First, user demand and project outline
(1) CDMA wireless data network introduction
China Unicom's CDMA1X is one kind of new migration data
communication service, it is in consummates optimizes the 2.75th
generation of communication which in the CDMA network construction
process promotes, network foundation further promoted in IS-95 in the
CDMA the wireless connection, causes its support high speed supplement
traffic channels traffic channel, thus may realize the high speed data
networking to turn on the service. The CDMA wireless network
definitely was allowed to substitute past the wired digit dialing, the
number passes on mailing address as follows and so on the broadcasting
station, the characteristic:
TCP/IP network: The CDMA network completely uses the
TCP/IP agreement to carry on the correspondence, has the unification
the standard and the technology, simultaneously the network will be
the future information development important direction.
High speed transmission: Already surpassed 64K the DDN
line, basically between 80 ~ 120K, versatilely satisfied the
enterprise logarithm according to the transmission special request.
Expense inexpensive: At present the CDMA month rents the
expense basically in 100-200 Yuan, with same level band width
traditional DDN, the X.25 wired network compares, the expense only has
original about 1/5, has created the condition for enterprise's
large-scale use.
Network nimble: China Unicom's CDMA network coverage
broad, specially distributes the widespread mountainous area, because
the CDMA network 基站 the cover area is big, has avoided the
line-wire communication construction cycle long question, but the fast
network and according to needs nimbly to adjust the mesh point.
Channel safeguard: The CDMA correspondence link by the
China Unicom such specialized operation business maintenance, in
appears the correspondence link severance in the situation to be able
to obtain promptly repairs in a rush, avoids the correspondence link
maintenance the extra worries.
Anti-radar strikes: CDMA uses the low power short antenna
outside, does not need to erect the big antenna, has overcome the
wired transmission facility and the blower is easily been struck by
lightning damages and the interrupt communication situation.
Second, existing wireless network analysis comparison
(1) blower
Belongs to the comparison tradition the mailing address,
mainly uses the analog communications, needs own to erect with the
maintenance broadcasting station, the speed is lower, generally only
can the simplex communication. Regarding the multi- spots
communication, may use the wheel to inquire the way to complete, the
response time is slower.
(2) GPRS network
Belongs to China to move the wireless data IP network
which promotes in the GSM network, belongs to the 2.5G wireless
network communication, the main characteristic is the entire
digitization, the network IP transmission, the network cover broader,
the stability is higher, specially suits long-distance copies the
table and so on the small data quantity the transmission.
(3) CDMA network characteristic
Belongs to China Unicom the wireless data IP network
which promotes in the CDMA network, it belongs to the 2.75G wireless
network communication, except the entire digitized, the network IP
characteristic is, its prominent merit is the network transmission
speed is higher, generally is between 60K~120K, is 2 times which the
ordinary telephone digit dialing accesses the net.
Simultaneously the network detention is smaller, compared with
suitable correspondence data real-time transmission data, even if is
appears in the data transfer harms the code in the situation, also has
the enough extra band width to verify and the correction data.
(4) GPRS and CDMA comparison
1st, GPRS is attaches in the GSM network the technology,
the merit is the stability good, the shortcoming is the speed is low,
the network retards in a big way.
2nd, CDMA is surpasses GSM the CDMA1X technology, the merit is
the speed is high, retards slightly, the shortcoming is China Unicom's
service support wants weak somewhat.
Third, GPRS way test existence question
(1) network speed is slow
The GPRS network is a network which the pronunciation
and the data altogether passes on, simultaneously is based on the
pronunciation first, therefore data transfer speed undulation bigger,
is often possible because the pronunciation has busily seized the data
channel thus the influence data communication quality.
(2) male net IP limit
Because GPRS uses the internal private network which
China moves provides, the IP address generally is 10.X.X.X below, thus
has the problem:
The private net arrives the male net through NAT, only can
realize the data by the under upward unidirectional transmission.
Because is not the peer-to-peer network front, the central
request control command and retransmits the order not to be able to
arrive the data acquisition. Thus is unable to realize the
coordinated correspondence and the long-distance control.
(3) is unable automatically to correct error
Because of data unidirectional transmission, therefore
is appearing the transmission is wrong, is unable to realize the
re-transmit function. Simultaneously because the GPRS network
speed is lower, also basically cannot satisfy the band width which
retransmitted.
Fourth, CDMA wireless network new plan
(1) CDMA wireless special net schematic drawing
(2) special net secure plan
Flaw exists which in view of the present enterprise VPDN
special net, we provide the integrity the solution to make up these
flaws. We provide from the terminal the end-to-end solution
which carries to the enterprise, completely satisfies the enterprise
user various aspects the demand. We recommend the enterprise to
use based on two VPDN network, will guarantee in the enterprise the
net completely private.
1st, realizes IMSI and a user/password ties up decides
In we carry in the enterprise, increases set of safe
analyses systems, realizes IMSI and a user/password ties up decides,
the system supports the CHAP authentication and the PAP authentication
way.
Under for realizes the schematic diagram which IMSI and a
user/password ties up decides.
Our system can realize each terminal to assign a user
famous password, this user famous password only has this terminal to
be able to use, the different terminal user famous password cannot mix
uses.
Will not be enterprise's private users attempts to carry forward
to the enterprise special network, the system refuses the user to
carry forward to the information which and the recording user will
carry forward to include: The IMSI number, carries forward to
the user name which the time, carries forward to and so on.
In the enterprise in the legitimate private user attempt use
enterprise other legitimate private users' user famous passwords, the
system will refuse the user to carry forward to and to record the
information which this user will carry forward to: The IMSI
number, carries forward to the user name which the time, carries
forward to and so on.
Enterprise LNS does not need to dispose any concerned user the
authentication information, only needs the enterprise managers in the
authentication system disposition then, the disposition convenience is
reliable.
2nd, realizes the terminal and the IP address ties up decides
Requests in view of the enterprise to the different
terminal assignment different fixed IP address, we increase a set of
IP address to tie up decide the system, realizes the terminal and the
IP address ties up decides.
Makes the flow according to the L2TP letter, will carry on IPCP
in the terminal after the authentication the consultation. We
have controlled the IPCP consultation stage, enables its to aim at the
terminal assignment different fixed IP address, its schematic diagram
as follows:
The user terminal does not need to dispose the IP
address, enterprise LNS also does not need to dispose the address
pond, all terminals address will assign the IP address by the
allocation system assignment and the recording for the user the
situation.
The enterprise managers only need in the allocation system
disposition correlation data then, the disposition convenience is
reliable.
We will suggest the enterprise apportions various terminals
different user name and the password, our system will be able to
realize IMSI- user - password -IP four to tie up decides.
Our system "the IMSI definition, the address will tie up
decides" two functions integrations in CDMA on the special-purpose
RADIUS server product.
(3) CDMA special net superiority
1st, integrity private special network, reliability
high, the security is good.
2nd, peer-to-peer network, regardless of the mesh point to the
central transmission data or the center to the mesh point transmission
data, all completely is in the peer-to-peer network, does not have any
barrier. Will summon the pattern and the network management
system for the future center all can provide the seamless connection.
3rd, a stronger fault-tolerant ability, the CDMA network band
width is high, can guarantee the data acquisition great data quantity
transmission. Simultaneously even if is appearing is wrong, the
CDMA band width also can guarantee the error correction promptly
completes.
Fifth, information center construction
(1) association passes the center to the enterprise
information center special line
Generally for the optical fiber or the DDN way,
generally requests the band width about 2M, mainly guarantees the data
transfer the stability and the insecurity.
(2) LNS:CISCO 2,600 series routers
Requests the IOS edition to support VPDN to turn on,
simultaneously supports RADIUS and the DHCP request way. At
present China only supports the RADIUS request authentication for the
router, does not support the DHCP request way, therefore cannot
support the wireless terminal the IP address fixed way.
(3) fine duplicate joyful technical CDMA special net
authentication server
The main function tabulates as follows:
The wireless terminal status authentication, completes the
authentication authorization function, the permission validated user's
safety turns on with the rejection illegal user's invasion attack.
Mainly uses the RADIUS technology to realize.
Provides the UIM card locking function, realizes the UIM card,
the user name, the password, assignment fixed IP four ties up decides
the function.
The real-time surveillance user's on-line situation, and
provides the consummation the diary record, in order to afterwards
audits the reexamination.
Based on the WEB SERVER management way, facilitates nimbly.
Sixth, scene equipment
(1) fine duplicate joyful technical CDMA wireless
router
Main function as follows:
Completes all CDMA the network the TCP/IP network agreement
Provides this locality and the long-distance network
management and so on WEB SERVER, TELNET, CONSOLE.
|
