No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

NE40E-M2 V800R010C10SPC500 Feature Description - User Access 01

This is NE40E-M2 V800R010C10SPC500 Feature Description - User Access
Rate and give feedback :
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
IPoEv6 Access Fundamentals

IPoEv6 Access Fundamentals

IPoEv6 access refers to the access mode in which users access the BRAS by sending DHCPv6 packets, ND packets, or IPv6 packets.

According to the used media, the broadband access include the Asymmetric Digital Subscriber Line (ADSL) access using telephone cables, Ethernet access using Category 5 twisted pair cables, and Wireless Local Area Network (WLAN) access using wireless signals.

Users are connected to the BRAS through access devices such as the Digital Subscriber Line Access Multiplexer (DSLAM), LAN Switch, and Access Point (AP). The differences in physical connections are obscured by access devices. As a result, the BRAS does not have to be concerned with the access modes of users; instead, it distinguishes users by the protocol stack of packets sent by the terminals to the BRAS. By using various methods such as binding authentication, the BRAS identifies users according to the user names and passwords of the users, and then manages the users. For example, the BRAS assigns IP addresses to users and accounts the services of access users.

DHCPv6 and ND do not support functions such as user authentication, link establishment, and link monitoring. Therefore, IPoE adopt some extension function to support these functions.

  • Authentication: Unlike that in PPP access mode, neither DHCPv6 packets nor ND packets carry authentication information such as the user name and password. Therefore, in IPoEv6 access mode, binding authentication is used to authenticate users. In binding authentication, the information about the physical connections of users is used to authenticate users. Users do not need to enter their user names and passwords. The BRAS generates user names according to the information such as Option82 fields, MAC addresses, and IP addresses, and sends the user names together with the default passwords configured on the BRAS device to the authentication server for authentication. Only the users that pass the authentication are assigned IP addresses.

  • Link establishment: Devices set up related forwarding entries for online IPoEv6 users, and only the users that pass the authentication and obtain IPv6 addresses can forward traffic.

  • Link monitoring: ND detection is used to detect link status for an IPoEv6 user. If the ND detection fails for the specified number of times, the IPoEv6 user is considered offline, and the IPv6 address of the IPoEv6 user is reclaimed and the related forwarding entry is deleted.

The IPoE single-stack access supports binding authentication and Web authentication. Web authentication is an interactive authentication mode in which the user that has obtained an IP address opens the authentication page on the Web authentication server, and enters the user name and password to be authenticated.

The IPoE dual-stack access refers to the access mode in which a user has both an IPv4 address and an IPv6 address and IPoE authentication can be triggered through DHCP packets, ARP packets, IP packets, DHCPv6 packets, ND packets, or IPv6 packets. After receiving a Request message, the BRAS performs the following operations: If the user is a new user, the BRAS performs authentication and authorization for the user. If the user is a dual-stack user that has obtained an IP address of a specified type, the BRAS does not authenticate the user; instead, the BRAS performs authorization for the user according to the authentication result. The IPoE dual-stack access also supports binding authentication and Web authentication.

The IPoE dual-stack access supports binding authentication and Web authentication. Web authentication is an interactive authentication mode in which the user that has obtained an IP address opens the authentication page on the Web authentication server, and enters the user name and password to be authenticated.

Download
Updated: 2019-01-02

Document ID: EDOC1100058415

Views: 11869

Downloads: 8

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next