[go: up one dir, main page]
More Web Proxy on the site http://driver.im/

CN1248447C - Broadband network access method - Google Patents

Broadband network access method Download PDF

Info

Publication number
CN1248447C
CN1248447C CNB021178038A CN02117803A CN1248447C CN 1248447 C CN1248447 C CN 1248447C CN B021178038 A CNB021178038 A CN B021178038A CN 02117803 A CN02117803 A CN 02117803A CN 1248447 C CN1248447 C CN 1248447C
Authority
CN
China
Prior art keywords
dhcp
user terminal
network
request message
user
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
CNB021178038A
Other languages
Chinese (zh)
Other versions
CN1458761A (en
Inventor
张群
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Huawei Technologies Co Ltd
Original Assignee
Huawei Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Technologies Co Ltd filed Critical Huawei Technologies Co Ltd
Priority to CNB021178038A priority Critical patent/CN1248447C/en
Publication of CN1458761A publication Critical patent/CN1458761A/en
Application granted granted Critical
Publication of CN1248447C publication Critical patent/CN1248447C/en
Anticipated expiration legal-status Critical
Expired - Fee Related legal-status Critical Current

Links

Landscapes

  • Small-Scale Networks (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

本发明公开了一种宽带网络接入方法,该方法在用户终端发出DHCP请求报文时,由DHCP中继服务器收到用户终端的DHCP请求报文后,根据报文对用户进行认证和合法性检查,如果检查通过,将该用户终端的DHCP请求报文中转给DHCP服务器,DHCP服务器为该用户终端分配IP地址,并将IP地址等网络初使化信息记载在DHCP响应报文中,并由DHCP中继服务器将DHCP响应报文转发给用户终端,用户终端获得IP地址进而接入网络,否则丢弃该用户终端的DHCP请求报文,终止该用户的网络接入;采用本发明可以限制非法用户接入网络,提高了网络接入的安全性。

The invention discloses a broadband network access method. In the method, when a user terminal sends out a DHCP request message, after receiving the DHCP request message from the user terminal, the DHCP relay server performs authentication and legality on the user according to the message. Check, if the inspection is passed, the DHCP request message of the user terminal is forwarded to the DHCP server, and the DHCP server assigns an IP address for the user terminal, and records the network initialization information such as the IP address in the DHCP response message, and the The DHCP relay server forwards the DHCP response message to the user terminal, and the user terminal obtains an IP address and then accesses the network; otherwise, the DHCP request message of the user terminal is discarded, and the network access of the user is terminated; the invention can restrict illegal users Access to the network improves the security of network access.

Description

一种宽带网络接入方法A broadband network access method

技术领域technical field

本发明涉及无线网络的接入方法,具体地说涉及宽带无线网络的接入方法。The invention relates to a wireless network access method, in particular to a broadband wireless network access method.

背景技术Background technique

在宽带网络中,如果用户终端发出网络接入请求,则网络中负责IP地址分配的服务器会为该发出网络接入请求的用户终端分配一个互联网(IP)地址,以便用户终端可以接入网络。目前宽带网络中的负责IP地址分配的服务器,即DHCP服务器采用标准的动态主机配置协议(DHCP,Dynamic Host Configuration Protocol),使用户终端在网络接入时可以从DHCP服务器自动获取IP地址等网络初始化信息。在用户终端进行网络接入时,首先由用户终端发出DHCP请求报文申请接入网络,DHCP中继服务器收到该请求报文后,将其中转给DHCP服务器,DHCP服务器收到用户终端的DHCP请求报文后,把分配给用户的IP地址等网络初始化信息记载在DHCP响应报文中,发给DHCP中继服务器,再由DHCP中继服务器将收到的DHCP服务器的DHCP响应报文中转给用户终端,用户终端获得IP地址,从而使该用户终端接入网络。从上述过程可知,采用现有的网络接入方法,只要用户终端发起DHCP请求,无论是非法用户还是合法用户,DHCP服务器都会给用户分配IP地址,这样不仅造成IP地址的浪费,而且给非法用户提供了不用认证、计费就可以上网的机会,更为严重的是如果非法用户恶意地不断发起DHCP请求,将耗尽DHCP服务器地址池中的所有IP地址而无法控制,因此,现有的网络接入方法的安全性较差。In a broadband network, if a user terminal sends a network access request, the server responsible for IP address allocation in the network will assign an Internet (IP) address to the user terminal that sends the network access request, so that the user terminal can access the network. At present, the server responsible for IP address allocation in the broadband network, that is, the DHCP server adopts the standard Dynamic Host Configuration Protocol (DHCP, Dynamic Host Configuration Protocol), so that the user terminal can automatically obtain the IP address from the DHCP server and other network initialization when accessing the network. information. When a user terminal accesses the network, the user terminal first sends a DHCP request message to apply for access to the network. After receiving the request message, the DHCP relay server forwards it to the DHCP server, and the DHCP server receives the DHCP request message from the user terminal. After the request message, record the network initialization information such as the IP address assigned to the user in the DHCP response message, and send it to the DHCP relay server, and then the DHCP relay server will transfer the received DHCP response message of the DHCP server to the DHCP server. User terminal, the user terminal obtains an IP address, so that the user terminal accesses the network. As can be seen from the above process, with the existing network access method, as long as the user terminal initiates a DHCP request, no matter whether it is an illegal user or a legal user, the DHCP server will assign an IP address to the user, which not only causes a waste of IP addresses, but also creates a problem for illegal users. It provides an opportunity to surf the Internet without authentication and billing. What is more serious is that if illegal users continuously initiate DHCP requests maliciously, all IP addresses in the DHCP server address pool will be exhausted and cannot be controlled. Therefore, the existing network The access method is less secure.

发明内容Contents of the invention

本发明的目的在于提供一种安全性较好的宽带网络接入方法,使用该方法可以限制非法用户接入网络。The purpose of the present invention is to provide a broadband network access method with better security, which can restrict illegal users from accessing the network.

为达到上述目的,本发明提供的宽带网络的安全接入方法,包括:In order to achieve the above object, the secure access method of the broadband network provided by the present invention includes:

(1)用户终端向DHCP中继服务器发出DHCP请求报文;(1) The user terminal sends a DHCP request message to the DHCP relay server;

(2)DHCP中继服务器收到用户终端的DHCP请求报文后,根据报文对用户进行认证和合法性检查,如果检查通过,将该用户终端的DHCP请求报文中转给DHCP服务器,然后转步骤(3),否则丢弃该用户终端的DHCP请求报文,终止该用户的网络接入;(2) After the DHCP relay server receives the DHCP request message of the user terminal, the user is authenticated and checked according to the message. If the check is passed, the DHCP request message of the user terminal is forwarded to the DHCP server, and then Step (3), otherwise the DHCP request message of the user terminal is discarded, and the network access of the user is terminated;

(3)DHCP服务器收到用户终端的DHCP请求报文后,为该用户终端分配IP地址,并将IP地址等网络初始化信息记载在DHCP响应报文中,发给DHCP中继服务器;(3) After the DHCP server receives the DHCP request message of the user terminal, it distributes an IP address for the user terminal, and records network initialization information such as the IP address in the DHCP response message, and sends it to the DHCP relay server;

(4)DHCP中继服务器将收到的DHCP服务器的DHCP响应报文转发给用户终端,用户终端获得分配给自己的IP地址进而接入网络。(4) The DHCP relay server forwards the received DHCP response message from the DHCP server to the user terminal, and the user terminal obtains its own IP address and then accesses the network.

所述步骤(1)由下述步骤完成:Described step (1) is finished by following steps:

(A1)用户终端向向网络中的二层接入设备发出DHCP请求报文;(A1) The user terminal sends a DHCP request message to the Layer 2 access device in the network;

(A2)网络中的二层接入设备将DHCP请求报文转发给DHOP中继服务器。(A2) The Layer 2 access device in the network forwards the DHCP request message to the DHOP relay server.

上述步骤(A1)所述二层接入设备为网络交换机。The Layer 2 access device described in the above step (A1) is a network switch.

上述步骤(A1)还包括:二层接入设备在DHCP请求报文中加入虚拟网络(VLAN)标签,该VLAN标签标识二层接入设备接入用户端口的虚拟网络标识(VLANID)。The above step (A1) further includes: adding a virtual network (VLAN) tag to the DHCP request message by the layer 2 access device, and the VLAN tag identifies the virtual network identifier (VLANID) of the user port accessed by the layer 2 access device.

上述步骤(2)所述根据报文对用户进行认证和合法性检查通过DHCP请求报文中的VLANID进行。According to the message in the above step (2), the user is authenticated and legality checked through the VLANID in the DHCP request message.

由于本发明在DHCP中继服务器处通过用户终端发出网络接入请求报文对其进行认证和合法性检查,根据检查结果对用户终端的DHCP请求报文进行过滤,只把合法用户的DHCP请求报文中转给DHCP服务器,这样,弥补了DHCP协议本身的安全性漏洞,在实际实现时无需改动现有的DHCP服务器软件,只需在DHCP中继处进行修改、扩充即可,方便应用;由于本发明可以限制非法用户接入网络,提高了网络接入的安全性。Since the present invention sends a network access request message through the user terminal at the DHCP relay server to perform authentication and legality checks on it, and filters the DHCP request message of the user terminal according to the check result, and only reports the DHCP request message of the legal user. The text is forwarded to the DHCP server. In this way, the security loopholes of the DHCP protocol itself are made up. In actual implementation, there is no need to change the existing DHCP server software. It is only necessary to modify and expand the DHCP relay, which is convenient for application; The invention can restrict illegal users from accessing the network, and improves the security of network access.

附图说明Description of drawings

图1是本发明所述方法的第一个实施例流程图;Fig. 1 is the flow chart of the first embodiment of the method of the present invention;

图2是本发明所述方法的第二个实施例流程图;Fig. 2 is the flow chart of the second embodiment of the method of the present invention;

图3是带有802.1Q标签头的以太网帧;Figure 3 is an Ethernet frame with an 802.1Q tag header;

图4是包含标签协议标识和标签控制信息的802.1Q标签头。Figure 4 is an 802.1Q tag header containing tag protocol identification and tag control information.

具体实施方式Detailed ways

下面结合附图对本发明作进一步详细的描述。The present invention will be described in further detail below in conjunction with the accompanying drawings.

目前在宽带接入中,用户终端一般都会通过二层交换设备接入网络,其中最为常见的二层交换设备是支持802.1Q协议(它是由IEEE(电气和电子工程师协会)组织制定的关于如何实现虚拟局域网的一个标准协议)的以太网二层交换机(LANSWITCH,Local Area Network Switch)。所有由LANSWITCH接入的用户终端发出的报文都可以被加上一个特殊的用于用户终端识别的标记,实际中,该标记可以为VLAN(Virtual Local AreaNetwork:虚拟局域网)标签,此VLAN标签标可以唯一标识此用户终端接入LANSWITCH的特定物理接口。因此,网络中的DHCP中继服务器就可以利用这个VLAN标签实现对用户的认证和合法性检查。At present, in broadband access, user terminals generally access the network through Layer 2 switching equipment, and the most common Layer 2 switching equipment supports the 802.1Q protocol (which is formulated by the IEEE (Institute of Electrical and Electronics Realize a standard protocol of virtual local area network) Ethernet Layer 2 switch (LANSWITCH, Local Area Network Switch). All the messages sent by the user terminals connected by LANSWITCH can be added with a special tag for user terminal identification. In practice, the tag can be a VLAN (Virtual Local Area Network: virtual local area network) tag. A specific physical interface through which the user terminal accesses the LANSWITCH can be uniquely identified. Therefore, the DHCP relay server in the network can use this VLAN tag to implement user authentication and legitimacy check.

图1是本发明所述方法的第一个实施例流程图,该流程通过网络中二层网络设备,即网络交换机、DHCP中继服务器和DHCP服务器实现。如图1所示,在步骤1,用户终端向网络中的网络交换机LANSWITCH发出DHCP请求报文,现有的LANSWITCH通常支持8021.Q协议,用户从接入端口发来的以太网格式的报文经过该交换机都将加上一个VLAN头以标识用户接入的端口位置。按照802.1Q协议封装的报文格式就是在原来的以太网帧头中的源地址后增加了一个802.1Q帧头,之后接原来以太网的长度或类型域,参考图3。该802.1Q标签头包含了标签协议标识(TPID-TagProtocol Identifier),表明这是一个加了802.1Q标签的报文,还包含标签控制信息(TCI-Tag Control Information),上述标签协议标识和标签控制信息参考图4。图4描述的标签头的信息包括:Fig. 1 is a flow chart of the first embodiment of the method of the present invention, which is realized by layer 2 network devices in the network, namely network switch, DHCP relay server and DHCP server. As shown in Figure 1, in step 1, the user terminal sends a DHCP request message to the network switch LANSWITCH in the network. The existing LANSWITCH usually supports the 8021.Q protocol, and the message in Ethernet format sent by the user from the access port After passing through the switch, a VLAN header will be added to identify the port position that the user accesses. The packet format encapsulated according to the 802.1Q protocol is to add an 802.1Q frame header after the source address in the original Ethernet frame header, followed by the length or type field of the original Ethernet, refer to Figure 3. The 802.1Q tag header includes a tag protocol identifier (TPID-TagProtocol Identifier), indicating that this is a message with an 802.1Q tag added, and also includes tag control information (TCI-Tag Control Information), the above tag protocol identifier and tag control Refer to Figure 4 for information. The information of the tag header described in Figure 4 includes:

虚拟网络标识(VLAN Identified,VLANID),这是一个12位的域,指明VLAN的ID,用以指明此报文属于哪一个VLAN,是进行基于端口认证的标识。Virtual network identification (VLAN Identified, VLANID), which is a 12-bit domain, indicates the ID of the VLAN, and is used to indicate which VLAN the message belongs to, and is an identification based on port authentication.

规范格式指示(CFI:Canonical Format Indicator),用于总线型的以太网与FDDI、令牌环网交换数据时的帧格式。Canonical Format Indicator (CFI: Canonical Format Indicator), used for the frame format when bus-type Ethernet exchanges data with FDDI and Token Ring.

优先级(Priority),位指明帧的优先级,用于当交换机阻塞时,优先发送哪个数据包。Priority (Priority), the bit indicates the priority of the frame, which is used to send the data packet first when the switch is blocked.

由于增加了802.1Q标签头,因此即使用户中断不支持802.1Q,即计算机发送出去的数据包的以太网帧头不包含这些信息,只要经过LANSWITCH后可以由LANSWITCH加上这个VLAN头以对用户进行合法性验证。Due to the addition of the 802.1Q tag header, even if the user interrupt does not support 802.1Q, that is, the Ethernet frame header of the data packet sent by the computer does not contain this information, as long as the LANSWITCH passes through the LANSWITCH, the VLAN header can be added by the LANSWITCH. Legitimacy verification.

基于步骤1,在步骤2网络中的LANSWITCH设备将DHCP请求报文转发给DHCP中继服务器。这样,DHCP中继服务器在步骤3接收用户终端的DHCP请求报文,然后在步骤4通过DHCP请求报文中的VLANID对用户进行认证和合法性检查,如果检查通过,将该用户终端的DHCP请求报文中转给DHCP服务器,然后进行步骤6,DHCP服务器接收用户终端的DHCP请求报文,为该用户终端分配IP地址,并将IP地址等网络初始化信息记载在DHCP响应报文中,发给DHCP中继服务器。最后在步骤7,由DHCP中继服务器将收到的DHCP服务器发出的DHCP响应报文转发给用户终端,用户终端获得分配给自己的IP地址进而接入网络;如果步骤4的合法性检查没通过,则在步骤5丢弃该用户终端的DHCP请求报文,终止该用户的网络接入。Based on step 1, the LANSWITCH device in the network in step 2 forwards the DHCP request message to the DHCP relay server. In this way, the DHCP relay server receives the DHCP request message of the user terminal in step 3, and then authenticates and checks the validity of the user through the VLANID in the DHCP request message in step 4. If the check is passed, the DHCP request message of the user terminal is passed. The message is forwarded to the DHCP server, and then step 6 is performed. The DHCP server receives the DHCP request message of the user terminal, allocates an IP address for the user terminal, and records network initialization information such as the IP address in the DHCP response message, and sends it to the DHCP server. relay server. Finally in step 7, the DHCP relay server forwards the received DHCP response message from the DHCP server to the user terminal, and the user terminal obtains the IP address assigned to itself and then accesses the network; if the legality check in step 4 fails , the DHCP request message of the user terminal is discarded in step 5, and the network access of the user is terminated.

图2是本发明所述方法的第二个实施例流程图,该流程通过网络中的DHCP中继服务器和DHCP服务器实现。首先在步骤11,用户终端向DHCP中继服务器发出DHCP请求报文;DHCP中继服务器在步骤12收到用户终端的DHCP请求报文后,根据报文对用户进行认证和合法性检查,如果检查通过,将该用户终端的DHCP请求报文中转给DHCP服务器;DHCP服务器在步骤14接收用户终端的DHCP请求报文,为该用户终端分配IP地址,并将IP地址等网络初始化信息记载在DHCP响应报文中,发给DHCP中继服务器;最后在步骤15,DHCP中继服务器将收到的DHCP服务器的DHCP响应报文转发给用户终端,用户终端获得分配给自己的IP地址进而接入网络,如果在步骤12对用户进行的认证和合法性检查没有通过,则在步骤13丢弃该用户终端的DHCP请求报文,终止该用户的网络接入。Fig. 2 is a flow chart of the second embodiment of the method of the present invention, which is realized by a DHCP relay server and a DHCP server in the network. At first in step 11, the user terminal sends a DHCP request message to the DHCP relay server; after the DHCP relay server receives the DHCP request message of the user terminal in step 12, the user is authenticated and checked according to the message, if the check Pass, the DHCP request message of this user terminal is forwarded to the DHCP server; The DHCP server receives the DHCP request message of the user terminal in step 14, distributes the IP address for the user terminal, and records network initialization information such as the IP address in the DHCP response In the message, it is sent to the DHCP relay server; finally in step 15, the DHCP relay server forwards the received DHCP response message of the DHCP server to the user terminal, and the user terminal obtains the IP address assigned to itself and then accesses the network. If in step 12 the authentication and validity check for the user fails, then in step 13 the DHCP request message of the user terminal is discarded, and the user's network access is terminated.

需要说明,如果采用图2的实施方式,为在步骤12对用户进行的认证和合法性检查,需要在步骤11用户终端发出的报文中加入用户识别信息,为此,可以通过用户预先注册的方法确定该信息,这样就可以通过DHCP中继服务器在步骤12对用户进行认证和合法性检查,从而隔离非法用户。It should be noted that if the embodiment in Figure 2 is adopted, in order to authenticate and check the validity of the user in step 12, it is necessary to add user identification information to the message sent by the user terminal in step 11. The method determines the information, so that the user can be authenticated and legally checked by the DHCP relay server in step 12, thereby isolating illegal users.

Claims (2)

1, a kind of broadband network access method comprises:
(1) the two layer access device of user terminal in network send the DHCP request message, and two layers of access device in the network are transmitted to the DHCP relay server with the DHCP request message: described DHCP is a DHCP;
(2) after the DHCP relay server is received the DHCP request message of user terminal, according to message the user is authenticated and validity checking, pass through if check, be given to Dynamic Host Configuration Protocol server in the DHCP request message with this user terminal, change step (3) then, otherwise abandon the DHCP request message of this user terminal, stop this user's network insertion;
(3) after Dynamic Host Configuration Protocol server is received the DHCP request message of user terminal, be this user terminal distributing IP address, and netinit information such as IP address are documented in the dhcp response message, issue the DHCP relay server;
(4) the DHCP relay server is transmitted to user terminal with the dhcp response message of the Dynamic Host Configuration Protocol server received, and user terminal obtains to distribute to IP address and then the access network of oneself;
It is characterized in that: when the two layer access device of user terminal in network send the DHCP request message, two layers of access device add virtual network (VLAN) label in the DHCP request message, two layers of access device of this VLAN tag identifier insert the virtual network sign (VLANID) of user port.
2, the cut-in method of broadband network according to claim 1 is characterized in that: the described user authentication with validity checking according to message of step (2) undertaken by the VLANID in the DHCP request message.
CNB021178038A 2002-05-15 2002-05-15 Broadband network access method Expired - Fee Related CN1248447C (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CNB021178038A CN1248447C (en) 2002-05-15 2002-05-15 Broadband network access method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CNB021178038A CN1248447C (en) 2002-05-15 2002-05-15 Broadband network access method

Publications (2)

Publication Number Publication Date
CN1458761A CN1458761A (en) 2003-11-26
CN1248447C true CN1248447C (en) 2006-03-29

Family

ID=29426694

Family Applications (1)

Application Number Title Priority Date Filing Date
CNB021178038A Expired - Fee Related CN1248447C (en) 2002-05-15 2002-05-15 Broadband network access method

Country Status (1)

Country Link
CN (1) CN1248447C (en)

Families Citing this family (22)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN100334855C (en) * 2004-08-17 2007-08-29 杭州华为三康技术有限公司 Method to allocate protocol relay address table and server address pool for synchronization dynamic host machine
CN101141492B (en) * 2005-04-29 2014-11-05 华为技术有限公司 Method and system for implementing DHCP address safety allocation
CN100388739C (en) * 2005-04-29 2008-05-14 华为技术有限公司 Method and system for implementing DHCP address security allocation
CN1921496B (en) * 2005-08-24 2010-04-14 中兴通讯股份有限公司 A method for DHCP client to identify DHCP server
CN100435527C (en) * 2005-08-25 2008-11-19 广东省电信有限公司研究院 Method for realizing efficient video multicasting in ethernet passive optical entwork system
CN1889572B (en) * 2006-07-27 2010-06-09 杭州华三通信技术有限公司 Internet protocol address distributing method and dynamic main machine configuration protocol relay
CN101127600B (en) * 2006-08-14 2011-12-07 华为技术有限公司 A method for user access authentication
CN101127630B (en) * 2006-08-15 2017-04-12 华为技术有限公司 Method, device and system for managing object instant
CN101145907B (en) * 2006-09-11 2010-05-12 华为技术有限公司 Method and system for realizing user authentication based on DHCP
CN101174952B (en) * 2006-10-31 2010-05-19 中兴通讯股份有限公司 Automatic authentication method and device for IPTV service
CN101355474B (en) 2007-07-25 2010-09-08 华为技术有限公司 Method and device for requesting and allocating connection point addresses
CN101179604B (en) * 2007-11-27 2011-08-24 华为技术有限公司 Method, device and system for assigning MAC addresses
CN101924800B (en) * 2009-06-11 2015-03-25 华为技术有限公司 Method for obtaining IP address of DHCPv6 server, DHCPv6 server and DHCPv6 communication system
CN101577738B (en) * 2009-06-25 2011-08-31 杭州华三通信技术有限公司 Address distribution method and equipment thereof
CN102055637B (en) * 2009-11-03 2015-06-03 中兴通讯股份有限公司 Wide band network system and realizing method thereof
WO2012106883A1 (en) * 2011-07-12 2012-08-16 华为技术有限公司 Method, apparatus and system for initial deployment of layer 2 network device
CN103856416B (en) * 2012-12-06 2017-04-12 华为技术有限公司 Network access method, device and system
CN104184615A (en) * 2014-08-07 2014-12-03 惠州学院 Network management system and network management method for laboratory on campus
CN105187400B (en) * 2015-08-12 2018-04-27 莱诺斯科技(北京)股份有限公司 A kind of mobile terminal safety guard system and safety protecting method
CN108616884B (en) * 2016-11-30 2022-01-07 上海掌门科技有限公司 Method and apparatus for wireless access point connection
CN107708200A (en) * 2017-08-21 2018-02-16 上海源岷投资管理有限公司 One kind is used for rural multi-user's biogas data collection radio base station equipment and method
CN107743046A (en) * 2017-08-21 2018-02-27 上海源岷投资管理有限公司 The radio relay station device and method of a kind of data acquisition for rural biogas

Also Published As

Publication number Publication date
CN1458761A (en) 2003-11-26

Similar Documents

Publication Publication Date Title
CN1248447C (en) Broadband network access method
CN1129272C (en) Virtual local area network access method in ethernet access network
CN100388739C (en) Method and system for implementing DHCP address security allocation
US9237147B2 (en) Remote access manager for virtual computing services
CN1411210A (en) Method of acting address analytic protocol Ethernet Switch in application
CN100490377C (en) Method and arrangement for preventing illegitimate use of IP addresses
CN1167227C (en) Virtual Local Area Network Access Method in Fiber-Coaxial Hybrid Access Network
CN1233135C (en) Method for preventing IP address deceit in dynamic address distribution
CN100546304C (en) A method and system for improving network dynamic host configuration DHCP security
CN101110847B (en) Method, device and system for obtaining medium access control address
CN1487696A (en) A kind of intelligent terminal management method
US20080192751A1 (en) Method and system for service provision
CN101064714A (en) Service dispensing method
CN1184776C (en) Method for the point-to-point protocol log-on user to obtain Internet protocol address
JP4161791B2 (en) Inter-device authentication system, inter-device authentication method, communication device, and computer program
WO2021121040A1 (en) Broadband access method and apparatus, device, and storage medium
CN101141492B (en) Method and system for implementing DHCP address safety allocation
CN1832458A (en) Method and access node for implementing application server functionality
WO2008151548A1 (en) A method and apparatus for preventing the counterfeiting of the network-side media access control (mac) address
CN1309213C (en) Network access anthentication method for improving network management performance
CN1859440A (en) Method for distributing service based on terminal mark
CN101043465A (en) Dynamic host configuration protocol service managing method and system thereof
CN1458760A (en) Safe access method for borad band network
CN111835764A (en) An ARP anti-spoofing method, tunnel endpoint and electronic device
CN115278373A (en) Internet TV networking method and system

Legal Events

Date Code Title Description
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20060329

Termination date: 20180515

CF01 Termination of patent right due to non-payment of annual fee