Multiple family one vlan bundlees the lower many nets of authentication mechanism outlet and merges transmission methodTechnical field
The present invention relates to linking Internet and transmission field, under particularly multiple family one vlan of one bundlees authentication mechanism outlet, many nets merge transmission method.
Background technology
Current internet development is like a raging fire, emerge in an endless stream in newly-built community and store, the upgrading of circuit is also constantly carried out in old community, but how to meet the linking Internet in these communities and store? Ji great operator is simultaneously at these communities and market construction independently Access Network separately often, greatly waste social resources and physical resources, if user will change operator, also need again to lay the line attachment between Lou Dong to user, not only inefficiency, also waste time and energy, affect the attractive in appearance of community and market.
The common network having had equipment can complete multiple operator now transmits with cable, realizing user when changing operator, not needing again to lay line attachment, the PPPoE account number only changing user's online can complete the replacing of operator, substantially increase efficiency, facilitate user.But operator is in order to network security and be convenient to management, often carry out the division of qinq and vlan, and the mode nearly all adopting family one vlan to bind manages, the PPPoE account number realizing changing online can complete changes the such target of operator, its precondition is exactly community, the division of qinq and vlan in store must meet the requirement of this Ji great operator simultaneously, because several large operation is respective independent management, development plan is each variant, certainly there is difference in planning and the configuration of qinq and vlan, community, the network vlan planning that the division of network qinq and vlan in region, store will meet this several large operation is simultaneously almost impossible, therefore, the common network solving Ji great operator transmits with cable, the problem changing operator is completed by only changing account number, must by community, the configuration of network qinq and vlan in region, store divides to be planned independent with the network vlan of several large operation.
Therefore need a kind of multiple family one vlan to bundle the lower many nets of authentication mechanism outlet and merge transmission method.
Summary of the invention
In view of this, technical problem to be solved by this invention is to provide a kind of multiple family one vlan and bundlees under authentication mechanism exports how net merges transmission method.
The object of the present invention is achieved like this:
Multiple family one vlan provided by the invention bundlees the lower many nets of authentication mechanism outlet and merges transmission method, comprises the following steps:
S1: receive user PPPoE packet;
S2: judge that whether the last logging status of MAC of user PPPoE packet is for logining successfully;
S3: if the outlet then logined successfully for the last time according to MAC and outlet vlan forward follow-up PPPoE message;
S4: judge that the account number of current use is whether in account number, outlet, outlet vlan corresponding relation record; If not, then by the account number of this MAC according to current use, forward follow-up PPPoE message by account number, outlet, outlet vlan corresponding relation, until terminate communication;
S5: if then judge that whether the account number of current use is consistent with the record that this MAC logins successfully for the last time; If not, then from the record logined successfully, information corresponding to this MAC is deleted;
S6: if the account number of current use is consistent with the record that this MAC logins successfully for the last time, then fix this MAC and forward follow-up PPPoE message, until terminate communication according to the outlet logined successfully for the last time and outlet vlan.
Further, if the last logging status of MAC of user PPPoE packet does not login successfully in described step S2; Then perform according to following steps:
S21: judge whether this MAC is not in now and repay examination vlan state;
S22: if then judge whether this MAC is not in now and repay examination discharge state;
S23: if MAC is not in now repay examination discharge state, then press outlet order by this MAC, assuming that an outlet repays examination for the first time, and in the outlet that this repays examination, use the vlan of the free time of this outlet to carry out repaying examination;
S24: judge that this MAC uses current account number, whether the outlet of repaying now examination logins successfully, if the outlet of repaying now examination does not login successfully, is then in this MAC write the mark repaying examination discharge state; And return step S21 and whether MAC is not in now repays examination vlan state and judge;
S25: if the outlet of repaying now examination logins successfully, then write this MAC, account number, outlet, outlet vlan information the record logined successfully;
Further, in described step S21, MAC is in now and repays examination vlan state, then perform according to following steps:
S211: judge whether this MAC goes back outstanding and tried to suppose all vlan in outlet; If not, then step S215 is entered;
S212: if then this MAC is temporarily anchored in next supposition outlet, repay examination one by one according to the idle vlan in this outlet;
S213: judge that this MAC uses current account number to use idle vlan whether to login successfully in now current outlet; If MAC uses current account number to use idle vlan to log in not success in now current outlet, then enter step S215;
S214: if MAC uses current account number to use idle vlan to login successfully in now current outlet, then this MAC, account number, outlet, outlet vlan information are write the record logined successfully, deletes this MAC and is in the mark repaying examination vlan state;
S215: judge this MAC be repay tried the available free vlan of outlet and all outlet ports; If not, then return step S21 whether not to be in now MAC and to repay examination vlan state and judge; If so, then delete this MAC to be in and to repay the mark that examination vlan state is repaid in the examination mark of discharge state and deletion.
