AN ARCHITECTURE FOR MANAGING IPV4 BASED CUSTOMER PREMISSES EQUIPMENTS THROUGH IPV6
20210320859 · 2021-10-14
Assignee
Inventors
- Umut YAZICI (Istanbul, TR)
- Salih MEMICI (Istanbul, TR)
- Can UCMAK (Istanbul, TR)
- Murat AKIN (Istanbul, TR)
- Ozge GURE (Istanbul, TR)
- Tayfun OZALTIN (Istanbul, TR)
- Ercin TORUN (Istanbul, TR)
- Mehmet Ferhat MERIC (Istanbul, TR)
- Mert KOCASARI (Istanbul, TR)
- Murat KARAARSLAN (Istanbul, TR)
- Yunus OT (Istanbul, TR)
Cpc classification
H04L45/122
ELECTRICITY
H04L45/50
ELECTRICITY
International classification
Abstract
The present invention is basically related to a system which is For managing IPv4 based network through IPv6 based TR-069 communication and which provides a solution allowing new subscriber registrations to the networks that has reached maximum number of IP (Internet Protocol) usage.
Claims
1. A system (1) which enables managing IPv4 based network through IPv6 based TR-069 communication comprising at least one CPE-A (2) which is the primary customer device being activated maintained, monitored for accessing services which are offered by the service provider via sending and receiving data packets with the same external IP address of CPE-B (3), at least one CPE-B (3) which is the secondary customer device being activated, maintained, monitored for accessing services which are offered by the service provider via sending and receiving data packets with the same external IP address of CPE-A (2), at least one MPLS router (4) which directs data from one network node to the next based on short path labels, at least one CGN (5), at least one firewall (6) which communicates with CGN (5) and operates in IPv6 mode, at least one load balancer (7) which receives data packets from the firewall (6), at least one ACS load balancer (8) which receives the data packets from the load balancer (7) and characterized by at least one CGN (5) which manipulates the data packets which are originated by and destined to CPE-A (2) and CPE-B (3), at least one ACS (9), which is enabled to receive the data packets which are originated by CPE-A (2) and CPE-B (3) and send data packets to CPE-A (2) and CPE-B (3); and which records IPv4 addresses that are used by CPE-A (2) and CPE-B (3) while sending the data packets, IPv6 addresses which is obtained by the transformation of said IPv4 address and device serial numbers of CPE-A (2) and CPE-B (3) so that it will be able to access CPE-A (2) or CPE-B (3) at any specific time and for any specific objective.
2. A system (1) according to claim 1, characterized by CPE-A (2) which is a device to provide fixed and/or mobile broadband network service or STB (Set-Top-Box) device or LTE (Long Term Evolution) router device.
3. A system (1) according to claim 1, characterized by CPE-B (3) which is a device to provide fixed and/or mobile broadband network service or STB (Set-Top-Box) device or LTE (Long Term Evolution) router device.
4. A system according to claim 1, characterized by CGN (5) which modifies the data packets originated by CPE-A (2) and CPE-B (3) so that same source IPv4 addresses for data packets originated by CPE-A (2) and CPE-B (3) are translated to different IPv6 addresses respectively and the destination address for the related data packets are translated to the IPv6 address of the load balancer (7).
5. A system according to claim 1, characterized by the load balancer (7) which writes the source IPv6 address of the data packet to the XFF value for each data packet so that ACS (9) will be enabled to read IPv6 address values for CPE-A (2) and CPE-B (3) in order to match the device and IP address while database related processes are conducted.
6. A system according to claim 1, characterized by ACS (9) which is able to read the original source IPv4 address from TR69 packet along with the IPv6 address which has been written on XFF value by the load balancer (7) and which can record the following information in mapped format to its database: the device serial numbers of CPE-A (2) and CPE-B (3), the original source IPv4 address of the data packets originated by CPE-A (2) and CPE-B (3) and the respective IPv6 addresses of data packets which has been written on XFF value by the load balancer (7).
7. A system according to claim 6, characterized by ACS (9) which is able to read IPv6 address corresponding to any CPE, such as CPE-A (2) and CPE-B (3), by using the related device serial number and forwarding the correct data packet to the correct CPE device.
8. A system according to claim 1, characterized by ACS (9) which originated data packets directly to the firewall (6) while reaching CPE-A (2) and CPE-B (3) for service activation, management and monitoring purposes.
9. A system according to claim 8, characterized by firewall (6) which receives data packet and transmits it to the related partition of CGN (5) over VLAN and which modifies the source IPv6 address value of the data packet (Source NAT) and replaces the IPv6 address of the load balancer with this source IPv6 address so that CGN (5) will be able to conduct the reverse process of network address translation which has occurred during the data packet transmission from CPE-A (2) and CPE-B (3) to ACS (9).
10. A system according to claim 9, characterized by CGN (5) which extracts the data packet based on V LAN number over which the data packet has been transmitted; receives the data packet from the related partition; translates IPv6 address in the data packet to IPv4 address for both source and destination addresses so that CPE-A (2) and CPE-B (3) can receive data packet in IPv4 format as they expected to receive.
11. A system according to claim 1, characterized by ACS (9) which is enabled to communicate with OSS/BSS layer and CRM and call center application on OSS/BSS layer over IPv4.
Description
DESCRIPTION OF THE INVENTION
[0009] A System for Managing IPv6 Based Network realized to fulfill the objectives of the present invention is shown in the figures attached, in which:
[0010]
[0011] The components illustrated in the figures are individually numbered, where the numbers refer to the following: [0012] 1. System [0013] 2. CPE-A [0014] 3. CPE-B [0015] 4, MPLS Router [0016] 5. CGN [0017] 6. Firewall [0018] 7. Load Balancer [0019] 8. ACS Load Balancer [0020] 9. ACS
[0021] A system (1) which enables managing IPv6 based network: [0022] at least one CPE-A (2) which is the primary customer device being activated, maintained monitored for accessing services which are offered by the service provider via sending and receiving data packets, [0023] at least one CPE-B (3) which is the secondary customer device being activated, maintained, monitored for accessing services which are offered by the service provider via sending and receiving data packets, [0024] at least one MPLS router (4) which directs data from one network node to the next based on short path labels, [0025] at least one CGN (5) which manipulates the data packets which are originated by and destined to CPE-A (2) and CPE-B (3), [0026] at least one firewall (6) which communicates with CGN (5) and operates in IPv6 mode, [0027] at least one load balancer (7) which receives data packets from the firewall (6), [0028] at least one ACS load balancer (8) which receives the data packets from the load balancer (7), [0029] at least one ACS (9), which is enabled to receive the data packets which are originated by CPE-A (2) and CPE-B (3) and send data packets to CPE-A (2) and CPE-B (3); and which records IPv4 addresses that are used by CPE-A (2) and CPE-B (3) while sending the data packets, IPv6 addresses which is obtained by the transformation of said IPv4 address and device serial numbers of CPE-A (2) and CPE-B (3) so that it will be able to access CPE-A (2) or CPE-B (3) at any specific time and for any specific objective (
[0030] CPE-A (2) is the primary customer device being activated, maintained, monitored for accessing services which are offered by the service provider via sending and receiving data packets
[0031] CPE-B (3) is the secondary customer device being activated, maintained, monitored for accessing services which are offered by the service provider via sending and receiving data packets.
[0032] In different embodiments of the invention, CPE-A (2) and CPE-B (3) are the devices which are able to provide fixed and mobile broadband network service or STB (Set-Top-Box) devices or LTE (Long Term Evolution) router devices.
[0033] MPLS router (4) is the component which directs data from one network node to the next based on short path labels.
[0034] CGN (5) is the component which manipulates the data packets which are originated by CPE-A (2) and CPE-B (3).
[0035] Firewall (6) is the component which communicates with CGN (5) and operates in IPv6 mode.
[0036] Load balancer (7) is the component which receives data packets from the firewall (6).
[0037] ACS load balancer (8) is the component which receives the data packets from the load balancer (7) and transmits them to ACS (9) based on the load and the redundancy of servers.
[0038] ACS (9) is the component which receives the data packets which are originated by CPE-A (2) and CPE-B (3) and which records IPv4 addresses that are used by CPE-A (2) and CPE-B (3) while sending the data packets, IPv6 address which is obtained by the transformation of said IPv4 address and device serial numbers of CPE-A (2) and CPE-B (3) so that it will be able to access CPE-A (2) or CPE-B (3) at any specific time and for any specific objective.
[0039] Within the operation of the system (1) which is disclosed in the present invention, firstly, CPE-A (2) and CPE-B (3) originates HTTP/HTTPs data packets with the same source IPv4 addresses via MPLS routers (4) and the different VRFs. The destination address for the related data packets is the virtual IP address of the load balancer (7). Related data packets are manipulated by CGN (5) so that the both source and the destination address of the data packets are changed to IPv4 and IPv6 accordingly. And this is being done on CGN (5) statelessly meaning no session information is kept on CGN device. According to the IP address blocks used return packets can also be identified Same source IPv4 addresses for data packets originated by CPE-A (2) and CPE-B (3) are translated by CGN (5) to different IPv6 addresses respectively and the destination address for the related data packets are translated by CGN (5) to the IPv6 address of the load balancer (7). In this structure IPv4 subscribers access a source of IPv6 (ACS etc) and access type is bidirectional. On the IPv6 side, a certain /96 prefix is selected and used for conversion. When an IPv4 address reaches an IPv6 source (for example, ACS) on this address, its address is embedded in the IPv6 address. For example, if modem IP is 10.1.123.143, this IPv4 address is buried in the last hex and translated to IPv6:
TABLE-US-00001 2096:db8:aa:1::0a1:7b8f 10 Y 0a 1 Y 1 123 Y 7b 143 Y 8f
[0040] Related data packets which have IPv6 source and destination addresses after NAT (Network Address Translation) process are sent from the related VRF partition of CGN (5) to the firewall (6) via different V LANs. For the firewall (6), V LANs, which are the same number as the number of partitions in CGN (5), are specified so that the every VRF partition of CGN (5) becomes discrete.
[0041] The firewall (6) which operates in IPv6 mode transmits the data packets to the load balancer (7) which is the destination point for the data packets. Load balancer (7) writes the source IPv6 address of the data packet to the XFF value for each data packet so that ACS (9) will be enabled to read IPv6 address values for CPE-A (2) and CPE-B (3) in order to match the device and IP address while database related processes are conducted.
[0042] After writing the source IPv6 address of the data packet to the XFF value, the load balancer (7) transmits the data packets to the ACS load balancer (8) which is the part of the ACS (9) and which can communicate on IP level. ACS load balancer (8) is responsible for transmitting data packets to any one of the ACSs (9) based on the load and redundancy of the servers. As the data packets reach ACS (9), they are extracted and being processed on application layer. Since the data packets originated by CPE-A (2) and CPE-B (3) have IPv4 addresses when they are first transmitted by CPE-A (2) and CPE-B (3), the IPv4 addresses are placed on network layer. However, ACS (9) is able to read IP address in XFF value which is on application layer (7).
[0043] Since ACS (9) can both read the original source IPv4 address from TR69 packet along with the IPv6 address which has been written on XFF value by the load balancer (7), it can record the following information in mapped format to its database: the device serial numbers of CPE-A (2) and CPE-B (3), the original source IPv4 address of the data packets originated by CPE-A (2) and CPE-B (3) and the respective IPv6 addresses of data packets which has been written on XFF value by the load balancer (7). This enables ACS (9) to read IPv6 address corresponding to any CPE, such as CPE-A (2) and CPE-B (3), by using the related device serial number and forwarding the correct data packet to the correct CPE device.
[0044] While ACS (9) is reaching CPE-A (2) and CPE-B (3) for service activation, management and monitoring purposes, data packets originated by ACS (9) are transmitted by ACS (9) directly to the firewall (6). Firewall (6) receives data packet and transmits it to the related partition of CGN (5) over VLAN. In order to conduct this transmission, firewall (6) modifies the source IPv6 address value of the data packet (Source NAT) and replaces the IPv6 address of the load balancer with this source IPv6 address so that CGN (5) will be able to conduct the reverse process of network address translation which has occurred during the data packet transmission from CPE-A (2) and CPE-B (3) to ACS (9). By this implementation of the invention, firewall (6) is enabled to operate in full transparent mode and whole management architecture is enabled to have flexibility. For the Source NAT process, ARP inform packets are disabled in the firewall (6), in this implementation of the invention.
[0045] As soon as the data packet originated by ACS (9) is transmitted to CGN (5), CGN (5) extracts the data packet based on VLAN number over which the data packet has been transmitted and receives the data packet from the related partition. IPv6 address in the data packet has been translated to IPv4 address by CGN (5) for both source and destination addresses so that CPE-A (2) and CPE-B (3) can receive data packet in IPv4 format as they expected to receive.
[0046] With the architecture provided by the implementation of the present invention, ACS (9) is enabled to communicate with OSS/BSS layer over IPv4. The first application on the said OSS/BSS layer is the CRM (Customer Relationship Management) system of the service provider company and CRM system is enabled to access ACS (9) over a discrete VLAN and in IPv4 format. Similar to CRM application, the ACS application which provides information and actions to call center screens is also enabled to access ACS (9) over a discrete V LAN and in IPv4 format.
[0047] It is possible to develop various embodiments of the inventive system (1), it cannot be limited to examples disclosed herein and it is essentially according to claims.