The recent proliferation of mobile devices have made mobile broadband network operators attempt to offload data traffic to wireless (IEEE 802.11 Wi-Fi) networks whenever possible. These Wi-Fi networks may therefore include user devices, wireless access points, wireless LAN controllers (WLC), and broadband network gateways (BNG). In such a deployment model, service providers need to manage subscribers using BNG.
In providing public Wi-Fi access points, all mobile devices carried by users near the access points may pick up the signal and attach to the Wi-Fi network, regardless of whether the user is aware of the connection. A user, as used herein, may be an unauthenticated device on the network, while a subscriber may be a user that has been authenticated and identified. When mobile devices connect to the public Wi-Fi, their users may or may not log in to the authentication portal in order to authenticate and use network services. If authenticated, these mobile devices are typically forced to go through subscriber management functions of the BNG, and are managed using dedicated control plane sessions and data plane interfaces allocated to each subscriber in the BNG. Currently, however, in BNG since subscribers are identified with the first packet (FSOL) from devices, no distinction is made between authenticated and unauthenticated users. All users are allocated a new session, including system resources, regardless of whether the users are authenticated. If the users are unauthenticated, they are redirected to an authentication portal. All unclassified data FSOL packets may be sent to the CPU of the BNG to trigger the authentication process.
Stated differently, traditionally, until a data plane classification context (identified by mobile device source MAC address), data packets will be unclassified, and therefore must be processed by the CPU of the BNG. A dedicated data plane context is therefore created even for unauthenticated users, only to carry traffic to the authentication portal (or other free portals). This allocation of system resources to unauthenticated users may unnecessarily waste system resources, and is exacerbated when a high churn of roaming users in a concentrated area connect to the access points without authenticating.