WO2017003065A1 - Dispositif de réseau et terminal pour transmission à regroupement de réseaux multiples, et son procédé de fonctionnement - Google Patents

Dispositif de réseau et terminal pour transmission à regroupement de réseaux multiples, et son procédé de fonctionnement Download PDF

Info

Publication number
WO2017003065A1
WO2017003065A1 PCT/KR2016/002814 KR2016002814W WO2017003065A1 WO 2017003065 A1 WO2017003065 A1 WO 2017003065A1 KR 2016002814 W KR2016002814 W KR 2016002814W WO 2017003065 A1 WO2017003065 A1 WO 2017003065A1
Authority
WO
WIPO (PCT)
Prior art keywords
server
network
gateway
terminal
connection
Prior art date
Application number
PCT/KR2016/002814
Other languages
English (en)
Korean (ko)
Inventor
조한진
정윤필
서성훈
오홍석
Original Assignee
주식회사 케이티
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from KR1020160018033A external-priority patent/KR101689012B1/ko
Application filed by 주식회사 케이티 filed Critical 주식회사 케이티
Priority to EP16818098.2A priority Critical patent/EP3301969B1/fr
Publication of WO2017003065A1 publication Critical patent/WO2017003065A1/fr

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W8/00Network data management
    • H04W8/18Processing of user or subscriber data, e.g. subscribed services, user preferences or user profiles; Transfer of user or subscriber data
    • H04W8/20Transfer of user or subscriber data
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W28/00Network traffic management; Network resource management
    • H04W28/02Traffic management, e.g. flow control or congestion control
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W76/00Connection management
    • H04W76/10Connection setup
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W88/00Devices specially adapted for wireless communication networks, e.g. terminals, base stations or access point devices
    • H04W88/02Terminal devices
    • H04W88/06Terminal devices adapted for operation in multiple networks or having at least two operational modes, e.g. multi-mode terminals

Definitions

  • the present invention relates to multi-network merging.
  • Aggregation transmission is a technique of transmitting data using a plurality of communication networks simultaneously, and processes the data transmitted in each path into one session.
  • a terminal may be connected to a plurality of communication networks at one time, and one service / application may communicate by merging a plurality of networks as one network regardless of network type or number of networks. Therefore, the merge transmission system can quickly transmit and receive a large amount of data using a plurality of available network resources. In the sense of merging a plurality of networks, it may be referred to as multinet aggregation.
  • MPTCP multi-path TCP
  • a terminal having a plurality of physical interfaces may be connected to a plurality of communication networks at one time through MPTCP technology, and end-to-end communication is generated by generating a session in subflow units.
  • An object of the present invention is to provide a network device and a terminal for providing a multi-network merge service, and an operation method thereof.
  • a method of operating a terminal for a multi-network merging service comprising: receiving access information of a gateway providing the multi-network merging service from an authentication server, and when a packet transmitted to the server is generated, Connecting to the gateway corresponding to the access information through a first network and performing a connection procedure; if the connection procedure with the gateway is successful, generating a first subflow through the first network; and Generating a second subflow added to the first subflow over a second network, wherein the gateway is located at a contact point of the first network and the second network, and data communication between the terminal and the server In order to proxy the network device to the terminal and the server.
  • the performing of the connection procedure may include transmitting user information to the gateway, receiving a user authentication result determined based on the user information from the gateway, and if the user authentication result is successful, transmitting the user information to the gateway. Transmitting information of a server, and receiving a connection result with the server from the gateway.
  • the method may include: canceling a connection procedure with the gateway; It may further comprise the step.
  • the message may include a reason, and the reason may indicate a result of the user authentication.
  • the user information includes a service package name
  • the method may further include accessing the server via a default path if the user authentication result includes a rejection of the service package name.
  • the method may further include accessing the server via a default route if the connection procedure with the gateway fails.
  • the method may include accessing the server through the default path, and then querying the multi-network merge service status by transmitting a multi-network merge service status query request message to the authentication server. If the multi-network merge service is available as a result of receiving the response of the merge service status query message, the method may further include performing a connection procedure with the gateway.
  • the method may further include performing a connection procedure with the gateway when the connection procedure with the gateway connected to the first address is unsuccessful, and re-implementing the connection procedure from the authentication server may include: Re-obtaining an address, attempting a connection procedure with the gateway with the re-obtained address, and if the connection procedure attempted with the re-obtained address is unsuccessful, accessing the server through the default path for the session It may include the step.
  • Reacquiring the address of the gateway may include attempting a connection procedure with the gateway using a second address different from the first address when there are a plurality of addresses of the gateway included in the access information. If the attempted connection procedure fails, the gateway may be reacquired from the authentication server.
  • the performing of the connection procedure may include managing a connection exception with the gateway, if the information related to the server does not correspond to the connection exception, performing a connection procedure with the gateway, and information related to the server. Is connected to the server through the default exception, the server connects to the server via a default path, and the connection exception may include a private IP address or an unauthenticated address.
  • the first network may be a mobile communication network
  • the second network may be a local area network.
  • a method in which a gateway located at a multi-network point of contact operates for a multi-network merging service of a terminal comprising: receiving user information from the terminal, user authentication of the user information with the terminal; Transmitting a result, if the user authentication result is successful, receiving server information from the terminal, and transmitting a connection result with a server corresponding to the server information to the terminal.
  • the transmitting of the user authentication result may include determining whether the terminal is a subscriber capable of using a multi-network merge service based on the user information, and if the subscriber is not able to use the multi-network merge service.
  • the user authentication result including the rejection may be transmitted.
  • the transmitting of the user authentication result may include determining whether the terminal is a subscriber capable of using the multi-network merging service in association with an authentication server, and the authentication server authenticates the terminal and access information of the gateway to the authenticated terminal. It may be a network device that provides.
  • the transmitting of the user authentication result may include transmitting a user authentication result indicating a failure reason when the connection result with the server is not successful, and the failure reason is an error found when parsing a value included in the user information. And information indicating the rejection of the value included in the user information, and indicating the rejection of the service package name included in the user information.
  • the transmitting of the connection result with the server may transmit a result of requesting the terminal to access the server through a default path when the connection result with the server is not successful.
  • the method may include generating a first subflow connected to the terminal through the first network if the connection result with the server is successful, and a second subflow added to the first subflow through a second network.
  • the method may further include generating a flow.
  • a terminal for providing a multi-network merge service a memory for storing a communication module, a display, a program, and a processor for executing the program in conjunction with the communication module, the display, and the memory
  • the program receives connection information of a gateway providing the multi-network merging service from an authentication server, and when an application is driven to generate a packet transmitted to a server, the program corresponds to the connection information through a first network.
  • the gateway includes the first network and the first Located at the contact point of two networks, the terminal and the server It is a network device that is proxy-connected to the terminal and the server for its data communication.
  • the program When the application runs and a packet is transmitted to the content server, the program transmits user information to the gateway to receive a user authentication result determined based on the user information from the gateway, and the user authentication result is successful.
  • the server transmits information of the server to the gateway to receive a connection result with the server from the gateway, and communicates with the server through the gateway or with the server through a default path based on the connection result. It may further include.
  • the program releases the connection procedure with the gateway and transmits a message requesting the multi-network merge service authentication release to the authentication server. It may further include.
  • the program includes at least one of an error found when the user authentication result parses a value included in the user information, a rejection of a value included in the user information, and a rejection of a service package name included in the user information. If includes, may further include a command to access the server through a default path.
  • the program When the connection result with the server is successful, the program generates a first subflow connected to the gateway through the first network and generates a second subflow added to the first subflow through a second network. Generating, transmitting and receiving data related to the application through the first subflow and the second subflow, and accessing the server through a default path when the connection result with the server is not successful. can do.
  • the terminal since the gateway providing the multi-network merging service provides the user authentication result and the server connection result to the terminal, the terminal may maintain or release the multi-network merging service setting based on the reception result.
  • the user can easily recognize whether the multi-network merge service is available by recognizing the connection state for the multi-network merge service based on the user authentication result and the server connection result provided from the gateway.
  • FIG. 1 is a conceptual diagram illustrating network merge transmission according to an embodiment of the present invention.
  • FIG. 2 is a diagram illustrating a configuration of a multi-network merging system according to an embodiment of the present invention.
  • FIG. 3 is a diagram illustrating a multi-network merge transmission according to an embodiment of the present invention.
  • FIG. 4 is a diagram illustrating a multi-network merge service setting screen in a terminal according to an embodiment of the present invention by way of example.
  • FIG. 5 is a diagram illustrating traffic flow according to an embodiment of the present invention.
  • FIG. 6 is a flowchart illustrating a multi-network merging service method of a terminal according to an embodiment of the present invention.
  • FIG. 7 is a flowchart illustrating a gateway access method of a terminal according to an embodiment of the present invention.
  • FIG. 8 is a flowchart of a MPTCP connection release method according to an embodiment of the present invention.
  • FIG. 9 is a flowchart of a multi-network merge service deauthentication method according to an embodiment of the present invention.
  • FIG. 10 is a flowchart illustrating a method for processing a proxy connection error of a terminal according to an embodiment of the present invention.
  • FIG. 11 is a hardware block diagram of a terminal according to an embodiment of the present invention.
  • a terminal is a mobile station (MS), a mobile terminal (MT), a subscriber station (SS), a portable subscriber station (PSS), a user equipment (UE) It may also refer to an access terminal (AT) and the like, and may include all or some functions of a mobile station, a mobile terminal, a subscriber station, a portable subscriber station, a user device, an access terminal, and the like.
  • MS mobile station
  • MT mobile terminal
  • SS subscriber station
  • PSS portable subscriber station
  • UE user equipment
  • AT access terminal
  • the terminal of the present specification includes a base station (BS), an access point (Access Point, AP), a radio access station (Radio Access Station, RAS), a Node B (Node B), an advanced NodeB (evolved NodeB, eNodeB), A network device such as a base transceiver station (BTS), a mobile multihop relay (MMR) -BS, or the like may be connected to a remote server.
  • BS base station
  • Access Point Access Point
  • RAS Radio Access Station
  • Node B Node B
  • evolved NodeB evolved NodeB
  • eNodeB evolved NodeB
  • a network device such as a base transceiver station (BTS), a mobile multihop relay (MMR) -BS, or the like may be connected to a remote server.
  • BTS base transceiver station
  • MMR mobile multihop relay
  • the terminal of the present specification is a communication terminal of various forms such as a mobile terminal such as a smartphone, a tablet terminal such as a smart pad and a tablet PC, a computer, a television, and may include a plurality of communication interfaces.
  • the communication interface may vary.
  • the communication interface may be a short-range wireless network interface such as Wi-Fi / WLAN / Bluetooth, and a mobile network interface such as 3G / LTE (Long Term Evolution) / LTE-A (LTE-A). It may include, and the terminal manufacturer may add various communication interfaces.
  • a WiFi interface and a 3G / LTE interface are described as an example, but the communication interface is not limited thereto.
  • FIG. 1 is a conceptual diagram illustrating network merge transmission according to an embodiment of the present invention
  • FIG. 2 is a diagram illustrating a configuration diagram of a multi-network merge system according to an embodiment of the present invention
  • MultiNet Aggregation transmission is a technology for transmitting data by merging a plurality of communication networks, by dividing data transmitted through one path into a path of a plurality of homogeneous networks or a plurality of heterogeneous networks. Alternatively, data transmitted through a plurality of paths may be bundled and transmitted in one path. Multi-network merge transmission may be referred to as multi-path transmission in the sense of transmitting data in multiple paths simultaneously.
  • the multi-network merging system includes a terminal 100, a gateway 200 connected to the terminal 100 and a plurality of networks, and an authentication server 300.
  • the terminal 100 may include multiple communication interfaces, and may be connected to a plurality of networks (for example, a WiFi network and a 3G / LTE network) at one time through the multiple communication interfaces.
  • a plurality of networks for example, a WiFi network and a 3G / LTE network
  • the terminal 100 is equipped with a management application that a user can access to set up or manage a multi-network connection.
  • the management application may be called, for example, a GiGa LTE manager.
  • the terminal 100 may include a network agent that performs authentication, state management, and traffic processing for merging multiple networks, and the network agent may be implemented with terminal internal logic.
  • the network agent and various applications communicate with each other through a socket.
  • the network agent interworks with the authentication server 300 and the gateway 200 according to the setting information of the management application for network management.
  • the network agent includes an authentication server interworking unit implementing the interworking function with the authentication server 300 and a gateway interworking unit implementing the interworking function with the gateway 200.
  • the interworking function with the authentication server 300 may be implemented by the TCP / IP protocol
  • the interworking function with the gateway 200 may be implemented by the SOCKS (Socket Secure) protocol.
  • SOCKS is a protocol used to communicate via a proxy server when doing TCP / UDP communication between a server and a client.
  • the network agent may be called a multi-network aggregation-agent (MA agent).
  • MA agent multi-network aggregation-agent
  • the gateway 200 is a network device that merges subflows transmitted through multiple paths or divides flows transmitted through a single path into subflows of multiple paths.
  • the gateway 200 may be located at a contact point of a multiple network, for example, at a contact point of an LTE network and a WiFi network.
  • the gateway 200 may be referred to as a multinet aggregation gateway (MA-GW).
  • MA-GW multinet aggregation gateway
  • the gateway 200 divides the data to transfer the received data to the multiple communication interfaces of the terminal 100.
  • the gateway 200 may transmit some data to the terminal 100 through the LTE network, and transmit the remaining data to the terminal 100 through the WiFi network.
  • the terminal 100 merges the data received through the plurality of communication interfaces.
  • the gateway 200 may merge the data transmitted by the terminal 100 using the multiple communication interface and transmit the merged data to the server 400.
  • the authentication server 300 authenticates the terminal by determining whether the terminal 100 is capable of multi-network merge service.
  • the authentication server 300 provides the terminal 100 with access information (IP address, port value, etc.) of the gateway 200 so that the authenticated terminal 100 can access the gateway 200.
  • the authentication server 300 periodically checks the authentication status of the terminal 100 and informs the terminal 100. If the terminal 100 is in a multi-network merge service unavailable state, the authentication server 300 transmits an authentication state and notification information to the terminal.
  • the authentication server 300 may be referred to as a multi-network aggregation policy engine (MultiNet Aggregation-Policy Engine MA-PE).
  • MA-PE multi-network aggregation policy engine
  • the merging technology of the WiFi network and the LTE network may be classified as follows according to the merging point.
  • L2 / link layer merging creates a dedicated tunnel to the WiFi AP at the boundary point of the LTE core and access network (ie, eNB).
  • L3 / network layer merging creates virtual IP tunnels to consolidate IP addresses used independently in LTE and WiFi networks.
  • L4 / Transport layer merging can create a session over a single access network and then participate in data transmission regardless of the IP addressing system, if additional access networks are available.
  • the communication subject at the application level supports a structure capable of data communication based on a single session using one or more access networks.
  • L7 / application layer merging is a dedicated application / network agent recombines data received through its own LTE network and WiFi network or separates application protocol data and transmits them.
  • MPTCP multipath TCP
  • the gateway 200 relays MPTCP data and TCP data.
  • the gateway 200 may be a proxy server that supports transmission and reception of data through MPTCP when the terminal 100 communicates with a general TCP server.
  • the server 400 and the server 500 do not support multiple communication interfaces.
  • the terminal 100 When the terminal 100 can use the multi-network merging service (for example, the multi-network merging service is activated), the terminal 100 and the gateway 200 are connected to the primary path (3G / LTE network) and the secondary path. (WiFi network) Data is transmitted and received through the primary and secondary subflows generated in each.
  • the primary path 3G / LTE network
  • the secondary path 3G / LTE network
  • WiFi network WiFi network
  • the terminal 100 communicates with server 500 via a default route without having to go through gateway 200.
  • the default path is a basic data transmission / reception path that is not connected to the gateway 200.
  • the Wi-Fi connection is established, the default path may be a WiFi network, and when the Wi-Fi connection is not established, the default path may be 3G / LTE.
  • FIG. 4 is a diagram illustrating a multi-network merge service setting screen in a terminal according to an embodiment of the present invention
  • FIG. 5 is a diagram illustrating traffic flow according to an embodiment of the present invention.
  • the terminal 100 includes a management application that allows a user to access, set a communication environment, and set a communication path for each application.
  • the management application is executed in the terminal 100 and displays a screen on which a user can access and set a communication environment on the display.
  • the management application displays a screen for configuring WiFi settings, mobile data settings, and multi-network merge settings (eg, GiGa LTE settings).
  • the management application displays an area 10 on which a multi-network merge (3G / LTE network + WiFi network) setting can be selected on the screen of the terminal 100.
  • a multi-network merging service is set in the terminal 100 (MultiNet ON), and the interworking function of the authentication server interworking unit and the gateway 200 implementing the interworking function with the authentication server 300 is implemented.
  • One gateway interworking unit operates to provide multi-network merge service.
  • ON means activation of the multi-network merge service
  • OFF means deactivation of the multi-network merge service.
  • the management application may display a screen for setting applications capable of data transmission through the multi-network merging.
  • Applications that can use the multi-network merge service may be referred to as whitelists.
  • the terminal 100 refers to an appropriate routing table, sets MPTCP parameters, and drives a network agent according to on / off of a multi-network merging service.
  • the terminal 100 may set the main subflow of MPTCP to 3G / LTE network and the sub subflow to WiFi network. Since the main subflow is connected in the 3G / LTE network, a stable network connection can be maintained as compared to the main subflow in the WiFi network.
  • the 3G / LTE network can immediately reinforce resources even if the connection is lost, but the WiFi network guarantees network connection only from the AP resource.
  • the terminal 100 may select a transmission network of each application based on the setting for each application. For example, the terminal 100 communicates with a server of some applications (eg, a messenger application) via an LTE network, and communicates with a server of some applications (eg, a social media application) via a WiFi network.
  • MPTCP may communicate with a server of some applications (eg, a video service application) through a gateway (MA-GW) 200. That is, the terminal 100 may transmit and receive data through an LTE network and a WiFi network when using an application belonging to a white list, and may transmit and receive data through a default path when using a messenger application.
  • a server of some applications eg, a messenger application
  • MPTCP may communicate with a server of some applications (eg, a video service application) through a gateway (MA-GW) 200. That is, the terminal 100 may transmit and receive data through an LTE network and a WiFi network when using an application belonging to a white list, and may transmit and receive data through a
  • the terminal 100 manages the MPTCP flow via the gateway 200 when the multi-network merging service is set.
  • the terminal 100 may switch to the default path in the multi-network merge transmission according to the abnormal situation or session management of the application.
  • the terminal 100 In order for the terminal 100 to communicate with the server 400 via the gateway 200 which is a proxy server, the terminal 100 and the gateway 200 interwork with the SOCKS protocol. Next, a method of interworking between a terminal and a gateway for a multi-network merging service will be described.
  • FIG. 6 is a flowchart illustrating a multi-network merging service method of a terminal according to an embodiment of the present invention.
  • the terminal 100 authenticates the use of the multi-network merge service by communicating with the authentication server 300 (S110). In addition, the terminal 100 periodically checks its authentication state by querying its multi-network merging service state.
  • the authenticated terminal 100 stores the access information of the gateway 200 received from the authentication server 300 (S120).
  • the gateway information may include an address type, an address, a port, and the like.
  • the terminal 100 When the application is driven to generate a packet transmitted to the server 400, the terminal 100 performs a proxy connection procedure with the gateway 200 (S130). Since the terminal 100 and the gateway 200 are connected based on the SOCKS protocol, it may be called a SOCKS connection procedure.
  • the server 400 may be referred to as a content server related to an application.
  • the terminal 100 generates a primary subflow connected to the gateway 200 (S140).
  • the main subflow is created in the 3G / LTE network, which is the main path, the mobile communication network.
  • the terminal 100 When connected to a local area network (for example, a WiFi network), the terminal 100 generates a secondary subflow that is added to the main subflow (S150). After generating the MPTCP main subflow in the 3G / LTE network, the terminal 100 generates a sub subflow in the WiFi network when connected to the WiFi network.
  • a local area network for example, a WiFi network
  • the terminal 100 After generating the MPTCP main subflow in the 3G / LTE network, the terminal 100 generates a sub subflow in the WiFi network when connected to the WiFi network.
  • the terminal 100 transmits and receives data through MPTCP communication through a main subflow and a sub subflow (S160).
  • the terminal 100 cleans up resources of the main subflow and the sub subflow (MPTCP connection release) (S170).
  • the terminal 100 and the gateway 200 exchange TCP SYN, SYN / ACK, and ACK for the TCP connection between the primary subflow and the secondary subflow, and add to the primary subflow during the TCP connection of the secondary subflow (join). )
  • FIG. 7 is a flowchart illustrating a gateway access method of a terminal according to an embodiment of the present invention.
  • the terminal 100 After the terminal 100 authenticates the use of the multi-network merging service from the authentication server 300, the terminal 100 obtains access information of the gateway 200 from the authentication server 300.
  • the application is driven to generate a packet (TCP SYN)
  • the terminal 100 accesses the gateway 200 through a SOCKS connection procedure.
  • the network agent (particularly, the gateway interworking unit implementing the interworking function with the gateway 200) implemented by the internal logic of the terminal 100 performs the connection procedure with the gateway 200 while communicating with the application.
  • the terminal 100 When the application is driven, the terminal 100 makes a TCP connection with the gateway 200 (S210). TCP is connected after the exchange of TCP SYN, SYN / ACK, and ACK.
  • the terminal 100 When the TCP connection is completed, the terminal 100 attempts a proxy connection to the gateway 200 (S220).
  • the SOCKS protocol can be used for proxy connections.
  • the terminal 100 may transmit SOCKS protocol information to the gateway 200 for proxy connection.
  • the SOCKS protocol information may include SOCKS Version, Method Selection, and the like.
  • the user information may be a username and a password.
  • the terminal 100 transmits a SOCKS Authentication Request including user information to the gateway 200 (S240).
  • the gateway 200 transmits a user authentication result (SOCKS Authentication Response) to the terminal 100 (S250).
  • the gateway 200 may check whether the terminal 100 corresponding to the user information is authenticated by communicating with the authentication server 300.
  • the terminal 100 transmits a SOCKS connection request including server information to the gateway 200 (S260).
  • the server information may include an address (IP), a domain, a server port, and the like. If the user authentication result is not successful, the terminal 100 determines the reason for rejection (or failure reason) according to the user authentication result, and performs an operation specified in the user authentication result (see Table 2).
  • the terminal 100 manages the SOCKS connection exceptions and, in the case of the SOCKS connection exceptions, may connect to the server through the default path instead of the SOCKS connection with the gateway 200.
  • the server address is a specific address (for example, a private IP address or an unauthenticated address) or an application or service designated to use a default route corresponds to a SOCKS connection exception
  • the network agent of the terminal 100 The SOCKS connection request may be made to the gateway 200 without using the SOCKS connection request.
  • a default path may be set so that an interface such as VoLTE of LTE is not performed by MPTCP communication (MP_JOIN, MP_CAPABLE).
  • the gateway 200 transmits a server connection result (SOCKS Connection Reply) to the terminal 100 (S270).
  • the gateway 200 confirms the connection state by communicating with the server (TCP communication) based on the server information included in the connection request.
  • the terminal 100 transmits and receives data to and from the server 400 through the gateway 200 (S280). If the server connection result is successful, the terminal 100 generates a sub-flow and transmits / receives data by MPTCP communication with the gateway 200. If the server connection result is not successful, the terminal 100 accesses the server through the default path without passing through the gateway 200 (see Table 3).
  • User information can be defined as shown in Table 1.
  • username is an identifier for International Mobile Subscriber Identity (IMSI) and Mobile Station ISDN (MSISDN).
  • MSISDN Mobile Station ISDN
  • the terminal 3G / LTE IP, a service destination IP (Content Provider IP), a service package name, and a terminal model name may be configured, but may be variously changed.
  • the MSISDN may utilize USIM information of the terminal 100.
  • Type Contents Username Variable (up to 255) Char IMSI; MSISDN; Terminal 3G / LTE IP; Service Destination IP; Service Package Name; Terminal Model Name Password Variable (up to 255) Char Random generation
  • the gateway 200 transmits a user authentication result (SOCKS Authentication Response) to the terminal 100. If the user authentication result is not successful (0x00), the terminal operation according to the user authentication result may be defined as shown in Table 2. .
  • username parsing errors are those found when parsing usernames, for example information length errors, username and password decryption errors, and information that configures usernames (IMSI, MSISDN, 3G / LTE IP, CP IP, package name).
  • the rejection of the application means reasons for rejection such as MSISDN rejection, 3G / LTE IP rejection, CP IP rejection, terminal model name rejection, and rejection by user name (subscriber information) combination.
  • the gateway 200 transmits a server connection result to the terminal 100.
  • the server connection result is not successful (0x00)
  • the terminal operation according to the server connection result may be defined as shown in Table 3 below. .
  • an application running in the terminal 100 may transmit a UDP (User Datagram Protocol).
  • UDP User Datagram Protocol
  • step S250 the terminal 100 transmits a UDP Associate, including a UDP Associate, when transmitting a SOCKS Connection Request including server information to the gateway 200.
  • a UDP Associate including a UDP Associate
  • SOCKS Connection Request UDP Associate At the first connection, both a destination address and a destination port of the SOCKS Connection Request UDP Associate are set to zero.
  • the gateway 200 transmits a server connection result (SOCKS Connection Reply) to the terminal 100, including a UDP proxy address and a port for the UDP connection. Then, the terminal 100 transmits UDP data to the UDP proxy address.
  • SOCKS Connection Reply a server connection result
  • the network agent of the terminal 100 When the network agent of the terminal 100 receives the UDP data from the application, the network agent transmits a SOCKS UDP Request Header message including the UDP data to the proxy server.
  • UDP send / receive data generated by an application is transmitted and received using a SOCKS socket opened by a SOCKS UDP Associate.
  • the SOCKS UDP Request Header message may include the information of Table 4.
  • the terminal 100 fixes the communication interface of the socket (application socket) that the application looks at as the main path 3G / LTE.
  • the terminal 100 separates the socket (application socket) viewed by the application from the socket (system socket) viewed by the network stack of the terminal 100.
  • the terminal 100 fixes the communication interface of the socket viewed by the application to a specific communication interface (for example, LTE) and connects to the actual access network through the communication interface set based on a routing table set system-wide. That is, the terminal 100 is always-on state such as 3G / LTE, anytime, anywhere communication interface fixed by the communication interface of the socket bound to the application, always establishes the IP address and global mobility (global mobility) Support.
  • the terminal 100 may process the source binding recognized by the application socket introduced into the network agent as 3G / LTE.
  • FIG. 8 is a flowchart of a MPTCP connection release method according to an embodiment of the present invention.
  • the terminal 100 when data transmission and reception of an application is finished through MPTCP, the terminal 100 organizes resources of the main subflow and the sub subflow (MPTCP connection release). After the data transmission and reception through the MPTCP is finished, the terminal 100 organizes the MPTCP session in the SOCKS session into the FIN operation and transmits a TCP FIN response to the application. At this time, if the secondary subflow is lost due to the weak electric field, the terminal 100 automatically cleans up the MPTCP subflow without a FIN request, and then normally transmits a TCP FIN response to the application.
  • the application of the terminal 100 transmits and receives data, it requests a TCP termination (FIN) to the network agent (S310).
  • FIN TCP termination
  • the network agent of the terminal 100 requests data FIN to the gateway 200 (S320).
  • the gateway 200 transmits a response (Data FIN / ACK) to the terminal 100 to terminate the data transmission / reception request (S322).
  • the gateway 200 communicates with a server to which an application is connected to perform a TCP FIN procedure.
  • the network agent of the terminal 100 requests the gateway 200 to terminate the primary subflow and the secondary subflow (FIN) (S330 and 332).
  • the gateway 200 transmits a response (FIN / ACK) to the terminal 100 in response to the termination request of the main subflow and the sub subflow (S340 and S342).
  • the network agent of the terminal 100 transmits a response to the TCP termination request (TCP FIN / ACK) to the application (S350).
  • the TCP session is arranged between the network agent and the application inside the terminal 100.
  • FIG. 9 is a flowchart of a multi-network merge service deauthentication method according to an embodiment of the present invention.
  • the terminal 100 transmits a SOCKS Connection Request including server information to the gateway 200.
  • the gateway 200 transmits a user authentication result (SOCKS Authentication Response) to the terminal 100.
  • the user authentication result may be a rejection (0x30) for a subscriber who cannot use the multi-network merge service.
  • the terminal 100 stops the SOCKS connection procedure with the gateway 200, and proceeds with the multi-network merge service authentication release procedure with the authentication server 300 as follows.
  • the terminal 100 transmits a multi-network merge service deactivation request message (MA Service Deactivation Request) to the authentication server 300 (S410).
  • MA Service Deactivation Request a multi-network merge service deactivation request message
  • the authentication server 300 transmits a multi-network merge service deactivation response message (MA Service Deactivation Response) including the response information to the terminal 100 (S420).
  • MA Service Deactivation Response a multi-network merge service deactivation response message
  • the multi-network merge service deactivation request message (MA Service Deactivation Request) includes the information of Table 5.
  • the multi-network merge service deactivation request message includes a username, a password, and reason information.
  • the reason may include the network state and the reason for deactivation at the time of the deactivation request, as shown in Table 7.
  • the network state at the time of the deactivation request may indicate, for example, network connection states such as LTE and WiFi (LTE + WiFi), 3G and WiFi (3G + WiFi), LTE (LTE Only), and 3G (3G Only).
  • the reason for deactivation may be due to the fact that the multi-network merge service setting is requested to be released by the user or an error occurred during authentication (SOCKS Authentication) between the terminal 100 and the gateway 200 after authentication by the authentication server 300 is completed. Indicates whether release was requested.
  • the multi-network merge service deactivation response message (MA Service Deactivation Response) includes the information of Table 6.
  • the multi-network merge service deactivation response message may include a response result for the deactivation request, and the response result may include information (Accepted) that accepted the deactivation request. That is, information that accepts the deactivation request (Accepted) means deauthorization.
  • FIG. 10 is a flowchart illustrating a method for processing a proxy connection error of a terminal according to an embodiment of the present invention.
  • the terminal 100 retries the SOCKS connection in the case of no response of the TCP SYN and the failure of the SOCKS connection delivered to the gateway 200, and if the retry result also fails, the data is set as the default path only for the corresponding session. Can transmit and receive.
  • the terminal 100 attempts a SOCKS connection to the gateway 200 (S510).
  • the terminal 100 attempts a SOCKS connection to the primary address of the gateway 200.
  • the terminal 100 determines whether to connect to the SOCKS (S520). If the SOCKS connection is successful, data is transmitted and received via MPTCP according to the procedures described with reference to FIGS. 6 and 7.
  • the terminal 100 checks whether there is a second address (secondary IP) of the gateway 200 (S530).
  • the second address (secondary IP) may be received from the authentication server 300 along with the primary address (primary IP).
  • the terminal 100 attempts a SOCKS connection to the gateway 200 of the second address (S540).
  • the terminal 100 determines whether to connect to SOCKS (S542). If the SOCKS connection is successful, data is transmitted and received via MPTCP according to the procedures described with reference to FIGS. 6 and 7.
  • the terminal 100 determines whether the number of retries is less than the reference number N (S550).
  • the reference number may be two times.
  • the terminal 100 obtains a new address of the gateway from the authentication server 300 (S560).
  • the terminal 100 attempts a SOCKS connection to a new address of the gateway.
  • the terminal 100 transmits a multi-network merge service activation request message (MA Service Activation Request) to the authentication server 300 to obtain a new address of the gateway.
  • MA Service Activation Request multi-network merge service activation request message
  • the terminal 100 transmits and receives data in a default path (S570). Although the SOCKS connection fails, even if data is transmitted and received by the default path, the terminal 100 periodically transmits a multi-network merge service status query message to the authentication server 300, and the multi-network merge service is If available, the connection with the gateway 200 may be maintained.
  • the terminal 100 moves to step S550 to determine the number of retries.
  • the terminal 100 transmits a multi-network merge service activation request message to the authentication server 300, and receives a multi-network merge service activation response message (MA Service Activation Response) in response.
  • the multi-network merge service activation response message includes at least one address of the gateway 200.
  • the terminal 100 when the gateway 200 obtained from the authentication server 300 has one address, when the SOCKS connection fails, the terminal 100 sends a multi-network merge service activation request message to the authentication server 300. Retransmit to reacquire the address of the gateway 200. The reacquired address is different from the previously obtained address.
  • the network agent connects two or more SOCKS in an application, regardless of the number of TCP sessions, a single network merge service activation request message is transmitted to the authentication server 300.
  • the terminal 100 retries the SOCKS connection through the address of the acquired gateway 200 again. If the SOCKS connection fails even with the reacquired address, the terminal 100 transmits and receives data by connecting to the default path only for the corresponding session.
  • the terminal maintains a GiGA LTE indicator. Due to the SOCKS connection failure, the session connecting to the default path periodically sends a MA Service Status Query Request to the authentication server 300 to check whether the MNET service is available, and If the network merge service is available, it may attempt to connect with the gateway 200.
  • the terminal 100 when the addresses of the gateway 200 obtained from the authentication server 300 are plural (for example, two), if the SOCKS connection attempted with the first address fails, the terminal 100 is connected to the gateway ( Retry SOCKS connection to the second address of 200). If the SOCKS connection fails even with the second address, the terminal 100 retransmits the multi-network merge service activation request message to the authentication server 300 to reacquire the address of the gateway 200. If the SOCKS connection fails even with the reacquired address, the terminal 100 transmits and receives data by connecting to the default path only for the corresponding session. Due to the SOCKS connection failure, the session connecting to the default path periodically sends a MA Service Status Query Request to the authentication server 300 to check whether the MNET service is available, and If the network merge service is available, it may attempt to connect with the gateway 200.
  • FIG. 11 is a hardware block diagram of a terminal according to an embodiment of the present invention.
  • the terminal 100 includes a processor 810, a memory device 820, a storage device 830, a display 840, a communication device 850, and a speaker / microphone 860. It is composed of hardware and stores a program executed in combination with hardware in a designated place.
  • the hardware has the configuration and performance to implement the method of the present invention.
  • the program includes instructions implementing the operating method of the present invention described with reference to FIGS. 1 to 10, and executes the present invention in combination with hardware such as the processor 810 and the memory device 820.
  • the program may include instructions for operating a network agent implemented by a management application and internal terminal logic.
  • the network agent includes an authentication server interworking unit implementing the interworking function with the authentication server 300 and a gateway interworking unit implementing the interworking function with the gateway 200.
  • the terminal also includes various application programs.
  • the gateway 200 and the authentication server 300 are also composed of hardware including a processor, a memory device, a storage device, a communication device, and the like, and a program is stored in a designated place and executed in combination with the hardware.
  • the hardware has the configuration and performance to implement the method of the present invention.
  • the program includes instructions for implementing the operating method of the present invention described with reference to FIGS. 1 to 10, and executes the present invention in combination with hardware such as a processor and a memory device.
  • the gateway providing the multi-network merging service since the gateway providing the multi-network merging service provides the user authentication result and the server connection result to the terminal, the terminal may maintain or release the multi-network merging service setting based on the reception result. have.
  • the user can easily recognize whether the multi-network merge service is available by recognizing the connection state for the multi-network merge service based on the user authentication result and the server connection result provided from the gateway.
  • the embodiments of the present invention described above are not only implemented through the apparatus and the method, but may be implemented through a program for realizing a function corresponding to the configuration of the embodiments of the present invention or a recording medium on which the program is recorded.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Databases & Information Systems (AREA)
  • Computer Security & Cryptography (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

L'invention concerne un procédé pour un terminal fonctionnant pour un service de regroupement de réseaux multiples, comprend les étapes suivantes : réception, de la part d'un serveur d'authentification, d'informations d'accès d'une passerelle fournissant un service de regroupement de réseaux multiples; si un paquet qui est transmis au serveur se produit, exécution d'une procédure de connexion en accédant, par le biais d'un premier réseau, à la passerelle correspondant aux informations d'accès; si la procédure de connexion réussit, génération d'un premier sous-flux par le biais du premier réseau; et génération, par le biais d'un deuxième réseau, d'un deuxième sous-flux qui est ajouté au premier sous-flux. La passerelle est un dispositif de réseau qui est positionné sur le point de contact du premier réseau et du deuxième réseau, et qui se connecte par l'intermédiaire d'un proxy au terminal et au serveur afin de permettre une communication de données entre le terminal et le serveur.
PCT/KR2016/002814 2015-06-29 2016-03-21 Dispositif de réseau et terminal pour transmission à regroupement de réseaux multiples, et son procédé de fonctionnement WO2017003065A1 (fr)

Priority Applications (1)

Application Number Priority Date Filing Date Title
EP16818098.2A EP3301969B1 (fr) 2015-06-29 2016-03-21 Dispositif de réseau et terminal pour transmission à regroupement de réseaux multiples, et son procédé de fonctionnement

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
KR10-2015-0092490 2015-06-29
KR20150092490 2015-06-29
KR10-2016-0018033 2016-02-16
KR1020160018033A KR101689012B1 (ko) 2015-06-29 2016-02-16 다중망 병합 전송을 위한 네트워크 장치 및 단말, 그리고 이들의 동작 방법

Publications (1)

Publication Number Publication Date
WO2017003065A1 true WO2017003065A1 (fr) 2017-01-05

Family

ID=57607811

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/KR2016/002814 WO2017003065A1 (fr) 2015-06-29 2016-03-21 Dispositif de réseau et terminal pour transmission à regroupement de réseaux multiples, et son procédé de fonctionnement

Country Status (1)

Country Link
WO (1) WO2017003065A1 (fr)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20200044593A (ko) * 2018-10-19 2020-04-29 주식회사 케이티 비프록시 기반 다중 경로 전송 시스템, 그리고 이의 세션 연결을 위한 인증 방법
CN112005533A (zh) * 2018-02-22 2020-11-27 瑞典爱立信有限公司 代理多路径协议连接的方法和设备

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2011065708A2 (fr) * 2009-11-26 2011-06-03 삼성에스디에스 주식회사 Système et procédé pour la gestion d'adresses ipv6 et politique d'accès
WO2011136581A2 (fr) * 2010-04-29 2011-11-03 엘지전자 주식회사 Procédé de réglage de réseau et récepteur iptv utilisant le procédé
KR20130006385A (ko) * 2012-08-24 2013-01-16 주식회사에어플러그 고정 호스트 주소에 기반하여 복수의 이종망(異種網)들을 선택적으로 사용하여 데이터 송수신할 수 있게 하는 장치와 이를 위한 방법
US20130195004A1 (en) * 2012-01-31 2013-08-01 Karl Georg Hampel Method and apparatus for multipath protocol packet relay
KR20140081497A (ko) * 2012-12-21 2014-07-01 주식회사 케이티 이종망간 이동성 제공 시스템 및 이동성 제공 방법

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2011065708A2 (fr) * 2009-11-26 2011-06-03 삼성에스디에스 주식회사 Système et procédé pour la gestion d'adresses ipv6 et politique d'accès
WO2011136581A2 (fr) * 2010-04-29 2011-11-03 엘지전자 주식회사 Procédé de réglage de réseau et récepteur iptv utilisant le procédé
US20130195004A1 (en) * 2012-01-31 2013-08-01 Karl Georg Hampel Method and apparatus for multipath protocol packet relay
KR20130006385A (ko) * 2012-08-24 2013-01-16 주식회사에어플러그 고정 호스트 주소에 기반하여 복수의 이종망(異種網)들을 선택적으로 사용하여 데이터 송수신할 수 있게 하는 장치와 이를 위한 방법
KR20140081497A (ko) * 2012-12-21 2014-07-01 주식회사 케이티 이종망간 이동성 제공 시스템 및 이동성 제공 방법

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112005533A (zh) * 2018-02-22 2020-11-27 瑞典爱立信有限公司 代理多路径协议连接的方法和设备
CN112005533B (zh) * 2018-02-22 2023-11-07 瑞典爱立信有限公司 代理多路径协议连接的方法和设备
US12058031B2 (en) 2018-02-22 2024-08-06 Telefonaktiebolaget Lm Ericsson (Publ) Methods and apparatuses for proxying a multi-path protocol connection
KR20200044593A (ko) * 2018-10-19 2020-04-29 주식회사 케이티 비프록시 기반 다중 경로 전송 시스템, 그리고 이의 세션 연결을 위한 인증 방법
KR102553166B1 (ko) * 2018-10-19 2023-07-06 주식회사 케이티 비프록시 기반 다중 경로 전송 시스템, 그리고 이의 세션 연결을 위한 인증 방법

Similar Documents

Publication Publication Date Title
CN112586004B (zh) 用于在用户设备组内使能专用通信的系统、方法和介质
US11722434B2 (en) Interactions between a broadband network gateway and a fifth generation core
US11265294B2 (en) Method for secure WiFi calling connectivity over managed public WLAN access
US8514828B1 (en) Home virtual local area network identification for roaming mobile clients
WO2021045573A1 (fr) Appareil et procédé de fourniture de données d'abonnement à un terminal enregistré non abonné dans un système de communication sans fil
CN1722661B (zh) 认证系统、网络线路级联器和认证方法
US8543092B2 (en) Access method of network terminals, access system and gateway
WO2017078459A1 (fr) Procédé, équipement d'utilisateur et nœud de réseau pour la protection de la confidentialité de l'utilisateur dans des réseaux
US9408061B2 (en) Distributed network layer mobility for unified access networks
US20170244705A1 (en) Method of using converged core network service, universal control entity, and converged core network system
US9756148B2 (en) Dynamic host configuration protocol release on behalf of a user
KR101689012B1 (ko) 다중망 병합 전송을 위한 네트워크 장치 및 단말, 그리고 이들의 동작 방법
US8982883B2 (en) Method and apparatus for aiding the establishment of the multicast backhaul in the fixed network for mobile multicast service
WO2016153310A1 (fr) Procédé et appareil de préformage d'un accès initial sur la base de la catégorie acdc dans un système d'accès sans fil
WO2020256484A1 (fr) Dispositif de réseau et procédé de recherche d'un service périphérique mis en œuvre dans le dispositif de réseau
US20230156468A1 (en) Secure Communication Method, Related Apparatus, and System
KR20230008824A (ko) 보안 통신 방법 및 관련 장치 그리고 시스템
WO2017003065A1 (fr) Dispositif de réseau et terminal pour transmission à regroupement de réseaux multiples, et son procédé de fonctionnement
KR20040092911A (ko) 사설 무선 고속 데이터 시스템의 데이터 호 처리 장치 및그 방법
CN113676904B (zh) 切片认证方法及装置
WO2017003064A1 (fr) Dispositif de réseau et terminal pour une transmission d'agrégation multi-réseau, et son procédé de fonctionnement
WO2011032478A1 (fr) Procédé, dispositif et terminal pour obtenir un identifiant de terminal
WO2021164458A1 (fr) Procédé de communication, appareil associé, et support de stockage lisible par ordinateur
US20200137726A1 (en) Communications device and communication method
WO2021066577A1 (fr) Appareil et procédé pour gérer une session de pdu permanente dans un système de communication sans fil

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 16818098

Country of ref document: EP

Kind code of ref document: A1

WWE Wipo information: entry into national phase

Ref document number: 2016818098

Country of ref document: EP

NENP Non-entry into the national phase

Ref country code: DE