公开(公告)号：US20060031925A1

公开(公告)日：2006-02-09

申请号：US11196763

申请日：2005-08-04

申请人： Sreekanth Natarajan ,  Ludwig Pauwels ,  Stefaan De Cnodder ,  Nagi Jonnala

发明人： Sreekanth Natarajan ,  Ludwig Pauwels ,  Stefaan De Cnodder ,  Nagi Jonnala

IPC分类号： H04L9/32

CPC分类号： H04L12/4645 ,  H04L41/08 ,  H04L45/00 ,  H04L63/104 ,  H04L69/16 ,  H04L69/167

摘要： The present invention relates to an access control unit (21) of a data communication network (61) comprising an access control means (101) adapted to receive an authorization (111) from an authentication server (51), whereby a particular user (15) is authorized to access said data communication network, and thereupon to grant said particular user an access (106) to said data communication network. An access control unit according to the invention is characterized in that said access control means is further adapted to derive, from an additional information element (112) encoded into said authorization, an association (114) for said particular user between a particular payload type (Ipv6) and a particular virtual network (VLAN2) overlaying over said data communication network, and in that said access control unit further comprises a frame classifier (102) coupled to said access control means (via 103), and adapted to tag particular untagged frames (121) entering said data communication network, related to said particular user and carrying said particular payload type, with a particular virtual network identifier (VID2) of said particular virtual network. The present invention also relates to a method for controlling the access to a data communication network, and to an authentication server for use in cooperation with the access control unit.

摘要翻译： 本发明涉及数据通信网络（61）的访问控制单元（21），其包括适于从认证服务器（51）接收授权（111）的访问控制装置（101），由此特定用户（15 ）被授权访问所述数据通信网络，并且随后向所述特定用户授予对所述数据通信网络的访问（106）。 根据本发明的访问控制单元的特征在于，所述访问控制装置还适于从编码到所述授权中的附加信息元素（112）导出在特定有效载荷类型之间的所述特定用户的关联（114） Ipv6）和覆盖在所述数据通信网络上的特定虚拟网络（VLAN 2），并且所述访问控制单元还包括耦合到所述访问控制装置（经由103）的帧分类器（102），并适于标记特定未标记 与所述特定用户相关联并携带所述特定有效载荷类型的帧（121）与所述特定虚拟网络的特定虚拟网络标识符（VID 2）进行通信。 本发明还涉及一种用于控制对数据通信网络的访问的方法以及与访问控制单元协作使用的认证服务器。

公开(公告)号：US20060090076A1

公开(公告)日：2006-04-27

申请号：US11234117

申请日：2005-09-26

申请人： Stefaan De Cnodder ,  Nagi Jonnala

发明人： Stefaan De Cnodder ,  Nagi Jonnala

IPC分类号： H04L9/00

CPC分类号： H04M17/00 ,  G06Q20/12 ,  G06Q20/16 ,  G06Q20/28 ,  H04L12/1439 ,  H04L12/1467 ,  H04L63/08 ,  H04L63/102 ,  H04L67/20 ,  H04L2463/102 ,  H04M15/49 ,  H04M15/51 ,  H04M15/82 ,  H04M15/8207 ,  H04M15/8214 ,  H04M2017/26 ,  H04M2215/2013 ,  H04M2215/22 ,  H04M2215/46 ,  H04M2215/54 ,  H04M2215/78 ,  H04M2215/7813 ,  H04M2215/782

摘要： The present invention relates to a method for accounting a particular user accessing a prepaid service, which prepaid service being supplied by a service provider, which communication device being coupled to the service provider via an access control unit, and comprising the steps of: sending an authorization from an authentication server to the access control unit to authorize the particular user to access the prepaid service, thereupon, granting the communication device an access to the prepaid service. A method according to the invention further comprises the steps of: sending a notification from the access control unit to an accounting server to notify that the particular user gained access to the service provider, decrementing a quota allotted to the particular user according to a service usage, after the quota is exhausted, sending a request from the accounting server to the access control unit to disconnect the particular user from the service provider, thereupon, locking the access to the service provider. The present invention also relates to an access control unit.

摘要翻译： 本发明涉及一种用于存取预付费业务的特定用户的方法，该预付费业务由服务提供商提供，该预付费业务是经由接入控制单元与该业务提供者相连，该方法包括以下步骤： 从认证服务器授权给访问控制单元以授权特定用户访问预付费服务，随后授予通信设备对预付费服务的访问。 根据本发明的方法还包括以下步骤：从所述访问控制单元向计帐服务器发送通知以通知所述特定用户获得对所述服务提供者的访问的通知，根据服务使用量递减分配给所述特定用户的配额 在配额耗尽之后，从会计服务器向访问控制单元发送请求以将特定用户与服务提供商断开连接，从而锁定对服务提供商的访问。 本发明还涉及访问控制单元。

公开(公告)号：US20060029001A1

公开(公告)日：2006-02-09

申请号：US11181975

申请日：2005-07-15

申请人： Patrick Mensch ,  Stefaan De Cnodder

发明人： Patrick Mensch ,  Stefaan De Cnodder

IPC分类号： H04L12/28

CPC分类号： H04L12/185 ,  H04L12/1886 ,  H04L12/4641

摘要： The present invention relates to a relay unit (21) for use in a data communication system (1) operable to transmit multicast traffic, and adapted to receive a membership report (61) from a particular station (11), whereby a membership of a particular multicast group is notified. A relay unit according to the invention is characterized in that the relay unit is further adapted: to query (71, 72) a plurality of multicast routers (41 to 44) over a plurality of virtual broadcast domains (51, 52) as to whether that particular multicast group is supported, to elect one virtual broadcast domain (51) out of the plurality of virtual broadcast domains, over which one multicast router (41) out of the plurality of multicast routers has notified (81) support of that particular multicast group, to report the membership to that multicast router over that virtual broadcast domain, to transmit a particular multicast content (91), related to that particular multicast group and originating from that multicast router, from that virtual broadcast domain towards that particular station. The present invention also relates to a method for relaying multicast traffic within a data communication system.

摘要翻译： 本发明涉及一种用于数据通信系统（1）的中继单元（21），该数据通信系统（1）可操作以传送组播业务，并适于从特定站（11）接收成员资格报告（61），由此， 通知特定的多播组。 根据本发明的中继单元的特征在于，所述中继单元还适用于：在多个虚拟广播域（51,52）上查询（71,72）多个多播路由器（41至44），以确定是否 所述特定组播组被支持以从所述多个虚拟广播域中选择一个虚拟广播域（51），所述多个多播路由器中的一个多播路由器（41）已通知所述多个组播路由器（81）（81）支持所述特定组播 组，以通过该虚拟广播域向该多播路由器报告成员资格，从该虚拟广播域向该特定站传送与该特定多播组相关并且从该多播路由器发起的特定多播内容（91）。 本发明还涉及在数据通信系统内中继多播业务的方法。

公开(公告)号：US06912226B2

公开(公告)日：2005-06-28

申请号：US09795192

申请日：2001-03-01

申请人： Stefaan De Cnodder ,  Omar Elloumi ,  Kenny Julien Pauline Pauwels

发明人： Stefaan De Cnodder ,  Omar Elloumi ,  Kenny Julien Pauline Pauwels

IPC分类号： H04L12/801 ,  H04L12/823 ,  H04L12/835 ,  H04L12/851 ,  H04L12/861 ,  H04L12/28 ,  H04L12/56

CPC分类号： H04L47/29 ,  H04L47/10 ,  H04L47/2433 ,  H04L47/30 ,  H04L47/32 ,  H04L49/90

摘要： The invention relates to a method for use in a telecommunication system to generate an acceptance decision during a decision cycle that comprises whether to accept an incoming packet of a data stream or not in a buffer (BUF). The incoming packet (P) has a drop priority (DP) being one of a plurality of arranged drop priorities. The method comprises determining for a drop priority parameter (DPP) an actual drop priority parameter value (DPPact) out of the plurality of drop priorities; and comparing the drop priority parameter (DPP) with the drop priority (DP) of the packet (P) in order to generate the acceptance decision. The method further comprises that the step of determining the actual drop priority parameter value (DPPact) comprises determining a previous drop priority parameter value (DPPprev) by means of any one of an initial value (DPPinit) and a previous actual drop priority parameter value (DPPact′) having been determined during one of a previous decision cycle; and updating a queue occupancy variable (Q) as a function of a previous re-scaled queue occupancy value (RE-Qact′) having been determined during one of a previous decision cycle and providing thereby an intermediate queue occupancy value (Qint); and re-calculating the intermediate queue occupancy value (Qint) of the queue occupancy variable (Q) in function of instantaneous queue occupancy information (INF-Qins) of the buffer (BUF) and providing thereby an actual queue occupancy value (Qact); and comparing the actual queue occupancy value (Qact) with any one of a minimum threshold (Tmin) and a maximum threshold (Tmax) and providing thereby a result (RES (UP; DO; REM)); and according to the (RES (UP; DO; RET)) re-scaling the actual queue occupancy value (Qact) and the previous drop priority parameter value (DPPprev) and providing thereby, respectively, a re-scaled queue occupancy value (RE-Qact) and the actual drop priority parameter value (DPPact).

公开(公告)号：US07961607B2

公开(公告)日：2011-06-14

申请号：US10026690

申请日：2001-12-27

申请人： Stefaan De Cnodder ,  Omar Elloumi ,  Kenny Julien Pauline Pauwels

发明人： Stefaan De Cnodder ,  Omar Elloumi ,  Kenny Julien Pauline Pauwels

IPC分类号： H04L12/26

CPC分类号： H04L47/29 ,  H04L47/10 ,  H04L47/20 ,  H04L47/31

摘要： The present invention relates to a marking determining method and a related device for determining a packet marking of packets of an incoming packet-flow, in order to keep the packets in conformance with a traffic policy. The determining is based on an actual value of a traffic reservation parameter, while the traffic reservation parameter is a measure of available network resources dedicated to packets of said incoming packet-flow having a pre-assigned priority. The determining further is based on the pre-assigned priority of the packets of the incoming packet flow. The marking method a first steps of holding a threshold value for the traffic reservation parameter, while the threshold value is lying between a minimum and a maximum value of the traffic reservation parameter. A second step is the metering the actual value of the traffic reservation parameter and a last step of determining the packet marking of the packets only based on the actual value of the traffic reservation parameter if the actual value of the traffic reservation parameter exceeds the threshold value for the traffic reservation parameter.

摘要翻译： 本发明涉及一种用于确定进入分组流的分组的分组标记的标记确定方法和相关设备，以便保持分组符合流量策略。 该确定基于业务预留参数的实际值，而业务预留参数是专用于具有预分配优先级的所述输入分组流的分组的可用网络资源的度量。 确定进一步基于输入分组流的分组的预先分配的优先级。 所述标记方法是当所述阈值位于所述业务预约参数的最小值与最大值之间时，保持所述业务预留参数的阈值的第一步骤。 第二步是测量业务预留参数的实际值，以及仅当业务预留参数的实际值超过阈值时，才根据业务预留参数的实际值确定报文的分组标记的最后一步 用于流量预约参数。

公开(公告)号：US20070147292A1

公开(公告)日：2007-06-28

申请号：US11612184

申请日：2006-12-18

申请人： Adrianus VAN EWIJK ,  Stefaan De Cnodder

发明人： Adrianus VAN EWIJK ,  Stefaan De Cnodder

IPC分类号： H04Q7/00 ,  H04L12/413

CPC分类号： H04L47/782 ,  H04L47/15 ,  H04L47/70 ,  H04L47/806

摘要： Customer triggered resource reservation requests (131) are granted or refused in an access node (104) on the basis of available resources on downlinks (102) between the access node (104) and customer premises, and eventually uplinks (105) between the access node (104) and an aggregation network (106). Network triggered resource reservation requests (121) are granted or refused in a central resource admission control device (108) on the basis of knowledge of available resources in the aggregation network (106) and the contents of an admission control report (123) received from the access node (104). The admission control report (123) is generated by the access node (104) on the basis of available resources on downlinks (102) between the access node (104) and customer premises, and eventually uplinks (105) between the access node (104) and an aggregation network (106). The access node (104) thus coordinates the granting and refusing of customer triggered resource reservation requests (131) and network triggered resource reservation requests (121) for the downlinks (102) and eventually the uplinks (105) extending from this access node (104).

摘要翻译： 基于接入节点（104）和用户驻地之间的下行链路（102）上的可用资源，以及最终上行链路（105）之间的接入节点（104）中的最终上行链路（105），客户触发的资源预留请求（131）被准予或拒绝 节点（104）和聚合网络（106）。 基于对聚合网络（106）中的可用资源的知识和从接收到的接纳控制报告（123）的内容，在中央资源许可控制设备（108）中授权或拒绝网络触发的资源预留请求（121） 接入节点（104）。 接入节点（104）根据接入节点（104）与用户房屋之间的下行链路（102）上的可用资源，以及接入节点（104）之间的最后上行链路（105），由接入节点（104） ）和聚合网络（106）。 接入节点（104）因此协调对于下行链路（102）和最终从该接入节点（104）延伸的上行链路（105）的客户触发的资源预留请求（131）和网络触发的资源预留请求（121）的准许和拒绝 ）。

公开(公告)号：US07027395B2

公开(公告)日：2006-04-11

申请号：US09925738

申请日：2001-08-10

申请人： Omar Elloumi ,  Stefaan De Cnodder

发明人： Omar Elloumi ,  Stefaan De Cnodder

IPC分类号： H04L12/56

CPC分类号： H04L47/31 ,  H04L47/10 ,  H04L47/24 ,  H04L47/32

摘要： A method for marking data packets of a data transmission flow pertaining to an end-to-end connection within a packet network is disclosed. The priority value is calculated based on at least one service quality parameter attributed to the data transmission flow, and upon a network feedback parameter indicative of the state of congestion within the packet network. A marker device adapted for performing the method is described as well.

摘要翻译： 公开了一种用于标记与分组网络内的端对端连接有关的数据传输流的数据分组的方法。 基于归因于数据传输流的至少一个服务质量参数以及指示分组网络中的拥塞状态的网络反馈参数来计算优先级值。 还描述了适于执行该方法的标记装置。

公开(公告)号：US20060013221A1

公开(公告)日：2006-01-19

申请号：US11177313

申请日：2005-07-11

申请人： Stefaan De Cnodder ,  Patrick Mensch

发明人： Stefaan De Cnodder ,  Patrick Mensch

IPC分类号： H04L12/56

CPC分类号： H04L49/351 ,  H04L63/0236 ,  H04L63/1466

摘要： Method for securing communication in a local area network switch (AN) comprising a user interface (UI) and a network interface (NI), comprises the steps of extracting a source address (MACi) from each packet received by said Local area network switch (AN) and storing said address (MACi) together with associated information into a address forwarding table (FT) comprised in said Local area network switch (AN) is characterised in that a distinction is made between source addresses received from the user interface (UI) and the network interface (NI), such that upon detecting that a source address (MACi) contained within a newly received packet at the user interface (UI) was already stored as a source address received at the network interface (NI), said newly received packet will be discarded and its source address contained therein will not be stored within said address forwarding table (FT).