Method and system for enabling layer 2 transmission of IP data frame between user terminal and service provider
First Claim
1. A communication system comprising:
- (a) an access network on which a virtual private network is established;
(b) a service provider coupled to said access network; and
(c) user terminals comprising;
a user-side session management unit that performs processing for designation of the service provider, user authentication, and IP address assignment, by using a signaling protocol to exchange management frames with the access network in an authentication phase, anda main-signal transmission-and-reception unit that exchanges main-signal frames with said service provider by using IPoE protocols over the virtual private network established on said access network in a communication phase, wherein the main-signal frames being distinguishable from the management frames on the basis of Ether Type field values as part of Layer 2 header information; and
(d) a subscriber-side edge switch placed between said access network and said user terminal, comprising;
a transfer control unit that transfers a first main signal frame from the user terminal to the access network and a second main-signal frame from the access network to the user terminal, anda said network-side session management unit performs processing for signaling control, whereinsaid transfer control unit attaches to the first main-signal frame a tag indicating the first virtual private network when transferring the first main-signal frame from the user terminal to the access network, andsaid transfer control unit removes a tag indicating the virtual private network from the second main-signal frame when transferring the second main-signal frame from the access network to the user terminal,said network-side session management unit comprises a first table indicating correspondences between the Layer 2 address of said user terminal and a session involving said user terminal, and performs processing for signaling control by software using the first table,said transfer control unit comprises a second table indicating correspondence between the Layer 2 address of the user terminal and the tag indicating the virtual private network connected to said service provider,said transfer control unit further comprises a third table indicating forwarding information corresponding to said service provider,said transfer control unit further comprises a fourth table indicating attributes of each port of said subscriber-side edge switch,said transfer control unit controls the transfer of said main-signal frames by hardware processing using the second, third, and fourth tables, andsaid transfer control unit performs processing for determination of whether or not an input frame is to be handled by the subscriber-side edge switch, and whether an output frame is to be tagged or untagged, and whether or not broadcast filtering is activated, and filtering of unicast flooding, based on said at least one attribute indicated in said fourth table.
1 Assignment
0 Petitions
Accused Products
Abstract
In a communication method: processing for designation of a service provider, user authentication, and IP address assignment is performed by exchanging management frames between a user terminal and a service provider through an access network; and main-signal frames each having an IPoE form and containing a source Layer 2 address of the user terminal are exchanged between the user terminal and the service provider through the access network. The management frames have a form which can be discriminated from the main-signal frames in Layer 2, and the access network holds information on correspondences between source Layer 2 addresses and virtual private networks. The access network recognizes one of the virtual private networks connected to the service provider, based on the source Layer 2 address contained in each main-signal frame, and transfers the main-signal frames in Layer 2 by MAC bridging.
-
Citations
20 Claims
-
1. A communication system comprising:
-
(a) an access network on which a virtual private network is established; (b) a service provider coupled to said access network; and (c) user terminals comprising; a user-side session management unit that performs processing for designation of the service provider, user authentication, and IP address assignment, by using a signaling protocol to exchange management frames with the access network in an authentication phase, and a main-signal transmission-and-reception unit that exchanges main-signal frames with said service provider by using IPoE protocols over the virtual private network established on said access network in a communication phase, wherein the main-signal frames being distinguishable from the management frames on the basis of Ether Type field values as part of Layer 2 header information; and (d) a subscriber-side edge switch placed between said access network and said user terminal, comprising; a transfer control unit that transfers a first main signal frame from the user terminal to the access network and a second main-signal frame from the access network to the user terminal, and a said network-side session management unit performs processing for signaling control, wherein said transfer control unit attaches to the first main-signal frame a tag indicating the first virtual private network when transferring the first main-signal frame from the user terminal to the access network, and said transfer control unit removes a tag indicating the virtual private network from the second main-signal frame when transferring the second main-signal frame from the access network to the user terminal, said network-side session management unit comprises a first table indicating correspondences between the Layer 2 address of said user terminal and a session involving said user terminal, and performs processing for signaling control by software using the first table, said transfer control unit comprises a second table indicating correspondence between the Layer 2 address of the user terminal and the tag indicating the virtual private network connected to said service provider, said transfer control unit further comprises a third table indicating forwarding information corresponding to said service provider, said transfer control unit further comprises a fourth table indicating attributes of each port of said subscriber-side edge switch, said transfer control unit controls the transfer of said main-signal frames by hardware processing using the second, third, and fourth tables, and said transfer control unit performs processing for determination of whether or not an input frame is to be handled by the subscriber-side edge switch, and whether an output frame is to be tagged or untagged, and whether or not broadcast filtering is activated, and filtering of unicast flooding, based on said at least one attribute indicated in said fourth table. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A subscriber-side edge switch for connecting a service provider and a user terminals through an access network on which a virtual private network is established, comprising:
-
a transfer control unit; and a network-side session management unit which performs processing for signaling control; and
whereinsaid subscriber-side edge switch includes a mapping of MAC addresses of use terminals and service providers on virtual private networks, and when said subscriber- side edge switch receives a first main-signal frame from a first user terminal, said transfer control unit attaches to the first main-signal frame a first tag indicating a first virtual private network, and outputs the first main-signal frame over the first virtual private network, the first main-signal frame containing a MAC address of the first user terminal as a source MAC address, and when said subscriber-side edge switch receives a second main-signal frame from a service provider, and a second tag indicating a second virtual private network is attached to the second main-signal frame, said transfer control unit removes the second tag from the second main-signal frame, and outputs the second main-signal frame toward a second user terminal, the second main-signal frame containing a MAC address of the service provider as source MAC address; said network-side session management unit comprises a first table indicating at least one correspondence between at least one Layer 2 address of at least one user terminal and at least one session with the at least one user terminal, and performs processing for signaling control by software using the first table, and said transfer control unit comprises, a second table indicating at least one correspondence between said at least one Layer 2 address and at least one tag each indicating a virtual private network connected to a service provider, a third table indicating forwarding information corresponding to at least one service provider, and a fourth table indicating at least one attribute of each of at least one port of said subscriber-side edge switch, said transfer control unit controls output of said first and second main-signal frames by hardware processing using the second, third, and fourth tables, and performs processing for determination of whether or not an input frame is to be handled by the subscriber-side edge switch, and whether an output frame is to be tagged or untagged, and whether or not broadcast filtering is activated, and filtering of unicast flooding, based on said at least one attribute indicated in said fourth table. - View Dependent Claims (15, 16, 17, 18, 19, 20)
-
Specification