In each layer structure of the current Internet, protocol entities of all layers except for the physical layer have their own name spaces, which are MAC addresses for a link layer, IP addresses for a network layer, IP addresses and port numbers for a transport stratum, and domain names for an application layer respectively. In these name spaces, the MAC address is only required to be unique in a subnet, while the port number is only required to be unique within the host, and therefore, there are two important global name spaces in the Internet, i.e., the IP address and the domain name. The analysis between the domain name and the IP address is implemented through the DNS. In such a name space structure, the IP address has dual functions, i.e., not only functioning as a location identifier of a network interface of a communication terminal host of the network layer in a network topology, but also functioning as an identity identifier of a network interface of the host of the transport stratum. At the beginning of the TCP/IP design, the case that the host moves is not considered, but with the development of the Next Generation Networks (NGN), the problems of user mobility and host multihoming are more and more common, and the defect of semantic overload of this IP address is increasingly evident. When the host's IP address changes, not only the route will change, but also the identity identifier of the communication terminal host will change. The change of the route is acceptable, but the change of a Host Identifier (Host ID) will lead to an interruption in applications and connections.
In order to support mobility and multihoming and better support the continuity of a conversation, the industry proposed an ID/locator separation in NGN (IPSPLIT) technology. The IPSPLIT technology takes a Host ID as an identity identifier of the host, and the Host ID globally and uniquely identifies each host connected to the Internet, and its purpose is to separate the transport stratum and the network layer to provide a secure host mobility and multi-host method for the Internet and provide an encrypted host identity namespace to make it easier to authenticate both communicating parties, thus achieving a secure and trustable network system. In the IPSPLIT network, the IP address only indicates a route location of the communication terminal host in the network topology. This technique solves the problem of semantics overload of the IP address, and separates the dual functions of the IP address, and implements supporting for problems such as multi-mobility, multihoming, IP address dynamic re-allocation, and interacts between different network areas etc.
The IPSPLIT technology is based on the NGN. In the IPSPLIT network, the user can be movable and can also be multihoming. At this time, allocation of IP address to a user is not unique, and one host identifier can correspond to multiple IP addresses, and thus can well solve the problems of multi-homing and mobility. The host identity of a multi-homing device corresponds to multiple IP addresses, and if one IP address cannot be used, or there is another IP address more suitable, the established connection for the transport stratum can be easily transferred to another IP address. Due to the moving of the host, the IP address will change, but the Host ID does not change, and therefore, the connection for the transport stratum can be uninterrupted, but the mobile node should notify the change of its own IP address. Since the connection for the transport stratum is bound with the Host ID and the IP address is only used for routing, the IPSPLIT technology enables the interacts between different network areas, such as between the public network and the private network, as well as between the IPv4 network and the IPv6 network etc.
FIG. 1 is a schematic diagram of Ipsplit-based NGN architecture, including network attachment control functions, Id-Loc-Control Functions (ILCF), transport functions, resource and admission control functions, service control functions and end-user functions.
Wherein, the network attachment control functions provide functions such as registration, authentication, authorization, address allocation, parameter configuration, location management etc. for an User Equipment (UE)/user network accessing to the NGN network.
The ILCF stores and dynamically updates the ID/LOC mapping.
The transport Functions complete the transport of information.
The Resource and Admission Control Functions complete admission control, resource reservation etc. when the UE/user network accesses to the network based on a policy and network resource status.
The service control functions belong to a part of the service stratum and complete the registration, authentication, authorization and resource control etc. on the service stratum.
The end-user functions provide users with network access functions.
The functional framework of the NGN system based on the IPSPLIT is shown in FIG. 2, wherein, the functions of various functional entities are as follows.
The Transport User Profile Functional Entity (TUP-FE) is used to store transfer plane related user information.
The Transport Authentication and Authorization Functional Entity (TAA-FE) is used to provide the authentication and authorization functions of the transport stratum, and perform authentication and authorization checking on the user's network access based on the user information.
The Access Management Functional Entity (AM-FE) is used to translate or transform a network access request initiated by the user, and send a request for allocating IP addresses and other network configuration parameters to a Network Access Configuration Functional Entity (NAC-FE).
The NAC-FE is used to be responsible for allocating an IP address to the UE, and meanwhile, possibly allocating other network configuration parameters such as an address of a DNS server, an address of a signaling proxy etc. to the UE.
The Transport Location Management Functional Entity (TLM-FE) is used to register the IP address allocated to the user and other network location information provided by the NAC-FE.
The Id-Loc-split Mapping Function Entity (ILM-FE) functions as a mapping database entity of a user ID-LOC-split system in the NGN, and is used to implement the user identity identifier (Host ID)- to-location (LOC) mapping.
In the existing IPSPLIT network, the ID/LOC mapping is actively initiated by the UE. After acquiring an IP address, the UE actively sends an ID/LOC mapping request to the ILM-FE. After updating its ID/LOC mapping, the ILM-FE returns an ID/LOC mapping response to the UE. The implementation process of the UE actively initiating the ID/LOC mapping is shown in FIG. 3, and comprises the following processes.
A. A process of authentication and authorization.
The UE requests the AM-FE for a network attachment, and the AM-FE completes the process of authentication and authorization of the user through the ILM-FE.
B. A process of IP address configuration.
The process of IP address configuration is consistent with a process of IP address configuration for UE in a general NGN system, and it can be obtained through self-configuration or a Dynamic Host Configuration Protocol (DHCP) mode. The process specifically comprises the following steps.
The UE sends an address request to the NAC-FE through the DHCP;
the NAC-FE pushes binding information to the TLM-FE, wherein, the binding message comprises a temporal address allocated by the NAC-FE and other information such as logical and physical port address translation related information; and
the TLM-FE pushes policy information to the RACF, and meanwhile, sends the binding information with the address to the NAC-FE, and the NAC-FE allocates a new IP address to the UE.
C. A process of ID/LOC mapping.
C.1. The UE sends an ID/LOC mapping request to the ILM-FE; and
C.2. After updating the ID/LOC mapping, the ILM-FE returns an ID/LOC mapping response to the UE.
D. A process of transport location management.
The SCF interacts with the ILM-FE to achieve the transport location management.
In existing ipsplit-based networks, the ID/LOC mapping is actively initiated by the UE. Although the UE actively initiating the ID/LOC mapping can achieve the ipsplit technology, in the network-based ipsplit technology, the UE actively initiating the ID/LOC mapping makes the efficiency be not very high.