I. Introduction
1. Foreword
1995 to 2000 period of 5 years, the global Internet commerce market with 62.4% of the annual growth rate of the development, Internet user numbers from 30 million to 550 million. Through the Internet to achieve the commercial market transactions from 1.5 billion dollars to 2.5 billion. Internet has become a platform for e-commerce transactions, the number of Internet users in the rapid growth. In China, the number of Internet users doubling every 6 months, the number of domestic Internet users has reached 25 million. 5 years China will become the largest Internet user market.
Huge market in the future prospects of the temptation, the broadband boom for China's IT industry has brought new opportunities and challenges. Telecommunications, broadcasting, Netcom, length and width and the number of broadband access providers have invested in the construction and operation of broadband, broadband network around the building and promotion, they are at different levels in a fierce competition.
Community Broadband Network has been called the "last mile" is the realization of broadband network services that people enjoy the final and most crucial part. Hotel, residential and office broadband access, apart from improved network access speed but also actively involved in carrying out value-added services, and strive to manage in the new century, this group of Internet Express, a valuable piece of positions occupied broadband business to expand their influence, to expand its business, in the fierce market competition in an invincible position.
2. The status of cell line
At present, many broadband operators in the central district is the development of the user, Internet access is the main service. To encourage users to access, many operating commercial low-cost monthly to attract users, but the blind, "without the need for monthly billing" concept will give operators a great deal of trouble. With the launch of broadband access, some users may hold the mentality of abused and lead to malicious abuse; all users are not likely to hold than white, and white with the mentality of the abuse of resources used; many potential users may be due to the use of do not have to Jiaoqian sense of injustice and hesitant on broadband access. Therefore, users with access to the growth of broadband operators really need more complex billing system, because the type of service is very complicated plot, but also do a lot of restrictions, such as bandwidth limitations, time constraints, traffic restrictions, value-added services choices.
3. Residential broadband network construction problems
Erection of residential broadband face many problems have to be the perfect solution:
Operators in the development of a number of clients, how to manage residential households account information?
Contributions to the monthly time, and how these inform the district of Unified to pay fees?
Operating conditions require detailed monthly statements, how come?
Cell and office broadband users account theft how to prevent it?
How to manage the network, to prevent users from malignant bandwidth it?
How to set up a proxy server to prevent unauthorized users to open Internet cafes do?
How to ensure the district can earn profits from broadband Internet access and provide more quality services is the choice facing the district.
Cell Broadband now how existing management systems, billing system integration.
The application of a variety of value-added services over broadband networks? And many value-added services can form a unified platform.
Community diversity of users in the network. For example: household, supermarket cafes, and offices and so on.
All of these are the construction of each district to implement key elements of broadband, how to deal with those problems, easy to state, "Broadband Billing Gateway," the emergence of all this will be solved.
Second, residential broadband billing solution
1. The program easy to state the purpose of broadband billing gateway will help broadband operators to achieve the following objectives:
Solve the "flat rate" of fatal weakness: on the broadband value-added services can not charge fees, lack of flexibility operators charge, the cost recovery slower and less competitive. Because the value-added services to attract users to access the main reason why operators can key to profitability as soon as possible.
With a variety of charging methods of billing platform to increase the broadband charges and competitiveness of the flexible line.
Provide comprehensive, easy user management functions, as well as strict security structure to address the operator speaks the best.
Provide a good system scalability, users in the future the increasing volume of cases, operators can easily meet.
With a variety of statistical report generation and billing methods, to facilitate the daily operation of the operator.
Provide diverse broadband multimedia value-added services to users of broadband multimedia into a colorful world, to promote broadband operators to embark on a virtuous cycle of profitability.
Facilitate the management of the following operators unified billing system in all district.
2. Programme details
Yi Bang broadband billing gateway (EasyBilling Gateway) is easy to state and Technology (Guangzhou) Co., Ltd. under the hotel, residential, office and other units of the actual situation of self-developed integrated billing platform for broadband networks. For broadband Internet users access the Internet account authorization, landing authentication, account management and value-added service costs. The software has a AAA server functions can be used as value-added services platform for comprehensive statistics and provide network authentication, network management, billing, user management and monitoring features such as broadband access and operation of essential management functions and database interface.
Easy to state the product technology has submitted to the authority of units of the telecommunications industry - China Telecom Guangzhou R & D center evaluation, evaluating the telecommunications sector gained full recognition in the billing accuracy, reliability, ease of use compatibility and user help documents and so on top. Easy to state the company's products are suitable for star hotel, broadband residential, commercial, radio and television cable network, campus network, the government enterprise networks, computer training center and other occasions. After nearly a year of effort, the company has received Top Group, Kejian Group, Wen Chong Shipyard, China Everbright Bank, Shenzhen Radio, Foshan Radio, Hunan Tung Cheng Hotel, Zhejiang Tiantai radio and television, Ligangnanwan, New Yan Garden, Ruihua dozens of buildings, etc. Typical customers
2.1 Typical Structure
Broadband residential gateway billing easy to state version of the typical application is a AAA unified structure, the end-user authentication, access, billing be finished by the charging gateway.
When users access the Internet, must be authorized billing gateway, user name and password authentication is passed, opening the gateway for Internet access billing privileges, the user can access the Internet when the user exit costs recorded in the billing network Guanzhong. Users to access value-added services group, when, according to the actual situation of different billing can be taken separately and are not charging the way, and billing gateway interface communication billing of value-added services.
Community Broadband Access Schematic
Figure, billing and export gateways in the three-switch routing between the convergence layer, this structure can achieve the unity of the scattered points, flexible management and improve the efficiency of network applications.
Yi Bang billing gateway supports a variety of access methods, including optical fiber access, DDN access, ADSL access, satellite access. Community Support xDSL access, Ethernet access, Cable Modem and other access.
Yi Bang billing gateway has a good compatibility, support for Cisco, Huawei, Harbour, D-Link, 3com router and two other, three switches. Support for FTP, WWW, IRC, RealMedia, VOD and other network applications.
Billing Gateway is a typical structure of a gateway type device, when cell users access to the designated gateway to the export gateway, before any access to network access, will redirect to the district office the start page .
In some occasions, the original export residential gateway has been to point to the egress router Department, so that if to add a gateway device will need the original larger network transformation, this time charging gateway can be deployed as a transparent bridge access structure, users log on before, can not access the external network, after logging in, you can access the original, like normal.
Yi Bang Broadband Billing Gateway Community edition can support 2,000 simultaneous users online, meet any volume of residential Internet users demand. If broadband access is to have many small business operators to use billing gateway, we propose a distributed solution.
Figure, each cell is to place a billing gateway, in charge of the district's user access, value-added services and billing settlement; room in the center display a billing management server, the data for each plot summary, can be a single clearing and query, and data on each district to back up. Also can remotely manage all residential billing gateway and the user's use.
2.2 Community Area Network IP management can support a variety of settings, IP billing gateway supports the following distribution:
1) dynamic allocation of IP; user or per-VPN dial-up Internet access through the DHCP IP.
2) IP address bound network card address; the user to set a fixed IP Internet access requires authentication.
3) a fixed line IP; user to set a fixed IP, you can access without authentication.
Proposed dynamic allocation IP + Web browser authentication method.
DHCP to assign IP approach can save IP resources, and facilitate the administrators to manage IP addresses, for users with special needs, you can assign a static IP address or public network IP address.
In addition, the built-in billing gateway DNS service module, operators can define their own modules in the internal network DNS server domain names, so users can access the internal network domain name server. Does not define the domain name resolution, you can forward the request to the public network DNS servers, by their resolve the correct address. The user can not access the Internet, you are always redirected to the start page within the network office, suggesting that they can only access this part of the content.
2.3 user authentication cell
Residential users authenticated before, open the browser will always be redirected to the cell start page, operators can set the login page here or download the client release announcements.
Yi Bang broadband billing gateways provides multiple authentication options for customers:
Web-based user account name and password authentication. Use this authentication method, users need only a simple Web interface, enter account password, you can use network resources.
802.1Q for VLAN's Web-based authentication. Use this authentication method, users do not fill out any account information, you can normally use the network resources. User account is equivalent to switch VLAN ID.
Account password-based client authentication. Use this authentication method, users fill out a dedicated client account password billing gateway, and then use the network resources. The use of specialized client can apply some additional features, such as the gateway to receive the broadcast information, real time use of the time flow.
Standards-based VPN authentication. In this way similar to PPPOE, and the server establish a tunnel to communicate point to point, customers have access to each certified by an IP. This authentication of various operating systems have built-in client.
2.4 easy to state management of network bandwidth broadband billing gateway can real-time constraints for each cell user traffic, and control flow for the following ways:
1) real-time control of a residential user traffic;
2) may still limit the upstream and downstream users of a plot of the flow;
3) can be classified according to cell user groups to control the flow;
4) can be dynamically adjusted according to the number of online user traffic. Dynamic flow control for the rational allocation of residential broadband resources dynamically is very effective to prevent network congestion. Because EasyBilling Gateway based on the number of concurrent users, the dynamic balance of export bandwidth of each user.
Easy to set up similar to the state charging gateway Qos bandwidth limitations rules, set by the administrator of static or dynamic bandwidth is set to a value of a user, you can do to ensure a large bandwidth of the possible. Dynamic allocation of bandwidth of other users, the average distribution of the remaining bandwidth, this will ensure that each user can reasonably use network resources, even ants and other tools to open the network bandwidth consumption can not clean and.
2.5 Management of user access to the site
General use within the district are private IP, the user through the NAT gateway or router for Internet access. Once the need to trace the IP of the time, the level of management can only be traced to the Internet through the NAT conversion IP, but can not find the end-user's IP.
Yi Bang billing gateway can access the site for residential users to record and inquiry. Recording method can be a number of options:
Record a user's access to certain records.
Record of a visit to a site record.
Real-time view the current record of a particular user's access.
Real-time view of a current record of a site visit.
Record of all user access to records.
Record all users access to a particular IP segment record.
Operators of local conditions, the rational use of these records.
2.6 to prevent users from unauthorized access
If the district applied for an access to a user account, and then through a HUB networking within the neighborhood, in one of the people in the computer to install a Wingate or Sygate, etc. Proxy server, all users can share the Internet through the machine , and operators can charge a person's costs, so the operation is not conducive to broadband.
Broadband billing gateway, you can prevent users from unauthorized illegal Proxy server set up to do the internal shared online. User forwards the billing gateway behavior to judge, when found in user agent behavior, they can live in the first acts of the user's forwarding the report to the system administrator, system administrator warning message can be processed.
2.7 offers a variety of billing
After using the broadband billing system, user access bandwidth, duration, flow, value-added services can be real-time control, operators can thus provide a wealth of business, such as:
Billing by time period: by the user to log on to the user logged out of time billing.
According to traffic accounting: user access port by inflow and outflow of the number of billing data.
Real-time Billing: billing based on user credit value; the value of the user's advance billing.
Benefits management: benefits in accordance with the specified date, the accumulated flow sub-concessions, in accordance with the concession period.
Billing in accordance with the bandwidth: the bandwidth of the specified user to distinguish between different bandwidth for different billing methods.
In accordance with the access type accounting: the specified user's access to the target site, such as the securities can only access sites, only the value-added services can access VOD. Different types specify different charging methods.
2.8 supports a variety of value-added services, billing
Yi Bang billing platform EasyCity built-in video on demand, voice communication, value-added services such as online gaming interface, a user authorized to access after the adoption, according to pre-set permissions, you can specify whether to allow the use of these services, if allowed, Users access these value-added services in a time when, according to the relevant settings, will follow by the number, duration, or by use of the actual situation in accordance with billing. Value-added services generated by fees and network costs of billing records together, unified print management tools can be given.
Charging Gateway built three 10/100MB Ethernet interface, adaptive, specialized one Ethernet port is to provide access to value-added services, can easily access a variety of value-added services.
2.9 management software EasyManager
Easy to state the gateway provides a powerful billing management software EasyManager, its functions are as follows:
1) User Management
Administrator set up different permissions
Customers to add, delete, query, suspended
A customer access time
Dedicated IP users to open
Modify the client code
A customer type (cash monthly users, prepaid stored-value card users and customers, etc.)
The maximum amount a customer
Users online real-time display and status line
Real-time interrupt user connections
2) Network Management
According to the different types of service needs, set different rules for data forwarding
Users online monitoring, bandwidth monitoring, dynamic bandwidth setting
Limited user can not access certain websites
Flow of real-time monitoring of users
Limited to a user an account online
Interruption of the use of force by individual users
Definition of user client ads, pop-up ads
3) Billing Management
Can choose according to need on time, flow, monthly, cap, value-added services such as billing
Own set of rates
Set their own discount period
User fees query, print reports, monthly statistical reports, detailed inquiries
With other management systems to provide interfaces for statistical cost
Add any value-added services to support billing, can be achieved without changing the value-added services on the monthly billing, to provide special billing interface.
4) Billing Management
Generate real-time billing date
Generate a specified time each month on bills
To provide a friendly and billing charges for handling operations interface
Statistics include: designated day / month / year billing statistics, revenue statistics, accounts, statistics, down a few statistics, the number of statistics, etc. arrears.
5) Log Management
Administrator log management operations
User access logs and check
Users to access the site log and query (optional)
2.10 data collection
The operator is responsible for residential broadband access, remote data collection function can view the cell network operation. Including the district name, gateway IP, daily, online users, the total number of users, new users, the number of total flow, due fees, charges and other actual data, the system in the aggregate number of residential billing data gateway , you can list, print and store files into EXCEL format interface to facilitate the settlement into managers.
Easy to state the company can according to customer needs, tailor them to the specified summary billing methods and billing interfaces, from the perspective of operators, so that to facilitate the management and accurate billing. For and the area is divided into the operators, the cost of clearing them in one step.
Third, technical notes
3.1 Access
The current residential broadband access, it can provide the methods are: Web authentication, client authentication, VPN authentication, these types of access methods have their advantages.
Web portal authentication is the most used broadband technology. Internet users at the beginning of time, open the browser, enter any URL will be redirected to the portal site operator, in a simple Web interface, enter the account number and password information, after a successful login, you can begin online. This approach is relatively simple, but there is encryption strength is not enough to completely resolve the IP / MAC theft problem.
Client authentication refers to the Internet when customers use their own broadband equipment providers, the development of client-specific certification, this certification process was encrypted, the higher factor of safety, but also access to some exclusive features, such as real-time display expenses. But they can not log on after the LAN address potential duplication of IP / MAC problem.
VPN Client authentication refers to the Internet when the VPN through the operating system built-in dial-up software, and billing system to establish VPN connection, VPN tunneling technology in fact contains, encryption, authentication technology. The core technology is the VPN tunnel, which is based on network layer protocol specification, or between two points is used to ensure data transmission between two ends of the tunnel establishment and removal. VPN protocol used at present there are three: Point to Point Tunneling Protocol (PPTP-Point-to-Poin Tunneling Protocol), Layer Two Tunneling Protocol (L2TP-Layer2 Tunneling Protocol), and IPSec (Secure IP). PPTP is the process of EBAS the user access protocol used, it is characterized by the user and the access server to establish security, stability, tunnels, narrow the traditional PPP authentication, connection and billing models used to so the network address of the Ethernet IP address of the user authentication management and resource management problems. Using this method, even the thieves set the same IP / MAC, can not use network resources, is the safest way of an access.
PPPOE over several access methods and compared to the advantages that can be shared across the three devices, PPPOE in the beginning of the search phase can not be cross-routed, so the former can be built when the network greater freedom, also more suitable for the transformation of the old network.
3.2 Charging Gateway
The heart of the broadband access server transmit data, depending on the user rights to perform different forwarding rules. Requirements on the access server is different from the general switch, the data must flow through a rigorous check, which is why the use of other access methods such as 802.1x, unable to provide many types of services. Access server data acquisition is not dependent on the switch or router, but independent, and can accurately calculate its source address, destination address and port.
Yi Bang broadband billing gateway to the user account, IP, MAC address three bind to IP / MAC parameters of the two easily forged and the account tied to a certain extent, to avoid misappropriation of resources. In the system design, application of the special system kernel, the kernel layer directly control the data forwarding, and general-purpose operating system installed on the access server is different, the forward efficiency is greatly improved, but also to ensure the accuracy of flow calculation . Since the control is IP layer, so you can define IP as well as in the free port forwarding and also to ensure efficiency. The stability of a single access server access number in 2000.
Whether the user is using Web log or a client login, billing gateway can detect a user's online status, allows users to either normal or accidental disconnection disconnection, can be properly informed user is offline, to avoid the miscalculation of user charges .
In addition, some of the old cell transformation process, the original network structure can not be changed for some reason, this time can be applied to transparent gateway. Transparent Gateway refers to the deployment of broadband billing gateway into bridged mode, installed in the existing routers and internal networks, existing network settings do not make any changes. Users to access previously only exported out of reach, and limited access to external networks; but the user is logged on billing system, then it can use the network as usual, as if the gateway does not exist.
System Specifications:
Size 473mm (W) × 433mm (D) × 88mm (H) standard 2U
China Standard power supply
Processor Processor Intel PIII866MHz
256MB RAM
Interface 10/100M RJ-45 X3, IEEE 802.3x full duplex support for PS / 2 keyboard and VGA display interface
The maximum number of concurrent users concurrent stable 2000
System throughput> 90M bps
Time between failures> 12,000 hours
Unified management software:
OS Windows 98/2000/XP
3.3 The value-added service interface
Value-added service interface is the charging device inside the novel. This is a pre-defined set of protocols, operators of value-added services agreement with this group of docking with the charging system, the exchange of users online and cost information. End-user interface is not visible, the original value-added services only need to do a few changes, you can use this interface. Interface in several categories:
1) determine the rates from the billing system, value-added authorized users access the server to accept.
2) determined by the rate of value-added server, billing system when the authorized user access to receive cost information.
3.4 Community safety billing
Area not only to achieve the internal network and external network of effective isolation, but also to allow some internal network can be accessed by external networks, these requirements require the use of firewall technology to achieve. In addition, the various broadband residential diversity of the physical network structure, we need a professional network security experts to carry out network planning. Network security comes from within the network, so users and communications network billing systems need to use special encryption technology, and assisted by other means to achieve network security.
1) The application of NAT technology, IP masquerading, so that the internal network and the Internet to achieve full isolation, internal users can access the LAN external users, external users can access special internal users, allowing users to access the internal network, while ensuring the security of internal networks; also NAT can be converted by an external router, access server forwards only the completion of the work;
2) can mask some of the services and websites in support of routing or firewall access rules set up to provide an unlimited number of IP address filtering table; support account bind IP functions; support the MAC-IP address binding function;
3) For special customers, without any certification also provides direct access to the Internet way.
4) cell internal users, it should be a reasonable use of VLAN isolation. Billing Gateway is a central gathering equipment, cell internal users, can access each other. The common operating systems, such as windows, the default installation of the future will be shared with a number of settings, the client is not feeling the case may be by others. Therefore, when the network planning, to the proper division of a number of subnets, different floors or buildings belonging to different floors, divided in different VLAN in the VLAN can not visit each other, but only in the central office switches together.
4, customer case studies
State companies to trade a client - a district as an example, residential broadband solutions for further instructions.
Cell network structure
From the chart shows, our user base according to the actual plot to see:
a) Area Community Internet cafe Internet cafe with Eth1 Ethernet port to connect to the switch, the client's authentication. Divided into residential floors VLAN switch, the isolation of the district administration office and residential tenants broadcast.
b) Community residential household use Eth2 households connected to the switch Ethernet port using Web authentication methods. Divided into residential floors VLAN switch, the isolation of the Internet cafes and cell broadcast information management office.
c) District Administration District Administration by Eth3 Ethernet port to connect to the switch, the client's authentication. Divided into residential floors VLAN switch, the isolation of the Internet cafes and residential tenants.
Fifth, technical support and services
Pre-sales technical support services company focused on a group of senior systems analysts and senior technical consultant, customer focus, providing high-quality, timely and standard support services.
Computer information systems and network systems is the key, we will focus on the company's technical resources, to take a complete system and network management tools, full technical problems to resolve user and failure. Both prevention, responsible for developing appropriate preventive maintenance programs and measures to actively assist the user in the operation of an information system, hidden, improve system performance, reduce system downtime, security systems up and running, improve the return on investment.
Pre-sales customer service we can tailor the actual situation according to the customer, functional customization, makes our billing gateway and our services more suited to customer needs.
We also can OEM cooperation.
Sales training services we will be responsible for our products installation, commissioning and use of all training.
After-sales services, technical support and presence for each user are divided into three levels of technical service requests, service level depends on the division of critical applications running on the extent and spare resources, reasonable call, and according to the different service levels to determine the appropriate service response time. In addition, the special requirements of the user can separate the two sides to discuss and develop solutions.
1. Full express service: refers to all hardware and software failures on the operation of the system has a critical impact, leading to applications not work correctly or the system standstill.
2. Expedited service: means the failure of the system hardware and software to run some of the effects produced, leading to individual network services or applications stop key part of the failure of Africa, the performance part of the whole system is running down but did not constitute a key influence in the situation.
3. General Services: means the system does not affect the request for technical services / consulting. Hours of on-site support service level response time
4, customer case studies
State companies to trade a client - a district as an example, residential broadband solutions for further instructions.
Cell network structure
From the chart shows, our user base according to the actual plot to see:
a) Area Community Internet cafe Internet cafe with Eth1 Ethernet port to connect to the switch, the client's authentication. Divided into residential floors VLAN switch, the isolation of the district administration office and residential tenants broadcast.
b) Community residential household use Eth2 households connected to the switch Ethernet port using Web authentication methods. Divided into residential floors VLAN switch, the isolation of the Internet cafes and cell broadcast information management office.
c) District Administration District Administration by Eth3 Ethernet port to connect to the switch, the client's authentication. Divided into residential floors VLAN switch, the isolation of the Internet cafes and residential tenants.
Fifth, technical support and services
Pre-sales technical support services company focused on a group of senior systems analysts and senior technical consultant, customer focus, providing high-quality, timely and standard support services.
Computer information systems and network systems is the key, we will focus on the company's technical resources, to take a complete system and network management tools, best user experience to solve technical problems and failures. Both prevention, responsible for developing appropriate preventive maintenance programs and measures to actively help users solve the hidden danger in the operation of information systems to improve system performance, reduce system downtime, security systems up and running, improve the return on investment.
Pre-sales customer service we can tailor the actual situation according to the customer, functional customization, makes our billing gateway and our services more suited to customer needs.
We also can OEM cooperation.
Sales training services we will be responsible for our products installation, commissioning and use of all training.
After-sales services, technical support and presence for each user are divided into three levels of technical service requests, service level depends on the division of critical applications running on the extent and spare resources, reasonable call, and according to the different service levels to determine the appropriate service response time. In addition, the special requirements of the user can separate the two sides to discuss and develop solutions.
1. Full express service: refers to all hardware and software failures on the operation of the system has a critical impact, leading to applications not work correctly or the system standstill.
2. Expedited service: means the failure of the system hardware and software to run some of the effects produced, leading to individual network services or applications stop key part of the failure of Africa, the performance part of the whole system is running down but did not constitute a key influence in the situation.
3. General Services: means the system does not affect the request for technical services / consulting. Hours of on-site support service level response time
6, Success Stories
Radio users:
Shenzhen, Guangdong, Foshan, Guangdong Radio and Television Broadcasting
Heshan, Guangdong, Zhejiang Radio and Television Broadcasting roof
Guangdong Jiangmen, Guangdong Radio and Television Broadcasting Enping
Kaiping, Guangdong, Zhongshan, Guangdong Radio and Television Broadcasting
Hunan, a radio and television (OEM) of a provincial radio and television in China (OEM)
Hotel User:
Hunan Tong Cheng Hotel (Five Star) Ramada Hotel (four star)
Guangzhou China Hotel (four star) Thunis Centre (Four Star)
Beijing Xinqiao Hotel (four star) Beijing Jintai Hotel (four star)
Beijing Guangzhou Hotel (four star) on Hainan Carnation Court Hotel (four star)
Xiamen Lu Feng Hotel (four star)
Community users:
Ligangnanwan Community Garden District New Yan
Long Thanh District Court, District Jin Jian
Hiu Tsui Court District Court District of Poly overseas
Villa Le View Court residential district along
R & F R & F Village Area new home communities
Community Home Community Century City Tianli
Homestead Community Grand District 100
Hainan Unicom Community
Office users:
Beijing Fangyuan Mansion, Guangzhou Ruihua Building
Campus Network users:
Jinan University, Xi'an University of Political Science
Guangdong Provincial Institute of Agricultural Management
Business users:
Top Group Kejian Group
Rex Matador Community
Wen Chong Shipyard China Everbright Bank
Postal Information Center in the southwestern Hunan
Beijing Netcom Group in the room
Guangzhou, China Telecom, Netcom