Methods and arrangements in an access system

TECHNICAL FIELD OF THE INVENTION

The present invention relates to methods and arrangements for simplifying switching in an access network.

DESCRIPTION OF RELATED ART

Ethernet has been developed mainly as a LAN (Local Area Network) technology, aiming to provide an efficient infrastructure for data networks within a company. Originally it was developed for moderate speed shared media, but current technology applies mainly to point-to-point links up to 10 Gbit/s, interconnected by high capacity Ethernet switches, supporting virtual LAN, VLAN, as described in the standard IEEE 802.1q. A virtual LAN is a group of system, such as computers in a workgroup, that need to communicate with each other, and protocols that restrict the delivery of VLAN frames to members of the VLAN.

A LAN can be partitioned into multiple VLAN:s, where each VLAN is assigned a number called a VLAN identifier that identifies it uniquely within the LAN. A LAN contains at least one VLAN, the default VLAN.

Switches contain advanced self learning features and broadcast behaviour, which are well suited for the building of for example a corporate network, supporting a number of user groups.

However, in public service structures different requirements are put with respect to security, scaling and chargeability of services. In the public network, each user would ideally have his own completely isolated set of work groups available. A particular problem is then that the number of available VLAN tags, each tag defining a user, is limited to a number 4096, which is far from enough to serve hundreds of thosands of users.

In the international patent application No. WO 00/77983 is descibed a telecommunications system in which users can select services. Service networks and users are connected to a switched domain. The service networks are arranged into groups and each group is allocated a VLAN by konfiguring the ports in the switches. The users can select services by configuring their apparatuses to a selected one of the VLAN:S.

In the international patent application No. WO 00/79830 is described a telecommunication system in which users can select services. A switched domain has switches to which service providers and network terminals are connected. The switches have a user port connected to an uplink port in the network terminal. The user port is configured for the different service providers and the network terminals have corresponding service ports. The service ports corresponding to predetermined ones of the services are configured.

In these two applications the number of users is restricted.

In the European patent application EP 1045553 A2 is disclosed VLAN bridging of a network. The network has nodes for changing of addresses. A user sending a message via the network addresses it to a receiver. When the message reaches one of the network nodes the receiver address is changed into a temporary address for the network. This address is changed back when the message leaves the network via another of the network nodes.

Modern Ethernet bridges (also called switches) have a self-learning mechanism to optimize frame delivery and reduce the amount of traffic in a Local Area Network (LAN). The switch automatically learns the device addresses connected to each port (directly or indirectly via other switches) and it only forwards frames to the port associated with the destination address in the frame.

The Ethernet standard IEEE 802.3 describes a mechanism in the protocol, Embedded Source-Routing Information Field (E-RIF), which can be used to describe a path between the source and the destination. However, this mechanism is not part of the addressing information in the frame. Switches, in particular “translational switches”, can use this information to optimize frame forwarding; in standard Ethernet this mechanism is only used to tunnel frames between source-routed environments.

Self-learning switches have some problems when devices move to another port on the switch; the switch handles this by regularly “forgetting” the address information. However, this leads to unnecessary flooding in the network when the switch relearns addresses that never move. Another problem with this technique is scaling; the memory consumption grows linearly to the number of addresses visible behind each port.

Globally administered (“physical”) MAC addresses lack internal structure and are not suitable for describing switching information.

The E-RIF mechanism is located in the frame payload, thus adding to the frame delivery overhead. For small frames this overhead can be quite significant. There is also a restriction that the E-RIF mechanism cannot be used if incoming frames already contain E-RIF information that must not be altered.

SUMMARY OF THE INVENTION

The present invention is concerned with a problem how to create a method and an access system with an efficient and comparatively simple way of switching.

Another problem is how to make the switching efficient in both directions between two communicating parts.

Still a problem is how to express the path between the source and destination allowing network equipment to minimize internal resource usage and network bandwidth, i.e. there should be no unnecessary frame duplication (flooding) in the network.

Yet a problem is how to implement support for simplified switching, within the reach of a large scale Public Access network based on Ethernet technology. The invention encompasses switching support for both wired and wireless connections between user devices and terminal points of an access network.

The problem is solved by an access system including two nodes, the nodes being interconnected by an access network supporting exchanging of Ethernet frames. In the access network locally administrated addresses are used. The switching route through the network, or a part of it, is indicated in the frame address field.

Somewhat more in detail the frame address field has directly the identity of the destination node and identities of at least a part of intermediate switching nodes along the switching route. In an alternative the frame address field has an indication, pointing out where the description of the switching route is to be found.

A purpose with the invention is create a method and an access system with an efficient and comparatively simple way of switching.

Another purpose is to make the switching efficient in both directions between two communicating parts.

Still a purpose is to express the path between the source and destination thereby allowing network equipment to minimize internal resource usage and network bandwidth, i.e. there should be no unnecessary frame duplication (flooding) in the network.

Still other purposes are to outline an internal structure of the locally administered MAC addresses (SAMAC), to show how this structure can be used to route frames in the access network, to show how the internal structure can be used to support users changing location to another port on the access network while retaining existing service bindings and to show how the internal structure can be used to simplify the implementation of the Edge Access Server (EAS).

Yet a purpose is to implement support for simplified switching, within the reach of a large scale Public Access network based on Ethernet technology. The invention encompasses switching support for both wired and wireless connections between user devices and terminal points of an access network.

An advantage with the invention is that a method and an access system can be created, having an efficient and comparatively simple way of switching.

Another advantage is that the switching is efficient in both directions between two communicating parts.

Still an advantage is that the path between the source and destination can be expressed so as to allow network equipment to minimize internal resource usage and network bandwidth, i.e. there will be no unnecessary frame duplication (flooding) in the network.

Yet an advantage is that simplified switching can be implemented within the reach of a large scale Public Access network based on Ethernet technology. The invention encompasses switching support for both wired and wireless connections between user devices and terminal points of an access network.

The invention will now be described more in detail with the aid of embodiments and with reference to the enclosed figures.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 shows a block schematic with an overview of an access system;

FIG. 2 shows a block schematic with more details for the access system of FIG. 1;

FIG. 3
a shows a diagram over an ethernet frame;

FIG. 3
b shows a diagram over a VLAN tag in the frame;

FIG. 3
c shows a diagram over an address field in the frame;

FIG. 4 shows a block schematic over a user in FIG. 1 with the user's VLAN:s;

FIG. 5 shows a block diagram over a register in a broadcast handler;

FIG. 6 shows a block schematic over an uplink Ethernet frame;

FIG. 7 shows a block with addresses;

FIG. 8 shows a block diagram over a register in a handler;

FIG. 9 shows a flow chart over a method for defining an access relation;

FIG. 10 shows a flow chart over a DHCP request method;

FIG. 11 shows a flow chart over an ARP request method;

FIG. 12 shows a block shematic over the access system in a multicast situation;

FIG. 13 shows a flow chart over a multicast method;

FIG. 14 shows a block diagram with address structure;

FIG. 15 shows a block diagram with a direct route;

FIG. 16 shows a block schematic over an access system;

FIG. 17 shows a block diagram with a direct, complete route;

FIG. 18 shows a block schematic over an access system;

FIG. 19 shows a block diagram with an indirect route; and

FIG. 20 shows a block diagram with an indirect, complete route.

DETAILED DESCRIPTION OF EMBODIMENTS

FIG. 1 shows a multiservice access system ACC1 to which users U11, U12, U13, U21, . . . , Um1 and service providers SP1, SP2, . . . , SPn are connected. An objective is to build the system such that the number of the users U11 . . . Um1 can be very great, e.g. in the range of several hundred thousands users. Another objective is that the number of the service providers SP1 . . . SPn, that each user can utilize, also is a great number, e.g. in the range of thousands of services. The access system ACC1 includes nodes P1, P2 . . . Pk, to which the users are connected with the aid of Ethernet technology. The access system also includes a node EAS, to which the service providers are connected. The node EAS is connected to the user's nodes P1-Pk via a network, which is an Ethernet based network ETH1 according to the standard IEEE 802.1q. This network is a large network and has among others a number of VLAN capable Ethernet switches, not shown in the figure. The users and the service providers are connected to each other by individual service access relations through the network ETH1, e.g. a relation R11 for the user U11 and the service provider SP1. These relations have a guaranteed quality of service and are secure in the meaning that only the user and the service provider having the relation can listen to or else utilize this relation. The relations will be described more in detail below.

The embodiment in FIG. 1 is more closely shown in FIG. 2. The nodes P1, P2, . . . Pk of the access system ACC1, hereinafter called penults, have user ports UP11, UP12, UP13, UP21, . . . , UPk1. Each of the user ports are connected to each a single one of the users U11-Um1 by wires W11-Wk1. The penults P1-Pk have each a handler H1, H2, . . . , Hk, which administers the user ports on the respective penult. The handlers have each a register REG11, REG21, . . . REGk1. The node EAS of the access system ACC1 is an edge access server, which in turn includes service agents SA1, SA2, . . . , SAn with each a respective service port PT1, PT2, . . . , PTn. The edge access server also has interfaces IF1, IF2, IF3, . . . IFj, an administating unit AD1 and a broadcast handler BH1 with a register REG1. The units of the edge access server are all bound to an Ethernet frame distribution system SW1. Each of the service agents are attributed to each a single one of the service providers SP1-SPn. The penults are connected to the edge access server EAS via the interfaces. The handlers H1-Hk in the penults are bound to the broadcast handler BH1 in the edge access server EAS, together forming a distributed handling system. The users U11-Um1 have each a number of user devices and e.g. the user U11 has devices UD11, UD12, UD13 and UD14, and the user U12 has devices UD21, UD22 and UD23.

As mentioned, the network ETH1 and the users U11-Um1 utilize Ethernet technology. The Eternet technology therefore will be shortly commented below.

In FIG. 3a is shown an Ethernet frame FR1 according to the standard IEEE802.1q. The frame has a field D1 for a destination address and a following field S1 for a source address. It also has a field T1 for defining a type of Ethernet frame. A field VL1 points out which VLAN that is concerned and a field EPL1 contains the payload, the message that is to be transmitted. An address F is reserved as a broadcast address.

In FIG. 3b the field VL1 is shown in some more detail. It has 16 bits which includes 3 bits for a priority tag PTG1, one indicator bit and 12 bits in a field VTG1 for a VLAN tag. It is this VLAN tag that points out the specific VLAN and as this tag has 12 bits it can distinguish 2¹²=4096 different VLANs.

FIG. 3
c shows the source address field S1, which consists of 48 bits. One bit L1 points out whether the address is locally or globally administrated. One bit M1 points out whether the frame FR1 is a multicast frame used for e.g. IP multicast messages. The remaining 46 bits in a field ADR1 are address bits for MAC addresses. Any of the user devices has one globally administrated MAC address, which is given by the manufacturer of the device. The user device UD11 in FIG. 2 for example has an address UMAC1. The MAC address is unique for the device. From the description below it will also appear that the number of different service providers, e.g. among the service providers SP1-SPn, that can be connected to one and the same of the users, is restricted by the number of the VLAN tags, i.e. the number 2¹²=4096.

In FIG. 4 is shown details how the user devices are related to the penult. The figure is a logic view over the relations. In the example the user U11 has an Ethernet LAN ETH2 containing user VLAN:s with tags TAG1, TAG2, TAG3 and TAG4, which LAN is connected to the user port PT11 via the wire W11. The user device UD11 is in turn attributed to the VLAN with tag TAG1, the device UD12 has the tag TAG2, the device UD13 has both the tags TAG2 and TAG3 and the device UD14 has the tag TAG4.

In a common Ethernet, on one hand, the different participants within each VLAN can communicate with each other freely and efficiently, which is a basic principle of the Ethernet. A first user that wants to contact a second user sends broadcast an address resolution protocol ARP with a request “Who has this IP address?”. Everybody in the network can listen and the second user, that has the IP address in question, sends back his MAC address to the first user. A relation between the users is established. In an access system, on the other hand, a fundamental service is to both enable establishment of service bindings between users and service providers and, in such bindings, provide a transport service through the access system such that the service can be delivered to the user with high security and without any quality degradation. In a multi-service, multi service provider scenario several such bindings must be possible for each user at any given point in time, without interference between the bindings or between bindings for different users. In the present description will be disclosed how a multiservice access system, e.g. the access system ACC1, will fullfill these requirements on the services using Ethernet technology.

To get the access network ACC1 to work, first the users decide which services they select and which VLAN they decide for a certain of the services. Each user can make his own decisions for the correspondence between VLAN and service, independently of the other users. In the present example the user U11 selects the service from the service provider SP1 and decides the VLAN with the tag TAG1 for this service. The user U11 also selects service from provider SP2 and decides the VLAN with the tag TAG2 for this service. Correspondingly the user U11 selects service provider SP3 on the VLAN with the tag TAG3 and service provider SP4 on the VLAN with the tag TAG4. Other users can select other services and decide other VLAN:s. The user U12, for example, selects the service from service provider SP1 and decides the VLAN with the tag TAG3 for this service. The user U12 also selects service from the service provider SP3 and decides the VLAN with the tag TAG1 for this service. The users then send their decisions to the administrative unit AD1 in the edge access server EAS, the users defining themselves by their respective user port. This sending can be performed by any suitable means, e.g. by assigning a web page, by a common letter or by a telephone call. The administrative unit AD1 also has the information about the correspondence between the service providers SP1-SPn and the service agents SA1-SAn. The administrative unit thus has triplets of information containing service agent, VLAN tag and user port. Gradually, when the users U11-Um1 send their information, the administrative unit AD1 will build up the register REG1 in the broadcast handler BH1, as shown in FIG. 5. For the different user ports UP11-UPk1 corresponding lists L11,L12, L13, L21 . . . Lk1 are created with fields corresponding to the VLAN tags. In this fields are written unique MAC addresses, which are dynamically allocated to the different service agent's respective service port by the administrative unit AD1.

In the example above the user U11 selected the service from service provider SP1 and decided the VLAN with the tag TAG1. The administrative unit dynamically allocates a unique MAC address SAMAC1 to the service port PT1 of the service agent SA1, connected to the service provider SP1. The address is allocated from a set of locally administrated addresses, LAA. This address is written on the list L111 for the user port UP11 and in a field pointed out by the VLAN tag TAG1. This means that the allocated MAC address SAMAC1 is bound to solely one information pair which has the user port UP11 and the identification tag TAG1 of the VLAN. Now the relation R11 is defined by the address SAMAC1 for the service port PT1, the address being bound to the user port UP11 and the VLAN tag TAG1. It should be noted that no other participant but the service provider SP1 and the user U11 can utilize the relation R11. Following the above examples, a unique MAC address SAMAC2 is dynamically allocated to the service port PT2 of the service agent SA2 and is written in a field defined by the VLAN tag TAG2 on the same list L11. A new relation R21 is created, which is defined by the address SAMAC2 and is bound to the user port UP11 and the VLAN with the tag TAG2. Also a MAC address SAMAC5 is allocated to the service agent SA3, service port PT3, in a field with the tag TAG3 and a MAC address SAMAC6 is allocated to the service agent SA4, service port PT4, in a field with the tag TAG4.

For the user U12 with the user port UP12 a unique MAC address SAMAC3 is dynamically allocated to the service port PT1 of the service agent SA1 and this address is written in a field pointed out by the VLAN tag TAG3 on the list L12. For the user U12 also a MAC address SAMAC4 is dynamically allocated to the service agent SA3, service port PT3, and this address is written in a field pointed out by the VLAN tag TAG1 on the list L12.

It appears from the above that, in the embodiment, each of the service ports PT1-PTn can get associated with a set of the unique MAC addresses for the service agents and that each of these MAC addresses is associated with only one particular of the user ports UP11-UPk1.

The relations between user port and service agent are built up as described above and are stored in the register REG1, but still the user devices can t utilize their respective service. It is in fact not even necessary until now that the user devices are connected. When the users intend to utilize the services they connect their user devices to the wires W11-Wk1 via the VLAN:s as is shown by an example in FIG. 4 for the user U11. Then there also must be built up a correspondance between IP addresses and MAC addresses. To get such a correspondance the conventional DHCP (Dynamic Host Configuration Protocol) is used in the present embodiment. The DHCP is an example on a more general service attachment request. By this protocol the different user devices will get their default gateway, which is the relevant service agent. Then they will also get their respective IP address and the IP address to the relevant service agent. This is performed in the following manner.

The user device UD11 sends a frame FR2 with the addresses and payload as is shown in FIG. 6. In the destination address field D1 the broadcast address F is written. In the source address field S1 the MAC address UMAC1 for the user device UD11 is written and in the VLAN field VL1 the VLAN tag TAG1 is written, the tag appearing from FIG. 4. The message in the frame FR2 is “this is a DHCP request”. The users U11-Um1 are connected via the Ethernet VLANs and have no information about the organization of the system ACC1. From the horizon of the users they act as if they were connected to a conventional Ethernet and it is therefore the user device UD11 sends the frame FR2 in FIG. 6 as a broadcast request. The aim from the view of the user device UD11 is that the broadcast request gives the user the identity of the relevant DHCP server. In the embodiment this sever is the service agent SA1, which has a set of IP addresses that it can allocate. The broadcast request in the frame FR2 first is intercepted by the handler H1 via the user port UP11. The handler H1, that gets the frame FR2 via the port UP11, adds the identification for this port. It then packs the port identification together with the frame FR2 as a unicast message U1, see FIG. 2, and sends this message to the broadcast handler BH1 in the edge access server EAS. When getting the message U1, the broadcast handler BH1 looks in its register, the register REG1 of FIG. 5. With the aid of the user port UP11 and the VLAN tag TAG1 it finds the MAC address SAMAC1 for the service agent SA1. Now the default gateway, the service agent SA1, for the user device U11 is found. The user device UD11 also must be given an IP address itself and an IP address to its default gateway, which is performed in the following manner. The broadcast handler sends the request to the found service agent SA1, which now has the information as appears from a table TAB1 in FIG. 7. This information is the own port address SAMAC1, the VLAN tag TAG1, a subnet mask SM1, the user MAC address UMAC1 and the service agent's own IP address IPSAL. From its set of IP addresses the service agent SA1 now allocates an IP address IPUD11 to the user device UD11, which is associated with the content in the table TAB1. In a conventional manner, according to the DHCP protocol, information is transfered back to the user U11. The DHCP response includes the IP address IPSAL of the service agent as default gateway address, the allocated IP address IPUD11 and the subnet mask SM1. The user device UD11 stores the IP address IPSAL to the service agent SA1, its own IP address IPUD11 and the subnet mask, as host configuration data in a conventional manner.

In a corresponding manner the other devices of the user U11 send their DHCP requests with their MAC addresses and corresponding VLAN tag, the tags appearing from FIG. 4. Note that the user device UD13 has to send two DHCP requests with the tags TAG2 respective TAG3.

The relation R11 is now established on an IP level. When the service agent SA1 gets an IP packet with the address IPUD11 it finds the information in the table TAB1 and sends the packet to the correct receiver with the MAC address UMAC1. The user device UD11 also has the IP address IPSA1 to the service agent, its “default gateway”. The user device UD11 utilizes in conventional manner an ARP request (Address Resolution Protocol) to get a MAC address to the IP address IPSA1. The user device UD11 therefore transmits broadcast the ARP message which is received by the handler H1 in the penult P1 via the user port UP11. The handler adds the identification for the user port and sends the message unicast to the broadcast handler BH1 in the edge access server EAS. The broadcast handler looks in its register REG1 on the list L11 for the user port UP11. On the VLAN tag TAG1 the broadcast handler finds the service agent MAC address SAMAC1. It transmits the address SAMAC1 to the handler H1, which in turn responds with the address SAMAC1 to the user device UD11. With the aid of the address SAMAC1 the user device UD11 now can utilize the relation R11 and get the service from the service provider SP1.

In an alternative embodiment the handler H1 in the penult P1 successively creates the register REG11, shown in FIG. 8. The register REG11 is similar to the register REG1 in the broadcast handler BH1. The register REG11 only comprises the penult's own user ports UP11, UP12 and UP13 on respective lists PL11, PL12 and PL13 and the VLAN tags. When the user device UD11 has made the ARP request for the first time, as described above, the handler H1 gets back the MAC address SAMAC1 from the broadcast handler BH1. The handler H1 then fills in the address SAMAC1 in the register REG11. The next time the user device UD11 makes the ARP request, the handler H1 first looks in its own register REG11 instead of sending the request to the broadcast handler BH1. The handler H1 finds the requested address SAMAC1 on the VLAN tag TAG1 and sends the address immediately back to the user device UD11.

In still an embodiment the register REG11 in the handler H1 is built up when the register REG1 in the broadcast handler BH1 is built up.

Below will be described a number of alternative embodiments.

In the above embodiment is described that a user first made the DHCP request via the access system ACC1 to get the IP addresses. This request then was followed by the ARP request. In an alternative embodiment the configuration is performed in an alternative way by alternative means. The request for the IP addresses can e.g. be performed by so called static configuration. After this configuration the user device makes the ARP request as described above to get the MAC address to its default gateway, the relevant service agent. In the same way as described above all ARP requests from the users, also when not preceeded by a DHCP request, will be intercepted by the penult and result in the address to the respective default gateway. In this way all communication between different users is forced to flow to the service agent. It was also described that the dynamically allocated MAC addresses were locally administrated addresses, LAA. An alternative is that a set of MAC addresses is bought from the IEEE.

The service agent successively builds up a list for translating between IP addresses and user device MAC addresses. When it receives a packet it reads the IP address and if this address is whitin the service agent's own administrated subnet it looks for the IP address and finds the user MAC address. The service agent forwards the packet to this user MAC address and packets with any other IP address will be forwarded to the service provider.

In connection with FIGS. 1 and 2 was described that the distributed handler system comprised the handler H1 in the penult and the broadcast handler BH1 in the edge access server EAS. The penult and the edge access server were interconnected by the network ETH1. In an alternative embodiment the penult is a unit close to the edge access server. The transmission of messages between the penult and the edge access server is performed by Ethernet frames without the interconnecting network ETH1. It is even so that the penult can be regarded as a part of the edge access server itself. It should be noted that the edge access server EAS, the penults P1-Pk, the handler registers REG1, REG11-REGk1 and other parts of the access system not necessarily are physical units. Rather they are functional units which can be centralized or distributed depending on what is most appropriate in a situation.

In the embodiment in connection with FIG. 2 each of the service access relations was defined by solely one unique service agent MAC address, e.g. the relation R11 defined by the address SAMAC1. Each of the service agents therefore could have a set of different MAC addresses allocated to its service agent port, each address for one of the relations to the respective user port. In an alternative embodiment each service agent has only one single service agent MAC address for all its different service access relations to different of the user ports. The respective service access relation is in this embodiment defined by a complete access relation identifier including the service agent MAC address and a further service access relation identifier. This further identifier appears from the Ethernet header in the transmitted frames. An example on such an identifier is the combination of the VLAN tag and the user device MAC address.

With the abovementioned further service access relation identifier it is also possible, in an embodiment, that a plurality of MAC addresses are allocated to the port of one of the service agents. Each of these MAC addresses is then bound to a set of relations, each of the relations having its own further identifier.

In connection with FIG. 4 it was described that the user U11 had the Ethernet ETH2 with tagged VLAN:s to relate the user devices to the penult P1. As an alternative the user has a port based VLAN with a switch, that reads the tag and switches to a port for the relevant user device. Still an alternative is that the user has a MAC based VLAN and the penult checks that the user MAC address corresponds to the VLAN identifier.

In an embodiment the VLAN tag is transmitted from the service agent to the penult to transmit a requested service to the correct user device. In an alternative embodiment no VLAN tag is transmitted to the penult but only the service agent MAC address, e.g. SAMAC1. The penult itself derives the VLAN identity, e.g. the VLAN tag, from the unique service agent MAC address, defining the service access relation.

In connection with FIG. 2 it was described that the service providers SP1-SPn were connected to each one of the service agents SA1-San. In an alternative a service provider can be connected to two or more service agents.

Above is described the use of DHCP request. For other types of services than IP or other types of establishment of a relation between a user device and a service agent, other types of broadcast service attachment requests can be used.

By the broadcast handler also those alternative requests are replied to by a service agent MAC address, which is identified in the same way as for the DHCP. As an example can be mentioned the use of PPP over Ethernet, PPPoE, where a broadcast PPPOE request will be responded with a service agent MAC address to the service agent acting as PPPoE server. Also, the ARP request is mentioned above. For other protocols than the IP protocol similar procedures are utilized to bring about address resolution.

In connection with a flow chart in FIG. 9 will be descibed an overview over the above method of defining the service access relations in the multiservice access system ACC1. In a step 90 one of the users decides one of his VLAN:s for one of the services, e.g. the user U11 selects the service from the service provider SP1 and decides the VLAN with the tag TAG1 for the service. The user sends the the decided tag and the selected service together with his user port UP11 to the administrative unit AD1 in a step 91. In a step 92 the administrative unit checks which one of the service agents SA1-SAn that corresponds to the selected service and finds the service agent SA1. The administrative unit dynamically allocates the unique service agent MAC address SAMAC1 to the service agent SA1 in a step 93. The register REG1 is created in the broadcast handler BH1 in a step 94, in which register the service agent MAC address SAMAC1 is related to the user port UP11 and VLAN tag TAG1. Thereby the service access relation R11 is defined, step 95.

The method of building up the correspondance between IP addresses and MAC addresses will be described in short in connection with flow charts in FIG. 10 and FIG. 11. In a first step 100 in FIG. 10 the handler H1 receives the broadcast DHCP request with the frame FR2 from the user device UD11. The frame includes both the user MAC address UMAC1 and the VLAN tag TAG1. The handler H1 adds the user port identification UP11 in a step 101 and in a step 102 the handler sends the complete message unicast to the broadcast handler BH1 in the edge access server EAS. The broadcast handler notes the user port UP11 and the VLAN tag TAG1 in a step 103 and, looking in its register REG1, it points out the corresponding unique service agent MAC address SAMAC1 in a step 104. In a step 105 the broadcast handler finds the relevant service agent SA1. Now the first part of the procedure is ready, finding the default gateway. Next part is to send IP addresses to the user device. In a step 106 the broadcast handler BH1 sends the user port and the VLAN tag to the service agent SA1. In a step 107 the service agent SA1 allocates the IP address IPUD11 to the user device UD11. In a conventional manner the service agent sends the DHCP response, including the own IP address IPSA1 and the allocated IP address IPUD11, step 108. In a step 109 the user device stores the received IP addresses. The relation R11 is now estabished on IP level. It should be noted that the procedure described in connection with FIG. 10, finding the default gateway in the steps 100 to 105 and the user device receiving the IP addresses in the steps 106 to 109, can be performed in alternative ways. One such way is by the static configuration procedure as mentioned above.

The procedure when the service access relation R11 is established in the reverse direction, from the user side to the service agent side, will be described shortly in connection with the flow chart in FIG. 11. In a first step 110 the handler H1 in the penult P1 receives an ARP message from the user device UD11 on the user port UP11. The handler adds the port identification in a step 111 and in a step 112 the handler H1 sends a message, including the ARP message and the port, unicast to the broadcast handler BH1. The broadcast handler looks in the register REG1 for the user port UP11 and the VLAN tag TAG1 and finds the service agent MAC address SAMAC1, step 113. In a step 114 the broadcast handler sends the address SAMAC1 to the handler H1 and in a step 115 the handler transmits the address SAMAC1 to the user and the address is received by the user device UD11. Alternatively the broadcast handler sends the MAC address SAMAC1 to the relevant service agent SA1 with an order to transmit the address to the handler H1.

The above described arrangements and procedures are related to unicast access between the service agents and the user ports on the penults. In connection with FIG. 12 will shortly be described an embodiment with multicast access. FIG. 12 shows a somewhat simplified view of FIG. 2 with the access system ACC1 interconnecting the service providers SP1-SPn and the users U11-Um1. The access system has, as above, the edge access server EAS and the penults P1-Pk interconnected by the Ethernet network ETH1. In this network are shown Ethernet switches SW191, SW192 and SW193 supporting multicast. Also the penults P18, P19 and P20 support multicast access. In the figure is shown a multicast access relation MR11 from the service agent SA19 to the penults P18, P19 and P20. The penult P19 has the user port UP191 with a connection to the user U191 and the user port UP192 connected to the user U192. The penult P20 has the user port P201 connected to the user U193. The user 191 has user devices UD191 and UD192 attributed to the user port UP191 via a VLAN with a VLAN tag TAG19 and the user U192 has a user device UD193 attributed to the user port UP192, also via the VLAN with the tag TAG19. The user U193 has a user device UD194 which is attributed to the user port UP201, also via the VLAN with the tag TAG19.

The aim with the multicast access relation MR11 is, naturally, to distribute a service from the service provider SP19 via the service agent SA19 to the users. Note that this distribution takes place only downstream, from the service provider to the users. The distribution is performed by branching up the service access relation MR11 in the edge access server, in the switches and in the penults. The relation MR11 to the users, which utilize the service from the provider SP19, is defined by one and the same MAC address, in the example a MAC address SAMAC19 allocated to the service agent SAl9 by the administrative unit AD1. Each multicast flow from this service agent has a specific multicast address to which all participating users are listening. In the multicast frames transmitted via the relation MR11 the multicast bit M1 in FIG. 3c is set. Furthermore, the service from the service provider SP19 is distributed on one and the same Ethernet LAN, in the example the VLAN with the tag TAG19, which is bound to the multicast access relation MR11. In the multicast case the users can't decide their own VLAN:s for the service, but a common decision concerning the VLAN identification must be made. The establishing of the relation MR11 is performed in a corresponding way as described above. Also in the multicast access case the service agent for a certain service can have more than one assigned MAC address, in the same way as described above in the unicast case.

In connection with FIG. 13 will be described an overview over a procedure for establishing the multicast access relations. In a step 130 the VLAN with the tag TAG19 for a selected service from the service provider SP19 is decided. The decision is distributed to the edge access server EAS and to the users in a step 131. In a step 132 the administrative unit AD1 checks which one of the service agents SA1-SAn that corresponds to the selected service and finds the service agent SA19. The administrative unit AD1 dynamically allocates the service agent MAC address SAMAC19 to the service agent SA19 in a step 133, this MAC address defining the multicast access relation MR11. In a step 134 the MAC address SAMAC19 is bound to the decided VLAN with tag TAG19. In a step 135 the multicast access relation MR11 is estsblished in a corresponding way as is described for the unicast relations. In a step 136 the multicast bit M1 is set for frames transmitted over the multicast service access relation MR11.

The services from the service providers SP1-SPn must be delivered with a certain quality level. The resources within the access system ACC1 are however limited, which delimits the quality level. An example on a limited resource is the available bandwidth. Many relations, as the relation R11, are to be transmitted via the connections between the service agent and a switch, between the switch and the penult and between the penult and the user VLAN, which relations have to share the available bandwidth. The quality of service for the relations are deicided in agreements and are denoted for each relation in the register REG1 in FIG. 5. This is exemplified by a quality of service Q having a level QoS1 denoted on the list L11 for the relation R11, which relation is defined by the service agent MAC address SAMAC1. The quality values, e.g. a bandwidth parameter, are utilzed when the traffic is shaped by shapers in the access system. As examples on shapers are shown, in FIG. 2, a shaper SHn in the edge access server EAS and a shaper SHk in the penult Pk. When shaping the traffic flow the shapers in the edge access server look on the service agent MAC addresses, which always appears in a transmitted frame either as source or destination address. With the aid of the address the shaper finds the corresponding value for the quality level. e.g. the value QoS1. In the embodiment when some of the relations were defined by its respective service agent MAC address and the further service access relation identifier, the shaper has to look also on the further identifier. The shaper SHk in the penult Pk can utilize the VLAN tag and the user port in a corresponding manner. The shaping includes in conventional manner buffering the frames, prioritizing with the aid of the priority tag PTG1 and sheduling.

It can happen that a participant tries to make more use of the access system ACC1 than the agreement allows, e.g. sends more traffic than it is agreed. This means that the participant's traffic even after shaping takes more bandwidth than the bandwidth parameter allows. The system can look upon the unique service agent MAC address in the frames and compare with the agreement. In the relation that uses too much bandwidth the system can apply policing and delet some of the transmitted frames. Also for this function the system has to look on the further service access relation identifier in the alternative embodiment for identifying the relations.

It can also happen that the users exchange their MAC addresses by some means and tries to utilize the access system ACC1 for communication between themselves and not with the service providers. To prevent such a behaviour the penults can have a traffic filter, e.g. a filter F21 at the user port UP21 in the penult P2. The filter reads the addresses in the transmitted frames. Frames from the user devices may only have the service agent MAC addresses or the broadcast address as destination address. Frames to the user devices may only have the service agent MAC addresses as source address. Other addresses are not allowed and frames with such addresses are deleted in the filter. Also, broadcast messages from a user, which are not to be handled by any of the service agents, are deleted.

The MAC addresses can have an internal address structure that is adapted to the structure of the access network ETH1. This can simplify the implementation of the network and its components in the access system ACC1.

In FIG. 14 the basic structure of the service agent MAC address is shown. A field 141 includes flag bits and fields 142 and 143 include route description.

There are two predefined flag bits in the flag field 141 according to the Ethernet standard:

- The local bit that determines whether an address is globally (0) or locally (1) administered. For a service agent MAC address, e.g. the address SAMAC1, this bit is always one, i.e. locally administered.
- The group bit that determines whether an address is unicast (0) or multicast (1). For a service agent MAC address, e.g. the address SAMAC1, this bit is always zero, i.e. unicast.

To describe the invention some definitions have to be made:

A route in this context is a description of a path from the source to the destination. The route may contain a complete description of the path, with all intermediate steps included, or a partial description of the path, with only some steps included; in the latter case other mechanisms such as self-learning switches are used for the steps omitted from the route description.

An EAS Route, shown as the field 142 in FIG. 14, is used to describe the route from one of the users U11 . . . . Um1 to one of the service agents SA1 . . . SAn in the edge access server EAS.

A User Route, shown as the field 143 in FIG. 14, is used to describe the route from one of the service agents SA1 . . . SAn in the edge access server EAS to one of the users U11 . . . -Um1.

A route, EAS or User Route, can be specified via a direct or an indirect description. A direct route description contains the path information used to route the frame “in situ”, i.e. the actual route, or an encoding of it, is contained in the address itself. An indirect route description contains a reference to the path information located elsewhere, for example, in the network equipment such as the edge access server EAS or the penult P1 . . . Pk.

Different embodiments of a service agent MAC address may contain zero, one or both of the route fields 142 and 143, but the flag field 141 is mandatory. It should be noted that even if one or both of the route fields are omitted, the service agent MAC address still constitutes a valid address denoting one of the service agents in the edge access server EAS.

Below four examples on different route descriptions are given in connection with FIGS. 15 to 20.

Direct, Partial Route Structure

FIG. 15 shows an embodiment with both a direct EAS Route and a direct User Route. The route field 142 has an address field 151 with a service agent identity SAID2. The route field 143 includes a field 152 with a port identity PIDE for the edge access server EAS, a field 153 with the identity UP21 for one of the user ports on the penult P2 and a field 154 with a user context identity for one of the users on the port. In this example both routes are partial since they contain no information how to route the frame between the edge access server EAS and the penult.

FIG. 16 is a simplified version of FIG. 2, showing routes R01 between the service agent SA2 and the user U21 through an aggregation network AG1. The route RO1 is shown in FIG. 15. In the direction from the user the partial EAS route RO1 only gives the identity SAID2 for the service agent SA2. In the direction from the service agent the user route RO1 gives the EAS port identity PIDE, the user port identity UP21 for the user U21 and the user context identity.

Direct, Complete User Route

FIG. 17 shows an embodiment with a direct, complete user route. The route field 143 includes a field 171 with the port identity PIDE for the edge access server EAS, a field 172 with a port identity PID11 for a first switch, a field 173 with a port identity PID22 for a second switch and a field 174 with the port identity UP21 for the user port on the penult P2. The various fields in the user route can be used directly by the various levels in the access network to route the frame to the correct user. A prerequisite in this example is that each node in the network “knows” its level, so that it can extract and interpret the correct information from the address. The following FIG. 18 shows how the path is found.

FIG. 18 is a simplified version of FIG. 2, showing a route R02 from the edge access server EAS to the user U21 through the aggregation network AG1. In the network AG1 are shown switches SW11, SW12, SW21, SW22 and SW2m. The route identities are given in FIG. 17. The user route R02 includes the EAS port identity PIDE, the port identity PID11 for the first switch SW11, the port identity PID22 for the second switch SW22 and the port identity UP21 for the user U21.

Indirect Partial Route

FIG. 19 shows an embodiment of a service agent MAC address containing both an indirect partial EAS Route and an indirect partial User Route. In the address the route field 142 has an EAS index pointing at an edge access server table EAST1 with service agent identities SAID1 . . . SAIDn. In the address the route field 143 has a user index pointing at a penult table PT1 with the user port identities UP11 . . . Upk1 and corresponding user context identities.

Finding a path in this case is similar to how it is described in connection with FIG. 16, except in this case the table EAST1 and the table PT1 is used in the edge access server and penult respectively to determine the correct route.

An embodiment of the indirect User Route is suitable to support mobility for a user, that needs to move between different locations. Moving a service binding from one of the user ports to another, simply implies updating the penult tables in the involved penults. Depending on the type of indirect user route description used, updating of tables in other nodes may also be necessary.

Indirect Complete User Route

FIG. 20 shows an exemplifying embodiment of a service agent MAC address containing an indirect complete user route. In the address the route field 143 has a user index pointing at both switch tables SWT1 and SWT2 with switch port identities and at a penult table PT2 with user port identities.

Finding a path in this case is similar to how it is described in connection with FIG. 18, except in this case the switch tables SWT1 and SWT2 and the penult table PT2 are used in the switches and the penult respectively to determine the correct route.

Methods and arrangements in an access system

Information

Publication Number

Date Filed

Date Published

Inventors

Original Assignees

CPC

US Classifications

International Classifications

Abstract

Description

Claims

PCT Information