CN109688054A - The method and PGW of VPDN user's online - Google Patents

The method and PGW of VPDN user's online Download PDF

Info

Publication number
CN109688054A
CN109688054A CN201710969145.6A CN201710969145A CN109688054A CN 109688054 A CN109688054 A CN 109688054A CN 201710969145 A CN201710969145 A CN 201710969145A CN 109688054 A CN109688054 A CN 109688054A
Authority
CN
China
Prior art keywords
vpdn
address
access network
customer access
flow
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201710969145.6A
Other languages
Chinese (zh)
Other versions
CN109688054B (en
Inventor
贺晓东
唐宏
曹维华
李文云
赵丽敏
邹洁
姜松
朱华虹
陆小铭
徐博文
马啸威
彭巍
王晴
杨胜
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Telecom Corp Ltd
Original Assignee
China Telecom Corp Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Telecom Corp Ltd filed Critical China Telecom Corp Ltd
Priority to CN201710969145.6A priority Critical patent/CN109688054B/en
Publication of CN109688054A publication Critical patent/CN109688054A/en
Application granted granted Critical
Publication of CN109688054B publication Critical patent/CN109688054B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • H04L12/4633Interconnection of networks using encapsulation techniques, e.g. tunneling
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/74Address processing for routing

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention discloses the methods and PGW of a kind of VPDN user online, this method comprises: PGW is monitored the purpose IP address of the VPDN customer access network flow in L2TP Tunnel;VPDN customer access network flow is forwarded to corresponding purpose network according to the purpose IP address of VPDN customer access network flow, enables a user to access multiple networks using identical APN without carrying out APN switching, promotes customer service and use perception.

Description

The method and PGW of VPDN user's online
Technical field
This disclosure relates to data communication field more particularly to a kind of VPDN (Virtual Private Dial-up Networks, Virtual Private Dialup Network) user online method and PGW (PDN GateWay, PDN Gateway).
Background technique
Operator uses VPDN networking technology, provides for government and enterprise customers and accesses Intranet by mobile Internet Convenient method.Method used at present: specifying specific APN (Access Point Name, access point) for VPDN business, when with When family is using APN access 4G network, 4G net equipment is that the user establishes to LNS (L2TP Network Server, L2TP net Network server) L2TP (Layer 2Tunneling Protocol, Level 2 Tunnel Protocol) tunnel, pass through LNS and enterprise network Inter-connection links access enterprise.When government and enterprises VPDN user accesses internet, user must first carry out APN switching, to influence to use Family experience.
Summary of the invention
The disclosure technical problem to be solved is to provide the method and PGW of a kind of VPDN user's online, so that user It is able to use identical APN and accesses multiple networks without carrying out APN switching.
On the one hand according to the disclosure, a kind of method of Virtual Private Dialup Network VPDN user online is proposed, comprising: public number It is supervised according to purpose IP address of the net gateway PGW to the VPDN customer access network flow in Level 2 Tunnel Protocol L2TP Tunnel It surveys;VPDN customer access network flow is forwarded to corresponding purpose according to the purpose IP address of VPDN customer access network flow Network.
Further, if the purpose IP address of VPDN customer access network flow is enterprise network address, PWG passes through VPDN customer access network flow is forwarded to L2TP Network Server LNS by L2TP Tunnel.
Further, if the purpose IP address of VPDN customer access network flow is outside network address, PWG is by VPDN Customer access network flow is unsealed, and after the VPDN customer access network flow progress source address conversion being honored as a queen to solution, will The VPDN customer access network flow that solution is honored as a queen is forwarded to external network.
Further, VPDN user accesses multiple purpose networks by identical APN.
According to another aspect of the present disclosure, it is also proposed that a kind of public data network gateway PGW, comprising: flow monitoring unit is used It is monitored in the purpose IP address to the VPDN customer access network flow in Level 2 Tunnel Protocol L2TP Tunnel;Flow turns Bill member, for being forwarded to VPDN customer access network flow pair according to the purpose IP address of VPDN customer access network flow The purpose network answered.
Further, if the purpose IP address of VPDN customer access network flow is enterprise network address, flow forwarding is single Member is for being forwarded to L2TP Network Server LNS for VPDN customer access network flow by L2TP Tunnel.
Further, if the purpose IP address of VPDN customer access network flow is outside network address, flow forwarding is single Member is used to unseal VPDN customer access network flow, and with carrying out source to the VPDN customer access network flow that solution is honored as a queen After the conversion of location, the VPDN customer access network flow that solution is honored as a queen is forwarded to external network.
Further, VPDN user accesses multiple purpose networks by identical APN.
According to another aspect of the present disclosure, it is also proposed that a kind of public data network gateway PGW, comprising: memory;And coupling To the processor of memory, processor is configured as the method for example above-mentioned based on the instruction execution for being stored in memory.
According to another aspect of the present disclosure, it is also proposed that a kind of computer readable storage medium is stored thereon with computer journey The step of sequence instruction, which realizes above-mentioned method when being executed by processor.
Disclosure PGW turns VPDN customer access network flow according to the purpose IP address of VPDN customer access network flow It is sent to corresponding purpose network, is enabled a user to using the multiple networks of identical APN access without carrying out APN switching, It promotes customer service and uses perception.
By the detailed description referring to the drawings to the exemplary embodiment of the disclosure, the other feature of the disclosure and its Advantage will become apparent.
Detailed description of the invention
The attached drawing for constituting part of specification describes embodiment of the disclosure, and together with the description for solving Release the principle of the disclosure.
The disclosure can be more clearly understood according to following detailed description referring to attached drawing, in which:
Fig. 1 is the flow diagram of one embodiment of the method for disclosure VPDN user online.
Fig. 2 is the flow diagram of another embodiment of the method for disclosure VPDN user online.
Fig. 3 is an application schematic diagram of the method for disclosure VPDN user online.
Fig. 4 is the structural schematic diagram of one embodiment of disclosure PGW.
Fig. 5 is the structural schematic diagram of another embodiment of disclosure PGW.
Fig. 6 is the structural schematic diagram of the further embodiment of disclosure PGW.
Specific embodiment
The various exemplary embodiments of the disclosure are described in detail now with reference to attached drawing.It should also be noted that unless in addition having Body explanation, the unlimited system of component and the positioned opposite of step, numerical expression and the numerical value otherwise illustrated in these embodiments is originally Scope of disclosure.
Simultaneously, it should be appreciated that for ease of description, the size of various pieces shown in attached drawing is not according to reality Proportionate relationship draw.
Be to the description only actually of at least one exemplary embodiment below it is illustrative, never as to the disclosure And its application or any restrictions used.
Technology, method and apparatus known to person of ordinary skill in the relevant may be not discussed in detail, but suitable In the case of, technology, method and apparatus should be considered as authorizing part of specification.
It is shown here and discuss all examples in, any occurrence should be construed as merely illustratively, without It is as limitation.Therefore, the other examples of exemplary embodiment can have different values.
It should also be noted that similar label and letter indicate similar terms in following attached drawing, therefore, once a certain Xiang Yi It is defined in a attached drawing, then in subsequent attached drawing does not need that it is further discussed.
For the purposes, technical schemes and advantages of the disclosure are more clearly understood, below in conjunction with specific embodiment, and reference The disclosure is further described in attached drawing.
Fig. 1 is the flow diagram of one embodiment of the method for disclosure VPDN user online.This method includes following Step:
In step 110, PGW is monitored the purpose IP address of the VPDN customer access network flow in L2TP Tunnel. Wherein, VPDN user accesses multiple purpose networks by identical APN, and the network flow of VPDN user's access is user L2TP report Text.
In step 120, according to the purpose IP address of VPDN customer access network flow by VPDN customer access network flow It is forwarded to corresponding purpose network.Wherein, purpose IP address can may be outside network address for enterprise network address.
In this embodiment, VPDN user is accessed net according to the purpose IP address of VPDN customer access network flow by PGW Network flow is forwarded to corresponding purpose network, enables a user to access multiple networks using identical APN without carrying out APN switching promotes customer service and uses perception.
Fig. 2 is the flow diagram of another embodiment of the method for disclosure VPDN user online.
In step 210, as shown in figure 3, user uses the access internet identical APN and corporate intranet.
