CN103475699A - Enterprise network agent device and method for enterprise network to communicate with public network - Google Patents
Enterprise network agent device and method for enterprise network to communicate with public network Download PDFInfo
- Publication number
- CN103475699A CN103475699A CN2013103786505A CN201310378650A CN103475699A CN 103475699 A CN103475699 A CN 103475699A CN 2013103786505 A CN2013103786505 A CN 2013103786505A CN 201310378650 A CN201310378650 A CN 201310378650A CN 103475699 A CN103475699 A CN 103475699A
- Authority
- CN
- China
- Prior art keywords
- address
- uplink data
- data messages
- network
- enterprise network
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D30/00—Reducing energy consumption in communication networks
- Y02D30/50—Reducing energy consumption in communication networks in wire-line communication networks, e.g. low power modes or reduced link rate
Abstract
The invention provides an enterprise network agent device and a method for an enterprise network to communicate with a public network. The enterprise network agent device is connected between enterprise network equipment and public network equipment and comprises an uplink receiving module, an uplink identification module and an uplink transmitting module, wherein the uplink receiving module is used for receiving an uplink data message transmitted by the enterprise network equipment; the uplink identification module is used for identifying service types of the uplink data message corresponding to the public network according to network segment information of an IP (internet protocol) address of the uplink data message; the uplink transmitting module is used for transmitting the uplink data message to the public network equipment corresponding to the identified service types. By adopting the scheme, the consumption of link resources can be effectively reduced.
Description
Technical field
The application relates to communication technical field, particularly relates to a kind of a kind of method that enterprise network agent apparatus and enterprise network are communicated by letter with public network.
Background technology
Enterprise network refers in enterprises, the network interconnected for different departments, manager at different levels, employee etc.The enterprise network of current deployment normally adopts cable network to add the mode that WIFI covers by router, and user's terminal equipment can be connected to enterprise network by connecting wired mode, also can be connected to enterprise network by the mode of WIFI.
For realizing an enterprise network and internet (Internet), PSTN (Public Switched Telephone Network, PSTN), public land mobile network (Public Land Mobile Network, the communication of public network such as PLMN), prior art is used special link that this enterprise network and all kinds of public network are coupled together usually.Because each enterprise network all needs to take valuable link circuit resource to the connection of every class public network, therefore when the enterprise network One's name is legion, will cause a large amount of consumption of link circuit resource, and, therefore, when the type of service of public network is numerous, also will cause a large amount of consumption of link circuit resource.
Summary of the invention
The application's technical problem to be solved is to provide a kind of a kind of method that enterprise network agent apparatus and enterprise network are communicated by letter with public network, can effectively reduce expending of link circuit resource.
In order to address the above problem, the application discloses a kind of enterprise network agent apparatus, and described device is connected between enterprise network equipment and public network equipment, comprising:
The uplink receiving module, the uplink data messages sent for receiving described enterprise network equipment;
Up identification module, for the network segment information of the IP address according to described uplink data messages, identify the type of service of the corresponding public network of described uplink data messages;
Up sending module, send described uplink data messages for the public network equipment corresponding to institute's identification services type.
On the other hand, disclosed herein as well is a kind of method that enterprise network is communicated by letter with public network, comprising:
Receive the uplink data messages that described enterprise network equipment sends;
According to the network segment information of the IP address of described uplink data messages, identify the type of service of the corresponding public network of described uplink data messages;
The public network equipment corresponding to institute's identification services type sends described uplink data messages.
Compared with prior art, the application has the following advantages:
The enterprise network agent apparatus of the application based between enterprise network and public network carries out communicating by letter of enterprise network equipment and public network equipment, this enterprise network agent apparatus can be identified the type of service of the corresponding public network of uplink data messages of enterprise network equipment transmission, and corresponding public network equipment sends this uplink data messages to institute's identification services type; Therefore, the application's enterprise network agent apparatus can be supported the communication of at least one enterprise network at least one class public network; And, with respect to prior art, need each enterprise network to arrive the communication of at least one class public network to the connection of every class public network to realize at least one enterprise network, the application only needs the enterprise network agent apparatus can realize the communication of at least one enterprise network at least one class public network to the connection of every class public network, therefore, the application can reduce expending of shared number of connection and respective link resource greatly; For example, for realizing the communication of M enterprise network to N class public network, prior art need to take M * N part link circuit resource, and the application need to take at most N part link circuit resource, and therefore, the application can effectively reduce expending of link circuit resource.
The accompanying drawing explanation
Fig. 1 is the structure chart of the enterprise network agent apparatus that provides of the embodiment of the present application one;
Fig. 2 is the structure chart of the enterprise network agent apparatus that provides of the embodiment of the present application two;
Fig. 3 is the structure chart of the enterprise network agent apparatus that provides of the embodiment of the present application three;
Fig. 4 is the optional structure chart of the enterprise network that provides of the embodiment of the present application four;
Fig. 5 is the flow chart of a kind of enterprise network that the embodiment of the present application provides method of communicating by letter with public network.
Embodiment
For above-mentioned purpose, the feature and advantage that make the application can become apparent more, below in conjunction with the drawings and specific embodiments, the application is described in further detail.
In prior art, for realizing the communication of each enterprise network to all kinds of public networks, prior art is used special link that each enterprise network and all kinds of public network are coupled together usually, wherein each enterprise network all needs to take valuable link circuit resource to the connection of every class public network, suppose that enterprise network quantity is M, the type of service of public network is N, and 1 enterprise network need to take 1 part of link circuit resource to the connection of 1 class public network, and M enterprise network need to take M * N part link circuit resource to the connection of N class public network.
The embodiment of the present application is carried out communicating by letter of enterprise network and public network based on being connected to enterprise network agent apparatus between enterprise network equipment and public network equipment, this enterprise network agent apparatus can be identified the type of service of the corresponding public network of uplink data messages of enterprise network transmission, and sends this uplink data messages to institute's public network corresponding to identification services type; Therefore, the embodiment of the present application can be supported the communication of at least one enterprise network at least one class public network; And, with respect to prior art need each enterprise network to the connection of every class public network to realize the communication of at least one enterprise network at least one class public network, the application only needs the enterprise network agent apparatus can realize that to the connection of every class public network at least one enterprise network arrives the communication of at least one class public network; Therefore, the application can reduce expending of shared number of connection and respective link resource greatly.
Embodiment mono-
With reference to Fig. 1, provided the structure chart of the enterprise network agent apparatus that the embodiment of the present application one provides, this device is connected between enterprise network equipment and public network equipment, specifically can comprise:
Uplink data messages and corresponding IP address that uplink receiving module 101 sends for receiving this enterprise network equipment;
Up identification module 102, for the network segment information of the IP address according to this uplink data messages, is identified the type of service of the corresponding public network of this uplink data messages;
Up sending module 103 sends this uplink data messages for the public network equipment corresponding to institute's identification services type.
In practice, the form that the uplink data messages that this enterprise network equipment sends and corresponding IP address may be encapsulated as packet or Frame, in such cases, uplink receiving module 101 need to obtain corresponding uplink data messages and corresponding IP address by decapsulation.The IP address that the object of analyzing and identifying due to the enterprise network agent apparatus is this uplink data messages, therefore in the embodiment of the present application, " uplink data messages and corresponding IP address that this enterprise network equipment sends " is the facility in order to describe, in fact, it can contain the situation of above-mentioned " form that the uplink data messages that this enterprise network equipment sends and corresponding IP address may be encapsulated as packet or Frame ".
At this, up identification module 102 is elaborated.
In the embodiment of the present application, network segment Information Availability network segment under expression IP address that the IP address is corresponding, it specifically can comprise address value and the prefix length value of IP address.
Explain the implication of the network segment at this.In the agreement interconnected between network (Internet Protocol, IP agreement), the network segment can mean the set of one group of IP address; Can understand like this, if the prefix part of a plurality of (two or more) IP address is identical, they belong to the same network segment so, as for prefix part, are great one on earth, can be decided by the prefix length value.For example, the prefix length value is 64 IPv6 address 2001:0db8:85a3:08d3:1319:8a2e:0370:7344 and 2001:0db8:85a3:08d3:1001:8a2e:0370:7344 and belongs to the same network segment, because first 64 of these two IPv6 addresses are identical.
Tectonic network for the ease of addressing and stratification, at present according to the agreement interconnected between network (Internet Protocol, the IP agreement) network segment information of address is divided the IP address, and according to division result by IP address assignment the public network to different service types.
In a kind of application example of the application, IP the 4th version (IPv4) address is divided into A, B, C, D, E five classes, and the characteristics of A wherein, B, C class are as follows:
The category-A address:
The network identity of category-A address is meaned by first group of 8 bit, host identification in network accounts for 3 group of 8 bit, the characteristics of category-A address are that the first bit value of network identity is necessary for " 0 ", the category-A address has allowed 126 network segments, each network has approximately allowed 1,670 ten thousand main frames, usually distributes to the network (as backbone network) that has a large amount of main frames;
The category-B address:
The network identity of category-B address is meaned by front two group of 8 bit, host identification in network accounts for two group of 8 bit, the characteristics of category-B address are that the front two binary number value of network identity is necessary for " 10 ", the category-B address has allowed 16384 network segments, each network has allowed 65533 main frames, is applicable to the many networks of node (as regional network);
C class address:
The network identity of C class address is meaned by front 3 group of 8 bit, in network, host identification accounts for 1 group of 8 bit, the characteristics of C class address are that the front 3 bit values of network identity are necessary for " 110 ", network with C class address has allowed 254 main frames, is applicable to the fewer network of node (as campus network).
Known by analysis, the public network of different service types is assigned with the IP address of different segment, and in the embodiment of the present application, the purpose IP address of uplink data messages is the IP address of public network, therefore, if obtain in advance the purpose IP address of the corresponding public network of various types of traffic, and analyze the network segment of the corresponding public network of every kind of type of service, so, according to the network segment information of the purpose IP address of this uplink data messages, can identify the type of service of the corresponding public network of this uplink data messages.For example, if the network segment information of the purpose IP address of this uplink data messages belongs in the network segment of category-A public network, so, the type of service of the corresponding public network of this uplink data messages is exactly A.
In like manner, when correspondence with foreign country, enterprise network also shows as public network, usually enterprise network also can be assigned with the IP address of the corresponding network segment as public network, and the IP address of the network segment that this enterprise network is assigned with (the external IP address of following abbreviation enterprise network) shows as the source IP address of uplink data messages when correspondence with foreign country.If the network segment information according to the IP address is carried out Further Division to the external IP address of enterprise network, and distinguish according to division result the destination (being also the public network of which kind of type) that uplink data messages is led to, so also can be according to the network segment information of the source IP address of this uplink data messages, identification obtains the type of service of the corresponding public network of this uplink data messages.
Therefore, in the application's optional embodiment, can select one or more in following IP address: the purpose IP address of the source IP address of this uplink data messages and this uplink data messages, and the network segment information of foundation selected IP address, identify the type of service of the corresponding public network of this uplink data messages, also, the application can provide the following IP according to this uplink data messages network segment information of address, identifies the technical scheme of the type of service of the corresponding public network of this uplink data messages:
Technical scheme one,
According to the network segment information of the purpose IP address of this uplink data messages, identify the type of service of the corresponding public network of this uplink data messages.
The advantage of technical scheme one is simple and easy, without the network segment information of foundation IP address, Further Division is carried out in the external IP address of enterprise network; Shortcoming is when this uplink data messages is attack message or broadcasting packet, owing to carrying false purpose IP address in attack message, do not carry purpose IP address in broadcasting packet, therefore, the type of service of the corresponding public network of the attack message that None-identified is up or broadcasting packet.
Technical scheme two,
According to the network segment information of the source IP address of this uplink data messages, identify the type of service of the corresponding public network of this uplink data messages.
Because all uplink data messages such as up attack message or broadcasting packet all carry source IP address, the advantage of stock trick art scheme two is to identify the type of service of the corresponding public network of all uplink data messages; Shortcoming is also to need, according to the network segment information of IP address, Further Division is carried out in the external IP address of enterprise network.
Technical scheme three,
According to the source IP address of this uplink data messages and the network segment information of purpose IP address, identify the type of service of the corresponding public network of this uplink data messages.Can comprehensive technological scheme one and the pluses and minuses of technical scheme two.
Certainly, the public network of above-mentioned A, B, C class is just as example, in fact, the application's public network can comprise according to division result by IP address assignment to the public network of various types of traffic, as Internet, PSTN, PLMN etc., the application is not limited concrete public network and corresponding type of service.
In practice, up sending module 103 can send this uplink data messages to institute's public network corresponding to identification services type by router.Wherein, router (Router) is the equipment that connects each local area network (LAN), wide area network in internet, and it is automatically select and set route according to the situation of channel, with optimal path, by the equipment of front and back order transmitted signal.Alternatively, can adopt the enhancement mode route, also configured the functions such as maintenance of information, distribution on the basis of original router.
In addition, at first up sending module 103 can also be encapsulated as packet or Frame by this uplink data messages, and then to institute's identification services type, corresponding public network sends.
To sum up, because the application's enterprise network agent apparatus can be identified the type of service of the corresponding public network of uplink data messages of enterprise network equipment transmission, so can support the communication of at least one enterprise network at least one class public network; And, with respect to prior art, need each enterprise network to arrive the communication of at least one class public network to the connection of every class public network to realize at least one enterprise network, the application only needs the enterprise network agent apparatus can realize the communication of at least one enterprise network at least one class public network to the connection of every class public network, therefore, the application can reduce expending of shared number of connection and respective link resource greatly.
In specific implementation, the connected mode of this enterprise network agent apparatus and public network equipment can be wired mode or wireless mode, and due to wireless mode, without taking link circuit resource, the type of service quantity that wired mode takies the umber of link circuit resource and public network is corresponding; Like this, for realizing the communication of M enterprise network to N class public network, prior art need to take M * N part link circuit resource, and the application need to take at most N part link circuit resource, and therefore, the application can effectively reduce expending of link circuit resource.
Embodiment bis-
With reference to Fig. 2, provided the optional structure chart of the enterprise network agent apparatus that the embodiment of the present application two provides.The enterprise network agent apparatus of the present embodiment, on above-mentioned basis embodiment illustrated in fig. 1, further can also comprise following optional technical scheme.
As shown in Figure 2, the enterprise network agent apparatus of the present embodiment can also comprise:
Encrypting module 1031, for being encrypted this uplink data messages;
This up sending module 103, also can be used for the public network equipment corresponding to institute's identification services type and send the uplink data messages after encrypting.
For some enterprise network, its security requirement to data is very high; But these enterprise network and communicating by letter of public network can have influence on the fail safe of enterprise network data unavoidably.
For the fail safe of transfer of data in the communication process that strengthens enterprise network and public network, the present embodiment can be transferred to public network equipment after this uplink data messages is encrypted.In specific implementation, can adopt Message Digest Algorithm 5 (Message Digest Algorithm5, MD5), SHA (Secure Hash Algorithm, SHA), message authentication code (Message Authentication Code, MAC) etc. the message encryption algorithm carries out the encryption of uplink data messages, and the application is not limited concrete message encryption algorithm.
It should be noted that, uplink receiving module 101 is after having carried out the uplink data messages and corresponding IP address that receives this enterprise network equipment transmission, and encrypting module 1031 is carried out the operation that this uplink data messages is encrypted.
To sum up, the present embodiment is transferred to public network equipment after uplink data messages is encrypted, and can prevent that in this uplink data messages, information is stolen or distorts, thereby can strengthen the fail safe of transfer of data in the communication process of enterprise network and public network.
Embodiment tri-
The above-mentioned main enterprise network agent apparatus of having described the present embodiment embodiment illustrated in fig. 1 sends the transmitting procedure from the uplink data messages of enterprise network equipment to public network.
With reference to Fig. 3, provided the optional structure chart of the enterprise network agent apparatus that the embodiment of the present application two provides.The enterprise network agent apparatus of the present embodiment is on above-mentioned basis embodiment illustrated in fig. 1, and the enterprise network agent apparatus that further can also comprise the present embodiment sends the optional technical scheme from the transmission of the downlink data message of public network equipment to enterprise network equipment.
As shown in Figure 3, the enterprise network agent apparatus of the present embodiment can also comprise:
Descending sending module 106, send this downlink data message for the enterprise network equipment to identified.
In specific implementation, the form that the downlink data message that this public network equipment sends and corresponding IP address may be encapsulated as packet or Frame, in such cases, descending receiver module 104 need to obtain corresponding downlink data message and corresponding IP address by decapsulation.The IP address that the object of analyzing and identifying due to the enterprise network agent apparatus is this downlink data message, therefore in the embodiment of the present application, " downlink data message and corresponding IP address that this public network equipment sends " is the facility in order to describe, in fact, it can contain the situation of above-mentioned " form that the downlink data message that this public network equipment sends and corresponding IP address may be encapsulated as packet or Frame ".
In actual applications, the routing table identification that descending identification module 105 can be safeguarded according to the enterprise network agent apparatus obtains the enterprise network equipment corresponding to IP address of this downlink data message.Due to the known technology that routing table is the art, and therefore not to repeat here.
In some embodiment of the application, descending identification module 105 and descending sending module 106 all can be carried out corresponding operation by router, wherein, descending identification module 105 utilizes the routing table function of router, and descending sending module 106 utilizes the forwarding capability of router.In a word, the application is not limited the specific implementation of descending identification module 105 and descending sending module 106.
Due to uplink receiving module 101, up identification module 102 and up sending module 103 send the transmitting procedure from the uplink data messages of enterprise network equipment for completing to public network equipment, and descending receiver module 104, descending identification module 105 and descending sending module 106 send the transmitting procedure from the downlink data message of public network equipment for completing to enterprise network equipment, and the transmitting procedure of the transmitting procedure of uplink data messages and downlink data message is executed in parallel, therefore, with respect to uplink receiving module 101, up identification module 102 and the related operation of up sending module 103, descending receiver module 104, descending identification module 105 and the related operation of descending sending module 106 are parallel and independently.
To sum up, the present embodiment can send the transmitting procedure from the downlink data message of public network equipment to enterprise network equipment, to realize public network, arrives the communication of enterprise network.
Embodiment tetra-
With reference to Fig. 4, provided the optional structure chart of the enterprise network that the embodiment of the present application four provides, this enterprise network can adopt the network spectrum resource of LTE system to communicate, and this enterprise network specifically comprises at least one integrated base station 401;
This integrated base station 401 connects above-mentioned enterprise network agent apparatus, and for the communications of user equipment with global Subscriber Identity Module is installed, integrated base station 401 specifically can comprise base station functions module 411 and core net functional module 412;
Wherein, this core net functional module 412 connects this base station functions module 411, for passing through this base station functions module 411 and this communications of user equipment;
This base station functions module 411, for according to this whole world Subscriber Identity Module, communicate by letter on the frequency of this network spectrum resource with this subscriber equipment; And communicate by letter with above-mentioned core net functional module 412.
In practice, this integrated base station 401 can connect above-mentioned enterprise network agent apparatus by preset mode, this preset mode comprise following at least one: wired mode and wireless mode.
If adopt wired mode to connect, can in integrated base station 401 and enterprise network agent apparatus, configure respectively wired physical interface, by this wired physical interface and corresponding connecting line, connect; If the employing wireless mode can configure respectively wireless physical interface in integrated base station 401 and enterprise network agent apparatus, by this wireless physical interface transmission of signal, connect.
In the embodiment of the present application, integrated base station 401 is will LTE grid side be adopted to base station (Evolved NodeB, eNB) and the core net of evolution (Evolved Packet Core, EPC) framework carry out improved construction, it has merged the function of original eNB and EPC; Wherein, function and the eNB of base station functions module 411 are similar, and function and the EPC of core net functional module 412 are similar, thereby without the complicated architectures that adopts eNB and EPC, adopt this integrated base station 401 subscriber equipment can be accessed to enterprise network, with subscriber equipment, realize the mutual of signaling and data.
The concrete communication process of this integrated base station 401 is as follows:
Wherein, base station functions module 411 is blocked for the global Subscriber Identity Module of foundation (Universal Subscriber Identity Module, USIM),
(1) integrated base station 401 and subscriber equipment (User Equipment, UE) communication.
The LTE system is the communication requirement that meets the user, provide certain frequency spectrum resource to communicate to user's UE and base station, therefore, base station functions module 411 can be according to global Subscriber Identity Module (Universal Subscriber Identity Module, USIM) card, communicate by letter on the frequency of above-mentioned network spectrum resource with the subscriber equipment that this usim card is installed.Communicate by letter on the frequency of the all-network frequency spectrum resource that can provide in the LTE system in actual treatment, can take the fixed network frequency spectrum resource yet, communicate by letter on the frequency of this fixed network frequency spectrum resource, the embodiment of the present application is not done restriction to this.
Due in the communicating by letter of UE and integrated base station 401, many communication processs need base station functions module 411 and core net functional module 412 to work in coordination with, therefore in the communication process of base station functions module 411 and subscriber equipment, often also need Content of Communication as data or signaling etc., send to core net functional module 412 to process, and core net functional module 412 also need Content of Communication is sent to UE via base station functions module 411.
(2) integrated base station 401 is communicated by letter with the enterprise network agent apparatus.
In order to realize and the communicating by letter of public network, base station functions module 411 can be connected with the enterprise network agent apparatus by preset mode,, according to the connected mode of base station functions module 411 and enterprise network agent apparatus, by wired or wireless mode, carries out data communication.
Same, base station functions module 411 with enterprise network agent apparatus communication process in, some Content of Communication can be sent to core net functional module 412, also the Content of Communication of core net functional module 412 can be forwarded to the enterprise network agent apparatus.
(3) intercommunication of integrated base station 401.
In the integrated base station 401 of the present embodiment, base station functions module 411 can be carried out the mutual of data, signaling with core net functional module 412, realize respectively the function of eNB and EPC, can receive the Content of Communication of UE and enterprise network agent apparatus, can process accordingly this Content of Communication again.
To sum up should, in the enterprise network formed by least one integrated base station, this integrated base station can be connected and communicate by letter with the subscriber equipment that global Subscriber Identity Module is installed by wireless mode, avoid the high problem of wired mode wiring complexity, and this integrated base station adopts the network spectrum resource of LTE system, therefore the enterprise network wireless signal coverage formed is wider, only need several less integrated base stations just can cover larger scope.
Secondly, base station functions module and core net functional module in integrated base station have respectively the function of eNB and EPC, thereby only by integrated base station, just can realize the network side framework of LTE system, therefore can reduce the complexity of original LTE framework.
The above-mentioned architecture that enterprise network is provided, in fact enterprise network within the specific limits (as certain building office building) covered, therefore, the network spectrum resource of the above-mentioned LTE system taken, can be special-purpose frequency spectrum resource, can be also the network spectrum resource in public network, when thereby the user is equipped with the UE of USIM in use, be free to be switched in public network and enterprise network, improve the utilization rate of UE, reduce the waste of resource.
For example, enterprise network is before deployment, enterprise network operator can consult with public network operator, public network operator hires out certain frequency spectrum resource to enterprise network operator, frequency spectrum resource is only effective in coverage, in the coverage of public network, the UE of access public network adopts the frequency communication of this section frequency spectrum.
Therefore, in the erection process of enterprise network, can the intranet user use from carrying device, this equipment can be general equipment, thereby supports the use of public network frequency spectrum resource.Thereby, under the prerequisite of the lease that has realized the public network frequency spectrum, when using UE, the user of enterprise network can between public network and enterprise network, automatically switch.And enterprise network, after being provided with suitable frequency, when the covering of subscriber equipment Entry Firm net, can be passed through the community that the flow processs such as the selection of LTE community, gravity treatment are found enterprise network, and the resident service to accepting enterprise network in the LTE enterprise network.
Due to enterprise network be covered within the specific limits as a building office building, be different from other enterprise network only for an enterprise, the enterprise network of the present embodiment can be for one or many enterprises' use, because LTE system itself supports closed user group (Closed Subsciber Group) so that the leading subscriber authority, therefore also need to distinguish different enterprises in enterprise network, and determine the information such as rights of using of user in each enterprise, thereby can store User Priority in integrated base station, be convenient to the user is carried out to grading control.Therefore in optional embodiment of the application, the enterprise network agent apparatus can also comprise: routing module, for safeguarding control information, and this control information is distributed to integrated base station, wherein, this control information specifically can comprise: user profile and user's routing table, and this user profile comprises the grouping information of being divided into groups according to subscriber equipment owned enterprise and the precedence information that respectively divides into groups lower subscriber equipment;
In order to distinguish different enterprises in enterprise network, therefore can to UE, be divided into groups according to owned enterprise, determine the grouping information of UE, and determine the precedence information of the lower UE of each grouping, this precedence information can be set up on their own in being added into the enterprise network agent apparatus by enterprise, as according to definite priority such as post, actions, the embodiment of the present application is not done restriction to this.User's routing table can be preserved the information such as path that the user communicates by letter in enterprise network.
Routing module is after having safeguarded above-mentioned control information, can also be according to actual demand by the integrated base station 401 of control information distribution, for example each enterprise of family is fixed in the geographical position of enterprise network, therefore for it distributes fixing integrated base station, the control informations such as the grouping information of this enterprise, precedence information can be distributed to the integrated base station of distribution.
Therefore, base station functions module 411, the control information that can send specifically for receiving this routing module, and this control information is sent to this core net functional module; This core net functional module 412, can be stored specifically for the control information to receiving, and be determined according to this control information the subscriber equipment that allows access, and the priority of this subscriber equipment.
For example, UE is in Entry Firm net coverage, can send to enterprise network the related signaling of access after enterprise network being detected, as signalings such as registration, authentications, integrated base station 401, after receiving the signaling of UE, can determine that UE can access user's group of which enterprise in enterprise network according to grouping information.And UE, after the access enterprise network, can also determine the precedence information of this UE in integrated base station 401, thereby determines the resource that this UE can take in enterprise network, the information such as the content of access.
To sum up, by routing module and integrated base station 401, can realize the data communication between UE and public network.And this enterprise network allows many enterprises jointly to use, for enterprise is distinguished, can to subscriber equipment, be divided into groups according to owned enterprise, grouping information, precedence information and user's routing table that routing module can maintenance customer's equipment, thus enterprise network is controlled and safeguarded.
Next discusses the communication process of integrated base station 401 and UE.
In the present embodiment, specifically can comprise in the communication process of integrated base station 401 and UE that data communication communicates by letter with signaling.
(1) data communication process.
In the present embodiment, the data of integrated base station inside can be the form transmission according to the IP packet, can be in core net functional module 412 the configuration data transmission unit, thereby base station functions module 411 can directly be transferred to core net functional module 412 by the IP packet, comprising the IP address of this packet.
In optional embodiment of the application, the core net functional module 412 of integrated base station 401 is mapped as the IP address of downlink data the ID of UE, and downlink data is sent to base station functions module 411; And receive the upstream data that UE that base station functions module 411 sends uploads; Base-station transmission module 1021 receives the upstream data that UE upload, and by transmitting uplink data to core net functional module 412; And receive the downlink data that core net functional module 412 sends, and according to the ID of UE, downlink data is sent to corresponding UE.
This downlink data can be that enhancement mode route 102 sends to core net functional module 412 by base station functions module 411, as above-mentioned the second data, can be also core net functional module 412 storage inside.Thereby core net functional module 412 is mapped as the IP address of downlink data the ID of UE, UE under specified data is destination address, then downlink data is sent to base station functions module 411, base-station transmission module 1021 sends to corresponding UE according to the ID of UE by downlink data.
Equally, base-station transmission module 1021 can receive the upstream data that UE uploads, then by transmitting uplink data to core net functional module 412, core net functional module 412 is after receiving this upstream data, can the operation such as resolve to this upstream data, thus determine by this transmitting uplink data to UE or by the enhancement mode route transmission to network.If be transferred to UE, can be mapped as according to the IP address of upstream data the ID of UE, thereby determine the UE that receives this upstream data.
(2) signaling communication process.
Core net functional module 412, for generating the first signaling, and send to base station functions module 411 by the first signaling; And the second signaling that receives the UE initiation of base station functions module 411 transmissions; Base station functions module 411, the second signaling of initiating for receiving UE, and the second signaling is sent to core net functional module 412; And receive the first signaling that core net functional module 412 sends, and the first signaling is sent to UE.
UE and integrated base station 101 need, by Signalling exchange, UE accessed and reside in enterprise network, thereby can use enterprise network and carry out corresponding business operation in enterprise network, as transmitted data in enterprise network, downloading software etc.The function of this signaling can comprise authentication, registration, position renewal and paging etc., can be initiated by UE, also can be initiated by integrated base station 401.
Wherein, core net functional module 412 can generate the first signaling, this first signaling is sent to base station functions module 411, base station functions module 411 sends to UE by the first signaling again, thereby UE carries out corresponding operation according to this first signaling, feeds back in case of necessity the contents such as response to this first signaling.
UE generates the second signaling and sends to base station functions module 411, base station functions module 411 sends to core net functional module 412 by the second signaling, core net functional module 412 is after receiving the second signaling, the second signaling is resolved and other processing operations, then fed back the contents such as corresponding response.
The integrated base station 401 adopted in the embodiment of the present application has the function of eNB and EPC simultaneously, in the process of configuration, original EPC is simplified, in original EPC, each network element consists of different equipment, need the interface protocol according to corresponding physical interface while therefore between network element, transmitting data, the transmitting procedure complexity, and in data transmission procedure, need co-operation between network element to complete, the data transmission procedure complexity.And in the core net functional module 412 of integrated base station 401, each network element can directly transmit data or signaling, without again being encapsulated according to interface protocol, and only needs data transmission unit just can carry out transfer of data again, without the co-operation of many network elements, signaling and data transmission procedure are simple.
The embodiment that is appreciated that enterprise network shown in Fig. 4 is just as the application's optional embodiment, and the application restric-tion to enterprise network as the application not.
With reference to Fig. 5, the flow chart of the method that a kind of enterprise network that having provided the embodiment of the present application provides is communicated by letter with public network specifically can comprise:
Uplink data messages and corresponding IP address that step 501, reception enterprise network equipment send;
In optional embodiment of the application, the network segment information of the IP address of this uplink data messages specifically can comprise address value and the prefix length value of this IP address.
In optional embodiment of the application, the IP address of this uplink data messages specifically can comprise one or more in following IP address: the purpose IP address of the source IP address of this uplink data messages and this uplink data messages.
In optional embodiment of the application, network segment information in the IP address of the described uplink data messages of described foundation, after identifying the step 503 of type of service of the corresponding public network of described uplink data messages, the method can also comprise: this uplink data messages is encrypted, and corresponding public network equipment sends the uplink data messages after encrypting to institute's identification services type.This optional embodiment is transferred to public network equipment after uplink data messages is encrypted, and can prevent that in this uplink data messages, information is stolen or distorts, thereby can strengthen the fail safe of transfer of data in the communication process of enterprise network and public network.
Step 501-step 503 is sent the transmitting procedure from the uplink data messages of enterprise network equipment for completing to public network equipment, in optional embodiment of the application, the method can also comprise for send the process step from the transmitting procedure of the downlink data message of public network equipment to enterprise network equipment:
(1) receive downlink data message and the corresponding IP address that this public network equipment sends;
(2) according to the IP address of this downlink data message, identification obtains corresponding enterprise network equipment;
(3) send this downlink data message to identified enterprise network equipment.
Step (1) in this optional embodiment-step (3) does not have successively sequential restriction with the step 501-step 503 in above-described embodiment, can before step 501-step 503, carry out, also can after step 501-step 503, carry out, also can carry out with step 501-step 503 simultaneously.
This optional embodiment can send the transmitting procedure from the downlink data message of public network equipment to enterprise network equipment, to realize public network, arrives the communication of enterprise network.
Each embodiment in this specification all adopts the mode of going forward one by one to describe, and what each embodiment stressed is and the difference of other embodiment that between each embodiment, identical similar part is mutually referring to getting final product.For embodiment of the method, because it is substantially similar to device embodiment, so description is fairly simple, relevant part gets final product referring to the part explanation of embodiment of the method.
A kind of method that above a kind of enterprise network agent apparatus that the application is provided and enterprise network are communicated by letter with public network, be described in detail, applied specific case herein the application's principle and execution mode are set forth, the explanation of above embodiment is just for helping to understand the application's method and core concept thereof; Simultaneously, for one of ordinary skill in the art, the thought according to the application, all will change in specific embodiments and applications, to sum up is somebody's turn to do, and this description should not be construed as the restriction to the application.
Claims (10)
1. an enterprise network agent apparatus, is characterized in that, described device is connected between enterprise network equipment and public network equipment, comprising:
The uplink receiving module, the uplink data messages sent for receiving described enterprise network equipment;
Up identification module, for the network segment information of the IP address according to described uplink data messages, identify the type of service of the corresponding public network of described uplink data messages;
Up sending module, send described uplink data messages for the public network equipment corresponding to institute's identification services type.
2. device as claimed in claim 1, is characterized in that, the network segment information of the IP address of described uplink data messages comprises address value and the prefix length value of described IP address;
And/or the IP address of described uplink data messages comprises one or more in following IP address: the purpose IP address of the source IP address of described uplink data messages and described uplink data messages.
3. device as claimed in claim 1, is characterized in that, also comprises:
Encrypting module, for being encrypted described uplink data messages;
Described up sending module, also send the uplink data messages after encrypting for the public network equipment corresponding to institute's identification services type.
4. device as claimed in claim 1, is characterized in that, also comprises:
Descending receiver module, the downlink data message and the corresponding IP address that for receiving described public network equipment, send;
Descending identification module, for the IP address according to described downlink data message, identification obtains corresponding enterprise network;
Descending sending module, send described downlink data message for the enterprise network equipment to identified.
5. device as described as any one in claim 1 to 4, is characterized in that, described enterprise network agent apparatus connects described public network equipment by preset mode, described preset mode comprise following at least one: wired mode and wireless mode.
6. device as described as any one in claim 1 to 4, is characterized in that, described enterprise network adopts the network spectrum resource of LTE system to communicate, and described enterprise network equipment comprises at least one integrated base station;
Described integrated base station, for the communications of user equipment with global Subscriber Identity Module is installed, comprise base station functions module and core net functional module;
Wherein, described core net functional module connects described base station functions module, for by described base station functions module and described communications of user equipment;
Described base station functions module, for according to described global Subscriber Identity Module, communicate by letter on the frequency of described network spectrum resource with described subscriber equipment; And communicate by letter with described core net functional module.
7. the method that enterprise network is communicated by letter with public network, is characterized in that, comprising:
Receive the uplink data messages that enterprise network equipment sends;
According to the network segment information of the IP address of described uplink data messages, identify the type of service of the corresponding public network of described uplink data messages;
The public network equipment corresponding to institute's identification services type sends described uplink data messages.
8. method as claimed in claim 7, is characterized in that, the network segment information of the IP address of described uplink data messages comprises address value and the prefix length value of described IP address; And/or the IP address of described uplink data messages comprises one or more in following IP address: the purpose IP address of the source IP address of described uplink data messages and described uplink data messages.
9. method as claimed in claim 8, is characterized in that, the network segment information in the IP address of the described uplink data messages of described foundation, and after identifying the step of type of service of the corresponding public network of described uplink data messages, described method also comprises:
Described uplink data messages is encrypted, and corresponding public network equipment sends the uplink data messages after encrypting to institute's identification services type.
10. method as claimed in claim 8, is characterized in that, also comprises:
Receive the downlink data message that described public network equipment sends;
According to the IP address of described downlink data message, identification obtains corresponding enterprise network;
Send described downlink data message to identified enterprise network equipment.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2013103786505A CN103475699A (en) | 2013-08-27 | 2013-08-27 | Enterprise network agent device and method for enterprise network to communicate with public network |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2013103786505A CN103475699A (en) | 2013-08-27 | 2013-08-27 | Enterprise network agent device and method for enterprise network to communicate with public network |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN103475699A true CN103475699A (en) | 2013-12-25 |
Family
ID=49800392
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2013103786505A Pending CN103475699A (en) | 2013-08-27 | 2013-08-27 | Enterprise network agent device and method for enterprise network to communicate with public network |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103475699A (en) |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104093171A (en) * | 2014-07-31 | 2014-10-08 | 宇龙计算机通信科技(深圳)有限公司 | Resource sharing device, communication network, and resource sharing system and method |
| CN105916218A (en) * | 2016-04-19 | 2016-08-31 | 国网浙江省电力公司信息通信分公司 | Integrated base station system and communication method based on same |
| CN105933914A (en) * | 2016-04-19 | 2016-09-07 | 国网浙江省电力公司信息通信分公司 | Distributed LTE network architecture system |
| CN108696546A (en) * | 2017-02-15 | 2018-10-23 | 中兴通讯股份有限公司 | A kind of method and device of the user terminal access public network of Enterprise Mobile private network |
| WO2022083627A1 (en) * | 2020-10-21 | 2022-04-28 | 大唐移动通信设备有限公司 | Transmission method and device |
| CN114765627A (en) * | 2021-01-14 | 2022-07-19 | 京东科技控股股份有限公司 | Data transmission method, device, storage medium and computer program product |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101018181A (en) * | 2006-02-08 | 2007-08-15 | 华为技术有限公司 | Integrated communication service network and its fax agent and call routing method |
| CN101242658A (en) * | 2008-03-11 | 2008-08-13 | 金柘苗 | Mobile information multi-layer network secure auditing system |
| CN101465914A (en) * | 2008-12-31 | 2009-06-24 | 深圳市嘉讯软件有限公司 | Fusion of communication business network platform, IAS and enterprise network platform, and communication method |
| CN101674578A (en) * | 2008-09-12 | 2010-03-17 | 中兴通讯股份有限公司 | Method and system for safely accessing femtocell into network |
| CN102711218A (en) * | 2011-03-28 | 2012-10-03 | 中兴通讯股份有限公司 | Access network element, access network system and access method |
| CN102833217A (en) * | 2011-06-16 | 2012-12-19 | 中兴通讯股份有限公司 | Processing method for client/server application and centralized processing system |
-
2013
- 2013-08-27 CN CN2013103786505A patent/CN103475699A/en active Pending
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101018181A (en) * | 2006-02-08 | 2007-08-15 | 华为技术有限公司 | Integrated communication service network and its fax agent and call routing method |
| CN101242658A (en) * | 2008-03-11 | 2008-08-13 | 金柘苗 | Mobile information multi-layer network secure auditing system |
| CN101674578A (en) * | 2008-09-12 | 2010-03-17 | 中兴通讯股份有限公司 | Method and system for safely accessing femtocell into network |
| CN101465914A (en) * | 2008-12-31 | 2009-06-24 | 深圳市嘉讯软件有限公司 | Fusion of communication business network platform, IAS and enterprise network platform, and communication method |
| CN102711218A (en) * | 2011-03-28 | 2012-10-03 | 中兴通讯股份有限公司 | Access network element, access network system and access method |
| CN102833217A (en) * | 2011-06-16 | 2012-12-19 | 中兴通讯股份有限公司 | Processing method for client/server application and centralized processing system |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104093171A (en) * | 2014-07-31 | 2014-10-08 | 宇龙计算机通信科技(深圳)有限公司 | Resource sharing device, communication network, and resource sharing system and method |
| CN105916218A (en) * | 2016-04-19 | 2016-08-31 | 国网浙江省电力公司信息通信分公司 | Integrated base station system and communication method based on same |
| CN105933914A (en) * | 2016-04-19 | 2016-09-07 | 国网浙江省电力公司信息通信分公司 | Distributed LTE network architecture system |
| CN105933914B (en) * | 2016-04-19 | 2019-03-29 | 国网浙江省电力公司信息通信分公司 | Distributed LTE network framework system |
| CN108696546A (en) * | 2017-02-15 | 2018-10-23 | 中兴通讯股份有限公司 | A kind of method and device of the user terminal access public network of Enterprise Mobile private network |
| WO2022083627A1 (en) * | 2020-10-21 | 2022-04-28 | 大唐移动通信设备有限公司 | Transmission method and device |
| CN114765627A (en) * | 2021-01-14 | 2022-07-19 | 京东科技控股股份有限公司 | Data transmission method, device, storage medium and computer program product |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN106376003B (en) | Detect WLAN connection and WLAN data transmission method for uplink and its device | |
| KR102058662B1 (en) | Communication system for communication in a communication network with subnetworks | |
| CN103475699A (en) | Enterprise network agent device and method for enterprise network to communicate with public network | |
| KR102066188B1 (en) | How to establish a roaming connection | |
| US20120044876A1 (en) | Method and apparatus for virtualization of wireless network | |
| WO2014051383A1 (en) | Security management method and apparatus for group communication in mobile communication system | |
| CN104883217B (en) | A kind of method, system and the equipment of transmitting satellite message | |
| CN113691969A (en) | Communication method and device | |
| US20130182651A1 (en) | Virtual Private Network Client Internet Protocol Conflict Detection | |
| CN111615844B (en) | Method and apparatus for selecting a session management entity serving a wireless communication device | |
| PT2443875E (en) | An access point, a server and a system for distributing an unlimited number of virtual ieee 802.11 wireless networks through a heterogeneous infrastructure | |
| CN105960782B (en) | For forwarding the access node apparatus of data grouping | |
| US10299130B2 (en) | Resource sharing method and resource sharing system | |
| CN107005430B (en) | Communication method, device and system based on data link layer | |
| CN105981470A (en) | Methods and apparatuses for handling communication in a communication system comprising an access point and a wire line network node connected via wire line to the access point | |
| CN103501499A (en) | Wireless backhaul method and implementation equipment thereof based on LTE enterprise network system | |
| CN103313305A (en) | Gateway device and base station system | |
| CN112312466A (en) | Method, device and system for sending event report | |
| CN105323231A (en) | Security algorithm selection method, security algorithm selection device and security algorithm selection system | |
| JP2019500819A (en) | Method for establishing communication connection of communication terminal via communication network | |
| CN110351772B (en) | Mapping between wireless links and virtual local area networks | |
| US20130188625A1 (en) | Vlan pooling enhancement | |
| JP7400740B2 (en) | Network components, servers and communication systems | |
| CN103476144A (en) | Enterprise network system and user equipment registration method based on same | |
| CN102378164B (en) | Method for configuring ECGI (evolution cell global identification) of terrestrial radio access network for relay node |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20131225 |