【作者】 陈亮；

【导师】 李志淮；

【作者基本信息】 大连海事大学 ， 计算机应用技术， 2003， 硕士

【摘要】 作为区域网技术的一种，以太网技术在80年代以来发展非常迅速。从最初的10兆共享式以太网到快速交换以太网，以至到千兆以太网。IEEE新的标准的不断制定不仅给千兆以太网的广泛应用提供了规范方面的支持，同时在技术上不断地完善以太网技术，使其具有了简单方便、价格低、速度快等优点。以太网开始进入城域网MAN和广域网WAN领域。目前，G位以太网已经成为宽带IP城域网的首选方案，也已经开始用于并将广泛用于MAN和WAN。 随着千兆以太网技术的继续发展，对网络管理的要求也相应增加。AAA概念的出现提出了对以太网用户管理的目标，各种宽带以太网接入认证管理技术也纷纷出现：PPPOE、VLAN+MAC／IP、WEB PORTAL等。最近802.1X作为一种新的以太网接入认证标准正在渐渐被广泛接受。由于802.1X解决了以上各种技术的缺点，802.1X将成为以太网接入认证技术的主要方向。但由于802.1X为比较新的标准，现有的设备对其的支持非常有限。 本文先详细的分析了VLAN+MAC／IP、PPPOE、WEB PORTAL的技术实现以及其优缺点，在此基础上阐述了IEEE 802.1X相对以上技术的优点，接着提出了用目前比较成熟、交换设备普遍支持的802.1Q和SNMP协议模拟实现802.1X的需求。然后在对802.1Q和SNMP协议分析的基础上提出了用VLAN动态配置和异常监控作为主要技术的方法来实现一种对802.1X的模拟，实现802.1X的功能。设计了一个模拟模型、描述了模拟模型的原理和工作流程，并设计实现了一个模拟系统，详细描述了此模拟系统的各个模块组成，在技术上给出了各个模块、关键技术点的实现细节。对模拟系统与802.1X系统进行功能、性能上的对比，最后对模拟系统在测试阶段中发现的问题进行分析并给出了解决方法。更多还原

【Abstract】 As an important technology of Local Area Network (LAN), Ethernet technology has been developing very rapidly. From the original ten Megabytes sharable Ethernet to fast-speed (100 M) Ethernet and currently multi-gigabytes Ethernet. New standards from IEEE brings not only the full support on criterion but also the improvement on the Ethernet technology, endues it with virtues such as easy to use, low cost of price and high-speed etc. Ethernet has entered the domain of Metropolitan Area Network (MAN) and Wide Area Lan (WAN).The demand for networking management has been increasing alone with the continuous development of giga-bytes Ethernet technology. The proposal of AAA concept set up the goal of user management in Ethernet network. Different kinds of wide-band Ethernet access authentication technologies has emerged including PPPOE, VLAN+MAC/IP, WEB Portal etc. As a new method of Ethernet access authentication and control, 802.1X has been more and more widely accepted due to its absence of faults in the other methods. But because it is a relatively new standard, the availability of existing switch devices supporting 802. 1x function is very limited.This paper gives a very detailed analysis of PPPOE, VLAN+MAC/IP, WEB Portal technologies, then discusses the 802.1x’s technical superiority to the other technologies. Based on the analysis, the paper puts forward the need for the simulation of 802.1X which is supported by limited amount of devices through using the 802.1Q and SNMP which are supported by almost all mainstream switch devices. The paper goes on introducing the working processes of 802.1q, snmp, 802.1x protocols and gives an idea of simulating the 802.1x access authentication mode by using VLAN dynamic-configuration and abnormality real-time handling as the main technologies employed. Next, the paper gives a design of a simulation model, its principle and working process, introduces a implemented experimentation system of simulation, describes the modules of the system and give the key technical details of theimplementation of every module. Finally, the paper compares the experiment systemwith 802.1x system on the aspects of function and performance, and gives the solutions of the problem found during the test of the experiment system.更多还原