WO2018103665A1 - L2tp-based device management method, apparatus and system - Google Patents

L2tp-based device management method, apparatus and system Download PDF

Info

Publication number
WO2018103665A1
WO2018103665A1 PCT/CN2017/114824 CN2017114824W WO2018103665A1 WO 2018103665 A1 WO2018103665 A1 WO 2018103665A1 CN 2017114824 W CN2017114824 W CN 2017114824W WO 2018103665 A1 WO2018103665 A1 WO 2018103665A1
Authority
WO
WIPO (PCT)
Prior art keywords
lns
tunnel
unavailable
interface
tunnel interface
Prior art date
Application number
PCT/CN2017/114824
Other languages
French (fr)
Chinese (zh)
Inventor
朱筠
Original Assignee
华为技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 华为技术有限公司 filed Critical 华为技术有限公司
Publication of WO2018103665A1 publication Critical patent/WO2018103665A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/40Network security protocols
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • H04L12/4633Interconnection of networks using encapsulation techniques, e.g. tunneling
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • H04L12/4641Virtual LANs, VLANs, e.g. virtual private networks [VPN]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L47/00Traffic control in data switching networks
    • H04L47/10Flow control; Congestion control
    • H04L47/12Avoiding congestion; Recovering from congestion
    • H04L47/125Avoiding congestion; Recovering from congestion by balancing the load, e.g. traffic engineering
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0892Network architectures or network communication protocols for network security for authentication of entities by using authentication-authorization-accounting [AAA] servers or protocols

Definitions

  • the embodiments of the present invention relate to the field of network technologies, and in particular, to a device management method, device, and system based on L2TP.
  • VPDN Virtual Private Dial-up Network
  • L2TP Layer 2 Tunneling Protocol
  • LNS L2TP Network Server
  • the LAC is used to initiate a tunnel establishment request to the LNS.
  • the LNS is used to receive the LAC.
  • the tunnel establishment request sends a setup response to the LAC. After receiving the setup response sent by the LNS, the LAC can successfully establish an L2TP tunnel to the LNS.
  • FIG. 1A is a network architecture diagram of an L2TP protocol.
  • the network architecture of the L2TP protocol generally includes an LAC side 10 and an LNS side 20.
  • the LAC side 10 includes multiple LAC11 and AAA (Authentication, Authorization, Accounting, Authentication, and Accounting) servers 12, and the AAA server 12 is connected to the multiple LACs 11 to provide authentication, authorization, and accounting for each LAC11.
  • the LNS side 20 includes a plurality of LNSs 21.
  • each LNS 21 can include at least one tunnel interface through which an L2TP tunnel can be established.
  • a tunnel interface is a logical interface or a physical interface created by the LNS to establish an L2TP tunnel.
  • a loopback interface can be used as the source address or destination address of an L2TP tunnel.
  • the AAA server 12 can obtain the identifier of at least one tunnel interface included in each LNS 21 of the LNS side 20, obtain the identifiers of the multiple tunnel interfaces, and store the identifiers of the multiple tunnel interfaces in the In the interface information list.
  • the identifier of each tunnel interface is used to indicate a tunnel interface and an LNS to which the tunnel interface belongs.
  • the AAA server 12 can send the interface information list to the LAC11, and the LAC11 can select the LNS21 and the tunnel interface for establishing the tunnel based on the multiple tunnel interface information in the interface information list. And initiate a tunnel establishment request to the selected LNS21. After receiving the request of the LAC11, the selected LNS21 can establish an L2TP tunnel from the selected tunnel interface to the LAC11.
  • the LAC sends the LNS and the tunnel interface of the LNS based on the interface information list.
  • the LNS or tunnel interface may not meet the working requirements, and the selected LNS cannot establish a tunnel or establish a poor tunnel quality after receiving the tunnel request. Therefore, there is a need for an L2TP-based device management method to prevent the LAC from selecting an LNS or tunnel interface that does not meet the operational requirements.
  • an embodiment of the present invention provides a device management method, device, and system based on L2TP.
  • the technical solution is as follows:
  • the first aspect provides an L2TP-based device management method, which is applied to a controller, where the controller is connected to multiple LNSs on the LNS side of the L2TP network server, and the controller and the L2TP access concentrator LAC side are respectively connected.
  • Authentication and authorization and accounting AAA server connection the method includes:
  • the device information including device identifiers and device state information corresponding to the LNS;
  • the AAA server And sending, by the AAA server, a first notification message, where the first notification message carries an identifier of the tunnel interface of the unavailable LNS, where the first notification message is used to notify the AAA server to use the tunnel of the unavailable LNS.
  • the ID of the interface is removed from the list of stored interface information.
  • a controller is introduced between the LAC side and the LNS side, and the controller can monitor the device of each LNS on the LNS side by receiving device information of each LNS from multiple LNSs on the LNS side.
  • the first notification message of the identifier of the tunnel interface carrying the unavailable LNS is sent to the AAA server on the LAC side to notify the AAA server that the LNS is unavailable.
  • the identifier of the tunnel interface is deleted from the stored interface information list, and the updated interface information list is obtained.
  • the LNS corresponding to the identifier of all the tunnel interfaces included in the updated interface information list is available, and each tunnel interface of the available LNS is also available, because the updated interface information list has deleted the identifier of the tunnel interface of the LNS. Available, therefore, when the LAC selects the LNS and the tunnel interface based on the updated interface information list, any LNS and any tunnel interface selected are also available, thereby solving the problem that the selected LNS or tunnel interface may not meet the working conditions.
  • the problem that the tunnel cannot be established or the quality of the established tunnel is poor, and the success rate and stability of the tunnel establishment are improved.
  • the device status information includes at least one of fault information, CPU utilization of the central processing unit, memory usage, total traffic of the outbound interface carrying the L2TP tunnel, and the total amount of users of the total bearer;
  • the target LNS is determined to be an unavailable LNS, and the target LNS is any one of the plurality of LNSs;
  • the target LNS is determined to be an unavailable LNS
  • the identifier of the tunnel interface of the unavailable LNS refers to the label of all the tunnel interfaces of the unavailable LNS. knowledge.
  • the controller may determine each device status information based on the fault information of each LNS, the CPU usage of the central processing unit, the memory usage, the total traffic of the outbound interface carrying the L2TP tunnel, and the total amount of users. Whether the LNSs are available, and the identifiers of all tunnel interfaces of the unavailable LNS are used as the identifiers of the tunnel interfaces of the unavailable LNSs that need to be deleted.
  • the AAA server is notified to delete the identifier of all the tunnel interfaces of the LNS from the interface information list, so that the LNS fault state is quickly perceived and avoided.
  • the LAC still sends a tunnel establishment failure request to the LNS.
  • the AAA server When the at least one of the CPU usage, the memory usage, the total traffic of the outbound interface carrying the L2TP tunnel, and the total number of users of the total bearer is greater than the threshold, the AAA server is notified to identify the identifiers of all the tunnel interfaces of the LNS.
  • the LNS load status is quickly deleted, and some LNSs that are in the live network are overloaded. Some LNS access users are very small. This LNS load is unbalanced and resource allocation is not. Reasonable problems, thus ensuring the balance of LNS load and improving the stability of tunnel establishment.
  • the method further includes:
  • An identifier of all tunnel interfaces is used to notify the AAA server to add an identifier of all tunnel interfaces of the available LNS in the interface information list.
  • the second notification message may be sent to the AAA server, indicating that the AAA server will restore the identifier of the tunnel interface that is restored to the available LNS. To the list of interface information. In this way, the LNS after the problem is removed can be re-introduced into the L2TP network to share the load and achieve the purpose of balancing the load.
  • the device information further includes identifiers and tunnel interface state information corresponding to at least one tunnel interface included in the LNS;
  • the first notification message carries an identifier of the unavailable tunnel interface in the unavailable LNS, and the first notification message is used to notify the AAA server to identify the identifier of the unavailable tunnel interface in the unavailable LNS.
  • the list of stored interface information is deleted.
  • the tunnel interface state information includes at least one of a quantity of users carried by the corresponding tunnel and a traffic of the tunnel interface;
  • the determining, according to the identifier of the at least one tunnel interface and the tunnel interface state information included in the device information of each of the plurality of LNSs, determining that an unavailable tunnel interface exists in the multiple LNSs LNS including:
  • the target tunnel interface is determined as An unavailable tunnel interface in the LNS, and determining the LNS as an LNS having an unavailable tunnel interface, where the target tunnel is connected
  • the interface is any one of the at least one tunnel interface included in the LNS;
  • the controller may also monitor the state of each tunnel interface in the at least one tunnel interface included in the LNS.
  • the tunnel interface may be used.
  • the tunnel interface is determined to be unavailable, and the AAA server is instructed to remove the identifier of the unavailable tunnel interface from the interface information list. In this way, for each LNS, only the overloaded tunnel interface in the LNS can be excluded, and the tunnel interface that is not overloaded is still retained, which realizes load balancing on the tunnel interface granularity and improves the accuracy.
  • the method further includes:
  • the third notification message may also be sent to the AAA server, indicating that the AAA server will restore the identifier of the available tunnel interface. To the list of interface information. In this way, the tunnel interface after the problem is re-introduced into the L2TP network to share the load and achieve load balancing on the tunnel interface granularity.
  • the receiving device information from each of the plurality of LNSs includes:
  • Device information from each of the plurality of LNSs is received through a Simple Network Management Protocol SNMP.
  • SNMP Simple Network Management Protocol
  • the device information of multiple LNSs on the LNS side is obtained by using NETCONF or SNMP, and the accuracy and efficiency of acquiring LNS device information are improved.
  • the method before the sending the first notification to the AAA server, the method further includes:
  • the sending the first notification message to the AAA server includes:
  • a Radius connection may be established between the controller and the AAA server, and the first notification message is sent to the AAA server by using the Radius connection, that is, the interaction of the notification message between the controller and the AAA server is implemented based on the Radius protocol.
  • the second aspect provides a device management method based on the Layer 2 Tunneling Protocol (L2TP), which is characterized in that, in the AAA server for authentication and authorization and accounting, the AAA server and the controller and the L2TP access concentrator LAC side
  • the LACs are respectively connected, and the controllers are respectively connected to multiple LNSs on the LNS side of the L2TP network server.
  • the method includes:
  • the controller Receiving, by the controller, a first notification message, where the first notification message carries an identifier of a tunnel interface of an unavailable LNS, and the first notification message is used by the controller based on each of the multiple LNSs
  • the device information of the LNS is sent when the unavailable LNS in the multiple LNSs is determined, and the device information includes the device identifier corresponding to the LNS. And device status information;
  • the identifier of the tunnel interface of the unavailable LNS is deleted from the stored interface information list.
  • the deleting the identifier of the tunnel interface of the unavailable LNS from the stored interface information list includes:
  • the identifiers of all the tunnel interfaces in the unavailable LNS are deleted from the stored interface information list.
  • the method further includes:
  • the unavailable LNS is sent when the problem is restored to an available LNS after the problem is eliminated;
  • the deleting the identifier of the tunnel interface of the unavailable LNS from the stored interface information list includes:
  • the identifier of the unavailable tunnel interface in the unavailable LNS is deleted from the stored interface information list, where the first notification message is deleted. Determining, by the controller, the LNS of the unavailable tunnel interface in the plurality of LNSs based on the identifier of the at least one tunnel interface and the tunnel interface state information included in the device information of each of the plurality of LNSs send.
  • the method further includes:
  • the method further includes:
  • the updated interface information list is sent to the LAC, and the LAC is instructed to select the LNS and the tunnel based on the updated interface information list. Tunnel interface.
  • a controller having a function of implementing the L2TP-based device management method in the above first aspect.
  • the controller includes at least one module for implementing the L2TP-based device management method provided by the above first aspect.
  • an authentication authorization and accounting AAA server is provided, and the AAA server has a function of implementing the L2TP-based device management method in the second aspect.
  • the AAA server includes at least one module for implementing the L2TP-based device management method provided by the second aspect above.
  • a controller comprising a processor and a memory.
  • the memory is configured to store a program supporting the controller to execute the L2TP-based device management method, and to store data related to implementing the L2TP-based device management method, where the data may be device information of the LNS, an identifier of the tunnel interface, or the like.
  • the processor is configured to execute a program stored in the memory.
  • the controller can also include a communication bus for establishing a connection between the processor and the memory.
  • an authentication and accounting and accounting AAA server includes a processor and a memory.
  • the memory is configured to store a program that supports the controller to execute the L2TP-based device management method, and store data related to implementing the L2TP-based device management method, where the data may be a tunnel interface identifier, an interface information list, or the like.
  • the processor is configured to execute a program stored in the memory.
  • the AAA server can also include a communication bus for establishing a connection between the processor and the memory.
  • an embodiment of the present invention provides a computer storage medium for storing computer software instructions used by the controller, or storing a program involved in executing the controllers of the first aspect and the third aspect.
  • an embodiment of the present invention provides a computer storage medium for storing computer software instructions used by the AAA server, or storing a program related to the AAA server for performing the second and fourth aspects.
  • the embodiment of the present invention provides an L2TP-based device management system, where the device management system includes a controller, an L2TP access concentrator LAC side, and an L2TP network server LNS side, where the LAC side includes an authentication authorization and a meter.
  • a controller is introduced between the LAC side and the LNS side, and the controller may determine, according to the device information of each LNS in the multiple LNSs on the LNS side, the unavailable LNS in the multiple LNSs, and
  • the AAA server on the LAC sends a first notification message to notify the AAA server to delete the identifier of the tunnel interface of the unavailable LNS from the stored interface information list, and obtain the updated interface information list.
  • the LNS corresponding to the identifier of all the tunnel interfaces included in the updated interface information list is available, and each tunnel interface of the available LNS is also available, because the updated interface information list has deleted the identifier of the tunnel interface of the LNS.
  • any LNS and any tunnel interface selected are also available, thereby solving the problem that the selected LNS or tunnel interface may not meet the working conditions.
  • the problem that the tunnel cannot be established or the quality of the established tunnel is poor, and the success rate and stability of the tunnel establishment are improved.
  • 1A is a network architecture diagram of an L2TP protocol according to an embodiment of the present invention.
  • 1B is a network architecture diagram of another L2TP protocol according to an embodiment of the present invention.
  • 1C is a network architecture diagram of another L2TP protocol according to an embodiment of the present invention.
  • 1D is a network architecture diagram of another L2TP protocol according to an embodiment of the present invention.
  • FIG. 1E is a schematic structural diagram of a hardware of a controller according to an embodiment of the present invention.
  • 1F is a schematic structural diagram of hardware of an AAA server according to an embodiment of the present invention.
  • FIG. 2 is a flowchart of a device management method based on L2TP according to an embodiment of the present invention
  • FIG. 3 is a schematic structural diagram of a controller according to an embodiment of the present invention.
  • FIG. 4 is a schematic structural diagram of an AAA server according to an embodiment of the present invention.
  • An L2TP-based device management method provided by an embodiment of the present invention is applied to a network of an L2TP protocol.
  • FIG. 1B is a network architecture diagram of another L2TP protocol according to an embodiment of the present invention.
  • the network architecture of the L2TP protocol includes an LAC side 10, an LNS side 20, and a controller 30.
  • the LAC side 10 includes a plurality of LACs 11 and AAA servers 12, and the LNS side 20 includes a plurality of LNSs 21, and the controller 30 is connected to the AAA server 12 and the plurality of LNSs 21 of the LNS side 20, respectively.
  • the LNS side 20 may also include an AAA server (not shown in FIG. 1B).
  • the AAA server of the LNS side 20 is separately connected to the plurality of LNSs 21 for providing authentication, authorization, and accounting services for the respective LNSs 21.
  • the LAC may be a device of the telecommunication carrier, for example, a network access server (NAS) of the telecommunication carrier
  • the LNS may be a device of the telecommunication carrier or a device of the enterprise client, for example,
  • the router or the server of the telecommunications carrier is not limited in this embodiment of the present invention.
  • the user equipment can access the LAC11 through the access network of the service provider, and then connect to the remote LNS 21 through the L2TP tunnel.
  • the user equipment can send a dialing request to the LAC11 by dialing.
  • the LAC11 receives the dialing request, it can send an online request to the AAA server on the LAC side.
  • the dialing request can carry the user account entered by the user. Password, etc.
  • the embodiment of the present invention introduces a controller 30 between the LAC side 10 and the LNS side 20 based on the network architecture of the existing L2TP protocol shown in FIG. 1A.
  • the controller 30 is configured to monitor the device status of the plurality of LNSs 21 on the LNS side 20, and send a notification message to the AAA server 12 according to the device status of each LNS 21, indicating whether each LNS 21 is available, and whether the identifier of the tunnel interface of each LNS 21 can be It is sent to the LAC11 of the LAC side 10.
  • the controller 30 is configured to receive device information from each of the plurality of LNSs 21 on the LNS side, where the device information includes device identifiers and device state information corresponding to the LNS 21; and each LNS21 according to the plurality of LNSs 21
  • the device information determines the unavailable LNS 21 of the plurality of LNSs 21; and sends a first notification message to the AAA server 12 on the LAC side, where the first notification message carries the identifier of the tunnel interface of the unavailable LNS.
  • the AAA server 12 is configured to receive the first notification message sent by the controller 30, and delete the identifier of the tunnel interface of the unavailable LNS 21 from the stored interface information list according to the first notification message; when receiving the LAC10 side When any online request sent by the LAC11 is sent, the updated interface information list is sent to the LAC11.
  • the LAC 11 is configured to receive the updated interface information list sent by the AAA server 12, select an LNS21 and a tunnel interface for establishing an L2TP tunnel based on the updated interface information list, and send a tunnel establishment request to the selected LNS 21, the tunnel establishment request.
  • the identifier carrying the selected tunnel interface.
  • the selected LNS 21 is configured to send a setup response to the LAC 11 when the tunnel establishment request sent by the LAC 11 is received, to establish an L2TP tunnel to the LAC 11 through the selected tunnel interface.
  • the controller 30 and each LNS 21 can be connected through a wired network or a wireless network. Further, a specified network management protocol connection may be established between the controller 30 and each LNS 21, so that the controller 30 acquires device information of each LNS 21 through the specified network management protocol.
  • the specified network management protocol may be a NETCONF (Network Configuration Protocol) or an SNMP (Simple Network Management Protocol).
  • NETCONF and SNMP will be further described in detail:
  • the controller 30 establishes a NETCONF connection with each LNS 21, and acquires device information of each LNS 21 through NETCONF.
  • NETCONF is a network configuration and management protocol based on XML (Extensible Markup Language), which can manage the configuration information and status information of network devices. It specifically uses XML as the encoding method of configuration data and protocol messages, and uses C/S (client/server) mode to obtain management information of the device.
  • XML Extensible Markup Language
  • the controller 30 can establish a NETCONF connection through a schema or a yang interface, where both schema and yang belong to a data modeling language in XML.
  • the NETCONF management terminal can be configured in the controller 30, and the NETCONF agent is configured in each LNS 21.
  • the controller 30 obtains the device information of the NETCONF agent in a remote procedure call manner through the configured NETCONF management terminal.
  • the NETCONF management terminal can obtain the device information of each NETCONF proxy by using the get command or the get-config command.
  • the controller 30 establishes an SNMP connection with each LNS 21, and acquires device information of each LNS 21 through SNMP.
  • SNMP is a network management standard protocol widely used in TCP/IP (Transmission Control Protocol/Internet Protocol) networks. It can support network management systems to monitor whether devices connected to the network cause any management. The situation of concern.
  • an SNMP manager can be configured in the management terminal controller 30, and an SNMP agent (Agent) is configured in each managed terminal LNS21. The manager is used to run a hypervisor, and the agent is used to run an agent.
  • the controller 30 can actively obtain the device information of the corresponding LNS from the agents configured in the respective LNSs through the configured Manager. For example, the controller 30 can periodically query the device information of the corresponding LNS from the agents configured in the respective LNSs through the configured Manager.
  • each LNS can report the current device information to the Manager in time through the configured Agent. For example, the LNS can report fault information to the Manager through the configured agent when the device is faulty.
  • the controller 30 assumes the function of the NETCONF management terminal in the implementation manner of using NETCONF.
  • the controller 30 assumes the function of part of the SNMP management terminal, that is, The controller 30 assumes part of the functions of the network management system, and can manage and maintain the device information of the plurality of LNSs 21 in the LNS side 20.
  • controller 30 and the AAA server 12 can also be connected through a wired network or a wireless network.
  • the controller 30 can establish a Radius (Remote Authentication Dial In User Service) connection with the AAA server 12 to send a notification message to the AAA server 12 through the Radius connection to notify each LNS 21. Whether the tunnel interface is available.
  • Radius Remote Authentication Dial In User Service
  • the network architecture of the L2TP protocol may further include an LTS (L2TP Tunnel Switch), and the LTS can serve as a tunnel intermediate switching node, and has the functions of the LAC and the LNS. That is, the LTS can be used as the LNS of the LAC to receive the tunnel establishment request sent by the LAC, establish an L2TP tunnel, or act as an LNS LAC to send a tunnel establishment request to the LNS to request to establish an L2TP tunnel.
  • LTS L2TP Tunnel Switch
  • FIG. 1C is a network architecture diagram of another L2TP protocol according to an embodiment of the present invention.
  • the network architecture of the L2TP protocol includes an LAC side 10, an LTS side 40, an LNS side 20, and a controller 30.
  • the LAC side 10 includes multiple LACs 11 and AAA servers 12, and the AAA server 12 is connected to the multiple LACs 11 to provide authentication, authorization, and accounting services for each LAC11.
  • the LTS side 40 includes a plurality of LTSs 41 and AAA servers 42, and the AAA server 41 is separately connected to the plurality of LTSs 41 for providing authentication, authorization, and billing services for the respective LTSs 41;
  • the LNS side 20 includes a plurality of LNSs 21.
  • the controller 30 is connected to the AAA server 12 of the LAC side 10, and is connected to the plurality of LTSs 41 of the LTS side 40.
  • the LTS 41 of the plurality of LTSs 41 can be determined according to the device information of each LTS 41 of the plurality of LTSs 41, and
  • the identity of the tunnel interface of the unavailable LTS 41 is sent to the AAA server 12 of the LAC side 10 so that the AAA server 12 updates the stored list of LTS interface information according to the identity of the tunnel interface of the unavailable LTS 41.
  • the controller 30 is also connected to the AAA server 42 of the LTS side 40 and connected to the plurality of LNSs 21 of the LNS side 20, and can determine that the plurality of LNSs 21 are unavailable based on the device information of each of the plurality of LNSs 21
  • the LNS 21 transmits the identity of the tunnel interface of the unavailable LNS 21 to the AAA server 42 of the LTS side 40 so that the AAA server 42 updates the stored LNS interface information list according to the identity of the tunnel interface of the unavailable LNS 21.
  • FIG. 1D is a network architecture diagram of another L2TP protocol according to an embodiment of the present invention.
  • the controller 31 is connected to the AAA server 12 on the LAC side, and is connected to multiple LTSs 41 on the LTS side 40 for LTS-based.
  • the device information of the plurality of LTSs 41 in the side 40 notifies the AAA server 12 of the LAC side 10 to update the stored LTS interface information list.
  • the controller 32 is connected to the AAA server 42 of the LTS side 40, and is connected to the plurality of LNSs 21 of the LNS side 20, respectively, for notifying the AAA server 42 of the LTS side 40 to update the storage based on the device information of the plurality of LNSs 21 in the LNS side 20.
  • LNS interface information list is connected to the AAA server 42 of the LTS side 40, and is connected to the plurality of LNSs 21 of the LNS side 20, respectively, for notifying the AAA server 42 of the LTS side 40 to update the storage based on the device information of the plurality of LNSs 21 in the LNS side 20.
  • FIG. 1E is a schematic diagram showing the hardware structure of a controller according to an embodiment of the present invention.
  • the controller may include a communication bus 131, a memory 132, a transmitter 133, a receiver 134, and a processor 135, and the memory 132, Transmitter 133, receiver 134 and processor 135 can communicate over communication bus 131.
  • the transmitter 133 and the receiver 134 are configured to communicate with other network devices.
  • the controller 30 can communicate with multiple LNSs on the LNS side through the receiver 134 to obtain device information of each LNS.
  • the shooter 133 communicates with the AAA server on the LAC side, and transmits a notification message to the AAA server.
  • the memory 132 is configured to store a program
  • the processor 135 is configured to invoke a program stored in the memory 132 to implement the L2TP-based device management method.
  • processor 135 may be an integrated circuit chip with signal processing capability. In the implementation process, the above steps may be completed by an integrated logic circuit of hardware in the processor or an instruction in the form of software. These instructions can be implemented and controlled by the processor in them.
  • the processor may also be a general purpose processor, a digital signal processor (DSP), an application-specific integrated circuit (ASIC), a field programmable gate array (FPGA) or the like. Programmable logic devices, discrete gates or transistor logic devices, discrete hardware components.
  • the above general purpose processor may be a microprocessor or may be any conventional processor, decoder or the like.
  • the steps of the method disclosed in the embodiments of the present invention may be directly implemented as a hardware processor, or may be performed by a combination of hardware and software modules in the processor.
  • the software module can be located in a conventional storage medium such as random access memory, flash memory, read only memory, programmable read only memory or electrically erasable programmable memory, registers, and the like.
  • the transmitter 133 and the receiver 134 may be separate hardware or integrated into the controller as a whole, as the transmitter 133 and the receiver 134 may be integrated into one transceiver.
  • the controller can also include a communication interface for supporting communication of the controller with other network devices.
  • the communication bus 131 includes a power bus, a control bus, and a status signal bus in addition to the data bus. However, for clarity of description, various buses are labeled as communication bus 131 in FIG. 1E.
  • the controller may also configure a management end of the network management protocol, such as a NETCONF management terminal or an SNMP management terminal, to receive device information of multiple LNSs from the LNS side through a corresponding network management protocol.
  • a management end of the network management protocol such as a NETCONF management terminal or an SNMP management terminal
  • FIG. 1F is a schematic diagram showing the hardware structure of an AAA server according to an embodiment of the present invention.
  • the controller may include a communication bus 231, a memory 232, a transmitter 233, a receiver 234, and a processor 235, and the memory 232, Transmitter 233, receiver 234, and processor 235 can communicate over communication bus 231.
  • the transmitter 233 and the receiver 234 are configured to communicate with other network devices, for example, the AAA server can communicate with the controller through the receiver 234 to obtain a notification message sent by the controller; or through the transmitter 233 and the LAC on the LAC side. Communicate and send a list of interface information to the LAC.
  • the AAA server can communicate with the controller through the receiver 234 to obtain a notification message sent by the controller; or through the transmitter 233 and the LAC on the LAC side. Communicate and send a list of interface information to the LAC.
  • the memory 132 is configured to store a program
  • the processor 135 is configured to invoke a program stored in the memory 132 to implement the L2TP-based device management method.
  • processor 235 may be an integrated circuit chip with signal processing capability. In the implementation process, the above steps may be completed by an integrated logic circuit of hardware in the processor or an instruction in the form of software. These instructions can be implemented and controlled by the processor in them.
  • the processor may also be a general purpose processor, a digital signal processor (DSP), an application-specific integrated circuit (ASIC), a field programmable gate array (FPGA) or the like. Programmable logic devices, discrete gates or transistor logic devices, discrete hardware components.
  • the above general purpose processor may be a microprocessor or may be any conventional processor, decoder or the like.
  • the steps of the method disclosed in the embodiments of the present invention may be directly implemented as a hardware processor, or may be performed by a combination of hardware and software modules in the processor.
  • the software module can be located in a conventional storage medium such as random access memory, flash memory, read only memory, programmable read only memory or electrically erasable programmable memory, registers, and the like.
  • the transmitter 233 and the receiver 234 may be two separate hardwares, or may be integrated as a whole in the control plane node, for example, the transmitter 233 and the receiver 234 may be integrated into one transceiver.
  • the controller can also include a communication interface for supporting communication of the controller with other network devices.
  • the communication bus 231 includes a power bus, a control bus, and a status signal bus in addition to the data bus. However, for clarity of description, various buses are labeled as communication bus 231 in FIG. 1F.
  • FIG. 2 is a flowchart of a method for managing a device based on L2TP according to an embodiment of the present invention. The method is applied to the L2TP network architecture shown in FIG. 1B. Referring to FIG. 2, the method includes:
  • Step 201 The controller receives device information from each of the plurality of LNSs on the LNS side, where the device information includes device identifiers and device state information corresponding to the LNS.
  • the controller may establish a specified network management protocol connection with multiple LNSs on the LNS side, and receive device information of multiple LNSs by using a specified network management protocol.
  • the specified network management protocol can be NETCONF or SNMP.
  • the implementation manner of receiving device information from each of the plurality of LNSs on the LNS side includes at least one of: receiving, by the NETCONF, device information from each of the plurality of LNSs on the LNS side; Alternatively, device information from each of the plurality of LNSs on the LNS side is received through SNMP.
  • NETCONF and SNMP are both well-developed network management protocols, which can monitor and manage device information of network devices. Therefore, by using NETCONF or SNMP to receive device information of multiple LNSs on the LNS side, the LNS is improved. Accuracy and efficiency of device information.
  • the device information of each LNS may include device identifiers and device state information corresponding to the LNS.
  • the device identifier of the LNS may be the factory serial number of the LNS, the MAC (Media Access Control) address, the IP address of the device, and the like. The embodiment of the present invention does not limit this.
  • the device status information of the LNS may include at least one of fault information, CPU (Central Processing Unit) utilization, memory usage, total traffic of the outbound interface carrying the L2TP tunnel, and the total amount of users of the total bearer.
  • the fault information is used to indicate that the LNS is in a fault state.
  • the CPU usage, the memory usage, the total traffic of the outbound interface carrying the L2TP tunnel, and the total number of users of the L2TP tunnel are the load information of the LNS, which is used to indicate the load status of the LNS.
  • the device status information of the LNS may also include information that can reflect the status of other devices of the LNS, which is not limited by the embodiment of the present invention.
  • the controller can monitor the fault status and the whole load status of each LNS on the LNS side, so that the fault problem of the device and the load capacity of the whole device can be quickly presented, and the existing network is solved.
  • Step 202 The controller determines, according to device information of each LNS in the multiple LNSs, an unavailable LNS in the multiple LNSs.
  • the first mode is: when the device information of each LNS includes the device identifier and the device state information of the LNS, the unavailable LNS in the multiple LNSs is determined according to the device state information of each LNS in the multiple LNSs.
  • the manner of determining the unavailable LNS in the plurality of LNSs according to the device state information of each of the plurality of LNSs includes at least one of the following manners: when the fault information exists in the device state information of the target LNS, the target is The LNS is determined to be an unavailable LNS, and the target LNS is any one of the plurality of LNSs; when the CPU utilization of the target LNS is greater than a first preset threshold, the target LNS is determined to be an unavailable LNS; when the target LNS is When the memory usage is greater than the second preset threshold, the target LNS is determined to be an unavailable LNS; and when the total traffic of the outbound interface of the L2TP tunnel of the target LNS is greater than a third preset threshold, the target LNS is determined to be unavailable. LNS; when the amount of users of the total bearer of the target LNS is greater than a fourth preset threshold, the target LNS is determined to be an unavailable LNS.
  • the fault information of the LNS is used to indicate that the LNS is in the fault state, that is, the LNS is faulty, and the L2TP tunnel cannot be successfully established. Therefore, when there is fault information in the device status information of the target LNS, The target LNS is determined to be an unavailable LNS.
  • the total traffic of the outbound interface that carries the L2TP tunnel is the sum of the traffic of the outbound interface that carries the L2TP tunnel in the target LNS, and is used to indicate the bandwidth occupied by the L2TP tunnel service.
  • the total number of users of the total bearer refers to the sum of the users carried by the tunnels corresponding to all the tunnel interfaces included in the target LNS.
  • the first preset threshold, the second preset threshold, the third preset threshold, and the fourth preset threshold may all be set according to the load capacity of the specific LNS, and the preset threshold may be set by the controller, and may be performed by each LNS.
  • the setting may also be set by the controller and the corresponding LNS, which is not limited by the embodiment of the present invention.
  • the information about the CPU usage, the memory usage, the total traffic of the outbound interface carrying the L2TP tunnel, and the total number of users of the L2TP tunnel are the load information of the LNS, which is used to indicate the load status of the LNS.
  • the load information of the LNS which is used to indicate the load status of the LNS.
  • the embodiment of the present invention only determines whether the target LNS is in an overload state according to the foregoing load factors and corresponding preset thresholds, and further determines whether the target LNS is available as an example.
  • the load status of the LNS may be comprehensively analyzed in combination with any of the above load factors, or the LNS may be in an overload state according to other factors indicating the load capacity of the whole machine. The embodiment does not limit this.
  • the second mode when the device information further includes the identifier of the at least one tunnel interface and the tunnel interface state information of the LNS, the identifier of the at least one tunnel interface included in the device information of each LNS in the multiple LNSs
  • the tunnel interface status information is determined, and the LNSs of the plurality of LNSs having the unavailable tunnel interfaces are determined, and the LNSs of the plurality of LNSs having the unavailable tunnel interfaces are determined as the unavailable LNSs of the plurality of LNSs.
  • the LNS may include at least one tunnel interface, and each tunnel interface refers to a logical interface or a physical interface created by the LNS for establishing an L2TP tunnel, and may be a lookback (loopback interface) or the like.
  • the tunnel interface address can be used as the source or destination address of the L2TP tunnel.
  • the controller may further determine whether the tunnel interface is located according to the tunnel interface state information of a tunnel interface in the LNS.
  • the tunnel interface In the overload state, when it is determined that the tunnel interface is in an overload state, the tunnel interface can no longer carry a new task, that is, the tunnel interface of the LNS is unavailable, and the LNS can no longer pass the tunnel interface. An L2TP tunnel is established. Therefore, an LNS with an unavailable tunnel interface can be determined as an unavailable LNS.
  • the tunnel interface state information may include at least one of a quantity of users carried by the corresponding tunnel and a traffic of the tunnel interface, and an identifier and a tunnel interface of the at least one tunnel interface included in the device information of each LNS in the multiple LNSs.
  • the status information, the manner of determining that the LNS of the plurality of LNSs has an unavailable tunnel interface includes at least one of the following manners:
  • the fifth preset threshold may be set according to a specific user threshold that can be assumed by the tunnel corresponding to each tunnel interface in the LNS, and the sixth preset threshold may be set according to a bandwidth threshold of each tunnel interface in the LNS, and the The fifth preset threshold and the sixth preset threshold may be set by the controller, may be set by the respective LNS, or may be set by the controller and the corresponding LNS, which is not limited by the embodiment of the present invention.
  • Step 203 The controller sends a first notification message to the AAA server on the LAC side, where the first notification message carries the identifier of the tunnel interface of the unavailable LNS.
  • the first notification message is used to notify the AAA server on the LAC side to delete the identifier of the tunnel interface of the unavailable LNS from the stored interface information list.
  • the LNS when the LNS is in a fault state or a full-load overload state, it indicates that the LNS cannot process a new tunnel establishment request. Therefore, all tunnel interfaces of the LNS are unavailable. The identifier of all tunnel interfaces of the LNS needs to be deleted.
  • the LNS may still receive the tunnel establishment request, but only through other interfaces. To establish an L2TP tunnel, that is, only the overloaded tunnel interface is unavailable, and other tunnel interfaces are still available. Simply delete the identifier of the overloaded tunnel interface. Therefore, the first notification message may include the following two implementation forms:
  • the identifier of the tunnel interface of the unavailable LNS carried in the first notification message is the identifier of all the tunnel interfaces of the unavailable LNS, and the first notification message is carried.
  • the AAA server used to notify the LAC side deletes the identifiers of all tunnel interfaces of the unavailable LNS from the stored interface information list.
  • the first notification message carries the identifier of the unavailable tunnel interface in the unavailable LNS, and is used to notify the AAA server on the LAC that the unavailable tunnel in the LNS is unavailable.
  • the ID of the interface is removed from the list of stored interface information.
  • the identifier of the tunnel interface may include the interface address of the tunnel interface, the tunnel identifier corresponding to the tunnel interface, and the device identifier of the LNS to which the tunnel interface belongs.
  • the identifier of the tunnel interface may include Tunnel-Server-Endpoint (Tunnel Server Endpoint) and Tunnel-Assignment-ID (Tunnel Assignment) of the tunnel interface. number).
  • the Tunnel-Server-Endpoint is the IP address of the tunnel interface.
  • the Tunnel-Assignment-ID is the number of the tunnel corresponding to the tunnel interface.
  • the controller may establish a Radius connection with the AAA server on the LAC side in advance to send the first notification message through the Radius connection.
  • the first notification message may be sent through a Radius message.
  • the Radius packet in the Radius protocol may be extended, and the first notification message may be sent in the extended field; or the original specified field in the Radius packet may be extended, and the first notification is sent in the specified field.
  • the controller may extend the Status-Client-Experimental field in the Radius packet, and carry the first notification message in the Status-Client-Experimental field.
  • Step 204 The AAA server on the LAC side receives the first notification message sent by the controller, and deletes the identifier of the tunnel interface of the unavailable LNS from the stored interface information list according to the first notification message.
  • the interface information list includes the identifiers of all the tunnel interfaces of the LNSs, and is sent to the specific LAC, so that the LAC selects the LNS and the tunnel interface for establishing the tunnel based on the interface information list.
  • the identifier of the tunnel interface of the unavailable LNS is deleted from the stored interface information list according to the first notification message, and may include at least one of the following manners:
  • the first mode is: when the first notification message carries the identifiers of all the tunnel interfaces of the unavailable LNS, the identifiers of all the tunnel interfaces of the unavailable LNS are deleted from the interface information list.
  • the second mode is: when the first notification message carries the identifier of the tunnel interface that is not available in the LNS, the identifier of the unavailable tunnel interface in the LNS is deleted from the interface information list.
  • the implementation process of deleting the identifier of the tunnel interface that does not use the LNS from the stored interface information list is different according to the storage mode of the interface information list, and may specifically include at least one of the following methods:
  • the AAA server may pre-store an interface information list, where the interface information list includes identifiers of all tunnel interfaces of each LNS on the LNS side.
  • the identifier of the tunnel interface of the unavailable LNS is deleted from the interface information list according to the first notification message, and the updated interface information list is sent to the interface information list.
  • the AAA server may also obtain the interface information list from the interface state list, and delete the identifier of the tunnel interface of the unavailable LNS from the interface information list by using the operation of the interface state list.
  • the AAA server may further store an interface status list, where the interface status list includes an identifier of the tunnel interface of each LNS and a corresponding status identifier.
  • the status indicator may include a first status identifier and a second status identifier, where the first status identifier is used to indicate that the corresponding tunnel interface is available, the identifier of the tunnel interface may be sent to the LAC, and the second status identifier is used to indicate the corresponding tunnel interface.
  • the identifier of the tunnel interface cannot be sent to the LAC.
  • the AAA server may first determine all available tunnel interfaces based on the status identifiers in the interface status list, and combine the identifiers of all available tunnel interfaces to obtain the interface information list.
  • the identifier of the tunnel interface of the unavailable LNS carried in the first notification message may be obtained, and the unavailability is not available in the status list.
  • the state identifier corresponding to the identifier of the tunnel interface of the LNS is switched from the first state identifier to the second state identifier to The identifier of the tunnel interface that is not available for the LNS is removed from the interface information list.
  • the first notification message sent by the controller is received, and the notification is received.
  • the message carries the identifier of all the tunnel interfaces of the unavailable LNS
  • the state identifier of all the tunnel interfaces of the unavailable LNS can be switched from 0 to 1 to send the identifiers of all the tunnel interfaces of the LNS to the LAC.
  • the interface information list is removed.
  • Step 205 When the LAC receives the dialing request of the user terminal, the LAC sends an online request to the AAA server on the LAC side.
  • the LAC can be any LAC in the LAC, and the LAC online request is triggered by the dialing request sent by the user terminal.
  • the user terminal can send a dialing request to the LAC on the LAC side when the dialing operation is detected based on the currently input user account and password, and the dialing request can carry the user account and password.
  • the LAC receives the dialing request, it can send an online request to the AAA server, and the online request also carries the user account and password, so that the AAA server can perform authorization, authentication, or accounting management on the user account.
  • Step 206 The AAA server on the LAC sends the updated interface information list to the LAC when receiving the online request sent by the LAC.
  • Step 207 The LAC receives the updated interface information list sent by the AAA server on the LAC side, and selects an LNS and a tunnel interface for establishing an L2TP tunnel based on the updated interface information list, and sends a tunnel establishment request to the selected LNS.
  • the LAC may select an identifier of the tunnel interface from the updated interface information list, determine an LNS indicated by the identifier of the selected tunnel interface, and determine the indicated LNS as the selected LNS. And the tunnel establishment request carries the identifier of the selected tunnel interface, so that the LNS establishes a tunnel based on the identifier of the selected tunnel interface.
  • the LNS corresponding to the identifier of all the tunnel interfaces included in the updated interface information list is available, and each tunnel interface of the available LNS is also available, because the updated interface information list has deleted the identifier of the tunnel interface of the LNS. Available, therefore, when the LAC selects the LNS and tunnel interface based on the updated interface information list, any selected LNS and any tunnel interface are also available.
  • Step 208 When receiving the tunnel establishment request sent by the LAC, the selected LNS sends a setup response to the LAC to establish an L2TP tunnel to the LAC through the selected tunnel interface.
  • the selected LNS may send a setup response to the LAC according to the identifier of the tunnel interface carried in the request, where the setup response indicates that the tunnel establishment request is verified, and the LAC receives the After the response is established, the L2TP tunnel between the tunnel interfaces of the selected LNS can be successfully established.
  • the LAC can set the LAC address as the start address and the tunnel interface address as the destination address to establish the LAC from the LAC. L2TP tunnel between tunnel interfaces.
  • the LNS when an LNS is in a fault state, if the LAC still sends a tunnel establishment request to the LNS, the LNS will not be able to respond to the tunnel establishment request due to the failure of the LNS, and the tunnel establishment fails.
  • the fault state of the LNS is monitored, and when any LNS is in a fault state, the LAC is notified.
  • the AAA server on the side deletes the identifier of all the tunnel interfaces of the LNS from the interface information list, and implements the LNS fault status quickly. This prevents the LAC from sending a tunnel establishment request to the LNS when an LNS fails.
  • the tunnel establishment fails, and the fast switching of services after the LNS fault is implemented, which improves the success rate of tunnel establishment.
  • the tunnel of the LNS may be congested, and the L2TP tunnel or the established tunnel quality cannot be established. Poor.
  • the AAA server of the LAC is notified to delete the identifier of all the tunnel interfaces of the LNS from the interface information list.
  • the LNS load capacity is quickly perceived, and some LNSs that are present in the existing network are overloaded. Some LNS access users are very small. This LNS load is unbalanced, which solves the problem of unbalanced load. The problem of unreasonable resource allocation and waste of network resources ensures the balance of load between multiple LNSs and improves the performance of the L2TP network and the tunnel establishment effect.
  • the AAA server is notified to remove the overloaded tunnel interface identifier from the interface information list, and the load on the LNS granularity is In addition to equalization, load balancing on the tunnel interface granularity is also achieved, which improves accuracy.
  • the controller may further introduce the LNS after the problem is re-introduced into the L2TP network to share load.
  • the device information of the unavailable LNS may continue to be received, and whether the unavailable LNS has been restored is determined based on the device information of the unavailable LNS. And determining, according to the device information of the unavailable LNS, that the unavailable LNS reverts to an available LNS after the problem is removed, and sends a second notification message to the AAA server on the LAC side, where the second notification message carries all the tunnels of the available LNS.
  • the identifier of the interface is used to notify the AAA server on the LAC side to add the identifiers of all tunnel interfaces of the available LNS to the interface information list.
  • the identifier of all tunnel interfaces of the available LNS may be added to the interface information list according to the second notification message, and the steps are repeated. Operation of 205-208.
  • determining, according to the device information of the unavailable LNS, whether the unavailable LNS is restored to the available LNS after the problem is eliminated may include at least one of the following manners:
  • the first mode is: when it is determined that the unavailable LNS is restored from the fault state to the normal state based on the device information of the unavailable LNS, that is, when the fault is eliminated, it is determined that the unavailable LNS is restored to the available LNS.
  • the second mode is: when the LNS is restored from the overload state of the whole device to the normal state based on the device information of the LNS, that is, when the load of the whole device decreases, it is determined that the unavailable LNS is restored to the available LNS.
  • the controller may further introduce the tunnel interface after the problem is reintroduced into the L2TP network. In the middle to share the load.
  • the device may continue to receive the tunnel interface state information of the unavailable tunnel interface in the unavailable LNS, and determine the tunnel interface state information based on the unavailable tunnel interface. Whether the problem with the unavailable tunnel interface has been eliminated. Determining, according to the tunnel interface state information of the unavailable tunnel interface in the unavailable LNS, determining that the unavailable tunnel interface is restored to an available tunnel interface after the problem is eliminated, to the The AAA server on the LAC side sends a third notification message, where the third notification message carries the identifier of the available tunnel interface, and is used to notify the AAA server on the LAC side to add the identifier of the available tunnel interface in the interface information list. When the AAA server on the LAC side receives the third notification message sent by the controller, the identifier of the available tunnel interface is added to the interface information list according to the third notification message, and steps 205-208 are repeated. Operation.
  • the unavailable tunnel interface can be restored to the available tunnel interface when the overloaded state is restored to the normal state, that is, when the load of the tunnel interface decreases.
  • the manner of adding the identifier of the tunnel interface to the interface information list according to the second notification message or the third notification message is different according to the manner of obtaining the interface information list, and may specifically include at least one of the following manners:
  • the first mode is: when the AAA server on the LAC side stores the interface information list in the first implementation manner in step 204, the AAA server on the LAC side can receive the second notification message or the third notification message. Add the identifier of the tunnel interface directly to the interface information list, obtain the updated interface information list, and send the updated interface information list to the LAC.
  • the second mode when the AAA server on the LAC side stores the interface information list in the second implementation manner in step 204, the AAA server on the LAC side may receive the second notification message or the third notification message.
  • the state identifier corresponding to the identifier of the tunnel interface is switched from the second state identifier to the first state identifier, so as to add the identifier of the tunnel interface in the interface information list.
  • the AAA server on the LAC side updates the stored interface information list according to the notification message sent by the controller, and sends the updated interface information list to any LAC as an example.
  • the AAA server may also send different interface information lists for different online requests sent by different LACs, or for different user accounts carried in the online request; or, according to the notification message sent by the controller, the storage is performed.
  • the different interface information lists are updated, which is not limited by the embodiment of the present invention.
  • the AAA server on the LAC side can update the stored interface information list according to the notification message sent by the controller, and obtain the updated interface information list. After receiving the online request sent by the LAC, the updated interface information is obtained.
  • the LNS and the tunnel interface corresponding to the LAC or the user account carried in the online request are selected in the list, and the selected tunnel interface identifiers are combined into a new interface information list and sent to the LAC.
  • the AAA server may store a plurality of interface information lists, each interface information list corresponding to a group of LACs or a group of user accounts; when the AAA server receives the notification message sent by the controller, the AAA server may store the information according to the notification message.
  • the interface information list is updated. After receiving the online request sent by the LAC, the interface information list corresponding to the LAC or the interface information corresponding to the user account carried in the online request may be selected from the multiple interface information lists. And send the selected interface information list to the LAC.
  • the AAA server 12 of the LAC side 10 can update the stored LTS interface information list in the above manner, and the AAA server 42 of the LTS side 40 can access the stored LNS interface according to the foregoing manner.
  • the information list is updated.
  • the LTS interface information list stores the identifiers of the tunnel interfaces of the LTSs 41 in the LTS side 40.
  • the LNS interface information list stores the identifiers of the tunnel interfaces of the LNSs 21 in the LNS side 20.
  • the controller 30 or the controller 31 may receive device information from each of the plurality of LTSs 41 in the LTS side 40, the device information including the device label corresponding to the LTS 41. Identifying the device status information; determining the unavailable LTS 41 of the plurality of LTSs 41 according to the device information of each of the plurality of LTSs 41; transmitting a first notification message to the AAA server 12 of the LAC side 10, the first notification message carrying The identifier of the tunnel interface of the unavailable LTS 41 is used to notify the AAA server 12 to delete the identifier of the tunnel interface of the unavailable LTS 41 from the stored LTS interface information list.
  • the AAA server 12 can send the updated LTS interface information list to the LAC11, so that the LAC11 selects the LTS 41 based on the updated LTS interface information list.
  • the tunnel interface is configured to send a tunnel establishment request to the selected LTS 41.
  • the selected LTS 41 can establish an L2TP tunnel from the selected tunnel interface to the LAC11.
  • the controller 30 or the controller 32 may receive device information from each of the plurality of LNSs 21 in the LNS side 20, the device information including the device identifier corresponding to the LNS 21 and Determining the unavailable LNS 21 of the plurality of LNSs 21 according to the device information of each of the plurality of LNSs 21; sending a first notification message to the AAA server 42 of the LTS side 40, the first notification message carrying the The identifier of the tunnel interface of the LNS 21 is used to notify the AAA server 42 to delete the identifier of the tunnel interface of the unavailable LNS 21 from the stored LNS interface information list.
  • the AAA server 42 may send the updated LNS interface information list to the LTS 41, so that the LTS 41 selects the LNS 21 based on the updated LNS interface information list. And the tunnel interface, and sends a tunnel establishment request to the selected LNS 21, after the selected LNS 21 receives the request of the LTS 41, the L2TP tunnel from the selected tunnel interface to the LTS 41 can be established.
  • the online request sent by the LAC11 or the online request sent by the LTS41 is also triggered by the dialing request sent by the user terminal.
  • the AAA server 12 on the LAC 10 side may also send different LTS interface information lists for different online requests sent by different LACs or different user accounts carried in the online request.
  • the AAA server 42 on the LTS 40 side may also be used.
  • the uplink request sent by the different LTSs, or for the different user accounts carried in the online request the different LNS interface information lists are sent.
  • the specific implementation process reference may be made to the related descriptions, and details are not described herein again.
  • a controller is introduced between the LAC side and the LNS side, and the controller can monitor each of the LNS sides by receiving device information from each LNS of the multiple LNSs.
  • the device status of the LNS is determined, and the LNS in the plurality of LNSs is determined based on the information of each LNS device, and the first notification message of the identifier of the tunnel interface carrying the unavailable LNS is sent to the AAA server on the LAC side, and the LAC side is notified.
  • the AAA server deletes the identifier of the tunnel interface of the unavailable LNS from the stored interface information list, and obtains the updated interface information list.
  • the LNS corresponding to the identifier of all tunnel interfaces included in the updated interface information list is available, and the tunnel interface of the available LNS is also available. Therefore, when the LAC selects the LNS and the tunnel interface based on the updated interface information list, any LNS selected and any tunnel interface are also available, thereby solving the problem that the selected LNS or tunnel interface may not meet the working condition.
  • the problem that the tunnel cannot be established or the quality of the established tunnel is poor, and the success rate and stability of the tunnel establishment are improved.
  • FIG. 3 is a schematic structural diagram of a controller according to an embodiment of the present invention.
  • the controller is connected to multiple LNSs on the LNS side, and the controller is connected to an AAA server on the LAC side.
  • the controller includes:
  • the receiving module 301 is configured to perform step 201 of the foregoing embodiment
  • the processing module 302 is configured to perform step 202 of the foregoing embodiment
  • the sending module 303 is configured to perform step 203 of the foregoing embodiment.
  • a controller is introduced between the LAC side and the LNS side, and the controller can monitor the device status of each LNS in the LNS side by receiving device information from each LNS of the multiple LNSs. And determining, according to the LNS device information, the unavailable LNS in the multiple LNSs, and sending the first notification message of the identifier of the tunnel interface carrying the unavailable LNS to the AAA server on the LAC side, notifying that the AAA server on the LAC side is unavailable.
  • the identifier of the tunnel interface of the LNS is deleted from the stored interface information list, and the updated interface information list is obtained.
  • the LNS corresponding to the identifier of all tunnel interfaces included in the updated interface information list is available, and the tunnel interface of the available LNS is also available.
  • any LNS selected and any tunnel interface are also available, thereby solving the problem that the selected LNS or tunnel interface may not meet the working condition.
  • the problem that the tunnel cannot be established or the quality of the established tunnel is poor, and the success rate and stability of the tunnel establishment are improved.
  • the above receiving module and the sending module may be transmitters, and the receiving module and the sending module may be integrated in one transceiver module, and implemented as a transceiver corresponding to hardware.
  • the above processing module may be embedded in or independent of the processor of the controller in hardware, or may be stored in the memory of the controller in software, so that the processor calls to perform operations corresponding to the above modules.
  • the processor can be a central processing unit (CPU), a microprocessor, a microcontroller, or the like.
  • FIG. 4 is a schematic structural diagram of an AAA server according to an embodiment of the present invention.
  • the AAA server is connected to a controller and a plurality of LACs on the LAC side, and the controller is respectively connected to multiple LNSs on the LNS side.
  • the AAA server includes:
  • the receiving module 401 and the processing module 402 are configured to perform step 204 of the above embodiment.
  • the AAA server further includes:
  • the sending module is configured to perform step 206 of the above embodiment.
  • the AAA server may receive the first notification message sent by the controller, and according to the identifier of the tunnel interface of the unavailable LNS carried in the first notification message, remove the identifier of the tunnel interface of the LNS from the stored interface information. Remove from the list.
  • the LNS corresponding to the identifier of all tunnel interfaces included in the updated interface information list is available, and the tunnel interface of the available LNS is also available. Therefore, when the LAC selects the LNS and the tunnel interface based on the updated interface information list, any LNS selected and any tunnel interface are also available, thereby solving the problem that the selected LNS or tunnel interface may not meet the working condition.
  • the problem that the tunnel cannot be established or the quality of the established tunnel is poor, and the success rate and stability of the tunnel establishment are improved.
  • the above receiving module and the sending module may be transmitters, and the receiving module and the sending module may be integrated in one transceiver module, and implemented as a transceiver corresponding to hardware.
  • the above processing module may be embedded in or independent of the processor of the controller in hardware, or may be stored in the memory of the controller in software, so that the processor calls to perform operations corresponding to the above modules.
  • the processor can be a central processing unit (CPU), a microprocessor, a microcontroller, or the like.
  • the controller and the AAA server provided by the foregoing embodiments are only illustrated by the foregoing division of each functional module. In actual applications, the foregoing functions may be allocated according to requirements. Different functional modules are completed, that is, the internal structure of the device is divided into different functional modules to complete all or part of the functions described above.
  • the controller and the AAA server provided by the foregoing embodiments are in the same concept as the L2TP-based device management method embodiment, and the specific implementation process is described in detail in the method embodiment, and details are not described herein again.
  • a person skilled in the art may understand that all or part of the steps of implementing the above embodiments may be completed by hardware, or may be instructed by a program to execute related hardware, and the program may be stored in a computer readable storage medium.
  • the storage medium mentioned may be a read only memory, a magnetic disk or an optical disk or the like.

Abstract

The present invention relates to the technical field of networks. Disclosed are a layer two tunneling protocol (L2TP)-based device management method, apparatus and system. The method comprises: receiving device information of each L2TP network server (LNS) of a plurality of LNSs from an LNS side, the device information comprising a device identifier and device status information of the corresponding LNS; determining an unavailable LNS of the plurality of LNSs according to the device information of each LNS of the plurality of LNSs; and transmitting a first notification message to an authentication, authorization and accounting (AAA) server at an LAC side, the first notification message carrying an identification of a tunnel interface of the unavailable LNS, for instructing the AAA server to delete the identification of the tunnel interface of the unavailable LNS from a stored interface information list. As the identification of the tunnel interface of the unavailable LNS has been deleted from the interface information list, when selecting an LNS and a tunnel interface on the basis of the updated interface information list, any selected LNS and tunnel interface will therefore be available, thereby addressing the problem that a selected LNS or tunnel interface may not satisfy the working conditions, and increasing the success rate of tunnel establishment.

Description

基于L2TP的设备管理方法、设备及***L2TP-based device management method, device and system
本申请要求于2016年12月8日提交中国专利局、申请号为201611121163.0、申请名称为“基于L2TP的设备管理方法、设备及***”的中国专利申请的优先权,其全部内容通过引用结合在本申请中。This application claims the priority of the Chinese Patent Application filed on Dec. 8, 2016, the Chinese Patent Application No. 201611121163.0, the application name is "L2TP-based device management method, device and system", the entire contents of which are incorporated by reference. In this application.
技术领域Technical field
本发明实施例涉及网络技术领域,特别涉及一种基于L2TP的设备管理方法、设备及***。The embodiments of the present invention relate to the field of network technologies, and in particular, to a device management method, device, and system based on L2TP.
背景技术Background technique
VPDN(Virtual Private Dial-up Networks,虚拟专用拨号网)是一种能够提供以拨号接入方式上网的虚拟专用网,其具体利用隧道协议来实现,即将数据封装在利用隧道协议建立的隧道中进行传输。由于在现有的隧道协议中,二层隧道协议(Layer 2Tunneling Protocol,L2TP)已经成为一种工业标准的隧道协议,因此VPDN主要采用的隧道协议也就是L2TP协议。在L2TP协议中,L2TP访问集中器(L2TP Access Concentrator,LAC)和L2TP网络服务器(L2TP Network Server,LNS)是L2TP隧道两端的设备,LAC用于向LNS发起隧道建立请求,LNS用于接收LAC发起的隧道建立请求,并向该LAC发送建立响应,当LAC接收到该LNS发送的建立响应后,即可成功建立到该LNS之间的L2TP隧道。VPDN (Virtual Private Dial-up Network) is a virtual private network that can provide Internet access through dial-up access. It is specifically implemented by using a tunneling protocol, that is, data is encapsulated in a tunnel established by using a tunneling protocol. transmission. In the existing tunneling protocol, the Layer 2 Tunneling Protocol (L2TP) has become an industry standard tunneling protocol. Therefore, the tunneling protocol used by VPDN is the L2TP protocol. In the L2TP protocol, the L2TP Access Concentrator (LAC) and the L2TP Network Server (LNS) are the devices at both ends of the L2TP tunnel. The LAC is used to initiate a tunnel establishment request to the LNS. The LNS is used to receive the LAC. The tunnel establishment request sends a setup response to the LAC. After receiving the setup response sent by the LNS, the LAC can successfully establish an L2TP tunnel to the LNS.
图1A为一种L2TP协议的网络架构图,如图1A所示,L2TP协议的网络架构通常包括LAC侧10和LNS侧20。其中,LAC侧10包括多个LAC11和AAA(Authentication、Authorization、Accounting,认证授权及计费)服务器12,该AAA服务器12与该多个LAC11分别连接,用于为各个LAC11提供验证、授权以及计费服务;LNS侧20包括多个LNS21。而且,每个LNS21可以包括至少一个隧道接口,通过一个隧道接口可以建立一条L2TP隧道。隧道接口是指LNS创建的用于建立L2TP隧道的逻辑接口或物理接口,如lookback(环回接口)等,建立L2TP隧道时,隧道接口地址可以作为L2TP隧道的源地址或目的地址。FIG. 1A is a network architecture diagram of an L2TP protocol. As shown in FIG. 1A, the network architecture of the L2TP protocol generally includes an LAC side 10 and an LNS side 20. The LAC side 10 includes multiple LAC11 and AAA (Authentication, Authorization, Accounting, Authentication, and Accounting) servers 12, and the AAA server 12 is connected to the multiple LACs 11 to provide authentication, authorization, and accounting for each LAC11. The fee service; the LNS side 20 includes a plurality of LNSs 21. Moreover, each LNS 21 can include at least one tunnel interface through which an L2TP tunnel can be established. A tunnel interface is a logical interface or a physical interface created by the LNS to establish an L2TP tunnel. For example, a loopback interface can be used as the source address or destination address of an L2TP tunnel.
目前在基于L2TP建立隧道的过程中,AAA服务器12可以获取LNS侧20中每个LNS21包括的至少一个隧道接口的标识,得到多个隧道接口的标识,并将该多个隧道接口的标识存储在接口信息列表中。其中,每个隧道接口的标识用于指示一个隧道接口和该隧道接口所属的LNS。当接收到任一LAC11的上线请求时,AAA服务器12可以将该接口信息列表发送给该LAC11,该LAC11即可基于该接口信息列表中的多个隧道接口信息,选择建立隧道的LNS21和隧道接口,并向选择的LNS21发起隧道建立请求。该选择的LNS21接收到该LAC11的请求后,即可建立从该选择的隧道接口到该LAC11的L2TP隧道。In the process of establishing a tunnel based on the L2TP, the AAA server 12 can obtain the identifier of at least one tunnel interface included in each LNS 21 of the LNS side 20, obtain the identifiers of the multiple tunnel interfaces, and store the identifiers of the multiple tunnel interfaces in the In the interface information list. The identifier of each tunnel interface is used to indicate a tunnel interface and an LNS to which the tunnel interface belongs. When receiving the online request of any LAC11, the AAA server 12 can send the interface information list to the LAC11, and the LAC11 can select the LNS21 and the tunnel interface for establishing the tunnel based on the multiple tunnel interface information in the interface information list. And initiate a tunnel establishment request to the selected LNS21. After receiving the request of the LAC11, the selected LNS21 can establish an L2TP tunnel from the selected tunnel interface to the LAC11.
由于上述AAA服务器向LAC发送的接口信息列表中包括所有LNS的所有隧道接口的标识,因此,LAC基于该接口信息列表选择建立隧道的LNS和隧道接口时,所选择 的LNS或隧道接口可能会不满足工作要求,导致所选择的LNS接收到建立隧道请求后,无法建立隧道或建立的隧道质量较差。因此,目前亟需一种基于L2TP的设备管理方法,以避免LAC会选择出不满足工作要求的LNS或隧道接口。The LAC sends the LNS and the tunnel interface of the LNS based on the interface information list. The LNS or tunnel interface may not meet the working requirements, and the selected LNS cannot establish a tunnel or establish a poor tunnel quality after receiving the tunnel request. Therefore, there is a need for an L2TP-based device management method to prevent the LAC from selecting an LNS or tunnel interface that does not meet the operational requirements.
发明内容Summary of the invention
为了解决现有技术的问题,本发明实施例提供了一种基于L2TP的设备管理方法、设备及***。所述技术方案如下:In order to solve the problem of the prior art, an embodiment of the present invention provides a device management method, device, and system based on L2TP. The technical solution is as follows:
第一方面,提供了一种基于L2TP的设备管理方法,应用于控制器中,所述控制器与L2TP网络服务器LNS侧的多个LNS分别连接,且所述控制器与L2TP访问集中器LAC侧的认证授权及计费AAA服务器连接,所述方法包括:The first aspect provides an L2TP-based device management method, which is applied to a controller, where the controller is connected to multiple LNSs on the LNS side of the L2TP network server, and the controller and the L2TP access concentrator LAC side are respectively connected. Authentication and authorization and accounting AAA server connection, the method includes:
接收来自所述多个LNS中的每个LNS的设备信息,所述设备信息包括对应LNS的设备标识和设备状态信息;Receiving device information from each of the plurality of LNSs, the device information including device identifiers and device state information corresponding to the LNS;
根据所述多个LNS中的每个LNS的设备信息确定所述多个LNS中的不可用LNS;Determining an unavailable LNS of the plurality of LNSs according to device information of each of the plurality of LNSs;
向所述AAA服务器发送第一通知消息,所述第一通知消息携带所述不可用LNS的隧道接口的标识,所述第一通知消息用于通知所述AAA服务器将所述不可用LNS的隧道接口的标识从存储的接口信息列表中删除。And sending, by the AAA server, a first notification message, where the first notification message carries an identifier of the tunnel interface of the unavailable LNS, where the first notification message is used to notify the AAA server to use the tunnel of the unavailable LNS. The ID of the interface is removed from the list of stored interface information.
本发明实施例中,在LAC侧和LNS侧之间引入了控制器,该控制器可以通过接收来自LNS侧的多个LNS中的每个LNS的设备信息,监控LNS侧中每个LNS的设备状态,并基于每个LNS设备信息确定该多个LNS中的不可用LNS,向LAC侧的AAA服务器发送携带不可用LNS的隧道接口的标识的第一通知消息,通知该AAA服务器将不可用LNS的隧道接口的标识从存储的接口信息列表中删除,得到更新后的接口信息列表。In the embodiment of the present invention, a controller is introduced between the LAC side and the LNS side, and the controller can monitor the device of each LNS on the LNS side by receiving device information of each LNS from multiple LNSs on the LNS side. The first notification message of the identifier of the tunnel interface carrying the unavailable LNS is sent to the AAA server on the LAC side to notify the AAA server that the LNS is unavailable. The identifier of the tunnel interface is deleted from the stored interface information list, and the updated interface information list is obtained.
由于更新后的接口信息列表已删除了不可用LNS的隧道接口的标识,因此更新后的接口信息列表中包括的所有隧道接口的标识对应的LNS均可用,且可用LNS的每个隧道接口也均可用,因此,当LAC基于更新后的接口信息列表选择LNS和隧道接口时,所选择的任一LNS和任一隧道接口也均可用,从而解决了所选择的LNS或者隧道接口可能不满足工作条件,导致的无法建立隧道或建立的隧道质量较差的问题,提高了隧道建立的成功率和稳定性。The LNS corresponding to the identifier of all the tunnel interfaces included in the updated interface information list is available, and each tunnel interface of the available LNS is also available, because the updated interface information list has deleted the identifier of the tunnel interface of the LNS. Available, therefore, when the LAC selects the LNS and the tunnel interface based on the updated interface information list, any LNS and any tunnel interface selected are also available, thereby solving the problem that the selected LNS or tunnel interface may not meet the working conditions. The problem that the tunnel cannot be established or the quality of the established tunnel is poor, and the success rate and stability of the tunnel establishment are improved.
在另一实施例中,所述设备状态信息包括故障信息、中央处理器CPU利用率、内存占用量、承载L2TP隧道的出接口的总流量和总承载的用户量中的至少一个;In another embodiment, the device status information includes at least one of fault information, CPU utilization of the central processing unit, memory usage, total traffic of the outbound interface carrying the L2TP tunnel, and the total amount of users of the total bearer;
所述根据所述多个LNS中的每个LNS的设备信息确定所述多个LNS中的不可用LNS,包括以下方式中的至少一种:Determining, according to the device information of each LNS of the multiple LNSs, the unavailable LNSs in the multiple LNSs, including at least one of the following manners:
当目标LNS的设备状态信息中存在故障信息时,将所述目标LNS确定为不可用LNS,所述目标LNS为所述多个LNS中的任一LNS;When the fault information is found in the device state information of the target LNS, the target LNS is determined to be an unavailable LNS, and the target LNS is any one of the plurality of LNSs;
当目标LNS的CPU利用率大于第一预设阈值时,将所述目标LNS确定为不可用LNS;When the CPU utilization of the target LNS is greater than the first preset threshold, determining the target LNS as an unavailable LNS;
当目标LNS的内存占用量大于第二预设阈值时,将所述目标LNS确定为不可用LNS;When the memory usage of the target LNS is greater than a second preset threshold, determining the target LNS as an unavailable LNS;
当目标LNS的承载L2TP隧道的出接口的总流量大于第三预设阈值时,将所述目标LNS确定为不可用LNS;When the total traffic of the outbound interface carrying the L2TP tunnel of the target LNS is greater than a third preset threshold, the target LNS is determined to be an unavailable LNS;
当目标LNS的总承载的用户量大于第四预设阈值时,将所述目标LNS确定为不可用LNS;When the amount of users of the total bearer of the target LNS is greater than a fourth preset threshold, determining the target LNS as an unavailable LNS;
相应地,所述不可用LNS的隧道接口的标识是指所述不可用LNS的所有隧道接口的标 识。Correspondingly, the identifier of the tunnel interface of the unavailable LNS refers to the label of all the tunnel interfaces of the unavailable LNS. knowledge.
本发明实施例中,控制器可以基于每个LNS的故障信息、中央处理器CPU利用率、内存占用量、承载L2TP隧道的出接口的总流量和总承载的用户量等设备状态信息,确定每个LNS是否可用,并将该不可用LNS的所有隧道接口的标识作为需要删除的不可用LNS的隧道接口的标识。通过当某一LNS的设备状态信息中存在故障信息时,通知AAA服务器将该LNS的所有隧道接口的标识从接口信息列表中删除,实现了对LNS故障状态的迅速感知,避免了当某一LNS发生故障时,LAC仍向该LNS发送隧道建立请求导致的隧道建立失败的情况。通过当某一LNS的CPU利用率、内存占用量、承载L2TP隧道的出接口的总流量和总承载的用户量中的至少一个大于阈值时,通知AAA服务器将该LNS的所有隧道接口的标识从接口信息列表中删除,实现了对LNS负载状态的迅速感知,避免了现网中出现的某些LNS已经超负载,某些LNS接入用户量非常少,这种LNS负载不均衡、资源分配不合理的问题,从而保证了LNS负载的均衡,提高了隧道建立的稳定性。In the embodiment of the present invention, the controller may determine each device status information based on the fault information of each LNS, the CPU usage of the central processing unit, the memory usage, the total traffic of the outbound interface carrying the L2TP tunnel, and the total amount of users. Whether the LNSs are available, and the identifiers of all tunnel interfaces of the unavailable LNS are used as the identifiers of the tunnel interfaces of the unavailable LNSs that need to be deleted. When the fault information is displayed in the device status information of an LNS, the AAA server is notified to delete the identifier of all the tunnel interfaces of the LNS from the interface information list, so that the LNS fault state is quickly perceived and avoided. When a fault occurs, the LAC still sends a tunnel establishment failure request to the LNS. When the at least one of the CPU usage, the memory usage, the total traffic of the outbound interface carrying the L2TP tunnel, and the total number of users of the total bearer is greater than the threshold, the AAA server is notified to identify the identifiers of all the tunnel interfaces of the LNS. The LNS load status is quickly deleted, and some LNSs that are in the live network are overloaded. Some LNS access users are very small. This LNS load is unbalanced and resource allocation is not. Reasonable problems, thus ensuring the balance of LNS load and improving the stability of tunnel establishment.
在另一实施例中,所述向所述AAA服务器发送第一通知消息之后,还包括:In another embodiment, after the sending the first notification message to the AAA server, the method further includes:
当根据所述不可用LNS的设备信息,确定所述不可用LNS在排除问题后恢复为可用LNS时,向所述AAA服务器发送第二通知消息,所述第二通知消息携带所述可用LNS的所有隧道接口的标识,用于通知所述AAA服务器在所述接口信息列表中增加所述可用LNS的所有隧道接口的标识。Determining, by the device information of the unavailable LNS, that the unavailable LNS returns to an available LNS after the problem is rectified, and sending a second notification message to the AAA server, where the second notification message carries the available LNS An identifier of all tunnel interfaces is used to notify the AAA server to add an identifier of all tunnel interfaces of the available LNS in the interface information list.
本发明实施例中,当识别到原来不可用的LNS在排除问题后恢复为可用LNS时,还可以向AAA服务器发送第二通知消息,指示AAA服务器将恢复为可用的LNS的隧道接口的标识增加至接口信息列表。如此,可以将排除问题后的LNS重新引入L2TP网络中来分担负载,达到了均衡负载的目的。In the embodiment of the present invention, when it is identified that the LNS that was originally unavailable is restored to the available LNS after the problem is removed, the second notification message may be sent to the AAA server, indicating that the AAA server will restore the identifier of the tunnel interface that is restored to the available LNS. To the list of interface information. In this way, the LNS after the problem is removed can be re-introduced into the L2TP network to share the load and achieve the purpose of balancing the load.
在另一实施例中,所述设备信息还包括对应LNS包括的至少一个隧道接口的标识和隧道接口状态信息;In another embodiment, the device information further includes identifiers and tunnel interface state information corresponding to at least one tunnel interface included in the LNS;
所述根据所述多个LNS中的每个LNS的设备信息确定所述多个LNS中的不可用LNS,包括:Determining, according to the device information of each LNS of the multiple LNSs, the unavailable LNSs in the multiple LNSs, including:
根据所述多个LNS中的每个LNS的设备信息中包括的至少一个隧道接口的标识和隧道接口状态信息,确定所述多个LNS中存在不可用隧道接口的LNS;Determining, according to the identifier of the at least one tunnel interface and the tunnel interface state information included in the device information of each of the plurality of LNSs, an LNS in the plurality of LNSs that has an unavailable tunnel interface;
将所述多个LNS中存在不可用隧道接口的LNS确定为所述多个LNS中的不可用LNS;Determining, by the LNS that is not available in the plurality of LNSs, an unavailable LNS in the multiple LNSs;
相应地,所述第一通知消息携带所述不可用LNS中不可用隧道接口的标识,所述第一通知消息用于通知所述AAA服务器将所述不可用LNS中不可用隧道接口的标识从存储的接口信息列表中删除。Correspondingly, the first notification message carries an identifier of the unavailable tunnel interface in the unavailable LNS, and the first notification message is used to notify the AAA server to identify the identifier of the unavailable tunnel interface in the unavailable LNS. The list of stored interface information is deleted.
所述隧道接口状态信息包括对应隧道所承载的用户量和隧道接口的流量中的至少一个;The tunnel interface state information includes at least one of a quantity of users carried by the corresponding tunnel and a traffic of the tunnel interface;
在另一实施例中,所述根据所述多个LNS中的每个LNS的设备信息中包括的至少一个隧道接口的标识和隧道接口状态信息,确定所述多个LNS中存在不可用隧道接口的LNS,包括:In another embodiment, the determining, according to the identifier of the at least one tunnel interface and the tunnel interface state information included in the device information of each of the plurality of LNSs, determining that an unavailable tunnel interface exists in the multiple LNSs LNS, including:
对于所述多个LNS中的每个LNS,当所述LNS包括的至少一个隧道接口中目标隧道接口对应的隧道所承载的用户量大于第五预设阈值时,将所述目标隧道接口确定为所述LNS中的不可用隧道接口,并将所述LNS确定为存在不可用隧道接口的LNS,所述目标隧道接 口为所述LNS包括的至少一个隧道接口中的任一接口;For each of the plurality of LNSs, when the number of users carried by the tunnel corresponding to the target tunnel interface in the at least one tunnel interface included in the LNS is greater than a fifth preset threshold, the target tunnel interface is determined as An unavailable tunnel interface in the LNS, and determining the LNS as an LNS having an unavailable tunnel interface, where the target tunnel is connected The interface is any one of the at least one tunnel interface included in the LNS;
当所述LNS包括的至少一个隧道接口中目标隧道接口的流量大于第六预设阈值时,将所述目标隧道接口确定为所述LNS中的不可用隧道接口,并将所述LNS确定为存在不可用隧道接口的LNS。And determining, when the traffic of the target tunnel interface in the at least one tunnel interface included in the LNS is greater than a sixth preset threshold, determining the target tunnel interface as an unavailable tunnel interface in the LNS, and determining the LNS as being The LNS of the tunnel interface is not available.
本发明实施例中,控制器还可以监控LNS包括的至少一个隧道接口中每个隧道接口的状态,当某一隧道接口的流量或者对应隧道承载的用户量大于阈值时,即可将该隧道接口确定为不可用隧道接口,并指示AAA服务器将不可用隧道接口的标识从接口信息列表中删除。如此,对于每个LNS来说,可以仅排除该LNS中超负荷的隧道接口,仍保留未超负荷的隧道接口,实现了隧道接口粒度上的负载均衡,提高了精确度。In the embodiment of the present invention, the controller may also monitor the state of each tunnel interface in the at least one tunnel interface included in the LNS. When the traffic of a tunnel interface or the number of users corresponding to the tunnel is greater than a threshold, the tunnel interface may be used. The tunnel interface is determined to be unavailable, and the AAA server is instructed to remove the identifier of the unavailable tunnel interface from the interface information list. In this way, for each LNS, only the overloaded tunnel interface in the LNS can be excluded, and the tunnel interface that is not overloaded is still retained, which realizes load balancing on the tunnel interface granularity and improves the accuracy.
在另一实施例中,所述向所述AAA服务器发送第一通知消息之后,还包括:In another embodiment, after the sending the first notification message to the AAA server, the method further includes:
当根据所述不可用LNS中不可用隧道接口的隧道接口状态信息,确定所述不可用隧道接口在排除问题后恢复为可用隧道接口时,向所述AAA服务器发送第三通知消息,所述第三通知消息携带所述可用隧道接口的标识,所述第三通知消息用于通知所述AAA服务器在所述接口信息列表中增加所述可用隧道接口的标识。Determining, according to the tunnel interface state information of the unavailable tunnel interface in the unavailable LNS, that the unavailable tunnel interface returns to an available tunnel interface after excluding the problem, sending a third notification message to the AAA server, where the The third notification message carries the identifier of the available tunnel interface, and the third notification message is used to notify the AAA server to add the identifier of the available tunnel interface in the interface information list.
本发明实施例中,当识别到原来不可用的隧道接口在排除问题后恢复为可用隧道接口时,还可以向AAA服务器发送第三通知消息,指示AAA服务器将恢复为可用的隧道接口的标识增加至接口信息列表。如此,可以将排除问题后的隧道接口重新引入L2TP网络中来分担负载,达到了隧道接口粒度上的负载均衡。In the embodiment of the present invention, when it is identified that the tunnel interface that was originally unavailable is restored to the available tunnel interface after the problem is removed, the third notification message may also be sent to the AAA server, indicating that the AAA server will restore the identifier of the available tunnel interface. To the list of interface information. In this way, the tunnel interface after the problem is re-introduced into the L2TP network to share the load and achieve load balancing on the tunnel interface granularity.
在另一实施例中,所述接收来自所述多个LNS中的每个LNS的设备信息,包括:In another embodiment, the receiving device information from each of the plurality of LNSs includes:
通过网络配置协议NETCONF接收来自所述多个LNS中的每个LNS的设备信息;或者,Receiving device information from each of the plurality of LNSs through a network configuration protocol NETCONF; or
通过简单网络管理协议SNMP接收来自所述多个LNS中的每个LNS的设备信息。Device information from each of the plurality of LNSs is received through a Simple Network Management Protocol SNMP.
本发明实施例中,通过利用NETCONF或SNMP来获取LNS侧多个LNS的设备信息,提高了获取LNS设备信息的准确度和效率。In the embodiment of the present invention, the device information of multiple LNSs on the LNS side is obtained by using NETCONF or SNMP, and the accuracy and efficiency of acquiring LNS device information are improved.
在另一实施例中,所述向所述AAA服务器发送第一通知之前,还包括:In another embodiment, before the sending the first notification to the AAA server, the method further includes:
与所述AAA服务器建立远程用户拨号认证***Radius连接;Establishing a remote user dialing authentication system Radius connection with the AAA server;
相应地,所述向所述AAA服务器发送第一通知消息,包括:Correspondingly, the sending the first notification message to the AAA server includes:
通过所述Radius连接向所述AAA服务器发送所述第一通知消息。Sending the first notification message to the AAA server through the Radius connection.
本发明实施例中,可以在控制器和AAA服务器之间建立Radius连接,利用Radius连接向AAA服务器发送第一通知消息,也即是,基于Radius协议实现控制器和AAA服务器之间通知消息的交互,而无需再为控制器和AAA服务器构建专用的通信协议,节省了成本。In the embodiment of the present invention, a Radius connection may be established between the controller and the AAA server, and the first notification message is sent to the AAA server by using the Radius connection, that is, the interaction of the notification message between the controller and the AAA server is implemented based on the Radius protocol. There is no need to build a dedicated communication protocol for the controller and AAA server, which saves costs.
第二方面,提供一种基于二层隧道协议L2TP的设备管理方法,其特征在于,应用于认证授权及计费AAA服务器中,所述AAA服务器与控制器以及L2TP访问集中器LAC侧的多个LAC分别连接,所述控制器与L2TP网络服务器LNS侧的多个LNS分别连接,所述方法包括:The second aspect provides a device management method based on the Layer 2 Tunneling Protocol (L2TP), which is characterized in that, in the AAA server for authentication and authorization and accounting, the AAA server and the controller and the L2TP access concentrator LAC side The LACs are respectively connected, and the controllers are respectively connected to multiple LNSs on the LNS side of the L2TP network server. The method includes:
接收所述控制器发送的第一通知消息,所述第一通知消息携带不可用LNS的隧道接口的标识,且所述第一通知消息由所述控制器在基于所述多个LNS中的每个LNS的设备信息,确定出所述多个LNS中的所述不可用LNS时发送,所述设备信息包括对应LNS的设备标识 和设备状态信息;Receiving, by the controller, a first notification message, where the first notification message carries an identifier of a tunnel interface of an unavailable LNS, and the first notification message is used by the controller based on each of the multiple LNSs The device information of the LNS is sent when the unavailable LNS in the multiple LNSs is determined, and the device information includes the device identifier corresponding to the LNS. And device status information;
将所述不可用LNS的隧道接口的标识从存储的接口信息列表中删除。The identifier of the tunnel interface of the unavailable LNS is deleted from the stored interface information list.
在另一实施例中,所述将所述不可用LNS的隧道接口的标识从存储的接口信息列表中删除,包括:In another embodiment, the deleting the identifier of the tunnel interface of the unavailable LNS from the stored interface information list includes:
当所述第一通知消息携带所述不可用LNS中所有隧道接口的标识时,将所述不可用LNS中所有隧道接口的标识从存储的接口信息列表中删除。When the first notification message carries the identifiers of all the tunnel interfaces in the unavailable LNS, the identifiers of all the tunnel interfaces in the unavailable LNS are deleted from the stored interface information list.
在另一实施例中,所述将所述不可用LNS的隧道接口的标识从存储的接口信息列表中删除之后,还包括:In another embodiment, after the identifier of the tunnel interface of the unavailable LNS is deleted from the stored interface information list, the method further includes:
接收所述控制器发送的第二通知消息,所述第二通知消息携带可用LNS的所有隧道接口的标识,所述第二通知消息由所述控制器基于所述不可用LNS的设备信息,确定所述不可用LNS在排除问题后恢复为可用LNS时发送;Receiving, by the controller, a second notification message, where the second notification message carries an identifier of all tunnel interfaces of the available LNS, where the second notification message is determined by the controller based on the device information of the unavailable LNS. The unavailable LNS is sent when the problem is restored to an available LNS after the problem is eliminated;
在所述接口信息列表中增加所述可用LNS的所有隧道接口的标识。Adding an identifier of all tunnel interfaces of the available LNS in the interface information list.
在另一实施例中,所述将所述不可用LNS的隧道接口的标识从存储的接口信息列表中删除,包括:In another embodiment, the deleting the identifier of the tunnel interface of the unavailable LNS from the stored interface information list includes:
当所述第一通知消息携带所述不可用LNS中不可用隧道接口的标识时,将所述不可用LNS中不可用隧道接口的标识从存储的接口信息列表中删除,所述第一通知消息由所述控制器基于所述多个LNS中的每个LNS的设备信息中包括的至少一个隧道接口的标识和隧道接口状态信息,确定出所述多个LNS中存在不可用隧道接口的LNS时发送。When the first notification message carries the identifier of the unavailable tunnel interface in the unavailable LNS, the identifier of the unavailable tunnel interface in the unavailable LNS is deleted from the stored interface information list, where the first notification message is deleted. Determining, by the controller, the LNS of the unavailable tunnel interface in the plurality of LNSs based on the identifier of the at least one tunnel interface and the tunnel interface state information included in the device information of each of the plurality of LNSs send.
在另一实施例中,所述将所述不可用隧道接口的标识从存储的接口信息列表中删除之后,还包括:In another embodiment, after the deleting the identifier of the unavailable tunnel interface from the stored interface information list, the method further includes:
接收所述控制器发送的第三通知消息,所述第三通知消息携带可用隧道接口的标识,所述第三通知消息由所述控制器基于所述不可用LNS中不可用隧道接口的隧道接口状态信息,确定所述不可用隧道接口在排除问题后恢复为可用隧道接口时发送;Receiving a third notification message sent by the controller, where the third notification message carries an identifier of an available tunnel interface, where the third notification message is based on a tunnel interface of the unavailable tunnel interface in the unavailable LNS by the controller Status information, determining that the unavailable tunnel interface is sent when the problem is restored to an available tunnel interface after the problem is eliminated;
在所述接口信息列表中增加所述可用隧道接口的标识。Adding an identifier of the available tunnel interface to the interface information list.
在另一实施例中,所述将所述不可用LNS的隧道接口的标识从存储的接口信息列表中删除之后,还包括:In another embodiment, after the identifier of the tunnel interface of the unavailable LNS is deleted from the stored interface information list, the method further includes:
当接收到所述LAC侧任一LAC发送的上线请求时,将更新后的所述接口信息列表发送给所述LAC,指示所述LAC基于所述更新后的接口信息列表选择建立隧道的LNS和隧道接口。After receiving the online request sent by any LAC on the LAC, the updated interface information list is sent to the LAC, and the LAC is instructed to select the LNS and the tunnel based on the updated interface information list. Tunnel interface.
第三方面,提供了一种控制器,所述控制器具有实现上述第一方面中基于L2TP的设备管理方法的功能。该控制器包括至少一个模块,该至少一个模块用于实现上述第一方面所提供的基于L2TP的设备管理方法。In a third aspect, there is provided a controller having a function of implementing the L2TP-based device management method in the above first aspect. The controller includes at least one module for implementing the L2TP-based device management method provided by the above first aspect.
第四方面,提供了一种认证授权及计费AAA服务器,所述AAA服务器具有实现上述第二方面中基于L2TP的设备管理方法的功能。该AAA服务器包括至少一个模块,该至少一个模块用于实现上述第二方面所提供的基于L2TP的设备管理方法。In a fourth aspect, an authentication authorization and accounting AAA server is provided, and the AAA server has a function of implementing the L2TP-based device management method in the second aspect. The AAA server includes at least one module for implementing the L2TP-based device management method provided by the second aspect above.
第五方面,提供了一种控制器,所述控制器的结构中包括处理器和存储器。所述 存储器用于存储支持控制器执行上述基于L2TP的设备管理方法的程序,以及存储用于实现该基于L2TP的设备管理方法所涉及的数据,该数据可以为LNS的设备信息、隧道接口的标识等。所述处理器被配置为用于执行所述存储器中存储的程序。所述控制器还可以包括通信总线,该通信总线用于该处理器与存储器之间建立连接。In a fifth aspect, a controller is provided, the controller comprising a processor and a memory. Said The memory is configured to store a program supporting the controller to execute the L2TP-based device management method, and to store data related to implementing the L2TP-based device management method, where the data may be device information of the LNS, an identifier of the tunnel interface, or the like. The processor is configured to execute a program stored in the memory. The controller can also include a communication bus for establishing a connection between the processor and the memory.
第六方面,提供了一种认证授权及计费AAA服务器,所述AAA服务器的结构中包括处理器和存储器。所述存储器用于存储支持控制器执行上述基于L2TP的设备管理方法的程序,以及存储用于实现该基于L2TP的设备管理方法所涉及的数据,该数据可以为隧道接口的标识、接口信息列表等。所述处理器被配置为用于执行所述存储器中存储的程序。所述AAA服务器还可以包括通信总线,该通信总线用于该处理器与存储器之间建立连接。In a sixth aspect, an authentication and accounting and accounting AAA server is provided, and the AAA server includes a processor and a memory. The memory is configured to store a program that supports the controller to execute the L2TP-based device management method, and store data related to implementing the L2TP-based device management method, where the data may be a tunnel interface identifier, an interface information list, or the like. . The processor is configured to execute a program stored in the memory. The AAA server can also include a communication bus for establishing a connection between the processor and the memory.
第七方面,本发明实施例提供了一种计算机存储介质,用于储存上述控制器所用的计算机软件指令,或存储用于执行上述第一方面和第三方面的控制器所涉及的程序。In a seventh aspect, an embodiment of the present invention provides a computer storage medium for storing computer software instructions used by the controller, or storing a program involved in executing the controllers of the first aspect and the third aspect.
第八方面,本发明实施例提供了一种计算机存储介质,用于储存上述AAA服务器所用的计算机软件指令,或存储用于执行上述第二方面和第四方面的AAA服务器所涉及的程序。In an eighth aspect, an embodiment of the present invention provides a computer storage medium for storing computer software instructions used by the AAA server, or storing a program related to the AAA server for performing the second and fourth aspects.
第九方面,本发明实施例提供了一种基于L2TP的设备管理***,所述设备管理***包括控制器、L2TP访问集中器LAC侧和L2TP网络服务器LNS侧,所述LAC侧包括认证授权及计费AAA服务器和多个LAC,所述LNS侧包括多个LNS,所述控制器与所述AAA服务器以及所述LNS侧的多个LNS分别连接,所述***用于实现上述第一方面所提供的基于L2TP的设备管理方法。A ninth aspect, the embodiment of the present invention provides an L2TP-based device management system, where the device management system includes a controller, an L2TP access concentrator LAC side, and an L2TP network server LNS side, where the LAC side includes an authentication authorization and a meter. The AAA server and the plurality of LACs, the LNS side includes a plurality of LNSs, and the controller is separately connected to the AAA server and the plurality of LNSs on the LNS side, and the system is configured to implement the foregoing first aspect L2TP-based device management method.
上述本发明实施例第二到第九方面所获得的技术效果与第一方面中对应的技术手段获得的技术效果近似,在这里不再赘述。The technical effects obtained by the second to ninth aspects of the embodiments of the present invention are similar to those obtained by the corresponding technical means in the first aspect, and are not described herein again.
本发明实施例提供的技术方案带来的有益效果是:The beneficial effects brought by the technical solutions provided by the embodiments of the present invention are:
本发明实施例中,在LAC侧和LNS侧之间引入了控制器,该控制器可以根据LNS侧多个LNS中的每个LNS的设备信息确定该多个LNS中的不可用LNS,并向LAC侧的AAA服务器发送第一通知消息,通知该AAA服务器将不可用LNS的隧道接口的标识从存储的接口信息列表中删除,得到更新后的接口信息列表。由于更新后的接口信息列表已删除了不可用LNS的隧道接口的标识,因此更新后的接口信息列表中包括的所有隧道接口的标识对应的LNS均可用,且可用LNS的每个隧道接口也均可用,因此,当LAC基于更新后的接口信息列表选择LNS和隧道接口时,所选择的任一LNS和任一隧道接口也均可用,从而解决了所选择的LNS或者隧道接口可能不满足工作条件,导致的无法建立隧道或建立的隧道质量较差的问题,提高了隧道建立的成功率和稳定性。In the embodiment of the present invention, a controller is introduced between the LAC side and the LNS side, and the controller may determine, according to the device information of each LNS in the multiple LNSs on the LNS side, the unavailable LNS in the multiple LNSs, and The AAA server on the LAC sends a first notification message to notify the AAA server to delete the identifier of the tunnel interface of the unavailable LNS from the stored interface information list, and obtain the updated interface information list. The LNS corresponding to the identifier of all the tunnel interfaces included in the updated interface information list is available, and each tunnel interface of the available LNS is also available, because the updated interface information list has deleted the identifier of the tunnel interface of the LNS. Available, therefore, when the LAC selects the LNS and the tunnel interface based on the updated interface information list, any LNS and any tunnel interface selected are also available, thereby solving the problem that the selected LNS or tunnel interface may not meet the working conditions. The problem that the tunnel cannot be established or the quality of the established tunnel is poor, and the success rate and stability of the tunnel establishment are improved.
附图说明 DRAWINGS
为了更清楚地说明本发明实施例中的技术方案,下面将对实施例描述中所需要使用的附图作简单地介绍,显而易见地,下面描述中的附图仅仅是本发明的一些实施例,对于本领域普通技术人员来讲,在不付出创造性劳动的前提下,还可以根据这些附图获得其他的附图。In order to more clearly illustrate the technical solutions in the embodiments of the present invention, the drawings used in the description of the embodiments will be briefly described below. It is obvious that the drawings in the following description are only some embodiments of the present invention. Other drawings may also be obtained from those of ordinary skill in the art in light of the inventive work.
图1A是本发明实施例提供的一种L2TP协议的网络架构图;1A is a network architecture diagram of an L2TP protocol according to an embodiment of the present invention;
图1B是本发明实施例提供的另一种L2TP协议的网络架构图;1B is a network architecture diagram of another L2TP protocol according to an embodiment of the present invention;
图1C是本发明实施例提供的又一种L2TP协议的网络架构图;1C is a network architecture diagram of another L2TP protocol according to an embodiment of the present invention;
图1D是本发明实施例提供的又一种L2TP协议的网络架构图;1D is a network architecture diagram of another L2TP protocol according to an embodiment of the present invention;
图1E是本发明实施例提供的一种控制器的硬件结构示意图;1E is a schematic structural diagram of a hardware of a controller according to an embodiment of the present invention;
图1F是本发明实施例提供的一种AAA服务器的硬件结构示意图;1F is a schematic structural diagram of hardware of an AAA server according to an embodiment of the present invention;
图2是本发明实施例提供的一种基于L2TP的设备管理方法流程图;2 is a flowchart of a device management method based on L2TP according to an embodiment of the present invention;
图3是本发明实施例提供的一种控制器的结构示意图;3 is a schematic structural diagram of a controller according to an embodiment of the present invention;
图4是本发明实施例提供的一种AAA服务器的结构示意图。FIG. 4 is a schematic structural diagram of an AAA server according to an embodiment of the present invention.
具体实施方式detailed description
为使本发明的目的、技术方案和优点更加清楚,下面将结合附图对本发明实施方式作进一步地详细描述。The embodiments of the present invention will be further described in detail below with reference to the accompanying drawings.
在对本发明实施例进行详细的解释说明之前,先对本发明实施例的应用场景予以介绍。本发明实施例提供的一种基于L2TP的设备管理方法应用于L2TP协议的网络中。Before the detailed description of the embodiments of the present invention, the application scenarios of the embodiments of the present invention are introduced. An L2TP-based device management method provided by an embodiment of the present invention is applied to a network of an L2TP protocol.
图1B为本发明实施例提供的另一种L2TP协议的网络架构图,参见图1B,该L2TP协议的网络架构包括LAC侧10、LNS侧20和控制器30。其中,LAC侧10包括多个LAC11和AAA服务器12,LNS侧20包括多个LNS21,控制器30与该AAA服务器12以及LNS侧20的多个LNS21分别连接。FIG. 1B is a network architecture diagram of another L2TP protocol according to an embodiment of the present invention. Referring to FIG. 1B, the network architecture of the L2TP protocol includes an LAC side 10, an LNS side 20, and a controller 30. The LAC side 10 includes a plurality of LACs 11 and AAA servers 12, and the LNS side 20 includes a plurality of LNSs 21, and the controller 30 is connected to the AAA server 12 and the plurality of LNSs 21 of the LNS side 20, respectively.
另外,LNS侧20也可以包括一个AAA服务器(图1B中未示出),该LNS侧20的AAA服务器与多个LNS21分别连接,用于为各个LNS21提供验证、授权以及计费服务。In addition, the LNS side 20 may also include an AAA server (not shown in FIG. 1B). The AAA server of the LNS side 20 is separately connected to the plurality of LNSs 21 for providing authentication, authorization, and accounting services for the respective LNSs 21.
其中,LAC可以为电信运营商的设备,例如可以为电信运营商的NAS(Network Access Server,网络接入服务器,而LNS可以为电信运营商的设备,也可以为企业客户的设备,例如可以为电信运营商的路由器或服务器等,本发明实施例对此不做限定。实际应用中,用户设备可以通过电信运营商的接入网络接入LAC11,再通过L2TP隧道连接到远端的LNS21。而且在L2TP网络中,用户设备可以通过拨号向LAC11发送拨号请求,当LAC11接收到该拨号请求时,即可向LAC侧的AAA服务器发送上线请求。其中,该拨号请求可以携带用户输入的用户账号和密码等。The LAC may be a device of the telecommunication carrier, for example, a network access server (NAS) of the telecommunication carrier, and the LNS may be a device of the telecommunication carrier or a device of the enterprise client, for example, The router or the server of the telecommunications carrier is not limited in this embodiment of the present invention. In an actual application, the user equipment can access the LAC11 through the access network of the service provider, and then connect to the remote LNS 21 through the L2TP tunnel. On the L2TP network, the user equipment can send a dialing request to the LAC11 by dialing. When the LAC11 receives the dialing request, it can send an online request to the AAA server on the LAC side. The dialing request can carry the user account entered by the user. Password, etc.
参考图1B可知,本发明实施例基于图1A所示的现有L2TP协议的网络架构,在LAC侧10和LNS侧20之间引入了一个控制器30。该控制器30用于监控LNS侧20中多个LNS21的设备状态,根据各个LNS21的设备状态,向AAA服务器12发送通知消息,指示各个LNS21是否可用,以及是否可以将各个LNS21的隧道接口的标识下发给该LAC侧10的LAC11。Referring to FIG. 1B, the embodiment of the present invention introduces a controller 30 between the LAC side 10 and the LNS side 20 based on the network architecture of the existing L2TP protocol shown in FIG. 1A. The controller 30 is configured to monitor the device status of the plurality of LNSs 21 on the LNS side 20, and send a notification message to the AAA server 12 according to the device status of each LNS 21, indicating whether each LNS 21 is available, and whether the identifier of the tunnel interface of each LNS 21 can be It is sent to the LAC11 of the LAC side 10.
具体地,该控制器30用于接收来自LNS侧的多个LNS21中的每个LNS21的设备信息,该设备信息包括对应LNS21的设备标识和设备状态信息;根据该多个LNS21中的每个LNS21 的设备信息确定该多个LNS21中的不可用LNS21;向LAC侧的AAA服务器12发送第一通知消息,该第一通知消息携带该不可用LNS的隧道接口的标识。Specifically, the controller 30 is configured to receive device information from each of the plurality of LNSs 21 on the LNS side, where the device information includes device identifiers and device state information corresponding to the LNS 21; and each LNS21 according to the plurality of LNSs 21 The device information determines the unavailable LNS 21 of the plurality of LNSs 21; and sends a first notification message to the AAA server 12 on the LAC side, where the first notification message carries the identifier of the tunnel interface of the unavailable LNS.
该AAA服务器12用于接收该控制器30发送的该第一通知消息,根据该第一通知消息将不可用LNS21的隧道接口的标识从存储的接口信息列表中删除;当接收到该LAC10侧中任一LAC11发送的上线请求时,将更新后的该接口信息列表发送给该LAC11。The AAA server 12 is configured to receive the first notification message sent by the controller 30, and delete the identifier of the tunnel interface of the unavailable LNS 21 from the stored interface information list according to the first notification message; when receiving the LAC10 side When any online request sent by the LAC11 is sent, the updated interface information list is sent to the LAC11.
该LAC11用于接收该AAA服务器12发送的更新后的该接口信息列表,基于更新后的该接口信息列表选择建立L2TP隧道的LNS21和隧道接口,向选择的LNS21发送隧道建立请求,该隧道建立请求携带选择的隧道接口的标识。The LAC 11 is configured to receive the updated interface information list sent by the AAA server 12, select an LNS21 and a tunnel interface for establishing an L2TP tunnel based on the updated interface information list, and send a tunnel establishment request to the selected LNS 21, the tunnel establishment request. The identifier carrying the selected tunnel interface.
该选择的LNS21用于当接收到该LAC11发送的该隧道建立请求时,向该LAC11发送建立响应,以通过该选择的隧道接口建立到该LAC11之间的L2TP隧道。The selected LNS 21 is configured to send a setup response to the LAC 11 when the tunnel establishment request sent by the LAC 11 is received, to establish an L2TP tunnel to the LAC 11 through the selected tunnel interface.
其中,控制器30和各个LNS21之间可以通过有线网络或者无线网络连接。进一步地,控制器30与各个LNS21之间可以建立指定网络管理协议连接,以便控制器30通过该指定网络管理协议获取各个LNS21的设备信息。该指定网络管理协议可以为NETCONF(Network Configuration Protocol,网络配置协议)或者SNMP(Simple Network Management Protocol,简单网络管理协议)等。接下来将对NETCONF和SNMP作进一步地详细描述:The controller 30 and each LNS 21 can be connected through a wired network or a wireless network. Further, a specified network management protocol connection may be established between the controller 30 and each LNS 21, so that the controller 30 acquires device information of each LNS 21 through the specified network management protocol. The specified network management protocol may be a NETCONF (Network Configuration Protocol) or an SNMP (Simple Network Management Protocol). Next, NETCONF and SNMP will be further described in detail:
1)控制器30与各个LNS21之间建立NETCONF连接,通过NETCONF获取各个LNS21的设备信息。1) The controller 30 establishes a NETCONF connection with each LNS 21, and acquires device information of each LNS 21 through NETCONF.
NETCONF是一种基于XML(Extensible Markup Language,可扩展标记语言)的网络配置和管理协议,可以对网络设备的配置信息和状态信息进行管理。其具体采用XML作为配置数据和协议消息的编码方式,使用C/S(客户机/服务器)模式获取设备的管理信息。NETCONF is a network configuration and management protocol based on XML (Extensible Markup Language), which can manage the configuration information and status information of network devices. It specifically uses XML as the encoding method of configuration data and protocol messages, and uses C/S (client/server) mode to obtain management information of the device.
本发明实施例中,控制器30可以通过schema或者yang接口建立NETCONF连接,其中schema和yang均属于XML中的数据建模语言。而且,可以在控制器30中配置NETCONF管理端,在每个LNS21中配置NETCONF代理端,控制器30通过配置的NETCONF管理端,以远程过程调用方式获取NETCONF代理端的设备信息。其中,NETCONF管理端可以通过get命令或者get-config命令来获取各个NETCONF代理端的设备信息。In the embodiment of the present invention, the controller 30 can establish a NETCONF connection through a schema or a yang interface, where both schema and yang belong to a data modeling language in XML. Moreover, the NETCONF management terminal can be configured in the controller 30, and the NETCONF agent is configured in each LNS 21. The controller 30 obtains the device information of the NETCONF agent in a remote procedure call manner through the configured NETCONF management terminal. The NETCONF management terminal can obtain the device information of each NETCONF proxy by using the get command or the get-config command.
2)控制器30与各个LNS21之间建立SNMP连接,通过SNMP获取各个LNS21的设备信息。2) The controller 30 establishes an SNMP connection with each LNS 21, and acquires device information of each LNS 21 through SNMP.
SNMP是广泛应用于TCP/IP(Transmission Control Protocol/Internet Protocol,传输控制协议/互联网协议)网络的网络管理标准协议,能够支持网络管理***,用以监测连接到网络上的设备是否有任何引起管理上关注的情况。建立SNMP连接时,可以在管理端控制器30中配置SNMP管理器(Manager),在每个被管理端LNS21中配置SNMP代理器(Agent)。所述管理器用于运行管理程序,所述代理器用于运行代理程序。SNMP is a network management standard protocol widely used in TCP/IP (Transmission Control Protocol/Internet Protocol) networks. It can support network management systems to monitor whether devices connected to the network cause any management. The situation of concern. When an SNMP connection is established, an SNMP manager (Manager) can be configured in the management terminal controller 30, and an SNMP agent (Agent) is configured in each managed terminal LNS21. The manager is used to run a hypervisor, and the agent is used to run an agent.
在一个实施例中,控制器30可以通过配置的Manager,从各个LNS配置的Agent中主动获取对应LNS的设备信息。例如,控制器30可以通过配置的Manager,周期性地从各个LNS配置的Agent中查询对应LNS的设备信息。在另一实施例中,每个LNS也可以通过配置的Agent及时向Manager上报当前的设备信息。例如,LNS可以在设备发生故障时,通过配置的Agent向Manager上报故障信息。 In one embodiment, the controller 30 can actively obtain the device information of the corresponding LNS from the agents configured in the respective LNSs through the configured Manager. For example, the controller 30 can periodically query the device information of the corresponding LNS from the agents configured in the respective LNSs through the configured Manager. In another embodiment, each LNS can report the current device information to the Manager in time through the configured Agent. For example, the LNS can report fault information to the Manager through the configured agent when the device is faulty.
需要说明的是,本发明实施例中,在使用NETCONF的实现方式中控制器30承担了部分NETCONF管理端的功能,在使用SNMP的实现方式中控制器30承担了部分SNMP管理端的功能,也即是,控制器30承担了网络管理***的部分功能,能够对LNS侧20中的多个LNS21的设备信息进行管理和维护。It should be noted that, in the embodiment of the present invention, the controller 30 assumes the function of the NETCONF management terminal in the implementation manner of using NETCONF. In the implementation manner using SNMP, the controller 30 assumes the function of part of the SNMP management terminal, that is, The controller 30 assumes part of the functions of the network management system, and can manage and maintain the device information of the plurality of LNSs 21 in the LNS side 20.
另外,该控制器30和该AAA服务器12之间也可以通过有线网络或者无线网络进行连接。本发明实施例中,控制器30可以与AAA服务器12之间建立Radius(Remote Authentication Dial In User Service,拨号用户远程认证服务)连接,以通过该Radius连接向AAA服务器12发送通知消息,通知各个LNS21的隧道接口是否可用。In addition, the controller 30 and the AAA server 12 can also be connected through a wired network or a wireless network. In the embodiment of the present invention, the controller 30 can establish a Radius (Remote Authentication Dial In User Service) connection with the AAA server 12 to send a notification message to the AAA server 12 through the Radius connection to notify each LNS 21. Whether the tunnel interface is available.
进一步地,上述L2TP协议的网络架构中还可以包括LTS(L2TP Tunnel Switch,L2TP隧道交换器),LTS可以作为隧道中间交换节点,同时具有LAC和LNS的功能。也即是,LTS即可作为LAC的LNS,接收LAC发送的隧道建立请求,建立L2TP隧道,也可以作为LNS的LAC,向LNS发送隧道建立请求,请求建立L2TP隧道。Further, the network architecture of the L2TP protocol may further include an LTS (L2TP Tunnel Switch), and the LTS can serve as a tunnel intermediate switching node, and has the functions of the LAC and the LNS. That is, the LTS can be used as the LNS of the LAC to receive the tunnel establishment request sent by the LAC, establish an L2TP tunnel, or act as an LNS LAC to send a tunnel establishment request to the LNS to request to establish an L2TP tunnel.
图1C为本发明实施例提供的又一种L2TP协议的网络架构图,参见图1C,该L2TP协议的网络架构包括LAC侧10、LTS侧40、LNS侧20和控制器30。FIG. 1C is a network architecture diagram of another L2TP protocol according to an embodiment of the present invention. Referring to FIG. 1C, the network architecture of the L2TP protocol includes an LAC side 10, an LTS side 40, an LNS side 20, and a controller 30.
其中,LAC侧10包括多个LAC11和AAA服务器12,且AAA服务器12与该多个LAC11分别连接,用于为各个LAC11提供验证、授权以及计费服务。LTS侧40包括多个LTS41和AAA服务器42,且AAA服务器41与该多个LTS41分别连接,用于为各个LTS41提供验证、授权以及计费服务;LNS侧20包括多个LNS21。The LAC side 10 includes multiple LACs 11 and AAA servers 12, and the AAA server 12 is connected to the multiple LACs 11 to provide authentication, authorization, and accounting services for each LAC11. The LTS side 40 includes a plurality of LTSs 41 and AAA servers 42, and the AAA server 41 is separately connected to the plurality of LTSs 41 for providing authentication, authorization, and billing services for the respective LTSs 41; the LNS side 20 includes a plurality of LNSs 21.
控制器30与LAC侧10的AAA服务器12连接,并与LTS侧40的多个LTS41连接,可以根据该多个LTS41中每个LTS41的设备信息,确定该多个LTS41中的不可用LTS41,并不可用LTS41的隧道接口的标识发送至LAC侧10的AAA服务器12,以便AAA服务器12根据不可用LTS41的隧道接口的标识更新存储的LTS接口信息列表。而且,控制器30还与LTS侧40的AAA服务器42连接,并与LNS侧20的多个LNS21分别连接,可以基于多个LNS21中每个LNS21的设备信息,确定该多个LNS21中的不可用LNS21,并将不可用LNS21的隧道接口的标识发送至LTS侧40的AAA服务器42,以便AAA服务器42根据不可用LNS21的隧道接口的标识更新存储的LNS接口信息列表。The controller 30 is connected to the AAA server 12 of the LAC side 10, and is connected to the plurality of LTSs 41 of the LTS side 40. The LTS 41 of the plurality of LTSs 41 can be determined according to the device information of each LTS 41 of the plurality of LTSs 41, and The identity of the tunnel interface of the unavailable LTS 41 is sent to the AAA server 12 of the LAC side 10 so that the AAA server 12 updates the stored list of LTS interface information according to the identity of the tunnel interface of the unavailable LTS 41. Moreover, the controller 30 is also connected to the AAA server 42 of the LTS side 40 and connected to the plurality of LNSs 21 of the LNS side 20, and can determine that the plurality of LNSs 21 are unavailable based on the device information of each of the plurality of LNSs 21 The LNS 21 transmits the identity of the tunnel interface of the unavailable LNS 21 to the AAA server 42 of the LTS side 40 so that the AAA server 42 updates the stored LNS interface information list according to the identity of the tunnel interface of the unavailable LNS 21.
在另一个实施例中,图1C中的控制器30还可以被拆分为图1D所示的控制器31和控制器32。图1D为本发明实施例提供的又一种L2TP协议的网络架构图,参见图1D,控制器31与LAC侧的AAA服务器12连接,并与LTS侧40的多个LTS41连接,用于基于LTS侧40中多个LTS41的设备信息,通知LAC侧10的AAA服务器12更新存储的LTS接口信息列表。控制器32与LTS侧40的AAA服务器42连接,并与LNS侧20的多个LNS21分别连接,用于基于LNS侧20中多个LNS21的设备信息,通知LTS侧40的AAA服务器42更新存储的LNS接口信息列表。In another embodiment, the controller 30 of FIG. 1C can also be split into the controller 31 and the controller 32 shown in FIG. 1D. FIG. 1D is a network architecture diagram of another L2TP protocol according to an embodiment of the present invention. Referring to FIG. 1D, the controller 31 is connected to the AAA server 12 on the LAC side, and is connected to multiple LTSs 41 on the LTS side 40 for LTS-based. The device information of the plurality of LTSs 41 in the side 40 notifies the AAA server 12 of the LAC side 10 to update the stored LTS interface information list. The controller 32 is connected to the AAA server 42 of the LTS side 40, and is connected to the plurality of LNSs 21 of the LNS side 20, respectively, for notifying the AAA server 42 of the LTS side 40 to update the storage based on the device information of the plurality of LNSs 21 in the LNS side 20. LNS interface information list.
图1E是本发明实施例提供的一种控制器的硬件结构示意图,参见图1E,该控制器可以包括通信总线131、存储器132、发射机133、接收机134和处理器135,且存储器132、发射机133、接收机134和处理器135可以通过通信总线131通信。FIG. 1E is a schematic diagram showing the hardware structure of a controller according to an embodiment of the present invention. Referring to FIG. 1E, the controller may include a communication bus 131, a memory 132, a transmitter 133, a receiver 134, and a processor 135, and the memory 132, Transmitter 133, receiver 134 and processor 135 can communicate over communication bus 131.
其中,发射机133和接收机134用于与其他网络设备通信,如该控制器30可以通过接收机134与LNS侧的多个LNS进行通信,获取每个LNS的设备信息;或者通过发 射机133与LAC侧的AAA服务器进行通信,向该AAA服务器发送通知消息。The transmitter 133 and the receiver 134 are configured to communicate with other network devices. For example, the controller 30 can communicate with multiple LNSs on the LNS side through the receiver 134 to obtain device information of each LNS. The shooter 133 communicates with the AAA server on the LAC side, and transmits a notification message to the AAA server.
其中,存储器132,用于存储程序;处理器135,用于调用存储器132中存储的程序,实现上述基于L2TP的设备管理方法。The memory 132 is configured to store a program, and the processor 135 is configured to invoke a program stored in the memory 132 to implement the L2TP-based device management method.
需要说明的是,上述处理器135可能是一种集成电路芯片,具有信号的处理能力。在实现过程中,上述步骤可以通过处理器中的硬件的集成逻辑电路或者软件形式的指令完成。这些指令可以通过其中的处理器以配合实现及控制。上述处理器还可以是通用处理器、数字信号处理器(digital signal processor,DSP)、专用集成电路(application-specific integrated circuit,ASIC)、现成可编程门阵列(field programmable gate array,FPGA)或者其他可编程逻辑器件、分立门或者晶体管逻辑器件、分立硬件组件。It should be noted that the foregoing processor 135 may be an integrated circuit chip with signal processing capability. In the implementation process, the above steps may be completed by an integrated logic circuit of hardware in the processor or an instruction in the form of software. These instructions can be implemented and controlled by the processor in them. The processor may also be a general purpose processor, a digital signal processor (DSP), an application-specific integrated circuit (ASIC), a field programmable gate array (FPGA) or the like. Programmable logic devices, discrete gates or transistor logic devices, discrete hardware components.
上述通用处理器可以是微处理器,或者也可以是任何常规的处理器,解码器等。结合本发明实施例所公开的方法的步骤可以直接体现为硬件处理器执行完成,或者用处理器中的硬件及软件模块组合执行完成。软件模块可以位于随机存储器,闪存、只读存储器,可编程只读存储器或者电可擦写可编程存储器、寄存器等本领域成熟的存储介质中。The above general purpose processor may be a microprocessor or may be any conventional processor, decoder or the like. The steps of the method disclosed in the embodiments of the present invention may be directly implemented as a hardware processor, or may be performed by a combination of hardware and software modules in the processor. The software module can be located in a conventional storage medium such as random access memory, flash memory, read only memory, programmable read only memory or electrically erasable programmable memory, registers, and the like.
另外,发射机133和接收机134可以为单独的两个硬件,也可以作为一个整体集成在该控制器中,如该发射机133和接收机134可以集成为一个收发机。In addition, the transmitter 133 and the receiver 134 may be separate hardware or integrated into the controller as a whole, as the transmitter 133 and the receiver 134 may be integrated into one transceiver.
另外,该控制器还可以包括通信接口,用于支持该控制器与其他网络设备的通信。通信总线131除包括数据总线之外,还包括电源总线、控制总线和状态信号总线。但是为了清楚说明,在图1E中将各种总线都标为通信总线131。Additionally, the controller can also include a communication interface for supporting communication of the controller with other network devices. The communication bus 131 includes a power bus, a control bus, and a status signal bus in addition to the data bus. However, for clarity of description, various buses are labeled as communication bus 131 in FIG. 1E.
另外,该控制器还可以配置网络管理协议的管理端,如NETCONF管理端或者SNMP管理端,以通过对应的网络管理协议接收来自LNS侧的多个LNS的设备信息。In addition, the controller may also configure a management end of the network management protocol, such as a NETCONF management terminal or an SNMP management terminal, to receive device information of multiple LNSs from the LNS side through a corresponding network management protocol.
图1F是本发明实施例提供的一种AAA服务器的硬件结构示意图,参见图1F,该控制器可以包括通信总线231、存储器232、发射机233、接收机234和处理器235,且存储器232、发射机233、接收机234和处理器235可以通过通信总线231通信。FIG. 1F is a schematic diagram showing the hardware structure of an AAA server according to an embodiment of the present invention. Referring to FIG. 1F, the controller may include a communication bus 231, a memory 232, a transmitter 233, a receiver 234, and a processor 235, and the memory 232, Transmitter 233, receiver 234, and processor 235 can communicate over communication bus 231.
其中,发射机233和接收机234用于与其他网络设备通信,如该AAA服务器可以通过接收机234与控制器进行通信,获取控制器发送的通知消息;或者通过发射机233与LAC侧的LAC进行通信,向该LAC发送接口信息列表。The transmitter 233 and the receiver 234 are configured to communicate with other network devices, for example, the AAA server can communicate with the controller through the receiver 234 to obtain a notification message sent by the controller; or through the transmitter 233 and the LAC on the LAC side. Communicate and send a list of interface information to the LAC.
其中,存储器132,用于存储程序;处理器135,用于调用存储器132中存储的程序,实现上述基于L2TP的设备管理方法。The memory 132 is configured to store a program, and the processor 135 is configured to invoke a program stored in the memory 132 to implement the L2TP-based device management method.
需要说明的是,上述处理器235可能是一种集成电路芯片,具有信号的处理能力。在实现过程中,上述步骤可以通过处理器中的硬件的集成逻辑电路或者软件形式的指令完成。这些指令可以通过其中的处理器以配合实现及控制。上述处理器还可以是通用处理器、数字信号处理器(digital signal processor,DSP)、专用集成电路(application-specific integrated circuit,ASIC)、现成可编程门阵列(field programmable gate array,FPGA)或者其他可编程逻辑器件、分立门或者晶体管逻辑器件、分立硬件组件。It should be noted that the foregoing processor 235 may be an integrated circuit chip with signal processing capability. In the implementation process, the above steps may be completed by an integrated logic circuit of hardware in the processor or an instruction in the form of software. These instructions can be implemented and controlled by the processor in them. The processor may also be a general purpose processor, a digital signal processor (DSP), an application-specific integrated circuit (ASIC), a field programmable gate array (FPGA) or the like. Programmable logic devices, discrete gates or transistor logic devices, discrete hardware components.
上述通用处理器可以是微处理器,或者也可以是任何常规的处理器,解码器等。 结合本发明实施例所公开的方法的步骤可以直接体现为硬件处理器执行完成,或者用处理器中的硬件及软件模块组合执行完成。软件模块可以位于随机存储器,闪存、只读存储器,可编程只读存储器或者电可擦写可编程存储器、寄存器等本领域成熟的存储介质中。The above general purpose processor may be a microprocessor or may be any conventional processor, decoder or the like. The steps of the method disclosed in the embodiments of the present invention may be directly implemented as a hardware processor, or may be performed by a combination of hardware and software modules in the processor. The software module can be located in a conventional storage medium such as random access memory, flash memory, read only memory, programmable read only memory or electrically erasable programmable memory, registers, and the like.
另外,发射机233和接收机234可以为单独的两个硬件,也可以作为一个整体集成在该控制面节点中,如该发射机233和接收机234可以集成为一个收发机。In addition, the transmitter 233 and the receiver 234 may be two separate hardwares, or may be integrated as a whole in the control plane node, for example, the transmitter 233 and the receiver 234 may be integrated into one transceiver.
另外,该控制器还可以包括通信接口,用于支持该控制器与其他网络设备的通信。通信总线231除包括数据总线之外,还包括电源总线、控制总线和状态信号总线。但是为了清楚说明,在图1F中将各种总线都标为通信总线231。Additionally, the controller can also include a communication interface for supporting communication of the controller with other network devices. The communication bus 231 includes a power bus, a control bus, and a status signal bus in addition to the data bus. However, for clarity of description, various buses are labeled as communication bus 231 in FIG. 1F.
图2是本发明实施例提供的一种基于L2TP的设备管理方法流程图,该方法应用于图1B所示的L2TP网络架构中,参见图2,该方法包括:2 is a flowchart of a method for managing a device based on L2TP according to an embodiment of the present invention. The method is applied to the L2TP network architecture shown in FIG. 1B. Referring to FIG. 2, the method includes:
步骤201:控制器接收来自LNS侧的多个LNS中的每个LNS的设备信息,该设备信息包括对应LNS的设备标识和设备状态信息。Step 201: The controller receives device information from each of the plurality of LNSs on the LNS side, where the device information includes device identifiers and device state information corresponding to the LNS.
实际应用中,控制器可以与LNS侧的多个LNS之间建立指定网络管理协议连接,通过指定网络管理协议接收来多个LNS的设备信息。该指定网络管理协议可以为NETCONF或者SNMP等。其中,具体协议连接的建立过程,可以参考上述应用场景的相关描述,本发明实施例在此不再赘述。In an actual application, the controller may establish a specified network management protocol connection with multiple LNSs on the LNS side, and receive device information of multiple LNSs by using a specified network management protocol. The specified network management protocol can be NETCONF or SNMP. For the process of establishing a specific protocol connection, reference may be made to the related description of the foregoing application scenario, and details are not described herein again.
具体地,接收来自LNS侧的多个LNS中的每个LNS的设备信息的实现方式包括以下方式中的至少一种:通过NETCONF接收来自LNS侧的多个LNS中的每个LNS的设备信息;或者,通过SNMP接收来自LNS侧的多个LNS中的每个LNS的设备信息。Specifically, the implementation manner of receiving device information from each of the plurality of LNSs on the LNS side includes at least one of: receiving, by the NETCONF, device information from each of the plurality of LNSs on the LNS side; Alternatively, device information from each of the plurality of LNSs on the LNS side is received through SNMP.
由于NETCONF和SNMP均为目前发展较为成熟的网络管理协议,能够实现对网络设备的设备信息进行监控和管理,因此,通过利用NETCONF或SNMP来接收LNS侧多个LNS的设备信息,提高了获取LNS设备信息的准确度和效率。NETCONF and SNMP are both well-developed network management protocols, which can monitor and manage device information of network devices. Therefore, by using NETCONF or SNMP to receive device information of multiple LNSs on the LNS side, the LNS is improved. Accuracy and efficiency of device information.
其中,每个LNS的设备信息可以包括对应LNS的设备标识和设备状态信息。LNS的设备标识可以为该LNS的出厂序列号、MAC(Media Access Control,媒体访问控制)地址、设备的IP(Internet Protocol,互联网协议)地址等,本发明实施例对此不做限定。The device information of each LNS may include device identifiers and device state information corresponding to the LNS. The device identifier of the LNS may be the factory serial number of the LNS, the MAC (Media Access Control) address, the IP address of the device, and the like. The embodiment of the present invention does not limit this.
LNS的设备状态信息可以包括故障信息、CPU(Central Processing Unit,中央处理器)利用率、内存占用量、承载L2TP隧道的出接口的总流量和总承载的用户量中的至少一种。其中,故障信息用于指示LNS处于故障状态。中央处理器CPU利用率、内存占用量、承载L2TP隧道的出接口的总流量和总承载的用户量等信息为LNS的负载信息,用于指示LNS的整机负载状态。当然LNS的设备状态信息也可以包括能够反映LNS的其他设备状态的信息,本发明实施例对此不做限定。The device status information of the LNS may include at least one of fault information, CPU (Central Processing Unit) utilization, memory usage, total traffic of the outbound interface carrying the L2TP tunnel, and the total amount of users of the total bearer. The fault information is used to indicate that the LNS is in a fault state. The CPU usage, the memory usage, the total traffic of the outbound interface carrying the L2TP tunnel, and the total number of users of the L2TP tunnel are the load information of the LNS, which is used to indicate the load status of the LNS. Of course, the device status information of the LNS may also include information that can reflect the status of other devices of the LNS, which is not limited by the embodiment of the present invention.
通过获取上述两种类型的设备状态信息,该控制器可以对LNS侧各个LNS的故障状态和整机负载状态实施监控,从而能够快速呈现设备的故障问题和整机负载能力,解决了现有网络架构中无法对LNS的设备状态进行监控的问题。By obtaining the above two types of device status information, the controller can monitor the fault status and the whole load status of each LNS on the LNS side, so that the fault problem of the device and the load capacity of the whole device can be quickly presented, and the existing network is solved. The problem of not being able to monitor the device status of the LNS in the architecture.
步骤202:控制器根据该多个LNS中的每个LNS的设备信息确定该多个LNS中的不可用LNS。Step 202: The controller determines, according to device information of each LNS in the multiple LNSs, an unavailable LNS in the multiple LNSs.
根据设备信息的不同,确定不可用LNS的方式也不同。具体可以包括以下两种实现方 式:Depending on the device information, the way to determine the LNS is not available is different. Specifically, the following two implementations can be included. formula:
第一种方式:当每个LNS的设备信息包括对应LNS的设备标识和设备状态信息时,根据多个LNS中的每个LNS的设备状态信息,确定该多个LNS中的不可用LNS。The first mode is: when the device information of each LNS includes the device identifier and the device state information of the LNS, the unavailable LNS in the multiple LNSs is determined according to the device state information of each LNS in the multiple LNSs.
根据多个LNS中的每个LNS的设备状态信息,确定多个LNS中的不可用LNS的方式包括以下方式中的至少一种:当目标LNS的设备状态信息中存在故障信息时,将该目标LNS确定为不可用LNS,该目标LNS为该多个LNS中的任一LNS;当目标LNS的CPU利用率大于第一预设阈值时,将该目标LNS确定为不可用LNS;当目标LNS的内存占用量大于第二预设阈值时,将该目标LNS确定为不可用LNS;当目标LNS的承载L2TP隧道的出接口的总流量大于第三预设阈值时,将该目标LNS确定为不可用LNS;当目标LNS的总承载的用户量大于第四预设阈值时,将该目标LNS确定为不可用LNS。The manner of determining the unavailable LNS in the plurality of LNSs according to the device state information of each of the plurality of LNSs includes at least one of the following manners: when the fault information exists in the device state information of the target LNS, the target is The LNS is determined to be an unavailable LNS, and the target LNS is any one of the plurality of LNSs; when the CPU utilization of the target LNS is greater than a first preset threshold, the target LNS is determined to be an unavailable LNS; when the target LNS is When the memory usage is greater than the second preset threshold, the target LNS is determined to be an unavailable LNS; and when the total traffic of the outbound interface of the L2TP tunnel of the target LNS is greater than a third preset threshold, the target LNS is determined to be unavailable. LNS; when the amount of users of the total bearer of the target LNS is greater than a fourth preset threshold, the target LNS is determined to be an unavailable LNS.
其中,LNS的故障信息用于指示LNS处于故障状态,即LNS发生了故障,无法进行正常工作,从而也就无法成功建立L2TP隧道,因此当目标LNS的设备状态信息中存在故障信息时,可以将该目标LNS确定为不可用LNS。The fault information of the LNS is used to indicate that the LNS is in the fault state, that is, the LNS is faulty, and the L2TP tunnel cannot be successfully established. Therefore, when there is fault information in the device status information of the target LNS, The target LNS is determined to be an unavailable LNS.
其中,承载L2TP隧道的出接口的总流量是指该目标LNS中所有承载L2TP隧道的出接口的流量的总和,用于指示该目标LNS当前处理L2TP隧道业务所占用的带宽,出接口是指该LNS中进行网络传输的物理接口。所述总承载的用户量是指该目标LNS包括的所有隧道接口对应的隧道所承载的用户量的总和。The total traffic of the outbound interface that carries the L2TP tunnel is the sum of the traffic of the outbound interface that carries the L2TP tunnel in the target LNS, and is used to indicate the bandwidth occupied by the L2TP tunnel service. The physical interface for network transmission in the LNS. The total number of users of the total bearer refers to the sum of the users carried by the tunnels corresponding to all the tunnel interfaces included in the target LNS.
上述第一预设阈值、第二预设阈值、第三预设阈值和第四预设阈值均可根据具体LNS的负载能力进行设置,而且上述预设阈值可以由控制器设置,可以由各个LNS设置,也可以由控制器和对应LNS协商设置,本发明实施例对此不做限定。The first preset threshold, the second preset threshold, the third preset threshold, and the fourth preset threshold may all be set according to the load capacity of the specific LNS, and the preset threshold may be set by the controller, and may be performed by each LNS. The setting may also be set by the controller and the corresponding LNS, which is not limited by the embodiment of the present invention.
上述CPU利用率、内存占用量、承载L2TP隧道的出接口的总流量和总承载的用户量等信息均为LNS的负载信息,用于指示LNS的整机负载状态。当目标LNS的上述任一种负载信息超出阈值时,即可确定该目标LNS处于整机超负荷状态,也即是,该目标LNS当前的负载已经超出了整机负载能力,正在超负荷运作,无法再接收新的隧道建立请求。因此,当目标LNS的上述任一种负载信息超出阈值时,可以将该目标LNS确定为不可用LNS。The information about the CPU usage, the memory usage, the total traffic of the outbound interface carrying the L2TP tunnel, and the total number of users of the L2TP tunnel are the load information of the LNS, which is used to indicate the load status of the LNS. When any of the above-mentioned load information of the target LNS exceeds the threshold, it can be determined that the target LNS is in the overload state of the whole machine, that is, the current load of the target LNS has exceeded the load capacity of the whole machine, and is overloaded. No new tunnel establishment requests can be received. Therefore, when any of the above-described load information of the target LNS exceeds the threshold, the target LNS may be determined to be an unavailable LNS.
需要说明的是,本发明实施例仅是以分别根据上述几种负载因素和对应的预设阈值,来确定目标LNS是否处于整机超负荷状态,进而确定该目标LNS是否可用为例进行说明,而实际应用中,还可以结合上述任几种负载因素对该LNS的负载状态进行综合分析,或者,根据其他可以指示整机负载能力的因素来确定该LNS是否处于整机超负荷状态,本发明实施例对此不做限定。It should be noted that the embodiment of the present invention only determines whether the target LNS is in an overload state according to the foregoing load factors and corresponding preset thresholds, and further determines whether the target LNS is available as an example. In an actual application, the load status of the LNS may be comprehensively analyzed in combination with any of the above load factors, or the LNS may be in an overload state according to other factors indicating the load capacity of the whole machine. The embodiment does not limit this.
第二种方式:当设备信息还包括对应LNS包括的至少一个隧道接口的标识和隧道接口状态信息时,根据该多个LNS中的每个LNS的设备信息中包括的至少一个隧道接口的标识和隧道接口状态信息,确定该多个LNS中存在不可用隧道接口的LNS,将该多个LNS中存在不可用隧道接口的LNS确定为该多个LNS中的不可用LNS。The second mode: when the device information further includes the identifier of the at least one tunnel interface and the tunnel interface state information of the LNS, the identifier of the at least one tunnel interface included in the device information of each LNS in the multiple LNSs The tunnel interface status information is determined, and the LNSs of the plurality of LNSs having the unavailable tunnel interfaces are determined, and the LNSs of the plurality of LNSs having the unavailable tunnel interfaces are determined as the unavailable LNSs of the plurality of LNSs.
LNS可以包括至少一个隧道接口,每个隧道接口是指该LNS创建的用于建立L2TP隧道的逻辑接口或物理接口,具体可以为lookback(环回接口)等。建立L2TP隧道时,隧道接口地址可以作为L2TP隧道的源地址或目的地址。The LNS may include at least one tunnel interface, and each tunnel interface refers to a logical interface or a physical interface created by the LNS for establishing an L2TP tunnel, and may be a lookback (loopback interface) or the like. When an L2TP tunnel is established, the tunnel interface address can be used as the source or destination address of the L2TP tunnel.
控制器还可以根据LNS中的某个隧道接口的隧道接口状态信息确定该隧道接口是否处 于超负荷状态,当确定该隧道接口处于超负荷状态时,则该隧道接口将无法再承载新的任务,也即是,该LNS的隧道接口不可用,该LNS也就无法再通过该隧道接口建立L2TP隧道,因此可以将存在不可用隧道接口的LNS确定为不可用LNS。The controller may further determine whether the tunnel interface is located according to the tunnel interface state information of a tunnel interface in the LNS. In the overload state, when it is determined that the tunnel interface is in an overload state, the tunnel interface can no longer carry a new task, that is, the tunnel interface of the LNS is unavailable, and the LNS can no longer pass the tunnel interface. An L2TP tunnel is established. Therefore, an LNS with an unavailable tunnel interface can be determined as an unavailable LNS.
具体地,隧道接口状态信息可以包括对应隧道所承载的用户量和隧道接口的流量中的至少一个,根据多个LNS中的每个LNS的设备信息中包括的至少一个隧道接口的标识和隧道接口状态信息,确定该多个LNS中存在不可用隧道接口的LNS的方式包括以下方式中的至少一种:Specifically, the tunnel interface state information may include at least one of a quantity of users carried by the corresponding tunnel and a traffic of the tunnel interface, and an identifier and a tunnel interface of the at least one tunnel interface included in the device information of each LNS in the multiple LNSs. The status information, the manner of determining that the LNS of the plurality of LNSs has an unavailable tunnel interface includes at least one of the following manners:
1)对于该多个LNS中的每个LNS,当该LNS包括的至少一个隧道接口中目标隧道接口对应的隧道所承载的用户量大于第五预设阈值时,将该目标隧道接口确定为该LNS中的不可用隧道接口,并将该LNS确定为存在不可用隧道接口的LNS,该目标隧道接口为该LNS包括的至少一个隧道接口中的任一接口。1) For each of the plurality of LNSs, when the number of users carried by the tunnel corresponding to the target tunnel interface in the at least one tunnel interface included in the LNS is greater than a fifth preset threshold, determining the target tunnel interface as the An unavailable tunnel interface in the LNS, and the LNS is determined to be an LNS having an unavailable tunnel interface, and the target tunnel interface is any one of at least one tunnel interface included in the LNS.
2)对于该多个LNS中的每个LNS,当该LNS包括的至少一个隧道接口中目标隧道接口的流量大于第六预设阈值时,将该目标隧道接口确定为该LNS中的不可用隧道接口,并将该LNS确定为存在不可用隧道接口的LNS。2) For each of the plurality of LNSs, when the traffic of the target tunnel interface in the at least one tunnel interface included in the LNS is greater than a sixth preset threshold, determining the target tunnel interface as an unavailable tunnel in the LNS The interface determines the LNS as an LNS with an unavailable tunnel interface.
其中,第五预设阈值可以根据LNS中每个隧道接口对应的隧道能够承担的具体用户量阈值进行设置,第六预设阈值可以根据LNS中的每个隧道接口的带宽阈值进行设置,而且该第五预设阈值和该第六预设阈值可以由控制器设置,可以由各个LNS设置,也可以由控制器和对应LNS协商设置,本发明实施例对此不做限定。The fifth preset threshold may be set according to a specific user threshold that can be assumed by the tunnel corresponding to each tunnel interface in the LNS, and the sixth preset threshold may be set according to a bandwidth threshold of each tunnel interface in the LNS, and the The fifth preset threshold and the sixth preset threshold may be set by the controller, may be set by the respective LNS, or may be set by the controller and the corresponding LNS, which is not limited by the embodiment of the present invention.
步骤203:控制器向LAC侧的AAA服务器发送第一通知消息,该第一通知消息携带不可用LNS的隧道接口的标识。Step 203: The controller sends a first notification message to the AAA server on the LAC side, where the first notification message carries the identifier of the tunnel interface of the unavailable LNS.
其中,该第一通知消息用于通知该LAC侧的AAA服务器将不可用LNS的隧道接口的标识从存储的接口信息列表中删除。The first notification message is used to notify the AAA server on the LAC side to delete the identifier of the tunnel interface of the unavailable LNS from the stored interface information list.
需要说明的是,在上述第一种方式中,当LNS处于故障状态或整机超负荷状态时,表示该LNS整机都无法处理新的隧道建立请求,因此,该LNS的所有隧道接口都不可用,需要将该LNS的所有隧道接口的标识删除。而在上述第二种方式中,当LNS中的某个隧道接口处于超负荷状态,但可能其他隧道接口未处于超负荷状态,因此该LNS可能仍可接收隧道建立请求,只是只能通过其他接口来建立L2TP隧道,也即是,只有超负荷的隧道接口不可用,其他隧道接口仍可用,只需将超负荷的隧道接口的标识删除即可。因此,该第一通知消息可以包括以下两种实现形式:It should be noted that, in the foregoing first mode, when the LNS is in a fault state or a full-load overload state, it indicates that the LNS cannot process a new tunnel establishment request. Therefore, all tunnel interfaces of the LNS are unavailable. The identifier of all tunnel interfaces of the LNS needs to be deleted. In the foregoing second mode, when a tunnel interface in the LNS is in an overload state, but other tunnel interfaces may not be in an overload state, the LNS may still receive the tunnel establishment request, but only through other interfaces. To establish an L2TP tunnel, that is, only the overloaded tunnel interface is unavailable, and other tunnel interfaces are still available. Simply delete the identifier of the overloaded tunnel interface. Therefore, the first notification message may include the following two implementation forms:
1)当通过上述第一种方式确定出不可用LNS时,该第一通知消息携带的不可用LNS的隧道接口的标识是指该不可用LNS的所有隧道接口的标识,该第一通知消息携带用于通知该LAC侧的AAA服务器将不可用LNS的所有隧道接口的标识从存储的接口信息列表中删除。1) When the LNS is determined to be unavailable in the foregoing manner, the identifier of the tunnel interface of the unavailable LNS carried in the first notification message is the identifier of all the tunnel interfaces of the unavailable LNS, and the first notification message is carried. The AAA server used to notify the LAC side deletes the identifiers of all tunnel interfaces of the unavailable LNS from the stored interface information list.
2)当通过上述第二种方式确定出不可用LNS时,该第一通知消息携带不可用LNS中不可用隧道接口的标识,用于通知该LAC侧的AAA服务器将不可用LNS中不可用隧道接口的标识从存储的接口信息列表中删除。2) When the LNS is determined to be unavailable in the foregoing manner, the first notification message carries the identifier of the unavailable tunnel interface in the unavailable LNS, and is used to notify the AAA server on the LAC that the unavailable tunnel in the LNS is unavailable. The ID of the interface is removed from the list of stored interface information.
其中,隧道接口的标识可以包括隧道接口的接口地址、隧道接口对应的隧道标识、隧道接口所属的LNS的设备标识等。比如,隧道接口的标识可以包括隧道接口的Tunnel-Server-Endpoint(隧道服务器端点)和Tunnel-Assignment-ID(隧道分配编 号)。其中,Tunnel-Server-Endpoint是指隧道接口的IP地址,Tunnel-Assignment-ID是指隧道接口对应隧道的编号。The identifier of the tunnel interface may include the interface address of the tunnel interface, the tunnel identifier corresponding to the tunnel interface, and the device identifier of the LNS to which the tunnel interface belongs. For example, the identifier of the tunnel interface may include Tunnel-Server-Endpoint (Tunnel Server Endpoint) and Tunnel-Assignment-ID (Tunnel Assignment) of the tunnel interface. number). The Tunnel-Server-Endpoint is the IP address of the tunnel interface. The Tunnel-Assignment-ID is the number of the tunnel corresponding to the tunnel interface.
实际应用中,控制器可以预先与LAC侧的AAA服务器建立Radius连接,以便通过该Radius连接发送该第一通知消息。具体地,可以通过Radius报文发送该第一通知消息。例如,可以对Radius协议中的Radius报文进行扩展,在扩展出的字段中发送该第一通知消息;或者对Radius报文中原有的指定字段进行扩展,在该指定字段中发送该第一通知消息。在一个具体实施例中,该控制器可以对Radius报文中的Status-Client—Experimental字段进行扩展,在该Status-Client—Experimental字段中携带该第一通知消息。In a practical application, the controller may establish a Radius connection with the AAA server on the LAC side in advance to send the first notification message through the Radius connection. Specifically, the first notification message may be sent through a Radius message. For example, the Radius packet in the Radius protocol may be extended, and the first notification message may be sent in the extended field; or the original specified field in the Radius packet may be extended, and the first notification is sent in the specified field. Message. In a specific embodiment, the controller may extend the Status-Client-Experimental field in the Radius packet, and carry the first notification message in the Status-Client-Experimental field.
步骤204:LAC侧的AAA服务器接收该控制器发送的第一通知消息,根据该第一通知消息,将不可用LNS的隧道接口的标识从存储的接口信息列表中删除。Step 204: The AAA server on the LAC side receives the first notification message sent by the controller, and deletes the identifier of the tunnel interface of the unavailable LNS from the stored interface information list according to the first notification message.
其中,该接口信息列表中包括各个LNS的所有隧道接口的标识,用于下发给具体的LAC,以使LAC基于该接口信息列表选择建立隧道的LNS和隧道接口。The interface information list includes the identifiers of all the tunnel interfaces of the LNSs, and is sent to the specific LAC, so that the LAC selects the LNS and the tunnel interface for establishing the tunnel based on the interface information list.
具体地,根据该第一通知消息,将不可用LNS的隧道接口的标识从存储的接口信息列表中删除,可以包括以下方式中的至少一种:Specifically, the identifier of the tunnel interface of the unavailable LNS is deleted from the stored interface information list according to the first notification message, and may include at least one of the following manners:
第一种方式:当该第一通知消息携带不可用LNS的所有隧道接口的标识时,将不可用LNS的所有隧道接口的标识从该接口信息列表中删除。The first mode is: when the first notification message carries the identifiers of all the tunnel interfaces of the unavailable LNS, the identifiers of all the tunnel interfaces of the unavailable LNS are deleted from the interface information list.
第二种方式:当该第一通知消息携带不可用LNS中不可用隧道接口的标识时,将不可用LNS中不可用隧道接口的标识从该接口信息列表中删除。The second mode is: when the first notification message carries the identifier of the tunnel interface that is not available in the LNS, the identifier of the unavailable tunnel interface in the LNS is deleted from the interface information list.
实际应用中,根据接口信息列表存储方式的不同,将不可用LNS的隧道接口的标识从存储的接口信息列表中删除的实现过程也不同,具体可以包括以下方式中的至少一种:In an actual application, the implementation process of deleting the identifier of the tunnel interface that does not use the LNS from the stored interface information list is different according to the storage mode of the interface information list, and may specifically include at least one of the following methods:
在第一种实现方式中,该AAA服务器可以预先存储一个接口信息列表,该接口信息列表中包括LNS侧各个LNS的所有隧道接口的标识。当接收该控制器发送的第一通知消息时,即可根据该第一通知消息,将不可用LNS的隧道接口的标识从该接口信息列表中删除,并将更新后的接口信息列表下发给具体的LAC。In the first implementation manner, the AAA server may pre-store an interface information list, where the interface information list includes identifiers of all tunnel interfaces of each LNS on the LNS side. When receiving the first notification message sent by the controller, the identifier of the tunnel interface of the unavailable LNS is deleted from the interface information list according to the first notification message, and the updated interface information list is sent to the interface information list. Specific LAC.
在第二种实现方式中,该AAA服务器还可以从接口状态列表中获取该接口信息列表,并通过对接口状态列表的操作,将不可用LNS的隧道接口的标识从该接口信息列表中删除。In the second implementation manner, the AAA server may also obtain the interface information list from the interface state list, and delete the identifier of the tunnel interface of the unavailable LNS from the interface information list by using the operation of the interface state list.
具体地,该AAA服务器还可以存储一个接口状态列表,该接口状态列表中包括各个LNS的隧道接口的标识和对应的状态标识。该状态标识可以包括第一状态标识和第二状态标识,第一状态标识用于指示对应的隧道接口可用,该隧道接口的标识可以下发给LAC;第二状态标识用于指示对应的隧道接口不可用,该隧道接口的标识不能下发给LAC。在向LAC下发接口信息列表之前,该AAA服务器可以先基于该接口状态列表中的状态标识,确定所有可用的隧道接口,并将所有可用的隧道接口的标识进行组合,得到该接口信息列表。Specifically, the AAA server may further store an interface status list, where the interface status list includes an identifier of the tunnel interface of each LNS and a corresponding status identifier. The status indicator may include a first status identifier and a second status identifier, where the first status identifier is used to indicate that the corresponding tunnel interface is available, the identifier of the tunnel interface may be sent to the LAC, and the second status identifier is used to indicate the corresponding tunnel interface. The identifier of the tunnel interface cannot be sent to the LAC. Before sending the interface information list to the LAC, the AAA server may first determine all available tunnel interfaces based on the status identifiers in the interface status list, and combine the identifiers of all available tunnel interfaces to obtain the interface information list.
而当LAC侧的AAA服务器接收到该控制器发送的第一通知消息时,可以获取该第一通知消息中携带的不可用LNS的隧道接口的标识,并在该状态列表中,将该不可用LNS的隧道接口的标识对应的状态标识由第一状态标识切换为第二状态标识,以将该 不可用LNS的隧道接口的标识从接口信息列表中删除。When the AAA server on the LAC side receives the first notification message sent by the controller, the identifier of the tunnel interface of the unavailable LNS carried in the first notification message may be obtained, and the unavailability is not available in the status list. The state identifier corresponding to the identifier of the tunnel interface of the LNS is switched from the first state identifier to the second state identifier to The identifier of the tunnel interface that is not available for the LNS is removed from the interface information list.
例如,若第一状态标识为0、第二状态标识为1,且当前该不可用LNS的所有隧道接口的状态标识均为0,则当接收到控制器发送的第一通知消息,且该通知消息携带该不可用LNS的所有隧道接口的标识时,即可将该不可用LNS的所有隧道接口的状态标识由0切换为1,以将该LNS的所有隧道接口的标识从要下发给LAC的接口信息列表中删除。For example, if the first status identifier is 0, the second status identifier is 1, and the status identifiers of all the tunnel interfaces of the currently unavailable LNS are all 0, the first notification message sent by the controller is received, and the notification is received. When the message carries the identifier of all the tunnel interfaces of the unavailable LNS, the state identifier of all the tunnel interfaces of the unavailable LNS can be switched from 0 to 1 to send the identifiers of all the tunnel interfaces of the LNS to the LAC. The interface information list is removed.
步骤205:当LAC接收到用户终端的拨号请求时,该LAC向LAC侧的AAA服务器发送上线请求。Step 205: When the LAC receives the dialing request of the user terminal, the LAC sends an online request to the AAA server on the LAC side.
其中,该LAC可以为LAC侧中的任一LAC,且LAC的上线请求由用户终端发送的拨号请求触发。The LAC can be any LAC in the LAC, and the LAC online request is triggered by the dialing request sent by the user terminal.
实际应用中,用户终端可以在基于当前输入的用户账号和密码检测到拨号操作时,向LAC侧的LAC发送拨号请求,且该拨号请求可以携带该用户账号和密码。当该LAC接收到该拨号请求时,即可向AAA服务器发送上线请求,该上线请求也携带该用户账号和密码,以便AAA服务器对该用户账号进行授权、认证或者计费等管理。In the actual application, the user terminal can send a dialing request to the LAC on the LAC side when the dialing operation is detected based on the currently input user account and password, and the dialing request can carry the user account and password. When the LAC receives the dialing request, it can send an online request to the AAA server, and the online request also carries the user account and password, so that the AAA server can perform authorization, authentication, or accounting management on the user account.
步骤206:该LAC侧的AAA服务器当接收到该LAC发送的上线请求时,将更新后的接口信息列表发送给该LAC。Step 206: The AAA server on the LAC sends the updated interface information list to the LAC when receiving the online request sent by the LAC.
步骤207:该LAC接收该LAC侧的AAA服务器发送的更新后的接口信息列表,基于该更新后的接口信息列表选择建立L2TP隧道的LNS和隧道接口,向选择的LNS发送隧道建立请求。Step 207: The LAC receives the updated interface information list sent by the AAA server on the LAC side, and selects an LNS and a tunnel interface for establishing an L2TP tunnel based on the updated interface information list, and sends a tunnel establishment request to the selected LNS.
该LAC可以从更新后的接口信息列表中选择隧道接口的标识,确定该选择的隧道接口的标识指示的LNS,并将指示的LNS确定为所选择的LNS。且该隧道建立请求中携带选择的隧道接口的标识,以便LNS基于该选择的隧道接口的标识建立隧道。The LAC may select an identifier of the tunnel interface from the updated interface information list, determine an LNS indicated by the identifier of the selected tunnel interface, and determine the indicated LNS as the selected LNS. And the tunnel establishment request carries the identifier of the selected tunnel interface, so that the LNS establishes a tunnel based on the identifier of the selected tunnel interface.
由于更新后的接口信息列表已删除了不可用LNS的隧道接口的标识,因此更新后的接口信息列表中包括的所有隧道接口的标识对应的LNS均可用,且可用LNS的每个隧道接口也均可用,因此,当LAC基于该更新后的接口信息列表选择LNS和隧道接口时,所选择的任一LNS和任一隧道接口也均可用。The LNS corresponding to the identifier of all the tunnel interfaces included in the updated interface information list is available, and each tunnel interface of the available LNS is also available, because the updated interface information list has deleted the identifier of the tunnel interface of the LNS. Available, therefore, when the LAC selects the LNS and tunnel interface based on the updated interface information list, any selected LNS and any tunnel interface are also available.
步骤208:该选择的LNS当接收到该LAC发送的隧道建立请求时,向该LAC发送建立响应,以通过该选择的隧道接口建立到该LAC之间的L2TP隧道。Step 208: When receiving the tunnel establishment request sent by the LAC, the selected LNS sends a setup response to the LAC to establish an L2TP tunnel to the LAC through the selected tunnel interface.
当该选择的LNS接收到LAC发送的隧道建立请求后,即可基于该请求中携带的隧道接口的标识向该LAC发送建立响应,该建立响应指示该隧道建立请求验证通过,当LAC接收到该建立响应后,即可成功建立到该选择的LNS的隧道接口之间的L2TP隧道。After receiving the tunnel establishment request sent by the LAC, the selected LNS may send a setup response to the LAC according to the identifier of the tunnel interface carried in the request, where the setup response indicates that the tunnel establishment request is verified, and the LAC receives the After the response is established, the L2TP tunnel between the tunnel interfaces of the selected LNS can be successfully established.
其中,LNC与LNS之间建立隧道的具体过程可以参考相关技术,本发明实施例在此不再详细赘述。For a specific process of establishing a tunnel between the LNC and the LNS, reference may be made to related technologies, and details are not described in detail herein.
例如,若该隧道接口的标识中包括隧道接口地址,则当LAC接收到该建立响应后,即可以该LAC的地址为起始地址,以该隧道接口地址为目的地址,建立从该LAC到该隧道接口之间的L2TP隧道。For example, if the tunnel interface address includes the tunnel interface address, the LAC can set the LAC address as the start address and the tunnel interface address as the destination address to establish the LAC from the LAC. L2TP tunnel between tunnel interfaces.
现网中,当某一LNS处于故障状态时,若LAC仍向该LNS发送隧道建立请求,由于该LNS出现了故障,该LNS将无法响应该隧道建立请求,导致隧道建立失败。而本发明实施例通过对LNS的故障状态实施监控,当任一LNS处于故障状态时,通知LAC 侧的AAA服务器将该LNS的所有隧道接口的标识从接口信息列表中删除,实现了对LNS故障状态的迅速感知,避免了当某一LNS发生故障时,LAC仍向该LNS发送隧道建立请求导致的隧道建立失败的情况,实现了LNS故障之后业务的快速切换,提高了隧道建立的成功率。In the current network, when an LNS is in a fault state, if the LAC still sends a tunnel establishment request to the LNS, the LNS will not be able to respond to the tunnel establishment request due to the failure of the LNS, and the tunnel establishment fails. In the embodiment of the present invention, the fault state of the LNS is monitored, and when any LNS is in a fault state, the LAC is notified. The AAA server on the side deletes the identifier of all the tunnel interfaces of the LNS from the interface information list, and implements the LNS fault status quickly. This prevents the LAC from sending a tunnel establishment request to the LNS when an LNS fails. The tunnel establishment fails, and the fast switching of services after the LNS fault is implemented, which improves the success rate of tunnel establishment.
另外,现网中,当某一LNS处于整机超负荷状态时,若LAC仍向该LNS发送隧道建立请求,则可能会导致该LNS的隧道拥堵,从而无法成功建立L2TP隧道或者建立的隧道质量较差。而本发明实施例中,通过对LNS的负载状态实施监控,当任一LNS处于整机超负荷状态时,通知LAC侧的AAA服务器将该LNS的所有隧道接口的标识从接口信息列表中删除,实现了对LNS负载能力的迅速感知,避免了现网中出现的某些LNS已经超负载,某些LNS接入用户量非常少,这种LNS负载不均衡的情况,进而解决了由于负载不均衡导致的资源分配不合理和网络资源浪费的问题,保证了多个LNS间负载的均衡,提高了L2TP网络的性能和隧道的建立效果。In addition, in the current network, when an LNS is in the overload state of the whole machine, if the LAC still sends a tunnel establishment request to the LNS, the tunnel of the LNS may be congested, and the L2TP tunnel or the established tunnel quality cannot be established. Poor. In the embodiment of the present invention, by monitoring the load status of the LNS, when any LNS is in the overload state, the AAA server of the LAC is notified to delete the identifier of all the tunnel interfaces of the LNS from the interface information list. The LNS load capacity is quickly perceived, and some LNSs that are present in the existing network are overloaded. Some LNS access users are very small. This LNS load is unbalanced, which solves the problem of unbalanced load. The problem of unreasonable resource allocation and waste of network resources ensures the balance of load between multiple LNSs and improves the performance of the L2TP network and the tunnel establishment effect.
另外,通过对LNS中单一隧道接口的负载状态实施监控,当任一隧道接口超负荷时,通知AAA服务器将该LNS中超负荷的隧道接口的标识从接口信息列表中删除,在LNS粒度上的负载均衡之外,还实现了隧道接口粒度上的负载均衡,提高了精确度。In addition, by monitoring the load status of the single tunnel interface in the LNS, when any of the tunnel interfaces is overloaded, the AAA server is notified to remove the overloaded tunnel interface identifier from the interface information list, and the load on the LNS granularity is In addition to equalization, load balancing on the tunnel interface granularity is also achieved, which improves accuracy.
进一步地,为了提高负载均衡的效果,当该LNS通过排除故障或者减轻负载,已由不可用LNS恢复为可用LNS时,该控制器还可以将排除问题后的LNS再次引入该L2TP网络中来分担负载。Further, in order to improve the effect of the load balancing, when the LNS is restored to the available LNS by the unavailable LNS by troubleshooting or mitigating the load, the controller may further introduce the LNS after the problem is re-introduced into the L2TP network to share load.
具体地,在控制器向LAC侧的AAA服务器发送第一通知消息之后,可以继续接收不可用LNS的设备信息,并基于该不可用LNS的设备信息确定该不可用LNS是否已恢复。当根据该不可用LNS的设备信息,确定该不可用LNS在排除问题后恢复为可用LNS时,向该LAC侧的AAA服务器发送第二通知消息,该第二通知消息携带该可用LNS的所有隧道接口的标识,用于通知该LAC侧的AAA服务器在该接口信息列表中增加该可用LNS的所有隧道接口的标识。而当该LAC侧的AAA服务器接收到该控制器发送的第二通知消息时,即可根据该第二通知消息,在该接口信息列表中增加该可用LNS的所有隧道接口的标识,并重复步骤205-208的操作。Specifically, after the controller sends the first notification message to the AAA server on the LAC side, the device information of the unavailable LNS may continue to be received, and whether the unavailable LNS has been restored is determined based on the device information of the unavailable LNS. And determining, according to the device information of the unavailable LNS, that the unavailable LNS reverts to an available LNS after the problem is removed, and sends a second notification message to the AAA server on the LAC side, where the second notification message carries all the tunnels of the available LNS. The identifier of the interface is used to notify the AAA server on the LAC side to add the identifiers of all tunnel interfaces of the available LNS to the interface information list. When the AAA server on the LAC side receives the second notification message sent by the controller, the identifier of all tunnel interfaces of the available LNS may be added to the interface information list according to the second notification message, and the steps are repeated. Operation of 205-208.
其中,基于该不可用LNS的设备信息,确定该不可用LNS是否在排除问题后恢复为可用LNS的方式,可以包括以下方式中的至少一种:And determining, according to the device information of the unavailable LNS, whether the unavailable LNS is restored to the available LNS after the problem is eliminated, and may include at least one of the following manners:
第一种方式:当基于该不可用LNS的设备信息,确定该不可用LNS从故障状态恢复为正常状态,即故障排除时,确定该不可用LNS恢复为可用LNS。The first mode is: when it is determined that the unavailable LNS is restored from the fault state to the normal state based on the device information of the unavailable LNS, that is, when the fault is eliminated, it is determined that the unavailable LNS is restored to the available LNS.
第二种方式:当基于该LNS的设备信息,确定该LNS从整机超负荷状态恢复为正常状态,即整机负载下降时,确定该不可用LNS恢复为可用LNS。The second mode is: when the LNS is restored from the overload state of the whole device to the normal state based on the device information of the LNS, that is, when the load of the whole device decreases, it is determined that the unavailable LNS is restored to the available LNS.
进一步地,当不可用LNS中的某个不可用隧道接口在排除问题后,已由不可用隧道接口恢复为可用隧道接口时,该控制器还可以将排除问题后的隧道接口再次引入该L2TP网络中来分担负载。Further, when an unavailable tunnel interface in the unavailable LNS is restored to an available tunnel interface by the unavailable tunnel interface after the problem is eliminated, the controller may further introduce the tunnel interface after the problem is reintroduced into the L2TP network. In the middle to share the load.
具体地,在控制器向LAC侧的AAA服务器发送第一通知消息之后,还可以继续接收不可用LNS中不可用隧道接口的隧道接口状态信息,并基于该不可用隧道接口的隧道接口状态信息确定该不可用隧道接口的问题是否已排除。当根据该不可用LNS中不可用隧道接口的隧道接口状态信息,确定该不可用隧道接口在排除问题后恢复为可用隧道接口时,向该 LAC侧的AAA服务器发送第三通知消息,该第三通知消息携带该可用隧道接口的标识,用于通知该LAC侧的AAA服务器在该接口信息列表中增加该可用隧道接口的标识。而当该LAC侧的AAA服务器接收到该控制器发送的第三通知消息时,即可根据该第三通知消息,在该接口信息列表中增加该可用隧道接口的标识,并重复步骤205-208的操作。Specifically, after the controller sends the first notification message to the AAA server on the LAC side, the device may continue to receive the tunnel interface state information of the unavailable tunnel interface in the unavailable LNS, and determine the tunnel interface state information based on the unavailable tunnel interface. Whether the problem with the unavailable tunnel interface has been eliminated. Determining, according to the tunnel interface state information of the unavailable tunnel interface in the unavailable LNS, determining that the unavailable tunnel interface is restored to an available tunnel interface after the problem is eliminated, to the The AAA server on the LAC side sends a third notification message, where the third notification message carries the identifier of the available tunnel interface, and is used to notify the AAA server on the LAC side to add the identifier of the available tunnel interface in the interface information list. When the AAA server on the LAC side receives the third notification message sent by the controller, the identifier of the available tunnel interface is added to the interface information list according to the third notification message, and steps 205-208 are repeated. Operation.
其中,可以在确定不可用隧道接口由超负荷状态恢复为正常状态,即该隧道接口的负载下降时,确定该不可用隧道接口恢复为可用隧道接口。The unavailable tunnel interface can be restored to the available tunnel interface when the overloaded state is restored to the normal state, that is, when the load of the tunnel interface decreases.
其中,根据该接口信息列表获取方式的不同,根据第二通知消息或第三通知消息在该接口信息列表中增加隧道接口的标识的方式也不同,具体可以包括以下方式中的至少一种:The manner of adding the identifier of the tunnel interface to the interface information list according to the second notification message or the third notification message is different according to the manner of obtaining the interface information list, and may specifically include at least one of the following manners:
第一种方式:当该LAC侧的AAA服务器通过步骤204中的第一种实现方式存储该接口信息列表时,该LAC侧的AAA服务器即可在接收到该第二通知消息或第三通知消息时,直接在该接口信息列表中增加隧道接口的标识,得到更新后的接口信息列表,并将更新后的接口信息列表下发给LAC。The first mode is: when the AAA server on the LAC side stores the interface information list in the first implementation manner in step 204, the AAA server on the LAC side can receive the second notification message or the third notification message. Add the identifier of the tunnel interface directly to the interface information list, obtain the updated interface information list, and send the updated interface information list to the LAC.
第二种方式:当该LAC侧的AAA服务器通过步骤204中的第二种实现方式存储该接口信息列表时,则该LAC侧的AAA服务器可以在接收到该第二通知消息或第三通知消息时,在上述接口状态列表中,将隧道接口的标识对应的状态标识从第二状态标识切换为第一状态标识,以在接口信息列表中增加隧道接口的标识。The second mode: when the AAA server on the LAC side stores the interface information list in the second implementation manner in step 204, the AAA server on the LAC side may receive the second notification message or the third notification message. In the foregoing interface state list, the state identifier corresponding to the identifier of the tunnel interface is switched from the second state identifier to the first state identifier, so as to add the identifier of the tunnel interface in the interface information list.
需要说明的是,本发明实施例仅是以LAC侧的AAA服务器根据控制器发送的通知消息,对存储的同一接口信息列表进行更新,并将更新后的接口信息列表发送至任一LAC为例进行说明,而实际应用中,AAA服务器还可以针对不同LAC发送的上线请求,或者针对上线请求中携带的不同用户账号,发送不同的接口信息列表;或者,根据控制器发送的通知消息,对存储的不同接口信息列表进行更新,本发明实施例对此不做限定。It should be noted that, in the embodiment of the present invention, only the AAA server on the LAC side updates the stored interface information list according to the notification message sent by the controller, and sends the updated interface information list to any LAC as an example. In the actual application, the AAA server may also send different interface information lists for different online requests sent by different LACs, or for different user accounts carried in the online request; or, according to the notification message sent by the controller, the storage is performed. The different interface information lists are updated, which is not limited by the embodiment of the present invention.
例如,LAC侧的AAA服务器可以根据控制器发送的通知消息,对存储的同一接口信息列表进行更新,得到更新后的接口信息列表;当接收到LAC发送的上线请求后,从更新后的接口信息列表中选择与该LAC或者与该上线请求中携带的用户账号对应的LNS和隧道接口,将选择的隧道接口的标识组成一个新的接口信息列表发送至该LAC。For example, the AAA server on the LAC side can update the stored interface information list according to the notification message sent by the controller, and obtain the updated interface information list. After receiving the online request sent by the LAC, the updated interface information is obtained. The LNS and the tunnel interface corresponding to the LAC or the user account carried in the online request are selected in the list, and the selected tunnel interface identifiers are combined into a new interface information list and sent to the LAC.
或者,该AAA服务器可以存储多个接口信息列表,每个接口信息列表对应一组LAC或者一组用户账号;当该AAA服务器接收该控制器发送的通知消息时,可以根据该通知消息对存储的多个接口信息列表进行更新;当接收到LAC发送的上线请求后,可以从该多个接口信息列表中选择该LAC对应的接口信息列表,或者该上线请求中携带的用户账号对应的接口信息列表,并将选择的接口信息列表发送至该LAC。Alternatively, the AAA server may store a plurality of interface information lists, each interface information list corresponding to a group of LACs or a group of user accounts; when the AAA server receives the notification message sent by the controller, the AAA server may store the information according to the notification message. The interface information list is updated. After receiving the online request sent by the LAC, the interface information list corresponding to the LAC or the interface information corresponding to the user account carried in the online request may be selected from the multiple interface information lists. And send the selected interface information list to the LAC.
另外,针对上述图1C或者图1D的网络架构,LAC侧10的AAA服务器12可以按照上述方式对存储的LTS接口信息列表进行更新,LTS侧40的AAA服务器42可以按照上述方式对存储的LNS接口信息列表进行更新。其中,LTS接口信息列表存储有LTS侧40中的各个LTS41的隧道接口的标识,LNS接口信息列表存储有LNS侧20中各个LNS21的隧道接口的标识。In addition, for the network architecture of FIG. 1C or FIG. 1D, the AAA server 12 of the LAC side 10 can update the stored LTS interface information list in the above manner, and the AAA server 42 of the LTS side 40 can access the stored LNS interface according to the foregoing manner. The information list is updated. The LTS interface information list stores the identifiers of the tunnel interfaces of the LTSs 41 in the LTS side 40. The LNS interface information list stores the identifiers of the tunnel interfaces of the LNSs 21 in the LNS side 20.
例如,对于上述图1C或者图1D的网络架构,控制器30或者控制器31可以接收来自LTS侧40中多个LTS41中的每个LTS41的设备信息,该设备信息包括对应LTS41的设备标 识和设备状态信息;根据该多个LTS41中的每个LTS41的设备信息确定该多个LTS41中的不可用LTS41;向LAC侧10的AAA服务器12发送第一通知消息,该第一通知消息携带该不可用LTS41的隧道接口的标识,用于通知该AAA服务器12将该不可用LTS41的隧道接口的标识从存储的LTS接口信息列表中删除。后续当接收到LAC侧10中任一LAC11发送的上线请求时,该AAA服务器12即可将更新后的LTS接口信息列表发送给该LAC11,以便该LAC11基于该更新后的LTS接口信息列表选择LTS41和隧道接口,并向选择的LTS41发送隧道建立请求,该选择的LTS 41接收到该LAC11的请求后,即可建立从选择的隧道接口到该LAC11的L2TP隧道。For example, for the network architecture of FIG. 1C or FIG. 1D described above, the controller 30 or the controller 31 may receive device information from each of the plurality of LTSs 41 in the LTS side 40, the device information including the device label corresponding to the LTS 41. Identifying the device status information; determining the unavailable LTS 41 of the plurality of LTSs 41 according to the device information of each of the plurality of LTSs 41; transmitting a first notification message to the AAA server 12 of the LAC side 10, the first notification message carrying The identifier of the tunnel interface of the unavailable LTS 41 is used to notify the AAA server 12 to delete the identifier of the tunnel interface of the unavailable LTS 41 from the stored LTS interface information list. After receiving the online request sent by any of the LACs 11 on the LAC side 10, the AAA server 12 can send the updated LTS interface information list to the LAC11, so that the LAC11 selects the LTS 41 based on the updated LTS interface information list. The tunnel interface is configured to send a tunnel establishment request to the selected LTS 41. After receiving the request of the LAC 11, the selected LTS 41 can establish an L2TP tunnel from the selected tunnel interface to the LAC11.
再例如,对于上述图1C或者图1D的网络架构,控制器30或者控制器32可以接收来自LNS侧20中多个LNS21中的每个LNS21的设备信息,该设备信息包括对应LNS21的设备标识和设备状态信息;根据该多个LNS21中的每个LNS21的设备信息确定该多个LNS21中的不可用LNS21;向LTS侧40的AAA服务器42发送第一通知消息,该第一通知消息携带该不可用LNS21的隧道接口的标识,用于通知该AAA服务器42将该不可用LNS21的隧道接口的标识从存储的LNS接口信息列表中删除。后续当接收到LTS侧40中任一LTS41发送的上线请求时,该AAA服务器42即可将更新后的LNS接口信息列表发送给该LTS41,以便该LTS41基于该更新后的LNS接口信息列表选择LNS21和隧道接口,并向选择的LNS21发送隧道建立请求,该选择的LNS21接收到该LTS41的请求后,即可建立从选择的隧道接口到该LTS41的L2TP隧道。For another example, for the network architecture of FIG. 1C or FIG. 1D described above, the controller 30 or the controller 32 may receive device information from each of the plurality of LNSs 21 in the LNS side 20, the device information including the device identifier corresponding to the LNS 21 and Determining the unavailable LNS 21 of the plurality of LNSs 21 according to the device information of each of the plurality of LNSs 21; sending a first notification message to the AAA server 42 of the LTS side 40, the first notification message carrying the The identifier of the tunnel interface of the LNS 21 is used to notify the AAA server 42 to delete the identifier of the tunnel interface of the unavailable LNS 21 from the stored LNS interface information list. After receiving the online request sent by any LTS 41 in the LTS side 40, the AAA server 42 may send the updated LNS interface information list to the LTS 41, so that the LTS 41 selects the LNS 21 based on the updated LNS interface information list. And the tunnel interface, and sends a tunnel establishment request to the selected LNS 21, after the selected LNS 21 receives the request of the LTS 41, the L2TP tunnel from the selected tunnel interface to the LTS 41 can be established.
需要说明的是,对于上述图1C或者图1D的网络架构,LAC11发送的上线请求或者LTS41发送的上线请求也是由用户终端发送的拨号请求触发,具体触发过程可以参考上述相关描述,本发明实施例在此不再赘述。而且,上述LAC10侧的AAA服务器12也可以针对不同LAC发送的上线请求,或者针对上线请求中携带的不同用户账号,发送不同的LTS接口信息列表;同理,上述LTS40侧的AAA服务器42也可以针对不同LTS发送的上线请求,或者针对上线请求中携带的不同用户账号,发送不同的LNS接口信息列表,具体实现过程也可以参考上述相关描述,本发明实施例在此也不再赘述。It should be noted that, for the network architecture of the foregoing FIG. 1C or FIG. 1D, the online request sent by the LAC11 or the online request sent by the LTS41 is also triggered by the dialing request sent by the user terminal. For the specific triggering process, refer to the foregoing description. I will not repeat them here. The AAA server 12 on the LAC 10 side may also send different LTS interface information lists for different online requests sent by different LACs or different user accounts carried in the online request. Similarly, the AAA server 42 on the LTS 40 side may also be used. For the uplink request sent by the different LTSs, or for the different user accounts carried in the online request, the different LNS interface information lists are sent. For the specific implementation process, reference may be made to the related descriptions, and details are not described herein again.
综上所述,本发明实施例中,在LAC侧和LNS侧之间引入了控制器,该控制器可以通过接收来自该多个LNS中的每个LNS的设备信息,监控LNS侧中每个LNS的设备状态,并基于每个LNS设备信息确定该多个LNS中的不可用LNS,向LAC侧的AAA服务器发送携带不可用LNS的隧道接口的标识的第一通知消息,通知该LAC侧的AAA服务器将不可用LNS的隧道接口的标识从存储的接口信息列表中删除,得到更新后的接口信息列表。由于更新后的接口信息列表已删除了不可用LNS的隧道接口的标识,因此更新后的接口信息列表中包括的所有隧道接口的标识对应的LNS均可用,可用LNS的每个隧道接口也均可用,因此,当LAC基于更新后的接口信息列表选择LNS和隧道接口时,所选择的任一LNS和任一隧道接口也均可用,从而解决了所选择的LNS或者隧道接口可能不满足工作条件,导致的无法建立隧道或建立的隧道质量较差的问题,提高了隧道建立的成功率和稳定性。In summary, in the embodiment of the present invention, a controller is introduced between the LAC side and the LNS side, and the controller can monitor each of the LNS sides by receiving device information from each LNS of the multiple LNSs. The device status of the LNS is determined, and the LNS in the plurality of LNSs is determined based on the information of each LNS device, and the first notification message of the identifier of the tunnel interface carrying the unavailable LNS is sent to the AAA server on the LAC side, and the LAC side is notified. The AAA server deletes the identifier of the tunnel interface of the unavailable LNS from the stored interface information list, and obtains the updated interface information list. The LNS corresponding to the identifier of all tunnel interfaces included in the updated interface information list is available, and the tunnel interface of the available LNS is also available. Therefore, when the LAC selects the LNS and the tunnel interface based on the updated interface information list, any LNS selected and any tunnel interface are also available, thereby solving the problem that the selected LNS or tunnel interface may not meet the working condition. The problem that the tunnel cannot be established or the quality of the established tunnel is poor, and the success rate and stability of the tunnel establishment are improved.
图3是本发明实施例提供的一种控制器的结构示意图,该控制器与LNS侧的多个LNS分别连接,且该控制器与LAC侧的AAA服务器连接。参见图3,该控制器包括: FIG. 3 is a schematic structural diagram of a controller according to an embodiment of the present invention. The controller is connected to multiple LNSs on the LNS side, and the controller is connected to an AAA server on the LAC side. Referring to Figure 3, the controller includes:
接收模块301,用于执行上述实施例的步骤201;The receiving module 301 is configured to perform step 201 of the foregoing embodiment;
处理模块302,用于执行上述实施例的步骤202;The processing module 302 is configured to perform step 202 of the foregoing embodiment;
发送模块303,用于执行上述实施例的步骤203。The sending module 303 is configured to perform step 203 of the foregoing embodiment.
本发明实施例中,在LAC侧和LNS侧之间引入了控制器,该控制器可以通过接收来自该多个LNS中的每个LNS的设备信息,监控LNS侧中每个LNS的设备状态,并基于每个LNS设备信息确定该多个LNS中的不可用LNS,向LAC侧的AAA服务器发送携带不可用LNS的隧道接口的标识的第一通知消息,通知该LAC侧的AAA服务器将不可用LNS的隧道接口的标识从存储的接口信息列表中删除,得到更新后的接口信息列表。由于更新后的接口信息列表已删除了不可用LNS的隧道接口的标识,因此更新后的接口信息列表中包括的所有隧道接口的标识对应的LNS均可用,可用LNS的每个隧道接口也均可用,因此,当LAC基于更新后的接口信息列表选择LNS和隧道接口时,所选择的任一LNS和任一隧道接口也均可用,从而解决了所选择的LNS或者隧道接口可能不满足工作条件,导致的无法建立隧道或建立的隧道质量较差的问题,提高了隧道建立的成功率和稳定性。In the embodiment of the present invention, a controller is introduced between the LAC side and the LNS side, and the controller can monitor the device status of each LNS in the LNS side by receiving device information from each LNS of the multiple LNSs. And determining, according to the LNS device information, the unavailable LNS in the multiple LNSs, and sending the first notification message of the identifier of the tunnel interface carrying the unavailable LNS to the AAA server on the LAC side, notifying that the AAA server on the LAC side is unavailable. The identifier of the tunnel interface of the LNS is deleted from the stored interface information list, and the updated interface information list is obtained. The LNS corresponding to the identifier of all tunnel interfaces included in the updated interface information list is available, and the tunnel interface of the available LNS is also available. Therefore, when the LAC selects the LNS and the tunnel interface based on the updated interface information list, any LNS selected and any tunnel interface are also available, thereby solving the problem that the selected LNS or tunnel interface may not meet the working condition. The problem that the tunnel cannot be established or the quality of the established tunnel is poor, and the success rate and stability of the tunnel establishment are improved.
以上接收模块和发送模块可以为发射机,且接收模块和发送模块可以集成在一个收发模块中,对应于硬件实现为收发机。以上处理模块可以以硬件形式内嵌于或独立于该控制器的处理器中,也可以以软件形式存储于该控制器的存储器中,以便于处理器调用执行以上各个模块对应的操作。该处理器可以为中央处理单元(CPU)、微处理器、单片机等。The above receiving module and the sending module may be transmitters, and the receiving module and the sending module may be integrated in one transceiver module, and implemented as a transceiver corresponding to hardware. The above processing module may be embedded in or independent of the processor of the controller in hardware, or may be stored in the memory of the controller in software, so that the processor calls to perform operations corresponding to the above modules. The processor can be a central processing unit (CPU), a microprocessor, a microcontroller, or the like.
图4是本发明实施例提供的一种AAA服务器的结构示意图,该AAA服务器与控制器以及LAC侧的多个LAC分别连接,该控制器与LNS侧的多个LNS分别连接。参见图4,该AAA服务器包括:FIG. 4 is a schematic structural diagram of an AAA server according to an embodiment of the present invention. The AAA server is connected to a controller and a plurality of LACs on the LAC side, and the controller is respectively connected to multiple LNSs on the LNS side. Referring to Figure 4, the AAA server includes:
接收模块401和处理模块402,用于执行上述实施例的步骤204。The receiving module 401 and the processing module 402 are configured to perform step 204 of the above embodiment.
可选地,该AAA服务器还包括:Optionally, the AAA server further includes:
发送模块,用于执行上述实施例的步骤206。The sending module is configured to perform step 206 of the above embodiment.
本发明实施例中,AAA服务器可以接收控制器发送的第一通知消息,根据该第一通知消息携带的不可用LNS的隧道接口的标识,将不可用LNS的隧道接口的标识从存储的接口信息列表中删除。由于更新后的接口信息列表已删除了不可用LNS的隧道接口的标识,因此更新后的接口信息列表中包括的所有隧道接口的标识对应的LNS均可用,可用LNS的每个隧道接口也均可用,因此,当LAC基于更新后的接口信息列表选择LNS和隧道接口时,所选择的任一LNS和任一隧道接口也均可用,从而解决了所选择的LNS或者隧道接口可能不满足工作条件,导致的无法建立隧道或建立的隧道质量较差的问题,提高了隧道建立的成功率和稳定性。In the embodiment of the present invention, the AAA server may receive the first notification message sent by the controller, and according to the identifier of the tunnel interface of the unavailable LNS carried in the first notification message, remove the identifier of the tunnel interface of the LNS from the stored interface information. Remove from the list. The LNS corresponding to the identifier of all tunnel interfaces included in the updated interface information list is available, and the tunnel interface of the available LNS is also available. Therefore, when the LAC selects the LNS and the tunnel interface based on the updated interface information list, any LNS selected and any tunnel interface are also available, thereby solving the problem that the selected LNS or tunnel interface may not meet the working condition. The problem that the tunnel cannot be established or the quality of the established tunnel is poor, and the success rate and stability of the tunnel establishment are improved.
以上接收模块和发送模块可以为发射机,且接收模块和发送模块可以集成在一个收发模块中,对应于硬件实现为收发机。以上处理模块可以以硬件形式内嵌于或独立于该控制器的处理器中,也可以以软件形式存储于该控制器的存储器中,以便于处理器调用执行以上各个模块对应的操作。该处理器可以为中央处理单元(CPU)、微处理器、单片机等。 The above receiving module and the sending module may be transmitters, and the receiving module and the sending module may be integrated in one transceiver module, and implemented as a transceiver corresponding to hardware. The above processing module may be embedded in or independent of the processor of the controller in hardware, or may be stored in the memory of the controller in software, so that the processor calls to perform operations corresponding to the above modules. The processor can be a central processing unit (CPU), a microprocessor, a microcontroller, or the like.
需要说明的是:上述实施例提供的控制器和AAA服务器在实现基于L2TP的设备管理方法时,仅以上述各功能模块的划分进行举例说明,实际应用中,可以根据需要而将上述功能分配由不同的功能模块完成,即将设备的内部结构划分成不同的功能模块,以完成以上描述的全部或者部分功能。另外,上述实施例提供的控制器和AAA服务器与基于L2TP的设备管理方法实施例属于同一构思,其具体实现过程详见方法实施例,这里不再赘述。It should be noted that, when the L2TP-based device management method is implemented, the controller and the AAA server provided by the foregoing embodiments are only illustrated by the foregoing division of each functional module. In actual applications, the foregoing functions may be allocated according to requirements. Different functional modules are completed, that is, the internal structure of the device is divided into different functional modules to complete all or part of the functions described above. In addition, the controller and the AAA server provided by the foregoing embodiments are in the same concept as the L2TP-based device management method embodiment, and the specific implementation process is described in detail in the method embodiment, and details are not described herein again.
本领域普通技术人员可以理解实现上述实施例的全部或部分步骤可以通过硬件来完成,也可以通过程序来指令相关的硬件完成,所述的程序可以存储于一种计算机可读存储介质中,上述提到的存储介质可以是只读存储器,磁盘或光盘等。A person skilled in the art may understand that all or part of the steps of implementing the above embodiments may be completed by hardware, or may be instructed by a program to execute related hardware, and the program may be stored in a computer readable storage medium. The storage medium mentioned may be a read only memory, a magnetic disk or an optical disk or the like.
以上所述,仅为本发明的具体实施方式,但本发明的保护范围并不局限于此,任何熟悉本技术领域的技术人员在本发明揭露的技术范围内,可轻易想到变化或替换,都应涵盖在本发明的保护范围之内。因此,本发明的保护范围应以所述权利要求的保护范围为准。 The above is only a specific embodiment of the present invention, but the scope of the present invention is not limited thereto, and any person skilled in the art can easily think of changes or substitutions within the technical scope of the present invention. It should be covered by the scope of the present invention. Therefore, the scope of the invention should be determined by the scope of the appended claims.

Claims (25)

  1. 一种基于二层隧道协议L2TP的设备管理方法,其特征在于,应用于控制器中,所述控制器与L2TP网络服务器LNS侧的多个LNS分别连接,且所述控制器与L2TP访问集中器LAC侧的认证授权及计费AAA服务器连接,所述方法包括:A device management method based on the Layer 2 Tunneling Protocol (L2TP) is characterized in that it is applied to a controller, and the controller is respectively connected to a plurality of LNSs on the LNS side of the L2TP network server, and the controller and the L2TP access concentrator are respectively The authentication and authorization and accounting AAA server connection on the LAC side, the method includes:
    接收来自所述多个LNS中的每个LNS的设备信息,所述设备信息包括对应LNS的设备标识和设备状态信息;Receiving device information from each of the plurality of LNSs, the device information including device identifiers and device state information corresponding to the LNS;
    根据所述多个LNS中的每个LNS的设备信息确定所述多个LNS中的不可用LNS;Determining an unavailable LNS of the plurality of LNSs according to device information of each of the plurality of LNSs;
    向所述AAA服务器发送第一通知消息,所述第一通知消息携带所述不可用LNS的隧道接口的标识,所述第一通知消息用于通知所述AAA服务器将所述不可用LNS的隧道接口的标识从存储的接口信息列表中删除。And sending, by the AAA server, a first notification message, where the first notification message carries an identifier of the tunnel interface of the unavailable LNS, where the first notification message is used to notify the AAA server to use the tunnel of the unavailable LNS. The ID of the interface is removed from the list of stored interface information.
  2. 如权利要求1所述的方法,其特征在于,所述设备状态信息包括故障信息、中央处理器CPU利用率、内存占用量、承载L2TP隧道的出接口的总流量和总承载的用户量中的至少一个;The method according to claim 1, wherein the device status information comprises fault information, CPU utilization of the central processing unit, memory usage, total traffic of the outbound interface carrying the L2TP tunnel, and the total amount of users of the total bearer. at least one;
    所述根据所述多个LNS中的每个LNS的设备信息确定所述多个LNS中的不可用LNS,包括以下方式中的至少一种:Determining, according to the device information of each LNS of the multiple LNSs, the unavailable LNSs in the multiple LNSs, including at least one of the following manners:
    当目标LNS的设备状态信息中存在故障信息时,将所述目标LNS确定为不可用LNS,所述目标LNS为所述多个LNS中的任一LNS;When the fault information is found in the device state information of the target LNS, the target LNS is determined to be an unavailable LNS, and the target LNS is any one of the plurality of LNSs;
    当目标LNS的CPU利用率大于第一预设阈值时,将所述目标LNS确定为不可用LNS;When the CPU utilization of the target LNS is greater than the first preset threshold, determining the target LNS as an unavailable LNS;
    当目标LNS的内存占用量大于第二预设阈值时,将所述目标LNS确定为不可用LNS;When the memory usage of the target LNS is greater than a second preset threshold, determining the target LNS as an unavailable LNS;
    当目标LNS的承载L2TP隧道的出接口的总流量大于第三预设阈值时,将所述目标LNS确定为不可用LNS;When the total traffic of the outbound interface carrying the L2TP tunnel of the target LNS is greater than a third preset threshold, the target LNS is determined to be an unavailable LNS;
    当目标LNS的总承载的用户量大于第四预设阈值时,将所述目标LNS确定为不可用LNS;When the amount of users of the total bearer of the target LNS is greater than a fourth preset threshold, determining the target LNS as an unavailable LNS;
    相应地,所述不可用LNS的隧道接口的标识是指所述不可用LNS的所有隧道接口的标识。Correspondingly, the identifier of the tunnel interface of the unavailable LNS refers to the identifier of all tunnel interfaces of the unavailable LNS.
  3. 如权利要求2所述的方法,其特征在于,所述向所述AAA服务器发送第一通知消息之后,还包括:The method of claim 2, after the sending the first notification message to the AAA server, further comprising:
    当根据所述不可用LNS的设备信息,确定所述不可用LNS在排除问题后恢复为可用LNS时,向所述AAA服务器发送第二通知消息,所述第二通知消息携带所述可用LNS的所有隧道接口的标识,用于通知所述AAA服务器在所述接口信息列表中增加所述可用LNS的所有隧道接口的标识。Determining, by the device information of the unavailable LNS, that the unavailable LNS returns to an available LNS after the problem is rectified, and sending a second notification message to the AAA server, where the second notification message carries the available LNS An identifier of all tunnel interfaces is used to notify the AAA server to add an identifier of all tunnel interfaces of the available LNS in the interface information list.
  4. 如权利要求1所述的方法,其特征在于,所述设备信息还包括对应LNS包括的至少一个隧道接口的标识和隧道接口状态信息;The method of claim 1, wherein the device information further comprises an identifier of the at least one tunnel interface and tunnel interface state information corresponding to the LNS;
    所述根据所述多个LNS中的每个LNS的设备信息确定所述多个LNS中的不可用LNS,包括:Determining, according to the device information of each LNS of the multiple LNSs, the unavailable LNSs in the multiple LNSs, including:
    根据所述多个LNS中的每个LNS的设备信息中包括的至少一个隧道接口的标识和隧道接口状态信息,确定所述多个LNS中存在不可用隧道接口的LNS; Determining, according to the identifier of the at least one tunnel interface and the tunnel interface state information included in the device information of each of the plurality of LNSs, an LNS in the plurality of LNSs that has an unavailable tunnel interface;
    将所述多个LNS中存在不可用隧道接口的LNS确定为所述多个LNS中的不可用LNS;Determining, by the LNS that is not available in the plurality of LNSs, an unavailable LNS in the multiple LNSs;
    相应地,所述第一通知消息携带所述不可用LNS中不可用隧道接口的标识,所述第一通知消息用于通知所述AAA服务器将所述不可用LNS中不可用隧道接口的标识从存储的接口信息列表中删除。Correspondingly, the first notification message carries an identifier of the unavailable tunnel interface in the unavailable LNS, and the first notification message is used to notify the AAA server to identify the identifier of the unavailable tunnel interface in the unavailable LNS. The list of stored interface information is deleted.
  5. 如权利要求4所述的方法,其特征在于,所述隧道接口状态信息包括对应隧道所承载的用户量和隧道接口的流量中的至少一个;The method according to claim 4, wherein the tunnel interface state information comprises at least one of a quantity of users carried by the corresponding tunnel and a traffic of the tunnel interface;
    所述根据所述多个LNS中的每个LNS的设备信息中包括的至少一个隧道接口的标识和隧道接口状态信息,确定所述多个LNS中存在不可用隧道接口的LNS,包括:Determining, according to the identifier of the at least one tunnel interface and the tunnel interface state information included in the device information of each of the plurality of LNSs, the LNSs of the plurality of LNSs having the unavailable tunnel interface, including:
    对于所述多个LNS中的每个LNS,当所述LNS包括的至少一个隧道接口中目标隧道接口对应的隧道所承载的用户量大于第五预设阈值时,将所述目标隧道接口确定为所述LNS中的不可用隧道接口,并将所述LNS确定为存在不可用隧道接口的LNS,所述目标隧道接口为所述LNS包括的至少一个隧道接口中的任一接口;For each of the plurality of LNSs, when the number of users carried by the tunnel corresponding to the target tunnel interface in the at least one tunnel interface included in the LNS is greater than a fifth preset threshold, the target tunnel interface is determined as The LNS is not available in the LNS, and the LNS is determined to be an LNS having an unavailable tunnel interface, where the target tunnel interface is any one of at least one tunnel interface included in the LNS;
    当所述LNS包括的至少一个隧道接口中目标隧道接口的流量大于第六预设阈值时,将所述目标隧道接口确定为所述LNS中的不可用隧道接口,并将所述LNS确定为存在不可用隧道接口的LNS。And determining, when the traffic of the target tunnel interface in the at least one tunnel interface included in the LNS is greater than a sixth preset threshold, determining the target tunnel interface as an unavailable tunnel interface in the LNS, and determining the LNS as being The LNS of the tunnel interface is not available.
  6. 如权利要求4或5所述的方法,所述向所述AAA服务器发送第一通知消息之后,还包括:The method of claim 4 or 5, after the sending the first notification message to the AAA server, the method further includes:
    当根据所述不可用LNS中不可用隧道接口的隧道接口状态信息,确定所述不可用隧道接口在排除问题后恢复为可用隧道接口时,向所述AAA服务器发送第三通知消息,所述第三通知消息携带所述可用隧道接口的标识,所述第三通知消息用于通知所述AAA服务器在所述接口信息列表中增加所述可用隧道接口的标识。Determining, according to the tunnel interface state information of the unavailable tunnel interface in the unavailable LNS, that the unavailable tunnel interface returns to an available tunnel interface after excluding the problem, sending a third notification message to the AAA server, where the The third notification message carries the identifier of the available tunnel interface, and the third notification message is used to notify the AAA server to add the identifier of the available tunnel interface in the interface information list.
  7. 一种基于二层隧道协议L2TP的设备管理方法,其特征在于,应用于认证授权及计费AAA服务器中,所述AAA服务器与控制器以及L2TP访问集中器LAC侧的多个LAC分别连接,所述控制器与L2TP网络服务器LNS侧的多个LNS分别连接,所述方法包括:A device management method based on the Layer 2 tunneling protocol L2TP, which is applied to an authentication and accounting and accounting AAA server, wherein the AAA server is connected to a controller and a plurality of LACs on the LAC side of the L2TP access concentrator. The controller is respectively connected to multiple LNSs on the LNS side of the L2TP network server, and the method includes:
    接收所述控制器发送的第一通知消息,所述第一通知消息携带不可用LNS的隧道接口的标识,且所述第一通知消息由所述控制器在基于所述多个LNS中的每个LNS的设备信息,确定出所述多个LNS中的所述不可用LNS时发送,所述设备信息包括对应LNS的设备标识和设备状态信息;Receiving, by the controller, a first notification message, where the first notification message carries an identifier of a tunnel interface of an unavailable LNS, and the first notification message is used by the controller based on each of the multiple LNSs The device information of the LNS is sent when the unusable LNS in the multiple LNSs is determined, and the device information includes device identifiers and device state information corresponding to the LNS;
    将所述不可用LNS的隧道接口的标识从存储的接口信息列表中删除。The identifier of the tunnel interface of the unavailable LNS is deleted from the stored interface information list.
  8. 如权利要求7所述的方法,其特征在于,所述将所述不可用LNS的隧道接口的标识从存储的接口信息列表中删除,包括:The method according to claim 7, wherein the deleting the identifier of the tunnel interface of the unavailable LNS from the stored interface information list comprises:
    当所述第一通知消息携带所述不可用LNS中所有隧道接口的标识时,将所述不可用LNS中所有隧道接口的标识从存储的接口信息列表中删除。When the first notification message carries the identifiers of all the tunnel interfaces in the unavailable LNS, the identifiers of all the tunnel interfaces in the unavailable LNS are deleted from the stored interface information list.
  9. 如权利要求8所述的方法,其特征在于,所述将所述不可用LNS的隧道接口的标 识从存储的接口信息列表中删除之后,还包括:The method of claim 8 wherein said labeling of said tunnel interface of said unavailable LNS After deleting the list of stored interface information, it also includes:
    接收所述控制器发送的第二通知消息,所述第二通知消息携带可用LNS的所有隧道接口的标识,所述第二通知消息由所述控制器基于所述不可用LNS的设备信息,确定所述不可用LNS在排除问题后恢复为可用LNS时发送;Receiving, by the controller, a second notification message, where the second notification message carries an identifier of all tunnel interfaces of the available LNS, where the second notification message is determined by the controller based on the device information of the unavailable LNS. The unavailable LNS is sent when the problem is restored to an available LNS after the problem is eliminated;
    在所述接口信息列表中增加所述可用LNS的所有隧道接口的标识。Adding an identifier of all tunnel interfaces of the available LNS in the interface information list.
  10. 如权利要求7所述的方法,其特征在于,所述将所述不可用LNS的隧道接口的标识从存储的接口信息列表中删除,包括:The method according to claim 7, wherein the deleting the identifier of the tunnel interface of the unavailable LNS from the stored interface information list comprises:
    当所述第一通知消息携带所述不可用LNS中不可用隧道接口的标识时,将所述不可用LNS中不可用隧道接口的标识从存储的接口信息列表中删除,所述第一通知消息由所述控制器基于所述多个LNS中的每个LNS的设备信息中包括的至少一个隧道接口的标识和隧道接口状态信息,确定出所述多个LNS中存在不可用隧道接口的LNS时发送。When the first notification message carries the identifier of the unavailable tunnel interface in the unavailable LNS, the identifier of the unavailable tunnel interface in the unavailable LNS is deleted from the stored interface information list, where the first notification message is deleted. Determining, by the controller, the LNS of the unavailable tunnel interface in the plurality of LNSs based on the identifier of the at least one tunnel interface and the tunnel interface state information included in the device information of each of the plurality of LNSs send.
  11. 如权利要求10所述的方法,其特征在于,所述将所述不可用隧道接口的标识从存储的接口信息列表中删除之后,还包括:The method of claim 10, after the deleting the identifier of the unavailable tunnel interface from the stored interface information list, further comprising:
    接收所述控制器发送的第三通知消息,所述第三通知消息携带可用隧道接口的标识,所述第三通知消息由所述控制器基于所述不可用LNS中不可用隧道接口的隧道接口状态信息,确定所述不可用隧道接口在排除问题后恢复为可用隧道接口时发送;Receiving a third notification message sent by the controller, where the third notification message carries an identifier of an available tunnel interface, where the third notification message is based on a tunnel interface of the unavailable tunnel interface in the unavailable LNS by the controller Status information, determining that the unavailable tunnel interface is sent when the problem is restored to an available tunnel interface after the problem is eliminated;
    在所述接口信息列表中增加所述可用隧道接口的标识。Adding an identifier of the available tunnel interface to the interface information list.
  12. 如权利要求7-11任一所述的方法,其特征在于,所述将所述不可用LNS的隧道接口的标识从存储的接口信息列表中删除之后,还包括:The method according to any one of claims 7 to 11, wherein after the deleting the identifier of the tunnel interface of the unavailable LNS from the stored interface information list, the method further includes:
    当接收到所述LAC侧任一LAC发送的上线请求时,将更新后的所述接口信息列表发送给所述LAC,指示所述LAC基于所述更新后的接口信息列表选择建立隧道的LNS和隧道接口。After receiving the online request sent by any LAC on the LAC, the updated interface information list is sent to the LAC, and the LAC is instructed to select the LNS and the tunnel based on the updated interface information list. Tunnel interface.
  13. 一种控制器,其特征在于,所述控制器与二层隧道协议L2TP网络服务器LNS侧的多个LNS分别连接,且所述控制器与L2TP访问集中器LAC侧的认证授权及计费AAA服务器连接,所述控制器包括:A controller, wherein the controller is connected to a plurality of LNSs on the LNS side of the Layer 2 tunneling protocol L2TP network server, and the controller and the L2TP access concentrator LAC side authentication and authorization and accounting AAA server Connected, the controller includes:
    接收模块,用于接收来自所述多个LNS中的每个LNS的设备信息,所述设备信息包括对应LNS的设备标识和设备状态信息;a receiving module, configured to receive device information from each of the plurality of LNSs, where the device information includes device identifiers and device state information corresponding to the LNS;
    处理模块,用于根据所述多个LNS中的每个LNS的设备信息确定所述多个LNS中的不可用LNS;a processing module, configured to determine, according to device information of each LNS of the multiple LNSs, an unavailable LNS of the multiple LNSs;
    发送模块,用于向所述AAA服务器发送第一通知消息,所述第一通知消息携带所述不可用LNS的隧道接口的标识,所述第一通知消息用于通知所述AAA服务器将所述不可用LNS的隧道接口的标识从存储的接口信息列表中删除。a sending module, configured to send a first notification message to the AAA server, where the first notification message carries an identifier of a tunnel interface of the unavailable LNS, where the first notification message is used to notify the AAA server to The identifier of the tunnel interface of the unavailable LNS is deleted from the list of stored interface information.
  14. 如权利要求13所述的控制器,其特征在于,所述设备状态信息包括故障信息、中央处理器CPU利用率、内存占用量、承载L2TP隧道的出接口的总流量和总承载的用户 量中的至少一个;The controller according to claim 13, wherein the device status information includes fault information, CPU utilization of the central processing unit, memory usage, total traffic carrying the outbound interface of the L2TP tunnel, and users of the total bearer. At least one of the quantities;
    所述处理模块用于根据所述多个LNS中的每个LNS的设备信息确定所述多个LNS中的不可用LNS中,所述处理模块具体用于以下中的至少一个:The processing module is configured to determine, according to the device information of each LNS of the multiple LNSs, the unavailable LNS in the multiple LNSs, where the processing module is specifically used in at least one of the following:
    当目标LNS的设备状态信息中存在故障信息时,将所述目标LNS确定为不可用LNS,所述目标LNS为所述多个LNS中的任一LNS;When the fault information is found in the device state information of the target LNS, the target LNS is determined to be an unavailable LNS, and the target LNS is any one of the plurality of LNSs;
    当目标LNS的CPU利用率大于第一预设阈值时,将所述目标LNS确定为不可用LNS;When the CPU utilization of the target LNS is greater than the first preset threshold, determining the target LNS as an unavailable LNS;
    当目标LNS的内存占用量大于第二预设阈值时,将所述目标LNS确定为不可用LNS;When the memory usage of the target LNS is greater than a second preset threshold, determining the target LNS as an unavailable LNS;
    当目标LNS的承载L2TP隧道的出接口的总流量大于第三预设阈值时,将所述目标LNS确定为不可用LNS;When the total traffic of the outbound interface carrying the L2TP tunnel of the target LNS is greater than a third preset threshold, the target LNS is determined to be an unavailable LNS;
    当目标LNS的总承载的用户量大于第四预设阈值时,将所述目标LNS确定为不可用LNS;When the amount of users of the total bearer of the target LNS is greater than a fourth preset threshold, determining the target LNS as an unavailable LNS;
    相应地,所述不可用LNS的隧道接口的标识是指所述不可用LNS的所有隧道接口的标识。Correspondingly, the identifier of the tunnel interface of the unavailable LNS refers to the identifier of all tunnel interfaces of the unavailable LNS.
  15. 如权利要求14所述的控制器,其特征在于,所述发送模块还用于当根据所述不可用LNS的设备信息,确定所述不可用LNS在排除问题后恢复为可用LNS时,向所述AAA服务器发送第二通知消息,所述第二通知消息携带所述可用LNS的所有隧道接口的标识,用于通知所述AAA服务器在所述接口信息列表中增加所述可用LNS的所有隧道接口的标识。The controller according to claim 14, wherein the sending module is further configured to: when determining, according to the device information of the unavailable LNS, that the unavailable LNS is restored to an available LNS after excluding a problem, The AAA server sends a second notification message, where the second notification message carries an identifier of all tunnel interfaces of the available LNS, and is used to notify the AAA server to add all tunnel interfaces of the available LNS in the interface information list. Logo.
  16. 如权利要求13所述的控制器,其特征在于,所述设备信息还包括对应LNS包括的至少一个隧道接口的标识和隧道接口状态信息;The controller according to claim 13, wherein the device information further comprises an identifier of the at least one tunnel interface and tunnel interface state information corresponding to the LNS;
    所述处理模块用于根据所述多个LNS中的每个LNS的设备信息确定所述多个LNS中的不可用LNS中,所述处理模块具体用于:The processing module is configured to determine, according to the device information of each of the plurality of LNSs, the unavailable LNSs in the plurality of LNSs, where the processing module is specifically configured to:
    根据所述多个LNS中的每个LNS的设备信息中包括的至少一个隧道接口的标识和隧道接口状态信息,确定所述多个LNS中存在不可用隧道接口的LNS;Determining, according to the identifier of the at least one tunnel interface and the tunnel interface state information included in the device information of each of the plurality of LNSs, an LNS in the plurality of LNSs that has an unavailable tunnel interface;
    将所述多个LNS中存在不可用隧道接口的LNS确定为所述多个LNS中的不可用LNS;Determining, by the LNS that is not available in the plurality of LNSs, an unavailable LNS in the multiple LNSs;
    相应地,所述第一通知消息携带所述不可用LNS中不可用隧道接口的标识,所述第一通知消息用于通知所述AAA服务器将所述不可用LNS中不可用隧道接口的标识从存储的接口信息列表中删除。Correspondingly, the first notification message carries an identifier of the unavailable tunnel interface in the unavailable LNS, and the first notification message is used to notify the AAA server to identify the identifier of the unavailable tunnel interface in the unavailable LNS. The list of stored interface information is deleted.
  17. 如权利要求16所述的控制器,其特征在于,所述隧道接口状态信息包括对应隧道所承载的用户量和隧道接口的流量中的至少一个;The controller according to claim 16, wherein the tunnel interface state information comprises at least one of a quantity of users carried by the corresponding tunnel and a traffic of the tunnel interface;
    所述处理模块用于根据所述多个LNS中的每个LNS的设备信息中包括的至少一个隧道接口的标识和隧道接口状态信息,确定所述多个LNS中存在不可用隧道接口的LNS中,所述处理模块具体用于以下中的至少一个:The processing module is configured to determine, according to the identifier of the at least one tunnel interface and the tunnel interface state information included in the device information of each of the plurality of LNSs, the LNS in the plurality of LNSs that have an unavailable tunnel interface. The processing module is specifically for at least one of the following:
    对于所述多个LNS中的每个LNS,当所述LNS包括的至少一个隧道接口中目标隧道接口对应的隧道所承载的用户量大于第五预设阈值时,将所述目标隧道接口确定为所述LNS中的不可用隧道接口,并将所述LNS确定为存在不可用隧道接口的LNS,所述目标隧道接口为所述LNS包括的至少一个隧道接口中的任一接口;For each of the plurality of LNSs, when the number of users carried by the tunnel corresponding to the target tunnel interface in the at least one tunnel interface included in the LNS is greater than a fifth preset threshold, the target tunnel interface is determined as The LNS is not available in the LNS, and the LNS is determined to be an LNS having an unavailable tunnel interface, where the target tunnel interface is any one of at least one tunnel interface included in the LNS;
    当所述LNS包括的至少一个隧道接口中目标隧道接口的流量大于第六预设阈值时,将 所述目标隧道接口确定为所述LNS中的不可用隧道接口,并将所述LNS确定为存在不可用隧道接口的LNS。When the traffic of the target tunnel interface in the at least one tunnel interface included in the LNS is greater than a sixth preset threshold, The target tunnel interface is determined to be an unavailable tunnel interface in the LNS, and the LNS is determined to be an LNS in which an unavailable tunnel interface exists.
  18. 如权利要求16或17所述的控制器,所述发送模块还用于当根据所述不可用LNS中不可用隧道接口的隧道接口状态信息,确定所述不可用隧道接口在排除问题后恢复为可用隧道接口时,向所述AAA服务器发送第三通知消息,所述第三通知消息携带所述可用隧道接口的标识,所述第三通知消息用于通知所述AAA服务器在所述接口信息列表中增加所述可用隧道接口的标识。The controller according to claim 16 or 17, wherein the sending module is further configured to: when the tunnel interface state information of the tunnel interface that is not available in the unavailable LNS, determine that the unavailable tunnel interface recovers after the problem is eliminated When the tunnel interface is available, the third notification message is sent to the AAA server, where the third notification message carries the identifier of the available tunnel interface, and the third notification message is used to notify the AAA server of the interface information list. The identifier of the available tunnel interface is added.
  19. 一种认证授权及计费AAA服务器,其特征在于,所述AAA服务器与控制器以及二层隧道协议L2TP访问集中器LAC侧的多个LAC分别连接,所述控制器与L2TP网络服务器LNS侧的多个LNS分别连接,所述AAA服务器包括:An AAA server for authentication and authorization, and the AAA server is connected to a controller and a plurality of LACs on the LAC side of the Layer 2 tunneling protocol L2TP access concentrator. The controller and the L2TP network server are on the LNS side. A plurality of LNSs are respectively connected, and the AAA server includes:
    接收模块,用于接收所述控制器发送的第一通知消息,所述第一通知消息携带不可用LNS的隧道接口的标识,且所述第一通知消息由所述控制器在基于所述多个LNS中的每个LNS的设备信息,确定出所述多个LNS中的所述不可用LNS时发送,所述设备信息包括对应LNS的设备标识和设备状态信息;a receiving module, configured to receive a first notification message sent by the controller, where the first notification message carries an identifier of a tunnel interface of an unavailable LNS, and the first notification message is based on the controller The device information of each LNS in the LNS is sent when the unavailable LNS in the multiple LNSs is determined, and the device information includes device identifiers and device state information corresponding to the LNS;
    处理模块,用于将所述不可用LNS的隧道接口的标识从存储的接口信息列表中删除。And a processing module, configured to delete the identifier of the tunnel interface of the unavailable LNS from the stored interface information list.
  20. 如权利要求19所述的AAA服务器,其特征在于,所述处理模块用于将所述不可用LNS的隧道接口的标识从存储的接口信息列表中删除中,所述处理模块具体用于:The AAA server according to claim 19, wherein the processing module is configured to delete the identifier of the tunnel interface of the unavailable LNS from the stored interface information list, where the processing module is specifically configured to:
    当所述第一通知消息携带所述不可用LNS中所有隧道接口的标识时,将所述不可用LNS中所有隧道接口的标识从存储的接口信息列表中删除。When the first notification message carries the identifiers of all the tunnel interfaces in the unavailable LNS, the identifiers of all the tunnel interfaces in the unavailable LNS are deleted from the stored interface information list.
  21. 如权利要求20所述的AAA服务器,其特征在于,所述接收模块还用于接收所述控制器发送的第二通知消息,所述第二通知消息携带可用LNS的所有隧道接口的标识,所述第二通知消息由所述控制器基于所述不可用LNS的设备信息,确定所述不可用LNS在排除问题后恢复为可用LNS时发送;The AAA server according to claim 20, wherein the receiving module is further configured to receive a second notification message sent by the controller, where the second notification message carries an identifier of all tunnel interfaces of the available LNS, where The second notification message is sent by the controller, based on the device information of the unavailable LNS, to determine that the unavailable LNS is sent back to the available LNS after the problem is eliminated;
    所述处理模块还用于在所述接口信息列表中增加所述可用LNS的所有隧道接口的标识。The processing module is further configured to add, in the interface information list, an identifier of all tunnel interfaces of the available LNS.
  22. 如权利要求19所述的AAA服务器,其特征在于,所述处理模块用于将所述不可用LNS的隧道接口的标识从存储的接口信息列表中删除中,所述处理模块具体用于:The AAA server according to claim 19, wherein the processing module is configured to delete the identifier of the tunnel interface of the unavailable LNS from the stored interface information list, where the processing module is specifically configured to:
    当所述第一通知消息携带所述不可用LNS中不可用隧道接口的标识时,将所述不可用LNS中不可用隧道接口的标识从存储的接口信息列表中删除,所述第一通知消息由所述控制器基于所述多个LNS中的每个LNS的设备信息中包括的至少一个隧道接口的标识和隧道接口状态信息,确定出所述多个LNS中存在不可用隧道接口的LNS时发送。When the first notification message carries the identifier of the unavailable tunnel interface in the unavailable LNS, the identifier of the unavailable tunnel interface in the unavailable LNS is deleted from the stored interface information list, where the first notification message is deleted. Determining, by the controller, the LNS of the unavailable tunnel interface in the plurality of LNSs based on the identifier of the at least one tunnel interface and the tunnel interface state information included in the device information of each of the plurality of LNSs send.
  23. 如权利要求22所述的AAA服务器,其特征在于,所述接收模块还用于接收所述控制器发送的第三通知消息,所述第三通知消息携带可用隧道接口的标识,所述第三通知消息由所述控制器基于所述不可用LNS中不可用隧道接口的隧道接口状态信息,确定所述 不可用隧道接口在排除问题后恢复为可用隧道接口时发送;The AAA server according to claim 22, wherein the receiving module is further configured to receive a third notification message sent by the controller, where the third notification message carries an identifier of an available tunnel interface, and the third The notification message is determined by the controller based on tunnel interface state information of the unavailable tunnel interface in the unavailable LNS. The unavailable tunnel interface is sent when it is restored to the available tunnel interface after troubleshooting.
    所述处理模块还用于在所述接口信息列表中增加所述可用隧道接口的标识。The processing module is further configured to add an identifier of the available tunnel interface in the interface information list.
  24. 如权利要求19-23任一所述的AAA服务器,其特征在于,所述AAA服务器还包括:The AAA server according to any one of claims 19-23, wherein the AAA server further comprises:
    发送模块,用于当接收到所述LAC侧任一LAC发送的上线请求时,将更新后的接口信息列表发送给所述LAC,指示所述LAC基于所述更新后的所述接口信息列表选择建立隧道的LNS和隧道接口。a sending module, configured to send, to the LAC, an updated interface information list, when the LAC sends an online request sent by any LAC, to indicate that the LAC selects the updated interface information list. Establish the LNS and tunnel interface of the tunnel.
  25. 一种基于二层隧道协议L2TP的设备管理***,其特征在于,所述设备管理***包括控制器、L2TP访问集中器LAC侧和L2TP网络服务器LNS侧,所述LAC侧包括认证授权及计费AAA服务器和多个LAC,所述LNS侧包括多个LNS,所述控制器与所述AAA服务器以及所述LNS侧的多个LNS分别连接;A device management system based on the Layer 2 Tunneling Protocol (L2TP), wherein the device management system includes a controller, an L2TP access concentrator LAC side, and an L2TP network server LNS side, and the LAC side includes authentication and authorization and accounting AAA. The server and the plurality of LACs, the LNS side includes a plurality of LNSs, and the controller is respectively connected to the AAA server and the plurality of LNSs on the LNS side;
    所述控制器,用于接收来自所述多个LNS中的每个LNS的设备信息,所述设备信息包括对应LNS的设备标识和设备状态信息;根据所述多个LNS中的每个LNS的设备信息确定所述多个LNS中的不可用LNS;向所述AAA服务器发送第一通知消息,所述第一通知消息携带所述不可用LNS的隧道接口的标识;The controller is configured to receive device information from each of the multiple LNSs, where the device information includes device identifiers and device state information corresponding to the LNS; according to each LNS of the multiple LNSs The device information determines an unavailable LNS of the plurality of LNSs; and sends a first notification message to the AAA server, where the first notification message carries an identifier of the tunnel interface of the unavailable LNS;
    所述AAA服务器,用于接收所述控制器发送的所述第一通知消息;将所述不可用LNS的隧道接口的标识从存储的接口信息列表中删除;当接收到所述LAC侧任一LAC发送的上线请求时,将更新后的所述接口信息列表发送给所述LAC;The AAA server is configured to receive the first notification message sent by the controller, and delete the identifier of the tunnel interface of the unavailable LNS from the stored interface information list; When the online request sent by the LAC is sent, the updated interface information list is sent to the LAC;
    所述LAC,用于接收所述AAA服务器发送的更新后的所述接口信息列表,基于更新后的所述接口信息列表选择建立L2TP隧道的LNS和隧道接口,向选择的LNS发送隧道建立请求,所述隧道建立请求携带选择的隧道接口的标识;The LAC is configured to receive the updated interface information list that is sent by the AAA server, and select an LNS and a tunnel interface for establishing an L2TP tunnel based on the updated interface information list, and send a tunnel establishment request to the selected LNS. The tunnel establishment request carries an identifier of the selected tunnel interface;
    所述选择的LNS,用于当接收到所述LAC发送的所述隧道建立请求时,向所述LAC发送建立响应,以通过所述选择的隧道接口建立到所述LAC之间的L2TP隧道。 The selected LNS is configured to send a setup response to the LAC when the tunnel establishment request sent by the LAC is received, to establish an L2TP tunnel between the LACs by using the selected tunnel interface.
PCT/CN2017/114824 2016-12-08 2017-12-06 L2tp-based device management method, apparatus and system WO2018103665A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201611121163.0A CN108183849B (en) 2016-12-08 2016-12-08 Device management method, device and system based on L2TP
CN201611121163.0 2016-12-08

Publications (1)

Publication Number Publication Date
WO2018103665A1 true WO2018103665A1 (en) 2018-06-14

Family

ID=62491728

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2017/114824 WO2018103665A1 (en) 2016-12-08 2017-12-06 L2tp-based device management method, apparatus and system

Country Status (2)

Country Link
CN (1) CN108183849B (en)
WO (1) WO2018103665A1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109327376A (en) * 2018-11-15 2019-02-12 北京首信科技股份有限公司 The method and apparatus for establishing VPDN session
CN113055835A (en) * 2019-12-10 2021-06-29 中国电信股份有限公司 Vehicle-mounted application traffic processing method, device and system

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109617778B (en) * 2018-11-22 2021-05-18 西安佰才邦网络技术有限公司 Method, device and system for realizing cross-domain two-layer network service
CN110636464B (en) * 2019-09-29 2021-05-18 广西东信易联科技有限公司 Communication system for communication between Internet of things equipment and communication system with enterprise intranet
CN116170297B (en) * 2023-04-23 2023-07-14 北京首信科技股份有限公司 Method and device for monitoring LNS network element in network access authentication

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1617541A (en) * 2004-09-30 2005-05-18 上海金诺网络安全技术发展股份有限公司 Realizing method for virtual special dial network
CN101163085A (en) * 2007-11-16 2008-04-16 中国联合通信有限公司 Method and system for implementing CDMA1xLNS load balancing
US20090034451A1 (en) * 2007-08-03 2009-02-05 Utstarcom, Inc. System and method for handling QoS flows in a roaming scenario
EP2028793A1 (en) * 2007-08-21 2009-02-25 Nokia Siemens Networks Oy Mediation device and method for adapting a first connection to a second connection in a communication network
CN102523583A (en) * 2011-12-07 2012-06-27 福建星网锐捷网络有限公司 VPDN multi-access point backup access method and equipment

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103634189A (en) * 2012-08-29 2014-03-12 中兴通讯股份有限公司 Method and system for establishing L2TP tunnel
CN105591869B (en) * 2015-07-22 2019-03-01 新华三技术有限公司 A kind of method and apparatus selecting L2TP Network Server

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1617541A (en) * 2004-09-30 2005-05-18 上海金诺网络安全技术发展股份有限公司 Realizing method for virtual special dial network
US20090034451A1 (en) * 2007-08-03 2009-02-05 Utstarcom, Inc. System and method for handling QoS flows in a roaming scenario
EP2028793A1 (en) * 2007-08-21 2009-02-25 Nokia Siemens Networks Oy Mediation device and method for adapting a first connection to a second connection in a communication network
CN101163085A (en) * 2007-11-16 2008-04-16 中国联合通信有限公司 Method and system for implementing CDMA1xLNS load balancing
CN102523583A (en) * 2011-12-07 2012-06-27 福建星网锐捷网络有限公司 VPDN multi-access point backup access method and equipment

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109327376A (en) * 2018-11-15 2019-02-12 北京首信科技股份有限公司 The method and apparatus for establishing VPDN session
CN113055835A (en) * 2019-12-10 2021-06-29 中国电信股份有限公司 Vehicle-mounted application traffic processing method, device and system
CN113055835B (en) * 2019-12-10 2022-11-08 中国电信股份有限公司 Vehicle-mounted application traffic processing method, device and system

Also Published As

Publication number Publication date
CN108183849A (en) 2018-06-19
CN108183849B (en) 2021-01-08

Similar Documents

Publication Publication Date Title
EP3745645B1 (en) Method, device, and system for guaranteeing service level agreement of application
US11038972B2 (en) Service providing method, apparatus, and system
US10601728B2 (en) Software-defined data center and service cluster scheduling and traffic monitoring method therefor
US20220107848A1 (en) Edge service providing method and apparatus, and device
WO2018103665A1 (en) L2tp-based device management method, apparatus and system
US11032105B2 (en) Method for implementing GRE tunnel, home gateway and aggregation gateway
US20180307522A1 (en) Software-defined data center, and deployment method for service cluster therein
CN110896371B (en) Virtual network equipment and related method
EP3827577B1 (en) System and method for intelligently managing sessions in a mobile network
EP3565182B1 (en) Network slicing management method, and management unit and system
CN109842507B (en) Network slice management method and equipment
JP2021518094A (en) Billing methods, equipment and systems
CN109150808B (en) Communication method, device and system
US11251981B2 (en) Communication method and apparatus
KR20140052397A (en) Appartus and method for managing virtual machine in mobile communication syste
US11588679B2 (en) System and method of establishing seamless remote access virtual private network connections
US20230156828A1 (en) Session establishment method and apparatus, system, and computer storage medium
CN110870256B (en) Method, system and computer readable medium for operating a telecommunication network
WO2023035925A1 (en) Service processing method, apparatus and system
WO2018177003A1 (en) Charging method, and related device and system
US20240073086A1 (en) Joint orchestration for private mobile network

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 17878060

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 17878060

Country of ref document: EP

Kind code of ref document: A1