CN101547100B - Method and system for multicast receiving control - Google Patents
Method and system for multicast receiving control Download PDFInfo
- Publication number
- CN101547100B CN101547100B CN2009100837157A CN200910083715A CN101547100B CN 101547100 B CN101547100 B CN 101547100B CN 2009100837157 A CN2009100837157 A CN 2009100837157A CN 200910083715 A CN200910083715 A CN 200910083715A CN 101547100 B CN101547100 B CN 101547100B
- Authority
- CN
- China
- Prior art keywords
- user
- multicast
- control strategy
- authority control
- nas
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention discloses a method and a system for multicast receiving control. The method comprises the following steps that: an NMS configures the mapping relationship between a user identity mark of each user and multicast authority control strategy; the NMS certifies the access authentication of the users and then issues the multicast authority control strategy of the users according to the user identity marks of the users to an NAS; the NAS records the mapping relationship between the network mark information of the users and the multicast authority control strategy; and the NAS receives multicast-joining messages sent by the users, finds the multicast authority control strategy according to the user network mark information in the messages, and performs multicast receiving control on the users according to the multicast authority control strategy. The invention has the advantage of enabling multicast receiving control to be more convenient.
Description
Technical field
The present invention relates to technical field of multicast, be specifically related to multicast acceptance control method and system.
Background technology
As a kind of and clean culture and broadcasting communication mode arranged side by side, multicasting technology can solve the problem that single-point sends, multiple spot receives effectively, thereby has realized the efficient data transmission of network mid point to multiple spot, can save a large amount of network bandwidths, reduce offered load.
The user need carry out authentication of network insertion level and seeervice level authentication usually before the incoming multicast network.The authentication of network insertion level is promptly carried out authentication to the user, and existing access level authentication mode has: Point-to-Point Protocol over Ethernet (PPPoE), 802.1X, Portal authentication etc.; The seeervice level authentication promptly authenticates the authority of user's access to multicast service, for example: for multicast recipient's Network, network access equipment need carry out the multicast access control according to the seeervice level authentication result, purpose is: for certain program, only allow and watch this program through the user who authorizes, promptly receive corresponding multicast data flow, can not watch this program through the user who authorizes.
Fig. 1 is existing multicast access control networking diagram, as shown in Figure 1, network management server (NMS, Network Management Server) static configuration network access server (NAS, NetworkAccess Server) the multicast group authority that each port can receive, and be handed down to NAS, and NAS is according to the multicast group authority that disposes on each port, and the multicast data flow of this port is mail in control.Perhaps, NAS is when receiving that multicast that the user sends joins message, from this message, extract inbound port and message characteristic information as source IP address, source medium access control (MAC, Media Access Control) address, the multicast identifier that will add etc., the information that extracts is sent to NMS, NMS authenticates this information, if authentication is passed through, then notifies NAS to allow the user to add multicast group.
Come multicast is received the method for control for above-mentioned employing static configuration multicast authority mode on port, has following shortcoming: because the user is not fixing by a port access network usually, for example: campus network, enterprise network even guipure provider customer can be at different place access networks, in this case, all need webmaster to cooperate during the each port switching of user and carry out the multicast authority configuration.In addition, under this mode, charging way can only adopt monthly payment to charge, and can not be based on duration, and inconvenient user uses.
Message characteristic and ingress port information are extracted in above-mentioned employing from multicast joins message, carry out the mode of multicast authority control according to the information of this extraction, in the mapping relations of the NMS end message characteristic that has been static configuration in fact also and ingress port information and receivable multicast group, also need webmaster to cooperate during the each port switching of user to carry out multicast authority to dispose.
Summary of the invention
The invention provides multicast acceptance control method and system, to realize that multicast receives control more easily.
Technical scheme of the present invention is achieved in that
A kind of multicast acceptance control method, NMS dispose the mapping relations of each user's User Identity and multicast authority control strategy, comprising:
After NMS passes through user's access authentication, according to this user's User Identity, this user's multicast authority control strategy is handed down to NAS, NAS writes down the mapping relations of this user's network identification information and multicast authority control strategy;
The multicast that NAS reception user sends joins message, and finds the multicast authority control strategy according to the user network identification information in this message, according to this multicast authority control strategy this user is carried out multicast and receives control.
Described user network identification information is: subscriber port sign and VLAN sign;
Perhaps be: IP address, user link layer address, subscriber port sign and virtual LAN VLAN sign.
Described multicast authority control strategy comprises: a kind of or combination in any in the multicast group number that the multicast group that the permission user adds, permission user add simultaneously, CAR, qos policy, the multicast charging policy.
Described method further comprises:
NMS finds a user's multicast authority control strategy change, and then the new multicast authority control strategy with this user sends to NAS, and NAS upgrades this user's former multicast authority control strategy with this new multicast authority control strategy.
Described NMS finds that a user's multicast authority control strategy changes to:
Find to allow the multicast group change of this user's adding,
Described NAS further comprises with the former multicast authority control strategy that this new multicast authority control strategy upgrades this user afterwards:
NAS judges whether the multicast group that the user is receiving has not been present in the new multicast authority control strategy, if stop to send this multicast group to this user.
Described NMS finds that a user's multicast authority control strategy changes to:
Find the multicast group decreased number that this user of permission adds simultaneously, and find the multicast group number that allowing after multicast group number that this user receiving is greater than this minimizing adds simultaneously, then this user's port and vlan information are deleted the multicast group number that allowing after the multicast group number that the user is receiving is not more than described minimizing adds simultaneously from the part multicast forward table.
Described NAS carries out multicast reception control according to this multicast authority control strategy to this user and comprises:
Judge whether described multicast authority control strategy comprises that multicast group adds constraints, if comprise, adds constraints according to this multicast group and determines whether to allow the user to add multicast group, if allow the user to add multicast group, otherwise refusing user's adds multicast group; If do not comprise, then directly allow the user to add multicast group.
