JP2016152453A - Communication control system, communication method, and gateway device - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide a communication control system that performs appropriate communication control by following new service to prevent reduction in quality of service in the whole network.SOLUTION: A communication control system comprises a gateway device and a communication control method management device. The communication control method management device holds communication control application rule information in which a condition for classifying a communication flow and a communication control method corresponding to the classified communication flow are registered; detects, on the basis of the amount of communication between a user terminal and a service provision device, a communication flow whose communication control method needs changing; determines a condition for classifying a communication flow to be received by the gateway device into the detected communication flow; determines a communication control method corresponding to the detected communication flow; registers the determined condition and the determined communication control method in the communication control application rule information; and notifies the gateway device of the communication control application rule information.SELECTED DRAWING: Figure 1

Description

  The present invention relates to a communication control system that performs communication control on a communication flow between a user terminal and a service providing apparatus that provides a service to the user terminal.

  With the spread of smartphones, various services and applications have appeared. Furthermore, with the spread of M2M (Machine to Machine) and IoT (Internet of Things), there are also applications that are not handled directly by humans. In the communication network, in order to satisfy the requirements of various services and applications and prevent the quality of services from being deteriorated, communication control according to the attributes of services and applications is performed. However, when the behavior of communication data exceeds expectations due to the emergence of new services and the rapid growth of existing services, communication control cannot be supported, and each service affects each other, leading to a decrease in service quality. There is.

  As a background art in this technical field, there is JP 2012-105043 A (Patent Document 1). This publication states that “a plurality of flows generated within a certain period are integrated as one simultaneous flow, and a plurality of packets arriving within a certain unit arrival interval included in one simultaneous flow are defined as one short flow. Integrate as a time flow, calculate the flow feature amount for each short-time flow, calculate the flow feature vector indicating the temporal change feature of these flow feature amounts, and determine the similarity with the existing service category In addition, if the similarity indicating the highest similarity among the similarities for each service category is not included in the significance range, it is classified into a new service class ”(see summary).

JP 2012-105043 A

  The technique described in Patent Document 1 classifies flows and presents the classification result to an administrator, and does not determine a communication control method. Moreover, since the technique described in Patent Document 1 calculates and classifies statistics for each flow, it takes time for classification. Even if the communication control method is determined using the technique described in Patent Document 1, it takes time for classification, and the communication control method is determined after information transfer is started. For this reason, the communication control method cannot be determined using the technique described in Patent Document 1.

  Also, with the technique described in Patent Document 1, it is not possible to determine a communication control method for a service classified into a new category, and it is not possible to perform communication control following the new service.

  The present invention detects a new service, determines a classification method and a communication control method for the service, and performs appropriate communication control following the new service using the determined communication control method. It is another object of the present invention to provide a communication control system that prevents deterioration of service quality in the entire network.

  A representative example of the present invention is a communication control system including a gateway device and a communication control method management device, wherein the gateway device includes a user terminal and a service providing device that provides a service to the user terminal. Communication control between the user terminal and the service providing apparatus is performed, the communication flow is transferred between the user terminal and the service providing apparatus, and the communication control method management An apparatus manages a communication control method by the gateway apparatus, and the communication control method management apparatus registers a condition for the gateway apparatus to classify the communication flow and a communication control method corresponding to the classified communication flow. Held communication control application rule information, based on the amount of communication between the user terminal and the service providing device, A communication flow that needs to change the communication control method is detected, a condition for classifying the communication flow received by the gateway device into the detected communication flow is determined, and the communication control corresponding to the detected communication flow Determining a method, updating the communication control application rule information to register the determined condition and the determined communication control method, notifying the updated communication control application rule information to the gateway device, The gateway device classifies the communication flows received by the gateway device based on the notified communication control application rule information, determines a communication control method corresponding to the communication flow, and uses the determined communication control method. The communication control of the received communication flow is performed.

  The effects obtained by the representative ones of the inventions disclosed in the present application will be briefly described as follows. In other words, a new service is detected, a classification method and a communication control method for the service are determined, and an appropriate communication control is performed following the new service using the determined communication control method. Therefore, it is possible to provide a communication control system that prevents deterioration of service quality in the entire network.

  Problems, configurations, and effects other than those described above will be clarified by the following description of embodiments.

1 is a configuration diagram of a network system according to a first embodiment. 1 is a hardware configuration diagram of a communication control method management apparatus according to a first embodiment. It is explanatory drawing of the communication control method list table of Example 1. FIG. It is explanatory drawing of the protocol communication control application rule table of Example 1. FIG. It is explanatory drawing of the behavior communication control application rule table of Example 1. FIG. It is explanatory drawing of the communication data measurement table of Example 1. FIG. It is explanatory drawing of the communication flow table of Example 1. FIG. 1 is a hardware configuration diagram of a gateway device according to Embodiment 1. FIG. It is explanatory drawing of the communication flow communication control application rule table of Example 1. FIG. It is explanatory drawing of the table under evaluation of Example 1. FIG. 1 is a hardware configuration diagram of a measurement apparatus according to Embodiment 1. FIG. It is a sequence diagram of the communication control application rule update process of Example 1. It is a flowchart of the communication control application rule table update process of Example 1. 6 is a flowchart of a protocol communication control application rule table update process according to the first embodiment. 6 is a flowchart of a behavior communication control application rule table update process according to the first embodiment. 6 is an explanatory diagram of a group of immediately preceding communication flows C according to Embodiment 1. FIG. 6 is a flowchart of an updated communication control application rule table notification process according to the first embodiment. 3 is a flowchart of packet reception processing of the gateway device according to the first embodiment. 3 is a flowchart of HTTP communication control method determination processing according to the first embodiment. 6 is a flowchart of an under-evaluation table update process according to the first embodiment. It is explanatory drawing of the protocol communication control application rule table of Example 2. It is explanatory drawing of the QoS class mapping table of Example 2. FIG. It is explanatory drawing of the cluster mapping table of Example 3. FIG. It is explanatory drawing of the screen displayed at the time of the new service detection of Example 4. FIG. It is explanatory drawing of the QoS class change confirmation screen of Example 4. FIG. It is explanatory drawing of the changed QoS class confirmation screen of Example 4. FIG. It is explanatory drawing of the QoS class change log | history list screen of Example 4. FIG. 14 is a flowchart of a QoS class determination process when a new service is detected from the QoS class “k + n” according to the fifth embodiment.

  In this embodiment, an example of a communication control system that performs communication control for each communication flow will be described.

  FIG. 1 is a configuration diagram of a network system according to the first embodiment.

  The network system includes at least one user terminal 102, an access network 103, a communication control system (core network) 101, the Internet 107, and a plurality of service providing apparatuses 108. The communication control system 101 includes a communication control method management device 104, at least one gateway device 105, and at least one measurement device 106. The configuration of the network system shown in FIG. 1 is common to other embodiments.

  The access network 103 is constructed by a plurality of communication devices (not shown). The user terminal 102 is connected to at least one gateway device 105 via the access network 103. The gateway device 105 is connected to at least one access network 103. The gateway device 105 is connected to the measurement device 106 and the communication control method management device 104. The measuring device 106 is connected to the gateway device 105, the communication control method management device 104, and the Internet 107. The communication control method management device 104 is connected to at least one gateway device 105 and at least one measurement device 106. Further, the devices shown in FIG. 1 are not necessarily connected directly to each other, and may be connected via a relay device (not shown). The measuring device 106 may be realized on the same device as the gateway device 105.

  The user terminal 102 is connected to the service providing apparatus 108 via the access network 103, the gateway apparatus 105, the measuring apparatus 106, and the Internet 107. The user terminal 102 is, for example, a general information processing apparatus (such as a smartphone and a tablet terminal) or a sensor device having a communication function. In this embodiment, the user terminal 102 is connected to the access network 103 by wire, but the user terminal 102 and the access network 103 may be connected to each other wirelessly.

  The access network 103 connects to the user terminal 102 and transfers communication data from the user terminal 102 to the gateway device 105. Further, the access network 103 transfers communication data received from the service providing apparatus 108 via the gateway apparatus 105 to the user terminal 102.

  The gateway device 105 performs communication control on the communication flow between the user terminal 102 and the service providing device 108 and relays the communication flow. Specifically, the gateway device 105 transfers communication data received from the user terminal 102 via the access network 103 to the service providing device 108 via the measuring device 106 and the Internet 107. Further, the gateway device 105 transfers communication data received from the service providing device 108 via the Internet 107 and the measuring device 106 to the user terminal 102 via the access network 103. The gateway device 105 performs protocol conversion processing on the received communication data if necessary.

  Further, the gateway device 105 performs communication control on the communication flow between the user terminal 102 and the service providing device 108 based on the communication control application rule notified from the communication control method management device 104.

  Here, the communication flow is, for example, a communication session in layers 5 to 7, but is not limited thereto.

  The measuring device 106 relays the communication flow between the user terminal 102 and the service providing device 108, and measures the communication amount of the communication flow. The measuring device 106 notifies the communication control method management device 104 of the measurement result of the communication flow. The measuring device 106 may be installed as a single device between the gateway device 105 and the Internet 107 or may be mounted on the same device as the gateway device 105.

  The communication control method management device 104 is connected to at least one gateway device 105 and at least one measurement device 106, and manages communication control application rules. In the communication control application rule, a condition for classifying a communication flow between the user terminal 102 and the service providing apparatus 108 and a communication control method to be executed for the classified communication flow are registered. In the present embodiment, as the communication control application rules, a protocol communication control application rule table 213 and a behavior communication control application rule table 214 will be described as examples. In addition, the communication control method management apparatus 104 updates the communication control application rules as appropriate based on the measurement result of the measurement apparatus 106. In addition, the communication control method management apparatus 104 notifies the gateway apparatus 105 of the updated communication control application rule. The update of the communication control application rule will be described in detail with reference to FIGS.

  The service providing device 108 is a general information processing device (for example, a server device) or a storage device. In addition, a certain service providing apparatus 108 transmits the requested data from the user terminal 102 to the user terminal 102 or stores the data transmitted from the user terminal 102 in a storage device. In addition, the network system includes, as other service providing apparatuses 108, for example, a subscriber information management server that manages subscriber contract information, an authentication server that performs user authentication, and the like.

  FIG. 2 is a hardware configuration diagram of the communication control method management apparatus 104 according to the first embodiment.

  The communication control method management apparatus 104 employs a general computer hardware configuration, and includes a processor 201, an input / output device 202, a communication interface 203, a memory 204, and a secondary storage device 205. The processor 201, the input / output device 202, the communication interface 203, the memory 204, and the secondary storage device 205 are connected to each other via a bus 206.

  The processor 201 loads various programs stored in the secondary storage device 205 into the memory 204 and executes the various programs loaded into the memory 204. The input / output device 202 is, for example, a display and a keyboard. The communication interface 203 is an interface through which the communication control method management apparatus 104 transmits / receives data to / from other apparatuses (that is, the gateway apparatus 105 and the measurement apparatus 106).

  The memory 204 is a volatile storage area, and the secondary storage device 205 is a nonvolatile storage area. The data stored in the memory 204 is also stored in the secondary storage device 205 in order to store the data permanently.

  The memory 204 stores a communication control application rule update program 211, a communication control method list table 212, a protocol communication control application rule table 213, a behavior communication control application rule table 214, a communication data measurement table 215, and a communication flow table 216. The

  The communication control application rule update program 211 detects a communication flow (that is, a new service) that needs to change the communication control method based on the measurement result of the measuring device 106, and a communication control method corresponding to the detected communication flow And the communication control application rules (that is, the protocol communication control application rule table 213 and the behavior communication control application rule table 214) are updated. The communication control application rule update program 211 notifies the gateway device 105 of the updated communication control application rule. The processing by the communication control application rule update program 211 is shown in FIGS. The processing realized by executing the communication control application rule update program 211 by the processor 201 realizes processing by the communication control application rule update program 211.

