CN102377829B - Based on the communication means of HIP, system and equipment - Google Patents
Based on the communication means of HIP, system and equipment Download PDFInfo
- Publication number
- CN102377829B CN102377829B CN201010251671.7A CN201010251671A CN102377829B CN 102377829 B CN102377829 B CN 102377829B CN 201010251671 A CN201010251671 A CN 201010251671A CN 102377829 B CN102377829 B CN 102377829B
- Authority
- CN
- China
- Prior art keywords
- hip
- hap
- equipment
- address
- destination
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L65/00—Network arrangements, protocols or services for supporting real-time applications in data packet communication
- H04L65/60—Network streaming of media packets
- H04L65/65—Network streaming protocols, e.g. real-time transport protocol [RTP] or real-time control protocol [RTCP]
Abstract
The present invention relates to a kind of communication means of Intrusion Detection based on host identity protocol, system and equipment, the method Intrusion Detection based on host identity protocol (HIP) equipment and HIP equipment access node (HAP) realize, and the method comprises: source HIP equipment and source HAP set up HIP and be connected; Described source HIP equipment connects to described source HAP transmission packet by described HIP; Described source HAP receives described packet and forwards according to the HIP annexation of destination equipment or IP address.The present invention is based on the communication means of host identity protocol, system and equipment, the expense for HIP connection establishment can be reduced.
Description
Technical field
The present invention relates to field of telecommunications, particularly relate to a kind of communication means based on HIP, system, collection equipment (comprising HIP equipment and HIP equipment access node).
Background technology
In current Internet, IP both served as addressing function in address, served as again the effect of identification communication device node.This dual-use function determines when IP address change, and not only route there occurs change, and the mark of communication equipment main frame also there occurs change, traffic affecting continuity.In order to solve this problem, IETF introduces HIP (HostIdentityProtocol, host identity protocol, the host identity protocol of IETFHIP working group definition) agreement, solves the binding of device identification and address.HIP requires that any equipment has main frame identification code HI (HostIdentifier) unique in global range.Define host identification label HIT (host identification label, HostIdentityTag), the ORCHID of 128, being the Hash to host identification HI, is to use the interface of fixed length and unification that is convenient and 128 IPV6 addresses in a program by the benefit of host identification label in the protocol.HIP agreement has been done and now different restrictions for the COMMUNICATION LAYER PROTOCOL of TCP/IP.In ICP/IP protocol, TCP and UDP connection connects with IP address.And once HIP framework is set up, these connect just same host id, instead of IP address connects.Why HIP can be so because it changes the binding of network layer in ICP/IP protocol and transport layer, introduces HIP layer (see Fig. 1) between TCP, IP.Among HIP framework, IP address still has the function of station location marker.But HI instead of the function of the device identification of IP address.This just makes the IP address of a no matter main frame how to convert, and it can both have uniquely constant mark, thus solves the mobility problem of main frame and the problem in many caves.HIP network hierarchical structure figure is see Fig. 1.
HIP agreement has oneself packet header on IP packet header.Wherein the implication of each field is as follows:
NextHeader field, for describing the position of additional header, does not use at present, and fixing use metric 59 represents do not have NextHeader.
The length in HeaderLength explanation of field HIP packet header, with the integral multiple of 8 bytes counting, does not comprise 8 byte packet header of beginning.
Packet type field illustrates the type of HIP bag.
VER. the version number of explanation of field HIP agreement.
RES. field is that later application is reserved, and does not use at present.
Checksum field is the School Affairs in HIP packet header.
Controls field is the field that pack arrangement and master capability describe, and define only a kind of situation of mode that main frame sends with anonymity at present.
Sender ' sHostIdentityTag (HIT) the field description HIT of sender, the ORCHID of 128.
Receiver ' sHostIdentityTag (HIT) the field description HIT of recipient, the ORCHID of 128.
HIPParameters field description HIP wraps the HIP parameter of carrying.
HIP basis interaction flow is as Fig. 2.HIP basis is the reciprocal process of Back ground Information between two main frames alternately, for the Back ground Information of mutual two host communications.It is mutual that HIP basis interaction flow has four to wrap, parameter in second and the 3rd bag required for mutual DH key algorithm, for negotiating about cipher key shared between two main frames, by the PKI that carries in second and the 3rd bag, the identity of signature and HIT certification the other side respectively.Four bag complete alternately after, establish end-by-end security connect.The main frame that initiation HIP wraps alternately is in a network promoter, promoter thinks that mutual main frame is respondent, and after the basic interaction flow of four bags terminates, this difference is not just present in, in subsequent communications, mutual either party may become promoter, notifies the change of the other side oneself state.In first bag I1 that promoter initiates, only comprise the host identification label of promoter and the host identification label of respondent.Actual information interactive process is started in second bag R1 that respondent sends.In second bag R1, contain the secret challenge (threat for reducing Denial of Service attack) to promoter, initiator must respond this challenge, could continue alternately.In the 3rd the bag I2 that sender sends, contain the response of sender to challenge secret in R1 bag.The 4th the bag R2 that respondent sends comprises the signature of respondent, terminates the HIP basis interaction flow of four bags simultaneously.
As shown in Figure 3, before UE1 and UE2, UE3 data communication, need the HIP carrying out with UE2 and UE3 respectively shaking hands for 4 times basic mutual, set up HIP and connect.After the IP address of equipment change using HIP, need the destination notifying that it connects, use the three-way handshake mode of the Update message of HIP.Wherein, parameter LOCATOR comprises the new IP address (the IPv4 address of IPv6 address or IPv4-in-IPv6 form) of main frame, ESP_INFO comprises the information of security association (SA), SEQ and ACK is for confirming that two ends have received Update bag.
ORCHID
OverlayRoutableCryptographicHashIdentifiers (ORCHID) is a kind of special IPV6 address, and it can not as common routable IPV6 address.Come by using the special mark of 28 at head to distinguish with common IPV6 address.It is constructed as follows: the prefix 2001:10: of 28 :/28 add the binary string of 100.HIT in HIP uses ORCHID.
HIP, based on connecting end to end, thus has following problem:
Between equipment with multiple equipment, during communication, need to set up multiple HIP be connected, add cost of device.
Between equipment and equipment, physical location is when more namely RTT (RoundTripTime, bag turnaround time) is larger, and HIP connection set-up delay is comparatively large, affects Consumer's Experience.
IP address of equipment changes needs the equipment notifying all connections, and time delay, expense are comparatively large, as shown in Figure 4.
Summary of the invention
The technical problem to be solved in the present invention is to provide a kind of communication means of Intrusion Detection based on host identity protocol, system and equipment, to reduce the expense for HIP connection establishment.
For solving above technical problem, the invention provides a kind of communication means of Intrusion Detection based on host identity protocol, the method Intrusion Detection based on host identity protocol (HIP) equipment and HIP equipment access node (HAP) realize, and the method comprises:
Source HIP equipment and source HAP set up HIP and are connected;
Described source HIP equipment connects to described source HAP transmission packet by described HIP;
Described source HAP receives described packet and forwards according to the HIP annexation of destination equipment or IP address.
Further, described destination equipment be HIP equipment and from described destination equipment exist the destination HAP of HIP annexation different with described source HAP time, packet is forwarded to described destination HAP by described source HAP; Packet is forwarded to destination equipment by being connected with the HIP of described destination equipment by described destination HAP.
Further, described HAP preserves and safeguards and there is the host identification label (HIT) of the HIP equipment that HIP is connected and the corresponding relation of IP address with it; Described destination HAP according to the corresponding relation of HIT and the IP address of destination equipment to destination device forwards packet.
Further, described HAP safeguards that the method for the corresponding relation of described HIP equipment is: described HAP and described HIP equipment set up HIP when being connected, corresponding relation described in buffer memory; The HIP disconnecting of described HIP equipment or after closing, deletes described corresponding relation; During the IP address modification of described HIP equipment, upgrade described corresponding relation.
Further, annexation maintenance system and/or described HAP preserve and safeguard to embody the HIT of described HIP equipment of HIP annexation and the binding relationship of the IP address of described HAP; After described HAP receives packet, first according to the local corresponding relation preserved of object HIT inquiry in packet, if find, show that described HAP exists HIP with destination equipment and is connected; If do not find, then the binding relationship corresponding according to described object HIT inquiry, and then according to Query Result to destination HAP or destination HIP device forwards.
Further, described HAP after binding relationship corresponding to described annexation maintenance system inquiry described in local cache binding relationship, and/or destination HAP is when receiving the packet that will be sent to destination HIP equipment, preserve the binding relationship of the HIT of source HIP equipment and the IP address of source HAP according to packet, and timing is deleted.
Further, described HIP equipment and described HAP set up and realize HIP by the following method after HIP is connected and connect keep-alive:
Described HIP equipment timing sends a notification message to described HAP, and described HAP sends response message after receiving described notification message;
If described HAP is not notified message in the given time, then delete the local corresponding relation preserved, and notifying that described annexation maintenance system or relevant HAP delete corresponding binding relationship, when receiving the packet mailing to described HIP equipment, notice transmitting terminal data send unsuccessfully;
If described HIP equipment does not receive response message in the given time, then again set up HIP with described HAP or new HAP and be connected.
Further, the source of the packet that described source HIP equipment sends, destination host identification (RFID) tag (HIT) are respectively the HIT of described source HIP equipment and described destination HIP equipment, and source, object IP address are respectively the IP address of described source HIP equipment and described source HAP; Described source HAP forwards after described processing data packets to described destination HAP again, the method of described source HAP handle packet is: on the basis of the packet received, packaged source, object IP address are respectively the IP address of described source HAP and destination HAP, or, source, object IP address are replaced with respectively the IP address of described source HAP and destination HAP.
Further, described HIP equipment has multiple IP address, and described HIP equipment reports described multiple IP address to described HAP, the HIT of HIP equipment described in described HAP buffer memory and the corresponding relation of multiple IP address by more new technological process; When described HAP receives the packet mailing to described HIP equipment, according to one of them IP address of specific policy selection as the object IP address of packet sending to described HIP equipment.
Further, setting up the described HAP that HIP is connected with described HIP equipment is that described HIP equipment is less than the HAP of predetermined threshold value by the bag turnaround time (RTT) that DHCP (DHCPv6) or the DNS of queries static configuration server, IPv6 determine.
For solving above technical problem, present invention also offers a kind of communication system of Intrusion Detection based on host identity protocol, this system comprises host identity protocol (HIP) equipment and HIP equipment access node (HAP), wherein,
Described HIP equipment comprises:
HIP connection establishment module, is connected for setting up HIP with HIP equipment access node (HAP);
Described data packet transceive module, during as source equipment, sends packet for being connected by described HIP; During as destination equipment, receive packet for being connected by described HIP;
Described HAP comprises:
HIP connection establishment module, is connected for setting up HIP with described HIP equipment;
Packet forwarding module, for receiving packet, and forwards according to the HIP annexation of destination equipment or IP address.
For solving above technical problem, present invention also offers a kind of host identity protocol equipment, described host identity protocol (HIP) equipment comprises HIP connection establishment module and data packet transceive module, wherein:
Described HIP connection establishment module, is connected for setting up HIP with HIP equipment access node (HAP);
Described data packet transceive module, during as source equipment, sends packet for being connected by described HIP to described HAP; During as destination equipment, connected for receiving described HAP the packet sent by described HIP.
Further, described equipment also comprises IP address update module, is reported the IP address of described HIP equipment during for changing at described HIP IP address of equipment or having multiple IP address by more new technological process to described HAP.
For solving above technical problem, present invention also offers a kind of access node of host identity protocol equipment, the access node (HAP) of described host identity protocol equipment comprises HIP connection establishment module and packet forwarding module, wherein,
HIP connection establishment module, is connected for setting up HIP with HIP equipment;
Packet forwarding module, for receiving packet, and forwards according to the HIP annexation of destination equipment or IP address.
The present invention is based on the communication means of host identity protocol, system and equipment, introduce HIP equipment access node (HIPAccessPoint, HAP), HIP equipment and HAP set up after HIP is connected, by the data between HAP device forwards HIP equipment and other HIP equipment and/or non-HIP equipment, thus the HIP that can reduce the foundation of HIP equipment needs connects and time delay, improves Consumer's Experience.
Accompanying drawing explanation
Fig. 1 is prior art HIP network hierarchical structure figure;
Fig. 2 is prior art HIP basis interaction flow;
Fig. 3 is existing HIP agreement, end to end HIP connection diagram;
Fig. 4 is that prior art HIP IP address of equipment changes notice schematic diagram, and wherein the IP address modification of UE1 need notify opposite end UE2, UE3 of all connections;
Fig. 5 is HIP service infrastructure schematic diagram of the present invention;
Fig. 6 is the communication means schematic diagram that the present invention is based on host identity protocol;
Fig. 7 is cellular logic structure chart of the present invention;
Fig. 8 uses the annexation maintenance system of SN (SuperNode) node composition to the schematic diagram of the binding relationship storing HIP equipment HIT and current HAP and identify;
Fig. 9 is embodiments of the invention one, wherein uses SN node shown in Fig. 8 to store the binding relationship of HIP equipment HIT and HAP;
Figure 10 is its embodiment two be connected with HAPHIP of HIP device shutdown of the present invention, wherein uses SN node to store the binding relationship of HIP equipment HIT and HAP;
Figure 11 is the schematic diagram that HIP IP address of equipment of the present invention changes.HIP equipment only needs to notify its HAP connected once;
Figure 12 is the flow chart of the embodiment three that HIP IP address of equipment of the present invention changes.
Embodiment
Thinking of the present invention changes the end-to-end connected mode of HIP equipment, introduce HIP equipment access node (HIPAccessPoint, HAP), HIP equipment and HAP set up after HIP is connected, by the data between HAP device forwards HIP equipment and other HIP equipment and/or non-HIP equipment, thus the HIP that can reduce the foundation of HIP equipment needs connects and time delay, improves Consumer's Experience.
Below in conjunction with Fig. 5, HIP equipment and HIP equipment access node are described.
In Fig. 5, UE1, UE2, UE3, UE4 are HIP equipment, support HIP agreement; HAP1, HAP2 and HAP3 are the HIP access nodes of architecture, and provide the HIP of each HIP equipment to access, data retransmission, wherein, HAP1 and UE1 and UE4 set up HIP and be connected, and HAP2 and UE2 sets up HIP and connects, and HAP3 and UE3 sets up HIP and connects.
Because HIP is based on connecting end to end, each HIP equipment needs 4-Way Handshake to be associated with a new HIP equipment, adds the expense of HIP equipment.Meanwhile, when the RTT between a HIP equipment and another HIP equipment is longer, the time delay that connects is longer, affects Consumer's Experience.Therefore preferably, HIP equipment and RTT (RoundTripTime, bag turnaround time) less HAP set up HIP and connect, and the packet that HIP equipment sends is forwarded by this HAP.
Setting up with HIP equipment the HAP that HIP is connected can be that HIP equipment is less than the HAP of predetermined threshold value by the bag turnaround time (RTT) that DHCP (DHCPv6) or the DNS of queries static configuration server, IPv6 determine.
As shown in Figure 6, the communication means that the present invention is based on host identity protocol comprises the following steps:
Step 601: source HIP equipment and source HAP set up HIP and be connected;
Step 602: described source HIP equipment connects to described source HAP transmission packet by described HIP;
Step 603: described source HAP receives described packet and forwards according to the HIP annexation of destination equipment or IP address.
According to inventive concept, HIP equipment can communicate with other HIP equipment, also can communicate with other non-HIP equipment.
In order to preserve and safeguard the annexation between HIP equipment and HAP, the present invention introduces annexation maintenance system, as shown in Figure 7, wherein:
HIP equipment 701 expresses support for the subscriber equipment of HIP agreement, carries out HIP be connected with HAP702; HAP702 is responsible for the data retransmission of HIP equipment 701, and tunnel can be used between HAP also directly can to forward HIP bag;
Annexation maintenance system 703, stores the binding relationship of the IP address of HIT and the HAP of HIP equipment, and HAP accesses the binding relationship of HIP equipment and HAP by data access interface.
In addition, HAP also can preserve above-mentioned binding relationship.
Annexation maintenance system is made up of several nodes, and Fig. 8 is the schematic diagram that SN (SuperNode) node stores the binding relationship of the IP address of HIP equipment HIT and current HAP.SN node is the node that some homogenize.HAP according to specific storage rule by the storage of SN node, obtain the binding relationship that interface stored and obtained HIP equipment HIT and HAP.Wherein:
The HAP1 of 801, UE1 association is stored by SN1 node and is obtained the binding relationship of HIT and the HAP1 of UE1.
The HIT of 802, the UE2 determined with the mark (as HIT) of UE2 according to storage rule and the storage SN node of HAP binding relationship associated with it.The HAP binding information that other SN node can obtain UE2HIT with the mark (as HIT) of UE2 to this SN node and associate with it according to storage rule.
Embodiment one
Fig. 9 is the binding relationship of annexation maintenance system storage HIP equipment HIT and HAP based on the SN node composition shown in Fig. 8, and the HIP equipment UE 1 at communication two ends and UE2 are connected on different HAP, comprise the following steps:
Step 901, UE1 and HAP1 sets up HIP and connects, and UE2 and HAP2 sets up HIP and connects;
For the server that UE, UE1 are configured by queries static, the modes such as DHCPv6 (DHCP of IPv6) or DNS obtain the less HAP1 address of RTT, and UE1 and HAP1 sets up HIP and connects.HAP1 stores the corresponding relation of the IP address of HIT and the UE1 of UE1.HAP1 stores the binding relationship of the HIT of itself and UE1 in the responsible SN node of UE1.
Step 902, UE1 uses it to be connected with the HIP of HAP1 and sends to HAP1 the packet that it wants to mail to UE2;
UE1 needs to tell HAP1 that packet issues UE2, and the invention provides a kind of new HIP Packet type DATA, the source HIT in the HIP head of this packet fills in the identifier HIT_ue1 of UE1, and object HIT fills in the identifier HIT_ue2 of UE2; The IP address of source and destination is the IP address of UE1 and HAP1 respectively.
Step 903, after HAP1 receives the packet that UE1 sends, according to object HIT value HIT_ue2, inquires about its whether buffer memory binding relationship of HIT_ue2, as nothing, then to the binding relationship of its SN1 inquiry HIT_ue2 connected;
Step 904, SN1 obtains the information of the HAP2 of UE2 association according to the responsible SN node of storage rule to UE2 and returns to HAP1;
Step 905, the binding relationship of HAP1 buffer memory UE2 and HAP2, and forward to HAP2 the data that UE1 sends to UE2;
Thus need not go to get binding relationship by SN node, and can timer be set, after timer expiry, delete the buffer memory of binding relationship. at every turnHAP1 forwards to HAP2 the data that UE1 sends to UE2, can have multiple implementation, below provide two kinds of implementations:
Mode one: HAP1 directly forwards the HIP bag that UE1 sends, and using the content of HIP bag as IP bag, source and destination IP address is the IP address of HAP1 and HAP2 respectively;
Mode two: HAP1 and HAP2 uses tunnel-associated, and HAP1 removes HIP head, and the source address in internal layer IP packet header and destination address fill in HIT_ue1 and HIT_ue2 respectively, and the source address in outer IP packet header and destination address fill in the IP address of HAP1 and HAP2 respectively.
Step 906, after HAP2 receives the packet of HAP1 transmission, obtains corresponding object mark HIT_ue2, searches the IP address of corresponding UE2, to UE2 forwarding data according to object HIT_ue2.The wherein identifier HIT_ue1 of HIP Packet type to be the source HIT in DATA, HIP head be UE1,0 object HIT is the identifier HIT_ue2 of UE2, and the IP address of source and destination is the IP address of HAP2 and UE2 respectively.
HAP2 can according to the packet received, the binding relationship of HIT and the HAP1 of buffer memory UE1, and can arrange timer, and after timer expiry, delete the buffer memory of binding relationship, the data that each HAP2 receives the UE1 sent by HAP1 can reset timer.If HAP2 inquiry is less than the IP address of UE2, such as UE2 has disconnected and being connected with the HIP of HAP2, and HAP2 sends data to HAP1 and sends failure notification, comprises UE2HIT, also can comprise the mark of HAP2.HAP1 deletes the binding relationship of UE2HIT and HAP2 after receiving data transmission failure notification.
Embodiment shown in Fig. 9 can have multiple conversion, as:
HAP stores the binding binding relationship of HAP and HIP equipment, and each HAP realizes the function of annexation maintenance system, stores all binding relationships; Or the function of annexation maintenance system is jointly realized by all HAP, each HAP realizes the function of SN node according to storage rule correspondence; Or,
Do not use annexation maintenance system to store the binding relationship of HAP and HIP equipment, and use the server cluster of similar DNS; Or,
The binding relationship of HAP not buffer memory HAP and HIP equipment, when namely HAP1 forwards the data mailing to UE2 at every turn, all obtains the binding relationship of UE2 and HAP2 from the SN node of responsible storage HIP equipment and HAP binding relationship or HAP; Or,
In step 903, HAP1 first judges whether UE2 exists HIP with it and be connected, the i.e. local corresponding relation whether preserving the IP address of HIT and the UE2 of UE2 of first inquiry, as inquired, HAP1 is directly to UE2 forwarding data, the wherein identifier HIT_ue1 of HIP Packet type to be the source HIT in DATA, HIP head be UE1, object HIT is the identifier HIT_ue2 of UE2.The IP address of source and destination is the IP address of HAP1 and UE2 respectively; When not inquiring, then inquire about corresponding binding relationship.
Set up following keepalive mechanism between HAP and HIP equipment and realize HIP connection keep-alive:
The timing of HIP equipment sends a notification message to HAP, and described HAP sends response message after receiving described notification message;
If HAP is not notified message in the given time, then delete the local corresponding relation preserved, and notify that described annexation maintenance system or relevant HAP delete corresponding binding relationship (such as, notice is responsible for the binding relationship of its HIP equipment preserved of SN knot removal and this HAP), receive other HAP send mail to the packet of this HIP equipment time, notice transmitting terminal (as opposite end HAP or opposite end HIP equipment) data send unsuccessfully, comprise UEHIT, also can comprise HAP mark;
If described HIP equipment does not receive response message in the given time, show HIP disconnecting, then re-execute step 901 and set up HIP with this HAP or new HAP and be connected; If establish HIP with new HAP to be connected, this HIP equipment can notify new HAP, allows its notice delete former binding relationship.
Keepalive mechanism can be set up: when a HAP finds that other HAP is unreachable between HAP and HAP; delete the HIP equipment of its buffer memory and the binding relationship of inaccessible HAP; and send broadcast and notify other HAP, and delete the binding relationship that in annexation maintenance system, unreachable HAP is corresponding.
As HIP equipment has multiple IP address, in step 901, UE uses the more new technological process of HIP agreement (as Update bag), to HAP, its multiple IP address is described, HAP preserves the HIT of HIP equipment and the corresponding relation of multiple IP address.In step 902, UE can send data with different IP addresses to HAP, and its source IP address fills in the IP address for sending this bag of UE, and step 903 is identical to step 906.When HAP receives the data mailing to this HIP equipment, it can according to the binding of the HIT of HIP equipment and multiple IP address, according to some strategies in this multiple IP address, as load balancing, choose an IP address as the object IP address of packet sending to this HIP equipment.
Data packet format in above embodiment one is only preferred format of the present invention, such as in order to realize the forwarding of source HAP to destination HAP, as long as comprise the information of destination HIP equipment in the packet that source HIP equipment sends, make source HAP can inquire corresponding destination and forward route, such as, the HIT information of destination HIP equipment is carried in the packet that can send at source HIP equipment in the mode of cell.Source HAP can realize the forwarding of the packet returned by the relevant information of record communication both sides or packet.
Embodiment two
Figure 10 is its embodiment be connected with the HIP between HAP of HIP device shutdown of the present invention, wherein, the annexation maintenance system of the composition of the SN node shown in Fig. 8 is used to store the binding relationship of HIP equipment and HAP, the HIP equipment UE 1 at communication two ends and UE2 are connected on different HAP, comprise the following steps:
Step 1001UE1 and HAP1 sets up HIP and connects, and UE2 and HAP2 sets up HIP and connects; For the server that UE, UE1 are configured by queries static, the modes such as DHCPv6 (DHCP of IPv6) or DNS obtain the less HAP1 address of RTT, and UE1 and HAP1 sets up HIP and connects.HAP1 stores the corresponding relation of the IP address of HIT and the UE1 of UE1.HAP1 stores the binding relationship of the HIT of itself and UE1 in the responsible SN node of UE1.
Step 1002, UE1 uses it to be connected with the HIP of HAP1 to send HIPClose to HAP1 and wraps, and closes it and is connected with the HIP of HAP1;
Step 1003, HAP1 sends the order of the binding relationship deleting itself and UE1, and deletes the corresponding relation of the IP of HIT and the UE1 of the UE1 of its buffer memory after receiving the Close bag of UE1 transmission to its SN1 node connected;
Step 1004, SN1 node sends the order of the binding relationship deleting HAP1 and UE1 to the responsible SN node of UE1 according to storage rule, the binding relationship of responsible SN knot removal UE1HIT and the HAP1 of UE1;
Step 1005, UE2 sends data to HAP2, and object equipment is UE1;
Step 1006, after HAP2 receives the packet of UE2 transmission, obtains corresponding object mark HIT_ue1, finds the binding relationship of the IP address of HIT and the HAP1 of the UE1 of buffer memory, to HAP1 forwarding data according to object HIT_ue1;
Step 1007, HAP1 finds that it is connected without HIP with UE1, sends data and sends failure notification, comprise UE1HIT, also can comprise the mark of HAP1 to HAP2;
Step 1008, HAP2 deletes the binding relationship of the IP address of HIT and the HAP1 of the UE1 of its buffer memory, and HAP2 searches the annexation maintenance system of SN node composition, check whether UE1 establishes HIP with new HAP and be connected, as the HAP that UE1 connects without other, HAP2 notify that UE2, UE1 are unreachable.
Embodiment three
If Figure 11 is the schematic diagram that HIP IP address of equipment changes, based on the situation of Figure 11, the flow process of IP address modification as shown in figure 12, comprises the following steps:
Step 1201, the server that UE1 is configured by queries static, DHCPv6 (DHCP of IPv6), or the mode such as DNS obtains HAP address, and UE1 and HAP1 sets up HIP and connects, and HAP1 stores the corresponding relation of HIT and the IP address of UE1;
Step 1202, the IP address of UE1 changes;
Step 1203, UE1 sends to the HAP1 associated by it change that HIPUpdate notifies IP address.HAP1 records the change of this IP address of UE1;
Step 1204, sends data with miscellaneous equipment such as the UE2 of UE1 communication to UE1;
Step 1205, HAP1 finds that UE1 notifies that the IP address of IP address modification is the address uniquely mailing to UE1, then can mail to the data of UE1 by buffer memory;
Step 1206, HAP1 is toward the confirmation of the new IP address transmission Update of UE1;
Step 1207, UE1 sends the confirmation of Update toward HAP1;
Step 1208, HAP1 stores the HIT of UE and the corresponding relation of new IP address, deletes former corresponding relation;
Step 1209, HAP1 sends the data of buffer memory to UE1.
The present embodiment three can have multiple conversion, as:
HAP1 does not need the new IP address verifying UE1, and HAP1 is not data cached, after the Update message of IP address modification receiving UE1, directly to the new IP address forwarding data of UE; Or
UE1 knows its new IP address before IP address modification prerequisite, its new IP address of UE1 prior notice HAP1, and HAP can select simultaneously toward old IP address and the new IP address forwarding data bag of UE.
In addition, based on inventive concept, HIP equipment by Packet Generation to after HAP, the communication with non-HIP equipment can also be realized by this HAP, now HAP only needs the source of the packet of reception, object IP address to be revised as respectively the IP address of HAP and the IP address of non-HIP equipment and forwards, during with this non-HIP devices communicating, do not hinder this HIP equipment and other HIP equipment to be connected by the HIP set up and communicate.
For realizing above method, present invention also offers a kind of communication system of Intrusion Detection based on host identity protocol, it is characterized in that, this system comprises host identity protocol (HIP) equipment and HIP equipment access node (HAP), wherein, described HIP equipment comprises:
HIP connection establishment module, is connected for setting up HIP with HIP equipment access node (HAP);
Described data packet transceive module, during as source equipment, sends packet for being connected by described HIP; During as destination equipment, receive packet for being connected by described HIP;
Described HAP comprises:
HIP connection establishment module, is connected for setting up HIP with described HIP equipment;
Packet forwarding module, for receiving packet, and forwards according to the HIP annexation of destination equipment or IP address.
Described destination equipment is HIP equipment, and when source HAP is different from destination HAP, the packet of reception is forwarded to described destination HAP by the packet forwarding module of described source HAP; The packet of reception is forwarded to destination equipment by being connected with the HIP of destination equipment by the packet forwarding module of described destination HAP.
Described HAP also comprises the corresponding relation cache module be connected with described packet forwarding module, there is the host identification label (HIT) of the HIP equipment that HIP is connected and the corresponding relation of IP address for preserving and safeguarding with it; The packet forwarding module of destination HAP by the packet that receives according to the corresponding relation of HIT and the IP address of destination equipment to destination device forwards.
The corresponding relation cache module of described HAP safeguards that the corresponding relation of described HIP equipment comprises: described HAP and described HIP equipment set up HIP when being connected, corresponding relation described in buffer memory; The HIP disconnecting of described HIP equipment or after closing, deletes described corresponding relation; During the IP address modification of described HIP equipment, upgrade described corresponding relation.
Described communication system also comprises annexation maintenance system, for preserving and safeguarding to embody the HIT of described HIP equipment of HIP annexation and the binding relationship of the IP address of described HAP; Described HAP also comprises enquiry module, for first inquiring about corresponding relation cache module according to the object HIT in the packet received, if find, shows that described HAP exists HIP with destination equipment and is connected; If do not find, then according to the binding relationship of described object HIT to described annexation maintenance system inquiry correspondence; Described packet forwarding module by receive packet according to the Query Result of described enquiry module to destination HAP or destination HIP device forwards.
Described HIP equipment also comprises IP address update module, is reported the IP address of described HIP equipment during for changing at described HIP IP address of equipment or having multiple IP address by more new technological process to described HAP; When described HIP equipment has multiple IP address, the HIT of HIP equipment described in the corresponding relation cache module buffer memory of described HAP and the corresponding relation of described multiple IP address; When described HAP is as destination HAP, described packet forwarding module also for according to one of them IP address of specific policy selection as the object IP address of packet sending to described destination HIP equipment.
Present invention also offers a kind of host identity protocol equipment, described host identity protocol (HIP) equipment comprises HIP connection establishment module and data packet transceive module, wherein:
Described HIP connection establishment module, is connected for setting up HIP with HIP equipment access node (HAP);
Described data packet transceive module, during as source equipment, sends packet for being connected by described HIP to described HAP; During as destination equipment, connected for receiving described HAP the packet sent by described HIP.
Described equipment also comprises IP address update module, is reported the IP address of described HIP equipment during for changing at described HIP IP address of equipment or having multiple IP address by more new technological process to described HAP.
In addition, present invention also offers a kind of access node of host identity protocol equipment, the access node (HAP) of described host identity protocol equipment comprises HIP connection establishment module and packet forwarding module, wherein,
HIP connection establishment module, is connected for setting up HIP with HIP equipment;
Packet forwarding module, for receiving packet, and forwards according to the HIP annexation of destination equipment or IP address.
Described destination equipment is HIP equipment, and source HAP and different from destination HAP time, the packet of reception is forwarded to described destination HAP by the packet forwarding module of described source HAP; The packet of reception is forwarded to destination equipment by being connected with the HIP of destination equipment by the packet forwarding module of described destination HAP.
Described HAP also comprises the corresponding relation cache module be connected with described packet forwarding module, there is the host identification label (HIT) of the HIP equipment that HIP is connected and the corresponding relation of IP address for preserving and safeguarding with it; When described HIP equipment has multiple IP address, the HIT of HIP equipment described in the corresponding relation cache module buffer memory of described HAP and the corresponding relation of described multiple IP address; When described HAP is as destination HAP, described packet forwarding module also for according to one of them IP address of specific policy selection as the object IP address of packet sending to described HIP equipment.
Described HAP also comprises binding relationship cache module and enquiry module, described binding relationship cache module, for preserving according to storage rule and safeguarding to embody the binding relationship of the IP address of HIT and the HAP of the described HIP equipment of HIP annexation; Described enquiry module, for first inquiring about corresponding relation cache module according to the object HIT in the packet received, if find, shows that described HAP exists HIP with destination equipment and is connected; If do not find, then inquire about described binding relationship cache module according to described object HIT and storage rule; Described packet forwarding module by receive packet according to the Query Result of described enquiry module to destination HAP or destination HIP device forwards.
The all or part of step that one of ordinary skill in the art will appreciate that in said method is carried out instruction related hardware by program and is completed, and described program can be stored in computer-readable recording medium, as read-only memory, disk or CD etc.Alternatively, all or part of step of above-described embodiment also can use one or more integrated circuit to realize.Correspondingly, each module/unit in above-described embodiment can adopt the form of hardware to realize, and the form of software function module also can be adopted to realize.The present invention is not restricted to the combination of the hardware and software of any particular form.
The present invention is based on the communication means of host identity protocol, system and HIP equipment and HAP, make HIP equipment only need to set up HIP with HAP and be connected, can realize communicating with one or more HIP equipment or non-HIP equipment; Especially, when with multiple HIP devices communicating, connecting without the need to setting up multiple HIP, decreasing the expense of equipment.In addition, the HAP that HIP equipment choice and RTT are less than predetermined threshold value sets up HIP and is connected, and can reduce the time delay of HIP connection establishment, provide good Consumer's Experience to user.When the IP address modification of HIP equipment, only need notice and its HAP having HIP to be connected, reduce time delay and expense.
During with other HIP devices communicatings, only need indicate the mark of the equipment receiving data, not need the IP address of searching the HIP equipment receiving data.
Claims (21)
1. a communication means for Intrusion Detection based on host identity protocol, is characterized in that, the method Intrusion Detection based on host identity protocol HIP equipment and HIP equipment access node HAP realize, and the method comprises:
Source HIP equipment and source HAP set up HIP and are connected;
Described source HIP equipment connects to described source HAP transmission packet by described HIP;
Described source HAP receives described packet and forwards according to the HIP annexation of destination equipment or IP address;
Setting up with described HIP equipment the described HAP that HIP is connected is that described HIP equipment is less than the HAP of predetermined threshold value by the bag turnaround time RTT that dynamic host configuration protocol DHCP v6 or DNS of queries static configuration server, IPv6 determines;
Set up between described HAP and HAP and have keepalive mechanism: when a HAP finds that other HAP is unreachable; delete the HIP equipment of its buffer memory and the binding relationship of inaccessible HAP; and send broadcast and notify other HAP, and delete the binding relationship that in annexation maintenance system, unreachable HAP is corresponding.
2. the method for claim 1, it is characterized in that: described destination equipment be HIP equipment and from described destination equipment exist the destination HAP of HIP annexation different with described source HAP time, packet is forwarded to described destination HAP by described source HAP; Packet is forwarded to destination equipment by being connected with the HIP of described destination equipment by described destination HAP.
3. method as claimed in claim 2, is characterized in that: described HAP preserves and safeguards exists the host identification label HIT of the HIP equipment that HIP is connected and the corresponding relation of IP address with it; Described destination HAP according to the corresponding relation of HIT and the IP address of destination equipment to destination device forwards packet.
4. method as claimed in claim 3, is characterized in that: described HAP safeguards that the method for the corresponding relation of described HIP equipment is: described HAP and described HIP equipment set up HIP when being connected, corresponding relation described in buffer memory; The HIP disconnecting of described HIP equipment or after closing, deletes described corresponding relation; During the IP address modification of described HIP equipment, upgrade described corresponding relation.
5. method as claimed in claim 3, is characterized in that: annexation maintenance system and/or described HAP preserve and safeguard to embody the HIT of described HIP equipment of HIP annexation and the binding relationship of the IP address of described HAP; After described HAP receives packet, first according to the local corresponding relation preserved of object HIT inquiry in packet, if find, show that described HAP exists HIP with destination equipment and is connected; If do not find, then the binding relationship corresponding according to described object HIT inquiry, and then according to Query Result to destination HAP or destination HIP device forwards.
6. method as claimed in claim 5, it is characterized in that: described HAP after binding relationship corresponding to described annexation maintenance system inquiry described in local cache binding relationship, and/or destination HAP is when receiving the packet that will be sent to destination HIP equipment, preserve the binding relationship of the HIT of source HIP equipment and the IP address of source HAP according to packet, and timing is deleted.
7. the method for claim 1, is characterized in that: described HIP equipment and described HAP set up and realize HIP by the following method after HIP is connected and connect keep-alive:
Described HIP equipment timing sends a notification message to described HAP, and described HAP sends response message after receiving described notification message;
If described HAP is not notified message in the given time, then delete the local corresponding relation preserved, and notifying that described annexation maintenance system or relevant HAP delete corresponding binding relationship, when receiving the packet mailing to described HIP equipment, notice transmitting terminal data send unsuccessfully;
If described HIP equipment does not receive response message in the given time, then again set up HIP with described HAP or new HAP and be connected.
8. method as claimed in claim 2, it is characterized in that: the source of the packet that described source HIP equipment sends, destination host identification (RFID) tag HIT are respectively the HIT of described source HIP equipment and described destination HIP equipment, and source, object IP address are respectively the IP address of described source HIP equipment and described source HAP; Described source HAP forwards after described processing data packets to described destination HAP again, the method of described source HAP handle packet is: on the basis of the packet received, packaged source, object IP address are respectively the IP address of described source HAP and destination HAP, or, source, object IP address are replaced with respectively the IP address of described source HAP and destination HAP.
9. method as claimed in claim 3, it is characterized in that: described HIP equipment has multiple IP address, described HIP equipment reports described multiple IP address to described HAP, the HIT of HIP equipment described in described HAP buffer memory and the corresponding relation of multiple IP address by more new technological process; When described HAP receives the packet mailing to described HIP equipment, according to one of them IP address of specific policy selection as the object IP address of packet sending to described HIP equipment.
10. a communication system for Intrusion Detection based on host identity protocol, is characterized in that, this system comprises host identity protocol HIP equipment and HIP equipment access node HAP, wherein,
Described HIP equipment comprises:
HIP connection establishment module, is connected for setting up HIP with HIP equipment access node HAP;
Data packet transceive module, during as source equipment, sends packet for being connected by described HIP; During as destination equipment, receive packet for being connected by described HIP;
Described HAP comprises:
HIP connection establishment module, is connected for setting up HIP with described HIP equipment;
Packet forwarding module, for receiving packet, and forwards according to the HIP annexation of destination equipment or IP address;
Setting up with described HIP equipment the described HAP that HIP is connected is that described HIP equipment is less than the HAP of predetermined threshold value by the bag turnaround time RTT that dynamic host configuration protocol DHCP v6 or DNS of queries static configuration server, IPv6 determines;
Set up between described HAP and HAP and have keepalive mechanism: when a HAP finds that other HAP is unreachable; delete the HIP equipment of its buffer memory and the binding relationship of inaccessible HAP; and send broadcast and notify other HAP, and delete the binding relationship that in annexation maintenance system, unreachable HAP is corresponding.
11. systems as claimed in claim 10, is characterized in that: described destination equipment is HIP equipment, and source HAP and different from destination HAP time, the packet of reception is forwarded to described destination HAP by the packet forwarding module of described source HAP; The packet of reception is forwarded to destination equipment by being connected with the HIP of destination equipment by the packet forwarding module of described destination HAP.
12. systems as claimed in claim 10, it is characterized in that: described HAP also comprises the corresponding relation cache module be connected with described packet forwarding module there is the host identification label HIT of the HIP equipment that HIP is connected and the corresponding relation of IP address for preserving and safeguarding with it; The packet forwarding module of destination HAP by the packet that receives according to the corresponding relation of HIT and the IP address of destination equipment to destination device forwards.
13. systems as claimed in claim 12, is characterized in that: the corresponding relation cache module of described HAP safeguards that the corresponding relation of described HIP equipment comprises: described HAP and described HIP equipment set up HIP when being connected, corresponding relation described in buffer memory; The HIP disconnecting of described HIP equipment or after closing, deletes described corresponding relation; During the IP address modification of described HIP equipment, upgrade described corresponding relation.
14. systems as claimed in claim 12, is characterized in that: described communication system also comprises annexation maintenance system, for preserving and safeguarding to embody the HIT of described HIP equipment of HIP annexation and the binding relationship of the IP address of described HAP; Described HAP also comprises enquiry module, for first inquiring about corresponding relation cache module according to the object HIT in the packet received, if find, shows that described HAP exists HIP with destination equipment and is connected; If do not find, then according to the binding relationship of described object HIT to described annexation maintenance system inquiry correspondence; Described packet forwarding module by receive packet according to the Query Result of described enquiry module to destination HAP or destination HIP device forwards.
15. systems as claimed in claim 12, it is characterized in that: described HIP equipment also comprises IP address update module, during for changing at described HIP IP address of equipment or there is multiple IP address, reported the IP address of described HIP equipment by more new technological process to described HAP; When described HIP equipment has multiple IP address, the HIT of HIP equipment described in the corresponding relation cache module buffer memory of described HAP and the corresponding relation of described multiple IP address; When described HAP is as destination HAP, described packet forwarding module also for according to one of them IP address of specific policy selection as the object IP address of packet sending to described destination HIP equipment.
16. 1 kinds of host identity protocol equipment, is characterized in that, described host identity protocol HIP equipment comprises HIP connection establishment module and data packet transceive module, wherein:
Described HIP connection establishment module, is connected for setting up HIP with HIP equipment access node HAP;
Described data packet transceive module, during as source equipment, sends packet for being connected by described HIP to described HAP; During as destination equipment, connected for receiving described HAP the packet sent by described HIP;
Setting up with described HIP equipment the described HAP that HIP is connected is that described HIP equipment is less than the HAP of predetermined threshold value by the bag turnaround time RTT that dynamic host configuration protocol DHCP v6 or DNS of queries static configuration server, IPv6 determines;
Set up between described HAP and HAP and have keepalive mechanism: when a HAP finds that other HAP is unreachable; delete the HIP equipment of its buffer memory and the binding relationship of inaccessible HAP; and send broadcast and notify other HAP, and delete the binding relationship that in annexation maintenance system, unreachable HAP is corresponding.
17. equipment as claimed in claim 16, is characterized in that: described equipment also comprises IP address update module, are reported the IP address of described HIP equipment during for changing at described HIP IP address of equipment or having multiple IP address by more new technological process to described HAP.
The access node of 18. 1 kinds of host identity protocol equipment, is characterized in that, the access node HAP of described host identity protocol equipment comprises HIP connection establishment module and packet forwarding module, wherein,
HIP connection establishment module, is connected for setting up HIP with HIP equipment;
Packet forwarding module, for receiving packet, and forwards according to the HIP annexation of destination equipment or IP address;
Setting up with described HIP equipment the described HAP that HIP is connected is that described HIP equipment is less than the HAP of predetermined threshold value by the bag turnaround time RTT that dynamic host configuration protocol DHCP v6 or DNS of queries static configuration server, IPv6 determines;
Set up between described HAP and HAP and have keepalive mechanism: when a HAP finds that other HAP is unreachable; delete the HIP equipment of its buffer memory and the binding relationship of inaccessible HAP; and send broadcast and notify other HAP, and delete the binding relationship that in annexation maintenance system, unreachable HAP is corresponding.
The access node of 19. host identity protocol equipment as claimed in claim 18, it is characterized in that: described destination equipment is HIP equipment, and source HAP and different from destination HAP time, the packet of reception is forwarded to described destination HAP by the packet forwarding module of described source HAP; The packet of reception is forwarded to destination equipment by being connected with the HIP of destination equipment by the packet forwarding module of described destination HAP.
The access node of 20. host identity protocol equipment as claimed in claim 18, it is characterized in that: described HAP also comprises the corresponding relation cache module be connected with described packet forwarding module there is the host identification label HIT of the HIP equipment that HIP is connected and the corresponding relation of IP address for preserving and safeguarding with it; When described HIP equipment has multiple IP address, the HIT of HIP equipment described in the corresponding relation cache module buffer memory of described HAP and the corresponding relation of described multiple IP address; When described HAP is as destination HAP, described packet forwarding module also for according to one of them IP address of specific policy selection as the object IP address of packet sending to described HIP equipment.
The access node of 21. host identity protocol equipment as claimed in claim 20, it is characterized in that: described HAP also comprises binding relationship memory module and enquiry module, described binding relationship cache module, for preserving according to storage rule and safeguarding to embody the binding relationship of the IP address of HIT and the HAP of the described HIP equipment of HIP annexation; Described enquiry module, for first inquiring about corresponding relation cache module according to the object HIT in the packet received, if find, shows that described HAP exists HIP with destination equipment and is connected; If do not find, also for inquiring about described binding relationship memory module according to described object HIT and storage rule again; Described packet forwarding module by receive packet according to the Query Result of described enquiry module to destination HAP or destination HIP device forwards.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201010251671.7A CN102377829B (en) | 2010-08-09 | 2010-08-09 | Based on the communication means of HIP, system and equipment |
| PCT/CN2011/078079 WO2012019525A1 (en) | 2010-08-09 | 2011-08-05 | Hip-based communication method, system and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201010251671.7A CN102377829B (en) | 2010-08-09 | 2010-08-09 | Based on the communication means of HIP, system and equipment |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN102377829A CN102377829A (en) | 2012-03-14 |
| CN102377829B true CN102377829B (en) | 2015-11-25 |
Family
ID=45567364
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201010251671.7A Active CN102377829B (en) | 2010-08-09 | 2010-08-09 | Based on the communication means of HIP, system and equipment |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN102377829B (en) |
| WO (1) | WO2012019525A1 (en) |
Families Citing this family (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106034299A (en) * | 2015-03-09 | 2016-10-19 | 中兴通讯股份有限公司 | SCTP connection reestablishment method and SCTP connection reestablishment device |
| CN108234497B (en) * | 2018-01-05 | 2020-10-02 | 宝牧科技(天津)有限公司 | Encrypted tunnel communication method based on HIP protocol |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1939000A (en) * | 2004-04-15 | 2007-03-28 | 艾利森电话股份有限公司 | Identification method and apparatus for establishing host identity protocol (hip) connections between legacy and hip nodes |
| CN101369924A (en) * | 2008-09-26 | 2009-02-18 | 清华大学 | Mobile management method used for mobile IP network |
| WO2009049663A1 (en) * | 2007-10-15 | 2009-04-23 | Telefonaktiebolaget Lm Ericsson (Publ) | Provisioning mobility services to legacy terminals |
| CN101682615A (en) * | 2007-05-11 | 2010-03-24 | 艾利森电话股份有限公司 | hip node reachability |
-
2010
- 2010-08-09 CN CN201010251671.7A patent/CN102377829B/en active Active
-
2011
- 2011-08-05 WO PCT/CN2011/078079 patent/WO2012019525A1/en active Application Filing
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1939000A (en) * | 2004-04-15 | 2007-03-28 | 艾利森电话股份有限公司 | Identification method and apparatus for establishing host identity protocol (hip) connections between legacy and hip nodes |
| CN101682615A (en) * | 2007-05-11 | 2010-03-24 | 艾利森电话股份有限公司 | hip node reachability |
| WO2009049663A1 (en) * | 2007-10-15 | 2009-04-23 | Telefonaktiebolaget Lm Ericsson (Publ) | Provisioning mobility services to legacy terminals |
| CN101369924A (en) * | 2008-09-26 | 2009-02-18 | 清华大学 | Mobile management method used for mobile IP network |
Non-Patent Citations (1)
| Title |
|---|
| HIP Service Overlay study draft-wang-hiprg-service-overlay-00.txt;Jiong. Shen;《IETF Internet-Draft》;20100301;正文第1页至第10页 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN102377829A (en) | 2012-03-14 |
| WO2012019525A1 (en) | 2012-02-16 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN102404200B (en) | Routing using global address pairs | |
| US20040236855A1 (en) | Multi-link tunneling | |
| CN100505943C (en) | Mobile communication control system and method, and router | |
| US20100189103A1 (en) | Header Size Reduction of Data Packets | |
| KR100811890B1 (en) | Anycast routing method and apparatus for supporting service flow in internet system | |
| CN101394333B (en) | The method E-Packeted, device and network system | |
| CN102075420B (en) | Location identifier and host identifier separation-based system and mobility management method thereof | |
| US10812292B2 (en) | Packet processing method and device | |
| US20130294461A1 (en) | CGN Entity Based Data Transmission Method, CGN Entity, Gateway, and System | |
| US11153207B2 (en) | Data link layer-based communication method, device, and system | |
| WO2006104065A1 (en) | Mobile router, home agent, and terminal position management method | |
| Kim et al. | Mobile oriented future internet (MOFI): Architectural design and implementations | |
| WO2006097031A1 (en) | A method for transmitting the message in the mobile internet protocol network | |
| CN113472913B (en) | Communication method and device | |
| CN102523312B (en) | Method for optimal tunnel selection in 4over6 scene | |
| CN103916489B (en) | The many IP of a kind of single domain name domain name analytic method and system | |
| CN102377829B (en) | Based on the communication means of HIP, system and equipment | |
| CN102045260A (en) | Message transmission method in mobile IPv6 and UTM (unified threat management) equipment | |
| CN102457510B (en) | The method and system that a kind of HAP switches | |
| JPWO2008120276A1 (en) | COMMUNICATION SYSTEM, COMMUNICATION METHOD IN COMMUNICATION SYSTEM, AND RELAY DEVICE | |
| US20090201931A1 (en) | Method and apparatus for transferring IP transmission session | |
| CN101783775B (en) | Interconnected method for vector network and IP network by gateway mode | |
| CN102413098B (en) | A kind of data transmission method based on HIP equipment and system | |
| US11588925B2 (en) | Method for transferring large amounts of data through a telematic network in an efficient and reliable manner at a high-speed | |
| CN102547845B (en) | A kind of management method of data message during switchover of mobile node in identification network and system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20201218 Address after: 215163 8 Jinfeng Road, science and Technology City, Suzhou high tech Zone, Jiangsu Patentee after: Suzhou Medical Device Industry Development Co.,Ltd. Address before: 518057 Ministry of justice, Zhongxing building, South Science and technology road, Nanshan District hi tech Industrial Park, Shenzhen, Guangdong Patentee before: ZTE Corp. |
|
| TR01 | Transfer of patent right | ||
| CP01 | Change in the name or title of a patent holder |
Address after: 215163 8 Jinfeng Road, science and Technology City, Suzhou high tech Zone, Jiangsu Patentee after: Suzhou Medical Device Industry Development Group Co.,Ltd. Address before: 215163 8 Jinfeng Road, science and Technology City, Suzhou high tech Zone, Jiangsu Patentee before: Suzhou Medical Device Industry Development Co.,Ltd. |
|
| CP01 | Change in the name or title of a patent holder |