In step 220, PGW is monitored VPDN user's L2TP message.
In step 230, if the purpose IP address of VPDN user's L2TP message is enterprise network address, PGW passes through L2TP Tunnel accesses corporate intranet after the L2TP message is forwarded to LNS.
In step 240, if the purpose IP address of VPDN user's L2TP message is outside network address, PGW uses VPDN Family L2TP message is unsealed from L2TP Tunnel, and after the VPDN user's L2TP message progress source address conversion being honored as a queen to solution, will be unsealed VPDN user's L2TP message afterwards is forwarded to external network, directly accesses external the Internet resource by PGW.
Wherein, step 230 and step 240 execution sequence in no particular order.
In this embodiment, it is monitored by target ip address of the PGW to VPDN subscriber network access flow, works as Target IP When address is external interconnections net address, PGW carries out the decapsulation of L2TP message to the flow, and after source address is converted, by PGW Directly access external the Internet resource;If target ip address is internal network IP address, which is passed through L2TP tunnel by PGW Road accesses internal network after being sent to LNS, to realize that VPDN user directly accesses internet without switching APN.
Fig. 4 is the structural schematic diagram of one embodiment of disclosure PGW.The PGW includes flow monitoring unit 410 and flow Retransmission unit 420, in which:
Flow monitoring unit 410 is used to carry out the purpose IP address of the VPDN customer access network flow in L2TP Tunnel Monitoring.Wherein, VPDN user accesses multiple purpose networks by identical APN, and the network flow of VPDN user's access is user L2TP message.
Flow retransmission unit 420 is for accessing VPDN user according to the purpose IP address of VPDN customer access network flow Network flow is forwarded to corresponding purpose network.Wherein, purpose IP address can may be extranets for enterprise network address Network address.
In this embodiment, VPDN user is accessed net according to the purpose IP address of VPDN customer access network flow by PGW Network flow is forwarded to corresponding purpose network, enables a user to access multiple networks using identical APN without carrying out APN switching promotes customer service and uses perception.
In another embodiment of the disclosure, if the purpose IP address of VPDN user's L2TP message is for enterprise network Location, flow retransmission unit 420 is for accessing corporate intranet after the L2TP message is forwarded to LNS by L2TP Tunnel.If VPDN The purpose IP address of user's L2TP message is outside network address, and flow retransmission unit 420 is used for VPDN user's L2TP message After the VPDN user's L2TP message progress source address conversion for unsealing from L2TP Tunnel, and being honored as a queen to solution, the VPDN that solution is honored as a queen is used Family L2TP message is forwarded to external network, directly accesses external the Internet resource by PGW.
In this embodiment, it is monitored by target ip address of the PGW to VPDN subscriber network access flow, works as Target IP When address is external interconnections net address, PGW carries out the decapsulation of L2TP message to the flow, and after source address is converted, by PGW Directly access external the Internet resource;If target ip address is internal network IP address, which is passed through L2TP tunnel by PGW Road accesses internal network after being sent to LNS, to realize that VPDN user directly accesses internet without switching APN.
Fig. 5 is the structural schematic diagram of another embodiment of disclosure PGW.The PGW includes memory 510 and processor 520.Wherein: memory 510 can be disk, flash memory or other any non-volatile memory mediums.Memory 510 is for storing Instruction in Fig. 1, embodiment corresponding to 2.Processor 520 is coupled to memory 510, can be used as one or more integrated circuits Implement, such as microprocessor or microcontroller.The processor 520 is for executing the instruction stored in memory.
It in one embodiment, can be as shown in fig. 6, the PGW600 includes memory 610 and processor 620.Processing Device 620 is coupled to memory 610 by BUS bus 630.The PGW600 can also be connected to outside by memory interface 640 and deposit Storage device 650 can also be connected to network or an other department of computer science to call external data by network interface 660 System (not shown), no longer describes in detail herein.
In this embodiment, it is instructed by memory stores data, then above-metioned instruction is handled by processor, so that user It is able to use identical APN and accesses multiple networks without carrying out APN switching, promote customer service and use perception.
In another embodiment, a kind of computer readable storage medium, is stored thereon with computer program instructions, this refers to Enable and realize Fig. 1 when being executed by processor, method in embodiment corresponding to 2 the step of.It should be understood by those skilled in the art that, Embodiment of the disclosure can provide as method, apparatus or computer program product.Therefore, complete hardware reality can be used in the disclosure Apply the form of example, complete software embodiment or embodiment combining software and hardware aspects.Moreover, the disclosure can be used one It is a or it is multiple wherein include computer usable program code computer can with non-transient storage medium (including but not limited to Magnetic disk storage, CD-ROM, optical memory etc.) on the form of computer program product implemented.
The disclosure is reference according to the method for the embodiment of the present disclosure, the flow chart of equipment (system) and computer program product And/or block diagram describes.It should be understood that each process in flowchart and/or the block diagram can be realized by computer program instructions And/or the combination of the process and/or box in box and flowchart and/or the block diagram.It can provide these computer programs to refer to Enable the processor of general purpose computer, special purpose computer, Embedded Processor or other programmable data processing devices to generate One machine so that by the instruction that the processor of computer or other programmable data processing devices executes generate for realizing The device for the function of being specified in one or more flows of the flowchart and/or one or more blocks of the block diagram.
These computer program instructions, which may also be stored in, is able to guide computer or other programmable data processing devices with spy Determine in the computer-readable memory that mode works, so that it includes referring to that instruction stored in the computer readable memory, which generates, Enable the manufacture of device, the command device realize in one box of one or more flows of the flowchart and/or block diagram or The function of being specified in multiple boxes.
These computer program instructions also can be loaded onto a computer or other programmable data processing device, so that counting Series of operation steps are executed on calculation machine or other programmable devices to generate computer implemented processing, thus in computer or The instruction executed on other programmable devices is provided for realizing in one or more flows of the flowchart and/or block diagram one The step of function of being specified in a box or multiple boxes.
So far, the disclosure is described in detail.In order to avoid covering the design of the disclosure, it is public that this field institute is not described The some details known.Those skilled in the art as described above, completely it can be appreciated how implementing technology disclosed herein Scheme.
Although being described in detail by some specific embodiments of the example to the disclosure, the skill of this field Art personnel it should be understood that above example merely to be illustrated, rather than in order to limit the scope of the present disclosure.The skill of this field Art personnel are it should be understood that can modify to above embodiments in the case where not departing from the scope of the present disclosure and spirit.This public affairs The range opened is defined by the following claims.