  The new service is a concept including a service using a new protocol or data format, a service provided by the service providing apparatus 108 that provides a new service, a service in which the number of users has rapidly increased, and the like.

  In the communication control method list table 212, a list of communication control methods that can be implemented by the gateway device 105 is registered. Details of the communication control method list table 212 will be described with reference to FIG.

  In the protocol communication control application rule table 213, the communication type of the communication flow and the attributes for each communication type of the communication flow (for example, the IP address of the service providing apparatus 108 and the content type) are registered as conditions for classifying the communication flow. Then, a communication control method applied to the classified communication flow is also registered. Details of the protocol communication control application rule table 213 will be described with reference to FIG.

  In the behavior communication control application rule table 214, the connection order of the communication flow service providing apparatus 108 is registered as a condition for classifying the communication flow, and a communication control method to be applied to the classified communication flow is registered. Details of the behavior communication control application rule table 214 will be described with reference to FIG.

  In the communication data measurement table 215, the communication amount measured by the measuring device 106 is registered for each communication flow classification condition based on the protocol registered in the protocol communication control application rule table 213. Details of the communication data measurement table 215 will be described with reference to FIG.

  In the communication flow table 216, the communication amount and the like for each communication flow measured by the measuring device 106 are registered. Details of the communication flow table 216 will be described with reference to FIG.

  In this embodiment, the data used by various apparatuses will be described using a table format. However, these data do not depend on the data structure and may be expressed in any data structure. For example, data is stored in a data structure appropriately selected from a table, list, database, or queue. For this reason, the table stored in the memory 204 may be expressed by a data structure other than the table. The same applies to each table described later.

  The communication control application rule update program 211 is stored in a non-primary storage medium readable by a computer, for example, and the communication control method management apparatus 104 loads the communication control application rule update program 211 into the memory 204 from the storage medium. The processor 201 may execute the communication control application rule update program 211. Similarly, other programs may be stored in a non-primary storage medium readable by the computer.

  FIG. 3 is an explanatory diagram of the communication control method list table 212 according to the first embodiment.

  The communication control method list table 212 includes a priority order 301 and a communication control method 302. In the priority order 301, the order in which communication flows to which each communication control method is applied is prioritized and transferred is registered. In the communication control method 302, identification information of each communication control method applied to the communication flow is registered.

  Note that the communication control method does not necessarily have to be given priority, and it is not necessary to uniquely associate the communication control method with the priority.

  FIG. 4 is an explanatory diagram of the protocol communication control application rule table 213 according to the first embodiment.

  The protocol communication control application rule table 213 includes a protocol 401, a server IP address 402, a protocol detailed attribute 403, and a communication control method 404. The server IP address 402 and the protocol detail attribute 403 are attributes for each protocol of the communication flow.

  In the protocol 401, the communication type (that is, protocol) of the communication flow is registered. In the server IP address 402, the IP address of the service providing apparatus 108 that communicates with the user terminal 102 is registered.

  In the protocol detail attribute 403, detailed attributes that differ for each protocol are registered. For example, the protocol detail attribute 403 whose protocol is RTP includes a codec, Audio / Video, and an extension header. The codec method is registered in the codec. In the Audio / Video, information indicating whether the content transferred by RTP is Audio or Video is registered. In the extension header, information indicating whether or not the extension header exists in the data transferred by RTP is registered.

  Also, MIME type, content extension, and content length are registered in the protocol detail attribute 403 whose protocol is HTTP. In MIME Type, the type of content transferred by HTTP is registered. In addition, the extension of the content transferred by HTTP is registered in the content extension. In the content length, the capacity of content transferred by HTTP is registered.

  In the communication control method 404, identification information of a communication control method applied to a communication flow classified based on a protocol and an attribute for each protocol is registered.

  For example, the communication control method “compression” is applied to a communication flow in which the protocol is HTTP, the IP address of the communication destination service providing apparatus 108 is aaa, and the MIME type is Video.

  In addition, in the default, a communication control method to be applied when it does not apply to all the attributes described in other protocols and others is recorded.

  Note that the attributes of the communication flow are not limited to the items registered in the protocol communication control application rule table 213 shown in FIG. 4, and other items may be used as necessary. For example, in the case of HTTP, a request method, a response code, a host name, and the like may be used. Further, some items may be used instead of all the registered items.

  FIG. 5 is an explanatory diagram of the behavior communication control application rule table 214 according to the first embodiment.

  The behavior communication control application rule table 214 includes a pattern 501, a server connection order 502, a communication control method 503, and a port number 504.

  In the pattern 501, identification information of conditions for classifying communication flows is registered. In the server connection order 502, information related to the connection order of the service providing apparatus 108 is registered. Specifically, in the server connection order 502, connection servers 502A to 502N are registered in accordance with the connection order of the service providing apparatus 108. Each of the connection servers 502A to 502N includes a server IP address 511, a transmission packet number 512, a reception packet number 513, a first transmission packet data amount 514, and a first reception packet data amount 515.

  In the server IP address 511, the IP address of the service providing apparatus 108 to be connected is registered. In the transmission packet number 512, the number of packets that the user terminal 102 transmits to the service providing apparatus 108 of the IP address registered in the server IP address 511 is registered. In the number of received packets 513, the number of packets received by the user terminal 102 from the service providing apparatus 108 of the IP address registered in the server IP address 511 is registered.

  In the first transmission packet data amount 514, the range of the data amount of the packet that the user terminal 102 transmits to the service providing apparatus 108 of the IP address registered in the server IP address 511 for the first time is registered. In the first received packet data amount 515, the range of the data amount of the packet that the user terminal 102 receives for the first time from the service providing apparatus 108 of the IP address registered in the server IP address 511 is registered. For example, a connection server in which “2” is registered in the number of transmission packets 512 includes a first transmission packet data amount and a second transmission packet data amount. The connection server in which “2” is registered in the number of received packets 513 includes the first received packet data amount and the second received packet data amount.

  In the communication control method 503, identification information of a communication control method applied to a communication flow that satisfies the conditions registered in the pattern 501 is registered. In the port number 504, a port number used in a communication flow that satisfies the conditions registered in the pattern 1 is registered.

  FIG. 6 is an explanatory diagram of the communication data measurement table 215 according to the first embodiment.

  The communication data measurement table 215 includes a protocol 601, a server IP address 602, a protocol detailed attribute 603, a communication data amount 604, and a threshold 605.

  In the communication data measurement table 215, communication flow classification conditions based on the protocols registered in the protocol communication control application rule table 213 are registered. Therefore, the protocol 601, the server IP address 602, and the protocol detailed attribute 603 are the same as the protocol 401, the server IP address 402, and the protocol detailed attribute 403 shown in FIG.

  The communication data amount 604 includes total and individual. In the total, the total communication data amount for each protocol is registered. Individually, the communication data amount satisfying the attribute registered in the protocol detail attribute 603 is registered.

  The threshold 605 includes total and individual. In the total, a threshold corresponding to the total included in the communication data amount 604 is registered. Individually, thresholds corresponding to the individual included in the communication data amount 604 are registered.

  FIG. 7 is an explanatory diagram of the communication flow table 216 according to the first embodiment.

  The communication flow table 216 includes a terminal IP address 701, a server IP address 702, a flow start date and time 703, a flow end date and time 704, a port number 705, a protocol detailed attribute 706, the number of packets 707, a total data amount 708, and a packet size 709. .

  In the terminal IP address 701, the IP address of the user terminal 102 that is the end point of the communication flow is registered. In the server IP address 702, the IP address of the service providing apparatus 108 which is the end point of the communication flow is registered. In the flow start date and time 703, the date and time when the communication flow was started (that is, date, time, etc.) is registered. In the flow end date and time 704, the date and time when the communication flow is ended (that is, date and time) is registered.

