WO2018149482A1 - Providing access to a device - Google Patents

Providing access to a device Download PDF

Info

Publication number
WO2018149482A1
WO2018149482A1 PCT/EP2017/053277 EP2017053277W WO2018149482A1 WO 2018149482 A1 WO2018149482 A1 WO 2018149482A1 EP 2017053277 W EP2017053277 W EP 2017053277W WO 2018149482 A1 WO2018149482 A1 WO 2018149482A1
Authority
WO
WIPO (PCT)
Prior art keywords
address
request
domain name
private
source
Prior art date
Application number
PCT/EP2017/053277
Other languages
French (fr)
Inventor
Zhigang QU
Antti Tapio LEIVO
Original Assignee
Nokia Solutions And Networks Oy
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nokia Solutions And Networks Oy filed Critical Nokia Solutions And Networks Oy
Priority to PCT/EP2017/053277 priority Critical patent/WO2018149482A1/en
Publication of WO2018149482A1 publication Critical patent/WO2018149482A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/25Mapping addresses of the same type
    • H04L61/2503Translation of Internet protocol [IP] addresses
    • H04L61/256NAT traversal
    • H04L61/2582NAT traversal through control of the NAT server, e.g. using universal plug and play [UPnP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/45Network directories; Name-to-address mapping
    • H04L61/4505Network directories; Name-to-address mapping using standardised directories; using standardised directory access protocols
    • H04L61/4511Network directories; Name-to-address mapping using standardised directories; using standardised directory access protocols using domain name system [DNS]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/25Mapping addresses of the same type
    • H04L61/2503Translation of Internet protocol [IP] addresses
    • H04L61/2514Translation of Internet protocol [IP] addresses between local and global IP addresses

