WO2009146621A1 - Data processing method, broadband network gateway, policy controller and access device - Google Patents

Data processing method, broadband network gateway, policy controller and access device Download PDF

Info

Publication number
WO2009146621A1
WO2009146621A1 PCT/CN2009/071456 CN2009071456W WO2009146621A1 WO 2009146621 A1 WO2009146621 A1 WO 2009146621A1 CN 2009071456 W CN2009071456 W CN 2009071456W WO 2009146621 A1 WO2009146621 A1 WO 2009146621A1
Authority
WO
WIPO (PCT)
Prior art keywords
data
user
service
value
information
Prior art date
Application number
PCT/CN2009/071456
Other languages
French (fr)
Chinese (zh)
Inventor
邹嵘
胡新宇
陈建
Original Assignee
华为技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 华为技术有限公司 filed Critical 华为技术有限公司
Publication of WO2009146621A1 publication Critical patent/WO2009146621A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/50Network service management, e.g. ensuring proper service fulfilment according to agreements
    • H04L41/5003Managing SLA; Interaction between SLA and QoS
    • H04L41/5019Ensuring fulfilment of SLA
    • H04L41/5022Ensuring fulfilment of SLA by giving priorities, e.g. assigning classes of service
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/18Protocol analysers
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L47/00Traffic control in data switching networks
    • H04L47/10Flow control; Congestion control
    • H04L47/24Traffic characterised by specific attributes, e.g. priority or QoS
    • H04L47/2441Traffic characterised by specific attributes, e.g. priority or QoS relying on flow classification, e.g. using integrated services [IntServ]

Definitions

  • the embodiments of the present invention relate to the field of communications technologies, and in particular, to a data processing method, a broadband network gateway, a policy controller, and an access device.
  • Background technique
  • IP Internet Protocol
  • IP-based network services such as video, voice and data Convergence, etc.
  • P2P Personalized peer-to-peer communication
  • users get sufficient bandwidth resources and services on demand.
  • the triple play service is a bundled business model that combines voice, data and video services.
  • VOIP voice over IP
  • IPTV Internet Protocol Television
  • VOIP and IPTV services are operated on the network side by physical or logical private network.
  • services are obtained through specific terminals, such as VOIP phones, set top boxes (STBs), etc.
  • STBs set top boxes
  • the access port on the gateway performs service differentiation.
  • service quality the service quality of different services according to the definition (Quality of Service, Qos) Level and bandwidth guarantees are scheduled.
  • the development speed of the Internet far exceeds the development speed of the telecommunication network, and Internet-based applications are emerging one after another, such as Internet video sharing, video on demand, Internet telephony, P2P file sharing, and instant messaging. It is foreseeable that Internet-based flexibility and scalability will be increasingly supported by the Internet. These applications, especially multimedia applications, have higher requirements for bandwidth and QoS. For example, some video-on-demand websites attract a large number of users to watch videos online, and users hope to obtain more stable effects and experiences. The current approach to the use of extensive and best-effort services for Internet data services clearly does not meet the needs of users.
  • FIG. 1 is a schematic structural diagram of a triple play system in the prior art, taking DSL access as an example.
  • a Digital Subscriber Line Access Multiplexer (DSLAM) and a Broadband Remote Access Server (BRAS) define different virtual local area networks according to the type of service (Virtual Local Area Network (VLAN), specifically, the Internet data service is divided into one VLAN, one VLAN of the VOIP service, one VLAN of the multicast service in the video, one VLAN of the on-demand service, and the service traffic is isolated in this way; the home gateway (Home Gateway) (HG) and DSLAM also divide different permanent virtual channels (PVCs) according to service types; HG differentiates services according to different terminal access ports, such as computers, IPTV set-top boxes, and VOIP phone access ports.
  • VLAN Virtual Local Area Network
  • HG home gateway
  • PVCs permanent virtual channels
  • the traffic is forwarded to the DSLAM through different PVCs.
  • the DSLAM maps the traffic from different PVCs to different VLANs and forwards them to the BRAS.
  • the bandwidth and QoS priority of different PVCs and VLANs are pre-planned.
  • both the BRAS and the HG judge the service type through the port of the data traffic, and then perform scheduling and forwarding through different forwarding channels (such as PVC and VLAN),
  • the service data is deeply divided and processed, which cannot meet the user's business requirements, and the service quality is low.
  • the embodiments of the present invention provide a data processing method, a broadband network gateway, a policy controller, and an access device, which are used to solve the defect that the service type is determined only by the port of the data traffic in the prior art, and the service quality is low.
  • In-depth detection of user service data prioritizes part of traffic through the planned service channel to improve service quality.
  • the embodiment of the invention provides a data processing method, including:
  • the embodiment of the invention provides a broadband network gateway, including:
  • a first receiving module configured to receive data and determine a user to which the data belongs
  • a determining module configured to determine, according to data processing policy information of the user to which the data belongs, whether to perform deep packet detection on the data
  • a detecting module configured to perform deep packet inspection on the data according to the indication of the determining module, to obtain a service type of each data stream in the data;
  • a table management module configured to identify, according to the data processing policy information and a service type of each data stream in the data, a data flow in which the service type in the data is the same as the value-added service type subscribed by the user;
  • a forwarding module configured to perform scheduling and forwarding on the data flow identified by the table management module.
  • the embodiment of the invention provides a policy controller, including:
  • a first sending module configured to send user service policy information to the broadband network gateway, where
  • the service policy information of the user includes the service type information of the value-added service subscribed by the user and the corresponding processing policy;
  • a second receiving module configured to receive service type information of each data stream in the data obtained by performing deep packet detection processing on the data sent by the broadband network gateway.
  • An embodiment of the present invention provides an access device, including:
  • a third receiving module configured to receive data
  • a second sending module configured to forward the data to a preset value-added service channel according to the control information, where the control information is used to indicate that the access device compares data corresponding to the value-added service subscribed by the user,
  • the preset value-added service channel is forwarded.
  • FIG. 1 is a schematic structural diagram of a triple play system in the prior art
  • FIG. 2 is a schematic structural diagram of an embodiment of a data processing system according to the present invention.
  • FIG. 3 is a flow chart of an embodiment of a data processing method according to the present invention.
  • Embodiment 4 is a schematic structural diagram of Embodiment 1 of a broadband network gateway according to the present invention.
  • Embodiment 2 of a broadband network gateway according to the present invention is a schematic structural diagram of Embodiment 2 of a broadband network gateway according to the present invention.
  • FIG. 6 is a schematic structural diagram of an embodiment of a policy controller according to the present invention.
  • FIG. 7 is a schematic structural diagram of an embodiment of an access device according to the present invention. detailed description
  • FIG. 2 is a schematic structural diagram of an embodiment of a data processing system according to the present invention.
  • a plurality of user terminals for performing different services such as a computer, an IPTV set-top box, and a VOIP, are shown in FIG.
  • the telephone is connected to the HG, and the HG is an access interface for the data traffic that the user terminal interacts with the network; the HG is connected to the DSLAM, and one or more deep packet inspections are established between the HG and the DSLAM according to different service types (deep packet inspection, DPI) Value-added service PVC; DSLAM is connected to Broadband Network Gateway (BNG), and one or more DPI value-added service VLANs are established between DSLAM and BNG. Each value-added service can use one VLAN or more. The value-added service uses a single VLAN.
  • DPI deep packet inspection
  • the Internet data service is divided into one VLAN, the VOIP service is a VLAN, the video is a multicast service, and the on-demand service is a VLAN.
  • service traffic is isolated.
  • BNG is the network exit. Data interaction with the network side, adding a service-aware functional module on the BNG, so that the BNG has the ability to analyze the content of the network data traffic, and to sense the services and applications of the bearer.
  • a value-added service channel is planned between the network egress BNG and the user terminal egress HG.
  • the value-added service data is preferentially scheduled to improve service quality.
  • the operator can release the DPI value-added service through the service platform.
  • the value-added service can be classified according to the service-aware capability of the DPI device, and the identifiable one or more application types are preferentially scheduled as a type of value-added service, such as a network flow.
  • Media acceleration, online game acceleration, voice acceleration, and more Users can subscribe to such value-added services through the login operator portal, and operators can set flexible tariff standards for value-added services.
  • the user logs in to the service platform and selects the DPI value-added service.
  • the service platform delivers the value-added service information subscribed by the user to the control platform.
  • the policy controller in the control platform dynamically generates the DPI service policy, that is, the user service policy information according to the user's selection, and the user service policy.
  • the information includes the service type of the value-added service subscribed by the user and the corresponding processing policy.
  • the processing policy is to instruct the BNG to perform DPI detection on the service data subscribed by the user, and deliver the user service policy information to the BNG to indicate the specific user. Internet data performs DPI detection.
  • the DPI service policy can be proactively delivered to the corresponding BNG by the policy controller, or can be detected by the BNG when the user first goes online.
  • the user goes online and actively obtains the user's DPI service policy from the policy controller.
  • the BNG Based on the DPI service policy of the user, the BNG performs DPI detection on the high speed internet (HIS) data stream of the user who subscribes to the DPI value-added service, marks the value-added service data stream, and schedules forwarding through the specified DPI VLAN.
  • the HSI data is still forwarded through the HSI VLAN.
  • the DPI PVC corresponding to the DPI VLAN of the forwarding channel is pre-planned and then sent to the user terminal.
  • the DPI module in the BNG can also report the detection result to the control platform.
  • the policy controller policy controller
  • ITMS terminal management control system
  • ACL dynamic access control list
  • Step 100 Receive data, and determine, according to data processing policy information of a user to which the data belongs, whether the data needs to be deepened. Packet detection; If deep packet inspection is required on the data, step 101 is performed, otherwise the data is processed according to techniques well known in the art.
  • the BNG After receiving the data, the BNG first determines which user the data belongs to, and can judge according to the IP address of the data or the media access control (MAC) address, etc., which can identify the identity of the user; After the data belongs to which user, the data processing policy information of the user is searched, and according to the data processing policy information, it is determined whether DPI detection needs to be performed on the received data.
  • the data processing policy information includes two information tables, which are respectively users.
  • the service policy information and the data flow state information wherein the user service policy information records the value-added service information subscribed by the user, and the data flow state information records the service type and related information of each data flow flowing through the BNG.
  • the two conditions should be met at the same time, that is, the record of the service type of the data flow in the data flow state information is unknown, and the user service policy information records that the user has subscribed to the value added.
  • the data received by BNG this time is new data for BNG, here
  • the other data streams related to the data are not received before, so there is no service type record related to the data stream in the data flow state information; in addition, the user must be subscribed to the user of the value-added service of a certain service type, The judgment is made based on the above trigger conditions.
  • Step 101 Perform deep packet inspection on the data, and obtain a service type of each data stream in the data.
  • the BNG sends the received data to the DPI module for DPI detection, and performs deep packet inspection processing on the data.
  • the operator can sense the services carried in the data stream.
  • the DPI can detect the payload of the network data packet, thereby identifying the service type of the data stream, and then achieving network traffic control. purpose. Through the depth detection of the data payload, the service type information of each data stream in the data can be obtained.
  • Step 102 Identify, according to the data processing policy information and the service type of each data stream in the data, a data flow in which the service type in the data is the same as the value-added service type subscribed by the user;
  • the BNG After detecting the service type of each data stream in the data, the BNG first searches for the value-added service type subscribed by the user in the user service policy information, and compares the service types of the data streams with the same value-added service type that the user subscribes to. If the type is the same, the data flow in the data type is the same as the value-added service type subscribed by the user, and the data flow state information is the same as the value-added service type subscribed by the user.
  • the service type is marked as "value added service”; for the data flow in which other service types in the data do not match the value-added service type subscribed by the user, the service type table of the data flow is marked as "non-value added service" in the data flow status information.
  • the user subscribes to the value-added service related to "network game acceleration", and the user service policy information of the user sent to the BNG under the network will record information that the user has subscribed to the value-added service whose service type is "network game”.
  • the BNG receives the data and performs DPI detection on it, it obtains the service type of each data stream in the data, for example Including the "online game” service type and the "video call” service type; then, the BNG compares the user's business policy information with the service type of the "network game” data stream in the data flow status information as "value added service", which will be related
  • the service type of the "video call” data stream is marked as "non-value added service” for subsequent use in forwarding data.
  • Step 103 Perform scheduling and forwarding on the identified data flow.
  • the BNG After the BNG updates the data flow state information, after performing the operation of identifying the data flow with the same service type as the value-added service type subscribed by the user in step 102, the BNG is forwarded according to the data flow state information.
  • the data flow status information is not only marked with the service type of the data stream, but also related information for forwarding the destination address of each data stream.
  • the data flow of the value-added service type will be forwarded through the preset value-added service channel, and the data flow of the non-value-added service type will be forwarded through the original forwarding channel.
  • the data flow corresponding to the value-added service subscribed by the user is scheduled to be forwarded through a preset value-added service channel; if the data is uplink data, the data is identified.
  • the data flow corresponding to the value-added service subscribed by the user is preferentially scheduled and forwarded.
  • the preset value-added service channel is a value-added service channel that meets the planned Qos indicator in a static or dynamic manner on the data transmission path device before receiving the processed data.
  • the uplink data refers to data flowing from the user terminal to the Internet
  • the downlink data refers to data sent from the Internet to the user terminal.
  • the value-added service channels include DPI VLAN between BNG and DSLAM and DPI PVC between DSLAM and HG, with a certain identification tag.
  • the data is forwarded to the DSLAM through which DPI VLAN, and then which DPI PVC is forwarded to the HG, which has been set.
  • the BNG sets the identification tag for the value-added service data
  • the data can be sent through the set value-added service channel. Go to the user terminal.
  • the scheduling forwarding process is: the BNG forwards the downlink data to the digital subscriber line access multiplexer DSLAM according to the identification tag, and the DFM VLAN corresponding to the identification tag; the DSLAM is configured according to the identification label, Forwarding the downlink data to the home gateway through a DPI PVC corresponding to the identification tag
  • the HG sends the downlink data to a user terminal.
  • the BNG can also tag the data packets of the value-added service with different "DPI VLAN TAG", and then forward the user data to the corresponding DSLAM through the corresponding DPI VLAN priority scheduling according to the data flow state information; the DSLAM is mapped according to the "DPI VLAN TAG" DPI PVC, HG performs priority scheduling according to DPI PVC.
  • the BNG After marking the service data subscribed to by the user, the BNG forwards the data to the user terminal according to the pre-planned value-added service channel.
  • the method provided in this embodiment also has the following situation: when there is no data flow corresponding to the value-added service in the data received by the BNG, the data is directly forwarded through the channel of the normal service data; and, when passing through the BNG The data received, the data flow status information is searched, and the service type of each data stream is known. The DPI detection is not required, and the data flow corresponding to the value-added service can be directly forwarded through the preset channel.
  • the user service policy information when the BNG performs deep packet detection on the data flowing through the BNG, the user service policy information is used, and the user service policy information may be actively sent by the policy controller to the corresponding BNG. It is received by the BNG. When the BNG detects that the user is online for the first time, the BNG actively obtains the user service policy information from the policy controller.
  • the service platform divides the value-added service according to the DPI detection capability of the BNG, and prioritizes the identifiable one or more application types as a type of value-added service, such as network streaming acceleration, network game acceleration, and voice acceleration.
  • the supported value-added services are released to users; users can subscribe to such value-added services through the login portal.
  • the control platform generates the user service policy information according to the subscription information of the user, and sends the information to the BNG, which is used to instruct the BNG to perform priority scheduling processing on the value-added service data of the specific user.
  • the BNG After performing the DPI detection on the data, the BNG also reports the detection result to the control platform. Specifically, the BNG sends the detection result information of the deep packet detection processing to the data to the control platform, where the result information includes each data. Traffic type information of the data stream; the control platform sends a control letter to the HG and/or the DSLAM according to the detection result information The control information is used to indicate that the HG and/or the DSLAM will forward data corresponding to the value-added service subscribed by the user, by using the set value-added service channel.
  • the policy controller or the terminal management control system or other management control system in the control platform sends dynamic control information to the HG and/or the DSLAM, such as a dynamic ACL, indicating that the HG and/or the DSLAM are added to the value-added service.
  • the data stream is forwarded through the corresponding value-added service channel.
  • the HG and/or the DSLAM forwarding the data through the set value-added service channel according to the control information includes: sending, by the HG, the data to the DPI PVC in the value-added service channel, to the The DSLAM; and/or the DSLAM transmits the uplink data to the broadband network gateway BNG through the DPI VLAN in the value-added service channel.
  • the data is mapped to the DPI PVC/VLAN according to the control information sent by the policy controller on the HG and/or the DSLAM, depending on whether the HG and/or DSLAM support the dynamic ACL configuration and matching delivered by the policy controller, if HG and DSLAM Neither can support this dynamic configuration and matching, then the data stream reaches the BNG through the HIS VLAN, and then the BNG sends the data to the network.
  • the data processing method provided by the embodiment of the present invention provides a value-added service solution for network applications, and provides a method for identifying and managing Internet traffic. Partial traffic is preferentially scheduled through the planned value-added service channel; operators can carry out value-added services and obtain high returns based on this, and users can obtain higher service quality.
  • the data processing method of the value-added service provided by this embodiment is not limited to the Internet application, and may also be planned, segmented, and operated according to requirements for other network service traffic.
  • the network gateway includes a first receiving module 11, a determining module 12, a detecting module 13, a table management module 14, and a forwarding module 15, wherein the first receiving module 11 is configured to receive data and determine a user to which the data belongs; Determining whether the deep data check needs to be performed on the data according to the data processing policy information of the user to which the data belongs, and notifying the detecting module 13 when the deep data check needs to be performed on the data; Performing deep packet detection on the data to obtain a service type of each data stream in the data; the table management module 14 is configured to: according to the data processing policy information and the service type of each data stream in the data, The data stream in the data is identified by the same data type as the value-added service type subscribed by the user.
  • the forwarding module 15 is configured to perform scheduling and forwarding on the identified data stream.
  • the first receiving module 11 determines, according to the received data packet, which user belongs to the user, which may be determined according to the information such as the IP address or the MAC address of the data packet that can identify the identity of the user; After learning which user the data belongs to, the data is sent to the judging module 12, and the judging module 12 judges whether DPI detection is needed for the data, and DPI detection is required when the following two conditions are met simultaneously, the condition is
  • the record of the service type of the data flow in the data flow state information is unknown, and the user service policy information records that the user has subscribed to the value-added service, wherein the data flow state information and the user service policy information constitute the user's data processing strategy. information.
  • the data is sent to the detection module 13 according to the processing policy corresponding to the value-added service type subscribed by the user in the user service policy information, and the DPI is detected by the detection module 13 to obtain the DPI detection.
  • the service type of each data stream in the data; and then the data flow state information is updated by the table management module 14, that is, the data flow in the data type is the same as the value-added service type subscribed by the user, and the table management is performed.
  • the module 14 is responsible for storing and managing the data flow state information and the user policy information, and the data processing policy information of the user used by the determining module 12 and the forwarding module 15 for processing the data is obtained from the table management module 14;
  • the user service policy information stored in the module 14 can also be received by the first receiving module 11 and stored in the table management module 14, where the user service policy information includes the user subscription.
  • Business type information of value-added services are responsible for storing and managing the data flow state information and the user policy information, and the data processing policy information of the user used by the determining module 12 and the forwarding module 15 for processing the data is obtained from the table management module 14;
  • the user service policy information stored in the module 14 can also be received by the first receiving module 11 and stored in the table management module 14, where the user service policy information includes the user subscription.
  • Business type information of value-added services are examples of value-added services.
  • the forwarding module 15 forwards the data, and specifically, for the downlink data, the data corresponding to the value-added service is forwarded through the preset value-added service channel according to the updated data flow state information, and the data of the non-value-added service is passed through Channel forwarding; for uplink data, the preferred scheduling and forwarding of value-added service data.
  • the scheduling and forwarding process is that the BNG forwards the data to the DSLAM through the planned DPI VLAN, and then the data is sent by the DSLAM to the HG through the DPI PVC corresponding to the DPI VLAN, and then the data is sent by the HG.
  • the scheduling and forwarding process is that the BNG forwards the data to the DSLAM through the planned DPI VLAN, and then the data is sent by the DSLAM to the HG through the DPI PVC corresponding to the DPI VLAN, and then the data is sent by the HG.
  • the scheduling and forwarding process is that the BNG forwards the data to the DSLAM
  • the broadband network gateway includes a first receiving module 11, a determining module 12, a detecting module 13, and a table management module.
  • the determining module 12 includes a first determining sub-module 121 and a second determining sub-module 122, where the first determining sub-module 121 is configured to determine, according to the data flow state information in the data processing policy information, Whether the service type of each data stream in the data is unknown; the second determining sub-module 122 is configured to determine, according to the user service policy information in the data processing policy information, whether the user subscribes to the value-added service.
  • the judging module 12 judges whether the trigger condition for performing DPI detection is met by the two function sub-modules.
  • the reporting module 16 is configured to send, to the control platform, service type information of each data stream in the data obtained by performing deep packet detection processing on the data, and the broadband network gateway may perform the deep packet inspection on the data, and the reporting module 16 may The test result information is sent out.
  • the first receiving module 11 is further configured to receive the uplink data sent from the DSLAM;
  • the broadband network gateway provided in this embodiment can identify and manage the traffic of the Internet, and prioritize some traffic through the planned value-added service channel.
  • the operator can carry out value-added services according to this, improve revenue, and improve service quality.
  • FIG. 6 is a schematic structural diagram of an embodiment of a policy controller according to the present invention.
  • the policy controller includes a first sending module 21 and a second receiving module 22, where the first sending module 21 is configured to send a user to a broadband network gateway.
  • Business policy information where the user service policy information includes a user The service type information of the subscribed value-added service and the corresponding processing policy; the second receiving module 22 is configured to receive the service of each data stream in the data obtained by performing the deep packet detection process on the data sent by the broadband network gateway Type information.
  • the policy controller generates the user service policy information according to the user subscription information, where the user service policy information records the service type information of the value-added service subscribed by the user, indicating which users subscribe to which value-added services, and the service type corresponding to the service type.
  • the processing policy is to instruct the BNG to perform DPI detection on the service data subscribed by the user; and then send the user service policy information to the BNG through the first sending module 21; after the BNG performs DPI detection on the data, the detection result is reported by the BNG.
  • the receiving module 22 is responsible for receiving and generating control information for the HG and/or DSLAM, and transmitting the control information to the HG and/or the DSLAM through the first sending module 21, and the first sending module 21 sends control information to the HG and/or the DSLAM,
  • the control information is used to indicate that the data corresponding to the value-added service subscribed by the user by the HG and/or the DSLAM is forwarded through the preset value-added service channel.
  • the policy controller provided in this embodiment can generate the deep packet detection service policy information according to the service sensing capability of the hardware device and the subscription information of the user, and send the information to the BNG, instructing the BNG to perform priority scheduling processing on the specific data of the specific user, and satisfy the BNG.
  • the business needs of users improve the quality of business services.
  • FIG. 7 is a schematic structural diagram of an embodiment of an access device according to the present invention.
  • the access device includes a third receiving module 31 and a second sending module 32, where the third receiving module 31 is configured to receive data;
  • the module 32 is configured to forward the data to the preset value-added service channel according to the control information, where the control information is used to indicate that the access device compares data corresponding to the value-added service subscribed by the user, by using a preset Value-added service channels are forwarded.
  • the access device may be a home gateway or a digital subscriber line access multiplexer. If the access device is a home gateway, the third receiving module 31 receives data, and the second sending module 32 is used for root subscriber line access. Multiplexer DSLAM. If the access device is a digital subscriber line access multiplexer, then The receiving module 31 receives the data, and the second sending module 32 is configured to: according to the control information, enable the access device provided by the foregoing embodiments to perform priority scheduling processing on the value-added service data of the user according to the pre-planned scheduling forwarding policy. To meet the business needs of users and improve the quality of business services.

Abstract

A data processing method, broadband network gateway, policy controller and access device are provided by the embodiments of the present invention. The method includes: receiving data, judging if it is necessary to perform deep packet inspection to the data according to the data processing policy information of the user that the data belongs to; and if it is, performing deep packet inspection to the data, acquiring the service type of each data stream in the data; identifying the data stream in the data, wherein the service type of the data stream is the same with the value-added service type that the user subscribes, according to the data processing policy information and the service type of each data stream in the data; scheduling and forwarding the identified data stream. The embodiments of the present invention perform deep packet inspection process to the flow of the internet application according to the deep packet inspection service policy, perform subdivision and identification to the service data, and preferentially schedule a part of the flow through the planed service channel, thus the quality of traffic service can be improved.

Description

数据处理方法及宽带网络网关、 策略控制器和接入设备 本申请要求于 2008 年 6 月 4 日提交中国专利局、 申请号为 200810114370.2、发明名称为"数据处理方法及宽带网络网关、 策略控制器 装置和接入节点设备"的中国专利申请的优先权, 其全部内容通过引用结 合在本申请中。 技术领域  Data processing method and broadband network gateway, policy controller and access device The application is submitted to the Chinese Patent Office on June 4, 2008, the application number is 200810114370.2, and the invention name is "data processing method and broadband network gateway, policy controller" The priority of the Chinese Patent Application for Device and Access Node Device, the entire contents of which is incorporated herein by reference. Technical field
本发明实施例涉及通信技术领域,尤其涉及一种数据处理方法及宽带 网络网关、 策略控制器和接入设备。 背景技术  The embodiments of the present invention relate to the field of communications technologies, and in particular, to a data processing method, a broadband network gateway, a policy controller, and an access device. Background technique
随着现代通信技术和互联网技术的迅速发展, 网际协议 (Internet Protocol, IP )网将作为多业务的统一承载网, 在 IP网上将同时承载语音、 视频、 数据以及企业互联等多种不同的通信业务。 现有网络的建设发展模 式将转向以业务为核心的模式, 宽带业务的转型将表现为: 多媒体、 互动 形态逐渐占主流的多重业务模式; 基于 IP 的网络业务融合, 例如视频、 语音和数据的融合等; 个性化的点对点通信 ( Peer to Peer, P2P ) 的广泛 应用; 用户按需获得充足的带宽资源和服务等。 其中, 三重播放(Triple play ) 业务是一种融合了语音、 数据和视频业务的捆绑业务模式。 运营商 通过合理规划, 为语音业务 (Voice over IP , VOIP)和视频业务 (Internet Protocol Television , IPTV)提供了有保证的服务, 为互联网数据业务提供 尽力而为的服务。 在三重播放中, VOIP和 IPTV业务在网络侧采用物理 或者逻辑上的专网方式运营, 在用户侧, 通过特定的终端, 例如 VOIP电 话、 机顶盒(set top box, STB ) 等获得业务, 通过家庭网关上的接入端 口进行业务区分; 在业务服务质量上, 根据定义的不同业务的服务质量 ( Quality of Service, Qos ) 级别和带宽保证进行调度。 With the rapid development of modern communication technologies and Internet technologies, the Internet Protocol (IP) network will serve as a unified bearer network for multiple services, and will carry multiple different communications such as voice, video, data, and enterprise interconnection on the IP network. business. The existing network construction and development model will shift to a business-centric model. The transformation of broadband services will be manifested as: multi-service modes in which multimedia and interactive forms are gradually dominant; IP-based network services such as video, voice and data Convergence, etc.; Personalized peer-to-peer communication (P2P) is widely used; users get sufficient bandwidth resources and services on demand. Among them, the triple play service is a bundled business model that combines voice, data and video services. Through reasonable planning, operators provide guaranteed services for voice over IP (VOIP) and Internet Protocol Television (IPTV), and provide best-effort services for Internet data services. In triple play, VOIP and IPTV services are operated on the network side by physical or logical private network. On the user side, services are obtained through specific terminals, such as VOIP phones, set top boxes (STBs), etc. The access port on the gateway performs service differentiation. In terms of service quality, the service quality of different services according to the definition (Quality of Service, Qos) Level and bandwidth guarantees are scheduled.
目前互联网的发展速度远超过了电信网络的发展速度,基于互联网的 应用层出不穷, 如互联网视频共享、 视频点播、 网络电话、 P2P文件共享、 即时通讯等。 可以预见, 基于互联网的灵活性和可扩展性, 通过互联网承 载的应用将会越来越多。 这些应用尤其是多媒体应用, 对带宽和 Qos的要 求是比较高的, 如一些视频点播网站, 吸引了大批的用户在线观看视频, 用户希望能获得较为稳定的效果和体验。 目前的对互联网数据业务采用粗 放式地、 尽力而为服务的方式显然无法满足用户的这种需要。  At present, the development speed of the Internet far exceeds the development speed of the telecommunication network, and Internet-based applications are emerging one after another, such as Internet video sharing, video on demand, Internet telephony, P2P file sharing, and instant messaging. It is foreseeable that Internet-based flexibility and scalability will be increasingly supported by the Internet. These applications, especially multimedia applications, have higher requirements for bandwidth and QoS. For example, some video-on-demand websites attract a large number of users to watch videos online, and users hope to obtain more stable effects and experiences. The current approach to the use of extensive and best-effort services for Internet data services clearly does not meet the needs of users.
图 1 为现有技术中三重播放***结构示意图, 以 DSL接入为例。 如 图 1 所示, 数字用户线接入复用器 ( Digital Subscriber Line Access Multiplexer, DSLAM )和宽带远程接入服务器( Broadband Remote Access Server , BRAS )之间根据业务类型定义了不同的虚拟局域网( Virtual Local Area Network, VLAN ) , 具体地, 互联网数据业务划分一个 VLAN, VOIP 业务一个 VLAN, 视频中组播业务一个 VLAN, 点播业务一个 VLAN, 通 过这种方式进行业务流量的隔离; 家庭网关 (Home Gateway, HG ) 和 DSLAM 之间也根据业务类型划分不同的永久虚通道( permanent virtual channel , PVC ); HG根据终端接入端口的不同对业务进行区分, 例如计 算机、 IPTV机顶盒、 VOIP电话的接入端口各不相同, 将流量通过不同的 PVC转发给 DSLAM, DSLAM将不同 PVC来的流量映射到不同的 VLAN 转发给 BRAS; 其中, 已经预先规划好了不同的 PVC和 VLAN对应的带 宽和 Qos优先级。  FIG. 1 is a schematic structural diagram of a triple play system in the prior art, taking DSL access as an example. As shown in Figure 1, a Digital Subscriber Line Access Multiplexer (DSLAM) and a Broadband Remote Access Server (BRAS) define different virtual local area networks according to the type of service (Virtual Local Area Network (VLAN), specifically, the Internet data service is divided into one VLAN, one VLAN of the VOIP service, one VLAN of the multicast service in the video, one VLAN of the on-demand service, and the service traffic is isolated in this way; the home gateway (Home Gateway) (HG) and DSLAM also divide different permanent virtual channels (PVCs) according to service types; HG differentiates services according to different terminal access ports, such as computers, IPTV set-top boxes, and VOIP phone access ports. The traffic is forwarded to the DSLAM through different PVCs. The DSLAM maps the traffic from different PVCs to different VLANs and forwards them to the BRAS. The bandwidth and QoS priority of different PVCs and VLANs are pre-planned.
发明人在实现本发明的过程中发现: 在现有技术中, BRAS和 HG都 是通过数据流量的端口来判断业务类型, 进而通过不同的转发通道(例如 PVC和 VLAN )进行调度转发, 没有对业务数据进行深度划分处理, 不能 满足用户的业务需求, 业务服务质量较低。 发明内容 The inventor found in the process of implementing the present invention: In the prior art, both the BRAS and the HG judge the service type through the port of the data traffic, and then perform scheduling and forwarding through different forwarding channels (such as PVC and VLAN), The service data is deeply divided and processed, which cannot meet the user's business requirements, and the service quality is low. Summary of the invention
本发明实施例提供一种数据处理方法及宽带网络网关、 策略控制器和 接入设备, 用以解决现有技术中仅通过数据流量的端口判断业务类型, 造 成服务质量较低的缺陷, 实现对用户业务数据的深度检测, 将部分流量通 过规划好的业务通道进行优先调度, 提高业务服务质量。  The embodiments of the present invention provide a data processing method, a broadband network gateway, a policy controller, and an access device, which are used to solve the defect that the service type is determined only by the port of the data traffic in the prior art, and the service quality is low. In-depth detection of user service data, prioritizes part of traffic through the planned service channel to improve service quality.
本发明实施例提供一种数据处理方法, 包括:  The embodiment of the invention provides a data processing method, including:
接收数据, 根据所述数据所属用户的数据处理策略信息, 判断是否需 要对所述数据进行深度报文检测;  Receiving data, according to the data processing policy information of the user to which the data belongs, determining whether it is necessary to perform deep packet inspection on the data;
若需要, 则对所述数据进行深度报文检测, 获得所述数据中各数据流 的业务类型;  If necessary, performing deep packet inspection on the data to obtain a service type of each data stream in the data;
根据所述数据处理策略信息和所述数据中各数据流的业务类型, 对所 述数据中业务类型与所述用户所订阅的增值业务类型相同的数据流进行 标识;  And identifying, according to the data processing policy information and the service type of each data stream in the data, a data flow in which the service type in the data is the same as the value-added service type subscribed by the user;
对标识出的数据流进行调度转发。  Scheduling and forwarding the identified data stream.
本发明实施例提供一种宽带网络网关, 包括:  The embodiment of the invention provides a broadband network gateway, including:
第一接收模块, 用于接收数据并判断所述数据所属用户;  a first receiving module, configured to receive data and determine a user to which the data belongs;
判断模块, 用于根据所述数据所属用户的数据处理策略信息, 判断是 否需要对所述数据进行深度报文检测;  a determining module, configured to determine, according to data processing policy information of the user to which the data belongs, whether to perform deep packet detection on the data;
检测模块, 用于根据所述判断模块的指示对所述数据进行深度报文检 测, 获得所述数据中各数据流的业务类型;  a detecting module, configured to perform deep packet inspection on the data according to the indication of the determining module, to obtain a service type of each data stream in the data;
表管理模块, 用于根据所述数据处理策略信息和所述数据中各数据流 的业务类型, 对所述数据中业务类型与所述用户所订阅的增值业务类型相 同的数据流进行标识;  a table management module, configured to identify, according to the data processing policy information and a service type of each data stream in the data, a data flow in which the service type in the data is the same as the value-added service type subscribed by the user;
转发模块, 用于对所述表管理模块标识出的数据流进行调度转发。 本发明实施例提供一种策略控制器, 包括:  And a forwarding module, configured to perform scheduling and forwarding on the data flow identified by the table management module. The embodiment of the invention provides a policy controller, including:
第一发送模块, 用于向宽带网络网关发送用户业务策略信息, 所述用 户业务策略信息包括用户订阅的增值业务的业务类型信息和对应的处理 策略; a first sending module, configured to send user service policy information to the broadband network gateway, where The service policy information of the user includes the service type information of the value-added service subscribed by the user and the corresponding processing policy;
第二接收模块, 用于接收所述宽带网络网关发送的对所述数据进行深 度报文检测处理获得的所述数据中各数据流的业务类型信息。  And a second receiving module, configured to receive service type information of each data stream in the data obtained by performing deep packet detection processing on the data sent by the broadband network gateway.
本发明实施例提供一种接入设备, 包括:  An embodiment of the present invention provides an access device, including:
第三接收模块, 用于接收数据;  a third receiving module, configured to receive data;
第二发送模块, 用于根据控制信息, 将所述数据通过预设的增值业务 通道进行转发, 所述控制信息用于指示所述接入设备将与用户所订阅的增 值业务对应的数据, 通过预设的增值业务通道进行转发。  a second sending module, configured to forward the data to a preset value-added service channel according to the control information, where the control information is used to indicate that the access device compares data corresponding to the value-added service subscribed by the user, The preset value-added service channel is forwarded.
通过实施本发明上述实施例, 能够实现根据深度报文检测业务策略对 互联网应用的流量进行深度报文检测处理, 进行业务数据的细分识别, 将 部分流量通过规划好的业务通道进行优先调度, 提高业务服务质量。 附图说明  By implementing the foregoing embodiments of the present invention, it is possible to perform deep packet detection processing on the traffic of the Internet application according to the deep packet detection service policy, perform subdivision identification of the service data, and prioritize part of the traffic through the planned service channel. Improve the quality of business services. DRAWINGS
图 1为现有技术中三重播放***结构示意图;  1 is a schematic structural diagram of a triple play system in the prior art;
图 2为本发明数据处理***实施例结构示意图;  2 is a schematic structural diagram of an embodiment of a data processing system according to the present invention;
图 3为本发明数据处理方法实施例流程图;  3 is a flow chart of an embodiment of a data processing method according to the present invention;
图 4为本发明宽带网络网关实施例一结构示意图;  4 is a schematic structural diagram of Embodiment 1 of a broadband network gateway according to the present invention;
图 5为本发明宽带网络网关实施例二结构示意图;  5 is a schematic structural diagram of Embodiment 2 of a broadband network gateway according to the present invention;
图 6为本发明策略控制器实施例结构示意图;  6 is a schematic structural diagram of an embodiment of a policy controller according to the present invention;
图 7为本发明接入设备实施例结构示意图。 具体实施方式  FIG. 7 is a schematic structural diagram of an embodiment of an access device according to the present invention. detailed description
下面结合附图和具体实施例进一步说明本发明实施例的技术方案。 图 2为本发明数据处理***实施例结构示意图, 如图 2所示, 在该系 统中多个用于进行不同业务的用户终端例如计算机、 IPTV机顶盒、 VOIP 电话等与 HG连接, HG为用户终端与网络交互的数据流量的出入接口; HG与 DSLAM连接, 且 HG与 DSLAM之间根据业务类型的不同建立一 条或多条深度报文检测 (deep packet inspection, DPI ) 增值业务 PVC; DSLAM与宽带网络网关 ( Broadband Network Gateway, BNG ) 连接, 且 DSLAM与 BNG之间建立一条或多条 DPI增值业务 VLAN, 其中每项增 值业务可以单独使用一条 VLAN , 也可以多项增值业务共同使用一条 VLAN, 例如互联网数据业务划分一个 VLAN, VOIP业务一个 VLAN, 视 频中组播业务一个 VLAN, 点播业务一个 VLAN, 通过这种方式进行业务 流量的隔离; BNG为网络出口, 负责与网络侧进行数据交互, 在 BNG上 增加业务感知的功能模块, 使 BNG处具备分析网络数据流量内容, 感知 承载的业务和应用的能力。 The technical solutions of the embodiments of the present invention are further described below with reference to the accompanying drawings and specific embodiments. 2 is a schematic structural diagram of an embodiment of a data processing system according to the present invention. As shown in FIG. 2, a plurality of user terminals for performing different services, such as a computer, an IPTV set-top box, and a VOIP, are shown in FIG. The telephone is connected to the HG, and the HG is an access interface for the data traffic that the user terminal interacts with the network; the HG is connected to the DSLAM, and one or more deep packet inspections are established between the HG and the DSLAM according to different service types (deep packet inspection, DPI) Value-added service PVC; DSLAM is connected to Broadband Network Gateway (BNG), and one or more DPI value-added service VLANs are established between DSLAM and BNG. Each value-added service can use one VLAN or more. The value-added service uses a single VLAN. For example, the Internet data service is divided into one VLAN, the VOIP service is a VLAN, the video is a multicast service, and the on-demand service is a VLAN. In this way, service traffic is isolated. BNG is the network exit. Data interaction with the network side, adding a service-aware functional module on the BNG, so that the BNG has the ability to analyze the content of the network data traffic, and to sense the services and applications of the bearer.
由上可知, 在网络出口 BNG和用户终端出口 HG之间规划了增值业 务通道,通过对这些 VALN和 PVC分配预定义的调度优先级和 Qos策略, 对增值业务数据进行优先调度, 提高业务服务质量。 运营商可以通过业务 平台发布 DPI增值业务,这种增值业务可根据 DPI设备的业务感知能力进 行规划分类, 将可识别的一种或多种应用类型作为一类增值业务进行优先 调度, 如网络流媒体加速、 网络游戏加速、 语音加速等。 用户可以通过登 录运营商门户网站订阅此类增值业务, 运营商可对增值业务制订灵活的资 费标准。  It can be seen that a value-added service channel is planned between the network egress BNG and the user terminal egress HG. By assigning a predefined scheduling priority and a QoS policy to the VALNs and PVCs, the value-added service data is preferentially scheduled to improve service quality. . The operator can release the DPI value-added service through the service platform. The value-added service can be classified according to the service-aware capability of the DPI device, and the identifiable one or more application types are preferentially scheduled as a type of value-added service, such as a network flow. Media acceleration, online game acceleration, voice acceleration, and more. Users can subscribe to such value-added services through the login operator portal, and operators can set flexible tariff standards for value-added services.
用户登录业务平台选择 DPI增值业务,业务平台将用户订阅的增值业 务信息下发给控制平台, 控制平台中的策略控制器根据用户的选择, 动态 生成 DPI业务策略即用户业务策略信息,用户业务策略信息中包括用户订 阅的增值业务的业务类型和对应的处理策略,所述处理策略即为指示 BNG 对用户订阅的业务数据进行 DPI检测,并向 BNG下发用户业务策略信息, 指示对特定用户的互联网数据执行 DPI检测。 DPI业务策略可以由策略控 制器主动下发给对应的 BNG, 也可以在用户初次上线时, BNG检测到用 户上线, 主动向策略控制器获取用户的 DPI业务策略。 BNG根据用户的 DPI 业务策略, 对订阅了 DPI 增值业务的用户的高速上网 (high speed internet, HIS )数据流进行 DPI检测, 标记出其中的增值业务数据流, 通 过指定的 DPI VLAN调度转发,其它的 HSI数据仍然通过 HSI VLAN调度 转发; 业务数据流到达 DSLAM 后, 通过预先规划好的与转发通道 DPI VLAN对应的 DPI PVC, 然后发送给用户终端。 The user logs in to the service platform and selects the DPI value-added service. The service platform delivers the value-added service information subscribed by the user to the control platform. The policy controller in the control platform dynamically generates the DPI service policy, that is, the user service policy information according to the user's selection, and the user service policy. The information includes the service type of the value-added service subscribed by the user and the corresponding processing policy. The processing policy is to instruct the BNG to perform DPI detection on the service data subscribed by the user, and deliver the user service policy information to the BNG to indicate the specific user. Internet data performs DPI detection. The DPI service policy can be proactively delivered to the corresponding BNG by the policy controller, or can be detected by the BNG when the user first goes online. The user goes online and actively obtains the user's DPI service policy from the policy controller. Based on the DPI service policy of the user, the BNG performs DPI detection on the high speed internet (HIS) data stream of the user who subscribes to the DPI value-added service, marks the value-added service data stream, and schedules forwarding through the specified DPI VLAN. The HSI data is still forwarded through the HSI VLAN. After the service data flows to the DSLAM, the DPI PVC corresponding to the DPI VLAN of the forwarding channel is pre-planned and then sent to the user terminal.
BNG 中的 DPI模块还可以将检测结果上报到控制平台, 由控制平台 中的策略控制器 (policy controller ) 或者终端管理控制*** (ITMS)或者其 它管理控制***向 HG或者 DSLAM下发动态的控制信息, 如动态访问控 制列表 (access control list, ACL), 指示 HG或者 DSLAM对上行的增值业 务的数据流通过对应的 DPI增值业务通道转发。  The DPI module in the BNG can also report the detection result to the control platform. The policy controller (policy controller) or the terminal management control system (ITMS) or other management control system in the control platform sends dynamic control information to the HG or DSLAM. For example, a dynamic access control list (ACL) indicates that the data flow of the uplink value-added service by the HG or the DSLAM is forwarded through the corresponding DPI value-added service channel.
图 3为本发明数据处理方法实施例流程图,如图 3所示,该方法包括: 步骤 100, 接收数据, 根据所述数据所属用户的数据处理策略信息, 判断是否需要对所述数据进行深度报文检测; 如果需要对所述数据进行深 度报文检测, 执行步骤 101 , 否则按照本领域公知技术处理该数据。  3 is a flowchart of an embodiment of a data processing method according to the present invention. As shown in FIG. 3, the method includes: Step 100: Receive data, and determine, according to data processing policy information of a user to which the data belongs, whether the data needs to be deepened. Packet detection; If deep packet inspection is required on the data, step 101 is performed, otherwise the data is processed according to techniques well known in the art.
BNG接收到数据后, 首先要判断该数据是属于哪个用户的,可以根据 数据的 IP地址或媒体访问控制(media access control , MAC)地址等可以标 识用户身份的信息进行判断; 在判断得知该数据属于具体哪个用户后, 查 找该用户的数据处理策略信息, 并根据该数据处理策略信息判断是否需要 对接收到的数据进行 DPI检测; 所述数据处理策略信息包括两个信息表, 分别是用户业务策略信息和数据流状态信息, 其中用户业务策略信息中记 录有该用户所订阅的增值业务信息, 数据流状态信息中记录有流经 BNG 的每条数据流的业务类型和相关信息。若需要对接收到的数据进行 DPI检 测应同时满足两个条件, 即数据流状态信息中有关该数据中数据流的业务 类型的记录为未知, 且用户业务策略信息中记录该用户已经订阅过增值业 务, 也就是说 BNG此次所接收到的数据对于 BNG而言是新数据, 在此之 前并没有接收到与该数据相关的其它数据流, 因此在数据流状态信息中不 存在有关数据流的业务类型记录; 另外, 该用户一定是订阅了关于某种业 务类型的增值业务的用户, 根据以上触发条件进行判断。 After receiving the data, the BNG first determines which user the data belongs to, and can judge according to the IP address of the data or the media access control (MAC) address, etc., which can identify the identity of the user; After the data belongs to which user, the data processing policy information of the user is searched, and according to the data processing policy information, it is determined whether DPI detection needs to be performed on the received data. The data processing policy information includes two information tables, which are respectively users. The service policy information and the data flow state information, wherein the user service policy information records the value-added service information subscribed by the user, and the data flow state information records the service type and related information of each data flow flowing through the BNG. If the DPI detection of the received data is required, the two conditions should be met at the same time, that is, the record of the service type of the data flow in the data flow state information is unknown, and the user service policy information records that the user has subscribed to the value added. Business, that is to say, the data received by BNG this time is new data for BNG, here The other data streams related to the data are not received before, so there is no service type record related to the data stream in the data flow state information; in addition, the user must be subscribed to the user of the value-added service of a certain service type, The judgment is made based on the above trigger conditions.
步骤 101 , 对所述数据进行深度报文检测, 获得所述数据中各数据流 的业务类型;  Step 101: Perform deep packet inspection on the data, and obtain a service type of each data stream in the data.
若 BNG根据用户业务策略信息和数据流状态信息判断得知接收到的 数据同时满足以上两个条件时, BNG将接收到的数据发送给 DPI模块进 行 DPI检测,对数据进行深度报文检测处理要求运营商能对数据流中承载 的业务进行感知, DPI作为一种报文检测技术, 能够对网络数据报文的载 荷( payload )进行检测, 从而识别数据流的业务类型, 进而达到网络流量 控制的目的。 通过对数据载荷的深度检测可以得到数据中各数据流的业务 类型信息。  If the BNG judges that the received data meets the above two conditions according to the user service policy information and the data flow state information, the BNG sends the received data to the DPI module for DPI detection, and performs deep packet inspection processing on the data. The operator can sense the services carried in the data stream. As a packet detection technology, the DPI can detect the payload of the network data packet, thereby identifying the service type of the data stream, and then achieving network traffic control. purpose. Through the depth detection of the data payload, the service type information of each data stream in the data can be obtained.
步骤 102, 根据所述数据处理策略信息和所述数据中各数据流的业务 类型, 对所述数据中业务类型与所述用户所订阅的增值业务类型相同的数 据流进行标识;  Step 102: Identify, according to the data processing policy information and the service type of each data stream in the data, a data flow in which the service type in the data is the same as the value-added service type subscribed by the user;
在检测出数据中各数据流的业务类型后, BNG首先通过查找用户业务 策略信息中用户所订阅的增值业务类型, 并对比哪些数据流的业务类型与 用户订阅的增值业务类型相同, 若存在业务类型相同的情况, 则对所述数 据中业务类型与所述用户所订阅的增值业务类型相同的数据流进行标识, 具体是在数据流状态信息中将与用户订阅的增值业务类型相同的数据流 的业务类型标记为 "增值业务" ; 对于数据中其它业务类型与用户订阅的 增值业务类型不符的数据流, 在数据流状态信息中将该数据流的业务类型 表标记为 "非增值业务" 。 例如, 用户订阅有关于 "网络游戏加速" 的增 值业务, 在网络下发给 BNG的该用户的用户业务策略信息中将记录有该 用户已经订阅了业务类型为 "网络游戏" 的增值业务的信息; 当 BNG接 收到数据并对其进行 DPI检测后, 获得数据中各数据流的业务类型, 例如 包括 "网络游戏" 业务类型和 "视频电话" 业务类型; 然后, BNG对照用 户业务策略信息将数据流状态信息中将有关 "网络游戏" 的数据流的业务 类型标记为 "增值业务" , 将有关 "视频电话" 的数据流的业务类型标记 为 "非增值业务" , 以供后续对数据进行转发时用。 After detecting the service type of each data stream in the data, the BNG first searches for the value-added service type subscribed by the user in the user service policy information, and compares the service types of the data streams with the same value-added service type that the user subscribes to. If the type is the same, the data flow in the data type is the same as the value-added service type subscribed by the user, and the data flow state information is the same as the value-added service type subscribed by the user. The service type is marked as "value added service"; for the data flow in which other service types in the data do not match the value-added service type subscribed by the user, the service type table of the data flow is marked as "non-value added service" in the data flow status information. For example, the user subscribes to the value-added service related to "network game acceleration", and the user service policy information of the user sent to the BNG under the network will record information that the user has subscribed to the value-added service whose service type is "network game". When the BNG receives the data and performs DPI detection on it, it obtains the service type of each data stream in the data, for example Including the "online game" service type and the "video call" service type; then, the BNG compares the user's business policy information with the service type of the "network game" data stream in the data flow status information as "value added service", which will be related The service type of the "video call" data stream is marked as "non-value added service" for subsequent use in forwarding data.
步骤 103 , 对标识出的数据流进行调度转发。  Step 103: Perform scheduling and forwarding on the identified data flow.
BNG更新完数据流状态信息后,即执行完步骤 102中对数据中业务类 型与用户所订阅的增值业务类型相同的数据流进行标识的操作后, 要根据 数据流状态信息对各数据流进行转发, 数据流状态信息中不但标记有数据 流的业务类型, 而且还有各数据流的目的地址等转发用的相关信息。 对于 增值业务类型的数据流将通过预设的增值业务通道进行转发, 而对于非增 值业务类型的数据流则通过原有的转发通道进行转发。 若所述数据为下行 数据, 则对标识出的与所述用户所订阅的增值业务对应的数据流, 通过预 设的增值业务通道进行调度转发; 若所述数据为上行数据, 则对标识出的 与所述用户所订阅的增值业务对应的数据流进行优先调度转发。 所述预设 的增值业务通道即为接收处理数据之前, 在数据传输路径设备上, 通过静 态或动态的方式建立满足规划 Qos指标的增值业务通道。所述的上行数据 是指从用户终端流向互联网的数据, 所述下行数据指从互联网发往用户终 端的数据。  After the BNG updates the data flow state information, after performing the operation of identifying the data flow with the same service type as the value-added service type subscribed by the user in step 102, the BNG is forwarded according to the data flow state information. The data flow status information is not only marked with the service type of the data stream, but also related information for forwarding the destination address of each data stream. The data flow of the value-added service type will be forwarded through the preset value-added service channel, and the data flow of the non-value-added service type will be forwarded through the original forwarding channel. If the data is downlink data, the data flow corresponding to the value-added service subscribed by the user is scheduled to be forwarded through a preset value-added service channel; if the data is uplink data, the data is identified. The data flow corresponding to the value-added service subscribed by the user is preferentially scheduled and forwarded. The preset value-added service channel is a value-added service channel that meets the planned Qos indicator in a static or dynamic manner on the data transmission path device before receiving the processed data. The uplink data refers to data flowing from the user terminal to the Internet, and the downlink data refers to data sent from the Internet to the user terminal.
在***部署时, 已经将对应于不同增值业务数据的增值业务通道预先 规划好了, 增值业务通道包括 BNG 与 DSLAM 之间的 DPI VLAN 和 DSLAM与 HG之间的 DPI PVC, 带有某一识别标签的数据通过哪条 DPI VLAN转发到 DSLAM, 然后通过哪条 DPI PVC转发给 HG, 均已经设定 好, 只要 BNG为增值业务数据设置识别标签后, 数据便可以通过设定好 的增值业务通道发送到用户终端处。 具体地调度转发过程为 BNG根据所 述识别标签, 通过与所述识别标签对应的 DPI VLAN, 将所述下行数据转 发给数字用户线接入复用器 DSLAM; 所述 DSLAM根据所述识别标签, 通过与所述识别标签对应的 DPI PVC, 将所述下行数据转发给与家庭网关At the time of system deployment, the value-added service channels corresponding to different value-added service data have been pre-planned. The value-added service channels include DPI VLAN between BNG and DSLAM and DPI PVC between DSLAM and HG, with a certain identification tag. The data is forwarded to the DSLAM through which DPI VLAN, and then which DPI PVC is forwarded to the HG, which has been set. As long as the BNG sets the identification tag for the value-added service data, the data can be sent through the set value-added service channel. Go to the user terminal. Specifically, the scheduling forwarding process is: the BNG forwards the downlink data to the digital subscriber line access multiplexer DSLAM according to the identification tag, and the DFM VLAN corresponding to the identification tag; the DSLAM is configured according to the identification label, Forwarding the downlink data to the home gateway through a DPI PVC corresponding to the identification tag
HG; 所述 HG将所述下行数据发送给用户终端。 BNG还可以将增值业务 的数据报文打上不同的 "DPI VLAN TAG" , 再根据数据流状态信息将用 户数据通过对应的 DPI VLAN优先调度转发给对应的 DSLAM; DSLAM 根据 "DPI VLAN TAG" 映射到 DPI PVC, HG根据 DPI PVC进行优先调 度。 BNG在为用户订阅的业务数据打上识别标签后,按照预先规划好的增 值业务通道将数据转发给用户终端。 HG: The HG sends the downlink data to a user terminal. The BNG can also tag the data packets of the value-added service with different "DPI VLAN TAG", and then forward the user data to the corresponding DSLAM through the corresponding DPI VLAN priority scheduling according to the data flow state information; the DSLAM is mapped according to the "DPI VLAN TAG" DPI PVC, HG performs priority scheduling according to DPI PVC. After marking the service data subscribed to by the user, the BNG forwards the data to the user terminal according to the pre-planned value-added service channel.
本实施例提供的方法中还存在以下情况, 即当 BNG接收到的数据中 无与增值业务对应的数据流, 则直接将该数据通过普通业务数据的通道进 行转发; 还有, 当通过 BNG所接收到的数据, 查找数据流状态信息, 得 知其中各数据流的业务类型时, 无需再进行 DPI检测, 可以直接将增值业 务对应的数据流通过预设通道进行转发。  The method provided in this embodiment also has the following situation: when there is no data flow corresponding to the value-added service in the data received by the BNG, the data is directly forwarded through the channel of the normal service data; and, when passing through the BNG The data received, the data flow status information is searched, and the service type of each data stream is known. The DPI detection is not required, and the data flow corresponding to the value-added service can be directly forwarded through the preset channel.
在本实施例所提供的数据处理方法中, BNG对流经的数据进行深度报 文检测时, 要用到用户业务策略信息, 该用户业务策略信息可以由策略控 制器主动下发给对应的 BNG, 由 BNG进行接收; 也可以是 BNG检测到 用户初次上线时, 主动向策略控制器获取用户业务策略信息。  In the data processing method provided by the embodiment, when the BNG performs deep packet detection on the data flowing through the BNG, the user service policy information is used, and the user service policy information may be actively sent by the policy controller to the corresponding BNG. It is received by the BNG. When the BNG detects that the user is online for the first time, the BNG actively obtains the user service policy information from the policy controller.
进一步地, 业务平台根据 BNG的 DPI检测能力划分增值业务, 将可 识别的一种或多种应用类型作为一类增值业务进行优先调度, 如网络流媒 体加速、 网络游戏加速、 语音加速等业务, 并将支持的增值业务向用户发 布; 用户可以通过登录门户网站订阅此类增值业务。 控制平台根据用户的 订阅信息, 生成所述用户业务策略信息, 并发送给 BNG, 用于指示 BNG 对特定用户的增值业务数据进行优先调度处理。  Further, the service platform divides the value-added service according to the DPI detection capability of the BNG, and prioritizes the identifiable one or more application types as a type of value-added service, such as network streaming acceleration, network game acceleration, and voice acceleration. The supported value-added services are released to users; users can subscribe to such value-added services through the login portal. The control platform generates the user service policy information according to the subscription information of the user, and sends the information to the BNG, which is used to instruct the BNG to perform priority scheduling processing on the value-added service data of the specific user.
BNG在对数据进行 DPI检测处理后, 还要将检测结果上报给控制平 台, 具体为 BNG向控制平台发送对所述数据进行深度报文检测处理的检 测结果信息, 该结果信息中包括数据中各数据流的业务类型信息; 所述控 制平台根据所述检测结果信息,向所述 HG和 /或所述 DSLAM发送控制信 息,所述控制信息用于指示所述 HG和 /或所述 DSLAM将与用户所订阅的 增值业务对应的数据,通过设定的增值业务通道进行转发。 BNG上报检测 结果后, 由控制平台中的策略控制器或者终端管理控制***或者其它管理 控制***向 HG和 /或 DSLAM下发动态的控制信息, 如动态 ACL, 指示 HG和 /或 DSLAM对增值业务的数据流通过对应的增值业务通道转发。 After performing the DPI detection on the data, the BNG also reports the detection result to the control platform. Specifically, the BNG sends the detection result information of the deep packet detection processing to the data to the control platform, where the result information includes each data. Traffic type information of the data stream; the control platform sends a control letter to the HG and/or the DSLAM according to the detection result information The control information is used to indicate that the HG and/or the DSLAM will forward data corresponding to the value-added service subscribed by the user, by using the set value-added service channel. After the BNG reports the detection result, the policy controller or the terminal management control system or other management control system in the control platform sends dynamic control information to the HG and/or the DSLAM, such as a dynamic ACL, indicating that the HG and/or the DSLAM are added to the value-added service. The data stream is forwarded through the corresponding value-added service channel.
所述 HG和 /或所述 DSLAM根据控制信息,将数据通过所述设定的增 值业务通道进行转发具体过程包括, 所述 HG将数据通过所述增值业务通 道中的 DPI PVC, 发送给所述 DSLAM; 和 /或所述 DSLAM将所述上行数 据通过所述增值业务通道中的 DPI VLAN, 发送给宽带网络网关 BNG。 数 据在 HG 和 /或 DSLAM 上根据策略控制器下发的控制信息映射到 DPI PVC/VLAN,这取决于 HG和 /或 DSLAM是否支持策略控制器下发的动态 ACL配置和匹配, 如果 HG和 DSLAM都不能支持这种动态配置和匹配, 则数据流通过 HIS VLAN到达 BNG , 再由 BNG将数据发送到网络。  The HG and/or the DSLAM forwarding the data through the set value-added service channel according to the control information, the specific process includes: sending, by the HG, the data to the DPI PVC in the value-added service channel, to the The DSLAM; and/or the DSLAM transmits the uplink data to the broadband network gateway BNG through the DPI VLAN in the value-added service channel. The data is mapped to the DPI PVC/VLAN according to the control information sent by the policy controller on the HG and/or the DSLAM, depending on whether the HG and/or DSLAM support the dynamic ACL configuration and matching delivered by the policy controller, if HG and DSLAM Neither can support this dynamic configuration and matching, then the data stream reaches the BNG through the HIS VLAN, and then the BNG sends the data to the network.
本发明实施例提供的数据处理方法针对目前对互联网应用流量没有 一种进行细分和运营的方法, 提供一种网络应用的增值业务解决方案, 本 发明实施例可对互联网的流量进行识别和管理, 将部分流量通过规划好的 增值业务通道进行优先调度;运营商可以据此开展增值业务、获得高收益, 用户可获得更高的服务质量。 而且本实施例提供的增值业务的数据处理方 法并不局限于互联网应用, 也可针对其它网络业务流量根据需要进行规 划、 细分和运营。  The data processing method provided by the embodiment of the present invention provides a value-added service solution for network applications, and provides a method for identifying and managing Internet traffic. Partial traffic is preferentially scheduled through the planned value-added service channel; operators can carry out value-added services and obtain high returns based on this, and users can obtain higher service quality. Moreover, the data processing method of the value-added service provided by this embodiment is not limited to the Internet application, and may also be planned, segmented, and operated according to requirements for other network service traffic.
本领域普通技术人员可以理解: 实现上述方法实施例的全部或部分步 骤可以通过程序指令相关的硬件来完成, 前述的程序可以存储于一计算机 可读取存储介质中, 该程序在执行时, 执行包括上述方法实施例的步骤; 而前述的存储介质包括: ROM、 RAM, 磁碟或者光盘等各种可以存储程 序代码的介质。  A person skilled in the art can understand that all or part of the steps of implementing the above method embodiments may be completed by using hardware related to program instructions, and the foregoing program may be stored in a computer readable storage medium, and the program is executed when executed. The foregoing steps include the steps of the foregoing method embodiments; and the foregoing storage medium includes: a medium that can store program codes, such as a ROM, a RAM, a magnetic disk, or an optical disk.
图 4为本发明宽带网络网关实施例一结构示意图, 如图 4所示, 该宽 带网络网关包括第一接收模块 11、 判断模块 12、 检测模块 13、 表管理模 块 14和转发模块 15 ,其中第一接收模块 11用于接收数据并判断所述数据 所属的用户; 判断模块 12用于根据所述数据所属的用户的数据处理策略 信息, 判断是否需要对所述数据进行深度报文检测, 并在需要对所述数据 进行深度报文检测的时候通知检测模块 13 ; 检测模块 13用于对所述数据 进行深度报文检测, 获得所述数据中各数据流的业务类型; 表管理模块 14 用于根据所述数据处理策略信息和所述数据中各数据流的业务类型, 对所 述数据中业务类型与所述用户所订阅的增值业务类型相同的数据流进行 标识; 转发模块 15用于对标识出的数据流进行调度转发。 4 is a schematic structural diagram of Embodiment 1 of a broadband network gateway according to the present invention, as shown in FIG. The network gateway includes a first receiving module 11, a determining module 12, a detecting module 13, a table management module 14, and a forwarding module 15, wherein the first receiving module 11 is configured to receive data and determine a user to which the data belongs; Determining whether the deep data check needs to be performed on the data according to the data processing policy information of the user to which the data belongs, and notifying the detecting module 13 when the deep data check needs to be performed on the data; Performing deep packet detection on the data to obtain a service type of each data stream in the data; the table management module 14 is configured to: according to the data processing policy information and the service type of each data stream in the data, The data stream in the data is identified by the same data type as the value-added service type subscribed by the user. The forwarding module 15 is configured to perform scheduling and forwarding on the identified data stream.
具体地, 第一接收模块 11 接收到数据后, 要对接收到的数据报文判 断其属于哪个用户,这可以根据数据报文的 IP地址或 MAC地址等可以标 识用户身份的信息进行判断; 在得知该数据属于哪个用户后, 将数据发送 给判断模块 12, 由判断模块 12判断是否需要对该数据进行 DPI检测, 在 同时满足以下两个条件时需要对数据进行 DPI检测,所述条件是数据流状 态信息中有关该数据中数据流的业务类型的记录为未知, 且用户业务策略 信息中记录该用户已经订阅过增值业务, 其中数据流状态信息和用户业务 策略信息组成用户的数据处理策略信息。 在判断得知需要对数据进行 DPI 检测时, 则根据用户业务策略信息中的与用户订阅的增值业务类型对应的 处理策略将数据发送给检测模块 13 , 通过检测模块 13对数据进行 DPI检 测, 得到数据中各数据流的业务类型; 然后通过表管理模块 14对数据流 状态信息进行更新, 即对所述数据中业务类型与所述用户所订阅的增值业 务类型相同的数据流进行标识, 表管理模块 14 负责数据流状态信息和用 户策略信息的存储和管理, 判断模块 12和转发模块 15对数据进行处理过 程中用到的用户的数据处理策略信息是从表管理模块 14 中获取的; 表管 理模块 14中存储的用户业务策略信息也可以通过第一接收模块 11接收, 并存储在表管理模块 14 中, 所述用户业务策略信息包括所述用户订阅的 增值业务的业务类型信息。 最后, 转发模块 15对数据进行转发, 具体地 对于下行数据, 可以根据更新后数据流状态信息将对应于增值业务的数据 通过预设的增值业务通道进行转发, 对非增值业务的数据通过原有通道转 发; 对于上行数据, 则对增值业务数据进行优选调度转发。 例如, 对于下 行数据进行调度转发, 调度转发过程是 BNG通过规划好的 DPI VLAN将 数据转发给 DSLAM, 然后再由 DSLAM将数据通过与 DPI VLAN对应的 DPI PVC发送给 HG, 再由 HG将数据发给用户终端。 Specifically, after receiving the data, the first receiving module 11 determines, according to the received data packet, which user belongs to the user, which may be determined according to the information such as the IP address or the MAC address of the data packet that can identify the identity of the user; After learning which user the data belongs to, the data is sent to the judging module 12, and the judging module 12 judges whether DPI detection is needed for the data, and DPI detection is required when the following two conditions are met simultaneously, the condition is The record of the service type of the data flow in the data flow state information is unknown, and the user service policy information records that the user has subscribed to the value-added service, wherein the data flow state information and the user service policy information constitute the user's data processing strategy. information. When it is determined that the data needs to be DPI-detected, the data is sent to the detection module 13 according to the processing policy corresponding to the value-added service type subscribed by the user in the user service policy information, and the DPI is detected by the detection module 13 to obtain the DPI detection. The service type of each data stream in the data; and then the data flow state information is updated by the table management module 14, that is, the data flow in the data type is the same as the value-added service type subscribed by the user, and the table management is performed. The module 14 is responsible for storing and managing the data flow state information and the user policy information, and the data processing policy information of the user used by the determining module 12 and the forwarding module 15 for processing the data is obtained from the table management module 14; The user service policy information stored in the module 14 can also be received by the first receiving module 11 and stored in the table management module 14, where the user service policy information includes the user subscription. Business type information of value-added services. Finally, the forwarding module 15 forwards the data, and specifically, for the downlink data, the data corresponding to the value-added service is forwarded through the preset value-added service channel according to the updated data flow state information, and the data of the non-value-added service is passed through Channel forwarding; for uplink data, the preferred scheduling and forwarding of value-added service data. For example, for the downlink data to be scheduled and forwarded, the scheduling and forwarding process is that the BNG forwards the data to the DSLAM through the planned DPI VLAN, and then the data is sent by the DSLAM to the HG through the DPI PVC corresponding to the DPI VLAN, and then the data is sent by the HG. Give the user terminal.
图 5为本发明宽带网络网关实施例二结构示意图, 如图 5所示, 基于 宽带网络网关实施例一, 该宽带网络网关包括第一接收模块 11、判断模块 12、 检测模块 13、 表管理模块 14和转发模块 15 , 其中判断模块 12包括 第一判断子模块 121和第二判断子模块 122, 第一判断子模块 121用于根 据所述数据处理策略信息中的数据流状态信息, 判断所述数据中各数据流 的业务类型是否为未知; 第二判断子模块 122用于根据所述数据处理策略 信息中的用户业务策略信息, 判断所述用户是否订阅了增值业务。 判断模 块 12通过两个功能子模块对是否符合进行 DPI检测的触发条件进行判断。  5 is a schematic structural diagram of Embodiment 2 of a broadband network gateway according to the present invention. As shown in FIG. 5, based on Embodiment 1 of a broadband network gateway, the broadband network gateway includes a first receiving module 11, a determining module 12, a detecting module 13, and a table management module. And a forwarding module 15 , wherein the determining module 12 includes a first determining sub-module 121 and a second determining sub-module 122, where the first determining sub-module 121 is configured to determine, according to the data flow state information in the data processing policy information, Whether the service type of each data stream in the data is unknown; the second determining sub-module 122 is configured to determine, according to the user service policy information in the data processing policy information, whether the user subscribes to the value-added service. The judging module 12 judges whether the trigger condition for performing DPI detection is met by the two function sub-modules.
报告模块 16用于向控制平台发送对数据进行深度报文检测处理获得 的数据中各数据流的业务类型信息, 宽带网络网关在对数据进行完深度报 文检测后, 可以通过该报告模块 16将检测结果信息发送出去。 当然在发 生上行数据业务时, 第一接收模块 11还要用于接收从 DSLAM发来的上 行数据;  The reporting module 16 is configured to send, to the control platform, service type information of each data stream in the data obtained by performing deep packet detection processing on the data, and the broadband network gateway may perform the deep packet inspection on the data, and the reporting module 16 may The test result information is sent out. Of course, when the uplink data service occurs, the first receiving module 11 is further configured to receive the uplink data sent from the DSLAM;
本实施例提供的宽带网络网关可对互联网的流量进行识别和管理, 将 部分流量通过规划好的增值业务通道进行优先调度; 运营商可以据此开展 增值业务, 提高收益, 提高业务服务质量。  The broadband network gateway provided in this embodiment can identify and manage the traffic of the Internet, and prioritize some traffic through the planned value-added service channel. The operator can carry out value-added services according to this, improve revenue, and improve service quality.
图 6为本发明策略控制器实施例结构示意图, 如图 6所示, 该策略控 制器包括第一发送模块 21和第二接收模块 22,其中第一发送模块 21用于 向宽带网络网关发送用户业务策略信息, 所述用户业务策略信息包括用户 订阅的增值业务的业务类型信息和对应的处理策略; 第二接收模块 22用 于接收所述宽带网络网关发送的对所述数据进行深度报文检测处理获得 的所述数据中各数据流的业务类型信息。 FIG. 6 is a schematic structural diagram of an embodiment of a policy controller according to the present invention. As shown in FIG. 6, the policy controller includes a first sending module 21 and a second receiving module 22, where the first sending module 21 is configured to send a user to a broadband network gateway. Business policy information, where the user service policy information includes a user The service type information of the subscribed value-added service and the corresponding processing policy; the second receiving module 22 is configured to receive the service of each data stream in the data obtained by performing the deep packet detection process on the data sent by the broadband network gateway Type information.
具体地, 策略控制器根据用户订阅信息, 生成用户业务策略信息, 用 户业务策略信息中记录有用户订阅的增值业务的业务类型信息, 表示哪个 用户订阅了哪些增值业务, 还包括与业务类型对应的处理策略, 所述处理 策略为指示 BNG对用户订阅的业务数据进行 DPI检测; 然后通过第一发 送模块 21将用户业务策略信息发送给 BNG; BNG对数据进行 DPI检测后, 上报检测结果,由第二接收模块 22负责接收,并生成对于 HG和 /或 DSLAM 的控制信息, 通过第一发送模块 21发送给 HG和 /或 DSLAM, 第一发送 模块 21向 HG和 /或 DSLAM发送控制信息, 所述控制信息用于指示 HG 和 /或 DSLAM将与用户所订阅的增值业务对应的数据,通过预设的增值业 务通道进行转发。  Specifically, the policy controller generates the user service policy information according to the user subscription information, where the user service policy information records the service type information of the value-added service subscribed by the user, indicating which users subscribe to which value-added services, and the service type corresponding to the service type. The processing policy is to instruct the BNG to perform DPI detection on the service data subscribed by the user; and then send the user service policy information to the BNG through the first sending module 21; after the BNG performs DPI detection on the data, the detection result is reported by the BNG. The receiving module 22 is responsible for receiving and generating control information for the HG and/or DSLAM, and transmitting the control information to the HG and/or the DSLAM through the first sending module 21, and the first sending module 21 sends control information to the HG and/or the DSLAM, The control information is used to indicate that the data corresponding to the value-added service subscribed by the user by the HG and/or the DSLAM is forwarded through the preset value-added service channel.
本实施例提供的策略控制器能够根据硬件设备本身的业务感知能力 和用户的订阅信息生成深度报文检测业务策略信息, 并发送给 BNG,指示 BNG对特定用户的特定数据进行优先调度处理, 满足用户的业务需求,提 高了业务服务质量。  The policy controller provided in this embodiment can generate the deep packet detection service policy information according to the service sensing capability of the hardware device and the subscription information of the user, and send the information to the BNG, instructing the BNG to perform priority scheduling processing on the specific data of the specific user, and satisfy the BNG. The business needs of users improve the quality of business services.
图 7为本发明接入设备实施例结构示意图, 如图 7所示, 该接入设备 包括第三接收模块 31和第二发送模块 32,其中第三接收模块 31用于接收 数据; 第二发送模块 32用于根据控制信息, 将所述数据通过预设的增值 业务通道进行转发, 所述控制信息用于指示所述接入设备将与用户所订阅 的增值业务对应的数据, 通过预设的增值业务通道进行转发。  FIG. 7 is a schematic structural diagram of an embodiment of an access device according to the present invention. As shown in FIG. 7, the access device includes a third receiving module 31 and a second sending module 32, where the third receiving module 31 is configured to receive data; The module 32 is configured to forward the data to the preset value-added service channel according to the control information, where the control information is used to indicate that the access device compares data corresponding to the value-added service subscribed by the user, by using a preset Value-added service channels are forwarded.
所述的接入设备可以为家庭网关或数字用户线接入复用器, 若接入设 备为家庭网关时, 则第三接收模块 31接收数据, 第二发送模块 32用于根 用户线接入复用器 DSLAM。 若接入设备为数字用户线接入复用器, 则第 三接收模块 31接收数据, 第二发送模块 32用于根据控制信息, 将所述数 本实施例提供的接入设备, 能够根据预先规划好的调度转发策略对用 户的增值业务数据进行优先调度处理, 满足用户的业务需求, 提高了业务 服务质量。 The access device may be a home gateway or a digital subscriber line access multiplexer. If the access device is a home gateway, the third receiving module 31 receives data, and the second sending module 32 is used for root subscriber line access. Multiplexer DSLAM. If the access device is a digital subscriber line access multiplexer, then The receiving module 31 receives the data, and the second sending module 32 is configured to: according to the control information, enable the access device provided by the foregoing embodiments to perform priority scheduling processing on the value-added service data of the user according to the pre-planned scheduling forwarding policy. To meet the business needs of users and improve the quality of business services.
以上实施例仅用以说明本发明的技术方案, 而非对其限制; 尽管参照 前述实施例对本发明进行了详细的说明, 本领域的普通技术人员应当理 解: 其依然可以对前述各实施例所记载的技术方案进行修改, 或者对其中 部分技术特征进行等同替换; 而这些修改或者替换, 并不使相应技术方案 的本质脱离本发明各实施例技术方案的精神和范围。  The above embodiments are only used to illustrate the technical solutions of the present invention, and are not intended to be limiting; although the present invention has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that The technical solutions are described as being modified, or equivalents are replaced by some of the technical features; and such modifications or substitutions do not depart from the spirit and scope of the technical solutions of the embodiments of the present invention.

Claims

权 利 要 求 Rights request
1、 一种数据处理方法, 其特征在于, 包括:  A data processing method, comprising:
接收数据, 根据所述数据所属用户的数据处理策略信息, 判断是否需 要对所述数据进行深度报文检测;  Receiving data, according to the data processing policy information of the user to which the data belongs, determining whether it is necessary to perform deep packet inspection on the data;
若需要, 则对所述数据进行深度报文检测, 获得所述数据中各数据流 的业务类型;  If necessary, performing deep packet inspection on the data to obtain a service type of each data stream in the data;
根据所述数据处理策略信息和所述数据中各数据流的业务类型, 对所 述数据中业务类型与所述用户所订阅的增值业务类型相同的数据流进行 标识;  And identifying, according to the data processing policy information and the service type of each data stream in the data, a data flow in which the service type in the data is the same as the value-added service type subscribed by the user;
对标识出的数据流进行调度转发。  Scheduling and forwarding the identified data stream.
2、 根据权利要求 1 所述的数据处理方法, 其特征在于所述根据所述 数据所属用户的数据处理策略信息, 判断是否需要对所述数据进行深度报 文检测包括:  The data processing method according to claim 1, wherein the determining, according to the data processing policy information of the user to which the data belongs, whether to perform deep packet detection on the data includes:
根据所述数据处理策略信息中的数据流状态信息, 判断得知所述数据 中各数据流的业务类型为未知; 且  Determining, according to the data flow state information in the data processing policy information, that the service type of each data flow in the data is unknown;
根据所述数据处理策略信息中的用户业务策略信息, 判断得知所述用 户订阅了增值业务, 则需要对所述数据进行深度报文检测。  And determining, according to the user service policy information in the data processing policy information, that the user subscribes to the value-added service, performing deep packet detection on the data.
3、 根据权利要求 2所述的数据处理方法, 其特征在于所述根据所述 数据处理策略信息和所述数据中各数据流的业务类型, 对所述数据中业务 类型与所述用户所订阅的增值业务类型相同的数据流进行标识包括: 根据所述用户业务策略信息中所述用户订阅的增值业务对应的业务 类型和所述数据中各数据流的业务类型, 在所述数据流状态信息中将所述 数据中各数据流的业务类型标记为对应于增值业务的标识。  The data processing method according to claim 2, wherein the subscription to the service type in the data and the user according to the data processing policy information and the service type of each data stream in the data The identification of the data flow with the same value-added service type includes: according to the service type corresponding to the value-added service subscribed by the user in the user service policy information, and the service type of each data flow in the data, the data flow status information The service type of each data stream in the data is marked as an identifier corresponding to the value-added service.
4、 根据权利要求 1或 2或 3所述的数据处理方法, 其特征在于所述 对标识出的数据流进行调度转发包括:  The data processing method according to claim 1 or 2 or 3, wherein the scheduling and forwarding the identified data stream comprises:
若所述数据为下行数据, 则对标识出的与所述用户所订阅的增值业务 对应的数据流, 通过预设的增值业务通道进行调度转发; If the data is downlink data, the identified value-added service subscribed to the user Corresponding data flow, scheduling and forwarding through a preset value-added service channel;
若所述数据为上行数据, 则对标识出的与所述用户所订阅的增值业务 对应的数据流进行优先调度转发。  If the data is uplink data, the data flow corresponding to the value-added service subscribed by the user is preferentially scheduled and forwarded.
5、 根据权利要求 4所述的数据处理方法, 其特征在于所述通过预设 的增值业务通道进行调度转发之前包括:  The data processing method according to claim 4, wherein the scheduling and forwarding by using the preset value-added service channel comprises:
在数据传输路径设备上, 通过静态或动态的方式建立所述增值业务通 道。  The value-added service channel is established in a static or dynamic manner on the data transmission path device.
6、 根据权利要求 4所述的数据处理方法, 其特征在于所述接收数据 之后包括:  6. The data processing method according to claim 4, wherein the receiving the data comprises:
根据所述数据中能够标识所述数据所属用户的信息, 确定所述数据所 属的用户。  Determining a user to which the data belongs is based on information in the data that can identify the user to which the data belongs.
7、 根据权利要求 2所述的数据处理方法, 其特征在于所述接收数据 之前包括:  7. The data processing method according to claim 2, wherein said receiving data comprises:
接收策略控制器发送的所述用户业务策略信息; 或  Receiving the user service policy information sent by the policy controller; or
主动向策略控制器获取所述用户业务策略信息。  The user service policy information is obtained from the policy controller.
8、 根据权利要求 7 所述的数据处理方法, 其特征在于所述接收策略 控制器发送的所述用户业务策略信息或主动向策略控制器获取所述用户 业务策略信息之前包括:  The data processing method according to claim 7, wherein the receiving the user service policy information sent by the policy controller or actively obtaining the user service policy information from the policy controller comprises:
根据用户的增值业务的订阅信息, 生成并发送所述用户业务策略信 息, 所述用户业务策略信息中包括所述用户订阅的增值业务的业务类型和 对应的处理策略。  The user service policy information is generated and sent according to the subscription information of the value-added service of the user, where the user service policy information includes a service type of the value-added service subscribed by the user and a corresponding processing policy.
9、 根据权利要求 4所述的数据处理方法, 其特征在于所述方法还包 括:  9. The data processing method according to claim 4, wherein the method further comprises:
向控制平台发送对所述数据进行深度报文检测处理的检测结果信息; 所述控制平台根据所述检测结果信息, 向接入设备发送控制信息, 所 述控制信息用于指示所述接入设备将与用户所订阅的增值业务对应的数 据, 通过预设的增值业务通道进行转发。 Sending, to the control platform, detection result information that performs deep packet detection processing on the data; the control platform sends control information to the access device according to the detection result information, where the control information is used to indicate the access device The number that will correspond to the value-added service that the user subscribes to According to the pre-set value-added service channel for forwarding.
10、 根据权利要求 9所述的数据处理方法, 其特征在于所述控制平台 根据所述检测结果信息, 向接入设备发送控制信息之后包括:  The data processing method according to claim 9, wherein the control platform, after transmitting the control information to the access device according to the detection result information, includes:
所述接入设备根据所述控制信息, 将所述数据通过所述预设的增值业 务通道进行转发。  The access device forwards the data through the preset value-added service channel according to the control information.
11、 根据权利要求 2所述的数据处理方法, 其特征在于所述方法还包 括:  11. The data processing method according to claim 2, wherein the method further comprises:
根据所述数据流状态信息,判断得知所述数据中各数据流的业务类型 为已知, 则根据所述用户业务策略信息, 将所述数据中与所述用户所订阅 的增值业务对应的数据流, 通过预设的增值业务通道进行转发。  Determining, according to the data flow state information, that the service type of each data flow in the data is known, and corresponding to the value-added service subscribed by the user according to the user service policy information. The data stream is forwarded through a preset value-added service channel.
12、 一种宽带网络网关, 其特征在于包括:  12. A broadband network gateway, characterized by comprising:
第一接收模块, 用于接收数据并判断所述数据所属用户;  a first receiving module, configured to receive data and determine a user to which the data belongs;
判断模块, 用于根据所述数据所属用户的数据处理策略信息, 判断是 否需要对所述数据进行深度报文检测;  a determining module, configured to determine, according to data processing policy information of the user to which the data belongs, whether to perform deep packet detection on the data;
检测模块, 用于根据所述判断模块的指示对所述数据进行深度报文检 测, 获得所述数据中各数据流的业务类型;  a detecting module, configured to perform deep packet inspection on the data according to the indication of the determining module, to obtain a service type of each data stream in the data;
表管理模块, 用于根据所述数据处理策略信息和所述数据中各数据流 的业务类型, 对所述数据中业务类型与所述用户所订阅的增值业务类型相 同的数据流进行标识;  a table management module, configured to identify, according to the data processing policy information and a service type of each data stream in the data, a data flow in which the service type in the data is the same as the value-added service type subscribed by the user;
转发模块, 用于对所述表管理模块标识出的数据流进行调度转发。 And a forwarding module, configured to perform scheduling and forwarding on the data flow identified by the table management module.
13、 根据权利要求 12 所述的宽带网络网关, 其特征在于所述判断模 块包括: 13. The broadband network gateway of claim 12, wherein the determining module comprises:
第一判断子模块, 用于根据所述数据处理策略信息中的数据流状态信 息, 判断所述数据中各数据流的业务类型是否为未知;  a first determining sub-module, configured to determine, according to the data flow state information in the data processing policy information, whether the service type of each data flow in the data is unknown;
第二判断子模块, 用于根据所述数据处理策略信息中的用户业务策略 信息, 判断所述用户是否订阅了增值业务。 The second determining sub-module is configured to determine, according to the user service policy information in the data processing policy information, whether the user subscribes to the value-added service.
14、根据权利要求 12或 13所述的宽带网络网关,其特征在于还包括: 报告模块, 用于向控制平台发送对所述数据进行深度报文检测处理获 得的所述数据中各数据流的业务类型信息。 The broadband network gateway according to claim 12 or 13, further comprising: a reporting module, configured to send, to the control platform, each data stream in the data obtained by performing deep packet detection processing on the data Business type information.
15、 根据权利要求 12或 13所述的宽带网络网关, 其特征在于所述第 一接收模块还用于接收所述用户业务策略信息, 所述用户业务策略信息包 括所述用户订阅的增值业务的业务类型信息。  The broadband network gateway according to claim 12 or 13, wherein the first receiving module is further configured to receive the user service policy information, where the user service policy information includes a value-added service subscribed by the user. Business type information.
16、 一种策略控制器, 其特征在于包括:  16. A policy controller, comprising:
第一发送模块, 用于向宽带网络网关发送用户业务策略信息, 所述用 户业务策略信息包括用户订阅的增值业务的业务类型信息和对应的处理 策略;  a first sending module, configured to send user service policy information to the broadband network gateway, where the user service policy information includes service type information of the value-added service subscribed by the user and a corresponding processing policy;
第二接收模块, 用于接收所述宽带网络网关发送的对所述数据进行深 度报文检测处理获得的所述数据中各数据流的业务类型信息。  And a second receiving module, configured to receive service type information of each data stream in the data obtained by performing deep packet detection processing on the data sent by the broadband network gateway.
17、 根据权利要求 16 所述的策略控制器, 其特征在于所述第一发送 模块还用于向接入设备发送控制信息, 所述控制信息用于指示所述接入节 点将与用户所订阅的增值业务对应的数据, 通过预设的增值业务通道进行 转发。  The policy controller according to claim 16, wherein the first sending module is further configured to send control information to the access device, where the control information is used to indicate that the access node is to subscribe to the user. The data corresponding to the value-added service is forwarded through a preset value-added service channel.
18、 一种接入设备, 其特征在于包括:  18. An access device, comprising:
第三接收模块, 用于接收数据;  a third receiving module, configured to receive data;
第二发送模块, 用于根据控制信息, 将所述数据通过预设的增值业务 通道进行转发, 所述控制信息用于指示所述接入设备将与用户所订阅的增 值业务对应的数据, 通过预设的增值业务通道进行转发。  a second sending module, configured to forward the data to a preset value-added service channel according to the control information, where the control information is used to indicate that the access device compares data corresponding to the value-added service subscribed by the user, The preset value-added service channel is forwarded.
PCT/CN2009/071456 2008-06-04 2009-04-24 Data processing method, broadband network gateway, policy controller and access device WO2009146621A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN2008101143702A CN101599895B (en) 2008-06-04 2008-06-04 Data processing method, wideband network gateway, strategy controller device and accessing node equipment
CN200810114370.2 2008-06-04

Publications (1)

Publication Number Publication Date
WO2009146621A1 true WO2009146621A1 (en) 2009-12-10

Family

ID=41397726

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2009/071456 WO2009146621A1 (en) 2008-06-04 2009-04-24 Data processing method, broadband network gateway, policy controller and access device

Country Status (2)

Country Link
CN (1) CN101599895B (en)
WO (1) WO2009146621A1 (en)

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2566115A1 (en) * 2010-06-04 2013-03-06 Huawei Technologies Co., Ltd. Method, network device and network system for data service processing
CN103079280A (en) * 2011-10-26 2013-05-01 中国电信股份有限公司 Network resource scheduling method and device
CN103701837A (en) * 2012-09-27 2014-04-02 中兴通讯股份有限公司 PPP (Point-to-point Protocol) on-demand dialing method and home gateway
CN103888890A (en) * 2014-03-10 2014-06-25 京信通信***(广州)有限公司 Data transmission method and equipment
CN109547475A (en) * 2018-12-25 2019-03-29 中电福富信息科技有限公司 Business experience analysis system based on the acquisition of native network data traffic
WO2019061340A1 (en) * 2017-09-29 2019-04-04 华为技术有限公司 Packet forwarding control method and apparatus
CN115842697A (en) * 2023-02-01 2023-03-24 阿里巴巴(中国)有限公司 Access control method of private network, control method of virtual reality equipment and equipment

Families Citing this family (24)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102378382B (en) * 2010-08-10 2015-05-27 华为技术有限公司 Method, equipment and system for scheduling data streams
CN102142925B (en) * 2010-08-12 2015-01-07 华为技术有限公司 Method, equipment and system for filtering deep packet inspection
CN102469015B (en) * 2010-11-17 2016-04-13 中兴通讯股份有限公司 Realize method and device, the system of relay selection
CN102547861B (en) * 2010-12-08 2016-04-13 中兴通讯股份有限公司 data distribution method and local gateway
CN102685911A (en) * 2011-03-15 2012-09-19 普天信息技术研究院有限公司 Business scheduling method in LTE system
CN102802169B (en) * 2011-05-25 2018-01-02 中兴通讯股份有限公司 A kind of Operational Visit control method and system
CN102811204A (en) * 2011-06-01 2012-12-05 普天信息技术研究院有限公司 Load-bearing control system in evolved packet core based on depth package inspection and method
CN102325350B (en) * 2011-07-20 2014-10-29 大唐移动通信设备有限公司 Service filtering method and device based on default bearer
WO2013152472A1 (en) 2012-04-09 2013-10-17 华为技术有限公司 Communication method and system, access network device, and application server
CN103036789B (en) * 2012-12-18 2015-09-23 北京星网锐捷网络技术有限公司 File transmitting method, device and network gateway devices
CN103250382B (en) 2012-12-28 2017-04-26 华为技术有限公司 Distribution method, apparatus and system
CN104283801A (en) * 2013-07-04 2015-01-14 中兴通讯股份有限公司 Method and system for processing service data
CN104427556B (en) * 2013-08-21 2018-09-25 中国电信股份有限公司 The method and apparatus of service quality of wireless local area networks grade control
CN104468675B (en) * 2013-09-25 2019-06-11 中兴通讯股份有限公司 Data processing method and equipment
WO2015100644A1 (en) * 2013-12-31 2015-07-09 华为技术有限公司 Method and apparatus for processing packet
KR102462861B1 (en) * 2015-08-05 2022-11-02 퀄컴 인코포레이티드 Deep Packet Inspection Markings for Mobile CDNs
WO2017075781A1 (en) * 2015-11-05 2017-05-11 华为技术有限公司 Method, apparatus, and system for processing data packets
CN107769941A (en) * 2016-08-16 2018-03-06 中兴通讯股份有限公司 A kind of method and device for managing data
CN107864168B (en) * 2016-09-22 2021-05-18 华为技术有限公司 Method and system for classifying network data streams
CN107231664B (en) * 2017-05-25 2019-11-08 上海连尚网络科技有限公司 A kind of method and apparatus for user equipment progress flow control
CN109921993B (en) * 2017-12-12 2021-08-17 中国电信股份有限公司 Data transmission method of communication system and communication system
CN110198313B (en) * 2019-05-23 2021-12-24 新华三信息安全技术有限公司 Method and device for generating strategy
CN114079971A (en) * 2021-11-17 2022-02-22 中国电信股份有限公司 Service flow management and control method, system, DPI node and storage medium
CN117201623A (en) * 2022-05-30 2023-12-08 华为技术有限公司 Method and device for transmitting data

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060123481A1 (en) * 2004-12-07 2006-06-08 Nortel Networks Limited Method and apparatus for network immunization
CN101056222A (en) * 2007-05-17 2007-10-17 华为技术有限公司 A deep message detection method, network device and system
CN101090515A (en) * 2006-06-15 2007-12-19 中兴通讯股份有限公司 Broadband value-added service operation system
CN101094276A (en) * 2006-06-23 2007-12-26 中兴通讯股份有限公司 Terminal module of supporting broadband value added service, and application method

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7490349B2 (en) * 2005-04-01 2009-02-10 International Business Machines Corporation System and method of enforcing hierarchical management policy

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060123481A1 (en) * 2004-12-07 2006-06-08 Nortel Networks Limited Method and apparatus for network immunization
CN101090515A (en) * 2006-06-15 2007-12-19 中兴通讯股份有限公司 Broadband value-added service operation system
CN101094276A (en) * 2006-06-23 2007-12-26 中兴通讯股份有限公司 Terminal module of supporting broadband value added service, and application method
CN101056222A (en) * 2007-05-17 2007-10-17 华为技术有限公司 A deep message detection method, network device and system

Cited By (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2566115A1 (en) * 2010-06-04 2013-03-06 Huawei Technologies Co., Ltd. Method, network device and network system for data service processing
EP2566115A4 (en) * 2010-06-04 2013-03-27 Huawei Tech Co Ltd Method, network device and network system for data service processing
CN103079280A (en) * 2011-10-26 2013-05-01 中国电信股份有限公司 Network resource scheduling method and device
CN103701837A (en) * 2012-09-27 2014-04-02 中兴通讯股份有限公司 PPP (Point-to-point Protocol) on-demand dialing method and home gateway
CN103888890A (en) * 2014-03-10 2014-06-25 京信通信***(广州)有限公司 Data transmission method and equipment
WO2019061340A1 (en) * 2017-09-29 2019-04-04 华为技术有限公司 Packet forwarding control method and apparatus
CN109547475A (en) * 2018-12-25 2019-03-29 中电福富信息科技有限公司 Business experience analysis system based on the acquisition of native network data traffic
CN109547475B (en) * 2018-12-25 2021-06-29 中电福富信息科技有限公司 Business experience analysis system based on local network data flow collection
CN115842697A (en) * 2023-02-01 2023-03-24 阿里巴巴(中国)有限公司 Access control method of private network, control method of virtual reality equipment and equipment
CN115842697B (en) * 2023-02-01 2023-05-23 阿里巴巴(中国)有限公司 Access control method of private network, control method of virtual reality equipment and equipment

Also Published As

Publication number Publication date
CN101599895A (en) 2009-12-09
CN101599895B (en) 2012-07-04

Similar Documents

Publication Publication Date Title
WO2009146621A1 (en) Data processing method, broadband network gateway, policy controller and access device
US10750362B2 (en) Apparatus and method of automatically provisioning a femtocell
US8102879B2 (en) Application layer metrics monitoring
CN109451264B (en) Method and system for monitoring equipment conference entry
CN109068186B (en) Method and device for processing packet loss rate
US20040177107A1 (en) Method for providing services with guaranteed quality of service in IP access network
CN110519119B (en) Bandwidth management method and device based on video network and storage medium
US9300551B2 (en) Service quality management system and method
WO2011150701A1 (en) Method, network device and network system for data service processing
CN106716939B (en) QOS improvement in data stream delivery
WO2014074962A1 (en) Detecting quality of service for unified communication and collaboration (uc&c) on internetworks
KR20130093651A (en) Content based vlan classification and framework for ethernet network to support content based bridging
US8559353B2 (en) Multicast quality of service module and method
CN111224889A (en) Data transmission method and device
CN111131911A (en) Multicast method and device
CN110121049A (en) A kind of IMS conference medium method of flow control and device
CN102907044B (en) Business scheduling method and device under many wideband network gateways
CN111182258B (en) Data transmission method and device for network conference
WO2008046336A1 (en) A system and method for realizing distributed access control in multicast service
CN110519549B (en) Conference terminal list obtaining method and system
CN109862439B (en) Data processing method and device
EP1978682A1 (en) QoS CONTROL METHOD AND SYSTEM
CN109889755B (en) Communication connection method and video networking terminal
CN110049269B (en) Video networking conference management method, server and client
Banchuen et al. An SDN framework for video conference in inter-domain network

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 09757055

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 09757055

Country of ref document: EP

Kind code of ref document: A1