This invention relates to a method and arrangement of providing high speed data services to a large number of users via a communications network.
The provision of mass market Internet services presents traffic management problems for both telecommunications carriers and Internet Service Providers.
At present most private users are connected to the Internet over modems which operate in the voice band. These services have low transmission rates and also tie up the exchange connection preventing simultaneous use of the phone on the same line and loading the exchange.
High speed access technologies have emerged which make the delivery of fast data and data-like services practical for the mass/brood market. Such technologies include transmission technologies such as ADSL and Hybrid Fibre Coax and multiplexing/Switching technologies such as ATM. A number of Internet Protocol (IP) based access services have been implemented and often use ATM as an underlying transport technique. However in these implementations, the carriage of services is usually based on the Internet Protocol and so the underlying ATM flows must be terminated at each location at which IP traffic is processed.
Therefore in IP based access networks which use ATM as the underlying transport, the advantages of using end to end ATM are foregone.
For an ATM end to end based access service, it has been necessary to establish individual ATM connections carrying AAL5 encapsulated data across the entire network between each subscriber and their ISP(s) of choice. In a mass market deployment of ATM technology, for example high speed Internet access based on ATM to residential subscribers, the number of ATM flows can amount to tens to hundreds of thousands simultaneously.
A service provider, such as an Internet Service Provider, may need to terminate an individual information flow from each of its subscribers. This requirement could be imposed for service reasons, billing reasons, security reasons or routing reasons.
Typical large ISPs must design their systems to cope with up to hundreds of thousands of subscribers.
In an ATM connected scenario, at least two issues arise for service providers:
ATM interface cards for switches and workstations terminate a finite maximum number of simultaneous ATM connections. Typically, this maximum number of connections is of the order of 1000 or fewer. This maximum number of ATM connections is significantly fewer than the number of subscribers to a large ISP.
The cost of leased public ATM links is generally relatively expensive compared with the competitive price charged for a single residential internet service. In order to remain viable, ISPs offering high speed internet access over ATM would therefore require each leased ATM link into the public network to be shared by a relatively large number of residential subscribers. Certainly, the number of subscribers sharing a 155 Mbit/s link (for example) would need to be much greater than 1000.
Routing in the access network via traditional means is unsuitable in a multi service provider environment or in an environment where the service provider is different from the access network provider. This is because xe2x80x9croutingxe2x80x9d is a service which provides a value added connectivity and could potentially lead to traffic nominally served by a particular service provider to bypass or be routed around that service provider altogether.
Other issues arise in an ATM connected scenario which affect both access carriers and service providers:
The logistical and technical difficulty of managing individual end to end ATM connections for each subscriber is significant.
Internet standards can be found on the Internet at: http://ds1.internic.net/std/
A description of the ATM cell and header structure is given in the book xe2x80x9cAsynchronous Transfer Mode-Solution for Broadband ISDNxe2x80x9d, Martin de Prycker; Prentice Hall, 3rd ed, 1995, at page 63 et seq. Essentially the information field is relatively small to minimize buffer size, and the header is used only to identify the link through the next stage, which contains a translation table to replace the header on the outgoing cells for use in the subsequent stage. ATM operates in a connection-oriented mode where the virtual connection is identified by the ATM header and the translation tables.
It is desirable to extend higher speed links to broad or mass market data services. This specification discloses an architecture capable of delivering Internet and other data services to hundreds of thousands of subscribers. In the preferred solution the Internet subscribers are linked into a packet network using ATM in an end to end manner. In a specific embodiment the ATM link is implemented using ADSL over the copper pair. ADSL operates outside the voice band so this opens the possibility of operating a conventional phone and the Internet connection simultaneously. An access gateway is used within the communications network to terminate the ATM connections and map the traffic using multiplexing into a single connection for the ISP. The data may be managed at the AAL5 layer level (ATM Adaptation Layer 5) at the user and exchange interface.
At the service provider interface, traffic arrives from a large number of subscribers multiplexed into a much smaller number of ATM flows. Traffic directed from the service provider towards the subscribers is multiplexed by the service provider into the appropriate flow towards that subscriber""s access gateway.
This specification describes an internet communication system including a plurality of subscribers connected to a plurality of service providers via a communication network;
wherein each subscriber is able to communicate with a predetermined one (or more) of the service providers over a private individual logical link (or links) or data flow (or flows) using a communication protocol;
wherein data flows from individual subscribers are terminated in the communication network close to the subscribers and multiplexed together for transmission to the predetermined service provider.
In a preferred arrangement, the connection between the user and the exchange utilizes an ATM protocol which may, for example, be implemented over an ADSL or other suitable high speed link.
In a further embodiment the communications network includes one or more geographically diverse exchange locations around which subscribers in the area are grouped through an access network.
In a further embodiment the communication network includes one or more data gateway devices collocated with one or more such devices more centrally located than the exchange locations and concentrating subscriber traffic into a central access network.
In a fourth embodiment the service providers are coupled to the central access network via a high speed communication link.
In a fifth embodiment the service providers are coupled to the central access network directly or via data gateway devices.
In a sixth embodiment destination address information, or source address information or a combination thereof from the communication protocol is used to uniquely identify the routing of data packets.
In a preferred arrangement, the routing means within the data gateway are configured to prevent direct communication between one subscriber and another through the data gateway.
Also in a preferred arrangement, the routing means within the data gateway are configured to prevent direct communication between one ISP and another through the data gateway.
In a still further embodiment, when the ATM flows are processed in the data gateway, the ATM VP/VC for each individual connection is practically terminated but a logically unique connection path is maintained across the full span of the connection between the subscriber and their service provider.
In yet another embodiment when the ATM flows are practically terminated, the ATM VP/VC is stored and the ATM VP/VC identifier is used as a basis for multiplexing data flows from one or more subscribers addressed to a particular service provider into shared VP/VC flows between the gateway and service provider.
In yet another embodiment the ATM flows from a subscriber are terminated at the data gateway to which the subscriber is connected, and wherein the said data gateway includes tables for use in multiplexing using ATM VP/VC identifiers.
Another embodiment provides that a multiplexing table is used for upstream traffic, and a de-multiplexing table is used for downstream traffic.
Preferably, in the multiplexing tables, each logical subscriber connection is associated with only one service provider. Each service provider is preferably associated with a list of subscribers.
Optionally, one or more subscribers may have more than one logical connection to enable the subscriber to connect to more than one service provider.
In another embodiment the communication network includes a plurality of data gateways, and wherein there is a separate multiplexed VP/VC flow between each data gateway and each service provider.
Preferably, protocol address sharing, for example Internet Protocol address sharing, is implemented within the service provider to facilitate simultaneous connection of a large number of subscribers to the network, for example The Internet, using a much smaller number of network addresses.
In another embodiment the gateway forwards traffic on the basis of a static connection between the logical subscriber port and the service provider.
In a still further embodiment the gateway forwards traffic in the direction from the subscriber towards the service provider on the basis of the packet source address which is an address associated with a corresponding subscriber.
In a still further embodiment the gateway forwards traffic in the direction from the service provider towards the subscriber on the basis of the packet destination address which is an address associated with a corresponding subscriber.
In yet another embodiment the data gateway includes a means in the direction from subscriber towards ISP to verify the legitimacy of the source address provided by the subscriber in each subscriber packet.
In yet another embodiment the data gateway includes a means to discard packets with illegitimate source addresses directed from a subscriber towards an ISP.
In still another embodiment the data gateway includes a means to overwrite the source address before forwarding packets directed from a subscriber towards an ISP in which the original packet contains an illegitimate source address.
In yet another embodiment the data gateway includes a means in the direction from ISP towards subscriber to verify the legitimacy of the source and destination addresses provided by the ISP in each ISP packet.
In yet another embodiment the data gateway includes a means to discard packets with illegitimate source or destination addresses directed from an ISP towards a subscriber.
In still another embodiment the data gateway includes a means to overwrite the source address before forwarding packets directed from an ISP towards a subscriber in which the original packet contains an illegitimate source address.
The invention also provides method of implementing Internet communication in conjunction with the above arrangements.
The invention will be described with reference to the connection of a plurality of Internet users to a number of Internet Service Providers (ISP), or quasi-ISP such as corporations providing telecommuting facilities for their employees. The term xe2x80x9cservice providerxe2x80x9d will be used to refer to both ISPs and quasi-ISPs.