Definitions

  • the exemplary and non-limiting embodiments of the invention relate generally to communications.
  • IP Internet Protocol
  • IP version 4 addresses have been used.
  • IP v6 addresses have been taken into use.
  • majority of addresses are still according to IPv4.
  • IPv4 addresses may be used in local or private networks, for example.
  • a network address table may be configured to map the private address to a public address enabling thus communication between different networks.
  • IP addresses may be static or dynamic. Dynamic addresses are typically valid per session, for example. An address is given to a device when a network connection with the device is established. Whenever a session expires and a new ses- sion is created, the IP address may change.
  • One problem related to dynamic private addresses is that accessing a device which has dynamic private address. A device with such an address may initiate a connection with a device or server in the Internet, but accessing such a device from the Internet is not a simple task. Brief description
  • Figure 1 illustrates an example of communication environment where embodiments of the invention may be applied
  • Figure 2 is a flowchart illustrating an embodiment
  • Figures 3A and 3B are signalling charts illustrating an embodiment
  • Figure 4 illustrates an example of obtaining an alias for domain name prefix
  • Figure 5 illustrates a simplified example of an apparatus applying some embodiments of the invention.
  • Embodiments are applicable to any base station, user equipment (UE], server, corresponding component, and/or to any communication system or any combination of different communication systems that support required functionality.
  • UE user equipment
  • UMTS universal mobile telecommunications system
  • LTE long term evolution
  • LTE-A long term evolution advanced
  • WLAN Wireless Local Area Network
  • WiMAX worldwide interoperability for microwave ac-cess
  • Bluetooth® personal communications services
  • UWB ultra-wideband
  • IEEE refers to the Institute of Electrical and Electronics Engineers.
  • Figure 1 illustrates an example of communication environment where embodiments of the invention may be applied.
  • the environment comprises a device 100.
  • the device may in general be a communicating device such as a mobile phone, user equipment, user terminal, personal computer, tablet, or any other de- vice capable for communicating with a communication network.
  • the device is an IoT device.
  • the device comprises an identifier. Examples of suitable identifiers are International Mobile Subscriber Identity IMSI, Mobile Equipment Identifier MEID, International Mobile Station Equipment Identity IMEI, and Mobile Station International Subscriber Directory Number MSIDSN.
  • the identifier may be any other unique identity for a device or a subscriber (user of the device ⁇ .
  • a virtual private network VPN server software may be installed ad running in the device.
  • the environment further comprises Public Data Network PDN Gateway 102, P-GW.
  • P-GW provides connectivity from the device 100 to other networks.
  • the P-GW also provides devices Internet Protocol addresses.
  • the P-GW provides the devices a dynamic private IP addresses.
  • a DNS server 104 provides translation from numeric IP addresses to domain names, which are easier to use.
  • a Network Address Table NAT entity 106 maintains a data base of IP addresses and may be configured to map IP address space into another address space, thus hiding, for example, internal addresses from outside networks. In this example, we may assume that the NAT entity has a pool of public IP addresses 88.114.39.2-15, for example.
  • the IoT device 100 may reside behind a firewall 108 regarding Internet 110.
  • the firewall may be configured to allow access to the IP addresses 88.114.39.2-15, in this example
  • an apparatus 112 such as a computer may need to communicate with the device 100. Thus, it needs to be able to initiate a TCP (Transmission Control Protocol] connection to the device 100.
  • TCP Transmission Control Protocol
  • a TCP connection can be used in setting up a secure VPN tunnel so that the apparatus 112 can access the data in the IoT device, for example.
  • DNS Transmission Control Protocol
  • the IP addresses used by DNS servers are relative static. The IP addresses for a domain name could be changed, but not very dynamically.
  • ordinary DNS technology cannot be applied for the dynamic private IP addresses used in mobile networks. This is problematic especially when IPv4 addresses are used. IPv6 addresses do not have this problem.
  • the IoT device 100 When the IoT device 100 is switched on or is to be connected to network, is first attached itself to the network. In this example we may assume that the device 100 has MSIDSN 12345678 as its identity. The device transmits a message 300 to the P-GW 102, the message comprising the identity (MSISDN] of the device.
  • MSISDN identity
  • the P-GW 102 is configured to allocate a dynamic private Internet Protocol (IP] address for the device 100 and transmit 302 information on the IP address to the device 102.
  • IP Internet Protocol
  • the P-GW is configured to transmit 304 information on the private IP address allocated for the device 100 to the DNS server 102.
  • the information comprises the IP address and the identity of the device.
  • the DNS server is configured to receive 200 the information.
  • the DNS server is further configured to create 202 a domain name for the device 100 on the basis of the information.
  • the domain name comprises a prefix identifying the device and a pre-configured postfix.
  • the postfix of the domain name is typically selected by the operator of the mobile network. Let us assume in this example that the postfix is iot.nokia.com.
  • the prefix may be the MSISDN, 12345678 in this example.
  • the prefix of the domain name may IMSI, MEID, IMEI or any other unique identity for the device or the subscriber (user of the device].
  • the apparatus 12 When the apparatus 12 wishes to communicate with the device 100, is sends a request 306 to the DNS server 104 for the IP address of the device, the request comprising the domain name and the address of the apparatus.
  • the IP address of the apparatus 112 is 205.112.10.17.
  • the DNS server 104 receives 204 the request.
  • the request may arrive in the DNS server directly or via other DNS servers.
  • the DNS server is configured to transmit 206 to a network address table entity a rule 308.
  • the rule may comprise a destination address (the address with which the apparatus 112 will use as address of the device 100 (in this example 88.114.39.2], the address of the apparatus 112 (in this example 205.112.10.17], and the private address of the device 100 (in this example 88.114.39.2].
  • the rule further may comprise instructions to map the traffic coming from the address of the apparatus 112 and addressed to the destination address to the private address of the device 112 and vice versa.
  • the DNS server is configured to transmit 208 the destination address 310 to the apparatus 112.
