CN101272403A

Movatterモバイル変換

Info

Publication number: CN101272403A
Application number: CNA2008100974658A
Authority: CN
Inventors: 郝卫国; 王建兵; 潘灏涛
Original assignee: Huawei Technologies Co Ltd
Current assignee: Huawei Technologies Co Ltd
Priority date: 2008-05-27
Filing date: 2008-05-27
Publication date: 2008-09-24
Anticipated expiration: 2028-05-27
Also published as: WO2009143729A1; CN101272403B

Abstract

The embodiment of the invention discloses a method for realizing a wholesale of a DHCP user service, a system and equipment. The method of the invention comprises the steps of receiving data messages transmitted by a terminal, carrying out an L2TPv3 packaging for the data message, acquiring an L2TPv3 tunnel corresponding to the terminal, transmitting the packaged date message to L2TP network service LNS equipment through a corresponding L2TPv3 tunnel, receiving a response message sent by the LNS equipment through L2TPv3 tunnel and transmitting the response message which is packaged to the terminal. By adopting the embodiment of the method for realizing a wholesale of a DHCP user service,, the message of the terminal can be mapped to the L2TPv3 tunnel and transmitted to the remote LNS equipment through the L2TPv3 tunnel, the interaction with network can be realized through the LNS equipment, thereby realizing the wholesale of the DHCP user service. In the embodiment of the, method for realizing a wholesale of a DHCP user service the L2TPv3 tunnel can be established in a common IP network, thus having the advantages of simple technique and low networking cost, etc.

Description

Translated fromChinese

实现DHCP用户业务批发的方法、系统和设备Method, system and equipment for realizing wholesale of DHCP user services

技术领域technical field

本发明涉及通信技术领域，尤其涉及一种实现DHCP(Dynamic DostConfiguration Protocol，动态主机配置协议)用户业务批发的方法、系统和设备。The present invention relates to the field of communication technology, in particular to a method, system and equipment for realizing wholesale of DHCP (Dynamic DostConfiguration Protocol, Dynamic Host Configuration Protocol) user services.

背景技术Background technique

宽带接入网络按照归属关系可分为NSP(Network Service Provider，网络服务提供商)网络和ISP(Internet Service Provider，因特网服务提供商)网络。NSP网络一般是由运营商建设、管理和维护，为用户提供高速接入、流量汇聚、策略执行等功能。Broadband access network can be divided into NSP (Network Service Provider, Internet Service Provider) network and ISP (Internet Service Provider, Internet Service Provider) network according to the ownership relationship. NSP networks are generally constructed, managed, and maintained by operators to provide users with functions such as high-speed access, traffic aggregation, and policy enforcement.

业务批发是一种促进ISP和NSP分离的技术，ISP通过租用NSP的网络来管理和发展用户，用户使用ISP提供的业务；NSP给ISP提供数据传输的通道，通过后续的对帐，保证各自的收益。业务批发一般通过二层隧道技术进行，用户报文通过二层隧道传送到远端ISP网络，由ISP处理用户的接入、认证、授权和其它用户管理策略，由NSP利用隧道进行业务隔离、传送、批发。Business wholesale is a technology that promotes the separation of ISP and NSP. ISP manages and develops users by renting the network of NSP, and users use the services provided by ISP; income. Business wholesale is generally carried out through Layer 2 tunnel technology. User packets are transmitted to the remote ISP network through Layer 2 tunnels. ISP handles user access, authentication, authorization and other user management policies, and NSP uses tunnels to isolate and transmit services. ,wholesale.

现有技术中定义了IP Session(IP会话)，包括PPP(Point to Point Protocol，点对点协议)Session和DHCP Session。对于PPP终端一般通过L2TPv2(Layer2 Tunneling Protocol version 2，2层隧道协议版本2)隧道实现用户批发，在远端ISP上进行用户接入认证、地址分配和业务管理，在作为NSP网络资源的LAC(L2TP Access Concentrator，L2TP访问集中器)设备上可以根据用户域名信息将用户数据映射到L2TP隧道，透明传送到远端ISP设备。而对于DHCP终端，一般通过VPLS(Virtual Private LAN Services，虚拟专用LAN业务)网络的PW(Pseudo Wire，伪线)管道进行业务批发，中间设备需要支持MPLS(Multiple Protocol Label Switch，多协议标签交换)。IP Session (IP session) is defined in the prior art, including PPP (Point to Point Protocol, point-to-point protocol) Session and DHCP Session. For PPP terminals, user wholesale is generally realized through L2TPv2 (Layer 2 Tunneling Protocol version 2, Layer 2 Tunneling Protocol version 2) tunnels, user access authentication, address allocation and business management are performed on the remote ISP, and LAC as NSP network resources ( L2TP Access Concentrator, L2TP Access Concentrator) device can map user data to L2TP tunnel according to user domain name information, and transparently transmit to remote ISP device. For DHCP terminals, business wholesale is generally carried out through the PW (Pseudo Wire) pipeline of the VPLS (Virtual Private LAN Services) network, and the intermediate device needs to support MPLS (Multiple Protocol Label Switch, Multi-Protocol Label Switching) .

图1是现有技术中利用VPLS网络实现静态业务批发的网络示意图。利用VPLS网络批发DHCP接入用户的具体步骤如下：(1)在汇聚层二层交换机PE(Provider Edge，运营商网络边缘)上配置用户接入VLAN或者DHCP协议报文中Option60和VSI(Virtual Switch Instance，虚拟交换实例)的对应关系，从接入网侧接收用户二层报文，送入对应的VSI的PW管道；(2)将该用户二层报文封装后通过该PW管道传送到连结ISP网络的远端PE设备，在远端PE设备终结PW管道的两层标签，恢复原始的用户二层报文，送给BNG(Broad Network Gateway，宽带网络网关)处理；(3)BNG进行用户地址分配和接入控制。同时，在NSP网络上利用每个VPN为每个ISP提供传输通道，通过VPN隔离不同ISP的用户数据流量。FIG. 1 is a schematic diagram of a network in the prior art for realizing wholesale of static services by using a VPLS network. The specific steps for using the VPLS network to wholesale DHCP access users are as follows: (1) Configure the user access VLAN or Option60 and VSI (Virtual Switch Instance, Virtual Switching Instance) corresponding relationship, receive the user's layer 2 message from the access network side, and send it to the PW pipeline of the corresponding VSI; (2) encapsulate the user's layer 2 message and transmit it to the link through the PW pipeline The remote PE device of the ISP network terminates the two-layer label of the PW pipeline on the remote PE device, restores the original user two-layer message, and sends it to BNG (Broad Network Gateway, broadband network gateway) for processing; (3) BNG performs user Address allocation and access control. At the same time, use each VPN to provide transmission channels for each ISP on the NSP network, and isolate user data traffic of different ISPs through the VPN.

发明人在实现本发明的过程中，发现上述实现方式依赖于MPLS网络建立的PW管道进行批发，组网成本很高；且通过VPLS网络进行业务批发时通常涉及VPLS跨域，技术实现复杂。In the process of realizing the present invention, the inventor found that the above implementation method relies on the PW pipeline established by the MPLS network for wholesale, and the networking cost is very high; and the business wholesale through the VPLS network usually involves VPLS cross-domain, and the technical implementation is complicated.

发明内容Contents of the invention

本发明的实施例提供一种实现DHCP用户业务批发的方法、系统和设备，用于简便的实现DHCP用户的业务批发。Embodiments of the present invention provide a method, system and equipment for implementing wholesale of services for DHCP users, which are used to simply implement wholesale of services for DHCP users.

为达到上述目的，本发明的实施例提供一种实现DHCP用户业务批发的方法，包括：In order to achieve the above object, embodiments of the present invention provide a method for realizing wholesale of DHCP user services, including:

接收终端发送的数据报文，将所述数据报文进行L2TPv3封装；receiving the data message sent by the terminal, and encapsulating the data message in L2TPv3;

获取与所述终端对应的L2TPv3隧道，并将所述封装后的数据报文通过对应的L2TPv3隧道向L2TP网络服务设备LNS发送；Obtain the L2TPv3 tunnel corresponding to the terminal, and send the encapsulated data message to the L2TP network service device LNS through the corresponding L2TPv3 tunnel;

接收所述LNS通过L2TPv3隧道发送的响应报文；receiving a response message sent by the LNS through the L2TPv3 tunnel;

将所述响应报文进行解封装后向所述终端发送。Decapsulating the response message and sending it to the terminal.

本发明的实施例还提供一种L2TP访问集中设备LAC，包括：Embodiments of the present invention also provide an L2TP access concentration device LAC, including:

封装单元，用于接收到终端发送的数据报文时，将所述数据报文进行L2TPv3封装；An encapsulation unit, configured to perform L2TPv3 encapsulation on the data message when receiving the data message sent by the terminal;

隧道获取单元，用于获取所述终端对应的L2TPv3隧道，并将所述封装单元封装后的数据报文通过对应的L2TPv3隧道向L2TP网络服务设备LNS发送；A tunnel acquisition unit, configured to acquire the L2TPv3 tunnel corresponding to the terminal, and send the data packet encapsulated by the encapsulation unit to the L2TP network service device LNS through the corresponding L2TPv3 tunnel;

响应报文接收单元，用于接收所述LNS通过L2TPv3隧道发送的响应报文；A response message receiving unit, configured to receive a response message sent by the LNS through the L2TPv3 tunnel;

解封装单元，用于将所述响应报文接收单元接收到的响应报文进行解封装。A decapsulation unit, configured to decapsulate the response message received by the response message receiving unit.

