CN102368728B - Automatic configuration method of routing protocol, routing device and authorization server - Google Patents
Automatic configuration method of routing protocol, routing device and authorization server Download PDFInfo
- Publication number
- CN102368728B CN102368728B CN201110280688.XA CN201110280688A CN102368728B CN 102368728 B CN102368728 B CN 102368728B CN 201110280688 A CN201110280688 A CN 201110280688A CN 102368728 B CN102368728 B CN 102368728B
- Authority
- CN
- China
- Prior art keywords
- routing device
- routing
- neighbours
- trusting relationship
- authorization server
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
- 238000013475 authorization Methods 0.000 title claims abstract description 152
- 238000000034 method Methods 0.000 title claims abstract description 64
- 230000004044 response Effects 0.000 claims abstract description 67
- 230000008569 process Effects 0.000 claims abstract description 25
- 230000006854 communication Effects 0.000 claims abstract description 18
- 238000004891 communication Methods 0.000 claims abstract description 17
- 238000013507 mapping Methods 0.000 claims description 25
- 230000002452 interceptive effect Effects 0.000 claims description 7
- 230000005540 biological transmission Effects 0.000 claims description 6
- 230000006870 function Effects 0.000 description 9
- 230000007246 mechanism Effects 0.000 description 6
- 238000007726 management method Methods 0.000 description 4
- 238000009826 distribution Methods 0.000 description 3
- 238000013439 planning Methods 0.000 description 3
- 238000005516 engineering process Methods 0.000 description 2
- 238000007689 inspection Methods 0.000 description 2
- 238000012544 monitoring process Methods 0.000 description 2
- 238000006116 polymerization reaction Methods 0.000 description 2
- 238000003860 storage Methods 0.000 description 2
- 230000002159 abnormal effect Effects 0.000 description 1
- 230000002776 aggregation Effects 0.000 description 1
- 238000004220 aggregation Methods 0.000 description 1
- 238000002716 delivery method Methods 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 238000000926 separation method Methods 0.000 description 1
- 230000007480 spreading Effects 0.000 description 1
- 238000003892 spreading Methods 0.000 description 1
- 230000009897 systematic effect Effects 0.000 description 1
Images
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
本发明提供一种路由协议的自动配置方法及路由设备、授权服务器,方法包括:网络中物理直连的任意两个路由设备通过双向认证后,向各自归属的区域网络的授权服务器发送互连权限查询请求,其中携带在双向认证过程中获取到的对端路由设备的标识信息;授权服务器若在本地数据库中查询到两个路由设备间允许建立邻居信任关系时,向对应的路由设备返回查询响应消息,其中指定两个路由设备之间允许建立的邻居信任关系的类型;路由设备根据查询响应消息,与对端路由设备建立指定类型的邻居信任关系,建立了邻居信任关系的两个路由设备允许进行路由信息的通信。本发明通过在网络中自动建立路由设备间的邻居关系,大大降低了路由协议配置的难度。
The present invention provides an automatic configuration method of a routing protocol, a routing device, and an authorization server. The method includes: after any two routing devices that are physically directly connected in the network pass two-way authentication, send the interconnection authority to the authorization server of the respective regional network. Query request, which carries the identification information of the peer routing device obtained during the two-way authentication process; if the authorization server inquires in the local database that a neighbor trust relationship is allowed to be established between two routing devices, it returns a query response to the corresponding routing device message, which specifies the type of neighbor trust relationship that is allowed to be established between two routing devices; the routing device establishes a specified type of neighbor trust relationship with the peer routing device according to the query response message, and the two routing devices that have established a neighbor trust relationship allow Communication of routing information. The invention greatly reduces the difficulty of routing protocol configuration by automatically establishing the neighbor relationship between routing devices in the network.
Description
Technical field
The present invention relates to electronic communication field, relate in particular to a kind of method of automatic configuration of Routing Protocol and routing device, authorization server.
Background technology
Along with the continuous increase of network size, the complexity day by day of network strategy, and for the increase of the internet security event of the network equipment, with transmission control protocol/Internet Interconnection agreement (Transmission Control Protocol/Internet Protocol, being called for short TCP/IP) protocol architecture is the internet routing protocol of each quasi-tradition on basis, as ospf (Open Shortest Path First, be called for short OSPF) agreement, Border Gateway Protocol (Border Gateway Protocol, be called for short BGP) etc., in order to support extendible route scale, support disparate networks strategy, the function of its Routing Protocol is also the trend becoming increasingly complex, correspondingly, the realization of Routing Protocol and the complexity of configuration also increase thereupon, in the Internet, because causing the event of network operation fault, Routing Protocol configuration error happens occasionally.
In prior art, the network operation fault causing for the high complexity of the configuration of Routing Protocol, two kinds of solutions are proposed: the first is Routing Protocol configuration error inspection method, the method infers by the behavior of monitoring Routing Protocol whether Routing Protocol makes a mistake, occur when abnormal when monitoring Routing Protocol behavior, there is mistake in the Routing Protocol of inferring accordingly configuration, and then Routing Protocol is reconfigured, and ensures Routing Protocol correctness with this by reconfiguring of circulation.This error check method can avoid causing because of Routing Protocol configuration error the significant trouble of the network operation effectively, but but cannot fundamentally solve the complicated problem of configuration.
The second is Routing Protocol centralized configuration distribution delivery method, the method is according to the network planning, a centrostigma unification, the Routing Protocol of the router in network is configured and configuration error inspection, configuration information issues to the each router in network by Routing Protocol, router, according to the configuration information receiving, is converted into the configuration order of unified language description and is carried out.This collocation method is carried out by issuing configuration information, but in the method, do not reduce equally the difficulty of Routing Protocol configuration, Routing Protocol configuration complexities problem fails to solve in itself, on the contrary, under the unification of configuration information, return the complexity that has increased the centrostigma arranging.
Summary of the invention
The invention provides a kind of method of automatic configuration of Routing Protocol and routing device, authorization server, become increasingly complex in order to solve the function due to Routing Protocol in existing internet routing protocol, and the problem that the complexity of the configuration of the Routing Protocol causing also increases proposes a kind of method of automatically carrying out Routing Protocol configuration of simple possible thereupon.
For achieving the above object, the invention provides a kind of method of automatic configuration of Routing Protocol, comprising:
In network, direct-connected any two routing devices of physics are to each other by after two-way authentication, send interconnection authority inquiry request to the authorization server of the Local Area Network belonging to separately respectively, the identification information that carries opposite end routing device in described interconnection authority inquiry request, the identification information of described opposite end routing device is acquired in described mutual authentication process by described routing device;
Described authorization server, according to the identification information carrying in the described interconnection authority inquiry request receiving, inquires about between described two routing devices whether allow to set up neighbours' trusting relationship in local data base;
If inquire between described two routing devices and allow to set up neighbours' trusting relationship, described authorization server returns to query response message to corresponding routing device, in described query response message, specify the type that allows the neighbours' trusting relationship being established between described two routing devices, described type comprises in territory neighbours' trusting relationship between neighbours' trusting relationship and territory;
Described routing device is according to the described query response message receiving, set up neighbours' trusting relationship of specified type in described query response message with described opposite end routing device, set up the interactive communication that allows to carry out routing iinformation between the routing device of neighbours' trusting relationships.
For achieving the above object, the present invention also provides a kind of routing device, comprising:
Two-way authentication module for carrying out two-way authentication with the opposite end routing device that has the direct-connected relation of physics at network, and is obtained the identification information of described opposite end routing device in mutual authentication process;
Request sending module, after passing through for the two-way authentication of carrying out in described two-way authentication module, send interconnection authority inquiry request to the authorization server of the Local Area Network belonging to, whether to allow to set up neighbours' trusting relationship between requesting query self and described opposite end routing device, in described interconnection authority inquiry request, carry the identification information of the opposite end routing device getting;
Message sink module, that described authorization server returns for receiving, carry the query response message that allows the type of the neighbours' trusting relationship being established between self and described opposite end routing device, described type comprises in territory neighbours' trusting relationship between neighbours' trusting relationship and territory;
Neighbours' trusting relationship is set up module, for the described query response message receiving according to described receiver module, sets up neighbours' trusting relationship of described query response message specified type with described opposite end routing device.
For achieving the above object, the present invention also provides a kind of authorization server, comprising:
Request receiving module, for receiving the interconnection authority inquiry request of administered routing device identification information that send, that carry another routing device direct-connected with described routing device physics, described interconnection authority inquiry request by described routing device the two-way authentication of carrying out with described another routing device by after send, described identification information is acquired in described mutual authentication process by described routing device;
Neighborhood enquiry module, the identification information of described another routing device carrying for the described interconnection authority inquiry request that receives according to described request receiver module inquires about between two described routing devices, whether to allow to set up neighbours' trusting relationship in local data base;
Message is returned to module, if inquire between two described routing devices and allow to set up neighbours' trusting relationship for described neighborhood enquiry module, return to query response message to the routing device that sends described interconnection authority inquiry request, in described query response message, specify the type that allows the neighbours' trusting relationship being established between two described routing devices, to indicate two described routing devices to set up each other corresponding neighborhood, described type comprises in territory neighbours' trusting relationship between neighbours' trusting relationship and territory.
The method of automatic configuration of Routing Protocol provided by the invention and routing device, authorization server, by the relevant topology information of each routing device in Local Area Network pre-configured to corresponding in the authorization server of regional network, in network, the direct-connected routing device of any two physics is initiatively carrying out after mutual two-way authentication, according to the identification information of the opposite end routing device getting in two-way authentication, send interconnection authority inquiry request to each self-corresponding authorization server, thereby receive the authorization server of interconnection authority inquiry request according to pre-configured topology information, can inquire between the direct-connected routing device of these two physics and whether allow to set up neighbours' trusting relationship, further when Query Result is when allowing to be established, these two routing devices can be automatically according to the type of specifying in Query Result, set up corresponding to each other neighbours' trusting relationship, realize interacting message communication to each other with this, thereby while being applied in whole Routing Protocol network, automatically carry out the foundation of neighbours' trusting relationship to each other by the direct routing device of each physics, in network, all routing devices all can automatically be set up direct or indirect annexation, routing iinformation can be by authorization server at whole topological network repeating, Routing Protocol can automatically be configured in network, greatly reduce the difficulty of Routing Protocol configuration.
Brief description of the drawings
In order to be illustrated more clearly in the present invention or technical scheme of the prior art, to the accompanying drawing of required use in embodiment or description of the Prior Art be briefly described below, apparently, accompanying drawing in the following describes is some embodiments of the present invention, for those of ordinary skill in the art, do not paying under the prerequisite of creative work, can also obtain according to these accompanying drawings other accompanying drawing.
Fig. 1 is the flow chart of the method for automatic configuration embodiment mono-of Routing Protocol of the present invention;
Fig. 2 is the flow chart of the method for automatic configuration embodiment bis-of Routing Protocol of the present invention;
Fig. 3 is the structural representation of routing device embodiment mono-of the present invention;
Fig. 4 is the structural representation of routing device embodiment bis-of the present invention;
Fig. 5 is the structural representation of authorization server embodiment mono-of the present invention.
Embodiment
For making the object, technical solutions and advantages of the present invention clearer, below in conjunction with the accompanying drawing in the embodiment of the present invention, the technical scheme in the embodiment of the present invention is clearly and completely described, obviously, described embodiment is the present invention's part embodiment, instead of whole embodiment.Based on the embodiment in the present invention, those of ordinary skill in the art, not making the every other embodiment obtaining under creative work prerequisite, belong to the scope of protection of the invention.
Fig. 1 is the flow chart of the method for automatic configuration embodiment mono-of Routing Protocol of the present invention, and as shown in Figure 1, the present embodiment specifically comprises the steps:
Along with developing rapidly of the Internet, user has higher requirement to Internet service.Some problems of mobility, fail safe and scale extensibility being supported for solving the Internet, there is the technology that position separates with mark, be that each network entity in network is no longer using address location information as unique identification, but can, with unique Digital ID of unified distribution, participate in to network behavior.In the present invention, claim that the machine-processed network that adopts this position/mark to separate is " marked network ".Due in " marked network ", in order to distinguish the identification information of heterogeneous networks entity and himself is location-independent, thereby Routing Protocol based on this " marked network " is also different from traditional bgp protocol, ospf protocol, be a kind of be not subject to routing device self address information limitation, the extendible Routing Protocol of scale.The strategy of this Routing Protocol is relatively simple, and its working mechanism also provides support for the automatic configuration target that reaches Routing Protocol, and the collocation method of Routing Protocol of the present invention is based upon the Routing Protocol in the mechanism that position/mark separates based on this class just and carries out.
In " marked network " of the present invention, can be according to the different network segments, section, or according to other division principle, whole network is divided into multiple Local Area Networks, and an authorization server is set in each Local Area Network individually, this authorization server is for carrying out route behavior management to all routing devices in the network of corresponding region, and the neighborhood behavior of setting up between any two routing devices is authorized, in network, between any two routing devices, whether can establish a connection and all need under the mandate of corresponding authorization server, just can carry out.Particularly, in each authorization server, all according to the practical topology situation of each routing device of corresponding Local Area Network, the topology information of the pre-stored each routing device that has recorded its management, comprises connection rules of competence information and each routing device residing Role Information etc. in Local Area Network between identification information, the routing device of each routing device.Preserving on the basis of these topology informations, authorization server can carry out with this management of route behavior to each routing device in institute's compass of competency network.
In the present invention, the automatic configuration of Routing Protocol is by " marked network ", automatically sets up neighbours' trusting relationship by having between the routing device of the direct-connected relation of physics, carries out the route information spreading between routing device and realizes with this.Particularly, in the present invention, in network, the direct-connected routing device of any two physics all can, automatically under the mandate of corresponding authorization server, be set up neighbours' trusting relationship each other.And before obtaining the mandate of authorization server and setting up neighbours' trusting relationship, first two direct-connected routing devices of this physics need to carry out mutual authentication process to each other, with " understanding is understood the other side ", this mutual authentication process can be based on data certificate mechanism and carry out, and in this mutual authentication process, these two routing devices can obtain respectively the identification information of opposite end routing device in network, and this identification information is specifically as follows each routing device and is carried at unique cryptographic Hash in digital certificate separately, that be different from other routing devices.
Carry out two-way authentication to each other at two direct-connected routing devices of physics, and pass through after this two-way authentication, in order to set up neighbours' trusting relationship to each other, to carry out on this basis the interactive communication of routing iinformation, these two routing devices should send interconnection authority inquiry request to the authorization server of the Local Area Network belonging to separately respectively, the authority relation that is connected with requesting query oneself with opposite end routing device, inquire about in topology planning, between own and opposite end routing device, whether allow to set up neighbours' trusting relationship.Particularly, in this interconnection authority inquiry request sending, the routing device of requesting query can be carried at the identification information of the opposite end routing device getting from mutual authentication process in this interconnection authority inquiry request, to inform the mark of opposite end routing device of authorization server requesting query.
The authorization server corresponding with two routing devices that send inquiry request receiving after interconnection authority inquiry request, according to the identification information of the opposite end routing device carrying in interconnection authority inquiry request, and send the identification information of the routing device self of this interconnection authority inquiry request, can in local data base, inquire about between these two routing devices whether allow to set up neighbours' trusting relationship.
Particularly, two routing devices with the direct-connected relation of physics may be for belonging to two routing devices of the same area network, simultaneously also may be for being subordinated to zones of different network, respectively belong to two routing devices (now these two routing devices are the boundary routing device in corresponding region network separately) of adjacent Local Area Network.Thereby in above-mentioned steps 100, when two routing devices send interconnection authority inquiry request to the authorization server of each self-corresponding Local Area Network respectively, likely two routing devices can send interconnection authority inquiry request to same authorization server, and also likely two routing devices send interconnection authority inquiry request to each self-corresponding different authorization servers respectively.
And due to the stage that sets in advance at authorization server, in the topology information of each authorization server store recording, also comprise and be connected authority relation information between boundary routing device in its Local Area Network of administering and the boundary routing device of adjacent area network, be that mandate annexation between interregional boundary routing device is all defined in the authorization server of two Local Area Networks, therefore, authorization server sends at the routing device that receives one's respective area network, whether can set up the interconnection authority inquiry request of neighbours' trusting relationship for inquiring about and being subordinated between the boundary routing device of another Local Area Network time, equally can be in the database of self, inquire the interconnection authority relation information of these two boundary routing devices, thereby can return to corresponding Query Result.
Authorization server is by inquiring about in the topology information storing in advance in local data base, can learn between these two routing devices and whether allow to set up neighbours' trusting relationship, if allow to set up after neighbours' trusting relationship and inquire between two routing devices that two identification informations are corresponding, authorization server will return to corresponding query response message, with the message of informing that this interconnection authority of corresponding routing device is allowed to.
Particularly, as mentioned above, in practical application, two direct-connected routing devices of physics comprise and are subordinated to two routing devices of the same area network and are subordinated to respectively the two kinds of situations of two routing devices in zones of different network, thereby accordingly, neighbours' trusting relationship of setting up between two routing devices also should comprise neighbours' trusting relationship in the territory between the routing device in the same area network, and two kinds of neighbours' trusting relationships between territory between routing device in zones of different network.
Authorization server is by local data base, the connection authority relation of the different routing devices of corresponding two different identification information is respectively inquired about, whether allow to set up neighbours' trusting relationship except inquiring between these two routing devices, can also inquire between these two routing devices the type that allows neighbours' trusting relationship of setting up, neighbours' trusting relationship that this permission is set up is neighbours' trusting relationship between neighbours' trusting relationship or territory in territory.If thereby the result of inquiry is that two neighbours' trusting relationships between routing device are while allowing to be established, authorization server is returning to corresponding routing device in the process of query response message, the type inquiring, allow the neighbours' trusting relationship being established can be carried in this query response message, return to corresponding routing device, so that this routing device is known the type of the neighborhood of need and the foundation of opposite end routing device.
Routing device is receiving after the query response message that corresponding authorization server returns, according to the type information that allows the neighbours' trusting relationship being established wherein carrying, learn that the neighbours' trusting relationship between own and opposite end routing device allows to be established, so this routing device is according to the identification information of opposite end routing device, with opposite end routing device set up with query response message in neighbours' trusting relationship corresponding to the type of neighbours' trusting relationship of specifying.And because two routing devices all can receive the query response message that the authorization server of subordinate returns separately, and the type information of the relevant neighbours' trusting relationship that whether allows to set up neighbours' trusting relationship and set up of carrying in query response message is consistent, thereby the foundation of this neighbours' trusting relationship is essentially two routing devices respectively under the instruction of the query response message receiving separately, set up mutually neighbours' trusting relationship to each other.
After the neighbours' trusting relationship being connected at the transmitting of successfully having set up between the routing device of opposite end, the routing device of having set up neighbours' trusting relationships can carry out the interactive communication of routing iinformation to each other.Particularly, set up two routing devices of neighbours' trusting relationship in territory and can exchange and routing iinformation in the territory of upgrading in corresponding Local Area Network, two routing devices having set up neighbours' trusting relationship between territory can exchange and the inter-domain routing information of upgrading between two corresponding Local Area Networks each other.
And due in network topology structure, between each routing device and authorization server, can pass through in layer direct-connected relation mutually, set up neighbours' trusting relationship each other, for example authorization server can be direct-connected with its physics routing device set up neighborhood, and should with the direct-connected routing device of authorization server can be direct-connected with physics routing device set up neighborhood, the boundary routing device of a Local Area Network can also be direct-connected with physics the boundary routing device of adjacent area network set up neighborhood, thereby according to the above-mentioned step of setting up neighbours' trusting relationship of the present invention, in network, between all routing devices that add and each authorization server, all can pass through interconnective neighborhood to each other, set up direct or indirect annexation, thereby form the network topology chain of an interconnection.
Thereby, in the present invention, by initiatively carrying out mutual two-way authentication by the direct-connected routing device of physics, thereby according to the identification information of the opposite end routing device getting in two-way authentication, send interconnection authority inquiry request to each self-corresponding authorization server, at authorization server according to this interconnection authority inquiry request, inquire between two routing devices and allow to be established after neighbours' trusting relationship, in network, the direct-connected routing device of any two physics can be automatically according to the result of inquiry, set up neighbours' trusting relationship of appointment to each other, realize interacting message communication to each other with this.While being applied in whole Routing Protocol network, each routing device in network all can be by carrying out the foundation of neighbours' trusting relationship to each other automatically, automatically set up direct or indirect to each other annexation, thereby routing iinformation can be by this direct or indirect annexation of authorization server, at whole topological network repeating, be that Routing Protocol can automatically be configured in network, greatly reduce the difficulty of Routing Protocol configuration.
The method of automatic configuration of the Routing Protocol of the present embodiment, by the relevant topology information of each routing device in Local Area Network pre-configured to corresponding in the authorization server of regional network, in network, the direct-connected routing device of any two physics is initiatively carrying out after mutual two-way authentication, according to the identification information of the opposite end routing device getting in two-way authentication, send interconnection authority inquiry request to each self-corresponding authorization server, thereby receive the authorization server of interconnection authority inquiry request according to pre-configured topology information, can inquire between the direct-connected routing device of these two physics and whether allow to set up neighbours' trusting relationship, further when Query Result is when allowing to be established, these two routing devices can be automatically according to the type of specifying in Query Result, set up corresponding to each other neighbours' trusting relationship, realize interacting message communication to each other with this, thereby while being applied in whole Routing Protocol network, automatically carry out the foundation of neighbours' trusting relationship to each other by the direct routing device of each physics, in network, all routing devices all can automatically be set up direct or indirect annexation, routing iinformation can be by authorization server at whole topological network repeating, Routing Protocol can automatically be configured in network, greatly reduce the difficulty of Routing Protocol configuration.
