indicate a message type that supports the uploaded data message.
  • the user online method may be executed in a BRAS device
  • the BRAS device may be briefly described as a BRAS
  • the user's network link may be a link between the user and the BRAS
  • the user may be an IPoE user terminal.
  • the logic of the user online method according to the embodiment of the present disclosure is simple, so that after the link recovery of the link break occurs during the user's lease renewal period, the user can continue to go online without additional operations, nor does the user-side device need to be supported Specific agreements.
  • the user online method according to the embodiment of the present disclosure can also be used in scenarios where there is no user entry in the BRAS after the BRAS version is upgraded and restarted. The user has obtained the address interactively through the DHCP protocol, but cannot access the network.
  • receiving the user's data message according to the online mark includes: within the user's lease renewal time, receiving the user's data message according to the online mark.
  • FIG. 2 is a schematic diagram of a process for a user to access a BRAS device.
  • BRAS serves as a relay (Relay) device, and the process for a user to access BRAS includes steps 1-16.
  • Step 1 The user initiates a DHCP Discover protocol message, and the Discover protocol message carries Option information.
  • Step 2 After receiving the user's Discover request protocol message, the BRAS extracts the Option information and sends it to the authentication server AAA for authentication.
  • Step 3 The authentication server AAA notifies the BRAS after passing the Option information.
  • Step 4 The BRAS forwards the DHCP request protocol message to the DHCP Server.
  • the DHCP Server replies to the user with DHCP Offer protocol messages through the BRAS.
  • the DHCP Offer protocol messages carry information such as the address allocated to the user and the lease renewal time.
  • Steps 7 and 8 the user sends a DHCP Request message to the DHCP server to confirm the address through the BRAS.
  • Step 9 and Step 10 the DHCP Server returns the DHCP ACK protocol message to the user through the BRAS to confirm that the IP address is available.
  • the user sends a DHCP Request protocol message (lease renewal request protocol message) to the DHCP server through the BRAS to request the lease renewal, that is, to confirm whether the address can be used continuously.
  • a DHCP Request protocol message (lease renewal request protocol message)
  • step 13 and step 14 if the address can continue to be used, the DHCP Server returns the DHCP ACK protocol message to the user through the BRAS. If the address is unavailable, the DHCP Server returns the DHCP NAK protocol message to the user through the BRAS. In this case, the user sends the DHCP Discover protocol message to the DHCP server again to obtain the address. If the lease renewal time has not been received and the DHCP ACK protocol message sent by the DHCP server has not been received, the user will send a DHCP Discover protocol request message to obtain the address again.
  • Step 15 The user sends a DHCP Release message to notify the user to go offline.
  • Step 16 after receiving the DHCP Release message, the BRAS notifies the authentication server AAA to stop accounting, and notifies the DHCP server to release the address.
  • BRAS In the process shown in Figure 2, when the link between the user and the BRAS is disconnected, the BRAS will not be able to receive any protocol messages from the user, so that there are problems of multi-user charging and waste of address resources. In order to solve this problem Problem, BRAS usually supports the following three ways.
  • Method 1 BRAS sends ARP Request protocol packets to the user regularly, after sending a certain number of times but still not receiving the user's ARP Reply protocol packets, kicks the user offline, notifies the authentication server AAA to stop accounting, and notifies the DHCP server to release Address, after the link is restored, after the user's lease renewal time is reached, the user re-sends the DHCP protocol message to reapply for the address, triggering the go-live.
  • Method 2 BRAS detects that the user traffic statistics have not reached the threshold within a certain period of time, kicks the user offline, notifies the authentication server AAA to stop accounting, and notifies the DHCP server to release the address. After the link is restored, after the user renewal time is reached, The user re-sends the DHCP protocol message to reapply for the address, which triggers the go-live.
  • Method 3 As shown in Figure 3, BRAS detects that the user's link is abnormal, and notifies the authentication server AAA to stop accounting. After the link is restored, BRAS sends a DHCPForcerenew protocol message to the user. The user continues by sending a DHCPrequest Rent to come back online.
  • the user after the link is restored, the user needs to re-set the network card to trigger the user to send DHCPDiscover before going online, otherwise it can only wait until the lease renewal time expires, the user automatically sends DHCPDiscover to trigger the online, when the lease renewal time Especially for a long time, the user has a long waiting time, which is unbearable for the user.
  • the user terminal needs to support DHCP Forcerenew protocol messages. However, most users currently do not support DHCP Forcerenew protocol messages.
  • the user online method implemented according to the present disclosure can effectively solve the above-mentioned defects in the first and second ways, so that the user can trigger the online without additional operations after the link recovery of the link break occurs within the user's lease renewal time. It also does not require users to support a specific protocol, thus effectively solving the defects of the third way.
  • the online mark before receiving the user's data message according to the online mark, it may further include: configuring the online mark through a configuration command.
  • receiving the user's data message according to the online mark may include: receiving a data message matching the online mark.
  • the BRAS device turns on the data packet sending switch of the user-side interface of the BRAS through a configuration command, and sets an on-line flag, for example, a Flag flag, which indicates the type of data message supported to be sent.
  • an on-line flag for example, a Flag flag, which indicates the type of data message supported to be sent.
  • the BRAS can decide whether to send the data message to the BRAS control plane according to the Flag flag. For example, when the user's data message arrives at the BRAS device, the characteristic value of the data message indicating the type of the message can be matched with the Flag ID. When the two match, the data message is sent to the BRAS control plane. In other words, the control plane of the BRAS can receive data packets that match the Flag.
  • the user's data message may include an ARP message, an IP message, etc.
  • the IP message in the user's data message may be Send to the control surface of BRAS.
  • the above description is only an example, and the online mark is not limited to one type of message, and may also identify multiple types of messages.
  • receiving a data packet matching the online mark may include: limiting a speed of receiving a data packet matching the online mark. For example, when a user's data packet matches the online mark, the BRAS forwarding plane sends the data packet to the control plane. To prevent a large number of packet attacks by illegal users and network congestion, the forwarding plane can send the data packet to the control plane. The speed of data messages is limited.
  • going online according to the received user message may include: obtaining user authentication information from the received data message, authenticating the user according to the user authentication information, and going online when the authentication is successful The user.
  • the obtaining user authentication information from the received data message may further include: extracting characteristic information of the data message source from the received data message as the user authentication information.
  • the characteristic information of the data packet source may include the IP (Internet Protocol) address of the data packet source and the MAC (Media Access Control) address of the data packet source, and user authentication information It can include the user's IP address and the user's MAC address.
  • IP Internet Protocol
  • MAC Media Access Control
  • going online to the user according to the received data message may further include: before obtaining the user verification information from the received data message, performing legality verification on the received data message.
  • the user authentication information is obtained from the received data message. Verifying the legitimacy of data packets can effectively prevent the attack of abnormal data packets and can effectively control the number of user routing table entries.
  • Legitimacy verification includes but is not limited to verifying whether the user's IP address is the same as the BRAS gateway address network segment.
  • after going online to the user according to the received data message it may also include: when receiving the user's lease renewal request data message, going offline to the user and according to the lease renewal request Go online with the user, and / or, when the online time after the user quickly goes online reaches a preset online time threshold, if the user does not receive the user's lease renewal request data packet, the user is offline, and / or Or, when the online duration after the user quickly goes online reaches the preset lease renewal request time, if the user's lease renewal request data packet is not received, the user is offline, and / or, the online is removed mark.
  • removing the online mark may include removing the online mark through a configuration command.
  • the configuration command should support de-configuration.
  • the fast online function does not take effect.
  • the de-configuration method includes manually deleting the configured online mark and the fast online function automatically invalidates after timeout.
  • the user may not carry the DHCP-related information obtained during the initial go-live, and there is no DHCP information of the user on the BRAS, so the priority of the user going-on method according to the disclosed embodiment should be low Priority for online interaction of user protocol data messages.
  • the lease renewal time reaches 50% (that is, the lease renewal request time)
  • the lease renewal DHCP request message will be sent.
  • the device After receiving the protocol message, the device will quickly go online with the same MAC user Go offline and follow the lease renewal protocol online process.
  • the DHCP protocol online priority should be higher than the fast online mode.
  • BRAS can limit the online time of user users after they go online quickly to prevent illegal users from occupying bandwidth resources for a long time. For example, an online duration threshold greater than the lease renewal time is set. After the online duration threshold is reached, if the user still does not send the lease renewal request protocol packet, the fast online user is kicked off the line to release resources.
  • FIG. 4 is a schematic diagram of a BRAS system according to an embodiment of the present disclosure.
  • the BRAS system includes users, BRAS devices, an authentication server AAA, and a DHCP server (DHCP server).
  • DHCP server DHCP server
  • the user is used to connect to the BRAS device through a network cable or connect to the BRAS device through a switch.
  • the BRAS device acts as a relay for connecting to the authentication server AAA and DHCP Server through the network cable.
  • the authentication server AAA is used to authorize users for authentication and accounting.
  • DHCP Server is used to assign IP addresses to users.
  • the BRAS device acts as a relay. After detecting that the user's link is disconnected, in order to avoid multiple charging and improve address utilization, it will delete the local user information, notify the authentication server AAA to stop charging, and notify the DHCP Server Release the user address.
  • the BRAS device includes a message receiving unit and a trigger unit.
  • the trigger unit is used to notify the message receiving unit whether it supports data message triggering on-line. It is also used to receive and parse the data packets delivered by the receiving unit.
  • the module does not interact with the DHCP server.
  • FIG. 5 is a detailed flowchart of a user online method according to an embodiment of the present disclosure.
  • step 201 the user obtains an address through DHCP protocol packet interaction.
  • step 202 after the user's link with the BRAS device is disconnected for a period of time, the BRAS device will delete the local user forwarding entry, notify the authentication server AAA to stop accounting, and notify the DHCP server in order to avoid multiple charging and waste of address resources. Free the address.
  • step 203 after the link between the user and the BRAS device is restored, if the user's lease renewal time is up, step 204 is performed, otherwise step 205 is performed.
  • step 204 the user obtains an address by actively sending a DHCP protocol message.
  • step 205 the user data message arrives at the BRAS device, and the receiving unit determines whether the fast online function is turned on. If it is turned on, step 206 is executed, otherwise step 207 is executed.
  • step 206 the receiving unit sends the user's data message to the triggering unit, and the triggering unit verifies the validity of the data message, and sends the user's IP, MAC, Vlan, domain and other relevant information to the authentication server AAA for authentication. If verification and authentication are passed, step 208 is executed; otherwise, step 207 is executed.
  • step 207 the trigger unit discards the data message sent by the user, and user traffic cannot be forwarded.
  • step 208 the trigger unit device goes online to the user by adding user forwarding table and routing information, and the user traffic is forwarded normally.
  • FIG. 6 is a schematic structural diagram of a user online device according to an embodiment of the present disclosure.
  • the user online device includes a data message receiving unit 10 and a trigger unit 12.
  • the data message receiving unit 10 is used to receive the user's data message according to the online mark after the network link is restored.
  • the trigger unit 12 is used to go online to the user according to the received data message.
  • the on-line mark is used to indicate a message type that supports the uploaded data message.
  • the logic of the user online device according to the embodiment of the present disclosure is simple, so that after the link recovery of the link break occurs during the user's lease renewal period, the user can continue to go online without additional operations, and does not require support from the user-side equipment.
  • the user online device according to the embodiment of the present disclosure can be used in scenarios where the version is upgraded and restarted, and the user lease renewal time is relatively long, which can effectively avoid the problem that the user has an address locally but cannot access the network.
  • the user online device further includes: a control unit (not shown) configured to configure the online tag through a configuration command.
  • the user data receiving unit 10 may receive the user's data message according to the online mark within the user's lease renewal time.
  • the user data receiving unit 10 may receive a data message matching the online mark.
  • the user data receiving unit 10 may limit the speed of receiving data packets matching the online mark.
  • the trigger unit 12 may obtain user verification information from the data message received by the user data receiving unit 10, authenticate the user according to the user verification information, and notify the trigger unit 12 to go online when the authentication is successful The user.
  • the trigger unit 12 may extract the characteristic information of the data message source from the received data message as the user authentication information.
  • the trigger unit 12 may perform legality verification on the user data packet received by the user data receiving unit 10 before acquiring the user verification information from the data packet received by the user data receiving unit 10, in When it is verified that the data message received by the user data receiving unit 10 is legal, the user verification information is obtained from the data message received by the user data receiving unit 10.
  • the trigger unit 12 may log off the user when receiving the user's lease renewal request data message, and according to the user
  • the lease renewal request goes online to the user, and / or, when the online time after the user quickly goes online reaches a preset online time threshold, if the user's lease renewal request data packet is not received, the offline Said user, and / or, when the user's online duration reaches the preset lease renewal request time quickly after going online, if the user does not receive the user's lease renewal request data packet, the user can be offline, and / or Or, the online mark may be removed.
  • control unit may remove the online mark through a configuration command.
  • FIG. 7 is a schematic structural diagram of a broadband remote access server according to an embodiment of the present disclosure.
  • the broadband remote access server includes a memory 20 and a processor 22.
  • the memory 22 stores a computer program capable of running on the processor 22.
  • the computer program is controlled by the processor 22 During execution, the processor 22 executes the user online method according to an embodiment of the present disclosure.
  • An embodiment of the present disclosure also provides a computer-readable storage medium that stores a computer program, and when the computer program is executed by at least one processor, the at least one processor executes a user according to an embodiment of the present disclosure Online method.
  • the embodiments of the present disclosure can be implemented by software, hardware, and a combination of software and hardware. Based on this understanding, the embodiments of the present disclosure can be embodied in the form of software products, which are stored in a storage medium (such as ROM / RAM, magnetic disk, and optical disk), and include several instructions to make a terminal (It may be a mobile phone, a computer, a server, an air conditioner, or a network device, etc.) to perform the methods described in the embodiments of the present disclosure.
  • a storage medium such as ROM / RAM, magnetic disk, and optical disk
  • a terminal It may be a mobile phone, a computer, a server, an air conditioner, or a network device, etc.

Abstract

Disclosed are a method and device enabling a user to access the Internet, a broadband remote access server, and a storage medium. The method enabling a user to access the Internet comprises: upon recovery of a network link of a user, receiving a data message from the user according to an Internet access identifier; and enabling the user to access the Internet according to the received data message, wherein the Internet access identifier is used to indicate that the type of the data message being sent is supported.

Description

用户上线方法、装置、宽带远程接入服务器及存储介质User online method, device, broadband remote access server and storage medium 技术领域Technical field
本公开涉及通信技术领域。The present disclosure relates to the field of communication technology.
背景技术Background technique
IPoE技术是用户采用DHCP(Dynamic Host Configuration Protocol,动态主机配置协议)协议报文交互获取地址的技术。用户不需要安装任何拨号工具,获取地址的过程用户几乎无感知。BRAS(Broadband Remote Access Server,宽带远程接入服务器)作为宽带用户接入设备,可负责用户的地址分配、认证、计费、授权。针对IPoE用户,BRAS既可以作为DHCP服务器(DHCP Server)给用户分配地址,也可以作为中继(Relay),通过外挂DHCP Server的方式给用户分配地址。IPoE technology is a technology in which users use DHCP (Dynamic Host Configuration Protocol) protocol messages to interactively obtain addresses. The user does not need to install any dialing tools, and the user has almost no perception in the process of obtaining the address. BRAS (Broadband Remote Access Server), as a broadband user access device, can be responsible for user address allocation, authentication, billing, and authorization. For IPoE users, BRAS can be used as a DHCP server (DHCP Server) to assign addresses to users, or as a relay (Relay), through the external DHCP server to assign addresses to users.
目前,当用户与BRAS之间链路断开后,BRAS将用户表项删除,在链路恢复后,用户本地存在IP地址但是不能访问网络,通常需要在用户续租时间到达后,才能通过续租协议报文触发上线。At present, when the link between the user and the BRAS is disconnected, the BRAS deletes the user entry. After the link is restored, the user has an IP address locally but cannot access the network. Usually, it needs to be renewed after the user renewal time arrives. The lease agreement message is triggered to go online.
发明内容Summary of the invention
根据本公开的一个方面,提供一种用户上线方法,包括:在用户的网络链路恢复后,根据上线标记来接收用户的数据报文,根据接收的数据报文上线所述用户,其中,所述上线标记用于表示支持上送的数据报文的类型。According to an aspect of the present disclosure, a user online method is provided, including: after a user's network link is restored, receiving a user's data message according to an online mark, and online the user according to the received data message, wherein The on-line mark is used to indicate the type of data message supported for upload.
根据本公开的另一个方面,提供一种用户上线装置,包括:数据报文接收单元,用于在用户的网络链路恢复后,根据上线标记来接收用户的数据报文;触发单元,用于根据接收的数据报文上线所述用户,其中,所述上线标记用于表示支持上送的数据报文的类型。According to another aspect of the present disclosure, a user online device is provided, including: a data message receiving unit for receiving a user's data message according to an online mark after the user's network link is restored; a trigger unit for The user is online according to the received data message, wherein the online mark is used to indicate the type of the data message supported for transmission.
根据本公开实施例的另一个方面,提供一种宽带远程接入服务器,包括存储器和处理器,所述存储器上存储有能够在所述处理器上运行的计算机程序,所述计算机程序在由所述处理器执行时,所述处 理器执行如上所述的用户上线方法。According to another aspect of an embodiment of the present disclosure, a broadband remote access server is provided, including a memory and a processor, a computer program capable of running on the processor is stored on the memory, and the computer program is controlled by the computer. When the processor executes, the processor executes the user online method as described above.
根据本公开实施例的另一个方面,提供一种计算机可读存储介质,其上存储有计算机程序,所述计算机程序被至少一个处理器执行时,所述至少一个处理器执行如上所述的用户上线方法。According to another aspect of the embodiments of the present disclosure, there is provided a computer-readable storage medium on which a computer program is stored, and when the computer program is executed by at least one processor, the at least one processor executes the user as described above Online method.
附图说明BRIEF DESCRIPTION
通过对本公开的实施方式的详细描述,各种其他的优点和益处对于本领域普通技术人员将变得清楚明了。附图仅用于示出本公开的实施方式的目的,而并不认为是对本公开的限制。而且在整个附图中,相同的参考符号表示相同的部件。在附图中:Through the detailed description of the embodiments of the present disclosure, various other advantages and benefits will become clear to those skilled in the art. The drawings are only for the purpose of illustrating the embodiments of the present disclosure, and are not considered as limitations to the present disclosure. And throughout the drawings, the same reference symbols indicate the same components. In the drawings:
图1是根据本公开的实施例的用户上线方法的流程图;FIG. 1 is a flowchart of a user online method according to an embodiment of the present disclosure;
图2是用户接入BRAS设备的过程的示意图;FIG. 2 is a schematic diagram of a process for a user to access a BRAS device;
图3是用户基于Forcerenew协议上线的示意图;Figure 3 is a schematic diagram of users going online based on the Forcerenew protocol;
图4是根据本公开的实施例的BRAS系统的示意图;4 is a schematic diagram of a BRAS system according to an embodiment of the present disclosure;
图5是根据本公开的实施例的用户上线方法的详细流程图;5 is a detailed flowchart of a user online method according to an embodiment of the present disclosure;
图6是根据本公开的实施例的用户上线装置的结构示意图;6 is a schematic structural diagram of a user online device according to an embodiment of the present disclosure;
图7是根据本公开的实施例的宽带远程接入服务器的结构示意图。7 is a schematic structural diagram of a broadband remote access server according to an embodiment of the present disclosure.
具体实施方式detailed description
下面将参照附图更详细地描述本公开的示例性实施例。虽然附图中显示了本公开的示例性实施例,然而应当理解,可以以各种形式实现本公开而不应被这里阐述的实施例所限制。相反,提供这些实施例是为了能够更透彻地理解本公开,并且能够将本公开的范围完整的传达给本领域的技术人员。Hereinafter, exemplary embodiments of the present disclosure will be described in more detail with reference to the accompanying drawings. Although exemplary embodiments of the present disclosure are shown in the drawings, it should be understood that the present disclosure can be implemented in various forms and should not be limited by the embodiments set forth herein. Rather, these embodiments are provided to enable a more thorough understanding of the present disclosure and to fully convey the scope of the present disclosure to those skilled in the art.
在后续的描述中,使用用于表示元件的诸如“模块”、“部件”或“单元”的后缀仅为了有利于本公开的说明,其本身没有特定的意义。因此,“模块”、“部件”或“单元”可以混合地使用。In the following description, the use of suffixes such as "module", "part" or "unit" used to denote an element is only for the benefit of the present disclosure and has no specific meaning in itself. Therefore, "module", "component" or "unit" can be used in a mixed manner.
使用用于区分元件的诸如“第一”、“第二”等前缀仅为了有利于本公开的说明,其本身没有特定的意义。The use of prefixes such as "first", "second", etc. for distinguishing elements is only for the benefit of the disclosure, and has no specific meaning in itself.
图1是根据本公开的实施例的用户上线方法的流程图。FIG. 1 is a flowchart of a user online method according to an embodiment of the present disclosure.
如图1所示,所述方法包括步骤S101和S102。As shown in FIG. 1, the method includes steps S101 and S102.
在步骤S101,在用户的网络链路恢复后,根据上线标记来接收用户的数据报文。In step S101, after the user's network link is restored, the user's data message is received according to the online mark.
在步骤S102,根据接收的数据报文上线所述用户。In step S102, the user is online according to the received data message.
根据本公开的实施例,所述上线标记用于表示支持上送的数据报文的报文类型。According to an embodiment of the present disclosure, the on-line mark is used to indicate a message type that supports the uploaded data message.
根据本公开的实施例的用户上线方法可以在BRAS设备中执行,BRAS设备可以简述为BRAS,用户的网络链路可以是用户与BRAS之间链路,用户可以是IPoE用户终端。The user online method according to an embodiment of the present disclosure may be executed in a BRAS device, the BRAS device may be briefly described as a BRAS, the user's network link may be a link between the user and the BRAS, and the user may be an IPoE user terminal.
根据本公开的实施例的用户上线方法的逻辑简单,使得在用户续租时间内发生链路断链的链路恢复后,用户不需要额外操作就能继续上线,也不需要用户侧设备需要支持特定协议。特别地,根据本公开的实施例的用户上线方法也可以用于BRAS版本升级重启后,BRAS本地无用户表项,重启前部分用户获取到地址且续租时间又比较长的场景,能有效避免用户已经通过DHCP协议交互获取到地址,但是不能访问网络的问题。The logic of the user online method according to the embodiment of the present disclosure is simple, so that after the link recovery of the link break occurs during the user's lease renewal period, the user can continue to go online without additional operations, nor does the user-side device need to be supported Specific agreements. In particular, the user online method according to the embodiment of the present disclosure can also be used in scenarios where there is no user entry in the BRAS after the BRAS version is upgraded and restarted. The user has obtained the address interactively through the DHCP protocol, but cannot access the network.
根据本公开的实施例,根据上线标记来接收用户的数据报文包括:在用户的续租时间内,根据上线标记来接收用户的数据报文。According to an embodiment of the present disclosure, receiving the user's data message according to the online mark includes: within the user's lease renewal time, receiving the user's data message according to the online mark.
图2是用户接入BRAS设备的过程的示意图。FIG. 2 is a schematic diagram of a process for a user to access a BRAS device.
参照图2,BRAS作为中继(Relay)设备,用户接入BRAS的过程包括步骤1-16。Referring to FIG. 2, BRAS serves as a relay (Relay) device, and the process for a user to access BRAS includes steps 1-16.
步骤1,用户发起DHCP Discover请求协议报文,Discover请求协议报文中携带Option选项信息。Step 1: The user initiates a DHCP Discover protocol message, and the Discover protocol message carries Option information.
步骤2,BRAS收到用户的Discover请求协议报文后,提取Option选项信息发送给认证服务器AAA进行认证。Step 2: After receiving the user's Discover request protocol message, the BRAS extracts the Option information and sends it to the authentication server AAA for authentication.
步骤3,认证服务器AAA在认证通过Option选项信息后,通知BRAS。Step 3: The authentication server AAA notifies the BRAS after passing the Option information.
步骤4,BRAS将DHCP请求协议报文转发给DHCP Server。Step 4. The BRAS forwards the DHCP request protocol message to the DHCP Server.
步骤5和步骤6,DHCP Server通过BRAS给用户回复DHCP Offer 协议报文,DHCP Offer协议报文中携带为用户分配的地址及续租时间等信息。In Steps 5 and 6, the DHCP Server replies to the user with DHCP Offer protocol messages through the BRAS. The DHCP Offer protocol messages carry information such as the address allocated to the user and the lease renewal time.
步骤7和步骤8,用户通过BRAS向DHCP Server发送DHCP Request协议报文请求确认地址。In Steps 7 and 8, the user sends a DHCP Request message to the DHCP server to confirm the address through the BRAS.
步骤9和步骤10,DHCP Server通过BRAS给用户回DHCP ACK协议报文确认IP地址可用。In Step 9 and Step 10, the DHCP Server returns the DHCP ACK protocol message to the user through the BRAS to confirm that the IP address is available.
步骤11和步骤12,在经过续租时间的50%时,用户通过BRAS向DHCP Server发送DHCP Request协议报文(续租请求协议报文)来请求续租,即,确认地址是否可继续使用。In steps 11 and 12, after 50% of the lease renewal time has passed, the user sends a DHCP Request protocol message (lease renewal request protocol message) to the DHCP server through the BRAS to request the lease renewal, that is, to confirm whether the address can be used continuously.
步骤13和步骤14,如果地址可继续使用,DHCP Server通过BRAS给用户回DHCP ACK协议报文。如果地址不可继续使用,DHCP Server通过BRAS给用户回DHCP NAK协议报文,在这种情况下,用户重新向DHCP Server发DHCP Discover请求协议报文以获取地址。如果续租时间到后,一直没有收到DHCP Server发送的DHCP ACK协议报文,用户会发DHCP Discover请求协议报文以重新获取地址。In step 13 and step 14, if the address can continue to be used, the DHCP Server returns the DHCP ACK protocol message to the user through the BRAS. If the address is unavailable, the DHCP Server returns the DHCP NAK protocol message to the user through the BRAS. In this case, the user sends the DHCP Discover protocol message to the DHCP server again to obtain the address. If the lease renewal time has not been received and the DHCP ACK protocol message sent by the DHCP server has not been received, the user will send a DHCP Discover protocol request message to obtain the address again.
步骤15,用户发DHCP Release协议报文通知下线。Step 15. The user sends a DHCP Release message to notify the user to go offline.
步骤16,BRAS收到DHCP Release协议报文后,通知认证服务器AAA停止计费,通知DHCP Server释放地址。Step 16, after receiving the DHCP Release message, the BRAS notifies the authentication server AAA to stop accounting, and notifies the DHCP server to release the address.
在如图2所示的过程中,当用户与BRAS之间链路断开后,BRAS将不能收到用户任何协议报文,这样就存在用户多计费和地址资源浪费的问题,为了解决这个问题,BRAS通常支持以下3种方式。In the process shown in Figure 2, when the link between the user and the BRAS is disconnected, the BRAS will not be able to receive any protocol messages from the user, so that there are problems of multi-user charging and waste of address resources. In order to solve this problem Problem, BRAS usually supports the following three ways.
方式一、BRAS定时发ARP Request协议报文给用户,在发送一定次数但仍然收不到用户的ARP Reply协议报文后,将用户踢下线,通知认证服务器AAA停止计费并通知DHCP Server释放地址,待链路恢复后,在用户的续租时间达到后,由用户重新发DHCP协议报文重新申请地址,触发上线。Method 1: BRAS sends ARP Request protocol packets to the user regularly, after sending a certain number of times but still not receiving the user's ARP Reply protocol packets, kicks the user offline, notifies the authentication server AAA to stop accounting, and notifies the DHCP server to release Address, after the link is restored, after the user's lease renewal time is reached, the user re-sends the DHCP protocol message to reapply for the address, triggering the go-live.
方式二、BRAS检测到一段时间内用户流量统计未达到阈值,将用户踢下线,通知认证服务器AAA停止计费并通知DHCP Server释放地址,待链路恢复后,在用户续租时间达到后,由用户重新发DHCP协议报文重新申请地址,触发上线。Method 2: BRAS detects that the user traffic statistics have not reached the threshold within a certain period of time, kicks the user offline, notifies the authentication server AAA to stop accounting, and notifies the DHCP server to release the address. After the link is restored, after the user renewal time is reached, The user re-sends the DHCP protocol message to reapply for the address, which triggers the go-live.
方式三、如图3所示,BRAS检测到用户的链路发生异常,通知认证服务器AAA停止计费,待链路恢复后,BRAS给用户发DHCP Forcerenew协议报文,用户通过发送DHCP request请求续租来重新上线。Method 3: As shown in Figure 3, BRAS detects that the user's link is abnormal, and notifies the authentication server AAA to stop accounting. After the link is restored, BRAS sends a DHCPForcerenew protocol message to the user. The user continues by sending a DHCPrequest Rent to come back online.
上述方式一和二中,待链路恢复后,都需要用户重新主动设置网卡触发用户发DHCP Discover才能上线,否则只能等到续租时间到后,用户自动发DHCP Discover触发上线,当续租时间特别长时,用户等待时间较长,这对用户来说是不能忍受的。上述方式三中,需要用户终端支持DHCP Forcerenew协议报文,然而,目前大部分用户都不支持DHCP Forcerenew协议报文。In the above methods 1 and 2, after the link is restored, the user needs to re-set the network card to trigger the user to send DHCPDiscover before going online, otherwise it can only wait until the lease renewal time expires, the user automatically sends DHCPDiscover to trigger the online, when the lease renewal time Especially for a long time, the user has a long waiting time, which is unbearable for the user. In the third method above, the user terminal needs to support DHCP Forcerenew protocol messages. However, most users currently do not support DHCP Forcerenew protocol messages.
根据本公开的实施的用户上线方法可以有效解决上述方式一和二中缺陷,使得在用户续租时间内发生链路断链的链路恢复后,用户不需要额外操作,就能触发上线,此外,也不需要用户支持特定协议,从而有效解决了方式三的缺陷。The user online method implemented according to the present disclosure can effectively solve the above-mentioned defects in the first and second ways, so that the user can trigger the online without additional operations after the link recovery of the link break occurs within the user's lease renewal time. It also does not require users to support a specific protocol, thus effectively solving the defects of the third way.
根据本公开的实施例,根据所述上线标记来接收用户的数据报文之前,还可以包括:通过配置命令配置所述上线标记。According to an embodiment of the present disclosure, before receiving the user's data message according to the online mark, it may further include: configuring the online mark through a configuration command.
根据本公开的实施例,根据所述上线标记来接收用户的数据报文可以包括:接收与所述上线标记匹配的数据报文。According to an embodiment of the present disclosure, receiving the user's data message according to the online mark may include: receiving a data message matching the online mark.
例如,BRAS设备通过配置命令,打开BRAS的用户侧接口的数据报文上送开关,并设置一个上线标记,例如,Flag标识,所述Flag标识表示支持上送的数据报文的类型。用户的数据报文在到达BRAS设备后,BRAS可以根据Flag标识决定是否将数据报文上送到BRAS的控制面。例如,当用户的数据报文到达BRAS设备后,可将数据报文的表示报文类型的特征值与Flag标识进行匹配,当二者匹配时,将该数据报文上送到BRAS的控制面,也就是说,BRAS的控制面可以接收与Flag标识匹配的数据报文。For example, the BRAS device turns on the data packet sending switch of the user-side interface of the BRAS through a configuration command, and sets an on-line flag, for example, a Flag flag, which indicates the type of data message supported to be sent. After the user's data message reaches the BRAS device, the BRAS can decide whether to send the data message to the BRAS control plane according to the Flag flag. For example, when the user's data message arrives at the BRAS device, the characteristic value of the data message indicating the type of the message can be matched with the Flag ID. When the two match, the data message is sent to the BRAS control plane. In other words, the control plane of the BRAS can receive data packets that match the Flag.
例如,用户的数据报文可以包括ARP报文、IP报文等,当所述上线标记表示支持上送的数据报文为IP报文时,可将用户的数据报文中的IP报文上送到BRAS的控制面。以上描述仅是示例,所述上线标记不限于一种报文类型,还可以标识多种报文类型。For example, the user's data message may include an ARP message, an IP message, etc. When the on-line flag indicates that the data message supported for transmission is an IP message, the IP message in the user's data message may be Send to the control surface of BRAS. The above description is only an example, and the online mark is not limited to one type of message, and may also identify multiple types of messages.
根据本公开的实施,接收与所述上线标记匹配的数据报文可以包括:限制接收与所述上线标记匹配的数据报文的速度。例如,当用户的数据报文与所述上线标记匹配时,BRAS的转发面将该数据报文上送到控制面,为了防止非法用户的大量报文攻击、网络拥塞,转发面可对上送数据报文的速度进行限制。According to an implementation of the present disclosure, receiving a data packet matching the online mark may include: limiting a speed of receiving a data packet matching the online mark. For example, when a user's data packet matches the online mark, the BRAS forwarding plane sends the data packet to the control plane. To prevent a large number of packet attacks by illegal users and network congestion, the forwarding plane can send the data packet to the control plane. The speed of data messages is limited.
根据本公开的实施例,根据接收的用户报文上线所述用户可以包括:从接收的数据报文中获取用户验证信息,根据所述用户验证信息对所述用户进行认证,在认证成功时上线所述用户。According to an embodiment of the present disclosure, going online according to the received user message may include: obtaining user authentication information from the received data message, authenticating the user according to the user authentication information, and going online when the authentication is successful The user.
根据本公开的实施例,所述从接收的数据报文中获取用户验证信息还可以包括:从接收的数据报文中提取数据报文源的特征信息作为所述用户验证信息。According to an embodiment of the present disclosure, the obtaining user authentication information from the received data message may further include: extracting characteristic information of the data message source from the received data message as the user authentication information.
例如,数据报文源特征信息可以包括数据报文源的IP(Internet Protocol,网络之间互连的协议)地址和数据报文源的MAC(Media Access Control,媒体访问控制)地址,用户验证信息可以包括用户的IP地址和用户的MAC地址。For example, the characteristic information of the data packet source may include the IP (Internet Protocol) address of the data packet source and the MAC (Media Access Control) address of the data packet source, and user authentication information It can include the user's IP address and the user's MAC address.
根据本公开的实施例,根据接收的数据报文上线所述用户还可以包括:在从接收的数据报文中获取所述用户验证信息之前,对接收的数据报文进行合法性验证,在验证接收的数据报文合法时,从接收的数据报文中获取所述用户验证信息。对数据报文的合法性进行验证可以有效防止异常数据报文的攻击及可以有效对用户路由表条目数的控制,合法性验证包括但不限于验证用户的IP地址是否与BRAS的网关地址在同一网段。According to an embodiment of the present disclosure, going online to the user according to the received data message may further include: before obtaining the user verification information from the received data message, performing legality verification on the received data message. When the received data message is legal, the user authentication information is obtained from the received data message. Verifying the legitimacy of data packets can effectively prevent the attack of abnormal data packets and can effectively control the number of user routing table entries. Legitimacy verification includes but is not limited to verifying whether the user's IP address is the same as the BRAS gateway address network segment.
根据本公开的实施例,根据接收的数据报文上线所述用户之后也可以包括:在接收到所述用户的续租请求数据报文时,下线所述用户,并根据所述续租请求上线所述用户,和/或,在用户快速上线后的在线时长达到预设的在线时长阈值时,如果未收到所述用户的续租请求数据报文,则下线所述用户,和/或,在用户快速上线后的在线时长达到预设的续租请求时间时,如果未收到所述用户的续租请求数据报文,则下线所述用户,和/或,去除所述上线标记。According to an embodiment of the present disclosure, after going online to the user according to the received data message, it may also include: when receiving the user's lease renewal request data message, going offline to the user and according to the lease renewal request Go online with the user, and / or, when the online time after the user quickly goes online reaches a preset online time threshold, if the user does not receive the user's lease renewal request data packet, the user is offline, and / or Or, when the online duration after the user quickly goes online reaches the preset lease renewal request time, if the user's lease renewal request data packet is not received, the user is offline, and / or, the online is removed mark.
根据本公开的实施例,去除所述上线标记可以包括:通过配置 命令去除所述上线标记。例如,配置命令应当支持去配置,在对上线标记进行去配置后,快速上线的功能不生效,去配置的方法包括手动删除配置的上线标记和超时后快速上线功能自动失效。According to an embodiment of the present disclosure, removing the online mark may include removing the online mark through a configuration command. For example, the configuration command should support de-configuration. After the de-configuration of the online mark, the fast online function does not take effect. The de-configuration method includes manually deleting the configured online mark and the fast online function automatically invalidates after timeout.
通过根据公开的实施例的用户方法上线,用户可以不携带初始上线时获取的DHCP相关信息,BRAS上也并没有该用户的DHCP信息,因此根据公开的实施例的用户上线方法的优先级应该低于用户协议数据报文交互上线的优先级。并且,用户快速上线后,在续租时间50%(即续租请求时间)到达后,会发续租DHCP Request协议报文,设备收到该协议报文后,将快速上线的相同MAC的用户踢下线,并且走续租协议报文上线流程,DHCP协议上线的优先级应当高于快速上线方式。而且,BRAS可以限制用户用户快速上线后的在线时长,以防止非法用户长时间占用带宽资源。比如设置大于续租时间的在线时长阈值,在线时长阈值到达后,如果用户仍然没有发送续租请求协议报文,则将该快速上线的用户踢下线,释放资源。By going online through the user method according to the disclosed embodiment, the user may not carry the DHCP-related information obtained during the initial go-live, and there is no DHCP information of the user on the BRAS, so the priority of the user going-on method according to the disclosed embodiment should be low Priority for online interaction of user protocol data messages. In addition, after the user quickly goes online, after the lease renewal time reaches 50% (that is, the lease renewal request time), the lease renewal DHCP request message will be sent. After receiving the protocol message, the device will quickly go online with the same MAC user Go offline and follow the lease renewal protocol online process. The DHCP protocol online priority should be higher than the fast online mode. Moreover, BRAS can limit the online time of user users after they go online quickly to prevent illegal users from occupying bandwidth resources for a long time. For example, an online duration threshold greater than the lease renewal time is set. After the online duration threshold is reached, if the user still does not send the lease renewal request protocol packet, the fast online user is kicked off the line to release resources.
图4是根据本公开的实施例的BRAS系统的示意图。4 is a schematic diagram of a BRAS system according to an embodiment of the present disclosure.
如图4所示,BRAS系统包括用户、BRAS设备、认证服务器AAA和DHCP服务器(DHCP server)。As shown in FIG. 4, the BRAS system includes users, BRAS devices, an authentication server AAA, and a DHCP server (DHCP server).
用户用于通过网线连接到BRAS设备,或者通过交换机连接到BRAS设备。The user is used to connect to the BRAS device through a network cable or connect to the BRAS device through a switch.
BRAS设备作为中继,用于通过网线连接到认证服务器AAA及DHCP Server。The BRAS device acts as a relay for connecting to the authentication server AAA and DHCP Server through the network cable.
认证服务器AAA用于对用户进行认证计费授权。The authentication server AAA is used to authorize users for authentication and accounting.
DHCP Server用于为用户分配IP地址。DHCP Server is used to assign IP addresses to users.
在BRAS系统中,BRAS设备作为中继,在检测到用户的链路断开后,为了避免多计费及提高地址利用率,会删除本地用户信息、通知认证服务器AAA停止计费并通知DHCP Server释放用户地址。In the BRAS system, the BRAS device acts as a relay. After detecting that the user's link is disconnected, in order to avoid multiple charging and improve address utilization, it will delete the local user information, notify the authentication server AAA to stop charging, and notify the DHCP Server Release the user address.
BRAS设备包括报文接收单元和触发单元,触发单元用于通知报文接收单元是否支持数据报文触发上线,还用于接收、解析接收单元送达的数据包,该模块不与DHCP server交互。The BRAS device includes a message receiving unit and a trigger unit. The trigger unit is used to notify the message receiving unit whether it supports data message triggering on-line. It is also used to receive and parse the data packets delivered by the receiving unit. The module does not interact with the DHCP server.
图5是根据本公开的实施例的用户上线方法的详细流程图。5 is a detailed flowchart of a user online method according to an embodiment of the present disclosure.
如图5所示,在步骤201,用户通过DHCP协议报文交互获取到地址。As shown in FIG. 5, in step 201, the user obtains an address through DHCP protocol packet interaction.
在步骤202,用户与BRAS设备的链路断开一段时间后,BRAS设备为了避免多计费及避免地址资源的浪费,将删除本地用户转发表项、通知认证服务器AAA停止计费并通知DHCP Server释放地址。In step 202, after the user's link with the BRAS device is disconnected for a period of time, the BRAS device will delete the local user forwarding entry, notify the authentication server AAA to stop accounting, and notify the DHCP server in order to avoid multiple charging and waste of address resources. Free the address.
在步骤203,用户与BRAS设备链路恢复后,如果用户续租时间已到,则执行步骤204,否则执行步骤205。In step 203, after the link between the user and the BRAS device is restored, if the user's lease renewal time is up, step 204 is performed, otherwise step 205 is performed.
在步骤204,用户通过主动发DHCP协议报文获取地址。In step 204, the user obtains an address by actively sending a DHCP protocol message.
在步骤205,用户数据报文到达BRAS设备,接收单元判断快速上线功能是否打开,若打开,则执行步骤206,否则执行步骤207。In step 205, the user data message arrives at the BRAS device, and the receiving unit determines whether the fast online function is turned on. If it is turned on, step 206 is executed, otherwise step 207 is executed.
在步骤206,接收单元将用户的数据报文发送给触发单元,触发单元对该数据报文进行合法性校验,将用户IP、MAC、Vlan、域等相关信息发送给认证服务器AAA进行认证,校验、认证通过则执行步骤208,否则执行步骤207。In step 206, the receiving unit sends the user's data message to the triggering unit, and the triggering unit verifies the validity of the data message, and sends the user's IP, MAC, Vlan, domain and other relevant information to the authentication server AAA for authentication. If verification and authentication are passed, step 208 is executed; otherwise, step 207 is executed.
在步骤207,触发单元丢弃用户发来的数据报文,用户流量不能转发出去。In step 207, the trigger unit discards the data message sent by the user, and user traffic cannot be forwarded.
在步骤208,触发单元设备通过添加用户转发表及路由等信息上线用户,用户流量转发正常。In step 208, the trigger unit device goes online to the user by adding user forwarding table and routing information, and the user traffic is forwarded normally.
图6是根据本公开的实施例的用户上线装置的结构示意图。6 is a schematic structural diagram of a user online device according to an embodiment of the present disclosure.
如图6所示,用户上线装置包括数据报文接收单元10和触发单元12。As shown in FIG. 6, the user online device includes a data message receiving unit 10 and a trigger unit 12.
数据报文接收单元10用于在网络链路恢复后,根据上线标记来接收用户的数据报文。The data message receiving unit 10 is used to receive the user's data message according to the online mark after the network link is restored.
触发单元12用于根据接收的数据报文上线所述用户。The trigger unit 12 is used to go online to the user according to the received data message.
根据本公开的实施例,所述上线标记用于表示支持上送的数据报文的报文类型。According to an embodiment of the present disclosure, the on-line mark is used to indicate a message type that supports the uploaded data message.
根据本公开的实施例的用户上线装置逻辑简单,使得在用户续租时间内发生链路断链的链路恢复后,用户不需要额外操作,就能继续上线,也不需要用户侧设备需要支持特定协议。特别地,根据本公开的实施例的用户上线装置可以用于版本升级重启,用户续租时间又 比较长的场景,能有效避免用户本地存在地址,但是不能访问网络的问题。The logic of the user online device according to the embodiment of the present disclosure is simple, so that after the link recovery of the link break occurs during the user's lease renewal period, the user can continue to go online without additional operations, and does not require support from the user-side equipment. Specific agreements. In particular, the user online device according to the embodiment of the present disclosure can be used in scenarios where the version is upgraded and restarted, and the user lease renewal time is relatively long, which can effectively avoid the problem that the user has an address locally but cannot access the network.