Claims (10)

1. a kind of method of Virtual Private Dialup Network VPDN user online, comprising:
Destination IP of the public data network gateway PGW to the VPDN customer access network flow in Level 2 Tunnel Protocol L2TP Tunnel Address is monitored;
The VPDN customer access network flow is forwarded to according to the purpose IP address of the VPDN customer access network flow Corresponding purpose network.
2. according to the method described in claim 1, wherein,
If the purpose IP address of the VPDN customer access network flow is enterprise network address, the PWG passes through L2TP tunnel The VPDN customer access network flow is forwarded to L2TP Network Server LNS by road.
3. according to the method described in claim 1, wherein,
If the purpose IP address of the VPDN customer access network flow is outside network address, the PWG is by the VPDN Customer access network flow is unsealed, and after the VPDN customer access network flow progress source address conversion being honored as a queen to solution, will The VPDN customer access network flow that solution is honored as a queen is forwarded to external network.
4. method according to claim 1-3, wherein
The VPDN user accesses multiple purpose networks by identical APN.
5. a kind of public data network gateway PGW, comprising:
Flow monitoring unit, for the destination IP to the VPDN customer access network flow in Level 2 Tunnel Protocol L2TP Tunnel Address is monitored;
Flow retransmission unit, for being visited the VPDN user according to the purpose IP address of the VPDN customer access network flow Ask that network flow is forwarded to corresponding purpose network.
6. PGW according to claim 5, wherein
If the purpose IP address of the VPDN customer access network flow is enterprise network address, the flow retransmission unit is used for The VPDN customer access network flow is forwarded to L2TP Network Server LNS by L2TP Tunnel.
7. PGW according to claim 5, wherein
If the purpose IP address of the VPDN customer access network flow is outside network address, the flow retransmission unit is used for The VPDN customer access network flow is unsealed, and source address is carried out to the VPDN customer access network flow that solution is honored as a queen After conversion, the VPDN customer access network flow that solution is honored as a queen is forwarded to external network.
8. according to the described in any item PGW of claim 5-7, wherein
The VPDN user accesses multiple purpose networks by identical APN.
9. a kind of public data network gateway PGW, comprising:
Memory;And
It is coupled to the processor of the memory, the processor is configured to based on the instruction execution for being stored in the memory Such as the described in any item methods of Claims 1-4.
10. a kind of computer readable storage medium, is stored thereon with computer program instructions, real when which is executed by processor The step of existing Claims 1-4 described in any item methods.
CN201710969145.6A 2017-10-18 2017-10-18 VPDN user internet surfing method and PGW Active CN109688054B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710969145.6A CN109688054B (en) 2017-10-18 2017-10-18 VPDN user internet surfing method and PGW

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710969145.6A CN109688054B (en) 2017-10-18 2017-10-18 VPDN user internet surfing method and PGW

Publications (2)

Publication Number Publication Date
CN109688054A true CN109688054A (en) 2019-04-26
CN109688054B CN109688054B (en) 2022-02-15

Family

ID=66183892

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710969145.6A Active CN109688054B (en) 2017-10-18 2017-10-18 VPDN user internet surfing method and PGW

Country Status (1)

Country Link
CN (1) CN109688054B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110932940A (en) * 2019-12-10 2020-03-27 北京奇艺世纪科技有限公司 Source address translation service monitoring method and device

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020136210A1 (en) * 2001-03-21 2002-09-26 International Business Machines Corporation System and method for virtual private network network address translation propagation over nested connections with coincident local endpoints
US20030041170A1 (en) * 2001-08-23 2003-02-27 Hiroyuki Suzuki System providing a virtual private network service
US20050022012A1 (en) * 2001-09-28 2005-01-27 Derek Bluestone Client-side network access polices and management applications
CN101764757A (en) * 2010-01-20 2010-06-30 华为技术有限公司 Method, device and system for content accessing
CN103747116A (en) * 2014-01-24 2014-04-23 杭州华三通信技术有限公司 Business access method and device based on Layer 2 Tunneling Protocol (L2TP)
CN103841627A (en) * 2012-11-22 2014-06-04 中国电信股份有限公司 Method and system for using service provider services through VPDN (virtual private dialup network)
CN103873444A (en) * 2012-12-14 2014-06-18 中国电信股份有限公司 Method and business switching device for accessing outside network business when mobile terminal VPDN is online
CN106789725A (en) * 2016-11-10 2017-05-31 瑞斯康达科技发展股份有限公司 It is a kind of to realize the methods, devices and systems that flow is redirected

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020136210A1 (en) * 2001-03-21 2002-09-26 International Business Machines Corporation System and method for virtual private network network address translation propagation over nested connections with coincident local endpoints
US20030041170A1 (en) * 2001-08-23 2003-02-27 Hiroyuki Suzuki System providing a virtual private network service
US20050022012A1 (en) * 2001-09-28 2005-01-27 Derek Bluestone Client-side network access polices and management applications
CN101764757A (en) * 2010-01-20 2010-06-30 华为技术有限公司 Method, device and system for content accessing
CN103841627A (en) * 2012-11-22 2014-06-04 中国电信股份有限公司 Method and system for using service provider services through VPDN (virtual private dialup network)
CN103873444A (en) * 2012-12-14 2014-06-18 中国电信股份有限公司 Method and business switching device for accessing outside network business when mobile terminal VPDN is online
CN103747116A (en) * 2014-01-24 2014-04-23 杭州华三通信技术有限公司 Business access method and device based on Layer 2 Tunneling Protocol (L2TP)
CN106789725A (en) * 2016-11-10 2017-05-31 瑞斯康达科技发展股份有限公司 It is a kind of to realize the methods, devices and systems that flow is redirected

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110932940A (en) * 2019-12-10 2020-03-27 北京奇艺世纪科技有限公司 Source address translation service monitoring method and device
CN110932940B (en) * 2019-12-10 2021-08-06 北京奇艺世纪科技有限公司 Source address translation service monitoring method and device

Also Published As

Publication number Publication date
CN109688054B (en) 2022-02-15

Similar Documents

Publication Publication Date Title
TWI654856B (en) Network management system based on hybrid cloud platform
CN104718723B (en) For the networking in virtual network and the frame of security service
CN104685507B (en) Virtual secure device architecture is provided to virtual cloud foundation structure
CN107872392A (en) Service function chain data and service function instance data are distributed in a network
CN103718164B (en) Virtual machine and service
CN103369027B (en) Location aware Virtual Service in mixing cloud environment is equipped with
US20170359252A1 (en) Techniques for efficient service chain analytics
CN107454094A (en) A kind of data interactive method and system
CN109076028A (en) Heterogeneous software defines the differential section in network environment
CN108293020A (en) The exclusive service forwarding of infrastructure
CN105684357A (en) Management of addresses in virtual machines
CN104579727B (en) A kind of method and apparatus for the network connection for managing network node
CN108092934A (en) Safety service system and method
CN105939284B (en) The matching process and device of message control strategy
CN106063229A (en) Methods and systems for forwarding data
CN107508907A (en) A kind of data transmission method and device
CN108734317A (en) Net about vehicle order information processing method and processing device
CN109756521B (en) NSH message processing method, device and system
CN106101011A (en) A kind of message processing method and device
CN109450766A (en) A kind of access processing method and device of workspace grade VPN
CN108173893A (en) For the method and apparatus of networking
CN109039959A (en) A kind of the consistency judgment method and relevant apparatus of SDN network rule
CN109474713A (en) Message forwarding method and device
CN106105098A (en) Switch and the processing method of service request message
CN109688054A (en) The method and PGW of VPDN user's online

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant