The present disclosure relates to the field of communication, and in particular to a method, device and system for processing an Internet Protocol version 6 (IPv6) network parameter, an Authentication Authorization and Accounting (AAA) server, a Remote Authentication Dial-In User Service (RADIUS) (or called remote user dial-in authentication) client and a Broadband Network Gateway (BNG).
Along with rapid development of modern technologies, the Internet has been widely applied to each field. Internet Protocol version 4 (IPv4) adopted at the present stage is not able to meet requirements of development of times. IPv4 addresses defined by the IPv4 have been completely allocated, but many countries and regions are still confronted with the problem of IPv4 address shortage. It is an inevitable trend to replace IPv4 with a new-generation address protocol IPv6, but transition from IPv4 to IPv6 will be a long and gradual process. In such a process, many IPv6 transition technology types emerge, mainly including: technology types such as Network Address Translation IPv4-IPv4 (NAT44), NAT IPv4-IPv4-IPv4 (NAT444), Dual-Stack Lite (DS-Lite), Light weight 4over6, Mapping of Address and Port with Encapsulation (MAP), NAT IPv6-IPv4 (NAT64), Public 4over6 and IV-VI (Roman numerals 4-6, representative of IPv4-IPv6 stateless translation) (IVI).
In a related art, deployment of an IPv6 technology in a broadband network is implemented on the basis of configuration of Customer Premise Equipment (CPE) (usually equipment such as a home gateway, a Modem and the like) and a BNG. For example, an operator provides CPE supporting a DS-Lite technology for a user A and makes the user A access BNG equipment supporting the DS-Lite technology; and after a period of time, a operator network is upgraded, the BNG equipment supports Lightweight 4over6 technology in the operator network, and then the operator network is required to provide CPE supporting the Lightweight 4over6 technology for a new user B.
Therefore, there exist the problems of complexity in manual configuration, configuration inflexibility and high cost for deployment of an IPv6 transition technology in a broadband network in the related art.
The present disclosure provides a method, device and system for processing an IPv6 network parameter, an AAA server, an RADIUS client and a BNG, so as to at least solve the problems of complexity in manual configuration, configuration inflexibility and high cost for deployment of an IPv6 transition technology in a broadband network in the related art.
According to an embodiment of the present disclosure, a method for processing an Internet Protocol version 6 (IPv6) network parameter is provided, including: receiving a Remote Authentication Dial-In User Service (RADIUS) access request message sent by an RADIUS client corresponding to a remote user; and sending an RADIUS access accepting message carrying information identifying an IPv6 transition technology type supported by the remote user to the RADIUS client after the remote user passes authentication according to the RADIUS access request message.
In an example embodiment, sending the RADIUS access accepting message carrying the information identifying the IPv6 transition technology type supported by the remote user to the RADIUS client includes: determining at least one IPv6 transition technology type supported by the remote user; determining at least one Identifier (ID) corresponding to the at least one IPv6 transition technology type; and sending the RADIUS access accepting message encapsulated with the at least one ID to the RADIUS client.
According to another embodiment of the present disclosure, a method for processing an Internet Protocol version 6 (IPv6) network parameter is provided, including: sending a Remote Authentication Dial-In User Service (RADIUS) access request message from a remote user to an Authentication Authorization and Accounting (AAA) server; and receiving an RADIUS access accepting message, fed back by the AAA server, carrying information identifying an IPv6 transition technology type supported by the remote user.
In an example embodiment, after receiving the RADIUS access accepting message, fed back by the AAA server, carrying the information identifying the IPv6 transition technology type supported by the remote user, further including: parsing at least one IPv6 transition technology type corresponding to at least one Identifier (ID) in the RADIUS access accepting message when the IPv6 transition technology type supported by the remote user is identified by an ID; storing a corresponding relationship between the at least one ID and the remote user; and/or, sending the at least one IPv6 transition technology type to the remote user.
According to an embodiment of the present disclosure, a device for processing an Internet Protocol version 6 (IPv6) network parameter is provided, including: a first receiving component, configured to receive an RADIUS access request message sent by an Remote Authentication Dial-In User Service (RADIUS) client corresponding to a remote user; and a first sending component, configured to send an RADIUS access accepting message carrying information identifying an IPv6 transition technology type supported by the remote user to the RADIUS client after the remote user passes authentication according to the RADIUS access request message.
In an example embodiment, the first sending component includes: a first determination element, configured to determine at least one IPv6 transition technology type supported by the remote user; a second determination element, configured to determine at least one Identifier (ID) corresponding to the at least one IPv6 transition technology type; and a sending element, configured to send the RADIUS access accepting message encapsulated with the at least one ID to the RADIUS client.
According to another embodiment of the present disclosure, an Authentication Authorization and Accounting (AAA) server is provided, including any one of the abovementioned devices.
According to an embodiment of the present disclosure, a device for processing an Internet Protocol version 6 (IPv6) network parameter is provided, including: a second sending component, configured to send a Remote Authentication Dial-In User Service (RADIUS) access request message from a remote user to an Authentication Authorization and Accounting (AAA) server; and a second receiving component, configured to receive an RADIUS access accepting message, fed back by the AAA server, carrying information identifying an IPv6 transition technology type supported by the remote user.
In an example embodiment, the device further including: a parsing component, configured to parse at least one IPv6 transition technology type corresponding to at least one Identifier (ID) in the RADIUS access accepting message when the IPv6 transition technology type supported by the remote user is identified by an ID; a storage component, configured to store a corresponding relationship between the at least one ID and the remote user; and/or, a third sending component, configured to send the at least one IPv6 transition technology type to the remote user.
According to another embodiment of the present disclosure, a Remote Authentication Dial-In User Service (RADIUS) client is provided, including any one of the abovementioned devices.
According to another embodiment of the present disclosure, a Broadband Network Gateway (BNG) is provided, including any one of the abovementioned devices.
According to another embodiment of the present disclosure, a system for processing an Internet Protocol version 6 (IPv6) transition technology type is provided, including the abovementioned Authentication Authorization and Accounting (AAA) server and the abovementioned Broadband Network Gateway (BNG).
According to the present disclosure, an RADIUS access request message sent by an RADIUS client corresponding to a remote user is received; and an RADIUS access accepting message carrying information identifying an IPv6 transition technology type supported by the remote user is sent to the RADIUS client after the remote user passes authentication according to the RADIUS access request message, so that the problems of complexity in manual configuration, configuration inflexibility and high cost of an IPv6 transition technology type in the related art are solved, and the effects of extending a configuration manner for the IPv6 transition technology type and implementing unified configuration management of a network on IPv6 transition technology types supported by a user are further achieved.
The drawings described here are adopted to provide further understanding of the present disclosure, and form a part of the present disclosure. Schematic embodiments of the present disclosure and descriptions thereof are adopted to explain the present disclosure and not intended to form improper limits to the present disclosure. In the drawings:
The present disclosure will be described below with reference to the drawings and embodiments in detail. It is important to note that the embodiments in the present disclosure and characteristics in the embodiments may be combined under the condition of no conflicts.
The embodiment provides a method for processing an IPv6 network parameter,
Step 202: an RADIUS access request message sent by an RADIUS client corresponding to a remote user is received; and
Step 204: an RADIUS access accepting message carrying information identifying an IPv6 transition technology type supported by the remote user is sent to the RADIUS client after the remote user passes authentication according to the RADIUS access request message.
By the steps, for a network server side, the IPv6 transition technology type supported by the remote user is configured in an extending manner of interacting an RADIUS message, so that the problems of complexity in manual configuration, configuration inflexibility and high cost of an IPv6 transition technology type in the related art are solved, and the effects of extending a configuration manner for the IPv6 transition technology type and implementing unified configuration management of a network on IPv6 transition technology types supported by a user are further achieved.
Multiple manners may be adopted to send the RADIUS access accepting message carrying the information identifying the IPv6 transition technology type supported by the remote user to the RADIUS client. For example, a simpler processing manner is to identify at least one IPv6 transition technology type. For example, the at least one IPv6 transition technology type supported by the remote user are determined at first, then at least one ID corresponding to the at least one IPv6 transition technology type is determined, and finally, the RADIUS access accepting message encapsulated with the at least one ID is sent to the RADIUS client.
Step 302: an RADIUS access request message from a remote user is sent to an AAA server; and
Step 304: an RADIUS access accepting message, fed back by the AAA server, carrying information identifying an IPv6 transition technology type supported by the remote user is received.
By the steps, for a client side, the IPv6 transition technology type supported by the remote user is acquired in a extending manner of interacting an RADIUS message, so that the problems of complexity in manual configuration, configuration inflexibility and high cost of an IPv6 transition technology type in the related art are solved, and the effects of extending a configuration manner for the IPv6 transition technology type and implementing unified configuration management of a network on IPv6 transition technology types supported by a user are further achieved.
After the RADIUS access accepting message, fed back by the AAA server, carrying the information identifying the IPv6 transition technology type supported by the remote user is received, the following processing may further be performed: at least one IPv6 transition technology type corresponding to at least one ID in the RADIUS access accepting message is parsed at first when the IPv6 transition technology type supported by the remote user is identified by an ID; then a corresponding relationship between at least one ID and a remote user may be stored, so that a client may locally acquire the IPv6 transition technology type supported by the remote user according to the corresponding relationship and store and back up information of the remote user; and/or, the at least one IPv6 transition technology type may also be sent to the remote user for the remote user to smoothly implement a transition to an IPv6 technology.
The embodiment further provides a device for processing an IPv6 network parameter, which is configured to implement the abovementioned embodiment and example implementation mode, and that what has been described will not be elaborated. For example, term “component”, used below, may implement a combination of software and/or hardware with a preset function. Although the device described in the following embodiment is preferably implemented with software, implementation with hardware or a combination of software and hardware is also possible and conceivable.
The first receiving component 42 is configured to receive an RADIUS access request message sent by an RADIUS client corresponding to a remote user; and the first sending component 44 is connected to the first receiving component 42, and is configured to send an RADIUS access accepting message carrying information identifying an IPv6 transition technology type supported by the remote user to the RADIUS client after the remote user passes authentication according to the RADIUS access request message.
The first determination element 52 is configured to determine at least one IPv6 transition technology type supported by the remote user; the second determination element 54 is connected to the first determination element 52, and is configured to determine at least one ID corresponding to the at least one IPv6 transition technology type; and the sending element 56 is connected to the second determination element 54, and is configured to send the RADIUS access accepting message encapsulated with the at least one ID to the RADIUS client.
The second sending component 72 is configured to send an RADIUS access request message from a remote user to an AAA server; and the second receiving component 74 is connected to the second sending component 72, and is configured to receive an RADIUS access accepting message, fed back by the AAA server, carrying information identifying an IPv6 transition technology type supported by the remote user.
The parsing component 82 is configured to parse at least one IPv6 transition technology type corresponding to at least one ID in the RADIUS access accepting message when the IPv6 transition technology type supported by the remote user is identified by an ID; the storage component 84 is connected to the parsing component 82, and is configured to store a corresponding relationship between at least one ID and remote user; and/or, the third sending component 86 is connected to the parsing component 82, and is configured to send the at least one IPv6 transition technology type to the remote user.
For the problems in the related art, the embodiment provides a method of managing transition technology types of a user on an AAA server. The IPv6 transition technology type is carried in an extended attribute option of an RADIUS protocol, and the carried IPv6 transition technology type is transmitted to the BNG to notify the IPv6 transition technology type supported by the user, thereby overcoming shortcomings of manual configuration for identifying various IPv6 transition technology types of different users on the BNG.
In the embodiment, the IPv6 transition technology type is transmitted through the extended attribute option of the RADIUS protocol.
Behaviors of the AAA Server
The AAA server, as a server capable of processing an access request of a user, provides AAA service. Except a function of an accounting server, functions of the AAA server further include user and accounting information storage, user and accounting strategy management and the like. The AAA server is required to configure, besides information of user accounting, strategies and the like, an IPv6 transition technology type of the user. Multiple IPv6 transition technology types may be included, and for example, may be at least one of: NAT44, DS-Lite, Lightweight 4over6, MAP, NAT64, Public 4over6 and IVI.
The AAA server sets an ID for each abovementioned transition technology to distinguish abovementioned transition technologies. When receiving an RADIUS authentication request message from the RADIUS client, the AAA server encapsulates the transition technology ID in a newly created technology type attribute option for sending to the RADIUS client.
Behaviors of the BNG
The BNG, as the RADIUS client, initiates a RADIUS request message after receiving an authentication dial-in message from a CPE side. After a response message is received from the RADIUS server, i.e. the AAA server, a technology type attribute option contained in the response message is parsed to acquire at least one related ID of at least one transition technology. The BNG associates the acquired the at least one related ID of the at least one transition technology and the CPE side, i.e. a user side, thereby acquiring the at least one IPv6 transition technology type supported by the user.
Through the abovementioned RADIUS message interaction processing, shortcomings of manual configuration for identifying various IPv6 transition technology types of different users on the BNG in the related art are solved. Management on the IPv6 transition technology types of the users is added by virtue of a user management mechanism of the AAA server, and the attribute option of at least one IPv6 transition technology type is added in the RADIUS message to enable the BNG to acquire the at least one IPv6 transition technology type of the user.
Example implementation modes of the present disclosure will be described below with reference to the drawings.
Step 1502: a user is connected to a BNG and the Internet by virtue of a DS-Lite technology through CPE;
Step 1504: an AAA server manages information of the user, and an operator adds an IPv6 transition technology of which a type is DS-Lite into the information of the user;
Step 1506: the user performs network access authentication by Point-to-Point Protocol over Ethernet (PPPoE) dial-in, and after receiving a related dial-in request, the BNG encapsulates dial-in information in an RADIUS request message, and sends the encapsulated RADIUS request message to the AAA server;
Step 1508: the AAA server receives the RADIUS request message, and when identifying that the IPv6 transition technology type of the user is DS-Lite, fills an ID corresponding to DS-Lite into the attribute option shown in
Step 1510: the AAA server sends the response message to the BNG; and the BNG receives the message, parses and locally stores a relationship between the IPv6 transition technology type in the attribute option field and the information of the user, and continues the next related flow of the DS-Lite technology of the user.
Step 1602: a user is connected to a BNG and the Internet by virtue of DS-Lite and MAP technologies through CPE;
Step 1604: an AAA server manages information of the user, and an operator adds IPv6 transition technologies of which types are DS-Lite and MAP into the information of the user;
Step 1606: the user performs network access authentication by PPPoE dial-in, and after receiving a related dial-in request, the BNG encapsulates dial-in information in an RADIUS request message, and sends the RADIUS request message to the AAA server;
Step 1608: the AAA server receives the RADIUS request message, and when identifying that the IPv6 transition technology types of the user are DS-Lite and MAP, fills IDs corresponding to DS-Lite and MAP into the attribute option shown in
Step 1610: the AAA server sends the response message to the BNG, and the BNG receives the message, parses and locally stores a relationship between the IPv6 transition technology types in the attribute option field and the information of the user, and continues the next related flow of the DS-Lite and MAP technologies of the user.
Step 1702: user 1 is connected to a BNG and the Internet by virtue of an MAP technology through CPE1;
Step 1704: user 2 is connected to the BNG and the Internet by virtue of a Lightweight 4over6 technology through CPE2;
Step 1706: an AAA server manages information of the users, and an operator adds an IPv6 transition technology of which a type is MAP into information of user 1, and adds an IPv6 transition technology of which a type is Lightweight 4over6 into information of user 2;
Step 1708: user 1 performs network access authentication by PPPoE dial-in, and after receiving a related dial-in request, the BNG encapsulates dial-in information in a RADIUS request message, and sends the RADIUS request message to the AAA server;
Step 1710: the AAA server receives the RADIUS request message, and when identifying that the IPv6 transition technology type of the user is MAP, fills an ID corresponding to MAP into the attribute option shown in
Step 1712: the AAA server sends the response message to the BNG and the BNG receives the message, parses and locally stores a relationship between the IPv6 transition technology type in the attribute option field and the information of the user, and continues the next related flow of the MAP technology of user 1;
Step 1714: user 2 performs network access authentication by PPPoE dial-in, and after receiving a related dial-in request, the BNG encapsulates dial-in information in a RADIUS request message, and sends the RADIUS request message to the AAA server;
Step 1716: the AAA server receives the RADIUS request message, and when identifying that the IPv6 transition technology type of the user is Lightweight 4over6, fills an ID corresponding to Lightweight 4over6 into the attribute option shown in
Step 1718: the AAA server sends the response message to the BNG and the BNG receives the message, parses and locally stores a relationship between the IPv6 transition technology type in the attribute option field and the information of the user, and continues the next related flow of the Lightweight 4over6 technology of user 2.
Obviously, those skilled in the art should know that each component of each component or step of the present disclosure may be implemented by a universal computing device, and the components or steps may be concentrated on a single computing device or distributed on a network formed by a plurality of computing devices, and may optionally be implemented by programmable codes executable for the computing devices, so that the components or steps may be stored in a storage device for execution with the computing devices, the shown or described steps may be executed in sequences different from those described here in some circumstances, or may form each integrated circuit component respectively, or multiple components or steps therein may form a single integrated circuit component for implementation. As a consequence, the present disclosure is not limited to any specific hardware and software combination.
The above is only the example embodiment of the present disclosure and not intended to limit the present disclosure, and for those skilled in the art, the present disclosure may have various modifications and variations. Any modifications, equivalent replacements, improvements and the like within the spirit and principle of the present disclosure shall fall within the scope of protection of the present disclosure.
As mentioned above, according to the embodiment and example implementation modes, the problems of complexity in manual configuration, configuration inflexibility and high cost of an IPv6 transition technology type in the related art are solved, and the effects of extending a configuration manner for the IPv6 transition technology type and implementing unified configuration management of a network on IPv6 transition technology types supported by a user are further achieved.
Number | Date | Country | Kind |
---|---|---|---|
201410123995.0 | Mar 2014 | CN | national |
Filing Document | Filing Date | Country | Kind |
---|---|---|---|
PCT/CN2014/084669 | 8/18/2014 | WO | 00 |