[go: up one dir, main page]

WO2017088628A1 - Procédé, dispositif et système de conversion d'adresse, procédé et dispositif de commande d'identité de réseau - Google Patents

Procédé, dispositif et système de conversion d'adresse, procédé et dispositif de commande d'identité de réseau Download PDF

Info

Publication number
WO2017088628A1
WO2017088628A1 PCT/CN2016/104079 CN2016104079W WO2017088628A1 WO 2017088628 A1 WO2017088628 A1 WO 2017088628A1 CN 2016104079 W CN2016104079 W CN 2016104079W WO 2017088628 A1 WO2017088628 A1 WO 2017088628A1
Authority
WO
WIPO (PCT)
Prior art keywords
network
address
identifier
node
network identifier
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/CN2016/104079
Other languages
English (en)
Chinese (zh)
Inventor
郝振武
朱超国
丁馥昊
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
ZTE Corp
Original Assignee
ZTE Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by ZTE Corp filed Critical ZTE Corp
Publication of WO2017088628A1 publication Critical patent/WO2017088628A1/fr
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/25Mapping addresses of the same type
    • H04L61/2503Translation of Internet protocol [IP] addresses
    • H04L61/2514Translation of Internet protocol [IP] addresses between local and global IP addresses
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/25Mapping addresses of the same type
    • H04L61/2503Translation of Internet protocol [IP] addresses
    • H04L61/2517Translation of Internet protocol [IP] addresses using port numbers

Definitions

  • the present invention relates to the field of communications, and in particular, to an address translation method, device and system, and network identity control method and apparatus.
  • FIG. 1 is a schematic diagram of a typical Internet access network.
  • the UE User Equipment
  • the access gateway connects to the Internet through the switching node.
  • the UE may be a terminal with a fixed location, such as a home terminal, or a terminal in a mobile state, such as a mobile terminal, a portable digital device (PAD), and the like.
  • a terminal with a fixed location such as a home terminal
  • a terminal in a mobile state such as a mobile terminal, a portable digital device (PAD), and the like.
  • PAD portable digital device
  • AGW Access Gateway
  • IP Internet Protocol
  • GGSN Gateway General Packet Radio
  • Service Support Node Gateway General Packet Radio Service Support Node
  • PGW Packet Data Network Gateway
  • BRAS Broad Band Remote Access Server
  • the authentication server also interacts with the authentication server to ensure the validity of the access. Since the authentication server is independent of the technology of the present invention, it will not be mentioned later.
  • the management and allocation mechanism of the IP address is generally that the AGW establishes a local IP address pool. After the UE is successfully authenticated, the UE selects an unoccupied IP address from the local IP address pool and allocates it to the UE. When the UE goes offline, the UE is released. The assigned IP address. It can be seen from the above process that with this mechanism, the IP address of the UE is dynamically allocated, so each time the UE goes online, the assigned address may be different.
  • the operator changed the IP address allocation method for the UE. Further, it is changed from directly assigning the public network IP address to assigning the private network IP address.
  • the network address translation (NAT) function is performed by using a pre-deployed TN (Translation Node) to perform the network address translation (NAT) function. Convert to a public IP address and send it to save IP address resources.
  • the AGW dynamically allocates the IP address of the private network and accesses the Internet through the TN.
  • the private IP address assigned to the UE and the converted public IP address are different, especially the mobile UE may be This phenomenon is more pronounced when accessing the Internet through different AGWs or different NAT/NAPT devices.
  • IP address allocation mechanism increases the difficulty of Internet supervision, making it impossible for Internet operators to perform accurate and timely searching for illegal operation terminals.
  • the public network address of the same UE is not fixed, it is impossible to effectively track the mobile terminal and analyze the service access, and provide a better service.
  • the technical problem to be solved by the present invention is how to identify the UE in the public network through a fixed network identifier, thereby satisfying the requirements in terms of traceability and service services.
  • An address translation method includes:
  • the identifier management node queries the network identifier corresponding to the user identifier of the first UE, and records the mapping between the queried network identifier and the private network IP address allocated to the first UE. Relationship; the network identifier is a public network IP address, or a public network IP address and a port number segment;
  • the switching node queries the identifier management node for the network identifier corresponding to the private network IP address of the first UE when the first data packet is received from the first UE, and records the private network IP of the first UE. a mapping relationship between the address and the queried network identifier, and the data packet from the first UE and the data packet sent to the first UE are performed according to the recorded mapping relationship Address translation and transmission.
  • the network management node corresponding to the user identifier of the first UE includes:
  • the access gateway After the first UE is online, the access gateway sends an online message of the first UE to the identity management node, where the online message includes the user identifier of the first UE, and the access gateway allocates The private network IP address of the first UE;
  • the identity management node After receiving the online message, the identity management node queries the corresponding network identifier according to the user identifier of the first UE in the online message.
  • the performing address translation and sending of the data packet from the first UE and the data packet sent to the first UE according to the recorded mapping relationship includes:
  • the switching node establishes a mapping relationship between the network address translation NAT and/or the network address port conversion NAPT data flow according to the relationship between the private network IP address of the first UE and the network identifier, and performs NAT and/or NAPT processing, including Transmitting the source IP address and the port in the data packet from the first UE into a public network IP address in the network identifier and a port in the port range defined by the network identifier, and sending the data packet to the first UE
  • the destination IP address and port in the network are translated into a private network IP address and port corresponding to the corresponding network identifier.
  • the method further includes:
  • the identifier management node When the identifier management node cannot find the network identifier corresponding to the user identifier of the first UE, select an idle public network IP address, or an idle public network IP address and an idle port number segment, or a non-idle public IP address.
  • An address and an idle port number segment as a network identifier allocated to the first UE, storing a correspondence between the user identifier of the first UE and the allocated network identifier; recording the assigned network identifier and assigning to Mapping relationship between the private network IP addresses of the first UE.
  • the method further includes:
  • the identifier management node queries the network identifier and the private network according to the private network IP address of the first UE. Mapping relationship between network IP addresses;
  • the network identifier corresponding to the private network IP address of the first UE is queried, the network identifier is returned to the conversion node as a query result;
  • the query is not available, return a query result indicating that there is no such UE to the conversion node; or, select an idle public network IP address, or an idle public network IP address and an idle port number segment, or a non-idle public network
  • the IP address and the idle port number segment are used as the network identifier allocated to the first UE, and the correspondence between the user identifier of the first UE and the assigned network identifier is saved, and the private state of the first UE is saved.
  • the method further includes:
  • the identifier management node obtains the address information of the conversion node that queries the network identifier, and records the correspondence between the user identifier of the first UE and/or the network identifier and the address information of the conversion node.
  • the method further includes:
  • the identifier management node updates the user and/or the network of the first UE according to the address information of the new transition node when the new switch node queries the network identifier corresponding to the private network IP address of the first UE. Identifying a correspondence between the address information and the address information of the conversion node; notifying the first UE that the first UE corresponds to the first UE to go offline, and the notification carries the network identifier of the first UE and/or is originally allocated to the The private network IP address of the first UE.
  • the method further includes:
  • the access gateway When the first UE goes offline, the access gateway sends the offline message of the first UE to the identity management node, and carries the private network IP address originally allocated to the first UE;
  • the identifier management node After receiving the offline message, the identifier management node deletes a mapping relationship between the network identifier of the first UE and the private network IP address, and notifies the first node that the first UE corresponds to the conversion node.
  • a UE is offline, and the notification carries the network identifier of the first UE and/or a private network IP address originally allocated to the first UE.
  • the method further includes:
  • the mapping node After receiving the notification that the first UE goes offline, the mapping node deletes the mapping relationship between the private network IP address of the first UE and the network identifier, and deletes the established NAT and/or NAPT data stream. Mapping relations.
  • An address translation method includes:
  • the switching node queries the network identifier corresponding to the private network IP address of the first UE when receiving the first data packet from the first user equipment UE; the network identifier is a public network IP address, or a public network IP address. Address and port number segment;
  • the switching node records a mapping relationship between the private network IP address of the first UE and the queried network identifier, and sends a data packet from the first UE to the first according to the recorded mapping relationship.
  • a UE's data packet is address translated and transmitted.
  • the performing address translation and sending of the data packet from the first UE and the data packet sent to the first UE according to the recorded mapping relationship includes:
  • the switching node establishes a mapping relationship between the network address translation NAT and/or the network address port conversion NAPT data flow according to the relationship between the private network IP address of the first UE and the network identifier, and performs NAT and/or NAPT processing, including Transmitting a source IP address and a port in the data packet from the first UE into a public network IP address in the network identifier and a port in a port range defined by the network identifier; and sending the data packet to the first UE
  • the destination IP address and port in the network are translated into a private network IP address and port corresponding to the corresponding network identifier.
  • the method further includes:
  • the switching node After receiving the notification that the first UE is offline, the switching node, according to the network identifier of the first UE carried in the notification, and/or the private network IP address originally allocated to the first UE, And deleting a mapping relationship between the private network IP address of the first UE and the network identifier, and deleting the established NAT and/or NAPT data flow mapping relationship.
  • a network identity control method includes:
  • the identifier management node After the first user equipment UE is online, the identifier management node queries the corresponding network identifier according to the user identifier of the first UE, and records between the queried network identifier and the private network IP address allocated to the first UE. Mapping relationship; the network identifier is a public network IP address, or a public network IP address and a port number segment;
  • the identifier management node After receiving the request for the conversion node to query the network identifier, the identifier management node queries the corresponding network identifier according to the private network IP address of the first UE that is carried in the request, and returns the result to the conversion node as a query result.
  • the method further includes:
  • the identifier management node When the identifier management node cannot find the network identifier corresponding to the user identifier of the first UE, select an idle public network IP address, or an idle public network IP address and an idle port number segment, or a non-idle public IP address.
  • An address and an idle port number segment as a network identifier allocated to the first UE, storing a correspondence between the user identifier of the first UE and the allocated network identifier; recording the assigned network identifier and assigning to Mapping relationship between the private network IP addresses of the first UE.
  • the method further includes:
  • the identifier management node queries the network identifier corresponding to the private network IP address of the first UE, the network identifier is returned to the conversion node as a query result; if not, the return indicates that there is no such UE
  • the query result is given to the conversion node; or, the idle public network IP address, or the idle public network IP address and the idle port number segment, or the non-idle public network IP address and the idle port number segment are allocated as the allocation.
  • the network identifier of the first UE is saved, and the correspondence between the user identifier of the first UE and the allocated network identifier is saved, and the private network IP address of the first UE is saved and the allocated network identifier is saved.
  • the identifier management node receives the request of the conversion node to query the network identifier.
  • the network identifier include:
  • the identifier management node obtains the address information of the conversion node that queries the network identifier, and records the correspondence between the user identifier of the first UE and/or the network identifier and the address information of the conversion node.
  • the method further includes:
  • the identifier management node updates the user of the first UE according to the address information of the new transition node. Corresponding relationship between the network identifier and the address information of the switching node; notifying the first UE that the first UE corresponds to the first UE to go offline, the notification carrying the network identifier of the first UE and/or originally assigned to The private network IP address of the first UE.
  • the method further includes:
  • the identity management node After the first UE goes offline, the identity management node deletes the mapping relationship between the network identifier of the first UE and the private network IP address.
  • the identifier management node further includes:
  • the identifier management node notifies the first UE that the first UE corresponds to the first node to go offline, and the notification carries the network identifier and/or the private network IP address originally allocated to the first UE.
  • An address translation system comprising: one or more conversion nodes;
  • the identifier management node is configured to query the network identifier corresponding to the user identifier of the first UE after the first user equipment UE is online, and record the queried network identifier and the private network IP address allocated to the first UE.
  • the mapping relationship between the network identifiers is a public network IP address, or a public network IP address and a port number segment;
  • the switching node is configured to, when receiving the first data packet from the first UE, query the identifier management node for a network identifier corresponding to the private network IP address of the first UE; a mapping relationship between the private network IP address of the first UE and the queried network identifier, and the data packet from the first UE and the data packet sent to the first UE according to the recorded mapping relationship Address translation and sending.
  • system further includes:
  • One or more access gateways configured to send an online message of the first UE to the identity management node when the first UE is online, where the online message carries the user identifier of the first UE, And a private network IP address assigned to the first UE.
  • An address conversion device disposed on the conversion node, includes:
  • the query requesting module is configured to: when receiving the first data packet from the first user equipment UE, query the network identifier corresponding to the private network IP address of the first UE; the network identifier is a public network IP address, Or public network IP address and port number segment;
  • a conversion module configured to record a mapping relationship between the private network IP address of the first UE and the queried network identifier, and send the data packet from the first UE to the foregoing according to the recorded mapping relationship
  • the data packet of the first UE is subjected to address translation and transmission.
  • a network identifier control device is disposed on the identifier management node, and includes:
  • an update module configured to: after the first user equipment UE is online, query the corresponding network identifier according to the user identifier of the first UE, and record the queried network identifier and the private network IP address allocated to the first UE.
  • the mapping relationship between the network identifiers is a public network IP address, or a public network IP address and a port number segment;
  • the query module is configured to query the corresponding network identifier according to the private network IP address of the first UE that is carried in the request, and then return the data identifier to the conversion node as a query result.
  • the network identifier is corresponding to the user identifier of the UE, it can be in the public network.
  • the UE is represented by a fixed network identifier, thereby meeting the requirements in terms of traceability, security, and flexible deployment.
  • the alternative of the embodiment of the present invention may also support the enhanced conversion node to form a device pool.
  • Another embodiment of the present invention provides a computer storage medium storing execution instructions for performing the method in the above embodiments.
  • FIG. 1 is a schematic diagram of an existing Internet access
  • FIG. 2 is a schematic flowchart of an address conversion method according to Embodiment 1 of the present invention.
  • FIG. 3 is a schematic flowchart of an address translation method according to Embodiment 2 of the present invention.
  • FIG. 4 is a schematic flowchart of a network identity control method according to Embodiment 3 of the present invention.
  • FIG. 5 is a schematic diagram of an address translation system according to Embodiment 4 of the present invention.
  • FIG. 6 is a schematic diagram of an address translation apparatus according to Embodiment 5 of the present invention.
  • FIG. 7 is a schematic diagram of a network identity control apparatus according to Embodiment 6 of the present invention.
  • Example 8 is a schematic flowchart of Example 1 of an embodiment of the present invention.
  • FIG. 9 is a schematic structural diagram of a system according to Embodiment 2 of the present invention.
  • FIG. 10 is a schematic diagram of deployment of multiple AGWs and multiple eTNs according to Embodiment 3 of the present invention.
  • FIG. 11 is a schematic diagram of a UE online procedure and a data transmission process according to Embodiment 4 of the present invention.
  • FIG. 12 is a schematic diagram of a UE user data packet receiving process according to Embodiment 5 of the present invention.
  • FIG. 13 is a schematic diagram of a process of reselecting an eTN by an AGW according to Embodiment 6 of the present invention.
  • FIG. 14 is a schematic diagram of a UE offline process according to Embodiment 7 of the present invention.
  • Embodiment 1 An address conversion method, as shown in FIG. 2, includes:
  • the identifier management node queries the network identifier corresponding to the user identifier of the first UE after the first UE is online, and records a mapping between the queried network identifier and the private network IP address allocated to the first UE. Relationship; the network identifier is a public network IP address, or a public network IP address and a port number segment;
  • the switching node when receiving the first data packet from the first UE, query the identifier management node for a network identifier corresponding to the private network IP address of the first UE, and record the private information of the first UE.
  • the identifier management node may be, but is not limited to, receiving the online message of the first UE that is sent by the AGW to learn that the first UE is online; the online message carries the user identifier of the first UE, and The private network IP address assigned by the AGW to the first UE.
  • the switching node may be, but is not limited to, sending a network identifier query request, and querying, by the identifier management node, a network identifier corresponding to the private network IP address of the first UE;
  • the private network IP address of the first UE that is, the source IP address in the data packet.
  • the first data packet received by the switching node from the first UE The source IP address, that is, the private network IP address of the first UE.
  • the conversion node in this embodiment adds more functions than the existing conversion node, and is therefore referred to as an enhanced conversion node hereinafter.
  • the network management node corresponding to the user identifier of the first UE includes:
  • the access gateway After the first UE is online, the access gateway sends an online message of the first UE to the identity management node, where the online message includes the user identifier of the first UE, and the access gateway allocates The private network IP address of the first UE;
  • the identity management node After receiving the online message, the identity management node queries the corresponding network identifier according to the user identifier of the first UE in the online message.
  • the method may further include:
  • the identifier management node establishes a user identifier and a network identifier mapping table, and pre-stores a mapping relationship between the user identifier and the network identifier according to the configuration of the operator.
  • the method further includes:
  • the identifier management node When the identifier management node cannot find the network identifier corresponding to the user identifier of the first UE, select an idle public network IP address, or an idle public network IP address and an idle port number segment, or a non-idle public IP address.
  • An address and an idle port number segment as a network identifier allocated to the first UE, storing a correspondence between the user identifier of the first UE and the allocated network identifier; recording the assigned network identifier and assigning to Mapping relationship between the private network IP addresses of the first UE.
  • the public network IP address and the port number segment of the public network may be pre-stored in the identifier management node.
  • the public network IP address of the network identifier or the public network address is selected.
  • the network IP address and port number segment are marked as not idle.
  • the scenario that the converting node receives the first data packet of the first UE includes: a first data packet sent after the first UE is online, and the first The first data packet sent after a UE switches to the switching node.
  • the method further includes:
  • the switching node When the switching node receives the data packet from the UE, firstly, according to the source IP address (that is, the private network IP address) in the data packet, the mapping relationship between the locally saved private network IP address and the network identifier is queried, and if the query can be queried, Decoding and transmitting a data packet from the first UE and a data packet sent to the first UE according to the queried mapping relationship, if not, determining that it is the first one from the first UE The data packet is executed in step S120.
  • the source IP address that is, the private network IP address
  • the method further includes:
  • the identifier management node queries the mapping relationship between the network identifier and the private network IP address according to the private network IP address of the first UE, and returns the query result to the conversion node.
  • the network identifier corresponding to the private network IP address of the first UE is queried, the network identifier is returned to the conversion node as a query result; if the query is not found, the return indicates that there is no such
  • the query result of the UE is sent to the conversion node; or, the idle public network IP address, or the idle public network IP address and the idle port number segment, or the non-idle public network IP address and the idle port number segment are selected as a network identifier that is allocated to the first UE, and a correspondence between the user identifier of the first UE and the assigned network identifier, and the private network IP address of the first UE and the allocated network identifier are saved.
  • the mapping relationship between the two, and the assigned network identifier is returned to the conversion node as a query result.
  • the method further includes:
  • the identifier management node obtains the address information of the conversion node that queries the network identifier, and records the correspondence between the user identifier of the first UE and/or the network identifier and the address information of the conversion node.
  • the performing address translation and sending of the data packet from the first UE and the data packet sent to the first UE according to the recorded mapping relationship includes:
  • the switching node is built according to the relationship between the private network IP address of the first UE and the network identifier.
  • Performing NAT and/or NAPT data flow mapping performing NAT and/or NAPT processing, including: converting source IP address and port in the data packet from the first UE into a public network IP address in the network identifier, and The network identifies the port within the port range defined by the port and establishes a NAT and/or NAPT data flow mapping relationship;
  • the destination public network IP address is converted into the private network IP address corresponding to the corresponding network identifier according to the previously established NAT and/or NAPT data flow mapping relationship, and the port in the data packet is Convert to a private network port.
  • the port range is all ports corresponding to the public network IP address; when the network identifier is a public network IP address and a port number segment, the port range is Refers to the port number segment.
  • the determined network identifier is X, or “180.100.220.210” and port. If the destination public network IP address is "180.100.220.210" and the port is a value in the port number segment, such as 1026, the determined network identifier is X.
  • step S120 further includes: the switching node discarding the data packet when the network identifier is not queried, or performing a NAT and/or NAPT conversion operation using the locally preset public network IP address.
  • the method further includes:
  • the identity management node When the first UE is offline, the identity management node deletes a mapping relationship between the network identifier of the first UE and the private network IP address, and notifies the first node that the first UE originally corresponds to the first node.
  • the UE is offline, and the notification carries the network identifier of the first UE and/or the private network IP address originally allocated to the first UE.
  • the identifier management node may be, but is not limited to, receiving the offline message of the first UE that is sent by the AGW, and the first UE is offline; the AGW sends an offline message when the first UE goes offline.
  • the offline message carries the private network IP address originally allocated by the AGW to the first UE.
  • mapping management node if the mapping management node has previously saved the mapping relationship between the network identifier of the first UE and the address information of the switching node, the mapping relationship needs to be deleted.
  • the AGW releases the private network IP address allocated to the first UE.
  • the method further includes:
  • the identifier management node updates the user and/or the network of the first UE according to the address information of the new transition node when the new switch node queries the network identifier corresponding to the private network IP address of the first UE. Identifying a correspondence between the address information and the address information of the conversion node; notifying the first UE that the first UE corresponds to the first UE to go offline, and the notification carries the network identifier of the first UE and/or is originally allocated to the The private network IP address of the first UE.
  • the new conversion node queries the network identifier corresponding to the private network IP address of the first UE: the AGW reselects the conversion node for the first UE performing the service according to the policy; for the new conversion
  • the node when the data packet from the first UE is received for the first time, it is considered to be the first data packet of the first UE, and therefore the network identity of the first UE is queried to the identity management node.
  • the method may further include:
  • the mapping node After receiving the notification that the first UE goes offline, the mapping node deletes the mapping relationship between the private network IP address of the first UE and the network identifier, and deletes the established NAT and/or NAPT data stream. Mapping relations.
  • the notification that the first UE is offline may be, but is not limited to, a delete UE notification or a UE offline notification sent by the identifier management node, where the network identifier of the first UE to be deleted is carried and/or The private network IP address originally assigned to the first UE.
  • both the NAT and the NAPT data flow mapping relationship need to be deleted; if the network identifier is used for the first UE Only the NAT or NAPT data flow mapping relationship is established, and the established NAT or NAPT data flow mapping relationship is deleted.
  • Embodiment 2 an address translation method, as shown in FIG. 3, includes:
  • the switch node queries the network identifier corresponding to the private network IP address of the first UE when receiving the first data packet from the first UE.
  • the network identifier is a public network IP address, or a public network IP address. Address and port number segment;
  • the switching node records a mapping relationship between the private network IP address of the first UE and the queried network identifier, and sends a data packet and a destination to the first UE according to the recorded mapping relationship.
  • the data packet of the first UE is subjected to address conversion and transmission.
  • the performing address translation and sending of the data packet from the first UE and the data packet sent to the first UE according to the recorded mapping relationship includes:
  • the mapping node establishes a NAT and/or NAPT data flow mapping relationship according to the relationship between the private network IP address of the first UE and the network identifier, and performs NAT and/or NAPT processing, including: coming from the first
  • the source IP address and port in the data packet of the UE are respectively converted into a public network IP address in the network identifier and a port in the port range defined by the network identifier, and the destination IP address and port in the data packet to be sent to the first UE. Convert to the private network IP address and port corresponding to the corresponding network identifier.
  • the method further includes:
  • the switching node After receiving the notification that the first UE is offline, the switching node, according to the network identifier of the first UE carried in the notification, and/or the private network IP address originally allocated to the first UE, And deleting a mapping relationship between the private network IP address of the first UE and the network identifier, and deleting the established NAT and/or NAPT data flow mapping relationship.
  • Embodiment 3 A network identity control method, as shown in FIG. 4, includes:
  • the identifier management node queries the corresponding network identifier according to the user identifier of the first UE, and records between the queried network identifier and the private network IP address allocated to the first UE. Mapping relationship; the network identifier is a public network IP address, or a public network IP address and port number segment;
  • the identifier management node After receiving the request for the switching node to query the network identifier, the identifier management node queries the corresponding network identifier according to the private network IP address of the first UE that is carried in the request, and returns the result to the conversion as a query result. node.
  • the identifier management node may be, but is not limited to, receiving the online message of the first UE that is sent by the AGW to learn that the first UE is online; the online message carries the user identifier of the first UE, and The private network IP address assigned by the AGW to the first UE.
  • the request for querying the network identifier may be referred to as a network identity query request.
  • the method further includes:
  • the identifier management node When the identifier management node cannot find the network identifier corresponding to the user identifier of the first UE, select an idle public network IP address, or an idle public network IP address and an idle port number segment, or a non-idle public IP address.
  • An address and an idle port number segment as a network identifier allocated to the first UE, storing a correspondence between the user identifier of the first UE and the allocated network identifier; recording the assigned network identifier and assigning to Mapping relationship between the private network IP addresses of the first UE.
  • the method further includes:
  • the identifier management node queries the network identifier corresponding to the private network IP address of the first UE, the network identifier is returned to the conversion node as a query result; if not, the return indicates that there is no such UE
  • the query result is given to the conversion node; or, the idle public network IP address, or the idle public network IP address and the idle port number segment, or the non-idle public network IP address and the idle port number segment are allocated as the allocation.
  • the network identifier of the first UE is saved, and the correspondence between the user identifier of the first UE and the allocated network identifier is saved, and the private network IP address of the first UE is saved and the allocated network identifier is saved.
  • the identifier management node receives the request of the conversion node to query the network identifier.
  • the network identifier include:
  • the identifier management node obtains the address information of the conversion node that queries the network identifier, and records the correspondence between the user identifier of the first UE and/or the network identifier and the address information of the conversion node.
  • the address information of the conversion node may also be referred to as a location identifier.
  • UID User Identifier
  • MSISDN Mobile Station Integrated Services Digital Network Number
  • IMSI International Mobile Subscriber Identity, International Mobile
  • username/account number etc.
  • NID Network Identifier
  • It can uniquely indicate the identity of the UE in the network layer of the public network. It can be the public network IP address assigned to the UE, or the public network IP address and port number segment, which are carried in the data packet. The public network IP address or the public network IP address plus the port can uniquely identify the user.
  • LID Location Identifier
  • IP address IP address
  • URI Uniform Resource Identifier
  • Private network IP address Allocated by the AGW.
  • the access locations of the UEs are different and the online time is different.
  • the assigned private IP addresses may be different.
  • the method further includes:
  • the identifier management node updates the user of the first UE according to the address information of the new transition node. Corresponding relationship between the network identifier and the address information of the switching node; notifying the first UE that the first UE corresponds to the first UE to go offline, the notification carrying the network identifier of the first UE and/or originally assigned to The private network IP address of the first UE.
  • the method further includes:
  • the identity management node After the first UE goes offline, the identity management node deletes the mapping relationship between the network identifier of the first UE and the private network IP address.
  • the identifier management node may be, but is not limited to, receiving the offline message of the first UE that is sent by the AGW, and the first UE is offline; the offline message carries the AGW originally assigned to the The private network IP address of the first UE.
  • the identifier management node further includes:
  • the identifier management node notifies the first UE that the first UE corresponds to the first node to go offline, and the notification carries the network identifier and/or the private network IP address originally allocated to the first UE.
  • Embodiment 4 an address conversion system, as shown in Figure 5, comprising: one or more conversion nodes 41;
  • the identifier management node 42 is configured to query the network identifier corresponding to the user identifier of the first UE after the first UE is online, and record the network identifier between the queried network and the private network IP address allocated to the first UE. Mapping relationship; the network identifier is a public network IP address, or a public network IP address and a port number segment;
  • the switching node 41 is configured to: when the first data packet from the first UE is received, query the identifier management node for a network identifier corresponding to the private network IP address of the first UE; and record the first a mapping relationship between the private IP address of the UE and the queried network identifier, and performing address translation on the data packet from the first UE and the data packet sent to the first UE according to the recorded mapping relationship send.
  • one or more conversion nodes in the system are located in a service area corresponding to the same identification management node.
  • the converting by the converting node, performing address translation and sending on the data packet from the first UE and the data packet sent to the first UE according to the recorded mapping relationship:
  • the mapping node establishes a NAT and/or NAPT data flow mapping relationship according to the relationship between the private network IP address of the first UE and the network identifier, and performs NAT and/or NAPT processing, including: coming from the first
  • the source IP address and port in the data packet of the UE are respectively converted into a public network IP address in the network identifier and a port in the port range defined by the network identifier, and the destination IP address and port in the data packet to be sent to the first UE. Convert to the private network IP address and port corresponding to the corresponding network identifier.
  • the identifier management node is further configured to: when the network identifier corresponding to the user identifier of the first UE is not found, select an idle public network IP address, or an idle public network IP address and an idle port number segment. Or a non-idle public network IP address and an idle port number segment, as a network identifier allocated to the first UE, storing a correspondence between the user identifier of the first UE and the allocated network identifier; A mapping relationship between the assigned network identifier and a private network IP address assigned to the first UE.
  • the identifier management node is further configured to query the network identifier and the private network according to the private network IP address of the first UE, after the switching node queries the network identifier corresponding to the private network IP address of the first UE. a mapping relationship between the network IP addresses; if the network identifier corresponding to the private network IP address of the first UE is queried, the network identifier is returned to the conversion node as a query result; if not, the method returns Indicates that there is no query result of the UE to the conversion node; or, select an idle public network IP address, or an idle public network IP address and an idle port number segment, or a non-idle public network IP address and an idle port number.
  • a segment as a network identifier allocated to the first UE, storing a correspondence between the user identifier of the first UE and the allocated network identifier, and saving the private network IP address of the first UE and the allocated A mapping relationship between network identifiers, and the assigned network identifier is returned to the conversion node as a query result.
  • the identifier management node is further configured to: after the conversion node queries the network identifier corresponding to the private network IP address of the first UE, obtain the conversion node that queries the network identifier.
  • the address information records a correspondence between a user identifier of the first UE and/or a network identifier and address information of the conversion node.
  • the identifier management node is further configured to: when a new conversion node queries the network identifier corresponding to the private network IP address of the first UE, update the first according to the address information of the new conversion node. Corresponding relationship between the user and/or the network identifier of the UE and the address information of the switching node; notifying the first UE that the first UE corresponds to the first UE to go offline, and the notification carries the network identifier of the first UE And/or a private network IP address originally assigned to the first UE.
  • the identifier management node is further configured to: when the first UE goes offline, delete a mapping relationship between the network identifier of the first UE and a private network IP address; and notify the first UE The first UE is offline, and the notification carries the network identifier of the first UE and/or the private network IP address originally allocated to the first UE.
  • the converting node is further configured to: after receiving the notification that the first UE goes offline, delete the mapping relationship between the private network IP address of the first UE and the network identifier, and delete the established relationship. NAT and / or NAPT data flow mapping.
  • system further includes:
  • One or more access gateways configured to send an online message of the first UE to the identity management node when the first UE is online, where the online message carries the user identifier of the first UE, And the private network IP address allocated to the first UE; when the first UE goes offline, sending the offline message of the first UE to the identity management node, where the offline message is carried and assigned The private network IP address of the first UE.
  • system further includes:
  • An interworking node configured to receive, from the switching node, a data packet processed by the first UE through NAT and/or NAPT, and forward the data packet to the public network; and after receiving the data packet sent by the public network to the first UE, according to the The network identifier of the first UE queries the identifier management node for address information of the corresponding conversion node, and sends the data packet to the corresponding conversion node according to the queried address information.
  • Embodiment 5 An address translation apparatus is disposed on a conversion node, as shown in FIG. 6, and includes:
  • the query requesting module 51 is configured to: when receiving the first data packet from the first UE, query the network identifier corresponding to the private network IP address of the first UE; the network identifier is a public network IP address, or Public network IP address and port number segment;
  • the conversion module 52 is configured to record a mapping relationship between the private network IP address of the first UE and the queried network identifier, and send the data packet and the destination to the first UE according to the recorded mapping relationship.
  • the data packet of the first UE is subjected to address conversion and transmission.
  • the converting by the conversion module, performing address translation and sending on the data packet from the first UE and the data packet sent to the first UE according to the recorded mapping relationship:
  • the converting module establishes a NAT and/or NAPT data flow mapping relationship according to the relationship between the private network IP address of the first UE and the network identifier, and performs NAT and/or NAPT processing, including: coming from the first
  • the source IP address and port in the data packet of the UE are respectively converted into a public network IP address in the network identifier and a port in the port range defined by the network identifier, and the destination IP address and port in the data packet to be sent to the first UE. Convert to the private network IP address and port corresponding to the corresponding network identifier.
  • the device further includes:
  • Deleting a module configured to: after receiving the notification that the first UE is offline, according to the network identifier of the first UE carried in the notification, and/or the private network IP address originally allocated to the first UE And deleting a mapping relationship between the private network IP address of the first UE and the network identifier, and deleting the established NAT and/or NAPT data flow mapping relationship.
  • Embodiment 6 is a network identifier control device, which is disposed on the identifier management node, as shown in FIG. 7, and includes:
  • the update module 61 is configured to: after the first UE goes online, query the corresponding network identifier according to the user identifier of the first UE, record the queried network identifier, and allocate the identifier to the first UE.
  • the mapping relationship between the private network IP addresses; the network identifier is a public network IP address, or a public network IP address and a port number segment;
  • the querying module 62 is configured to: after receiving the request for the conversion node to query the network identifier, query the corresponding network identifier according to the private network IP address of the first UE that is carried in the request, and return the result to the conversion node as a query result. .
  • the updating module is further configured to: when the network identifier corresponding to the user identifier of the first UE is not found, select an idle public network IP address, or an idle public network IP address and an idle port number segment, or The non-idle public network IP address and the idle port number segment are used as the network identifiers allocated to the first UE, and the correspondence between the user identifiers of the first UE and the assigned network identifiers is saved; A mapping relationship between the network identifier and a private network IP address assigned to the first UE.
  • the querying module is further configured to: after querying the corresponding network identifier according to the private network IP address of the first UE that is carried in the request, if the private network IP address corresponding to the first UE is queried The network identifier is returned to the conversion node as a query result; if not, the query returns a result of the query without the UE to the conversion node; or, the idle public IP address is selected. Or the idle public network IP address and the idle port number segment, or the non-idle public network IP address and the idle port number segment, as the network identifier allocated to the first UE, and the user identifier of the first UE is saved. Corresponding relationship between the assigned network identifier and the mapping between the private network IP address of the first UE and the allocated network identifier, and returning the allocated network identifier as a query result to the conversion node.
  • the updating module is further configured to: after the query module receives the request for the conversion node to query the network identifier, obtain the address information of the conversion node that queries the network identifier, and record the user identifier of the first UE and / Correspondence between the network identifier and the address information of the conversion node.
  • the updating module is further configured to: according to the address information of the new conversion node, when a new conversion node requests to query a network identifier corresponding to the private network IP address of the first UE Updating a correspondence between the user and/or the network identifier of the first UE and the address information of the switching node; notifying the first UE that the first UE corresponds to the first UE to go offline, and the notification carries the first A network identity of a UE and/or a private network IP address originally assigned to the first UE.
  • the updating module is further configured to: after the first UE goes offline, delete a mapping relationship between the network identifier of the first UE and a private network IP address.
  • the updating module is further configured to: after the mapping between the network identifier of the first UE and the private network IP address is deleted, notify the first UE that the first UE corresponds to the first node In the line, the notification carries the network identifier and/or the private network IP address originally allocated to the first UE.
  • Embodiment 1 an address conversion method, as shown in FIG. 8, includes steps 101-104:
  • the AGW sends an online message of the first UE to the identity management node, where the user identifier of the first UE and the private network IP address allocated by the AGW to the first UE are included.
  • the identifier management node queries the network identifier corresponding to the user identifier of the first UE, and records a mapping relationship between the queried network identifier and the private network IP address of the first UE.
  • the network identifier is a public network. IP address, or public network IP address and port number segment;
  • the enhanced switching node sends a network identity query request to the identity management node, where the first network packet from the first UE is received, where the private network IP address of the first UE is carried, that is, the data is Source IP address of the packet; the identity management node returns the queried network identifier;
  • the enhanced conversion node records the mapping relationship between the private network IP address of the first UE and the queried network identifier, and sends the data packet from the first UE to the foregoing according to the recorded mapping relationship.
  • the data packet of the first UE is subjected to address translation and transmission.
  • Example one the situation that the first UE goes offline and switches the enhanced conversion node can be referred to Example one. See also the first embodiment for other processing details.
  • Embodiment 2 A UE address translation system, the system includes an AGW, an Enhanced Translation Node, and an IDMN (Identifier Management Node) deployed in a service area; optionally, The system may also include an IWN (Interworking Node).
  • AGW Access Management Node
  • IDMN Identity Management Node
  • IWN Interworking Node
  • the AGW is configured to: when the UE goes online, allocate a private network IP address to the UE, and send a UE online message to the IDMN; when the UE goes offline, send a UE offline message to the IDMN; send the data packet from the UE to The eTN receives the data packet sent by the eTN and forwards the data packet to the corresponding UE.
  • the AGW selects the eTN corresponding to the UE according to the distribution policy, and sends all the data packets from the UE to the eTN;
  • the AGW reselects the eTN corresponding to the UE, and sends all data packets from the UE to the reselected eTN.
  • the eTN is configured to: when receiving the first data packet sent by the first UE, query the IDMN for the corresponding network identifier according to the source IP address of the first data packet, and establish a private network IP address and the network identifier.
  • multiple eTNs can form a pool of device nodes, and the device services in the pool are connected to the same IDMN by the AGW and the UE of the corresponding area.
  • the IDMN is configured to pre-store a mapping relationship between the user identifier and the network identifier.
  • the network identifier corresponding to the user identifier of the first UE is searched, and the first UE is recorded. a mapping relationship between the private network IP address and the discovered network identifier; when receiving the UE offline message sent by the AGW, deleting the mapping relationship between the corresponding network identifier and the private network IP address;
  • the network identity query request from the eTN is returned, the network identifier corresponding to the private network IP address is returned, and the network identifier and the location identifier are established. Correspondence relationship.
  • the IDMN is further configured to: when receiving the first UE online message sent by the AGW, notify the AGW if the user identifier of the first UE does not have a corresponding network identifier, or be the first UE The network identifier is selected, and the mapping relationship between the user identifier of the first UE and the selected network identifier is saved, and the mapping relationship between the private network IP address of the first UE and the selected network identifier is recorded.
  • the IDMN is further configured to return the recorded eTN address, that is, the location identifier, when the IWN needs to query the eTN through which the user data stream flows.
  • the IWN is located on the interface between the access network and the public network (which may be, but is not limited to, the Internet), and is configured to receive the data packet sent by the UE to the public network and forward the data packet to the public network; after receiving the data packet sent by the public network to the UE, according to the The network identifier queries the IDMN for the location identifier of the UE, and sends the data packet to the corresponding eTN according to the queried location identifier.
  • the public network which may be, but is not limited to, the Internet
  • FIG. 9 is a structural diagram of a system provided by an embodiment of the present invention, where:
  • AGW in addition to the basic functions listed in Figure 1, also needs to enable the following features:
  • the UE When the first UE goes online or goes offline, the UE sends an uplink or offline message to the IDMN, where the message carries the user identifier and the private IP address assigned by the AGW;
  • the AGW configures the distribution policy to select the eTN, and sends all the data packets from the first UE to the eTN;
  • the AGW can reselect the eTN and send all data packets from the first UE to the eTN.
  • mapping entry table (can be, but is not limited to, stored in the mapping entry table, one entry in the mapping entry table corresponds to a NAT and/or NAPT data flow mapping relationship), if there is a mapping entry corresponding to the data packet, it is not the first data packet, If it does not exist, further query the network identifier according to the private network IP address carried in the data packet. If the record can be queried, it is not the first data packet. If the record cannot be queried, it is considered to be the first data packet; Query the network identifier of the private network IP address query in the private network IP address and network identifier mapping table.
  • the corresponding network identifier is queried to the IDMN according to the private network IP address of the data packet, and the mapping relationship between the private network IP address and the network identifier that is queried is saved; In the private network IP address and network identifier mapping table;
  • mapping relationship between the private network IP address of the first UE and the network identifier establish a NAT and/or NAPT data flow mapping relationship for the data packet from the first UE or the first UE, and perform NAT and/or Or NAPT processing, in which the source address and port in the IP packet sent to the public network are replaced by the IP address corresponding to the network identifier and a port in the port range.
  • the eTN is further configured to establish a private network IP address and a network identifier mapping table.
  • Multiple eTNs can form an eTN node pool, serve the AGW and UE of the corresponding area, and connect to the same IDMN.
  • IDMN The functions of IDMN include:
  • mapping relationship between the user identifier and the network identifier assigned to the user identifier is saved; and may be, but is not limited to, being saved in the user identifier and the network identifier mapping table;
  • the interworking node or other eTN needs to query the eTN through which the data stream of the UE flows, the address information of the recorded eTN, that is, the location identifier, is returned.
  • the eTN is further configured to establish a user identifier and a network identifier mapping table.
  • IWN an interface between the access network and the public network.
  • the main functions are as follows:
  • FIG. 10 is a schematic diagram of deployment of a system provided by Embodiment 2 in multiple AGWs and eTNs;
  • the AGW adopts a pooled deployment solution. Multiple AGWs form a device pool. In the service area where the AGW pool is responsible, the UE can access any AGW in the pool to increase deployment flexibility. The reliability of the service; regardless of which AGW the UE accesses, the accessed AGW will send the UE's online message to the IDMN, so that the IDMN can record the mapping relationship between the network identifier of the UE and the assigned private network IP address.
  • the solution provided by the embodiment of the present invention can support the deployment scenario of the AGW pooling, and simultaneously support the eTN adopting the pooling deployment solution.
  • the AGWs in the AGW pool belong to the same IDMN (one IDMN can be distributed in one or more devices, and the existing devices can be multiplexed).
  • the AGW sends the The IDMN of the service area sends an online message of the UE.
  • the AGW sends the UE to the IDMN of the service area. Offline message.
  • the AGW pool communicates with all eTNs in the same service area; when receiving the data packet from the first UE, an eTN in the eTN pool is selected according to the policy and all data packets from the first UE are forwarded. To the selected eTN.
  • the specific policy may be, but is not limited to, performing a hash operation according to the private network IP address, and then selecting an eTN according to the calculated hash value, or adopting a round robin policy, selecting an eTN according to the order in which the UE goes online; and receiving the sending to the first UE.
  • the data packet is sent to the first UE through the access network.
  • the eTN pool includes multiple eTNs in a service area, and belongs to the same IDMN.
  • the eTN pool queries the home IDMN for the network identifier corresponding to the private network IP address of the first UE.
  • the appropriate interworking node is selected, and the NAT and/or NAPT operation is performed and then sent to the interworking node; when the data packet is sent to the user After performing NAT and/or NAPT, it will be sent to the AGW where the user is located according to the destination address of the data packet, that is, the private IP address of the user;
  • the AGW detects the device status, reselects the new eTN for the UE served by the eTN service, and forwards the subsequent data packet to the newly selected eTN, thereby ensuring that the service is not interrupted. Improve system reliability.
  • the IDMN is responsible for the allocation and management of network identifiers in an area.
  • the area includes an AGW pool and an eTN pool, and further includes one or more interworking nodes, all devices in the IDMN and AGW pools, all devices in the eTN pool, and interworking nodes. Connected to provide functions such as identity management, identity mapping maintenance, network identity query, and location identifier query.
  • FIG. 11 is a schematic diagram of a process of uplinking a UE and a data forwarding process according to an embodiment of the present invention, showing a process of going online of a UE and a process of accessing a data.
  • the specific steps include steps 400-412:
  • Step 400 The operator allocates a unique network identifier to the UE in the service area of the IDMN, and the IDMN establishes a mapping relationship between the user identifier and the network identifier, and saves the user identifier and the network. Identify the mapping table.
  • Step 401 The first UE goes online and initiates an access procedure to the AGW.
  • the AGW authenticates the user identifier of the first UE, and assigns a private IP address to the UE.
  • the AGW may be any one of the AGW pools of the service area of the IDMN.
  • Step 402 After the UE successfully accesses, the AGW sends an online message of the first UE to the IDMN, where the user identifier of the first UE and the private network IP address are carried.
  • Step 403 The IDMN saves the private network IP address corresponding to the user identifier, and directly or indirectly establishes a mapping relationship between the network identifier and the private network IP address according to the relationship between the pre-stored user identifier and the network identifier.
  • the direct mapping relationship between the network identifier and the private network IP address is established. Specifically, the mapping relationship between the network identifier and the private network IP address can be added to the mapping between the user identifier and the network identifier. UID, NID, private network IP address, or the mapping between the network identifier and the private network IP address based on the user ID, which is expressed as (NID, private network IP address);
  • Indirectly establishing a mapping relationship means establishing a mapping relationship between a user identifier and a network identifier, and a mapping relationship between the user identifier and the private network IP address, and indirectly obtaining the network identifier and the private network IP address through the two mapping relationships. Mapping relationship.
  • the network identifier corresponding to the user ID is not set in advance, you can select an idle public IP address, or an idle public IP address and an idle port number segment, or a non-idle public IP address and an idle port number segment. And as a network identifier corresponding to the identifier of the first UE, and storing a correspondence between the user identifier, the network identifier, and the private network IP address of the first UE.
  • Step 404 The IDMN returns an online response message of the first UE to the AGW.
  • Step 405 the first UE after the uplink initiates an Internet access procedure, and sends a data packet to the AGW, and the AGW selects the eTN according to the policy, and sends the data packet to the selected eTN.
  • Step 406 The eTN determines whether the data packet is the first data packet of the first UE. If it is the first data packet, step 407 is performed, otherwise step 412 is performed.
  • the specific judgment mode is to query the mapping table of the private network IP address and the network identifier according to the private network IP address carried in the source IP address field of the data packet. If the record can be queried, it is not the first data packet. It is considered to be the first data packet; or first query the NAT and/or NAPT data flow mapping relationship. If there is a mapping entry corresponding to the data packet, it is not the first data packet. If it does not exist, it is further based on the source IP address field of the data packet. The private network IP address carried in the private network IP address and network identifier mapping table. If the record can be queried, it is not the first data packet. If the query is not found, it is considered to be the first data packet.
  • the first data packet here refers to the first data packet received by the eTN from the UE, and does not specifically refer to the first data packet sent after the UE goes online.
  • Step 407 The eTN sends a network identity query request to the IDMN, where the private network IP address of the first UE is carried.
  • Step 408 The IDMN searches for the network identifier corresponding to the private network IP address from the mapping table of the network identifier and the private network IP address, and saves the address information of the eTN that sends the network identifier query request, that is, the RID, as the eTN passed by the first UE.
  • the network identifier corresponding to the private network IP address is queried, the network identifier is returned to the eTN as a query result; if the query is not found, the returned query result is empty.
  • the IDMN saves the RID and establishes a mapping relationship between the network identifier and the RID, which can be expressed as (UID, NID, private network IP address, RID), or (NID, RID), and is guaranteed to be sent to the first in other eTN or IWN.
  • the IDMN can be queried for the current service eTN of the first UE.
  • Step 409 The IDMN returns a network identity query response message to the eTN, and carries the query result.
  • Step 410 The eTN caches the mapping relationship between the network identifier and the private network IP address.
  • Step 411 The eTN establishes a NAT and/or NAPT entry of the data flow according to the mapping relationship between the network identifier and the private network IP address, completes the NAT and/or NAPT operation, and forwards the operation to the selected interworking node.
  • the public network IP address in the NAT and/or NAPT entries can only be the IP address defined by the network identifier.
  • the port can only select the port that is not occupied from the port range defined by the network identifier.
  • the eTN discards the data packet according to the local policy or performs a dynamic NAT and/or NAPT operation.
  • Step 412 After receiving the subsequent data packet from the first UE, the eTN performs NAT and/or NAPT operations according to the mapping relationship between the previously cached network identifier and the private network IP address, and forwards the operation to the selected interworking node.
  • step 406 For specific determination process as to whether it is a subsequent data packet, see step 406.
  • the network identity allocation process and the data packet transmission process are implemented, and the transmitted data packet carries the network identifier (ie, the public network IP address or the public network IP address and port) allocated to the UE.
  • the network identifier ie, the public network IP address or the public network IP address and port
  • FIG. 12 is a schematic diagram of a UE data packet receiving process according to an embodiment of the present invention. After the first UE goes online and successfully sends data to the Internet, the Internet or other UEs in the network send the first UE data packet. Scene. For the sake of simplicity, only the scenario in which the IWN sends a data packet to the first UE is shown in the figure, including steps 501-509; the sending process of the eTN is the same.
  • Step 501 The first UE is online, and the first UE online access procedure and the data packet sending process shown in FIG. 4 are completed.
  • Step 502 The IWN receives the data packet sent to the first UE, and locally queries the relationship between the network identifier and the location identifier according to the network identifier of the first UE carried in the destination address of the data packet. Then, step 503 is performed to query the IDMN. Otherwise, step 508 is executed to forward the data packet to the corresponding eTN according to the queried location identifier.
  • Step 503 The IWN sends a location query request to the IDMN, where the network identifier of the first UE is carried.
  • Step 504 The IDMN queries the location identifier corresponding to the network identifier, that is, the address information of the eTN currently serving the first UE.
  • Step 505 The IDMN returns a location query response message to the IWN, and carries the location identifier.
  • Step 506 the IWN saves the mapping relationship between the network identifier and the location identifier, and forwards the data packet to the corresponding eTN.
  • Step 507 the eTN performs NAT and/or NAPT conversion, and sends the converted data packet to the AGW, and the AGW sends the data to the first UE through the access network;
  • Step 508 If the IWN receives the subsequent data packet sent to the first UE, the mapping relationship between the network identifier and the location identifier can be locally queried in step 502; and the data packet is forwarded to the corresponding according to the result of the query. eTN;
  • Step 509 is the same as step 507.
  • the data packet with the network identifier as the destination address can be correctly sent to the corresponding UE.
  • FIG. 13 is a schematic diagram of a process for replacing an eTN according to an embodiment of the present invention, showing that an eTN reselection occurs during a UE communication process, such as an eTN downtime, a link terminal between an AGW and an eTN, and the AGW will
  • the process of reselecting the appropriate eTN to continue the service for the UE includes steps 601-614.
  • Step 601 When the first UE is performing the communication service through the first eTN, and the data packet is being sent or the data packet is being received, the AGW detects that the first eTN exits the service, and selects another eTN in the eTN pool according to the routing policy, such as the second. eTN;
  • Step 602 After receiving the data packet, the second eTN determines whether the data packet is the first data packet of the first UE, because the AGW sends the data packet of the first UE to the second eTN for the first time, so it is determined to be the first The data packet, the specific judgment manner is shown in step 406 of FIG. 4;
  • Steps 603 to 608 are the same as steps 407 to 412, respectively, except that the eTN is changed to the second eTN, and the second eTN queries the mapping relationship between the private network IP address and the network identifier, and performs NAT and/or according to the mapping relationship.
  • NAPT operation performing data packets from the first UE Convert and send;
  • Step 609 After receiving the network identifier query request of the second eTN, the IDMN learns that the first UE has switched from the first eTN to the second eTN, and the IDMN sends a delete UE request message to the first eTN to notify the first eTN.
  • the first UE has left the node;
  • Step 610 The first eTN deletes the mapping relationship between the network identifier of the locally saved first UE and the private network IP address, and the corresponding NAT and/or NAPT entry, and no longer provides services for the first UE.
  • Step 611 The first eTN returns a delete UE request response to the IDMN.
  • Step 612 the IDMN sends a location change notification message to the IWN, carrying the network identifier of the first UE and the location identifier of the second eTN, and informing the IWN that the first UE has moved to the second eTN;
  • Step 613 The IWN updates the mapping relationship between the network identifier of the first UE and the location identifier, and replaces the location identifier of the first eTN in the original mapping relationship with the location identifier of the second eTN.
  • step 614 the IWN returns a location change notification response message to the IDMN.
  • the subsequent IWN receives the data packet sent to the first UE, and sends the data packet to the second eTN according to the updated mapping relationship.
  • the new eTN can be selected to continue to provide services for the UE, ensuring uninterrupted services, and enabling pooled deployment.
  • FIG. 14 is a schematic diagram of a UE offline process according to an embodiment of the present invention, showing a process in which the first UE on the uplink leaves the network and goes offline, including steps 701-710.
  • Step 701 The first UE goes offline.
  • the first UE goes offline and/or the first UE is in a location switch, so that the first UE leaving the attached AGW can be regarded as the first UE going offline.
  • Step 702 The AGW sends an offline message of the first UE to the IDMN, where the user identifier of the first UE is carried.
  • Step 703 The IDMN deletes the corresponding network identifier and the private network IP address according to the user identifier.
  • Step 704 the IDMN returns an offline message response to the AGW.
  • Step 705 The IDMN sends a downlink notification message of the first UE to the corresponding eTN according to the location identifier, where the network identifier of the first UE and the private network IP address are carried.
  • Step 706 The eTN deletes a mapping relationship between the network identifier of the first UE and the private network IP address, and the established NAT and/or NAPT entry.
  • Step 707 The eTN returns an offline notification response to the IDMN.
  • Step 708 The IDMN sends an offline notification message of the first UE to the IWN, where the network identifier of the first UE is carried.
  • Step 709 The IWN deletes a mapping relationship between the network identifier of the first UE and the location identifier.
  • Step 710 The IWN returns an offline notification response to the IDMN.
  • the offline process of the first UE is completed, and the eTN and the IWN are no longer served by the first UE.
  • Embodiments of the present invention also provide a storage medium.
  • an execution instruction is stored in the storage medium, and the execution instruction is used to execute the foregoing method.
  • the foregoing storage medium may include, but is not limited to, a USB flash drive, a Read-Only Memory (ROM), and a Random Access Memory (RAM).
  • ROM Read-Only Memory
  • RAM Random Access Memory
  • an address translation method, apparatus, and system, and network identity control method and apparatus provided by the embodiments of the present invention have the following beneficial effects: since the network identifier is corresponding to the user identifier of the UE, it can be used in the public network. A fixed network identifier indicates the UE, thereby meeting the requirements in terms of traceability, security, and flexible deployment.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Small-Scale Networks (AREA)

Abstract

L'invention concerne un procédé, un dispositif et un système de conversion d'adresse, ainsi qu'un procédé et un dispositif de commande d'identité de réseau. Le procédé consiste : à, lorsqu'un premier équipement utilisateur (UE) vient en ligne, demander, au moyen d'un nœud de gestion d'identité, une identité de réseau correspondant à une identité d'utilisateur du premier UE, et enregistrer une relation de mappage entre l'identité de réseau trouvée et une adresse de protocole Internet (IP) de réseau privé attribuée au premier UE, l'identité de réseau étant une adresse IP de réseau public, ou une adresse IP de réseau public et un segment de numéro de port ; à, lorsqu'un nœud de conversion reçoit le premier paquet de données en provenance du premier UE, interroger le nœud de gestion d'identité pour une identité de réseau correspondant à l'adresse IP de réseau privé du premier UE ; à enregistrer une relation de mappage entre l'adresse IP de réseau privé du premier UE et l'identité de réseau trouvée, et réaliser une conversion et une transmission d'adresse sur le paquet de données provenant du premier UE et le paquet de données envoyé au premier UE selon la relation de mappage enregistrée. La présente invention peut identifier un UE dans un réseau public par l'intermédiaire d'une identité de réseau fixe.
PCT/CN2016/104079 2015-11-24 2016-10-31 Procédé, dispositif et système de conversion d'adresse, procédé et dispositif de commande d'identité de réseau Ceased WO2017088628A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201510828029.3A CN106790732B (zh) 2015-11-24 2015-11-24 地址转换方法、装置及系统、网络标识控制方法及装置
CN201510828029.3 2015-11-24

Publications (1)

Publication Number Publication Date
WO2017088628A1 true WO2017088628A1 (fr) 2017-06-01

Family

ID=58763951

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2016/104079 Ceased WO2017088628A1 (fr) 2015-11-24 2016-10-31 Procédé, dispositif et système de conversion d'adresse, procédé et dispositif de commande d'identité de réseau

Country Status (2)

Country Link
CN (1) CN106790732B (fr)
WO (1) WO2017088628A1 (fr)

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111385377A (zh) * 2020-03-03 2020-07-07 深信服科技股份有限公司 一种ip地址冲突处理方法、设备及存储介质
CN112511658A (zh) * 2020-03-24 2021-03-16 中兴通讯股份有限公司 实现运营商级网络地址转换的方法、装置和系统
CN112600765A (zh) * 2020-12-02 2021-04-02 杭州迪普科技股份有限公司 一种配置资源调度方法及装置
CN113225409A (zh) * 2021-05-27 2021-08-06 北京天融信网络安全技术有限公司 一种nat负载均衡访问方法、装置及存储介质
CN113572868A (zh) * 2021-09-28 2021-10-29 武汉绿色网络信息服务有限责任公司 动态拨号上网方法及系统
CN115714984A (zh) * 2021-08-20 2023-02-24 维沃移动通信有限公司 数据处理方法、装置、终端、接入网设备及核心网设备
CN117812039A (zh) * 2024-02-24 2024-04-02 深圳赋乐科技集团有限公司 一种网络地址转换日志记录方法、系统、设备及介质

Families Citing this family (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110071984A (zh) * 2018-01-24 2019-07-30 中兴通讯股份有限公司 一种网络标识映射方法和系统以及终端、标识网关
CN108933845A (zh) * 2018-06-20 2018-12-04 新华三技术有限公司 一种公网ip地址分配方法和装置
CN109120746B (zh) * 2018-09-30 2022-04-15 新华三技术有限公司 网络地址转换方法、装置及地址转换设备
CN111385212B (zh) * 2018-12-29 2021-08-31 华为技术有限公司 数据传输技术及神经网络系统
CN111465001B (zh) * 2020-04-01 2023-05-02 中国联合网络通信集团有限公司 一种注册方法及装置
CN113810900A (zh) * 2020-06-12 2021-12-17 中兴通讯股份有限公司 网络接入方法、电子设备及存储介质
CN112637374B (zh) * 2020-12-15 2022-07-01 杭州迪普科技股份有限公司 转换地址处理方法、装置、设备及计算机可读存储介质
US12219437B2 (en) 2021-05-10 2025-02-04 Cisco Technology, Inc. Inter-network short message service among private and public 5G networks
CN113596192B (zh) * 2021-07-26 2024-02-20 绿盟科技集团股份有限公司 一种基于网闸组网的通信方法、装置、设备及介质
CN115767661A (zh) * 2021-09-03 2023-03-07 展讯半导体(南京)有限公司 通信方法及装置、接入网设备、计算机可读存储介质
CN113923707B (zh) * 2021-12-10 2022-04-05 中移(上海)信息通信科技有限公司 一种终端监测方法、装置、网络设备、控制系统和终端
CN114786121B (zh) * 2022-04-07 2024-06-11 中国联合网络通信集团有限公司 一种定位方法、装置、系统及存储介质

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7298742B2 (en) * 2002-07-25 2007-11-20 Leadtek Research Inc. Network address conversion system and the method thereof
CN101150598A (zh) * 2005-11-02 2008-03-26 中兴通讯股份有限公司 Cdma系统为用户分配固定ip地址的方法
CN101651606A (zh) * 2008-08-14 2010-02-17 华为技术有限公司 报文转发方法、装置及系统
CN102036227A (zh) * 2009-09-27 2011-04-27 中国移动通信集团公司 一种数据业务的用户标识获取方法、系统及装置
CN102695167A (zh) * 2012-05-18 2012-09-26 中国联合网络通信集团有限公司 移动用户身份标识管理方法和装置
CN102957754A (zh) * 2011-08-22 2013-03-06 中国电信股份有限公司 运营级网络地址转换方法、设备及网络系统
CN105306612A (zh) * 2014-07-15 2016-02-03 中兴通讯股份有限公司 获取终端在网络中的标识的方法及管理网元

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102790812B (zh) * 2012-07-31 2015-07-15 中国联合网络通信集团有限公司 基于移动终端的ip地址溯源方法、设备和系统
CN103139326B (zh) * 2013-03-06 2015-12-23 中国联合网络通信集团有限公司 Ip溯源方法、设备和系统

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7298742B2 (en) * 2002-07-25 2007-11-20 Leadtek Research Inc. Network address conversion system and the method thereof
CN101150598A (zh) * 2005-11-02 2008-03-26 中兴通讯股份有限公司 Cdma系统为用户分配固定ip地址的方法
CN101651606A (zh) * 2008-08-14 2010-02-17 华为技术有限公司 报文转发方法、装置及系统
CN102036227A (zh) * 2009-09-27 2011-04-27 中国移动通信集团公司 一种数据业务的用户标识获取方法、系统及装置
CN102957754A (zh) * 2011-08-22 2013-03-06 中国电信股份有限公司 运营级网络地址转换方法、设备及网络系统
CN102695167A (zh) * 2012-05-18 2012-09-26 中国联合网络通信集团有限公司 移动用户身份标识管理方法和装置
CN105306612A (zh) * 2014-07-15 2016-02-03 中兴通讯股份有限公司 获取终端在网络中的标识的方法及管理网元

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111385377A (zh) * 2020-03-03 2020-07-07 深信服科技股份有限公司 一种ip地址冲突处理方法、设备及存储介质
CN112511658A (zh) * 2020-03-24 2021-03-16 中兴通讯股份有限公司 实现运营商级网络地址转换的方法、装置和系统
CN112511658B (zh) * 2020-03-24 2024-04-30 中兴通讯股份有限公司 实现运营商级网络地址转换的方法、装置和系统
CN112600765A (zh) * 2020-12-02 2021-04-02 杭州迪普科技股份有限公司 一种配置资源调度方法及装置
CN113225409A (zh) * 2021-05-27 2021-08-06 北京天融信网络安全技术有限公司 一种nat负载均衡访问方法、装置及存储介质
CN115714984A (zh) * 2021-08-20 2023-02-24 维沃移动通信有限公司 数据处理方法、装置、终端、接入网设备及核心网设备
CN113572868A (zh) * 2021-09-28 2021-10-29 武汉绿色网络信息服务有限责任公司 动态拨号上网方法及系统
CN117812039A (zh) * 2024-02-24 2024-04-02 深圳赋乐科技集团有限公司 一种网络地址转换日志记录方法、系统、设备及介质
CN117812039B (zh) * 2024-02-24 2024-05-14 深圳赋乐科技集团有限公司 一种网络地址转换日志记录方法、系统、设备及介质

Also Published As

Publication number Publication date
CN106790732B (zh) 2020-04-10
CN106790732A (zh) 2017-05-31

Similar Documents

Publication Publication Date Title
WO2017088628A1 (fr) Procédé, dispositif et système de conversion d'adresse, procédé et dispositif de commande d'identité de réseau
US11026080B2 (en) Policy control function determining method, apparatus, and system
EP3491794B1 (fr) Routage de réseau virtuel vers des positions de point d'extrémité dynamique en support d'un acheminement de trafic basé sur le service
US9143483B2 (en) Method for anonymous communication, method for registration, method and system for transmitting and receiving information
US8711749B2 (en) Information obtaining and notification, data message forwarding and handover method and access node
US20100291943A1 (en) Method and Apparatus for Pooling Network Resources
US20100309881A1 (en) Mobile communication system and tunnel management method thereof
CN110463281A (zh) 接入网络选择
CN110476458A (zh) 网络发现
US20120176970A1 (en) Methods and systems for implementing inter-network roam, querying and attaching network
EP2466954B1 (fr) Procédé, système et routeur de passerelle d'accès pour gestion de transfert et gestion de données d'utilisateur lors d'un transfert
WO2009046666A1 (fr) Procédé d'adressage d'entité à fonction de décision de politique, élément de réseau et système de réseau
US20250061098A1 (en) Data migration system, method and apparatus for internet-of-things device, and storage medium
JP2018501745A (ja) トラブルシューティングの方法、装置、およびシステム
US8705471B2 (en) Method and system for implementing ID/locator mapping
CN104427568B (zh) 一种实现3gpp网络流量卸载的方法、装置
WO2017008288A1 (fr) Procédé de gestion d'adresses ip, dispositif, ancrage d'adresse ip et nœud mobile
CN112533236B (zh) 通信方法及装置
CN107615238B (zh) 接入本地网络的方法和相关设备
CN104168278A (zh) 一种ims域内语音业务切换方法、装置及系统
CN102547908B (zh) 表维护方法、系统和接入网关路由器
CN102546356B (zh) 一种保证标识网中移动节点服务质量的方法及系统
WO2012089030A1 (fr) Procédé, dispositif d'accès et dispositif d'authentification pour accès au réseau par de multiples procédés d'accès
JP5342070B2 (ja) 次世代ネットワークでの情報インタラクションの実現方法及びシステム
JP5112491B2 (ja) Ip基盤の有線無線統合ネットワークのための統合信号処理装置およびその方法

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 16867853

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 16867853

Country of ref document: EP

Kind code of ref document: A1