本发明的实施例还提供一种L2TP网络服务器LNS设备，包括：Embodiments of the present invention also provide an L2TP network server LNS device, including:

解封装单元，用于对接收到的数据报文进行L2TPv3隧道解封装；The decapsulation unit is used to perform L2TPv3 tunnel decapsulation on the received data message;

转发单元，用于根据所述解封装单元解封装后数据报文的目的IP查找路由表，将所述数据报文转发到目的设备；A forwarding unit, configured to search a routing table according to the destination IP of the data message decapsulated by the decapsulating unit, and forward the data message to a destination device;

隧道获取单元，用于接收到所述目的设备发送的响应报文时，获取所述终端的主机路由中的出接口L2TPv3隧道；A tunnel obtaining unit, configured to obtain the outgoing interface L2TPv3 tunnel in the host route of the terminal when receiving the response message sent by the destination device;

封装单元，用于将所述响应报文进行二层信息封装和L2TPv3封装后通过所述隧道获取单元获取到的L2TPv3隧道向LAC发送。An encapsulation unit, configured to perform Layer 2 information encapsulation and L2TPv3 encapsulation on the response message and send it to the LAC through the L2TPv3 tunnel acquired by the tunnel acquisition unit.

本发明的实施例还提供一种实现DHCP用户业务批发的系统，包括LAC和LNS，Embodiments of the present invention also provide a system for realizing wholesale of DHCP user services, including LAC and LNS,

所述LAC，用于接收到终端发送的数据报文时，将所述数据报文进行L2TPv3封装；并将所述封装后的数据报文通过与终端对应的L2TPv3隧道向L2TP网络服务设备LNS发送；还用于接收所述LNS通过L2TPv3隧道发送的响应报文，并将所述响应报文进行解封装后向所述终端发送。The LAC is configured to perform L2TPv3 encapsulation on the data message when receiving the data message sent by the terminal; and send the encapsulated data message to the L2TP network service device LNS through the L2TPv3 tunnel corresponding to the terminal ; It is also used to receive a response message sent by the LNS through the L2TPv3 tunnel, and decapsulate the response message and send it to the terminal.

所述LNS，用于对从LAC接收的报文进行L2TPv3隧道解封装，根据解封装后数据报文的目的IP查找路由表，将所述数据报文转发到目的设备；还用于收到目的设备发送的响应报文时，将所述响应报文进行二层信息封装和L2TPv3封装后通过所述获取到的L2TPv3隧道向LAC发送。The LNS is used to perform L2TPv3 tunnel decapsulation on the message received from the LAC, and to search the routing table according to the destination IP of the decapsulated data message, and forward the data message to the destination device; it is also used to receive the destination device. When the device sends a response packet, the response packet is encapsulated with Layer 2 information and L2TPv3, and then sent to the LAC through the acquired L2TPv3 tunnel.

与现有技术相比，本发明的实施例具有以下优点：Compared with the prior art, the embodiments of the present invention have the following advantages:

由LAC设备将终端的报文映射到L2TPv3隧道，并通过L2TPv3隧道传送到远端LNS设备，由该LNS设备实现与网络的交互，从而实现了DHCP用户的业务批发。本发明的实施例中，L2TPv3隧道可以建立在普通IP网络，具有实现简单、组网成本低等优点。The LAC device maps the terminal's message to the L2TPv3 tunnel, and transmits it to the remote LNS device through the L2TPv3 tunnel. The LNS device realizes the interaction with the network, thereby realizing the business wholesale of the DHCP user. In the embodiment of the present invention, the L2TPv3 tunnel can be established on a common IP network, which has the advantages of simple implementation and low networking cost.

附图说明Description of drawings

图1是现有技术中利用VPLS网络实现静态业务批发的网络示意图；Fig. 1 is the network diagram that utilizes VPLS network to realize static business wholesale in the prior art;

图2是本发明的实施例中实现DHCP用户业务批发的方法的流程图；Fig. 2 is the flowchart of the method that realizes DHCP user business wholesale in the embodiment of the present invention;

图3是本发明的实施例中的网络组网示意图；Fig. 3 is a schematic diagram of network networking in an embodiment of the present invention;

图4是本发明的实施例中通过DHCP协议为终端分配地址的流程图；Fig. 4 is a flow chart of assigning an address to a terminal through the DHCP protocol in an embodiment of the present invention;

图5是本发明的实施例中终端访问Internet网络时的数据转发流程图；Fig. 5 is a flow chart of data forwarding when a terminal accesses the Internet in an embodiment of the present invention;

图6是本发明的实施例中实现DHCP用户业务批发的LAC结构示意图；Fig. 6 is the LAC structural diagram that realizes DHCP user business wholesale in the embodiment of the present invention;

图7是本发明的实施例中实现DHCP用户业务批发的另一LAC结构示意图；7 is a schematic structural diagram of another LAC for realizing wholesale of DHCP user services in an embodiment of the present invention;

图8是本发明的实施例中实现DHCP用户业务批发的LNS结构示意图。Fig. 8 is a schematic structural diagram of an LNS for implementing wholesale of DHCP user services in an embodiment of the present invention.

具体实施方式Detailed ways

本发明的实施例提供一种实现DHCP用户业务批发的方法，如图2所示，包括以下步骤：Embodiments of the present invention provide a method for realizing wholesale of DHCP user services, as shown in Figure 2, comprising the following steps:

步骤s201、LAC接收到终端发送的数据报文时，将所述数据报文进行L2TPv3封装。In step s201, when the LAC receives the data packet sent by the terminal, it performs L2TPv3 encapsulation on the data packet.

步骤s202、LAC获取与终端对应的L2TPv3隧道，并将封装后的数据报文通过对应的L2TPv3隧道向LNS(L2TP Network Server，L2TP网络服务器)发送。In step s202, the LAC obtains the L2TPv3 tunnel corresponding to the terminal, and sends the encapsulated data packet to the LNS (L2TP Network Server, L2TP network server) through the corresponding L2TPv3 tunnel.

步骤s203、LAC接收LNS通过L2TPv3隧道发送的响应报文。In step s203, the LAC receives the response message sent by the LNS through the L2TPv3 tunnel.

步骤s204、LAC将响应报文进行解封装后向终端发送。In step s204, the LAC decapsulates the response message and sends it to the terminal.

以下结合附图和实施例，对本发明的具体实施方式做进一步说明。The specific implementation manners of the present invention will be further described below in conjunction with the drawings and embodiments.

DHCP用户业务批发的组网示意图如图3所示。Figure 3 shows a schematic diagram of a network for wholesale of DHCP user services.

DHCP终端启动后，通过DHCP协议为终端分配地址的流程如图4所示，包括以下步骤：After the DHCP terminal is started, the process of assigning an address to the terminal through the DHCP protocol is shown in Figure 4, including the following steps:

步骤s301、DHCP终端发送DHCP会话请求报文，报文中可以携带Option60信息表明用户域信息。In step s301, the DHCP terminal sends a DHCP session request message, and the message may carry Option60 information to indicate user domain information.

步骤s302、AN(Access Network，接入网络)侦听用户DHCP会话请求报文，在报文中添加物理线路Option82信息。Step s302, AN (Access Network, access network) listens to the user's DHCP session request message, and adds physical line Option82 information in the message.

步骤s303、AN将携带Option 60信息和Option82信息的DHCP会话请求报文发送到LAC。In step s303, the AN sends the DHCP session request message carrying Option 60 information and Option 82 information to the LAC.

步骤s304、LAC根据Option 82信息到AAA(Access AuthenticationAuthorization，接入、认证、授权)服务器进行认证，认证通过后则继续，该步骤为可选。Step s304, the LAC performs authentication to the AAA (Access Authentication Authorization, access, authentication, authorization) server according to the Option 82 information, and continues after the authentication is passed. This step is optional.

步骤s305、LAC根据OPtion60将终端的DHCP会话请求报文动态映射进入L2TPv3隧道，发送到LNS。In step s305, the LAC dynamically maps the DHCP session request message of the terminal into the L2TPv3 tunnel according to OPtion60, and sends it to the LNS.

具体的，该L2TPv3隧道可以预先静态建立，也可以由LAC根据用户会话动态触发建立。LAC根据终端接入接口以及终端所属的VLAN，将终端的DHCP报文映射进入L2TPv3隧道。其中无论对于静态建立的隧道还是动态触发建立的隧道，终端的接入接口、终端所属的VLAN和L2TPv3隧道之间的对应关系可以预先建立。L2TPv3隧道中的会话由DHCP会话动态触发建立；LAC保存用户会话报文中的Option 82、Option 60信息，用于以后终端的IP触发上线。Specifically, the L2TPv3 tunnel may be established statically in advance, or may be dynamically triggered by the LAC according to user sessions. The LAC maps the terminal's DHCP packets to the L2TPv3 tunnel according to the terminal's access interface and the VLAN to which the terminal belongs. No matter for the tunnel established statically or the tunnel established dynamically, the corresponding relationship between the access interface of the terminal, the VLAN to which the terminal belongs and the L2TPv3 tunnel can be established in advance. The session in the L2TPv3 tunnel is dynamically triggered and established by the DHCP session; the LAC saves the Option 82 and Option 60 information in the user session message, which is used for the terminal's IP to trigger online in the future.

步骤s306、LNS选择DHCP服务器并请求DHCP服务器为DHCP终端分配地址。In step s306, the LNS selects a DHCP server and requests the DHCP server to assign an address for the DHCP terminal.

具体的，LNS收到通过L2TPv3隧道传送的DHCP会话请求报文后，首先根据报文中的Option 60选项携带的DHCP终端的域信息，获取与DHCP终端对应的网关地址GiAddr，再根据Option 60将终端的DHCP会话请求报文分流中继到不同的DHCP服务器请求为DHCP终端分配地址；LNS同时记录DHCP终端的二层信息(用户接入的MAC地址、VLAN或者QinQ信息)，用于后续DHCP协议响应报文(包括DHCP OFFER报文和DHCPAck报文)和数据报文的封装。Specifically, after the LNS receives the DHCP session request message transmitted through the L2TPv3 tunnel, it first obtains the gateway address GiAddr corresponding to the DHCP terminal according to the domain information of the DHCP terminal carried in the Option 60 option in the message, and then according to Option 60 the The terminal's DHCP session request message is distributed and relayed to different DHCP servers to request address allocation for the DHCP terminal; the LNS also records the Layer 2 information of the DHCP terminal (the MAC address of the user access, VLAN or QinQ information), which is used in the subsequent DHCP protocol Encapsulation of response message (including DHCP OFFER message and DHCPAck message) and data message.

步骤s307、DHCP服务器根据GiAddr，为DHCP终端分配相应地址池网段地址。In step s307, the DHCP server assigns the address of the network segment of the corresponding address pool to the DHCP terminal according to the GiAddr.

步骤s308、LNS接收到DHCP服务器发送的DHCP响应消息，即DHCP服务器的地址分配成功，记录相应的信息。In step s308, the LNS receives the DHCP response message sent by the DHCP server, that is, the address of the DHCP server is successfully allocated, and records the corresponding information.

具体的，LNS生成到用户终端的主机路由(即32位掩码的路由，根据终端的IP地址进行精确匹配查找，主机路由和网段路由对应，网段路由是根据IP网段进行查找)，DHCP终端的接入接口为L2TPv3隧道入接口；并且在终端的转发表项中记录DHCP终端的二层信息，用于转发向DHCP终端发送的数据报文。Specifically, the LNS generates the host route to the user terminal (that is, the route of the 32-bit mask, which is accurately matched and searched according to the IP address of the terminal, the host route corresponds to the network segment route, and the network segment route is searched according to the IP network segment), The access interface of the DHCP terminal is the inbound interface of the L2TPv3 tunnel; and the Layer 2 information of the DHCP terminal is recorded in the forwarding table entry of the terminal, which is used to forward the data message sent to the DHCP terminal.

步骤s309、LAC接收LNS发送的响应报文，记录相应的信息。In step s309, the LAC receives the response message sent by the LNS, and records the corresponding information.

具体的，LAC记录L2TPv3隧道ID和会话ID、二层封装信息以及DHCP终端接入接口的绑定关系，用于转发向DHCP终端发送的数据报文；生成DHCP终端的地址和L2TPv3隧道ID、会话ID的对应关系，用于转发从DHCP终端接收到的向网络侧发送的报文；然后将网络侧的响应报文通过接入汇聚网络发送给DHCP终端。Specifically, the LAC records the binding relationship between the L2TPv3 tunnel ID and session ID, Layer 2 encapsulation information, and the access interface of the DHCP terminal for forwarding data packets sent to the DHCP terminal; generates the address of the DHCP terminal, the L2TPv3 tunnel ID, and the session ID. The corresponding relationship of the ID is used to forward the message received from the DHCP terminal to the network side; and then send the response message from the network side to the DHCP terminal through the access aggregation network.

步骤s310、DHCP终端获得网络侧分配的IP地址，可以访问Internet网络。Step s310, the DHCP terminal obtains the IP address allocated by the network side, and can access the Internet.

在获得网络侧分配的地址后，终端访问Internet网络时的数据转发流程如图5所示，包括如下步骤：After obtaining the address assigned by the network side, the data forwarding process when the terminal accesses the Internet network is shown in Figure 5, including the following steps:

步骤s401、DHCP终端向网络侧发送数据报文。In step s401, the DHCP terminal sends a data packet to the network side.

步骤s402、LAC接收到DHCP终端发送的数据报文，将该二层数据报文进行L2TPv3封装，并根据DHCP终端的源MAC和源IP，将封装后的二层数据报文映射到对应的L2TPv3隧道向LNS发送。Step s402, the LAC receives the data packet sent by the DHCP terminal, performs L2TPv3 encapsulation on the Layer 2 data packet, and maps the encapsulated Layer 2 data packet to the corresponding L2TPv3 according to the source MAC and source IP of the DHCP terminal The tunnel sends to the LNS.

步骤s403、LNS进行L2TPv3隧道解封装，根据数据报文的目的IP查找路由表，根据路由表将DHCP终端的数据报文转发到Internet网络的目的设备。In step s403, the LNS decapsulates the L2TPv3 tunnel, searches the routing table according to the destination IP of the data message, and forwards the data message of the DHCP terminal to the destination device of the Internet network according to the routing table.

步骤s404、LNS收到目的设备向DHCP终端发送的响应报文，首先查找路由表获得该DHCP终端的主机路由，路由的出接口为L2TPv3隧道。则LNS将目的设备发送的响应报文进行二层信息封装，之后再进行L2TPv3封装并发送到LAC。In step s404, the LNS receives the response message sent by the destination device to the DHCP terminal, and first searches the routing table to obtain the host route of the DHCP terminal, and the outbound interface of the route is the L2TPv3 tunnel. Then the LNS encapsulates the response message sent by the destination device with Layer 2 information, and then performs L2TPv3 encapsulation and sends it to the LAC.

步骤s405、LAC根据L2TPv3隧道的ID、以及会话ID查找到该DHCP终端的接入接口，终结L2TPv3隧道封装，将解封装后的响应报文从该接口转发回去。Step s405 , the LAC finds the access interface of the DHCP terminal according to the ID of the L2TPv3 tunnel and the session ID, terminates the encapsulation of the L2TPv3 tunnel, and forwards the decapsulated response message back from the interface.

步骤s406、DHCP终端接收到目的设备返回的响应报文。Step s406, the DHCP terminal receives the response message returned by the destination device.

另外，LNS上还存储各用户终端对应的网关地址，当用户终端进行ping地址池网关的操作时，由LNS响应该ping操作。DHCP批发用户之间的互相访问也通过LNS进行，数据报文不在LAC上进行交换；具体的，LNS上存在路由表，可以根据数据报文的目的地址以及该路由表进行相应的转发，因此，DHCP批发用户之间的报文交互只能通过LNS进行，而不能在LAC上直接进行交互。In addition, the LNS also stores the gateway address corresponding to each user terminal, and when the user terminal performs an operation of pinging the gateway of the address pool, the LNS responds to the ping operation. The mutual access between DHCP wholesale users is also carried out through the LNS, and the data packets are not exchanged on the LAC; specifically, there is a routing table on the LNS, and corresponding forwarding can be performed according to the destination address of the data packets and the routing table. Therefore, Packet exchange between DHCP wholesale users can only be performed through the LNS, not directly on the LAC.

利用L2TPv3的故障检测和恢复措施如下：The fault detection and recovery measures using L2TPv3 are as follows:

为了实时感知用户终端接入、汇聚网络状态，可以通过在LAC启用ARP(Address Resolution Protocol，地址解析协议)探测。当探测到用户终端超时下线时，LAC发送会话拆除消息到达LNS，LNS删除用户表项信息；如果用户终端因线路中断等原因超时下线后的某时刻LAC和用户终端之间的线路状态恢复，则LAC收到用户终端的数据报文时，通过用户终端标识查找到保存的Option 82、Option 60信息，模拟生成DHCP协议报文，通过L2TPv3隧道发送到LNS，重新申请地址建立用户表项，该过程等同于DHCP终端初始会话发起建立过程。In order to perceive the user terminal access and aggregation network status in real time, ARP (Address Resolution Protocol, Address Resolution Protocol) detection can be enabled on the LAC. When it is detected that the user terminal goes offline overtime, the LAC sends a session teardown message to the LNS, and the LNS deletes the user entry information; if the user terminal goes offline overtime due to line interruption, etc., the line status between the LAC and the user terminal recovers at a certain time , when the LAC receives the data message from the user terminal, it finds the stored Option 82 and Option 60 information through the user terminal ID, simulates the generated DHCP protocol message, sends it to the LNS through the L2TPv3 tunnel, and re-applies for the address to establish the user table entry. This process is equivalent to the initial session establishment process initiated by the DHCP terminal.

LAC收到LNS发送的DHCP响应报文之后，生成用户转发表项，即L2TPv3隧道ID和会话ID、二层封装信息和接入接口的绑定关系，从而用户终端又可以正常访问Internet网络。After receiving the DHCP response packet sent by the LNS, the LAC generates user forwarding entries, that is, the binding relationship between the L2TPv3 tunnel ID and session ID, Layer 2 encapsulation information, and the access interface, so that the user terminal can access the Internet normally.

如果L2TP隧道Down掉，如果LAC上ARP探测没有超时，在L2TPv3隧道重新up之后，LAC要能够模拟发送DHCP协议报文让LNS设备重新建立用户表项信息；If the L2TP tunnel is down, and if the ARP detection on the LAC does not time out, after the L2TPv3 tunnel is up again, the LAC should be able to simulate sending DHCP protocol packets to let the LNS device re-establish user entry information;

另外，RADIUS(Remote Authentication Dial In User Service，远程用户拨入认证系统)支持关于L2TP属性扩展，RADIUS可以下发隧道类型(64)、L2TP组名(81)、LAC源地址(66)、LNS地址(67)、隧道名(90)、隧道密码(69)、隧道标识名(82)等属性，由RADIUS服务器下发L2TP隧道属性，可以实现LAC、LNS设备零配置，从而能够通过服务器集中管理网络设备，方便网络管理。In addition, RADIUS (Remote Authentication Dial In User Service, remote user dial-in authentication system) supports the extension of L2TP attributes. RADIUS can issue tunnel type (64), L2TP group name (81), LAC source address (66), LNS address (67), tunnel name (90), tunnel password (69), tunnel identification name (82) and other attributes, the L2TP tunnel attributes are issued by the RADIUS server, which can realize zero configuration of LAC and LNS devices, so that the network can be managed centrally through the server device for easy network management.

