CN101141379A - Method and system of implementing network access - Google Patents
Method and system of implementing network access Download PDFInfo
- Publication number
- CN101141379A CN101141379A CNA2006101268662A CN200610126866A CN101141379A CN 101141379 A CN101141379 A CN 101141379A CN A2006101268662 A CNA2006101268662 A CN A2006101268662A CN 200610126866 A CN200610126866 A CN 200610126866A CN 101141379 A CN101141379 A CN 101141379A
- Authority
- CN
- China
- Prior art keywords
- address
- access
- resource
- spdf
- control function
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0815—Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L47/00—Traffic control in data switching networks
- H04L47/70—Admission control; Resource allocation
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/104—Grouping of entities
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The present invention discloses a method for realizing the network access. The method comprises: the user accesses the network and network resource, and admits the controlling function (A-RACF), and sends user routing information to a service policy decision-making function (SPDF); the SPDF establishes the corresponding relation between the user and the A-RACF according to the received user routing information and the A-RACF information. The present invention also discloses a system for realizing the network access. The present invention dynamically establishes the corresponding relation between user and the A-RACF of the network in the process of network accessing, namely dynamically establishes the topological relation between the SPDF and the A-RACF. Thus, when the AF send a resource request to the SPDF, the SPDF can search out the A-RACF to which the SPDF belongs according to the corresponding relation between user and the A-RACF, thereby the topology automatic discovery of the SPDF and the A-RACF can be realized, and the normal network access of the user is ensured.
Description
Technical field
The present invention relates to access technology, refer to a kind of method and system that realize network insertion especially.
Background technology
Along with the continuous development of access technology, the user can use increasing bandwidth, and so, Access Network need provide bigger transfer capability.How allowing access network resources can farthest obtain utilizing, make provider obtain bigger being benefited, is that operator gives the next generation (NGN) mission of Access Network.At present, bandwidth on demand, based on using and the dynamic QoS mechanism such as service quality (QoS) control of session have become the main means of raising access network resource utilization, such as, the telecommunications of future network and the fused business of the Internet and agreement (TISPAN, Telecommunications and Internetconverged Services and Protocols for Advanced Networking), be the standard of the next generation network of European Union, the dynamic QoS solution that TISPAN forum proposes.
Fig. 1 is a prior art TISPAN QoS configuration diagram, as shown in Figure 1, between operation layer (AF) and transport layer (Transport Layer), increase by one and transmitted key-course, be resource and admission subsystem (RACS), RACS is used for according to user profile such as user's profile Internet resources being managed and policy deployment.RACS is made up of service strategy decision making function entity (SPDF) and Access-Resource and Admission Control Function entity (Access-Resource and Admission Control Function), wherein, SPDF is used for the resource and the policy control request of the business that issues according to AF, the resource and the policy control of management Access Network and core net; Access-Resource and Admission Control Function is used for according to user's Profile the resource and admission of Access Network being controlled and policy deployment.AF is used for according to service request from user, request Internet resources and policy control and for the user provides professional service ability, and AF finds Access-Resource and Admission Control Function by SPDF, thus the control of the networking resource that achieves a butt joint such as resource bid and release, the deployment of qos policy etc.
AF uses professional resource and control strategy by Gq ' interface to RACS request user, and RACS carries out resource allocation and strategy execution with fringe node (IP Edge) and the core net Border Gateway equipment (Core Border Node) that resource request and control strategy are issued to corresponding Access Network.IP Edge transmits net with IP and links to each other; Network connection management subsystem (NASS), only data and control interface are arranged with IP Edge, be used for that user to Access Network authenticates, processing such as mandate and address assignment, and pass through the e4 interface to user profile such as RACS notice attribute of user and IP address, IP Edge comprises that two layers are transmitted termination function (L2TF) entity and Resource Control Enforcement Function entity (RCEF), wherein, the L2TF two layers of transmission information of user's message that are used to terminate; RCEF is used to carry out resource control and the policy control instruction that RACS issues.Core Border Node is used for carrying out control of corresponding resource and policy control according to the control command of core net Border Gateway functional entity (C-BGF), wherein C-BGF according to the Profile of business carry out that SPDF issues to the resource control of core net and the instruction of policy control.
Customer premises equipment, CPE (CPE) is used for message with the user and is carried on that corresponding circuit is technical to send access node (AN, Access Node) to, and the AN circuit that the user inserts of being responsible for terminating, as xDSL, PON, Wimax etc.
The NGN network support user of TISPAN QoS framework moves, and promptly when the user moves, can adopt mobile IP such as MIPv4 or MIPv6 etc. to solve the constant problem of IP address.But, at present in the TISPAN QoS framework, SPDF does not preserve user profile, and user's information relevant with network that AF carries has only IP address, and the topological relation of SPDF and Access-Resource and Admission Control Function is pre-configured static configuration information in the TISPAN QoS framework, for example the mailing address of the Access-Resource and Admission Control Function SPDF disposes it according to the address field of Access Network under.
Like this, under user's roaming condition, if the user adopts mobile IP, the IP address that AF is known is identical, but the network that the user inserted but is constantly to change, like this, be correctly to find the topological relation of SPDF and Access-Resource and Admission Control Function by the static configuration mode, thereby can not do not guarantee user's proper communication; Outside, because the IP address resource is in short supply, the IP address field is split into very little subnet section, it is existing that to dispose the workload of the topological relation between SPDF and Access-Resource and Admission Control Function by the static configuration mode very big.
Summary of the invention
In view of this, main purpose of the present invention is to provide a kind of method that realizes network insertion, can dynamically set up the topological relation of SPDF and Access-Resource and Admission Control Function, guarantees that the user normally realizes network insertion.
Another object of the present invention is to provide a kind of system that realizes network insertion, can dynamically set up the topological relation of SPDF and Access-Resource and Admission Control Function, guarantee that the user normally realizes network insertion.
For achieving the above object, technical scheme of the present invention specifically is achieved in that
A kind of method that realizes network insertion, this method also comprises:
A. the Access-Resource and Admission Control Function Access-Resource and Admission Control Function sends user's routing iinformation to SPDF;
B.SPDF sets up the corresponding relation of user and Access-Resource and Admission Control Function according to the user's routing iinformation and this Access-Resource and Admission Control Function information that receive.
In network connection management subsystem NASS, set in advance available service strategy decisive function SPDF, perhaps at the pre-configured appointment of Access-Resource and Admission Control Function SPDF; Described steps A specifically comprises:
A1. user access network and obtain the user current address of network allocation, described NASS sends user profile to Access-Resource and Admission Control Function, carries station address, described available SPDF address in this user profile; Perhaps user access network and obtain the user current address of network allocation, described NASS sends user profile to Access-Resource and Admission Control Function, carries station address in this user profile;
A2. described Access-Resource and Admission Control Function sends the user's routing iinformation that carries station address to available or appointment SPDF.
In described NASS, also set in advance the communication negotiation parameter between SPDF and Access-Resource and Admission Control Function;
Also carry the communication negotiation parameter between described SPDF and Access-Resource and Admission Control Function described in the steps A 1 in the user profile;
The method that sends user's routing iinformation described in the steps A 2 is:
Described NASS utilizes the communication negotiation parameter that receives, and the SPDF corresponding with described SPDF address communicates link negotiation, sets up communication link;
The communication link of described Access-Resource and Admission Control Function by setting up sends the user's routing iinformation that carries station address to SPDF.
Described NASS is ownership NASS, and described SPDF is ownership SPDF, and described Access-Resource and Admission Control Function is the ownership Access-Resource and Admission Control Function;
The user current address of distributing described in the steps A 1 is an IP address;
Described station address is an IP address.
Described in the step B via Access-Resource and Admission Control Function information be: the ownership Access-Resource and Admission Control Function address that SPDF obtained during described communication link was consulted;
The corresponding relation of described user and Access-Resource and Admission Control Function is: the corresponding relation between described IP address and ownership Access-Resource and Admission Control Function address.
Described NASS is visit NASS, and described SPDF is ownership SPDF, and described Access-Resource and Admission Control Function is the visit Access-Resource and Admission Control Function;
The station address that distributes described in the steps A 1 is a Care-of Address;
NASS described in the steps A 1 is before Access-Resource and Admission Control Function sends user profile, and this method also comprises: described visit NASS obtains the user's who comprises IP address attaching information from ownership NASS;
Described station address comprises Care-of Address and IP address, and described communication negotiation parameter is visit communication negotiation parameter.
Described in the step B via Access-Resource and Admission Control Function information be: the visit Access-Resource and Admission Control Function address that SPDF obtained during described communication link was consulted;
The corresponding relation of described user and Access-Resource and Admission Control Function is: the corresponding relation between described IP address, Care-of Address and visit Access-Resource and Admission Control Function address.
Described NASS is visit NASS, and described SPDF is visit SPDF, and described Access-Resource and Admission Control Function is the visit Access-Resource and Admission Control Function;
The station address that distributes described in the steps A 1 is a Care-of Address;
NASS described in the steps A 1 is before Access-Resource and Admission Control Function sends user profile, and this method also comprises: described NASS obtains the home subscriber information that comprises IP address and ownership SPDF address from ownership NASS;
Described user profile also comprises: ownership SPDF address;
Described station address comprises Care-of Address and IP address, and described communication negotiation parameter is visit communication negotiation parameter.
Described in the step B via Access-Resource and Admission Control Function information be: the visit Access-Resource and Admission Control Function address that visit SPDF obtained during described communication link was consulted;
The corresponding relation of described user and Access-Resource and Admission Control Function is: the corresponding relation between described IP address, Care-of Address, visit Access-Resource and Admission Control Function address and ownership SPDF.
This method also comprises:
A. described visit SPDF communication link through consultation carries IP address, Care-of Address and visit Access-Resource and Admission Control Function address user routing iinformation to ownership SPDF transmission;
B. described ownership SPDF sets up the corresponding relation between IP address, Care-of Address, visit Access-Resource and Admission Control Function address and the visit SPDF address according to the visit SPDF address that obtains in user's routing iinformation that receives and the communication link negotiation.
Described NASS is visit NASS, and described SPDF is ownership/visit SPDF, and described Access-Resource and Admission Control Function is the visit Access-Resource and Admission Control Function;
User access network described in the steps A 1 and the method that obtains the user current address of network allocation are: visit NASS communicates by letter with belonging to NASS, finishes authentication and address assignment to the user, and addresses distributed information is sent to ownership/visit SPDF;
The station address of described distribution is an IP address;
The corresponding relation of user described in the step B and Access-Resource and Admission Control Function is: the corresponding relation between described IP address and visit Access-Resource and Admission Control Function address.
The corresponding relation of setting up described in the step B is for being the IP look-up table of index with the IP address; Described IP look-up table comprises: essential information, information of home location and visit ground information;
Described essential information comprises: IP address, user's current location information;
Described information of home location comprises: ownership Access-Resource and Admission Control Function address, ownership SPDF address;
Described visit ground information comprises: user's Care-of Address, visit Access-Resource and Admission Control Function address, visit SPDF address.
Described available SPDF is: with professional corresponding SPDF.
A kind of system that realizes network insertion, this system comprises: network connection management subsystem NASS, service strategy decision making function SPDF and Access-Resource and Admission Control Function Access-Resource and Admission Control Function, described NASS links to each other with SPDF by Access-Resource and Admission Control Function, and the user is by the NASS access network
In described NASS, set in advance available SPDF, perhaps Access-Resource and Admission Control Function pre-configured with the communication link of specifying SPDF;
Described Access-Resource and Admission Control Function receives and carries station address, described current available SPDF address user information from NASS; Perhaps described Access-Resource and Admission Control Function receives the user profile that carries station address from NASS;
Described available or specify SPDF to receive the user's routing iinformation that carries station address from Access-Resource and Admission Control Function, set up the corresponding relation of user and Access-Resource and Admission Control Function.
Also set in advance the communication negotiation parameter between SPDF and Access-Resource and Admission Control Function among the described NASS;
Described Access-Resource and Admission Control Function also receives communication negotiation parameter between described SPDF and Access-Resource and Admission Control Function;
Described NASS is ownership NASS, and described SPDF is ownership SPDF, and described Access-Resource and Admission Control Function is the ownership Access-Resource and Admission Control Function; Described station address is an IP address.
Described NASS is visit NASS, and described SPDF is ownership SPDF, and described Access-Resource and Admission Control Function is the visit Access-Resource and Admission Control Function; Described system also comprises: ownership NASS and ownership Access-Resource and Admission Control Function;
Described visit NASS receives the attaching information from the user who comprises IP address of ownership NASS;
Described visit Access-Resource and Admission Control Function receives the Care-of Address that carries IP address, user access network acquisition, the ownership SPDF address from visit NASS, and the user profile of visit communication negotiation parameter;
Described SPDF receives the user's routing iinformation that carries IP address and Care-of Address from the visit Access-Resource and Admission Control Function, sets up user and the corresponding relation of visiting Access-Resource and Admission Control Function.
Described NASS is visit NASS, and described SPDF is ownership/visit SPDF, and described Access-Resource and Admission Control Function is the visit Access-Resource and Admission Control Function; Described system also comprises: ownership NASS and ownership Access-Resource and Admission Control Function;
Described visit NASS communicates by letter with ownership NASS, finishes the authentication to the user, and obtains user's attaching information, and finish address assignment, and user profile is sent to the visit Access-Resource and Admission Control Function;
Described visit Access-Resource and Admission Control Function receives and carries IP address, ownership/visit SPDF address and the user profile of ownership/visit communication negotiation parameter from visit NASS;
Described visit/ownership SPDF receives the user's routing iinformation that carries IP address from the visit Access-Resource and Admission Control Function, sets up user and the corresponding relation of visiting Access-Resource and Admission Control Function.
Described NASS is visit NASS, and described SPDF is visit SPDF, and described Access-Resource and Admission Control Function is the visit Access-Resource and Admission Control Function; Described system also comprises: ownership SPDF, ownership NASS and ownership Access-Resource and Admission Control Function;
Described visit NASS receives the home subscriber information that comprises IP address and ownership SPDF address from ownership NASS;
Described visit Access-Resource and Admission Control Function receives the user profile of the Care-of Address that carries IP address, user access network acquisition, ownership SPDF address, visit SPDF address and visit communication negotiation parameter from visit NASS;
Described visit SPDF receive from the visit Access-Resource and Admission Control Function carry IP address, Care-of Address and ownership SPDF address user routing iinformation, set up user and visit Access-Resource and Admission Control Function and belong to corresponding relation between the SPDF address.
Described system also comprises:
Described ownership SPDF receive from visit SPDF carry IP address, Care-of Address and visit Access-Resource and Admission Control Function address user routing iinformation, set up user and visit Access-Resource and Admission Control Function address and visit corresponding relation between the SPDF address.
As seen from the above technical solution, the present invention carries out in the process of network insertion the user, dynamically sets up the corresponding relation of the Access-Resource and Admission Control Function of user's current network of living in it in SPDF, promptly dynamically sets up the topological relation of SPDF and Access-Resource and Admission Control Function.Like this, when AF when SPDF sends resource request, SPDF can find the affiliated Access-Resource and Admission Control Function of SPDF according to the corresponding relation of described user and Access-Resource and Admission Control Function, thereby has realized the topological automatic discovering of SPDF and Access-Resource and Admission Control Function, has guaranteed that the user normally realizes network insertion.
Description of drawings
Fig. 1 is a prior art TISPAN QoS configuration diagram;
Fig. 2 is the flow chart of the inventive method;
Fig. 3 is the system schematic of the embodiment of the invention one;
Fig. 4 is the flow chart of the embodiment of the invention one;
Fig. 5 is the system schematic of the embodiment of the invention two;
Fig. 6 is the flow chart of the embodiment of the invention two;
Fig. 7 is the system schematic of the embodiment of the invention three;
Fig. 8 is the flow chart of the embodiment of the invention three;
Fig. 9 is the schematic diagram of IP look-up table.
Embodiment
Core concept of the present invention is: user access network, and Access-Resource and Admission Control Function sends user's routing iinformation to SPDF; SPDF according to user's routing iinformation of receiving and via Access-Resource and Admission Control Function information, set up the corresponding relation of user and Access-Resource and Admission Control Function.
Herein, each Access Network is by NASS and Access-Resource and Admission Control Function control.
Fig. 2 is the flow chart of the inventive method, as shown in Figure 2, user access network, NASS sends user profile to Access-Resource and Admission Control Function, and here, user access network is meant that the user is when business is used in request, by authentication and successful distributing user IP address, this process belongs to prior art, can repeat no more here referring to related protocol.
The inventive method is further comprising the steps of:
Step 200:A-RACF sends user's routing iinformation to SPDF.
SPDF in this step sets in advance available SPDF in NASS, also can be at the pre-configured appointment SPDF of Access-Resource and Admission Control Function.Different SPDF can adopt different SPDF address to distinguish.
Available or appointment SPDF can be and professional corresponding SPDF, such as professional 1 corresponding SPDF1, SPDF2, professional 2 corresponding SPDF 1, SPDF3 etc.Configuration gets final product specific implementation according to actual conditions.
Further, in NASS, set in advance the communication negotiation parameter between SPDF and Access-Resource and Admission Control Function, the communication negotiation parameter is meant the parameter that is used for setting up communication link between Access-Resource and Admission Control Function and SPDF, as parameters such as keys, in home network, can be described as ownership communication negotiation parameter, in visited network, can be described as visit communication negotiation parameter.
Behind the user access network, NASS sends user profile to Access-Resource and Admission Control Function, here, user profile comprises into the IP address of the distribution of work, current available or appointment SPDF address at least, can also comprise the communication negotiation parameter between this SPDF and Access-Resource and Admission Control Function, Access-Resource and Admission Control Function generally can send response to NASS after receiving user profile.
Before sending, this method also comprises the communication negotiation parameter that the Access-Resource and Admission Control Function utilization receives, and the SPDF corresponding with the SPDF address communicates link negotiation, sets up communication link.In the communication link negotiations process, SPDF is known the information of Access-Resource and Admission Control Function such as Access-Resource and Admission Control Function address etc.;
The communication link of Access-Resource and Admission Control Function by setting up sends user's routing iinformation such as IP address to SPDF.
Step 201:SPDF sets up the corresponding relation of user and Access-Resource and Admission Control Function according to the user's routing iinformation and this Access-Resource and Admission Control Function information that receive.
The corresponding relation of user and Access-Resource and Admission Control Function can adopt the mapping table of IP address and Access-Resource and Admission Control Function address to represent in this step.
The corresponding relation of described foundation is a look-up table, and this look-up table can be as shown in Figure 9, and Fig. 9 is the schematic diagram of IP look-up table, and the index of this IP look-up table is an IP address, and the content of IP look-up table can comprise:
Essential information is such as IP address, user's current location information (ownership place or visit ground) etc.;
Information of home location is such as ownership Access-Resource and Admission Control Function address, ownership SPDF address etc.;
Visit ground information: such as user's Care-of Address, visit Access-Resource and Admission Control Function address, visit SPDF address etc.;
Because Access-Resource and Admission Control Function may not well be amassed wealth by heavy taxation to the routing iinformation that SPDF reports, can adopt the shortest coupling and Hash methods such as (HASH) to reduce and search of the requirement of IP look-up table internal memory, improve searching speed.Here the shortest coupling and HASH method belong to prior art, repeat no more here.
From flow process shown in Figure 2, carry out in the process of network insertion the user, in SPDF, dynamically set up the corresponding relation of user and Access-Resource and Admission Control Function, promptly dynamically set up the topological relation of SPDF and Access-Resource and Admission Control Function.Like this, when AF when SPDF sends resource request, SPDF can find the affiliated Access-Resource and Admission Control Function of SPDF according to the corresponding relation of described user and Access-Resource and Admission Control Function, thereby has realized the topological automatic discovering of SPDF and Access-Resource and Admission Control Function, has guaranteed that the user normally realizes network insertion.
For making purpose of the present invention, technical scheme and advantage clearer, below with reference to the accompanying drawing preferred embodiment that develops simultaneously, the present invention is described in more detail.
Fig. 3 is the system schematic of the embodiment of the invention one, as shown in Figure 3, SPDF serves two Access Networks, link to each other with Access-Resource and Admission Control Function 2 with Access-Resource and Admission Control Function 1 respectively, suppose that the user is Access Network 1 access network by home network, and in NASS1 pre-configured available SPDF address such as the corresponding relation and the parameters such as communication negotiation parameter such as key of domain name or IP address.
Fig. 4 is the flow chart of the embodiment of the invention one, in conjunction with Fig. 3, may further comprise the steps:
Step 400: the user is by the NASS1 access network.
This step realize the user successfully connect network as complete successfully authentication, IP address becomes the distribution of work etc., specific implementation belongs to prior art, can repeat no more here referring to related protocol.
The user profile that step 401~step 402:NASS1 will carry IP address, SPDF address and communication negotiation parameter sends to Access-Resource and Admission Control Function 1, and Access-Resource and Admission Control Function 1 returns response to NASS1.
Communicate link negotiation between the step 403:A-RACF1 SPDF corresponding, set up communication link with the SPDF address.
Between Access-Resource and Admission Control Function 1 and the SPDF, the communication negotiation parameter that is used in the user profile of NASS1 communicates link negotiation in this step, and by the communication link negotiations process, SPDF is known the information of Access-Resource and Admission Control Function 1 such as Access-Resource and Admission Control Function 1 address etc.The realization negotiation method is a lot, belongs to prior art, no longer describes in detail here.
The communication link of step 404:A-RACF1 by setting up sends the user's routing iinformation that carries IP address to SPDF.
Step 405:SPDF sets up the corresponding relation between IP address and Access-Resource and Admission Control Function 1 address according to Access-Resource and Admission Control Function 1 address that obtains in user's routing iinformation that receives and the communication link negotiation.
So far, finished user's network insertion process.
After this, when AF when SPDF sends resource request, the corresponding relation between the IP address that SPDF just can set up according to self and Access-Resource and Admission Control Function 1 address finds the Access-Resource and Admission Control Function 1 under the SPDF, thus the topological automatic discovering of realization SPDF and Access-Resource and Admission Control Function 1.
Fig. 5 is the system schematic of the embodiment of the invention two, as shown in Figure 5, in mobile IP mechanism, home agent (HA) is a router on the home network, can serve as the anchor point that communicates with mobile node, also can grouped data be sent to the mobile node of roaming by the tunnel.Visit agency (FA) is the router that serves as the tie point of mobile node in the visited network, and the grouped data that FA can send HA is transmitted to mobile node.Mobile node is meant a terminal equipment that can carry out netsurfing.
Among Fig. 5, ownership Access-Resource and Admission Control Function and visit Access-Resource and Admission Control Function link to each other with same SPDF, belong to NASS and are connected with visiting between the NASS.Suppose in ownership NASS and roaming NASS respectively the pre-configured available SPDF address such as the corresponding relation of domain name or IP address, and ownership communication negotiation parameter and visit communication negotiation parameter.
Here, suppose that the user moves to visited network from home network, at this moment, finished the network insertion of user according to flow process shown in Figure 4, just in SPDF, established the corresponding relation between IP address and the ownership Access-Resource and Admission Control Function address at home network at home network.
Fig. 6 is the flow chart of the embodiment of the invention two, in conjunction with Fig. 5, may further comprise the steps:
Step 600: the user is by visit NASS access network.
In this step, the user obtains from the Care-of Address in visited network.Care-of Address is the current positional information in visited network of user, and the method for obtaining Care-of Address can repeat no more here referring to related protocol and irrelevant with the inventive method.
Step 601: visit NASS obtains the user's who comprises IP address attaching information from ownership NASS.Visit NASS belongs to prior art between NASS alternately with belonging to, and specific implementation can be referring to related protocol.
Step 602~step 603: the user profile that visit NASS will carry IP address, Care-of Address, SPDF address and visit communication negotiation parameter sends to the visit Access-Resource and Admission Control Function, and the visit Access-Resource and Admission Control Function returns response to visit NASS.
Step 604: visit between the Access-Resource and Admission Control Function SPDF corresponding and communicate link negotiation, set up communication link with the SPDF address.
Between visit Access-Resource and Admission Control Function and the SPDF, the visit communication negotiation parameter that is used in the user profile of visiting NASS communicates link negotiation in this step, and by the communication link negotiations process, SPDF knows that the information of visit Access-Resource and Admission Control Function is as visiting Access-Resource and Admission Control Function address etc.The realization negotiation method is a lot, belongs to prior art, no longer describes in detail here.
Step 605: the communication link of visit Access-Resource and Admission Control Function by setting up sends the user's routing iinformation that carries IP address and Care-of Address to SPDF.
Step 606:SPDF sets up the corresponding relation between IP address, Care-of Address and the visit Access-Resource and Admission Control Function address according to the visit Access-Resource and Admission Control Function address that obtains in user's routing iinformation that receives and the communication link negotiation.
So far, finished user's network insertion process.
After this, when AF when SPDF sends the user uplink resource request, SPDF just can be according to the IP address of self setting up, corresponding relation between Care-of Address and the visit Access-Resource and Admission Control Function address, find the visit Access-Resource and Admission Control Function, and when AF when SPDF sends the request of user's downlink resource, SPDF can be according to the IP address of self setting up, corresponding relation between Care-of Address and the visit Access-Resource and Admission Control Function address, and the corresponding relation between IP address and the ownership Access-Resource and Admission Control Function address, find ownership Access-Resource and Admission Control Function and visit Access-Resource and Admission Control Function, thereby realize the topological automatic discovering of SPDF and visit/ownership Access-Resource and Admission Control Function.
Fig. 7 is the system schematic of the embodiment of the invention three, as shown in Figure 7, ownership Access-Resource and Admission Control Function and visit Access-Resource and Admission Control Function link to each other with ownership SPDF and visit SPDF in each automatic network respectively, and ownership SPDF is connected with visiting between the SPDF, belong to NASS and are connected with visiting between the NASS.Suppose pre-configured available ownership SPDF address such as the corresponding relation of domain name or IP address in ownership NASS, and parameters such as ownership communication negotiation parameter such as key; The pre-configured available visit SPDF address such as the corresponding relation of domain name or IP address in visit NASS, and parameters such as visit communication negotiation parameter such as key.
Here, suppose that the user moves to visited network from home network, at this moment, finished the network insertion of user according to flow process shown in Figure 4, just in ownership SPDF, established the corresponding relation between IP address and the ownership Access-Resource and Admission Control Function address at home network at home network.
Fig. 8 is the flow chart of the embodiment of the invention three, in conjunction with Fig. 7, may further comprise the steps:
Step 800: the user is by visit NASS access network.
In this step, the user obtains from the Care-of Address in visited network.
Step 801: visit NASS obtains the home subscriber information that comprises IP address and ownership SPDF address from ownership NASS.Visit NASS and ownership belong to prior art between NASS alternately, and specific implementation can be referring to related protocol, and different is also to comprise in the home subscriber information belonging to the SPDF address.
Step 802~step 803: the user profile that visit NASS will carry IP address, Care-of Address, ownership SPDF address, visit SPDF address and visit communication negotiation parameter sends to the visit Access-Resource and Admission Control Function, and the visit Access-Resource and Admission Control Function returns response to visit NASS.
Step 804: communicate link negotiation between visit Access-Resource and Admission Control Function and visit SPDF, set up communication link.
Visit in this step between Access-Resource and Admission Control Function and the visit SPDF, the visit communication negotiation parameter that is used in the user profile of visiting NASS communicates link negotiation, by the communication link negotiations process, visit SPDF knows that the information of visit Access-Resource and Admission Control Function is as visiting Access-Resource and Admission Control Function address etc.The realization negotiation method is a lot, belongs to prior art, no longer describes in detail here.
Step 805: the communication link of visit Access-Resource and Admission Control Function by setting up carries IP address, Care-of Address and ownership SPDF address user routing iinformation to visit SPDF transmission.
Step 806: visit SPDF sets up the corresponding relation between IP address, Care-of Address, visit Access-Resource and Admission Control Function address and the ownership SPDF address according to the visit Access-Resource and Admission Control Function address that obtains in user's routing iinformation that receives and the communication link negotiation.
Step 807~step 808: communicate link negotiation between visit SPDF and the ownership SPDF, the communication link of back foundation is visited SPDF and is carried IP address, Care-of Address and visit Access-Resource and Admission Control Function address user routing iinformation to ownership SPDF transmission through consultation.
By the communication link negotiations process, ownership SPDF is known information such as visit SPDF address.
Step 809: ownership SPDF sets up the corresponding relation between IP address, Care-of Address, visit Access-Resource and Admission Control Function address and the visit SPDF address according to the visit SPDF address that obtains in user's routing iinformation that receives and the communication link negotiation.
After this, when AF when ownership SPDF sends the user uplink resource request, ownership SPDF just can find visit SPDF and visit Access-Resource and Admission Control Function according to the corresponding relation between the IP address of self setting up, Care-of Address, visit Access-Resource and Admission Control Function address and the visit SPDF address; When AF when ownership SPDF sends the request of user's downlink resource, ownership SPDF is according to the corresponding relation between IP address of self setting up and the ownership Access-Resource and Admission Control Function address, and the corresponding relation between IP address, Care-of Address, visit Access-Resource and Admission Control Function address and the visit SPDF address, find ownership Access-Resource and Admission Control Function and visit SPDF, visit Access-Resource and Admission Control Function by visit SPDF visit then, thereby realize the topological automatic discovering of ownership visit SPDF and ownership/visit Access-Resource and Admission Control Function.
At Fig. 5 and system schematic shown in Figure 7, also there is another situation, suppose that the user is when home network moves to visited network, do not finish the network insertion of user at home network at home network, just in SPDF, do not set up the corresponding relation between IP address and the ownership Access-Resource and Admission Control Function address, this situation is called nomadism scene, the visit Access-Resource and Admission Control Function can be according to the agreement of visit ground and belonging area network operator like this, directly carry out network insertion, specifically comprise with visit SPDF or ownership SPDF:
At first, after the user moves to visited network, by visit NASS access network, after user registration success, visit NASS authenticates the user by ownership NASS, obtains Profile and visit/ownership SPDF address, after this visits NASS and is the direct distributing user IP of user address; Visit NASS is according to selecting to adopt visit SPDF or ownership SPDF with the agreement of ownership NASS operator, again to the visit Access-Resource and Admission Control Function send the user Profile and with the SPDF address, if ownership SPDF is same with visit SPDF, then need not to select.
Afterwards, visit Access-Resource and Admission Control Function and visit/ownership SPDF consults and sets up communication link; The user that the visit Access-Resource and Admission Control Function reports to visit/ownership SPDF by the communication link set up is in IP address, the ownership/visit SPDF address of visiting ground, and user's routing iinformations such as user profile of ownership/visit communication negotiation parameter;
Then, visit/ownership SPDF sets up the corresponding relation between IP address and the visit Access-Resource and Admission Control Function address according to the user's routing iinformation that receives.So far, finished user's network insertion process.
After this, when AF when visit/ownership SPDF sends the user resources request, visit/ownership SPDF can and visit corresponding relation between the Access-Resource and Admission Control Function address according to IP address, family, find the visit Access-Resource and Admission Control Function, thus the topological automatic discovering of realization SPDF and Access-Resource and Admission Control Function.
The above is preferred embodiment of the present invention only, is not to be used to limit protection scope of the present invention, all any modifications of being made within the spirit and principles in the present invention, is equal to replacement, improvement etc., all should be included within protection scope of the present invention.
Claims (20)
1. a method that realizes network insertion is characterized in that, this method also comprises:
A. the Access-Resource and Admission Control Function Access-Resource and Admission Control Function sends user's routing iinformation to service strategy decision making function SPDF;
B.SPDF sets up the corresponding relation of user and Access-Resource and Admission Control Function according to the user's routing iinformation and this Access-Resource and Admission Control Function information that receive.
2. method according to claim 1 is characterized in that, sets in advance available SPDF in network connection management subsystem NASS, perhaps at the pre-configured appointment of Access-Resource and Admission Control Function SPDF; Described steps A specifically comprises:
A1. user access network and obtain the user current address of network allocation, described NASS sends user profile to Access-Resource and Admission Control Function, carries station address, described available SPDF address in this user profile; Perhaps user access network and obtain the user current address of network allocation, described NASS sends user profile to Access-Resource and Admission Control Function, carries station address in this user profile;
A2. described Access-Resource and Admission Control Function sends the user's routing iinformation that carries station address to available or appointment SPDF.
3. method according to claim 2 is characterized in that, also sets in advance the communication negotiation parameter between SPDF and Access-Resource and Admission Control Function in described NASS;
Also carry the communication negotiation parameter between described SPDF and Access-Resource and Admission Control Function described in the steps A 1 in the user profile;
The method that sends user's routing iinformation described in the steps A 2 is:
Described NASS utilizes the communication negotiation parameter that receives, and the SPDF corresponding with described SPDF address communicates link negotiation, sets up communication link;
The communication link of described Access-Resource and Admission Control Function by setting up sends the user's routing iinformation that carries station address to SPDF.
4. according to claim 2 or 3 described methods, it is characterized in that described NASS is ownership NASS, described SPDF is ownership SPDF, and described Access-Resource and Admission Control Function is the ownership Access-Resource and Admission Control Function;
The user current address of distributing described in the steps A 1 is an IP address;
Described station address is an IP address.
5. method according to claim 4 is characterized in that, described in the step B via Access-Resource and Admission Control Function information be: the ownership Access-Resource and Admission Control Function address that SPDF obtained during described communication link was consulted;
The corresponding relation of described user and Access-Resource and Admission Control Function is: the corresponding relation between described IP address and ownership Access-Resource and Admission Control Function address.
6. according to claim 2 or 3 described methods, it is characterized in that described NASS is visit NASS, described SPDF is ownership SPDF, and described Access-Resource and Admission Control Function is the visit Access-Resource and Admission Control Function;
The station address that distributes described in the steps A 1 is a Care-of Address;
NASS described in the steps A 1 is before Access-Resource and Admission Control Function sends user profile, and this method also comprises: described visit NASS obtains the user's who comprises IP address attaching information from ownership NASS;
Described station address comprises Care-of Address and IP address, and described communication negotiation parameter is visit communication negotiation parameter.
7. method according to claim 6 is characterized in that, described in the step B via Access-Resource and Admission Control Function information be: the visit Access-Resource and Admission Control Function address that SPDF obtained during described communication link was consulted;
The corresponding relation of described user and Access-Resource and Admission Control Function is: the corresponding relation between described IP address, Care-of Address and visit Access-Resource and Admission Control Function address.
8. according to claim 2 or 3 described methods, it is characterized in that described NASS is visit NASS, described SPDF is visit SPDF, and described Access-Resource and Admission Control Function is the visit Access-Resource and Admission Control Function;
The station address that distributes described in the steps A 1 is a Care-of Address;
NASS described in the steps A 1 is before Access-Resource and Admission Control Function sends user profile, and this method also comprises: described NASS obtains the home subscriber information that comprises IP address and ownership SPDF address from ownership NASS;
Described user profile also comprises: ownership SPDF address;
Described station address comprises Care-of Address and IP address, and described communication negotiation parameter is visit communication negotiation parameter.
9. method according to claim 8 is characterized in that, described in the step B via Access-Resource and Admission Control Function information be: the visit Access-Resource and Admission Control Function address that visit SPDF obtained during described communication link was consulted;
The corresponding relation of described user and Access-Resource and Admission Control Function is: the corresponding relation between described IP address, Care-of Address, visit Access-Resource and Admission Control Function address and ownership SPDF.
10. method according to claim 8 is characterized in that, this method also comprises:
A. described visit SPDF communication link through consultation carries IP address, Care-of Address and visit Access-Resource and Admission Control Function address user routing iinformation to ownership SPDF transmission;
B. described ownership SPDF sets up the corresponding relation between IP address, Care-of Address, visit Access-Resource and Admission Control Function address and the visit SPDF address according to the visit SPDF address that obtains in user's routing iinformation that receives and the communication link negotiation.
11., it is characterized in that described NASS is visit NASS according to claim 2 or 3 described methods, described SPDF is ownership/visit SPDF, described Access-Resource and Admission Control Function is the visit Access-Resource and Admission Control Function;
User access network described in the steps A 1 and the method that obtains the user current address of network allocation are: visit NASS communicates by letter with belonging to NASS, finishes authentication and address assignment to the user, and addresses distributed information is sent to ownership/visit SPDF;
The station address of described distribution is an IP address;
The corresponding relation of user described in the step B and Access-Resource and Admission Control Function is: the corresponding relation between described IP address and visit Access-Resource and Admission Control Function address.
12. method according to claim 1 is characterized in that, the corresponding relation of setting up described in the step B is for being the IP look-up table of index with the IP address; Described IP look-up table comprises: essential information, information of home location and visit ground information;
Described essential information comprises: IP address, user's current location information;
Described information of home location comprises: ownership Access-Resource and Admission Control Function address, ownership SPDF address;
Described visit ground information comprises: user's Care-of Address, visit Access-Resource and Admission Control Function address, visit SPDF address.
13. method according to claim 1 is characterized in that, described available SPDF is: with professional corresponding SPDF.
14. system that realizes network insertion, this system comprises: network connection management subsystem NASS, service strategy decision making function SPDF and Access-Resource and Admission Control Function Access-Resource and Admission Control Function, and described NASS links to each other with SPDF by Access-Resource and Admission Control Function, and the user is by the NASS access network, it is characterized in that
In described NASS, set in advance available SPDF, perhaps Access-Resource and Admission Control Function pre-configured with the communication link of specifying SPDF;
Described Access-Resource and Admission Control Function receives and carries station address, described current available SPDF address user information from NASS; Perhaps described Access-Resource and Admission Control Function receives the user profile that carries station address from NASS;
Described available or specify SPDF to receive the user's routing iinformation that carries station address from Access-Resource and Admission Control Function, set up the corresponding relation of user and Access-Resource and Admission Control Function.
15. system according to claim 14 is characterized in that, also sets in advance the communication negotiation parameter between SPDF and Access-Resource and Admission Control Function among the described NASS;
Described Access-Resource and Admission Control Function also receives communication negotiation parameter between described SPDF and Access-Resource and Admission Control Function.
16., it is characterized in that described NASS is ownership NASS according to claim 14 or 15 described systems, described SPDF is ownership SPDF, described Access-Resource and Admission Control Function is the ownership Access-Resource and Admission Control Function; Described station address is an IP address.
17., it is characterized in that described NASS is visit NASS according to claim 14 or 15 described systems, described SPDF is ownership SPDF, described Access-Resource and Admission Control Function is the visit Access-Resource and Admission Control Function; Described system also comprises: ownership NASS and ownership Access-Resource and Admission Control Function;
Described visit NASS receives the attaching information from the user who comprises IP address of ownership NASS;
Described visit Access-Resource and Admission Control Function receives the Care-of Address that carries IP address, user access network acquisition, the ownership SPDF address from visit NASS, and the user profile of visit communication negotiation parameter;
Described SPDF receives the user's routing iinformation that carries IP address and Care-of Address from the visit Access-Resource and Admission Control Function, sets up user and the corresponding relation of visiting Access-Resource and Admission Control Function.
18., it is characterized in that described NASS is visit NASS according to claim 14 or 15 described systems, described SPDF is ownership/visit SPDF, described Access-Resource and Admission Control Function is the visit Access-Resource and Admission Control Function; Described system also comprises: ownership NASS and ownership Access-Resource and Admission Control Function;
Described visit NASS communicates by letter with ownership NASS, finishes the authentication to the user, and obtains user's attaching information, and finish address assignment, and user profile is sent to the visit Access-Resource and Admission Control Function;
Described visit Access-Resource and Admission Control Function receives and carries IP address, ownership/visit SPDF address and the user profile of ownership/visit communication negotiation parameter from visit NASS;
Described visit/ownership SPDF receives the user's routing iinformation that carries IP address from the visit Access-Resource and Admission Control Function, sets up user and the corresponding relation of visiting Access-Resource and Admission Control Function.
19., it is characterized in that described NASS is visit NASS according to claim 14 or 15 described systems, described SPDF is visit SPDF, described Access-Resource and Admission Control Function is the visit Access-Resource and Admission Control Function; Described system also comprises: ownership SPDF, ownership NASS and ownership Access-Resource and Admission Control Function;
Described visit NASS receives the home subscriber information that comprises IP address and ownership SPDF address from ownership NASS;
Described visit Access-Resource and Admission Control Function receives the user profile of the Care-of Address that carries IP address, user access network acquisition, ownership SPDF address, visit SPDF address and visit communication negotiation parameter from visit NASS;
Described visit SPDF receive from the visit Access-Resource and Admission Control Function carry IP address, Care-of Address and ownership SPDF address user routing iinformation, set up user and visit Access-Resource and Admission Control Function and belong to corresponding relation between the SPDF address.
20. system according to claim 19 is characterized in that, described system also comprises:
Described ownership SPDF receive from visit SPDF carry IP address, Care-of Address and visit Access-Resource and Admission Control Function address user routing iinformation, set up user and visit Access-Resource and Admission Control Function address and visit corresponding relation between the SPDF address.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN200610126866A CN100579070C (en) | 2006-09-07 | 2006-09-07 | Method and system of implementing network access |
| PCT/CN2007/070658 WO2008040212A1 (en) | 2006-09-07 | 2007-09-07 | A method, system and device for network access |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN200610126866A CN100579070C (en) | 2006-09-07 | 2006-09-07 | Method and system of implementing network access |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101141379A true CN101141379A (en) | 2008-03-12 |
| CN100579070C CN100579070C (en) | 2010-01-06 |
Family
ID=39193134
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN200610126866A Active CN100579070C (en) | 2006-09-07 | 2006-09-07 | Method and system of implementing network access |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN100579070C (en) |
| WO (1) | WO2008040212A1 (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2009146618A1 (en) * | 2008-06-06 | 2009-12-10 | 华为技术有限公司 | Methods, device and systems for forwarding message to function entity which can be relocated in communication systems |
| CN102857585A (en) * | 2011-06-30 | 2013-01-02 | 中兴通讯股份有限公司 | Method and system for distributing address and executing strategy of BBF (Broadband Forum) network |
| CN112422714A (en) * | 2020-11-27 | 2021-02-26 | 上海数讯信息技术有限公司 | Multi-application batch continuous IP address allocation method and system |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7953026B2 (en) | 2007-07-27 | 2011-05-31 | Telefonaktiebolaget L M Ericsson (Publ) | Methods and systems for providing RACF configuration information |
Family Cites Families (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| GB0508847D0 (en) * | 2005-04-29 | 2005-06-08 | Nokia Corp | A network |
| CN100391163C (en) * | 2005-09-02 | 2008-05-28 | 华为技术有限公司 | Resource repealing method and device based on resource admittance control subsystem |
-
2006
- 2006-09-07 CN CN200610126866A patent/CN100579070C/en active Active
-
2007
- 2007-09-07 WO PCT/CN2007/070658 patent/WO2008040212A1/en active Application Filing
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2009146618A1 (en) * | 2008-06-06 | 2009-12-10 | 华为技术有限公司 | Methods, device and systems for forwarding message to function entity which can be relocated in communication systems |
| CN101599912B (en) * | 2008-06-06 | 2012-04-04 | 华为技术有限公司 | Method and system for transmitting message to transportable functional entity in communication system |
| CN102857585A (en) * | 2011-06-30 | 2013-01-02 | 中兴通讯股份有限公司 | Method and system for distributing address and executing strategy of BBF (Broadband Forum) network |
| CN112422714A (en) * | 2020-11-27 | 2021-02-26 | 上海数讯信息技术有限公司 | Multi-application batch continuous IP address allocation method and system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN100579070C (en) | 2010-01-06 |
| WO2008040212A1 (en) | 2008-04-10 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101019450B (en) | System and method to communicate internet packet data via packet radio networks | |
| CN101730101B (en) | Realizing method, system and device for separating identify label from position | |
| CN101321073B (en) | Multicast business authorization control method and device | |
| CN101345679B (en) | QoS guarantee method and system of dynamic business, AAA and Anchor SFA | |
| CN103095654B (en) | Virtual local area network (VLAN) configuration method, wireless access point and network control point | |
| CN112752240A (en) | Direct communication processing method and device, relay terminal and remote terminal | |
| CN101356846B (en) | The method of service quality is provided in WiMAX communication network and is selected the method for access transport resource controlling functions in a communication network by policy decision function | |
| CN101247652A (en) | Resource admission control method and system | |
| CN100571185C (en) | A kind of edge connection and channel selection method of striding networks in different management domains | |
| CN113747513A (en) | Service quality management method and device | |
| CN101299881A (en) | Resource admission control method and system | |
| CN101005488A (en) | Method and system for consulting and determining use of IP protocol version | |
| CN100579070C (en) | Method and system of implementing network access | |
| CN101345990B (en) | Service quality QoS configuration file generation method, network element equipment and system | |
| US8379519B2 (en) | Method for realizing resource admission control at push mode in nomadism scene of NGN | |
| CN112953748B (en) | Communication method and device | |
| CN101500277A (en) | Method, equipment and system for obtaining QoS information by access network | |
| CN101106551B (en) | Method and device for transferring user number | |
| CN103379555A (en) | System, device and method for communication | |
| CN101754284B (en) | Resource control method and system | |
| CN101720113B (en) | Method and system for controlling resources | |
| CN102036431B (en) | Interactive functional entity and protocol mapping method for resource management | |
| CN101262415A (en) | A distributed central mixed control device, system and method | |
| CN101316444B (en) | Base station, service policy implementing method, resource control method and system | |
| CN101599912B (en) | Method and system for transmitting message to transportable functional entity in communication system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant |