1. Field of the Invention
The present invention generally relates to a network address translator, sometimes referred to as a NAT, in multimedia communication networks. In particular, the invention is directed to traversal of a network address translator, and policy and charging control relating to access of IP multimedia subsystems.
2. Description of the Related Art
A significant amount of development and standardization is occurring with respect to various communication networks and systems. For example, the third generation partnership project (3GPP) has standardized an application level gateway (ALG) and network address translation (NAT) gateway based method for traversal of uncontrolled access network address translation. According to the standard as currently proposed, when a device or devices that perform network address translation (or port translation) are located between user equipment and a policy call session control function performing translation of signaling and media packets, particular procedures are defined. Additionally, when Internet Protocol (IP) address translation or port translation is required between an IP connectivity access network (IPCAN) and an IP Multimedia Subsystem (IMS) domain on the media path only, IMS service provisioning must be properly defined. Referring to
These and other needs are addressed in certain embodiments of the present invention, as described below.
In one embodiment, the invention comprises a method of setting specific communication parameters, with the method comprising identifying a communication relay for allocating addresses. The method can then comprise configuring a communication relay/server to be directed to a specific type of communication such as IMS-specific communication. The communication server ID information is then transmitted to a network, with the communication server being identified as IMS specific. Media flow to and from the communication server for non-IMS specific sessions are therefore blocked since these other sessions do not receive IP addresses. Instead, addresses are allocated by the communication server to user equipment only for the IMS-specific sessions.
In another configuration, a method according to the invention comprises configuring a communication relay such as a STUN relay to use a public address area for IMS-specific functions. The relay is then advertised to other network components as being an IMS-specific relay. Outbound/uplink traffic is routed from the relay via a policy and charging enforcement function. Inbound/downlink traffic is routed to IMS-specific IP addresses by the policy and charging enforcement function and through the STUN relay.
A network component according to the invention can comprise an identifying unit for identifying a function-specific relay, such as a STUN relay, for allocating addresses. A configuring unit configures the identified server to be IMS specific. A transmitting unit can transmit or advertise the server as being IMS specific. A blocking unit can then block media flow for non-IMS sessions, and allocating unit can allocate IP addresses from an address area to the user equipment only for IMS sessions.
In another embodiment, a network element according to the invention can include a configuration unit which configures a STUN relay to use a public/external address area for IMS sessions only. An advertising unit is configured to advertise the STUN relay as IMS specific. An outbound routing unit (in the access network border) routes outbound/uplink traffic through the STUN relay to a policy and charging enforcement function and further to a border gateway. An inbound routing unit routes inbound/downlink traffic which has the destination addresses in the address area to the STUN relay through a policy and charging enforcement function.
In certain embodiments of the invention, a time-out unit may re-configure the STUN relay to enable non-IMS sessions if there has been no IMS traffic for a period of time.
As a result of the various configurations of the invention, effective and efficient handling of IMS traffic can occur, without requiring a user equipment to first send a media packet in order to have the network address translation device allocate a particular address, and also for modifying the gateway to obtain the address and use it as a destination address for downlink media packets. Additionally, the configurations of the present invention can reduce or eliminate the need for various applications to send keep-alive messages when there is no traffic. Additionally, overall network congestion can be further reduced and transmission delays minimized due to the fact that there is no need to loop a media pass via a home network.
In network communications using a system such as that which is defined in 3GPP, the SIP (session initiation protocol)/SDP (session description protocol) fields contain the private domain IP address of the user equipment (UE) while the packets come through the network address translation (NAT) device and the sender appears to be the public IP address allocated by the network address translation device. As a result of this configuration, the application level gateway functionality in connection with the application function/proxy call session control function (AF/P-CSCF) can request public addresses from the network address translation gateway, and modify the SIP/SDP accordingly prior to sending the message forward. The application level gateway/application function/proxy call session control function (ALG/AF/P-CSCF) can initiate proper security measures such as IP SEC tunnel for the SIP signaling to traverse the network address translation device.
In this configuration, however, the user equipment sends a media packet first, before the user equipment can then receive media packets, in order to enable the network address translation device to allocate an address and to let the network address translation gateway obtain the address and to use it as a destination address for downloading media packets. The network address translation device releases the allocated address if there is no traffic. Applications, however, may need to send keep-alive messages in order to prevent the address data from being timed-out. Additionally, when the user equipment is using visited network services, a media packet is looped via home network when the home networks proxy call session control function is used.
According to embodiments certain of the present invention, however, network address translation traversal methodology can be enhanced with interactive connectivity establishment (ICE) and an interactive connectivity establishment mechanism based on the use of a simple traversal of user datagram protocol (UDP) through network address translation (STUN) devices and a STUN relay. ICE-based usage of a STUN server and a STUN relay server in networks and relevant clients at user equipment are described below. According to these methods, user equipment can get an external/public IP address by sending an inquiry to a STUN server or a STUN relay server, and inserting the external/public address in the SIP/SDP level. This methodology can make the application level gateway and network address translation gateway functionality redundant, and can eliminate or reduce problems related to the gateway solution.
According to some embodiments, however, when user equipment gets a public/external IP address from a public/external STUN relay server, the user equipment may use this address for non-IMS access to an IP network such as the Internet, or to gain IMS access to an IMS server, such as registering to the IMS with the acquired IP address and establish an IMS session using the IP address. For example, in a broadband access case, typically utilizing network address translation traversal methods, the access gateway may have no ability to separate the non-IMS access of the user equipment and the IMS access of the user equipment from each other. Both, therefore, will flow through the same gateways, and no gating or policy control and flow based charging can be applied to an access to IMS services. This is due to the fact that if there were, non-IMS accesses of the user equipment would be blocked by closed gates or non-existing IP flow filters.
Additionally, the AF/P-CSCF, getting the public/external IP address allocated by the public/external STUN relay server, can not find a policy and charging rules function (PCRF) with the available information. Consequently, the AF/P-CSCF can not send session information and parameters to the PCRF. Additionally, the PCRF can not send policy and/or charging rules to the policy and charging enforcement function (PCEF). Additionally, these configurations can make it difficult for the PCEF to access the IMS session related media streams flowing through the PCEF when a STUN relay is used. The media streams are transferred between the NAT device and the STUN relay in IP packets or IP frames, which is referred to, for example, in the IETF draft currently known as draft-IETF-behave-turn-02, and the addresses of which are not known by the AF/P-CSCF or PCRF or PCEF. These devices can only obtain the public/external address of the user equipment as allocated by the STUN relay.
According to certain embodiments of the present invention, however, the STUN relay or server can allocate public/external addresses to the user equipment in such a way that they are IMS-specific. In other words, the STUN relay discovery mechanisms, which is the way the user equipment finds the STUN relay IP address, advertises the STUN relay as an IMS STUN relay in order to make the user equipment use this particular STUN relay only for IMS sessions. If this is improperly tried for another session, the closed gates/filters will prevent media flow. Since the STUN relay is, according to this configuration, appearing to be IMS access or IMS service related, the discovery mechanisms can be related to or integrated with the finding of P-CSCF. However, other methods such as the use of DNS with proper advertising of this STUN relay being IMS related, can suffice.
According to this configuration, address domains used by the server for allocating public addresses to the user equipment are made IMS-specific; in other words, these addresses are allocated to the user equipment only for IMS sessions.
As illustrated in
Using this configuration, the PCEF can access the IMS media flows according to the normal procedures to perform policy and charging control. The AF/P-CSCF gets the public/external IP addresses and ports, as allocated by the IMS STUN relay server to the user equipment, according to SIP/SDP procedures during the establishment of the session. Non-IMS traffic, therefore, is not routed through the PCEF, since the non-IMS traffic does not obtain external/public IP addresses from the IMS STUN relay's IMS access or IMS service specific address domain; addresses are obtained from other STUN relay servers which are not advertised as being IMS specific.
According to certain embodiments of the present invention, therefore, a STUN relay can be configured to use a public/external address area reserved for and allocated to and used specifically for IMS purposes. Additionally, independent of the STUN relay discovery mechanism which is used, the STUN relay can be advertised as an IMS STUN relay. The STUN relay can therefore be configured to route the outbound and uplink traffic via a policy and charging enforcement function (PCEF). The inbound/downlink traffic to IP addresses of the above-mentioned public/external address area can be routed at a border gateway to the related STUN relay through a PCEF. The IMS STUN relay, the PCEF, and the border gateway can be separate physical elements, or can be integrated into one or two elements. For example, all of these functionalities can, for example, be integrated in an IMS controlled gateway, as illustrated for example in
As a result of various configurations of the invention, simultaneous use of the policy and charging control function and the STUN relay for IMS access side network address translation traversal can be enabled. The STUN relay can act as the major network address translation and firewall traversal mechanism; the invention can be implemented in various combinations of hardware and/or software, without requiring specialized configuration changes.
In one embodiment of the invention as illustrated in
The method illustrated in
Another embodiment of the invention is illustrated in
Another implementation of the invention is illustrated in
According to
As a result of the various configurations of the invention, effective and efficient handling of IMS traffic can occur, without requiring a user equipment to first send a media packet in order to have the network address translation device allocate a particular address, and also for modifying the gateway to obtain the address and use it as a destination address for downlink media packets. Additionally, the configurations of the present invention can reduce or eliminate the need for various applications to send keep-alive messages when there is no traffic. Additionally, overall network congestion can be further reduced and transmission delays minimized due to the fact that there is no need to loop a media pass via a home network.
As discussed above, various embodiments of the invention can be configured in numerous physical elements, or can be configured at a single network element or configured in a number of elements having various disclosed functions distributed throughout. The control of the identification, configuration, transmitting, blocking, allocating, and other functions can be performed at various network components, such as at a user equipment, at a STUN relay server, at an access gateway or at another network component associated with IMS access.
A person of ordinary skill in the art would understand that the above-discussed embodiments of the invention are for illustrative purposes only, and that the invention can be embodied in numerous configurations as discussed above. Additionally, the invention can be implemented as a computer program on a computer readable medium, where the computer program controls a computer or a processor to perform the various functions which are discussed as method steps and also discussed as hardware or hardware/software elements.
In the above description of the various embodiments of the present application, one or more of the following abbreviations may be used:
The present application claims priority under 35 U.S.C. §119(e) to U.S. Provisional Patent Application No. 60/877,394 filed on Dec. 28, 2006, the subject matter of which is hereby incorporated by reference in full.
Number | Date | Country | |
---|---|---|---|
60877397 | Dec 2006 | US |