Further, in described step S22, MAC is in now and repays examination discharge state, then perform according to following steps:
S221: judge whether this MAC goes back outstanding and tried all outlet ports, if not, then enters step S225;
S222: if, then by this MAC according to outlet order, change to next outlet and repay examination for the first time one by one, and in the outlet of repaying examination, use the vlan of the free time of this outlet to carry out repaying examination;
S223: judge that this MAC uses current account number, whether the outlet of repaying now examination logins successfully, if not, then enter step S221:
S224: if then this MAC, account number, outlet, outlet vlan information are write the record logined successfully, deletes this MAC and is in the mark repaying examination discharge state;
S225: this MAC is temporarily anchored in a supposition outlet, repay examination one by one according to the idle vlan in this outlet;
S226: judge that this MAC uses current account number, whether the idle vlan of now current outlet logins successfully, and if not, then this MAC write is in the mark repaying examination vlan state;
S227: if then this MAC, account number, outlet, outlet vlan information are write the record logined successfully, deletes this MAC and is in the mark repaying examination vlan state.
Further, after MAC write being in the mark repaying examination vlan state in described step S226; Also perform according to following steps: then return step S21 and whether MAC is not in now repays examination vlan state and judge.
Beneficial effect of the present invention is: the present invention adopts a family one vlan web tab conversion, complete user at different operators draw to establish between vlan and build network linking communication.According to different operators draw and establish the requirement of vlan to rebuild vlan packet header, complete vlan conversion, make any vlan of Intranet all can through this equipment vlan change after, a family one vlan binding information between outlet operator different from outer net is consistent, by the multiple users under consolidated network label in Intranet, or the user inconsistent from egress network label range converts each different web tab on this equipment; Thus the data proper communication that can realize between user to operator, the network vlan in the region such as community and store so both can have been kept independent, can solve again because of Intranet user and be different from vlan between operator and divide inconsistent caused user and gently can not anticipate and change the problem of outlet operator, realize an access network just to can be multiple operator and provide access simultaneously, reduce the repeated construction of network, also reducing the waste of resource, is the platform promoting the development of the Internet to provide a fair competition.
Accompanying drawing explanation
In order to make the object, technical solutions and advantages of the present invention clearly, below in conjunction with accompanying drawing, the present invention is described in further detail, wherein:
The lower many net fusion transmission method flow charts of a multiple family one vlan binding authentication mechanism outlet that Fig. 1 provides for the embodiment of the present invention.
Embodiment
Hereinafter with reference to accompanying drawing, the preferred embodiments of the present invention are described in detail.Should be appreciated that preferred embodiment only in order to the present invention is described, instead of in order to limit the scope of the invention.
As shown in the figure, multiple family one vlan provided by the invention bundlees the lower many nets of authentication mechanism outlet and merges transmission method, comprises the following steps:
S1: receive user PPPoE packet;
S2: judge that whether the last logging status of MAC of user PPPoE packet is for logining successfully; If the last logging status of MAC of user PPPoE packet does not login successfully in described step S2; Then perform according to following steps:
S21: judge whether this MAC is not in now and repay examination vlan state;
In described step S21, MAC is in now and repays examination vlan state, then perform according to following steps:
S211: judge whether this MAC goes back outstanding and tried to suppose all vlan in outlet; If not, then step S215 is entered;
S212: if then this MAC is temporarily anchored in next supposition outlet, repay examination one by one according to the idle vlan in this outlet;
S213: judge that this MAC uses current account number to use idle vlan whether to login successfully in now current outlet; If MAC uses current account number to use idle vlan to log in not success in now current outlet, then enter step S215;
S214: if MAC uses current account number to use idle vlan to login successfully in now current outlet, then this MAC, account number, outlet, outlet vlan information are write the record logined successfully, delete this MAC and be in the mark (regard as new user and namely one by one examination is repaid to the idle vlan in supposition outlet) repaying examination vlan state;
S215: judge this MAC be repay tried the available free vlan of outlet and all outlet ports; If not, then return step S21 whether not to be in now MAC and to repay examination vlan state and judge; If so, then delete this MAC to be in and to repay the mark (regard as new user namely repay examination to all vlan of all outlet ports all failed) that examination vlan state is repaid in the examination mark of discharge state and deletion.
S22: if then judge whether this MAC is not in now and repay examination discharge state; In described step S22, MAC is in now and repays examination discharge state, then perform according to following steps:
S221: judge whether this MAC goes back outstanding and tried all outlet ports, if not, then enters step S225;
S222: if, then by this MAC according to outlet order, change to next outlet and repay examination for the first time one by one, and in the outlet of repaying examination, use the vlan of the free time of this outlet to carry out repaying examination;
S223: judge that this MAC uses current account number, whether the outlet of repaying now examination logins successfully, if not, then enter step S221:
S224: if then this MAC, account number, outlet, outlet vlan information are write the record logined successfully, deletes this MAC and is in the mark (regarding as new user: repay examination one by one to outlet) repaying examination discharge state;
S225: this MAC is temporarily anchored in a supposition outlet, repay examination one by one according to the idle vlan in this outlet;
S226: judge that this MAC uses current account number, whether the idle vlan of now current outlet logins successfully, and if not, then this MAC write is in the mark repaying examination vlan state;
After MAC write being in the mark repaying examination vlan state in described step S226; Also perform according to following steps: return step S21 and whether MAC is not in now repays examination vlan state and judge;
S227: if then this MAC, account number, outlet, outlet vlan information are write the record logined successfully, deletes this MAC and is in the mark (regarding as new user: repay examination one by one to the idle vlan in supposition outlet) repaying examination vlan state.
S23: if MAC is not in now repay examination discharge state, then press outlet order by this MAC, assuming that an outlet repays examination for the first time, and in the outlet that this repays examination, use the vlan of the free time of this outlet to carry out repaying examination;
S24: judge that this MAC uses current account number, whether the outlet of repaying now examination logins successfully, if the outlet of repaying now examination does not login successfully, is then in this MAC write the mark repaying examination discharge state; And return step S21 and whether MAC is not in now repays examination vlan state and judge;
S25: if the outlet of repaying now examination logins successfully, then write the record (regard as new user namely repay examination first just login successfully) logined successfully by this MAC, account number, outlet, outlet vlan information;
S3: if the outlet then logined successfully for the last time according to MAC and outlet vlan forward follow-up PPPoE message;
S4: judge that the account number of current use is whether in account number, outlet, outlet vlan corresponding relation record; If not, then by the account number of this MAC according to current use, forward follow-up PPPoE message by account number, outlet, outlet vlan corresponding relation, until terminate communication;
S5: if then judge that whether the account number of current use is consistent with the record that this MAC logins successfully for the last time; If not, then from the record logined successfully, information corresponding to this MAC is deleted;
S6: if the account number of current use is consistent with the record that this MAC logins successfully for the last time, then fix this MAC and forward follow-up PPPoE message (regard as old user and undertaken processing and forwarding by existing account number, outlet, outlet vlan corresponding relation), until terminate communication according to the outlet logined successfully for the last time and outlet vlan.
The present embodiment provides many net fusion transmission methods to comprise following several stages:
Old user: undertaken processing and forwarding by existing account number, outlet, outlet vlan corresponding relation;
New user: repay examination outlet first and just login successfully;
New user: when repaying examination one by one to outlet, repays in examination process and logins successfully;
New user: one by one examination is repaid to the idle vlan in supposition outlet, repays examination first and just login successfully;
New user: to when supposing that outlet being carried out vlan repays examination, repay in examination process and login successfully;
New user: examination repaid to all vlan of all outlet ports all failed.
Many nets that the present embodiment provides merge realization multiple family one vlan that transmission methods comprise in user uplink PPPoE packet and descending PPPoE packet two processes and bundle the much more lower net of authentication mechanism outlet and merge transmission method; User uplink PPPoE packet attempts the different vlan (the different vlan of each outlet decide according to default vlan span) of different outlet, each outlet by MAC, outlet, outlet vlan mapping table; In conjunction with the MAC formed in debarkation authentication process, account number, outlet, outlet vlan, log in success or not mark blotter table, and combine log in successful account, outlet, outlet vlan form a corresponding relation solidification table;
In descending PPPoE process data packet realizing multiple family one vlan bundle authentication mechanism outlet under many nets to merge transmission method be the mapping table utilizing the user MAC of record, interior network interface (corresponding to target outlet), No. vlan, Intranet; MAC, account number, outlet, outlet vlan, log in that success or not mark blotter table realizes.After account authentication success, upgrade account, outlet, outlet vlan mapping table, form the solidification table logging in successful account, outlet, outlet vlan corresponding relation.
Family one vlan in the present embodiment refers to that some ISP operator is for guaranteeing network security and preventing account number between user from using mutually, the each vlan taked is restricted to can only a kind of technical measures of using of user, and each user namely under this ISP operator needs to use different vlan to access.
Outlet: refer to ISP; Outlet vlan, namely refers to that ISP can allow the vlan accessed.
What finally illustrate is, above embodiment is only in order to illustrate technical scheme of the present invention and unrestricted, although by referring to the preferred embodiments of the present invention, invention has been described, but those of ordinary skill in the art is to be understood that, various change can be made to it in the form and details, and not depart from the spirit and scope that the present invention limits.