A. Field of the Invention
This invention relates generally to the field of network design, and more particularly to systems and methods for providing access to one or more network(s) and various services without being served exclusively by a single Internet service provider.
B. Description of the Related Art
The service model for receiving Internet Service Provider (ISP) based services from sources on the Internet today assumes the exclusive use of an Internet access session by a single device or IP client in a one to one correspondence with a single ISP. In some topologies, typically business, one or more devices can be manually configured to access one or more service providers using a router and multiple access sessions at the same time. Dial-up access also can allow switching the access session on demand among service providers that attach to the Public Switched Telephone Network (PSTN) in some instances. That is, today's service model assumes that each connection to a service provider using an access device, be it a dial-up modem connection, DSL modem connection, cable modem connection, or other type of access session will be utilized by a single IP enabled device. FIG. 1 shows an asymmetric digital subscriber line (ADSL) Internet access architecture 100 typical of that encountered today. In order for an IP enabled device (e.g., personal computer 103 in home 102a) to establish a service session with a source on the Internet 115, the IP enabled device must first establish an access session with an Open Systems Interconnection (OSI) model layer 2/3 communications element (e.g., router 114) in an Internet service provider (ISP) network (e.g., ISP network 113) through an asynchronous transfer mode (ATM) infrastructure based access provider network (e.g., Access Provider Network 101) with an Internet access device (e.g., DSL modem 104). A private virtual circuit (PVC) is established at layer 2 between the DSL modem and the ISP layer 2/3 communications element (e.g., PVCa 118a between DSL Modem 104 and router 114) through the access provider network. An IP client (not shown) on the IP enabled device (e.g., personal computer 103) secures an IP address from the ISP using Dynamic Host Configuration Protocol (DHCP) from a DHCP server (not shown) in communication with the ISP's router. The DHCP server temporarily allocates or leases a unique IP address to the IP client. The IP client may now obtain IP based services available on the ISP network and beyond by sending and receiving packets to and from the ISP's router over the PVC. Sources on the Internet 115 can be reached by also utilizing a communications link between the ISP network and the Internet 115 (e.g., communications link 117).
Referring still to FIG. 1, note that for each IP enabled device (e.g., devices in homes 102b–102n) seeking to establish an Internet access session with the ISP network a separate layer 2 PVC (e.g., PVCb–n 118b–n) is established between each of the ADSL modems and the router in the ISP network. This leads to an ATM network that scales PVCs on the order of subscribers, and because the PVCs are “permanent” virtual circuits, they occupy network resources providing “always on” connections whether the subscribers are actively using them or not. Furthermore, the average bitrate on a given PVC is exceptionally low, partly because of the always on effect, and partly because Internet browsing allows for a great deal of statistical multiplexing. Because ATM infrastructure based access provider networks were not designed with this type of connection in mind though, establishing Internet access sessions with architecture 100 leads to numerous layer 2 PVCs of very limited bandwidth and eventually exhaustion of the ability to create any further layer 2 PVCs—long before the throughput capacity of the ATM switches is reached. In other words, the ATM switches in an ADSL architecture are VC constrained. Moreover, because of the single PVC extending from the IP enabled device to the ISP there is no opportunity for the operator of the access provider network to offer alternate destinations or additional services to the IP enabled devices in architecture 100. In an effort to overcome these limitations and others (such as the security risks associated with DHCP based IP address distribution) inherent in architecture 100 and support a larger number of IP enabled devices and Internet access sessions, the assignee of the present invention developed Internet access architecture 200 depicted in FIG. 2.
In addition to the layer 2 communications elements (e.g., asynchronous transfer mode (ATM) switches 108 and 109) utilized in the access provider network 101 of Internet access architecture 100, layer 2/3 communications elements have been added to form access provider network 201 in Internet access architecture 200. Specifically, a plurality of layer 2/3 communications elements (e.g., ingress broadband gateways 202a–n) have been placed after various layer 2 communications elements (e.g., ATM Switch 108) lying near ingress points for access device IP traffic (e.g., IP traffic from personal computer 103), and a plurality of layer 2/3 communications elements (e.g., egress broadband gateway 203a) have been added after layer 2 communications elements (e.g., ATM Switch 109) lying near egress points for access device IP traffic destined for ISP networks (e.g., ISP network 113) linked to access provider network 201. In a preferred embodiment of the invention ATM switch 108 comprises a Lucent CBX 500 multiservice WAN switch, ATM switch 109 comprises a Lucent GX 550 multiservice WAN switch, DSLAM 107 comprises an Alcatel 7300 DSL Access Line Multiplexer, and ingress and egress broadband gateways 202, 203 comprise Nortel 5000 Broadband Service Nodes.
Each of the new layer 2/3 communications elements in access provider network 201 support the creation of layer 3 communications sessions between various communications elements within and without access provider network 201 using layer 3 protocols such as IP. The new layer 2/3 communications elements also support the creation of virtual layer 2 communications sessions or “virtual PVCs” as they were used in network 100, using one or more of the following protocols: Point-to-Point Protocol (PPP) over Ethernet (PPPoE), PPP over ATM (PPPoA), Layer 2 Tunneling Protocol (L2TP), Point-to-Point Tunneling Protocol (PPTP), and/or Switched Multimegabit Data Service (SMDS) Interface Protocol (SIP). Thus, rather than having a single layer 2 PVC (e.g., PVCa 118a) extending from an access device to an ISP through the access provider network as in architecture 100, with architecture 200 a series of three layer 2 virtual PVCs (e.g., PVC1a 207a, PVC2a 208a, and PVC3a 209a) extend from an access device (e.g., ADSL modem 104) to an ISP (e.g., ISP network 113) through access provider network 201.
The first layer 2 PVC (e.g., PVC1a 207a) extends from an access device (e.g., ADSL modem 103) to one of the added ingress layer 2/3 communications elements (e.g., ingress broadband gateway 202a), and is the only PVC devoted exclusively to a single IP subscriber. Typically the first layer 2 PVC is a user authenticated PPP session. In a preferred embodiment of the invention the first layer 2 PVC is a user authenticated PPPoE session where the IP enabled device (or the operator thereof) supplies a username and domain (e.g., “user1@domain1”). Based on the domain provided, the first layer 2/3 communications element establishes a virtual layer 2 connection using L2TP over the remaining two layer 2 PVCs to reach the appropriate ISP and the ISP provides the IP enabled device an IP address for obtaining IP based services from. This model allows for the creation of access sessions with different ISPs depending on the domain provided by the IP enabled device, albeit not with more than one ISP at the same time. This model also allows IP services to be billed to a particular user on a per access session basis.
The second PVC (e.g., PVC2a 208a) extends from the foregoing ingress layer 2/3 communications element (e.g., Ingress Broadband Gateway 202a) to one of the added egress layer 2/3 communications elements (e.g., Egress Broadband Gateway 203a). Through the use of a tunneling protocol such as L2TP, PPP aggregation occurs at the layer 2/3 ingress communications element and the multiple PPP communications sessions between access devices (e.g., access devices in homes 102b–n) served by the ingress layer 2/3 communications element are funneled into the second PVC. The third PVC (e.g., PVC3a 209a) extends from the foregoing egress layer 2/3 communications element (e.g., Egress Broadband Gateway 203a) to the layer 2/3 communications element in the ISP network. In this embodiment of the invention the layer 2/3 communications element in the ISP network is an LNS capable router (e.g., layer 2/3 communications element 114). Again, through the use of a tunneling protocol such as L2TP, PPP aggregation occurs at the egress layer 2/3 communications element and the multiple PPP communications sessions from multiple L2TP IBG tunnels are concentrated onto a single L2TP tunnel by the egress broadband gateway and are funneled into the third PVC. The third PVC delivers a large (doubly aggregated) L2TP tunnel to the LNS router 114 where the PPP sessions are terminated and IP packets are once again routed normally.
As stated above, the service model for receiving personalized IP based services from sources on the Internet today assumes the exclusive use of an Internet access session by a single user or IP enabled device. This assumption however is increasingly erroneous, particularly in the broadband access space, as more and more homes and other points of access utilize a single Internet access device to support a plurality of IP enabled devices. For instance, many homes and small businesses now have a plurality of IP enabled devices residing on a local area network (LAN) that are supported by a single Internet access device such as a DSL router/modem. It therefore will not be long before each of the IP enabled devices residing on these LANs (and or the users thereof) will seek to secure IP services from more than one source simultaneously, and most likely with differing quality of service (QoS) requirements, over a single network access arrangement. With today's ATM infrastructure based access provider networks (e.g., access provider network 101) and home or small business networking technologies, the latter of which rely on sharing a single IP address and assume routed or layer 3 access provider networks, providing IP services from different ISP sources to different IP enabled devices simultaneously over a single connection to access provider network is not possible. Furthermore, many of the IP enabled devices residing on access point LANs in the future will likely be low function devices (i.e., won't have the ability to run their own PPP stacks, but rather will have firmware that support DHCP based IP address configuration only). Thus, a need exists for systems and methods of providing individualized IP services to a plurality of IP enabled devices, including low function IP enabled devices, simultaneously over a single connection to an access provider network.