WO2012088882A1 - Method and system for data transmission, and access gateway - Google Patents

Method and system for data transmission, and access gateway Download PDF

Info

Publication number
WO2012088882A1
WO2012088882A1 PCT/CN2011/077880 CN2011077880W WO2012088882A1 WO 2012088882 A1 WO2012088882 A1 WO 2012088882A1 CN 2011077880 W CN2011077880 W CN 2011077880W WO 2012088882 A1 WO2012088882 A1 WO 2012088882A1
Authority
WO
WIPO (PCT)
Prior art keywords
client
address
network
server
access gateway
Prior art date
Application number
PCT/CN2011/077880
Other languages
French (fr)
Chinese (zh)
Inventor
金友兴
Original Assignee
中兴通讯股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中兴通讯股份有限公司 filed Critical 中兴通讯股份有限公司
Publication of WO2012088882A1 publication Critical patent/WO2012088882A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L65/00Network arrangements, protocols or services for supporting real-time applications in data packet communication
    • H04L65/10Architectures or entities
    • H04L65/102Gateways
    • H04L65/1033Signalling gateways
    • H04L65/1036Signalling gateways at the edge

Definitions

  • the present invention relates to an identity location separation network, and more particularly to a data transmission method, system, and access gateway.
  • the IP address in the TCP/IP protocol widely used in the existing Internet has a dual function, which serves as both the location identifier of the communication terminal host network interface of the network layer in the network topology and the identity of the transport layer host network interface.
  • the TCP/IP protocol was not designed at the beginning of the host. However, when host mobility is becoming more common, the semantic overload defects of such IP addresses are becoming increasingly apparent.
  • the IP address of the host changes, not only the route changes, but also the identity of the communication terminal host changes. This causes the routing load to become heavier and heavy, and the change of the host identity causes the application and connection to be interrupted.
  • the purpose of identification and location separation is to solve the problem of semantic overload of IP address and serious routing load, security, etc., to separate the dual functions of IP address, realize dynamic redistribution of mobility, multiple townships, and IP addresses. Support for mitigating routing load and mutual visits between different network areas in the next generation Internet.
  • the implementation method based on IP network router is one of the solutions for identity identification and location separation.
  • the network framework is shown in Figure 1.
  • the logical functions of each network element in the figure are as follows:
  • An access support node which is responsible for providing access services for various mobile terminals, assigning user identity (AID) and routing location identifier (RID) to the accessed users, and the user's data " ⁇
  • the text is encapsulated and transmitted in the core network.
  • the mapping plane is mainly responsible for maintaining the mapping relationship between the user identity and the routing location identifier in the network, and providing query services to the ASN and other mapping servers.
  • the mapping plane is composed of multiple identity location registers (ILRs). In the process of querying the communication peer location by the ASN, if the ASN does not have the routing location information of the communication peer locally, it searches through the mapping plane.
  • ILRs identity location registers
  • the certification center is responsible for recording user categories, user service levels, etc., when the user accesses The user performs legality authentication and authorization.
  • the Certification Authority supports two-way authentication between the network and the user.
  • the IP backbone network is an interconnection network between ASNs.
  • the main function is to route and forward data packets according to the routing location identifier in the data packet, and forward the data packets sent by the ASN to the correct destination.
  • the core switching router (CSR) is composed of. It is the same as the existing IP network and does not require any modifications.
  • ISN Interworking Gateway
  • the wireless network is responsible for providing and maintaining the Layer 2 link between the user terminal and the ASN. In the cellular mobile network, it is responsible for wireless resource allocation and management functions.
  • the wireless network herein may be a wireless network such as WCDMA, TD-SCDMA, CDMA2000 or Long Term Evolution (LTE).
  • All the communication peers are saved on the ASN for each locally accessed mobile terminal (MN).
  • MN mobile terminal
  • the new ASN notifies the communication peer of the terminal's routing location identifier.
  • the data packets between the ASNs are standard IP packets, which can be routed on the IP backbone network.
  • a data transmission method of the present invention includes: configuring an alien network access gateway between an identity location separation network and a legacy network, and configuring an IP address in a legacy network for a service server in the identity location separation network. ;
  • the server mapping table and the client mapping table are configured in the different network access gateway, and the mapping relationship between the identity identifier (AID) of the service server and the IP address is recorded in the server mapping table; the client mapping table is used to record the AID and the IP address of the client. Mapping relationship;
  • the alien network access gateway implements data transmission between the client in the traditional network and the service server in the identity-separated network according to the server mapping table and the client mapping table.
  • the alien network access gateway is configured with an IP address corresponding to the traditional network and a routing location identifier (RID) corresponding to the identity location separation network, and the service server in the identity location separation network sends the data to the alien network access gateway through the RID, in the traditional network.
  • the client sends data to the alien access gateway through the IP address of the alien access gateway.
  • the steps for implementing data transmission by the different network access gateway include:
  • the client sends an IP data packet to the different network access gateway, where the source address of the IP data packet is the IP address of the client, and the destination address is the IP address of the service server serving as the target server in the identity location separation network;
  • the different network access gateway After receiving the IP data packet, the different network access gateway searches the server mapping table for the AID corresponding to the IP address of the target server according to the destination address, and assigns an AID to the client, and adds the IP address of the client to the client mapping table.
  • the AID mapping relationship replaces the source address and the destination address of the IP packet with the AID of the client and the AID of the target server, and sends the IP packet to the target server.
  • the steps of implementing data transmission by the different network access gateway include:
  • the target server After receiving the IP data packet, the target server sends a response data packet to the client, where the destination address of the response data packet is the AID of the client, and the source address is the AID of the target server;
  • the alien network access gateway After receiving the response packet, the alien network access gateway searches the server mapping table and the client mapping table for the IP address of the target server and the client according to the source address and the destination address respectively; the source address and the destination address of the response packet. Replace with the IP address of the target server and client found, and send the response packet to the client.
  • the steps for the alien network access gateway to send the IP data packet to the target server include:
  • the alien network access gateway searches the mapping plane in the identity location separation network to find the RID corresponding to the AID of the target server, and sends the IP data packet to the target server according to the RID.
  • the method also includes:
  • the step of the client sending the IP data packet to the different network access gateway includes: the client sending, by the DNS server, the IP address of the domain name to the target server to the different network access gateway, the DNS The server resolves the domain name that points to the target server to the IP address of the target server.
  • the present invention also provides another data transmission method for implementing client access in a traditional network to a service server in an identity location separation network, including:
  • the AID of the client is temporarily allocated by the alien access gateway after receiving the IP packet.
  • the present invention further provides another data transmission method for implementing client access to a service server in an identity separation network in a traditional network, including:
  • the alien network access gateway between the traditional network and the identity location separation network replaces the source address and the destination address of the response packet with the target server respectively. And the client's IP address, and send the response packet to the client.
  • the present invention also provides a data transmission system, including: an identity location separation network, an alien network access gateway, and a legacy network, where the alien network access gateway is disposed between the identity location separation network and the legacy network, where:
  • the service server in the identity location separation network is configured with an identity (AID) and an IP address in the legacy network;
  • the server mapping table and the client mapping table are configured in the different network access gateways.
  • the mapping between the AID and the IP address of the service server is recorded in the server mapping table.
  • the client mapping table is used to record the mapping between the AID and the IP address of the client. .
  • the alien network access gateway is configured to: implement data transmission between the client in the traditional network and the service server in the identity location separated network according to the server mapping table and the client mapping table.
  • the present invention also provides another data transmission system, including: an identity location separation network, a different network connection In the gateway and the traditional network, the alien network access gateway is set between the identity location separation network and the traditional network, where:
  • the alien network access gateway is configured to: after receiving the IP data packet of the client, replace the source address and the destination address of the IP data packet with the AID of the client and the AID of the target server, respectively, and send the IP data packet to Target server.
  • the alien network access gateway is further configured to: after receiving the IP data packet, first look up the AID corresponding to the IP address of the target server from the pre-configured server mapping table according to the destination address, and assign the AID to the client, which is pre-configured.
  • the mapping between the IP address of the client and the AID is added to the client mapping table, and then the source address and the destination address of the IP packet are replaced with the AID of the client and the AID of the target server, respectively.
  • the present invention further provides another data transmission system, including: an identity location separation network, a different network access gateway, and a legacy network, where the alien network access gateway is disposed between the identity location separation network and the legacy network, where:
  • the identity location separation network includes a service server, and the service server is configured to: when used as a target server, after receiving the IP data packet, send the response data packet to the client in the traditional network, and the destination address of the response data packet is The AID of the client, the source address is the AID of the target server; the alien access gateway is set to: the source address and destination of the response packet after receiving the response packet sent by the target server in the identity location separation network
  • the addresses are replaced with the IP addresses of the target server and the client, and the response packets are sent to the client.
  • the alien network access gateway is further configured to: after receiving the response data packet, first find the IP addresses of the target server and the client from the pre-configured server mapping table and the client mapping table according to the source address and the destination address, and then Replace the source and destination addresses of the responding packet with the IP addresses of the target server and client respectively.
  • the present invention also provides an access gateway, which is used to implement client access to a service server in an identity location separation network in a traditional network, including: an address maintenance unit, an address mapping unit, and a number According to the sending unit, where:
  • the address maintenance unit is configured to: configure a server mapping table and a client mapping table, wherein the server mapping table records the mapping relationship between the identity identifier (AID) of the service server and the IP address in the identity separation network; the client mapping table is used to record The mapping relationship between the AID and the IP address of the client in the traditional network;
  • the address maintenance unit is further configured to be a client-assigned AID in the traditional network, and add a mapping relationship between the client's IP address and the AID in the client mapping table;
  • the address mapping unit is configured to perform address mapping conversion by: after receiving the IP data packet of the client in the traditional network, replacing the source address and the destination address of the IP data packet with the address maintenance unit respectively for the client.
  • the AID and identity location separate the AID of the target server in the network.
  • the address mapping unit is further configured to: after receiving the IP data packet, first look up the AID corresponding to the IP address of the target server from the server mapping table according to the destination address, and look up the AID corresponding to the IP address of the client from the client mapping table, and then The source address and destination address of the IP packet are replaced with the AID of the client and the AID of the target server, respectively.
  • the address mapping unit is configured to convert the address in the data packet by: after receiving the data packet of the response sent by the service server serving as the target server in the identity location separation network, the source address of the data packet of the response And the destination address is replaced with the IP address of the target server and client respectively.
  • the address mapping unit is further configured to: after receiving the response data packet, first find the IP address of the target server and the client from the server mapping table and the client mapping table according to the source address and the destination address, and then respond to the data packet.
  • the source and destination addresses are replaced with the IP addresses of the target server and client respectively.
  • the present invention sets up a different network connection between a traditional network and an identity location separation network.
  • the access gateway has a dual address of an IP address and an AID, so that a client in the traditional network can access a service server in a specific identity location separation network, as long as the service server in the identity location separation network is connected in a different network.
  • the IP address can be configured in the gateway to meet the needs of the identity separation network and the traditional network mutual access.
  • FIG. 1 is an architectural diagram of an existing identity location separation network
  • FIG. 2 is an architectural diagram of a data transmission system according to an embodiment of the present invention.
  • FIG. 6 is a schematic diagram of a target server transmitting data to a client in the data transmission method according to the embodiment
  • FIG. 7 is a schematic diagram of an access gateway according to an embodiment of the present invention.
  • the present embodiment provides a method for a traditional network client to access an application server in an identity separation location network.
  • a traditional network client can access an application server in an identity and location separation network through the gateway.
  • the gateway to be deployed is referred to as an alien network access gateway, and the alien network access gateway is simultaneously interconnected with the traditional IP network and the identity location separation network; the heterogeneous network access gateway is configured with resources for accessing the identity location separation network, including the client.
  • the alien network access gateway is located at the edge of the traditional IP network and the identity separation network. The service access of the two networks needs to pass through the gateway.
  • the alien network access gateway has at least two network addresses, which are the IP address in the traditional IP network and the RID in the identity location separation network.
  • the gateway can access the two networks at the same time, and the address domains of the two addresses cannot conflict with each other.
  • Service server in the identity location separation network through the alien network access network The closed RID sends the data to the alien access gateway.
  • the client in the traditional network sends the data to the alien access gateway through the IP address of the alien access gateway.
  • a server mapping table needs to be configured on the gateway to record the mapping between the AID and the IP address of the service server in the identity separation network, and configure the client mapping table to record the IP of the traditional network client.
  • the mapping relationship between the address and the AID is not limited to:
  • Figure 3 shows a server mapping table, which is a mapping relationship between the AID of the service server in the identity separation network and the IP address in the traditional network. If each application server allows the traditional network to access it, then It needs to be assigned an IP address on the alien access gateway. The IP address is statically related to the AID. Knowing the IP address knows the AID and vice versa.
  • Figure 4 shows the client mapping table, which is the address mapping table used by the traditional network client to access the identity location to separate the network.
  • the traditional network client accesses the identity and separates the network, it needs an AID.
  • the AID can be temporarily allocated to the user on the gateway. It can also be bound to establish the corresponding relationship between the IP address of the client and the AID used by the client. An IP address corresponds to an AID.
  • the disadvantage of binding is that when the traditional network client does not access the identity location and separates the network, its AID cannot be used by other clients, and the AID is wasted.
  • the gateway temporarily allocates the AID to the traditional network client, after the client accesses the identity location and separates the service on the network, the AID can be used by other clients, which can reduce the number of AIDs on the gateway.
  • the destination address is the IP address of the service server.
  • the user can directly input the IP address or obtain the IP address of the service server according to the DNS (Domain Name System) server.
  • the different network access gateway searches the server mapping table to obtain the AID (destination AID) corresponding to the IP address; and assigns an AID (source AID) to the traditional network client; After the two AIDs, the IP packet sent by the traditional network client can be modified by the header, and the source IP address and the destination IP address are replaced with the source AID and the destination AID respectively; and the IP packet is sent to the target server.
  • the alien network access gateway After receiving the data packet returned by the target server, the alien network access gateway finds the corresponding source IP address and destination IP address from the mapping table, and then modifies the address of the packet header, and then sends the packet to the traditional network client to complete the service access. process.
  • the traditional network client access identity location separation business server In order to realize the traditional network client access identity location separation business server on the network, the following conditions are required:
  • the service server in the identity location separation network is assigned an IP address corresponding to the legacy network, and the AID in the identity location separation network is also assigned.
  • the DNS server is configured with a mapping between the server domain name and the IP address.
  • the server pointed to by the IP address is in the identity separation network.
  • the user can access the server through the DNS server and the server domain name.
  • the DNS is used. You do not need to configure the mapping between the server domain name and IP address on the server.
  • the server mapping table and the client mapping table must be configured on the different network access gateway.
  • the server mapping table is a mapping relationship between the AID of the service server in the identity separation network and the corresponding IP address in the traditional network;
  • the client mapping table is The client address mapping relationship table used by the traditional terminal to access the identity of the server on the network.
  • Figure 5 shows the traditional network client accessing the identity server to separate the service servers in the network.
  • the process of the traditional network client sending IP packets to the servers in the identity location separation network includes the following steps:
  • Step 501 The traditional network client initiates a service request, and sends an IP data packet to the alien network access gateway.
  • the source address of the IP data packet is an IP address of the traditional network client, and the destination address is an IP address of the target server.
  • Step 502 After receiving the IP data packet, the alien network access gateway searches the server mapping table according to the destination address, and finds the AID corresponding to the IP address of the target server.
  • Step 503 The alien network access gateway allocates an AID to the traditional network client, and adds a correspondence between the IP address of the traditional network client and the AID in the client mapping table.
  • Step 504 The alien network access gateway replaces the source address and the destination address of the IP data packet with the AID allocated by the traditional network client and the AID of the found target server.
  • Step 505 The alien network access gateway separates the mapping plane in the network from the identity location to find the RID corresponding to the destination AID, and sends the IP data packet to the target server.
  • the traditional network client accesses the identity server in the location separation network.
  • the method, the process in the server in the identity location separation network sending the IP data packet to the traditional network client includes the following steps:
  • Step 602 After receiving the data packet of the target server, the different network access gateway searches the server mapping table and the client mapping table according to the source address and the destination address respectively, and obtains the IP address of the target server and the IP address of the traditional network client.
  • Step 603 The alien network access gateway replaces the source address and the destination address of the data packet of the target server with the IP address of the found target server and the IP address of the traditional network client.
  • Step 604 The alien network access gateway sends the response packet sent by the target server to the traditional network client through the traditional IP network.
  • the access gateway of the embodiment of the present invention includes: an address maintenance unit, an address mapping unit, and a data sending unit, where:
  • the address maintenance unit is configured to: configure a server mapping table and a client mapping table, where the mapping relationship between the identity identifier (AID) of the service server and the IP address in the identity separation location network is recorded in the server mapping table; the traditional network is recorded in the client mapping table.
  • the address mapping unit is configured to: convert the data packet according to the server mapping table and the client mapping table;
  • the data sending unit is configured to: send the data packet converted by the address mapping unit to the address mapping to the service server in the identity separation network or the client in the legacy network.
  • the present invention also provides a data transmission system, including a legacy network, an identity location separation network, and an alien network access network, wherein the functions of the respective devices are specifically described above.
  • modules and steps of the present invention may be Implemented by a general-purpose computing device, which may be centralized on a single computing device or distributed over a network of computing devices, optionally, they may be implemented by program code executable by the computing device, such that They may be stored in a storage device by a computing device, or they may be fabricated into individual integrated circuit modules, or their multiple modules or steps may be implemented as a single integrated circuit module.
  • a general-purpose computing device which may be centralized on a single computing device or distributed over a network of computing devices, optionally, they may be implemented by program code executable by the computing device, such that They may be stored in a storage device by a computing device, or they may be fabricated into individual integrated circuit modules, or their multiple modules or steps may be implemented as a single integrated circuit module.
  • the invention is not limited to any specific combination of hardware and software.
  • the present invention sets an alien network access gateway between the traditional network and the identity location separation network, so that the client in the traditional network can access the service server in the specific identity location separation network, and the identity is satisfied.

