WO2022057758A1 - Session resource control method and apparatus, device, system, and storage medium - Google Patents

Session resource control method and apparatus, device, system, and storage medium Download PDF

Info

Publication number
WO2022057758A1
WO2022057758A1 PCT/CN2021/117944 CN2021117944W WO2022057758A1 WO 2022057758 A1 WO2022057758 A1 WO 2022057758A1 CN 2021117944 W CN2021117944 W CN 2021117944W WO 2022057758 A1 WO2022057758 A1 WO 2022057758A1
Authority
WO
WIPO (PCT)
Prior art keywords
vpdn
session
virtual private
client
network server
Prior art date
Application number
PCT/CN2021/117944
Other languages
French (fr)
Chinese (zh)
Inventor
李莉
谢光华
陈华南
朱永庆
Original Assignee
中兴通讯股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中兴通讯股份有限公司 filed Critical 中兴通讯股份有限公司
Publication of WO2022057758A1 publication Critical patent/WO2022057758A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • H04L12/4641Virtual LANs, VLANs, e.g. virtual private networks [VPN]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • H04L12/4633Interconnection of networks using encapsulation techniques, e.g. tunneling
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/08Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/08Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters
    • H04L43/0876Network utilisation, e.g. volume of load or congestion level
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L47/00Traffic control in data switching networks
    • H04L47/70Admission control; Resource allocation
    • H04L47/76Admission control; Resource allocation using dynamic resource allocation, e.g. in-call renegotiation requested by the user or requested by the network in response to changing network conditions

