WO2012083657A1 - Packet processing method, system and customer premises equipment - Google Patents

Packet processing method, system and customer premises equipment Download PDF

Info

Publication number
WO2012083657A1
WO2012083657A1 PCT/CN2011/076120 CN2011076120W WO2012083657A1 WO 2012083657 A1 WO2012083657 A1 WO 2012083657A1 CN 2011076120 W CN2011076120 W CN 2011076120W WO 2012083657 A1 WO2012083657 A1 WO 2012083657A1
Authority
WO
WIPO (PCT)
Prior art keywords
packet
address
cgn
cpe
tunnel
Prior art date
Application number
PCT/CN2011/076120
Other languages
French (fr)
Chinese (zh)
Inventor
魏志峰
Original Assignee
刘建
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 刘建 filed Critical 刘建
Publication of WO2012083657A1 publication Critical patent/WO2012083657A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • H04L12/4633Interconnection of networks using encapsulation techniques, e.g. tunneling
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/2803Home automation networks
    • H04L12/2807Exchanging configuration information on appliance services in a home automation network
    • H04L12/2812Exchanging configuration information on appliance services in a home automation network describing content present in a home automation network, e.g. audio video content
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/25Mapping addresses of the same type
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/2803Home automation networks
    • H04L2012/2847Home automation networks characterised by the type of home appliance used
    • H04L2012/2849Audio/video appliances

Definitions

  • the present invention relates to communication technologies, and in particular, to a message processing method, system, and user front end device. Background technique
  • the improved network address translation (NAT) 444 is a NAT that deploys IPv4->IPv4 on the carrier side.
  • Dual-Stack Lite is mainly used for network access. It involves network layer and transport layer protocol functions. It temporarily separates IPv6 deployment at the network level from IPv6 deployment at the user level and service level. Therefore, at the network level, the problem of IPv4 address exhaustion faced by operators is concentrated, and IPv6 deployment is promoted.
  • DS-Lite is a combination of "tunneling technology (IPv4 in IPv6 tunnel)" and "improved network address translation (NAT) technology”. It implements IPv4 private network addresses for users on the local area network (LAN) side, and through IPv6 tunnels and bearer-level network devices.
  • Double conversion of NAT on (Carrier-Grade NAT, CGN) completes access to wide area network (WAN) side (IPv4) resources.
  • WAN wide area network
  • IPv4 Internet Protocol
  • the main meaning of the IPv6 network connection is to provide "the tunnel of the IPv4 user to its gateway" and assist in the completion of IPv4 address sharing (Tunnel-ID based v4 NAT). But with the support side of IPv6 on the user side and the server side Gradually popular and mature, it can ensure the smooth transition of the network to IPv6.
  • the DS-Lite solution does not include the translation interworking mechanism between IPv4 and IPv6, because the access of the node to the IPv4 network and applications will be through IPv4, and the access to the IPv6 network services and applications will be through IPv6; Interworking between an IPv4 network and a WAN-side IPv4 network.
  • the present invention provides a packet processing method, system, and user front-end device to implement interworking between a LAN-side IPv4 network and a WAN-side IPv4 network.
  • the present invention provides a message processing method, which includes:
  • the user front end device obtains the tunnel endpoint address and uses a lightweight dual stack (DS-Lite) to establish a tunnel;
  • the first packet in the uplink of the local area network (LAN) device is encapsulated into a second packet, and forwarded to the bearer-level network device (CGN) through the tunnel;
  • CGN bearer-level network device
  • the above processing method can have the following characteristics:
  • the step of the CPE acquiring the tunnel endpoint address includes:
  • the CPE obtains the tunnel endpoint address through the Dynamic Host Setup Protocol (DHCP) option.
  • DHCP Dynamic Host Setup Protocol
  • the above processing method can also have the following features:
  • the method further includes:
  • the CGN decapsulates the received second packet into a first packet, and forwards the packet to a wide area network (WAN) side device.
  • WAN wide area network
  • the above processing method can also have the following features:
  • the CGN updates the address information in the address mapping table according to the first packet, and the address information packet Contains the translated source address and the unconverted destination address.
  • the above processing method can also have the following features:
  • the method further includes:
  • the CGN When the CGN receives the first packet returned by the WAN device, the CGN learns the address to be forwarded according to the address mapping table, and encapsulates the first packet into a second packet, and forwards the packet to the CPE, where the CPE performs the The second packet is decapsulated into a first packet and forwarded to the LAN device corresponding to the address.
  • the present invention also provides a user front end device (CPE), the CPE comprising:
  • Establish a module which is set to: obtain a tunnel endpoint address, and establish a tunnel by using a lightweight dual stack (DS-Lite);
  • a packet forwarding module configured to: encapsulate the first packet of the uplink of the local area network (LAN) device into a second packet, and forward the packet to the bearer-level network device (CGN) through the tunnel;
  • a decapsulation and forwarding module configured to: receive the second packet sent by the CGN through the tunnel, decapsulate the second packet into a first packet, and forward the packet to the LAN device.
  • the above CPE can have the following characteristics:
  • the CPE is set to: Obtain a tunnel endpoint address through the Dynamic Host Setup Protocol (DHCP) option.
  • DHCP Dynamic Host Setup Protocol
  • the present invention also provides a packet processing system including the above CPE and bearer level network equipment (CGN), wherein:
  • the bearer-level network device is configured to: after receiving the second packet forwarded by the CPE, decapsulate the second packet into a first packet, and forward the packet to a wide area network (WAN) side device. .
  • the above processing system can have the following characteristics:
  • the CGN is configured to: in the process of decapsulating the second packet into the first packet, and forwarding the packet to the wide area network (WAN) device, updating the address mapping table according to the first packet Address information, the address information includes the converted source address and the unconverted destination address.
  • WAN wide area network
  • the above processing system can also have the following features:
  • the CGN is further configured to: when receiving the first message returned by the WAN side device, according to The address mapping table learns the address to be forwarded, and encapsulates the first packet into a second packet and forwards the packet to the CPE, and then the CPE decapsulates the second packet into the first packet and forwards the packet to the address.
  • Corresponding LAN side device when receiving the first message returned by the WAN side device, according to The address mapping table learns the address to be forwarded, and encapsulates the first packet into a second packet and forwards the packet to the CPE, and then the CPE decapsulates the second packet into the first packet and forwards the packet to the address.
  • the above-mentioned four-dimensional processing method, system and user front-end device can realize interworking between two networks.
  • FIG. 1 is a flowchart of a packet processing method according to an embodiment of the present invention.
  • FIG. 2 is a schematic diagram of a network networking according to an embodiment of the present invention.
  • FIG. 3 is a schematic diagram of a logical structure of an embodiment of a tunnel according to an embodiment of the present invention.
  • FIG. 4 is a schematic diagram of a packet forwarding path according to an embodiment of the present invention.
  • FIG. 5 is a schematic structural diagram of a CPE according to an embodiment of the present invention.
  • FIG. 6 is a schematic structural diagram of a message processing system according to an embodiment of the present invention.
  • FIG. 1 it is a flowchart of a packet processing method according to the present invention. The method is described from a CPE side, and the method includes:
  • Step 101 The user front-end device (CPE) obtains the tunnel endpoint address, and uses DS-Lite to establish a tunnel.
  • CPE user front-end device
  • the CPE can obtain the tunnel endpoint address through the Dynamic Host Configuration Protocol (DHCP) option to establish a tunnel such as an IPv4 in IPv6 tunnel.
  • DHCP Dynamic Host Configuration Protocol
  • Step 102 The first packet sent by the local area network (LAN) device is encapsulated into a second packet, and forwarded to the bearer-level network device (CGN) through the tunnel.
  • LAN local area network
  • CGN bearer-level network device
  • the first packet may be an IPv4 packet
  • the second packet may be an IPv6 packet.
  • the first packet and the second packet may be other types of packets, where the IPv4 packet is used.
  • IPv6 is only an example;
  • the method further includes: the CGN decapsulating the received second packet into a first packet, and forwarding the packet to the wide area network (WAN) side device; where, the CGN pairs the received second packet solution
  • the CGN updates the address information in the address mapping table according to the first packet, where the address information includes the converted source address and the untransformed destination address.
  • the CGN receives the first packet returned by the WAN device, the IP address is obtained according to the address mapping table, and the first packet is encapsulated into a second packet and forwarded to the CPE;
  • the LAN side device may be an IPv4 host that uses a private network address, and accesses an external IPv4 network through an IPv6 network composed of a CPE and a DS-Lite device.
  • Step 103 Receive a second packet sent by the CGN through the tunnel, and decapsulate the second packet into a first packet, and forward the packet to the LAN device.
  • the packet processing method establishes a tunnel between the DS-Lite and the CGN on the CPE terminal device, so that two networks, such as an IPv4 network, can communicate with each other, and an IPv6 network exists between the two IPv4 networks.
  • FIG. 2 it is a schematic diagram of a network networking of the present invention, where the network networking includes a LAN side PC.
  • the IPV6 packet includes the general IPV6 packet and the IPV4-IN-IPV6 packet.
  • the CGN in addition to being responsible for tunneling with the CPE, the CGN also has a NAT function to implement mutual conversion of the IP V4 private network address to the public network address, thereby realizing access to the WAN-side IPV4 resource.
  • an address mapping table is maintained on the CGN, and the records in the address mapping table are generated by the data flow message information (the mapping record is deleted after the address aging).
  • the CGN translates the source address in the packet sent by the CPE, and the destination address is still the public network address, and the packet is sent.
  • the IPv4 public network returns the data packet, the IPv4 public network can find the private network address to be forwarded by searching the table, and Forward the message to the CPE.
  • FIG. 3 it is a schematic diagram of a logical structure of an embodiment of a tunnel according to the present invention.
  • the tunnel logically includes two endpoints, each of which may correspond to a network device, and at the A end, the interface to the IPv4-in-IPv6 tunnel Tunl46
  • the IPv4 packet is encapsulated and sent to the B-end.
  • the IPv6 header of the received IPv4-in IPv6 packet is stripped and converted to an IPv4 packet for further forwarding.
  • the functions of the two ends of the tunnel are symmetrical. At both ends of A and B, IPV6-based communication is used.
  • A When A sends a packet to B, it knows at least the local address and the peer address of the tunnel, which are used as the source address and destination address of the IPV6 header respectively.
  • the CPE implements a tunnel processing module (Tunl46) 31 functional entity in the kernel part.
  • the configuration management module 41 configures related information provided on the visual interface or remote management to the WAN connection processing module 42; the WAN connection processing module 42 creates a virtual device nbif and Creating routing information into the routing table, the tunnel configuration management module 43 obtains tunnel related information from the WAN connection processing module 42 and configures the information to the tunnel processing module 44, and then the tunnel processing module 44 establishes a tunnel based on the information; the DNS processing module 45 has a DNS The Proxy function, according to the configuration, sends the LAN-side IPV4 DNS request to the IPV6 DNS on the WAN connection from the designated or default IPV6 WAN connection, and returns the corresponding DNS response message to the LAN-side device;
  • the packet forwarding path is as follows:
  • the LAN destination host (HOST) uplink destination IP address is the public network IP IPv4 packet: from the LAN side host host to ethx, from ethx to brO, then to the tunnel Tunl46, and then to nbif (tunl46 to nbif forwarding) Can be implemented according to the configuration of IPv6 routing), from nbif to CGN;
  • the CPE local application generates an IPv4 packet whose destination IP address is the public network IP address:
  • the local application APP routes to the tunnel Tunl46, and then to nbif, from nbif to CGN;
  • the CPE local application generates, the destination address global (Global) IPv6 IPv6 text: the local application APP routes to nbif, and then nbif to CGN;
  • the WAN-side downlink IPv4 destination is not an IPv4-in-IPv6 tunnel message of the CPE local address:
  • the tunnel protocol receives the packet and transfers it to the tunnel Tunl46, which is routed from v4 to brO, then from brO to ethx, and finally from ethx to the LAN side host. After the tunnel packet is unblocked by the tunel46, the tunnel packet is routed to the brO through the IPv4 protocol stack and then forwarded through the bridge.
  • the WAN-side downlink IPv4 destination is an IPv4-in-IPv6 tunnel packet of the CPE local address: from CGN to nbif, the tunneling protocol receives the packet to the tunnel Tunl46, and then tunnels to the IPv4 protocol stack, and then to the local application;
  • IPv6 packets in the LAN side uplink or WAN side downlink are also IPv6 packets in the LAN side uplink or WAN side downlink.
  • FIG. 5 it is a schematic structural diagram of a CPE according to the present invention.
  • the CPE includes: an establishing module 51, a package forwarding module 52, and a decapsulation forwarding module 53.
  • the establishing module 51 is configured to obtain a tunnel endpoint address and use a lightweight The dual-stack (DS-Lite) establishes a tunnel;
  • the encapsulation and forwarding module 52 is configured to encapsulate the first packet of the uplink of the local area network (LAN) device into a second packet, and forward the packet to the bearer-level network device (CGN) through the tunnel.
  • the decapsulation and forwarding module 53 is configured to receive the second packet sent by the CGN through the tunnel, and decapsulate the second packet into the first packet, and forward the packet to the LAN device.
  • the CPE can be used to obtain a tunnel endpoint address through a Dynamic Host Setup Protocol (DHCP) option.
  • DHCP Dynamic Host Setup Protocol
  • the CPE can have the following functions:
  • the CPE can assign an IPv4 private network address (192.xxx) to the LAN device, and assign a gateway and a domain name server (DNS) address to it, and the default is a CPE LAN side address, such as 192.168.1.1; Supports IPv4 and IPv6 dual stacks, and obtains IPv6 global addresses and corresponding gateways, DNS addresses, etc. from the WAN side through Ethernet-based Point-to-Point Protocol (PPPoE) or Ethernet-based Internet Protocol (IPoE);
  • PPPoE Point-to-Point Protocol
  • IPoE Ethernet-based Internet Protocol
  • CPE support An IPv4-in-IPv6 tunnel is set up to establish an IPv6 tunnel with the CGN. The IPv4 packet is forwarded to the CGN and then forwarded to the CGN.
  • the packet is forwarded to the LAN.
  • the side device the CPE has a DNS proxy function, and sends the LAN side IPv4 DNS request from the specified or default IPv6 WAN connection to the IPv6 DNS on the WAN connection according to the configuration, and returns the corresponding DNS response message.
  • CPE also has a specific DHCPV6 option (options) to get and receive specific configuration information from the WAN side (eg tunnel related information, V4 DNS) feature.
  • the CPE of the present invention uses the DHCP V6 Options to obtain the AFTR address, and then establishes a tunnel, which improves the flexibility of the actual use of the system.
  • FIG. 6 is a schematic structural diagram of a 3 ⁇ 4 text processing system according to the present invention.
  • the system includes: a CPE 61 and a bearer level network device (CGN) 62, wherein the structure of the CPE 61 is as shown in FIG. The same function has the same function and is not described here.
  • the bearer-level network device (CGN) 62 is configured to decapsulate the second packet after receiving the second packet forwarded by the CPE 61. It is the first packet and forwarded to the wide area network (WAN) side device.
  • WAN wide area network
  • the CGN 62 may be configured to update the address mapping table according to the first packet in the process of encapsulating the second packet into the text and forwarding to the wide area network (WAN) side device.
  • Address information in the address information including the converted source address and the unconverted destination address.
  • the CGN 62 is further configured to: when receiving the first packet returned by the WAN side device, learn the address to be forwarded according to the address mapping table, and encapsulate the first packet into the second packet to be forwarded to the second packet.
  • the CPE 61 the CPE 61 decapsulates the second packet into a first packet and forwards the packet to the LAN device corresponding to the address.
  • the communication system through the interaction of CPE 61 and CGN 62, enables the two networks to communicate.
  • the " ⁇ processing method, system and user front-end device of the present invention can realize interworking between two networks.

Abstract

The present invention discloses a packet processing method, system and a customer premises equipment. The method includes following steps: a customer premises equipment (CPE) obtains an address of a tunnel end point and establishes a tunnel by use of the Dual-Stack Lite (DS-Lite); first packets, which are upward from an equipment on the local area network (LAN) side, are encapsulated as second packets and forwarded to a carrier grade network device (CGN) via the tunnel; the second packets sent by the CGN via the tunnel are received, de-capsulated as the first packets and forwarded to the equipment on the LAN side.

Description

报文处理方法、 系统和用户前端设备  Message processing method, system and user front end device
技术领域 Technical field
本发明涉及通信技术, 尤其涉及一种报文处理方法、 系统和用户前端设 备。 背景技术  The present invention relates to communication technologies, and in particular, to a message processing method, system, and user front end device. Background technique
互联网的高速发展, 使得目前 IPv4地址日益枯竭, 向 IPv6迁移已成必 然, 在这个迁移过程中, 起初的方案设想是所有的网络节点、 用户侧各种应 用程序以及服务器的各种应用服务同时以双栈的形式向 IPv6迁移, 根据目前 的实践情况看, 这个设想与产业商业模式冲突, 因为双栈技术本身也要消耗 IPv4地址, 这导致在实施双栈迁移方案的过程中, IPv4地址枯竭不会得到解 决。 改进的网络地址转换( NAT ) 444是运营商侧部署 IPv4->IPv4的 NAT, 大量用户因为有多个终端同时上网的需求,会自行购买具有 NAT功能的家庭 网关, 这样便与承载级网络设备 ( Carrier-Grade NAT, CGN )一起形成双重 NAT, 而在网络层面为双重 /多重 NAT开发穿越协议是很困难的, 只能通过 NAT 的用户数据协议(UDP ) 简单穿越(STUN )等技术从应用的角度来实 现, 即在开发应用软件及业务时就把 NAT的存在作为重要考虑因素, 相关设 备升级、 重编址等也会带来较大开销, 导致成本和复杂度升高。  The rapid development of the Internet has made the current IPv4 address increasingly exhausted. It is inevitable to migrate to IPv6. In this migration process, the original solution assumes that all network nodes, user-side applications, and various application services of the server are simultaneously The dual-stack form migrates to IPv6. According to current practice, this assumption conflicts with the industrial business model, because the dual-stack technology itself also consumes IPv4 addresses, which leads to the exhaustion of IPv4 addresses during the implementation of the dual-stack migration scheme. Will be resolved. The improved network address translation (NAT) 444 is a NAT that deploys IPv4->IPv4 on the carrier side. A large number of users purchase a home gateway with NAT function because of the need for multiple terminals to access the Internet at the same time, thus interacting with the bearer-level network device. (Carrier-Grade NAT, CGN) together form a dual NAT, and it is very difficult to develop a traversal protocol for dual/multiple NAT at the network level. It can only be applied from the application through NAT User Data Protocol (UDP) Simple Traversal (STUN). The realization of NAT, as the important considerations in the development of application software and services, related equipment upgrades, re-addressing, etc. will also bring greater overhead, resulting in increased cost and complexity.
轻量级双栈(Dual-Stack Lite, DS-Lite )主要用于网络接入部分, 涉及网 络层及传输层协议功能, 将网络层面 IPv6 的部署与用户层面及服务层面的 IPv6的部署暂时分离,从而在网络层面集中解决运营商面临的 IPv4地址枯竭 问题, 同时促进 IPv6的部署。 DS-Lite是 "隧道技术( IPv4 in IPv6隧道 ) " 与 "改进的网络地址转换(NAT )技术" 的结合, 实现局域网 (LAN )侧用 户使用 IPv4私网地址,通过 IPv6隧道及承载级网络设备( Carrier-Grade NAT , CGN )上的 NAT的双重转换进而完成对广域网(WAN )侧 (IPv4)资源的访问。 在 DS-Lite方案部署的初期, 其中 IPv6网络连接的主要意义在于提供 "IPv4 用户到其网关的隧道" 并辅助完成 IPv4 地址共享(基于隧道标识的 V4 NAT(Tunnel-ID based v4 NAT));但随着用户侧及服务器侧对于 IPv6的支持日 渐普遍和成熟, 又可以保证网络向 IPv6过渡的平滑性。 Dual-Stack Lite (DS-Lite) is mainly used for network access. It involves network layer and transport layer protocol functions. It temporarily separates IPv6 deployment at the network level from IPv6 deployment at the user level and service level. Therefore, at the network level, the problem of IPv4 address exhaustion faced by operators is concentrated, and IPv6 deployment is promoted. DS-Lite is a combination of "tunneling technology (IPv4 in IPv6 tunnel)" and "improved network address translation (NAT) technology". It implements IPv4 private network addresses for users on the local area network (LAN) side, and through IPv6 tunnels and bearer-level network devices. Double conversion of NAT on (Carrier-Grade NAT, CGN) completes access to wide area network (WAN) side (IPv4) resources. In the initial stage of the deployment of the DS-Lite solution, the main meaning of the IPv6 network connection is to provide "the tunnel of the IPv4 user to its gateway" and assist in the completion of IPv4 address sharing (Tunnel-ID based v4 NAT). But with the support side of IPv6 on the user side and the server side Gradually popular and mature, it can ensure the smooth transition of the network to IPv6.
但 DS-Lite方案中不包含 IPv4与 IPv6间的翻译互通机制,因为节点对 IPv4 网络和应用的访问将通过 IPv4进行,而对于 IPv6网络服务和应用的访问将通 过 IPv6进行; 因而无法实现 LAN侧 IPv4网络和 WAN侧 IPv4网络的互通。 发明内容  However, the DS-Lite solution does not include the translation interworking mechanism between IPv4 and IPv6, because the access of the node to the IPv4 network and applications will be through IPv4, and the access to the IPv6 network services and applications will be through IPv6; Interworking between an IPv4 network and a WAN-side IPv4 network. Summary of the invention
为了解决上述技术问题, 本发明提供了一种报文处理方法、 系统和用户 前端设备 , 以实现 LAN侧 IPv4网络和 WAN侧 IPv4网络的互通。  In order to solve the above technical problem, the present invention provides a packet processing method, system, and user front-end device to implement interworking between a LAN-side IPv4 network and a WAN-side IPv4 network.
本发明提供了一种报文处理方法, 该方法包括:  The present invention provides a message processing method, which includes:
用户前端设备 ( CPE )获取隧道终结点地址, 釆用轻量级双栈 ( DS-Lite ) 建立隧道;  The user front end device (CPE) obtains the tunnel endpoint address and uses a lightweight dual stack (DS-Lite) to establish a tunnel;
将局域网 (LAN )侧设备上行的第一报文封装成第二报文, 并通过所述 隧道转发给承载级网络设备 ( CGN ) ; 以及  The first packet in the uplink of the local area network (LAN) device is encapsulated into a second packet, and forwarded to the bearer-level network device (CGN) through the tunnel;
接收所述 CGN通过所述隧道发送的第二报文,将所述第二报文解封装为 第一报文, 并转发给所述 LAN侧设备。  Receiving a second packet sent by the CGN through the tunnel, decapsulating the second packet into a first packet, and forwarding the packet to the LAN side device.
优选地, 上述 ^文处理方法可具有如下特点:  Preferably, the above processing method can have the following characteristics:
所述 CPE获取隧道终结点地址的步骤包括:  The step of the CPE acquiring the tunnel endpoint address includes:
所述 CPE通过动态主机设置协议(DHCP )选项获取隧道终结点地址。 优选地, 上述 文处理方法还可具有如下特点:  The CPE obtains the tunnel endpoint address through the Dynamic Host Setup Protocol (DHCP) option. Preferably, the above processing method can also have the following features:
在将 LAN侧设备上行的第一报文封装成第二报文,并通过所述隧道转发 给 CGN之后, 所述方法还包括:  After the first packet of the uplink of the LAN device is encapsulated into the second packet, and the packet is forwarded to the CGN through the tunnel, the method further includes:
所述 CGN对所接收的第二报文解封装成第一报文, 并转发给广域网 ( WAN )侧设备。  The CGN decapsulates the received second packet into a first packet, and forwards the packet to a wide area network (WAN) side device.
优选地, 上述 文处理方法还可具有如下特点:  Preferably, the above processing method can also have the following features:
在所述 CGN对所接收的第二报文解封装成第一报文,并转发给 WAN侧 设备的步骤中,  And in the step of decapsulating the received second packet into the first packet by the CGN, and forwarding the packet to the WAN side device,
CGN根据所述第一报文, 更新地址映射表中的地址信息, 该地址信息包 含转换后的源地址和未经转换的目的地址。 The CGN updates the address information in the address mapping table according to the first packet, and the address information packet Contains the translated source address and the unconverted destination address.
优选地, 上述 文处理方法还可具有如下特点:  Preferably, the above processing method can also have the following features:
在所述 CGN对所接收的第二报文解封装成第一报文,并转发给 WAN侧 设备之后, 所述方法还包括:  After the CGN is decapsulated into the first packet and forwarded to the WAN device, the method further includes:
当 CGN接收到 WAN侧设备返回的第一报文时,根据所述地址映射表获 知所要转发到的地址, 并将第一报文封装成第二报文转发到 CPE, 再由 CPE 将所述第二报文解封装为第一报文转发给所述地址对应的 LAN侧设备。  When the CGN receives the first packet returned by the WAN device, the CGN learns the address to be forwarded according to the address mapping table, and encapsulates the first packet into a second packet, and forwards the packet to the CPE, where the CPE performs the The second packet is decapsulated into a first packet and forwarded to the LAN device corresponding to the address.
本发明还提供了一种用户前端设备(CPE ) , 所述 CPE包括:  The present invention also provides a user front end device (CPE), the CPE comprising:
建立模块, 其设置为: 获取隧道终结点地址, 釆用轻量级双栈(DS-Lite ) 建立隧道;  Establish a module, which is set to: obtain a tunnel endpoint address, and establish a tunnel by using a lightweight dual stack (DS-Lite);
封装转发模块, 其设置为: 将局域网 (LAN )侧设备上行的第一报文封 装成第二报文, 并通过所述隧道转发给承载级网络设备(CGN ) ; 以及  a packet forwarding module, configured to: encapsulate the first packet of the uplink of the local area network (LAN) device into a second packet, and forward the packet to the bearer-level network device (CGN) through the tunnel;
解封装转发模块,其设置为:接收所述 CGN通过所述隧道发送的第二报 文, 将所述第二报文解封装为第一报文, 并转发给所述 LAN侧设备。  And a decapsulation and forwarding module, configured to: receive the second packet sent by the CGN through the tunnel, decapsulate the second packet into a first packet, and forward the packet to the LAN device.
优选地, 上述 CPE可具有如下特点:  Preferably, the above CPE can have the following characteristics:
所述 CPE是设置为: 通过动态主机设置协议(DHCP )选项获取隧道终 结点地址。  The CPE is set to: Obtain a tunnel endpoint address through the Dynamic Host Setup Protocol (DHCP) option.
本发明还提供了一种包括报文处理系统, 该报文处理系统包括上述 CPE 和承载级网络设备 ( CGN ) , 其中:  The present invention also provides a packet processing system including the above CPE and bearer level network equipment (CGN), wherein:
所述承载级网络设备(CGN )设置为: 在收到所述 CPE转发的第二报文 后, 将所述第二报文解封装为第一报文, 并转发给广域网 (WAN )侧设备。  The bearer-level network device (CGN) is configured to: after receiving the second packet forwarded by the CPE, decapsulate the second packet into a first packet, and forward the packet to a wide area network (WAN) side device. .
优选地, 上述 文处理系统可具有如下特点:  Preferably, the above processing system can have the following characteristics:
所述 CGN其设置为: 在将所述第二报文解封装为第一报文, 并转发给广 域网 (WAN )侧设备的过程中, 根据所述第一报文, 更新地址映射表中的地 址信息, 该地址信息包含转换后的源地址和未经转换的目的地址。  The CGN is configured to: in the process of decapsulating the second packet into the first packet, and forwarding the packet to the wide area network (WAN) device, updating the address mapping table according to the first packet Address information, the address information includes the converted source address and the unconverted destination address.
优选地, 上述 文处理系统还可具有如下特点:  Preferably, the above processing system can also have the following features:
所述 CGN还其设置为: 当接收到 WAN侧设备返回的第一报文时, 根据 所述地址映射表获知所要转发到的地址, 并将第一报文封装成第二报文转发 到 CPE,再由 CPE将所述第二报文解封装为第一报文转发给所述地址对应的 LAN侧设备。 The CGN is further configured to: when receiving the first message returned by the WAN side device, according to The address mapping table learns the address to be forwarded, and encapsulates the first packet into a second packet and forwards the packet to the CPE, and then the CPE decapsulates the second packet into the first packet and forwards the packet to the address. Corresponding LAN side device.
上述 4艮文处理方法、 系统和用户前端设备, 可实现两个网络之间的互通。  The above-mentioned four-dimensional processing method, system and user front-end device can realize interworking between two networks.
附图概述 BRIEF abstract
图 1为本发明实施方式的报文处理方法的流程图;  1 is a flowchart of a packet processing method according to an embodiment of the present invention;
图 2为本发明实施方式的网络组网示意图;  2 is a schematic diagram of a network networking according to an embodiment of the present invention;
图 3为本发明实施方式的隧道实施例的逻辑结构示意图;  3 is a schematic diagram of a logical structure of an embodiment of a tunnel according to an embodiment of the present invention;
图 4为本发明实施方式的报文转发路径的示意图;  4 is a schematic diagram of a packet forwarding path according to an embodiment of the present invention;
图 5为本发明实施方式的 CPE的结构示意图;  FIG. 5 is a schematic structural diagram of a CPE according to an embodiment of the present invention; FIG.
图 6为本发明实施方式的报文处理系统的结构示意图。  FIG. 6 is a schematic structural diagram of a message processing system according to an embodiment of the present invention.
本发明的较佳实施方式 Preferred embodiment of the invention
下面根据附图介绍各实施例。 需要说明的是, 本发明内容可以用以下实 施例解释, 但不限于以下的实施例。 如图 1所示, 为本发明报文处理方法的流程图, 该方法是从 CPE侧进行 描述的, 该方法包括:  The embodiments are described below with reference to the drawings. It should be noted that the present invention can be explained by the following embodiments, but is not limited to the following embodiments. As shown in FIG. 1 , it is a flowchart of a packet processing method according to the present invention. The method is described from a CPE side, and the method includes:
步骤 101、 用户前端设备(CPE )获取隧道终结点地址, 釆用 DS-Lite建 立隧道;  Step 101: The user front-end device (CPE) obtains the tunnel endpoint address, and uses DS-Lite to establish a tunnel.
该 CPE可以通过动态主机设置协议( DHCP )选项获取隧道终结点地址, 从而建立隧道如 IPv4 in IPv6隧道;  The CPE can obtain the tunnel endpoint address through the Dynamic Host Configuration Protocol (DHCP) option to establish a tunnel such as an IPv4 in IPv6 tunnel.
步骤 102、 将局域网 (LAN )侧设备上行的第一报文封装成第二报文, 并通过上述隧道转发给承载级网络设备 ( CGN ) ;  Step 102: The first packet sent by the local area network (LAN) device is encapsulated into a second packet, and forwarded to the bearer-level network device (CGN) through the tunnel.
其中, 该第一报文可以为 IPv4报文, 第二报文可以为 IPv6报文; 当然, 该第一报文和第二报文还可以为其他形式的报文,此处上述 IPv4报文和 IPv6 才艮文仅为示例; 在该步骤之后, 还可以包括: CGN对所接收的第二报文解封装成第一报 文, 并转发给广域网 (WAN )侧设备; 其中, 在上述 CGN对所接收的第二 报文解封装成第一报文, 并转发给 WAN侧设备的过程中, CGN根据上述第 一报文, 更新地址映射表中的地址信息, 该地址信息包含转换后的源地址和 未经转换的目的地址; 当 CGN接收到 WAN侧设备返回的第一报文时, 根据 上述地址映射表获知所要转发到的地址, 并将第一报文封装成第二报文转发 到 CPE; The first packet may be an IPv4 packet, and the second packet may be an IPv6 packet. The first packet and the second packet may be other types of packets, where the IPv4 packet is used. And IPv6 is only an example; After the step, the method further includes: the CGN decapsulating the received second packet into a first packet, and forwarding the packet to the wide area network (WAN) side device; where, the CGN pairs the received second packet solution In the process of being encapsulated into the first packet and forwarded to the WAN device, the CGN updates the address information in the address mapping table according to the first packet, where the address information includes the converted source address and the untransformed destination address. When the CGN receives the first packet returned by the WAN device, the IP address is obtained according to the address mapping table, and the first packet is encapsulated into a second packet and forwarded to the CPE;
可选地, LAN侧设备可以是使用私有网络地址的 IPv4主机, 通过 CPE 和 DS-Lite设备组成的 IPv6网络实现访问外部的 IPv4网络;  Optionally, the LAN side device may be an IPv4 host that uses a private network address, and accesses an external IPv4 network through an IPv6 network composed of a CPE and a DS-Lite device.
步骤 103、 接收上述 CGN通过上述隧道发送的第二报文, 将上述第二报 文解封装为第一报文, 并转发给上述 LAN侧设备。  Step 103: Receive a second packet sent by the CGN through the tunnel, and decapsulate the second packet into a first packet, and forward the packet to the LAN device.
该报文处理方法,通过在 CPE终端设备上釆用 DS-Lite和 CGN之间建立 隧道, 使得两个网络如 IPv4网络可以互通, 这两个 IPv4网络之间有 IPv6网 络。  The packet processing method establishes a tunnel between the DS-Lite and the CGN on the CPE terminal device, so that two networks, such as an IPv4 network, can communicate with each other, and an IPv6 network exists between the two IPv4 networks.
如图 2所示, 为本发明的网络组网示意图, 该网络组网包括 LAN侧 PC As shown in FIG. 2, it is a schematic diagram of a network networking of the present invention, where the network networking includes a LAN side PC.
(即用户主机) 21 , CPE 22、 CGN23和隧道终结点 (AFTR ) 24; CPE作为 一个 DS-LITE 客户端 (Client ) , 对往返于 CGN/LAN 的 IPV4 报文或 IPV4-IN-IPV6隧道 ^艮文进行封装及解封装, 实现 CGN设备及 LAN侧设备的 无缝交互。 (ie user host) 21, CPE 22, CGN23 and tunnel termination point (AFTR) 24; CPE as a DS-LITE client (Client), IPV4 message to and from CGN/LAN or IPV4-IN-IPV6 tunnel^ The encapsulation and decapsulation of the text enable seamless interaction between the CGN device and the LAN side device.
在 CPE的 LAN侧链路上主要承载 IPV4报文, 而 WAN侧链路上主要承 载是 IPV6报文, 该 IPV6报文包括一般的 IPV6报文及 IPV4-IN-IPV6报文两 种。  On the LAN side of the CPE, the IPV4 packet is mainly carried, and the WAN side link is mainly the IPV6 packet. The IPV6 packet includes the general IPV6 packet and the IPV4-IN-IPV6 packet.
CGN作为一个 DS-LITE服务器(Server ) , 除负责与 CPE进行隧道对 接外, 还具备 NAT功能, 实现 IP V4私网地址到公网地址的互转换, 进而实 现对 WAN侧 IPV4资源的访问。 具体地, 在 CGN上维护一张地址映射表, 该地址映射表中的记录是由数据流报文信息产生 (映射记录经过地址老化会 被删除 ) 。 CGN将 CPE发来的报文中源地址转换, 目的地址仍是公网地址, 将报文发出; 当 IPv4公网返回数据报文时通过查找该表可获知所要转发到的 私网地址, 并将 ^艮文转发到 CPE。 如图 3所示, 为本发明隧道实施例的逻辑结构示意图, 该隧道逻辑上包 含两个端点, 每一个端点可以对应到一个网络设备, 在 A端, 对于到达 IPv4-in-IPv6隧道 Tunl46接口的 IPv4报文进行 IPv6的封装并发送到 B端;对 于收到的 IPv4-in-IPv6报文剥除其 IPv6报头, 转换为 IPv4报文再做进一步转 发。 隧道的两端功能是对称的。 在 A与 B两端是基于 IPV6的通信, A端在 向 B发包时至少知道隧道的本地地址及对端地址, 分别用作 IPV6 头的源 地址及目的地址。 CPE作为一个 DS-LITE的 Client, 在内核部分实现一个隧 道处理模块(Tunl46 ) 31功能实体。 As a DS-LITE server (Server), in addition to being responsible for tunneling with the CPE, the CGN also has a NAT function to implement mutual conversion of the IP V4 private network address to the public network address, thereby realizing access to the WAN-side IPV4 resource. Specifically, an address mapping table is maintained on the CGN, and the records in the address mapping table are generated by the data flow message information (the mapping record is deleted after the address aging). The CGN translates the source address in the packet sent by the CPE, and the destination address is still the public network address, and the packet is sent. When the IPv4 public network returns the data packet, the IPv4 public network can find the private network address to be forwarded by searching the table, and Forward the message to the CPE. As shown in FIG. 3, it is a schematic diagram of a logical structure of an embodiment of a tunnel according to the present invention. The tunnel logically includes two endpoints, each of which may correspond to a network device, and at the A end, the interface to the IPv4-in-IPv6 tunnel Tunl46 The IPv4 packet is encapsulated and sent to the B-end. The IPv6 header of the received IPv4-in IPv6 packet is stripped and converted to an IPv4 packet for further forwarding. The functions of the two ends of the tunnel are symmetrical. At both ends of A and B, IPV6-based communication is used. When A sends a packet to B, it knows at least the local address and the peer address of the tunnel, which are used as the source address and destination address of the IPV6 header respectively. As a DS-LITE client, the CPE implements a tunnel processing module (Tunl46) 31 functional entity in the kernel part.
如图 4所示, 为本发明报文转发路径的示意图, 首先配置管理模块 41将 可视化界面上或远程管理提供的相关信息配置到 WAN连接处理模块 42; WAN连接处理模块 42创建虚拟设备 nbif和创建路由信息到路由表, 隧道配 置管理模块 43向 WAN连接处理模块 42获取隧道相关信息, 并将信息配置 到隧道处理模块 44, 随后隧道处理模块 44根据这些信息建立隧道; DNS处 理模块 45具有 DNS Proxy功能, 可以根据配置, 将 LAN侧 IPV4 DNS请求 ^艮文从指定或默认的 IPV6 WAN连接发送给此 WAN连接上的 IPV6 DNS ,并 把相应的 DNS响应报文返回给 LAN侧设备; 其中, 报文转发路径如下: As shown in FIG. 4, which is a schematic diagram of a packet forwarding path according to the present invention, first, the configuration management module 41 configures related information provided on the visual interface or remote management to the WAN connection processing module 42; the WAN connection processing module 42 creates a virtual device nbif and Creating routing information into the routing table, the tunnel configuration management module 43 obtains tunnel related information from the WAN connection processing module 42 and configures the information to the tunnel processing module 44, and then the tunnel processing module 44 establishes a tunnel based on the information; the DNS processing module 45 has a DNS The Proxy function, according to the configuration, sends the LAN-side IPV4 DNS request to the IPV6 DNS on the WAN connection from the designated or default IPV6 WAN connection, and returns the corresponding DNS response message to the LAN-side device; The packet forwarding path is as follows:
401、 LAN侧主机( HOST )上行目的 IP为公网 IP的 IPv4报文: 由 LAN侧 HOST主机至 ethx, 由 ethx至 brO, 再路由到隧道 Tunl46, 再 路由至 nbif ( Tunl46到 nbif之的转发可以根据通过配置 IPv6路由来实现) , 由 nbif再到 CGN; 401. The LAN destination host (HOST) uplink destination IP address is the public network IP IPv4 packet: from the LAN side host host to ethx, from ethx to brO, then to the tunnel Tunl46, and then to nbif (tunl46 to nbif forwarding) Can be implemented according to the configuration of IPv6 routing), from nbif to CGN;
402、 CPE本地应用产生目的 IP为公网 IP的 IPv4报文:  402. The CPE local application generates an IPv4 packet whose destination IP address is the public network IP address:
本地应用 APP路由到隧道 Tunl46 , 再路由至 nbif, 由 nbif再到 CGN; The local application APP routes to the tunnel Tunl46, and then to nbif, from nbif to CGN;
403、 CPE本地应用产生, 目的地址全局 ( Global ) IPv6 的 IPv64艮文: 本地应用 APP路由到 nbif, 再由 nbif到 CGN; 403, the CPE local application generates, the destination address global (Global) IPv6 IPv6 text: the local application APP routes to nbif, and then nbif to CGN;
404、 WAN侧下行 IPv4目的不是 CPE本地地址的 IPv4-in-IPv6 隧道报 文:  404. The WAN-side downlink IPv4 destination is not an IPv4-in-IPv6 tunnel message of the CPE local address:
由 CGN至 nbif, 隧道协议收包转至隧道 Tunl46, 由 v4路由到 brO, 再由 brO至 ethx, 最终由 ethx到 LAN侧 HOST主机; 其中, 隧道报文在经过 tunl46解封后, 由 IPv4协议栈路由到 brO再通过 桥转发; From CGN to nbif, the tunnel protocol receives the packet and transfers it to the tunnel Tunl46, which is routed from v4 to brO, then from brO to ethx, and finally from ethx to the LAN side host. After the tunnel packet is unblocked by the tunel46, the tunnel packet is routed to the brO through the IPv4 protocol stack and then forwarded through the bridge.
405、 WAN侧下行 IPv4目的是 CPE本地地址的 IPv4-in-IPv6 隧道报文: 由 CGN至 nbif, 隧道协议收包转至隧道 Tunl46, 再由隧道至 IPv4协议 栈, 再到本地应用程序;  405. The WAN-side downlink IPv4 destination is an IPv4-in-IPv6 tunnel packet of the CPE local address: from CGN to nbif, the tunneling protocol receives the packet to the tunnel Tunl46, and then tunnels to the IPv4 protocol stack, and then to the local application;
406、 LAN侧上行或 WAN侧下行其它 IPv6报文:  406. Other IPv6 packets in the LAN side uplink or WAN side downlink:
按 IPv6协议栈在 WAN/LAN之间转发或递交到 CPE上应用程序处理。 如图 5所示, 为本发明 CPE的结构示意图, 该 CPE包括: 建立模块 51、 封装转发模块 52和解封装转发模块 53; 其中, 建立模块 51用于获取隧道终 结点地址, 釆用轻量级双栈 ( DS-Lite )建立隧道; 封装转发模块 52用于将局 域网 (LAN )侧设备上行的第一报文封装成第二报文, 并通过所述隧道转发 给承载级网络设备 ( CGN ) ; 解封装转发模块 53用于接收所述 CGN通过所 述隧道发送的第二报文, 将所述第二报文解封装为第一报文, 并转发给所述 LAN侧设备。  Forwarded or submitted to the CPE for application processing between WAN/LAN according to the IPv6 protocol stack. As shown in FIG. 5, it is a schematic structural diagram of a CPE according to the present invention. The CPE includes: an establishing module 51, a package forwarding module 52, and a decapsulation forwarding module 53. The establishing module 51 is configured to obtain a tunnel endpoint address and use a lightweight The dual-stack (DS-Lite) establishes a tunnel; the encapsulation and forwarding module 52 is configured to encapsulate the first packet of the uplink of the local area network (LAN) device into a second packet, and forward the packet to the bearer-level network device (CGN) through the tunnel. The decapsulation and forwarding module 53 is configured to receive the second packet sent by the CGN through the tunnel, and decapsulate the second packet into the first packet, and forward the packet to the LAN device.
其中, 所述 CPE可以用于通过动态主机设置协议( DHCP )选项获取隧 道终结点地址。  The CPE can be used to obtain a tunnel endpoint address through a Dynamic Host Setup Protocol (DHCP) option.
该 CPE可具有以下功能: CPE可以为 LAN设备分配 IPv4私网地址 (192.x.x.x), 并为其指定网关及域名服务器(DNS )地址, 默认为 CPE LAN 侧地址, 如 192.168.1.1 ; 该 CPE支持 IPv4及 IPv6双协议栈, 并通过基于以 太网的点到点协议( PPPoE )或基于以太网的互联网协议( IPoE )方式从 WAN 侧获取 IPv6 全局地址及相应的网关、 DNS地址等; CPE 支持 IPv4-in-IPv6 隧道, 建立与 CGN之间的 IPv6隧道, 根据配置对 LAN侧上行的 IPv4报文 进行 IPv6封装并转发给 CGN, 对从隧道对端下行的报文进行解封, 转交给 LAN侧设备; CPE具有 DNS代理( Proxy )功能,根据配置将 LAN侧 IPv4 DNS 请求 ^艮文从指定或默认的 IPv6 WAN连接发送给此 WAN连接上的 IPv6 DNS , 并把相应的 DNS响应报文返回给 LAN侧设备; CPE还具备通过某个特定的 DHCPV6选项( Options ) (该 Options选项可配置)来获取及接收来自 WAN 侧的特定配置信息 (如: 隧道相关信息、 V4的 DNS )功能。 本发明 CPE使用 DHCP V6 Options获取 AFTR地址, 然后建立隧道, 提 高了系统实际使用的灵活性。 The CPE can have the following functions: The CPE can assign an IPv4 private network address (192.xxx) to the LAN device, and assign a gateway and a domain name server (DNS) address to it, and the default is a CPE LAN side address, such as 192.168.1.1; Supports IPv4 and IPv6 dual stacks, and obtains IPv6 global addresses and corresponding gateways, DNS addresses, etc. from the WAN side through Ethernet-based Point-to-Point Protocol (PPPoE) or Ethernet-based Internet Protocol (IPoE); CPE support An IPv4-in-IPv6 tunnel is set up to establish an IPv6 tunnel with the CGN. The IPv4 packet is forwarded to the CGN and then forwarded to the CGN. The packet is forwarded to the LAN. The side device; the CPE has a DNS proxy function, and sends the LAN side IPv4 DNS request from the specified or default IPv6 WAN connection to the IPv6 DNS on the WAN connection according to the configuration, and returns the corresponding DNS response message. For LAN side devices; CPE also has a specific DHCPV6 option (options) to get and receive specific configuration information from the WAN side (eg tunnel related information, V4 DNS) feature. The CPE of the present invention uses the DHCP V6 Options to obtain the AFTR address, and then establishes a tunnel, which improves the flexibility of the actual use of the system.
如图 6所示,为本发明"¾文处理系统的结构示意图,该系统包括: CPE61 和承载级网络设备 ( CGN ) 62, 其中, 该 CPE 61的结构如图 5中所示的 CPE 的结构相同,且具有的功能相同,此处不再赘述;所述承载级网络设备(CGN ) 62用于在收到所述 CPE 61转发的第二报文后, 将所述第二报文解封装为第 一报文, 并转发给广域网 (WAN )侧设备。  FIG. 6 is a schematic structural diagram of a 3⁄4 text processing system according to the present invention. The system includes: a CPE 61 and a bearer level network device (CGN) 62, wherein the structure of the CPE 61 is as shown in FIG. The same function has the same function and is not described here. The bearer-level network device (CGN) 62 is configured to decapsulate the second packet after receiving the second packet forwarded by the CPE 61. It is the first packet and forwarded to the wide area network (WAN) side device.
优选地, 所述 CGN 62可以用于在将所述第二>¾文解封装为第 文, 并转发给广域网 (WAN )侧设备的过程中, 根据所述第一报文, 更新地址映 射表中的地址信息,该地址信息包含转换后的源地址和未经转换的目的地址。  Preferably, the CGN 62 may be configured to update the address mapping table according to the first packet in the process of encapsulating the second packet into the text and forwarding to the wide area network (WAN) side device. Address information in the address information, including the converted source address and the unconverted destination address.
另外, 所述 CGN 62还用于当接收到 WAN侧设备返回的第一报文时, 根据所述地址映射表获知所要转发到的地址, 并将第一报文封装成第二报文 转发到 CPE 61 , 再由 CPE 61将所述第二报文解封装为第一报文转发给所述 地址对应的 LAN侧设备。  In addition, the CGN 62 is further configured to: when receiving the first packet returned by the WAN side device, learn the address to be forwarded according to the address mapping table, and encapsulate the first packet into the second packet to be forwarded to the second packet. The CPE 61, the CPE 61 decapsulates the second packet into a first packet and forwards the packet to the LAN device corresponding to the address.
该 ^艮文处理系统, 通过 CPE 61和 CGN 62的交互, 使得两个网络可以互 通。  The communication system, through the interaction of CPE 61 and CGN 62, enables the two networks to communicate.
本领域普通技术人员可以理解上述方法中的全部或部分步骤可通过程序 来指令相关硬件完成, 上述程序可以存储于计算机可读存储介质中, 如只读 存储器、 磁盘或光盘等。 可选地, 上述实施例的全部或部分步骤也可以使用 一个或多个集成电路来实现。 相应地, 上述实施例中的各模块 /单元可以釆用 硬件的形式实现, 也可以釆用软件功能模块的形式实现。 本发明不限制于任 何特定形式的硬件和软件的结合。  One of ordinary skill in the art will appreciate that all or a portion of the above steps may be accomplished by a program that instructs the associated hardware to be stored in a computer readable storage medium, such as a read only memory, a magnetic disk, or an optical disk. Alternatively, all or part of the steps of the above embodiments may also be implemented using one or more integrated circuits. Correspondingly, each module/unit in the above embodiment may be implemented in the form of hardware or in the form of a software function module. The invention is not limited to any specific form of combination of hardware and software.
以上实施例仅用以说明本发明的技术方案而非限制, 仅仅参照较佳实施 例对本发明进行了详细说明。 本领域的普通技术人员应当理解, 可以对本发 明的技术方案进行修改或者等同替换, 而不脱离本发明技术方案的精神和范 围, 均应涵盖在本发明的权利要求范围当中。  The above embodiments are only intended to illustrate the technical solutions of the present invention and are not to be construed as limiting the invention. It should be understood by those skilled in the art that the present invention may be modified or equivalently substituted without departing from the spirit and scope of the invention.
工业实用性 本发明的" ^艮文处理方法、 系统和用户前端设备, 可实现两个网络之间的 互通。 Industrial applicability The "^艮文 processing method, system and user front-end device of the present invention can realize interworking between two networks.

Claims

权 利 要 求 书 Claim
1、 一种 文处理方法, 所述方法包括:  1. A text processing method, the method comprising:
用户前端设备 ( CPE )获取隧道终结点地址, 釆用轻量级双栈 ( DS-Lite ) 建立隧道;  The user front end device (CPE) obtains the tunnel endpoint address and uses a lightweight dual stack (DS-Lite) to establish a tunnel;
将局域网 (LAN )侧设备上行的第一报文封装成第二报文, 并通过所述 隧道转发给承载级网络设备 ( CGN ) ; 以及  The first packet in the uplink of the local area network (LAN) device is encapsulated into a second packet, and forwarded to the bearer-level network device (CGN) through the tunnel;
接收所述 CGN通过所述隧道发送的第二报文,将所述第二报文解封装为 第一报文, 并转发给所述 LAN侧设备。  Receiving a second packet sent by the CGN through the tunnel, decapsulating the second packet into a first packet, and forwarding the packet to the LAN side device.
2、 根据权利要求 1所述的报文处理方法, 其中, 所述 CPE获取隧道终 结点地址的步骤包括:  2. The packet processing method according to claim 1, wherein the step of the CPE acquiring the tunnel endpoint address comprises:
所述 CPE通过动态主机设置协议(DHCP )选项获取隧道终结点地址。  The CPE obtains the tunnel endpoint address through the Dynamic Host Setup Protocol (DHCP) option.
3、 根据权利要求 1所述的报文处理方法, 其中, 在将 LAN侧设备上行 的第一报文封装成第二报文, 并通过所述隧道转发给 CGN之后, 所述方法还 包括:  The packet processing method according to claim 1, wherein after the first packet of the uplink of the LAN device is encapsulated into the second packet and forwarded to the CGN through the tunnel, the method further includes:
所述 CGN对所接收的第二报文解封装成第一报文, 并转发给广域网 The CGN decapsulates the received second packet into a first packet, and forwards the packet to the WAN.
( WAN )侧设备。 (WAN) side device.
4、 根据权利要求 3所述的报文处理方法, 其中, 在所述 CGN对所接收 的第二报文解封装成第一报文, 并转发给 WAN侧设备的步骤中,  The packet processing method according to claim 3, wherein in the step of decapsulating the received second packet into the first packet by the CGN, and forwarding the packet to the WAN device,
所述 CGN根据所述第一报文, 更新地址映射表中的地址信息,该地址信 息包含转换后的源地址和未经转换的目的地址。  The CGN updates the address information in the address mapping table according to the first packet, and the address information includes the converted source address and the unconverted destination address.
5、 根据权利要求 4所述的报文处理方法, 其中, 在所述 CGN对所接收 的第二报文解封装成第一报文, 并转发给 WAN侧设备之后, 所述方法还包 括:  The packet processing method according to claim 4, wherein after the CGN decapsulates the received second packet into the first packet and forwards the packet to the WAN device, the method further includes:
当所述 CGN接收到所述 WAN侧设备返回的第一报文时,根据所述地址 映射表获知所要转发到的地址, 并将所述第一报文封装成第二报文转发到 CPE, 再由 CPE将所述第二报文解封装为第一报文转发给所述地址对应的 LAN侧设备。 When the CGN receives the first packet returned by the WAN side device, the IP address is forwarded to the CPE according to the address mapping table, and the first packet is encapsulated into a second packet and forwarded to the CPE. The second packet is decapsulated by the CPE into a first packet and forwarded to the LAN device corresponding to the address.
6、 一种用户前端设备(CPE ) , 所述 CPE包括: 6. A user front end device (CPE), the CPE comprising:
建立模块, 其设置为: 获取隧道终结点地址, 釆用轻量级双栈(DS-Lite ) 建立隧道;  Establish a module, which is set to: obtain a tunnel endpoint address, and establish a tunnel by using a lightweight dual stack (DS-Lite);
封装转发模块, 其设置为: 将局域网 (LAN )侧设备上行的第一报文封 装成第二报文, 并通过所述隧道转发给承载级网络设备(CGN ) ; 以及  a packet forwarding module, configured to: encapsulate the first packet of the uplink of the local area network (LAN) device into a second packet, and forward the packet to the bearer-level network device (CGN) through the tunnel;
解封装转发模块,其设置为:接收所述 CGN通过所述隧道发送的第二报 文, 将所述第二报文解封装为第一报文, 并转发给所述 LAN侧设备。  And a decapsulation and forwarding module, configured to: receive the second packet sent by the CGN through the tunnel, decapsulate the second packet into a first packet, and forward the packet to the LAN device.
7、 根据权利要求 6所述的 CPE, 其中:  7. The CPE of claim 6 wherein:
所述 CPE是设置为通过动态主机设置协议(DHCP )选项获取隧道终结 点地址。  The CPE is set to obtain a tunnel endpoint address through the Dynamic Host Setup Protocol (DHCP) option.
8、 一种包括权利要求 6或 7所述的用户前端设备 ( CPE )的报文处理系 统, 所述系统还包括承载级网络设备(CGN ) , 其中:  8. A message processing system comprising the user front end equipment (CPE) of claim 6 or 7, the system further comprising a bearer level network device (CGN), wherein:
所述承载级网络设备(CGN )设置为: 在收到所述 CPE转发的第二报文 后, 将所述第二报文解封装为第一报文, 并转发给广域网 (WAN )侧设备。  The bearer-level network device (CGN) is configured to: after receiving the second packet forwarded by the CPE, decapsulate the second packet into a first packet, and forward the packet to a wide area network (WAN) side device. .
9、 根据权利要求 8所述的报文处理系统, 其中:  9. The message processing system according to claim 8, wherein:
所述 CGN是设置为: 在将所述第二报文解封装为第一报文, 并转发给广 域网 (WAN )侧设备的过程中, 根据所述第一报文, 更新地址映射表中的地 址信息, 该地址信息包含转换后的源地址和未经转换的目的地址。  The CGN is configured to: in the process of decapsulating the second packet into the first packet, and forwarding the packet to the wide area network (WAN) device, updating the address mapping table according to the first packet Address information, the address information includes the converted source address and the unconverted destination address.
10、 根据权利要求 9所述的报文处理系统, 其中:  10. The message processing system according to claim 9, wherein:
所述 CGN还设置为: 当接收到 WAN侧设备返回的第一报文时, 根据所 述地址映射表获知所要转发到的地址, 并将第一报文封装成第二报文转发到 CPE, 再由 CPE将所述第二报文解封装为第一报文转发给所述地址对应的 LAN侧设备。  The CGN is further configured to: when receiving the first packet returned by the WAN device, learn the address to be forwarded according to the address mapping table, and encapsulate the first packet into the second packet and forward the packet to the CPE. The second packet is decapsulated by the CPE into a first packet and forwarded to the LAN device corresponding to the address.
PCT/CN2011/076120 2010-12-20 2011-06-22 Packet processing method, system and customer premises equipment WO2012083657A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN2010105955858A CN102546362A (en) 2010-12-20 2010-12-20 Message processing method, message processing system and customer premises equipment
CN201010595585.8 2010-12-20

Publications (1)

Publication Number Publication Date
WO2012083657A1 true WO2012083657A1 (en) 2012-06-28

Family

ID=46313094

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2011/076120 WO2012083657A1 (en) 2010-12-20 2011-06-22 Packet processing method, system and customer premises equipment

Country Status (2)

Country Link
CN (1) CN102546362A (en)
WO (1) WO2012083657A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109039916A (en) * 2018-09-13 2018-12-18 迈普通信技术股份有限公司 Message forwarding method, device and storage medium

Families Citing this family (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9553801B2 (en) * 2012-09-25 2017-01-24 Google Inc. Network device
CN102938736B (en) * 2012-11-20 2016-06-08 杭州迪普科技有限公司 A kind of method and apparatus realizing IPv4 message passing through IPv 6 network
US9521033B2 (en) * 2014-02-23 2016-12-13 Telefonaktiebolaget L M Ericsson (Publ) IPoE dual-stack subscriber for bridged residential gateway configuration
CN104993993B (en) * 2015-05-13 2018-06-15 华为技术有限公司 A kind of message processing method, equipment and system
CN105391639B (en) * 2015-10-13 2019-05-03 深圳市唯传科技有限公司 A kind of intelligent networking gateway method for routing and system
CN105939316A (en) * 2015-10-26 2016-09-14 杭州迪普科技有限公司 Message forwarding method and device
CN109151084A (en) * 2017-06-15 2019-01-04 中兴通讯股份有限公司 File transmitting method and device, system, CGN equipment
CN111371909B (en) * 2018-12-25 2022-04-26 深圳市中兴微电子技术有限公司 Method and system for realizing 4in6DS Lite data stream forwarding
AU2020437452A1 (en) 2020-03-27 2022-11-24 Arris Enterprises Llc Apparatus and method for establishing and maintaining DS-lite tunnel

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1949776A (en) * 2006-11-10 2007-04-18 清华大学 4 over 6 tunnel packing and depacking method for extending boundary gateway protocol
CN1965515A (en) * 2004-06-25 2007-05-16 思科技术公司 Arrangement for reaching IPv4 public network nodes by a node in an IPv4 private network via an IPv6 access network
WO2009018658A1 (en) * 2007-08-03 2009-02-12 Hexago Device, system and method for automatic ipv4 provisioning in a local area network connected to an ipv6 network
CN101447935A (en) * 2008-11-20 2009-06-03 华为技术有限公司 Data packet transmitting method, system and equipment thereof

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1965515A (en) * 2004-06-25 2007-05-16 思科技术公司 Arrangement for reaching IPv4 public network nodes by a node in an IPv4 private network via an IPv6 access network
CN1949776A (en) * 2006-11-10 2007-04-18 清华大学 4 over 6 tunnel packing and depacking method for extending boundary gateway protocol
WO2009018658A1 (en) * 2007-08-03 2009-02-12 Hexago Device, system and method for automatic ipv4 provisioning in a local area network connected to an ipv6 network
CN101447935A (en) * 2008-11-20 2009-06-03 华为技术有限公司 Data packet transmitting method, system and equipment thereof

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109039916A (en) * 2018-09-13 2018-12-18 迈普通信技术股份有限公司 Message forwarding method, device and storage medium
CN109039916B (en) * 2018-09-13 2021-08-06 迈普通信技术股份有限公司 Message forwarding method, device and storage medium

Also Published As

Publication number Publication date
CN102546362A (en) 2012-07-04

Similar Documents

Publication Publication Date Title
WO2012083657A1 (en) Packet processing method, system and customer premises equipment
Wu et al. Transition from IPv4 to IPv6: A state-of-the-art survey
US7639686B2 (en) Access network clusterhead for providing local mobility management of a roaming IPv4 node
US7411967B2 (en) Private network gateways interconnecting private networks via an access network
JP4527721B2 (en) Apparatus and method for improving remote LAN connectivity using tunneling
US7231452B2 (en) Method and apparatus for communicating on a communication network
EP1807980B1 (en) Maintaining secrecy of assigned unique local addresses for ipv6 nodes within a prescribed site during access of a wide area network
JP4598859B2 (en) Relay network system and terminal adapter device
JP5499391B2 (en) Method, apparatus and system for transferring messages
US20070147421A1 (en) ISATAP router for tunneling packets and method thereof
WO2010057386A1 (en) Data package forwarding method, system and device
CN103338151B (en) Public network client accesses the method and router of private network server
WO2012013133A1 (en) Method and device for network communications
WO2010108431A1 (en) Method for realizing ipv6 host visting ipv4 host, method for obtaining ipv6 address prefix and translation device
JP2006148902A (en) IPv4-IPv6 CONVERSION SYSTEM USING DUAL STACK CONVERSION MECHANISM AND ITS METHOD
EP2599286B1 (en) IPv6 address generation to trigger a virtual leased line service
Cui et al. 4over6: network layer virtualization for IPv4-IPv6 coexistence
WO2005083959A1 (en) Network access router, network access method, program, and recording medium
JP6386166B2 (en) Translation method and apparatus between IPv4 and IPv6
WO2012136006A1 (en) Routing method and device for host in multi-homing site
WO2007036146A1 (en) A METHOD, SYSTEM AND DEVICE FOR COMMUNICATING BETWEEN IPv6 MOBILE NODE AND IPv4 COMMUNICATION PARTNER
JP2012085208A (en) Communication method of lisp network
CN110752989A (en) Method and device for forwarding east-west traffic
KR20060091555A (en) Ipv6 internet gateway for inter-working between ipv4 network and ipv6 network and communication method thereof
CN103024096A (en) Method quickly accessing internet in carrier-grade network address translation (CGN) network

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 11850868

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 11850868

Country of ref document: EP

Kind code of ref document: A1