Landscapes

  • Engineering & Computer Science (AREA)
  • Multimedia (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

Disclosed are a method and system for data transmission, and an access gateway. An isomerous network access gateway is configured between a network with separated identity and location and a traditional network, and a traditional network IP address is configured for a traffic server in the network with separated identity and location; a server mapping table and a client mapping table are configured in the isomerous network access gateway, and the server mapping table records the mapping relationship between the access identity (AID) and the IP address of the traffic server; the client mapping table records the relationship between the AID and the IP address of the client; and on the basis of the server mapping table and the client mapping table, the isomerous network access gateway realizes data transmission between the client in the traditional network and the traffic server in the network with separated identity and location. The present invention makes it possible for the client in a traditional network to access the traffic server in a specific network with separated identity and location by providing an isomerous network access gateway between the traditional network and the network with separated identity and location.

Description

一种数据传输方法、 系统及接入网关  Data transmission method, system and access gateway
技术领域 Technical field
本发明涉及身份位置分离网络, 尤其涉及一种数据传输方法、 系统及接 入网关。  The present invention relates to an identity location separation network, and more particularly to a data transmission method, system, and access gateway.
背景技术 Background technique
现有因特网广泛使用的 TCP/IP协议中的 IP地址具有双重功能, 既作为 网络层的通信终端主机网络接口在网络拓朴中的位置标识, 又作为传输层主 机网络接口的身份标识。 TCP/IP协议设计之初并未考虑主机移动的情况。 但 是, 当主机移动越来越普遍时, 这种 IP地址的语义过载缺陷日益明显。 当主 机的 IP地址发生变化时, 不仅路由要发生变化, 通信终端主机的身份标识也 发生变化, 这样会导致路由负载越来越重, 而且主机标识的变化会导致应用 和连接的中断。  The IP address in the TCP/IP protocol widely used in the existing Internet has a dual function, which serves as both the location identifier of the communication terminal host network interface of the network layer in the network topology and the identity of the transport layer host network interface. The TCP/IP protocol was not designed at the beginning of the host. However, when host mobility is becoming more common, the semantic overload defects of such IP addresses are becoming increasingly apparent. When the IP address of the host changes, not only the route changes, but also the identity of the communication terminal host changes. This causes the routing load to become heavier and heavy, and the change of the host identity causes the application and connection to be interrupted.
身份标识和位置分离问题提出的目的是为了解决 IP地址的语义过载和路 由负载严重, 安全等问题, 将 IP地址的双重功能进行分离, 实现对移动性、 多家乡性、 IP地址动态重分配、 减轻路由负载及下一代互联网中不同网络区 域之间的互访等问题的支持。  The purpose of identification and location separation is to solve the problem of semantic overload of IP address and serious routing load, security, etc., to separate the dual functions of IP address, realize dynamic redistribution of mobility, multiple townships, and IP addresses. Support for mitigating routing load and mutual visits between different network areas in the next generation Internet.
基于 IP网络路由器的实现方法是有关身份标识和位置分离的解决方案之 一, 其网络框架如图 1所示, 图中每个网元的逻辑功能如下:  The implementation method based on IP network router is one of the solutions for identity identification and location separation. The network framework is shown in Figure 1. The logical functions of each network element in the figure are as follows:
接入支持节点 (ASN), 接入支持节点负责为各种移动终端提供接入服务, 为接入的用户分配用户身份标识 (AID)和路由位置标识 (RID), 并将用户的数 据 "^文进行标识封装后在核心网中传输。  An access support node (ASN), which is responsible for providing access services for various mobile terminals, assigning user identity (AID) and routing location identifier (RID) to the accessed users, and the user's data "^ The text is encapsulated and transmitted in the core network.
映射平面, 主要负责维护网络中用户身份标识和路由位置标识的映射关 系, 并向 ASN和其它映射服务器提供查询服务。 映射平面由多个身份位置寄 存器(ILR )组成, 在 ASN查询通信对端位置过程中, 如果 ASN本地没有通 信对端的路由位置信息, 就通过映射平面去查找。  The mapping plane is mainly responsible for maintaining the mapping relationship between the user identity and the routing location identifier in the network, and providing query services to the ASN and other mapping servers. The mapping plane is composed of multiple identity location registers (ILRs). In the process of querying the communication peer location by the ASN, if the ASN does not have the routing location information of the communication peer locally, it searches through the mapping plane.
认证中心, 负责记录用户类别、 用户服务等级等信息, 在用户接入时对 用户进行合法性认证和授权。 认证中心支持网络与用户间的双向鉴权。 The certification center is responsible for recording user categories, user service levels, etc., when the user accesses The user performs legality authentication and authorization. The Certification Authority supports two-way authentication between the network and the user.
IP骨干网,是 ASN之间的互联网络,主要功能是根据数据报文中的路由 位置标识进行选路和转发数据报文,把 ASN发出的数据报文转发到正确的目 的地; IP网络由核心交换路由器(CSR )组成。 与现有的 IP网络是一样的, 不需要进行任何修改。  The IP backbone network is an interconnection network between ASNs. The main function is to route and forward data packets according to the routing location identifier in the data packet, and forward the data packets sent by the ASN to the correct destination. The core switching router (CSR) is composed of. It is the same as the existing IP network and does not require any modifications.
互通网关(ISN ) , 是身份位置分离网络与其他网络的互通节点, 两类不 同的网络必须通过 ISN进行互相通信。  An Interworking Gateway (ISN) is an interworking node between an identity separation network and other networks. Two different types of networks must communicate with each other through the ISN.
无线网络, 负责提供并维护用户终端到 ASN之间的二层链路, 在蜂窝移 动网络中, 负责无线资源分配和管理等功能。 此处的无线网络可以是 WCDMA, TD-SCDMA, CDMA2000或长期演进系统 LTE等无线网络。  The wireless network is responsible for providing and maintaining the Layer 2 link between the user terminal and the ASN. In the cellular mobile network, it is responsible for wireless resource allocation and management functions. The wireless network herein may be a wireless network such as WCDMA, TD-SCDMA, CDMA2000 or Long Term Evolution (LTE).
在 ASN上为每个本地接入的移动终端( MN )保存所有的通信对端( CN ) 的信息, 移动终端的位置发生变化时, 新的 ASN会将终端的路由位置标识通 知给通信对端所在的 ASN,通信对端有很多时, 需要通知到每个 CN, 保证各 个 CN能够将数据报文发送给正确的 ASN。  All the communication peers (CNs) are saved on the ASN for each locally accessed mobile terminal (MN). When the location of the mobile terminal changes, the new ASN notifies the communication peer of the terminal's routing location identifier. When there is a large number of communication peers, you need to notify each CN to ensure that each CN can send data packets to the correct ASN.
为了充分利用现有骨干网络, ASN之间的数据包是标准的 IP包,保证可 以在 IP骨干网络上进行路由。  In order to make full use of the existing backbone network, the data packets between the ASNs are standard IP packets, which can be routed on the IP backbone network.
发明内容 Summary of the invention
本发明的目的是提供一种数据传输方法、 系统及接入网关, 实现传统网 络与身份位置分离网络的互通。  It is an object of the present invention to provide a data transmission method, system and access gateway for interworking between a legacy network and an identity location separation network.
为解决上述技术问题, 本发明的一种数据传输方法, 包括: 在身份位置 分离网络与传统网络之间配置异网接入网关, 为身份位置分离网络中的业务 服务器配置传统网络中的 IP地址;  To solve the above technical problem, a data transmission method of the present invention includes: configuring an alien network access gateway between an identity location separation network and a legacy network, and configuring an IP address in a legacy network for a service server in the identity location separation network. ;
在异网接入网关中配置服务器映射表和客户端映射表, 服务器映射表中 记录业务服务器的身份标识 (AID)与 IP地址的映射关系; 客户端映射表用来 记录客户端的 AID与 IP地址的映射关系; 以及  The server mapping table and the client mapping table are configured in the different network access gateway, and the mapping relationship between the identity identifier (AID) of the service server and the IP address is recorded in the server mapping table; the client mapping table is used to record the AID and the IP address of the client. Mapping relationship;
异网接入网关根据服务器映射表和客户端映射表, 实现传统网络中的客 户端与身份位置分离网络中的业务服务器的数据传输。 异网接入网关配置有对应传统网络的 IP地址和对应身份位置分离网络的 路由位置标识 (RID),身份位置分离网络中的业务服务器通过 RID将数据发送 给异网接入网关,传统网络中的客户端通过异网接入网关的 IP地址将数据发 送给该异网接入网关。 The alien network access gateway implements data transmission between the client in the traditional network and the service server in the identity-separated network according to the server mapping table and the client mapping table. The alien network access gateway is configured with an IP address corresponding to the traditional network and a routing location identifier (RID) corresponding to the identity location separation network, and the service server in the identity location separation network sends the data to the alien network access gateway through the RID, in the traditional network. The client sends data to the alien access gateway through the IP address of the alien access gateway.
异网接入网关实现数据传输的步骤包括:  The steps for implementing data transmission by the different network access gateway include:
客户端向异网接入网关发送 IP数据包, 该 IP数据包的源地址为该客户 端的 IP地址, 目的地址为身份位置分离网络中作为目标服务器的业务服务器 的 IP地址; 以及  The client sends an IP data packet to the different network access gateway, where the source address of the IP data packet is the IP address of the client, and the destination address is the IP address of the service server serving as the target server in the identity location separation network;
异网接入网关接收到 IP数据包后,根据目的地址从服务器映射表中查找 目标服务器的 IP地址对应的 AID, 并为客户端分配 AID, 在客户端映射表中 添加该客户端的 IP地址与 AID的映射关系, 将 IP数据包的源地址和目的地 址分别替换为客户端的 AID和目标服务器的 AID,将该 IP数据包发送给目标 服务器。  After receiving the IP data packet, the different network access gateway searches the server mapping table for the AID corresponding to the IP address of the target server according to the destination address, and assigns an AID to the client, and adds the IP address of the client to the client mapping table. The AID mapping relationship replaces the source address and the destination address of the IP packet with the AID of the client and the AID of the target server, and sends the IP packet to the target server.
异网接入网关实现数据传输的步骤还包括:  The steps of implementing data transmission by the different network access gateway include:
目标服务器接收到 IP数据包后, 向客户端发送响应的数据包, 该响应的 数据包的目的地址为客户端的 AID, 源地址为该目标服务器的 AID;  After receiving the IP data packet, the target server sends a response data packet to the client, where the destination address of the response data packet is the AID of the client, and the source address is the AID of the target server;
异网接入网关接收到响应的数据包后, 根据源地址和目的地址分别从服 务器映射表和客户端映射表中查找目标服务器和客户端的 IP地址; 将响应的 数据包的源地址和目的地址分别替换为查找到的目标服务器和客户端的 IP地 址, 并将该响应的数据包发送给客户端。  After receiving the response packet, the alien network access gateway searches the server mapping table and the client mapping table for the IP address of the target server and the client according to the source address and the destination address respectively; the source address and the destination address of the response packet. Replace with the IP address of the target server and client found, and send the response packet to the client.
异网接入网关将 IP数据包发送给目标服务器的步骤包括:  The steps for the alien network access gateway to send the IP data packet to the target server include:
异网接入网关从身份位置分离网络中的映射平面查找目标服务器的 AID 对应的 RID , 根据该 RID将 IP数据包发送给目标服务器。  The alien network access gateway searches the mapping plane in the identity location separation network to find the RID corresponding to the AID of the target server, and sends the IP data packet to the target server according to the RID.
该方法还包括:  The method also includes:
在传统网络中的域名系统 (DNS)服务器上配置身份位置分离网络中的业 务服务器的域名与 IP地址的对应关系;  Configuring a correspondence between a domain name and an IP address of the service server in the identity separation server on the Domain Name System (DNS) server in the traditional network;
客户端向所述异网接入网关发送 IP数据包的步骤包括: 客户端通过该 DNS服务器向异网接入网关发送域名指向目标服务器的 IP数据包, 该 DNS 服务器将指向目标服务器的域名解析为该目标服务器的 IP地址。 本发明还提供另一种数据传输方法, 用以实现传统网络中的客户端对身 份位置分离网络中的业务服务器的访问, 包括: The step of the client sending the IP data packet to the different network access gateway includes: the client sending, by the DNS server, the IP address of the domain name to the target server to the different network access gateway, the DNS The server resolves the domain name that points to the target server to the IP address of the target server. The present invention also provides another data transmission method for implementing client access in a traditional network to a service server in an identity location separation network, including:
传统网络与身份位置分离网络之间的异网接入网关接收到客户端的 IP数 据包后,将该 IP数据包的源地址和目的地址分别替换为客户端的 AID和目标 服务器的 AID , 并将该 IP数据包发送给目标服务器。  After receiving the IP data packet of the client, the alien network access gateway between the traditional network and the identity location separation network replaces the source address and the destination address of the IP data packet with the AID of the client and the AID of the target server, respectively, and The IP packet is sent to the target server.
客户端的 AID是异网接入网关在接收到 IP数据包之后临时分配的。 本发明还提供另一种数据传输方法, 用以实现传统网络中的客户端对身 份位置分离网络中的业务服务器的访问, 包括:  The AID of the client is temporarily allocated by the alien access gateway after receiving the IP packet. The present invention further provides another data transmission method for implementing client access to a service server in an identity separation network in a traditional network, including:
传统网络与身份位置分离网络之间的异网接入网关接收到身份位置分离 网络中的目标服务器发送的响应的数据包后, 将该响应的数据包的源地址和 目的地址分别替换为目标服务器和客户端的 IP地址, 并将该响应的数据包发 送给客户端。  After receiving the data packet sent by the target server in the identity separation network, the alien network access gateway between the traditional network and the identity location separation network replaces the source address and the destination address of the response packet with the target server respectively. And the client's IP address, and send the response packet to the client.
本发明还提供一种数据传输系统, 包括: 身份位置分离网络、 异网接入 网关和传统网络, 异网接入网关设置在身份位置分离网络与传统网络之间, 其中:  The present invention also provides a data transmission system, including: an identity location separation network, an alien network access gateway, and a legacy network, where the alien network access gateway is disposed between the identity location separation network and the legacy network, where:
身份位置分离网络中的业务服务器配置有身份标识 (AID)以及传统网络 中的 IP地址;  The service server in the identity location separation network is configured with an identity (AID) and an IP address in the legacy network;
异网接入网关中配置有服务器映射表和客户端映射表, 服务器映射表中 记录有业务服务器的 AID与 IP地址的映射关系;客户端映射表用来记录客户 端的 AID与 IP地址的映射关系。  The server mapping table and the client mapping table are configured in the different network access gateways. The mapping between the AID and the IP address of the service server is recorded in the server mapping table. The client mapping table is used to record the mapping between the AID and the IP address of the client. .
异网接入网关设置成: 根据服务器映射表和客户端映射表, 实现传统网 络中的客户端与身份位置分离网络中的业务服务器的数据传输。  The alien network access gateway is configured to: implement data transmission between the client in the traditional network and the service server in the identity location separated network according to the server mapping table and the client mapping table.
异网接入网关配置有对应传统网络的 IP地址和对应身份位置分离网络的 路由位置标识 (RID), 身份位置分离网络中的业务服务器通过 RID, 将数据发 送给异网接入网关, 传统网络中的客户端通过异网接入网关的 IP地址, 将数 据发送给该异网接入网关。  The alien network access gateway is configured with an IP address corresponding to the traditional network and a routing location identifier (RID) corresponding to the identity location separation network, and the service server in the identity location separation network sends the data to the alien network access gateway through the RID, the traditional network. The client in the middle sends the data to the different access gateway through the IP address of the access gateway of the different network.
本发明还提供另一种数据传输系统, 包括: 身份位置分离网络、 异网接 入网关和传统网络,异网接入网关设置在身份位置分离网络与传统网络之间 , 其中: The present invention also provides another data transmission system, including: an identity location separation network, a different network connection In the gateway and the traditional network, the alien network access gateway is set between the identity location separation network and the traditional network, where:
传统网络包括客户端,该客户端设置成:向异网接入网关发送 IP数据包, 该 IP数据包的源地址为该客户端的 IP地址, 目的地址为身份位置分离网络 中的目标服务器的 IP地址;  The traditional network includes a client, and the client is configured to: send an IP data packet to the different network access gateway, the source address of the IP data packet is the IP address of the client, and the destination address is the IP address of the target server in the identity location separation network. Address
异网接入网关设置成: 在接收到客户端的 IP数据包后, 将该 IP数据包 的源地址和目的地址分别替换为该客户端的 AID和目标服务器的 AID , 并将 该 IP数据包发送给目标服务器。  The alien network access gateway is configured to: after receiving the IP data packet of the client, replace the source address and the destination address of the IP data packet with the AID of the client and the AID of the target server, respectively, and send the IP data packet to Target server.
异网接入网关还设置成: 在接收到 IP数据包后, 先根据目的地址从预先 配置的服务器映射表中查找目标服务器的 IP地址对应的 AID, 并为客户端分 配 AID,在预先配置的客户端映射表中添加该客户端的 IP地址与 AID的映射 关系,然后才将 IP数据包的源地址和目的地址分别替换为客户端的 AID和目 标服务器的 AID。  The alien network access gateway is further configured to: after receiving the IP data packet, first look up the AID corresponding to the IP address of the target server from the pre-configured server mapping table according to the destination address, and assign the AID to the client, which is pre-configured. The mapping between the IP address of the client and the AID is added to the client mapping table, and then the source address and the destination address of the IP packet are replaced with the AID of the client and the AID of the target server, respectively.
本发明还提供另一种数据传输系统, 包括: 身份位置分离网络、 异网接 入网关和传统网络,异网接入网关设置在身份位置分离网络与传统网络之间, 其中:  The present invention further provides another data transmission system, including: an identity location separation network, a different network access gateway, and a legacy network, where the alien network access gateway is disposed between the identity location separation network and the legacy network, where:
身份位置分离网络包括业务服务器, 该业务服务器设置成: 在用作目标 服务器时, 接收到 IP数据包后, 向传统网络中的客户端发送响应的数据包, 该响应的数据包的目的地址为客户端的 AID,源地址为该目标服务器的 AID; 异网接入网关设置成: 在接收到身份位置分离网络中的目标服务器发送 的响应的数据包后, 将响应的数据包的源地址和目的地址分别替换为目标服 务器和客户端的 IP地址, 并将该响应的数据包发送给客户端。 异网接入网关还设置成: 在接收到响应的数据包后, 先根据源地址和目 的地址分别从预先配置的服务器映射表和客户端映射表中查找目标服务器和 客户端的 IP地址, 然后才将响应的数据包的源地址和目的地址分别替换为目 标服务器和客户端的 IP地址。  The identity location separation network includes a service server, and the service server is configured to: when used as a target server, after receiving the IP data packet, send the response data packet to the client in the traditional network, and the destination address of the response data packet is The AID of the client, the source address is the AID of the target server; the alien access gateway is set to: the source address and destination of the response packet after receiving the response packet sent by the target server in the identity location separation network The addresses are replaced with the IP addresses of the target server and the client, and the response packets are sent to the client. The alien network access gateway is further configured to: after receiving the response data packet, first find the IP addresses of the target server and the client from the pre-configured server mapping table and the client mapping table according to the source address and the destination address, and then Replace the source and destination addresses of the responding packet with the IP addresses of the target server and client respectively.
本发明还提供一种接入网关, 用以实现传统网络中的客户端对身份位置 分离网络中的业务服务器的访问, 包括: 地址维护单元、 地址映射单元和数 据发送单元, 其中: The present invention also provides an access gateway, which is used to implement client access to a service server in an identity location separation network in a traditional network, including: an address maintenance unit, an address mapping unit, and a number According to the sending unit, where:
地址维护单元设置成: 配置服务器映射表和客户端映射表, 服务器映射 表中记录有身份位置分离网络中的业务服务器的身份标识 (AID)与 IP地址的 映射关系;客户端映射表用来记录传统网络中的客户端的 AID与 IP地址的映 射关系;  The address maintenance unit is configured to: configure a server mapping table and a client mapping table, wherein the server mapping table records the mapping relationship between the identity identifier (AID) of the service server and the IP address in the identity separation network; the client mapping table is used to record The mapping relationship between the AID and the IP address of the client in the traditional network;
地址映射单元设置成: 根据服务器映射表和客户端映射表, 将数据包中 数据发送单元设置成: 将地址映射单元完成映射转换的数据包发送给身 份位置分离网络中的用作目标服务器的业务服务器或传统网络中的客户端。  The address mapping unit is configured to: set, according to the server mapping table and the client mapping table, the data sending unit in the data packet to: send the data packet that the address mapping unit completes the mapping conversion to the service used as the target server in the identity location separation network. Client in a server or traditional network.
地址维护单元还设置成为传统网络中的客户端分配 AID, 并在客户端映 射表中添加该客户端的 IP地址与 AID的映射关系;  The address maintenance unit is further configured to be a client-assigned AID in the traditional network, and add a mapping relationship between the client's IP address and the AID in the client mapping table;
地址映射单元是设置成通过如下方式进行地址映射转换: 在接收到传统 网络中的客户端的 IP数据包后, 将该 IP数据包的源地址和目的地址分别替 换为地址维护单元为客户端分配的 AID和身份位置分离网络中的目标服务器 的 AID。  The address mapping unit is configured to perform address mapping conversion by: after receiving the IP data packet of the client in the traditional network, replacing the source address and the destination address of the IP data packet with the address maintenance unit respectively for the client The AID and identity location separate the AID of the target server in the network.
地址映射单元还设置成: 在接收到 IP数据包后, 先根据目的地址从服务 器映射表中查找目标服务器的 IP地址对应的 AID,从客户端映射表中查找客 户端的 IP地址对应的 AID , 然后才将 IP数据包的源地址和目的地址分别替 换为客户端的 AID和目标服务器的 AID。  The address mapping unit is further configured to: after receiving the IP data packet, first look up the AID corresponding to the IP address of the target server from the server mapping table according to the destination address, and look up the AID corresponding to the IP address of the client from the client mapping table, and then The source address and destination address of the IP packet are replaced with the AID of the client and the AID of the target server, respectively.
地址映射单元是设置成将数据包中的地址通过如下方式进行转换: 在接 收到身份位置分离网络中用作目标服务器的业务服务器发送的响应的数据包 后, 将该响应的数据包的源地址和目的地址分别替换为目标服务器和客户端 的 IP地址。  The address mapping unit is configured to convert the address in the data packet by: after receiving the data packet of the response sent by the service server serving as the target server in the identity location separation network, the source address of the data packet of the response And the destination address is replaced with the IP address of the target server and client respectively.
地址映射单元还设置成: 在接收到响应的数据包后, 先根据源地址和目 的地址分别从服务器映射表和客户端映射表中查找目标服务器和客户端的 IP 地址, 然后才将响应的数据包的源地址和目的地址分别替换为目标服务器和 客户端的 IP地址。  The address mapping unit is further configured to: after receiving the response data packet, first find the IP address of the target server and the client from the server mapping table and the client mapping table according to the source address and the destination address, and then respond to the data packet. The source and destination addresses are replaced with the IP addresses of the target server and client respectively.
综上所述, 本发明通过在传统网络与身份位置分离网络之间设置异网接 入网关,该接入网关具备 IP地址与 AID的双重地址,使传统网络中的客户端 可以访问特定的身份位置分离网络中的业务服务器, 只要该身份位置分离网 络中的业务服务器在异网接入网关中配置了 IP地址即可, 满足身份位置分离 网络与传统网络互访的需要。 In summary, the present invention sets up a different network connection between a traditional network and an identity location separation network. Entering the gateway, the access gateway has a dual address of an IP address and an AID, so that a client in the traditional network can access a service server in a specific identity location separation network, as long as the service server in the identity location separation network is connected in a different network. The IP address can be configured in the gateway to meet the needs of the identity separation network and the traditional network mutual access.
附图概述 BRIEF abstract
图 1为现有的身份位置分离网络的架构图;  1 is an architectural diagram of an existing identity location separation network;
图 2为本实施方式的数据传输系统的架构图;  2 is an architectural diagram of a data transmission system according to an embodiment of the present invention;
图 3为本实施方式中的异网接入网关中的服务器映射表的示意图; 图 4为本实施方式中的异网接入网关中的客户端映射表的示意图; 图 5为本实施方式的数据传输方法中客户端向目标服务器发送数据的示 意图;  3 is a schematic diagram of a server mapping table in an alien network access gateway according to the embodiment; FIG. 4 is a schematic diagram of a client mapping table in an alien network access gateway according to the embodiment; A schematic diagram of a client transmitting data to a target server in a data transmission method;
图 6为本实施方式的数据传输方法中目标服务器向客户端发送数据的示 意图;  6 is a schematic diagram of a target server transmitting data to a client in the data transmission method according to the embodiment;
图 7为本实施方式的接入网关的示意图。  FIG. 7 is a schematic diagram of an access gateway according to an embodiment of the present invention.
本发明的较佳实施方式 Preferred embodiment of the invention
本实施方式提出了一种传统网络客户端访问身份位置分离网络中的应用 服务器的方法, 通过部署网关, 使传统网络客户端可以通过该网关访问身份 和位置分离网络中的应用服务器。 下面将部署的网关称为异网接入网关, 异 网接入网关与传统 IP网络和身份位置分离网络同时互联; 在异网接入网关中 配置有访问身份位置分离网络的资源, 包括客户端标识的管理和转换、 路由 管理和计费信息的收集等功能。  The present embodiment provides a method for a traditional network client to access an application server in an identity separation location network. By deploying a gateway, a traditional network client can access an application server in an identity and location separation network through the gateway. The gateway to be deployed is referred to as an alien network access gateway, and the alien network access gateway is simultaneously interconnected with the traditional IP network and the identity location separation network; the heterogeneous network access gateway is configured with resources for accessing the identity location separation network, including the client. The management and conversion of identification, routing management, and collection of billing information.
如图 2所示,异网接入网关位于传统 IP网络与身份位置分离网络的边缘, 这两个网络进行的业务访问, 需经过此网关。  As shown in Figure 2, the alien network access gateway is located at the edge of the traditional IP network and the identity separation network. The service access of the two networks needs to pass through the gateway.
异网接入网关至少具有两个网络地址, 分别是传统 IP网络中的 IP地址 以及身份位置分离网络中的 RID, 该网关能够同时访问两个网络, 两个地址 的地址域不能相互冲突。 身份位置分离网络中的业务服务器通过异网接入网 关的 RID, 将数据发送给异网接入网关, 传统网络中的客户端通过异网接入 网关的 IP地址, 将数据发送给异网接入网关。 The alien network access gateway has at least two network addresses, which are the IP address in the traditional IP network and the RID in the identity location separation network. The gateway can access the two networks at the same time, and the address domains of the two addresses cannot conflict with each other. Service server in the identity location separation network through the alien network access network The closed RID sends the data to the alien access gateway. The client in the traditional network sends the data to the alien access gateway through the IP address of the alien access gateway.
为了通过异网接入网关进行通信, 在网关上需要配置服务器映射表, 记 录身份位置分离网络中的业务服务器的 AID与 IP地址的映射关系,并配置客 户端映射表, 记录传统网络客户端的 IP地址与 AID的映射关系。  In order to communicate through the external network access gateway, a server mapping table needs to be configured on the gateway to record the mapping between the AID and the IP address of the service server in the identity separation network, and configure the client mapping table to record the IP of the traditional network client. The mapping relationship between the address and the AID.
图 3所示为服务器映射表, 服务器映射表是身份位置分离网络中的业务 服务器的 AID与传统网络中的 IP地址的映射关系表,每个应用服务器如果允 许传统网络对它进行访问, 那么就需要在异网接入网关上给他分配一个 IP地 址 , 该 IP地址与 AID是静态关系 , 知道 IP地址就可以知道 AID , 反之亦然。  Figure 3 shows a server mapping table, which is a mapping relationship between the AID of the service server in the identity separation network and the IP address in the traditional network. If each application server allows the traditional network to access it, then It needs to be assigned an IP address on the alien access gateway. The IP address is statically related to the AID. Knowing the IP address knows the AID and vice versa.
图 4所示为客户端映射表, 客户端映射表是传统网络客户端访问身份位 置分离网络时所使用的地址映射关系表。 传统网络客户端访问身份位置分离 网络时, 本身需要一个 AID, 这个 AID可以是在网关上给用户临时分配的; 也可以绑定,建立客户端的 IP地址与该客户端使用的 AID的对应关系,一个 IP地址与一个 AID对应, 绑定的缺点在于传统网络客户端未访问身份位置分 离网络时, 其 AID不能给其他客户端使用, AID存在浪费的情况。 网关为传 统网络客户端临时分配 AID的情况下, 在客户端本次访问身份位置分离网络 上的业务结束以后, 该 AID可以给其他客户端使用, 可以减少网关上 AID的 数目。  Figure 4 shows the client mapping table, which is the address mapping table used by the traditional network client to access the identity location to separate the network. When the traditional network client accesses the identity and separates the network, it needs an AID. The AID can be temporarily allocated to the user on the gateway. It can also be bound to establish the corresponding relationship between the IP address of the client and the AID used by the client. An IP address corresponds to an AID. The disadvantage of binding is that when the traditional network client does not access the identity location and separates the network, its AID cannot be used by other clients, and the AID is wasted. When the gateway temporarily allocates the AID to the traditional network client, after the client accesses the identity location and separates the service on the network, the AID can be used by other clients, which can reduce the number of AIDs on the gateway.
传统网络客户端访问身份位置分离网络中的业务服务器时, 其目的地址 是业务服务器的 IP地址, 用户可以直接输入 IP地址也可以根据 DNS (域名 系统)服务器解析得到业务服务器的 IP地址。 传统网络客户端的数据发送到 异网接入网关时, 异网接入网关查找服务器映射表, 得到 IP地址对应的 AID (目的 AID ) ; 同时为传统网络客户端分配一个 AID (源 AID ) ; 得到两个 AID后, 可以对传统网络客户端发出的 IP 包进行包头的修改, 分别将源 IP 地址, 目的 IP地址替换为源 AID和目的 AID; 再将 IP包发送到目标服务器。 异网接入网关接收到目标服务器返回的数据包以后, 从上述映射表中找到对 应的源 IP地址和目的 IP地址, 进行报文头的地址修改, 再发送给传统网络 客户端, 完成业务访问过程。 为了实现传统网络客户端访问身份位置分离网络上的业务服务器, 需要 具备以下条件: When the traditional network client accesses the identity server to separate the service server in the network, the destination address is the IP address of the service server. The user can directly input the IP address or obtain the IP address of the service server according to the DNS (Domain Name System) server. When the data of the traditional network client is sent to the different network access gateway, the different network access gateway searches the server mapping table to obtain the AID (destination AID) corresponding to the IP address; and assigns an AID (source AID) to the traditional network client; After the two AIDs, the IP packet sent by the traditional network client can be modified by the header, and the source IP address and the destination IP address are replaced with the source AID and the destination AID respectively; and the IP packet is sent to the target server. After receiving the data packet returned by the target server, the alien network access gateway finds the corresponding source IP address and destination IP address from the mapping table, and then modifies the address of the packet header, and then sends the packet to the traditional network client to complete the service access. process. In order to realize the traditional network client access identity location separation business server on the network, the following conditions are required:
为身份位置分离网络中的业务月良务器分配传统网络对应的 IP地址, 同时 分配身份位置分离网络中的 AID。  The service server in the identity location separation network is assigned an IP address corresponding to the legacy network, and the AID in the identity location separation network is also assigned.
DNS服务器上配置有服务器域名与 IP地址的对应关系, 该 IP地址指向 的服务器处于身份位置分离网络中, 用户可以通过 DNS服务器, 使用服务器 域名访问服务器, 当然, 如果不需要使用域名, 则在 DNS服务器上无需配置 服务器域名与 IP地址的对应关系。  The DNS server is configured with a mapping between the server domain name and the IP address. The server pointed to by the IP address is in the identity separation network. The user can access the server through the DNS server and the server domain name. Of course, if the domain name is not required, the DNS is used. You do not need to configure the mapping between the server domain name and IP address on the server.
在异网接入网关上必须配置服务器映射表和客户端映射表, 服务器映射 表是身份位置分离网络中的业务服务器的 AID和传统网络中对应的 IP地址的 映射关系表; 客户端映射表是传统终端访问身份位置分离网络上的服务器时 所使用的客户端地址映射关系表。  The server mapping table and the client mapping table must be configured on the different network access gateway. The server mapping table is a mapping relationship between the AID of the service server in the identity separation network and the corresponding IP address in the traditional network; the client mapping table is The client address mapping relationship table used by the traditional terminal to access the identity of the server on the network.
图 5所示为传统网络客户端访问身份位置分离网络中的业务服务器的方 法,传统网络客户端向身份位置分离网络中的服务器发送 IP数据包的处理流 程包括如下步骤:  Figure 5 shows the traditional network client accessing the identity server to separate the service servers in the network. The process of the traditional network client sending IP packets to the servers in the identity location separation network includes the following steps:
步骤 501 : 传统网络客户端发起业务请求, 向异网接入网关发送 IP数据 包, 该 IP数据包的源地址为传统网络客户端的 IP地址, 目的地址为目标月良 务器的 IP地址;  Step 501: The traditional network client initiates a service request, and sends an IP data packet to the alien network access gateway. The source address of the IP data packet is an IP address of the traditional network client, and the destination address is an IP address of the target server.
步骤 502: 异网接入网关接收到 IP数据包后, 根据目的地址查找服务器 映射表, 查找到目标服务器的 IP地址对应的 AID;  Step 502: After receiving the IP data packet, the alien network access gateway searches the server mapping table according to the destination address, and finds the AID corresponding to the IP address of the target server.
步骤 503: 异网接入网关为传统网络客户端分配 AID, 在客户端映射表 中添加该传统网络客户端的 IP地址与 AID的对应关系;  Step 503: The alien network access gateway allocates an AID to the traditional network client, and adds a correspondence between the IP address of the traditional network client and the AID in the client mapping table.
步骤 504: 异网接入网关将 IP数据包的源地址和目的地址分别替换为传 统网络客户端分配的 AID和查找到的目标服务器的 AID;  Step 504: The alien network access gateway replaces the source address and the destination address of the IP data packet with the AID allocated by the traditional network client and the AID of the found target server.
步骤 505:异网接入网关从身份位置分离网络中的映射平面查找目的 AID 对应的 RID , 将 IP数据包发送给目标服务器。  Step 505: The alien network access gateway separates the mapping plane in the network from the identity location to find the RID corresponding to the destination AID, and sends the IP data packet to the target server.
如图 6所示为传统网络客户端访问身份位置分离网络中的业务服务器的 方法, 身份位置分离网络中的服务器向传统网络客户端发送 IP数据包的处理 流程包括如下步骤: As shown in FIG. 6, the traditional network client accesses the identity server in the location separation network. The method, the process in the server in the identity location separation network sending the IP data packet to the traditional network client includes the following steps:
步骤 601: 目标服务器接收到传统网络客户端的 IP数据包后, 进行业务 处理, 并向传统网络客户端发送响应的数据包, 该数据包的目的地址为异网 接入网关为传统网络客户端分配的 AID, 源地址为目标服务器的 AID;  Step 601: After receiving the IP data packet of the traditional network client, the target server performs service processing, and sends a response data packet to the traditional network client, where the destination address of the data packet is an alien network access gateway allocated to the traditional network client. AID, the source address is the AID of the target server;
步骤 602: 异网接入网关接收到目标服务器的数据包后, 根据源地址和 目的地址分别查找服务器映射表和客户端映射表,得到目标服务器的 IP地址 和传统网络客户端的 IP地址;  Step 602: After receiving the data packet of the target server, the different network access gateway searches the server mapping table and the client mapping table according to the source address and the destination address respectively, and obtains the IP address of the target server and the IP address of the traditional network client.
步骤 603: 异网接入网关将目标服务器的数据包的源地址和目的地址分 别替换为查找到的目标服务器的 IP地址和传统网络客户端的 IP地址;  Step 603: The alien network access gateway replaces the source address and the destination address of the data packet of the target server with the IP address of the found target server and the IP address of the traditional network client.
步骤 604: 异网接入网关通过传统的 IP网络将目标服务器发送的响应的 数据包发送给传统网络客户端。  Step 604: The alien network access gateway sends the response packet sent by the target server to the traditional network client through the traditional IP network.
图 7为本实施方式的接入网关, 包括: 地址维护单元、 地址映射单元和 数据发送单元, 其中: The access gateway of the embodiment of the present invention includes: an address maintenance unit, an address mapping unit, and a data sending unit, where:
地址维护单元设置成: 配置服务器映射表和客户端映射表, 服务器映射 表中记录身份位置分离网络中的业务服务器的身份标识 (AID)与 IP地址的映 射关系;客户端映射表中记录传统网络中的客户端的 AID与 IP地址的映射关 系;  The address maintenance unit is configured to: configure a server mapping table and a client mapping table, where the mapping relationship between the identity identifier (AID) of the service server and the IP address in the identity separation location network is recorded in the server mapping table; the traditional network is recorded in the client mapping table. The mapping between the AID of the client and the IP address;
地址映射单元设置成: 根据服务器映射表和客户端映射表, 将数据包的 换;  The address mapping unit is configured to: convert the data packet according to the server mapping table and the client mapping table;
数据发送单元设置成: 将地址映射单元完成地址映射转换的数据包发送 给身份位置分离网络中的业务服务器或传统网络中的客户端。  The data sending unit is configured to: send the data packet converted by the address mapping unit to the address mapping to the service server in the identity separation network or the client in the legacy network.
本发明还提供一种数据传输系统, 包括传统网络、 身份位置分离网络和 异网接入网络, 其中各个装置的功能具体参见以上描述。  The present invention also provides a data transmission system, including a legacy network, an identity location separation network, and an alien network access network, wherein the functions of the respective devices are specifically described above.
显然, 本领域的技术人员应该明白, 上述的本发明的各模块、 各步骤可 以用通用的计算装置来实现, 它们可以集中在单个的计算装置上, 或者分布 在多个计算装置所组成的网络上, 可选地, 它们可以用计算装置可执行的程 序代码来实现, 从而, 可以将它们存储在存储装置中由计算装置来执行, 或 者将它们分别制作成各个集成电路模块, 或者将它们的多个模块或者步骤制 作成单个集成电路模块来实现。 这样, 本发明不限制于任何特定的硬件和软 件结合。 Obviously, those skilled in the art should understand that the above modules and steps of the present invention may be Implemented by a general-purpose computing device, which may be centralized on a single computing device or distributed over a network of computing devices, optionally, they may be implemented by program code executable by the computing device, such that They may be stored in a storage device by a computing device, or they may be fabricated into individual integrated circuit modules, or their multiple modules or steps may be implemented as a single integrated circuit module. Thus, the invention is not limited to any specific combination of hardware and software.
以上所述仅为本发明的实施例而已, 并不用于限制本发明, 对于本领域 的技术人员来说, 本发明可以有各种更改和变化。 凡在本发明的精神和原则 之内, 所做的任何修改、 等同替换、 改进等, 均应包含在本发明的保护范围 之内。  The above is only the embodiment of the present invention, and is not intended to limit the present invention, and various modifications and changes can be made to the present invention. All modifications, equivalents, improvements, etc., made within the spirit and scope of the invention are intended to be included within the scope of the invention.
工业实用性 Industrial applicability
与现有技术相比, 本发明通过在传统网络与身份位置分离网络之间设置 异网接入网关, 使传统网络中的客户端可以访问特定的身份位置分离网络中 的业务服务器, 满足了身份位置分离网络与传统网络互访的需要。  Compared with the prior art, the present invention sets an alien network access gateway between the traditional network and the identity location separation network, so that the client in the traditional network can access the service server in the specific identity location separation network, and the identity is satisfied. The need for location separation networks and traditional network exchange visits.

Claims

权 利 要 求 书 Claim
1、 一种数据传输方法, 包括: 1. A data transmission method, comprising:
在身份位置分离网络与传统网络之间配置异网接入网关, 为所述身份位 置分离网络中的业务 ^良务器配置传统网络中的 IP地址;  Configuring an alien network access gateway between the identity location separation network and the legacy network, and configuring an IP address in the legacy network for the service in the identity location separation network;
在所述异网接入网关中配置服务器映射表和客户端映射表, 所述服务器 映射表中记录所述业务服务器的身份标识 (AID)与 IP地址的映射关系; 所述 客户端映射表用来记录所述客户端的 AID与 IP地址的映射关系; 以及  Configuring a server mapping table and a client mapping table in the different network access gateway, where the mapping relationship between the identity identifier (AID) of the service server and the IP address is recorded in the server mapping table; Recording the mapping relationship between the AID and the IP address of the client;
所述异网接入网关根据所述服务器映射表和客户端映射表, 实现所述传 统网络中的客户端与所述身份位置分离网络中的业务服务器的数据传输。  The different network access gateway implements data transmission between the client in the traditional network and the service server in the identity-separated network according to the server mapping table and the client mapping table.
2、 如权利要求 1所述的方法, 其中, 所述异网接入网关配置有对应传统 网络的 IP地址和对应身份位置分离网络的路由位置标识 (RID); 所述异网接入网关实现所述数据传输的步骤中, 所述身份位置分离网络 中的业务服务器通过所述 RID, 将数据发送给所述异网接入网关, 所述传统 网络中的客户端通过所述异网接入网关的 IP地址, 将数据发送给该异网接入 网关。 2. The method according to claim 1, wherein the different network access gateway is configured with an IP address corresponding to a legacy network and a routing location identifier (RID) corresponding to the identity location separation network; In the step of data transmission, the service server in the identity location separation network sends data to the different network access gateway by using the RID, and the client in the traditional network accesses through the different network. The IP address of the gateway sends the data to the different access gateway.
3、 如权利要求 2所述的方法, 其中, 所述异网接入网关实现所述数据传 输的步骤包括: 3. The method according to claim 2, wherein the step of implementing the data transmission by the different network access gateway comprises:
所述客户端向所述异网接入网关发送 IP数据包, 该 IP数据包的源地址 为该客户端的 IP地址, 目的地址为所述身份位置分离网络中作为目标服务器 的业务服务器的 IP地址; 以及  The client sends an IP data packet to the different network access gateway, where the source address of the IP data packet is an IP address of the client, and the destination address is an IP address of the service server serving as the target server in the identity location separation network. ; as well as
所述异网接入网关接收到所述 IP数据包后, 根据该 IP数据包的目的地 址从所述服务器映射表中查找所述目标服务器的 IP地址对应的 AID, 并为所 述客户端分配 AID,在所述客户端映射表中添加该客户端的 IP地址与 AID的 映射关系, 将所述 IP数据包的源地址和目的地址分别替换为所述客户端的 AID和目标服务器的 AID, 将该 IP数据包发送给所述目标服务器。  After receiving the IP data packet, the different network access gateway searches for the AID corresponding to the IP address of the target server from the server mapping table according to the destination address of the IP data packet, and allocates the AID for the client. The AID is configured to add a mapping relationship between the IP address of the client and the AID in the client mapping table, and replace the source address and the destination address of the IP data packet with the AID of the client and the AID of the target server, respectively. An IP packet is sent to the target server.
4、 如权利要求 3所述的方法, 其中, 所述异网接入网关实现所述数据传 输的步骤还包括: 4. The method of claim 3, wherein the different network access gateway implements the data transmission The steps to lose also include:
所述目标服务器接收到所述 IP数据包后, 向所述客户端发送响应的数据 包, 该响应的数据包的目的地址为所述客户端的 AID, 源地址为该目标服务 器的 AID; 以及  After receiving the IP data packet, the target server sends a response data packet to the client, where the destination address of the response data packet is the AID of the client, and the source address is the AID of the target server;
所述异网接入网关接收到所述响应的数据包后, 根据该响应的数据包的 源地址和目的地址分别从所述服务器映射表和客户端映射表中查找所述目标 服务器和客户端的 IP地址; 将所述响应的数据包的源地址和目的地址分别替 换为查找到的目标服务器和客户端的 IP地址, 并将该响应的数据包发送给所 述客户端。  After receiving the data packet of the response, the different network access gateway searches for the target server and the client from the server mapping table and the client mapping table respectively according to the source address and the destination address of the responding data packet. The IP address is replaced by the source address and the destination address of the response packet to the IP addresses of the found target server and the client, and the response packet is sent to the client.
5、 如权利要求 3所述的方法, 其中, 所述异网接入网关将所述 IP数据 包发送给所述目标服务器的步骤包括: 5. The method of claim 3, wherein the step of the alien network access gateway transmitting the IP data packet to the target server comprises:
所述异网接入网关从所述身份位置分离网络中的映射平面查找所述目标 服务器的 AID对应的 RID, 根据该 RID将所述 IP数据包发送给所述目标服 务器。  The alien network access gateway searches for a RID corresponding to the AID of the target server from the mapping plane in the identity location separation network, and sends the IP data packet to the target server according to the RID.
6、 如权利要求 3所述的方法, 还包括: 6. The method of claim 3, further comprising:
在所述传统网络中的域名系统 (DNS)服务器上配置所述身份位置分离网 络中的业务服务器的域名与 IP地址的对应关系;  And configuring, on a Domain Name System (DNS) server in the traditional network, a correspondence between a domain name and an IP address of the service server in the identity separation network;
所述客户端向所述异网接入网关发送 IP数据包的步骤包括: 所述客户端 通过该 DNS服务器向所述异网接入网关发送域名指向所述目标服务器的 IP 数据包,该 DNS服务器将指向所述目标服务器的域名解析为所述目标服务器 的 IP地址。  The step of the client sending an IP data packet to the different network access gateway includes: the client sending, by the DNS server, an IP data packet whose domain name points to the target server to the different network access gateway, the DNS The server resolves the domain name pointing to the target server to the IP address of the target server.
7、一种数据传输方法, 用以实现传统网络中的客户端对身份位置分离网 络中的业务服务器的访问, 包括: A data transmission method for implementing a client in a traditional network to access a service server in an identity separation network, including:
所述传统网络与所述身份位置分离网络之间的异网接入网关接收到所述 客户端的 IP数据包后, 将该 IP数据包的源地址和目的地址分别替换为所述 客户端的 AID和目标服务器的 AID ,并将该 IP数据包发送给所述目标服务器。  After receiving the IP data packet of the client, the different network access gateway between the traditional network and the identity location separation network replaces the source address and the destination address of the IP data packet with the AID of the client and the client respectively. The AID of the target server and send the IP packet to the target server.
8、 如权利要求 7所述的方法, 其中, 所述客户端的 AID是所述异网接 入网关在接收到所述 IP数据包之后临时分配的。 8. The method according to claim 7, wherein the AID of the client is the different network connection The incoming gateway is temporarily allocated after receiving the IP packet.
9、一种数据传输方法, 用以实现传统网络中的客户端对身份位置分离网 络中的业务服务器的访问, 包括: A data transmission method for implementing a client in a traditional network to access a service server in an identity-separated network, including:
所述传统网络与所述身份位置分离网络之间的异网接入网关接收到所述 身份位置分离网络中的目标服务器发送的响应的数据包后, 将该响应的数据 包的源地址和目的地址分别替换为所述目标服务器和客户端的 IP地址, 并将 该响应的数据包发送给所述客户端。  After receiving the data packet sent by the target server in the identity location separation network, the alien network access gateway between the legacy network and the identity location separation network receives the source address and destination of the response data packet. The addresses are replaced with the IP addresses of the target server and the client, respectively, and the response packet is sent to the client.
10、 一种数据传输系统, 包括: 身份位置分离网络、 异网接入网关和传 统网络, 所述异网接入网关设置在所述身份位置分离网络与所述传统网络之 间, 其中: A data transmission system, comprising: an identity location separation network, an alien network access gateway, and a traditional network, wherein the alien network access gateway is disposed between the identity location separation network and the legacy network, wherein:
所述身份位置分离网络中的业务服务器配置有身份标识 (AID)以及传统 网络中的 IP地址;  The service server in the identity location separation network is configured with an identity (AID) and an IP address in a legacy network;
所述异网接入网关中配置有服务器映射表和客户端映射表, 所述服务器 映射表中记录有所述业务服务器的 AID与 IP地址的映射关系;所述客户端映 射表用来记录所述客户端的 AID与 IP地址的映射关系。  The server mapping table and the client mapping table are configured in the different network access gateway, where the mapping between the AID and the IP address of the service server is recorded in the server mapping table; the client mapping table is used to record the location The mapping between the AID of the client and the IP address.
11、 如权利要求 10所述的系统, 其中, 11. The system of claim 10, wherein
所述异网接入网关设置成: 根据所述服务器映射表和客户端映射表, 实 现所述传统网络中的客户端与所述身份位置分离网络中的业务服务器的数据 传输。  The different network access gateway is configured to: implement data transmission between the client in the legacy network and the service server in the identity location separation network according to the server mapping table and the client mapping table.
12、 如权利要求 11所述的系统, 其中, 12. The system of claim 11 wherein:
所述异网接入网关配置有对应传统网络的 IP地址和对应身份位置分离网 络的路由位置标识 ( RID);  The different network access gateway is configured with an IP address corresponding to the traditional network and a routing location identifier (RID) corresponding to the identity location separation network;
所述异网接入网关设置成通过如下方式实现所述数据传输: 所述身份位 置分离网络中的业务服务器通过所述 RID,将数据发送给所述异网接入网关, 所述传统网络中的客户端通过所述异网接入网关的 IP地址, 将数据发送给该 异网接入网关。 The different network access gateway is configured to implement the data transmission by: the service server in the identity location separation network sends data to the different network access gateway by using the RID, where the traditional network The client sends data to the alien access gateway through the IP address of the different network access gateway.
13、 一种数据传输系统, 包括: 身份位置分离网络、 异网接入网关和传 统网络, 所述异网接入网关设置在所述身份位置分离网络与所述传统网络之 间, 其中: A data transmission system, comprising: an identity location separation network, an alien network access gateway, and a traditional network, wherein the alien network access gateway is disposed between the identity location separation network and the legacy network, wherein:
所述传统网络包括客户端, 所述客户端设置成: 向所述异网接入网关发 送 IP数据包, 该 IP数据包的源地址为该客户端的 IP地址, 目的地址为所述 身份位置分离网络中的目标服务器的 IP地址;  The traditional network includes a client, and the client is configured to: send an IP data packet to the different network access gateway, where the source address of the IP data packet is an IP address of the client, and the destination address is the identity location. The IP address of the target server in the network;
所述异网接入网关设置成: 在接收到所述客户端的 IP数据包后, 将该 IP 数据包的源地址和目的地址分别替换为所述客户端的 AID和所述目标服务器 的 AID , 并将该 IP数据包发送给所述目标服务器。  The alien network access gateway is configured to: after receiving the IP data packet of the client, replace the source address and the destination address of the IP data packet with the AID of the client and the AID of the target server, respectively, and The IP data packet is sent to the target server.
14、 如权利要求 13所述的系统, 其中, 14. The system of claim 13 wherein
所述异网接入网关还设置成: 在接收到所述 IP数据包后, 先根据目的地 址从预先配置的服务器映射表中查找所述目标服务器的 IP地址对应的 AID, 并为所述客户端分配 AID, 在预先配置的客户端映射表中添加该客户端的 IP 地址与 AID的映射关系,然后才将所述 IP数据包的源地址和目的地址分别替 换为所述客户端的 AID和目标服务器的 AID。  The alien network access gateway is further configured to: after receiving the IP data packet, first look up an AID corresponding to an IP address of the target server from a pre-configured server mapping table according to a destination address, and serve as the client The AID is allocated, and the mapping between the IP address of the client and the AID is added in the pre-configured client mapping table, and then the source address and the destination address of the IP packet are replaced with the AID and the target server of the client respectively. AID.
15、 一种数据传输系统, 包括: 身份位置分离网络、 异网接入网关和传 统网络, 所述异网接入网关设置在所述身份位置分离网络与所述传统网络之 间, 其中: A data transmission system, comprising: an identity location separation network, an alien network access gateway, and a traditional network, wherein the alien network access gateway is disposed between the identity location separation network and the legacy network, wherein:
所述身份位置分离网络包括业务服务器, 所述业务服务器设置成: 在用 作目标服务器时, 接收到 IP数据包后, 向所述传统网络中的客户端发送响应 的数据包, 该响应的数据包的目的地址为所述客户端的 AID, 源地址为该目 标服务器的 AID;  The identity location separation network includes a service server, and the service server is configured to: when used as a target server, after receiving the IP data packet, send a response data packet to the client in the traditional network, and the response data The destination address of the packet is the AID of the client, and the source address is the AID of the target server;
所述异网接入网关设置成: 在接收到所述身份位置分离网络中的目标服 务器发送的响应的数据包后, 将所述响应的数据包的源地址和目的地址分别 替换为所述目标服务器和客户端的 IP地址, 并将该响应的数据包发送给所述 客户端。  The different network access gateway is configured to: after receiving the data packet of the response sent by the target server in the identity location separation network, replace the source address and the destination address of the response data packet with the target respectively The IP address of the server and the client, and the data packet of the response is sent to the client.
16、 如权利要求 15所述的系统, 其中, 所述异网接入网关还设置成: 在接收到所述响应的数据包后, 先根据源 地址和目的地址分别从预先配置的服务器映射表和客户端映射表中查找所述 目标服务器和客户端的 IP地址, 然后才将所述响应的数据包的源地址和目的 地址分别替换为所述目标服务器和客户端的 IP地址。 16. The system of claim 15 wherein The different network access gateway is further configured to: after receiving the data packet of the response, first searching the target server and the client from the pre-configured server mapping table and the client mapping table according to the source address and the destination address, respectively. The IP address of the end, and then replace the source address and the destination address of the responding packet with the IP addresses of the target server and the client respectively.
17、 一种接入网关, 用以实现传统网络中的客户端对身份位置分离网络 中的业务服务器的访问, 包括: 地址维护单元、 地址映射单元和数据发送单 元, 其中: An access gateway, configured to implement access by a client in a traditional network to a service server in an identity location separation network, including: an address maintenance unit, an address mapping unit, and a data sending unit, where:
所述地址维护单元设置成: 配置服务器映射表和客户端映射表, 所述服 务器映射表中记录有所述身份位置分离网络中的业务服务器的身份标识 (AID) 与 IP地址的映射关系; 所述客户端映射表用来记录所述传统网络中的客户端 的 AID与 IP地址的映射关系;  The address maintenance unit is configured to: configure a server mapping table and a client mapping table, where the mapping relationship between the identity identifier (AID) of the service server in the identity location separation network and the IP address is recorded in the server mapping table; The client mapping table is used to record the mapping relationship between the AID and the IP address of the client in the traditional network.
所述地址映射单元设置成: 根据所述服务器映射表和客户端映射表, 将 数据包中的地址在所述身份位置分离网络中的地址与传统网络中的地址间进 行映射转换;  The address mapping unit is configured to: map and convert an address in the data packet between the address in the identity location separation network and an address in the traditional network according to the server mapping table and the client mapping table;
所述数据发送单元设置成将所述地址映射单元完成映射转换后的数据包 发送给身份位置分离网络中的用作目标服务器的业务服务器或传统网络中的 客户端。  The data transmitting unit is configured to send the data packet that has been mapped and converted by the address mapping unit to a service server serving as a target server or a client in a legacy network in the identity location separation network.
18、 如权利要求 17所述的接入网关, 其中, 18. The access gateway of claim 17, wherein
所述地址维护单元还设置成为所述传统网络中的客户端分配 AID, 并在 所述客户端映射表中添加该客户端的 IP地址与 AID的映射关系;  The address maintenance unit is further configured to allocate an AID to the client in the traditional network, and add a mapping relationship between the IP address of the client and the AID in the client mapping table.
所述地址映射单元是设置成将数据包中的地址通过如下方式进行映射转 换: 在接收到所述传统网络中的客户端的 IP数据包后, 将该 IP数据包的源 地址和目的地址分别替换为所述地址维护单元为所述客户端分配的 AID和所 述身份位置分离网络中的所述目标服务器的 AID。  The address mapping unit is configured to perform mapping conversion on the address in the data packet by: after receiving the IP data packet of the client in the traditional network, replacing the source address and the destination address of the IP data packet respectively The AID assigned to the client by the address maintenance unit and the AID of the target server in the identity location separation network.
19、 如权利要求 18所述的接入网关, 其中, 19. The access gateway of claim 18, wherein
所述地址映射单元还设置成: 在接收到所述 IP数据包后, 先根据目的地 址从所述服务器映射表中查找所述目标服务器的 IP地址对应的 AID,从所述 客户端映射表中查找所述客户端的 IP地址对应的 AID , 然后才将所述 IP数 据包的源地址和目的地址分别替换为所述客户端的 AID 和目标服务器的 AID。 The address mapping unit is further configured to: after receiving the IP data packet, first searching for an AID corresponding to an IP address of the target server from the server mapping table according to a destination address, from the The client mapping table searches for the AID corresponding to the IP address of the client, and then replaces the source address and the destination address of the IP packet with the AID of the client and the AID of the target server, respectively.
20、 如权利要求 17所述的接入网关, 其中, 20. The access gateway of claim 17, wherein
所述地址映射单元是设置成将数据包中的地址通过如下方式进行映射转 换: 在接收到所述身份位置分离网络中的用作目标服务器的业务服务器发送 的响应的数据包后, 将该响应的数据包的源地址和目的地址分别替换为所述 目标服务器和客户端的 IP地址。  The address mapping unit is configured to perform mapping conversion on the address in the data packet by: after receiving the data packet of the response sent by the service server serving as the target server in the identity location separation network, the response The source and destination addresses of the data packet are replaced with the IP addresses of the target server and the client, respectively.
21、 如权利要求 20所述的接入网关, 其中, 21. The access gateway of claim 20, wherein
所述地址映射单元还设置成: 在接收到所述响应的数据包后, 先根据源 地址和目的地址分别从所述服务器映射表和客户端映射表中查找所述目标服 务器和客户端的 IP地址, 然后才将所述响应的数据包的源地址和目的地址分 别替换为目标服务器和客户端的 IP地址。  The address mapping unit is further configured to: after receiving the data packet of the response, first searching for the IP address of the target server and the client from the server mapping table and the client mapping table according to the source address and the destination address, respectively. Then, the source address and the destination address of the response packet are replaced with the IP addresses of the target server and the client, respectively.
PCT/CN2011/077880 2010-12-31 2011-08-01 Method and system for data transmission, and access gateway WO2012088882A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201010618683.9 2010-12-31
CN201010618683.9A CN102571999B (en) 2010-12-31 2010-12-31 A kind of data transmission method, system and IAD

Publications (1)

Publication Number Publication Date
WO2012088882A1 true WO2012088882A1 (en) 2012-07-05

Family

ID=46382278

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2011/077880 WO2012088882A1 (en) 2010-12-31 2011-08-01 Method and system for data transmission, and access gateway

Country Status (2)

Country Link
CN (1) CN102571999B (en)
WO (1) WO2012088882A1 (en)

Families Citing this family (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102917080B (en) * 2012-09-21 2015-10-07 中国科学院声学研究所 A kind of application layer data relay transmission method based on mapping table and device
CN103618796B (en) * 2013-12-02 2018-03-06 Tcl集团股份有限公司 A kind of server access method and device
CN104753926B (en) * 2015-03-11 2019-04-12 华中科技大学 A kind of gateway admittance control method
WO2016186420A1 (en) * 2015-05-15 2016-11-24 주식회사 윌러스표준기술연구소 Wireless communication terminal and wireless communication method for multi-user uplink transmission
US9953529B2 (en) * 2015-07-20 2018-04-24 GM Global Technology Operations LLC Direct vehicle to vehicle communications
CN111400388A (en) * 2020-03-20 2020-07-10 北京东方金信科技有限公司 Method and system for uniformly connecting and sharing multiple data sources
CN112039801B (en) * 2020-07-20 2022-12-20 厦门网宿有限公司 Method, system and proxy server for setting IP information
CN114726819A (en) * 2020-12-21 2022-07-08 中兴通讯股份有限公司 Position information conversion method, gateway, controller, terminal, device, and medium

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1801764A (en) * 2006-01-23 2006-07-12 北京交通大学 Internet access method based on identity and location separation
WO2010145164A1 (en) * 2009-10-10 2010-12-23 中兴通讯股份有限公司 Method and system for implementing interconnection between internet protocol version 4 network and new network
CN102025590A (en) * 2009-09-18 2011-04-20 中兴通讯股份有限公司 Method and system for realizing intercommunication between new net and internet
CN102025588A (en) * 2009-09-15 2011-04-20 中兴通讯股份有限公司 Intercommunication method and intercommunication network of identification and position separating network and Internet
CN102025587A (en) * 2009-09-17 2011-04-20 中兴通讯股份有限公司 Method and system for realizing intercommunication between LISP network and Internet

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101730101B (en) * 2009-04-15 2012-07-04 中兴通讯股份有限公司 Realizing method, system and device for separating identify label from position

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1801764A (en) * 2006-01-23 2006-07-12 北京交通大学 Internet access method based on identity and location separation
CN102025588A (en) * 2009-09-15 2011-04-20 中兴通讯股份有限公司 Intercommunication method and intercommunication network of identification and position separating network and Internet
CN102025587A (en) * 2009-09-17 2011-04-20 中兴通讯股份有限公司 Method and system for realizing intercommunication between LISP network and Internet
CN102025590A (en) * 2009-09-18 2011-04-20 中兴通讯股份有限公司 Method and system for realizing intercommunication between new net and internet
WO2010145164A1 (en) * 2009-10-10 2010-12-23 中兴通讯股份有限公司 Method and system for implementing interconnection between internet protocol version 4 network and new network

Also Published As

Publication number Publication date
CN102571999B (en) 2016-03-30
CN102571999A (en) 2012-07-11

Similar Documents

Publication Publication Date Title
WO2012088882A1 (en) Method and system for data transmission, and access gateway
WO2018090666A1 (en) Multipath data transmission method and device
US20120176932A1 (en) Communication method, method for forwarding data message during the communication process and communication node thereof
JPWO2005027438A1 (en) Packet relay device
WO2011041967A1 (en) Method for anonymous communication, method for registration, method and system for trasmitting and receiving information
WO2008148357A1 (en) Communication system and method, household base station gateway and household base station server
WO2011124132A1 (en) Data communications system and method
JP2011515944A (en) Method and apparatus for data packet communication between local networks
WO2011032473A1 (en) Implementation method and system of virtual private network
WO2010127610A1 (en) Method, equipment and system for processing visual private network node information
WO2011069399A1 (en) Address mapping method and access service node
WO2011035667A1 (en) Methods and systems for implementing inter-network roam, querying and attaching network
WO2011032462A1 (en) Method for data transmission and receiving, system and router thereof
WO2009129707A1 (en) A method, apparatus and communication system for sending and receiving information between local area networks
WO2011035615A1 (en) Method, system and apparatus for transmitting data
WO2011032492A1 (en) Identity identification, across-network communication and service migration method, and information intercommunication network architecture
WO2021027858A1 (en) Method and device for determining rlc channel
WO2011131097A1 (en) Data message processing method, system and access service node
JP2014502110A (en) Private device identification in the public network
WO2011032447A1 (en) Method, system and communication terminal for implementing inter-communication between new network and internet
WO2011050676A1 (en) Anonymous communication method, registration and cancellation method, and access node
JPWO2017056201A1 (en) Gateway control device for mobile communication system
WO2015043550A1 (en) Multimedia sharing method, registration method, server and proxy server
US8705471B2 (en) Method and system for implementing ID/locator mapping
WO2008080341A1 (en) Method, system and device for identifying a user terminal

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 11854504

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 11854504

Country of ref document: EP

Kind code of ref document: A1