Definitions

  • the embodiments of the present application relate to the field of communications, and in particular, to a method, apparatus, device, system, and storage medium for controlling session resources.
  • VPDN Virtual Private Dia-up Network, Virtual Private Dial-Up Network
  • a public network such as ISDN (Integrated Services Digital Network, Integrated Services Digital Network)
  • PSTN Public Switched Telephone Network, Public Switched Telephone Network
  • VPDN provides an economical and effective point-to-point connection between remote users and private enterprise networks.
  • VPDN uses a dedicated network communication protocol to establish a secure virtual private network for enterprises on the public network.
  • the company's overseas offices and business travelers can remotely connect to the corporate headquarters through a virtual tunnel through the public network, while other users on the public network cannot access through the virtual tunnel.
  • a client communicates with a VPDN virtual private network server by establishing a session through a VPDN access device.
  • the VPDN access device in the related art cannot perceive the abnormality of the session, so that the session resources on the VPDN access device cannot be released and are occupied for a long time, which also affects new The establishment of the session leads to waste of resources.
  • a session resource control method, apparatus, device, system, and storage medium provided by the embodiments of the present application are intended to solve the problem in the related art that when the session between the client and the VPDN virtual private network server is abnormal, the session occupied by the VPDN access device The resource cannot be released and is occupied for a long time, which affects the establishment of a new session and leads to a waste of resources.
  • an embodiment of the present application provides a method for controlling session resources, including: after a client establishes a session with a VPDN virtual private network server through a virtual private dial-up network VPDN access device, monitoring whether the session is abnormal; When the session is abnormal, the resources occupied by the session on the VPDN access device are released.
  • the embodiment of the present application also provides a session resource control device, including: a monitoring module, used for monitoring after the client establishes a session with the VPDN virtual private network server through the virtual private dial-up network VPDN access device. Whether the session is abnormal; a control module, configured to release the resources occupied by the session on the VPDN access device when the monitoring module detects that the session is abnormal.
  • the embodiment of the present application also provides a VPDN access device, including a processor, a communication bus and a memory, the communication bus is used to connect the processor and the memory, and the memory stores A computer program, where the processor is configured to invoke and execute the computer program to implement the steps of the method for controlling session resources as described above.
  • the embodiment of the present application also provides a VPDN system, including a VPDN access device, a VPDN virtual private network server, and a client; the VPDN access device is used to pass the VPDN at the client After the access device establishes a session with the VPDN virtual private network server, it monitors whether the session is abnormal, and when the session is abnormal, releases the resources occupied by the session on the VPDN access device.
  • a VPDN system including a VPDN access device, a VPDN virtual private network server, and a client; the VPDN access device is used to pass the VPDN at the client After the access device establishes a session with the VPDN virtual private network server, it monitors whether the session is abnormal, and when the session is abnormal, releases the resources occupied by the session on the VPDN access device.
  • embodiments of the present application further provide a computer-readable storage medium, where the computer-readable storage medium stores a computer program, and the computer program can be executed by a processor to implement the above-mentioned conversation Steps of a resource control method.
  • FIG. 1 is a schematic flowchart of a method for controlling session resources provided in Embodiment 1 of the present application;
  • FIG. 2 is a schematic diagram 1 of L2TP/VPN networking according to Embodiment 1 of the present application;
  • FIG. 3 is a second schematic diagram of L2TP/VPN networking according to Embodiment 1 of the present application.
  • FIG. 4 is a schematic structural diagram of a session resource control apparatus according to Embodiment 2 of the present application.
  • FIG. 5 is a schematic structural diagram of a VPDN access device provided in Embodiment 2 of the present application.
  • FIG. 6 is a schematic structural diagram of a VPDN system provided in Embodiment 2 of the present application.
  • FIG. 7 is a schematic flowchart of a client establishing a session with a VPDN virtual private network server through a VPDN access device according to Embodiment 2 of the present application;
  • FIG. 8 is a schematic flowchart of a method for controlling session resources according to Embodiment 2 of the present application.
  • the session resource control method can release the session occupied on the VPDN access device when the client detects that the session is abnormal after the client establishes a session with the VPDN virtual private network server through the virtual private dial-up network VPDN access device.
  • the method for controlling session resources includes but is not limited to the following steps.
  • the client in the VPDN system in this embodiment may be various communication terminals capable of establishing a VPDN session with the VPDN virtual private network server, and the type of the client is not limited in this embodiment.
  • the manner in which the client establishes a session with the VPDN virtual private network server through the VPDN access device can be flexibly set according to specific application scenarios.
  • the VPDN tunneling protocol can adopt but is not limited to the following three protocols: 1PPTP (Point-to-Point Tunneling Protocol, point-to-point tunneling protocol); 2L2F (Layer 2 Forwarding, Layer 2 forwarding); 3L2TP (Layer 2 Tunneling Protocol, Layer 2 Tunneling Protocol).
  • L2TP is a type of VPDN (Virtual Private Dial-up Network) tunneling protocol. It was jointly formulated by Cisco, Microsoft and other companies in 1999. Manufacturer's support is currently the most widely used.
  • VPDN Virtual Private Dial-up Network
  • L2TP/VPN networking schematic diagram An exemplary L2TP/VPN networking schematic diagram is shown in Figures 2 and 3. It can be seen from the figures that the three elements of L2TP/VPN networking include LNS (L2TP Network Server, Layer 2 Tunneling Protocol Virtual Private Network Server) 203, LAC (L2TP Access Concentrator, Layer 2 Tunneling Protocol Access Device) 202 and client Client 201.
  • LNS L2TP Network Server
  • LAC Layer 2 Tunneling Protocol Access Device
  • the Layer 2 tunneling protocol virtual private network server LNS 203 L2TP Network Server is the VPN server on the L2TP enterprise side.
  • the LNS may complete the final authorization and authentication of the user, receive tunnel and connection requests from the LAC, and establish a PPP (Point to Point Protocol) channel connecting the LNS and the user.
  • PPP Point to Point Protocol
  • Layer 2 tunneling protocol access device LAC 202 L2TP Access Concentrator, which is an L2TP access device. Provides AAA (Authentication, Authorization, Accounting, authentication, authorization, accounting) services for various user access, the function of initiating tunnel and session connections, and the proxy authentication function for VPN users.
  • the LAC is an access device that provides VPN services on the ISP side. In terms of physical implementation, the LAC can be, but not limited to, a router or access server configured with L2TP, or a dedicated VPN server.
  • Dial-up client 201 Dial-up client 201.
  • the session keep-alive technologies are between the client and the LNS device, and the session keep-alive technology is not used between the client and the LAC, so that the LAC cannot perceive the abnormality of the session, which in turn causes the session to be stored in the LAC.
  • the resources occupied by the previous session cannot be released in time when the session is abnormal, which affects the establishment of a new session and leads to a waste of resources.
  • the LNS corresponds to the VPDN virtual private network server in the VPDN network system
  • the LAC corresponds to the VPDN access device in the VPDN network system.
  • all resources occupied by the session on the VPDN access device may be released, and some resources occupied by the session on the VPDN access device may also be released according to requirements. Flexible settings according to needs.
  • the manner of monitoring whether the session established between the client and the VPDN virtual private network server is abnormal can be flexibly adopted.
  • the working state of at least one of the client, the VPDN virtual private network server, and the VPDN access device can be monitored.
  • an abnormal working state of a certain device is detected, it is likely to cause the client
  • the session established with the VPDN virtual private network server is abnormal.
  • the packets exchanged between the client and the VPDN virtual private network server are abnormal, and if so, it can be determined that the session is abnormal.
  • at least one of the following packets but not limited to the following packets between the client and the VPDN virtual private network server may be monitored: LCP (Link) between the client and the VPDN virtual private network server Control Protocol) link establishment message; LCP authentication message between client and VPDN virtual private network server; NCP (Network Control Protocol, Network Control Protocol) negotiation between client and VPDN virtual private network server packets; keep-alive interaction packets between the client and the VPDN virtual private network server; access enterprise data interaction packets between the client and the VPDN virtual private network server.
  • LCP Link
  • NCP Network Control Protocol, Network Control Protocol
  • the method of monitoring whether the packets exchanged between the client and the VPDN virtual private network server are abnormal can also be flexibly set.
  • any of the following two methods can be used: A sort of.
  • Method 1 Monitor whether the VPDN access device receives the corresponding message, if not, determine that the message exchanged between the client and the VPDN virtual private network server is abnormal.
  • the VPDN access device can monitor whether the VPDN access device receives the LCP link establishment message between the client and the VPDN virtual private network server, if not, it can be considered that the client and the VPDN virtual private network server are connected The packets exchanged between them are abnormal.
  • the VPDN access device can be monitored whether the VPDN access device receives the LCP authentication message between the client and the VPDN virtual private network server, if not, it can be considered that the client and the VPDN virtual private network server The packets exchanged between them are abnormal.
  • the VPDN access device can be monitored whether the VPDN access device receives the NCP negotiation message between the client and the VPDN virtual private network server. The packets exchanged between them are abnormal.
  • the VPDN access device can be monitored whether the VPDN access device receives a keep-alive interaction message between the client and the VPDN virtual private network server, if not, it can be considered that the client and the VPDN virtual private network server are The packets exchanged between them are abnormal.
  • the VPDN access device in this mode, it can be monitored whether the VPDN access device normally receives at least LCP link establishment packets, LCP authentication packets, NCP negotiation packets, keep-alive interaction packets, and access enterprise data interaction packets. One, and it can be determined that any one or two of them cannot be received normally, it can be considered that the packets exchanged between the client and the VPDN virtual private network server are abnormal.
  • Method 2 Monitor whether the flow of packets exchanged between the client and the VPDN virtual private network server is abnormal. If so, determine whether the packets exchanged between the client and the VPDN virtual private network server are abnormal.
  • the packets between the client and the VPDN virtual private network server can be set as the forwarding traffic of the VPDN access device for the VPDN access device, and the forwarding traffic can be used as the VPDN access device to determine the client and the VPDN virtual private network.
  • the basis for whether the session between servers is still normal.
  • monitoring whether the traffic of packets exchanged between the client and the VPDN virtual private network server is abnormal may include, but is not limited to, monitoring the client and the VPDN virtual private network server within a preset monitoring period. Whether the traffic of the packets exchanged between them has changed, if not, it is determined that the traffic of the packets exchanged between the client and the VPDN virtual private network server is abnormal.
  • LCP link establishment packets, LCP authentication packets, NCP negotiation packets, keep-alive interaction packets, and access enterprise data interaction packets between the client and the VPDN virtual private network server can all be used as VPDN connection packets.
  • the forwarding traffic of the incoming device, or only a part of the LCP link establishment packets, LCP authentication packets, NCP negotiation packets, keep-alive interaction packets, and access enterprise data interaction packets can be used as the forwarding traffic of the VPDN access device. For example, only keep-alive interaction packets and access enterprise data interaction packets may be used as the forwarding traffic of the VPDN access device.
  • the session resource control method provided by this embodiment can flexibly and accurately monitor whether the session is abnormal in various ways after the client establishes a session with the VPDN virtual private network server through the virtual private dial-up network VPDN access device. And when the abnormality of the session is detected, the resources occupied by the session on the VPDN access device can be released in time, so as to prevent the resources occupied by the session on the VPDN access device from being occupied for a long time ineffective, improve resource utilization, and avoid affecting new sessions.
  • the establishment of the VPDN system can also improve the overall performance of the VPDN system and the satisfaction of the user experience.
  • this embodiment further provides a session resource control apparatus based on the above-mentioned embodiment, and the session resource control apparatus can be set in the VPDN access device or in other network element devices. See FIG. 4, it includes but is not limited to the following modules.
  • the monitoring module 401 is configured to monitor whether the session is abnormal after the client establishes a session with the VPDN virtual private network server through the virtual private dial-up network VPDN access device; This will not be repeated here.
  • the control module 402 is configured to release the resources occupied by the session on the VPDN access device when the monitoring module detects that the session is abnormal.
  • An example processing procedure can be referred to but not limited to that shown in the foregoing embodiment, and details are not described herein again.
  • the functions of the monitoring module 401 and the control module 402 may be implemented by but not limited to a processor.
  • This embodiment also provides a VPDN access device, as shown in FIG. 5 , which includes but is not limited to a processor 501, a communication bus 502, and a memory 503.
  • the communication bus 502 is used to connect the processor 501 and the memory 503, and the memory
  • a computer program is stored in 503, and the processor is used to invoke and execute the computer program to implement the steps of the session resource control method shown in the above embodiment.
  • This embodiment also provides a VPDN system, as shown in FIG. 6 , which includes but is not limited to: a VPDN access device 602 , a VPDN virtual private network server 603 and a client 601 .
  • the VPDN access device 602 is used to monitor whether the session is abnormal after the client 601 establishes a session with the VPDN virtual private network server through the VPDN access device 602 itself, and releases the session occupation on the VPDN access device when the session is abnormal resource of.
  • One example of the monitoring and the process of releasing resources occupied by a session can be referred to, but not limited to, those shown in the foregoing embodiments, and details are not described herein again.
  • this embodiment uses the L2TP/VPN networking application scenario shown in FIG. 2 as an example to illustrate the method for controlling session resources.
  • the process of establishing a session between the client and the VPDN virtual private network server through the VPDN access device includes but is not limited to the following steps.
  • S701 The client uses the PPPOE protocol to dial up and negotiate with the device where the LAC is located in the discovery phase.
  • S702 The client and the LAC device perform LCP negotiation and authentication.
  • the LAC device is successfully authenticated and found to be an L2TP user (ie, an L2TP client), and negotiates an L2TP tunnel and a session.
  • S704 The negotiation is successful and the LAC user goes online successfully, and the LAC starts the session keep-alive.
  • S705 The client and the LNS device perform LCP chain establishment and authentication.
  • S706 The client and the LNS device perform NCP negotiation.
  • S707 Session keep-alive interaction is performed between the client and the LNS device.
  • S708 The client accesses enterprise data.
  • S709 The LAC device is configured and session exception monitoring is started.
  • FIG. 8 the process of configuring the LAC device and starting session exception monitoring is shown in FIG. 8 , which includes but is not limited to the following steps.
  • S801 Periodically capture the packet traffic between the client and the LNS.
  • the LAC device after the LAC device is configured and starts session exception monitoring, it regularly monitors any traffic generated by the interaction between the client and the LNS in the above-mentioned steps S705 to S708, including but not limited to the LCP between the client and the LNS device.
  • Link establishment packets, LCP authentication packets, NCP negotiation packets, keep-alive interaction packets, and access enterprise data interaction packets are all used by the LAC device to determine whether the session between the client and the LNS device is normal.
  • the LAC device regularly obtains the traffic of packets between the client and the LNS device. If the traffic does not change within the configured monitoring period, it determines that the session between the client and the LNS device has expired, and the LAC device actively releases the expired session. resources occupied.
  • the monitoring period can be set flexibly, and it can also be set according to requirements when the traffic does not change in consecutive N (N is greater than or equal to 2) monitoring periods, and the session between the client and the LNS device is determined. has expired.
  • S802 Determine whether the flow rate changes during the monitoring period, if so, go to S801; otherwise, go to S803.
  • the LAC device can use various methods to flexibly and accurately monitor whether the session is abnormal, and when monitoring the session When the session is abnormal, it can actively release the resources occupied by the session in time to avoid the resources occupied by the session on the LAC device being occupied for a long time and ineffective, and improve the resource utilization rate.
  • This embodiment also provides a computer-readable storage medium, where the computer-readable storage medium stores a computer program, and the computer program can be executed by a processor to implement the steps in the session resource control method shown in the above embodiments.
  • the computer-readable storage medium in this embodiment may be provided on, but not limited to, a base station, for example, a BBU of the base station, which is included in the storage medium for storing information (such as computer-readable instructions, data structures, computer program modules or other data), volatile or nonvolatile, removable or non-removable media implemented in any method or technology.
  • a base station for example, a BBU of the base station
  • information such as computer-readable instructions, data structures, computer program modules or other data
  • volatile or nonvolatile, removable or non-removable media implemented in any method or technology.
  • Computer-readable storage media include but are not limited to RAM (Random Access Memory, random access memory), ROM (Read-Only Memory, read-only memory), EEPROM (Electrically Erasable Programmable read only memory, electrically erasable programmable read-only memory) , Flash memory or other memory technology, CD-ROM (Compact Disc Read-Only Memory), Digital Versatile Disc (DVD) or other optical disk storage, magnetic cartridge, magnetic tape, magnetic disk storage or other magnetic storage device, or Any other medium that can be used to store the desired information and that can be accessed by a computer.
  • RAM Random Access Memory
  • ROM Read-Only Memory
  • EEPROM Electrically Erasable Programmable read only memory
  • Flash memory or other memory technology
  • CD-ROM Compact Disc Read-Only Memory
  • DVD Digital Versatile Disc
  • This embodiment also provides a computer program (or computer software), which can be distributed on a computer-readable medium and executed by a computer-readable device, so as to implement the steps in the above-mentioned session resource control method; And in some cases, at least one of the steps shown or described may be performed in an order different from that described in the above embodiments.
  • a computer program or computer software
  • This embodiment also provides a computer program product, including a computer-readable device, on which any of the computer programs shown above are stored.
  • the computer-readable device may include the computer-readable storage medium as described above.
  • the client after the client establishes a session with the VPDN virtual private network server through the virtual private dial-up network VPDN access device, monitor whether the session is abnormal; When an abnormality of the session is detected, the resources occupied by the session on the VPDN access device are released, so as to prevent the resources occupied by the session from being occupied for a long time ineffectively, improve resource utilization, avoid affecting the establishment of new sessions, and also improve the performance of the VPDN system. Comprehensive performance, thereby improving user experience satisfaction.
  • the functional modules/units in the system, and the device can be implemented as software (which can be implemented by computer program codes executable by a computing device). ), firmware, hardware, and their appropriate combination.
  • the division between functional modules/units mentioned in the above description does not necessarily correspond to the division of physical components; for example, one physical component may have multiple functions, or one function or step may be composed of several physical components Components execute cooperatively.
  • Some or all physical components may be implemented as software executed by a processor, such as a central processing unit, digital signal processor or microprocessor, or as hardware, or as an integrated circuit, such as an application specific integrated circuit .
  • communication media typically embodies computer readable instructions, data structures, computer program modules, or other data in a modulated data signal such as a carrier wave or other transport mechanism, and can include any information delivery, as is well known to those of ordinary skill in the art medium. Therefore, the present application is not limited to any particular combination of hardware and software.

Abstract

The embodiments of the present application provide a session resource control method and apparatus, a device, a system, and a storage medium. Said method comprises: after a client establishes a session with a virtual private dial-up network (VPDN) virtual private network server by means of a VPDN access device, monitoring whether the session is anomalous; and if the session is detected to be anomalous, releasing resources occupied by the session on the VPDN access device.

Description

会话资源控制方法、装置、设备、系统及存储介质Session resource control method, apparatus, device, system and storage medium
相关申请的交叉引用CROSS-REFERENCE TO RELATED APPLICATIONS
本申请要求享有2020年9月17日提交的名称为“会话资源控制方法、装置、设备、系统及存储介质”的中国专利申请CN202010977724.7的优先权,其全部内容通过引用并入本申请中。This application claims the priority of Chinese patent application CN202010977724.7, which was filed on September 17, 2020 and is entitled "Session resource control method, device, device, system and storage medium", the entire contents of which are incorporated into this application by reference. .
技术领域technical field
本申请实施例涉及通信领域,具体涉及一种会话资源控制方法、装置、设备、系统及存储介质。The embodiments of the present application relate to the field of communications, and in particular, to a method, apparatus, device, system, and storage medium for controlling session resources.
背景技术Background technique
VPDN(Virtual PrivateDia-up Network,虚拟私有拨号网)是指利用公共网络(如ISDN(Integrated Services Digital Network,综合业务数字网))或PSTN(Public Switched Telephone Network,公共交换电话网络))的拨号功能接入公共网络,实现虚拟专用网,从而为企业、小型ISP(Internet Service Provider,互联网服务提供商)、移动办公人员等提供接入服务。VPDN为远端用户与私有企业网之间提供了一种经济而有效的点到点连接方式。VPDN (Virtual Private Dia-up Network, Virtual Private Dial-Up Network) refers to the dial-up function using a public network (such as ISDN (Integrated Services Digital Network, Integrated Services Digital Network)) or PSTN (Public Switched Telephone Network, Public Switched Telephone Network)) Access the public network to realize virtual private network, so as to provide access services for enterprises, small ISPs (Internet Service Providers, Internet Service Providers), mobile office workers, etc. VPDN provides an economical and effective point-to-point connection between remote users and private enterprise networks.
VPDN采用专用的网络通信协议,在公共网络上为企业建立安全的虚拟专网。企业驻外机构和出差人员可远程经由公共网络,通过虚拟隧道实现和企业总部之间的网络连接,而公共网络上其余用户则无法穿过虚拟隧道访问。VPDN uses a dedicated network communication protocol to establish a secure virtual private network for enterprises on the public network. The company's overseas offices and business travelers can remotely connect to the corporate headquarters through a virtual tunnel through the public network, while other users on the public network cannot access through the virtual tunnel.
在相关技术的VPDN系统中,客户端通过VPDN接入设备与VPDN虚拟专用网络服务器建立会话进行通信。但是,在目前的会话机制中,当会话出现异常时,相关技术中的VPDN接入设备并不能感知到该会话异常,导致VPDN接入设备上会话资源无法释放而被长时间占用,也影响新会话的建立,导致资源浪费。In the VPDN system of the related art, a client communicates with a VPDN virtual private network server by establishing a session through a VPDN access device. However, in the current session mechanism, when a session is abnormal, the VPDN access device in the related art cannot perceive the abnormality of the session, so that the session resources on the VPDN access device cannot be released and are occupied for a long time, which also affects new The establishment of the session leads to waste of resources.
发明内容SUMMARY OF THE INVENTION
本申请实施例提供的一种会话资源控制方法、装置、设备、系统及存储介质,旨在解决相关技术中,客户端与VPDN虚拟专用网络服务器的会话异常时,VPDN接入设备上会话占用的资源无法释放而被长时间占用,影响新会话的建立,导致资源浪费的问题。A session resource control method, apparatus, device, system, and storage medium provided by the embodiments of the present application are intended to solve the problem in the related art that when the session between the client and the VPDN virtual private network server is abnormal, the session occupied by the VPDN access device The resource cannot be released and is occupied for a long time, which affects the establishment of a new session and leads to a waste of resources.
为解决上述技术问题,本申请实施例提供了一种会话资源控制方法,包括:在客户端通过虚拟私有拨号网VPDN接入设备与VPDN虚拟专用网络服务器建立会话后,监测所述 会话是否异常;到所述会话异常时,释放所述VPDN接入设备上所述会话占用的资源。To solve the above technical problem, an embodiment of the present application provides a method for controlling session resources, including: after a client establishes a session with a VPDN virtual private network server through a virtual private dial-up network VPDN access device, monitoring whether the session is abnormal; When the session is abnormal, the resources occupied by the session on the VPDN access device are released.
为解决上述技术问题,本申请实施例还提供了一种会话资源控制装置,包括:监测模块,用于在客户端通过虚拟私有拨号网VPDN接入设备与VPDN虚拟专用网络服务器建立会话后,监测所述会话是否异常;控制模块,用于在所述监测模块监测到所述会话异常时,释放所述VPDN接入设备上所述会话占用的资源。In order to solve the above technical problem, the embodiment of the present application also provides a session resource control device, including: a monitoring module, used for monitoring after the client establishes a session with the VPDN virtual private network server through the virtual private dial-up network VPDN access device. Whether the session is abnormal; a control module, configured to release the resources occupied by the session on the VPDN access device when the monitoring module detects that the session is abnormal.
为解决上述技术问题,本申请实施例还提供了一种VPDN接入设备,包括处理器、通信总线和存储器,所述通信总线用于将所述处理器和存储器连接,所述存储器中存储有计算机程序,所述处理器用于调用执行所述计算机程序,以实现如上所述的会话资源控制方法的步骤。In order to solve the above technical problem, the embodiment of the present application also provides a VPDN access device, including a processor, a communication bus and a memory, the communication bus is used to connect the processor and the memory, and the memory stores A computer program, where the processor is configured to invoke and execute the computer program to implement the steps of the method for controlling session resources as described above.
为解决上述技术问题,本申请实施例还提供了一种VPDN系统,包括VPDN接入设备、VPDN虚拟专用网络服务器和客户端;所述VPDN接入设备用于在所述客户端通过所述VPDN接入设备与所述VPDN虚拟专用网络服务器建立会话后,监测所述会话是否异常,在监测到所述会话异常时,释放所述VPDN接入设备上所述会话占用的资源。In order to solve the above technical problem, the embodiment of the present application also provides a VPDN system, including a VPDN access device, a VPDN virtual private network server, and a client; the VPDN access device is used to pass the VPDN at the client After the access device establishes a session with the VPDN virtual private network server, it monitors whether the session is abnormal, and when the session is abnormal, releases the resources occupied by the session on the VPDN access device.
为解决上述技术问题,本申请实施例还提供了一种计算机可读存储介质,所述计算机可读存储介质存储有计算机程序,所述计算机程序可被处理器执行,以实现如上所述的会话资源控制方法的步骤。To solve the above technical problems, embodiments of the present application further provide a computer-readable storage medium, where the computer-readable storage medium stores a computer program, and the computer program can be executed by a processor to implement the above-mentioned conversation Steps of a resource control method.
本申请其他特征和相应的有益效果在说明书的后面部分进行阐述说明,且应当理解,至少部分有益效果从本申请说明书中的记载变的显而易见。Other features and corresponding beneficial effects of the present application are described in later parts of the specification, and it should be understood that at least some of the beneficial effects will become apparent from the description in the specification of the present application.
附图说明Description of drawings
图1为本申请实施例一提供的会话资源控制方法流程示意图;FIG. 1 is a schematic flowchart of a method for controlling session resources provided in Embodiment 1 of the present application;
图2为本申请实施例一提供的L2TP/VPN组网示意图一;FIG. 2 is a schematic diagram 1 of L2TP/VPN networking according to Embodiment 1 of the present application;
图3为本申请实施例一提供的L2TP/VPN组网示意图二;FIG. 3 is a second schematic diagram of L2TP/VPN networking according to Embodiment 1 of the present application;
图4为本申请实施例二提供的会话资源控制装置结构示意图;FIG. 4 is a schematic structural diagram of a session resource control apparatus according to Embodiment 2 of the present application;
图5为本申请实施例二提供的VPDN接入设备结构示意图;5 is a schematic structural diagram of a VPDN access device provided in Embodiment 2 of the present application;
图6为本申请实施例二提供的VPDN系统结构示意图;6 is a schematic structural diagram of a VPDN system provided in Embodiment 2 of the present application;
图7为本申请实施例二提供的客户端通过VPDN接入设备与VPDN虚拟专用网络服务器建立会话的流程示意图;7 is a schematic flowchart of a client establishing a session with a VPDN virtual private network server through a VPDN access device according to Embodiment 2 of the present application;
图8为本申请实施例二提供的会话资源控制方法流程示意图。FIG. 8 is a schematic flowchart of a method for controlling session resources according to Embodiment 2 of the present application.
具体实施方式detailed description
为了使本申请的目的、技术方案及优点更加清楚明白,下面通过具体实施方式结合附 图对本申请实施例作进一步详细说明。应当理解,此处所描述的具体实施例仅仅用以解释本申请,并不用于限定本申请。In order to make the purpose, technical solutions and advantages of the present application more clearly understood, the embodiments of the present application will be described in further detail below through specific embodiments in conjunction with the accompanying drawings. It should be understood that the specific embodiments described herein are only used to explain the present application, but not to limit the present application.
实施例一Example 1
下面结合附图和实施实例,对本申请的具体实施方式作进一步详细描述。The specific embodiments of the present application will be described in further detail below with reference to the accompanying drawings and implementation examples.
针对相关技术中,客户端与VPDN虚拟专用网络服务器的会话异常时,VPDN接入设备上会话占用的资源无法释放而被长时间占用,影响新会话的建立,导致资源浪费的问题。本实施例提供的会话资源控制方法,可在客户端通过虚拟私有拨号网VPDN接入设备与VPDN虚拟专用网络服务器建立会话后,在监测到该会话异常时,释放VPDN接入设备上该会话占用的资源,避免VPDN接入设备上该会话占用的资源被长时间无效的占用,提升资源利用率,避免影响新会话的建立,也可提升VPDN系统的综合性能,进而提升用户体验的满意度。为了便于理解,本实施例下面结合图1对本实施例所提供的会话资源控制方法为示例进行说明,请参见图1所示,其包括但不限于以下步骤。In the related art, when the session between the client and the VPDN virtual private network server is abnormal, the resources occupied by the session on the VPDN access device cannot be released and are occupied for a long time, which affects the establishment of a new session and leads to a waste of resources. The session resource control method provided in this embodiment can release the session occupied on the VPDN access device when the client detects that the session is abnormal after the client establishes a session with the VPDN virtual private network server through the virtual private dial-up network VPDN access device. It can prevent the resources occupied by the session on the VPDN access device from being occupied for a long time ineffective, improve resource utilization, avoid affecting the establishment of new sessions, and also improve the overall performance of the VPDN system, thereby improving user experience satisfaction. For ease of understanding, the method for controlling session resources provided by this embodiment is described below with reference to FIG. 1 as an example. Referring to FIG. 1 , the method includes but is not limited to the following steps.
S101:在客户端通过VPDN接入设备与VPDN虚拟专用网络(Virtual Private Network,VPN)服务器建立会话后,监测该会话是否异常。S101: After the client establishes a session with a VPDN virtual private network (Virtual Private Network, VPN) server through the VPDN access device, monitor whether the session is abnormal.
应当理解的是,本实施例中VPDN系统中的客户端可以是各种能与VPDN虚拟专用网络服务器建立VPDN会话的通信终端,本实施例中该客户端的类型不做限制。It should be understood that the client in the VPDN system in this embodiment may be various communication terminals capable of establishing a VPDN session with the VPDN virtual private network server, and the type of the client is not limited in this embodiment.
应当理解的是,本实施例中客户端通过VPDN接入设备与VPDN虚拟专用网络服务器建立会话的方式可以根据具体应用场景灵活设定。例如,在一些应用场景中,VPDN隧道协议可以采用但不限于以下三种协议:①PPTP(Point-to-Point Tunneling Protocol,点到点隧道协议);②L2F(Layer 2 Forwarding,二层转发);③L2TP(Layer 2 Tunneling Protocol,二层隧道协议)。It should be understood that, in this embodiment, the manner in which the client establishes a session with the VPDN virtual private network server through the VPDN access device can be flexibly set according to specific application scenarios. For example, in some application scenarios, the VPDN tunneling protocol can adopt but is not limited to the following three protocols: ①PPTP (Point-to-Point Tunneling Protocol, point-to-point tunneling protocol); ②L2F (Layer 2 Forwarding, Layer 2 forwarding); ③L2TP (Layer 2 Tunneling Protocol, Layer 2 Tunneling Protocol).
为了便于理解,下面以L2TP为示例进行说明。L2TP是VPDN(Virtual PrivateDial-up Network,虚拟私有拨号网)隧道协议的一种,是由Cisco、Microsoft等公司在1999年联合制定的,已经成为二层隧道协议的工业标准,并得到了众多网络厂商的支持,目前应用最为广泛。For ease of understanding, the following uses L2TP as an example for description. L2TP is a type of VPDN (Virtual Private Dial-up Network) tunneling protocol. It was jointly formulated by Cisco, Microsoft and other companies in 1999. Manufacturer's support is currently the most widely used.
一种示例的L2TP/VPN组网示意图请参见图2和图3所示,由图可知L2TP/VPN组网的三要素包括LNS(L2TP Network Server,二层隧道协议虚拟专用网络服务器)203、LAC(L2TP Access Concentrator,二层隧道协议接入设备)202和客户端Client201。An exemplary L2TP/VPN networking schematic diagram is shown in Figures 2 and 3. It can be seen from the figures that the three elements of L2TP/VPN networking include LNS (L2TP Network Server, Layer 2 Tunneling Protocol Virtual Private Network Server) 203, LAC (L2TP Access Concentrator, Layer 2 Tunneling Protocol Access Device) 202 and client Client 201.
其中,二层隧道协议虚拟专用网络服务器LNS 203:L2TP Network Server,为L2TP企业侧的VPN服务器。一些示例中,该LNS可完成对用户的最终授权和验证,接收来自LAC的隧道和连接请求,并建立连接LNS和用户的PPP(Point to Point Protocol,点对点协议) 通道。Among them, the Layer 2 tunneling protocol virtual private network server LNS 203: L2TP Network Server is the VPN server on the L2TP enterprise side. In some examples, the LNS may complete the final authorization and authentication of the user, receive tunnel and connection requests from the LAC, and establish a PPP (Point to Point Protocol) channel connecting the LNS and the user.
二层隧道协议接入设备LAC 202:L2TP Access Concentrator,为L2TP的接入设备。提供各种用户接入的AAA(Authentication、Authorization、Accounting,验证、授权、记账)服务,发起隧道和会话连接的功能,以及对VPN用户的代理认证功能。LAC是ISP侧提供VPN服务的接入设备,在物理实现上,LAC既可以为但不限于配置L2TP的路由器或接入服务器,也可以是专用的VPN服务器。Layer 2 tunneling protocol access device LAC 202: L2TP Access Concentrator, which is an L2TP access device. Provides AAA (Authentication, Authorization, Accounting, authentication, authorization, accounting) services for various user access, the function of initiating tunnel and session connections, and the proxy authentication function for VPN users. The LAC is an access device that provides VPN services on the ISP side. In terms of physical implementation, the LAC can be, but not limited to, a router or access server configured with L2TP, or a dedicated VPN server.
Client:拨号客户端201。Client: Dial-up client 201.
相关技术中,大多数会话保活技术是针对客户端和LNS设备之间的,针对客户端和LAC之间没有采用会话保活技术,导致LAC不能感知到会话的异常,进而导致该会话在LAC上占用的资源在该会话异常时不能及时被释放掉,影响新会话的建立,导致资源浪费的问题。In related technologies, most of the session keep-alive technologies are between the client and the LNS device, and the session keep-alive technology is not used between the client and the LAC, so that the LAC cannot perceive the abnormality of the session, which in turn causes the session to be stored in the LAC. The resources occupied by the previous session cannot be released in time when the session is abnormal, which affects the establishment of a new session and leads to a waste of resources.
在L2TP场景中,LNS对应VPDN网络系统中的VPDN虚拟专用网络服务器,LAC对应VPDN网络系统中的VPDN接入设备。相应的,在PPTP和L2F中分别有对应VPDN虚拟专用网络服务器和VPDN接入设备的服务器和设备,在此不再赘述。In the L2TP scenario, the LNS corresponds to the VPDN virtual private network server in the VPDN network system, and the LAC corresponds to the VPDN access device in the VPDN network system. Correspondingly, there are servers and devices corresponding to the VPDN virtual private network server and the VPDN access device in the PPTP and the L2F respectively, which will not be repeated here.
S102:在监测到该会话异常时,释放VPDN接入设备上会话占用的资源。S102: When detecting that the session is abnormal, release the resources occupied by the session on the VPDN access device.
应当理解的是,在本实施例的一些应用实例中,可以释放该会话在VPDN接入设备上占用的所有资源,也可根据需求释放该会话在VPDN接入设备上占用的部分资源,具体可根据需求灵活设置。It should be understood that, in some application instances of this embodiment, all resources occupied by the session on the VPDN access device may be released, and some resources occupied by the session on the VPDN access device may also be released according to requirements. Flexible settings according to needs.
应当理解的是,在本实施例中,监测客户端与VPDN虚拟专用网络服务器建立的会话是否异常的方式可以灵活采用。It should be understood that, in this embodiment, the manner of monitoring whether the session established between the client and the VPDN virtual private network server is abnormal can be flexibly adopted.
在一种实施方式中,可以对客户端、VPDN虚拟专用网络服务器、VPDN接入设备中的至少一个的工作状态进行监测,当监测到某一个设备工作状态异常时,则很有可能导致客户端与VPDN虚拟专用网络服务器建立的会话异常。In one embodiment, the working state of at least one of the client, the VPDN virtual private network server, and the VPDN access device can be monitored. When an abnormal working state of a certain device is detected, it is likely to cause the client The session established with the VPDN virtual private network server is abnormal.
又例如,在另一种实施方式中,可监测客户端与VPDN虚拟专用网络服务器之间交互的报文是否异常,如是,则可确定该会话异常。在本实施例中,可以对客户端与VPDN虚拟专用网络服务器之间的以下报文但不限于以下报文中的至少一种进行监测:客户端与VPDN虚拟专用网络服务器之间的LCP(Link Control Protocol,链路控制协议)建链报文;客户端与VPDN虚拟专用网络服务器之间的LCP认证报文;客户端与VPDN虚拟专用网络服务器之间的NCP(NetworkControl Protocol,网络控制协议)协商报文;客户端与VPDN虚拟专用网络服务器之间的保活交互报文;客户端与VPDN虚拟专用网络服务器之间的访问企业数据交互报文。For another example, in another implementation manner, it can be monitored whether the packets exchanged between the client and the VPDN virtual private network server are abnormal, and if so, it can be determined that the session is abnormal. In this embodiment, at least one of the following packets but not limited to the following packets between the client and the VPDN virtual private network server may be monitored: LCP (Link) between the client and the VPDN virtual private network server Control Protocol) link establishment message; LCP authentication message between client and VPDN virtual private network server; NCP (Network Control Protocol, Network Control Protocol) negotiation between client and VPDN virtual private network server packets; keep-alive interaction packets between the client and the VPDN virtual private network server; access enterprise data interaction packets between the client and the VPDN virtual private network server.
应当理解的是,本实施例中对于监测客户端与VPDN虚拟专用网络服务器之间交互的 报文是否异常的方式也可灵活设置,例如一种应用场景中,可以采用以下两种方式中的任意一种。It should be understood that, in this embodiment, the method of monitoring whether the packets exchanged between the client and the VPDN virtual private network server are abnormal can also be flexibly set. For example, in an application scenario, any of the following two methods can be used: A sort of.
方式一:监测VPDN接入设备是否接收到相应的报文,如否,确定客户端与VPDN虚拟专用网络服务器之间交互的报文异常。Method 1: Monitor whether the VPDN access device receives the corresponding message, if not, determine that the message exchanged between the client and the VPDN virtual private network server is abnormal.
例如,在一种实施方式中,可以监测VPDN接入设备是否接收到客户端与VPDN虚拟专用网络服务器之间的LCP建链报文,如否,则可认为客户端与VPDN虚拟专用网络服务器之间交互的报文异常。For example, in one embodiment, it can monitor whether the VPDN access device receives the LCP link establishment message between the client and the VPDN virtual private network server, if not, it can be considered that the client and the VPDN virtual private network server are connected The packets exchanged between them are abnormal.
