CN100525179C - Method for preventing IP address leakage - Google Patents

Method for preventing IP address leakage Download PDF

Info

Publication number
CN100525179C
CN100525179C CNB2006100615957A CN200610061595A CN100525179C CN 100525179 C CN100525179 C CN 100525179C CN B2006100615957 A CNB2006100615957 A CN B2006100615957A CN 200610061595 A CN200610061595 A CN 200610061595A CN 100525179 C CN100525179 C CN 100525179C
Authority
CN
China
Prior art keywords
address
dhcp
message
dynamic host
configuration protocol
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CNB2006100615957A
Other languages
Chinese (zh)
Other versions
CN1885763A (en
Inventor
邓雄
袁远
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Huawei Technologies Co Ltd
Original Assignee
Huawei Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Technologies Co Ltd filed Critical Huawei Technologies Co Ltd
Priority to CNB2006100615957A priority Critical patent/CN100525179C/en
Publication of CN1885763A publication Critical patent/CN1885763A/en
Application granted granted Critical
Publication of CN100525179C publication Critical patent/CN100525179C/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Abstract

The disclosed method to prevent leakage of IP address comprises: after capturing DHCP message from DHCP client, DHCP Relay records user port address, finds out the MAC address of DHCP client form client HD address field to build the correlation; after receiving response message from DHCP server, DHCP Relay finds out the MSC address to find out the corresponding client port address and send the message to the port directly. This invention increases security for DHCP, and saves network band resource.

Description

A kind of method that prevents that the IP address from revealing
Technical field
The present invention relates to Internet (Internet) technical field and technical field of access networks, be specifically related to the method that reveal a kind of IP of preventing address.
Background technology
DHCP (DHCP, Dynamic Host Configuration Protocol) is a kind of terminal automatic configuration protocol, and RFC2131,2132,1542 has provided its realization standard.The DHCP agreement adopts the client-server mode to realize, the DHCP agreement is based on the application on the UDP layer, the DHCP terminal (also can be described as dhcp client, DHCP client) adopt well-known port number 68 to identify, Dynamic Host Configuration Protocol server (DHCP server) adopts well-known port number 67 to identify.The DHCP agreement can be supported multiple terminal equipment, and whole layoutprocedure realizes that automatically terminal need not configuration, can realize the target that the user starts shooting and just can surf the Net; All configuration informations are by the Dynamic Host Configuration Protocol server unified management, not only can the distributing IP addresses, can also dispose other a large amount of network configuration parameters and system configuration informations; By the management of IP address rental period, realize IP address time-sharing multiplex, save limited IP address resource; Adopt broadcast mode to realize message interaction, message generally can not the inter-network section, if want the inter-network section, needs DHCP Relay (dynamic host configuration protocol relay equipment).
Table 1 has provided the form of DHCP message:
Figure C200610061595D00061
Table 1
The DHCP message encapsulates as the quiet lotus of entire I P message.
The op field: represent that current message is the request of DHCP client or replying of DHCP server, the value of this field is to represent it is the request of DHCP client at 1 o'clock, is to represent it is replying of DHCPserver at 2 o'clock.
Htype field and hlen field: hardware type, hardware length, network hardware addresses type, the length of representing DHCPclient respectively, value as the htype field is 1, the network hardware of expression DHCPclient is the ethernet type of 10MB, the value of hlen field is 6, and the network hardware addresses length of expression DHCPclient is 6bytes (being the MAC Address of the 6bytes of ethernet type).
Hops field: the number of representing the DHCP Relay of current DHCP message process, be similar to the hop count field in the IP head, but implication is different fully, when DHCP client or DHCP server send the DHCP message, this field all is initialized as 0, every through a DHCP Relay, this field will add 1, the effect of this field is that restriction DHCP message does not pass through too many DHCP Relay, DHCP agreement regulation, when the value of hops field during greater than 4 (also being defined as 16 now), this DHCP message just can not be handled again, but abandons.
Ciaddr field: client ip address, the IP address of expression DHCP client oneself.Can be the IP address that DHCP server distributes to DHCP client, also can be the existing IP of DHCP client address.DHCP client can use this IP address to receive the IP message, and DHCP server finds that this field is not at 0 o'clock, can directly give DHCP client with the response message clean culture.
Yiaddr field: your ip address, expression DHCP server distributes to the IP address of DHCP client.When the DHCP of DHCP server response DHCP client asks, will insert this field to the IP address of distributing to DHCP client.
Giaddr field: gateway ip address, the IP address of writing down first DHCP Relay.After DHCP client sends the DHCP request message, if there is DHCP Relay in the network, when then first DHCP Relay transmits this DHCP request message, will insert this field (DHCP Relay subsequently will no longer rewrite this field, just the value of hops field be added 1) to the IP address of oneself.DHCP server will be user's distributing IP address according to this field, and response message is transmitted to this DHCP Relay, is transmitted to DHCP client again by DHCP Relay.
Chaddr field: client hardware address, the actual hardware address contents of record DHCP client.When DHCP client sends the DHCP request message, will insert this field to the network interface card hardware address of oneself, DHCP server generally can use this field to come DHCP of unique identification
client。And this field is necessary consistent with htype, the hlen field of front, and for example when the value of htype, hlen field was respectively 1 and 6, this field must be inserted the ethernet mac address of 6bytes.
DHCP has 8 kinds of type of messages, identifies by option 53 DHCP Message the type fields.
1, DHCP DISCOVER: this message is first message that DHCP client begins dhcp process;
2, DHCP OFFER: this message is the response of DHCP server to the DHCPDISCOVER message;
3, DHCP REQUEST: this message is that DHCP client begins in the dhcp process response to the DHCP OFFER message of DHCPserver, or the DHCP client message that the IP address sends during the rental period that renews;
4, DHCP DECLINE: the IP address of distributing to it as DHCP client discovery DHCP server can't be used, and during as IP address conflict, will send this message, and notice DHCP server bans use of the IP address;
5, DHCP ACK:DHCP server after DHCP client receives this message, has just really obtained IP address and relevant configuration information to the affirmation response message of the DHCPREQUEST message of DHCP client;
6, DHCP NAK:DHCP server after DHCP client receives this message, generally can restart new dhcp process to the refusal response message of the DHCPREQUEST message of DHCP client;
7, DHCP RELEASE:DHCP client initiatively discharges the message that server distributes to its IP address, after DHCP server receives this message, just can reclaim this IP address, can distribute to other DHCP client;
8, DHCP INFORM:DHCP client has obtained the IP address, sends this message, and just in order to obtain other some network configuration informations from DHCP server, as route IP, DNS IP etc., the application of this message is very rare.
DSLAM (Digital Subscriber Line Access Multiplexers, digital subscriber line access multiplex) equipment is positioned at the broadband network edge access layer, mainly provides xDSL to insert, and supports VDSL, ADSL, G.SHDSL to insert; In based on the xDSL access, also can support certain Ethernet to insert; IP multicast service also is provided simultaneously, but has abundant wideband switch-in business and the good management function of runing.The structure chart of DSLAM as shown in Figure 1.