ISP扩充用户需要配置新地址池的时候，无须更改代表NSP网络资源的LAC的配置，只需要更改LNS设备上的配置信息，用户管理完全由ISP来进行控制，实现真正意义上的DHCP用户批发。When ISP expansion users need to configure a new address pool, there is no need to change the configuration of the LAC representing the NSP network resources, only the configuration information on the LNS device needs to be changed, and the user management is completely controlled by the ISP, realizing the wholesale of DHCP users in the true sense.

通过本发明实施例提供的方法，由LAC设备将终端的报文映射到L2TPv3隧道，并通过L2TPv3隧道传送到远端LNS设备，由该LNS设备实现与网络的交互，从而实现了DHCP用户的业务批发。本发明的实施例中，L2TPv3隧道可以建立在普通IP网络，具有实现简单、组网成本低等优点。Through the method provided by the embodiment of the present invention, the LAC device maps the terminal message to the L2TPv3 tunnel, and transmits it to the remote LNS device through the L2TPv3 tunnel, and the LNS device realizes the interaction with the network, thereby realizing the service of the DHCP user wholesale. In the embodiment of the present invention, the L2TPv3 tunnel can be established on a common IP network, which has the advantages of simple implementation and low networking cost.

本发明的实施例还提供一种实现DHCP用户业务批发的系统，其架构示意图如图3所示，其中：Embodiments of the present invention also provide a system for realizing wholesale of DHCP user services, the schematic diagram of which is shown in Figure 3, wherein:

LAC用于接收到终端发送的数据报文时，将数据报文进行L2TPv3封装；并将封装后的数据报文通过与终端对应的L2TPv3隧道向L2TP网络服务设备LNS发送；还用于接收LNS通过L2TPv3隧道发送的响应报文，并将响应报文进行解封装后向终端发送。The LAC is used to encapsulate the data packet in L2TPv3 when receiving the data packet sent by the terminal; and send the encapsulated data packet to the L2TP network service device LNS through the L2TPv3 tunnel corresponding to the terminal; it is also used to receive the LNS through The response packet sent by the L2TPv3 tunnel, decapsulates the response packet and sends it to the terminal.

LNS用于对从LAC接收的报文进行L2TPv3隧道解封装，根据解封装后数据报文的目的IP查找路由表，将数据报文转发到目的设备；还用于收到响应报文时，将响应报文根据终端的二层信息进行二层信息封装，并进行L2TPv3封装后通过获取到的L2TPv3隧道向LAC发送。The LNS is used to decapsulate the packet received from the LAC through the L2TPv3 tunnel, search the routing table according to the destination IP of the decapsulated data packet, and forward the data packet to the destination device; The response message is encapsulated with Layer 2 information according to the Layer 2 information of the terminal, and after L2TPv3 encapsulation, it is sent to the LAC through the obtained L2TPv3 tunnel.

具体的，该系统中LAC的结构如图6所示，包括：Specifically, the structure of the LAC in this system is shown in Figure 6, including:

封装单元11，用于接收到终端发送的数据报文时，将数据报文进行L2TPv3封装；Theencapsulation unit 11 is configured to perform L2TPv3 encapsulation on the data message when receiving the data message sent by the terminal;

隧道获取单元12，用于获取终端对应的L2TPv3隧道，并将封装单元11封装后的数据报文并通过对应的L2TPv3隧道向L2TP网络服务设备LNS发送；Thetunnel acquisition unit 12 is configured to acquire the L2TPv3 tunnel corresponding to the terminal, and send the data packet encapsulated by theencapsulation unit 11 to the L2TP network service device LNS through the corresponding L2TPv3 tunnel;

响应报文接收单元13，用于接收LNS通过L2TPv3隧道发送的响应报文；A responsemessage receiving unit 13, configured to receive a response message sent by the LNS through the L2TPv3 tunnel;

解封装单元14，用于将响应报文接收单元13接收到的响应报文进行解封装后向终端发送。The decapsulatingunit 14 is configured to decapsulate the response message received by the responsemessage receiving unit 13 and send it to the terminal.

该LAC还包括：The LAC also includes:

第一存储单元15，用于存储在为终端分配DHCP地址过程中记录的DHCP终端的地址和L2TPv3隧道ID、会话ID的对应关系；并将对应关系提供给隧道获取单元12。Thefirst storage unit 15 is used to store the correspondence between the address of the DHCP terminal and the L2TPv3 tunnel ID and session ID recorded in the process of assigning the DHCP address to the terminal; and provide the correspondence to thetunnel acquisition unit 12 .

第二存储单元16，用于存储在为终端分配DHCP地址过程中记录的L2TPv3隧道ID和会话ID、二层封装信息以及终端接入接口的对应关系；并将对应关系提供给解封装单元14。Thesecond storage unit 16 is used to store the corresponding relationship between L2TPv3 tunnel ID and session ID, Layer 2 encapsulation information and terminal access interface recorded in the process of assigning a DHCP address to the terminal; and provide the corresponding relationship to the decapsulatingunit 14.

隧道映射单元17，用于接收到终端的DHCP会话请求报文时，根据终端的接入接口以及终端所属的VLAN，以及预先建立的终端的接入接口、终端所属的VLAN和L2TPv3隧道之间的对应关系，将终端的DHCP会话请求报文映射进入对应的L2TPv3隧道。Tunnel mapping unit 17, for receiving the DHCP session request message of the terminal, according to the access interface of the terminal and the VLAN to which the terminal belongs, and the pre-established connection between the access interface of the terminal, the VLAN to which the terminal belongs, and the L2TPv3 tunnel Corresponding relationship, mapping the DHCP session request message of the terminal into the corresponding L2TPv3 tunnel.

下线探测单元18，用于探测到终端超时下线时，向LNS发送会话拆除消息；Theoffline detection unit 18 is configured to send a session teardown message to the LNS when detecting that the terminal is offline overtime;

模拟报文发送单元19，用于再次接收到超时下线终端的数据报文时，根据终端的信息，模拟生成DHCP会话请求报文，并通过L2TPv3隧道向LNS发送，重新为终端分配地址。The simulatedmessage sending unit 19 is configured to simulate and generate a DHCP session request message according to the information of the terminal when receiving the data message of the terminal that goes offline after timeout again, and send it to the LNS through the L2TPv3 tunnel to re-allocate an address for the terminal.

具体的，该系统中LNS的结构如图7所示，包括：Specifically, the structure of the LNS in the system is shown in Figure 7, including:

解封装单元21，用于对接收到的报文进行L2TPv3隧道解封装；The decapsulation unit 21 is used to perform L2TPv3 tunnel decapsulation on the received message;

转发单元22，用于根据解封装单元21解封装后数据报文的目的IP查找路由表，将数据报文转发到目的设备；The forwarding unit 22 is used to search the routing table according to the destination IP of the data message decapsulated by the decapsulating unit 21, and forward the data message to the destination device;

隧道获取单元23，用于接收到响应报文时，获取终端的主机路由中的出接口L2TPv3隧道；The tunnel obtaining unit 23 is configured to obtain the outgoing interface L2TPv3 tunnel in the host route of the terminal when receiving the response message;

封装单元24，用于将响应报文根据终端的二层信息进行二层信息封装，并进行L2TPv3封装后通过隧道获取单元23获取到的L2TPv3隧道向LAC发送。The encapsulation unit 24 is configured to encapsulate the response message according to the Layer 2 information of the terminal, and then send the response message to the LAC through the L2TPv3 tunnel acquired by the tunnel acquisition unit 23 after L2TPv3 encapsulation.

该LAC还包括：The LAC also includes:

第三存储单元25，用于在为终端分配DHCP地址过程中记录终端的主机路由，以及终端的二层信息，并提供给隧道获取单元23以及封装单元24。The third storage unit 25 is configured to record the host route of the terminal and the layer 2 information of the terminal during the process of assigning the DHCP address to the terminal, and provide them to the tunnel obtaining unit 23 and the encapsulation unit 24 .

通过本发明实施例提供的系统和设备，由LAC设备将终端的报文映射到L2TPv3隧道，并通过L2TPv3隧道传送到远端LNS设备，由该LNS设备实现与网络的交互，从而实现了DHCP用户的业务批发。本发明的实施例中，L2TPv3隧道可以建立在普通IP网络，具有实现简单、组网成本低等优点。Through the system and device provided by the embodiment of the present invention, the LAC device maps the terminal message to the L2TPv3 tunnel, and transmits it to the remote LNS device through the L2TPv3 tunnel, and the LNS device realizes the interaction with the network, thereby realizing the DHCP user business wholesale. In the embodiment of the present invention, the L2TPv3 tunnel can be established on a common IP network, which has the advantages of simple implementation and low networking cost.

通过以上的实施方式的描述，本领域的技术人员可以清楚地了解到本发明可以通过硬件实现，也可以可借助软件加必要的通用硬件平台的方式来实现基于这样的理解，本发明的技术方案可以以软件产品的形式体现出来，该软件产品可以存储在一个非易失性存储介质(可以是CD-ROM，U盘，移动硬盘等)中，包括若干指令用以使得一台计算机设备(可以是个人计算机，服务器，或者网络设备等)执行本发明各个实施例所述的方法。Through the description of the above embodiments, those skilled in the art can clearly understand that the present invention can be realized by hardware, or by means of software plus a necessary general-purpose hardware platform. Based on this understanding, the technical solution of the present invention It can be embodied in the form of software products, which can be stored in a non-volatile storage medium (which can be CD-ROM, U disk, mobile hard disk, etc.), and include several instructions to make a computer device (which can be It is a personal computer, a server, or a network device, etc.) to execute the methods described in various embodiments of the present invention.

以上公开的仅为本发明的几个具体实施例，但是，本发明并非局限于此，任何本领域的技术人员能思之的变化都应落入本发明的保护范围。The above disclosures are only a few specific embodiments of the present invention, however, the present invention is not limited thereto, and any changes conceivable by those skilled in the art shall fall within the protection scope of the present invention.