A large scale NGN typically includes three tiers. In the first tier, user end point devices (UEs) are used by subscribers across the network. The second tier comprises NGN edge devices that provide the public interfaces for connecting UEs; for example, Proxy/Call Session Control Function (P-CSCF) defined by 3rd Generation Partnership Project (3GPP) Internet Protocol Multimedia Subsystem (IMS), or Session Border Controller defined by the Telcoms and Internet Converged Services and Protocols for Advanced Networks (TISPAN) NGN standards. Finally, tier 3 is the NGN core that includes other call processing network elements that are deployed behind the edge devices; for example, the core may include Interrogating/CSCF (I-CSCF), Serving/CSCF (S-CSCF), Home Subscribers Service (HSS), Media Gateway Control Function (MGCF), and various application servers, etc.
The user endpoint devices of an NGN are typically configured to access a set of primary edge devices based on physical locations of the UEs, or on the rate centers of UE's phone numbers. The UEs are also capable of accessing a different set of secondary edge devices if the primary edge devices cannot be reached.
An NGN requires all UEs to be authenticated and authorized when they first connect to the network. In NGNs based on the 3GPP IMS standard, for example, UEs must REGISTER to the NGN via an edge device and the NGN will use a Hypertext Transport Protocol (HTTP) digest authentication method to authenticate and authorize the services for each UE. After a UE has successfully registered with the network, the UE is required to re-register with the network periodically. The NGN will typically not re-authenticate the UE for every re-registration and may re-authenticate at a less frequent interval. Therefore, initial registrations by UEs typically require a lot more network processing resources than re-registrations.
In some large scale outage scenarios such as power outages, cable cuts, or certain Internet Service Provider (ISP) failures, a large number of UEs can be disconnected from an NGN for a sustained period of time and, thus, their original registrations expire. When the outage problem is fixed, the large number of UEs starts to re-connect to their primary NGN edge devices, which results in a large number of initial registrations in a very short time period. This situation is typically referred to as a “recovery storm” or as a “registration flood.” A recovery storm can overwhelm the NGN edge devices in the area and cause a serious interruption within the NGN network that has to process a large number of initial registrations with full Authentication, Authorization and Accounting (AAA) processes in a short time window.
Some methods have been suggested to prevent registration floods. For example, Session Initiation Protocol (SIP)-aware intrusion detection and prevention devices may be deployed in front of the NGN edge devices. Those intrusion detection and prevention devices may be configured to reject excessive SIP requests, including SIP registration requests, when the number of those requests exceeds a certain threshold. In another example, some session controller products can be configured to accept only a certain number of initial registration requests per second.
In each of those solutions, however, the UEs remain able to resolve the IP addresses of the target NGN edge devices, and can therefore send excessive numbers of registration requests to the NGN edge devices. There therefore remains a need for a method and system capable of quickly and automatically reinstating a Voice over Internet Protocol (VoIP) communications system after a catastrophic failure. The technique should re-register user endpoints as quickly as possible while avoiding NGN recovery storms.