  • the apparatus 112 After the apparatus 112 has received the IP address, the apparatus can send 312 IP packets to the NAT entity 106 for setting up TCP (and possibly VPN connections ⁇ .
  • the NAT entity 106 When the NAT entity 106 has received packet from the apparatus 112, it uses the NAT rule received from the DNS server to forward 314 the packets to IoT device 100.
  • the P-GW 102 is configured to inform DNS server 104 to remove the IP address and domain name of the device.
  • the DNS server 104 does not need to authenticate the users for updating DNS records. It increases safety when the DNS records can be only updated by an internal network element within a private network.
  • the service can be available for all of subscribers of an Access Point Name, so that subscribers do not need to open a dynamic DNS account.
  • the prefix of the domain name may MSISDN, IMEI or any other identity unique to the device or subscriber. While MSISDN or corresponding identities are not a problem for machine to machine type of communication, they are not so easily memorised and handled by human beings.
  • alias may be created for the prefix, which could be configured when the subscription of the MSISDN is made.
  • the alias may be alphanumeric string, for example.
  • the subscriber may request to have an alias for his/her SIM card.
  • the alias has to be unique within the scope of the operator and will be saved into SPR, Subscription Profile Repository.
  • P-GW 102 may be configured to use Gx Interface to send 400 a CCR, Credit Control Request, initial message to PCRF (Policy and Charging Rules Function] 402.
  • the PCRF may use Sp Interface 404 with SPR 406 for getting subscriptions of the SIM.
  • the SPR transmits 408 the subscription information to the PCRF, the information includes many items, and one of the items in this case may be the alias of the SIM.
  • the PCRF may add a new Attribute Value Pair, AVP, on top of existing AVPs into the CCA, Credit Control Answer, with Attribute name: Domain-name-pre- fix and Attribute value: the alias of the SIM and transmit a response 410 to P-GW.
  • AVP Attribute Value Pair
  • the prefix alias can be sent to P-GW from PCRF by adding a new AVP, and then P-GW informs the alias to the DNS server.
  • an operator can have a web portal for updating subscriber information. Subscribers can update their prefix alias of domain name via the portal.
  • a web application can be included for updating DNS configuration.
  • the P-GW can add a new HTTP header for the HTTP requests sent to the web application for indicating the MSISDN of the subscriber.
  • the web application can check if the Domain-Name-Prefix is unique, and update DNS database if so.
  • Figure 5 illustrates an embodiment.
  • the figure illustrates a simplified example of an apparatus applying embodiments of the invention.
  • the apparatus may be a DNS server 104.
  • the apparatus is depicted herein as an example illustrating some embodiments. It is apparent to a person skilled in the art that the apparatus may also comprise other functions and/or structures and not all described functions and structures are required. Although the apparatus has been depicted as one entity, different modules and memory may be implemented in one or more physical or logical entities.
  • the apparatus of the example includes a control circuitry 500 config- ured to control at least part of the operation of the apparatus.
  • the apparatus may comprise a memory 502 for storing data. Furthermore the memory may store software 504 executable by the control circuitry 500. The memory may be integrated in the control circuitry.
  • the apparatus may further comprise a first interface circuitry 506 con- figured to connect the apparatus to other devices and network elements of communication system, for example to P-GW.
  • the apparatus may further comprise a second interface circuitry 508 configured to connect the apparatus to other devices and network elements of communication system, for example to NAT entity.
  • First and second interfaces may be implemented with the separate or the same hardware.
  • the software 504 may comprise a computer program comprising program code means adapted to cause the control circuitry 500 of the apparatus to receive information on a private Internet Protocol (IP] address allocated for a device attached to the network and the identity of the device; create a domain name for the device on the basis of the information, the domain name comprising a prefix identifying the device and a pre-configured postfix; receive a request for the IP address of the device, the request comprising the domain name and the address of the source of the request; transmit to a network address table entity a rule comprising a destination address, the address of the source of the request and the pri- vate address of the device and a instructions to map the traffic coming from the address of the source of the request and the addressed to the destination address to the private address of the device and vice versa; and
  • the apparatus in a mobile communication network comprises: means for receiving information on a private Internet Protocol (IP] address allocated for a device attached to the network and the identity of the device; means for creating a domain name for the device on the basis of the information, the domain name comprising a prefix identifying the device and a pre-configured postfix; means for receiving a request for the IP address of the device, the request comprising the domain name and the address of the source of the request; means for transmitting to a network address table entity a rule comprising a destination address, the address of the source of the request and the private address of the device and a instructions to map the traffic coming from the address of the source of the request and the addressed to the destination address to the private address of the device and vice versa; and means for transmitting, as a response to the request, the destination address to the source of the request.
  • IP Internet Protocol
  • a system in a communication system comprises a gateway apparatus and a network apparatus, where the gateway apparatus comprises means for receiving identity of a device attaching itself to the communica- tion network, means for allocating a private Internet Protocol (IP] address for a device; and means for transmitting information on the private Internet Protocol (IP] address and the identity of the device to the network apparatus; and the network apparatus comprises means for receiving information on a private Internet Protocol (IP] address allocated for a device attached to the network and the iden- tity of the device, means for creating a domain name for the device on the basis of the information, the domain name comprising a prefix identifying the device and a pre-configured postfix, means for receiving a request for the IP address of the device, the request comprising the domain name and the address of the source of the request, means for transmitting to a network address table entity a rule comprising a destination address, the address of the source of the request and the private address of the device and a instructions to map the traffic coming from the address of the source