根据本公开的实施例,用户上线装置还包括:控制单元(未示出),用于通过配置命令配置所述上线标记。According to an embodiment of the present disclosure, the user online device further includes: a control unit (not shown) configured to configure the online tag through a configuration command.
根据本公开的实施例,用户数据接收单元10可以在用户的续租时间内,根据上线标记来接收用户的数据报文。According to an embodiment of the present disclosure, the user data receiving unit 10 may receive the user's data message according to the online mark within the user's lease renewal time.
根据本公开的实施例,用户数据接收单元10可以接收与所述上线标记匹配的数据报文。According to an embodiment of the present disclosure, the user data receiving unit 10 may receive a data message matching the online mark.
根据本公开的实施例,用户数据接收单元10可以限制接收与所述上线标记匹配的数据报文的速度。According to an embodiment of the present disclosure, the user data receiving unit 10 may limit the speed of receiving data packets matching the online mark.
根据本公开的实施例,触发单元12可以从用户数据接收单元10接收的数据报文中获取用户验证信息,根据所述用户验证信息对所述用户进行认证,在认证成功时通知触发单元12上线所述用户。According to an embodiment of the present disclosure, the trigger unit 12 may obtain user verification information from the data message received by the user data receiving unit 10, authenticate the user according to the user verification information, and notify the trigger unit 12 to go online when the authentication is successful The user.
根据本公开的实施例,触发单元12可以从接收的数据报文中提取数据报文源的特征信息作为所述用户验证信息。According to an embodiment of the present disclosure, the trigger unit 12 may extract the characteristic information of the data message source from the received data message as the user authentication information.
根据本公开的实施例,触发单元12可以在从用户数据接收单元10接收的数据报文中获取所述用户验证信息之前,对用户数据接收单元10接收的用户数据报文进行合法性验证,在验证用户数据接收单元10接收的数据报文合法时,从用户数据接收单元10接收的数据报文中获取所述用户验证信息。According to an embodiment of the present disclosure, the trigger unit 12 may perform legality verification on the user data packet received by the user data receiving unit 10 before acquiring the user verification information from the data packet received by the user data receiving unit 10, in When it is verified that the data message received by the user data receiving unit 10 is legal, the user verification information is obtained from the data message received by the user data receiving unit 10.
根据本公开的实施例,在根据接收的数据报文上线所述用户之后,所述触发单元12可以在接收到所述用户的续租请求数据报文时,下线所述用户,并根据所述续租请求上线所述用户,和/或,可以在用户快速上线后的在线时长达到预设的在线时长阈值时,如果未收到所述用户的续租请求数据报文,则下线所述用户,和/或,可以在用户快速上线后的在线时长达到预设的续租请求时间时,如果未收到所述用户的续租请求数据报文,则下线所述用户,和/或,可以去除所述上线标记。According to an embodiment of the present disclosure, after the user is online according to the received data message, the trigger unit 12 may log off the user when receiving the user's lease renewal request data message, and according to the user The lease renewal request goes online to the user, and / or, when the online time after the user quickly goes online reaches a preset online time threshold, if the user's lease renewal request data packet is not received, the offline Said user, and / or, when the user's online duration reaches the preset lease renewal request time quickly after going online, if the user does not receive the user's lease renewal request data packet, the user can be offline, and / or Or, the online mark may be removed.
根据本公开的实施例,控制单元可以通过配置命令去除所述上线标记。According to an embodiment of the present disclosure, the control unit may remove the online mark through a configuration command.
图7是根据本公开的实施例的宽带远程接入服务器的结构示意图。7 is a schematic structural diagram of a broadband remote access server according to an embodiment of the present disclosure.
如图7所示,宽带远程接入服务器包括存储器20和处理器22,所述存储器22上存储有能够在所述处理器22上运行的计算机程序,所述计算机程序在由所述处理器22执行时,所述处理器22执行根据本公开的实施例的用户上线方法。As shown in FIG. 7, the broadband remote access server includes a memory 20 and a processor 22. The memory 22 stores a computer program capable of running on the processor 22. The computer program is controlled by the processor 22 During execution, the processor 22 executes the user online method according to an embodiment of the present disclosure.
本公开实施例还提供一种计算机可读存储介质,所述存储介质存储有计算机程序,所述计算机程序被至少一个处理器执行时,所述至少一个处理器执行根据本公开的实施例的用户上线方法。An embodiment of the present disclosure also provides a computer-readable storage medium that stores a computer program, and when the computer program is executed by at least one processor, the at least one processor executes a user according to an embodiment of the present disclosure Online method.
需要说明的是,在本文中,术语“包括”、“包含”或者其任何其他变体意在涵盖非排他性的包含,从而使得包括一系列要素的过程、方法、物品或者装置不仅包括那些要素,而且还包括没有明确列出的其他要素,或者是还包括为这种过程、方法、物品或者装置所固有的要素。在没有更多限制的情况下,由语句“包括一个……”限定的要素,并不排除在包括该要素的过程、方法、物品或者装置中还存在另外的相同要素。It should be noted that in this article, the terms "include", "include" or any other variant thereof are intended to cover non-exclusive inclusion, so that a process, method, article or device that includes a series of elements includes not only those elements It also includes other elements that are not explicitly listed, or include elements inherent to this process, method, article, or device. Without more restrictions, the element defined by the sentence "include one ..." does not exclude that there are other identical elements in the process, method, article or device that includes the element.
上述本公开实施例序号仅仅为了描述,不代表实施例的优劣。The sequence numbers of the above-mentioned embodiments of the present disclosure are for description only, and do not represent the advantages and disadvantages of the embodiments.
通过以上的实施方式的描述,本领域的技术人员可以清楚地了解到本公开的实施例可以通过软件、硬件和软件和硬件的组合来实现。基于这样的理解,本公开的实施例可以以软件产品的形式体现出来,该计算机软件产品存储在一个存储介质(如ROM/RAM、磁碟、光盘)中,包括若干指令用以使得一台终端(可以是手机,计算机,服务器,空调器,或者网络设备等)执行本公开各个实施例所述的方法。Through the description of the above embodiments, those skilled in the art can clearly understand that the embodiments of the present disclosure can be implemented by software, hardware, and a combination of software and hardware. Based on this understanding, the embodiments of the present disclosure can be embodied in the form of software products, which are stored in a storage medium (such as ROM / RAM, magnetic disk, and optical disk), and include several instructions to make a terminal (It may be a mobile phone, a computer, a server, an air conditioner, or a network device, etc.) to perform the methods described in the embodiments of the present disclosure.
上面结合附图对本公开的实施例进行了描述,但是本公开并不局限于上述的具体实施方式,上述的具体实施方式仅仅是示意性的,而不是限制性的,本领域的普通技术人员在本公开的启示下,在不脱离本公开宗旨和权利要求所保护的范围情况下,还可做出很多形式,这些均属于本公开的保护之内。The embodiments of the present disclosure have been described above with reference to the drawings, but the present disclosure is not limited to the above-mentioned specific implementations. The above-mentioned specific implementations are only schematic, not limiting, and those of ordinary skill in the art Under the inspiration of this disclosure, many forms can be made without departing from the scope of the disclosure and the scope of protection of the claims, all of which fall within the protection of this disclosure.