Because the DHCP message all adopts broadcast mode mostly, can't pass through a plurality of subnets, when the DHCP message will pass through a plurality of subnet, the existence of DHCP Relay will be arranged.DHCP Relay can be a router, also can be a main frame, and in a word, it is all messages of 67 that DHCP Relay will monitor UDP destination slogan.When DHCP Relay receives such message, can at first judge whether it is user's request message, if, and the value of giaddr field is 0, then this field is inserted in the IP address of oneself, and give real DHCP server this message clean culture, with the purpose that realizes that the DHCP message passes through a plurality of subnets.When DHCP Relay found that this is the response message of DHCPserver, can decide according to the broadcast flag in the flag field was broadcasting or the packaged message of clean culture.The DSLAM access device can be born the role of DHCP Relay fully, and the DSLAM equipment of at present a lot of manufacturers all provides DHCP Relay service.
Bigger problem of DHCP agreement is exactly that fail safe is poor, wherein relatively more outstanding a bit is exactly the IP address of stealing validated user for the disabled user, or the MAC Address of the counterfeit validated user of disabled user can't take precautions against, and consequence is that validated user can't normally be surfed the Net.The method that the disabled user obtains validated user IP address and MAC Address has a lot, more common a kind of be exactly the dhcp broadcast message that adopts between Network Sniffing instrument eavesdropping DHCP client and the DHCP server, from the DHCP message, obtain user's hardware address by the chaddr territory, obtain DHCP server to DHCP client IP address allocated by the ciaddr territory, carry out counterfeit then and attack.If the message of DHCP server or DHCP Relay relative users can be used unicast message, can prevent that so to a great extent user's IP address and hardware address from being intercepted with subnet or the link layer bogus attack person with broadcast domain by the IP layer.But actual conditions are, the DHCP agreement is provided with the message broadcast flag in order to take into account various types of DHCP client in the most left bit position of the flags of DHCP message field, and the coded format of flags field as shown in Figure 2.If client can't be accepted unicast message unallocated under the situation of IP address, so just in sending message broadcast flag being set is l, otherwise be set to 0, DHCP server or DHCP Relay send the corresponding message of clean culture or broadcast corresponding message to the user according to this broadcast flag decision.Present DHCP server or started the router of DHCP Relay service, and three-tier switch or DSLAM equipment with three layer functions are handled for user's (DHCPclient) message and different, the processing of simplifying most is exactly all to respond with broadcasting packet under the situation that IP address is not assigned to fully, ignores the broadcast flag in the flags field in the user's message; Relatively the way of standard is to be set to 1 DHCP client broadcasting response for broadcast flag, is set to 0 the unicast response of using; All have the problem of broadcasting response under two kinds of situations, can't accomplish unicast response completely, this just makes bogus attack person detect message chance.
Summary of the invention
The technical problem to be solved in the present invention provides the method that reveal a kind of IP of preventing address, overcome prior art and use broadcast flag to determine DHCP Relay merely DHCP message forwarding mode, thus the shortcoming that causes the Dynamic Host Configuration Protocol server IP address allocated to reveal easily.
The present invention adopts following technical scheme:
A kind of method that prevents that the IP address from revealing comprises step:
After A1, dynamic host configuration protocol relay equipment were caught the dynamic host configuration protocol message of dhcp client end transmission, record sent the user port address of this message; Find the Media Access Control address of dhcp client end from client's hardware address field of this message, set up the corresponding relation of Media Access Control address and user port address;
A2, after receiving the response message that Dynamic Host Configuration Protocol server sends, dynamic host configuration protocol relay equipment finds Media Access Control address according to the client's hardware address field in this response message; Corresponding relation according to this Media Access Control address and user port address finds corresponding user port address; Directly this response message is sent to then on the user port of determining the user port address.
The described method that prevents that the IP address from revealing, wherein said steps A 1 comprises step:
B1, dhcp client end send DHCP and find message, seek Dynamic Host Configuration Protocol server;
B2, dynamic host configuration protocol relay equipment are caught this DHCP and are found message, find Media Access Control address from client's hardware address field of this message, record sends the user port address of message, and this Media Access Control address and user port address are inserted mapping table;
B3, dynamic host configuration protocol relay equipment are according to the selection of configuration Dynamic Host Configuration Protocol server, the encapsulation DHCP is found the Dynamic Host Configuration Protocol server address that the target ip address of the IP message of message is set to select, and sends this DHCP then and finds message.
The described method that prevents that the IP address from revealing, wherein said steps A 1 comprises step:
C1, dhcp client end send the dhcp request message;
C2, dynamic host configuration protocol relay equipment are caught this dhcp request message, find Media Access Control address from client's hardware address field of this message, record sends the user port address of message, and this Media Access Control address and user port address are inserted mapping table;
C3, dynamic host configuration protocol relay equipment are according to the selection of configuration Dynamic Host Configuration Protocol server, the Dynamic Host Configuration Protocol server address that the target ip address of the IP message of encapsulation dhcp request message is set to select sends this dhcp request message then.
The described method that prevents that the IP address from revealing, wherein said steps A 2 comprises step:
D1, dynamic host configuration protocol relay equipment receive the DHCP response of Dynamic Host Configuration Protocol server and find message;
D2, dynamic host configuration protocol relay equipment find Media Access Control address according to client's hardware address field of DHCP response discovery message, search mapping table according to this Media Access Control address, obtain the user port address;
D3, dynamic host configuration protocol relay equipment regenerate the DHCP response and find message, do not change the broadcast flag in this message; Directly this message is sent on the user port of determining the user port address.
The described method that prevents that the IP address from revealing, wherein said steps A 2 comprises step:
E1, dynamic host configuration protocol relay equipment receive the DHCP response request message that Dynamic Host Configuration Protocol server sends;
E2, dynamic host configuration protocol relay equipment find Media Access Control address according to client's hardware address field of DHCP response request message, search mapping table according to this Media Access Control address, obtain the user port address;
E3, dynamic host configuration protocol relay equipment regenerate DHCP response request message, do not change the broadcast flag in this message; Directly this message is sent on the user port of determining the user port address.
The described method that prevents that the IP address from revealing, wherein: dynamic host configuration protocol relay equipment is digital subscriber line access multiplex.
Technical scheme of the present invention is by MAC Address and the port address of record DHCP client, set up the corresponding relation of MAC Address and port address, guarantee that all dhcp server response messages through DHCP Relay or DSLAM equipment can both only send to the initiation requesting users, can not cause message broadcasting, effectively prevent user's eavesdropping, increased the fail safe of DHCP protocol application; The broadcasting packet that has reduced double layer network simultaneously sends, and has saved network bandwidth resources.
Description of drawings
The present invention includes following accompanying drawing:
Fig. 1 is a prior art DSLAM structure chart;
Fig. 2 is the flags code field form of prior art DHCP message;
Fig. 3 is the flow chart that the present invention handles the DHCP message.
Embodiment
Below in conjunction with drawings and Examples the present invention is described in further detail:
Main points of the present invention be when DHCP client (dhcp client end) and DHCPserver (Dynamic Host Configuration Protocol server) not in an IP subnet, DHCP Relay (dynamic host configuration protocol relay equipment) or started the DSLAM of DHCP Relay agent (dynamic host configuration protocol relay agency) service, the MAC Address of the DHCPDISCOVER/REQUEST message accounting DHCP client that sends according to DHCP client, and record sends the user port address of message when receiving the DISCOVER/REQUESTIP message; Set up the corresponding relation of MAC Address and user port address then, behind the response message that receives DHCP server transmission, DHCP Relay or DSLAM equipment find MAC Address according to the chaddr field in the DHCP message; Find the user port of response according to the corresponding relation of MAC Address and user port address; Directly this DHCP message is sent on this user port then, be not broadcast to other user port; So just guaranteed that DHCP server distributes to the IP address of DHCP client and the MAC Address of DHCP client can not intercepted by three layers of same subnet, two layers of other user with broadcast domain.
The present invention comprises as shown in Figure 3 step to the processing procedure of DHCP message; Below by to the specifying of step shown in Figure 3, set forth implementation procedure of the present invention.
Step l, DHCP client (dhcp client) send DHCP DICORVER (DHCP discovery message), seek DHCP server (Dynamic Host Configuration Protocol server);
Step 2, DHCP Relay (dynamic host configuration protocol relay equipment) or DSLAM equipment are caught this DHCP DISCOVER message, find MAC (the Media AccessControl of DHCP client from the chaddr field (client's hardware address field) of DHCP DISCOVER message, medium access control) address, record sends the user port address of message, and this MAC Address and user port address are inserted mapping table;
Step 3, (possible mode is a fixed configurations or according to the configuration of user's incoming interface binding server, select server according to user's MAC Address section according to the Dynamic Host Configuration Protocol server that disposes on DHCP Relay or DSLAM equipment, server is selected in OPTION60 territory according to the DHCP message), DHCP Relay or DSLAM equipment send DHCP DISCOVER message (the Dynamic Host Configuration Protocol server address that the target ip address of the IP message of encapsulation DHCP DISCOVER message is set to select) to DHCP server clean culture;
Step 4, DHCP Relay or DSLAM equipment receive the DHCP OFFER (message is found in the DHCP response) of DHCP server response;
Step 5, DHCP Relay or DSLAM equipment obtain user's MAC Address according to the chaddr field of DHCP OFFER message, search mapping table according to this MAC Address, obtain the user port address;
Step 6, DHCP Relay or DSLAM equipment regenerate DHCP OFFER message, do not change the broadcast flag in the DHCP OFFER message; Only DHCP OFFER message is sent to the user port address that obtains in the step 5;
Step 7, dhcp client send DHCP REQUEST message (dhcp request message);
Step 8, DHCP Relay or DSLAM equipment are caught this DHCP REQUEST message, find the MAC Address of DHCP client from the chaddr field of DHCP REQUEST message, MAC Address in this MAC Address and the mapping table is compared, if existing this MAC Address in the mapping table, then execution in step 9, otherwise deposit this MAC Address and corresponding user port address in mapping table;
The Dynamic Host Configuration Protocol server that step 9, basis dispose on DHCP Relay or DSLAM equipment, DHCP Relay or DSLAM equipment send DHCPREQUEST message (the DHCP server address that the target ip address of the IP message of encapsulation DHCP REQUEST message is set to select) to DHCP server clean culture;
Step 10, DHCP Relay or DSLAM equipment receive the DHCP ACK message (DHCP response request message) that DHCP server sends;
Step 11, DHCP Relay or DSLAM equipment obtain user's MAC Address according to the chaddr field of DHCP ACK message, search mapping table according to user's MAC address, obtain corresponding user port address;
Step 12, DHCP Relay or DSLAM equipment regenerate DHCP ACK message, do not change the broadcast flag in the DHCP ACK message; Only DHCP ACK message is sent to the user port address that obtains in the step 11.
In the above embodiments, DHCP Relay or DSLAM equipment are provided with message and receive monitoring module, each user port is monitored in real time, when the DHCP message comes, message receives monitoring module and just the user port information of DHCP message and transmission message is transmitted to main processing block together, and main processing block will deposit user port address and the corresponding M AC that finds address in mapping table together from the DHCP message.
Though pass through with reference to the preferred embodiments of the present invention, the present invention is illustrated and describes, but those of ordinary skill in the art should be understood that, can do various changes to it in the form and details, and the spirit and scope of the present invention that do not depart from appended claims and limited.

Claims (6)

1, a kind of method that prevents that the IP address from revealing is characterized in that, comprises step:
After A1, dynamic host configuration protocol relay equipment were caught the dynamic host configuration protocol message of dhcp client end transmission, record sent the user port address of this message; Find the Media Access Control address of dhcp client end from client's hardware address field of this message, set up the corresponding relation of Media Access Control address and user port address;
A2, after receiving the response message that Dynamic Host Configuration Protocol server sends, dynamic host configuration protocol relay equipment finds Media Access Control address according to the client's hardware address field in this response message; Corresponding relation according to this Media Access Control address and user port address finds corresponding user port address; Directly this response message is sent to then on the user port of determining the user port address.
2, the method that prevents that the IP address from revealing according to claim 1 is characterized in that described steps A 1 comprises step:
B1, dhcp client end send DHCP and find message, seek Dynamic Host Configuration Protocol server;
B2, dynamic host configuration protocol relay equipment are caught this DHCP and are found message, find Media Access Control address from client's hardware address field of this message, record sends the user port address of message, and this Media Access Control address and user port address are inserted mapping table;
B3, dynamic host configuration protocol relay equipment are according to the selection of configuration Dynamic Host Configuration Protocol server, the encapsulation DHCP is found the Dynamic Host Configuration Protocol server address that the target ip address of the IP message of message is set to select, and sends this DHCP then and finds message.
3, the method that prevents that the IP address from revealing according to claim 1 is characterized in that described steps A 1 comprises step:
C1, dhcp client end send the dhcp request message;
C2, dynamic host configuration protocol relay equipment are caught this dhcp request message, find Media Access Control address from client's hardware address field of this message, record sends the user port address of message, and this Media Access Control address and user port address are inserted mapping table;
C3, dynamic host configuration protocol relay equipment are according to the selection of configuration Dynamic Host Configuration Protocol server, the Dynamic Host Configuration Protocol server address that the target ip address of the IP message of encapsulation dhcp request message is set to select sends this dhcp request message then.
4, the method that prevents that the IP address from revealing according to claim 2 is characterized in that described steps A 2 comprises step:
D1, dynamic host configuration protocol relay equipment receive the DHCP response of Dynamic Host Configuration Protocol server and find message;
D2, dynamic host configuration protocol relay equipment find Media Access Control address according to client's hardware address field of DHCP response discovery message, search mapping table according to this Media Access Control address, obtain the user port address;
D3, dynamic host configuration protocol relay equipment regenerate the DHCP response and find message, do not change the broadcast flag in this message; Directly this message is sent on the user port of determining the user port address.
5, the method that prevents that the IP address from revealing according to claim 3 is characterized in that described steps A 2 comprises step:
E1, dynamic host configuration protocol relay equipment receive the DHCP response request message that Dynamic Host Configuration Protocol server sends;
E2, dynamic host configuration protocol relay equipment find Media Access Control address according to client's hardware address field of DHCP response request message, search mapping table according to this Media Access Control address, obtain the user port address;
E3, dynamic host configuration protocol relay equipment regenerate DHCP response request message, do not change the broadcast flag in this message; Directly this message is sent on the user port of determining the user port address.
6, according to the arbitrary described method that prevents that the IP address from revealing of claim 1 to 5, it is characterized in that: dynamic host configuration protocol relay equipment is digital subscriber line access multiplex.
CNB2006100615957A 2006-07-06 2006-07-06 Method for preventing IP address leakage Active CN100525179C (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CNB2006100615957A CN100525179C (en) 2006-07-06 2006-07-06 Method for preventing IP address leakage

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CNB2006100615957A CN100525179C (en) 2006-07-06 2006-07-06 Method for preventing IP address leakage

Related Child Applications (1)

Application Number Title Priority Date Filing Date
CN2008101896641A Division CN101471966B (en) 2006-07-06 2006-07-06 System and device for preventing IP address from leakage

Publications (2)

Publication Number Publication Date
CN1885763A CN1885763A (en) 2006-12-27
CN100525179C true CN100525179C (en) 2009-08-05

Family

ID=37583760

Family Applications (1)

Application Number Title Priority Date Filing Date
CNB2006100615957A Active CN100525179C (en) 2006-07-06 2006-07-06 Method for preventing IP address leakage

Country Status (1)

Country Link
CN (1) CN100525179C (en)

Families Citing this family (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101309202A (en) * 2007-05-18 2008-11-19 华为技术有限公司 Method and system for identifying user, relay apparatus
CN101115063B (en) * 2007-08-30 2011-11-30 中兴通讯股份有限公司 Method for prevent MAC address/IP address spuriousness of broadband access equipment
CN101610206B (en) * 2008-06-17 2012-04-18 华为技术有限公司 Method, system and device for processing binding/unbinding
CN109862125A (en) * 2017-11-30 2019-06-07 北京华为数字技术有限公司 A kind of message forwarding method and device
CN110351399A (en) * 2019-07-04 2019-10-18 四川天邑康和通信股份有限公司 A kind of gateway terminal LAN side address dynamic allocation management method and managing device
CN113572759B (en) * 2021-07-21 2023-05-23 华控清交信息科技(北京)有限公司 Data management method and device, electronic equipment and storage medium

Also Published As

Publication number Publication date
CN1885763A (en) 2006-12-27

Similar Documents

Publication Publication Date Title
CN101471966B (en) System and device for preventing IP address from leakage
EP2169877B1 (en) Processing method and device for qinq termination configuration
US8028324B2 (en) Method for transmitting policy information between network equipment
CN101179603B (en) Method and device for controlling user network access in IPv6 network
CN100589498C (en) IP communication system and IP address assignment method thereof
EP1936883B1 (en) Service provisioning method and system thereof
CN102025792B (en) Router and IP address setting method thereof
CN101741702B (en) Method and device for limiting broadcast of ARP request
US20140325090A1 (en) Discovery and disconnection of client addresses in an access node for an ip network
CN100583904C (en) Automatic configuration method for host address in IPV6 network
CN100525179C (en) Method for preventing IP address leakage
WO2007093100A1 (en) A method for binding the address of the user terminal in the access equipment
WO2006114053A1 (en) A method, system and apparatus for preventing from counterfeiting the mac address
US8005963B2 (en) Method and apparatus for preventing counterfeiting of a network-side media access control address
US8335917B2 (en) System for binding a device to a gateway to regulate service theft through cloning
WO2010031668A1 (en) A method and a gateway for providing multiple internet access
CN101355489B (en) User management method based on dynamic host configuration protocol prefix proxy
CA2774281C (en) User access method, system, access server, and access device
EP2182683B1 (en) Self-configuration of a forwarding tabel in an access node
CN100362800C (en) A method for triggering user terminal online via data message
CN101304406B (en) Method for managing conversation connection as well as apparatus and system
WO2010022535A1 (en) Method and device for transferring packet in ipv6 access node
CN101945143A (en) Method and device for preventing message address spoofing on mixed network
KR100885295B1 (en) Dynamic host configuration protocoldhcp embodiment method and system in high-speed internet service system
Headquarters IP Addressing: DHCP Configuration Guide, Cisco IOS Release 12.4

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant