Summary of the invention
The object of the present invention is to provide the abnormality eliminating method of mobile node in a kind of flexible IP network technology system, it has solved in the background technology that mobile node breaks down in roam procedure or network environment occurs when unusual, there is not corresponding exception handling, and the increase system burden, even cause the technical problem of systemic breakdown.
Technical solution of the present invention is:
The abnormality eliminating method of mobile node in a kind of flexible IP network technology system, its special character is: this processing method may further comprise the steps
1). the real-time abnormality processing of mobile node 7: whether the USB port of mobile node 7 real-time detection computations machine/notebook computer appointments is connected with the hardware unit of the identity information of placing the user, if this hardware unit is pulled out, then is judged to be unusual; At this moment, system will stop the transmission of log-on message and port maintenance information, the deletion tunnel, and notify the mobile subscriber;
2). the processing of registration timeout: statistics is lost, 7 cycles of mobile node are carried out the number of the registration reply bag of authentication registration to ground field management entity 1, be judged to be when unusual, system stops the transmission of log-on message and port maintenance information, the deletion tunnel, and notify the mobile subscriber;
3) abnormality processing of .NAT port maintenance information: the corresponding data port number that send, maintenance information that statistics is lost, that mobile node 7 is created for the mobile subscriber to access-in management entity 3, be judged to be when unusual, system stops the transmission of log-on message and port maintenance information, the deletion tunnel, and notify the mobile subscriber;
4) .NAT is restarted the processing of variation: monitor the variation that nat port is restarted by access-in management entity 3, if detect the variation that NAT is restarted, access-in management entity 3 state variation then, simultaneously, access-in management entity 3 is with this status change notification mobile node 7 and ground field management entity 1, after mobile node 7 and ground field management entity 1 are received the notice of access-in management entity 3 state variation, the state of the two also changes synchronously with access-in management entity 3, ground field management entity 1, extending domain management entity 6 and mobile node 7 discharge related resource, the deletion tunnel, mobile node 7 is restarted new registration process;
5). the processing that access-in management entity 3 is restarted: detect the variation of access-in management entity 3 rebooting status, be judged to be when unusual, access-in management entity 3 is with this change notification ground field management entity 1, and ground field management entity 1 state exchange is identical with access-in management entity 3; At this moment, receive the register requirement of mobile node 7 after, ground field management entity 1 and access-in management entity 3 states change once more synchronously, and give the registration reply of their states of mobile node 7 Returning marks; After mobile node 7 is received the registration reply of ground field management entity 1 and access-in management entity 3, be the state exchange of oneself identical with access-in management entity 3 with ground field management entity 1;
6). the processing that ground field management entity 1 is restarted: access-in management entity 3 by and ground field management entity 1 between maintenance information find the variation of ground field management entity 1 rebooting status after, access-in management entity 3 is initialized as state identical with ground field management entity 1 state;
7). when described ground field management entity 1, access-in management entity 3 or nat port occur unusually, respective change can take place in the state of its registration reply, and mobile node 7 goes out system exception by the state-detection that contrasts local state and registration reply and return;
8). the synchronization status marker of safeguarding unity jointly between described ground field management entity 1, access-in management entity 3 and the mobile node 7.
The processing that above-mentioned access-in management entity 3 is restarted can be: the state that access-in management entity 3 is restarted becomes 0 and is judged to be when unusual, and access-in management entity 3 is with this status change notification ground field management entity 1, and ground field management entity 1 state also becomes 0; At this moment, receive the register requirement of mobile node 7 after, ground field management entity 1 and access-in management entity 3 states all become 1, and to give their states of mobile node 7 Returning marks be 1 registration reply; After mobile node 7 is received this registration reply, also be the state of oneself 1 synchronously, and to carry out state be 1 o'clock operation.
The processing that above-mentioned ground field management entity 1 is restarted can be: after ground field management entity 1 rebooting status became 0, access-in management entity 3 also was initialized as 0 to state.
Above-mentioned ground field management entity 1 can be that the network equipment that a port links to each other with mobile node 7 basic network territory links, that authentication and proxy ARP are provided for the mobile node 7 that roaming takes place is arranged; Described mobile node 7 be meant can with 4 the position of entering the Internet from a link switchover to another link and still keep the equipment of all ongoing communications with the identity in basic network territory.
Above-mentioned registration can be that mobile node 7 carries the process that Care-of Address carries out authentication to ground field management entity 1.
Above-mentioned NAT can be when main frame on the private network host access public network or server, the IP of private network main frame can be mapped as the IP address of public network main frame, make this private network main frame can on internet 4, carry out proper communication, can be transmitted to response packet the network address conversion device of main frame in the private network simultaneously.
Said system can be meant flexible IP network technology system, and described flexible IP network technology system is meant the network system that is made of management entity, realization mobile node 7 still keeps the identity in basic network territory to carry out proper network communication when roaming into the extended network territory.
The present invention has the following advantages:
1. the processing method system that proposes of the present invention, comprehensive, reliable, practical;
2. the present invention utilizes in the flexible IP network technology system field in the register requirement and response message to carry corresponding state synchronization, reasonable use the original working mechanism of flexible IP network technology system, improved the efficient of system;
3. the good abnormality detection Restoration Mechanism of the present invention has strengthened the self-correction ability of system.When certain management entity of flexible IP network technology system or network environment occur when unusual, mobile node can detect automatically, is convenient to system restoration and handles;
4. make things convenient for the user, and guaranteed the optimum running status of whole system;
5. the present invention is the key technology of flexible IP network technology system stable operation and large-scale application, to the popularization on a large scale of flexible IP network technology system, use maximum facility is provided.
Embodiment
Flexible IP network technology system of the present invention is meant by the ground field management entity, the extending domain management entity, the access-in management entity, mobile node constitutes, make mobile node in the local area network (LAN) can be in the Global Internet scope arbitrarily roaming, and guarantee that mobile node can realize interactive access with its basic network territory at any time.
The present invention is restarted detection, ground field management entity 1 from real-time detection, registration timeout detection, the overtime detection of nat port maintenance information, nat port change-detection, the access-in management entity 3 of mobile node 7 and is restarted and detect six aspect monitoring unusually flexible IP network technology system.
In real time synchronous regime is checked by ground field management entity 1, access-in management entity 3 and mobile node 7, detected the unusual of each functional entity of flexible IP network technology system; To the timeout treatment of registration and maintenance information, the mode that adopts the timer sum counter to combine detects.The exception handling of mobile node 7 builds on the basis of whole flexible IP network technology system exception handling.Status Flag for keeping safeguarding unity synchronously between ground field management entity 1, access-in management entity 3 and the mobile node 7, when ground field management entity 1, access-in management entity 3 or nat port occur when unusual, the state of registration reply can corresponding changing, and mobile node 7 is by contrasting local state and replying the state that returns and detection system unusual.For the overtime detection of periodic log-on message and nat port maintenance information, then can monitor by the mode that the timer sum counter combines.
The flexible IP network technology system that the present invention adopts is made of ground field management entity 1, extending domain management entity 6, access-in management entity 3 and mobile node 7, this flexible IP network technology system can make the arbitrarily roaming in the Global Internet scope of mobile node 7 in the local area network (LAN), and can guarantee that mobile node 7 can realize interactive access with its ground field at any time.
Referring to accompanying drawing, concrete processing method of the present invention is as follows:
1. the real-time abnormality processing of mobile node 7
User's identity information generally is placed in a certain hardware unit, and this hardware unit is a part of flexible IP network technology system, and system needs real-time being inserted on computer/notebook computer of this hardware unit when moving.If system's operation sometime, this hardware unit is pulled out, and system will detect and point out the user automatically.
Whether the USB port that mobile node 7 detects appointment in real time is connected with hardware unit.If specify the hardware device of USB port to be pulled out, system will not continue operation, simultaneously, stop log-on message and port maintenance information, the deletion tunnel, and in time notify the mobile subscriber.
2. the processing of registration timeout
For guaranteeing the fail safe of flexible IP network technology system, mobile node 7 needs the cycle to carry out authentication registration to ground field management entity 1.If network environment deterioration or ground field management entity 1 or access-in management entity 3 break down, can cause the response packet of authentication registration normally not regain.The detection of registration timeout promptly is the number of adding up the authentication registration response packet of losing.
Authentication registration request of mobile node 7 every transmissions, the counter variable that mark is lost adds 1; Whenever receive that an authentication registration replys, the counter variable that mark is lost subtracts 1.In order to prevent that build-up effect from appearring in this variable, after the authentication registration of receiving some is continuously replied with this variable clear 0.Client periodically detects this counter variable, if the value of a certain this counter variable of the moment surpasses certain threshold value, then thinks to occur unusually.Judge to occur unusually that system will stop the transmission of log-on message and port maintenance information, the deletion tunnel, and notify the user.
3.NAT the abnormality processing of port maintenance information
NAT generally has network address port transformation function, i.e. NAPT function.That is to say that when the host A of private network was visited the host B of public network, NAT can dynamically be mapped as a certain port P that NAT safeguards to the source port of host A, and hides the concrete network details of private network, with the protection private network.
After the normal foundation in flexible IP network technology system tunnel, access-in management entity 3 can be created a data port for each mobile node 7, be used for transmitting data.If in the certain time interval T, in 10s, do not mail to the data of this FPDP from mobile node 7, NAT can be the corresponding port positive closing of shining upon corresponding to this FPDP above it.For preventing the generation of this situation, mobile node 7 needs the corresponding data port transmit port maintenance information of active on access-in management entity 3 in less than the time of T.
The processing of nat port maintenance information and the processing of registration timeout be roughly the same: occur when unusual, system will stop the transmission of mobile node 7 log-on messages and port maintenance information, and notify the user.
Following three kinds of abnormality detection mechanism of the nat port maintenance information all abnormality detection mechanism with whole flexible IP network technology system are relevant.For guaranteeing whole system stable operation, the Status Flag of safeguarding unity jointly between ground field management entity 1, access-in management entity 3 and the mobile node 7: when mobile node 7 sends first register requirement and ground field management entity 1 when not returning registration reply, three's state all is 0; When 1 authentication of ground field management entity is passed through, and after mobile node 7 successfully received registration reply, three's state became 1; After the correct foundation in tunnel, three's state finally becomes 2.
4.NAT restart the processing of variation
When NAT was restarted, access-in management entity 3 detected automatically by monitoring that nat port changes.Change if find nat port, then access-in management entity 3 states become 0, and with this status change notification mobile node 7 and ground field management entity 1.After mobile node 7 and ground field management entity 1 were received status change notification, the state of the two also became 0 synchronously.Ground field management entity 1, extending domain management entity 6 and mobile node 7 discharge related resource, the deletion tunnel.Mobile node 7 is restarted new registration process.
5. access-in management entity 3 processing of restarting
After access-in management entity 3 was restarted, state became 0; Access-in management entity 3 is with this status change notification ground field management entity 1, and ground field management entity 1 state also becomes 0.At this moment, receive the register requirement of mobile node 7 after, ground field management entity 1 and access-in management entity 3 states become 1, and to give their states of mobile node 7 Returning marks be 1 registration reply.After mobile node 7 was received this registration reply, the state of finding oneself was 2, and access-in management entity 3 states are 1, and then mobile node 7 also is the state of oneself 1 synchronously, and to carry out state be required operation in 1 o'clock.
6. ground field management entity 1 processing of restarting
After ground field management entity 1 was restarted, state became 0.Access-in management entity 3 by and ground field management entity 1 between maintenance information find the variation of ground field management entity 1.Access-in management entity 3 also is initialized as 0 to state.
Relevant technical terms explanation of the present invention:
The ground field management entity: the network equipment that has a port to link to each other with the basic network territory at mobile node place, for the mobile node that roaming takes place provides purview certification and identity agency.
The extending domain management entity: the network equipment on the extended network territory of mobile node, for mobile node is transmitted authentication message and packet.
The access-in management entity: having can be at the network equipment of the IP address of internet route, and it authenticates and transmit the trunking of mobile node packet to the mobile node identity between ground field management entity and extending domain management entity.
The basic network territory: mobile node is roamed the network at preceding place.
Extended network territory: the network that mobile node roaming back is arrived.
Mobile node: can with the position of entering the Internet from a link switchover to another link, and still keep all ongoing communications, and only use the equipment of original fixed ip address.
Correspondent Node: mobile node moves to after the extended network territory, the main frame or the server of communicating by letter with its foundation.
Network address translation (nat): Network Address Translation provides a kind of plain mode that connects the Internet, and provides safeguard protection by the means of hiding internal network address for the user.When internal network user (being positioned at the inboard of NAT server) connects the Internet, NAT becomes an outside public ip address (being stored in the address pool of NAT) with user's internal network IP address transition, when external network data was returned, the address that NAT then oppositely replaces to destination address initial internal user allowed the internal network user accept well.Because the external like this IP address that has hidden internal network, therefore, external user can't directly be initiated to the connection of inner usefulness, thereby has protected internal user.