[go: up one dir, main page]

CN101582884B - System and method for 3G data packet reorganization based on FPGA - Google Patents

System and method for 3G data packet reorganization based on FPGA Download PDF

Info

Publication number
CN101582884B
CN101582884B CN2009100331427A CN200910033142A CN101582884B CN 101582884 B CN101582884 B CN 101582884B CN 2009100331427 A CN2009100331427 A CN 2009100331427A CN 200910033142 A CN200910033142 A CN 200910033142A CN 101582884 B CN101582884 B CN 101582884B
Authority
CN
China
Prior art keywords
imsi
module
type
user
packet
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
CN2009100331427A
Other languages
Chinese (zh)
Other versions
CN101582884A (en
Inventor
黄杰
秦中元
孙婷婷
张晓晓
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Southeast University
Original Assignee
Southeast University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Southeast University filed Critical Southeast University
Priority to CN2009100331427A priority Critical patent/CN101582884B/en
Publication of CN101582884A publication Critical patent/CN101582884A/en
Application granted granted Critical
Publication of CN101582884B publication Critical patent/CN101582884B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Landscapes

  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

本发明公布了一种基于FPGA的3G数据包重组系统及方法。本发明所述系统包括EMAC核模块和用户接口模块,其中用户接口模块包括:消息类型处理模块、HASH模块、IMSI存储模块、读写控制模块、IMSI插入模块、IMSI非空判断模块。本发明所述方法根据SGSN和GGSN之间的控制信令协议GTP-C提取出用户身份信息IMSI,然后根据TEID-CP、TEID-DII存储IMSI信息,并将用户上下线状态信息与用户身份信息绑定传输到后端处理;并且将用户数据协议GTP-U中的数据包根据头部的TEID-DII查找IMSI,将用户数据与IMSI绑定重组数据包,并且将不同用户数据包根据应用层不同协议类型发往后端处理。本发明提高了整体监管系统的效率,速度迅速。

Figure 200910033142

The invention discloses an FPGA-based 3G data packet recombination system and method. The system of the present invention includes an EMAC core module and a user interface module, wherein the user interface module includes: a message type processing module, a HASH module, an IMSI storage module, a read-write control module, an IMSI insertion module, and an IMSI non-null judgment module. The method of the present invention extracts the user identity information IMSI according to the control signaling protocol GTP-C between the SGSN and the GGSN, then stores the IMSI information according to the TEID-CP and TEID-DII, and combines the user's online and offline state information with the user identity information Bind and transmit to the back-end processing; and search the IMSI for the data packets in the user data protocol GTP-U according to the TEID-DII of the header, bind the user data and the IMSI to reassemble the data packets, and combine different user data packets according to the application layer Different protocol types are sent to the backend for processing. The invention improves the efficiency of the overall supervision system, and the speed is fast.

Figure 200910033142

Description

基于FPGA的3G数据包重组系统及方法3G data packet reassembly system and method based on FPGA

技术领域 technical field

发明涉及一种基于FPGA的3G数据包重组系统及方法,属于TD-SCDMA网络安全领域的数据重组系统及方法。The invention relates to an FPGA-based 3G data packet recombination system and method, and belongs to the data recombination system and method in the field of TD-SCDMA network security.

背景技术 Background technique

3G移动通信技术主要包括3大标准体系:中国的TD-SCDMA标准,欧日的WCDMA标准和美国的CDMA2000标准。TD-SCDMA标准和WCDMA标准承接了GSM的原有核心网结构,它们数据包统一封装在GTP协议中,因此如果获取所有的GTP协议,可以监控所有的移动用户的核心网数据信息。GTP协议分为GTP-C,GTP-U两种协议,其中GTP-C为用户信令协议,部分信令协议中含有国际移动用户识别号(IMSI)。GTP-U封装的是用户数据信息,不含有标志用户身份的IMSI,无法将用户数据与用户信息统一起来。但是在监控系统中需要用户身份和用户状态和用户数据的统一。因此数据采集过程中需要通过GTP-C和GTP-U之间的联系枢纽TEID(隧道标志号)将3G核心网数据包重新组合。3G mobile communication technology mainly includes three standard systems: TD-SCDMA standard in China, WCDMA standard in Europe and Japan and CDMA2000 standard in the United States. The TD-SCDMA standard and WCDMA standard have inherited the original core network structure of GSM, and their data packets are uniformly encapsulated in the GTP protocol. Therefore, if all the GTP protocols are obtained, the core network data information of all mobile users can be monitored. The GTP protocol is divided into GTP-C and GTP-U. Among them, GTP-C is a user signaling protocol, and some signaling protocols include the International Mobile Subscriber Identity (IMSI). GTP-U encapsulates user data information, does not contain the IMSI that marks the user identity, and cannot unify user data and user information. However, in the monitoring system, the unity of user identity, user status and user data is required. Therefore, during the data collection process, the 3G core network data packets need to be reassembled through the connection hub TEID (tunnel identification number) between GTP-C and GTP-U.

目前对于用户身份信息及用户状态和用户数据的绑定与重组通常放在软件平台上实现。但是由于对于大量用户的监管,需要对大量用户身份信息(IMSI)动态的存取,软件上常采用数据结构中的树表实现,根据测试显示软件实现用户数据与用户身份的绑定,处理速度仅能达到150Mbps。而3G移动通信的通信速率往往高达1Gbps,用软件处理数据用户身份与用户数据的绑定,达不到实时的目。At present, the binding and reorganization of user identity information, user status, and user data are usually implemented on a software platform. However, due to the supervision of a large number of users, it is necessary to dynamically access a large number of user identity information (IMSI). The software often uses a tree table in the data structure to implement. According to the test, the software realizes the binding of user data and user identity, and the processing speed It can only reach 150Mbps. However, the communication rate of 3G mobile communication is often as high as 1Gbps, and the use of software to process the binding of data user identity and user data cannot achieve the real-time purpose.

发明内容 Contents of the invention

本发明所要解决的技术问题是针对现有技术存在的缺陷提供一种基于FPGA的3G数据包重组系统及方法。The technical problem to be solved by the present invention is to provide an FPGA-based 3G data packet recombination system and method for the defects in the prior art.

本发明为实现上述目的,采用如下技术方案:In order to achieve the above object, the present invention adopts the following technical solutions:

本发明基于FPGA的3G数据包重组系统,其特征在于包括EMAC核模块和用户接口模块,其中用户接口模块包括:消息类型处理模块、HASH模块、IMSI存储模块、读写控制模块、IMSI插入模块、IMSI非空判断模块,消息类型处理模块的输出端依次串接HASH模块、读写控制模块、IMSI插入模块、IMSI非空判断模块,消息类型处理模块的输出端接IMSI插入模块的输入端,HASH模块的输出端接IMSI存储模块的输入端,IMSI存储模块与读写控制模块双向连接,消息类型处理模块的输入端接EMAC核模块的输出端,IMSI非空判断模块的输出端接EMAC核模块的输入端。The FPGA-based 3G data packet reassembly system of the present invention is characterized in that it includes an EMAC core module and a user interface module, wherein the user interface module includes: a message type processing module, a HASH module, an IMSI storage module, a read-write control module, an IMSI insertion module, The IMSI non-empty judging module, the output of the message type processing module is connected in series with the HASH module, the read-write control module, the IMSI plug-in module, and the IMSI non-empty judging module, the output of the message type processing module is connected to the input of the IMSI plug-in module, HASH The output terminal of the module is connected to the input terminal of the IMSI storage module, the IMSI storage module is bidirectionally connected to the read-write control module, the input terminal of the message type processing module is connected to the output terminal of the EMAC core module, and the output terminal of the IMSI non-empty judgment module is connected to the EMAC core module input terminal.

所述的基于FPGA的3G数据包重组系统的重组方法,其特征在于包括如下步骤:The recombination method of the described 3G packet recombination system based on FPGA is characterized in that comprising the steps:

步骤(1):采用EMAC软核模块的接收客户端接口接收网关节点GGSN和支持节点SGSN的链路上的所有3G数据包;Step (1): adopt the receiving client interface of the EMAC soft core module to receive all 3G packets on the link of the gateway node GGSN and the support node SGSN;

步骤(2):将步骤(1)所述的3G数据包经过消息类型处理模块判断得到网关节点GGSN与支持节点SGSN的协议类型:Step (2): the 3G data packet described in the step (1) is judged to obtain the protocol type of the gateway node GGSN and the support node SGSN through the message type processing module:

当网关节点GGSN与支持节点SGSN的协议类型为控制信令协议GTP-C,则插入标志位0;When the protocol type between the gateway node GGSN and the support node SGSN is the control signaling protocol GTP-C, the flag bit 0 is inserted;

当网关节点GGSN与支持节点SGSN的协议类型为用户数据协议GTP-U,则插入标志位1;When the protocol type between the gateway node GGSN and the support node SGSN is the user data protocol GTP-U, insert flag 1;

步骤(3):将步骤(2)所述的控制信令协议GTP-C和用户数据协议GTP-U的数据包经过HASH模块得到存取IMSI的地址;Step (3): the data packet of the control signaling protocol GTP-C and the user data protocol GTP-U described in the step (2) is obtained through the HASH module to access the address of the IMSI;

步骤(4):将步骤(3)所述存取IMSI的地址经过读写控制模块对IMSI信息进行读或者写:Step (4): The address of accessing the IMSI described in step (3) is read or written to the IMSI information through the read-write control module:

a)当为控制信令协议GTP-C类型的数据包,则判断控制信令协议GTP-C头部的消息类型:①当控制信令协议GTP-C头部的消息类型是建立请求信息,则将IMSI存储进步骤(3)所述存取IMSI的地址;②当控制信令协议GTP-C头部的消息类型是建立请求响应信息,则将控制信令协议GTP-C类型的数据包头部的TEID-CP经过HASH模块得到取IMSI新地址得到IMSI,并将控制信令协议GTP-C类型的数据包上行TEID-DII经过HASH模块得到存IMSI新的地址,将IMSI存储进存IMSI新的地址内;③当控制信令协议GTP-C头部的消息类型是下线响应信息,则将控制信令协议GTP-C类型的数据包头部的TEID-CP经过HASH模块得到取IMSI新地址得到IMSI;a) When it is a data packet of the control signaling protocol GTP-C type, then judge the message type of the control signaling protocol GTP-C header: 1. when the message type of the control signaling protocol GTP-C header is establishment request information, Then store the IMSI into the address of the described access IMSI in step (3); 2. when the message type of the control signaling protocol GTP-C header is to set up request response information, then the data packet header of the control signaling protocol GTP-C type The internal TEID-CP obtains the IMSI new address through the HASH module to obtain the IMSI, and sends the control signaling protocol GTP-C type data packet to the upstream TEID-DII through the HASH module to obtain the IMSI new address, and stores the IMSI into the IMSI new address. ③ When the message type of the control signaling protocol GTP-C header is offline response information, the TEID-CP in the header of the data packet of the control signaling protocol GTP-C type is obtained through the HASH module to obtain the new address of the IMSI get IMSI;

b)当为用户数据协议GTP-U类型的数据包,则将用户数据协议GTP-U类型的数据包头部的TEID-DII经过HASH模块得到取IMSI新地址得到IMSI;b) When it is a data packet of the user data protocol GTP-U type, the TEID-DII of the data packet header of the user data protocol GTP-U type is obtained through the HASH module to obtain the IMSI new address to obtain the IMSI;

步骤(5):将步骤(4)中读出的IMSI信息经过IMSI插入模块插入到用户数据包和用户上下线响应信息中去得到重组数据包;Step (5): Insert the IMSI information read out in step (4) into the user data packet and the user log-off and offline response information through the IMSI insertion module to obtain the reassembled data packet;

步骤(6):将步骤(5)所述的重组数据经过IMSI非空判断模块:当重组数据包中IMSI部分为零,则将该重组数据包发往指定主机作为异常包处理;当重组数据包中IMSI部分不全为零,则重组的数据包作为新的数据负载输入到TCP/IP协议栈中去,最后通过EMAC核模块的发送客户端输出。Step (6): pass the reorganized data described in step (5) through the IMSI non-null judgment module: when the IMSI part in the reassembled data packet is zero, the reassembled data packet is sent to the designated host as an abnormal packet for processing; If the IMSI part in the packet is not all zero, the reassembled data packet is input into the TCP/IP protocol stack as a new data load, and finally output through the sending client of the EMAC core module.

本发明提供了一种基于FPGA的TD-SCDMA的数据包重组系统及方法。TD-SCDMA的核心网因为汇聚了多个基站传来的分组数据,大量的流量数据会极大的加重数据包重组的难度。基于FPGA的TD-SCDMA的数据包重组方法利用了FPGA的快速处理能力,根据SGSN和GGSN之间的控制信令协议GTP-C提取出用户身份信息IMSI,然后根据TEID-CP、TEID-DII存储IMSI信息,并将用户上下线状态信息与用户身份信息绑定传输到后端处理;并且将用户数据协议GTP-U中的数据包根据头部的TEID-DII查找IMSI,将用户数据与IMSI绑定重组数据包,并且将不同用户数据包根据应用层不同协议类型发往后端处理。这种重组方法有效的提高了整体监管系统的效率,有利于对后端的负载均衡。The invention provides an FPGA-based TD-SCDMA data packet recombination system and method. Since the core network of TD-SCDMA aggregates packet data from multiple base stations, a large amount of traffic data will greatly increase the difficulty of data packet reassembly. The FPGA-based TD-SCDMA data packet reassembly method utilizes the fast processing capability of the FPGA, extracts the user identity information IMSI according to the control signaling protocol GTP-C between the SGSN and the GGSN, and then stores it according to the TEID-CP and TEID-DII IMSI information, and the user's online and offline status information and user identity information are bound and transmitted to the backend for processing; and the data packet in the user data protocol GTP-U is searched for the IMSI according to the TEID-DII in the header, and the user data is bound to the IMSI Customize and reassemble data packets, and send different user data packets to the backend for processing according to different protocol types at the application layer. This reorganization method effectively improves the efficiency of the overall supervision system and is beneficial to the load balancing of the backend.

本发明采用FPGA硬件编程实现,由于硬件处理的高速性,最高速度可达1.6Gbps,可以满足对3G监管数据处理的需求。The invention adopts FPGA hardware programming to realize, and due to the high speed of hardware processing, the highest speed can reach 1.6Gbps, which can meet the demand for 3G supervision data processing.

附图说明 Description of drawings

图1是TD-SCDMA核心网分组域结构示意图;Fig. 1 is a schematic diagram of the packet domain structure of the TD-SCDMA core network;

图2是Gn接口协议栈模型;Fig. 2 is the Gn interface protocol stack model;

图3是TEID工作原理示意图;Figure 3 is a schematic diagram of the working principle of TEID;

图4是Virtex5 EMAC核模块示意图,Figure 4 is a schematic diagram of the Virtex5 EMAC core module,

图5是基于FPGA的数据包重组结构示意图;Fig. 5 is a schematic diagram of a data packet reorganization structure based on FPGA;

图6是基于FPGA的数据包重组流程图Figure 6 is a flow chart of FPGA-based packet reassembly

图7是用户接口模块结构示意图。Fig. 7 is a schematic structural diagram of the user interface module.

具体实施方式 Detailed ways

下面结合附图对发明的技术方案进行详细说明:Below in conjunction with accompanying drawing, the technical scheme of invention is described in detail:

本发明所使用的系统在TD-SCDMA分组域网络中的位置如图1所示。The position of the system used in the present invention in the TD-SCDMA packet domain network is shown in FIG. 1 .

就本系统而言,我们考虑的设备和通讯链路是SGSN和GGSN设备以及两者之间的通信链路。As far as this system is concerned, the devices and communication links we consider are the SGSN and GGSN devices and the communication links between them.

GPRS服务支持节点(SGSN)的主要作用是记录移动台的当前位置信息,并且在移动台和GGSN之间完成移动分组数据的发送和接收。同时SGSN作为GPRS/WCDMA核心网分组域设备重要组成部分,完成分组数据包的路由转发,移动性管理,会话管理,逻辑链路管理,鉴权和加密,话单产生和输出等功能。GRPS网关节点(GGSN)主要是起网关作用,可以把核心网中的GPRS分组数据包进行协议转换,从而可以把这些分组数据包传送到远端的TCP/IP或X.25网络。它可以和多种不同的数据网络连接。The main role of the GPRS Serving Support Node (SGSN) is to record the current location information of the mobile station, and complete the sending and receiving of mobile packet data between the mobile station and the GGSN. At the same time, as an important part of the GPRS/WCDMA core network packet domain equipment, SGSN completes the routing and forwarding of packet data packets, mobility management, session management, logical link management, authentication and encryption, bill generation and output and other functions. The GRPS gateway node (GGSN) mainly acts as a gateway, which can convert the GPRS packet data packets in the core network, so that these packet data packets can be transmitted to the remote TCP/IP or X.25 network. It can be connected to many different data networks.

另外SGSN和GGSN之间的接口是Gn/Gp接口,其中Gn用来描述SGSN和同一PLMN的GGSN接口,Gp用来描述SGSN和不同PLMN的GGSN接口。Gn/Gp接口协议栈如图2所示。GTP协议基于3G核心网的Gn/Gp接口之间,负责SGSN和GGSN之间数据和信令的传输。In addition, the interface between SGSN and GGSN is Gn/Gp interface, where Gn is used to describe the interface between SGSN and GGSN of the same PLMN, and Gp is used to describe the interface between SGSN and GGSN of different PLMNs. The Gn/Gp interface protocol stack is shown in Figure 2. The GTP protocol is based on the Gn/Gp interface of the 3G core network and is responsible for the transmission of data and signaling between the SGSN and the GGSN.

GTP协议分为控制信令协议(GTP-C)、用户数据协议(GTP-U)、和计费协议(GTP’)我们这里进行的GTP协议分析主要指GTP-C、GTP-U。如果要实现网络监管,用户数据和用户身份信息是两个必不可少的方面,而GTP协议中并不是所有的信息中都含有用户身份IMSI信息。其中用户第一次上线请求信息(Create PDP Request)中包含用户身份IMSI(国际移动用户识别码)信息。为了达到用户数据以及用户上下线信息与用户身份的绑定,需要通过分析GTP协议将3G核心网数据包重组。在这里所提到的数据重组与普通意义上的IP分片的重组有着很大的区别,这里的重组,是从上线请求信令中提取标志用户身份的IMSI信息并存储,然后将IMSI信息插入到用户上下线响应信息和用户数据包中,从而得到一种包含用户身份信息的数据包,发往后台处理。The GTP protocol is divided into control signaling protocol (GTP-C), user data protocol (GTP-U), and billing protocol (GTP’). The GTP protocol analysis here mainly refers to GTP-C and GTP-U. If network supervision is to be implemented, user data and user identity information are two essential aspects, but not all information in the GTP protocol contains user identity IMSI information. Among them, the user's first online request information (Create PDP Request) includes user identity IMSI (International Mobile Subscriber Identity) information. In order to achieve the binding of user data, user log-off and offline information, and user identity, it is necessary to reassemble the 3G core network data packets by analyzing the GTP protocol. The data reorganization mentioned here is very different from the reorganization of IP fragments in the ordinary sense. The reorganization here is to extract and store the IMSI information that marks the user identity from the online request signaling, and then insert the IMSI information into the Into the user's online and offline response information and user data packet, so as to obtain a data packet containing user identity information, and send it to the background for processing.

GTP协议中关联用户控制信令和用户数据的唯一元素是TEID。核心网中上行(SGSN至GGSN方向)链路和下行(GGSN至SGSN方向)链路使用不同的TEID,并且用户数据信息和控制信令使用不同的TEID,所以一个用户在整个会话过程中用到四个TEID,现在分别定义如下:TEID_UP_C(上行控制信令使用)、TEID_UP_U(上行用户数据信息使用)、TEID_DOWN_C(下行控制信令使用)、TEID_DOWN_U(下行用户数据信息使用)。TEID的具体工作原理如图3所示。在获取数据的处理过程中,需要用到TEID_DOWN_C、TEID_DOWN_U和TEID_UP_U三个TEID计算地址,存取IMSI信息。The only element in the GTP protocol that associates user control signaling with user data is the TEID. The uplink (SGSN to GGSN direction) link and downlink (GGSN to SGSN direction) link in the core network use different TEIDs, and user data information and control signaling use different TEIDs, so a user uses TEIDs during the entire session. The four TEIDs are defined as follows: TEID_UP_C (used for uplink control signaling), TEID_UP_U (used for uplink user data information), TEID_DOWN_C (used for downlink control signaling), and TEID_DOWN_U (used for downlink user data information). The specific working principle of TEID is shown in Fig. 3 . During the process of acquiring data, three TEID addresses, TEID_DOWN_C, TEID_DOWN_U, and TEID_UP_U, need to be used to calculate the IMSI information.

以下对各个模块进行展开说明。Each module is described below.

1、EMAC核模块1. EMAC core module

改发明方法使用的硬件平台为v5lxtPCI开发板。平台上两个三态网口,两个千兆电口,FPGA芯片为V5LX50T,片内含有4个内置的三态以太网MAC模块(TEMAC)。其中Virtex5 EMAC核模块如图4所示。EMAC核主要分为如下几个接口:接收客户端(RX Client)、发送客户端(TX Client)、流控制接口(Flow Control)、通用主机总线接口(Generic Host Bus)、DCR总线接口(DCR Bus)、物理层接口(Physical Interface)、GTP收发器(GTPTransceiver)、管理数据输入/输出接口(Management Data I/O)。下面对以太网内核的各个接口作一下简要介绍:The hardware platform used for improving the invention method is a v5lxtPCI development board. There are two tri-state Ethernet ports and two Gigabit electrical ports on the platform. The FPGA chip is V5LX50T, which contains 4 built-in tri-state Ethernet MAC modules (TEMAC). The Virtex5 EMAC core module is shown in Figure 4. The EMAC core is mainly divided into the following interfaces: receiving client (RX Client), sending client (TX Client), flow control interface (Flow Control), generic host bus interface (Generic Host Bus), DCR bus interface (DCR Bus ), physical layer interface (Physical Interface), GTP transceiver (GTPTransceiver), management data input/output interface (Management Data I/O). The following is a brief introduction to each interface of the Ethernet core:

(1)发送/接收客户端主要是将用户收发端与以太网MAC收发引擎连接起来;(1) The sending/receiving client is mainly to connect the user transceiver end with the Ethernet MAC transceiver engine;

(2)流控制接口的设计符合IEEE 802.3第31条款;(2) The design of the flow control interface complies with Clause 31 of IEEE 802.3;

(3)通用主机总线接口和DCR总线接口是和以太网MAC主机接口的两种控制可选的总线接口,可以通过以太网MAC的信号线选择其中的任何一种,在外部处理器与以太网MAC协作的情况下,选择DCR总线接口比较理想,主机总线接口更适合于FPGA逻辑直接控制以太网MAC的情况;(3) The universal host bus interface and the DCR bus interface are two control optional bus interfaces with the Ethernet MAC host interface, and any one of them can be selected through the signal line of the Ethernet MAC. In the case of MAC cooperation, it is ideal to choose the DCR bus interface, and the host bus interface is more suitable for the situation where the FPGA logic directly controls the Ethernet MAC;

(4)物理层接口可以连接符合以太网物理层标准BASE-T、BASE-X的任何一种物理层设备;当物理层接口配置成1000BASE-X或者SGMII模式时,需要用到以太网MAC内部的PCS/PMA子层模块,该模块与以太网MAC的GTP收发器接口连接。此GTP收发器接口直接连接到以太网MAC外部的GTP收发器实现1000BASE-X物理层。(4) The physical layer interface can be connected to any physical layer device that conforms to the Ethernet physical layer standard BASE-T, BASE-X; when the physical layer interface is configured as 1000BASE-X or SGMII mode, it needs to use the Ethernet MAC internal The PCS/PMA sublayer module is connected with the GTP transceiver interface of the Ethernet MAC. This GTP transceiver interface connects directly to the GTP transceiver outside the Ethernet MAC to implement the 1000BASE-X physical layer.

2、用户接口模块2. User interface module

基于FPGA的数据包重组结构如图5所示。其中FPGA模块串连在SGSN和GGSN之间,可以捕获3G核心网络中通过的所有数据包。The FPGA-based data packet reassembly structure is shown in Figure 5. Among them, the FPGA module is connected in series between SGSN and GGSN, and can capture all data packets passing through the 3G core network.

整个数据包重组过程首先根据UDP端口号判断从核心网获取的GTP数据包类型(GTP-U端口号为2152,GTP-C端口号2123),然后根据数据包头部的TEID检索出用户IMSI,将IMSI信息插入到用户数据中去,实现数据包重组。数据包重组流程如图6所示:The entire data packet reassembly process first judges the type of GTP data packet obtained from the core network according to the UDP port number (the GTP-U port number is 2152, and the GTP-C port number is 2123), and then retrieves the user IMSI according to the TEID in the data packet header. The IMSI information is inserted into the user data to realize data packet reassembly. The packet reassembly process is shown in Figure 6:

由于监管的用户量大,数据重组过程中,用户数据与用户特征信息的绑定需要对IMSI信息的不断动态存取,因此,要保证处理的实时性,对于整个数据包处理过程中的瓶颈部分-IMSI的动态存取,要求寻求一种达到线速处理的方法。Due to the large number of supervised users, during the data reorganization process, the binding of user data and user characteristic information requires continuous dynamic access to IMSI information. Therefore, to ensure real-time processing, the bottleneck part in the entire data packet processing process - The dynamic access of IMSI requires finding a way to achieve line speed processing.

数据包重组模块如图7所示,其中主要包括消息类型处理模块,HASH模块,IMSI存储模块,读写控制模块,IMSI插入模块,IMSI非空判断模块。下面对各个模块的功能作简单描述。The data packet reassembly module is shown in Figure 7, which mainly includes a message type processing module, a HASH module, an IMSI storage module, a read-write control module, an IMSI insertion module, and an IMSI non-null judgment module. The functions of each module are briefly described below.

(1)消息类型处理模块:消息类型处理模块用来判断GTP协议的类型。并对GTP-C与GTP-U分别做不同的标记,以供后台处理时分辨。(1) Message type processing module: the message type processing module is used to judge the type of the GTP protocol. And make different marks for GTP-C and GTP-U respectively, so that they can be distinguished during background processing.

(2)HASH模块:HASH模块是整个模块中最关键部分,它主要实现IMSI存取地址计算。由于含有IMSI信息的Create PDP Request信令(信令就是信息,不需要重复)与用户上下线响应信息以及用户数据信息是通过TEID相关联,所以为了满足大量用户动态的对IMSI的存取,需要找到TEID与IMSI直接关联的存取方式。根据这一思想,本文提出一种基于FPGA的Hash算法实现地址计算,该算法过程最主要用到下面Hash函数:h(x,y)=ax+y(a为2的幂次,x,y∈Z+)通过多次调用这个Hash函数分解TEID得到不同寻址信号。具体的数据重组查找算法过程为:(设用户的三个TEID值分别为A,B,C)(2) HASH module: HASH module is the most critical part in the whole module, it mainly realizes the calculation of IMSI access address. Since the Create PDP Request signaling containing IMSI information (signaling is information and does not need to be repeated) is associated with user online and offline response information and user data information through TEID, so in order to meet the dynamic access of a large number of users to IMSI, it is necessary Find the access method directly associated with TEID and IMSI. According to this idea, this paper proposes an FPGA-based Hash algorithm to realize address calculation. The algorithm process mainly uses the following Hash function: h(x, y)=ax+y (a is a power of 2, x, y ∈ Z + ) decomposes TEID by calling this Hash function multiple times to obtain different addressing signals. The specific data reorganization search algorithm process is: (assuming that the three TEID values of the user are A, B, and C respectively)

一、将用户的三个个TEID分别跟相对应的基TEID(值设为A1,B1,C1)异或,得到的值记为A2,B2,C21. XOR the three TEIDs of the user with the corresponding base TEID (values are set to A 1 , B 1 , C 1 ), and the obtained values are recorded as A 2 , B 2 , and C 2 ;

二、将A1,B1,C1分别按照HASH函数:h(x,y)=216x+y(0≤x≤217-1,0≤y≤215-1)分解。求出系数x,y的值,以A1处理过程为例,设A1求出的系数分别记为E、F;2. Decompose A 1 , B 1 , and C 1 respectively according to the HASH function: h(x, y)=2 16 x+y (0≤x≤2 17 -1, 0≤y≤2 15 -1). Find the values of coefficients x and y, take the processing of A1 as an example, set the coefficients obtained by A1 as E and F respectively;

三、将E的值按照h(x,y)=28x+y(0≤x≤28-1,0≤y≤28-1)分解。求出系数x,y的值,分别记为G、H;将F的值按照h(x,y)=28x+y(0≤x≤28-1,0≤y≤28-1)分解。求出系数x,y的值,分别记为I、J;3. Decompose the value of E according to h(x, y)=2 8 x+y (0≤x≤2 8 -1, 0≤y≤2 8 -1). Find the values of coefficients x and y, and record them as G and H respectively; set the value of F according to h(x, y)=2 8 x+y (0≤x≤2 8 -1, 0≤y≤2 8 - 1) Decomposition. Find the values of the coefficients x and y, and record them as I and J respectively;

四、将G、H相异或,得到的值记为K,将J做3次做循环移位,得到的值即为L。4. Exclusive OR the G and H, and record the obtained value as K, do 3 times of J for cyclic shift, and the obtained value is L.

五、将得到的I作为RAM的片选信号、L作为初始地址值;K的值作为超范围用户的IMSI的存储和查找。5. The obtained I is used as the chip select signal of the RAM, L is used as the initial address value; the value of K is used as the storage and search of the IMSI of the out-of-range user.

下面对算法做简要的注释,第一步中的基TEID为随机抽取的任一用户的TEID的值,并保持T时间内基TEID不变。这样做的原因是,在现实中用户TEID的分配与用户的IP分配类似,具有总体上升到趋势,选择在T时刻内,所有用户跟同一用户的TEID异或,可以将不同用户的TEID之间的差异,由原本的分布在不同位置移动的TEID的低位置上,其中T的选取对于冲突概率的影响很大。这样就可以用较少的位数区分大量的用户。这一步的异或可以用简单的硬件描述语言实现,这一步运算需要两个时间周期。The following is a brief comment on the algorithm. The base TEID in the first step is the value of the TEID of any user randomly selected, and the base TEID remains unchanged for T time. The reason for this is that in reality, the allocation of user TEID is similar to the allocation of user IP, and has an overall upward trend. If all users are XORed with the TEID of the same user at time T, the TEID of different users can be combined The difference of , from the original distribution in the low position of the TEID moving in different positions, where the selection of T has a great influence on the collision probability. In this way, a large number of users can be distinguished with a small number of bits. The XOR of this step can be realized with a simple hardware description language, and the operation of this step requires two time cycles.

第二步,是利用HASH函数分解,这里对函数系数的选择做简要解释,第二步选择了系数216这样分解得到的E、F的位数16bit。这样选择的目的主要是为第三步的E、F分解做铺垫。这一步的分解,用硬件描述语言实现也是很简单的,这一步运算需要一个时间周期。The second step is to use the HASH function to decompose. Here is a brief explanation of the selection of the function coefficients. In the second step, the coefficient 2 16 is selected to decompose the digits of E and F to 16 bits. The purpose of this choice is mainly to pave the way for the decomposition of E and F in the third step. The decomposition of this step is also very simple to implement with a hardware description language, and the operation of this step requires a time period.

第三步中对F的分解,系数选择的是28,分解得到的I、J的位数为8bit,这样做的目的是根据监控用户的数目而定的,目前我们所做的监控设备针对在线用户数为一万个,每一个用户的IMSI是8Byte,由于一个用户要用到3个TEID跟其IMSI相联系,这样需要的存储空间为104*3*8*8bit≈1.5*221Mbit,我们用来存储IMSI的BRAM的大小为211*23地需要这样的RAM28个,这样得到的I作为片选信号,J左移3bit后得到11bit的地址信号,容量大小为8Byte,用来存储一个用户的IMSI。运算的硬件语言实现跟第二步相同。这一步运算需要一个时间周期For the decomposition of F in the third step, the coefficient is selected as 2 8 , and the digits of I and J obtained from the decomposition are 8 bits. The purpose of doing this is based on the number of monitoring users. The number of online users is 10,000, and the IMSI of each user is 8Byte. Since a user needs 3 TEIDs to associate with its IMSI, the required storage space is 10 4 *3*8*8bit≈1.5*2 21 Mbit, the size of the BRAM we use to store IMSI is 2 11 * 2 3. We need 28 such RAMs. The I obtained in this way is used as a chip select signal, and J is shifted to the left by 3 bits to obtain an 11-bit address signal. The capacity is 8 Byte. to store a user's IMSI. The hardware language implementation of the operation is the same as the second step. This operation takes a period of time

第四步运算简单易懂不多做解释。这一步运算需要一个时间周期The fourth step operation is simple and easy to understand without much explanation. This operation takes a period of time

第五步中超范围的意思是,在T时间内,用户总TEID的分配趋势是递增的,然后由第一步的基TEID的异或,可以将不同转移到低位置上,但是由于TEID分配有一些特殊情况,可能其变化范围超出了所选的位数,需要考虑到这种特殊情况,于是把特殊情况的TEID称作超范围用户,这些用户的IMSI单独存放在一个RAM中。实际中,这种超范围用户是很少的。最后IMSI的存储或读取需要八个时间周期。The out-of-range in the fifth step means that within the time T, the distribution trend of the total TEID of users is increasing, and then the difference can be transferred to a low position by the XOR of the base TEID in the first step, but because the TEID distribution has In some special cases, the variation range may exceed the selected number of digits. This special case needs to be considered, so the TEID in special cases is called an out-of-range user, and the IMSI of these users is stored in a RAM separately. In practice, such out-of-range users are rare. The storage or reading of the final IMSI takes eight time cycles.

(3)IMSI存储模块:IMSI存储模块是用到的存储器为BRAM。(3) IMSI storage module: The memory used by the IMSI storage module is BRAM.

(4)读写控制模块:读写控制模块是根据消息类型处理模块做的标志采取动作,如果是Create PDP Request信令,则根据Hash模块计算出来的地址写RAM,如果是用户数据包或用户上下线响应信息则根据Hash模块计算出来的地址读RAM。(4) Read-write control module: The read-write control module takes action according to the sign made by the message type processing module. If it is Create PDP Request signaling, it writes RAM according to the address calculated by the Hash module. If it is a user data packet or user The online and offline response information is read from the RAM according to the address calculated by the Hash module.

(5)IMSI插入模块:IMSI插入模块主要是完成将读出的IMSI信息,插入到用户上下线响应信息和用户数据信息中去。对于用户上下线响应信息,则将IMSI插入到GTP协议头部的前8Byte,如果是用户数据信息,则将IMSI插入到数据负载前的8Byte。(5) IMSI insertion module: The IMSI insertion module mainly completes the insertion of the read IMSI information into the user log-off response information and user data information. For user log-off and offline response information, insert the IMSI into the first 8Byte of the GTP protocol header, and if it is user data information, insert the IMSI into the first 8Byte of the data payload.

(6)IMSI非空模块:IMSI非空模块用来判定插入的IMSI部分是否为空。由于处理过程来不及,或者网络丢包等原因导致某个用户的IMSI信息没有存储,则该用户的上下线响应信息和用户数据信息中的IMSI插入部分则会全部为零。IMSI非空模块判断若该部分全部为零,则将该用户数据包发往指定主机作为异常包处理;如果不全部为零,则重组的数据包作为新的数据负载输入到TCP/IP协议栈中去,生成TCP/IP包传输到后台处理。(6) IMSI non-empty module: The IMSI non-empty module is used to determine whether the inserted IMSI part is empty. If the IMSI information of a certain user is not stored due to the delay in processing, or network packet loss, etc., the IMSI insertion part in the user's log-off and offline response information and user data information will all be zero. If the IMSI non-empty module judges that this part is all zero, the user data packet will be sent to the designated host as an abnormal packet; if not all zero, the reassembled data packet will be input to the TCP/IP protocol stack as a new data load In the process, generate a TCP/IP packet and transmit it to the background for processing.

Claims (3)

1. the 3G data packet reorganization based on FPGA is united; It is characterized in that comprising ethernet mac EMAC core module and Subscriber Interface Module SIM; Wherein Subscriber Interface Module SIM comprises: type of message processing module, HASH module, IMSI memory module, read-write control module, IMSI insert module, IMSI non-NULL judge module; The output of type of message processing module is connected in series HASH module, read-write control module, IMSI insert module, IMSI non-NULL judge module successively; The input of the output termination IMSI insert module of type of message processing module, the input of the output termination IMSI memory module of HASH module, control module is two-way is connected with read-write for the IMSI memory module; The output of the input termination EMAC core module of type of message processing module, the input of the output termination EMAC core module of IMSI non-NULL judge module.
2. a recombination method of uniting based on the 3G data packet reorganization of FPGA as claimed in claim 1 is characterized in that comprising the steps:
Step (1): all the 3G packets on the reception client-side interface reception gateway node GGSN of employing EMAC core module and the link of support node SGSN;
Step (2): the described 3G packet of step (1) is judged the protocol type that obtains gateway node GGSN and support node SGSN through the type of message processing module:
When the protocol type of gateway node GGSN and support node SGSN for control signaling protocol GTP-C, then insert flag bit 0;
When the protocol type of gateway node GGSN and support node SGSN is User Data Protocol GTP-U, then insert flag bit 1;
Step (3): the address that the packet of step (2) described control signaling protocol GTP-C and User Data Protocol GTP-U is obtained access IMSI through the HASH module;
Step (4): the address of the said access IMSI of step (3) is read IMSI information through the read-write control module or write:
A) when packet for control signaling protocol GTP-C type; Then judge the type of message of control signaling protocol GTP-C head: 1. the type of message when control signaling protocol GTP-C head is to set up solicited message, then IMSI is stored the address of progressive rapid (3) said access IMSI; 2. the type of message when control signaling protocol GTP-C head is to set up the request response message; The tunnel mark number TEID-CP that then will control the packet head of signaling protocol GTP-C type obtains getting the new address of IMSI through the HASH module and obtains IMSI; And the up TEID-DII of the packet that will control signaling protocol GTP-C type obtains depositing the new address of IMSI through the HASH module, IMSI stored into deposit in the new address of IMSI; 3. the type of message when control signaling protocol GTP-C head is the response message that rolls off the production line, and the TEID-CP that then will control the packet head of signaling protocol GTP-C type obtains getting the new address of IMSI through the HASH module and obtains IMSI;
B), then the TEID-DII of the packet head of User Data Protocol GTP-U type is obtained getting the new address of IMSI through the HASH module and obtain IMSI when the packet that is User Data Protocol GTP-U type;
Step (5): the IMSI information via IMSI insert module of reading in the step (4) is inserted in user data package and the user's going on line or off line response message removes to obtain the recombination data bag;
Step (6): with the described recombination data of step (5) through IMSI non-NULL judge module: the IMSI part is zero entirely in the recombination data bag, then this recombination data bag is mail to given host as unusual bag processing; The IMSI part is not zero entirely in the recombination data bag, and then the packet of reorganization is input in the ICP/IP protocol stack as new data payload and goes, and exports through the transmission client of EMAC core module at last.
3. the recombination method of the 3G data packet reorganization system based on FPGA according to claim 2, it is characterized in that comprising in the HASH module HASH function: h (x, y)=ax+y, wherein a is 2 power, x, y are that positive integer is the coefficient of HASH function.
CN2009100331427A 2009-06-15 2009-06-15 System and method for 3G data packet reorganization based on FPGA Expired - Fee Related CN101582884B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN2009100331427A CN101582884B (en) 2009-06-15 2009-06-15 System and method for 3G data packet reorganization based on FPGA

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN2009100331427A CN101582884B (en) 2009-06-15 2009-06-15 System and method for 3G data packet reorganization based on FPGA

Publications (2)

Publication Number Publication Date
CN101582884A CN101582884A (en) 2009-11-18
CN101582884B true CN101582884B (en) 2012-05-23

Family

ID=41364847

Family Applications (1)

Application Number Title Priority Date Filing Date
CN2009100331427A Expired - Fee Related CN101582884B (en) 2009-06-15 2009-06-15 System and method for 3G data packet reorganization based on FPGA

Country Status (1)

Country Link
CN (1) CN101582884B (en)

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102438228B (en) * 2011-12-22 2014-02-12 北京锐安科技有限公司 Method and system for associating user information through data of GPRS (General Packet Radio Service) backbone network
US8902754B2 (en) 2012-04-17 2014-12-02 Tektronix, Inc. Session-aware GTPv2 load balancing
US20130272136A1 (en) * 2012-04-17 2013-10-17 Tektronix, Inc. Session-Aware GTPv1 Load Balancing
CN104683228B (en) * 2015-02-10 2018-07-24 海南宝通实业公司 A kind of digital switch media gateway realization method based on FPGA
CN107682311B (en) * 2017-08-24 2020-03-31 东南大学 Hardware-implemented multi-link TCP data reconstruction system

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1889503A (en) * 2006-06-01 2007-01-03 东南大学 Multi-channel high-speed data processor and processing method
CN101026506A (en) * 2007-01-25 2007-08-29 中兴通讯股份有限公司 Access network monitoring system and its realizing method
US7366807B1 (en) * 2004-08-27 2008-04-29 Xilinx, Inc. Network media access controller embedded in a programmable logic device—statistics interface
CN101345924A (en) * 2008-07-31 2009-01-14 华为技术有限公司 A method, system and device for obtaining correspondence between IMSI and number

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7366807B1 (en) * 2004-08-27 2008-04-29 Xilinx, Inc. Network media access controller embedded in a programmable logic device—statistics interface
CN1889503A (en) * 2006-06-01 2007-01-03 东南大学 Multi-channel high-speed data processor and processing method
CN101026506A (en) * 2007-01-25 2007-08-29 中兴通讯股份有限公司 Access network monitoring system and its realizing method
CN101345924A (en) * 2008-07-31 2009-01-14 华为技术有限公司 A method, system and device for obtaining correspondence between IMSI and number

Also Published As

Publication number Publication date
CN101582884A (en) 2009-11-18

Similar Documents

Publication Publication Date Title
CN103490961B (en) Network equipment
CN101582895B (en) EPA-based embedded industrial wireless WIA-PA gateway
CN100502335C (en) Communication system, wireless LAN base station control device, and wireless LAN base station device
CN102769869B (en) Message rapid forwarding system of control and provisioning of wireless access point
WO2022104869A1 (en) Chip-level encryption-based ethernet and field bus fusion gateway and transmission method
CN103166874A (en) A message forwarding method and device
CN103297358B (en) A kind of intelligent grid transmits system and method across wide area network GOOSE message
CN101141419B (en) Communication method between digital home devices based on heterogeneous network protocol
CN109391566B (en) Core board, control method and device of ETBN (Ethernet packet network) backbone network switch
CN101582884B (en) System and method for 3G data packet reorganization based on FPGA
CN101877728A (en) Network address translation forwarding method and device
CN106790675A (en) Load-balancing method, equipment and system in a kind of cluster
CN105657838A (en) Data relay transmission method, data relay transmission system and UE having relay function
EP3846397A1 (en) Method for implementing data transmission, apparatus, and system
CN105657865A (en) Data relay transmission method, data relay transmission system and UE having relay function
CN103188042A (en) Matching method and matching accelerator of Internet protocol (IP) data package
CN103024819A (en) Data distribution method of third-generation mobile communication core network based on user terminal IP (Internet Protocol)
CN106375401A (en) A power multi-mode heterogeneous fusion device and communication method supporting multi-stream aggregation
CN105897665A (en) Method for realizing TCP transmission in satellite network environment and corresponding gateway
CN110933385B (en) Video streaming transmission system based on visible light unidirectional network isolation
CN101355501B (en) Method and switch apparatus for managing packet of Ethernet stacking system
CN107277011B (en) Data classification method and device for terminal equipment
CN101465858B (en) Method for implementing private network penetration of monitoring business, network appliance and server
CN115801467B (en) Tunnel encapsulation-oriented Torr flow identification method
CN101242354A (en) Method, system and device for data transmission

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20120523

Termination date: 20150615

EXPY Termination of patent right or utility model