Claims (14)

  1. 一种用户上线方法,包括:A user online method, including:
    在用户的网络链路恢复后,根据上线标记来接收用户的数据报文,After the user's network link is restored, the user's data message is received according to the online mark,
    根据接收的数据报文上线所述用户,Go online with the user according to the received data message,
    其中,所述上线标记用于表示支持上送的数据报文的类型。Wherein, the online mark is used to indicate the type of the data message supported to be sent.
  2. 如权利要求1所述的方法,其中,根据上线标记来接收用户的数据报文之前,包括:The method according to claim 1, wherein before receiving the user's data message according to the online mark includes:
    通过配置命令配置所述上线标记。Configure the online tag through a configuration command.
  3. 如权利要求1所述的方法,其中,根据上线标记来接收用户的数据报文包括:The method of claim 1, wherein receiving the user's data message according to the online mark includes:
    接收与所述上线标记匹配的数据报文。Receiving a data message matching the online mark.
  4. 如权利要求3所述的方法,其中,接收与所述上线标记匹配的数据报文包括:The method of claim 3, wherein receiving the data message matching the online mark includes:
    限制接收与所述上线标记匹配的数据报文的速度。Limit the speed of receiving data packets matching the online mark.
  5. 如权利要求1所述的方法,其中,根据上线标记来接收用户的数据报文包括:The method of claim 1, wherein receiving the user's data message according to the online mark includes:
    在用户的续租时间内,根据上线标记来接收用户的数据报文。During the user's lease renewal time, the user's data message is received according to the online mark.
  6. 如权利要求1所述的方法,其中,根据接收的用户报文上线所述用户包括:The method according to claim 1, wherein going online according to the received user message comprises:
    从接收的数据报文中获取用户验证信息;Obtain user authentication information from the received data message;
    根据所述用户验证信息对所述用户进行认证;Authenticate the user according to the user verification information;
    在认证成功时上线所述用户。The user is online when the authentication is successful.
  7. 如权利要求6所述的方法,其中,所述从接收的数据报文中获取用户验证信息包括:The method of claim 6, wherein the obtaining user authentication information from the received data message comprises:
    从接收的数据报文中提取数据报文源的特征信息作为所述用户验证信息。Extract the characteristic information of the data message source from the received data message as the user authentication information.
  8. 如权利要求6所述的方法,其中,根据接收的用户报文上线所述用户还包括:The method according to claim 6, wherein going online according to the received user message further comprises:
    在从接收的数据报文中获取用户验证信息之前,对接收的数据报文进行合法性验证,Before obtaining user authentication information from the received data message, verify the validity of the received data message,
    在验证合法时,从接收的数据报文中获取用户验证信息。When the verification is legal, the user verification information is obtained from the received data packet.
  9. 如权利要求1-8中任意一项所述的方法,其中,在根据接收的数据报文上线所述用户之后,所述方法还包括:The method according to any one of claims 1-8, wherein after the user is online according to the received data message, the method further comprises:
    在接收到所述用户的续租请求数据报文时,下线所述用户,并根据所述续租请求重新上线所述用户,和/或,Upon receiving the user's lease renewal request data message, log off the user and re-launch the user according to the lease renewal request, and / or,
    在用户上线后的在线时长达到预设的在线时长阈值时,如果未收到所述用户的续租请求数据报文,则下线所述用户,和/或,When the online duration after the user goes online reaches a preset online duration threshold, if the user's lease renewal request data packet is not received, the user is offline, and / or,
    在用户上线后的在线时长达到预设的续租请求时间时,如果未收到所述用户的续租请求数据报文,则下线所述用户。When the online duration of the user after going online reaches the preset time for renewal of the lease request, if the user does not receive the lease renewal request data message, the user is offline.
  10. 如权利要求1-8中任意一项所述的方法,其中,在根据接收的数据报文上线所述用户之后,所述方法还包括:去除所述上线标记。The method according to any one of claims 1-8, wherein after going online to the user according to the received data message, the method further comprises: removing the online mark.
  11. 如权利要求10所述的方法,其中,去除所述上线标记包括:通过配置命令去除所述上线标记。The method of claim 10, wherein removing the online mark includes removing the online mark through a configuration command.
  12. 一种用户上线装置,包括:A user online device includes:
    数据报文接收单元,用于在用户的网络链路恢复后,根据上线标记来接收用户的数据报文;The data message receiving unit is used to receive the user's data message according to the online mark after the user's network link is restored;
    触发单元,用于根据接收的数据报文上线所述用户,The trigger unit is used to go online to the user according to the received data message,
    其中,所述上线标记用于表示支持上送的数据报文的类型。Wherein, the online mark is used to indicate the type of the data message supported to be sent.
  13. 一种宽带远程接入服务器,包括存储器和处理器,所述存储器上存储有能够在所述处理器上运行的计算机程序,所述计算机程序在由所述处理器执行时,所述处理器执行如权利要求1-10中任意一项所述的用户上线方法。A broadband remote access server includes a memory and a processor, and the memory stores a computer program capable of running on the processor, and when the computer program is executed by the processor, the processor executes The user online method according to any one of claims 1-10.
  14. 一种计算机可读存储介质,其上存储有计算机程序,所述计算机程序被至少一个处理器执行时,所述至少一个处理器执行如权利要求1-10中任意一项所述的用户上线方法。A computer-readable storage medium on which a computer program is stored, and when the computer program is executed by at least one processor, the at least one processor executes the user online method according to any one of claims 1-10 .
PCT/CN2019/111704 2018-10-17 2019-10-17 Method and device enabling a user to access the internet, broadband remote access server, and storage medium WO2020078428A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201811207831.0 2018-10-17
CN201811207831.0A CN111064759B (en) 2018-10-17 2018-10-17 User online method and device, broadband remote access server and storage medium

Publications (1)

Publication Number Publication Date
WO2020078428A1 true WO2020078428A1 (en) 2020-04-23

Family

ID=70282874

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2019/111704 WO2020078428A1 (en) 2018-10-17 2019-10-17 Method and device enabling a user to access the internet, broadband remote access server, and storage medium

Country Status (2)

Country Link
CN (1) CN111064759B (en)
WO (1) WO2020078428A1 (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114584329B (en) * 2020-11-16 2023-09-05 中国移动通信集团广东有限公司 Positioning method and device for reasons of abnormal flow and electronic equipment

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1571350A (en) * 2003-07-11 2005-01-26 华为技术有限公司 A method for triggering user terminal online via data message
US20110320323A1 (en) * 2010-06-28 2011-12-29 Alcatel-Lucent Canada Inc. Pcrf-pcef-ocs interaction in wireless-wireline convergence
CN102413000A (en) * 2011-12-23 2012-04-11 华为数字技术有限公司 Online method for clients, DHCP (dynamic host configuration protocol) server and network management system
CN106341270A (en) * 2016-09-23 2017-01-18 杭州华三通信技术有限公司 Fault processing method and device
US20170093623A1 (en) * 2014-06-09 2017-03-30 Huawei Technologies Building Co., Ltd. Information processing method, network node, authentication method, and server
CN108206765A (en) * 2018-03-30 2018-06-26 新华三技术有限公司 PPPoE reaches the standard grade restoration methods, BRAS equipment and aaa server

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103796245B (en) * 2012-10-29 2019-01-25 中兴通讯股份有限公司 The management method of data message, apparatus and system
CN104601743A (en) * 2015-02-11 2015-05-06 杭州华三通信技术有限公司 IP (internet protocol) forwarding IPoE (IP over Ethernet) dual-stack user access control method and equipment based on Ethernet

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1571350A (en) * 2003-07-11 2005-01-26 华为技术有限公司 A method for triggering user terminal online via data message
US20110320323A1 (en) * 2010-06-28 2011-12-29 Alcatel-Lucent Canada Inc. Pcrf-pcef-ocs interaction in wireless-wireline convergence
CN102413000A (en) * 2011-12-23 2012-04-11 华为数字技术有限公司 Online method for clients, DHCP (dynamic host configuration protocol) server and network management system
US20170093623A1 (en) * 2014-06-09 2017-03-30 Huawei Technologies Building Co., Ltd. Information processing method, network node, authentication method, and server
CN106341270A (en) * 2016-09-23 2017-01-18 杭州华三通信技术有限公司 Fault processing method and device
CN108206765A (en) * 2018-03-30 2018-06-26 新华三技术有限公司 PPPoE reaches the standard grade restoration methods, BRAS equipment and aaa server

Also Published As

Publication number Publication date
CN111064759A (en) 2020-04-24
CN111064759B (en) 2023-12-15

Similar Documents

Publication Publication Date Title
US8875233B2 (en) Isolation VLAN for layer two access networks
RU2556468C2 (en) Terminal access authentication method and customer premise equipment
EP1876754B1 (en) Method system and server for implementing dhcp address security allocation
US20100223655A1 (en) Method, System, and Apparatus for DHCP Authentication
US20110202670A1 (en) Method, device and system for identifying ip session
KR101620479B1 (en) A method and a gateway for providing multiple internet access
US8400943B2 (en) IPv6 addressing over non-IPv6 systems
US9596209B2 (en) Causing client device to request a new internet protocol address based on a link local address
CN106302353B (en) Identity authentication method, identity authentication system and related equipment
WO2009030173A1 (en) Processing method and device for qinq termination configuration
CN104601743A (en) IP (internet protocol) forwarding IPoE (IP over Ethernet) dual-stack user access control method and equipment based on Ethernet
WO2015018069A1 (en) Method, device and system for acquiring service by network terminal
CN101656712B (en) Method for recovering IP session, network system and network edge device
JP2014161084A (en) Self-configuration of forwarding table in access node
US9634917B2 (en) Method and system for detecting use of wrong internet protocol address
CN100362800C (en) A method for triggering user terminal online via data message
JP2001326696A (en) Method for controlling access
CN106131177B (en) Message processing method and device
US10027622B2 (en) Recovering lost device information in cable networks
TWI392307B (en) Method and apparatus for verification of dynamic host configuration protocol (dhcp) release message
WO2020078428A1 (en) Method and device enabling a user to access the internet, broadband remote access server, and storage medium
WO2009079896A1 (en) User access authentication method based on dynamic host configuration protocol
KR100590875B1 (en) xDSL modem and system including DHCP spoofing server, and PPPoE method for connecting internet using the same
US20160248751A1 (en) Cm registration method and apparatus
JP2002084306A (en) Packet communication apparatus and network system

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 19873348

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205A DATED 25/08/2021)

122 Ep: pct application non-entry in european phase

Ref document number: 19873348

Country of ref document: EP

Kind code of ref document: A1