Fig. 2 is the flow chart of the collocation method embodiment bis-of Routing Protocol of the present invention, and as shown in Figure 2, the present embodiment specifically comprises the steps:
In the present embodiment, can automatically plan according to network topology in advance in order to make the each routing device in " marked network ", carry out the configuration of Routing Protocol, at the automatic configuration operation that starts Routing Protocol, before setting up the topological network interconnecting between each routing device, need to be in each authorization server of regional network, set in advance the topology information of the each routing device that stores corresponding region network.Particularly, this topology information comprise in corresponding Local Area Network, connection rules of competence information and each routing device residing Role Information etc. in Local Area Network between identification information, each routing device of each routing device.Presetting on the basis of these topology informations, authorization server can carry out with this management of Routing Protocol behavior to each routing device in institute's compass of competency network, correspondingly, each routing device in its compass of competency network can these topology informations based on default in authorization server carry out the automatic configuration of Routing Protocol, comprise automatic foundation direct or indirect annexation each other, form the topological network of the interconnection corresponding with default topology information, and on the basis of the interconnection topology network of setting up, carry out propagation and the forwarding etc. of routing iinformation to each other.
Pre-configured storage after the topology information that its Local Area Network of administering is corresponding in each authorization server, in each authorization server, completed after the planning and configuration of topology information, each routing device in network can, according to these topology informations default in authorization server, carry out the automatic configuration of Routing Protocol.
First, each routing device direct-connected with each authorization server physics can carry out respectively the certification of authority in each self-corresponding authorization server, to set up the trusting relationship that is connected between authorization server.Particularly, this purview certification process can be carried out based on digital authenticating mechanism, because the collocation method of Routing Protocol of the present invention carries out based on employing mark and " marked network " of position separation mechanism, be each routing device in network all using unified distribution Digital ID as its identify label, participate in to diverse network behavior, and in practical application, this Digital ID is specifically as follows unique cryptographic Hash that systematic unity distributes, each routing device is carried at this unique cryptographic Hash in the digital certificate of self, in the time carrying out the purview certification of authorization server, authorization server can be by carrying uniquely identified digital certificate and authenticate this, to judge the legitimacy of this routing device.And passing through after the certification of authorization server, this routing device direct-connected with authorization server can be set up being connected between authorization server, is equivalent to set up the neighbours' trusting relationship between authorization server.
In network, the ground floor routing device direct-connected with authorization server set up being connected after trusting relationship to each other with authorization server, the routing device of this ground floor can directly carry out the mutual of routing iinformation with authorization server, specifically refer to that authorization server can be directly by routing iinformation, by the annexation of this foundation, be issued in the routing device of connection.And in order to set up further whole network topology structure interconnected relationship, the routing iinformation that authorization server issues can be transmitted in the each routing device in this Local Area Network, distribute even the routing device to zones of different network, in the present embodiment, the direct-connected routing device of each physics is also by the topology information prestoring based on authorization server, carry out the foundation of annexation to each other, with the topology information according to default, set up whole topological network.
Particularly, similar to the above embodiments, in the present embodiment, in network, the direct-connected routing device of any two physics can, automatically under the mandate of corresponding authorization server, be set up neighbours' trusting relationship each other.And before neighbours' trusting relationship of setting up to each other, first two direct-connected routing devices of this physics need to carry out mutual authentication process to each other, with " understanding is understood " opposite end routing device in this mutual authentication process, and obtain the identification information of opposite end routing device in network.Particularly, the mechanism that this mutual authentication process can be based on data certificate and carrying out, is carried at unique cryptographic Hash in digital certificate separately, that be different from other routing devices and this identification information is specifically as follows each routing device.
After two-way authentication is passed through, whether two routing devices need to setting up neighbours' trusting relationship allow to be established neighbours' trusting relationship to each other in order to know, and in order to obtain the mandate of the authorization server of ownership separately, need the authorization server of the Local Area Network belonging to separately respectively to send interconnection authority inquiry request, whether allow to be established with requesting query oneself and neighbours' trusting relationship of opposite end routing device.Particularly, if two routing devices of the direct-connected relation of this physics belong to the same area network, this interconnection authority inquiry request will be sent in same authorization server, if and these two routing devices are subordinated to zones of different network, this interconnection authority inquiry request will be sent in different authorization servers.And in this interconnection authority inquiry request sending, routing device can be carried at the identification information of the opposite end routing device getting from mutual authentication process in this interconnection authority inquiry request, to inform the mark of opposite end routing device of authorization server requesting query, be convenient to authorization server in its data storehouse, in default topology information, inquire about.
The authorization server corresponding with two routing devices that send inquiry request receiving after interconnection authority inquiry request, according to the identification information of the opposite end routing device carrying in interconnection authority inquiry request, and send the identification information of the routing device self of this interconnection authority inquiry request, can in local data base, inquire about between these two routing devices whether allow to set up neighbours' trusting relationship.
Authorization server, by the topology information storing in advance in local data base, is inquired about according to two routing devices identification information separately, can learn between these two routing devices whether allow to set up neighbours' trusting relationship.And if queries to and two routing devices between allow to set up neighbours' trusting relationship, authorization server will return to corresponding query response message, with the message of informing that this interconnection authority of corresponding routing device is allowed to.Particularly, authorization server, by the query response message returning, carries the type information inquiring, allow the neighbours' trusting relationship being established, to inform that this routing device needs and the type of the neighborhood that opposite end routing device is set up.And the type of this neighbours' trusting relationship can be neighbours' trusting relationship between neighbours' trusting relationship or territory in territory.
Alternatively, authorization server can also allow to be established after neighbor information relation inquiring two routing devices, in the query response message that returns to routing device, carry opposite end routing device and allow to be established the interface number information for communicating by letter of neighborhood, so that routing device, according to this interface number information, is specifically set up and the annexation of this interface of opposite end routing device.Further alternative, authorization server can also be in the query response message that returns to routing device, be carried in the neighbours' trusting relationship that allows to be established, the residing Role Information of this routing device, for example, in neighbours' trusting relationship to be set up, this routing device is role in service end or the role of client, or two routing devices are the role of peers include both.Knowing after these information, routing device can, according to the information of specifying in query response message, be set up neighbours' trusting relationship of specifying with opposite end routing device.
Also it should be noted that, in the present invention, if sending the routing device of interconnection authority inquiry request is the special routing device in its affiliated area network, be for example boundary routing device or the interregional mapping server in affiliated area network, due in the default topology information of authorization server, also comprise the Role Information of each routing device in its Local Area Network of administering, for example which routing device is the boundary routing device in affiliated area network or is the interregional mapping server in affiliated area network, thereby in order to inform this information of routing device, to indicate this routing device with special identity to carry out the operation of follow-up correspondence, authorization server also should be in the query response message returning, carry and be used to indicate the first indication information that this routing device is boundary routing device, or carry and be used to indicate the second indication information that this routing device is interregional mapping server, to inform its Role Identity in affiliated area network of corresponding routing device.
Routing device is receiving after the query response message that corresponding authorization server returns, according to the type information of neighbours' trusting relationship of wherein carrying, can learn that the neighbours' trusting relationship between own and opposite end routing device allows to be established, but also learn the type of neighbours' trusting relationship that this permission sets up, so this routing device and opposite end routing device are set up neighbours' trusting relationship of specified type.
