[go: up one dir, main page]

CN104066207B - A kind of 802.11 wireless access networks based on virtualization technology - Google Patents

A kind of 802.11 wireless access networks based on virtualization technology Download PDF

Info

Publication number
CN104066207B
CN104066207B CN201410238355.4A CN201410238355A CN104066207B CN 104066207 B CN104066207 B CN 104066207B CN 201410238355 A CN201410238355 A CN 201410238355A CN 104066207 B CN104066207 B CN 104066207B
Authority
CN
China
Prior art keywords
access point
tunnel
virtual
wireless
physical
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201410238355.4A
Other languages
Chinese (zh)
Other versions
CN104066207A (en
Inventor
彭家亮
张宏纲
赵志峰
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Zhejiang University ZJU
Original Assignee
Zhejiang University ZJU
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Zhejiang University ZJU filed Critical Zhejiang University ZJU
Priority to CN201410238355.4A priority Critical patent/CN104066207B/en
Publication of CN104066207A publication Critical patent/CN104066207A/en
Application granted granted Critical
Publication of CN104066207B publication Critical patent/CN104066207B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Landscapes

  • Mobile Radio Communication Systems (AREA)

Abstract

本发明公开了一种基于虚拟化技术的802.11无线接入网,它包括一个虚拟接入点和两个以上物理接入点,虚拟接入点包括能够产生802.11数据帧的虚拟化无线网卡、用于封装802.11数据帧的第一隧道和虚拟交换机;虚拟无线网卡通过第一隧道与虚拟交换机连接;各物理接入点包括有线网卡、无线网卡和用于封装802.11数据帧的第二隧道,有线网卡通过所述第二隧道与无线网卡连接,虚拟交换机通过有线方式分别与各物理接入点中的有线网卡连接。本发明能够实现物理无线接入点间的无缝切换,有效解决中小范围内无线局域网信号覆盖的问题,并且通过使用开放虚拟交换标准交换机和软件定义网络控制器,简化网络拓扑,统一管理监控规划配置,能够为全网优化提供基础。

The invention discloses an 802.11 wireless access network based on virtualization technology, which includes a virtual access point and more than two physical access points, and the virtual access point includes a virtualized wireless network card capable of generating 802.11 data frames, The first tunnel and virtual switch for encapsulating 802.11 data frames; the virtual wireless network card is connected to the virtual switch through the first tunnel; each physical access point includes a wired network card, a wireless network card and a second tunnel for encapsulating 802.11 data frames, and the wired network card The second tunnel is connected to the wireless network card, and the virtual switch is respectively connected to the wired network cards in each physical access point in a wired manner. The present invention can realize seamless switching between physical wireless access points, effectively solves the problem of wireless local area network signal coverage in a small and medium range, and simplifies network topology and unified management and monitoring planning by using an open virtual switching standard switch and a software-defined network controller Configuration can provide the basis for network-wide optimization.

Description

一种基于虚拟化技术的802.11无线接入网An 802.11 Wireless Access Network Based on Virtualization Technology

技术领域technical field

本发明涉及网络虚拟化技术以及无线接入网,属于移动通讯技术领域。The invention relates to network virtualization technology and a wireless access network, and belongs to the technical field of mobile communication.

背景技术Background technique

随着无线通信技术的日趋成熟和快速发展,智能手机、平板电脑等移动设备的使用量爆发性增长,人们越来越依赖移动互联网设备,无线局域网(WLAN)的移动性需求越来越强烈。随着WLAN应用的越来越广泛,越来越多的无线接入点被部署用于满足人们的需求。传统的无线接入点通常都是独立的不受控的。这种设计套路逐渐被取代,无线接入点越来越多功能,多元化。由于单个无线接入点的覆盖面积有限,很多情况需要采用多接入点的无线接入网。With the maturity and rapid development of wireless communication technology, the use of mobile devices such as smartphones and tablet computers has exploded. People are increasingly relying on mobile Internet devices, and the mobility requirements of wireless local area networks (WLANs) are becoming stronger and stronger. As WLAN applications become more and more widespread, more and more wireless access points are deployed to meet people's needs. Traditional wireless access points are usually independent and uncontrolled. This design routine is gradually being replaced, and wireless access points are becoming more and more multifunctional and diversified. Since the coverage area of a single wireless access point is limited, a wireless access network with multiple access points needs to be used in many cases.

传统多接入点无线接入网为同扩展服务集的结构,实现多个无线接入点漫游,这样无线漫游网络中,客户端配置与接入点网络中的配置完全相同,用户在移动的过程中不用手动切换。但是这种方式并不能够实现无缝连接,切换过程耗费大量时间,用户体验较差,修改配置不方便,无法集中管理和部署,不能够很好的适应室内无线网络的需求。The traditional multi-access point wireless access network has the structure of the same extended service set to realize the roaming of multiple wireless access points. In this way, in the wireless roaming network, the client configuration is exactly the same as that in the access point network, and the user There is no need to manually switch during the process. However, this method cannot achieve seamless connection, the switching process takes a lot of time, the user experience is poor, configuration modification is inconvenient, centralized management and deployment cannot be performed, and it cannot well meet the needs of indoor wireless networks.

现阶段企业级无线接入网通常采用“无线交换机+瘦无线接入点”的方案,这个方案的目的,就是为了解决原有的无线接入点产品无法集中管理和集中部署安全策略的不足。在这套解决方案架构中,由三个部分组成,分别是瘦无线接入点、无线控制器、无线网管平台。这种模式安全有效,但是缺点是成本高,复杂度高,需要专业的网管对产品进行配置,而且各家厂家产品存在技术壁垒,产品必须配套使用,因此不适用于智能家居等灵活的网络布局。At this stage, the enterprise-level wireless access network usually adopts the "wireless switch + thin wireless access point" solution. The purpose of this solution is to solve the shortcomings of the original wireless access point products that cannot be centrally managed and deployed security policies. In this solution architecture, it consists of three parts, which are thin wireless access point, wireless controller, and wireless network management platform. This mode is safe and effective, but its disadvantages are high cost and high complexity, professional network management is required to configure the product, and there are technical barriers in the products of various manufacturers, and the products must be used together, so it is not suitable for flexible network layouts such as smart homes. .

当前,虚拟化技术已经成为提升集群性能、提高利用效率、降低总体拥有成本、增强系统灵活性的重要手段。而网络虚拟化是使用基于软件的抽象,从物理网络元素中分离网络流量的一种方式。其中“多虚一”技术就是多个独立的物理单元虚拟为一个逻辑单元,使多个单元相互协作,处理同一个任务。其主要目的是为了扩展资源,增加网络节点的容量。同时还起到简化网络拓扑,易于管理,增强网络可靠性的作用。Currently, virtualization technology has become an important means to improve cluster performance, improve utilization efficiency, reduce total cost of ownership, and enhance system flexibility. Network virtualization is a way to separate network traffic from physical network elements using software-based abstractions. Among them, the "multiple virtual one" technology is to virtualize multiple independent physical units into a logical unit, so that multiple units cooperate with each other to process the same task. Its main purpose is to expand resources and increase the capacity of network nodes. At the same time, it also simplifies the network topology, facilitates management, and enhances network reliability.

开放虚拟交换标准交换机(Open vSwitch)受到业界广泛关注,其目标是实现一个具有产品级质量的多层虚拟交换机。通过可编程扩展,可以实现大规模网络的自动化配置、管理和维护。它支持现有标准管理接口和协议,如netFlow,sFlow,SPAN,RSPAN,CLI,LACP,802.1ag等。The Open Virtual Switching standard switch (Open vSwitch) has received widespread attention in the industry, and its goal is to realize a multi-layer virtual switch with product-level quality. Through programmable expansion, automatic configuration, management and maintenance of large-scale networks can be realized. It supports existing standard management interfaces and protocols, such as netFlow, sFlow, SPAN, RSPAN, CLI, LACP, 802.1ag, etc.

软件定义网络(Software-defined Networking),是由美国斯坦福大学研究组提出的一种新型网络创新架构,其核心技术OpenFlow通过将网络设备的控制面与数据面分离开来,从而给网络设计规划与管理提供了极大的灵活性,为核心网络及应用的创新提供了良好的平台。Software-defined Networking (Software-defined Networking) is a new type of innovative network architecture proposed by the Stanford University research group. Its core technology, OpenFlow, separates the control plane and data plane of network equipment, thereby giving network design planning and Management provides great flexibility and provides a good platform for core network and application innovation.

发明内容Contents of the invention

本发明的目的是针对现有技术的不足,提出一种基于虚拟化技术的802.11无线接入网,从而克服现有技术的全部或部分缺陷。The object of the present invention is to propose an 802.11 wireless access network based on virtualization technology to overcome all or part of the defects of the prior art.

本发明实现其目的所采取的技术方案是:本发明基于虚拟化技术的802.11无线接入网包括一个虚拟接入点和两个以上物理接入点,所述虚拟接入点包括能够产生802.11数据帧的虚拟化无线网卡、用于封装802.11数据帧的第一隧道和虚拟交换机;虚拟无线网卡通过所述第一隧道与所述虚拟交换机连接;各所述物理接入点包括有线网卡、无线网卡和用于封装802.11数据帧的第二隧道,所述有线网卡通过所述第二隧道与所述无线网卡连接,所述虚拟交换机通过有线方式分别与各物理接入点中的所述有线网卡连接。The technical solution adopted by the present invention to achieve its purpose is: the 802.11 wireless access network based on virtualization technology in the present invention includes a virtual access point and more than two physical access points, and the virtual access point includes a network capable of generating 802.11 data A virtualized wireless network card for frames, a first tunnel for encapsulating 802.11 data frames, and a virtual switch; the virtual wireless network card is connected to the virtual switch through the first tunnel; each of the physical access points includes a wired network card and a wireless network card and a second tunnel for encapsulating 802.11 data frames, the wired network card is connected to the wireless network card through the second tunnel, and the virtual switch is respectively connected to the wired network cards in each physical access point in a wired manner .

进一步地,本发明所述虚拟交换机为开放虚拟交换标准交换机。Further, the virtual switch in the present invention is an open virtual switching standard switch.

进一步地,本发明还包括软件定义网络控制器,所述软件定义网络控制器与所述虚拟交换机连接。Further, the present invention further includes a software-defined network controller, and the software-defined network controller is connected to the virtual switch.

进一步地,本发明所述第一隧道包括隧道封装表;一方面,当第一隧道通过物理接入点首次接收来自新的移动终端的数据包时,将来自虚拟交换机的以太网数据帧解封成802.11数据帧并提取相关信息,所述“相关信息”包括物理接入点的IP地址和物理地址、以及发送该数据包的新的移动终端的物理地址和信号强度,所述隧道封装表根据所提取的相关信息将该新的移动终端与接收该移动终端的数据包的物理接入点进行关联记录;若第一隧道接收到的不是新的移动终端的数据包,则第一隧道根据其隧道封装表的原有关联记录判断发送该数据包的移动终端是否与收到该数据包的物理接入点相关联,如果相关联,则第一隧道将来自移动终端的数据包发送给虚拟无线网卡;如果不相关联,则丢弃该数据包;另一方面,当第一隧道接收到虚拟无线网卡产生的802.11数据帧时,提取802.11数据帧的帧头部信息,并根据该帧头部信息和所述隧道封装表的原有关联记录确定该802.11数据帧的目的移动终端所关联的物理接入点,并以该物理接入点的IP地址和物理地址作为封装头部的目的IP地址和目的物理地址封装该802.11数据帧,然后再将封装后的802.11数据帧发送到虚拟交换机。Further, the first tunnel of the present invention includes a tunnel encapsulation table; on the one hand, when the first tunnel receives a data packet from a new mobile terminal through the physical access point for the first time, the Ethernet data frame from the virtual switch is decapsulated into 802.11 data frames and extract related information, the "related information" includes the IP address and physical address of the physical access point, and the physical address and signal strength of the new mobile terminal sending the data packet, the tunnel encapsulation table according to The extracted relevant information associates and records the new mobile terminal with the physical access point that receives the data packet of the mobile terminal; if the first tunnel receives a data packet that is not a new mobile terminal, the first tunnel The original association record of the tunnel encapsulation table judges whether the mobile terminal that sent the data packet is associated with the physical access point that received the data packet. If so, the first tunnel sends the data packet from the mobile terminal to the virtual wireless network card; if not associated, then discard the data packet; on the other hand, when the first tunnel receives the 802.11 data frame generated by the virtual wireless network card, extract the frame header information of the 802.11 data frame, and according to the frame header information Determine the physical access point associated with the destination mobile terminal of the 802.11 data frame with the original association record of the tunnel encapsulation table, and use the IP address and physical address of the physical access point as the destination IP address and the physical address of the encapsulation header. The destination physical address encapsulates the 802.11 data frame, and then sends the encapsulated 802.11 data frame to the virtual switch.

与现有技术相比,本发明的有益效果是:本发明通过把两个以上物理接入点虚拟为一个虚拟接入点,实现802.11无线接入点“多虚一”虚拟化、多接入点虚拟化统一管理、移动终端在多接入点间无缝切换等功能。若虚拟交换机进一步采用开放虚拟交换标准交换机,并与软件定义网络控制器连接,软件定义网络控制器还能够控制802.11无线接入网的数据流表,实现网络流量的灵活控制,能够有效方便管理和配置无线接入网;通过控制器上的开放平台编写各种应用,能够实现多种网络配置功能,如检测移动终端和接入点在动态虚拟环境中的流量情况、细颗粒度的服务质量、基于端口的流量策略负载均衡、动态实时流量监测、防火墙、网关和无线链路监测等。从而,本发明无线接入网支持不同的应用场景,实现从802.11无线接口层到网络接口层、网际层、传输层等各层跨层网络虚拟化,实现网络全虚拟化配置,简化网络拓扑,方便统一管理规划,能够为全网优化提供基础。Compared with the prior art, the beneficial effect of the present invention is: the present invention realizes "multiple virtual one" virtualization and multiple access points of 802.11 wireless access points by virtualizing more than two physical access points into one virtual access point. Unified management of point virtualization, seamless switching of mobile terminals among multiple access points, etc. If the virtual switch further adopts an open virtual switching standard switch and is connected to a software-defined network controller, the software-defined network controller can also control the data flow table of the 802.11 wireless access network, realize flexible control of network traffic, and effectively and conveniently manage and Configure the wireless access network; write various applications through the open platform on the controller, and realize various network configuration functions, such as detecting the traffic conditions of mobile terminals and access points in a dynamic virtual environment, fine-grained quality of service, Port-based traffic policy load balancing, dynamic real-time traffic monitoring, firewall, gateway and wireless link monitoring, etc. Therefore, the wireless access network of the present invention supports different application scenarios, realizes cross-layer network virtualization from the 802.11 wireless interface layer to the network interface layer, the Internet layer, and the transport layer, realizes full network virtualization configuration, and simplifies the network topology. It facilitates unified management and planning, and can provide a basis for network-wide optimization.

附图说明Description of drawings

图1是本发明的结构示意图;Fig. 1 is a structural representation of the present invention;

图2是本发明的一个实际应用的布局示意图。Fig. 2 is a schematic layout diagram of a practical application of the present invention.

具体实施方式Detailed ways

如图1所示,本发明基于虚拟化技术的802.11无线接入网包括一个虚拟接入点和两个以上物理接入点。其中,虚拟接入点包括能够产生802.11数据帧的虚拟化无线网卡、用于封装802.11数据帧的第一隧道和虚拟交换机;虚拟无线网卡通过所述第一隧道与虚拟交换机连接。各物理接入点包括有线网卡、无线网卡和用于封装802.11数据帧的第二隧道。在每个物理接入点中,有线网卡通过第二隧道与无线网卡连接,虚拟交换机通过有线方式分别与各个物理接入点中的有线网卡连接。下面以具体实施例分别描述各部分的实现方式和功能。As shown in Fig. 1, the 802.11 wireless access network based on the virtualization technology of the present invention includes one virtual access point and more than two physical access points. Wherein, the virtual access point includes a virtualized wireless network card capable of generating 802.11 data frames, a first tunnel for encapsulating 802.11 data frames, and a virtual switch; the virtual wireless network card is connected to the virtual switch through the first tunnel. Each physical access point includes a wired network card, a wireless network card and a second tunnel for encapsulating 802.11 data frames. In each physical access point, the wired network card is connected to the wireless network card through the second tunnel, and the virtual switch is respectively connected to the wired network cards in each physical access point in a wired manner. The implementation and functions of each part are described below with specific embodiments.

1.虚拟接入点1. Virtual access point

如图1所示,虚拟接入点包括能够产生802.11数据帧的虚拟化无线网卡、用于封装802.11数据帧的第一隧道和虚拟交换机。虚拟接入点的载体可以为电脑、交换机、路由器等电子设备。在虚拟接入点上通过软件虚拟出802.11虚拟无线网卡,并配置虚拟无线网卡的频道、服务集标识号、认证方式、接入点工作模式等,使其能接收和发送802.11数据帧。虚拟交换机是通过虚拟化技术实现一个虚拟的交换机,用来桥接物理接口,可以绑定若干个以太网接口,从而将它们桥接起来。封装802.11数据帧的第一隧道采用以802.11数据帧作为负载的隧道封装技术,如可以为802.11MAC_over_IP的三层隧道或者802.11MAC_over_MAC的二层隧道封装等。第一隧道的一端连接虚拟接入点的虚拟无线网卡,另一端连接虚拟交换机。As shown in FIG. 1 , the virtual access point includes a virtualized wireless network card capable of generating 802.11 data frames, a first tunnel for encapsulating 802.11 data frames, and a virtual switch. The carrier of the virtual access point may be electronic equipment such as a computer, a switch, and a router. On the virtual access point, virtualize the 802.11 virtual wireless network card through software, and configure the virtual wireless network card channel, service set identification number, authentication method, access point working mode, etc., so that it can receive and send 802.11 data frames. A virtual switch implements a virtual switch through virtualization technology and is used to bridge physical interfaces. It can bind several Ethernet interfaces to bridge them. The first tunnel encapsulating the 802.11 data frame adopts the tunnel encapsulation technology with the 802.11 data frame as the payload, such as the layer-3 tunnel encapsulation of 802.11MAC_over_IP or the layer-2 tunnel encapsulation of 802.11MAC_over_MAC. One end of the first tunnel is connected to the virtual wireless network card of the virtual access point, and the other end is connected to the virtual switch.

一方面,当第一隧道通过物理接入点首次接收来自新的移动终端的数据包时,将来自虚拟交换机的以太网数据帧解封成802.11数据帧并提取相关信息,所述“相关信息”包括物理接入点的IP地址和物理地址、以及发送该数据包的新的移动终端的物理地址和信号强度,所述隧道封装表根据所提取的相关信息将该新的移动终端与接收该移动终端的数据包的物理接入点进行关联记录;若第一隧道接收到的不是新的移动终端的数据包,则第一隧道根据其隧道封装表的原有关联记录判断发送该数据包的移动终端是否与收到该数据包的物理接入点相关联,如果相关联,则第一隧道将来自移动终端的数据包发送给虚拟无线网卡;如果不相关联,则丢弃该数据包;另一方面,当第一隧道接收到虚拟无线网卡产生的802.11数据帧时,提取802.11数据帧的帧头部信息,并根据该帧头部信息和所述隧道封装表的原有关联记录确定该802.11数据帧的目的移动终端所关联的物理接入点,并以该物理接入点的IP地址和物理地址作为封装头部的目的IP地址和目的物理地址封装该802.11数据帧,然后再将封装后的802.11数据帧发送到虚拟交换机。虚拟交换机通过查看自身转发表,把该数据帧转发到相应的物理接入点。On the one hand, when the first tunnel receives a data packet from a new mobile terminal through the physical access point for the first time, it decapsulates the Ethernet data frame from the virtual switch into an 802.11 data frame and extracts relevant information, the "related information" Including the IP address and physical address of the physical access point, and the physical address and signal strength of the new mobile terminal sending the data packet, the tunnel encapsulation table connects the new mobile terminal with the receiving mobile terminal according to the extracted related information The physical access point of the data packet of the terminal is associated with the record; if the data packet received by the first tunnel is not a new mobile terminal, the first tunnel judges the mobile terminal that sent the data packet according to the original association record of its tunnel encapsulation table. Whether the terminal is associated with the physical access point that received the data packet, if associated, the first tunnel sends the data packet from the mobile terminal to the virtual wireless network card; if not associated, the data packet is discarded; the other In one aspect, when the first tunnel receives the 802.11 data frame generated by the virtual wireless network card, the frame header information of the 802.11 data frame is extracted, and the 802.11 data is determined according to the frame header information and the original associated record of the tunnel encapsulation table The physical access point associated with the destination mobile terminal of the frame, and encapsulate the 802.11 data frame with the IP address and physical address of the physical access point as the destination IP address and destination physical address of the encapsulation header, and then encapsulate the 802.11 data frames are sent to the virtual switch. The virtual switch forwards the data frame to the corresponding physical access point by checking its own forwarding table.

2.物理接入点2. Physical access point

如图1所示,各物理接入点分别包括有线网卡、无线网卡和用于封装802.11数据帧的第二隧道。在每个物理接入点中,有线网卡通过第二隧道与无线网卡连接。虚拟接入点的虚拟交换机通过有线方式与各物理接入点中的有线网卡连接。各物理接入点的无线网卡都工作在监控模式,无线网卡的工作频段与虚拟接入点的虚拟网卡的工作频段相同,接收覆盖范围内该频段下所有的802.11无线数据帧。各物理接入点的无线网卡配置有一个无线接口,当一个移动终端发送802.11数据帧到物理接入点的无线网卡后,无线接口通过无线网卡发送802.11实时确认帧到移动终端,表明无线接入点已经收到该帧。封装802.11数据帧的第二隧道采用以802.11数据帧作为负载的隧道封装技术,例如可以为802.11MAC_over_IP的三层隧道封装技术或者802.11MAC_over_MAC的二层隧道封装技术等。第二隧道的一端连接无线网卡,另一端连接有线网卡。当无线网卡接收到802.11数据包后,发送到封装802.11数据帧的第二隧道,第二隧道根据虚拟接入点的相关信息对接收到的802.11数据帧进行过滤操作,把不属于该虚拟接入点的数据帧丢弃,减少不必要的网络开支。过滤后的802.11数据帧,在第二隧道内被封装以太网数据包,发送到有线网卡,并通过有线的方式发送给虚拟接入点。有线网卡收到的来自虚拟接入点的数据包,直接转发到第二隧道,第二隧道将有线网卡发来的数据包解封包成802.11数据包,转发给无线网卡,无线网卡把802.11数据帧发送到移动终端。As shown in FIG. 1 , each physical access point includes a wired network card, a wireless network card, and a second tunnel for encapsulating 802.11 data frames. In each physical access point, the wired network card is connected to the wireless network card through the second tunnel. The virtual switch of the virtual access point is connected to the wired network card in each physical access point through a wired method. The wireless network cards of each physical access point work in monitoring mode. The working frequency band of the wireless network card is the same as that of the virtual network card of the virtual access point, and receives all 802.11 wireless data frames under this frequency band within the coverage area. The wireless network card of each physical access point is configured with a wireless interface. When a mobile terminal sends an 802.11 data frame to the wireless network card of the physical access point, the wireless interface sends an 802.11 real-time confirmation frame to the mobile terminal through the wireless network card, indicating wireless access point has received the frame. The second tunnel encapsulating the 802.11 data frame adopts the tunnel encapsulation technology with the 802.11 data frame as the payload, for example, the layer-3 tunnel encapsulation technology of 802.11MAC_over_IP or the layer-2 tunnel encapsulation technology of 802.11MAC_over_MAC. One end of the second tunnel is connected to the wireless network card, and the other end is connected to the wired network card. When the wireless network card receives the 802.11 data packet, it sends it to the second tunnel that encapsulates the 802.11 data frame, and the second tunnel filters the received 802.11 data frame according to the relevant information of the virtual access point, and the data frame that does not belong to the virtual access point Point data frames are discarded, reducing unnecessary network overhead. The filtered 802.11 data frame is encapsulated into an Ethernet data packet in the second tunnel, sent to the wired network card, and sent to the virtual access point in a wired manner. The data packet received by the wired network card from the virtual access point is directly forwarded to the second tunnel, and the second tunnel decapsulates the data packet sent by the wired network card into an 802.11 data packet, and forwards it to the wireless network card, and the wireless network card transmits the 802.11 data frame sent to the mobile terminal.

在本发明中,由于移动终端的IEEE802.11的认证和关联状态只保存在虚拟接入点中,所以在当移动终端在物理接入点的信号覆盖范围内移动时,只触发了物理接入点间流量切换,并没有触发802.11的标准切换流程。对于移动终端来说,关联的无线接入点为虚拟接入点,移动终端在物理接入点间的切换没有发生802.11的标准切换。因此,物理接入点间的流量切换过程,对于移动终端来说是透明的,移动终端在物理接入点间的切换并不会造成网络服务的中断。下面具体描述切换过程。In the present invention, since the IEEE802.11 authentication and association status of the mobile terminal are only stored in the virtual access point, when the mobile terminal moves within the signal coverage of the physical access point, only the physical access point is triggered. Traffic switching between points does not trigger the 802.11 standard switching process. For the mobile terminal, the associated wireless access point is a virtual access point, and there is no 802.11 standard handover between physical access points for the mobile terminal. Therefore, the traffic switching process between the physical access points is transparent to the mobile terminal, and the switching of the mobile terminal between the physical access points will not cause interruption of network services. The switching process is described in detail below.