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

A method, a system and an apparatus in a mobile communication network are disclosed. The method comprises receiving (200) information on a private Internet Protocol (IP] address allocated for a device attached to the network and the identity of the device, creating (202) a domain name for the device on the basis of the information, the domain name comprising a prefix identifying the device and a pre-configured postfix, receiving (204) a request for the IP address of the device, the request comprising the domain name and the address of the source of the request, transmitting (206) to a network address table entity a rule comprising a destination address, the address of the source of the request and the private address of the device and a instructions to map the traffic coming from the address of the source of the request and the addressed to the destination address to the private address of the device and vice versa; and as a response to the request, transmitting (208) the destination address to the source of the request.

Description

PROVIDING ACCESS TO A DEVICE
Technical Field
The exemplary and non-limiting embodiments of the invention relate generally to communications.
Background
The use of mobile communications has increased greatly in recent decades and is the growth is expected to continue as more and more services utilise mobile communication networks. One growing sector is Internet of Things (IoT], where devices or machines communicate over Internet with other respective apparatuses, being not necessarily under continuous human control. In addition, privacy issues have been important.
Communication between devices in Internet is based on Internet Protocol (IP] addresses. Until recently, IP version 4 addresses have been used. In recent years, IP v6 addresses have been taken into use. However, majority of addresses are still according to IPv4. The amount of different IPv4 addresses is limited, and that is one reason why private IP addresses have been used. Private IP addresses may be used in local or private networks, for example. When communicating with an outside network, a network address table (NAT] may be configured to map the private address to a public address enabling thus communication between different networks.
IP addresses may be static or dynamic. Dynamic addresses are typically valid per session, for example. An address is given to a device when a network connection with the device is established. Whenever a session expires and a new ses- sion is created, the IP address may change. One problem related to dynamic private addresses is that accessing a device which has dynamic private address. A device with such an address may initiate a connection with a device or server in the Internet, but accessing such a device from the Internet is not a simple task. Brief description
According to an aspect of the present invention, there is provided a method as claimed in claim 1, an apparatus as claimed in claim 6, a system as claimed in claim 11 and a computer program product embodied on a distribution medium as claimed in claim 12. One or more examples of implementations are set forth in more detail in the accompanying drawings and the description below. Other features will be apparent from the description and drawings, and from the claims.
Brief description of the drawings
In the following the invention will be described in greater detail by means of preferred embodiments with reference to the attached [accompanying] drawings, in which
Figure 1 illustrates an example of communication environment where embodiments of the invention may be applied;
Figure 2 is a flowchart illustrating an embodiment;
Figures 3A and 3B are signalling charts illustrating an embodiment;
Figure 4 illustrates an example of obtaining an alias for domain name prefix;
Figure 5 illustrates a simplified example of an apparatus applying some embodiments of the invention.
Detailed description of some embodiments
Embodiments are applicable to any base station, user equipment (UE], server, corresponding component, and/or to any communication system or any combination of different communication systems that support required functionality.
The protocols used, the specifications of communication systems, servers and user terminals, especially in wireless communication, develop rapidly. Such development may require extra changes to an embodiment. Therefore, all words and expressions should be interpreted broadly and they are intended to illustrate, not to restrict, embodiments.
Many different radio protocols to be used in communications systems exist. Some examples of different communication systems are the universal mobile telecommunications system (UMTS] radio access network (UTRAN or E-UTRAN], long term evolution (LTE, known also as E-UTRA], long term evolution advanced (LTE-A], 5th generation mobile networks, Wireless Local Area Network (WLAN] based on IEEE 802.11stardard, worldwide interoperability for microwave ac-cess (WiMAX], Bluetooth®, personal communications services (PCS] and systems using ultra-wideband (UWB] technology. IEEE refers to the Institute of Electrical and Electronics Engineers. Figure 1 illustrates an example of communication environment where embodiments of the invention may be applied. The environment comprises a device 100. The device may in general be a communicating device such as a mobile phone, user equipment, user terminal, personal computer, tablet, or any other de- vice capable for communicating with a communication network. In an embodiment, the device is an IoT device. The device comprises an identifier. Examples of suitable identifiers are International Mobile Subscriber Identity IMSI, Mobile Equipment Identifier MEID, International Mobile Station Equipment Identity IMEI, and Mobile Station International Subscriber Directory Number MSIDSN. In general, the identifier may be any other unique identity for a device or a subscriber (user of the device}. For using secure connection, a virtual private network VPN server software may be installed ad running in the device.
The environment further comprises Public Data Network PDN Gateway 102, P-GW. In general, a P-GW provides connectivity from the device 100 to other networks. The P-GW also provides devices Internet Protocol addresses. In an embodiment, the P-GW provides the devices a dynamic private IP addresses.
A DNS server 104 provides translation from numeric IP addresses to domain names, which are easier to use. A Network Address Table NAT entity 106 maintains a data base of IP addresses and may be configured to map IP address space into another address space, thus hiding, for example, internal addresses from outside networks. In this example, we may assume that the NAT entity has a pool of public IP addresses 88.114.39.2-15, for example.
The IoT device 100 may reside behind a firewall 108 regarding Internet 110. The firewall may be configured to allow access to the IP addresses 88.114.39.2-15, in this example
It may be that an apparatus 112 such as a computer may need to communicate with the device 100. Thus, it needs to be able to initiate a TCP (Transmission Control Protocol] connection to the device 100. A TCP connection can be used in setting up a secure VPN tunnel so that the apparatus 112 can access the data in the IoT device, for example. It is common to utilised DNS technology for finding out the IP address of a node. However, the IP addresses used by DNS servers are relative static. The IP addresses for a domain name could be changed, but not very dynamically. Thus, ordinary DNS technology cannot be applied for the dynamic private IP addresses used in mobile networks. This is problematic especially when IPv4 addresses are used. IPv6 addresses do not have this problem.
The flowchart of Figure 2 and the signalling charts of Figures 3 A and 3 B illustrate an example of an embodiment where a domain name is used to access the device 100 which has a dynamic private IP address, which is unknown to the apparatus 112. The numeric values (such as addresses] are merely illustrative examples.
When the IoT device 100 is switched on or is to be connected to network, is first attached itself to the network. In this example we may assume that the device 100 has MSIDSN 12345678 as its identity. The device transmits a message 300 to the P-GW 102, the message comprising the identity (MSISDN] of the device.
The P-GW 102 is configured to allocate a dynamic private Internet Protocol (IP] address for the device 100 and transmit 302 information on the IP address to the device 102. Let us assume in this example that the dynamic private IP address of the device is 10.144.34.31
The P-GW is configured to transmit 304 information on the private IP address allocated for the device 100 to the DNS server 102. The information comprises the IP address and the identity of the device.
The DNS server is configured to receive 200 the information. The DNS server is further configured to create 202 a domain name for the device 100 on the basis of the information. In an embodiment, the domain name comprises a prefix identifying the device and a pre-configured postfix. The postfix of the domain name is typically selected by the operator of the mobile network. Let us assume in this example that the postfix is iot.nokia.com.
The prefix may be the MSISDN, 12345678 in this example. In an embodiment, instead of MSISDN, the prefix of the domain name may IMSI, MEID, IMEI or any other unique identity for the device or the subscriber (user of the device].
When the apparatus 12 wishes to communicate with the device 100, is sends a request 306 to the DNS server 104 for the IP address of the device, the request comprising the domain name and the address of the apparatus. In this example we may assume that the IP address of the apparatus 112 is 205.112.10.17.
The DNS server 104 receives 204 the request. The request may arrive in the DNS server directly or via other DNS servers.
The DNS server is configured to transmit 206 to a network address table entity a rule 308. The rule may comprise a destination address (the address with which the apparatus 112 will use as address of the device 100 (in this example 88.114.39.2], the address of the apparatus 112 (in this example 205.112.10.17], and the private address of the device 100 (in this example 88.114.39.2]. The rule further may comprise instructions to map the traffic coming from the address of the apparatus 112 and addressed to the destination address to the private address of the device 112 and vice versa.
As a response to the request, the DNS server is configured to transmit 208 the destination address 310 to the apparatus 112.
After the apparatus 112 has received the IP address, the apparatus can send 312 IP packets to the NAT entity 106 for setting up TCP (and possibly VPN connections}.
When the NAT entity 106 has received packet from the apparatus 112, it uses the NAT rule received from the DNS server to forward 314 the packets to IoT device 100.
When the IoT device 100 detaches from the network, the P-GW 102 is configured to inform DNS server 104 to remove the IP address and domain name of the device.
Compared with existing dynamic DNS technology, the proposed solution has many advantages. For example, the DNS server 104 does not need to authenticate the users for updating DNS records. It increases safety when the DNS records can be only updated by an internal network element within a private network. The service can be available for all of subscribers of an Access Point Name, so that subscribers do not need to open a dynamic DNS account.
As described above, the prefix of the domain name may MSISDN, IMEI or any other identity unique to the device or subscriber. While MSISDN or corresponding identities are not a problem for machine to machine type of communication, they are not so easily memorised and handled by human beings. In an embod- iment, alias may be created for the prefix, which could be configured when the subscription of the MSISDN is made. The alias may be alphanumeric string, for example.
When an operator provides a SIM card for a subscriber, the subscriber may request to have an alias for his/her SIM card. The alias has to be unique within the scope of the operator and will be saved into SPR, Subscription Profile Repository.
Referring to Figure 4, when a device 100 using the SIM card attaches 300 into the network, P-GW 102 may be configured to use Gx Interface to send 400 a CCR, Credit Control Request, initial message to PCRF (Policy and Charging Rules Function] 402. The PCRF may use Sp Interface 404 with SPR 406 for getting subscriptions of the SIM. The SPR transmits 408 the subscription information to the PCRF, the information includes many items, and one of the items in this case may be the alias of the SIM.
The PCRF may add a new Attribute Value Pair, AVP, on top of existing AVPs into the CCA, Credit Control Answer, with Attribute name: Domain-name-pre- fix and Attribute value: the alias of the SIM and transmit a response 410 to P-GW.
The prefix alias can be sent to P-GW from PCRF by adding a new AVP, and then P-GW informs the alias to the DNS server.
In an embodiment, an operator can have a web portal for updating subscriber information. Subscribers can update their prefix alias of domain name via the portal. In the web portal, a web application can be included for updating DNS configuration. The P-GW can add a new HTTP header for the HTTP requests sent to the web application for indicating the MSISDN of the subscriber. The web application can check if the Domain-Name-Prefix is unique, and update DNS database if so.
Figure 5 illustrates an embodiment. The figure illustrates a simplified example of an apparatus applying embodiments of the invention. In some embodiments, the apparatus may be a DNS server 104.
It should be understood that the apparatus is depicted herein as an example illustrating some embodiments. It is apparent to a person skilled in the art that the apparatus may also comprise other functions and/or structures and not all described functions and structures are required. Although the apparatus has been depicted as one entity, different modules and memory may be implemented in one or more physical or logical entities.
The apparatus of the example includes a control circuitry 500 config- ured to control at least part of the operation of the apparatus.
The apparatus may comprise a memory 502 for storing data. Furthermore the memory may store software 504 executable by the control circuitry 500. The memory may be integrated in the control circuitry.
The apparatus may further comprise a first interface circuitry 506 con- figured to connect the apparatus to other devices and network elements of communication system, for example to P-GW.
The apparatus may further comprise a second interface circuitry 508 configured to connect the apparatus to other devices and network elements of communication system, for example to NAT entity. First and second interfaces may be implemented with the separate or the same hardware. The software 504 may comprise a computer program comprising program code means adapted to cause the control circuitry 500 of the apparatus to receive information on a private Internet Protocol (IP] address allocated for a device attached to the network and the identity of the device; create a domain name for the device on the basis of the information, the domain name comprising a prefix identifying the device and a pre-configured postfix; receive a request for the IP address of the device, the request comprising the domain name and the address of the source of the request; transmit to a network address table entity a rule comprising a destination address, the address of the source of the request and the pri- vate address of the device and a instructions to map the traffic coming from the address of the source of the request and the addressed to the destination address to the private address of the device and vice versa; and as a response to the request, transmit the destination address to the source of the request.
In an embodiment, the apparatus in a mobile communication network comprises: means for receiving information on a private Internet Protocol (IP] address allocated for a device attached to the network and the identity of the device; means for creating a domain name for the device on the basis of the information, the domain name comprising a prefix identifying the device and a pre-configured postfix; means for receiving a request for the IP address of the device, the request comprising the domain name and the address of the source of the request; means for transmitting to a network address table entity a rule comprising a destination address, the address of the source of the request and the private address of the device and a instructions to map the traffic coming from the address of the source of the request and the addressed to the destination address to the private address of the device and vice versa; and means for transmitting, as a response to the request, the destination address to the source of the request.
In an embodiment, a system in a communication system comprises a gateway apparatus and a network apparatus, where the gateway apparatus comprises means for receiving identity of a device attaching itself to the communica- tion network, means for allocating a private Internet Protocol (IP] address for a device; and means for transmitting information on the private Internet Protocol (IP] address and the identity of the device to the network apparatus; and the network apparatus comprises means for receiving information on a private Internet Protocol (IP] address allocated for a device attached to the network and the iden- tity of the device, means for creating a domain name for the device on the basis of the information, the domain name comprising a prefix identifying the device and a pre-configured postfix, means for receiving a request for the IP address of the device, the request comprising the domain name and the address of the source of the request, means for transmitting to a network address table entity a rule comprising a destination address, the address of the source of the request and the private address of the device and a instructions to map the traffic coming from the address of the source of the request and the addressed to the destination address to the private address of the device and vice versa; and means for transmitting, as a response to the request, the destination address to the source of the request.
It will be obvious to a person skilled in the art that, as the technology advances, the inventive concept can be implemented in various ways. The invention and its embodiments are not limited to the examples described above but may vary within the scope of the claims.

Claims

Claims
1. A method in a mobile communication network, the method comprising:
receiving information on a private Internet Protocol (IP] address allocated for a device attached to the network and the identity of the device;
creating a domain name for the device on the basis of the information, the domain name comprising a prefix identifying the device and a pre-configured postfix;
receiving a request for the IP address of the device, the request comprising the domain name and the address of the source of the request;
transmitting to a network address table entity a rule comprising a destination address, the address of the source of the request and the private address of the device and a instructions to map the traffic coming from the address of the source of the request and the addressed to the destination address to the private address of the device and vice versa; and
as a response to the request, transmitting the destination address to the source of the request.
2. A method according to claim 1, further comprising:
receive an alias for the identity of the device; and
using the alias as the prefix of the domain name of the device.
3. A method according to claim 1, wherein the prefix of the domain name is one of the following:
- International Mobile Subscriber Identity,
- Mobile Equipment Identifier,
- International Mobile Station Equipment Identity.
4. A method according to claim 1, wherein the rule has a given period of validity and the response to the request comprises the same period of validity.
5. A method according to any preceding claim, further comprising: receive information that the private IP address is no longer valid for the device;
remove the domain name of the device on the basis of the information.
6. An apparatus in a mobile communication network, the apparatus comprising
at least one processor, and
at least one memory comprising a computer program code, wherein the at least one memory and the computer program code are configured, with the at least one processor, to cause the apparatus of a wireless network to perform operations comprising:
receive information on a private Internet Protocol (IP] address allocated for a device attached to the network and the identity of the device;
create a domain name for the device on the basis of the information, the domain name comprising a prefix identifying the device and a pre-configured postfix;
receive a request for the IP address of the device, the request comprising the domain name and the address of the source of the request;
transmit to a network address table entity a rule comprising a destination address, the address of the source of the request and the private address of the device and a instructions to map the traffic coming from the address of the source of the request and the addressed to the destination address to the private address of the device and vice versa; and
as a response to the request, transmit the destination address to the source of the request.
7. An apparatus of claim 6, the at least one memory and the computer program code configured to, with the at least one processor, cause the apparatus further to perform:
receive an alias for the identity of the device; and
using the alias as the prefix of the domain name of the device.
8. An apparatus of claim 6 or 7, wherein the prefix of the domain name is one of the following:
- International Mobile Subscriber Identity,
- Mobile Equipment Identifier,
- International Mobile Station Equipment Identity.
9. An apparatus according to claim 6, wherein the rule has a given pe- riod of validity and the response to the request comprises the same period of validity.
10. An apparatus of any preceding claim 6 to 9, the at least one memory and the computer program code configured to, with the at least one processor, cause the apparatus further to perform:
receive information that the private IP address is no longer valid for the device;
remove the domain name of the device on the basis of the information.
11. A system in a communication system comprising a gateway apparatus and a network apparatus,
the gateway apparatus being configured to
receive identity of a device attaching itself to the communication net- work;
allocate a private Internet Protocol (IP] address for a device; and transmit information on the private Internet Protocol (IP] address and the identity of the device to the network apparatus;
the network apparatus being configured to
receive information on a private Internet Protocol (IP] address allocated for a device attached to the network and the identity of the device;
create a domain name for the device on the basis of the information, the domain name comprising a prefix identifying the device and a pre-configured postfix;
receive a request for the IP address of the device, the request comprising the domain name and the address of the source of the request;
transmit to a network address table entity a rule comprising a destination address, the address of the source of the request and the private address of the device and a instructions to map the traffic coming from the address of the source of the request and the addressed to the destination address to the private address of the device and vice versa; and
as a response to the request, transmit the destination address to the source of the request.
12. The system of claim 11, wherein the network apparatus is configured to receive an alias for the identity of the device; and using the alias as the prefix of the domain name of the device.
13. The system of claim 11, wherein the prefix of the domain name is one of the following:
wherein the network apparatus is configured to
- International Mobile Subscriber Identity,
- Mobile Equipment Identifier,
- International Mobile Station Equipment Identity.
14. The system of claim 11, wherein the rule has a given period of validity and the response to the request comprises the same period of validity.
15. A computer program product embodied on a distribution medium readable by a computer and comprising program instructions which, when loaded into an apparatus, execute a computer process comprising:
receiving information on a private Internet Protocol (IP] address allocated for a device attached to the network and the identity of the device;
creating a domain name for the device on the basis of the information, the domain name comprising a prefix identifying the device and a pre-configured postfix;
receiving a request for the IP address of the device, the request comprising the domain name and the address of the source of the request;
transmitting to a network address table entity a rule comprising a destination address, the address of the source of the request and the private address of the device and a instructions to map the traffic coming from the address of the source of the request and the addressed to the destination address to the private address of the device and vice versa; and
as a response to the request, transmitting the destination address to the source of the request.
16. The computer program product according to claim 15, the process further comprising:
receiving an alias for the identity of the device; and
using the alias as the prefix of the domain name of the device.
17. The computer program product according to claim 15, wherein the prefix of the domain name is one of the following:
- International Mobile Subscriber Identity,
- Mobile Equipment Identifier,
- International Mobile Station Equipment Identity.
18. The computer program product according to claim 15, the process further comprising:
receiving information that the private IP address is no longer valid for the device;
removing the domain name of the device on the basis of the information.
PCT/EP2017/053277 2017-02-14 2017-02-14 Providing access to a device WO2018149482A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/EP2017/053277 WO2018149482A1 (en) 2017-02-14 2017-02-14 Providing access to a device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/EP2017/053277 WO2018149482A1 (en) 2017-02-14 2017-02-14 Providing access to a device

Publications (1)

Publication Number Publication Date
WO2018149482A1 true WO2018149482A1 (en) 2018-08-23

Family

ID=58046662

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/EP2017/053277 WO2018149482A1 (en) 2017-02-14 2017-02-14 Providing access to a device

Country Status (1)

Country Link
WO (1) WO2018149482A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113783974A (en) * 2021-09-09 2021-12-10 烽火通信科技股份有限公司 Method and device for dynamically issuing MAP domain rule

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6944167B1 (en) * 2000-10-24 2005-09-13 Sprint Communications Company L.P. Method and apparatus for dynamic allocation of private address space based upon domain name service queries
US20140129728A1 (en) * 2011-10-13 2014-05-08 Cisco Technology, Inc. Apparatus, systems, and methods for ip reachability in a communications network

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6944167B1 (en) * 2000-10-24 2005-09-13 Sprint Communications Company L.P. Method and apparatus for dynamic allocation of private address space based upon domain name service queries
US20140129728A1 (en) * 2011-10-13 2014-05-08 Cisco Technology, Inc. Apparatus, systems, and methods for ip reachability in a communications network

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
GEORGE TSIRTSIS RICHARD O'BRIEN MARTIN TATHAM ALAN O'NEILL BTLABS POSSIBLE MECHANISMS AND COMPONENTS FOR AATN: "Possible Mechanisms and Components for AATN; draft-tsirtsis-aatn-mech-00.txt", POSSIBLE MECHANISMS AND COMPONENTS FOR AATN; DRAFT-TSIRTSIS-AATN-MECH-00.TXT, INTERNET ENGINEERING TASK FORCE, IETF; STANDARDWORKINGDRAFT, INTERNET SOCIETY (ISOC) 4, RUE DES FALAISES CH- 1205 GENEVA, SWITZERLAND, 1 April 1998 (1998-04-01), XP015036281 *
JAE-HOON JEONG BYUNG-YEOB KIM JUNG-SOO PARK HYOUNG-JUN KIM ETRI: "IPv6 Router Advertisement based DNS Autoconfiguration; draft-jeong-ipv6-ra-dns-autoconf-00.txt", IPV6 ROUTER ADVERTISEMENT BASED DNS AUTOCONFIGURATION; DRAFT-JEONG-IPV6-RA-DNS-AUTOCONF-00.TXT, INTERNET ENGINEERING TASK FORCE, IETF; STANDARDWORKINGDRAFT, INTERNET SOCIETY (ISOC) 4, RUE DES FALAISES CH- 1205 GENEVA, SWITZERLAND, 17 April 2003 (2003-04-17), XP015003801 *

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113783974A (en) * 2021-09-09 2021-12-10 烽火通信科技股份有限公司 Method and device for dynamically issuing MAP domain rule
CN113783974B (en) * 2021-09-09 2023-06-13 烽火通信科技股份有限公司 Method and device for dynamically issuing MAP domain rule

Similar Documents

Publication Publication Date Title
EP2522176B1 (en) Method and apparatus for gateway session establishment
EP3254407B1 (en) System and method for distributing policy charging and enforcement function connectivity information in a network environment
US9888375B2 (en) Network entity, a wireless communication unit and methods for access to a remote private IP network and supporting thereof
US9131473B2 (en) Method, device, and communication system for establishing connection with network management system
US8953592B2 (en) Network address translation for application of subscriber-aware services
JP4638539B2 (en) How to set up a communication device
AU2013349289B2 (en) Identifying NATed devices for device-specific traffic flow steering
JP5536222B2 (en) Apparatus and method for authorization for use of access point name (APN) in specific access
CN103313344B (en) The core net and its cut-in method of fusion
JP7372254B2 (en) 3GPP Access Node Selection in 5G Networks for Non-Cellular Access and Indication of Regional Requirements Subject to Lawful Interception Interception-Aware Access Node Selection
EP3050270B1 (en) Lawful interception in a wi-fi / packet core network access
WO2009092304A1 (en) A method and apparatus for selecting the policy and charging rule function entity
EP2916592A1 (en) Packet data network type management method, device, and system
WO2015169044A1 (en) Session binding method, device and system in roaming scenario
US20150023350A1 (en) Network connection via a proxy device using a generic access point name
WO2020236919A1 (en) Traffic flow control using domain name
WO2018149482A1 (en) Providing access to a device
US20150350343A1 (en) Method and device for an adaptive handling of data traffic
WO2022108920A1 (en) Openroaming for private communications systems
KR101303030B1 (en) Method for operating and searching host in internet protocol version 6 network
US20160248862A1 (en) Data processing method, device, and system
CN109995538B (en) Method and equipment for addressing PCRF
WO2016128039A1 (en) Apparatus and method for managing communication with a local device of a local network
Sarikaya et al. Dhcpv6 prefix delegation in long-term evolution (lte) networks
Sarikaya et al. RFC 6653: DHCPv6 Prefix Delegation in Long-Term Evolution (LTE) Networks

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 17705374

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 17705374

Country of ref document: EP

Kind code of ref document: A1