Described multicast group adds constraints: the multicast group that allows the user to add, the multicast group number that perhaps allows the user to add simultaneously, perhaps the CAR upper limit.
Described NAS permission user further comprises after adding multicast group: NAS reports this user to add this multicast group to NMS;
And NAS finds that described user leaves described multicast group, then leaves this multicast group to the NMS report of user, and NMS leaves and add the moment of this multicast group according to the user, and this multicast group of this program request of this user is chargeed.
Described NAS finds that described user leaves described multicast group and comprises:
NAS receives the multicast leave message at described multicast group that the user sends;
Perhaps comprise: NAS receives the described user's that NMS sends new multicast authority control strategy, and finds that the described multicast group that the user is receiving has not been present in the new multicast authority control strategy;
Perhaps comprise: NAS finds that the user does not respond the query message of this NAS timed sending.
Described multicast authority control strategy comprises: the IPTV set meal of customization sign comprises at least one multicast group in each IPTV set meal, and is that unit charges to the user with the IPTV set meal;
Described method further comprises: NAS finds that the user adds an IPTV set meal, then adds this IPTV set meal to the NMS report of user; Find that this user leaves this IPTV set meal, then leave this IPTV set meal to the NMS report of user, NMS chargeed to this IPTV set meal of this program request of this user according to the moment that this user left and added this IPTV set meal.
Described NMS is handed down to NAS with this user's multicast authority control strategy: give NAS with the down sending content of this user's multicast authority control strategy.
Described multicast authority control strategy has unique identification,
And dispose the corresponding relation of multicast authority control strategy sign and multicast authority control strategy content on the described NAS;
Described NMS is handed down to NAS with this user's multicast authority control strategy: the sign of this user's multicast authority control strategy is handed down to NAS,
Described NAS writes down this user's network identification information and the mapping relations of multicast authority control strategy further comprise before: NAS finds multicast authority control strategy content according to the sign of described multicast authority control strategy.
A kind of multicast receiving control system, this system comprises:
NM server NMS disposes the mapping relations of each user's User Identity and multicast authority control strategy, after user's access authentication is passed through, this user's multicast authority control strategy is handed down to network access server NAS;
NAS, the mapping relations of this user's that the network identification information of recording user and NMS send multicast authority control strategy; The multicast that the reception user sends joins message, and finds the multicast authority control strategy according to the user network identification information in this message, according to this multicast authority control strategy this user is carried out multicast and receives control.
Described NMS comprises:
First module disposes the mapping relations of each user's User Identity and multicast authority control strategy, after user's access authentication is passed through, this user's multicast authority control strategy is handed down to NAS;
Second module is found a user's multicast authority control strategy change, and then the new multicast authority control strategy with this user sends to NAS;
And the new multicast authority control strategy that described NAS sends with NMS upgrades described user's former multicast authority control strategy.
Described NAS comprises:
First module, the mapping relations of this user's that the network identification information of recording user and NMS send multicast authority control strategy;
Second module, the multicast that the reception user sends joins message, and finds the multicast authority control strategy according to the user network identification information in this message in first module, according to this multicast authority control strategy this user is carried out multicast and receives control;
Three module, the user's that reception NMS sends new multicast authority control strategy, upgrade the former multicast authority control strategy of this user in first module with this new multicast authority control strategy, find that the multicast group that the user is receiving has not been present in the new multicast authority control strategy, then stops to send this multicast group to this user.
Described NAS comprises:
First module, the mapping relations of this user's that the network identification information of recording user and NMS send multicast authority control strategy;
Second module, the multicast that the reception user sends joins message, and finds the multicast authority control strategy according to the user network identification information in this message in first module, according to this multicast authority control strategy this user is carried out multicast and receives control;
Three module, the user's that reception NMS sends new multicast authority control strategy, upgrade the former multicast authority control strategy of this user in first module with this new multicast authority control strategy, find the multicast group decreased number that this user of permission adds simultaneously in the new multicast authority control strategy, and find the multicast group number that allowing after multicast group number that this user receiving is greater than this minimizing adds simultaneously, then this user's port and vlan information are deleted the multicast group number that allowing after the multicast group number that the user is receiving is not more than described minimizing adds simultaneously from the part multicast forward table.
Described NAS comprises:
First module, the mapping relations of this user's that the network identification information of recording user and NMS send multicast authority control strategy;
Second module, the multicast that the reception user sends joins message, in first module, find the multicast authority control strategy according to the user network identification information in this message, judge that whether described multicast authority control strategy comprises that multicast group adds constraints, if comprise, adds constraints according to this multicast group and determines whether to allow the user to add multicast group, if, allow the user to add multicast group, otherwise refusing user's add multicast group; If do not comprise, then directly allow the user to add multicast group.
Described NAS further comprises:
Four module when allowing the user to add multicast group, reports this user to add this multicast group to NMS; When finding that the user leaves this multicast group, leave this multicast group to the NMS report of user;
And described NMS chargeed to the described multicast group of this program request of described user according to the moment that described user left and added described multicast group.
Described NAS further comprises:
Four module when finding that the user adds an IPTV set meal, adds this IPTV set meal to the NMS report of user; When finding that this user leaves this IPTV set meal, leave this IPTV set meal to the NMS report of user;
And described NMS chargeed to the described IPTV set meal of this program request of described user according to the moment that described user left and added described IPTV set meal.
Described NAS comprises:
First module, the corresponding relation of record multicast authority control strategy sign and multicast authority control strategy content;
Second module, the user's that reception NMS sends multicast authority control strategy identifies, and is identified at according to this and finds multicast authority control strategy content in first module, writes down this user's the network identification information and the mapping relations of this multicast authority control strategy content;
Three module, the multicast that the reception user sends joins message, and finds multicast authority control strategy content according to the user network identification information in this message in second module, and according to this multicast authority control strategy content this user is carried out multicast and receive control,
And described NMS is handed down to NAS with this user's multicast authority control strategy sign.
Compared with prior art, among the present invention, NMS disposes the mapping relations of each user's User Identity and multicast authority control strategy, after NMS passes through user's access authentication, User Identity according to this user, this user's multicast authority control strategy is handed down to network access server NAS, and NAS writes down the mapping relations of this user's multicast authority control strategy and this user network identification information; The multicast that NAS reception user sends joins message, and finds the multicast authority control strategy according to the user network identification information in this message, according to this multicast authority control strategy this user is carried out multicast and receives control.The present invention is not subjected to the restriction of user access port, when user's port switching, need not webmaster change configuration, makes the easier deployment of multicast service to make that multicast reception control is more convenient.
Simultaneously, in the embodiment of the invention, can change user's multicast authority control strategy in real time, in addition, also can realize chargeing based on the multicast of duration.
Description of drawings
Fig. 1 is existing multicast access control networking diagram;
Fig. 2 receives control flow chart for the multicast that the embodiment of the invention provides;
The multicast receiving control system composition diagram that Fig. 3 provides for the embodiment of the invention.
Embodiment
The present invention is further described in more detail below in conjunction with drawings and the specific embodiments.
Fig. 2 receives control flow chart for the multicast that the embodiment of the invention provides, and as shown in Figure 2, its concrete steps are as follows:
Step 201: webmaster disposes multicast Profile on NMS, the corresponding a kind of multicast authority control strategy of each multicast Profile, and each multicast Profile has unique sign.
Multicast Profile is actually a multicast authority control strategy configuration template.The content of multicast Profile can comprise: committed access rate (CAR, Committed Access Rate), a kind of or combination in any in service quality (QoS, Quality of Service) strategy, the multicast group tabulation that allows to add, the multicast group number that allows to add simultaneously, the multicast charging policy etc.
Step 202: for each multicast user, webmaster disposes the mapping relations of this user's the User Identity multicast Profile sign corresponding with this user on NMS.
Each user is multicast Profile of correspondence only, also can corresponding above multicast Profile.
Step 203: the user initiates the access authentication request message to NAS, carry User Identity in this message, NAS extracts User Identity, user port number, VLAN sign from this message, this User Identity is carried in the authentication protocol message sends to NMS, and set up the corresponding relation of user port number, VLAN sign and User Identity.
Client-initiated access authentication mode can be authentication modes such as PPPoE, 802.1X or Portal.User Identity can be user name+password etc.
Step 204:NMS receives the authentication protocol message, according to the User Identity in this message this user is carried out access authentication.
Step 205:NMS judges whether access authentication passes through, if, execution in step 207; Otherwise, execution in step 206.
To user's return authentication failure information, this flow process finishes step 206:NMS by NAS.
Step 207:NMS self is finding multicast Profile sign according to User Identity, and corresponding multicast Profile content and the User Identity of this multicast Progile sign is handed down to NAS.
Here, need to the existing protocol between NMS and the NAS as: Radius, Diameter, LDAP etc. expand, so that NMS can issue multicast Profile content.Below be example with expansion Radius agreement:
Increase multicast and receive controlled attribute in the Radius agreement, adopt the TLV form, for example: can expand in manufacturer's attribute of Radius agreement, manufacturer's attribute of Radius agreement is as follows:
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|Vendor-Id?|Vendor?Type?1 |?Vendor?Length?1 |Vendor?Value?1?|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Wherein, Vendor-Id is a vendor id, and Vendor Type 1 is the attribute type of manufacturer oneself definition, and Vendor Length 1 is the length of property value, and Vendor Value 1 is a property value.
In the embodiment of the invention, newly-increased a kind of attribute type: MulticastReceiveControl, its value is by manufacturer's decision, and field type is character string (String); Corresponding Vendor Value also adopts the TLV form.Can follow a plurality of MulticastReceiveControl behind the Vendor-Id, perhaps also can: adopt a plurality of Vendor-Id, MulticastReceiveControl of each Vendor-Id heel, for example:
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|Control?Type |Control?Length |Control?Value |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
The implication and the value of each field are as follows:
| Control?Type? | Control Length (unit: byte) | Control?Value |
| 1? | 1? | Address family, value 1 is IPv4, value 2 is IPv6 |
| 2? | 4? | Allow the IPv4 multicast group address of adding, having only Control Type is use in 1 o'clock |
| 3? | 4? | Allow the source IPv4 unicast address of the multicast message of adding, having only Control Type is use in 1 o'clock, and this is optional |
| 4? | 16? | Allow the IPv6 multicast group address of adding, having only Control Type is use in 2 o'clock |
| 5? | 16? | Allow the source IPv6 unicast address of the multicast message of adding, having only Control Type is use in 2 o'clock, and this is optional |
| 6? | 16? | The flux of multicast peak rate, the unit of speed is KByte/s, this is optional |
| 7? | 16? | The flux of multicast Mean Speed, the unit of speed is KByte/s, this is optional |
| ……? | ……? | ……? |
The field implication of table 1 expansion Radius agreement manufacturer attribute and value are for example
If webmaster has disposed the corresponding relation of all multicast Profile signs with multicast Profile content in advance on NAS, then in this step, the multicast Profile sign that NMS only needs to find is handed down to NAS.
Step 208:NAS receiving group Profile content and User Identity find user port number, VLAN sign according to this User Identity, set up the mapping relations between multicast Profile content, user port number, VLAN sign.
If webmaster has disposed the corresponding relation of all multicast Profile signs with multicast Profile content in advance on NAS, and what NMS was handed down to NAS is multicast Profile sign, in this step, NAS will find multicast Profile content according to the multicast Profile sign that NMS issues, and sets up the mapping relations between multicast Profile content, user port number, VLAN sign again.