参看图1,当移动终端从一个物理接入点1移动到另一个物理接入点2中时,物理接入点1检测到的该移动终端的信号强度不断减弱,物理接入点2检测到的该移动终端的信号强度不断增强。物理接入点检测到的该接入点的信号强度等信息都包含在802.11数据帧的802.11 Radiotap帧头部中。当移动终端发送的802.11数据帧经过物理接入点的第二隧道的封装,发送到虚拟接入点的第一隧道后,第一隧道提取802.11 Radiotap帧头部中的信号强度等信息,并记录在自身隧道封装表中。虚拟接入点将各个物理接入点与该移动终端之间的信号强度进行实时的大小比较,从而进行物理接入点间的流量切换自动控制。当物理接入点2检测到与物理接入点1关联的某个终端的信号强度与物理接入点1检测到的信号强度的差值达到预先设定的阈值SignalTH后,触发物理接入点间的切换过程。触发切换过程的信号强度差的阈值SignalTH,根据经验其缺省值为50dBm,技术人员可以根据切换灵敏度的需求自行调整信号强度差的阈值。由于移动终端与物理无线接入点的关联关系是由第一隧道确定的,虚拟接入点与移动终端间的通信路径是由第一隧道选择的,所以第一隧道完成移动终端在物理接入点之间的切换只需把该移动终端的关联物理接入点由物理接入点1改成物理接入点2,这样该移动终端的流量就从物理无线接入点1转移到物理接入点2中,完成切换过程。该切换过程对于移动终端来说是透明的。这种切换过程可以应用在不同的场景中,例如流量均衡和移动管理等。另外,第一隧道可以通过关闭某个物理接入点的隧道通道,使得虚拟无线网卡产生的数据包无法到达物理接入点,减少物理接入点发射功耗和减少对空间无线频谱资源的干扰。Referring to FIG. 1, when a mobile terminal moves from one physical access point 1 to another physical access point 2, the signal strength of the mobile terminal detected by the physical access point 1 is continuously weakened, and the physical access point 2 detects The signal strength of the mobile terminal continues to increase. Information such as the signal strength of the access point detected by the physical access point is included in the 802.11 Radiotap frame header of the 802.11 data frame. When the 802.11 data frame sent by the mobile terminal is encapsulated by the second tunnel of the physical access point and sent to the first tunnel of the virtual access point, the first tunnel extracts information such as signal strength in the header of the 802.11 Radiotap frame and records it In the self-tunnel encapsulation table. The virtual access point compares the signal strength between each physical access point and the mobile terminal in real time, so as to automatically control the traffic switching between the physical access points. When the physical access point 2 detects that the difference between the signal strength of a terminal associated with the physical access point 1 and the signal strength detected by the physical access point 1 reaches the preset threshold Signal TH , the physical access is triggered switching process between points. The threshold Signal TH of the signal strength difference triggering the handover process has a default value of 50 dBm according to experience, and technicians can adjust the threshold value of the signal strength difference according to the requirement of handover sensitivity. Since the association between the mobile terminal and the physical wireless access point is determined by the first tunnel, and the communication path between the virtual access point and the mobile terminal is selected by the first tunnel, the first tunnel completes the physical access of the mobile terminal. Switching between points only needs to change the associated physical access point of the mobile terminal from physical access point 1 to physical access point 2, so that the traffic of the mobile terminal is transferred from physical wireless access point 1 to physical access point In point 2, the switching process is completed. The handover process is transparent to the mobile terminal. This handover process can be applied in different scenarios, such as traffic balancing and mobility management. In addition, the first tunnel can close the tunnel channel of a certain physical access point, so that the data packets generated by the virtual wireless network card cannot reach the physical access point, reduce the transmission power consumption of the physical access point and reduce the interference to the space wireless spectrum resources .

图2为本发明的一个实际应用的布局示意图。考虑到室内无线信道衰落效应和室内墙体对无线信道的阻挡,可以在每个需要无线接入的房间中各放置一个物理接入点,并在屋内放置一个虚拟接入点。在布局时,技术人员应该合理配置各个物理接入点的信号覆盖范围,使得物理接入点的信号覆盖区域限制在各个房间中,尽量保证各个物理接入点的信号覆盖范围不重叠。由于当终端处于邻近物理无线接入点的覆盖区重叠区域时,能够同时接受到所处覆盖范围内的物理无线接入点的信号,因此当邻近物理接入点同时有数据包需要发送时,由于信号碰撞,终端的通信质量会下降。本发明可以通过限制各个物理接入点的发射功率,使得各个物理接入点间的信号覆盖范围被限制在一定的范围内,能够有效减少信号重叠区域的问题。本发明能够满足家庭和酒店等室内场所的无线接入需求,能够实现透明的无缝切换,并且覆盖范围能够有很大的灵活性。如移动用户从物理接入点1所在的房间移动到物理接入点2所在的房间,则可以检测到用户与物理接入点1之间的信号越来越弱,与物理接入点2之间信号越来越强,当后者比前者高出一定门限后,进行迅速的物理接入点间的切换,终端的关联物理接入点从物理接入点1切换到物理接入点2。移动终端不会感知到切换过程,实现终端在物理接入点间的无缝切换,使用户有更好的体验。FIG. 2 is a schematic layout diagram of a practical application of the present invention. Considering the fading effect of indoor wireless channels and the blocking of wireless channels by indoor walls, a physical access point can be placed in each room that needs wireless access, and a virtual access point can be placed in the room. During the layout, technicians should reasonably configure the signal coverage of each physical access point, so that the signal coverage area of the physical access point is limited to each room, and try to ensure that the signal coverage of each physical access point does not overlap. Since when the terminal is in the overlapping coverage area of the adjacent physical wireless access point, it can receive the signal of the physical wireless access point within the coverage area at the same time, so when the adjacent physical access point has data packets to be sent at the same time, Due to signal collisions, the communication quality of the terminal will degrade. The present invention can limit the transmission power of each physical access point, so that the signal coverage range between each physical access point is limited within a certain range, and can effectively reduce the problem of signal overlapping areas. The invention can meet the wireless access requirements of indoor places such as families and hotels, can realize transparent and seamless switching, and can have great flexibility in coverage. If a mobile user moves from the room where physical access point 1 is located to the room where physical access point 2 is located, it can be detected that the signal between the user and physical access point 1 is getting weaker and weaker, and the signal between the user and physical access point 2 is weaker. The signals between the terminals are getting stronger and stronger. When the latter is higher than the former by a certain threshold, a rapid switching between physical access points is performed, and the associated physical access point of the terminal is switched from physical access point 1 to physical access point 2. The mobile terminal will not be aware of the handover process, and the seamless handover of the terminal between physical access points is realized, so that the user has a better experience.

虚拟交换机可以是微软Hyper-V虚拟交换机、思科Nexus 1000、Linux内核桥接和开放虚拟交换标准交换机(Open vSwitch)。其中优选使用开放虚拟交换标准交换机,开放虚拟交换标准交换机是在开源的Apache2.0许可下的产品级质量的多层虚拟交换标准交换机。它可以通过编程扩展,使网络实现自动化配置、管理和维护,同时还支持标准的管理接口和协议(如NetFlow,sFlow,SPAN,RSPAN,CLI,LACP,802.1ag、OpenFlow等)。The virtual switch can be Microsoft Hyper-V virtual switch, Cisco Nexus 1000, Linux kernel bridging and Open Virtual Switching standard switch (Open vSwitch). Among them, an open virtual switching standard switch is preferably used, which is a product-level quality multilayer virtual switching standard switch under the open source Apache2.0 license. It can be extended through programming to enable automatic network configuration, management and maintenance, and also supports standard management interfaces and protocols (such as NetFlow, sFlow, SPAN, RSPAN, CLI, LACP, 802.1ag, OpenFlow, etc.).

当本发明中的虚拟交换机使用的是开放虚拟交换标准交换机(Open vSwitch)时,可将开放虚拟交换标准交换机与软件定义网络(Software-defined Networking)控制器连接,使得本发明能够实现软件定义网络管理。软件定义网络控制器可以是Floodlight、OpenDaylight、NOX、POX等支持OpenFlow协议的控制器。软件定义网络控制器能够通过OpenFlow协议控制开放虚拟交换标准交换机的流表项,使网络流量得到管理控制。通过软件定义网络控制器上的开放接口平台,技术人员可以编写各种开放应用实现多种网络配置功能,如负载均衡、网络服务质量保证、流量监测、防火墙、网关、DHCP、无线链路监测等各种自定义功能。因此软件定义网络控制器上的开放应用能够对开放虚拟交换标准交换机的流表进行动态控制管理,从而使本发明无线接入网适应不同的应用场景,实现从802.11无线接口层到网络接口层、网际层、传输层等多层跨层网络虚拟化。同样地,软件定义网络控制器能够获得全网的实时拓扑信息,控制器可以动态调整网络的配置,不需要人工干预,实现网络全虚拟化自动化配置,统一管理规划,能够为全网优化提供基础。When the virtual switch in the present invention uses an open virtual switching standard switch (Open vSwitch), the open virtual switching standard switch can be connected with a software-defined network (Software-defined Networking) controller, so that the present invention can realize a software-defined network manage. The software-defined network controller may be a controller supporting the OpenFlow protocol, such as Floodlight, OpenDaylight, NOX, and POX. The software-defined network controller can control the flow entry of the open virtual switching standard switch through the OpenFlow protocol, so that the network traffic can be managed and controlled. Through the open interface platform on the software-defined network controller, technicians can write various open applications to realize various network configuration functions, such as load balancing, network service quality assurance, traffic monitoring, firewall, gateway, DHCP, wireless link monitoring, etc. Various custom functions. Therefore, the open application on the software-defined network controller can dynamically control and manage the flow table of the open virtual switching standard switch, so that the wireless access network of the present invention can adapt to different application scenarios, and realize from the 802.11 wireless interface layer to the network interface layer, Multi-layer cross-layer network virtualization such as Internet layer and transport layer. Similarly, the software-defined network controller can obtain real-time topology information of the entire network, and the controller can dynamically adjust the configuration of the network without manual intervention, realize the automatic configuration of full virtualization of the network, and unify management and planning, which can provide a basis for the optimization of the entire network .

Claims (3)

1. a kind of 802.11 wireless access network systems based on virtualization technology, it is characterized in that:Including a virtual access point and Two or more physical access point, the virtual access point include that the virtualization wireless network card of 802.11 data frames can be produced, use In the first tunnel and virtual switch that encapsulate 802.11 data frames;Virtual radio network interface card passes through first tunnel and the void Intend interchanger connection;Each physical access point include wired network adapter, wireless network card and for encapsulating 802.11 data frames the Two tunnels, the wired network adapter are connected by second tunnel with the wireless network card, and the virtual switch passes through wired Mode is connected with the wired network adapter in each physical access point respectively;
First tunnel includes tunnel encapsulation table;On the one hand, when the first tunnel is received from new first by physical access point Mobile terminal data packet when, the ethernet data frame of self-virtualizing interchanger unsealed and into 802.11 data frames and extracted phase future Close information, the IP address and physical address of " relevant information " including physical access point and send the new of the data packet The physical address and signal strength of mobile terminal, the tunnel encapsulation table is according to the relevant information extracted by the new mobile end The physical access point of data packet of the end with receiving the mobile terminal is associated record;What if the first tunnel received is not new The data packet of mobile terminal, then the first tunnel according to original associated record of its tunnel encapsulation table judge send the data packet shifting Whether dynamic terminal is associated with receiving the physical access point of the data packet, if associated, the first tunnel will come from mobile whole The data packet at end is sent to virtual radio network interface card;If unconnected, the data packet is abandoned;On the other hand, when the first tunnel When receiving 802.11 data frame of virtual radio network interface card generation, the frame header information of 802.11 data frames is extracted, and according to this Original associated record of frame header information and the tunnel encapsulation table determines that the purpose mobile terminal of 802.11 data frame is closed The physical access point of connection, and the purpose IP address and mesh on encapsulation head are used as using the IP address of the physical access point and physical address Physical address encapsulate 802.11 data frame, 802.11 data frames after encapsulation are then sent to virtual switch again.
2. 802.11 wireless access network systems according to claim 1 based on virtualization technology, it is characterized in that:The void It is open virtual switch standard switchboard to intend interchanger.
3. 802.11 wireless access network systems according to claim 2 based on virtualization technology, it is characterized in that:Further include Software defined network controller, the software defined network controller are connected with the virtual switch.
CN201410238355.4A 2014-05-29 2014-05-29 A kind of 802.11 wireless access networks based on virtualization technology Active CN104066207B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201410238355.4A CN104066207B (en) 2014-05-29 2014-05-29 A kind of 802.11 wireless access networks based on virtualization technology

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201410238355.4A CN104066207B (en) 2014-05-29 2014-05-29 A kind of 802.11 wireless access networks based on virtualization technology

Publications (2)

Publication Number Publication Date
CN104066207A CN104066207A (en) 2014-09-24
CN104066207B true CN104066207B (en) 2018-04-27

Family

ID=51553678

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201410238355.4A Active CN104066207B (en) 2014-05-29 2014-05-29 A kind of 802.11 wireless access networks based on virtualization technology

Country Status (1)

Country Link
CN (1) CN104066207B (en)

Families Citing this family (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10111269B2 (en) * 2015-03-18 2018-10-23 Lattice Semiconductor Corporation Multi-gigabit wireless tunneling system
CN105933941B (en) * 2015-11-25 2019-06-11 北京邮电大学 A Handover Decision Strategy Method Based on User QoS in SWAN Architecture
US9912614B2 (en) * 2015-12-07 2018-03-06 Brocade Communications Systems LLC Interconnection of switches based on hierarchical overlay tunneling
CN106982442B (en) * 2016-01-15 2023-09-26 深圳市朗驰欣创科技股份有限公司 Method, device and system for wireless communication in tunnel
CN105872733B (en) * 2016-04-14 2019-08-23 深圳市百米生活股份有限公司 A kind of internet application method based on video terminal, video terminal and video terminal system
CN107770822B (en) * 2016-08-18 2021-01-19 深圳市信锐网科技术有限公司 Switching method and device of wireless access point
CN112952734B (en) * 2021-02-20 2022-06-21 沈阳国联电缆附件制造有限公司 Connecting structure of cable
CN114124714B (en) * 2021-11-11 2024-03-12 厦门亿联网络技术股份有限公司 Multi-level network deployment method, device, equipment and storage medium

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103546915A (en) * 2013-10-25 2014-01-29 杭州华三通信技术有限公司 Method and device for controlling wireless access point by wireless network access controller

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060268834A1 (en) * 2005-05-26 2006-11-30 Symbol Technologies, Inc. Method, system and wireless router apparatus supporting multiple subnets for layer 3 roaming in wireless local area networks (WLANs)
US7603141B2 (en) * 2005-06-02 2009-10-13 Qualcomm, Inc. Multi-antenna station with distributed antennas

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103546915A (en) * 2013-10-25 2014-01-29 杭州华三通信技术有限公司 Method and device for controlling wireless access point by wireless network access controller

Also Published As

Publication number Publication date
CN104066207A (en) 2014-09-24

Similar Documents

Publication Publication Date Title
CN104066207B (en) A kind of 802.11 wireless access networks based on virtualization technology
JP6461817B2 (en) Method and apparatus for hybrid access to core network
TWI578836B (en) Multi-tenant virtual access point-network resources virtualization
CN104378793B (en) A kind of switching method, main control base station and controlled base station
CN103209318B (en) A kind of web camera
CN102868647B (en) Data processing method and device based on Linux network core
CN104796227B (en) A kind of data transmission method and equipment
CN106230749B (en) A kind of method to E-Packet in virtual expansible local area network and convergence switch
EP3008858A1 (en) System and method for coordinated remote control of network radio nodes and core network elements
Lei et al. SWAN: An SDN based campus WLAN framework
WO2011140927A1 (en) Offloading method and device for enhancing mobility
EP3136779B1 (en) Cell and method and system for bandwidth management of backhaul network of cell
CN107079524B (en) Data forwarding method and controller
CN103338482B (en) Streamed data transmission method, transmission equipment and user terminal
US10939485B2 (en) Mechanism for realizing LWA/LWIP aggregator function
JP7483123B2 (en) Route setting method and device
CN104378730B (en) A kind of access system of M2M business in cellular radio Communication system
EP2876972B1 (en) Air interface transmission method and relevant device and system
WO2013185678A1 (en) Method, ue and access network device for implementing data transmission of convergence network
CN202285423U (en) Intelligent set top box
CN105262624A (en) Heterogeneous distribution communication network architecture based on software defined network
WO2022007749A1 (en) Data transmission method and apparatus
CN102573104B (en) Method and device for wireless data access
CN109587826B (en) A GTP data packet transmission method, related device and storage medium
CN101335663B (en) Wireless local area network access method

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant