WO2007041925A1 - Méthode pour demander des informations utilisateur de réseau d’accès - Google Patents

Méthode pour demander des informations utilisateur de réseau d’accès Download PDF

Info

Publication number
WO2007041925A1
WO2007041925A1 PCT/CN2006/002205 CN2006002205W WO2007041925A1 WO 2007041925 A1 WO2007041925 A1 WO 2007041925A1 CN 2006002205 W CN2006002205 W CN 2006002205W WO 2007041925 A1 WO2007041925 A1 WO 2007041925A1
Authority
WO
WIPO (PCT)
Prior art keywords
user
network
service
layer
information
Prior art date
Application number
PCT/CN2006/002205
Other languages
English (en)
Chinese (zh)
Inventor
Yong Huang
Original Assignee
Huawei Technologies Co., Ltd.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Technologies Co., Ltd. filed Critical Huawei Technologies Co., Ltd.
Publication of WO2007041925A1 publication Critical patent/WO2007041925A1/fr

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/25Mapping addresses of the same type
    • H04L61/2503Translation of Internet protocol [IP] addresses
    • H04L61/2514Translation of Internet protocol [IP] addresses between local and global IP addresses
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/2854Wide area networks, e.g. public data networks
    • H04L12/2856Access arrangements, e.g. Internet access
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/25Mapping addresses of the same type
    • H04L61/2503Translation of Internet protocol [IP] addresses
    • H04L61/256NAT traversal

Definitions

  • the present invention relates to the field of network communication technologies, and in particular, to a method for accessing network user information queries. Background of the invention
  • the network consists of three logical layers, as shown in Figure 1, which are the data bearer layer, the bearer control layer, and the service control layer.
  • the data bearer layer is configured to carry a user service data stream
  • the bearer control layer is configured to apply control actions to each network element of the data bearer layer, so that the network has manageable and operational features, and the bearer control layer provides a unified access interface to the service control layer to block differences of different networks;
  • the service control layer is mainly responsible for service-related control, which provides management for various services for the user, and the service control layer stores mutual information of the user's service layer, which is called user service access data;
  • the bearer control layer is mainly divided into two systems NASS (Network Access Attachment Subsystem) and RACS (Resource Admission Control Subsystem). );
  • the NASS is used to store the user's subscription information, and is mainly responsible for access authentication and accounting, address allocation, user network parameter configuration, and client device management of the access user.
  • the NASS stores the relevant subscription information of the user's bearer control layer. Called user network access data;
  • RACS is mainly responsible for QOS control and management
  • the user (user IP address, address domain) is used as the unique association identifier to associate the service control layer with the bearer control layer user data.
  • the specific process is -
  • TE terminal equipment accesses the network, is assigned an IP address, and stores the user's address and the user's network access related information in the NASS;
  • the TE interacts with the AF (application function entity) of the service control layer through the upper layer protocol, and the TE transmits the assigned network IP address to the AF in the upper layer protocol;
  • the AF uses the user IP address and the obtained user's address domain information as the association identifier pair (user IP address, local area), where the address domain is used as a set of IP addresses located in the same administrative domain, and is used by the AF. Determining the area to which the IP address belongs, and the service control layer AF sends a query to the bearer control layer, and carries the association identifier pair in the query;
  • the bearer control layer queries the user network access data and returns related information to the service control layer through the response message.
  • the service control layer and the bearer control layer can establish a data association with this user.
  • Layer protocol such as the IP address carried by the SIP (Initial Session Protocol) message, sometimes does not uniquely identify a user, because the TE may use the private network address.
  • NAT Network Address Translation
  • the NAT is located at the network boundary of the carrier, and the NAT function is implemented by the device of the carrier.
  • the NAT is located in the network environment of the user, that is, located at the user equipment TE and Between the carrier network entities, such as a CNG (User Gateway), the latter case is called Hosted NAT.
  • the end user equipment TE uses the private network IP address assigned by the CNG, and is no longer the bearer control layer. IP address assigned by NASS;
  • the IP address information carried by the user's upper layer protocol is different from the IP address assigned by the NASS.
  • the AF of the service control layer needs to obtain their mapping relationship and perform address translation of the upper information header field.
  • the object of the present invention is to provide a method for accessing a network user information query, and the service identifier of the user is transmitted to the access network when the network is accessed, so that the service control layer can use the service identifier of the user as a key to the connection. Find information about the requesting user in the network.
  • the service control layer uses the user layer of the user layer as a keyword to interact with the bearer control layer to query related information of the access network user.
  • the service layer user identifier is an identifier used by the service control layer to perform authentication management on the service used by the access user.
  • the method includes -
  • the user terminal equipment accesses the network, and when the network access authentication or the user network parameter configuration is performed, the user layer user identity of the user is transmitted to the access network;
  • the user terminal device interacts with the service control layer application function entity AF, and transmits the service layer user identifier to the application function entity;
  • the AF sends a query request message carrying a service layer user identifier to the bearer control layer;
  • the bearer control layer obtains service related information according to the service layer user identifier and transmits the information to the AF.
  • the method for transmitting the service layer user identifier to the access network in the step A includes: when the user applies for the network address through the dynamic host configuration protocol, the DHCP protocol option is used to transmit; or
  • the PPPOE is transmitted through the IP control protocol IPCP and IPCPv6 extension options;
  • the user layer When the user authenticates through the EAP authentication, the user layer carries the service layer user identifier by using the extension type or option in response to the request packet of the network. .
  • the step A includes:
  • a user equipment reports the user ID of the service layer to the user gateway device when applying for the local IP address to the user gateway.
  • the user gateway device allocates an IP address to the user, and records the service layer user identifier.
  • the user gateway transmits the service layer user identifier to the access network.
  • the step D specifically includes:
  • the bearer control layer uses the service layer user identifier as a keyword to query related information of the access user.
  • the information about the access user includes: a user ID, a user IP address, a user physical logical access line identifier, or user location information.
  • the service layer can query the related information of the access user by using the service layer user identifier as a key, effectively overcoming the host NAT problem, and not using the service control layer.
  • Obtaining an IP address improves the versatility of the method.
  • Figure 1 is a schematic diagram of three levels of a prior art next generation network
  • FIG. 2 is a flow chart showing the operation of the method of the present invention.
  • the core idea of the present invention is to provide a method for accessing a network user information query, and the service identifier of the user is transmitted to the access network when the network is accessed, so that the service control layer can use the service identifier of the user as a key to the connection. Enter the network to find information about access users.
  • the present invention provides a method for accessing network user information, and an operation flowchart of an embodiment is shown in FIG. 2. Referring to FIG. 2, the method specifically includes the following steps:
  • Step 10 The user terminal device TE accesses the network, and when the network access authentication or the user network parameter configuration is performed, the user layer user identity of the user is transmitted to the access network;
  • the service layer user identifier is: When the user uses various services on the network, the user needs to be authenticated and managed at the service control layer, and an identifier for service authentication and management is required, and the identifier is the service described in the present invention.
  • Layer user identifier the service layer user identifier is a unique identifier of the user at the service control layer, including but not limited to: an NAI (Network Access Identifier) type, an email address, an FQND (full name domain name), or a SIP URI (SIP Uniform Resource Identifier);
  • the method for the terminal device to transmit the service layer user identifier to the access network includes:
  • DHCP Dynamic Host Configuration Protocol
  • the user When the user applies for the IP address by using the DHCP protocol, or after applying for the address, the user puts the user ID of the service layer into an option of the DHCP and sends it to the corresponding entity of the bearer control layer.
  • the DHCP option can be used by option60, option61, and option82. Wait;
  • IPCP IP Control Protocol
  • IPCPv6 IP Control Protocol
  • PPPOE PPP over Ethernet
  • PPP Peer-to-Peer Communication Protocol
  • the service layer user identity is carried in the corresponding extended option in these protocols, and is delivered to the corresponding entity of the bearer control layer;
  • the user passes the EAP ( Extensible authentication protocol) protocol extension type implementation;
  • the network device When the user is used by the network to use the EAP authentication, the network device sends an EAP request (EAP Request) message to the service layer user identifier, and the user carries the service layer user identifier in the response packet, and reports the message to the bearer control layer.
  • EAP Request EAP request
  • the process of reporting the user ID of the service layer includes: 1) The user reports the user ID of the service layer to the user gateway device when applying for the local IP address to the user gateway; Include - When using the DHCP protocol, you can use DHCP request (request) message or DHCP inform (message) message carrying options, options include option 60, option 61, option 82, etc.
  • options include: client id option(l) (customer identification option), user class option(15) (user class information option), verdor_specific information option(17) (vendor-specific information option);
  • the user gateway device allocates an IP address to the user, and records the service layer user identifier; 3) The user gateway transmits the service layer user identifier to the access network, and the transmission process may be performed when the network is accessed or after the network is accessed.
  • Step 11 The TE interacts with the AF (application function entity) of the service control layer through the upper layer protocol, and transmits the service layer user identification information to the AF.
  • AF application function entity
  • Step 12 The AF interacts with the NASS through the interface between the service control layer and the NASS in the bearer control layer to query related information of the access user, where the query message carries the service layer user identification information;
  • Step 13 The NASS uses the received service layer user identifier as a key to search for user network access data that has been authorized by the bearer control layer, including, for example, user ID, user IP address, user physical logical access line identifier, and user. Positioning information, etc.
  • Step 4 The bearer control layer transmits the found information to the service control layer through the response message, and completes the exchange of user data between the bearer control layer and the service control layer.
  • the present invention uses the service layer user identifier to enable the service control layer to query the related information of the access user by using the user service identifier as a key, effectively overcoming the host NAT problem, and not using the service control layer to obtain an IP address. Improve the versatility of the method.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

La méthode, selon l’invention, pour demander des informations utilisateur de réseau d’accès comprend les étapes suivantes : l’ID (identification) de service de l’utilisateur est transféré vers le réseau d’accès au moment de l’authentification d’accès réseau ou de la configuration des paramètres du réseau utilisateur de façon à permettre à la couche de contrôle de service de demander les informations associées à l’utilisateur demandeur avec l’ID de service de l’utilisateur comme mot clé. L’invention permet à la couche de contrôle de service de demander les informations associées à l’utilisateur demandeur avec l’ID de service de l’utilisateur comme mot clé, contourne facilement le problème posé par hostNAT sans utiliser la couche de contrôle de service pour acquérir l’adresse IP, ce qui augmente la polyvalence de la méthode.
PCT/CN2006/002205 2005-10-12 2006-08-28 Méthode pour demander des informations utilisateur de réseau d’accès WO2007041925A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN200510112738.8 2005-10-12
CN2005101127388A CN1949755B (zh) 2005-10-12 2005-10-12 一种接入网络用户信息查询的方法

Publications (1)

Publication Number Publication Date
WO2007041925A1 true WO2007041925A1 (fr) 2007-04-19

Family

ID=37942299

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2006/002205 WO2007041925A1 (fr) 2005-10-12 2006-08-28 Méthode pour demander des informations utilisateur de réseau d’accès

Country Status (2)

Country Link
CN (1) CN1949755B (fr)
WO (1) WO2007041925A1 (fr)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101087208B (zh) * 2007-06-27 2010-08-11 华为技术有限公司 配置用户接入网配置数据的方法、功能实体及系统
CN101729363B (zh) 2008-10-21 2012-05-30 华为技术有限公司 一种资源初始化的方法、装置和系统
CN111465000B (zh) * 2020-04-01 2022-07-22 中国联合网络通信集团有限公司 一种呼叫寻址方法及装置

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2002268972A (ja) * 2001-03-07 2002-09-20 F Media Kk 情報アクセス支援システム
JP2004112777A (ja) * 2002-08-29 2004-04-08 Plat One:Kk 利用者情報引当システム
KR20050000880A (ko) * 2003-06-25 2005-01-06 주식회사 케이티 비대칭 디지털 가입자회선 서비스 시스템과 방법 및 이를저장한 컴퓨터 판독 가능 기록매체
WO2005032088A1 (fr) * 2003-10-01 2005-04-07 Telenor Asa Systeme d'information d'abonnes
CN1642079A (zh) * 2004-01-16 2005-07-20 华为技术有限公司 一种网络应用实体获取用户身份标识信息的方法

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2002268972A (ja) * 2001-03-07 2002-09-20 F Media Kk 情報アクセス支援システム
JP2004112777A (ja) * 2002-08-29 2004-04-08 Plat One:Kk 利用者情報引当システム
KR20050000880A (ko) * 2003-06-25 2005-01-06 주식회사 케이티 비대칭 디지털 가입자회선 서비스 시스템과 방법 및 이를저장한 컴퓨터 판독 가능 기록매체
WO2005032088A1 (fr) * 2003-10-01 2005-04-07 Telenor Asa Systeme d'information d'abonnes
CN1642079A (zh) * 2004-01-16 2005-07-20 华为技术有限公司 一种网络应用实体获取用户身份标识信息的方法

Also Published As

Publication number Publication date
CN1949755B (zh) 2011-04-06
CN1949755A (zh) 2007-04-18

Similar Documents

Publication Publication Date Title
US9154378B2 (en) Architecture for virtualized home IP service delivery
CA2567303C (fr) Serveur pour acheminement de connexion vers dispositif client
EP2291979B1 (fr) Accès distant entre dispositifs upnp
WO2007068167A1 (fr) Procede et dispositif de reseau permettant de configurer le nom de domaine dans un reseau d'acces ipv6
US7934014B2 (en) System for the internet connections, and server for routing connections to a client machine
CN101056178B (zh) 一种控制用户网络访问权限的方法和系统
JP5876877B2 (ja) 電気通信ネットワーク及び電気通信ネットワークと顧客構内機器との間の接続の効率的な使用のための方法及びシステム
WO2008019624A1 (fr) Procédé et système destinés à mettre en oeuvre la gestion de configuration de dispositifs dans un réseau
WO2007045157A1 (fr) Procede de prestation de service et systeme de celui-ci
WO2010048874A1 (fr) Procédé, dispositif et système d'identification de session ip
WO2011140919A1 (fr) Procédé, dispositif, serveur et système permettant d'accéder à un réseau de vente de services en gros
JP2010534005A (ja) 次世代ネットワークでの有無線端末機のサービスネットワークとアクセスネットワークとの間のバンドル認証方法及びシステム
WO2007101378A1 (fr) Dispositif, procédé et système pour acquérir une adresse ipv6
KR101276798B1 (ko) 분배망에서 통신 사업자 선택 서비스를 제공하기 위한 시스템 및 방법
EP1881639B1 (fr) Procede et systeme pour cpecf (fonction de configuration d'equipement dans les locaux du client) pour obtenir des informations sur l'equipement du terminal et le configurer
US20150244560A1 (en) IPoE Dual-Stack Subscriber for Bridged Residential Gateway Configuration
CN1972225B (zh) 下一代网络中不同子系统之间交互用户信息的方法
WO2006038391A1 (fr) Appareil de reseau et systeme de reseau
WO2008080341A1 (fr) Procédé, système et dispositif d'identification d'un terminal d'utilisateur
WO2007041925A1 (fr) Méthode pour demander des informations utilisateur de réseau d’accès
WO2007003105A1 (fr) Procede, systeme et appareil pour la mise en relation d'informations associee a l'utilisateur dans un systeme nass
JP5261432B2 (ja) 通信システム、パケット転送方法、ネットワーク交換装置、アクセス制御装置、及びプログラム
KR100625240B1 (ko) 휴대 인터넷 망에서의 인터넷 프로토콜 주소 관리 장치 및그 방법
WO2008055448A1 (fr) Procédé, appareil et système d'acquisition d'informations d'accès d'un terminal utilisateur
CN102577299B (zh) 简化的接入网认证信息承载协议

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application
NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 06775522

Country of ref document: EP

Kind code of ref document: A1