A method for improving stability of 802.1X authentication equipment

A technology for authentication equipment and stability, applied in digital transmission systems, electrical components, transmission systems, etc., can solve problems such as increasing equipment costs, failing to meet business development needs, reducing the number of access users, etc. The effect of scalability

Inactive Publication Date: 2009-04-29
HUAWEI TECH CO LTD
View PDF5 Cites 3 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0008] (3) Due to the large number of users with burst access and successful authentication, the time for the system to periodically exchange handshake message information also occurs at the same time, thus causing periodic full load of the system load;
[0011] However, these two solutions have different degrees of problems: for the first solution, because the number of access users is reduced, it cannot meet the development needs of modern services; for the second solution, although the exception can be alleviated to a certain extent The occurrence of offline situations, but the main cause of abnormal user access is sudden online and offline, and system resources are usually idle. If simply improving system performance, the cost of equipment will be greatly increased, resulting in cost waste

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A method for improving stability of 802.1X authentication equipment
  • A method for improving stability of 802.1X authentication equipment
  • A method for improving stability of 802.1X authentication equipment

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0029] When the Authenticator takes out a protocol message to be processed from the protocol message receiving queue, it first judges its type as an authentication information frame (EAP-Packet), EAPOL-Start, an exit request frame (EAPOL-Logoff), and a key information frame (EAPOL-Key), select which one of the message frame (EAPOL-Encapsulated-ASF-Alert), if confirm that the type of protocol message to be processed is EAPOL-Start, then check whether the current protocol message receiving queue occupancy If the preset threshold is reached, the EAPOL-Start is discarded, and the packet processing process ends.

[0030] image 3 Shown is a flowchart of Embodiment 1 of applying the present invention to perform access suppression processing.

[0031] Step 301, the Authenticator takes out a protocol message to be processed from the protocol message receiving queue;

[0032] Step 302, judging whether the type of the protocol message taken is EAPOL-Start, if yes, then execute step 30...

Embodiment 2

[0039] In practical applications, since the underlying driver forwards the received protocol packets to the protocol packet receiving queue of the Authenticator, the type of EAPOL can be sent to the protocol packet receiving queue of the Authenticator by controlling the underlying driver program within a unit time -The number of protocol packets of Start, so as to achieve the purpose of the present invention. Its specific operation is as follows:

[0040] Preset the threshold of the number of protocol packets of the EAPOL-Start type that the system receives within a unit time in the underlying driver. If the number of protocol packets of the EAPOL-Start type received by the system within a unit time is within the threshold, it means that the system resource occupancy rate is within the control capability of the system, and it will be processed according to different types of protocol packets; if the underlying driver is in If the number of EAPOL-Start type protocol packets re...

Embodiment 3

[0042] The system judges the busyness of the system according to the number of times the process is called or the amount of data processed by the CPU per unit time through the underlying driver program or the logic circuit in the switching chip. When the busyness of the system reaches a certain value, the underlying driver is controlled. Program sends the number of the protocol message of EAPOL-Start of the protocol message receiving queue of upper layer Authenticator, and then reaches the purpose of the present invention.

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a method for increasing the stability of 802.1X identification device comprising the steps of, (1) presetting the suppressing condition for triggering the identification, (2) determining whether the present state meets the preset suppressing condition for triggering the identification, if so, discarding the protocol message of the identification starting frame in the message types to be processed, otherwise continuing the subsequent operation. The invention can reduce the shock to the authenticator resulted from the switching in of large amount of users, thus improving the stability for the switch-in control equipment and the switch-in success rate.

Description

technical field [0001] The invention relates to 802.1X authentication technology, in particular to a method for improving the stability of 802.1X authentication equipment. Background technique [0002] IEEE 802.1X is a port-based network access control protocol officially approved by the Institute of Electrical and Electronics Engineers (IEEE) standardization organization in June 2001. The authentication process of the 802.1X protocol is completed by exchanging protocol messages between the access control device, commonly referred to as the Authenticator, and the user access device, commonly referred to as the client (Supplicant). When the supplicant passes the authentication and is online, the two will also exchange handshake information regularly to confirm that the online status is valid and prevent illegal users from accessing network resources. [0003] The physical communication basis between Authenticator and Supplicant is wired LAN or wireless LAN. In the interacti...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06H04L12/24H04Q3/545
Inventor 魏其礼罗汉军邹婷汤杰成
Owner HUAWEI TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap