Carrier-Grade NAT (CGN) is a technology for address translation in a network of an operator. With the exhaustion of Internet Protocol version 4 (IPv4) address resources, operators urgently need to solve the problem of address resources, and one of the technologies is that an operator uses a private (reserved) address internally and deploys a CGN service on a Broadband Network Gateway (BNG) at an Internet portal of the operator. When a user accesses the Internet, the BNG translates an internal IPv4 addresses into a public network address through CGN, and when a network of the operator is accessed from the Internet, a CGN device translates a public network address into an internal address of the operator.
The operator implements the CGN function by integrating a CGN service card at the BNG. Although such a technology has become mature, there are still certain disadvantages. Firstly, all traffic of access of private networks to public networks on the BNG will be processed by the CGN service card while the CGN service card has limited forwarding performance and CGN translation processing capability, thus the CGN service card will become a serious performance bottleneck for the BNG to carry out broadband services. In the meanwhile, the CGN service card is actually a new hardware fault point for a BNG device. A failure occurring on a CGN service card may cause abnormality in services of all broadband users accessed by this BNG, which will interrupt a service currently browsed by a user in a slight degree and block all user services in a serious degree.
For this reason, Address Plus Port (A+P) technology is a more effective CGN solution, which uses the core concept of CGN principles. However, different from a mainstream CGN solution, A+P technology shifts the CGN function down to a Customer Premises Equipment (CPE) of a user (wherein the CPE includes an enterprise router and a Home Gateway (HG)). When the CPE goes on line, a BNG directly allocates a public network IPv4 address and a port range for translation to the CPE, and then the CPE provides a Network Address Translation (NAT) service for a user terminal in a service range according to the address and the port range according to the following specific flow.
The CPE goes on line via the BNG.
The BNG configures a public network IPv4 address and a transport layer public network port range for the CPE,
wherein the BNG delivers the allocated transport layer public network port range to the CPE through Dynamic Host Configuration Protocol (DHCP) or Point-to-Point Protocol Over Ethernet (PPPoE).
When the network where the user host locates is an IPv4 local area network, the CPE allocates a private network IPv4 address for the user host.
NAT translation is performed at the CPE for a source IP addresses and a source port of an uplink private network IPv4 data packet from a user side to a network side, a translated public network address is a public network IP address allocated by the BNG, a public network port is allocated in a public network port range allocated by the BNG, and an NAT mapping entry is generated at the CPE.
After the CPE transmits the translated IPv4 data packet to the BNG, the BNG forwards the packet to a public network according to a destination IP address.
When the traffic of a downlink IPv4 data packet from the network side to the user side passes the BNG, the BNG forwards the downlink IPv4 data packet to an appropriate CPE according to a destination IP address of the packet and a route of a destination port.
When receiving the downlink IPv4 data packet, the CPE translates a public network address and a port back to a corresponding private network address and a corresponding port according to a stored mapping entry, and forwards the downlink IPv4 data packet to a corresponding user host.
Generally, IP packets transmitted in a network may be divided into Transmission Control Protocol (TCP) packets and User Datagram Protocol (UDP) packets according to protocols of a transport layer, and non-TCP/UDP packets are collectively referred to as raw IP packets. It may be learned from the A+P flow that the CPE performs the A+P translation mainly according to the public network IP address and the transport layer port range allocated by the BNG, and the BNG also forwards the downlink IP packet to a user according to the public network IP address and an allocated transport layer port, thus such a service flow may have some problems. For example, transport layer protocols that support a port only include TCP and UDP, and packets of many raw IP protocols, such as an Internet Control Message Protocol (ICMP) packet, do not have a concept of a transport layer port. Thus for these packets, the BNG cannot forward downlink packets to broadband users normally according to public network IP addresses and ports, and these packets cannot be processed normally.