Alternatively, if also carry the interface number information of opposite end routing device in query response message, or this routing device is residing Role Information in the neighbours' trusting relationship that allows to be established, this routing device is in the time setting up neighbours' trusting relationship with opposite end routing device, also will be according to this interface number information, the annexation of the corresponding interface of foundation and opposite end routing device, and in neighbours' trusting relationship of setting up, identify the role of oneself, be for example the role of service end or the role of client, or be the role of peers include both, and the routing device that has identified different Role Informations is in the time carrying out information interaction with opposite end routing device, can be according to self residing different role, carry out different operations.
For example: if neighbours' trusting relationship of setting up is neighbours' trusting relationship between territory, and certainly as the client in neighbours' trusting relationship between this territory, opposite end routing device is the service end of neighbours' trusting relationship between territory, and this routing device is or the boundary routing device of Local Area Network, this routing device, in the time receiving the inter-domain routing information that opposite end routing device sends, does not need learned intErzone routing information to report to network in region; And if this routing device is only the boundary routing device of Local Area Network, for the inter-domain routing information receiving, need the routing device of having set up neighbours' trusting relationships in network in territory to report, simultaneously, in the time reporting this inter-domain routing information to service end routing device or peers include both routing device, also need to carry out the auto-polymerization of inter-domain routing.
In above-mentioned steps 205, if queries is the boundary routing device in Local Area Network to the routing device that sends interconnection authority inquiry request, will be in the time returning to query response message to this routing device, carry therein and be used to indicate the first indication information that this routing device is boundary routing device.Accordingly, receive the routing device of the first indication information except responding this query response message, set up outside the neighbours' trusting relationship between the routing device of opposite end, also need according to this first indication information, the own identity in Local Area Network of living in of mark is boundary routing device.
Further, this boundary routing device is set up after neighbours' trusting relationship at another routing device direct-connected with physics (this routing device is same may be the boundary routing device in adjacent area network), for this identity that to inform routing device in territory himself be boundary routing device, this boundary routing device also will be by default Routing Protocol function, by neighbours' trusting relationship in the territory of setting up before, routing device in territory is reported from the message as boundary routing device, forwards this first indication information.This first indication information, by neighbours' trusting relationship in each territory of setting up in this Local Area Network, can be spread in the each routing device in territory.
And arbitrary routing device in territory is receiving after this first indication information, receive after the message that certain or some routing devices are boundary routing device, the identification information of these boundary routing devices is kept to this locality, and the boundary routing device with this identification information is set to the default route equipment for communicating with adjacent area network.After need to communicate with the routing device of other Local Area Networks, need to carry out inter-domain communication, will directly be undertaken by this default route equipment.Particularly, if this routing device is only learnt the existence of a boundary routing device, this routing device directly this boundary routing device is set to default route equipment; And if exist multiple boundary routing devices, this routing device can select arbitrarily one of them routing device as default route equipment; Or this routing device can also, according to the difference of the direct-connected end system of this routing device, select different border routers as default route equipment for different end systems.
Thereby in this step, issue from trend boundary routing device the information that it is boundary routing device that indicates by authorization server, also make this boundary routing device automatic spread from the message as boundary routing device, and made other routing devices in territory automatically complete the function that default route arranges.
In above-mentioned steps 205, if when queries is the interregional mapping server in Local Area Network to the routing device that sends interconnection authority inquiry request, will be in the time returning to query response message to this routing device, carry therein and be used to indicate the second indication information that this routing device is interregional mapping server.Accordingly, receive the routing device of the second indication information except responding this query response message, set up outside the neighbours' trusting relationship between the routing device of opposite end, also need according to this second indication information, the own identity in Local Area Network of living in of mark is interregional mapping server.
After the interregional mapping server identifying itself as in affiliated area network, this interregional mapping server need to be brought into play the function of interregional mapping server in affiliated Local Area Network.Particularly, while issuing the route of this interregional mapping server as the routing device of interregional mapping server in Routing Protocol, the route message of its transmission should have corresponding flag bit, and indicating this route is mapping server between territory.And this route not only issues in a Local Area Network, border router sets it as inter-domain routing and issues, and such routing iinformation can not carry out route aggregation in communication process.
In network, the routing device of each physical connection is successfully being set up after neighbours' trusting relationship of transmitting connection each other, and the routing device of having set up neighbours' trusting relationships can carry out the interactive communication of routing iinformation to each other.Particularly, set up two routing devices of neighbours' trusting relationship in territory and can exchange and routing iinformation in the territory of upgrading in corresponding Local Area Network, two routing devices having set up neighbours' trusting relationship between territory can exchange and the inter-domain routing information of upgrading between two corresponding Local Area Networks each other.
The more important thing is, by neighbours' trusting relationship of setting up, in network, between all routing devices that add and each authorization server, all can pass through interconnective neighborhood to each other, automatically set up direct or indirect annexation, thereby form the network topology chain of an interconnection.Thereby in this network topology chain, neighbours' trusting relationship that authorization server can be set up to each other by routing device, to the each routing device in corresponding Local Area Network, or the each routing device outside corresponding Local Area Network is reported or is upgraded relevant routing policy, this routing policy comprises whether realizing the routing policy such as the number of optimal path between auto-polymerization, territory and the selection of the many results of mark map locating, and each routing device also can, by this network topology chain of automatically setting up, be known the diverse network route messages relevant to self.
Particularly, the routing device direct-connected with authorization server passing through after Certificate Authority, to automatically set up Routing Protocol with authorization server, authorization server can be distributed to the routing policy of initial configuration on each routing device by Routing Protocol, and these routing policies, by each routing device Routing Protocol reciprocal process each other, can be spread in territory or on overseas each routing device.And if when on authorization server, the routing policy of domain of dependence network changes, authorization server can also pass through each routing device Routing Protocol each other, upgrade the routing policy of issuing this variation, similarly, the routing policy of this renewal, by each routing device Routing Protocol reciprocal process each other, can be spread in territory or on overseas each routing device equally.
The collocation method of the Routing Protocol of the present embodiment, by the relevant topology information of each routing device in Local Area Network pre-configured to corresponding in the authorization server of regional network, in network, the direct-connected routing device of any two physics is initiatively carrying out after mutual two-way authentication, according to the identification information of the opposite end routing device getting in two-way authentication, send interconnection authority inquiry request to each self-corresponding authorization server, thereby receive the authorization server of interconnection authority inquiry request according to pre-configured topology information, can inquire between the direct-connected routing device of these two physics and whether allow to set up neighbours' trusting relationship, further when Query Result is when allowing to be established, these two routing devices can be automatically according to the type of specifying in Query Result, set up corresponding to each other neighbours' trusting relationship, realize interacting message communication to each other with this, thereby while being applied in whole Routing Protocol network, automatically carry out the foundation of neighbours' trusting relationship to each other by the direct routing device of each physics, in network, all routing devices all can automatically be set up direct or indirect annexation, routing iinformation can be by authorization server at whole topological network repeating, Routing Protocol can automatically be configured in network, greatly reduce the difficulty of Routing Protocol configuration.
One of ordinary skill in the art will appreciate that: all or part of step that realizes said method embodiment can complete by the relevant hardware of program command, aforesaid program can be stored in a computer read/write memory medium, this program, in the time carrying out, is carried out the step that comprises said method embodiment; And aforesaid storage medium comprises: various media that can be program code stored such as ROM, RAM, magnetic disc or CDs.
Fig. 3 is the structural representation of routing device embodiment mono-of the present invention.As shown in Figure 3, the routing device of the present embodiment at least comprises: two-way authentication module 11, request sending module 12, message sink module 13 and neighbours' trusting relationship are set up 14 4 modules of module.
Wherein, two-way authentication module 11 is for carrying out two-way authentication with the opposite end routing device that has the direct-connected relation of physics at network, and in mutual authentication process, obtains the identification information of opposite end routing device;
After request sending module 12 is passed through for the two-way authentication of carrying out at two-way authentication module 11 and opposite end routing device, send interconnection authority inquiry request to the authorization server of the Local Area Network belonging to, whether to allow to set up neighbours' trusting relationship between requesting query self and opposite end routing device, in this interconnection authority inquiry request, carry the identification information of the opposite end routing device getting;
Neighbours' trusting relationship is set up 14 of the modules query response message for receiving according to message sink module 13, set up neighbours' trusting relationship of query response message specified type with opposite end routing device, set up the interactive communication that allows to carry out routing iinformation between the routing device of neighbours' trusting relationships.
Particularly, the related all functions module of the routing device of the present embodiment, with and related specific works process, the related content that can disclose with reference to the related embodiment of the collocation method of above-mentioned Routing Protocol, does not repeat them here.
The routing device of the present embodiment, by the relevant topology information of each routing device in Local Area Network pre-configured to corresponding in the authorization server of regional network, in network, the direct-connected routing device of any two physics is initiatively carrying out after mutual two-way authentication, according to the identification information of the opposite end routing device getting in two-way authentication, send interconnection authority inquiry request to each self-corresponding authorization server, thereby receive the authorization server of interconnection authority inquiry request according to pre-configured topology information, can inquire between the direct-connected routing device of these two physics and whether allow to set up neighbours' trusting relationship, further when Query Result is when allowing to be established, these two routing devices can be automatically according to the type of specifying in Query Result, set up corresponding to each other neighbours' trusting relationship, realize interacting message communication to each other with this, thereby while being applied in whole Routing Protocol network, automatically carry out the foundation of neighbours' trusting relationship to each other by the direct routing device of each physics, in network, all routing devices all can automatically be set up direct or indirect annexation, routing iinformation can be by authorization server at whole topological network repeating, Routing Protocol can automatically be configured in network, greatly reduce the difficulty of Routing Protocol configuration.
Fig. 4 is the structural representation of routing device embodiment bis-of the present invention.As shown in Figure 4, on the basis of a upper routing device embodiment, in the routing device of the present embodiment, can also comprise information report module 15 and 16 two modules of module are set.
Wherein, if carrying, the query response message that information report module 15 receives for message sink module 13 is used to indicate the first indication information that this routing device is boundary routing device, by and network in neighbours' trusting relationship of setting up between other routing devices, this first indication information is reported to other routing devices in territory; Receive and be used to indicate the first indication information that a certain routing device is boundary routing device for this routing device if module 16 is set, the boundary routing device of indicating in the first indication information is set to the default route equipment for communicating with adjacent area network.
Further, in the present embodiment, routing device can also comprise identify label module 17.If the query response message that this identify label module 17 receives for above-mentioned message sink module 13 carries, is used to indicate the second indication information that this routing device is the interregional mapping server in affiliated area network, the identity of the interregional mapping server from as affiliated area network is identified.
Further, in the present embodiment, routing device can also comprise authentication module 18.If this authentication module 18 is the routing device direct-connected with authorization server physics for this routing device, before above-mentioned two-way authentication module 11 is carried out two-way authentication with opposite end routing device, in corresponding authorization server, authenticate, and after certification is passed through, set up the annexation between this corresponding authorization server.
Particularly, the related all functions module of the routing device of the present embodiment, with and related specific works process, the related content that can disclose with reference to the related embodiment of the collocation method of above-mentioned Routing Protocol equally, does not repeat them here.
The routing device of the present embodiment, by the relevant topology information of each routing device in Local Area Network pre-configured to corresponding in the authorization server of regional network, in network, the direct-connected routing device of any two physics is initiatively carrying out after mutual two-way authentication, according to the identification information of the opposite end routing device getting in two-way authentication, send interconnection authority inquiry request to each self-corresponding authorization server, thereby receive the authorization server of interconnection authority inquiry request according to pre-configured topology information, can inquire between the direct-connected routing device of these two physics and whether allow to set up neighbours' trusting relationship, further when Query Result is when allowing to be established, these two routing devices can be automatically according to the type of specifying in Query Result, set up corresponding to each other neighbours' trusting relationship, realize interacting message communication to each other with this, thereby while being applied in whole Routing Protocol network, automatically carry out the foundation of neighbours' trusting relationship to each other by the direct routing device of each physics, in network, all routing devices all can automatically be set up direct or indirect annexation, routing iinformation can be by authorization server at whole topological network repeating, Routing Protocol can automatically be configured in network, greatly reduce the difficulty of Routing Protocol configuration.
Fig. 5 is the structural representation of authorization server embodiment mono-of the present invention.As shown in Figure 5, the authorization server of the present embodiment at least comprises that request receiving module 21, neighborhood enquiry module 22 and message returns to 23 3 modules of module.
Wherein, request receiving module 21 is for receiving the interconnection authority inquiry request of administered routing device identification information that send, that carry another routing device direct-connected with this routing device physics, this interconnection authority inquiry request by routing device the two-way authentication of carrying out with another routing device by after send, the identification information of this another routing device is acquired in above-mentioned mutual authentication process by the routing device that sends interconnection authority inquiry request;
The identification information of another routing device that neighborhood enquiry module 22 carries for the interconnection authority inquiry request receiving according to request receiving module 21 inquires about between above-mentioned two routing devices whether allow to set up neighbours' trusting relationship in local data base;
If message is returned to 23 of modules and is inquired between two routing devices and allow to set up neighbours' trusting relationship for neighborhood enquiry module 21, return to query response message to the routing device that sends interconnection authority inquiry request, in this query response message, specify the type that allows the neighbours' trusting relationship being established between two routing devices, set up corresponding neighborhood to indicate between two routing devices, the type comprises in territory neighbours' trusting relationship between neighbours' trusting relationship and territory, set up the interactive communication that allows to carry out routing iinformation between the routing device of neighbours' trusting relationships.
Particularly, the related all functions module of the authorization server of the present embodiment, with and related specific works process, the related content that can disclose with reference to the related embodiment of the collocation method of above-mentioned Routing Protocol, does not repeat them here.
The authorization server of the present embodiment, by the relevant topology information of each routing device in Local Area Network pre-configured to corresponding in the authorization server of regional network, in network, the direct-connected routing device of any two physics is initiatively carrying out after mutual two-way authentication, according to the identification information of the opposite end routing device getting in two-way authentication, send interconnection authority inquiry request to each self-corresponding authorization server, thereby receive the authorization server of interconnection authority inquiry request according to pre-configured topology information, can inquire between the direct-connected routing device of these two physics and whether allow to set up neighbours' trusting relationship, further when Query Result is when allowing to be established, these two routing devices can be automatically according to the type of specifying in Query Result, set up corresponding to each other neighbours' trusting relationship, realize interacting message communication to each other with this, thereby while being applied in whole Routing Protocol network, automatically carry out the foundation of neighbours' trusting relationship to each other by the direct routing device of each physics, in network, all routing devices all can automatically be set up direct or indirect annexation, routing iinformation can be by authorization server at whole topological network repeating, Routing Protocol can automatically be configured in network, greatly reduce the difficulty of Routing Protocol configuration.
Further, on the basis of technique scheme, the authorization server of the present embodiment can also comprise enquiry module 24, for in inquiring about at neighborhood enquiry module 22 and whether allowing to set up neighbours' trusting relationship between two routing devices, inquiry sends the identity type of the routing device of interconnection authority inquiry request.
Correspondingly, above-mentioned message is returned to module 23 and can also be used for: if enquiry module 24 inquires the boundary routing device of the Local Area Network that the routing device of transmission interconnection authority inquiry request is its ownership, in the query response message that returns to this routing device, carry and be used to indicate the first indication information that this routing device is boundary routing device; And if enquiry module 24 to inquire the routing device that sends interconnection authority inquiry request be the interregional mapping server in its Local Area Network belonging to, in the query response message that returns to this routing device, carry and be used to indicate the second indication information that this routing device is interregional mapping server.
Particularly, in technique scheme, the related all functions module of authorization server, with and related specific works process, the related content that can disclose with reference to the related embodiment of the collocation method of above-mentioned Routing Protocol equally, does not repeat them here.
The technique scheme of the present embodiment is by after receiving the interconnected authority inquiry request of routing device at authorization server, whether allow to set up neighbours' trusting relationship between two routing devices of inquiry in, also inquire about further the identity type of the routing device that sends interconnection authority inquiry request, and the result inquiring is carried in query response message and returns to routing device, for routing device special in network has identified identity.
Further, in the present embodiment, authorization server can also comprise routing policy release module 25, for all having set up after neighbours' trusting relationship between the each routing device of network, by the neighbours' trusting relationship between each routing device of setting up in network, in corresponding Local Area Network or between Local Area Network, issue or renewal routing policy.Thereby neighbours' trusting relationship of automatically setting up to each other by each routing device in network, authorization server can also be issued routing policy easily and upgrade in whole net.
Finally it should be noted that: above embodiment only, in order to technical scheme of the present invention to be described, is not intended to limit; Although the present invention is had been described in detail with reference to previous embodiment, those of ordinary skill in the art is to be understood that: its technical scheme that still can record aforementioned each embodiment is modified, or part technical characterictic is wherein equal to replacement; And these amendments or replacement do not make the essence of appropriate technical solution depart from the spirit and scope of various embodiments of the present invention technical scheme.
Claims (8)
1. a method of automatic configuration for Routing Protocol, is characterized in that, comprising:
In network, direct-connected any two routing devices of physics are to each other by after two-way authentication, send interconnection authority inquiry request to the authorization server of the Local Area Network belonging to separately respectively, the identification information that carries opposite end routing device in described interconnection authority inquiry request, the identification information of described opposite end routing device is acquired in described mutual authentication process by described routing device;
Described authorization server, according to the identification information carrying in the described interconnection authority inquiry request receiving, inquires about between described two routing devices whether allow to set up neighbours' trusting relationship in local data base;
If inquire between described two routing devices and allow to set up neighbours' trusting relationship, described authorization server returns to query response message to corresponding routing device, in described query response message, specify the type that allows the neighbours' trusting relationship being established between described two routing devices, described type comprises in territory neighbours' trusting relationship between neighbours' trusting relationship and territory;
Described routing device is according to the described query response message receiving, set up neighbours' trusting relationship of specified type in described query response message with described opposite end routing device, set up the interactive communication that allows to carry out routing iinformation between the routing device of neighbours' trusting relationships;
If sending the routing device of described interconnection authority inquiry request is the boundary routing device in belonged to Local Area Network, corresponding described authorization server, in the time returning to described query response message, carries and is used to indicate the first indication information that described routing device is boundary routing device in described query response message;
Described boundary routing device, by neighbours' trusting relationship of setting up between each routing device in described network, is reported described the first indication information to the routing device in territory;
Routing device in described territory is according to described the first indication information receiving, and described boundary routing device is set to the default route equipment for communicating with adjacent area network.
2. the method for automatic configuration of Routing Protocol according to claim 1, is characterized in that, in described network, direct-connected any two routing devices of physics are to each other by before two-way authentication, and described method also comprises:
Routing device direct-connected with described authorization server physics in network authenticates in corresponding authorization server, and after certification is passed through, sets up the annexation between described corresponding authorization server.
3. the method for automatic configuration of Routing Protocol according to claim 1 and 2, is characterized in that, described method also comprises:
If sending the routing device of described interconnection authority inquiry request is the interregional mapping server in belonged to Local Area Network, corresponding described authorization server, in the time returning to described query response message, carries and is used to indicate the second indication information that described routing device is interregional mapping server in described query response message;
Described interregional mapping server is according to described the second indication information receiving, and mark is from the interregional mapping server as affiliated area network.
4. the method for automatic configuration of Routing Protocol according to claim 1 and 2, is characterized in that, after described and described opposite end routing device is set up neighbours' trusting relationship of specified type in described query response message, described method also comprises:
In network, arbitrary described authorization server, by the described neighbours' trusting relationship between each routing device of setting up in network, is issued in corresponding Local Area Network or between Local Area Network or renewal routing policy.
5. a routing device, is characterized in that, comprising:
Two-way authentication module for carrying out two-way authentication with the opposite end routing device that has the direct-connected relation of physics at network, and is obtained the identification information of described opposite end routing device in mutual authentication process;
Request sending module, after passing through for the two-way authentication of carrying out in described two-way authentication module, send interconnection authority inquiry request to the authorization server of the Local Area Network belonging to, whether to allow to set up neighbours' trusting relationship between requesting query self and described opposite end routing device, in described interconnection authority inquiry request, carry the identification information of the opposite end routing device getting;
Message sink module, that described authorization server returns for receiving, carry the query response message that allows the type of the neighbours' trusting relationship being established between self and described opposite end routing device, described type comprises in territory neighbours' trusting relationship between neighbours' trusting relationship and territory;
Neighbours' trusting relationship is set up module, for the described query response message receiving according to described message sink module, sets up neighbours' trusting relationship of described query response message specified type with described opposite end routing device;
Information is reported module, if carrying, the query response message receiving for described message sink module is used to indicate the first indication information that described routing device is boundary routing device, by and described network in neighbours' trusting relationship of setting up between other routing devices, described the first indication information is reported to described other routing devices in territory;
Module is set, if receive described the first indication information for described routing device, the boundary routing device of indicating in described the first indication information is set to the default route equipment for communicating with adjacent area network.
6. routing device according to claim 5, is characterized in that, described equipment also comprises:
Identify label module, if the query response message receiving for described message sink module carries, is used to indicate the second indication information that described routing device is the interregional mapping server in affiliated area network, the identity of the interregional mapping server from as affiliated area network is identified.
7. an authorization server, is characterized in that, comprising:
Request receiving module, for receiving the interconnection authority inquiry request of administered routing device identification information that send, that carry another routing device direct-connected with described routing device physics, described interconnection authority inquiry request by described routing device the two-way authentication of carrying out with described another routing device by after send, described identification information is acquired in described mutual authentication process by described routing device;
Neighborhood enquiry module, the identification information of described another routing device carrying for the described interconnection authority inquiry request that receives according to described request receiver module inquires about between two described routing devices, whether to allow to set up neighbours' trusting relationship in local data base;
Message is returned to module, if inquire between two described routing devices and allow to set up neighbours' trusting relationship for described neighborhood enquiry module, return to query response message to the routing device that sends described interconnection authority inquiry request, in described query response message, specify the type that allows the neighbours' trusting relationship being established between two described routing devices, to indicate two described routing devices to set up each other corresponding neighborhood, described type comprises in territory neighbours' trusting relationship between neighbours' trusting relationship and territory;
Enquiry module, for whether allow to set up neighbours' trusting relationship between two described routing devices of described neighborhood enquiry module inquiry in, inquiry sends the identity type of the routing device of described interconnection authority inquiry request;
Described message return module also for:
If it is the boundary routing device in belonged to Local Area Network that described enquiry module inquires the routing device of the described interconnection authority inquiry request of transmission, in the described query response message returning, carries and be used to indicate the first indication information that described routing device is boundary routing device.
8. authorization server according to claim 7, is characterized in that:
Described message return module also for:
If it is the interregional mapping server in belonged to Local Area Network that described enquiry module inquires the routing device of the described interconnection authority inquiry request of transmission, in the described query response message returning, carries and be used to indicate the second indication information that described routing device is interregional mapping server.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201110280688.XA CN102368728B (en) | 2011-09-20 | 2011-09-20 | Automatic configuration method of routing protocol, routing device and authorization server |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201110280688.XA CN102368728B (en) | 2011-09-20 | 2011-09-20 | Automatic configuration method of routing protocol, routing device and authorization server |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN102368728A CN102368728A (en) | 2012-03-07 |
| CN102368728B true CN102368728B (en) | 2014-06-11 |
Family
ID=45761278
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201110280688.XA Expired - Fee Related CN102368728B (en) | 2011-09-20 | 2011-09-20 | Automatic configuration method of routing protocol, routing device and authorization server |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102368728B (en) |
Families Citing this family (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104852844A (en) * | 2015-06-09 | 2015-08-19 | 张维秀 | Book sharing method and system, and mobile terminal |
| US10554662B2 (en) | 2015-06-30 | 2020-02-04 | Mcafee, Llc | Security service for an unmanaged device |
| CN105721455B (en) * | 2016-01-28 | 2019-02-12 | 北京小米移动软件有限公司 | Method and device for connecting routing equipment |
| CN105721324A (en) * | 2016-05-04 | 2016-06-29 | 重庆金美通信有限责任公司 | Routing protocol self-adaption method |
| CN107707470B (en) * | 2016-08-09 | 2021-03-16 | 中兴通讯股份有限公司 | OSPF area number configuration method and equipment |
| CN111491330B (en) * | 2020-03-11 | 2022-03-25 | 桂林电子科技大学 | Fusion networking method of SDN (software defined network) and wireless network |
| CN112152857B (en) * | 2020-09-27 | 2023-07-21 | 深圳市风云实业有限公司 | Regional automatic networking method with backup server |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP1758324A1 (en) * | 2004-06-28 | 2007-02-28 | Huawei Technologies Co., Ltd. | The session initial protocol identification method |
| CN101043366A (en) * | 2006-06-26 | 2007-09-26 | 华为技术有限公司 | Domain manager system, method for obtaining adjacent domain manager and performing update |
| CN101651597A (en) * | 2009-09-23 | 2010-02-17 | 北京交通大学 | Deployment method of IPSec-VPN in address discrete mapping network |
| CN101834914A (en) * | 2010-04-23 | 2010-09-15 | 北京交通大学 | A method for realizing the mapping relationship between identity and location |
| CN101888328A (en) * | 2010-03-02 | 2010-11-17 | 北京邮电大学 | Trustworthy Transformation Method of IP Routing Protocol Based on Trust Management System |
| CN102075420A (en) * | 2010-12-27 | 2011-05-25 | 北京邮电大学 | Location identifier and host identifier separation-based system and mobility management method thereof |
-
2011
- 2011-09-20 CN CN201110280688.XA patent/CN102368728B/en not_active Expired - Fee Related
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP1758324A1 (en) * | 2004-06-28 | 2007-02-28 | Huawei Technologies Co., Ltd. | The session initial protocol identification method |
| CN101043366A (en) * | 2006-06-26 | 2007-09-26 | 华为技术有限公司 | Domain manager system, method for obtaining adjacent domain manager and performing update |
| CN101651597A (en) * | 2009-09-23 | 2010-02-17 | 北京交通大学 | Deployment method of IPSec-VPN in address discrete mapping network |
| CN101888328A (en) * | 2010-03-02 | 2010-11-17 | 北京邮电大学 | Trustworthy Transformation Method of IP Routing Protocol Based on Trust Management System |
| CN101834914A (en) * | 2010-04-23 | 2010-09-15 | 北京交通大学 | A method for realizing the mapping relationship between identity and location |
| CN102075420A (en) * | 2010-12-27 | 2011-05-25 | 北京邮电大学 | Location identifier and host identifier separation-based system and mobility management method thereof |
Non-Patent Citations (2)
| Title |
|---|
| 《标识路由关键技术》;侯婕 等;《软件学报》;20100630;第21卷(第6期);全文 * |
| 侯婕 等.《标识路由关键技术》.《软件学报》.2010,第21卷(第6期), |
Also Published As
| Publication number | Publication date |
|---|---|
| CN102368728A (en) | 2012-03-07 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN102368728B (en) | Automatic configuration method of routing protocol, routing device and authorization server | |
| CN112104517B (en) | Data processing method based on block chain network and related device | |
| US12132609B2 (en) | Blockchains for securing IoT devices | |
| US11995618B2 (en) | Blockchain network interaction controller | |
| CN113016167B (en) | Method and device for enabling rights to follow terminal equipment in a network | |
| US11108561B2 (en) | Techniques for secure blockchain routing | |
| RU2756304C2 (en) | Identification of network node to which data will be replicated | |
| US9960923B2 (en) | Handling of digital certificates | |
| TW201141126A (en) | Apparatus and methods for managing network resources | |
| EP3202107B1 (en) | Virtualized on-demand service delivery between data networks via secure exchange network | |
| CN114616807B (en) | Method and system for managing and controlling a communication network | |
| US11979391B2 (en) | Access point manager for roaming user products | |
| CN103812672A (en) | Method for discovering newly-added network element device, correlative device, and system | |
| CN108366087B (en) | ISCSI service realization method and device based on distributed file system | |
| US9736027B2 (en) | Centralized enterprise image upgrades for distributed campus networks | |
| US12413584B2 (en) | Method and system for self-onboarding of IoT devices | |
| US20230299979A1 (en) | Device certificate management for zero touch deployment in an enterprise network | |
| CN115277001A (en) | Certificate distribution method, device, system and medium for co-building shared network | |
| US9313105B2 (en) | Network management using secure mesh command and control framework | |
| US20120222095A1 (en) | Information communication system, information communication method, node apparatus and recording medium | |
| US20230396492A1 (en) | A method of, a provisioner and a system for provisioning a plurality of operatively interconnected node devices in a network | |
| HK40036284A (en) | Blockchain network-based data processing method and related apparatus | |
| HK40042048A (en) | Block chain network-based data processing method and related device | |
| HK40042048B (en) | Block chain network-based data processing method and related device | |
| JP5234807B2 (en) | Network device and automatic encryption communication method used therefor |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20140611 Termination date: 20150920 |
|
| EXPY | Termination of patent right or utility model |