A kind of implementation method and system of CDMA 1x LNS load balancing
Technical field
The present invention relates to CDMA 1x field, relate in particular to a kind of implementation method and system of CDMA 1x LNS load balancing.
Background technology
VPDN (Virtual Private Dial Network, VPDN) be a kind of on the Dial-up Network basis, at LAC (L2TP Access Concentrator, L2TP Access Concentrator) and LNS (L2TP Network Server, L2TP Network Server) sets up L2TP (Laycr 2 TunnclProtocol between, Layer 2 Tunneling Protocol) two layer tunnel, the technology of assurance dial user data transmission security.Wherein LAC is the initiation point that the tunnel is set up, and LNS is the destination node that the tunnel is set up.
CDMA 1x Packet Based Network is a kind of as Dial-up Network, also can realize To enterprises user's VPDN VPDN.Common implementation is: enterprise's child user uses CDMA 1x terminal to initiate VPDN and calls out; In telecom operators' side PDSN (Packet Data Servicc Nodc is set, packet data serving node) realizes the LAC function, AAA (Authentication, Authorization, Accounting are set, authentication, authentication, charging) the responsible once authentication of server, i.e. domain name checking, LNS distribution, authentication and the charging etc. used during VPDN subscriber dialing; In enterprise's side router is set and communicates by letter with PDSN by special line or the Internet and realize the LNS function, the Radius server is set is responsible for re-authentication, the username and password checking of using during promptly to the VPDN subscriber dialing, IP address distribution etc.
The enterprise customer of LNS router and Radius server is set separately for being unwilling, and telecom operators also can concentrate usually and cover big capacity LNS and a VPDN re-authentication system is set uses simultaneously for a plurality of enterprises.Require separate unit LNS can insert the dialing access of different VPDN enterprise ownership child user simultaneously.
Along with going up the VPDN enterprise customer and the single VPDN enterprise customer that insert, separate unit LNS belongs to being on the increase of child user down, the bottleneck of l2tp session (scssion) quantity that separate unit LNS equipment can be supported progressively manifests, and index parameters such as CPU, memory usage progressively worsen.Solution is the L2TP session that the same enterprise customer of load balancing belongs to child user on Different L NS.
The existing techniques in realizing scheme as shown in Figure 1, comprise PDSN, CDMA 1x network, Packet Based Network AAA, Radius server, the child user CDMA 1x of enterprise terminal, big capacity LNS and with the internal network of LNS by private line access.PDSN is connected with LNS by L2TP Tunnel.PDSN is transmitted to aaa server with the authentication request of CDMA 1x terminal.Aaa server is judged as the VPDN dialing, carries out the authentication of domain name, and by pre-configured LNS address, the mode of employing poll is returned the IP address of LNS.Use the Radius agreement between aaa server and the PDSN.LNS receives authentication by after the message, will initiate authentication request for the second time to the Radius server, and distribute implicit IP address.After the Radius server receives authentication request, carry out user name, password authentification.Use the Radius agreement to communicate between Radius server and the LNS.This scheme is provided with a plurality of LNS for same VPDN enterprise customer static state on Packet Based Network AAA, when subscriber dialing, return in order to PDSN, as shown in Figure 2:
At first be the foundation (TCH established) of CDMA 1x air interface, then carry out following steps:
Step 201, PCF initiates register requirement (A11Registration Request) by A11 interface standard message to PDSN;
Step 202, the request (Al 1Registration Response) of PDSN response PCF;
Step 203, the PPPLCP stage; Carry out LCP (LinkControl Protocol, LCP) between CDMA 1x terminal and the PDSN and consult, comprise authentication mode, data compression mode etc.;
Step 204, consult successfully after, terminal is initiated authentication request (AuthenticationReqtuest) to PDSN;
Step 205 sends access request (Access Request); PDSN delivers to the Packet Based Network aaa server by the Radius message of standard with user name, domain-name information the user is authenticated; The Packet Based Network AAA domain name that dialing is used to the VPDN child user authenticates;
Step 206, (Access Accept) accepted in visit; Packet Based Network AAA sends the corresponding parameter of setting up L2TP Tunnel according to the information of user's registration to PDSN, comprises the VPDN type, tunnel-password, the IP address of LNS (LNS Address), the dispatching algorithm of Packet Based Network AAA support at present is a polling mode;
Step 207, PDSN is initiated to the request of setting up the tunnel of LNS, sets up L2TP Tunnel (TunnelSetup);
Step 208, LNS initiates to carry out tunnel authentication (Tunnel Authentication);
Step 209 is set up session (Session Setup) between PDSN and the LNS;
Step 210, PDSN can before the 3rd the step negotiation parameter be transmitted to LNS, comprise the LCP parameter, usemame/password (LCP Parameters, Username/Password forwarded), this step LNS can require to carry out with terminal the heavily negotiation of LCP, and this flow process is not carried out the heavily negotiation of LCP, whether consults heavily to depend on whether the configuration of LNS and terminal support that LCP heavily consults;
Step 211, the Radius server is verified (UserAuthentication) to VPDN user's the user name and password;
Step 212, LNS sends the message (Authentication Success) of authentication success to terminal;
Step 213 behind the authentication success, enters the ipcp phase (IPCP Phase) of PPP, gives user's distributing IP address by the Radius server of enterprise by LNS;
Through after the above-mentioned steps, the PPP that VPDN user is established between the LNS of enterprise connects.
Because in the prior art, Packet Based Network AAA and LNS are usually at different machine rooms, distance is far, Packet Based Network AAA can't be according to the performance parameter of LNS, as CPU, Memory, session quantity etc., the dynamic LNS address of distributing can't dynamically realize that the load of LNS all carries on a shoulder pole according to the real-time performance parameter of LNS.
Summary of the invention
In order to solve above-mentioned technical problem, the invention provides a kind of implementation method and system of CDMA 1x LNS load balancing, its purpose is, realizes dynamically that according to the real-time performance parameter of LNS the load of LNS all carries on a shoulder pole.
The invention provides a kind of implementation method of L2TP Network Server load balancing, be used for CDMA 1x network, comprising:
Step 1, authentication, authentication, accounting server are forwarded to the VPDN management system with this access request message after receiving the access request message of using about VPDN;
Step 2, the VPDN management system is selected current available L2TP Network Server according to the load of current each L2TP Network Server, and the response message that will comprise this L2TP Network Server address is sent to authentication, authentication, accounting server;
The visit that step 3, authentication, authentication, accounting server will comprise this L2TP Network Server address is accepted message and is sent to packet data serving node.
In the step 2, the VPDN management system also will be except that this L2TP Network Server address sets up Layer 2 Tunneling Protocol tunnel corresponding parameters and is arranged on and is sent to authentication, authentication, accounting server in the response message; In the step 3, authentication, authentication, accounting server also are arranged on the described Layer 2 Tunneling Protocol tunnel corresponding parameters of setting up except that this L2TP Network Server address visit and accept to be sent in the message packet data serving node.
In the step 2, the VPDN management system selects current available L2TP Network Server specifically to comprise:
Step 31, the VPDN management system regularly sends the Simple Network Management Protocol request to all L2TP Network Servers, obtains the parameter of L2TP Network Server;
Step 32 according to the parameter of L2TP Network Server, obtains the load of each L2TP Network Server by dispatching algorithm, and selecting the minimum L2TP Network Server of load is current available L2TP Network Server.
Also comprise step 33 after the step 32, the address of this L2TP Network Server is write in the L2TP Network Server configuration file in the VPDN management system.
Also comprise before the step 31: step 30, the VPDN management system is checked the L2TP Network Server configuration file, if there is the L2TP Network Server address, the response message that then will comprise this L2TP Network Server address is sent to authentication, authentication, accounting server; Otherwise execution in step 31, step 32 and step 33.
Described parameter comprises the internal memory load M of L2TP Network Server, the concurrent session number S of L2TP Network Server and the cpu load C of L2TP Network Server.
Described dispatching algorithm is the load L=xC+yM+zS of L2TP Network Server, wherein x+y+z=1.
The invention provides a kind of realization system of L2TP Network Server load balancing, be used for the CDMA1x network, comprise authentication, authentication, accounting server, also comprise the VPDN management system;
Described authentication, authentication, accounting server after also being used to receive the access request message of using about VPDN, are forwarded to described VPDN management system with this access request message;
Described VPDN management system, current available L2TP Network Server is selected in the load that is used for according to current each L2TP Network Server, and the response message that will comprise this L2TP Network Server address is sent to described authentication, authentication, accounting server;
Described authentication, authentication, accounting server are used for that also message is accepted in the visit that comprises this L2TP Network Server address and are sent to packet data serving node.
Described VPDN management system also is used for the Layer 2 Tunneling Protocol tunnel corresponding parameters of setting up except that this L2TP Network Server address is arranged on response message and is sent to authentication, authentication, accounting server; Described authentication, authentication, accounting server also are used for the described Layer 2 Tunneling Protocol tunnel corresponding parameters of setting up except that this L2TP Network Server address is arranged on visit and accepts message and be sent to packet data serving node.
The VPDN management system comprises the L2TP Network Server configuration file, is used for the address that the VPDN management system is preserved the L2TP Network Server of its selection.
The VPDN management system also is used to check the L2TP Network Server configuration file, if there is the L2TP Network Server address in the L2TP Network Server configuration file, the response message that then will comprise this L2TP Network Server address is sent to described authentication, authentication, accounting server; Otherwise L2TP Network Server is carried out poll, obtain the parameter of L2TP Network Server, and the load that obtains each L2TP Network Server according to the parameter and the dispatching algorithm of L2TP Network Server, selecting the minimum L2TP Network Server of load is current available L2TP Network Server.
Described parameter comprises the internal memory load M of L2TP Network Server, the concurrent session number S of L2TP Network Server and the cpu load C of L2TP Network Server.
Described dispatching algorithm is the load L=xC+yM+zS of L2TP Network Server, wherein x+y+z=1.
The present invention can select the most idle LNS according to the actual performance parameter of LNS, thereby makes load balancing more effective.
Description of drawings
Fig. 1 sets up the system construction drawing that PPP connects for realizing VPDN user in the prior art;
Fig. 2 is for realizing in the prior art that VPDN user sets up PPP and connects flow chart;
Fig. 3 is for realizing the system construction drawing of CDMA 1x LNS load balancing among the present invention;
Fig. 4 is for realizing the flow chart of CDMA 1x LNS load balancing among the present invention.
Embodiment
Below in conjunction with accompanying drawing, the present invention is described in further detail.
Fig. 3 is the system block diagram of CDMA 1x LNS load balancing provided by the invention, comprises aaa server (Server), VPDN management system, PDSN, CDMA 1x network, LNS.Aaa server no longer directly distributes LNS, but authentication request is forwarded to the VPDN management system earlier; Aaa server and VPDN management system are used the Radius agreement.The VPDN management system can dynamically be known the performance parameter of LNS equipment by Simple Network Management Protocol (SNMP), and goes out the LNS address of next time dialling to be allocated according to specific algorithm computation.The VPDN management system also uses Radius agreement and LNS to carry out alternately.
Fig. 4 is a flow chart of realizing CDMA 1x LNS load balancing:
At first be the foundation of CDMA1x air interface, then carry out following steps:
Step 401, PCF initiates register requirement (A11Registration Request) by A11 interface standard message to PDSN;
Step 402, the request (A11 Registration Response) of PDSN response PCF;
Step 403 is carried out LCP (Link Control Protocol, LCP) and is consulted between CDMA 1x terminal and the PDSN, comprise authentication mode, (PPP LCP Phase) such as data compression modes;
Step 404, consult successfully after, terminal is initiated authentication request (AuthenticationRequest) to PDSN;
Step 405, access request (Access Request); PDSN delivers to the Packet Based Network aaa server by the Radius message of standard with user name, domain-name information the user is authenticated;
Step 406 is transmitted access request (Acce Request); After Packet Based Network AAA receives authentication request, authentication request is transmitted to the VPDN management system, carries out the selection of LNS by the VPDN management system.VPDN management system inside is provided with the LNS configuration file, and this document is deposited the IP address of LNS.The major function of VPDN management system is to user name/domain name authentication, and carries out the IMSI comparison, by snmp protocol, obtains the parameter attribute of LNS address; This configuration file can be checked by system when authentication, if the IP address is arranged, then it is returned to Packet Based Network AAA.If there is not the IP address, then can adopt default polling algorithm, distribute from pre-configured a plurality of LNS address choice one.Specific algorithm is: the VPDN management system sent SNMP to all LNS in per 30 seconds and asks, obtain the parameters such as CPU/Memory/session of LNS, and obtain the load of each LNS according to corresponding dispatching algorithm, selecting the minimum LNS of load is current available LNS, and the IP address of this LNS is write the LNS configuration file of VPDN management system.The dispatching algorithm here is L=xC+yM+zS, the x here, and y, z is weights, can be configured x+y+z=1 from administration interface.C represents cpu load, and M represents the internal memory load, and S represents the concurrent session number of LNS.L is big more, and the LNS load is high more.Select current available LNS according to said method.
Step 407, (Access Accept) accepted in visit; The VPDN management system sends the corresponding parameter of setting up L2TP Tunnel according to the information of user's registration to Packet Based Network AAA, comprises the VPDN type, tunnel-password, the IP address of LNS etc.;
Step 408 is transmitted visit and is accepted (Access Accept); Packet Based Network AAA will set up the parameter of L2TP Tunnel and issue PDSN;
Step 409, PDSN is initiated to the request of setting up the tunnel of LNS, sets up L2TP Tunnel (TunnelSetup);
Step 410, LNS initiates to carry out tunnel authentication (Tunnel Authentication);
Step 411 is set up session (Session Setup) between PDSN and the LNS;
Step 412, PDSN can be transmitted to LNS to step 403 negotiation parameter before, comprise the LCP parameter, usemame/password (LCP Parameters, Username/Password forwarded), this step LNS can require to carry out with terminal the heavily negotiation of LCP, and this flow process is not carried out the heavily negotiation of LCP, whether consults heavily to depend on whether the configuration of LNS and terminal support that LCP heavily consults;
Step 413, the Radius of enterprise server is verified (UserAuthentication) to VPDN user's the user name and password;
Step 414, LNS sends the message (Authentication Success) of authentication success to terminal;
Step 415 behind the authentication success, enters the ipcp phase (IPCP Phase) of PPP, gives user's distributing IP address by the radius server of enterprise;
Through after the above-mentioned steps, the PPP that the VPDN child user is established between the LNS of enterprise connects.
Those skilled in the art can also carry out various modifications to above content under the condition that does not break away from the definite the spirit and scope of the present invention of claims.Therefore scope of the present invention is not limited in above explanation, but determine by the scope of claims.