又例如,在一种实施方式中,可以监测VPDN接入设备是否接收到客户端与VPDN虚拟专用网络服务器之间的LCP认证报文,如否,则可认为客户端与VPDN虚拟专用网络服务器之间交互的报文异常。For another example, in one embodiment, it can be monitored whether the VPDN access device receives the LCP authentication message between the client and the VPDN virtual private network server, if not, it can be considered that the client and the VPDN virtual private network server The packets exchanged between them are abnormal.
又例如,在一种实施方式中,可以监测VPDN接入设备是否接收到客户端与VPDN虚拟专用网络服务器之间的NCP协商报文,如否,则可认为客户端与VPDN虚拟专用网络服务器之间交互的报文异常。For another example, in one embodiment, it can be monitored whether the VPDN access device receives the NCP negotiation message between the client and the VPDN virtual private network server. The packets exchanged between them are abnormal.
又例如,在一种实施方式中,可以监测VPDN接入设备是否接收到客户端与VPDN虚拟专用网络服务器之间的保活交互报文,如否,则可认为客户端与VPDN虚拟专用网络服务器之间交互的报文异常。For another example, in one embodiment, it can be monitored whether the VPDN access device receives a keep-alive interaction message between the client and the VPDN virtual private network server, if not, it can be considered that the client and the VPDN virtual private network server are The packets exchanged between them are abnormal.
又例如,在一种实施方式中,可以监测VPDN接入设备是否接收到客户端的访问企业数据交互报文,如否,则可认为客户端与VPDN虚拟专用网络服务器之间交互的报文异常。For another example, in one embodiment, it may be monitored whether the VPDN access device receives the client's access enterprise data exchange message, if not, it may be considered that the message exchanged between the client and the VPDN virtual private network server is abnormal.
也即,在本方式中,可以监测是否VPDN接入设备是否正常接收到LCP建链报文、LCP认证报文、NCP协商报文、保活交互报文、访问企业数据交互报文中的至少一种,且可确定其中的任意一种或两种等未能正常接收到时,则可认为客户端与VPDN虚拟专用网络服务器之间交互的报文异常。That is, in this mode, it can be monitored whether the VPDN access device normally receives at least LCP link establishment packets, LCP authentication packets, NCP negotiation packets, keep-alive interaction packets, and access enterprise data interaction packets. One, and it can be determined that any one or two of them cannot be received normally, it can be considered that the packets exchanged between the client and the VPDN virtual private network server are abnormal.
方式二:监测客户端与VPDN虚拟专用网络服务器之间交互的报文的流量是否异常,如是,确定客户端与VPDN虚拟专用网络服务器之间交互的报文异常。Method 2: Monitor whether the flow of packets exchanged between the client and the VPDN virtual private network server is abnormal. If so, determine whether the packets exchanged between the client and the VPDN virtual private network server are abnormal.
本方式中,可以设置客户端和VPDN虚拟专用网络服务器之间的报文对于VPDN接入设备都是VPDN接入设备的转发流量,将转发流量作为VPDN接入设备判断客户端和VPDN虚拟专用网络服务器之间的会话是否还正常的依据。例如,在一种实施方式中,监测客户端与VPDN虚拟专用网络服务器之间交互的报文的流量是否异常可包括但不限于:在预设监测周期内,监测客户端与VPDN虚拟专用网络服务器之间交互的报文的流量是否发生变化,如否,确定客户端与VPDN虚拟专用网络服务器之间交互的报文的流量异常。In this mode, the packets between the client and the VPDN virtual private network server can be set as the forwarding traffic of the VPDN access device for the VPDN access device, and the forwarding traffic can be used as the VPDN access device to determine the client and the VPDN virtual private network. The basis for whether the session between servers is still normal. For example, in one embodiment, monitoring whether the traffic of packets exchanged between the client and the VPDN virtual private network server is abnormal may include, but is not limited to, monitoring the client and the VPDN virtual private network server within a preset monitoring period. Whether the traffic of the packets exchanged between them has changed, if not, it is determined that the traffic of the packets exchanged between the client and the VPDN virtual private network server is abnormal.
在本方式中,可以将客户端与VPDN虚拟专用网络服务器之间的LCP建链报文、LCP认证报文、NCP协商报文、保活交互报文、访问企业数据交互报文都作为VPDN接入设备 的转发流量,也可仅将LCP建链报文、LCP认证报文、NCP协商报文、保活交互报文、访问企业数据交互报文中的一部分作为VPDN接入设备的转发流量,例如可以仅将保活交互报文、访问企业数据交互报文作为VPDN接入设备的转发流量。In this mode, LCP link establishment packets, LCP authentication packets, NCP negotiation packets, keep-alive interaction packets, and access enterprise data interaction packets between the client and the VPDN virtual private network server can all be used as VPDN connection packets. The forwarding traffic of the incoming device, or only a part of the LCP link establishment packets, LCP authentication packets, NCP negotiation packets, keep-alive interaction packets, and access enterprise data interaction packets can be used as the forwarding traffic of the VPDN access device. For example, only keep-alive interaction packets and access enterprise data interaction packets may be used as the forwarding traffic of the VPDN access device.
可见,本实施例提供的会话资源控制方法,可在客户端通过虚拟私有拨号网VPDN接入设备与VPDN虚拟专用网络服务器建立会话后,采用各种方式灵活准确的对该会话是否异常进行监测,并在监测到该会话异常时可及时的释放VPDN接入设备上该会话占用的资源,避免VPDN接入设备上该会话占用的资源被长时间无效的占用,提升资源利用率,避免影响新会话的建立,也可提升VPDN系统的综合性能和用户体验的满意度。It can be seen that the session resource control method provided by this embodiment can flexibly and accurately monitor whether the session is abnormal in various ways after the client establishes a session with the VPDN virtual private network server through the virtual private dial-up network VPDN access device. And when the abnormality of the session is detected, the resources occupied by the session on the VPDN access device can be released in time, so as to prevent the resources occupied by the session on the VPDN access device from being occupied for a long time ineffective, improve resource utilization, and avoid affecting new sessions. The establishment of the VPDN system can also improve the overall performance of the VPDN system and the satisfaction of the user experience.
实施例二Embodiment 2
为了便于理解,本实施例在上述实施例基础上,还提供了一种会话资源控制装置,该会话资源控制装置可以设置于VPDN接入设备中,也可设置于其他网元设备中,参见图4所示,其包括但不限于以下模块。In order to facilitate understanding, this embodiment further provides a session resource control apparatus based on the above-mentioned embodiment, and the session resource control apparatus can be set in the VPDN access device or in other network element devices. See FIG. 4, it includes but is not limited to the following modules.
监测模块401,用于在客户端通过虚拟私有拨号网VPDN接入设备与VPDN虚拟专用网络服务器建立会话后,监测会话是否异常;一种示例的监测方式参见但不限于上述实施例所示,在此不再赘述。The monitoring module 401 is configured to monitor whether the session is abnormal after the client establishes a session with the VPDN virtual private network server through the virtual private dial-up network VPDN access device; This will not be repeated here.
控制模块402,用于在监测模块监测到会话异常时,释放VPDN接入设备上会话占用的资源。一种示例的处理过程参见但不限于上述实施例所示,在此不再赘述。The control module 402 is configured to release the resources occupied by the session on the VPDN access device when the monitoring module detects that the session is abnormal. An example processing procedure can be referred to but not limited to that shown in the foregoing embodiment, and details are not described herein again.
应当理解的是,在本实施例的一些示例中,监测模块401和控制模块402的功能可以通过但不限于处理器实现。It should be understood that, in some examples of this embodiment, the functions of the monitoring module 401 and the control module 402 may be implemented by but not limited to a processor.
本实施例还提供了一种VPDN接入设备,参见图5所示,其包括但不限于处理器501、通信总线502和存储器503,通信总线502用于将处理器501和存储器503连接,存储器503中存储有计算机程序,处理器用于调用执行该计算机程序,以实现如上实施例所示的会话资源控制方法的步骤。This embodiment also provides a VPDN access device, as shown in FIG. 5 , which includes but is not limited to a processor 501, a communication bus 502, and a memory 503. The communication bus 502 is used to connect the processor 501 and the memory 503, and the memory A computer program is stored in 503, and the processor is used to invoke and execute the computer program to implement the steps of the session resource control method shown in the above embodiment.
本实施例还提供了一种VPDN系统,请参见图6所示,其包括但不限于:VPDN接入设备602、VPDN虚拟专用网络服务器603和客户端601。This embodiment also provides a VPDN system, as shown in FIG. 6 , which includes but is not limited to: a VPDN access device 602 , a VPDN virtual private network server 603 and a client 601 .
VPDN接入设备602用于在客户端601通过VPDN接入设备602自身与VPDN虚拟专用网络服务器建立会话后,监测该会话是否异常,在监测到该会话异常时,释放VPDN接入设备上会话占用的资源。其中一种示例的监测以及会话占用的资源释放过程可参见但不限于上述实施例所示,在此不再赘述。The VPDN access device 602 is used to monitor whether the session is abnormal after the client 601 establishes a session with the VPDN virtual private network server through the VPDN access device 602 itself, and releases the session occupation on the VPDN access device when the session is abnormal resource of. One example of the monitoring and the process of releasing resources occupied by a session can be referred to, but not limited to, those shown in the foregoing embodiments, and details are not described herein again.
为了便于理解,本实施例下面以图2所示的L2TP/VPN组网应用场景为示例,对会话资源控制方法进行示例说明。请参见图7所示,客户端通过VPDN接入设备与VPDN虚拟 专用网络服务器建立会话的过程包括但不限于以下步骤。For ease of understanding, this embodiment uses the L2TP/VPN networking application scenario shown in FIG. 2 as an example to illustrate the method for controlling session resources. Referring to Fig. 7, the process of establishing a session between the client and the VPDN virtual private network server through the VPDN access device includes but is not limited to the following steps.
S701:客户端使用PPPOE协议拨号和LAC所在设备进行发现阶段协商。S701: The client uses the PPPOE protocol to dial up and negotiate with the device where the LAC is located in the discovery phase.
S702:客户端和LAC设备进行LCP协商和认证。S702: The client and the LAC device perform LCP negotiation and authentication.
S703:LAC设备认证成功发现是L2TP用户(即L2TP客户端),进行L2TP隧道和会话的协商。S703: The LAC device is successfully authenticated and found to be an L2TP user (ie, an L2TP client), and negotiates an L2TP tunnel and a session.
S704:协商成功LAC用户成功上线,LAC启动会话保活。S704: The negotiation is successful and the LAC user goes online successfully, and the LAC starts the session keep-alive.
S705:客户端和LNS设备进行LCP建链和认证。S705: The client and the LNS device perform LCP chain establishment and authentication.
S706:客户端和LNS设备进行NCP协商。S706: The client and the LNS device perform NCP negotiation.
S707:客户端和LNS设备之间进行会话保活交互。S707: Session keep-alive interaction is performed between the client and the LNS device.
S708:客户端访问企业数据。S708: The client accesses enterprise data.
S709:LAC设备配置并启动会话异常监控。S709: The LAC device is configured and session exception monitoring is started.
在一种实施方式中,LAC设备配置并启动会话异常监控的过程参见图8所示,其包括但不限于以下步骤。In an implementation manner, the process of configuring the LAC device and starting session exception monitoring is shown in FIG. 8 , which includes but is not limited to the following steps.
S801:定时抓取客户端与LNS之间的报文的流量。S801: Periodically capture the packet traffic between the client and the LNS.
在本示例中,LAC设备配置并启动会话异常监控后,定时监控客户端和LNS之间的上述步骤S705至步骤S708的交互产生的任何流量,包括但不限于客户端和LNS设备之间的LCP建链报文、LCP认证报文、NCP协商报文、保活交互报文、访问企业数据交互报文,都作为LAC设备判断客户端与LNS设备之间的会话是否正常的依据。LAC设备定时获取客户端与LNS设备之间的报文的流量,如果在配置的监测周期内,流量没有变化,则判定客户端与LNS设备的会话已经失效,LAC设备主动释放此失效的会话所占用的资源。应当理解的是,本示例中监测周期内可以灵活设定,也可根据需求设置在连续的N(N大于等于2)个监测周期内流量都未发生变化,才判定客户端与LNS设备的会话已经失效。In this example, after the LAC device is configured and starts session exception monitoring, it regularly monitors any traffic generated by the interaction between the client and the LNS in the above-mentioned steps S705 to S708, including but not limited to the LCP between the client and the LNS device. Link establishment packets, LCP authentication packets, NCP negotiation packets, keep-alive interaction packets, and access enterprise data interaction packets are all used by the LAC device to determine whether the session between the client and the LNS device is normal. The LAC device regularly obtains the traffic of packets between the client and the LNS device. If the traffic does not change within the configured monitoring period, it determines that the session between the client and the LNS device has expired, and the LAC device actively releases the expired session. resources occupied. It should be understood that in this example, the monitoring period can be set flexibly, and it can also be set according to requirements when the traffic does not change in consecutive N (N is greater than or equal to 2) monitoring periods, and the session between the client and the LNS device is determined. has expired.
S802:判断监测周期内流量是否发生变化,如是,转至S801;否则,转至S803。S802: Determine whether the flow rate changes during the monitoring period, if so, go to S801; otherwise, go to S803.
S803:是否超过监测周期,如是,转至S804;否则,转至S801。S803: Whether the monitoring period is exceeded, if yes, go to S804; otherwise, go to S801.
S804:LAC设备主动释放此失效的会话所占用的资源。S804: The LAC device actively releases the resources occupied by the invalid session.
可见,在本实施例所示的应用场景中,LAC设备可在客户端通过LAC设备自身与LNS设备建立会话后,采用各种方式灵活准确的对该会话是否异常进行监测,并在监测到该会话异常时可及时的主动释放该会话占用的资源,避免LAC设备上该会话占用的资源被长时间无效的占用,提升资源利用率。It can be seen that in the application scenario shown in this embodiment, after the client establishes a session with the LNS device through the LAC device itself, the LAC device can use various methods to flexibly and accurately monitor whether the session is abnormal, and when monitoring the session When the session is abnormal, it can actively release the resources occupied by the session in time to avoid the resources occupied by the session on the LAC device being occupied for a long time and ineffective, and improve the resource utilization rate.
实施例三Embodiment 3
本实施例还提供了一种计算机可读存储介质,该计算机可读存储介质存储有计算机程 序,计算机程序可被处理器执行,以实现如上各实施例所示的会话资源控制方法中的步骤。This embodiment also provides a computer-readable storage medium, where the computer-readable storage medium stores a computer program, and the computer program can be executed by a processor to implement the steps in the session resource control method shown in the above embodiments.
本实施例中的该计算机可读存储介质可设置于但不限于基站上,例如设置于基站的BBU上,其包括在用于存储信息(诸如计算机可读指令、数据结构、计算机程序模块或其他数据)的任何方法或技术中实施的易失性或非易失性、可移除或不可移除的介质。计算机可读存储介质包括但不限于RAM(Random Access Memory,随机存取存储器),ROM(Read-Only Memory,只读存储器),EEPROM(Electrically Erasable Programmable read onlymemory,带电可擦可编程只读存储器)、闪存或其他存储器技术、CD-ROM(Compact Disc Read-Only Memory,光盘只读存储器),数字多功能盘(DVD)或其他光盘存储、磁盒、磁带、磁盘存储或其他磁存储装置、或者可以用于存储期望的信息并且可以被计算机访问的任何其他的介质。The computer-readable storage medium in this embodiment may be provided on, but not limited to, a base station, for example, a BBU of the base station, which is included in the storage medium for storing information (such as computer-readable instructions, data structures, computer program modules or other data), volatile or nonvolatile, removable or non-removable media implemented in any method or technology. Computer-readable storage media include but are not limited to RAM (Random Access Memory, random access memory), ROM (Read-Only Memory, read-only memory), EEPROM (Electrically Erasable Programmable read only memory, electrically erasable programmable read-only memory) , Flash memory or other memory technology, CD-ROM (Compact Disc Read-Only Memory), Digital Versatile Disc (DVD) or other optical disk storage, magnetic cartridge, magnetic tape, magnetic disk storage or other magnetic storage device, or Any other medium that can be used to store the desired information and that can be accessed by a computer.
本实施例还提供了一种计算机程序(或称计算机软件),该计算机程序可以分布在计算机可读介质上,由可计算装置来执行,以实现如上所述的会话资源控制方法中的步骤;并且在某些情况下,可以采用不同于上述实施例所描述的顺序执行所示出或描述的至少一个步骤。This embodiment also provides a computer program (or computer software), which can be distributed on a computer-readable medium and executed by a computer-readable device, so as to implement the steps in the above-mentioned session resource control method; And in some cases, at least one of the steps shown or described may be performed in an order different from that described in the above embodiments.
本实施例还提供了一种计算机程序产品,包括计算机可读装置,该计算机可读装置上存储有如上所示的任一计算机程序。本实施例中该计算机可读装置可包括如上所示的计算机可读存储介质。This embodiment also provides a computer program product, including a computer-readable device, on which any of the computer programs shown above are stored. In this embodiment, the computer-readable device may include the computer-readable storage medium as described above.
本申请实施例提供的会话资源控制方法、装置、设备、系统及存储介质,在客户端通过虚拟私有拨号网VPDN接入设备与VPDN虚拟专用网络服务器建立会话后,监测该会话是否异常;并在监测到该会话异常时,释放VPDN接入设备上该会话占用的资源,避免该会话占用的资源被长时间无效的占用,提升资源利用率,避免影响新会话的建立,也可提升VPDN系统的综合性能,进而提升用户体验的满意度。In the session resource control method, device, device, system and storage medium provided by the embodiments of the present application, after the client establishes a session with the VPDN virtual private network server through the virtual private dial-up network VPDN access device, monitor whether the session is abnormal; When an abnormality of the session is detected, the resources occupied by the session on the VPDN access device are released, so as to prevent the resources occupied by the session from being occupied for a long time ineffectively, improve resource utilization, avoid affecting the establishment of new sessions, and also improve the performance of the VPDN system. Comprehensive performance, thereby improving user experience satisfaction.
可见,本领域的技术人员应该明白,上文中所公开方法中的全部或某些步骤、系统、装置中的功能模块/单元可以被实施为软件(可以用计算装置可执行的计算机程序代码来实现)、固件、硬件及其适当的组合。在硬件实施方式中,在以上描述中提及的功能模块/单元之间的划分不一定对应于物理组件的划分;例如,一个物理组件可以具有多个功能,或者一个功能或步骤可以由若干物理组件合作执行。某些物理组件或所有物理组件可以被实施为由处理器,如中央处理器、数字信号处理器或微处理器执行的软件,或者被实施为硬件,或者被实施为集成电路,如专用集成电路。It can be seen that those skilled in the art should understand that all or some of the steps in the methods disclosed above, the functional modules/units in the system, and the device can be implemented as software (which can be implemented by computer program codes executable by a computing device). ), firmware, hardware, and their appropriate combination. In a hardware implementation, the division between functional modules/units mentioned in the above description does not necessarily correspond to the division of physical components; for example, one physical component may have multiple functions, or one function or step may be composed of several physical components Components execute cooperatively. Some or all physical components may be implemented as software executed by a processor, such as a central processing unit, digital signal processor or microprocessor, or as hardware, or as an integrated circuit, such as an application specific integrated circuit .
此外,本领域普通技术人员公知的是,通信介质通常包含计算机可读指令、数据结构、计算机程序模块或者诸如载波或其他传输机制之类的调制数据信号中的其他数据,并且可包括任何信息递送介质。所以,本申请不限制于任何特定的硬件和软件结合。In addition, communication media typically embodies computer readable instructions, data structures, computer program modules, or other data in a modulated data signal such as a carrier wave or other transport mechanism, and can include any information delivery, as is well known to those of ordinary skill in the art medium. Therefore, the present application is not limited to any particular combination of hardware and software.
以上内容是结合具体的实施方式对本申请实施例所作的进一步详细说明,不能认定本申请的具体实施只局限于这些说明。对于本申请所属技术领域的普通技术人员来说,在不脱离本申请构思的前提下,还可以做出若干简单推演或替换,都应当视为属于本申请的保护范围。The above content is a further detailed description of the embodiments of the present application in conjunction with specific implementations, and it cannot be considered that the specific implementation of the present application is limited to these descriptions. For those of ordinary skill in the technical field of the present application, without departing from the concept of the present application, some simple deductions or substitutions can be made, which should be regarded as belonging to the protection scope of the present application.

Claims (10)

  1. 一种会话资源控制方法,包括:A session resource control method, comprising:
    在客户端通过虚拟私有拨号网VPDN接入设备与VPDN虚拟专用网络服务器建立会话后,监测所述会话是否异常;After the client establishes a session with the VPDN virtual private network server through the virtual private dial-up network VPDN access device, monitor whether the session is abnormal;
    在监测到所述会话异常时,释放所述VPDN接入设备上所述会话占用的资源。When the abnormality of the session is detected, the resources occupied by the session on the VPDN access device are released.
  2. 如权利要求1所述的会话资源控制方法,其中,所述监测所述会话是否异常包括:The session resource control method according to claim 1, wherein the monitoring whether the session is abnormal comprises:
    监测到所述客户端与所述VPDN虚拟专用网络服务器之间交互的报文异常时,确定所述会话异常。When it is detected that the packets exchanged between the client and the VPDN virtual private network server are abnormal, it is determined that the session is abnormal.
  3. 如权利要求2所述的会话资源控制方法,其中,所述报文包括以下报文中的至少一种:The session resource control method according to claim 2, wherein the message includes at least one of the following messages:
    所述客户端与所述VPDN虚拟专用网络服务器之间的链路控制协议LCP建链报文;link control protocol LCP link establishment message between the client and the VPDN virtual private network server;
    所述客户端与所述VPDN虚拟专用网络服务器之间的LCP认证报文;LCP authentication message between the client and the VPDN virtual private network server;
    所述客户端与所述VPDN虚拟专用网络服务器之间的网络控制协议NCP协商报文;a network control protocol NCP negotiation message between the client and the VPDN virtual private network server;
    所述客户端与所述VPDN虚拟专用网络服务器之间的保活交互报文;keep-alive interaction messages between the client and the VPDN virtual private network server;
    所述客户端与VPDN虚拟专用网络服务器之间的访问企业数据交互报文。The access enterprise data exchange message between the client and the VPDN virtual private network server.
  4. 如权利要求2或3所述的会话资源控制方法,其中,监测所述客户端与所述VPDN虚拟专用网络服务器之间交互的报文是否异常包括:The session resource control method according to claim 2 or 3, wherein monitoring whether the packets exchanged between the client and the VPDN virtual private network server are abnormal comprises:
    监测所述VPDN接入设备是否接收到所述报文,如否,确定所述客户端与所述VPDN虚拟专用网络服务器之间交互的报文异常;Monitor whether the VPDN access device receives the message, and if not, determine that the message exchanged between the client and the VPDN virtual private network server is abnormal;
    或,or,
    监测所述客户端与所述VPDN虚拟专用网络服务器之间交互的报文的流量是否异常,如是,确定所述客户端与所述VPDN虚拟专用网络服务器之间交互的报文异常。Monitoring whether the flow of packets exchanged between the client and the VPDN virtual private network server is abnormal, if so, determining that the packets exchanged between the client and the VPDN virtual private network server are abnormal.
  5. 如权利要求4所述的会话资源控制方法,其中,所述监测所述客户端与所述VPDN虚拟专用网络服务器之间交互的报文的流量是否异常包括:The session resource control method according to claim 4, wherein the monitoring whether the flow of packets exchanged between the client and the VPDN virtual private network server is abnormal comprises:
    在预设监测周期内,监测所述客户端与所述VPDN虚拟专用网络服务器之间交互的报文的流量是否发生变化,如否,确定所述客户端与所述VPDN虚拟专用网络服务器之间交互的报文的流量异常。Within a preset monitoring period, monitor whether the flow of packets exchanged between the client and the VPDN virtual private network server changes, and if not, determine the relationship between the client and the VPDN virtual private network server The traffic of the exchanged packets is abnormal.
  6. 如权利要求1-3中任一项所述的会话资源控制方法,其中,所述VPDN接入设 备为二层隧道协议接入设备,所述VPDN虚拟专用网络服务器为二层隧道协议虚拟专用网络服务器。The session resource control method according to any one of claims 1-3, wherein the VPDN access device is a Layer 2 tunneling protocol access device, and the VPDN virtual private network server is a Layer 2 tunneling protocol virtual private network server.
  7. 一种会话资源控制装置,其中,包括:A session resource control device, comprising:
    监测模块,用于在客户端通过虚拟私有拨号网VPDN接入设备与VPDN虚拟专用网络服务器建立会话后,监测所述会话是否异常;a monitoring module, configured to monitor whether the session is abnormal after the client establishes a session with the VPDN virtual private network server through the virtual private dial-up network VPDN access device;
    控制模块,用于在所述监测模块监测到所述会话异常时,释放所述VPDN接入设备上所述会话占用的资源。A control module, configured to release the resources occupied by the session on the VPDN access device when the monitoring module detects that the session is abnormal.
  8. 一种VPDN接入设备,其中,包括处理器、通信总线和存储器,所述通信总线用于将所述处理器和存储器连接,所述存储器中存储有计算机程序,所述处理器用于调用执行所述计算机程序,以实现如权利要求1-6任一项所述的会话资源控制方法的步骤。A VPDN access device, comprising a processor, a communication bus and a memory, the communication bus is used to connect the processor and the memory, the memory stores a computer program, and the processor is used to call and execute the The computer program is used to implement the steps of the session resource control method according to any one of claims 1-6.
  9. 一种VPDN系统,其中,包括VPDN接入设备、VPDN虚拟专用网络服务器和客户端;A VPDN system, including a VPDN access device, a VPDN virtual private network server and a client;
    所述VPDN接入设备用于在所述客户端通过所述VPDN接入设备与所述VPDN虚拟专用网络服务器建立会话后,监测所述会话是否异常,在监测到所述会话异常时,释放所述VPDN接入设备上所述会话占用的资源。The VPDN access device is configured to monitor whether the session is abnormal after the client establishes a session with the VPDN virtual private network server through the VPDN access device, and release the session when the session is abnormal. resources occupied by the session on the VPDN access device.
  10. 一种计算机可读存储介质,其中,所述计算机可读存储介质存储有计算机程序,所述计算机程序可被处理器执行,以实现如权利要求1-6任一项所述的会话资源控制方法的步骤。A computer-readable storage medium, wherein the computer-readable storage medium stores a computer program, and the computer program can be executed by a processor to implement the session resource control method according to any one of claims 1-6 A step of.
PCT/CN2021/117944 2020-09-17 2021-09-13 Session resource control method and apparatus, device, system, and storage medium WO2022057758A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN202010977724.7A CN111835615B (en) 2020-09-17 2020-09-17 Session resource control method, device, equipment, system and storage medium
CN202010977724.7 2020-09-17

Publications (1)

Publication Number Publication Date
WO2022057758A1 true WO2022057758A1 (en) 2022-03-24

Family

ID=72918502

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2021/117944 WO2022057758A1 (en) 2020-09-17 2021-09-13 Session resource control method and apparatus, device, system, and storage medium

Country Status (2)

Country Link
CN (1) CN111835615B (en)
WO (1) WO2022057758A1 (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111835615B (en) * 2020-09-17 2021-01-15 南京中兴软件有限责任公司 Session resource control method, device, equipment, system and storage medium

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6430619B1 (en) * 1999-05-06 2002-08-06 Cisco Technology, Inc. Virtual private data network session count limitation
US20020112054A1 (en) * 2001-02-12 2002-08-15 International Business Machines Corporation Method and system for automated session resource clean-up in a distributed client-server environment
WO2007033519A1 (en) * 2005-09-20 2007-03-29 Zte Corporation A method for updating the access of virtual private dial-network dynamically
CN102523583A (en) * 2011-12-07 2012-06-27 福建星网锐捷网络有限公司 VPDN multi-access point backup access method and equipment
CN103391226A (en) * 2013-07-31 2013-11-13 迈普通信技术股份有限公司 Method and system for detecting and maintaining PPP (point-to-point protocol) link
CN107566213A (en) * 2017-08-28 2018-01-09 新华三技术有限公司 A kind of keep-alive detection method and device
CN111835615A (en) * 2020-09-17 2020-10-27 南京中兴软件有限责任公司 Session resource control method, device, equipment, system and storage medium

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6430619B1 (en) * 1999-05-06 2002-08-06 Cisco Technology, Inc. Virtual private data network session count limitation
US20020112054A1 (en) * 2001-02-12 2002-08-15 International Business Machines Corporation Method and system for automated session resource clean-up in a distributed client-server environment
WO2007033519A1 (en) * 2005-09-20 2007-03-29 Zte Corporation A method for updating the access of virtual private dial-network dynamically
CN102523583A (en) * 2011-12-07 2012-06-27 福建星网锐捷网络有限公司 VPDN multi-access point backup access method and equipment
CN103391226A (en) * 2013-07-31 2013-11-13 迈普通信技术股份有限公司 Method and system for detecting and maintaining PPP (point-to-point protocol) link
CN107566213A (en) * 2017-08-28 2018-01-09 新华三技术有限公司 A kind of keep-alive detection method and device
CN111835615A (en) * 2020-09-17 2020-10-27 南京中兴软件有限责任公司 Session resource control method, device, equipment, system and storage medium

Also Published As

Publication number Publication date
CN111835615A (en) 2020-10-27
CN111835615B (en) 2021-01-15

Similar Documents

Publication Publication Date Title
US7292538B1 (en) System and method for distributing information in a network environment
EP1911192B1 (en) Suspension and resumption of secure data connection session
US20060236093A1 (en) Method and apparatus for preventing bridging of secure networks and insecure networks
JP2009513078A (en) Policy enforcement point interface system and method
JP2010510760A (en) Intelligent service quality management
WO2007042826A2 (en) Remote access to resources
US9025439B2 (en) Method and system to enable re-routing for home networks upon connectivity failure
WO2011026358A1 (en) Method and system for processing abnormal off-line for web authentication user
US7103659B2 (en) System and method for monitoring information in a network environment
JP2003110609A (en) Communication apparatus
WO2009092229A1 (en) Network service protection method and service gateway
WO2014117375A1 (en) Method, permanent online controller and device for keeping application online
US11582113B2 (en) Packet transmission method, apparatus, and system utilizing keepalive packets between forwarding devices
CN111742529B (en) Security negotiation in service-based architecture (SBA)
WO2014067420A1 (en) Packet data network type management method, device, and system
WO2014075485A1 (en) Processing method for network address translation technology, nat device and bng device
WO2022057758A1 (en) Session resource control method and apparatus, device, system, and storage medium
CN107566213B (en) Keep-alive detection method and device
US8615591B2 (en) Termination of a communication session between a client and a server
CN106452803B (en) Method, system and device for realizing online charging
WO2016180177A1 (en) Method, system and device for realizing online charging
Cisco Configuring PPP for Wide-Area Networking
Cisco Configuring PPP for Wide-Area Networking
Cisco Configuring PPP for Wide-Area Networking
Cisco Configuring PPP for Wide-Area Networking

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 21868582

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205A DATED 02.08.23)

122 Ep: pct application non-entry in european phase

Ref document number: 21868582

Country of ref document: EP

Kind code of ref document: A1