With the development of multimedia services such as media streaming, video conference, and video on demand, multicast services have become an important service on the Internet. The multicast service operators are paying more and more attention to such problems as how to efficiently manage multicast users and multicast resources (namely multicast sources) while implementing multicast services, so as to make multicast services diversified and to make multicast users and multicast resources more manageable.
There are three methods for implementing multicast services at present:
For the first method, a router establishes a multicast group address forwarding table in a layer-3 network equipment by using an Internet Group Management Protocol (IGMP); when a multicast user joins in a multicast group, the router adds the multicast user's forwarding information to the multicast group address forwarding table and deletes the multicast user's forwarding information from the multicast group address forwarding table when the multicast user leaves the multicast group, so as to dynamically manage the multicast user to join or leave the multicast group. Therefore, the multicast services implemented only through the IGMP can only obtain statuses of the multicast user's joining and leaving the multicast group, and not provide management over whether the multicast user is authorized to join in the multicast group, which is unfavorable to the multiple developments of multicast network operator's services.
The second method is to utilize IGMP Snooping techniques to snoop the IGMP packet transferred between multicast users and the layer-3 network equipment, like the router and so on, establish and maintain a layer-2 multicast group address forwarding table in a layer-2 network equipment according to types of IGMP packets, and implement multicast services according to the layer-2 multicast group address forwarding table and the layer-3 multicast group address forwarding table.
As shown in FIG. 1, the multicast user actively initiates an IGMP leaving packet before leaving the multicast group, so as to notify the router to delete the multicast user's address from the layer-3 multicast group address forwarding table; the multicast user initiates an IGMP joining packet before joining in the multicast group, so as to notify the router to add the multicast user's address to the layer-3 multicast group address forwarding table; while the router is confirming the multicast user's state by sending an IGMP inquiry packet to the multicast user, if the router fails to receive any inquiry response in a certain period of time, it will delete the multicast user's address from the layer-3 multicast group address forwarding table. If the multicast user responds an IGMP report packet to the router after receiving the IGMP inquiry packet, the router will decide whether to add the multicast user to the multicast group or establish a new layer-3 multicast group address forwarding table according to the multicast group information carried in the IGMP report packet.
IGMP Proxy is similar to IGMP Snooping, but IGMP Proxy terminates the IGMP packets from multicast users and requests upper layer network equipment for multicast recourses as a proxy of the multicast user.
Either IGMP Snooping technique or IGMP Proxy technique just simply implements IGMP protocol, data duplication and forwarding. Both of them lack such management as whether the multicast user is authorized to join in the multicast group. The result is that any multicast user can join in any multicast group, which is unfavorable to the multiple developments of multicast network operator's services.
The third method is to implement multicast services through Access Control List (ACL) on the basis of IGMP Snooping or IGMP Proxy. This method includes:
Firstly, ACL is preset for multicast users who are authorized to use multicast services. For instance, address information 10.10.10.10/24 is set in ACL, and the multicast user whose source IP address is 10.10.10.10/24 can access any multicast group. Secondly, the layer-2 network equipment processes the IGMP packet sent by the multicast user by IGMP Snooping technique or IGMP Proxy technique and compares the multicast user's source IP address with the address in ACL. If the multicast user's source IP address matches the address in the ACL, the multicast user is authorized to join in any multicast group; if the user's source IP address doesn't match the address in the ACL, the multicast user is prohibited from joining any multicast group.