Step 209: the user initiates multicast to NAS and joins message, and carries multicast identifier, the user port number that will add in this message, perhaps carries multicast identifier, user port number and VLAN sign.
Step 210:NAS receiving group joins message, and according to the user port number in this message, perhaps user port number and VLAN sign finds multicast Profile content.
May not carry the VLAN sign in the message.
Step 211:NAS is according to multicast Profile content, judges whether to allow the user to add the multicast group of the multicast identifier correspondence of multicast in joining message, if, execution in step 212; Otherwise, execution in step 213.
Here, if do not comprise in user's the multicast Profile content: multicast group add constraints as: the multicast group tabulation that allows to add, the multicast group number that allows to add simultaneously, the CAR upper limit etc., then NAS directly allows the user to add multicast group; Otherwise, add constraints according to multicast group and determine whether to allow the user to add multicast group, specific as follows:
If comprise in this user's the multicast Profile content: the multicast group that allows to add is tabulated, and then NAS will judge at first whether the multicast identifier that the user will add is present in the multicast group tabulation of this permission adding, if allow the user to add this multicast group; Otherwise refusing user's adds this multicast group.
If comprise in this user's the multicast Profile content: allow the multicast group number that adds simultaneously, then NAS will judge that whether the added multicast group number of user allows the multicast group number that adds simultaneously less than this, if less than, then allow the user to add this multicast group; Otherwise refusing user's adds this multicast group.
If comprise in this user's the multicast Profile content: the CAR upper limit, then whether NAS will judge current multicast forwarding flow less than this CAR upper limit, if allow the user to add this multicast group; Otherwise refusing user's adds this multicast group.
In addition, if comprise in this user's the multicast Profile content: CAR or qos policy, then NAS also will receive this multicast group to follow-up this user according to this CAR or qos policy and carries out corresponding control.
Step 212:NAS sends the multicast data flow of described multicast identifier correspondence to the user.
When NAS finds user offline, delete in the step 203 corresponding relation of user port number, VLAN sign and the User Identity set up, delete the mapping relations between the multicast Profile content set up at this user in the step 208, user port number, VLAN sign simultaneously
Step 213:NAS does not send the multicast data flow of described multicast identifier correspondence to the user.
In actual applications, may hang a plurality of users down under the port of NAS,, can do following improvement the foregoing description in order to realize more reliable multicast control:
In the step 203, NAS is except will extracting user port number, VLAN sign from the access authentication request message, also will extract IP address and user link layer address, what NAS set up is the corresponding relation of IP address, user link layer address, user port number, VLAN sign and User Identity;
Simultaneously, in the step 208, after NAS receives multicast Profile content and User Identity, what find according to User Identity is IP address, user link layer address, user port number and VLAN sign, and NAS sets up is mapping relations between multicast Profile content, IP address, user link layer address, user port number, VLAN sign;
In the step 210, NAS receives after multicast joins message, and find multicast Profile content according to the IP address in this message, user link layer address, user port number, VLAN sign.
In actual applications, user's multicast authority control strategy may be changed, and in order to adapt to this demand, in the embodiment of the invention, can also change the content of each user's multicast Profile in real time, is implemented as follows:
When NMS finds to be configured in a user's the content change of multicast Profile of self, multicast Profile content after the change and this user's User Identity are handed down to NAS, after NAS receives multicast Profile content and User Identity after this change, find user port number according to this User Identity, the VLAN sign, again according to user port number, the VLAN sign finds this user's former multicast Profile content, with this former multicast Profile content of multicast Profile content update after this change, after this, the multicast Profile content of NAS after according to this change carried out multicast to this user and received control.
For example: if NAS is according to the multicast Profile content after changing, find that then NAS identifies this user's port numbers, VLAN to delete from the multicast forward table of this multicast group in the multicast group tabulation that the permission in the multicast Profile content after multicast identifier that the user is receiving has not been included in this change adds;
And for example: if NAS, finds CAR, the qos policy change of the multicast group that the user is receiving according to the multicast Profile content after changing, then NAS directly receives this multicast group to the user and controls according to the CAR after this change, qos policy;
And for example: if NAS is according to the multicast Profile content after changing, discovery allows the multicast group decreased number that adds simultaneously, and the multicast group number that the multicast group number that the user is receiving allowing after greater than this minimizing adds simultaneously, then NAS is according to preset rules, user port number, VLAN sign are deleted the multicast group number that allowing after the multicast group number that the user is receiving is not more than this minimizing adds simultaneously from the multicast forward table of part multicast group.
If webmaster has disposed the corresponding relation of multicast Progile sign with multicast Profile content on NAS, then when NMS finds to be configured in a user's the content change of multicast Profile of self, what be handed down to NAS is multicast Profile sign and User Identity after the change, the subsequent treatment of NAS, can obtain according to above-mentioned processing immediate reasoning, not repeat them here.
In order to adapt to the demand based on duration based accounting, the embodiment of the invention provides following solution:
In the step 211, after NAS allows the user to add a multicast group, inquire about the multicast charging policy in this user's the multicast Profile content, be that monthly payment charging etc. is non-based on the duration based accounting strategy if find this strategy, then do not do to charge and handle; If find that this strategy is based on duration based accounting, then send the user and add the multicast group report message to NMS, this message carries the multicast identifier of User Identity and user's adding, after NMS receives this message, current time is added moment of this multicast group as the user, and the multicast identifier that adds of recording user identify label, user, add corresponding relation constantly;
NAS finds that the user leaves a multicast group, then send the user and leave the multicast group report message to NMS, this message carries the multicast identifier that User Identity, user leave, after NMS receives this message, current time is left the moment of this multicast group as the user, and find according to User Identity, multicast identifier and to add constantly, according to the departure time with add and determine this charging duration constantly, and this multicast group of this program request of this user is chargeed.
NAS finds that the user leaves multicast group and can be divided into following several situation:
One, NAS receives the multicast leave message that the user sends;
Two, NAS receives in the multicast Profile after the user's that NMS sends the change perhaps sign, finds that multicast group that this user adds has not been present in the multicast group tabulation that the permission in this multicast Profile content adds;
Three, find that the query message that the user does not send this NAS responds in scheduled duration.Here, when NAS reached the standard grade the user, beginning regularly sent query message to the user, if the user does not respond this message in scheduled duration, determined that then the user leaves multicast group.
In the practical application, for internet protocol TV (IPTV) business, corresponding multicast group of channel normally.In the IPTV business model, service provider is that the user provides service with the form of set meal usually, and one or more channels are arranged in each set meal, and is that unit charges with the set meal.The user can only select a set meal, also can select a plurality of set meals simultaneously.At the IPTV business of set meal form, it is following based on the duration based accounting scheme that the embodiment of the invention provides:
At first, if customization the IPTV set meal, then include in the multicast group tabulation that the permission of user's multicast Profile content adds: the IPTV set meal sign of customization, and NMS will preserve the channel list that all IPTV set meals identify and this IPTV set meal comprises (being the multicast group tabulation).
Management for convenience usually, only comprises an IPTV set meal sign among each multicast Profile.
In the step 211, NAS allows the user to add an IPTV set meal, and finds that the user be new this IPTV set meal of adding, then inquires about the multicast charging policy in this user's the multicast Profile content, if find that this strategy is non-based on the duration based accounting strategy, then do not do to charge and handle; If find that this strategy is based on duration based accounting, then send the user and add IPTV set meal report message to NMS, this message carries the IPTV set meal sign of User Identity and user's adding, after NMS receives this message, current time is added moment of this IPTV set meal as the user, and the IPTV set meal sign that adds of recording user identify label, user, add corresponding relation constantly;
NAS finds that the user leaves an IPTV set meal, then send the user and leave IPTV set meal report message to NMS, this message carries the IPTV set meal sign that User Identity, user leave, after NMS receives this message, current time is left the moment of this IPTV set meal as the user, and find according to User Identity, IPTV set meal sign and to add constantly, according to the departure time with add and determine this charging duration constantly, and this IPTV set meal of this program request of this user is chargeed.
The multicast receiving control system composition diagram that Fig. 3 provides for the embodiment of the invention, as shown in Figure 3, it mainly comprises: NMS and NAS, wherein:
NMS: the mapping relations that dispose each user's User Identity and multicast authority control strategy, after user's access authentication passed through, User Identity according to this user finds the multicast authority control strategy, and this user's multicast authority control strategy is handed down to NAS.
NAS: receive the access authentication request message that the user sends, from this message, extract User Identity and user network identification information, User Identity is carried in the authentication protocol message sends to NMS, the corresponding relation of recording user identify label and user network identification information; The user's that reception NMS sends multicast authority control strategy and User Identity find the user network identification information according to User Identity, set up the mapping relations of user's multicast authority control strategy and user network identification information; The multicast that the reception user sends joins message, and finds the multicast authority control strategy according to the user network identification information in this message, according to this multicast authority control strategy this user is carried out multicast and receives control.
NMS can comprise:
First module: the mapping relations that dispose each user's User Identity and multicast authority control strategy, after user's access authentication passed through, User Identity according to this user finds the multicast authority control strategy, and this user's multicast authority control strategy is handed down to NAS.
Second module: find a user's multicast authority control strategy change, then new multicast authority control strategy and the User Identity with this user sends to NAS.
And, NAS receives new multicast authority control strategy and the User Identity that NMS sends, find the user network identification information according to User Identity, find user's former multicast authority control strategy according to the user network identification information, upgrade this former multicast authority control strategy with new multicast authority control strategy.
NAS can comprise:
First module: receive the access authentication request message that the user sends, from this message, extract User Identity and user network identification information, User Identity is carried in the authentication protocol message sends to NMS, the corresponding relation of recording user identify label and user network identification information; The user's that reception NMS sends multicast authority control strategy and User Identity find the user network identification information according to User Identity, set up the mapping relations of user's multicast authority control strategy and user network identification information.
Second module: the multicast that the reception user sends joins message, and finds the multicast authority control strategy according to the user network identification information in this message in first module, according to this multicast authority control strategy this user is carried out multicast and receives control.
Three module: receive new multicast authority control strategy and User Identity that NMS sends, in first module, find the user network identification information according to User Identity, in first module, find user's former multicast authority control strategy according to the user network identification information, upgrade this former multicast authority control strategy with new multicast authority control strategy; Be not present in the new multicast authority control strategy if find the multicast group that the user is receiving, then stopped sending this multicast group to this user.
Perhaps, NAS can comprise:
First module: receive the access authentication request message that the user sends, from this message, extract User Identity and user network identification information, User Identity is carried in the authentication protocol message sends to NMS, the corresponding relation of recording user identify label and user network identification information; The user's that reception NMS sends multicast authority control strategy and User Identity find the user network identification information according to User Identity, set up the mapping relations of user's multicast authority control strategy and user network identification information.
Second module: the multicast that the reception user sends joins message, and finds the multicast authority control strategy according to the user network identification information in this message in first module, according to this multicast authority control strategy this user is carried out multicast and receives control.
Three module: receive new multicast authority control strategy and User Identity that NMS sends, in first module, find the user network identification information according to User Identity, in first module, find user's former multicast authority control strategy according to the user network identification information, upgrade this former multicast authority control strategy with new multicast authority control strategy; If find the multicast group decreased number that this user of permission adds simultaneously in the new multicast authority control strategy, and find the multicast group number that allowing after multicast group number that this user receiving is greater than this minimizing adds simultaneously, then this user's port and vlan information are deleted the multicast group number that allowing after the multicast group number that the user is receiving is not more than described minimizing adds simultaneously from the part multicast forward table.
Perhaps, NAS can comprise:
First module: receive the access authentication request message that the user sends, from this message, extract User Identity and user network identification information, User Identity is carried in the authentication protocol message sends to NMS, the corresponding relation of recording user identify label and user network identification information; The user's that reception NMS sends multicast authority control strategy and User Identity find the user network identification information according to User Identity, set up the mapping relations of user's multicast authority control strategy and user network identification information.
Second module: the multicast that the reception user sends joins message, in first module, find the multicast authority control strategy according to the user network identification information in this message, judge whether described multicast authority control strategy comprises that multicast group adds constraints, if comprise, add constraints according to this multicast group and determine whether to allow the user to add multicast group, if allow the user to add multicast group, otherwise refusing user's adds multicast group; If do not comprise, then directly allow the user to add multicast group.
NAS also can comprise:
Four module: when allowing the user to add multicast group, report this user to add this multicast group to NMS; When finding that the user leaves this multicast group, leave this multicast group to the NMS report of user.
And NMS chargeed to the described multicast group of this program request of described user according to the moment that described user left and added described multicast group.
Perhaps, NAS also can comprise:
Four module: when finding that the user adds an IPTV set meal, add this IPTV set meal to the NMS report of user; When finding that this user leaves this IPTV set meal, leave this IPTV set meal to the NMS report of user.
And NMS chargeed to the described IPTV set meal of this program request of described user according to the moment that described user left and added described IPTV set meal.
Perhaps, NAS can comprise:
First module: the corresponding relation of record multicast authority control strategy sign and multicast authority control strategy content.
Second module: receive the access authentication request message that the user sends, from this message, extract User Identity and user network identification information, User Identity is carried in the authentication protocol message sends to NMS, the corresponding relation of recording user identify label and user network identification information; The user's that reception NMS sends multicast authority control strategy sign and User Identity, find the user network identification information according to User Identity, be identified at according to the multicast authority control strategy and find multicast authority control strategy content in first module, set up user's the multicast authority control strategy content and the mapping relations of user network identification information;
Three module, the multicast that the reception user sends joins message, and finds multicast authority control strategy content according to the user network identification information in this message in second module, according to this multicast authority control strategy content this user is carried out multicast and receives control.
Here, NMS is handed down to NAS with user's multicast authority control strategy sign after user's access authentication passes through.
The multicast that the embodiment of the invention provides receives controlling schemes, both can be applied to the IPv4 network, also can be applied to the IPv6 network.
The above only is process of the present invention and method embodiment, in order to restriction the present invention, all any modifications of being made within the spirit and principles in the present invention, is not equal to replacement, improvement etc., all should be included within protection scope of the present invention.
Claims (21)
1. a multicast acceptance control method is characterized in that, NM server NMS disposes the mapping relations of each user's User Identity and multicast authority control strategy, and this method comprises:
After NMS passes through user's access authentication, according to this user's User Identity, this user's multicast authority control strategy is handed down to network access server NAS, NAS writes down the mapping relations of this user's network identification information and multicast authority control strategy;
The multicast that NAS reception user sends joins message, and finds the multicast authority control strategy according to the user network identification information in this message, according to this multicast authority control strategy this user is carried out multicast and receives control.
2. the method for claim 1 is characterized in that, described user network identification information is: subscriber port sign and virtual LAN VLAN sign;
Perhaps be: IP address, user link layer address, subscriber port sign and virtual LAN VLAN sign.
3. the method for claim 1, it is characterized in that described multicast authority control strategy comprises: a kind of or combination in any in the multicast group number that the multicast group that the permission user adds, permission user add simultaneously, committed access rate CAR, QoS policy, the multicast charging policy.
4. as the arbitrary described method of claim 1 to 3, it is characterized in that described method further comprises:
NMS finds a user's multicast authority control strategy change, and then the new multicast authority control strategy with this user sends to NAS, and NAS upgrades this user's former multicast authority control strategy with this new multicast authority control strategy.
5. method as claimed in claim 4 is characterized in that, described NMS finds that a user's multicast authority control strategy changes to:
Find to allow the multicast group change of this user's adding,
Described NAS further comprises with the former multicast authority control strategy that this new multicast authority control strategy upgrades this user afterwards:
NAS judges whether the multicast group that the user is receiving has not been present in the new multicast authority control strategy, if stop to send this multicast group to this user.
6. method as claimed in claim 4 is characterized in that, described NMS finds that a user's multicast authority control strategy changes to:
Find the multicast group decreased number that this user of permission adds simultaneously, and find the multicast group number that allowing after multicast group number that this user receiving is greater than this minimizing adds simultaneously, then this user's port and vlan information are deleted the multicast group number that allowing after the multicast group number that the user is receiving is not more than described minimizing adds simultaneously from the part multicast forward table.
7. method as claimed in claim 1 or 2 is characterized in that, described NAS carries out multicast reception control according to this multicast authority control strategy to this user and comprises:
Judge whether described multicast authority control strategy comprises that multicast group adds constraints, if comprise, adds constraints according to this multicast group and determines whether to allow the user to add multicast group, if allow the user to add multicast group, otherwise refusing user's adds multicast group; If do not comprise, then directly allow the user to add multicast group.
8. method as claimed in claim 7 is characterized in that, described multicast group adds constraints and is: the multicast group that allows the user to add, the multicast group number that perhaps allows the user to add simultaneously, perhaps the committed access rate CAR upper limit.
9. method as claimed in claim 7 is characterized in that, described NAS permission user further comprises after adding multicast group: NAS reports this user to add this multicast group to NMS;
And NAS finds that described user leaves described multicast group, then leaves this multicast group to the NMS report of user, and NMS leaves and add the moment of this multicast group according to the user, and this multicast group of this program request of this user is chargeed.
10. method as claimed in claim 9 is characterized in that, described NAS finds that described user leaves described multicast group and comprises:
NAS receives the multicast leave message at described multicast group that the user sends;
Perhaps comprise: NAS receives the described user's that NMS sends new multicast authority control strategy, and finds that the described multicast group that the user is receiving has not been present in the new multicast authority control strategy;
Perhaps comprise: NAS finds that the user does not respond the query message of this NAS timed sending.
11. method as claimed in claim 1 or 2 is characterized in that, described multicast authority control strategy comprises: the IPTV set meal of customization sign comprises at least one multicast group in each IPTV set meal, and is that unit charges to the user with the IPTV set meal;
Described method further comprises: NAS finds that the user adds an IPTV set meal, then adds this IPTV set meal to the NMS report of user; Find that this user leaves this IPTV set meal, then leave this IPTV set meal to the NMS report of user, NMS chargeed to this IPTV set meal of this program request of this user according to the moment that this user left and added this IPTV set meal.
12., it is characterized in that described NMS is handed down to NAS with this user's multicast authority control strategy and is as the arbitrary described method of claim 1 to 3: give NAS with the down sending content of this user's multicast authority control strategy.
13., it is characterized in that described multicast authority control strategy has unique identification as the arbitrary described method of claim 1 to 3,
And dispose the corresponding relation of multicast authority control strategy sign and multicast authority control strategy content on the described NAS;
Described NMS is handed down to NAS with this user's multicast authority control strategy: the sign of this user's multicast authority control strategy is handed down to NAS,
Described NAS writes down this user's network identification information and the mapping relations of multicast authority control strategy further comprise before: NAS finds multicast authority control strategy content according to the sign of described multicast authority control strategy.
14. a multicast receiving control system is characterized in that, this system comprises:
NM server NMS disposes the mapping relations of each user's User Identity and multicast authority control strategy, after user's access authentication is passed through, this user's multicast authority control strategy is handed down to network access server NAS;
NAS, the mapping relations of this user's that the network identification information of recording user and NMS send multicast authority control strategy; The multicast that the reception user sends joins message, and finds the multicast authority control strategy according to the user network identification information in this message, according to this multicast authority control strategy this user is carried out multicast and receives control.
15. system as claimed in claim 14 is characterized in that, described NMS comprises:
First module disposes the mapping relations of each user's User Identity and multicast authority control strategy, after user's access authentication is passed through, this user's multicast authority control strategy is handed down to NAS;
Second module is found a user's multicast authority control strategy change, and then the new multicast authority control strategy with this user sends to NAS;
And the new multicast authority control strategy that described NAS sends with NMS upgrades described user's former multicast authority control strategy.
16. system as claimed in claim 14 is characterized in that, described NAS comprises:
First module, the mapping relations of this user's that the network identification information of recording user and NMS send multicast authority control strategy;
Second module, the multicast that the reception user sends joins message, and finds the multicast authority control strategy according to the user network identification information in this message in first module, according to this multicast authority control strategy this user is carried out multicast and receives control;
Three module, the user's that reception NMS sends new multicast authority control strategy, upgrade the former multicast authority control strategy of this user in first module with this new multicast authority control strategy, find that the multicast group that the user is receiving has not been present in the new multicast authority control strategy, then stops to send this multicast group to this user.
17. system as claimed in claim 14 is characterized in that, described NAS comprises:
First module, the mapping relations of this user's that the network identification information of recording user and NMS send multicast authority control strategy;
Second module, the multicast that the reception user sends joins message, and finds the multicast authority control strategy according to the user network identification information in this message in first module, according to this multicast authority control strategy this user is carried out multicast and receives control;
Three module, the user's that reception NMS sends new multicast authority control strategy, upgrade the former multicast authority control strategy of this user in first module with this new multicast authority control strategy, find the multicast group decreased number that this user of permission adds simultaneously in the new multicast authority control strategy, and find the multicast group number that allowing after multicast group number that this user receiving is greater than this minimizing adds simultaneously, then this user's port and vlan information are deleted the multicast group number that allowing after the multicast group number that the user is receiving is not more than described minimizing adds simultaneously from the part multicast forward table.
18. system as claimed in claim 14 is characterized in that, described NAS comprises:
First module, the mapping relations of this user's that the network identification information of recording user and NMS send multicast authority control strategy;
Second module, the multicast that the reception user sends joins message, in first module, find the multicast authority control strategy according to the user network identification information in this message, judge that whether described multicast authority control strategy comprises that multicast group adds constraints, if comprise, adds constraints according to this multicast group and determines whether to allow the user to add multicast group, if, allow the user to add multicast group, otherwise refusing user's add multicast group; If do not comprise, then directly allow the user to add multicast group.
19. system as claimed in claim 18 is characterized in that, described NAS further comprises:
Four module when allowing the user to add multicast group, reports this user to add this multicast group to NMS; When finding that the user leaves this multicast group, leave this multicast group to the NMS report of user;
And described NMS chargeed to the described multicast group of this program request of described user according to the moment that described user left and added described multicast group.
20. system as claimed in claim 18 is characterized in that, described NAS further comprises:
Four module when finding that the user adds an IPTV set meal, adds this IPTV set meal to the NMS report of user; When finding that this user leaves this IPTV set meal, leave this IPTV set meal to the NMS report of user;
And described NMS chargeed to the described IPTV set meal of this program request of described user according to the moment that described user left and added described IPTV set meal.
21. system as claimed in claim 14 is characterized in that, described NAS comprises:
First module, the corresponding relation of record multicast authority control strategy sign and multicast authority control strategy content;
Second module, the user's that reception NMS sends multicast authority control strategy identifies, and is identified at according to this and finds multicast authority control strategy content in first module, writes down this user's the network identification information and the mapping relations of this multicast authority control strategy content;
Three module, the multicast that the reception user sends joins message, in second module, find multicast authority control strategy content according to the user network identification information in this message, according to this multicast authority control strategy content this user is carried out multicast and receive control, and described NMS is handed down to NAS with this user's multicast authority control strategy sign.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2009100837157A CN101547100B (en) | 2009-05-07 | 2009-05-07 | Method and system for multicast receiving control |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2009100837157A CN101547100B (en) | 2009-05-07 | 2009-05-07 | Method and system for multicast receiving control |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101547100A CN101547100A (en) | 2009-09-30 |
| CN101547100B true CN101547100B (en) | 2011-01-19 |
Family
ID=41194016
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2009100837157A Active CN101547100B (en) | 2009-05-07 | 2009-05-07 | Method and system for multicast receiving control |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101547100B (en) |
Families Citing this family (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101917280A (en) * | 2010-08-19 | 2010-12-15 | 中兴通讯股份有限公司 | Method and system for authenticating and accounting group user for using multicast service |
| CN102437946B (en) * | 2010-09-29 | 2014-08-20 | 杭州华三通信技术有限公司 | Access control method, network access server (NAS) equipment and authentication server |
| CN102170364B (en) * | 2011-05-26 | 2014-12-31 | 华为技术有限公司 | Multicast communication method and device for broadband remote access server |
| CN102325035B (en) * | 2011-07-19 | 2017-11-03 | 中兴通讯股份有限公司 | The implementation method and device of a kind of multicast service |
| CN104852862B (en) * | 2015-05-28 | 2018-08-24 | 新华三技术有限公司 | A kind of network speed limit method and device |
| CN105592064B (en) * | 2015-10-30 | 2019-08-16 | 新华三技术有限公司 | A kind of multicast on demand method and apparatus |
| CN105592063B (en) * | 2015-10-30 | 2019-04-12 | 新华三技术有限公司 | A kind of multicast anti-attack method and device |
| EP3433982B1 (en) * | 2016-04-13 | 2021-07-07 | Nokia Technologies Oy | A multi-tenant virtual private network based on an overlay network |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1852258A (en) * | 2006-03-30 | 2006-10-25 | 华为技术有限公司 | Multi-cast broadcasting popedom controlling method |
| CN101087246A (en) * | 2006-06-08 | 2007-12-12 | 中国电信股份有限公司 | A system and method for realizing network layer multicast service and service management |
| CN101202715A (en) * | 2007-11-27 | 2008-06-18 | 杭州华三通信技术有限公司 | Method and apparatus for multicast authority auto dispositions |
| CN101335637A (en) * | 2007-06-26 | 2008-12-31 | 王立刚 | Method and device for multicast control |
-
2009
- 2009-05-07 CN CN2009100837157A patent/CN101547100B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1852258A (en) * | 2006-03-30 | 2006-10-25 | 华为技术有限公司 | Multi-cast broadcasting popedom controlling method |
| CN101087246A (en) * | 2006-06-08 | 2007-12-12 | 中国电信股份有限公司 | A system and method for realizing network layer multicast service and service management |
| CN101335637A (en) * | 2007-06-26 | 2008-12-31 | 王立刚 | Method and device for multicast control |
| CN101202715A (en) * | 2007-11-27 | 2008-06-18 | 杭州华三通信技术有限公司 | Method and apparatus for multicast authority auto dispositions |
Also Published As
| Publication number | Publication date |
|---|---|
| CN101547100A (en) | 2009-09-30 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101547100B (en) | Method and system for multicast receiving control | |
| EP1734697B1 (en) | A method for transmitting the policy information between the network devices | |
| CN101150425B (en) | Right control method for multicast service and Ethernet passive optical network system | |
| JP4729587B2 (en) | Apparatus and method for transmitting service guide in broadband wireless access system | |
| CN1192574C (en) | Controlled group broadcasting system and its realizing method | |
| EP2139157B1 (en) | Multicast control method in ethernet passive optical network | |
| CN100550955C (en) | Big capacity broad band access method and system | |
| CN101488976B (en) | IP address allocation method, network appliance and authentication server | |
| KR100842284B1 (en) | The system and method of providing IPTV services in next generation networks | |
| US7630386B2 (en) | Method for providing broadband communication service | |
| CN101335637A (en) | Method and device for multicast control | |
| WO2014176964A1 (en) | Communication managing method and communication system | |
| CN101399718A (en) | Method and device for controlling multicast service access by customer device in access network | |
| CN101060524B (en) | A multicast service application method and system | |
| CN102404293A (en) | Dual-stack user managing method and broadband access server | |
| CN101188510A (en) | Method, device and system for central address control | |
| CN101505308B (en) | Authentication method and system for IP over Ethernet | |
| CN103051738B (en) | A kind of dhcp address distribution method and system | |
| CN100512130C (en) | System and method for multicast controlling in ordering business management system management | |
| CN102098165B (en) | Method and system for multicast preview control of Gigabit passive optical network system | |
| CN101877694A (en) | Method, device and system for authority control in radio channel switching | |
| CN101453345B (en) | Multicast access control method based on service provider and access equipment thereof | |
| CN101155047B (en) | Method and system for implementing multicast broadcasting service by microwave access into global intercommunication network | |
| CN103812954A (en) | IPv6 address management method and system | |
| CN101827037A (en) | Multicast data stream sending method, device and two-layer switching equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CP03 | Change of name, title or address |
Address after: 310052 Binjiang District Changhe Road, Zhejiang, China, No. 466, No. Patentee after: Xinhua three Technology Co., Ltd. Address before: 310053 Hangzhou hi tech Industrial Development Zone, Zhejiang province science and Technology Industrial Park, No. 310 and No. six road, HUAWEI, Hangzhou production base Patentee before: Huasan Communication Technology Co., Ltd. |
|
| CP03 | Change of name, title or address |