IPoEv6 access refers to the access mode in which users access the BRAS by sending DHCPv6 packets, ND packets, or IPv6 packets.
According to the used media, the broadband access includes the Asymmetric Digital Subscriber Line (ADSL) access using telephone cables, Ethernet access using Category 5 twisted pair cables, and Wireless Local Area Network (WLAN) access using wireless signals.
Users are connected to the BRAS through access devices such as the Digital Subscriber Line Access Multiplexer (DSLAM), LAN Switch, and access point (AP). The differences in physical connections are obscured by access devices. As a result, the BRAS does not have to be concerned with the access modes of users; instead, it distinguishes users by the protocol stack of packets sent by the terminals to the BRAS. By using various methods such as binding authentication, the BRAS identifies users according to the user names and passwords of the users, and then manages the users. For example, the BRAS assigns IP addresses to users and accounts the services of access users.
DHCPv6 and ND do not support functions such as user authentication, link establishment, and link monitoring. Therefore, IPoE adopt some extension functions to support these functions.
Authentication: Unlike that in PPP access mode, neither DHCPv6 packets nor ND packets carry authentication information such as the user name and password. Therefore, in IPoEv6 access mode, binding authentication is used to authenticate users. In binding authentication, the information about the physical connections of users is used to authenticate users. Users do not need to enter their user names and passwords. The BRAS generates user names and passwords according to the information such as Option82 fields, MAC addresses, and IP addresses, and sends the user names together with the passwords to the authentication server for authentication. Only the users that pass the authentication are assigned IP addresses.
Link establishment: Devices set up related forwarding entries for online IPoEv6 users, and only the users that pass the authentication and obtain IPv6 addresses can forward traffic.
Link monitoring: ND detection is used to detect link status for an IPoEv6 user. If the ND detection fails for the specified number of times, the IPoEv6 user is considered offline, and the IPv6 address of the IPoEv6 user is reclaimed and the related forwarding entry is deleted.
The IPoE single-stack access supports binding authentication, Web authentication ,Web+MAC authentication and fast authentication. Web authentication is an interactive authentication mode in which the user that has obtained an IP address opens the authentication page on the Web authentication server, and enters the user name and password to be authenticated.
The IPoE dual-stack access refers to the access mode in which a user has both an IPv4 address and an IPv6 address and IPoE authentication can be triggered through DHCP packets, ARP packets, IP packets, DHCPv6 packets, ND packets, or IPv6 packets. After receiving a Request message, the BRAS performs the following operations: If the user is a new user, the BRAS performs authentication and authorization for the user. If the user is a dual-stack user that has obtained an IP address of a specified type, the BRAS does not authenticate the user; instead, the BRAS performs authorization for the user according to the authentication result. The IPoE dual-stack access also supports binding authentication, Web authentication, Web+MAC authentication and fast authentication.