Skip to main content

Full text of "USPTO Patents Application 10088784"

See other formats


Europaisches Patentamt 
European Patent Office 
Office europeen des brevets 



inMiiiiiiiiiiiiiiiiiiiinniiiii 

(ID EP 0 918 417 A2 



(12) 
{43) C 



EUROPEAN PATENT APPLICATION 



e of 



26.05.1999 Bulletin 1999/21 

(21) Applicaiion number: 98308355.1 

(22) Date of filing: 13.10.1998 



(51) mtci 6 : H04L 12/28, H04L 12/66, 
H04L 29/06 



(84) 


Designated Contracting States: 


(72) Inventor: Rai, Girish 




AT BE CH CY DE DK ES FI FR GB GR IE iT LI LU 


Du Page, Illinois 60103 (US) 




MC NL PTSE 






Designated Extension Slates: 


(74) Representative: 




AL LT LV MK RO Si 


Johnston, Kenneth Graham et al 






Lucent Technologies (UK) Ltd, 


(30) 


Priority: 14.10.1997 US 81915 P 


5 Mornington Road 




24,08,1998 US 138677 


Woodford Green Essex, IG8 OTU (GB) 


(71) 


Applicant: LUCENT TECHNOLOGIES INC. 






Murray Hill, New Jersey 07974-0636 (US) 





(54) Message and communication system in network 



(57) A Message and communication system in a 
coupled data network is disclosed. The coupled data 
3 rarkirn ft ne network 

The foreign network includes 3 foreign < station with 
a foreign access hub, the foreign access hub including 
a first serving inter-working function. The home network 
includes a first home inter-working function. A first mo- 



bile end system is a subscriber to the home network and 
operates within the foreign network. A first message is 
transportable between the first mobile end system and 
a first communications server through the first home in- 
ter- working function and through the first serving inter- 
working function of the foreign access hub in the foreign 
base station. 




EP 0 918 417 A2 



Description 

BACKGROUND OF THE IIWENTiOM 

[0001] Priority benefit of the October 14, 1 997 filing date of provisional application serial number 60/061 .915 is hereby 
claimed. 

Field of the invention 

[0002] The present system relates to a coupled data network, and more particularly to a message and communication 
system in the coupled data network. 

Descrip on OI.Rejaj ! Art 

[0003] FIG. 1 depicts three business entitles, whose equipment, working together typically provide remote internet 

i r moderns 4 Usei n I 4 constitute end systems, 

[0004] Hu t i t i, m dnd jp itei t^f- dial-up plain old tele- 

phone system (POTS) or integrated services data network (ISDN) network. The ieico provides the media in the form 
of public switched telephone network (PSTN) 6 over which bits (or packets} can flow between users and the other two 



[0005] The set < ity i: he- in I n< or more 

points of presence (POPs) 8 in its service area to which end users connect for network service. An ISP typically es- 
tablishes a POP in each major local calling area in which the ISP expects to subscribe customers. The POP converts 
N N run by the telco into a digital form to be carried over intranet backbone 10 owned by 
the ISP or leased from an Intranet backbone provider like MCI, inc. An ISP typically leases fractional or full T1 lines or 
fractional or full T3 lines from the telco for connectivity to the PSTN. The POPs and the iSP's data center 14 are 
connected together over the intranet backbone through router 12A. The data center houses the ISP's web servers, 
mail servers, accounting and registration servers, enabling the !SP to provide web content, e-mail and web hosting 
services to end users. Future value added services may be added by deploying additional types of servers in the data 
center. The ISP also maintains router 12A to connect to public interne; backbone 20. In the current model for remole 
access, end users have service relationships with their telco and their ISP and usually get separate bills from both. 
End users access the ISP, and through the ISP, public internet 20, by dialing the nearest POP and running a commu- 
nication protocol known as the Internet Engineering Task Force (IETF) point-to-point protocol (PPP). 
[0006] The third business entity is the private corporation which owns and operates its own private intranet 18 through 
router 123 for business reasons. Corporate employees may access corporate network 18 (e.g., from home or while 
on the road) by making POTS/ISDN calls to corporate remote access server 18 and running the IETF PPP protocol. 
For corporate accf ei est < ; > > t i t set The ISP 

not involved. The private corporation maintains router 12B to connect an end user to either corporate intranet 18 or 
public internet 20 or both. 

[0007] End users pay the telco for the cost of making phone calls and for the cost of a phone line into their home. 
End users also pay the ISP for accessing the iSP's network and services. The present system will benefit wireless 
service providers like Sprint PCS, PrimeCo, etc. and benefit Internet service providers like AOL, AT&T Worldnet, etc. 
[0008] Today, internet service providers offer internet access services, web content services , e-mail services, content 
e i iu argin and no scope of doing market segmentation based 

on features and price, ISPs are looking for value added services to improve margins. In the short term, equipment 
vendors will be able to offer solutions to ISPs to enable them to offer faster access, virtual private networking (which 
is the ability to use public networks securely as private networks and to connect to intranets), roaming consortiums, 
push technologies and quality of service. In the longer term, voice o» i > ffered ISPs 

will use these value added services to escape from the low margin straitjacket. Many of these value added services 
fall in the category of network services and can be offered only through the network infrastructure equipment. Others 

require any support from the network infrastructure. Services like faster access, virtual private networking, roaming, 
mobility, voice, quality of service, quality of service based accounting all need enhanced network infrastructure. The 
system described here will either directly provide these enhanced services or provide hooks so thai these services 
can be added tafer as future enhancements. Wireless service providers will be able to capture a larger share or the 
revenue stream. The ISP will be able to offer more services and with better market segmentation. 
[0009] According to one aspect of the invention there is provided a coupled data network comprising: a foreign 
network that tl a foreign access hub, the font - r - 



2 



EP 0 918 417 A2 



inter-working function; a horns netwc k .'-working function an 

io the home network and operating within the foreign network, a first message being transportable between the first 
mobile end system and a first communications server through the first home inter-working function and through the 
firs: s« v I i access hub in the foreign base station. The home network can include 

5 a home mobile switching center, the first home inter-working function being included in the Y >n x e v. ching 
center. The network can further comprise: a second end system subscribed to the home network and operating as a 
fixed end system within the home network; and a home base station that includes a heme access hub with a second 
home inter-working function, a second message being transportable between the second end system and a second 
communications server through the second home inter-working function. The network can further comprise: a second 

io end system subscribed to the fierce network and operating as a mobile end system within the home network; a home 
mobile switching center having a second home inier-working function, the first home inter-working function being in- 
cluded m the home mobile switching center; and a home base station that includes a home access hub with a second 
serving inter-working function, a second message being transportable between the second end system and a second 
communications server through tue second serving Inter-working function and through the second home inter-working 

is function. The first home inter-working function can include a home accounting collection module to collect accounting 
data on message t i > t « through the first home inter-working tunction. The home network can further include 

. jrnng se>vei, and the home accounting collection module 
can include a & ,b i i \<u 1 j< nut n accounting server. The home network can 

further include a home billing processor; and the home accounting server can Include a module to send accounting 

''■-> including a module to prepare customer bills based 

on the accounting reports from the home accounting server. The first home inter-working function can include a home 
accounting collection module to collect accounting data on message traffic transported through the first home mter- 
worKing function. The home network can further include a home mobile switching center ;hat includes a home account- 
ing server; and the home accounting collection module can include a sub-moduie to periodically send accounting 

25 reports to a home accounting server. The home network can further include a home billing processor; and the home 
accounting server can include a module to send accounting reports to the home billing processor, the home billing 
processor including a module to prepare customer bills based on the accounting reports from the home accounting 
server. The home network can further include a home billing processor, the foreign network can further include a foreign 
accounting server and a foreign billing processor; the first serving inter-working function can include a foreign account- 

30 ing collection module to coffee; accounting data on message traffic transported through the first serving inter-working 
t module to period caiiy send accounting reports 

to the foreign accounting server, the foreign accounting server including a module to send accounting reports to the 
ju icp ( ^ rotes- o tht t > t i > U t > i x hu 

processor, the home billing processor including a module to prepare customer biffs based on the accounting reports 

35 from the foreign billing processor. The foreign network can further include a foreign mobile switching center, the foreign 
mobile switching center including a seeing registration server, and the foreign access hub including a proxy registration 
3(j lit ih( i i i < h i < t i i t i I tU i 

end registration agent, the end registration agent being coupled to the proxy registration agent, the proxy registration 
jent being coup > ing tratlo ei ing t > ei it oupled to the home reg- 

*> istration server. The home registration server can include a module toauthf t- nn network is authorized 

to host the end system. The home registration server can include t moc « o henli< te thai f io 
system is authorized to receive services of the home network. The serving registration server can include a module to 
authenticate that the first mobile end system is a subscriber of the home network. The home registration server can 
include a module to authenticate that the foreign network is authorized to host the first mobile end system; the home 

46 registration server includes a module to authenticate that the first mobile end system is authorized to receive services 
of the home network: auo In serving registration server includes a module to authenticate i 3 the first mobile end 
system is a subscriber of the home net",- lit- etv < a f n -mpi c ente 

with a ,< i it n til ii t ) t In < i n i » t n a home 

registration server and a plurality, of unassigned home Inter-working functions: and the firs , stem includes 

so ra Drt t s < < " ec t"tion agent sending the registration request 

through the serving ion er It f regi rain r. t ot trailer, se luding < iuk 

io select an active home inter-working function from the ^ "tions based 

on the registration request. The serving Inter-working function can be regarded as ar ai i r inter-working 

function, the | < - enncludeapluralityofservinginter-workingfunciions;andtheservingregisiration 

ss f iurality of serving inter-working 

functions based on the registration request. The home registration server can include a module to authenticate that 
' t ■> lefwork s authorized to host the first mobile end system. The home registration server can include a module 
to authenticate that the first mobile end system is authorized to receive services of the home network. The serving 



3 



EP 0 918 417 A2 



regssti atiort server can include a module to authenticate that the first mobile end system is a subscribe! of the home 
network. The registration request can include service type information; and the home registration server can include 
a module to control the selection of the active home inter-work v i ? >ased on the service type information. The 
service type information can specify a request for one of public internet sea'ice and private intranet service. The service 

s iype information can specify a request for one of mobile service and fixed service. The registration request can include 
quality of service information; and the home registration server can include a module to control the selection of the 
active home inler-worKing function b3sed on the quality of service information. The qua < xmatlc i can 

specify a request for one of constant bit rate service, real time variable bit rate service, non-real time variable bit rate 
= n | it ra it able bit rate service. 

to [0010] According to another aspect of the invention there is provided a data network coupled to a foreign network 
that includes a foreign tsase station with a foreign access hub, the foreign access hub including a first serving inter- 
working function, the wireless data network comprising, a home network with a first home mier-working function; and 
a fsrst mobsie end system subscribed to the home network and operating within the foreign network, a first message 
being transportable between the first mobiie end system and a first communit ionssen/ei ielnt 

is working function and through the first serving inter-working function of the foreign access hub in the foreign base 
t) Hn i hi i t h t tiru 

fixed end system within the home network, and a home base station thai includes a home access hub with a second 
home inter-working function, a second message being transporter) e ;ond end system and a second 

communications server through the second home inter-working function. The network can further comprise a second 

?o end system subscribed to the home t i i mi - j n t nJ ? >t r >. n in ^ w'ik ihomo 
mot le switching cen i < lion, the first nonie mtei unctso in 1 in- 

cluded in the home mobile switching center, and a home base station that includes a home access hub with a second 
iiu king function, a second n t m the second end system and a second 

communications server through the second serving inier-working function and through the second home inter-working 

25 function. The first home inter-working function can include a home accounting collection module to collect accounting 
data on message traffic transported through the first home inter-working function. The home network can further include 
a home mobiie switching center that includes a home accounting server; and the home accounting collection module 
can include a sub-module to periodically send accounting reports to a home accounting server. The home network can 
further include a billing processor; and the home accounting server can include a module to send accounting reports 

30 tot a billing pi luding i moduh t 1 ill ed on the accounting 

reports from the home accounting server. The first home inter-working function can include a home accounting collec- 
tion module to colls t ni t i in t ill (in * > m | i 
The home network can further include a home m"l il» < t ■> et that includes a i 1 ;er 
the home accounting collection module can include a sub-module to periodically send accounting reports to a home 

35 accounting server. The home network can further include a billing processor, and the home accounting server can 

o prepare 

■ < n i i i In < in it i in i < h i in > < In i I 

a home billing processor; the foreign network can further include a foreign accounting server and a foreign billing 
? i > < -< I ; 1 ) ml ■> in 1 1 at n in nn i <■'•,< a< < o a t 

40 ing data on message traffic transported through the first serving Inter-workmc - i the foreign accounting collection 
module including a sub-module to periodically send accounting reports lo the foreign accounting server, the foreign 
account a i In i f ijn i i neign billing 

processor including a module to send accountin ie billing i 'it ne d >roa r 

including a module , > i st the accounting reports from the foreign billing processor. The 

46 foreign network can include a foreign mobile switching center, the foreign mobile switching center can include a serving 
registration server, and the access hub can include a proxy registration agent, t home ; network t can further ml 
a home mobile switching center with a home registration server, the first mobile end system can Include an end reg- 
istration agent, trie end registration agertl being coupled to (he proxy registration agent, the proxy registration agent 
being coupled to the t a- on server, the serving registration server being coupled to the home registration 

so server. The home registration server can include a module to authenticate that the foreign network is authorized to 
ros i bile s 5 - n. The home eg s (ration server can include a module to m 1 Imluslir x e 

end system is authorized to receive services of the home network. The foreign network can Include a foreign mobile 
i j i t ration server, the home network that can Include a home mobile switching center 

th a ' i I ^cs^igned home inter-working functions; and the first mobile end 

55 system can include an end registration agent to form a registration request, the end registration agent sending the 
registration n - ■ - i stration server to the home registration server, the home registration server 

including a module lo select an active home inier-working function from the plurality of unassigned home inter-working 
functions based on the registration request. The home registration server can Include a module to authenticate that 



4 



EP 0 918 417 A2 



h - i obile end system. The home registration server can include a module 

io authenticate thai the first mobile end system is authorized to receive services of the home network. The registration 
request can include service type information; and the home registration server can include a module to control the 
selection of the active home inter-wor< ^ ed on the sea'ice type Information. The service type information 

5 can specify a request for one of public internet service and private intranet service. The service type information can 
specify a request for one of mobile service and fixed sen/ice. The registration request includes quality of service infor- 
mation: and the home registration server includes a module to control the selection of the active home inter-working 
function based on the quality of service information. The quality of service information specifies a request for one of 

rate service, unspecified bit rate 

to service and available bit rate service. 

[0011] According to a further aspect of the present invention there is provided a mobile end system for use in a data 
network coupled to a foreign network, that includes a foreign base station with a foreign access hub, the foreign access 
lading a first s i e \ tion, com- 

prising: means for connecting the mobile end system to said foreign network; and said first mobile end system sub- 
's scribed to the home network and operating within the foreign network, a first message being transportable between 
the first mobile end system and a first communications server through the first home inter-working function and through 
the first serving inter-working function of the foreign access hub in the foreign base station. 

[0012] According to a still further aspect of the present invention, there is provided a home network for use In a data 
network coupled to a foreign network t I If > e stain h a foreign access hub r< ces 

?o hub Including a first serving inter-working function, and mobile end system subscribed to the home network and oper- 
ating wilhir in i i ih I ik in] ded 
in said home mobile switching center; and wherein a first message is transported between the first mobile end system 
and a first communications server through the first home inter-working function and through the first serving inter- 
working function of the foreign access hub in the foreign base station. 

z's [0013] The present system provide end users with remote wireless access to the public internet, private intranets 
and internet service providers. Wireless access is provided through base stations in a home network and base stations 
in foreign networks with interchange agreements. 

[0014] It is an object of the present system to provide a wireless f f vork for end users that 

divides mobility management into local, micro, macro and global connection handover categories and minimizes hand- 

30 off updates according to the handover category. It is another object to integrate ivlAC handoff messages with network 
handoff messages. It is a further object of the present system to separately direct registration functions to a registration 
server anci direct routing functions to inter-working function units, it is yet another object to provide an intermediate 
XTunnel channel between a wireless hub (also called access hub AH) and an inter-worksng function unit (IWF unit) in 
a foreign network, it is yet another object to pro»'»i- i/.Tunu-u i hana-i between an inter-working function unit in a 

35 foreign network and an inter-working function unit in a home network. It is yet another object to enhance the layer two 
tunneling protocol (L2TP) to support a mobile end system, it Is yet another object to perform network layer registration 

[0015] According to one embodiment of the invention, a coupled data network with a foreign network and a home 
network is disclos e ( ~ II i a i , >< , c < 

40 hub incl d he home network includes a first home inter-working function. A 

first mobile end system is is .subscriber to the home network and operates within the foreign network. A first message 
> i i 3i ■ the iiis i mo in I ii rough the ars; horn< tet 

working function and through the f 'at seeing - er work ~o t it i h t 

[0016] According to another embodiment of the invention, a data network includes a home network with a first home 

« inter-working function A first mobile end system is a subscriber io the home network and opera' 

network. Afirstmesj age islra si I . t I I il< - <^ »fo i i i , ,n - r ( p 

the firs: home inter-working function and through the first serving Inter-worksng function of the foreign access hub in 
the foreign base station. 

50 Brief Description Of Drawings 

[0017] The invention will be described in detail in the follow, ascription of prt d emt th eforence 

to the following figures wherein: 

55 FIG. 1 is a configuration diagram of a known remote access architecture through a public switched telephone 

network; 

FIG. 2 is a configuration diagram of a remote access architecture through a wireless packet switched data network 



5 



EP 0 918 417 A2 



according to the present invention; 

FIG. 3 is a configuration diagram of selected parts of the architecture of the network of FiG. 2 showing a roaming 
scenario; 

5 

FIG. 4 is a configuration diagram of a base station with local access points; 

FIG. 5 is a configuration diagram of a base station with local access points connected together via IEEE 802.3 links; 

io C nf > i o; a ba ion with rert « access points, some of wh:ch are connected using 

a wireless trunk connection: 

FIG. 7 is a diagram of a protocol stack for a local access point; 

<s HG. 8 is a diagram of a protocol stack for a remote access point with a wireless trunk; 

FiG. 9 is a diagram of a protocol stack for a relay function in the base station for supporting remote access points 
with wireless trunks; 

20 FIG. 10 is a diagram of protocol stacks for implementing the relay function depicted in FIG. 9; 

FIG. 11 is a diagram of protocol stacks for a relay function In the base station for supporting local access points; 

FiG. 12 Is a configuration diagram of selected parts of the architecture of the network of FIG. 2 showing a first end 
25 system registering in the home network from the home network and a second system registering in the home 

network from a foreign network using a home inter-working function for an anchor, 

FIG. 13 is a configuration diagram of selected parts of the architecture of the network of FIG. 2 showing a first end 
system registering in the home network from the home network and a second system registering in the home 
30 network from a forei 3 > ik u< <i ^ yi 1< i < > anc x 

FiG. 14 is a ladder diagram of the reguesl and response messages to register in a home network from a foreign 
network and to establish, authenticate and configure a data link; 

35 FIG.ISisat 

requests and responses for registering a mobile in a home network from the home network; 

FiG. 1 6 is a configuration diagram of selected parts of the architecture of the network of FiG. 2 showing registration 
requests and responses for registering a mobile in a home nelwork from a foreign network; 

FiG. 17 Is a configuration diagram of proloooi stacks showing communications between an end system in a home 
n- 1 i" i an iter-work i lor nel here hi 1 c al access points; 

- 3 ^nf 3 ) ii | i t i a x ,h ) a s bi e( an end system in a home 

46 network and an inter-working function in the home network where the cell site has remote access points coupled 

to a wireless hub through a wireless trunk; 

FIG. 19 is a configuration diagram of protocol stacks showing communications between a base station coupled to 
a roaming end system and a home inter-working function; 

50 

C 1 i ( 1 iiia home 

network through an inter-working function in the home network to an Internet service provider; 

FIG. 21 is a configuration diagram of protocol stacks showing communications between an end system in a foreign 
55 network and a home registration server in a home network during the registration phase; 

FiG. 22 is a processing flow diagram showing the processing of accounting data through io the customer billing 
system; 



6 



EP 0 918 417 A2 



FIGS. 23 and 24 are ladder diagrams depicting the registration process for an end system in a home network and 
in a foreign network, respectively: 

FIGS. 25 and 26 are protocol stack diagrams depicting an end system connection in a home network where a PPP 
s protocol terminates in an inler-working function of the home network and where the PPP pro c < 

ISP or intranet, respectively; 

FIGS. 27 and 28 are protocol stack diagrams depicting an end system connection In a foreign network where a 
PPP protocol terminates in an inter-working function of the foreign network and where the PPP protocol terminates 
io in an !3P or intranet, respectively; 

2 t i led via j a odem when jcol Is encapsulated 

in an ethernet frame; 

is HG. 30 illustrates an ethernet frame format; 

FIG. 31 illustrates XWD Header fields; 

C es end local area network to a ireU 5 >uier where PPP protocol ter- 

20 minates at the wireless router; 

FIGS. 33, 34 and 36 are ladder diagrams depicting a local handoff scenario, a micro handoff scenario and a macro 
handoff scenario, respectively; 

?s FIG. 36 Is a ladder diagram depc . i ^ ff i a t . ^ i< . t tJ ind 

where home inter-working function does not change; and 

jgram depicting a global handoff scenario where both the foreign registration server and the 
home inter-working function change. 

Deia I -t { < » C 1 1 > > n c i b 

[0018] The present invention provides computer users with remote access to the internet and to private intranets 
using virtual private network services over a high speed, packet switched, wireless data link. These users are able to 

35 access the publit in > i i t i m* <t itHi 5 link. The network sup- 

ports roaming, that is, the ability to access the internet and private intranets using virtual private network services from 
anywhere that the services ottered by the present system are available. The network a;so supports haridotts, that is, 
the ability to change the point of attachment of the user to the network without disturbing the PPP link between the 
PPP client and the PPP so'vt r Thr - r < ■, , , , 1 it t tanel applications. These 

40 applications include electronic mail, file transfer, browser based WWW access and other business applications built 
around the internet. Because the network wiii be based on the IETF standards, it is possible to run streaming media 
protocols like RTP and conferencing protocols like H.323 over it. 

[0019] Other internet remote access technologies that are already deployed or are in various stages of deployment 
include: wire line dial-up access based on POT'S and ISDN, XDSL access, tireless circuit switched access based on 
45 GSM/CDMA/TDMA, wireless packet switched access based on GSM/CDMA/TDMA, cable moderns, and satellite 
based sv< <"><=< oeplov < broad feature 

set sea - bl |i i e ; ^ e a - et j k -f e 

x e ual I f I » %in j it juali live bens service pr 

viders. 

so [0020] For wireless service providers who own personal communications system (PCS) spectrum, the present sys- 
em ill r bie then i offe ^ - c p^c-^f i la i sss services that can compete with services provided 
by the traditional wire line teicos who own and operate the PSTN. Wireless service providers may also decide to become 
internet service providers themselves, in winch case, they will own and operate the whole network and provide end to 
end services to users. 

55 [0021] For internet sei s - - pr* ;ysten w them to by-pass the teicos (pr ded tin i « 

or lease the spectrum) and offer direct end to end services to users, perhaps saving access charges to the teicos, 
which may increase in the future as the internet grows to become even bigger than It is now. 

[0022] The - )le so thai it can benefit wireless service providers who are not internet service 



7 



EP 0 918 417 A2 



providers and who just provide ISP, internet or private intranet access to end users. The system can also benef it service 
providers who provide wireless access and internet services io end users. The system can -> benefit service providers 

ho provid > 3 ' v but also allow the wireless portion of the network to be used for 

access to other ISPs or to private intranets. 
5 [0023] in FIG. 2, end systems 32 {e.g., based on, for example, Win 95 personal computer) connect to wireless 
network 30 using external or Interna! modems. These modems allow end systems to send and receive medium access 
control (MAC) frames over air link 34. External modems attach to the PC via a wired or wireless link. External modems 
are fixed, and, for example, co-located with rooftop mounted directional antennae. Externa! modems may be connected 
to the user's PC using any one of following means: 802.3, universal serial bus, parallel port, infra-red, or even an ISM 
10 radio link. Internal modems are preferably PCMCIA cards for laptops and are plugged into the laptop's backplane. 

Miiq i -i m iirt (inn ml i t fn I < i ! 

laptops with a directional antenna, a fixed wireless station in a home with a direction antenna connected via AC lines, 
and other alternatives. 

[0024] Wide-area wireless coverage is provided by base stations 36. The base station 36 can employ a 5 channel 
is reuse communication scheme as described in U.S. Patent Application Serial No. 08/998,505, filed on December 26, 
1 997. The range of coverage provided by base stations 36 depends on factors like link budget, capacity and coverage. 
Base stations are typically installed in cell sites by PCS {persona; communication services) wireless service providers. 

> >- - fr i irlt/c ii lit ii -qe area to the system's mobile switching center (MSG) 40 
over wire line or microwave backhaul network 38. 

?o [0025] The system is independent of the MAC and PHY {physical) layer of the air link and the type of modem. The 
< i i uii il il i I nl» < J i > n 1 It 

the backhaul network are that it must be capable of routing internet protocol {IP) packets between base stations and 
the MSC wi ( perfc ma ;c At Mobile Switching Center 40 (MSG 40), packet data inter-working function 

(IWF) 52 terminates the wireless protocols for this network. IP router 42 connects MSC 40 to public internet 44, private 

?s intranets 46 or to internet service providers 46. Accounting and directory servers 48 in MSC 40 store accounting data 
and directory information. Element management server -50 manages the equipment which includes the base stations, 
the IWFs and accounting/directory servers. 

[0026] > , > ing f i i.aoco ing f of users and send the data to the service provider's 

billing system. The interface supported by the accounting server will send accounting information in American Man- 
30 agement Association (AMA ) billing record format, or any other >u t =t 1< n >r \,pp iiiwxcc^mi 

protocol/internet protocol) transport to the billing system (which is not shown in the figure). 

[0027] The network infrastructure provides PPP {point-to-point protocol) service to end systems. The network pro- 
vides {1 ) fixed wireless access with roaming (log-in anywhere that the wireless coverage is available) to end systems 
and (2) low speed mobility and hand-offs. When an end system logs on to a network, in it may request either fixed 
35 service (i.e.. stationary and not requiring handoff services) or mobile service (i.e., needing handoff services). An end 
system that does not specify fixed or mobile is regarded as specifying mobile service. The actual registration of the 

► r, i sysiem is I e resell oi a negotiation i a In registr atlon server baseo on requested level o; service, the level 
of services ub - 1 e user of the e e - i able in the network. 

[0028] ' i n i ■ i i ii i i < i 1 - { e , not requiring handoff services) and the end 

40 system is located in the home network, an IWF (inter-working function) is Implemented in the base station io relay 
1 j n hr er am n t < < < PPP s r tfn i wit vhic h to be 

connected, for example, an ISP PPP server or a corporate intranet PPP server or a PPP server operated bythewsreiess 
service provider to provide customers with direct access to the public internet). It is anticipated that perhaps 80% of 
the message traffic will be oi hi i i hu t f < in i in ti p ti i 

46 and avoids message traffic congestion in a central mobile switching center. 

[0029] If the end system requests mobile service (from a home network or a foreign network) or if the end system 
request roaming service {I.e., service from the home network through a foreign network), two IWFs are established: a 
serving iWF typically established in the base station of the network to which the end system is attached (be it the home 
network or a foreign network) and a home IWF typically established in mobile switching center MSC of the home 
so network. Since this situation is anticipated to involve only about 20% of the message traffic, the message traffic con- 
gestion around the mobile switching center ;s minimized. The serving IWF and the wireless hub may be co-located in 
the same nest of computers or may even be programmed in the same computer so that a tunnel using an XTunnei 
protocol need not bet- i er the wireless hub and the serving IWF. 

[0030] However, based on available facilities and the type and quality of service requested, a serving IWF in a foreign 
55 network may alternatively be chosen from facilities in the foreign MSC. Generally, the home IWF becomes an anchor 
point that Is not changed during the communications session, while the serving IWF may change If the end system 
moves sufficiently. 

[0031] The b< ub and at least one access point (be it remote or collocated with the 



8 



EP 0 918 417 A2 



access hub). Typically, the access hub serves multiple access points. While the end system may be attached to an 
access point by a wire or cable according to the teachings of this invention, in a p 

is attached to the access point by a wireless "air link", in which case the access hub is conveniently referred to as a 
wireless hub. While the access hub Is referred to as a "wireless hub" throughout the description herein, It will be ap- 
5 preciaied that an end system coupled through an access point to an access hub by wire or cable is an equivalent 
implementation and Is contemplated by the term "access hub". 

[0032] In the invention, an end system includes an end user registration agent (e.g , software running on a computer 
of the end system, its modem or both) that communicates with an access point, and through the access point to a 
wireless hub. The wireless hub includes a proxy registration agent (e.g., software running on a processor in the wireless 
io •■ A > /)' ' \ in concepts used in, for example, the IETF proposed 

Mobile IP standard are commonly referred to as a foreign agent (FA). For this reason, the proxy registration agent of 
the present system will be "tried l ^ c ' jn I | tt t u li t i that 

differ from the foreign agent of Mobile IP are as described throughout this description. 

[0033] Using the proxy registration agent (i.e., foreign agent FA) > » e i n . , mon agent of an 

is end system is able to discover a point of attachment to the network and register with a registration server in the MSC 
(mobile switching center) of the home network. The home registration server determines the availability of each of the 
I * k till t itially software moduli i on processors In both 

sgi >wired end system. For each registered end system, a 
tunnel (using the XTunnel protocol) is created tit' the wireless hub m the base station and an inter-working function 
?o (IWF) in the mobile switching center (MSC ) this tunnel transporting PPP frames between the end system and the IWR 
[0034] As used herein, the XTunnel protocol is a protocol that provides in -sequence transport of PPP data frames 
with flow control. This protocol may run over standard IP networks or over point-to-point networks or over switched 
networks like ATM data networks or frame relay data networks Such networks may be based on Tl or T3 links or 
based on radio links, whether land based or space based. The XTunnel protocol may be built by adapting algorithms 
25 from L2TP (level 2 transport protocol). In networks based on links where lost data packets may be encountered, a re- 
transmission feature may be a desirable option. 

[0035] The end system's PPP peer (i.e., a communications server) may reside in the IWF or in a corporate intranet 
or ISP's network. When the PPP peer resides in the IWF, an end system is provided with direct internet access. When 
the PPP peer resides in an intranet or ISP, an end system is provided with intranet access or access to an ISP. In order 

30 to support intrant;; or ISP access, the IWF uses the layer two tunneling protocol (L2TP) lo connect to the intranet or 
ISP's PPP server. From the point of view of the intranet or ISP's PPP server, the IWF looks like a network access server 
(NAS). PPP traffic between the end system and the iWF is relayed by the foreign agent in the base station. 
[0038] in the revet s lit* ion, PPP frames traveling from the end system to the IWF are sent over the MAC 

and air link to the base station. The base station relays these frames to the iWF in the MSC using the XTunnel protocol. 

35 The IWF delivers them to a PPP serv i ? r Internet acet i ie ia< 1 

as the IWF, For iSP or intranet access, the PPP server Is in a private network and the IWF uses the layer two tunneling 
protocol (L2TP) to connect to it. 

[0037] in the forward (down link) direction, PPP frames from the PPP server are relayed by the IWF to the base 
station us 3 the XTunnel prole ) k frames and relays them over th air link to 

40 the end system, where they are processed by the end system's PPP layer. 

[0038] To support mobility support for hand-ofts are included, T MAC n assists the mobility management soft- 
ware In the base station and the end system to >>e 1 f I la If U i | noi n 1 
the peer PPP entitles and the L2TP tunnel. If an end system moves from one base station to another, a new XTunnel 
is created between the new base station and the original IWR The old X Tunnelitom the old base station will be deleted. 

45 ppp frames will transparently traverse the new path. 

[0039] The network supports roaming (i.e., when the end user connects toils home wireless service provider through 
a foreign wireless service provider). Using this feature, end systems are able to roam away from the borne network to 
a foreign ml it "ico t evidede 1 11 1 in < v < > < 

home wireless service provider have a service agreement. 

50 [0040] in FIG. 3, roaming end system 60 has traveled to a location at which foreign wireless service provider 62 
) ^ tt, e i f 1 1 in krr >wth home wireless service provider 

70. In the present invention, home wireless service provider 70 has a contractual relationship with foreign wireless 
service provider 62 to provide access services. Therefore, roaming end system 60 connects to base station 64 of 
foreign eiess service y> er 62 over the a link fhen data is relayed from roaming end system 60 through base 

55 lation 64. tnro - 3 F 6t fo ign ireless service provider 62, to home IWF 72 of home wireless service 
provider 70, or pos« j^e iWF 72 of home wireless service provider 70 to internet service provider 74. 

[0041] An inter-service provider interface, called the l-interface, is used for communications across wireless service 
p x -i-intng. This interface is used for auther c 



9 



EP 0 918 417 A2 



the end systern= : s PPP frames between the foreign WSP and the home WSP. 

[0042] PPP frames - he up lint id the d a nkd actions trave t ough a end ;» - i< 

ovids sit from the foreign WSP to the destination network. The base 

station in the foreign WSP is the end system's point of attachment in the foreign network. This base station sends (and 
5 receives) PPP frames to (and from) a serving iWF in the foreign WSP's mobile switching center. The serving iWF 
connects over the [-interface to the home IWF using a layer two tunnel to transport the end system's PPP frames in 
i ins The serving IWF in ih c < la for auditlnc The home IWF in the home 

WSP coiiects accounting data for billing. 

[0043] The serving IWF in the foreign WSP may be combined with the base station in the same system, thus elim- 
10 inating the need for the X-Tunnel. 

[0044] During the registration phase, a registration server in the foreign WSP determines the identity of the roaming 
ci s rs horn ork. U hi n i [ratio er cor;in i 1 i > n 

istration server to authenticate and register the end system. These registration messages flow over the l-interface. 

Once the end system has seen authenticated and registered, a layer two tunnel is created between the base station 
is and the serving IWF using the XTUNNEL protocol and another layer two tunnel is created between the serving IWF 
he home tWF f he home IWF id sysiei efora using I n T? 

(level 2 tunnelprotocol). During hand-offs, the location of the home iWF and the L2TP tunnel remains fixed. As the end 

system moves from one base station to another base station, a new tunnel is created between the new base station 

and the serving IWF and the old tunnel between the old base station and the serving iWF is deleted. If the end system 
20 moves far enough, so that a new serving IWF is needed, a new tunnel will be created between the new serving IWF 

and the home IWF. The old tunnel between the old serving and the home will be deleted. 

[0045] To support roaming, the l-interface supports authentication, registration and data transport services across 

r Radius 

protocol. Data transport services to transfer PPP frames over a layer two tunnel are supported using the l-XTunnel 

25 protocol. This protocol is based on the IETF L2TP protocol. 

[0046] As used in this description, the term home IWF refers to the IWF in the end system's home network. The term 
serving IWF refers to the IWF in the foreign network which is temporarily providing service to the end system. Similarly, 
the term home registration server refers to the registration server in the end system's home network and the term 
foreign registration server refers to the registration server In the foreign network through which the end system registers 

30 while it is roaming. 

[0047] The network supports both fixed and dynamic IP address assignment for end systems. There are two types 
of IP sddrc < ! i The 1 the identity of nd i in its horn< This m;^ 

be a structured user name in the format user@domain. This is different from the home IP address used in mobile IP. 
The second address is the IP address assigned to the end system via the PPP iPCP address negotiation process. The 

35 domain sub-field of the home address is used to identify the user's home domain and is a fully qualified domain name. 
The user sub-field of the home address is used to identify the user in the home domain. The User-Name is stored on 
the end system and in the subscriber data- base a: the MSG and is assigned to the user when he or she subscribes to 
the service. The domain sub-field of the User-Nat e ss sed roa g tc - i \ hips and the 

hom- - " rogistntion h | nut in I si h t tun i < ri another 

40 unique identifier may be used to identify the user's home network and the user's identity in the home network. This 
identifier Is sent in the registration request by the end system 

[0048] The PPP IPCP is used to negotiate the IP address for the end system. Using IP configuration protoco! IPCP, 
the end system is able to negotiate a fixed or dynamic IP address. 

[0049] Although the use of the structured js^- i t j t to < h < 

46 a feature that characterizes the present system over a known mobile !R the network may be enhanced to also support 

end systems that have no user-name and only a non-null home address, if mobile iP and Its use in conjunction with 
en - - n . 3 configured by the service provider to assign IP addresses 

during the iPCP addrf lit ir it i st the 

home address and the IPCP assigned iP address will be Identical. 
50 [0050] In FIG. 4, base station 64 and air links from end systems form wireless sub-network 80 that includes the air 

links fc end use icce- 1 ..- ted' one base station (« » and at Is n rk 

FIG. 2) from the base station to MSG 40 (FIG.2). The wireless sub-network architecture of. for example, a 3-sectored 

base station includes the following logical functions. 

55 1. Access point function. Access points 82 perform MAC laye"r 1 m ' -. i <s^c. dissociation 

procedures. An a ^.es a processor (preferably in to* 

circuit ASIC), a link to a wireless hub {preferably in the form of an Ethernet link on a card or built into the ASIC), 
3 ink ri i id i dei to jU o tot t- five , 



10 



EP 0 918 417 A2 



and the antenna to which the end system is coupled. The processor runs software to perform a data bridging 
function and various other functions In support of registration and mobility handovers as further described herein. 
See discussion with respect to FIGS. 7, 8 and 11 . 

Access points (APs) take MAC layer frames from the air link and reiay them to a wireless hub and vice versa. 

5 The MAC layer association and disassociation procedures are used by APs to maintain a list of end system MAC 

addresses in their MAC address filter table. An AP will only perform MAC layer bridging on behalf of end systems 
whose MAC addresses are present in the table. An access point and its associated wireless hub are typically co- 
located. In its simplest form : an access point is just a port into a wireless hub. When the APs and the wireless hub 
are co-located In the same cell site, they may be connected together via a IEEE 802.3 link. Sometimes, access 

io point ) s in i i s hul ected via a long distance link like a wired T1 trunk or 

even a wireless trunk. For multi -sector cells, multiple access points (i.e., one per sector) are used. 

2. Wireless hub function. Wireless hub 84 performs e fore en 5 jcedures I load balancing 
(e.g., ov€ m tiple T1 s > net work interfacing, and the xlun r quality < 

is service (QOS) is present, the wireless hub implements the support for QOS by running the xtunne! protocol over 

backhauls with different QOS attributed n il t i il p 

by multiple access points. 

A wireless hub includes a processor, a link to one or more - cess points ) eferably in the form of an Ethernet 
link on a card or built into an ASIC), and a link to a backhaul line. The backhaul line is typically a T1 or T3 com- 
20 munications line that terminates in the mobile switching center of the wireless service provider. The link to the 

backhaul line formats data into a preferred format, for example, an Ethernet formal, a frame relay format or an 
ATM format. The wireless hub processor runs software to support data bridging and various other functions as 
described herein. See discussion with respect io FIGS. 9, 10 and 11 . 

25 [0051] The base station design supports the following types of cell architectures. 

1. iocs! AP architecture. In a local AP architecture, access points have a large (> = 2km, typically) range. They 
are co-located in the cell site with the wireless hub (FIG. 4). Access points may be connected to the wireless hub 
using an IEEE 802.3 network or may be directly plugged into the wireless hub's backplane or connected to the 

30 win 'hut "i<a iii'i i hi m» i ra <t I vill bf a. tmetl 

that the first alternative is used for the rest of this discussion. The cell site may be omni or sectored by adding 
multiple access points and sectored antennas to a wireless hub. 

2. Remote AP architecture. In a n 

35 a o k ^ i , hi t i i^ v hf j ai ,i i i t e wireless hub. ATI or a wireless 

trunk preferably links remote access points to the cell site where the wireless hub is located. From the cell site, a 
wire line backhaul or a microwave link is typically used to connect to the IWF in the MSC. If wireless trunking 
between the remote AP and the wireless hub is used, omni or sectored wireless radios for trunking are utilized. 
The devices for trunking to remote access points are preferably co-located with the wireless hub and may be 

40 connected to it using an IEEE 802.3 network or may be directly plugged into the wireless hub=s backplane. These 

devices will be referred to by the term trunk AP. 

3. Mixed AP architecture. In a mixed architecture, the wireless sub-network will have to support remote and local 
acces- \ if i i i If I i it r < if nbed earlier, 

46 T1 or wireless trunks may be used to connect the remote AP to the wireless hub. 

[0052] FIG. 5 shows a cell with three sectors using local APs only. The acce<= nl < s nub are co- 

located ■>-■ the base station a x' m > ) each other with 802.3 links. 

[0053] FIG. 6 shows an architecture with remote access points 3^cj^ - - i hp- ~ u 
*> 86. Each trunk access point in the base station provides a point to multi-point wireless radio link to the remote micro 
access points (R-AP in figure). The remote - i 3ir link en i 

and the trunk access points are co-located in the base station and connected no Iter via 802 T c 

shows remote access points 82R connected to the wireless hub via point to point T1 links, in this scenario, no trunk 
APs are required. 

55 [0054] To support all of the above ceil architectures and the different types of access points that each cell might use, 
the network architecture follows the following rules: 

1 . Access points function as MAC layer bridges. Remote access points per een the air link 



11 



EP 0 918 417 A2 



to the end systems and I he wireless or T1 trunk to the eel! site. Local access points perform MAC bridging between 
the air link to the end systems and the wireless hub. 

2. Trunk access points also function as MAC layer bridges. Thev perform M' ht ,<h c 1 
5 goes lo Ihe access poinls) and the wireless hub. 

3. The wireless hub is connected to all co-located MAC bridges (i.e. iocal access points or trunk access points) 
using a 802.3 link initially. 

io [0055] Additionally, where local access poin r i>t 3 n < c n ti e usee following rules 

are followed. 

1. Local access points are co-located with ihe wireless hub and connected to it using point to point 802.3 links or 
a shared 802.3 network. Remote access points are connected io the wireless hub using poin; to point T 1 trunks. 

is 

2. Sectorization is i i lin i access points with in < < 

3. For each access point connected to ihe wireless hub, there is a foreign agent executing In the wireless hub 
which pariicipai.es In end system regis! ration. MAC layer association procedures are used ;o keep ;he MAC address 

20 filter tables of ihe access points up io date and to perform MAC layer bridging efficiently. The wireless hub partic- 

ipates in MAC association functions so thai only valid MAC addresses are added :o ihe MAC address filter cables 
of the access points. 

j fo* « tf ,|g n ent in the wireless eia\ it- > - cess points to ihe MSC iVV'h and vice versa using 
25 the xtunnei p r x ! il i i t ,1 MAC data frames whose MAC 

addresses are not present in the table. The APs always forward MAC broadcast frames and MAC frames associ- 
ated with end system registration functions regardless of the contents of the MAC address filter table. 

5. Local access points use ARP to resolve MAC addresses for routing IP traffic to the wireless hub. Conversely, 
30 \ , m !i < , t u< ~f > P i < , i ; m . ir-F s used for network management of 

access points. 

6. Remote access points connected via T1 do not use ARP since the link will be a posni to point link. 
35 7. Support f i is done wit i i i MAC layer. 

[0056] In a ceil architecture using wireless trunks and trunk APs, the following rules are followed, 

1 Trunk access points are co-iocated a - - wireless huh arid connected io it nsmo point io pom; 802.3 links or 
40 other suitable means. 

2 v ireh .5 runk te< t"i / j i . . ^ 1/ / f > 1 vi' tiiot antennas io the ceil site. 

3. Hand-offs across backhaul sectors are done using the foreign agent i thf For each oackhaul 
46 sector, there Is a foreign agent executing in the wireless hub. 

4. The trunk APs do not need to participate in MAC layer end system assoc salicn and I sand off procedi ires. Thar 
MAC jddresi filter tables \ >e dynarr all i n t ei r with tb« 
network. The MAC address filter table is used to filter out unicast MAC frames. Broadcast MAC frames or MAC 

60 i t • r L 3 pass through. 

5. Trunk APs use ARP to resolve MAC addresses for routing IP traffic to the wireless hub. Conversely, ihe wireless 
hub use ARP to route fp packets to trunk APs. UDP/IP is used fur network tr ar i runk APs. 

55 6. In a single wireless trunk sector, MAC association and hand-offs from one access point to another is done using 

the MAC layer with the assistance of the foreign agent in the wireless hub. Using these M.AC layer procedures, 
end systems associate with access points. As end systems move from one access point to another access point:, 
the access points will use a MAC hand off protocol to update their MAC address filter tables. The wireless hub at 



12 



EP 0 918 417 A2 



the cell site pro i ice tc access points to perform this function. This assistance includes relaying MAC 

layer hand off messages (since access points will not be able to communicate directly over the MAC layer with 
each other) and authenticating the end system for MAC layer registration and hand off and for updating the MAC 
address filter tables of the access points. 

5 

7. The foreign agent for a wireless trunk sector is responsible for relaying frames from its trunk AP to the MSG and 
vice versa using the xtunne! protocol. Thus, the foreign agent for a trunk AP does not care about the location of 
the end system with respect to access points within that wireless trunk sector, in the down iink direction, it just 
- ,v -ii' i t, < I i " n - - o , j »h ch uses MAC layer bridging to send the frames to 

to all the remote access points attached in that backhaul sector. The access points consult their MAC address filter 

tables and either forward the MAC frames over the access network or drop the MAC frames. As described above, 

lures. In the up 

link direction, MAC frames are forwarded by the access points to the backhaul bridge which forwards them to the 
foreign agent in the wireless hub using the 802.3 link. 

is 

8. ARP is no! be used for sending or receiving IP packets to tne remote access points. The access points determines 
the MAC address of the wireless hub using BOOTP procedures. Conversely, the wireless hub is configured with 
the MAC address of remote access points, UDP/iP is used for network management of access points and for end 

i i on and hand off messages. 

20 

[0057] IEEE Standard 802.3 links in the cell site may be replaced by other speed links. 

[0058] FiG. 7 shows the protocol stack for a local access pcsnt. At the case of the stack is physical layer PHY Physical 
layer Pit i 3 i an U ) In i > ii n i i i 

an end system, the AP receives data from the physical layer and unpacks it from the MAC frames (the MAC layer). 
25 The end system data frames are then repacked ; an i (IEEE 802.3 format) where it is 

send via the Ethernet link to the wireless hub. When the AP : s processor receives data from the wireless hub via its 
Ethernet link (i.e., the physical layer), the data to be transmitted to an end system, the AP packs the data in a medium 
accesscoi rol (MAC) format, and sends the MAC layer data to its modulator to be transmitted to the i s\ - 
the PHY layer. 

30 [0059] In FiG, 8, the MAC and PHY layers to/from the end system of FIG. 7 are replaced by a MAC and PHY for the 
trunk to the cell site for a remote access point. Specifically, for a T1 trunk, the high level data link control protocol (HDLC 
protocol) is preferably used over the T1 . 

[0060] FIG. 9 depicts the protocol stack for the wireless hub that bridges the backhaul line and the trunk to the remote 
access point. The trunk to the remote APs are only required io support remote access points (as distinct from Ethernet 

us co e hf PHY layers f irel< t< pro int to multipoint 

link so that one trunk may be used to communicate with many remote APs in the same sector. 
[0061] The wireless hub bridges the trunk Io the remote APs and the backhaul line (e.g., T1 or T3) to the network's 
mobile switching center (MSG). The protocol stack in the wireless net) implements MAC and PHY layers to the MSG 
on top of which is Implemented an IP (internet Protocol) layer on top of which is implemented a UDP layer (Universal 

40 Datagram Protocal, in combination referred to as UDP/IP) for network management on top of which is implemented 
3 T i i T i it i n n > i j < mbiif F i an i 

aspects of the Level 2 TunneiProtocol (L2TP). The X-Tunnel protocol is used to communicate from the wsreless hub 
to the MSG and between inter-working functions (IWFs) in different networks or the same network. 
[0082] In FiG. 10, the protocol stack for the relay function in the base station for supporting remote access points is 

46 shown. The relay function Includes an interface to the backhaul line (depicted as the wireless hub) and an Interface to 
the remote AP (depicted as a trunk AP). From the point of view of the wireiess hub. the trunk AP (depicted in FIGS. 7 
and 10) actually behaves like the AP depicted in FfG. 7. Preferably, the base station protocol stacks are split up Into 
a wireless hub and a trunk AP with an Ethernet in between, in an N-seclor wireless trunk, there are N wireiess trunk 
APs in the cell site and one wireless hub. 

so 0063] i FiG. 1 e. station x * I nr a cell architecture using a local AP is shown. The relay function 
includes an interlace to the backhaul line (depicted as the -wireless hub) and an air link interface to the end system 
(depicted as an AP). From the point of view of the wireless hub, the AP (depicted in FIGS. 8 and 1 1 ) actually behaves 
<.( ik \p at tec IG. 8 Preferably he base station protocol stacks are split up into a wireless hub and a 

trunk AP with an Ethernet in between. In a N-sector cell, there are N access points and a single wireless hub. 

55 [0064] The backhaul network from the base stalion to the MSC has the following attributes. 

1. The network is capable of routing IP datagrams between the base station and the MSC, 



13 



EP 0 918 417 A2 

2. The network is secure, it is not a public internet. Traffic from trusted nodes only are allowed onto the network 
since the network will be used for not only transporting end system traffic, but also for transporting authentication, 
accounting, registration and management traffic. 

s 3. The network has the necessary performance characteristics. 

in typical application, she service provider Is responsible for installing and maintaining ihe backhaul network on which 
the equipment is installed. 

[0065] The base stations supports the following backhaul interfaces for communicating 'with the MSG. 

1. Base stations support iP over ppp with HDLC links using pom; to point T1 or fractional T3 links 

2. Base stations support IP over frame relay using T1 or fractional T3 links. 
is 3. Base stations support IP over AAL5/ATM using T1 or fractional T3 links. 

f C in t he 

[0066] Sin i i t i f I It an i jrd i n in i i ei n i t 

Z'O used in the MSG to terminate the physical ot the ^ t t i - » ^ed on and processed 

by the various servers and other processors. 

[0067] End system registration procedures above the MAC layer are supported. !n the following, end system regis- 
tration procedures at the MAC layer are ignored except where they impact the layers above. 
[0068] End systems may register for service on their home network or from a foreign network. In both scenarios, the 

?5 end system uses a foreign agent (FA) in the base station i i t ot attachment to the network and to register. 

In the former case, the FA is in the end system's home network, in the latter case, the FA is in a foreign network, in 
either case, the network uses an IWF in the end system's home network as an ancho >oin 5., unchanging thro 
the session in spite of mobility). PPP frames to and from the end system travel via the FA in the base station to the 
IWF in the home network. If the end system is at home, the home IWF is directly connected by means of the xiunnel 

30 protocol to the base station. Note thai the home IWF may be combined with the base station in the same node. If the 
end system is roaming, a serving IWF in the foreign network is connected to the home IWF over an l-interface. The 
serving IWF relays frames between She base station and Ihe home iWF. Mole that Ihe home iWF may be combined 
with the base station in the same node. From the home IWF, data is sent to a PPP server which may reside in the 
same iWF or to a separate server using the L2TP protocol. The separate server may be owned and operated by a 

35 private network optrat) (eg ISP o | i? i? i , ii i ,u >■[ li 

duration of the session, the location of the home IWF and the PPP server remains fixed, if the end system moves while 

i t e to re-register wi rei sme home IWF PPP era 

to be used. A new xtunnel is created between the new FA and the IWF and the old xtunnel between ihe old foreign 
agent and the IWF is destroyed, 

40 [0069] FIG. 12 shows this network configuration for two end systems A and B, both of whose home wireless network 
is wireless service provider A \/VSP < C tern is registered from i irel snd the other 

from a foreign wireless network. The home IWF in WSP-.A serves as the anchor point tor both end systems. For both 
end systems, data is relayed to the home iWF. The home IWF connects to an Internet service provider's PPP server 
owned by SSP-A. Here It is assumed that both end systems have subscribed to the same ISP. if that were not the case, 

45 then the home IWF would be shown also connected to another ISP. 

[0070] Within a wireless service providers network, data between base stations and the iWF is carried using the 
xtunnel protocol. Data between the IWF and the PPP se-^ ei - u L tl - t < Lz ' L a 

between the serving IWF and the home IWF is carried using the i-xtunnei protocol. 

[0071] in a simple scenerio, for a user in their home network requiring fixed service, the home IWF function may be 
so dynamically activated in the base station. Also, the serving iWF function may be activated for a roaming user in the 
base station. 

[0072] Always using an IWF in the home network has its advantages and disadvantages. An obvious advantage is 
simplicity. A disadvantage is that of always having to relay data to and from a possibly remote home IWF. The alternative 
is to send all the necessary information to the serving IWF so that it may connect to the end system's ISP/intranet and 
55 ^rthe -> i " ~ - < i rr i ' J < t u ti > ti i t 

This functionality is more complex to implement, but more efficient because it reduces the need to relay data over 

i k c r K to the home network, 

[0073] For example, consider a case of a user who roams from Chicago to Hong Kong. If the user's home network 



14 



EP 0 918 417 A2 



is in Chicago and the user registers using a wireless service provider in Hong Kong, then in the first configuration, the 
anchor point will be the home IWF in Chicago and all data will have to be relayed from Hong Kong to Chicago and vice 
versa. The home iVVF in Chicago will connect to the users ISP in Chicago. With the second configuration, the end 
system user will be assigned an ISP In Hong Kong. Thus, data will not always have to be relayed back and forth 
5 between Chicago and Hong Kong. In the second configuration, ihe serving !WF will serve as the anchor and never 
change for the duration of the session even if the end system moves. However, the location of the FA may change as 
a result of end system movement in Hong Kong. 

[0074] FIG. 1 3 shows the second network configuration. In this figure, the home network for end system A and B is 
WSP-A. End system A registers from Its home network, using its home IWF as an anchor point, and also connects to 
to its ISP-A using ihe ISPs PPP server. End system 3 registers from the foreign network of WSP-B and uses a serving 
IWF which serves as the anchor point and connects the end system to an ISP using the ISP's PPP server, in this 
i a foi ysiei ies not ha be relayed from the foreign network to the home network and 

[0075] 

is the foreign wireless service providers, but there also must be agreements between the foreign wireless service provider 
and the end system's inlernet service provider directly or through an intermediary. In the example above, not only must 
the wireless service provider in Hong Kong have a business agreement with the wireless service provider in Chicago, 
but the WSP in Hong Kong must have a business agreement with ihe user's Chicago ISP and access to the Chicago 
iiSPs PPP server ng or a busim i 3 SP ot Hong Kong who has a business 

?o (i t i fr c h hi< Addition ong must be able to discover these 

roaming relationships dynamically in order to do user authentication and accounting and to set up the appropriate 

[0078] Hi t ' h mios who are in 1he inlernet infrastructure business 1o work out suiiable standards 

in the IETF for all of these scenarios. Thus, a preferable embodiment for the present systems to implement the simpler, 
?s t ti a i i v (f hi n hi I h I i t it used as the anchor point. However, 

in the presence of suitable industry sta i 1 > i mH > unj i n < n <. <. 

be regarded as equivalent or alternative embodiment, 

[0077] An end system wilt have to register with the wireless network before i; can start PPP and send and receive 
data. The end system first goes through the FA discovery and registration phases. These phases authenticate and 
30 register the end system to the wireless service provider. Once these: phases art: -over the end system starts PPP. This 
includes the PPP link establishment phase, the PPP authentication phase and the PPP network control protocol phase. 

I ,1 t < I ) 311 I IF K ' Sillj 

[0078] The following discussion assumes that the end system is roaming and registering from a foreign network. 

< : i In u ]h ii n li f i i tm m nt 

35 from the foreign agent. The user registration agent uses advertisement message? < 1 by a near by foreign agent to 
discover the Identity of the FA and to register. During this phase, the user registration agent of the end system selects 
> ii i,i Ik n agent forwards the registration request 

to its registration server (the registration server m the foreign WSP). The registration server uses User-Name from the 
user registration agent's; request to determine ihe end system's home network, end forwards the registration request 

40 for authentication to a registration servei i the ho e - c Upon ece g the regist 1 reques el; re the 
3 i n i i t n ii! ii i ! nt > foreign registrar n server and 

3 - i hi i I j em. If authentica iistra ceeds ihe home registration 

server selects an SWF in the home network to create an i-xtunne! link between the home IWF an^ - in 

the foreign WSP). The IWF in the home network serves as the anchor point for the duration of the PPP session. 

46 [0079] Once ihe autheirkd am; .on phases are over, the various PPP phases will be started. At the start 
of PPP, an L2TP connection is created between the home IWF and requested ISP/intranet PPP server, in the PPP 
authentication phase, PPP passwords using Password Authentication Protocol (PAP) or Challenge Authentication Pro- 
tocol CHAP are exchanged and the ISP or intranet PPP serv r >< he identity ie em 

system. 

50 [0080] Once ihis succeeds, the PPP network control phase is started, in this phase, an IP address is negotiated end 
assigned to ihe end system; by the PPP server and the use of TCP/IP header compression is also negotiated. When 
this is complete, the end system is able to send and receive IP packets using PPP to its ISP or a corporate intranet. 
[0081] Note thai two levels of authentication are performed. The first auther 1 1 entity of the 

end system to the registration server in the home network and the identities of the foreign network and ihe home 

55 network to ea< 3ther. T< i reign agent forwards the end system's registration request using, 

for example, an IETF Radius protocol to a registration server in its iocal MSG in a Radius Access-Request packet. 
Using the end system's domain name, the foreign registration server determines the identity of the end system's home 
network and home registration server, and acting as a Radius proxy, encapsulates . ■ • s . .. s , n est to the end 



15 



EP 0 918 417 A2 



system's home registration server. If the foreign registration server cannot determine the identity of the end system's 
home, it may optionally forward i egistration server that ac e.g. one that is owned 

onsortium of < srvice providers an |.r he Ra < 1 il home 

registration server if the local registration server is unable to service the registration request locally or by proxying, 

5 then it rejects the foreign agent's registration request and the foreign agent rejects the end system - • 

Upon receiving the Radius Access-Request, the home registration server performs the necessary authentication of 
the identities of the foreign network and the end system. If authentication and registration succeeds, the home regis- 
tration server responds with a Radius Access-Response packet to the foreign registration server which sends a re- 
sponse to the foreign agent so that a round trip can be completed. The registration request is rejected if the home 

10 registration server is unable to comply for any reason. 

[0082] The second level of authentication verifies the identity of the end system to the Intranet or ISP PPP server. 
PPP authentication, separate from mobility authentication allows the infrastructure equipment to be deployed and 
owned separately from the ISP. 

[0083] FIG. 14 is a ladder diagram showing the registration sequence for a roaming end system. It is assumed that 
is the PPP server and the home IWF are in the same server and L2TP is not required. Note the interactions with accounting 

ne the identity 

i h h r i n pi ?u 1 ^ n 1 1 1 t 1 t 1 m > j 1 1 i 

roaming (between service providers) and settler- ., ; ii h>- i1t * 

[0084] MAC layer messages from the user registration agent of the end system may be used to initiate Agent Solic- 

?o iiation. The MAC layer messages are not shown for clarity, 

[0085] I 1A - f i 1 i on in h t ] nt urn 

advertisement mat • n ^ n - . - i < mf i ot on about the network to which the foreign agent belongs 
including a care-of-address of the foreign agent Alternatively, this phase may be removed and ait network advertise- 
ments may be done by a continuously emitted MAC layer beacon message, in this case, the network is assumed to 

25 be a foreign wireless service provider. Then, a user registration agent (in the end system) incorporates the information 
about the foreign agent {Including the user name and other security credentials) and its network into a request and 
sends the request to the foreign agent. The foreign agent, as a proxy registration agent, relays the request to the foreign 
registration server (i.e., the >< r >t . 1 - p oiovidei Then, the fc i n 

server, recognizing that it is not the home directory, accesses the foreign directory server with the FDD in the foreign 

30 A'jreies see, irovidei on - > direct the it 1 i req ;f to th mme rec ;tra one rver oi he wireless 
service provider to which the end system belongs. The foreign registration server responds with the necessary for- 
warding information. Then, the foreign registration server encapsulates the end system's registration request in a Ra- 
dius access request and relays the encapsulated request to the home registration server of the wireless service provider 
to which the end system belongs. The home registration server accesses the home directory server with the HDD of 

35 the home registration server to learn at least authentication information about the foreign service provider. Optionally, 
the home registration server accesses the subscriber's directory to learn detail subscriber service profile information 
(e.g., quality of service options subscribed 1o, etc.). When all parties are authenticated, the home registration server 
sends a start IWF request to the home IWF and PPP server. The home IWF and PPP server starts the home accounting 
server and then sends a start IWF resport.se to the home registration server. The home registration server then sends 

40 a Radius access response to the foreign registration server. The foreign registration server then sends a start IWF 
request to the serving IWF server. The serving IWF serve r ! 5 s \ < c < ' < > t m ,ends a start 

IWF response to the foreign rey soa pi - - e l pg st 3 i < it beb^iyn 

agent, and the foreign age' => end system. 

[0086] A link control protocol (LCP) configuration reqi 

45 server to the home IWF and PPP server. The home IWF and PPP server sends an LCP configuration acknowledgment 
through the foreign registration server to the end system. 

[0087] Similarly, a password authentication protocol (PAP) authentication request is sent to and acknowledged by 
the home IWF and PPP server. Alternatively, a < jllenge icaiion pro! P) m iu 

Both protocols may be used to authenticate or this phase may be skipped, 
so [0088] Similarly, an IP configuration protocol (IPCP) configure request is sent to and acknowledged by the home 
IWF and PPP server. 

[0089] The connection to the end system may be terminated because of any one of the following reasons. 

1 t 1 UnJei - & * e cjod system first terminates the PPP gracefully. T his includes 

55 terminating the PPP network control protocol (IPCP) followed by terminating the PPP link protocol. Once this is 

done, the end system de-registers from the network followed by termination of the radio link to the access point. 

2. Loss of wireless link. This scenario Is detected by the modem and reported to the modem driver in the end 



16 



EP 0 918 417 A2 



system. The upper layers of the software are notified to terminate the slacks and notify the user. 

3. Loss or connection to the foreign agent. This scenario is detected by the mobility driver in the end system. After 
trying to reestablish contact with a (potentially new) foreign agent and failing, the driver sends an appropriate 

5 notification up the protocol stack and also signals the modem hardware below to terminate the wireless link. 

4. Loss of connection to the IWF. This is substantially the same as for loss of con 

5. Termination of PPP by IHF or PPP server. This scenario is detected by the PPP software In the end system. 
io The end system- s PPP driver is notified of this event, it initiates de-registration from the network followed by 

termination of the wireless link to the access point. 

[0090] End system service configuration refers io the concept of configuring the network service for an end system 
t is i T i il is i Th £ ,< i e 

is profile contains information to enable the software to customize wireless data service on behalf of the subscriber. This 
I ii i t ill i i < stem o roar r s connections to the end 

-, it - ^ ,i i Pr ferably, this information also includes other parameters, like, quality of service. 

In addition to the subscriber directory, a home domain directory (HDD) and a foreign domain directory (FDD) are used 
forroaminc < , 1 i in foreign and home re jistra er DDs formation 

'<'0 about the end system's home network and the FDD stores information about foreign networks thai a subscriber may 
visit. 

[0091] FIG. 15 shows how these directories map into the network architecture and are used during registration for 
an end system that is registering at home. In step 0 the end system (mobile) solicits and receives an advertisement 
from the foreign agent to provides the end system with information about the network to which the foreign agent belongs. 

25 In this case, the network is the home wireless service provider, in step 1, user registration agent (in the end system) 
incorporates the information about the foreign agent and its network and its security credentials into a request and 
sends the request io the foreign ageni. in step 2, the foreign agent, ss a proxy registration agent, relays the request 
to the home registration server. In step 3, the home registration server accesses the HDD of the home wireless service 
provider to learn ai least authentication Information, in step 4, the home registration server accesses the subscriber 

30 directory to learn c tail; bscriber servi rmatio I ribed to, etc.). in 

step 5, the home registration server notifies the foreign agent of the access response. In steps 6 and 7, the foreign 
agent notifies the end system (i.e . mobile) of the registration reply. 

[0092] FIG. 16 shows directory usage for an end system that is ) eg - t n a roreic twork In step 0 the end 
system (mobile) solicits and receives an advertisement and the foreign agent advertises which provides the end system 

ss with information about the network to which the foreign agent belongs. In this case, the network is a foreign wireless 
service provider, in step 1, user registration ageni (in the end system) incorporates the information about the foreign 
agent and its network and its security credential into a request and sends the request to the foreign agent, in step 2, 
the foreign ageni, as a proxy registration agent, relays the request to the foreign registration server (i.e., the registration 
server for the foreign wireless service provider. In step 3, the foreign registration server accesses the HDD of foreign 

40 wireless service provider io learn the network to which the end system belongs. In step 4, the foreign registration server 
xwards the end system's ie registrar t tern's h > s service prov 

hi hj x n v- t ii t ^ 3 tn i i t least authentication 

information about the foreign service provider, in step 6, the home registration server accesses the subscriber's direc- 
tory to learn detail subscriber service profile information (e.g., quality of service options subscribed io, etc.). In step 7, 

45 she home registration server notifies the foreign registration server of the access response. In step 8, the foreign reg- 
istration server forwards to the foreign ageni the access response, in step 9, the foreign ageni notifies the end system 
(i.e., mobile) of the registration reply. 

[0093] Protocol handling scenarios handle bearer data and the associated stacks for transporting bearer data to and 
from an end system. The protocol stacks for the cell architectures use local APs (FIG. 1 7) and remote APs (FIG. 18). 
50 [0094] FIG. 17 shows ihe protocol stacks for handling communications between an end system (in its home network) 
and a home IWF for End System @ Home. FSG. 1 7 shows the protocol handling for a cell architecture where ihe access 
point and ihe wireless hub are co-located. 

[0095] FIG. 18 shows the protocol handling for a cell architecture where the access point is located remotely from 
ihe wireless hub. As shown, PPP terminates In the svVF anci the configuration provides direct Internet access. The 
55 configuration for the case where the PPP server is separate from the IWF is described later, 

[0098] in FIG. 18, PPP frames from the end system are encapsulated in RLP (radio link protocol) frames which are 
encapsulated at ihe remote access point in MAC frames for communicating with the trunk access point (i.e., an access 
point physic ar ihe wireless hub), the remote access point being coups i n 5 by, fc 



17 



EP 0 918 417 A2 



example, a wireless trunk). The access point functions as a MAC layer bridge and relays frames from the air link to 
the foreign agent in the wireless hub. The foreign agent de-encapsulates the RLP frames out of the MAC frames, and 
using the xtunnel protocol, relays the RLP frames to the iWF. A similar, albeit reverse, process occurs for transmitting 
frames from the IWF to the end system. 

s [0097] if the end system moves to another foreign agent, then a new xlunnei will be automatically created between 
the new foreign agent and the iWF, so that PPP traffic continues to flow between them, without interruption. 
[0098] In the remote AP eel! architecture (FIG. 18) using wireless trunks between the remote AP and the trunk AP, 
the air link between the end system and the access point may operate at a different frequency (fl) and use a different 
radio technology as compared to the frequency (f2) and radio technology of the trunk. 

10 [0099] FIG. 19 shows the protocol stacks for a roaming end system. The serving IWF uses of the l-xtunnel protocol 
between the serving IWF and home IWF. The rest of the protocol stacks remain unchanged and are not shown. This 

( < un i , [ li b-j ging the s« g I hs ta j hus elii 1 <WD protocol 

[0100] The RLP layer uses sequence numbers to drop duplicate PPP datagrams and provide in-sequence delivery 
of PPP datagrams between the end system and the IWF. It also provides a configurable keep-alive mechanism to 

is monitor link connectivity between the end system and the IWF. Additionally, in an alternative embodiment, the RLP 
layer also provides re-transmission and flow control services in order to reduce the overall bis error rate of the link 
between the end system and the IWF. The RLP between the end system and the SWF t eginning of 

the ses.sk i an i ren ns active throughout the session and even across hand-offs. 

[0101] In contrast to the specification in the mobile IP RFC {RFC 2003), IP in IP encapsulation is not used for tunneling 
20 between the foreign agent and the home IWF. Instead a new tunneling protocol, Implemented on top of UDP is used. 
This tunneling protocol is a simplified version of the L2TP protocol. The reasons for this choice are as follows. 

1. The encapsulation protocol specified in RFC 2003 hoes not provide flow control or in-sequence delivery of 
packets. The presently described network may need these services in the tunnel over the backhaul. Flow control 

Z's may be needed to reduce the amount of M 56 >f packet loss due to flow control 

problems over the network between the base station and the MSG or because of flow control problems in the base 
station or the IWF. 

2. By using a UDP based tunneling protocol, the implementation can be done at the user level and then put into 
30 -,e kernel for perron i si n ge< 

3. Using RFC 2003, there is no easy way of creating tunnels taking into account quality of service and load bal- 
ancing. In order to take QOS into account, it should be possible to set up tunnels over links that already provide 
the required QOS. Secondly, using RFC 2003, there is no easy way to provide load ba l 3 - >ute bearer 

35 traffic load over multiple links between the base sia e MS 

4. In order to implement IP in IP encapsulation as specified in RFC 2003, developers require access to IP source 
code. In commercial operating systems, source code for the TCP/IP stack is gene y to other equip- 
ment manufacturers. Purchasing the TCP/IP stack from a vendor and making changes to the IP layer to support 

40 mobile IP tunneling would require a developer to continue supporting a variant version of the TCP/IP stack. This 

adds cost and risk. 

[0102j While it is note t '.hi - 1 i it etween the base station an h< IWF - non-standard and that 
the wireless service provider will not be able to mix and match equipment from different vendors, the use of a non- 
45 standard tunneling protocol within a single wireless service provider network is transparent to end systems and equip- 
ment from other vendors. 

[0103] The new tunneling protocol is based on L2 By itself, L2TP is a heavywe - ocol o that 

L.2TP has a lot of overhead associated with tunnel creation and authentication. The new tunneling protocol of the 
present system has less overhead. The new xtunnel protocol has the following features. 

50 

1 . The xtunnel creation adds vendor specific extensions to Radius Access Request and Radius ' 

messages between the base station and the registration server. These extensions negotiate tunnel parameters 

and to create ihe tunnel. 

55 2. The registration server is able to delegate the actual work of tunneling and relaying packets to a different IP 

address, and therefore, to a different server in the MSC. This permits the registration server to do load balancing 
across multiple iWF servers and to provide different QOS to various users. 



18 



EP 0 918 417 A2 



3. The xtunnet c ) > ie? sages for tunnel management. These messages include echo 

request/response to test tunnel connectivity, disconnect request/response/notify to disconnect the tunnel and error 
notify for error notifications. These messages are sent over the tunneling media, for example, UDP/IP. 

s 4. Tne xtunn&i protocol sends payload data over the tunneling media, for example, UDP/IP. The xiunnei protocol 

supports flow control and in-sequence packet delivery. 

5. The xtunnel protocol may be implemented over media other than UDP/IP for quality of service. 

to [0104] The network supports direct inter net connectivity by terminating the PPP In the home iWF and routing IP 
packets from the IWF to the internet via a roister using standard !P routing techniques. Preferably, the IWF runs Routing 
information Process (RIP), and the router also runs RIP and possibly other routing protocols like Open Shortest Path 
First (OSPF). 

[0105] The network supports a first configuration for a wireless service pre, / >< > > an ' * t >< t » v t in 
is vider. In this configuration, the home IWF In the fviSC also functions as a ppp server. This SWF aiso runs internet 
routing protocols like RIP and se; c v ••" c rc -.xtlt I 1< ne < i i network. 

[01 06] The network supports a second configuration for a wireless service provider who wishes to allow end systems 
to connect to one or more internet service providers, either because the WSP itself is not ISPs, or because the Vv'SP 
has agreements with other ISPs to provide access to end users. For example, a wireless service provider may elect 
?o to offer network access to an end user and may have an agreement with a 3 rd party ISP to allow the user who also 
has an account with the 3 rd party ISP to access the ISP from the WSP network. In this configuration, the PPP server 
does not run in the home IWF installed at the MSG. instead, a tunneling protocol like L2TP (Layer Two Tunneling 
Protocol) is used to tunnel back io the ISP's PPP server. FIG. 10 shows the protocol stacks for this configuration for 
an end system that is at home. 
25 [0107] The location of the home IWF and the !SP PPP server remains fixed throughout the PPP session. Also, the 
L2TP tunnel between the IWF and the ISP's PPP server remains up throughout the PPP session. The physical link 
between the IWF and the PPP server is via a router using a dedicated T1 or T3 or frame relay or ATM network. The 
actual nature of the physical link is not important from the point of view of the architecture. 

[0108] This configuration also supports Intranet access. For intranet access, the PPP server resides in the corporate 

30 intranet and the home IWF uses L.2TP to tunnel to it. 

[0109] For a fixed end system, the protocol handling for intranet or ISP access is as shown in FIG. 20 with the 
difference that the roaming end system uses a serving IWF to connect to its home IWF. The protocol handling between 
a serving IWF and a home IWF has been described earlier. In Figure 20, the home IWF may be merged into the wireless 
hub eliminating the X-Tunnel protocol. Also, the serving iWF may be merged into the wireless hub, thus eliminating 

35 the X-Tunnel protocol. 

[0110] FIG. 21 shows the protocol stacks used during the registration phase (end system registration) for a local AP 
cell architecture. The stack for a remote AP cell architecture is very similar. 

[0111] The scenario shown above is for a roaming end system. For an end system at home, there is no foreign 
reg slraf on servei r lh« a ;!:;!.: ion 
40 [0112] Note the mobility agent in the end system. The mobility agent in the end system and foreign agent in the 
wireless hub are conceptually similar to the mobile IP RFC 2002. The mobility agent handles network errors using 
time-outs and re-trys. Unlike the known protocol stacks tor bearer data, RLP is not used. The foreign agent and the 
registration servers use Radius over UDP/IP to communicate with each other for registering the end system. 
[0113] Several aspects o 

45 the foreign/home networks during the wireless registration phase. Second, authenticating the identity of the end system 
with its PPP server during the PPP authentication phase. Third, authentication for storing accounting data, for billing 
and for updating home domain information. Fourth, encryption of bearer traffic transmitted to and from the end system. 
Fifth, encryption for exchanging billing information across service provider boundaries. 

[0114] Shared secrets are used to authenticate the identity of end systems with their home networks and the identity 

so of the home and foreign networks with each other durin j wireles; e ;istration. 

[0115] End system authentication uses a 128-bit shared secret to create an authenticator for its registration request. 
The authenticator Is created using the known MD5 message digest algorithm as described in the mobile IP RFC 2002. 
Alternatively, a different algorithm may be used. The shared secret is not sent in the registration request by the end 
ster - enticatot se 3 -> rece »mg the registration request from the end system, the home registration 

55 server re-computes the authenticator over the registration request data using the shared secret, if the computed au- 
thenticator value r a ticator value sent by the end system, the home e allows the 
" ro<€-$* s ro< ee e values do not match, the horns ,c logs the event, generates a 
security violation alarm and a nak (i.e., a negative acknowledgment) to the request; 



19 



EP 0 918 417 A2 



[0118] In J ii i 1 ne - that is to say, uses the shared secrel 

io create an authenticator for the registration reply that it sends to the end system. Upon receiving the reply the end 
system re-computes the authenticator using the shared secret. If the computed value does not match the authenticator 
value sent by the home registration server in the reply the end system discards the reply and tries again. 

5 [0117] These oil 20( t 

RFC, a mobility security association exist between each end system and its home network. Each mobility security 
association defines a collection of security contexts race security context defines an authentication algorithm, a mode, 
a secret (shared or public-private), style of replay protection and the type of encryption to use. in the context of the 
present network, the end system's User-Name (in lieu c i hoi is u iden i 1 v 

io f t v it e security parameter 

iex (SP < i seiec i / r ex; within the mobility security association, in a basic embodiment of the 
ion, on! chile! t gorithm (keyet 5) id the default mode ("prefix+sufftx"} are 

supported with 128-bit shared secrets. Network users are allowed to define multiple shared secrets with their home 
tetworks. The met > i i e< < 1 k jsers, assigning an SPI to each security context and 

is for setting the contents of the security context (which includes the shared secret) and for modifying their contents are 
described below Do ig regist > 126 ni message dige: jmpuled b> end system prefix + suffix mode 
using the MD5 algorithm. The shared secret is used as the prefix and the suffix for the data to be protected :n the 
registration request. The authenticator thus computed, along with the SPi and the User-Name are transmitted in the 
registrdt requt" i n i in t i ji nk 

?o server relays the request aiong with the authenticator and the SFI, unchanged to the home registration server Upon 
receiving tin egist > ques c tly from t enc system or indirectly via a fort jn registration server, the home 
registration server uses the SP! and the User-Name to select the security context. The home server re-computes the 
juthenii r u he sn 1 s if the computed t i na in ; hi , if i hi n tor senl 

in the request by the end system, the user's Identity will have been successfully authenticated. Otherwise, the home 

?5 registration server naks (negatively aoknou. i m c 1 request sent by the end system. 

[0118] The registration reply sent r i r to the end system is aiso authenticated using the 

algorithm described above. The SPi and the computed authenticator value is transmitted in the registration reply mes- 
sage by the home server to the end system. Upon receiving the reply, th ystf i lutes the authenticator, 
and if the computed value does not match the transmitted value, It will discard the reply and retry. 

30 [0119] The user's end system has to be configured with ihe shared secrel and SPIs for all security contexts that the 
user shares with its - i fc r - s ,n i ^it j & preferably stored in a Win 95 registry for 

v" x -< < 1 =; <i < 'nun i t > i ^ > t i i u t< > i it puip i 

[0120] In the network, Radius protocols are used by foreign agent FA to register the end system and to configure 
the xtunnel between the wireless hub and the home and serving fWFs on behalf of the end system. On receiving a 
35 registration request from the end system, the FA creates a Radius Access-Request packet, stores its own attributes 
into the packet, copies the end system's registration request attributes unchanged into this packet and sends the 
combined request to the registration server - - \ - 

[0121] Radius authentication requires that the Radius client t'in this case, the FA in the base station) and the Radius 
server gn hi< case, the registration server in the " ! share a secrei for authentication purposes. This shared secret 

40 is also used to encrypt any private information communicated between the Radius client and the Radius server. The 
hared sf i I Mt F >< c he 

shared secret and the MD5 alg n i 1 j i in f ly^tion, where encryption is needed. The Radius- 
Access Request packet sent by the FA, contains a Radius User-Name attribute (which Is provided by the end system) 
arid a Radius User-Password attribute. The value of the User-Password attribute is aiso a configurable value and 

45 encrypted In the way recommended by the Radius protocol. Other network specific attributes, which are non-standard 
attributes from the point of view of the Radius RFC standards, are encoded as vendor specific Radius attributes and 
sent in the Access-Request packet. 
1122] The T sttribu FA to in. R ess-Rs quest .k^ 

so 1. User-Name Attribute, This is the end system's user-name as supplied by the end system in its registration 

request. 

2, User-Password Attribute. This user password is supplied by the base station/wire! i < half of the user. 
It is encoded as described in the Radius EFC using the secret share betws ; N i 

55 server, 

3. NAS-Port. This is Ihe port on the base station. 



20 



EP 0 918 417 A2 



4. NAS-IP-Address. This is the !P address of the base station. 

5. Service-Type. This is framed service. 

5 6. Framed Protocol. This is a PPP protocol. 

7. Xtunnel Protocol Parameters. These parameters are sent by ihe bas< station to specif> f 1 5rs es 
sary to set up the xtunnel protocol on behalf of the end system. This Is a vendor-specific attribute. 

io 8. AP-iP-Address. This ss the IP address of the AP through which the user Is registering. This is a vendor-specific 

attribute. 

9. AP-MAC-Address. This is the MAC address of the AP through which the user is registering. This is a vendor- 
specific attribute. 

is 

10. End system'-; Registration Request. The registration request from the end system is copied unchanged into 
this vendor specific attribute. 

[0123] in j i ) ( t r ,1 n \ , , [ rT-i. pjc «\ t 

1. Serv/ce Type This is a framed service. 

2. Fram&d-Protocol. This is a PPP. 

25 3. Xtunnel Pn ' - - 1 t These parameters are sent by the registration server to specify the parameters 

necessary to set up t 1 > ti >i on b t he end system "hit, is a vendor-specific attribute. 

4. Home Registration Servers Registration Reply. This attribute is sent to the FA from the home registration server. 
The PA relays this attribute unchanged to the end system In a registration reply packet. If there is a foreign regis- 
30 tration server in the path > t t 5 relayed by it to the FA unchanged. It is coded as a vendor-specific attribute. 

[0124] To provide service to roaming end systems, the foreign network and the home network are authenticated to 
each other for accounting and billing purposes using the Radius protocol for authentication and configuration. This 
authentication is performed at the time of end system registration. As described earlier, when the registration server 
35 in the f» >e-gr> neiwo \ rt-oe ves a teyu "tatn. n •*.<.)!! uh t vendor specific attribute 

in a Radius-Access Request packet by the FA), it uses the end system's User-Name to determine ihe identity of the 
end system's home registration server by consulting its home domain directory HDD. The following information is stored 
in home domain directory HDD and accessed by ihe foreign registration server in order to forward the end system's 
registration request. 

1. Home Registration Server IP Address. This is the IP address of the home registration server to forward She 
registration request. 

oreig rears tioi >e Mac! eh his h* 1 hine Do ft t gistraiion server in SMTP (sim- 
45 piified mail transfer protocol) format {e.g., machlne@fqdn where machine is the name of the foreign registration 

server machine and fqdn is the fully qualified domain name of the foreign registration server's domain). 

3. Tunneling Protocol Parameters. These are parameters tor configuring the tunnel between the serving iWF and 
the home IWF on behalf of the end system. These include the tunneling protocol to be used between them and 

so the parameters for configuring the tunnel. 

4. Shared Secret. This is the shared secret to be used for authentication between the foreign registration server 
and the home registration server. This secret Is used for computing the Radius User-Password attribute in the 
Radius packet sent by the foreign registration server to the home registration server. It is defined between the two 

55 wireless service providers, 

5. User-Password. Tfiis is the user password to be used on behalf of the roaming end system. This user password 
is defined between the two wireless service providers. This password is encrypted using the shared secret as 



21 



EP 0 918 417 A2 



described in She Radius RFC. 

6. Accounting Parameters. These are parameters for configuring accounting on behalf of the end system that is 
registering. These parameters are sent by the registration server to its SWF for co-'igr g on behalf 

5 of the end system, 

[0125] Using this information, the foreign registration server creates a Radius Access-Request, adds its own regis- 
tration and authentication information into the Radius Access-Request, copies the registration information sent by the 
end system unchanged into the Radius Access-Request and sends the combined request to the home registration 
10 server. 

[0126] Upon receiving the Radius-Access Request from the foreign registration server {for a roaming end system} 
c i i f end ystes \ ho ion n is own directory set 

the shared secrets to verify the identity of the end system and the identity of the foreign registration server in a roaming 
sec nario by re-computm iu >rs 
is [0127] After processing the request successfully, the home registration server creates a Radius Access-Accept re- 
sponse packet and sends it to the foreign registration server if the end system is roaming, or directly to the FA from 
which it received the Radius Access-Request. The response contains the registration reply attribute that the FA relays 
to the end system. 

[0128] he home regist a - in server creates a Radius Access-Reject 

?o response packet and sends it to rhe fo i rec - tion server if the end system is roaming, or directly to the FA from 
which it received i t t t 

relays to the end system. 

[0129] in a roaming scenario, the response from the home registration server is received by the foreign registration 
server. It is authenticated by the foreign registration server using the shared secret. After authenticating, the foreign 
25 registration server processes the response, and in turn, ii generates a Radius response packet {Accept or Reject) to 
send to the FA. The foreign registration server copies the registration reply attribute from the home registration server's 
Radius response packet, unchanged, into its Radius response packet. 

[0130] When the FA receives the Radius Access-Response or Radius Access-Reject response packet, it creates a 
registration reply packet using the registration reply attributes from the Radius response, and sends the reply to the 

30 end system, thus completing the round trip registration sequence. 

[0131] Mobile IP standards specifies that replay protection for registrations are implemented using time stamps, or 
- i , ii < ' i ii t i 5 xegu !•• ,,n » i cd n 

I i n the pre ent ■> stem nplements e ay protection during registration 

using nonces even though replay protection using time stamps Is mandatory in the Mobile IP standards and the use 

35 nonces is optional. However, replay protection using time stamps as an alternative embodiment is envisioned. 

[0132] The style of replay protection used between nodes is stored in the security context In addition to the authen- 
tication context, mode, secret and type of encryption. 

[0133] The network supports the use of PPP PAP (password authentication; and CHAP (challenge authenticated 
password) between the end sv >l« n z y a it >PPP c in i ; i i i an i I t ti n 

40 mechanisms ds < > j anet or an lt>P to 

[0134] Authentk t 5 un snd ervices is d » » t ct 1c > -sting security 

Access to directory servers from network equipment in the same MSG need not be authenticated. 
[01 35] The network supports encryption of bearer data sent between the end system and the home IWF. End systems 
negotiate encryption to be or >i 1 >ysel< ipriate security context. Upon receiving the registration request, 

46 the home registration server grants the end system's request for encryption based upon the security context, in addition 
to storing the authentication algorithm, mode, shared secret and style of replay protection, the security context is also 
se j > 16 style 0 ~ rtion aigont i 3 e f encryption is negotiated between the end system and the 
3rm agent i -< if let FFF n , 1 , I n ~ z 

[0136] The TWF. the accounting server and the billing system are part of the same trusted domain In the MSG. These 

50 entities are either connected on the same LAN or part of a trusted Intranet owned and operated by the wireless service 
pro\ <. in i i -5 c e i/een the IWF and the accounting server and between the accounting 

server and the customer's billing system may be encrypted using Internet !P security protocols like IP-Sec. 
[0137] The network makes It more difficult to monitor the location of the end system because it appears that all PPP 
frames going io and from the end system go through the home IWF regardless of the actual location of the end system 

55 device. 

[0138] Accounting data is collected by the serving IWF and the home IWF in the network. Accounting data coiiected 
by the serving IWF is sent io an accounting server in the serving IWF's MSC. Accounting data coiiected by the home 
IWF is sent to an accounting server In the home IWF's MSC. The accounting da a $ u 



22 



EP 0 918 417 A2 



it ' if auditing and for settlement ol P"' 5 t > " 

aries (to support roaming and mob j T e accoun p c ^t?CT e^^i e home =eo o n -the end user 

and aiso for settlement across wireless service provider boundaries to handle roaming and mobility. 
[0139] Since all data traffic, flows through the home IWF, regardless of the end system's location and the foreign 
5 agent's location, the home iWF has all the information to generate bills for the customer and also settlement information 
tor the use of foreign networks. 

[0140] Tin ing IWF and the hoi F pr« >' us< F s accounting pi f < un < 

records for registered end systems. The Radius accounting protocol is as documented in a draft IETF RFC. For the 
present Invention, the protocol has to be extended by adding vendor specific attributes for the network and by adding 
to check-pointing to the Radius Accounting protocol. Check-pointing in this context refers to the periodic updating of 
accounting data to minimize risk of loss of accounting records. 
[0141] The Radius accounting protocol runs over UDP/IP and uses < t - I 1 n <. ^ 3 

The Radius accounting client (serving IWFs or home IWFs) send UDP accounting request packets to their accounting 
servers I 

is [0142] in the network, the accounting clients (serving IWF and the home IWF) emit an accounting start indication at 
the start of the user's session and an accounting stop indication at the end of the user's session, in the middle of the 
I if i it 1 k U n hi n t ' \ < doi < 

not specify an accounting checkpoint indication . The software of she present system creates a vendor specific account- 
ing attribute for this purpose. This accounting attribute is present all R 1 ( in hhdve 

?o Acct-Status-Type of Start (accounting start Indications). The value of this attribute is used to convey to the accounting 
server whether the <>< n Hi > in c ! n < t> w a time 

t contain curnuiati milng data fro tart of t lift quency of transmitting check- 

pa < ivontion 

[0143] The serving IWF and the home SWF are configured by their respective registration servers for connecting to 

?s i i in turingt t f n ounting parameters include the IP address 

and UDP port of the accounting server, the frequency of check-pomf ing. the session/multi-session id and the shared 
secret to be used between the accounting client and the accounting server, 

[0144] r ' > \ « rk -i » in i in i h i 'i fhese accounting 

attributes are reported In Radius accounting packets at the start of the session, at the end of the session and in the 
30 middle (check-point) by accounting clients to their accounting servers. 

I. <i<t>) ft k , \j ~^ i „ n t i ci 1 < ~h 3t i iliul i u i ti i i< nil / th ; 

user and is present in all accoun u iuu.ii 1 i i II luaUnd 

domain name of the user's home. 

35 

? NAF " ^ hi - i tin V ! , - i -, t i n i v u 

identify the IP address of the machine running the home IWF or the serving IWF, 

3. Radio Port. This attribu e identifies thf 1 < < ie aca >m1 providir er to usei This attribute 
40 is encoded as a vendor specific attribute. 

4. Access Point ip Address. This attribute identifies the IP audi* «• >f < -*-t i un' providing service to the 
user. This attribute is encoded as a vendor specific attribute. 

46 5. Service Type. This is like the Radius Service-Type attribute described above. The value of this attribute is 

Framed. 

8. Framed Protocol. This is like the Radius Framed -Protocol attribute described above. The value of this attribute 
is set to indicate PPP. 

50 

7. Accounting Status Type. This is like the Radius a< , 0 i in 1 it i ■ t ,.r ,-.».%. "fee value f this 
attribute may be Start to mark the start of a user's session with the Radius client and Stop to mark the end of the 
user's session with the Radius client. For accounting clients, the Acct-Status-Type Start = tri! ite is generated 

1 i e t 2 i e/Stop attribute is generate - I 

55 for any reason . For checkpoints, the value of this attribute is aiso Start and the Accounting Checkpoint attribute is 

also present. 

8. Accounting Session id. This is like the Radius Acct-Session-ld described above. In a roaming scenario, this 



23 



EP 0 918 417 A2 



session id is assigned by the foreign registration server when the end system issues a registration request. It is 
communicated to the home registration server by the foreign registration server during the registration sequence. 
The home network and the foreign network both know the Acct-Session-id attribute and are able to emit this 
attribute while sending accounting records to their respective accounting servers. !n a "end system-at-home" sce- 
s nario, this attribute is generated by the home registration server. The registration server communicates the value 

of this attribute to the IWF which emits it in all accounting records. 

9. Accounting Multi-Session id. This is tike the Radius Acct-Multi-Session-td discussed above. This id is assigned 
r ie horn? gis t , ' - sfhena < s ion ec - st i«* r* c* ec ran a?*** <="• ■> v ■• t 
to server on behalf of an end system. It is communicated to the foreign registration server by the home registration 

server in the registration reply message. The registration server{s) communicates the value of this attribute to the 
i'WF(s) which emit it in all accounting records. 

[0145] With free mobility added to the architecture, the id is used to relate together the accounting records from 
is different IWFs for the same end system if the end system moves from one IWF to another. For hand-offs across IWF 
rid mt ci-Si >n-l iifrerent tor accounting > i ing i di Fs H \cc 

Multi-Session-ld attribute is the same for accounting records emitted by aii iWFs thai have provided service to the user 
Since the session id and the multi-session id are known to both the foreign network and the home network, they are 
able to emit these attributes in accounting reports to their respective accounting servers. With the session id and the 
n ii session ci, bitting systems are able to correlate accounting records across IWF boundaries in the same wireless 
service provider and even across wireless service provider boundaries. 

1 . Accounting Delay Time. See Radius Acct-Delay-Time attribute. 

25 2. Accounting input Octets. See Radius Acct-lnput-Octeis, This attribute is used to keep track of the number of 

octets sent by the end system (input to the network from the end system). This count is used to track the PPP 
frames only. The air link overhead, or any overhead imposed by RLP, etc. is not counted. 

3. Accounting Output Octets. See Radius Acct-Output-Octets. This attribute is used to keep track of the number 
30 of octets sent to the end system (output from the network to the end system). This count is used to track the PPP 

frames only. The air link overhead, or any overhead imposed by RLP, etc. and is not counted. 

4. Accounting Authentic. See Radios Acct-Authentic attribute. The value of this attribute is Local or Remote de- 
pending on whether the serving IWF or the home IWF generates the accounting record. 

35 

5. Accounting Session Time. See Radius Acct-Session-Time attribute. This attribute indicates the amount of time 

the amount of time that 

the user has been receiving service from that serving IWF. if sent by the home TWF, this attribute tracks the amount 
of time that the user has been receiving service from the home tWF. 

6. Accounting input Packets. See Radius AccHnput-Packets attribute. This attribute indicates the number of pack- 
ets re< i i f i r ! Ii i t ber of PPP fran into the 
serving IWF from an end system. For a home IWF, this attribute tracks the number of PPP frames Input Into the 
home IWF from an end system. 

I.Ac i si Radius Accl-Outp ,t c n < , ' < ~ - M . e ^ak , h< m nb< r of 

packets sent to the end system. For a serving IWF, this attribute tracks the number of PPP frames output by the 
serving IWF to the end system. For a home IWF, this attribute tracks the number of PPP frames sent to the end 
system from the home IWF. 

50 

>ee R s erminate-Cause attribute. This attribute indicates the reason 
why a user session was terminated, in addition, a specific cause code Is also present to provide additional details. 
This attribute is only present in accounting reports at the end of the session. 

55 9. Network Accounting Terminate Cause. This attribute indicates a detailed reason for terminating a session. This 

specific attribute is encoded as a vendor specific attribute and is only reported in a Radius Accounting attribute at 
the end of session. The standard Radius attribute Acct-Terminate-Cause is also present. This attribute provides 
des , not covered by the Acct-Terminate-Cause attribute. 



24 



EP 0 918 417 A2 



1 0. Network Air link Access Protocol. This attribute indicates the air link access protocol used by the end system. 
This attribute is encoded as a vendor specific attribute, 

11. /Veto, \ otocol. This attribute indicates the ess protocol used by the access 
s )- MoT ) la o and from I x; sy< i. Th:s >ute is encoded as a vendor sped 

/ k A.o t Thi t uali i i machine running the 

home IWF or the serving IVVF. This specific attribute is encoded In vendor specific format. 

to 13. Network Accounting Check -point. Since the Radius accounting RFC does not define a check-point packet, the 

present network embodiment uses a Radius accounting pack< «i this attribute to mark a check-point. The 
absence of a check-point attribute means a conventional accounting start packet. The presence of this attribute 
in a accounting start packet means a accounting check-point packet. Accounting stop packets do not have this 
attribute, 

15 

[0146] 

using MD5 and a shared secret. The !W r s i eco figi ed wi share < i t 1 L hei j hen » xi 

during communication with their Radius accounting server. The shared secrets used by the IWFs for communicating 
wit ac ) ing ervers; are stored in th if I 1 ) lin y locati MSG. The s secrets for 

i'O accounting security are communicated to the IWFs by their registration sp'vpis during t /stem re jis i ilk n 

sequence. 

[0147] The accounting server software runs in a computer located in the MSC. The role of the accounting server in 
> i < t m mil 3 ) m ) it n .ind ) k "oss the 

data and store it for transfer to the wireless service prov - - i The accounting server does not include 

?s a billing system, instead, it includes support for an automatic or manual accounting data transfer mechanism. Using 
the automatic accounting data tran fe if j < j < u h . - tin i r I F <. 

format to the customer's billing system over a TCP/IP transport. For this purpose, the system defines A MA billing record 
formats for packet data. Using the manual trans f t- ■• in m I mi I . j "un 

records to their billing system. In order to build the tape to their specifications, customers are provided with information 

30 to access accounting records so that i hey may process them before writing them to tape 

[0148] In FIG. 22, the raw accounting data received by the accounting server from the home or serving IWFs are 
>roces ids ng server. The process i tone by tb< ccoun } ser nciudes filtering, com- 

pression and correlation of the raw accounting data received from the IWF. A high availability file server using dual 
active/standby processors and hot swappable RAID disks is used for buffering the accounting data while it is transiting 

35 through the accounting server. 

[0149] The accounting server delays processing of the raw accounting data until an end system has terminated its 
session. When an end system terminates its session. ;he accounting server processes ;he raw accounting dara ha! 
it has collected for the session and storey r c u<- ra % teuord in a SQL database. The accounting summary 

recc c > % 5 1 5 t ! il< ~ f tit Tin i in 

40 about the end system's session. The data stored in the accounting server is then transferred by the hitting data transfer 
jcjen i i | m t s t ( i f | ( i i( r < c mo data 

m 3 I \! n t t ttm i it If ta base scheme and 

the format of the ASN, 1 encoded file are documented and made available to customers for this purpose, if the volume 
of processed accounting data stored in the accounting system exceeds a high water mark, the accounting server 

45 generates an NMS alarm. This alarm Is cleared when the volume of data stored in the accounting server falls below a 
tow water mark. The high and tow water mart-is for generating arid clearing the alarm are configurable. The accounting 
ri er irviS alarm if t fl ii e 1 a f ur hie hreshold. Con- 

versely, the alarm is cleared, when the age of the accounting data falls below the threshold, 

[0150] The subscriber directory is used to store information about subscribers and Is located in the home network, 
so The home registration ser < < I t in ir-tp and register an end 

system For eac t ubscriber c e lory stores the following information. 

1. User-Name. This field m the subscriber record will be In SMTP format (e.g., user@fqdn) where the user sub- 
field will identify the subscriber in his or her wireless home domain and the* s e den , the wireless 
55 home domain of the subscriber. This field is sent by the end system in its registration request during the registration 

phase. This field is assigned by the wireless service provider to the subscriber at the time of subscription to the 
network service. This field is different than the user name field used in PPP. 



25 



EP 0 918 417 A2 



2 j "his field in the subscriber reco'Ci cc < a c i be- 

tween the subscriber and his or her home network. As described above, a mobility security association exists 
between each subscriber and its home registration server. The mobility security a-- nes a collection 

of security contexts. Each security context defines an authentication algorithm, an authentication mode, a shared 

5 secret, style of replay protection and the type of encryption (including no encryption; to use between the end system 

and its home server. During registration, the home registration server retrieves information about the subscriber's 
security context front ;> crtsx-r directory u > s ) < > (SPI) supplied 

by the end system In its registration request. The information in the security context is used for enforcing authen- 
t r r l i 1 i i tl 1 loi t e< in ed by f e 

to wireless service providf h* i s >r it is up to the wireless service provider to permit the subscriber 

to modify this association either by calling up a customer service representative or by letting subscribers access 
to a secure Web site. The Web site software will export web pages which the wireless service provider may make 
accessible to subscribers from a secure web server, in this way, subscribers are able to view/modify the contents 
of the mobility security association in addition to other subscriber Information that the service provider may make 

is accessible. 



ii iiiiii t nber In addition 

to the shared secret, this field is used aunnq teqis i i , j possible to turn off MAC 

address based authentication on a per user basis. The MAC address is communicated to the home registration 
20 server during registration. 

4. Enable MAC Address Authentication. This field is used to determine if MAC address based authentication is 
enabled or disable a Iftv > In t< mu " 3 -\' < 1 1 
against this field to validate the end system's identity. If disabled, then no checking is done. 

25 

5. Roaming Enabled Flag, if this field is set io enabled, then the erid system ; s allowed to roam to foreign networks, 
if this field is disabled, then the end system is not permitted io ream to foreign networks, 

6. Roaming Domain List, This field is meaningful only if the Roaming Enabled Flag is set to enabled. This field 
30 contains a list of foreign domains that (he end system is allowed to team to. When the contents of this lis; is null 

and the Roaming Enabled Flag is set to enabled, the end system is allowed to roam freely. 

7. Seivice t_" ' >' his, field may be < i i m ; ;< rviu 
to a subscriber, if this field is disabled, then the subscriber is permitted to register for service. If the subscriber is 

-'5 i n I hi ilur h 1 ii i ii t d 

by the network. 

o e - t e ii ii he subscriber's internet service 

provider. This information is used by the IWF during the PPP registration phase to perform authentication with the 
40 internet service provider on behalf of the end system and also to create a L2TP tunnel between the IWF and the 

interne; service provider's PPP server. This field oortlains the identity of the subscriber's iSP. The IWF uses this 
information to access the !3P directory tor performing authentication and setting up the L2TP tunnel on behalf of 
the end system. 

46 9. Subscriber's Name & Address information. Tnls field contains the subscriber's name, address, phone, fax, e- 

mail address, etc. 

[0151] The home domain directory (HDD) Is used by the registration server to retrieve parameters about the end 
system to complete registration on behalf of the end system. Using this information, the registration server determines 

50 if the end system is registering at home or if the end system is a roaming end system, in the former case, the registration 
server assumes the role of a home registration server and proceed with end system registration, in the latter case, the 
registration server assumes the role of a foreign registration server and, acting as a Radius proxy, it forwards the 
jque; > I > i » i n server whose identity it gets from this directory. For roaming end system, the 

parameters stored in the HDD include the IP address of the home registration server, the home-foreign shared secret, 

55 the home-serving IWF tunnel configuration etc. The HDD is located in the MSG. 
[0152] The following information is stored in the HDD. 

1. Home Domain Name. This field is used as the key to search the HDD for a e e 3 s f^J 



26 



EP 0 918 417 A2 



home c jmain r ation rec jest 

2. Proxy Registration Request. This field is used by the registration server to determine if it should act as a foreign 
i tr serve ind >rox the enc system's a gis*ration request to the real home registration server. 

3. Home Registration Server DNS Name. If the proxy registration request flag is TRUE, this field is used to access 
the DNS name of the real home registration server. Otherwise, this field is ignored. The DNS name is translated 
to an IP address by the foreign registration server. The foreign registration server uses the IP address to relay the 
end system's registration request. 

4. Foreign Domain Name, if the proxy registration request flag is TRUE, this field is used to identify the foreign 
domain name to the end system's home registration server. Otherwise, this field is ignored. The foreign registration 
server uses this information to create the foreign se e r a" ne in Sf It' t t.fc ^ x i pie » a ft t 
This machine id is sent to the home registration server by the foreign registration server in the Radius-Access 
Request. 

5. Shared Secret. If the proxy registration request flag is TRUE, the shared secret is used between the foreign and 
home ipg st-ation i i u h t t In. 1 ^ ^ 

6. Tunneling Protocol Parameters. This field is used to store parameters to configure the tunnels to provide service 
to the end system. For or; end system at home, this includes information on tunnel parameters between the base 
station and the home IW'F and from the home iWF to the PPP server. For a roaming end system, this includes 
tunneling parameters from the base station to the serving IWF and from the serving IWF to the home IWF. At a 
minimum, for each tunnel, this field contains the type of tunneling protocol to use and any tunneling protocol specific 
parameters. For example, this field may contain the identifier for the tunneling protocol L2TP and any additional 
parameters required to configure the L2TP tunnel between the f'/vT-" and Its peer. 

f II I into nation needed by the IWF to generate accounting 

data on behalf of the end system. It contains the name of the accounting protocol (e.g. RADIUS), the DNS name 
f t < i in j 1 1 t n ,i In 1 , ; n | r U i k - the UDP port number, 

the shared secret that the IWF must use in the Radius Accounting protocol, the frequency of check-pointing, the 
t i n T i N n i i i 1 3 iths i Hint- 

ing server's IP address, which is sent to the SWF. 

[0153] For wireless service providers that have c i hum 1 *i u )h<i j >! > \ 

cation and to complete the registration process. If an end system roams from its home network to a foreign network, 
the foreign registration server in that network consults the HDD in its MSG to get information about the visiting end 
s, pi s -i e L " la l nt- * o e it provides service to the visiting end system. 

[0154] The software for home domain directory management preferably provides a graphical user interface (GUI} 
based HDD management interface for system administrators. Using this GUI, system administrators are able to view 

l< < ^t P 1 1 < > !( n< t > [ i i in 

s. i i > i > > i 'i hip \" it is only intended for use by trusted personnel of the home wireless 
service provider operating behind fire walls. 

[0155] The foreign domain directory (FDC pro; ies c uur t h it i 1 i n i directory. 

The FDD is used by the home registration server to retrieve parameters about the foreign registration server and the 
foreign network in order to authenticate the foreign network and create a funnel between a serving iWF and a home 
IWF. These parameters include the home-foreign shared secret, the home IWF-serving IWF tunnel configuration, etc. 
The FDD is preferably located In the home registration server's MSG. The FDD is used by home registration servers 
for registering roaming end systems. 

[0156] The following information will be stored In the FDD 

1 . Foreign Domain Name. This field is used as the key to search the FDD for an entry that matches the fully qualified 
domain name of the foreign registration server relaying the registration request. 

2. Shared S T t re i d home registra ei henticat 
their Identity mutually with each other. 

3. Home IWF-Seiving IWF Tunneling Protocol Parameters. This field is used to store parameters to configure the 



27 



EP 0 918 417 A2 



tunnel between the home IWF and the serving !WF. At a minimum, this field contains the type of tunneling protocol 
to use and any tunneling proiocoi specific parameters. For example, this field may contain the Identifier for the 
tunneling protocol L2TP and any additional parameters required to configure the L2TP tunnel between the serving 
iWF and the home IWF. 

5 

4. Accounting Server Association. This field Is used to store information needed by the home IWF to generate 
accounting data on behalf of the end system, it contains the name of the accounting protocol (e.g. RADIUS), the 
DNS name of the accounting server and additional parameters specific to the accounting protocol like the UDP 
port number, the snared secret thai the IWF must use In the Radius Accounting protocol, the frequency of check- 
io pointing, the s , j fo - - ssio luit i >n id, < i~he acco ing m t e is translated 

to the accounting server's iP address, which is sent to the foreign agent. 

[0S57] <r Tie s with each other, the FDD is used to do authen- 

i network, the 

15 registration server in the home network consults the FDD in its MSG to get information and authenticate the Foreign 
network providing service to the end system. 

[0158] The foreign domain director v i i i n ^ ' , D 

management interface for system administrators. Using this GUI, system administrators are able to view and update 
entries in the FDD. This GUI is not intended for use by foreign wireless network service providers to perform remote 
20 updates based on roaming agreements, it is only intended for use by trusted personnel of the home wireless service 
provider operating behind firewalls. 

[01 59] The internet service provider directory (iSPD) is used by the home IWF to manage connectivity with ISPs that 

c >; their ISPs using the net- 
work. For each subscriber, the subscriber directory has an entry for the subscriber's ISP. This field points to an entry 
25 in the iSPD. The home IWF uses this information to set up the connection to the ISP on behalf of the subscriber. 

[0160] The network architecture supports roaming. In order for roaming to work between wireless service providers, 
the architecture must support the setting up of roaming agreements between wireless service providers. This implies 
wo things l)u i t stem directories across wireless service providers and (2) settlement of bills between service 
providers. 

30 [0181] I order l< allow snbscribers access k interne; service providers tne ai chiiedure supports roaming agree- 
ments with internet service providers. This implies that the architecture must be able to send data to and receive data 
from ISP PPP servi a, iha I PPP >nd Radiu it npiis t 

the architecture handles directory updates for ISP access and settlement of bills with ISPs. 

[0162] When roaming agreements are established between two wireless service providers, both providers have to 
35 update their home and foreign domain directories in order to support authentication and registration functions for end 
systems visiting their networks from the other network. At a minimum, the architecture of the present embodiment 
supports nic t < u i i i f i i l i i h 

then the two parties to the agreement exchange information for poc a eir home and foreign domain directories. 
The actual updates of the directories is done manually by the personnel of the respective service providers. If later 
40 the information in the home and foreign domain directories needs to be updated, the two parties to the agreement 
x h in je h in i 1 < i ; I u[ i im < t ' 

[0163] in an altern n ei i i lin >ry managei > in mates d< r ; tr ^ 

IETF to enable roaming between internet service providers and io enable ISPs to automatically manage and discover 
) i jr in- - hi- i 1 1- ^ i It M' i mi nger nei ; The nel v ystern automat- 

es icaiiy propagates roaming relationships, and discovers them, to authenticate and register visiting end systems. 

[0164] At a minimum, the network architecture lust processes and stores the accounting data and makes the data 
available to the wireless service provider's billing system, it is up to the hilling system to handle settlement of bills for 
roaming. 

[0165] In an al e 1 he IE j andle i ting re ords 

50 between Inter net service providers are incorporated into the network architecture to enable ISPs to do billing settlement 
for roaming end systems. 

[0166] The system software supports access to ISPs and private intranets by supporting L2TP between the home 
he SPso i 3 ^ PPPserv f erne f i dei is nformation useful to the iWF 

for creating these tunnels. As access agreements between the wireless service provider and internet service providers 
55 are put in place, this directory is updated manually by the wireless service provider's personnel. Automatic updates 
and discovery of access relationships between the wireless service provider and internet service providers are presently 
contemplated and implemented as ihe Internet standards evolve. While accessing an Interne; service provider, the 
subscriber receives two bills - one from the wireless service provider for the use of the wirelc tworf these 



28 



EP 0 918 417 A2 



from the Inter nei service provider Aiihough common billing thai combines boih types of charges; Is nol handled by Ihe 
n n lum emboc nent software Is onl e software will take ad v ? ^ 

>s a bars may receive a common bill based on roam i< between ihe 

ISP and wireless service providers. 

s [0167] The system includes a element management system for managing ihe network elements. From the element 
manager, system administrators perform configuration, performance and fault/alarm management functions. The Sie- 
mens management applications ran on top of a web browser. Using a web browser, system administrators manage the 
network from anywhere that they have TCP/IP access. The element manager also performs an agent role for a higher 
level manager. In this role it exports an SNMP MSB for alarm and fault monitoring. 

io [0168] i s i i i t \l 11 M i ei 

periodically polls the element manager's MSB for the health and status of the network. System management personnel 
e t ' ' £ i I I , > r e abit j< enf tin v ^ d its current alarm state. By 

pointing and clicking on the network element icon, systems management personnel execute element management 
applications using a web browser and perform more detailed management functions. 

is [0169] inside the network, management of ihe physical and logical network elements is performed using a combi- 
rtion of t SN F < and snt lal i lagei i >c ttso programming interfaces Application in ihe element 
manager use SNMP or other management APIs to perform network management functions. 

[0170] Architecturally, the element management system im twt i m< ;*t; f c| elements. The first 

set of functional elements, including the configuration data server, performance data monitor and health/status monitor 

20 and network element recovery software, executes on an HA server equipped with RAID disks. The second set of 
functvss mn i lis i i l ii is oh s,( c dedic » ed s \ a management system. 

Even if the element manager systesn becomes non-operational, the network elements continue to be able to run and 
report alarms and even be able to recover from fault conditions. However, since all ihe management applications 
e A <= u in hte - (rl^i ~ i - »- - ~ goes down, then recovery actions requiring human 

25 intervention are not pob ii I in ig r becomes operational. 

[0171] The wireless hubs (WHs) In the base stations are typically owned by a wireless service provider (WSP), and 
they are connected to the WSP's registration server (RS) either via point-to-point links, Intranets or the internet. The 
WSP's regis alien server Is ty ; io executint oct ssor to perforn certain registration func- 

tions. Inter-working function units (IWF units) are typically software modules executing on a processor to perform 

30 certain Interfacing functions. IWF units are typically connected to the registration servers via intranets/WAN, ana the 
IWF units are typically owned by the WSP. However, the IWF units need not be located within the same LAN as the 
registration servers. Typically, accounting and directory servs ;(al ; n i s executing on a processor) are 

connected to ihe registration servers via a LAN in the service provider's Data Center (e.g., a center including one or 
more processors that hosts various servers and other software modules). Traffic from the end system Is then routed 

35 via a router (connected to the LAN) to the public internet or to an ISP's intranet. The registration server located in a 
^ i < in 1 h< in <ii-^ i < i , xaedinthe 

end system':; home network (where the mobile purchases its service) is referred to as ihe home regislration server 
(MRS). The inter-working function unit in the home network is referred io as the home IWF while ihe inter-working 
function unit in the foreign network (i.e., the network ihe end system is visiting) is referred to as the serving IWF. 

40 [0172] For fixed wireless service (i.e., a non-moving end systesn), an end system may register for service on the 
home network from the home network (e.g., at home service) or from a foreign network (e.g., roaming service). The 
end system receives an advertisement sent by an agent (e.g snagen is i ire) he-* '' jl < 

hub via the access point. There are boih MAC-layer registration as well as network-layer registration io be accom- 
plished. These may be combined together tor efficiency. 

46 [0173] For end systems ai home (FIG. 23), ihe network layer registration (like a local registration) make's known to 
the home registration server the wireless hub to which the end system is currently attached. An IWF in the end system's 
home network will become the anchor or home IWF. Thus, PPP frames to and from the end system travel via ihe 
wireless hub to the home IWF in the home network. If the end system is at home, the home IWF is connecied to the 
wireless hub via an XTunnei protocol, 

50 [0174] For roaming wii-eless service (FIG. 24), the foreign registration server determines the identity of ihe home 
neworkc i i in n si r it phase. Using this information, the foreign registration server 

communicates with the home registration server to authen i 1 t e end system. The foreign registration 
server then assigns a serving IWF, and an !-XTunnel protocol connection is este 1 he i 5me IWF and 

the serving IWF for the roaming end system. The serving IWF relays frames beiwes no ihe home 

55 F. From 1 me IWF, data Is t 5 PPP s r (i e , point-to-point protocol server) which may reside in ihe 
same IWF. However, if the data is io go io a corporate intranet or an ISP's intranet thai has its own PPP server, ihe 
data is sent to the separate PPP server via the L2TP protocol. The separate server is typically owned and operated 
by an Inte i y* der who is different from the wireless service provider. For ihe duration of the session, the 



29 



EP 0 918 417 A2 



locations oi the home IWF and PPP server remain fixed. The MAC layer registration can be combined with the network 
registration to economize on the overhead of separate communications for MAC layer an j 

however, it may be advantageous to not combine these registration processes so that the VVSP's equipment will be 
interoperable with other wireless networks that supports pure IETF Mobile-IP, 

[0175] Registration sets up three rabies Table 1 is associated with each access point, and Table 1 identifies each 
connection (e.g., each end system) by a connection id (CID) and associates the connection Id with a particular wsreless 
(WM) modern address {i.e., the address of the end system or end system). Table 2 Is associated with each wireless 
hub ! VVH), and Table 2 associates each connection Id with a corresponding wireless modem address, access point 
and XTurtnel id (XiD). Table 3 is associated with each inter-working I h in 11 ■> i as each con- 

nection :d with a corresponding Wireless modem address, wireless hob address, XTunnel id and IP port (IP/port). The 
entries described for these tables are described to inr ^ 3« on y re r - I In |. -m t i c 

management, in reality, there are other important fields that need to be included as well. 

Table 1: 



WM1 
WM1 
WM2 



Co nectlo bi< ;t VVH 



WM1 
WM1 
WM2 
WM3 



AP1 
AP2 



C5 



VVM1 
WM2 
WM3 
VVM5 



VVH 2 



j IP/Port 
IP1/P1 



I IP4/P: 



[0176] The protocol stacks tor dial -up users at home in a network as well as roaming users are illustrated in FIGS. 
25-28. FIG. 25 depicts protocol stacks used for direct internet access by a fixed (i.e., non-moving) end system at home 
where a PPP p: 

message to and from an IP router and from there to the public internet. FIG. 26 depicts protocol stacks used for remote 
• ntranei access (i.e.. either private corporate nets or an ISP) by a fixed (i.e., non-moving) end system at home where 
1 or it- Dugh the home IWF (typically collocated with the wireless hub) to a PPP server 

of the private corporate Intranet or ISP. FIG. 27 depicts protocol stacks used for direct internet access by a roaming 

fixed (i.e., non-moving.) o jvmg ; i 1 t <-' 1 he home 

located in a mobile switching center of the home network) which relays message to and from an IP router. In FIG. 27, 
i a serv lg IWF to the 

home IWF. FIG. 28 depicts protocol stacks used for remote intranet access (i.e., either private corporate nets or an 
ISP) by a roaming but fixed (i.e., non-moving) or a moving end system where a PPP protocol message is relayed 
through the home IWF typi cated in a mobile switching center of the home network) to a PPP server of the 



30 



EP 0 918 417 A2 



private corporate intranet or ISP In FIG. 28, note how message traffic passes throu . > ic >»y collocated 

with the wire! : • • n < ddition "o the home iWF. When me serving iWF and the wireless hub are co-located in the 
same nest of computers or are even programmed into the same computer, it Is not neces , ; Sish a tunnel 
using the XTunnei protocol between the serving iWF and the wireless hub. 

s [0177] Equivalent variations to these protocol stacks {e.g. the RLP can be terminated at the wireless hub rather than 
at the sewing IWF or home SWF for mobiles at home) are also envisioned. If the !WF is located far from the wireless 
hub, and the packets can potentially be carried over a lossy iP network between the iWF and wireless hub, then it 
i - eferre j tern ethe *LP >col a he ireless tub \not erv ion eXtunne be een wireless 
hub and IWF need not be built on top of the UDP/IP. Xtunneis can be built using the Frame Relay/ATM Sink layer. 

to However, the use of UDP/IP makes it easier to move the wireless hub and IWF software from one network to another. 
[0178] Furthermore, the PPP protocol can be terminated in a wireless modem and sent to one or more endsystems 
via an ethernet connection. As illustrated in FIG. 29, the wireless modem 300 receives the PPP protocol information 
and encapsulates the PPP payioad in an ethernet frame to be transported to at least one of the end systems 304 and 
306 via the internet connection 302. 

is [0179] DiX ethernet can be used for encapsulating the XWD MAC primitives but the invention is not limited thereto. 
The ethernet frame format for XWD control frames is illustrated in Figure 30. The ethernet header contains a destination 
address, a source address and ' t ' " f i 1 < »n ! i - s 'ieid contains the ethernet address of 
the MAC entity to which the primative is being sent. For MAC primitives invoked by the MAC user, this field will contain 
the ethernet address of the MAC user. For broadcast primitives, this address will be the ethernet broadcast address. 

?o The source address field contains the ethernet address of the MAC entity invoking the primitive. The ethernet type 
field contains the ethernet type for XWD. Possible values are XWD Control for control frames and XWD Data for data 
frames. These values must be different from all the ethernet type values that have been stnadardized and must be 
registered wilt k e c v c x, authority. 

[0180] - - he - ethe eader field. The eac i e _ e d will only be 

25 present for XWD control frames. The fields are illustrated in FIG, 31. The ethernet frame also contains a protocol 
it r j i i! n k i t sing ethernet encapsulation are 

illustrated in Table 4 below. 



Primitive 
Name 


Destination 
Address 


Source 
Address 


Ethernet 
Type 


XWD MAC 
Primitive 


M_Discover.Req 


Broadcast or unicast MAC 
Providider 


MAC User 


XWD_Control 


0 


M_ Discover, Cnf 


MAC User 


MAC Provider 


XWD_Control 




M_Opensap.Req 


MAC Provider 


MAC User 


XWD_Control 


2 


M OpenSap.Cnf 


MAC User 


MAC Provider 


XWD.Control 


3 


M_.CloseSap.Req 


MAC Provider 


MAC User 


XWD Control 


4 


iv; CloseSap.Cnf 


MAC User 


MAC Provider 


XWD_Control 


5 


M EchoSap.Req 


MAC User 


MAC Provider 


XWD.Control 


6 


M__.EchoSap.Cnf 


MAC Provider 


MAC User 


XWD.Control 


7 


M_Connect.Req 


MAC Provider (modem 
only) 


MAC User (end system 


XWD_Control 


8 


M_Connect.lnd 


MAC User (wireless hub 
only) 


MAC Provider (AP only) 


XWD_Control 


9 


M Connect. Rsp 


MAC Provider {AP only) 


l\ v J ; a • , hub 

only) 


XWD__.Controi 


10 


M Connect. Cnf 


MAC User (end system 
only) 


MAC Provider {modem 
only) 


XWD.Control 


11 


M_Disconecf.Req 


MAC Provider 


MAC User 


XWD_Control 


12 



[0181] In another alternative, the PPP protocol can be terminated in a wireless router and then sent on to at least 
one end system connected to a local area network (LAM). As illustrated in FIG. 32, the wireless router 350 receives 
the PPP protocol information via the wireless modem 352. The router 354 receives the PPP information from the 



31 



EP 0 918 417 A2 



3t on to at least one of the end sys U 360 via a LAN link 362. 

[0182] Four types of handoff scenarios may occur, and they are labeled: (i) local mobility, (ii) micro mobility, <m i macro 
c it scenarios (in one emboo s zat on option 

is not considered so that the locations of the home registration server and the ISP's PPP server do not change. In 
5 >n, the ISP's PPP server may change. However, this aspect 

is discussed below, in addition, the locations of the foreign registration server and SWF do not change in the first three 
scenarios. 

[0183] The proposed IETF Mobile IP standard requires that whenever an end system changes the IP subnet to which 
it is attached, it sends a registration request message to a home agent In its home subnet. This message carries a 
to care-of address where the end system can be reached in the new subnet. When traffic is sent, tor example, from an 
P dn c i hi i u lii hi i^Li % . on 1 system as it arrives in the home 

subnet, arid then forwards the traffic to the care-of address. The care-of address identifies a particular foreign agent 
in the foreign subnet. An end system's foreign agent can reside in the end system itself, or m a separate node that m 
ii I f < , i x i iP handoffs involve exchange of control 

is messages between an end system's agent, the end system's home agent and potentially its corresponding hosts (CHs) 
(with route optimization option) 

[0184] The proposed IETF Mobile IP standard would find if difficult ; 0 meet the latency and scalability goals for all 
movements in a large internetwork. However, the present hierarchical mobility management meets such goals. For 
small movements (e.g. a change of Access Points), only MAC-layer re-registrations are needed. For larger movements, 

?o j rk < t | t i In t I n< i i jot is drerent from the fiat- 

t uu n c i II pi c F i II as the serving anchor in r orkinc 'unction model 

used in cellular st- i * b CDPD - "n a iCdaio sy..-'n"^i^': bv fhe t - Digital Packet Data forum). 
[0185] As depicted in FIG. 33, fhe local mobility handoff handles end system {designated MN for mobile node) move- 
ment between APs that belong to the same wireless hub. Thus, only MAC layer re-registration is required. The end 

25 system receives a Vviiele,. hot t < n in f n1 ; in -,t addressed to 

the new AP. 

[0186] The new AP (i.e., the one that receives the registration request from the end system) creates new entries in 
its connection table and relays the registration message to its wireless hub. in local mobility handoffs, the wireless hub 
does not change. The wireless hub recognizes the end system's registration request as a MAC level registration re- 
30 quest, and itupdafe if < » lo reflet theconm 3 3 the new AR Then, tin - .fhe connection 

entry from its connection table. There are at least three ways whereby the old AP can delete the old entries, namely 
(i) upon time out, (ii) upon receiving a copy of the relayed MAC layer association message from the new AP to the 
wireless hob (if this relay message is a broadcast message), and Cm) upon being informed by the wireless hub of the 
need to delete the entry. 

35 [0187] As depicted in FIG. 34, the micro mobility handoff handles end system (designated MN for mobile node) 
movement between wireless hubs that belong to the same registration server and where the end system can still be 
i t> WF When an adve iseme^t > xei cdfrcn a i a new AP), 

the end system sends a message o requc i tlon request is relayed 

from the new AP to the new wireless hub to the registration server. 

40 [0188] When the registration server determ ties - e existing IWF can still be used, the registration server sends 
a buiici X~unne R-^i 1 n - . ^ . - s mg IWF to build an XTunnel io the new wireless hub. Later, the 
iii f it i "■ ii jus i ' , ii ii f g IWF to tear down the existing 

XTunnel with the old wireless hub. The build and tear XTunnel Request messages can be comb d into o m < 
A foreign registration server ' f nit ?jf h< i f < r tinoe t^ere is 

45 no change of IWF, either the serving IWF or home IWF. 

[0139] Upon receiving a positive build XTunnel reply and a positive tear XTunnel reply from IWF, the registration 
server sends a registration reply to end system. As the registration reply reaches the new wireless hub, the connection 
table a; the new wireless hub is updated io reflect the connection to the new AP, The new AP updates its MAC filter 
address table and connection table after receiving a message from the new wireless hub, and the registration reply is 

so forwarded to the end system. 
[0190] 

; ge, It updates its connection table and the MAC filter address table and connection table of the old AR 
[0191] As depicted 1 FIG 55 the 'nac 3 r .3 ;e handles movement between wireless hobs that in- 

volves a change of fhe service I e gi network, but it does not involve a change in the registration server. 

55 When an advertisement is received from a new wireless hub (through a new AP), the end system sends a message 
to request a network layer registration io the registration server. The I - i€ m the new AP 

to the new wireless hub to the registration server. 

[01 92] The registration server recognizes that it is a foreign registration server when the end system does not belong 



32 



EP 0 918 417 A2 



totheprese 1 o>k This foreign registratior > 

tration server by using a requ<=>«* Radius Access request {RA request), to the foreign directory server (like 

a big yellow pages) and then assigns an appropriate SWF to be the serving iWF, and it forwards a registration request 
to the hor server, preferably through a Radius Access request (RA request), informing the home regis- 

5 tration server of the newly selected iWR 

[0193] The home registration server authenticates the registration request by using a request, preferably a Radius 
Access request (RA request), to the home directory server. Upon authenticating the request and determining that the 
existing home IWF can still be used, the home registration server instructs the home IWF to build a new i-XTunnel to 
the newly assigned serving IWF and to tear down the existing i-XTunne! to the old serving IWF. Upon receiving a 

'io positive build i-XTunnel reply and a positive tear i-XTunne! reply from the home IWF, the home registration server 
sends a registration reply to the foreign registration server 

r 0! K] r t (i I 5 i I t build an XTunnel to ihe new wireless 

hub. Upon receiving a positive build XTunnel reply, the foreign registration server instructs the old IWF to tear down 

the XTunnel to the o " ul in | . >Tunn< 3 t . \ Tunnel plj 

is the foreign registration server sends a registration reply to end system. 

[0195] As the registration reply rear!- e he new /ireies hut he connection tableat the new wireless hub is updated 
i < If in i t i t i [ i 1 1 n t ittei 

receiving a message from the new wireless hub, and the registration reply is forwarded to the end system. 

[0196] The registration server sends a reiease message to the old wireless hub. When the old wireless hub receives 
20 the reiease message, it updates its connection table and the MAC filter address table, and the old AP updates its MAC 

filter address table and cor.neoticn 1<k t i in i n i i t h 

[01S7j The global mobility handoff case handles movement between wireless hubs thai involves a change of regis- 
tration servers. FIG. 36 depicts a global mobility handoff where the home IWF does not change, and FIG. 37 depicts 
a global mobility handoff where the home IWF changes. When an advertisement is received from a new wireless hub 
?s hi -i < i oe to request a network layer registration 

to the new foreign registration server. The registration request is relayed from the new AP to the new wireless hub to 
the new foreign registration server. 

[0198] The registration server recognizes thai it is a new foreign registration server when the end system does not 
belong to the present registration server's network. This foreign registration server determines the identity of the home 
30 n i i i i hen dm !< i eiv 

(like a big yellow pages) and then assigns an appropriate IWF to be the serving IWF, and It forwards the registration 
request to the home egist so server, f bi> gh a Radius ess request (RA request), informing the home 
registration server of the newly selected IWF. 

[0199] The home registration server authenticates the registration request by using a request, preferably a Radius 
35 m p-. - t n r t f ii i i equest and determining that the 

existing home IWF can still be used (FIG. 36), the home registration server instructs the home IWF to build a new I- 
XTunnel to tin serving IWF ewly a igns ;y the new tor- i regi tlon s er. Th; v\m 3isi > ervei o 
sends a de-registration message to the old foreign registration server and instructs the home IWF to tear down the 
existing I-XTunnel to the existing serving IWF of the old foreign network. Upon receiving a positive build i-XTunnel 
40 reply and a positive tear !-XTunnel reply from the home IWF, the home registration server sends a registration reply to 
the new foreign registration server. 

[0200] The new foreign registration server then instructs ihe newly assigned IWF to build an XTunnel to the new 
wireless hut > * giving a positive build XTunnel reply, the foreign registration server sends a registration reply- 
to end system. As the registration reply reaches the new wireless hub, the cj . . • j h< . wiielejs hub 

45 is updated to reflect the connection 'he -9w T ■= "f,»A D oi t > ^ toi address table and connection 
table after receiving a message from the new wireless hub, and she registration reply is forwarded to the end system. 
[0201] The old foreign registration server instructs ihe aid fWF to tear down the XTunnel io the old wireless hub. 
Upon receiving a positive tear XTunnel reply or contemporaneously with the tear down XTunnel request, ihe old foreign 
registration server sends a release message to ihe old wireless hub. When the old wireless hub receives the release 

so message, it updates its connection table and the MAC filter address table, and the old AP updates its MAC filter address 
table and connection table after receiving a message from ihe old wireless hub. 

[0202] Alternatively, after ihe home registration server authenticates the registration request from the new foreign 
i ha the existing home IWF cannot be used (FiG. 37), ihe home registration server 

chooses a new home IWF and instructs the new home IWF to build a new level 2 tunneiprotocol tunnel (L2TP tunnel) 
55 to the present PPP server (e.g., the PPP server in a connected ISP intranet). Then, the home registration server 
instructs the old home IWF to transfer its L2TP tunnel traffic to the new home IWF. 

[0203] Then the home registration server instructs ihe new home iWF to build a new i-XTunnel to the serving IWF 
newly assigned by the new foreign registration server. The home registration server also sends a de-registration mes- 



33 



EP 0 918 417 A2 



r 6f and Instructs the home SWF to tear down the t^si ng l-XTun 
serving iWF of the oid foreign network. Upon receiving a positive build f-XTunnei reply and a positive tear l-XTunnel 
reply from the home IWF, the home registration server sends a registration reply to the new foreign registration server. 
[0204] The new foreign registration server then instructs the newly assigned IWF to build an XTunnei to the new 

s wireless hub. Upon receiving a positive build XTunnei reply, the foreign registration server sends a registration reply 
to end system. As the registration reply reaches the new wireless hub, the connection table at the new wireless hub 
;pd ©a to refte* the c onre c t v to the new AP. The new AP updates its MAC filter address table and connection 
table after receiving a message from the new wireless hub : and the registration reply Is forwarded to the end system. 
[0205] The old foreign registration server instructs the old IWF to tear down the XTunnei to the old wireless hub. 

to Upon receiving a positive tear XTunnei reply or contemporaneously with the fear down XTunnei request, the old foreign 
registration server sends a release message to the old wireless hub. When the oid wireless hub receives the release 
message, :i updates its connection table and the MAC filter address table, and the old AP updates its MAC filter address 
table and connection table after receiving a message from the old wireless hub. 

[0200] n i sy ei ; con ! cted accc ling 1< the pr< ;en; syslen inleropt ■ w h istworl cor slmcted according 
is to the proposed IETF Mobile-IP standards, and end systems constructed according to the proposed IETF Mobile-IP 
standards interoperate with networks constructed according to the present invention. 
[0207] f i he IETF Mobile-IP (RFCi t i 

(i) The present systemists a hierarchica concept fc it i i i f in l 
?o proposed IETF Mobile-IP standard. Small mobility within a small area does not result in a network level registration. 

< ) i ..I m mi mi n I i > I b il n c y < t tin 

minimum, involves setting up of a new l-XTunnel and tearing down of an existing !-Xtunnel apart from the setting 
up/tearing down of XTunnei. Glob? i n t i I i in i anew 2TP Tunnel and transferring 

of L2TP state from the existing L2TP Tunnel to the new L2TP Tunnel. 

25 

(ii) in the present invention, a user name plus a realm is used to identify a remote dial-u| s« i« the n a fixed 
home address as in the case of the proposed IETF Mobile-IP standard. 

(iii) In the present invention, registration and routing functions are carried out by separate entities. The two functions 
30 are carried out by the home agent in the proposed IETF Mobile IP standard, and both functions are carried out by 

the foreign agent in the proposed I EFT Mobile IP standard. In contrast, in an embodiment of the present invention, 
registration is carried out in the registration server and routing functions are carried out by both the home and 
i ! ilso referred to as tin cess hub). 

35 (iv) The presen (em utilises per PPP session, 1 loreol I er tunnel betwee 

the wireless hub and the serving IWF. The l-XTunnel between the serving IWF and the home IWF is more like the 
tunnel between home and foreign agents in the proposed ifv.TF Mobile-IP standard. But it also has additional 
capabilities beyond the tunnels proposed by the Mobile-IP standard. The L2TP tunnel is used only when home 
IWF is not a PPP server. The number of these tunnels may be reduced by combining some functions in the same 

40 nodes as described earlier. 

(v) In the present invention, wireless registration occurs before PPP session starts while in the proposed IETF 
Mobile-IP standard, Mobile-IP registration occurs after PPP session enters info the open state. 

46 (vi) in the present invention, the network entity that advertises the agent advertisement (i.e., tne wireless hub) is 

not on a direct link lo the end systems whereas for the proposed IETF Mobile-IP standard, the agent advertisement 
must have a TTL of 1 which means that the end systems have a direct link with the foreign agent. In addition, the 
agent advertisement in the present systems not an extension to the ICMP router ad .« • s en er tsat in the proposed 
IETF Mobile-IP standard. 

50 

[0208] End systems in the present invention, should support agent solicitation. When an end system m the present 
system visits a network which is supporting the proposed IETF Mobile-IP standard, it waits until it hears an agent 
l i I j— ^ jt iec- e y -ot- 1 -"1^ "h i 1 age t 

solicitation. 

55 o-'G'-s] 1 in i < ik is it bother networks that s j the proposed IETF 

Mobile-IP standard such that home addresses can be assigned to the end systems of the present system that wish to 
use other networks. When the end system of the present system receives the agent advertisement, It can determine 
that the network it is visiting is not an a network according to the present system and hence ises the a jssgned home 



34 



EP 0 918 417 A2 



address to register. 

[0210] For networks supporting the proposed IETF Mobile-IP standard, the PPP session starts before Mobile-IP 
FFF " ei 5 assumed to be collocated with the foreign agent in such networks, in one embod- 
iment, an SNAP header is used :o encapsulate PPP frames in the MAC frames of the present sysiemfin a manner 
similar to Ethernet format), and the foreign agent interprets this format as a proprietary PPP format over Ethernet 
encapsulation. Thus, ihe end system of the present system and its PPP peer can enter into an open state before ihe 
foreign agent start ransi ig an iradv i n t id Ihr i /; i of tin present system can register. 
[0211] To allow end systems supporting the proposed IETF Mobile-IP standard to work in networks of the type of ihe 
present invention, such mobiles are at least capable of performing similar MAC layer registrations. By making the agent 
advertisement message format similar to the proposed Mobile-IP standard ag« I ; it ormat, a 

visiting end system can interpret the agent advertisement and register with a wireless hub. in the present invention, 
registration request and reply -ne - >n - . • e proposed !E~ r Mcbile-fP{tar»:la>c< legislation request and 
reply messages (without any unnecessary extensions) so that the rest of the mobility management features of the 
present system are transparent to the visiting end systems. 

[0212] Since end systems supporting the proposed IETF Mobile-IP standard expect a PPP session io start before 

c rpret PPP LCP, NCP 

packets after ivIAChayer registrations. 

i i f handof <=> iron ty management of the present systemists the make before 

break concept. For local mobility, a make before break connection is achieved by turning the MAC v*» egistration 
message relayed by the new AP to the wireless hub into a broadcast message. That way, the old AP can hear about 
hi new registration and forward packers destined t t end system t have not been transmitted to the new A P. 
[0214] For micro mobility, information about the new wireless hub is included in the Tear XTunnel message exchanged 
between the serving IWF and the old WH. That way, the old wireless hub can forward buffered packets to the new 
wireless hub upon hearing a TearXTunnel message from the serving IWF. Alternatively, ihe RLP layer at ihe IWF knows 
ihe sequence number that has been ack " j- .\--.\ O'-dJ,, ■ mL ^ or 

[0215] At the same time, the IWF knows the current send sequence number of the latest packet sent to the old 
wireless hub Therefore, the IWF can forward those packets thai are ordered In between these two numbers to ihe new 
wireless hub before sending newer packets to the new wireless hub. The RLP layer is assumed io be able to filter 
duplicate packet. The second approach is probably preferable io ihe first approach for the old wireless hub may not 
be able to communicate with one another directly. 

[0216] For macro mobility, the old serving IWF can forward packets io the new serving IWF, in addition to the packet 
forwarding done from the old wireless hub !o the new we is to for lew serving IWF 

Identity to the new serving IWF in the tear down i-XTunnel message. Another way to achieve the same result is to let 
the home IWF toward the missing packets to the new serving IWF rather than asking ihe old serving IWF to do the 
job since the home IWF knows the I-XTunnel sequence number last acknowledged by the old serving IWF and the 
current I-XTunnel sequence number sent by the home IWF. 

[0217] li I n lit edper lobili pc r AP per wireless hub per IWF 

such that the traffic loss between handoffs can be minimized is to let the end system for ihe AP for the wireless hub 
for the IWFestimat k il t mdt eh ff time. This 'ferric ion passed to f ( old AP >f th< 

hub of the iWh to determine how much traffic should be transferred to ihe new AP of ihe wireless hub of the IWF, 
respectively, upon handoffs. 

[0218] f ti f i i it nn the end system oh erclo t 

serving IWF. Without route optimization, excessive transport delays and physical line usage may be experienced. 
[0219] For example, an end system subscribed to a home network m New York City may roam to Hong Kong. To 
establish a link to a Hong Kong ISP, the e> ■i^n' w old iav a serv-n t 'Mud ■ a wireless hub in Hong 
Kong and a home IWF established in the home network in New York City A rr tin < om hi 

end system (roamed to Hong Kong) through the serving IWF (in He U i lit- i - i " f -> New York 

City) and back to the Hong Kong ISP 

[0220] A preferred approach is to connect from the serving IWF (In Hong Kong) directly to the Hong Kong ISP. The 
serving IWF acts like the home IWF. in this embodiment, roaming agreements exist between the home and foreign 
wireless providers, in addition, the various accounting/billing systems communicate with one another automatically 
such o | n -i i,c|nmi w N in- m i hilliin i r \ k i u 

ards such as the standard proposed by the ROAMOPS working group of the IETF. 

[0221] However, the serving IWF must still discover the closest PPP server (e.g., the Hong Kong ISP), in the present 
i it reign r< t server learns of the end system's desire to connect to a PPP server (e.g., a Hong 
Kong ISP) w hen it rec s v om the end system. When ihe foreign re & determines 

that the serving IWF ; oser tc > de; ired PPP server (e.g., the Hong Kong ISP) than ihe home IWF is, the foreign 
i er ms 5 ihe sei r g IWF to establish an L2TP tunnel to its nearest PPP server (in contrast io the 



35 



EP 0 918 417 A2 



PPP server closest to the home registration server and home iWF). Then, th< > > 

home regis I served by the serving iWF and the foreign PPP. 

[0222] in an altema I alon server determines thai the serving iWF is closer to the 

desired PPP server (e.g., the Hong Kong ISP) than the home iWF is, when quest from the 

s end system. The foreign registration server relays trie registration request message to the home registration server 
with an attached message indicating the serving IWF information and a notification that route optimization is preferred. 

>» ii ' f < t ion server instructs the serving IWF to establish an L2TP tunnel to the PPP 

server. Upon approving the registration request, the home egistratlo erve instructs « n°! ot 
L2TP state to the foreign IWF. 

10 [0223] Having described preferred embodiments of a novel network architecture with wireless end users abie to 
roam (which are intended to be iiiustrative and not limiting), it Is noted that rr, ,j — variations can be made 
>< < in t f hiu it i i 1 1 i i nakt 

reference to known connection protocols (e.g., IP, TCP/IP, L2TP, IEEE 802.3, etc); however, the system contemplates 
)ther . pi in In i nn < i n link hat pi le o ilar data ei > ties Act r 3 

is agents in the above described embodiments may be in the form of software controlled processors or may be other 
form of controls (e.g.. programmable logic arrays, etc.) Acting agent:; may be grouped as described above or grouped 
otherwise in keeping with the connection teaching t ut p< 1 tin 1 m 

ings as described herein. Furthermore, a single access point, aces* 1 ml q function 

unit (IWF unit) may provide multi-channel capability. Thus, a single access point or access hub or IWF unit may act on 

so traffic from multiple end systems, and what is described herein as separate access points, access hubs or IWF units 
contemplates equivalence with a single multichannel access point access hub or IWF unit. It is therefore to be under- 
stood that changes may be made in the particular embodiments of the system disclosed which are within the scope 
and spirit of the systems defined by Ihe appended claims. 

[0224] Having thus described the system with the details and particularity required by ihe patent laws, what Is claimed 
?s and desired protected by Letters Patent is set forth in the appended claims. 



Claims 

30 1 . A coupled data network comprising: 

a foreign network that includes a foreign base station with a foreign access hub, the foreign access hub in- 
cluding a first serving inter-working function; 
a home network with a firs; home inter-working function; and 
35 a first mobile end system subscribed to the home network and operating within the foreign network, a first 

message being transportable between the first mobile end system and a firs; communications server through 
Ik it in i in I t t i t f the for < < c s 

hub in the foreign base station. 

40 2, The network of claim 1 . wherein the first message is transportable from the first mobile end system through the 
firs! h in -tei \ - ^ ) ^ I m - unn >^ ^ 

3. The network of claim 1 , wherein the first mobile end system includes a wireless modem coupleable to the foreign 
access hub. 

4. A data network coupled to a foreign network that includes a foreign base station with a foreign access hub, the 
foreign access hub Including a first serving inter-working function, the wireless data network comprising: a home 
network W'ih j u< 1 < in -> » in 1 t t 1 1 1 n < > 'he ho- k network 
and operating within ihe foreign network, ais 1 k -een the first mobile end system 

so and a first communications server through the first home into v-. N inc ictionandt rough ihe first serving inter- 

working function of the foreign access hub in the foreign base station. 

5. The network of claim 4. wherein the first message is transportable from the first mot 1 thrc ugh ihe 
first home inter-working function to the first communications server. 

55 

6. The net k Df clain 4 wherein the home network includes a home mobile switching center, the first home Inter- 
working function being included in ihe home mobile switching center. 



36 



EP 0 918 417 A2 



7. A mobile end system for ^se ^ac 

with a foreign access hub, the foreign access hub including a first serving inter-working function, and a home 
network with a first home inter-working function, comprising: 

means for connecting the mobile end system to said foreign network: and 

said first mobile end system subscribed to the home network and operating within the foreign network, a first 
message being transportable between the first mobile end system and a first communications server through 
the first home inter-working function and through the first serving inter-working function of the foreign access 
hub in the foreign base station. 

8. A mobile end system according to claim 7, wherein said mobile end system is connected to said foreign network 
by a modem. 

9. A mobile end system according to claim 7, whs > bil< s - ;nnec;< j >resgn network 
by a wireless modem. 

10. A home network for use in a data network coupled to a foreign network, that includes a foreign base stetson with 
a foreign access hub, the foreign access hub including e ir i / ] t I 1 mobile end system 

- I hf- i 1 v rk anc i c thin the foreign network, comprising: 

a home switching center; 

a first home inter-working function being included in said home mobile switching center; and 
wherein a first message is transported between ;he first mobile end system and a first communications server 
through the 1 s ne mter-w king t ugh e first se c ei ork function of the foreign 

access hub in the foreign base station. 

11. The network of claim 10, wherein the first home "tei , function ncludes a home accounting collection 
module to collect accounting date on message traffic transported through the first home inter-working function. 

12. The network of claim 11, wherein: 

the home network mrlher includes, a home ■> hils , - < 1 tin 11 -rani en -t 

the home accounting collection module includes a sub-module to pes odicaiiy set i io .rairara leports to a 
home accounting server. 

13. The network of claim 12, -wherein: 

the home network further includes a home billing processor; and 

the home accounting server includes a module to send accounting reports to the home billing processor, the 
home billing processor including a module to prepare customer bills based on the accounting reports from the 
home accounting server. 



EP 0 918 417 A2 




EP 0 918 417 A2 




EP 0 918 417 A2 




EP 0 918 417 A2 




41 



EP 0 918 417 A2 




EP 0 918 417 A2 




/ £n<t \ 
System 
Access 



EP 0 918 417 A2 





MAC 


MAO 


PHY 


pm 



m. 7 



80Z3to 

J2W 





MAC 




Trunk 
PHY 


PHY 



Trunk To 





Try ok 


Xtunna! 




Trunk 
Radio 







Station 



Fit. 



EP 0 918 417 A2 




EP 0 918 417 A2 




EP 0 918 417 A2 




EP 0 918 417 A2 




EP 0 918 417 A2 




EP 0 918 417 A2 




EP 0 918 417 A2 




EP 0 918 417 A2 




EP 0 918 417 A2 




EP 0 918 417 A2 




EP 0 918 417 A2 




EP 0 918 417 A2 




EP 0 918 417 A2 




82 



EP 0 918 417 A2 









r» 


r> 

ST 
-< 




On, 

It 


I 




II 

m f* 


m 
p 




Sst' 


% V 
I 




83 



EP 0 918 417 A2 




84 



EP 0 918 417 A2 



m 4P 

WH 



"*Agt Adv 

Local Handoff 



MAC Reg 
Agt Adv 



EP 0 918 417 A2 




EP 0 918 417 A2 



FKr. ^ 




EP 0 918 417 A2 




EP 0 918 417 A2