CN1172489C - Data communication system and method between networks - Google Patents

Data communication system and method between networks Download PDF

Info

Publication number
CN1172489C
CN1172489C CNB031018785A CN03101878A CN1172489C CN 1172489 C CN1172489 C CN 1172489C CN B031018785 A CNB031018785 A CN B031018785A CN 03101878 A CN03101878 A CN 03101878A CN 1172489 C CN1172489 C CN 1172489C
Authority
CN
China
Prior art keywords
system
wireless
wan
wired
user
Prior art date
Application number
CNB031018785A
Other languages
Chinese (zh)
Other versions
CN1430387A (en
Inventor
周贞宏
王炜
Original Assignee
北京朗通环球科技有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 北京朗通环球科技有限公司 filed Critical 北京朗通环球科技有限公司
Priority to CNB031018785A priority Critical patent/CN1172489C/en
Priority claimed from US10/515,771 external-priority patent/US7995516B2/en
Publication of CN1430387A publication Critical patent/CN1430387A/en
Application granted granted Critical
Publication of CN1172489C publication Critical patent/CN1172489C/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W92/00Interfaces specially adapted for wireless communication networks
    • H04W92/02Inter-networking arrangements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. local area networks [LAN], wide area networks [WAN]
    • H04L12/46Interconnection of networks
    • H04L12/4604LAN interconnection over a backbone network, e.g. Internet, Frame Relay
    • H04L12/462LAN interconnection over a bridge based backbone
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04MTELEPHONIC COMMUNICATION
    • H04M7/00Interconnection arrangements between switching centres
    • H04M7/009Interconnection arrangements between switching centres in systems involving PBX or KTS networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04MTELEPHONIC COMMUNICATION
    • H04M2203/00Aspects of automatic or semi-automatic exchanges
    • H04M2203/10Aspects of automatic or semi-automatic exchanges related to the purpose or context of the telephonic communication
    • H04M2203/1091Fixed mobile conversion
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04MTELEPHONIC COMMUNICATION
    • H04M2207/00Type of exchange or network, i.e. telephonic medium, in which the telephonic communication takes place
    • H04M2207/18Type of exchange or network, i.e. telephonic medium, in which the telephonic communication takes place wireless networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04MTELEPHONIC COMMUNICATION
    • H04M7/00Interconnection arrangements between switching centres
    • H04M7/006Networks other than PSTN/ISDN providing telephone service, e.g. Voice over Internet Protocol (VoIP), including next generation networks with a packet-switched transport layer
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W84/00Network topologies
    • H04W84/02Hierarchically pre-organised networks, e.g. paging networks, cellular networks, WLAN [Wireless Local Area Network] or WLL [Wireless Local Loop]
    • H04W84/10Small scale networks; Flat hierarchical networks
    • H04W84/12WLAN [Wireless Local Area Networks]

Abstract

本发明公开了一种基于网络之间的数据通信系统及基于该系统的通信方法,通过定义的移动网桥设备来实现无线LAN用户和有线LAN用户在有线WAN系统资源可访问时首先访问有线WAN系统资源,如果有线WAN系统资源不可访问时,通过无线WAN网卡模块访问到无线WAN系统资源,再间接访问Internet资源,使得无线LAN用户和有线LAN用户在更多的情况下都可访问到网络数据资源。 The present invention discloses a data communication system based on a network between the system and a communication method based on wireless LAN to the wired LAN and the user via the user mobile access bridge device defined in the first system resources wired WAN access a wired WAN system resources, system resources if the wired WAN inaccessible, accessible through the wireless WAN card module to the wireless WAN system resources, then the resource indirectly access the Internet, so that the user wireless LAN and the wired LAN users can access more cases to data network resources. 采用本发明所述的方法后可以为实现无线办公、无线上网、移动互联网、移动信息社会化的网络技术战略奠定基础。 We can achieve wireless office, wireless Internet access after using the method according to the present invention, the mobile Internet, mobile information society strategy of network technology foundation.

Description

基于网络之间的数据通信系统及方法 Based on the data communication between the network system and method

技术领域 FIELD

本发明涉及一种使通信网络之间能够进行相互数据通信的方法及系统。 The present invention relates to a method and a system for communication between a network to enable mutual data communication.

背景技术 Background technique

目前,应用不同平台技术、不同标准的网络相互结合,相互进行通信的方式应用越来越普遍,如现在业界在提出将电话网、有线电视网、因特网三网进行合而为一后,各种解决方案搞得如火如荼。 At present, the application of different platform technologies, different standards of network combined with each other, communicate with each other way more and more common, as is now proposed to the industry in the telephone network, cable television network, the Internet into one of three networks were after, various solutions made in full swing. 而且从技术发展的方向角度考虑,各个网络相互结合,进行互连互通也是趋向所在。 And from the perspective of the direction of technological development consideration, each network bonded to each other, where the tendency is for interconnection.

在目前的技术情况下,无线LAN用户和有线LAN用户能访问本网内资源或漫游在其他无线LAN系统之间,还有就是通过接入控制器的控制功能访问有线WAN的资源,这样无线LAN用户或有线LAN用户在布线了有线WAN系统的地区,可以访问有线WAN资源和局域网内的资源。 In the current technology, the user wireless LAN and the wired LAN users can access the resources within this site or other roaming between wireless LAN system, there is access to resources through the wired WAN access control function of the controller, so that the wireless LAN wired LAN user or a user area in the wiring system of the wired WAN, WAN resources can access a wired LAN and resources. 但是当无线LAN用户到达布线困难的地区时,在不能访问有线WAN资源时,或者当有线WAN系统出现故障,无线LAN用户或有线LAN用户的通信问题变得非常棘手,甚至有时会耽误许多重要的业务及生意,为客户造成很大的经济损失。 But when the wireless LAN users to reach hard to wire areas, while wired WAN can not access resources, or when the system fails wired WAN, wireless LAN user communication problems or wired LAN user becomes very difficult, and sometimes will delay many important business and business to customer cause great economic losses. 所以如何解决无线LAN用户和有线LAN用户在不能访问有线WAN资源时,仍然能保持不间断的通信功能,是目前有待解决的重要问题之一。 So how to solve the wireless LAN and wired LAN user when the user can not access a wired WAN resources, we can still maintain uninterrupted communication function is one of the important issue to be solved.

发明内容 SUMMARY

本发明主要解决目前无线LAN用户和有线LAN用户在不能访问到有线WAN系统资源时仍能保持连续的通信功能而提出的一种使无线LAN用户或有线LAN用户能访问无线WAN系统资源的方法。 One kind can maintain continuous communication function of the present invention is primarily to solve the current user wireless LAN and the wired LAN users can access the system resources to the wired WAN proposed user wireless LAN or wired LAN users can access the wireless WAN system resources methods.

一种基于网络之间的数据通信系统,包括无线LAN系统、有线LAN系统、有线WAN系统和无线WAN系统,其特征在于,无线LAN系统和有线LAN系统通过移动网桥连接到有线WAN系统和无线WAN系统,移动网桥中包含如下组件:无线网卡模块,使无线LAN系统的用户无线接入由基本服务集BSS组成的无线LAN系统;LAN以太网控制器,使有线LAN系统扩展到其它的有线LAN系统或无线LAN系统;WAN以太网控制器,用于无线LAN系统或有线LAN系统中的用户访问Internet资源;无线WAN网卡模块,用于无线LAN系统或有线LAN系统中的用户通过访问无线WAN系统,间接访问Internet资源;SIM卡模块,使移动网桥作为移动用户在无线WAN系统中进行认证;IEEE802.1X,远程拨号用户访问服务客户端Radius Client,网络门户Web Portal和基于以太网的点对点通信协议PPPoE模块,用于无线LAN系统或有线LAN系统的用户访问无 Based on the data communication system between networks, including a wireless LAN system, a wired LAN system, a wired system, WAN and wireless WAN system, characterized in that the wireless LAN system and a wired system is connected to a wired LAN and wireless WAN system by moving the bridge WAN system, a mobile bridge contains the following components: a wireless LAN module, the user makes access to the wireless LAN system wireless basic service set BSS consisting of a wireless LAN system; Ethernet LAN controller system that the wired LAN to other wired extended LAN system or wireless LAN system; WAN Ethernet controller, a wireless LAN or a wired LAN system, the system user to access the Internet; the wireless WAN card module, a wireless LAN system or a wired LAN system user by accessing the wireless WAN system, indirect access to Internet resources; SIM card module, the mobile bridge as a mobile user authentication in wireless WAN system; IEEE802.1X, remote dial-up users to access services client Radius client, Web portal and portal-based Ethernet point to point PPPoE communication protocol module, for the user wireless LAN or a wired LAN system without access to the system WAN系统或有线WAN系统时进行身份认证,授权和计费;生成树网桥模块STP Bridge,用于无线LAN系统和有线LAN系统的用户之间的数据包转发;网络地址转换模块NAT,用于无线LAN系统或有线LAN系统的用户访问有线WAN系统或无线WAN系统时的数据包转发。 Wired system for WAN or WAN system authentication, authorization and accounting; spanning tree bridge module STP Bridge, user data packets between a wireless LAN and a wired LAN system forwarding system; the NAT network address translation module, for user wireless LAN system or a wired LAN system, when a data packet access a wired system or a wireless WAN WAN transponder.

其中LAN以太网控制器通过RJ45接口和有线LAN系统进行有线连接,WAN以太网控制器通过RJ45接口与有线WAN系统进行有线连接。 Wherein the wired LAN via the Ethernet controller RJ45 interface and a wired LAN systems, WAN wired Ethernet controller connected to the wired WAN system via the RJ45 interface.

无线WAN网卡模块通过空中接口协议与无线WAN系统进行无线连接。 Wireless WAN card module connected to the wireless WAN radio system the air interface protocol.

其中无线WAN网卡模块为GPRS模块、CDMAlX模块或3G模块。 Wherein the module is a GPRS wireless WAN card module, CDMAlX 3G module or modules.

上述不同的移动网桥之间通过无线分布系统WDS方式进行无线连接。 Bridges between the different mobile wireless connection via a wireless distribution system WDS mode.

所述无线WAN系统包括GPRS网络系统、CDMAlX网络系统、3G网络系统。 The system comprises a GPRS wireless WAN network system, CDMAlX networks, 3G networks.

一种基于网络之间的数据通信方法,无线LAN用户或有线LAN用户不能访问有线WAN系统资源进行数据通信时,通过移动网桥首先访问无线WAN系统资源,通过无线WAN系统再次间接访问Internet资源进行数据通信;用移动网桥对访问有线WAN系统资源或无线WAN系统资源的无线LAN用户或有线LAN用户进行身份认证,认证方法如下:1)移动网桥首先通过网间控制报文协议判断是否能提供有线WAN系统资源给无线LAN用户或有线LAN用户访问;2)如果能提供有线WAN系统资源给无线LAN用户或有线LAN用户访问,采用有线WAN认证方式对访问有线WAN系统资源的无线LAN用户或有线LAN用户进行身份认证; When based on the data communication method between a network, a wireless LAN or wired LAN users can access a wired WAN user resource data communication system, first accesses the wireless WAN system resources by a mobile bridge, via the wireless WAN system again indirectly access the Internet data communications; WAN bridge to access a wired or wireless WAN system resources, system resources wired LAN or wireless LAN user for user authentication, with the mobile authentication as follows: 1) by first moving the bridge Internet control message protocol determines whether wired WAN system resources to the wireless LAN user or wired LAN user access; 2) if wired WAN system resources to the wireless LAN user or wired LAN users to access a wired WAN authentication wireless LAN user to access a wired WAN system resources, or wired LAN user authentication;

3)如果不能提供有线WAN系统资源给无线LAN用户或有线LAN用户访问,移动网桥再次判断是否有无线WAN系统资源能提供给无线LAN用户或有线LAN用户访问;4)如果有无线WAN系统资源能够提供给无线LAN用户或有线LAN用户访问,采用无线WAN的认证方式对访问无线WAN系统资源的无线LAN用户或有线LAN用户进行身份认证;5)如果在步骤3)中没有无线WAN系统资源可提供给无线LAN用户或有线LAN用户访问,则无线LAN用户或有线LAN用户不能访问无线WAN系统资源和有线WAN系统资源,移动网桥不对无线LAN用户或有线LAN用户进行身份认证;各个网络之间数据包的转发如下:(1)无线LAN系统和有线LAN系统之间的数据通过生成树网桥模块STP Bridge完成数据协议的转换和数据包转发;(2)无线LAN系统或有线LAN系统访问有线WAN系统资源时,先通过生成树网桥模块STP Bridge对数据源和目的端口的判断, 3) If it is not wired WAN system resources to the wireless LAN or wired LAN users to access the user, determines whether there is again a mobile bridge system resources to provide wireless WAN to the wired LAN or wireless LAN user access user; 4) the wireless WAN system resource if It can be provided to the wireless LAN user or wired LAN user access using authentication wireless WAN for access to the wireless WAN system resources wireless LAN user or wired LAN user authentication; 5) if there is no wireless WAN system resources) in step 3 may be provided to the wired LAN or wireless LAN user access user, the user wireless LAN or wired LAN users can not access the wireless WAN system resources and system resources wired WAN, wireless LAN user does not move the bridge or wired LAN user authentication; between the respective network forwarding packets as follows: data between the wireless LAN system and a wired LAN system (1) data transfer completion protocol conversion and data packets through the spanning tree bridge module STP Bridge; (2) a wired or wireless LAN system access a wired LAN system when the WAN system resources through the first STP Bridge spanning tree bridge module determines the data source and destination ports, 然后由网络地址转换模块NAT进行网络地址转换,完成数据包的转发;(3)无线LAN系统和有线LAN系统访问无线WAN系统资源时,先通过生成树网桥模块STP Bridge完成数据源和目的端口的判断,然后由网络地址转换模块NAT进行网络地址转换,再经过IP数据打包处理实现协议转换,完成数据包的转发。 Is then converted by the network address, network address translation NAT module forwards data packets; and (3) a wired LAN and a wireless LAN system wireless WAN system access system resources to complete the data source and destination port for the spanning tree bridge module STP Bridge judging, by the network address translation and network address translation NAT module, through the IP protocol conversion data packing process, forwards data packets.

上述步骤2)所述传统认证方式包括:网络门户WEB Portal、IEEE802.1x和基于以太网的点对点通信协议PPPoE认证方式。 Step 2) the legacy authentication comprising: a network portal WEB Portal, IEEE802.1x and Point to Point over Ethernet PPPoE protocol authentication.

步骤4)所述的无线WAN认证方式过程如下: Step 4) the wireless WAN authentication process is as follows:

(i)移动网桥首先通过SIM卡模块作为无线WAN系统用户认证到无线WAN系统中;(ii)有线LAN用户和无线LAN用户通过移动网桥和无线WAN系统的连接,采用WEB Portal、IEEE802.1x或PPPoE的认证方式使有线LAN用户和无线LAN用户在间接访问的Internet系统中得到认证。 (I) first authenticates the mobile bridge to the wireless WAN system via the SIM module as the wireless WAN system users; (ii) wired LAN and wireless LAN user via the user connect the mobile wireless bridges and WAN systems, the use of WEB Portal, IEEE802. 1x or PPPoE authentication way that the wired LAN and wireless LAN user to give the user authentication system in indirect Internet access.

其中无线LAN用户或有线LAN用户访问有线WAN系统资源、无线WAN系统资源时要进行上下行的数据流量控制,控制方法如下:(A)为每个客户端定义七个相关参数,其中包括:a.客户端的MAC地址macAddr;b.客户端的上行速率upRate;c.客户端的下行速率downRate;d.当前时段内用户上行发送数据计数upCount;e.当前时段内用户下行发送数据计数downCount;f.用户上行发送数据总计数upTotal;g.用户下行发送数据总计数downTotal。 Wherein the user wireless LAN or wired LAN user access a wired WAN system resources to system resources for a wireless WAN uplink and downlink data traffic control, the control method is as follows: (A) for each client defines seven parameters, which include: a the client MAC address macAddr;. b uplink rate client upRate;. c downlink rate client downRate;. d within the current session user uplink transmission data count upCount;. e within the current session user downlink transmission data count downCount;. f user the total number of uplink transmission data upTotal;. g total number of user downlink transmission data downTotal.

(B)数据包在排队前需要检查当前时段内已经发送的数据量是否大于用户上/下行速率所规定的数据量;(C)如果当前时段内已经发送的数据量不大于用户上/下行速率所规定的数据量,将该数据包加入到待发的数据包队列中等待发送; (B) data packets before the queue to check the amount of data in the current period has been transmitted is larger than the amount of data required by the user / downlink rate; (C) the amount of data if the current time period that has been sent is not greater than the user / downlink rate predetermined amount of data, the data packet is added to the outgoing queue of packets waiting for transmission;

(D)如果当前时段内已经发送的数据量大于用户上/下行速率所规定的数据量,则将该数据包做丢弃处理。 (D) If the data has been transmitted in the current time period is larger than a predetermined amount of data on a user / downlink rate, then the packet is discarded.

上述当前时段内用户上行发送数据计数upCount和当前时段内用户下行发送数据计数downCount的数值随着数据的发送而不断更新,在每个时段的周期开始时进行一次清零。 Current time period within the above user uplink transmission data and counts the current time period upCount user downlink transmission data values ​​with the transmission data count downCount continuously updated, once cleared at the beginning of each cycle period.

所述方法中移动网桥可以通过WDS连接方式实现在无线LAN系统和无线WAN系统之间的漫游切换。 The process may be roaming mobile switching bridge between the wireless LAN system and a wireless WAN connection system through WDS.

上述所述无线WAN系统包括GPRS网络系统、CDMA1X网络系统、3G网络系统。 The above system comprises GPRS wireless WAN network system, CDMA1X networks, 3G networks.

其中无线LAN用户或有线LAN用户与有线WAN系统或无线WAN系统之间进行数据通信的同时能够进行语音通信。 Wherein while data communication between the wireless LAN or wired LAN user user wired system or a wireless WAN WAN system capable of voice communication.

采用本发明所述的方法后,使无线LAN用户和有线LAN用户在可以访问有线WAN资源时,仍然优选有线WAN资源进行数据通信,因为有线WAN资源拥有丰富的数据资源和高速的数据传输速度。 With the method according to the present invention, a wireless LAN and a wired LAN users can access a wired user when WAN resources, still preferably wired WAN data communication resources, since the wired WAN resources with rich data resources and high-speed data transfer rate. 而在由于地理条件原因引起的不能布线有线WAN系统的地区,无线LAN用户和有线LAN用户可以通过访问无线WAN系统,间接访问Internet资源来实现不间断的数据通信,从而为无线LAN用户和有线LAN用户在更大范围的地点都可以访问网络资源,实现实时数据通信的功能,也为实现无线办公、无线上网、移动互联网、移动信息社会化的网络技术战略奠定了基础。 In the wiring area is not wired WAN system caused due to geographical conditions, the user wireless LAN and the wired LAN users can access the wireless WAN system, indirect access to Internet resources for uninterrupted data communications, such as wireless LAN and the wired LAN users users can access the site at a greater range of network resources to achieve real-time data communication functions, but also for the wireless office, wireless Internet, mobile Internet, mobile network technology of the information society strategy laid the foundation.

附图说明 BRIEF DESCRIPTION

图1是本发明所述网络系统的拓扑图; FIG 1 is a network topology diagram of the system of the invention;

图2是本发明中移动网桥内部的模块结构组成框图;图3是有线WAN系统和无线WAN系统对无线LAN用户或有线LAN用户进行认证的流程图;图4是无线LAN用户或有线LAN用户访问有线WAN系统资源和无线WAN系统资源时对数据包进行控制和传送的流程图。 FIG 2 is a block diagram showing the composition of the present invention, a mobile bridge module structure; FIG. 3 is a flowchart of wired and wireless WAN WAN systems wired LAN or wireless LAN user authenticating a user; FIG. 4 is a wireless LAN or wired LAN user access user a control flowchart of the data packet transfer and a wired WAN wireless WAN system resources and system resources.

具体实施方式 Detailed ways

下面结合附图对本发明的具体实施作进一步的说明。 BRIEF particular embodiment of the present invention will be further described below in connection.

图1所示,本发明所述的整体系统包括无线WAN系统3、有线WAN系统2、有线LAN系统和无线LAN系统1。 1, the overall system of the present invention includes a wireless WAN system 3, a wired WAN system 2, a wired LAN system and the wireless LAN system 1. 其中有线LAN系统和无线LAN系统1的用户通过移动网桥4的路由和网关作用可以访问到有线WAN系统2和无线WAN系统3的网络资源,在可以访问有线WAN系统2的情况下,移动网桥4优先把有线LAN系统和无线LAN系统1的用户接入到有线WAN系统2中,使有线LAN系统和无线LAN系统1的用户直接访问有线WAN系统资源;在不能布线有线WAN系统2的地方或有线WAN系统2出现故障不能访问时,移动网桥4通过无线WAN的认证方式把有线LAN系统和无线LAN系统1的用户接入到无线WAN系统3,通过无线WAN系统3间接去访问Internet数据资源,保证有线LAN系统和无线LAN系统1的用户能够更大范围的访问广域网的数据资源。 Wherein the wired LAN system and a wireless LAN system 1 can be accessed by the user and as a gateway routing bridge 4 moves to a wired WAN system network resources 2 and 3 of the wireless WAN system, in the case where the system can access a wired WAN 2, the mobile network 4 the bridge priority wired LAN system and a wireless LAN system 1 of the user access to the wired WAN system 2, so that a wired LAN system and a wireless LAN system 1, the user directly access a wired WAN system resource; WAN cable where the wiring system is not 2 2 or wired WAN system failure can not access, by moving the bridge 4 of the authentication method the wireless WAN access a wired LAN system and a wireless LAN system 1 user to the wireless WAN system 3, 3 to indirectly access the Internet via the wireless WAN system data resources to ensure that the user wired LAN system and a wireless LAN system 1 can access a wider range of data resources of the WAN. 移动网桥4的优越性在于它的移动性,为了应用的方便性,它可人为的安装在不能布线有线WAN系统2的地方或有线WAN系统2出现故障的地方,使有线LAN系统和无线LAN系统1的用户更好的保持与网络的通信功能,其中不同的移动网桥4之间可以通过有线的方式进行连接,也可以采用无线分布系统WDS(Wireless Distribution System)技术进行无线方式的连接,使移动网桥4能够在更大范围内进行移动。 Moving the bridge 4 is its advantage of mobility, for convenience of application, it can not be installed in the artificial WAN cable wiring system 2 or wired local system 2 WAN failure, so that a wired LAN and a wireless LAN system 1 system user to maintain better network communication function, wherein different mobile bridge may be connected by a wired manner between 4, may be used a wireless distribution system WDS (wireless distribution system) technology for the wireless connection, 4 the movable bridge can be moved in a larger range. 移动网桥4内部的模块结构组成如图2所示,其中包括有用于各个网络之间数据包转发和数据包协议转换的生成树网桥模块STP Bridge11和网络地址转换模块NAT 14;还包括无线网卡模块13,其符合标准IEEE 802.11、IEEE 802.11a、IEEE 802.11b和IEEE 802.11g,通过基本服务集BSS和无线分布系统WDS组建成的无线LAN系统,实现用户的无线接入功能;还包括LAN以太网控制器12,使有线LAN用户通过有线LAN系统扩展到其他有线LAN系统或无线LAN系统;还包括WAN以太网控制器15,通过WAN以太网控制器15使有线LAN用户和无线LAN用户访问Internet资源;还包括无线WAN网卡模块10,根据无线WAN系统的不同,无线WAN网卡模块10可以为GPRS模块,CDMA1X模块或3G模块,所述3G模块进一步可以为通用移动通信系统(UMTS,Universal Mobile Telecommunication System)模块,宽带CDMA(WCDMA,Wideband CDMA)模块,CDMA 2000 EV-DO/EV-DV模块, Module structure inside the mobile bridge consisting of 4 shown in Figure 2, including for forwarding packets between the network and the individual packets of the spanning tree bridge protocol conversion module STP Bridge11 module and network address translation NAT 14; further comprising a wireless card module 13, which meet the standards IEEE 802.11, IEEE 802.11a, IEEE 802.11b and IEEE 802.11g, into the formation through the basic service set BSS and wireless distribution system WDS wireless LAN system, the wireless access user; LAN further comprises Ethernet controller 12, so that the user wired LAN via the wired LAN to other wired system extended LAN system or wireless LAN system; Ethernet controller 15 further includes a WAN, via a WAN Ethernet wired LAN controller 15 and wireless LAN user access users Internet resource; WAN card further comprises a wireless module 10, depending on the wireless WAN system, the wireless WAN 10 may be a card module GPRS module, or modules CDMAlX 3G module, the module further may be a 3G universal mobile telecommunications system (UMTS, universal mobile Telecommunication System) module, wideband CDMA (WCDMA, wideband CDMA) module, CDMA 2000 EV-DO / EV-DV module 时分同步CDMA(TDS-CDMA)模块或全球微波接入互操作性(WiMAX,World Interoperability for Microwave Access)模块等。 Time Division Synchronous CDMA (TDS-CDMA), or global module Interoperability for Microwave Access (WiMAX, World Interoperability for Microwave Access) module. 如有线LAN用户和无线LAN用户通过GPRS网络系统间接访问Internet资源时,其中无线WAN网卡模块10既为GPRS模块;另外还包括各种认证模块:IEEE802.1X模块18、远程拨号用户访问服务客户端(Radius Client,Remote Access Dail-In User Service Client)模块16、网络门户Web Portal模块17及基于以太网的点对点通信协议(PPPoE,Point to Point Protocol over Ethernet)模块19、SIM卡模块20,其中SIM卡模块20作为移动网桥4的个人识别模块使移动网桥4本身作为无线WAN系统中的一个移动用户认证到无线WAN系统,在间接访问的Internet中,通过Radius Client模块16和WebPortal模块17相结合的认证方式或通过IEEE802.1X模块18认证方式、PPPoE模块19认证方式对间接访问Internet资源的有线LAN用户和无线LAN用户的身份进行认证;同时通过Radius Client模块16和Web Portal模块17相结合的认证方式或通过IEEE802.1X模块18认证方式、PPPoE模块19认 When a user such as a wired LAN and a wireless LAN system indirectly through the GPRS network users to access the Internet, where the wireless WAN card module 10 is both GPRS module; also includes various authentication modules: IEEE802.1X module 18, remote dial-up access to a service client (Radius Client, Remote Access Dail-in User Service Client) module 16, a network module 17 and the portal web portal point to point communication protocol over Ethernet (PPPoE, Point to Point protocol over Ethernet) module. 19, SIM card module 20, wherein the SIM module card 20 personal identification module of a mobile bridge 4 of the movable bridge 4 itself as a mobile user authentication system of the wireless WAN system to the wireless WAN, the Internet accessed indirectly by Radius Client module 16 and module relative WebPortal 17 or a combination of authentication, PPPoE module 19 authentication indirect access to Internet resources wired LAN users and wireless LAN user's identity authenticated by IEEE802.1X authentication module 18; 17 simultaneously by combining Radius Client module 16 and module Web Portal or by IEEE802.1X authentication module 18 authentication, PPPoE module 19 recognized 证方式对直接访问有线WAN系统资源的有线LAN用户和无线LAN用户的身份进行认证。 Identity card way to directly access the wired WAN system resources wired LAN and wireless LAN users to authenticate users.

其中LAN以太网控制器12和WAN以太网控制器15通过标准接口协议RJ45分别和有线LAN系统和有线WAN系统进行有线连接,无线WAN网卡模块10过空中接口协议无线连接到无线WAN系统中进行数据资源的访问。 Wherein the Ethernet LAN and WAN Ethernet controller 12 and the controller 15 are respectively wired LAN system and a wired WAN systems wired connection, a wireless WAN card module air interface protocol over the radio 10 via an interface protocol standard RJ45 connected to a wireless WAN system data access to resources.

如图3所示,为有线WAN系统和无线WAN系统对访问其资源的有线LAN用户和无线LAN用户进行身份认证的流程图,步骤30中,有线LAN用户和无线LAN用户通过移动网桥访问有线WAN系统或无线WAN系统,步骤31中移动网桥判断是否可以提供有线WAN资源,如果可以提供有线WAN系统资源供有线LAN用户和无线LAN用户访问,则执行步骤32,其中移动网桥采用网间控制报文协议(ICMP,InternetControl Message Protocol)中处于应用层的PING(Packet InterNetGroper)命令来检测是否有能够提供有线WAN资源的设备可以到达,如果检测到有可以到达的有线WAN资源设备,则移动网桥认为能够提供有线WAN系统资源给无线LAN用户或有线LAN用户访问;如果没有检测到可以到达的有线WAN资源设备,则移动网桥认为不能够提供有线WAN系统资源给无线LAN用户或有线LAN用户访问。 As shown, authenticates access to its resources wired LAN and wireless LAN user user 3 WAN is a wired and wireless WAN system flow chart, in step 30, the wired LAN and wireless LAN user through user mobile access a wired bridge WAN system or a wireless WAN system, step 31 determines whether the mobile bridge wired WAN resources may be provided, if the system can be wired WAN resources for wired LAN and wireless LAN user access to the user, step 32, where the mobile bridge using Internet control message protocol (ICMP, InternetControl message protocol) of at PING (packet InterNetGroper) application layer command to detect whether a device capable of providing a wired WAN resources may reach, if it detects wired WAN resources that can reach, the mobile network WAN bridge that can be wired to a wireless LAN user system resources or access to the wired LAN user; if no resource wired WAN device may reach, the mobile bridge that can not be wired WAN system resources to the user wireless LAN or wired LAN user access. 步骤32中,采用Radius Client和Web Portal相结合的认证方式、IEEE802.1X认证方式或PPPoE协议的认证方式等有线WAN认证方式对有线LAN用户和无线LAN用户进行身份认证;在步骤31中如果判断出不能提供有线WAN系统资源,则在步骤33移动网桥判断是否有无线WAN系统资源可以供访问,如果有转到步骤34中,使用无线WAN的认证方式对用户身份进行认证,其中无线WAN的认证方式包括无线WAN对接入到自身网络系统的用户终端所携带的用户识别模块,如SIM卡(用于GSM网络系统)或UIM卡(用于CDMA网络系统),或是对终端本身内芯片上所烧制的一些序列号数据进行鉴权认证,来保证只有合法的有线LAN用户或无线LAN用户访问无线WAN系统资源。 In step 32, authentication using Radius Client Web Portal and combined, the IEEE802.1X authentication or authentication protocol PPPoE WAN wired LAN user authentication wired and wireless LAN user authentication; if it is determined at step 31 the system does not provide a wired WAN resources, then in step 33 whether there is movement of the bridge determines that the wireless WAN for access to system resources, if there is go to step 34, using a wireless WAN authentication mode to authenticate a user identity, wherein the wireless WAN includes wireless WAN authentication to access the network system itself carried by a user terminal a user identity module, such as a SIM card (for GSM networks) or UIM (for CDMA networks), or the terminal itself on the chip Some serial number data on the fired performs authentication to ensure that only valid users wired LAN or wireless LAN user access the wireless WAN system resources. 即上述在步骤35中利用移动网桥中的SIM卡模块,让移动网桥作为无线WAN系统中的一个移动用户认证到无线WAN系统中,然后在步骤36中,在通过无线WAN系统间接访问的Internet资源中,通过传统的认证方式对访问Internet资源的每一个无线LAN用户和有线LAN用户进行身份认证,其中所述传统的认证方式与步骤32所述的认证方式相同;在步骤33中如果判断出没有无线WAN系统资源可供访问,则转到步骤37通知无线LAN用户和有线LAN用户此时不能访问网络资源,移动网桥不负责处理用户身份认证。 I.e., above the bridge using a mobile module in the SIM card in step 35, so that movement of the bridge as a wireless WAN system, mobile user authentication to the wireless WAN system, then, in step 36, the wireless WAN system by indirect access Internet resources, authentication is performed by a conventional manner to access Internet resources each user wireless LAN and the wired LAN user authentication, wherein authentication of the same conventional manner as in step 32, the authentication mode; if it is determined at step 33 a wireless WAN is not available for access system resources, go to step 37 notifies the user wireless LAN and the wired LAN users can access network resources at this time, the bridge is not responsible for the mobile user authentication.

对用户进行完身份认证后,就可以访问网络数据资源了。 After completion of the user identity authentication, you can access the network resource data. 如果只是无线LAN系统内的数据包转发,则只通过无线网卡模块13对数据包进行转发;无线LAN系统和有线LAN系统之间的数据包通过生成树网桥STP Bridge模块和无线网卡模块共同完成转发机制;无线LAN系统和有线LAN系统访问有线WAN系统资源时数据包先由生成树网桥STP Bridge模块完成数据源和目的端口的判断,然后由将数据发送到网络地址转换NAT模块完成数据包网络地址的转换,发送到有线WAN系统中,相反方向的数据包转换过程相逆;无线LAN系统和有线LAN系统访问无线WAN系统资源时数据包的转发也是经过先由生成树网桥STP Bridge模块完成数据源和目的端口的判断,然后由其将数据发送到网络地址转换NAT模块完成数据包网络地址的转换,其次还要进行IP数据打包处理过程,以保证网络不同协议之间的转换,此IP包处理过程可以通过软件在移动网桥中实现,也可以 If the packet in the wireless LAN system merely forwarded only forwarded through the wireless LAN module 13 of the data packet; packets between the wireless LAN system and a wired LAN systems spanning tree bridge STP Bridge module and the wireless network adapter modules together to complete forwarding mechanism; wireless LAN system and a wired system access a wired LAN system resources WAN packets start with STP Bridge spanning tree bridge module judging completion of the data source and destination ports, and then send the data to the network address translation NAT module completion packet network address conversion, transmits to the wired WAN system, the packet opposite direction with an inverse conversion process; wireless LAN system and a wired LAN system access resource forwards the packet through the wireless WAN system is also STP Bridge first by the spanning tree bridge module to complete the data source and destination ports judgment, who then sends the data to the network address translation NAT module for conversion packet network address, followed by even the IP packetizing process, to ensure that the transition between different network protocols, this IP packet processing by software may be implemented in a mobile network bridge, may be 无线WAN网卡模块中实现,其实现过程根据无线WAN系统类型的不同其处理过程也是不同的。 Wireless WAN card module is implemented, the process according to the realization of different types of wireless WAN system which processes are different.

网络间数据包转发过程中需要在移动网桥上实现用户数据流量控制功能,用户流量控制,即在用户身份已经通过认证和授权后,根据各个网络允许的数据速率需要对用户的数据流量进行采集、限制,同时提供记帐信息。 Forwarding the network packets between the user data need to implement flow control on the mobile bridge, and traffic control that has, according to the respective data rate allowed by the network needs to collect traffic data for user authentication and authorization by the user limit, while providing billing information. 用户数据流量控制既可以在数据包的二层生成树网桥转发机制上实现,也可以在三层路由转发机制中实现,基本原理就是控制网络接口的数据外发速率。 User data flow control may be implemented on a bridge spanning tree Layer packet forwarding mechanism can be implemented in the IP routing forwarding mechanism, the basic principle is to control the external data network interface rate of hair. 由于在移动网桥中需要控制的用户数据流量是接入无线WAN系统和有线WAN系统的数据流量,因此我们可以在三层网络地址转换NAT模块的基础上对用户数据流量进行控制。 The user data traffic based control since the user data traffic in the mobile network bridge need to control access to the wireless WAN data traffic system and a wired WAN systems, we can convert the three NAT module address on the network.

用户数据流量控制是通过队列机制实现的,对于移动网桥而言,我们可以将LAN以太网控制器接口和无线网卡模块的无线接口看作是下行端口,WAN以太网控制器接口和无线WAN网卡模块的无线接口看作是上行端口。 User data flow control is achieved by queuing mechanism for moving a bridge, we can be a wireless interface and a wireless LAN Ethernet controller interface card module seen downlink port, WAN and wireless WAN Ethernet controller interface card wireless interface module considered uplink port.

用户数据流量控制就是要控制用户通过设备接口发送出数据的速率,如果需要控制用户的上行数据速率,就需要控制用户发出并由设备转发向上行端口的数据发送速率,而如果需要控制用户的下行速率,则需要控制由设备转发向下行端口发往用户的数据发送速率。 User data flow control is to control the rate of user data transmitted via the interface device, if the user needs to control the uplink data rate, it is necessary to control the user equipment is issued by forwarding the upward line transmission port data rate, and if the user requires a downlink control rate, the port needs to be controlled to the downlink data destined for the user apparatus forwarded from the transmission rate. 由于我们只能控制网络接口的发送速率,我们只能将流量控制功能插入到流程中的两个阶段:即在数据包排队前或数据包排队后进行控制。 Since we can control the transmission rate of the network interface, we can only be inserted into the flow control process in two stages: the packets are queued before or after the control packet queue. 考虑到如果在数据包排队后再进行流量控制,需要队列有足够大的容量才不至于轻易造成队列的溢出,而且也需要有额外的处理时间,因此采用在数据包排队前就进行流量控制。 Taking into account if the flow control packets are queued and then, you need to have a large enough capacity queue if they are not likely to cause overflow queue, but also requires additional processing time, so a data packet queuing in front of it for traffic control.

无论数据包是从上行端口发往下行端口还是从下行端口发往上行端口,数据包在进出网络地址转换NAT模块进行数据包排队前就要进行数据流量控制,来控制数据的转发速度。 Whether the packet is sent to the next row from the uplink port or ports from the downlink port to send up a parallel port, packets out of the network address translation NAT module for packet data flow control is necessary prior to queuing, forwarding speed controlling data.

图4所示,在步骤100中网络地址转换NAT模块首先从上行或下行网络端口接收数据包,然后在步骤200中,网络地址转换NAT模块会根据数据包的包头标志对接收到的数据包进行必要的过滤,保留需要转发的数据包,丢弃不合法的数据包;然后在步骤300中将数据包从上行链路或下行链路进行转发,在加入到待发的数据包排队前,首先在步骤400中为每个用户定义七个相关参数,其中包括:客户端的MAC地址macAddr;客户端的上行速率upRate;客户端的下行速率downRate;当前时段(1秒)内用户上行发送数据计数upCount;当前时段(1秒)内用户下行发送数据计数downCount;用户上行发送数据总计数upTotal;用户下行发送数据总计数downTotal;增加流量控制的方法是,数据包在排队前需要检查当前时段(1秒)内用户已发送的上/下行数据量是否大于用户上/下行速率所规定的数据量,如 As shown in FIG. 4, in step 100 a network address translation NAT NAT module first module from the network port to receive uplink or downlink packet, then in step 200, network address translation according to the flag data packet header received data packet filtering necessary to retain the data packet to be forwarded, discards illegal packets; and then forwards the uplink or downlink packet data at step 300 will, prior to addition to the outgoing packets queue, the first in step 400 define seven parameters for each user, which comprises: client's MAC address MACADDR; uplink rate client upRate; downlink rate client downrate; current time period (1 second) user uplink transmission data count UPCOUNT; current time (1 second) user downlink transmission data count downCount; user uplink transmission data the total number of upTotal; user downlink transmission data the total number downTotal; a method for increasing the flow control, the data packets need to check the current time period (1 second) the user before the queue amount / downlink data has been transmitted is larger than a predetermined amount of data / downlink rate user, such as 不是,才转到步骤600中将该数据包加入到待发队列中,然后在步骤700中将数据包向上行端口或下行端口进行发送;否则转到步骤800将该数据包做丢弃处理。 Not, it proceeds to step 600, the packet is added to the outgoing queue and port parallel port or downlink transmission direction in step 700 in the data packet; otherwise, to step 800 the data packet are discarded. 其中upCount/downCount的数值随着数据发送过程而不断的更新,设置每个时段周期即1秒开始清一次零,这样可以保证每次检查到的数据总为刷新的数据,使用户数据流量得到精确的控制。 Wherein the value upCount / downCount with the data transmitting process constantly updated, i.e., provided in each one second time period begins once cleared to zero, so that each can be checked to ensure that data is always refreshed data, user data flow to obtain precise control.

移动网桥之间可以通过无线分布系统WDS的无线连接方式,使无线LAN用户在可以访问无线LAN系统资源的地区进入到不能访问无线LAN系统资源的地区时,移动网桥可以自动作为无线WAN系统中的移动用户认证到无线WAN系统,使无线LAN用户通过移动网桥漫游在无线WAN系统中,进行对无线WAN系统资源的访问;同时在由不能访问无线LAN系统资源的地区进入到可以访问无线LAN系统资源的地区时,移动网桥也可以自动作为接入点AP把无线LAN用户切换到无线LAN系统,使其访问无线LAN系统资源,从而完成移动网桥在无线LAN系统和无线WAN系统之间的漫游切换。 When a wireless connection by a wireless distribution system WDS, the wireless LAN bridge in the region between the mobile user can access the wireless LAN system resources into areas not access the wireless LAN system resources, the bridge may be automatically moved as a wireless WAN system mobile user authentication to the wireless WAN system, a user of the wireless LAN through a mobile bridge roaming wireless WAN system, access to the wireless WAN system resources; while entering the area can not be accessed by the wireless LAN system can access a wireless resource to when the area LAN system resources, the mobile bridge may be automatically switched to the access point AP to the wireless LAN wireless LAN user system to access the wireless LAN system resources, thereby completing the bridge moving in the wireless LAN system and the wireless WAN systems switching between roaming.

在无线LAN用户或有线LAN用户访问有线WAN系统资源,或通过无线WAN系统间接访问Internet资源进行数据通信时,可以在无线LAN用户或有线LAN用户的终端中增加语音编码模块,实现在进行数据通信的同时,可以进行基于分组交换的语音通信或基于电路交换的语音通信,满足用户对上网浏览网页、同时进行语音通话的需求。 Wired WAN access system resources in a wireless LAN or wired LAN user user, or indirectly via a data communication resources of the wireless WAN system to access the Internet, can be increased in the speech encoding module wired LAN or wireless LAN user terminal of the user, to realize the data communication is performed at the same time, voice communication may be based on a packet switched or circuit-switched voice communication, browsing on the Internet to meet the user, while the demand for voice call.

Claims (10)

1.一种基于网络之间的数据通信系统,包括无线LAN系统、有线LAN系统、有线WAN系统和无线WAN系统,其特征在于,无线LAN系统和有线LAN系统通过移动网桥连接到有线WAN系统和无线WAN系统,移动网桥中包含如下组件:无线网卡模块,使无线LAN系统的用户无线接入由基本服务集BSS组成的无线LAN系统;LAN以太网控制器,使有线LAN系统扩展到其它的有线LAN系统或无线LAN系统;WAN以太网控制器,用于无线LAN系统或有线LAN系统中的用户访问Internet资源;无线WAN网卡模块,用于无线LAN系统或有线LAN系统中的用户通过访问无线WAN系统,间接访问Internet资源;SIM卡模块,使移动网桥作为移动用户在无线WAN系统中进行认证;IEEE802.1X,远程拨号用户访问服务客户端Radius Client,网络门户Web Portal和基于以太网的点对点通信协议PPPoE模块,用于无线LAN系统或有线LAN系统的用户访问 1. Based on the data communication system between networks, including a wireless LAN system, a wired LAN system, a wired system, WAN and wireless WAN system, characterized in that the wireless LAN system and a wired LAN cable connected to the system through a mobile bridge system WAN and the wireless WAN system, a mobile bridge contains the following components: a wireless LAN module, the user makes access to the wireless LAN system wireless basic service set BSS consisting of a wireless LAN system; Ethernet LAN controller, so that the system be extended to other wired LAN a wired LAN system or wireless LAN system; WAN Ethernet controller, a wireless LAN or a wired LAN system, the system user to access the Internet; the wireless WAN module card, for the user wireless LAN or a wired LAN system by accessing the system wireless WAN system, indirect access to Internet resources; SIM card module, the mobile bridge as a mobile user authentication in wireless WAN system; IEEE802.1X, remote dial-up users to access services client Radius client, Web portal and portal-based Ethernet P2P communication PPPoE protocol module, a user accessing a wireless LAN system or a wired LAN system 线WAN系统或有线WAN系统时进行身份认证,授权和计费;生成树网桥模块STP Bridge,用于无线LAN系统和有线LAN系统的用户之间的数据包转发;网络地址转换模块NAT,用于无线LAN系统或有线LAN系统的用户访问有线WAN系统或无线WAN系统时的数据包转发。 WAN system into line system or wired WAN authentication, authorization and accounting; spanning tree bridge module STP Bridge, user data packets between a wireless LAN and a wired LAN system forwarding system; the NAT Network Address Translation module, with when the packet forwarding WAN access a wired system or a wireless WAN wireless LAN system to the user system or a wired LAN system.
2.根据权利要求1所述的基于网络之间的数据通信系统,其特征在于:LAN以太网控制器通过RJ45接口和有线LAN系统进行有线连接,WAN以太网控制器通过RJ45接口与有线WAN系统进行有线连接。 According to claim-based data communication system between networks, characterized in that said 1: LAN Ethernet controller via a wired connection RJ45 interface and a wired LAN systems, WAN Ethernet controller via a wired WAN RJ45 interface system wired connection.
3.根据权利要求1所述的基于网络之间的数据通信系统,其特征在于:无线WAN网卡模块通过空中接口协议与无线WAN系统进行无线连接。 3. Based on the data communication system between the network according to claim 1, wherein: the wireless WAN card module via a wireless connection with the wireless WAN air interface protocol system.
4.根据权利要求3所述的基于网络之间的数据通信系统,其特征在于:无线WAN网卡模块为GPRS模块、CDMA1X模块或3G模块。 GPRS wireless WAN module card module, 3G module or modules CDMAlX: 4. 3 based on the data communication system between a network, wherein according to the claims.
5.根据权利要求1所述的基于网络之间的数据通信系统,其特征在于:不同的移动网桥之间通过无线分布系统WDS方式进行无线连接。 According to claim-based data communication system between networks, characterized in that said 1: a wireless connection between different mobile bridge by way of a wireless distribution system WDS.
6.根据权利要求1或3所述的基于网络之间的数据通信系统,其特征在于:所述无线WAN系统包括GPRS网络系统、CDMA1X网络系统、3G网络系统。 According to claim 13 or based on the data communication system between networks claim wherein: the system comprises a GPRS wireless WAN network system, the network system CDMAlX, 3G network system.
7.一种基于网络之间的数据通信方法,其特征在于,无线LAN用户或有线LAN用户不能访问有线WAN系统资源进行数据通信时,通过移动网桥首先访问无线WAN系统资源,通过无线WAN系统再次间接访问Internet资源进行数据通信;用移动网桥对访问有线WAN系统资源或无线WAN系统资源的无线LAN用户或有线LAN用户进行身份认证,认证方法如下:1)移动网桥首先通过网间控制报文协议判断是否能提供有线WAN系统资源给无线LAN用户或有线LAN用户访问;2)如果能提供有线WAN系统资源给无线LAN用户或有线LAN用户访问,采用有线WAN认证方式对访问有线WAN系统资源的无线LAN用户或有线LAN用户进行身份认证;3)如果不能提供有线WAN系统资源给无线LAN用户或有线LAN用户访问,移动网桥再次判断是否有无线WAN系统资源能提供给无线LAN用户或有线LAN用户访问;4)如果有无线WAN系统资源能够 A data communication method based on the network between, wherein the user wireless LAN or wired LAN users can access a wired WAN data communication system resources, system resources are accessed first by moving the wireless WAN bridge, through the wireless WAN system again indirectly access the Internet to perform data communication; wireless LAN bridge with the mobile user system resources or access a wired WAN wireless WAN or wired LAN system resources for user authentication, the authentication method is as follows: 1) by first moving the bridge Internet control whether the message protocol is determined to provide a wired WAN system resources to the wireless LAN user or wired LAN user access; 2) if wired WAN system resources to the wireless LAN user or wired LAN users to access a wired WAN authentication to access a wired WAN system wired LAN or wireless LAN user performs user authentication resources; 3) If it is not wired WAN system resources to the wireless LAN or wired LAN users to access the user, the mobile determines whether there is again a bridge wireless WAN system resources to provide wireless LAN user or wired LAN user access; 4) If the wireless WAN system resources can be 供给无线LAN用户或有线LAN用户访问,采用无线WAN的认证方式对访问无线WAN系统资源的无线LAN用户或有线LAN用户进行身份认证;5)如果在步骤3)中没有无线WAN系统资源可提供给无线LAN用户或有线LAN用户访问,则无线LAN用户或有线LAN用户不能访问无线WAN系统资源和有线WAN系统资源,移动网桥不对无线LAN用户或有线LAN用户进行身份认证;各个网络之间数据包的转发如下:(1)无线LAN系统和有线LAN系统之间的数据通过生成树网桥模块STP Bridge完成数据协议的转换和数据包转发;(2)无线LAN系统或有线LAN系统访问有线WAN系统资源时,先通过生成树网桥模块STP Bridge对数据源和目的端口的判断,然后由网络地址转换模块NAT进行网络地址转换,完成数据包的转发;(3)无线LAN系统和有线LAN系统访问无线WAN系统资源时,先通过生成树网桥模块STP Bridge完成数据源和目的端口的 Supplying wireless LAN user or wired LAN user access using authentication wireless WAN for access to the wireless WAN system resources wireless LAN user or wired LAN user authentication; 5) if there is no wireless WAN system resources available to the step 3) user wireless LAN or wired LAN user access, the user wireless LAN or wired LAN users can not access the wireless WAN system resources and system resources wired WAN, wireless LAN user does not move the bridge or wired LAN user authentication; packets between various network forwarding the following: data between the wireless LAN system and a wired LAN system (1) data transfer completion protocol conversion and data packets through the spanning tree bridge module STP Bridge; (2) a wired or wireless LAN system access a wired LAN system WAN system resource, the first through the spanning tree bridge STP Bridge module determines the data source and destination port, and network address translation by the NAT network address translation module forwards data packets; (3) a wired LAN system and the wireless LAN access system when the wireless WAN system resources, the first port for the spanning tree bridge module STP Bridge completion of the data source and destination 断,然后由网络地址转换模块NAT进行网络地址转换,再经过IP数据打包处理实现协议转换,完成数据包的转发。 Off, then by the network address translation NAT network address translation module, the data packing process and then through the IP protocol conversion, packet forwarding is completed.
8.根据权利要求7所述的基于网络之间的数据通信方法,其特征在于,步骤2)所述传统认证方式包括:网络门户WEB Portal认证方式、IEEE802.1x认证方式和基于以太网的点对点通信协议PPPoE认证方式。 8. Based on the data communication method between a network, characterized in that said claim 7, Step 2) according to a conventional authentication comprising: a network portal WEB Portal authentication mode, the authentication mode IEEE802.1x and Ethernet-based point- communication protocols PPPoE authentication.
9.根据权利要求7所述的基于网络之间的数据通信方法,其特征在于,步骤4)所述的无线WAN认证方式过程如下:(i)移动网桥首先通过SIM卡模块作为无线WAN系统用户认证到无线WAN系统中;(ii)有线LAN用户和无线LAN用户通过移动网桥和无线WAN系统的连接,采用WEB Portal、IEEE802.1x或PPPoE的认证方式使有线LAN用户和无线LAN用户在间接访问的Internet系统中得到认证。 According to claim 7 based data communication method between a network, wherein the step 4) of the wireless WAN authentication procedure is as follows: (i) first moves the bridge via the SIM module as the wireless WAN system user authentication to the wireless WAN system; (ii) wired LAN and wireless LAN user via the user connect the mobile wireless bridges and WAN systems, the use of WEB Portal, IEEE802.1x or PPPoE authentication way that the wired LAN and wireless LAN user in the user Internet access in the indirect system certified.
10.根据权利要求7所述的基于网络之间的数据通信方法,其特征在于,无线LAN用户或有线LAN用户访问有线WAN系统资源、无线WAN系统资源时要进行上下行的数据流量控制,控制方法如下:(A)为每个客户端定义七个相关参数,其中包括:a.客户端的MAC地址macAddr;b.客户端的上行速率upRate;c.客户端的下行速率downRate;d.当前时段内用户上行发送数据计数upCount; According to claim 7 based data communication method between a network, wherein the wireless LAN or wired LAN users access a wired WAN user system resources, the data traffic to the uplink and downlink control wireless WAN system resources, control as follows: (a) for each client define seven parameters, including:.. a client MAC address macAddr; b uplink rate client upRate; c downlink rate client downRate; d within the period the user is currently. UPCOUNT uplink transmission data count;
CNB031018785A 2003-01-28 2003-01-28 Data communication system and method between networks CN1172489C (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CNB031018785A CN1172489C (en) 2003-01-28 2003-01-28 Data communication system and method between networks

Applications Claiming Priority (5)

Application Number Priority Date Filing Date Title
CNB031018785A CN1172489C (en) 2003-01-28 2003-01-28 Data communication system and method between networks
US10/515,771 US7995516B2 (en) 2003-01-28 2003-06-30 Mobile wireless base station
EP03739359A EP1588502A4 (en) 2003-01-28 2003-06-30 Mobile wireless base station
PCT/US2003/020605 WO2004070970A1 (en) 2003-01-28 2003-06-30 Mobile wireless base station
AU2003245754A AU2003245754A1 (en) 2003-01-28 2003-06-30 Mobile wireless base station

Publications (2)

Publication Number Publication Date
CN1430387A CN1430387A (en) 2003-07-16
CN1172489C true CN1172489C (en) 2004-10-20

Family

ID=4789958

Family Applications (1)

Application Number Title Priority Date Filing Date
CNB031018785A CN1172489C (en) 2003-01-28 2003-01-28 Data communication system and method between networks

Country Status (4)

Country Link
EP (1) EP1588502A4 (en)
CN (1) CN1172489C (en)
AU (1) AU2003245754A1 (en)
WO (1) WO2004070970A1 (en)

Families Citing this family (20)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1305252C (en) * 2003-09-10 2007-03-14 大唐电信科技股份有限公司无线通信分公司 Wireless moile double-mode network card, its working mode control and power supply management method
NZ547786A (en) 2003-12-19 2007-12-21 Univ California Resource sharing broadband access system, methods and devices
WO2005079313A2 (en) 2004-02-13 2005-09-01 The Regents Of The University Of California Adaptive bias current circuit and method for amplifiers
US7881267B2 (en) 2004-06-04 2011-02-01 Hewlett-Packard Development Company, L.P. Portable computing device for wireless communications and method of operation
US7339913B2 (en) 2004-08-17 2008-03-04 Intel Corporation Method and system of network management and service provisioning for broadband wireless networks
US20060114883A1 (en) 2004-12-01 2006-06-01 Mehta Pratik M System and method for wireless cellular enabled information handling system router
US8838963B2 (en) 2005-02-04 2014-09-16 Apple Inc. Security enhancement arrangement
KR101253352B1 (en) 2005-05-13 2013-04-11 유니버시티 오브 매릴랜드 칼리지 팍 Authentication method for wireless distributed system
AU2005100399A4 (en) * 2005-05-13 2005-06-23 Mobile Ip Pty Ltd Free2move
ZA200710584B (en) 2005-05-16 2009-07-29 Iwics Inc Multi-medium wide area communication network
US7813314B2 (en) 2005-08-02 2010-10-12 Waav Inc. Mobile router device
CN100471167C (en) 2005-09-08 2009-03-18 华为技术有限公司 Method and apparatus for managing wireless access-in wide-band users
US8121071B2 (en) 2005-11-10 2012-02-21 Sierra Wireless America, Inc. Gateway network multiplexing
US8054778B2 (en) 2005-11-10 2011-11-08 Junxion, Inc. LAN/WWAN gateway carrier customization
FR2905547A1 (en) * 2006-09-05 2008-03-07 Thomson Licensing Sas Connectable network equipment for wireless network in infrastructure mode
US10075376B2 (en) 2007-04-18 2018-09-11 Waav Inc. Mobile network operating method
CN101399727B (en) * 2007-09-28 2012-04-18 华为技术有限公司 Wireless wideband access network, device and access method
CN101754434A (en) 2010-01-20 2010-06-23 中兴通讯股份有限公司 Access method, system and device
CN103368868A (en) * 2012-04-05 2013-10-23 中国移动通信集团江苏有限公司 Network flow bandwidth control method, device and system
CN104080086B (en) * 2014-07-18 2018-09-04 北京智谷睿拓技术服务有限公司 Wireless connecting establishment method and wireless connection establish device

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
FR2772533B1 (en) * 1997-12-15 2001-09-28 Inst Nat Rech Inf Automat Interconnect apparatus communicating between network segments of different formats according to protocols, and corresponding method
US6546425B1 (en) * 1998-10-09 2003-04-08 Netmotion Wireless, Inc. Method and apparatus for providing mobile and other intermittent connectivity in a computing environment
US6600734B1 (en) * 1998-12-17 2003-07-29 Symbol Technologies, Inc. Apparatus for interfacing a wireless local network and a wired voice telecommunications system
US6618162B1 (en) * 1999-01-26 2003-09-09 Intermec Ip Corp. Apparatus and method to configure a device, such as a printer, over a network
US6424657B1 (en) * 2000-08-10 2002-07-23 Verizon Communications Inc. Traffic queueing for remote terminal DSLAMs
TWI220608B (en) * 2001-02-21 2004-08-21 Admtek Inc Gateway device operating between local area network and wide area network

Also Published As

Publication number Publication date
CN1430387A (en) 2003-07-16
WO2004070970A1 (en) 2004-08-19
EP1588502A4 (en) 2006-06-21
EP1588502A1 (en) 2005-10-26
AU2003245754A1 (en) 2004-08-30

Similar Documents

Publication Publication Date Title
EP0955746B1 (en) A multi-hop Point-to-point protocol
US7779071B2 (en) Enterprise wireless local area network switching system
CN101841880B (en) LTE and WLAN interconnecting system and switching method
US8155155B1 (en) Computer readable medium with embedded instructions for providing communication services between a broadband network and an enterprise wireless communication platform within a residential or business environment
CN100377607C (en) System and device for accessing service of a mobile communication network directly or via in an IP network
EP1537703B1 (en) Wireless local area network with clients having extended freedom of movement
US7519036B2 (en) Method of user access authorization in wireless local area network
US8555352B2 (en) Controlling access nodes with network transport devices within wireless mobile networks
JP4064825B2 (en) Heterogeneous mobile radio system
KR100999761B1 (en) Service in wlan inter-working, address management system, and method
US7633909B1 (en) Method and system for providing multiple connections from a common wireless access point
JP3854607B2 (en) Method for providing a service with guaranteed quality of service in an IP access network
US6801509B1 (en) Mobile point-to-point protocol
EP1041792B1 (en) Providing quality of service in layer two tunneling protocol networks
US6917600B1 (en) Mobile point-to-point protocol
KR100634636B1 (en) Method and system for multicasting messages to select mobile recipients
US7756069B2 (en) Communication system, wireless LAN base station controller, and wireless LAN base station device
EP1653668B1 (en) Restricted WLAN access for unknown wireless terminal
US7254119B2 (en) Interworking mechanism between CDMA2000 and WLAN
JP2015519792A (en) System, user apparatus and method for performing multi-network joint transmission
US20030120821A1 (en) Wireless local area network access management
CN2686220Y (en) Radio local area network using direct and seal delivery to support backward channel
US8184530B1 (en) Providing quality of service (QOS) using multiple service set identifiers (SSID) simultaneously
US6874030B1 (en) PPP domain name and L2TP tunnel selection configuration override
US7835275B1 (en) Dynamic assignment of quality of service (QoS) to an active session in an ipsec tunnel

Legal Events

Date Code Title Description
C06 Publication
C10 Entry into substantive examination
C14 Grant of patent or utility model
ASS Succession or assignment of patent right

Owner name: ZHOU ZHENHONG

Free format text: FORMER OWNER: BEIJING LANGTONG HUANQIU SCIENCE + TECHNOLOGY CO., LTD.

Effective date: 20101126

COR Change of bibliographic data

Free format text: CORRECT: ADDRESS; FROM: 100004 3310, 33/F, TOWER 1, INTERNATIONAL TRADE BUILDING, NO.1, JIANGUOMEN OUTER STREET, CHAOYANG DISTRICT, BEIJING TO: 201206 ROOM 901, NO.4, LANE 128, JINTAI ROAD, PUDONG NEW DISTRICT, SHANGHAI

C41 Transfer of patent application or patent right or utility model
COR Change of bibliographic data

Free format text: CORRECT: ADDRESS; FROM: 201206 PUDONG NEW AREA, SHANGHAI TO: 214000 WUXI, JIANGSU PROVINCE

ASS Succession or assignment of patent right

Owner name: BELLNET TECHNOLOGIES WUXI CO., LTD.

Free format text: FORMER OWNER: ZHOU ZHENHONG

Effective date: 20120120

C41 Transfer of patent application or patent right or utility model
LICC Enforcement, change and cancellation of record of contracts on the licence for exploitation of a patent or utility model