U.S. patent application number 10/181554 was filed with the patent office on 2003-01-02 for method and device for controlling access to a communications network.
Invention is credited to Charzinski, Joachim, Engel, Thomas, Prehofer, Christian, Sauerwein, Rainer.
Application Number | 20030002531 10/181554 |
Document ID | / |
Family ID | 8167678 |
Filed Date | 2003-01-02 |
United States Patent
Application |
20030002531 |
Kind Code |
A1 |
Charzinski, Joachim ; et
al. |
January 2, 2003 |
Method and device for controlling access to a communications
network
Abstract
According to the invention, in order to control the access of
traffic streams (VS) to the communications network (KN), an
available capacity (VK), placed at the disposal of an access node
(ZK) for transferring traffic streams (VS) to said communications
network (KN), is determined from an access node (ZK) of the
communications network (KN), taking into account the total transfer
capacity (G) of the communications network (KN). The available
capacity (VS) is notably redetermined whenever the routing
information (RI) of the access node (ZK) is modified. An access
control of this type guarantees the quality of service required in
a connectionless communications network.
Inventors: |
Charzinski, Joachim;
(Oberscheissheim, DE) ; Engel, Thomas;
(Unterbiberg, DE) ; Prehofer, Christian; (Munich,
DE) ; Sauerwein, Rainer; (Herssching, DE) |
Correspondence
Address: |
MORRISON & FOERSTER LLP
2000 PENNSYLVANIA AVE, NW
SUITE 5500
WASHINGTON
DC
20006-1888
US
|
Family ID: |
8167678 |
Appl. No.: |
10/181554 |
Filed: |
July 19, 2002 |
PCT Filed: |
January 9, 2001 |
PCT NO: |
PCT/EP01/00166 |
Current U.S.
Class: |
370/468 ;
709/229 |
Current CPC
Class: |
H04Q 11/0478 20130101;
H04L 2012/5632 20130101; H04L 2012/562 20130101 |
Class at
Publication: |
370/468 ;
709/229 |
International
Class: |
H04J 003/16; G06F
015/16 |
Foreign Application Data
Date |
Code |
Application Number |
Jan 21, 2000 |
EP |
00101182.4 |
Claims
1. A method for access control for a communications network (KN)
having the following steps: an available capacity (VK), which is
available to at least one access node (ZK) for the transmission of
traffic streams (VS) to the communications network (KN), is
determined for said node by an access function (ZF) for the
communications network (KN), taking into account the overall
transmission capacity (G) of the communications network (KN), the
access function (ZF) reports the available capacity (VK) to the
access node (ZK), and the access node (ZK) controls the access of
traffic streams (VS) to the communications network (KN) as a
function of the available capacity (VK).
2. The method as claimed in claim 1, characterized in that the
available capacity (VK) is determined once again whenever the
overall transmission capacity (G) changes.
3. The method as claimed in one of claims 1 or 2, characterized in
that, in the case of a communications network (KN) having a number
of transmission nodes (K) and paths (W), the available capacity
(VK) is determined, at least partially, as a function of
information (RI) which is available to the access node (ZK) for
routing in the communications network (KN).
4. The method as claimed in claim 3, characterized in that the
information (RI) is in the form of load information (LI) and/or
cost information (KI) which identifies the transmission paths
(UW).
5. The method as claimed in one of the preceding claims,
characterized in that, in the case of a communications network (KN)
having a number of transmission nodes (K) and paths (W), whose
overall transmission capacity (G) depends, at least partially, on
the transmission capacities of the transmission paths (W), any
change in the overall transmission capacity (G) is identified as a
consequence of a change in the transmission capacity of one of the
transmission paths (W).
6. The method as claimed in claim 5, characterized in that any
change in the transmission capacity of one of the transmission
paths (W) is reported to the access node (ZK) in accordance with
the rules of a routing protocol (RP).
7. The method as claimed in one of the preceding claims,
characterized in that the access function (ZF) is provided in the
access node (ZK) and determines only the capacity (VK) which is
available for this access node (ZK).
8. An apparatus for carrying out a method as claimed in one of the
preceding claims.
Description
[0001] Modern packet-oriented communications networks--also
referred to as "data networks"--have until now been designed
essentially for the transmission of packet streams, which are also
referred to in the specialist world as "data packet streams". In
this case, there is normally no requirement for a guaranteed
transmission quality of service. The data packet streams are thus
transmitted, for example, with fluctuating time delays, since the
individual data packets of the data packet streams are normally
transmitted in the sequence of their access to the network, that is
to say the time delays become greater the greater the number of
packets that have to be transmitted by a data network. In the
specialist world, the transmission of data is therefore also
referred to as a transmission service without realtime conditions,
or as a "non-realtime service".
[0002] In the course of the convergence of line-oriented speech and
packet-oriented data networks, realtime services, that is to say
transmission services in realtime conditions, such as the
transmission of speech information or moving picture information,
are likewise increasingly being provided in packet-oriented
communications networks, that is to say the transmission of the
realtime services which until now have normally been transmitted on
a line-oriented basis is being carried out on a packet-oriented
basis, that is to say in packet streams, in a convergent
speech/data network. These packet streams are also referred to as
"realtime packet streams". One problem that arises in this case is
that a high quality of service is required for packet-oriented
transmission whose quality is comparable to that of line-oriented
transmission. In particular, a minimal delay--for example of
<200 ms--without any fluctuations in the delay time is
important, since realtime services in general require a continuous
information flow, and any loss of information, for example due to
packet losses, cannot be compensated for by repeated transmission
of the packets that have been lost. Since, in principle, these
quality of service requirements apply to all communications
networks using packet-oriented transmission, they are independent
of the specific configuration of a packet-oriented communications
network. In consequence, the packets may be in the form of
Internet, X.25 or frame-relay packets, or else may be in the form
of ATM cells. Packet data streams and realtime packet data streams
are in this case exemplary embodiments of traffic streams that are
transmitted in communications networks.
[0003] Speech and picture information should normally be
transmitted in a speech/data network with a guaranteed quality of
service, in order that the quality of the speech and picture
transmission is not decreased when the number of packets to be
transmitted in the Internet rises. In the IETF (Internet
Engineering Task Force), proposals relating to this have been made
in Blake et. al., "An Architecture for Differentiated Services",
RFC 2475, 1998, ftp://venera.isi.edu/in-notes/rfc2475.txt and in
Nichols et. al, "Definition of the Differentiated Services Field
(DS Field) in the IPv4 and IPv6 Headers", RFC 2474, 1998,
ftp://venera.isi.edu/in-notes/rfc2474.txt, for a number of service
classes to be introduced in the packet-oriented Internet, which
until now has not guaranteed qualities of service. An Internet such
as this is also referred to as a `DiffServ network`. In this case,
the individual packet streams are in each case allocated to a
specific service class and, depending on their service class, are
transmitted with or without priority with respect to packets in
other service classes by the transmission nodes in the Internet. It
is thus possible, by way of example, to ensure the quality of
service required for realtime services by allocating the associated
realtime packet streams to a service class which is transmitted
with priority by the nodes in the Internet--with the realtime
packet streams thus being given priority over the data packet
streams.
[0004] The formation of a class for prioritized transmission
results in the formation of a (virtual) separate communications
network within the Internet, for transmission of high-priority
traffic streams and with a separate overall transmission capacity,
which comprises a portion of the overall transmission capacity of
the Internet. In this case, the overall transmission capacity of a
communications network which comprises transmission nodes and paths
is regarded as that capacity which is required for transmission of
the traffic streams which can just be transmitted without any loss
of traffic. Expressed in other words, this means that no further
traffic stream could be transmitted in that communications network
without loss of traffic. The transmission capacity which is still
available on a predetermined route between two transmission nodes
in the communications network accordingly depends not only on the
traffic which is being transmitted directly between these two
transmission nodes but also on that traffic which is being
transmitted at least partially along the given route as a
consequence of transmission along other routes in the
communications network.
[0005] In principle, network access control is required, at least
for the prioritized traffic, for priority-controlled transmission,
since the required quality of service can be ensured only if the
communications network is not supplied with any more prioritized
packets than the maximum number which it can transmit. For this
purpose, network access devices--also referred to as `edge devices`
or else, from the point of view of the communications network, as
`access nodes`--have been proposed for the Internet with a number
of service classes, and which are used to provide network access
control. In this case, the edge devices can
[0006] control the volume of the traffic supplied in the form of
packet streams to the communications network;
[0007] set priority tags in the packets in accordance with the
priority of their packet streams;
[0008] control and if necessary correct priority tags for packet
streams, if the packets have already been tagged with priorities;
and
[0009] control the transmission capacity of prioritized packet
streams.
[0010] The transmission nodes, which are known as edge devices, and
paths in the communications network are also referred to as
"domains", with which the edge device is associated. One edge
device may also be associated with a number of domains.
[0011] A fixed threshold value, which the traffic volume should not
exceed, is normally set in the edge devices in order to control the
traffic which is supplied to the communications network. This
method is very simple, but is inflexible with regard to changes in
the overall transmission capacity of the communications
network.
[0012] The invention is thus based on the object of improving the
method for controlling access to a communications network. The
object is achieved by the features of patent claim 1.
[0013] The major aspect of the invention is access control,
provided by an access node in the communications network, for
traffic streams to a communications network as a function of an
available capacity which is available to that access node for
transmission of traffic streams to the communications network. The
value of this available capacity, which is available to that access
node for the transmission of traffic streams to the communications
network, is determined for at least this access node by an access
function, taking into account the overall transmission capacity of
the communications network, and this is reported to the access
node. A number of major advantages of the invention may be quoted,
as follows:
[0014] The access control can be flexibly matched to changes in the
overall transmission capacity.
[0015] This avoids the communications network being supplied with
more traffic than can be transmitted when its overall transmission
capacity is considerably reduced.
[0016] At least partial loss of traffic streams is avoided.
[0017] Since the access control is provided solely by the access
node, no direct knowledge of the traffic streams that are being
supplied is required in the other transmission nodes in the
communications network. This is associated with the particularly
significant advantage that the invention can be used in
communications networks without connections, for example in the
Internet.
[0018] According to one refinement of the method according to the
invention, the invention provides that the available capacity is
determined once again whenever the overall transmission capacity
changes--claim 2. The access control is thus adapted when changes
occur in the communications network. In particular, the direct
adaptation of the `available capacity` threshold value minimizes
the time period in which the threshold value may not be matched to
the changed overall transmission capacity.
[0019] According to one development of the method according to the
invention, in the case of a communications network having a number
of transmission nodes and paths, the available capacity is
determined, at least partially, as a function of information which
is available to the access node for routing in the communications
network--claim 3. According to one refinement of the method
according to the invention, the information is in the form of load
information and/or cost information which identifies the
transmission paths--claim 4. This has the advantage that the
overall transmission capacity of the communications network is
taken into account by means of information which is normally stored
in realtime access nodes--for example in the edge devices of a
DiffServ network.
[0020] One variant of the method according to the invention
provides that, in the case of a communications network having a
number of transmission nodes and paths, whose overall transmission
capacity depends at least on the transmission capacities of the
transmission paths, any change in the overall transmission capacity
is identified as a consequence of a change in the transmission
capacity of one of the transmission paths--claim 5. One development
of the method according to the invention provides that the change
in the transmission capacity of one of the transmission paths is
reported to the access node in accordance with the rules of a
routing protocol--claim 6. Changes such as these are normally
reported by the most realtime routing protocols. The invention can
thus advantageously be used in a large number of communications
networks, without any adaptation to the routing protocol.
[0021] One variant of the method according to the invention
provides that the access function is provided in the access node
and determines only the capacity which is available for this access
node--claim 7. The access control is thus provided solely by that
access node, that is to say without any involvement of the other
transmission nodes in the communications network. The functionality
of the access node is thus maintained even if significant portions
of the communications network attract attention.
[0022] Further advantageous refinements of the invention can be
found in the dependent claims or other independent claims.
[0023] The method according to the invention will be explained in
more detail in the following text with reference to a figure.
[0024] In this case, FIG. 1 shows, by way of example, a block
diagram of a communications network KN with an overall transmission
capacity G, in which a routing protocol RP is used for the
transmission of routing information RI. The communications network
KN has four transmission nodes K, of which the first transmission
node K.sub.1 forms a first access node ZK.sub.1, the second
transmission node K.sub.2 forms a second access node ZK.sub.2, and
the third transmission node K.sub.3 forms a third access node
ZK.sub.3. Traffic streams VS are transmitted from each of the
access nodes ZK to the communications network KN.
[0025] The transmission nodes are connected to one another by means
of four transmission paths, W.sub.12, W.sub.14, W.sub.24 and
W.sub.34, with the indices indicating those transmission nodes
K.sub.i and K.sub.j between which the transmission path W.sub.ij is
provided. The transmission capacity of each of the transmission
paths is assumed to be identified, for example, by load information
LI and/or cost information KI.
[0026] Routing information RI, which, for example, includes the
load information LI and/or cost information KI about the
transmission paths W, is stored in each of the transmission nodes.
Furthermore, a decentralized, access-node-specific access function
ZF is provided in each of the access nodes ZK.sub.1 and ZK.sub.2.
The access functions ZF in each case determine a capacity VK which
is available for the associated access node ZK, and report this to
said node. Alternatively, a central implementation of the access
function ZK is indicated, which is physically achieved via the
transmission node K.sub.4. This is used, for example, for
determining the capacity VK.sub.3 which is available for that
access node K.sub.3, and this is reported thereto in a
corresponding manner, with its value being stored in the access
node ZK.sub.3.
[0027] The access function ZF may, for example, be implemented
centrally or in a decentralized manner. For the exemplary
embodiment, it is assumed that the access function ZF is
implemented on an access-node-specific basis, that is to say in a
decentralized manner. An access function ZF implemented in this way
normally has no global information available to it about all the
traffic streams VS which are currently being transmitted in the
communications network KN. The capacity VK which is available for
the associated access node ZK is therefore determined, for example,
on the basis of locally available information, from which
conclusions are drawn about the current distribution of the traffic
streams between the transmission nodes K and transmission paths W
in the communications network KN. In the case of an
access-node-specific implementation of the access function ZF, the
determined available capacity VK is reported from there to the
access node ZK by the determined value being stored, for example,
in a storage medium in the access node ZK. In the case of a central
implementation of the access function ZF, the determined value is
reported to the access node, for example with at least one
information item which is transmitted to the access node ZK and is,
for example, in the form of a packet.
[0028] According to the invention, the available capacity VK is
determined, by way of example, taking into account the locally
stored routing information RI. An embodiment of the invention in
which the available capacity VK is in each case determined once
again when the routing information RI [lacuna] is associated with
particularly significant advantages. For example, the routing
information RI is normally adapted by the access node ZK whenever
the transmission capacity of one of the transmission paths W in the
communications network KN has changed.
[0029] By way of example, the routing information RI is changed in
accordance with the rules of a routing protocol RP which is used in
the communications network KN. The object of the routing protocol
RP is in this case to match the routes in the communications
network KN to changed conditions in the communications network KN.
This will be explained briefly using the example of a
packet-oriented communications network KN without any
connections--for example an Internet:
[0030] A so-called `routing table` for determining the next
transmission node K for an incoming packet is produced in each
transmission node K on the basis of the topology of the
communications network KN. The next transmission node K is
determined in the table, on the basis of the destination address of
the packet. Since the routing tables are normally synchronized
throughout the network by means of the routing protocol RP, each
packet generally reaches its destination.
[0031] A failure of a transmission path W is reported to the
transmission nodes K in the communications network KN in accordance
with the rules of the routing protocol RP. These transmission nodes
K then normally form adapted routing tables.
[0032] Examples of routing protocols are OSPF (Open Shortest Path
First), RIP (Routing Information Protocol) or IS-IS (Intermediate
System to Intermediate System). Each of the routing protocols RP
normally provides an access node ZK with different information
about the communications network KN. For example, the routing
information RI which is available to an access node ZK depends on
which routing protocol RP is being used. In the simplest case, only
the topology of the communications network is reported. Routes with
a specific metric (for example the number of transmission nodes K
on a route) are determined by the access nodes ZK on the basis of
this routing information. However, other information, such as the
capacity of the transmission paths W, cost information KI or load
information LI, may also be reported.
[0033] An access node ZK can thus carry out the access control for
traffic streams VS to the communications network KN on the basis of
different criteria. The capacities which are required for the
transmission of the traffic streams VS that are supplied from the
access node ZK to the communications network KN are normally added
for this purpose, and are compared with the available capacity VK.
The total required capacities should normally not exceed the
available capacity VK. In this case, the available capacity is also
referred to as the `limit` or `bandwidth limit`. A specific traffic
stream VS.sub.i is in this case generally either allowed--that is
to say transmitted--or is rejected. The access node ZK takes into
account, for example, information about the topology of the
communications network KN, about the transmission capacities of the
transmission paths W in the communications network KN, or about
typical load situations in the communications network KN. Depending
on the detail in which the communications network KN is considered
on the basis of the available routing information RI, there are
various possible ways to determine the available capacity VK for
the transmission of traffic streams VS:
[0034] 1. Pro rata limit VK for the accumulated required capacities
of all the traffic streams VS which are being transmitted from an
access node ZK to the communications network KN.
[0035] 2. In each case one bandwidth limit VK for each route to
other transmission nodes K in the communications network KN.
[0036] 3. In each case one bandwidth limit VK for each individual
transmission path W in the communications network KN, along which
at least one route runs.
[0037] These limits VK normally in each case apply only for the
traffic via one access node ZK when the access function ZF is
implemented in a decentralized manner. When the access function ZF
is implemented centrally, the limits could also be checked
globally.
[0038] According to one variant of the invention, which is
associated with particularly significant advantages, the access
control is adapted on the basis of the information which is
reported via the routing protocol RP. If the status of the
communications network KN changes, for example in the event of
changes to the paths in the communications network KN as a result
of a failure of a transmission path W or a change in the load
situation of a transmission path W, or else a change in the
capacity of a path (for example in the case of ATM, ISDN), the
access control for the access node ZK is thus adapted in an
appropriate manner immediately, by determining the available
capacity VK once again. In the absence of one transmission path
W--for example the transmission path U.sub.24--this adaptation and
corresponding redetermination of the paths is carried out, by way
of example, by determining new bandwidth limits for the three
stated scenarios:
[0039] 1. The access node ZK contains a predefined table (or
calculation formula) for determining a new limit VK. The new limit
VK is taken from the table, taking into account the available
transmission paths W.
[0040] 2. The access function ZF recalculates the bandwidth limits
VK for all the routes by reallocation of the available capacity VK
of the access node ZK. The transmission capacity of the routes
which no longer exist should, for example, be regarded as having
been lost. If the new routes overlap old routes, then the previous
contingents must be redistributed between the routes. If, for
example, the transmission path W.sub.24 fails, the new route from
the transmission node K.sub.2 to the transmission node K.sub.3
passes via the transmission node K.sub.1. Since this new route now
overlaps the route to the transmission node K.sub.1, the available
capacity VK for these two routes is redistributed, for example, as
follows: if 100 traffic streams VS were originally allowed for each
of the two routes, then, for example, 50 traffic streams VS will be
allowed for each route after the redistribution.
[0041] 3. In principle, there should be no need to recalculate the
bandwidth limits VK for individual transmission paths W. Since it
is normally necessary to change the routes in the communications
network KN when transmission paths W fail, a check should be
carried out to determine whether any additional routes are running
along the individual transmission paths W. In this case, adaptation
of the bandwidth limits VK would generally be necessary. In the
above example, 100 traffic streams VS were allowed on the
transmission path W.sub.12 before failure of the transmission path
W.sub.24. After the failure, it is necessary to take into account
the fact that additional routes will run along the transmission
path W.sub.12.
[0042] In the event of changes in the communications network KN,
the recalculation of the access function ZF may show that more
traffic streams are being transmitted to the communications network
KN than would be permissible on the basis of the recalculated
available capacity VK. If the maximum number of connections in the
network is exceeded as a consequence of this, this results in an
overload, and in some cases to loss of traffic. The transmission of
some of the traffic streams VS is thus ended on the basis of the
recalculation. In principle, two variants are envisaged for this
purpose:
[0043] 1. The transmission of a number of traffic streams VS is
ended immediately, so that the remaining traffic streams VS are not
affected by the overload.
[0044] 2. One transmission after the other is slowly terminated,
thus waiting to see whether some of the traffic streams VS
terminate themselves as a consequence of the overload.
[0045] Any decision between the two variants depends, for example,
on the speed with which the access node ZK and the traffic streams
VS react or can react. The two variant is preferred, in the case of
doubt, on the basis of the following consideration: many
applications normally use at least two associated traffic streams
VS, which typically run in opposite directions (so-called
bi-directional connections). If, in this case, one of the traffic
streams VS is terminated, the application normally also terminates
the associated second traffic stream VS, with a certain time
delay.
[0046] Finally, it should be stressed that the invention can be
used in any desired communications network KN. For example,
application is envisaged in:
[0047] long-distance traffic communications networks KN, such as
the Internet,
[0048] local communications networks KN--also referred to as local
area networks or LANs,
[0049] virtual communications networks KN, for example those
referred to as a virtual private network or else VPN, or the
initially described prioritized sub-network of a DiffServ
network.
* * * * *