  In the port number 705, a port number used in the communication flow is registered. Detailed attributes for each protocol of the communication flow are registered in the protocol details attribute 706. The number of packets 707 includes transmission and reception. For transmission, the number of communication flows transmitted by the user terminal 102 is registered, and for reception, the number of communication flows received by the user terminal 102 is registered.

  The total data amount 708 includes transmission and reception. For transmission, the data amount of the communication flow transmitted by the user terminal 102 is registered, and for reception, the data amount of the communication flow received by the user terminal 102 is registered. The packet size 709 includes transmission and reception. For transmission, the data amount of each packet transmitted by the user terminal 102 is registered, and for reception, the data amount of each packet received by the user terminal 102 is the maximum. n (where n is a preset value) are registered.

  FIG. 8 is a hardware configuration diagram of the gateway device 105 according to the first embodiment.

  The gateway apparatus 105 employs a general computer hardware configuration, and includes a processor 801, an input / output device 802, a communication interface 803, a memory 804, and a secondary storage device 805. The processor 801, the input / output device 802, the communication interface 803, the memory 804, and the secondary storage device 805 are connected to each other via a bus 806.

  The hardware functions of the processor 801, the input / output device 802, the communication interface 803, the memory 804, and the secondary storage device 805 are the same as the processor 201, the input / output device 202, the communication interface 203, the memory 204, and the second storage device 805 shown in FIG. Since it is the same as the next storage device 205, description thereof is omitted.

  The memory 804 includes a communication control application rule management program 811, a protocol communication control application rule table 812, a communication flow communication control application rule table 813, a behavior detection program 814, a behavior communication control application rule table 815, an evaluation table 816, a packet buffer 817, a packet distribution program 818, and a packet read program 819 are stored.

  The communication control application rule management program 811 executes packet reception processing when the gateway device 105 receives a packet. In the packet reception process, for example, when a packet of a communication flow for which a communication control method has not yet been determined is received, the protocol flow control application rule table 812 and the communication flow communication control application rule table 813 are referred to, and Determine the communication control method. Details of the packet reception processing will be described with reference to FIGS. Further, the communication control application rule management program 811, when the protocol communication control application rule table 213 is notified from the communication control method management device 104, the protocol communication control application rule based on the notified protocol communication control application rule table 213. Update table 812. In addition, when the behavior communication control application rule table 214 is notified from the communication control method management device 104, the communication control application rule management program 811 performs the behavior communication control application rule based on the notified behavior communication control application rule table 214. Update table 815. The processing realized by the execution of the communication control application rule management program 811 by the processor 801 implements processing by the communication control application rule management program 811.

  The protocol communication control application rule table 812 has the same configuration as the protocol communication control application rule table 213 shown in FIG. 4, and the behavior communication control application rule table 815 has the same configuration as the behavior communication control application rule table 214 shown in FIG. The description is omitted.

  The communication flow communication control application rule table 813 relates to the user terminal 102 that transmits the communication flow that matches the connection order of the service providing apparatus 108 registered in the communication control application rule table 815. Information and a communication control method applied to the communication flow are registered. By referring to the communication flow communication control application rule table 813, an appropriate communication control method is applied to the communication flow transmitted next from the user terminal 102. Details of the communication flow communication control application rule table 813 will be described with reference to FIG.

  When the IP address of the service providing apparatus 108 included in the communication flow received from the user terminal 102 or the gateway apparatus 105 is registered in the behavior communication control application rule table 214, the behavior detection program 814 is based on the received communication data. The under-evaluation table 816 is updated. Details of the processing of the behavior detection program 814 will be described with reference to FIG. The processing by the communication control application rule update program 211 is shown in FIGS. The processing realized by the behavior detection program 814 is realized by the function embodied by the processor 801 executing the behavior detection program 814.

  In the under-evaluation table 816, information regarding the user terminal 102 connected to the service providing apparatus 108 in the connection order registered in the behavior communication control application rule table 815 is registered. Details of the during-evaluation table 816 will be described with reference to FIG.

  In the packet buffer 817, packets are logically separated and stored for each communication flow.

  The packet distribution program 818 logically separates the packets for each communication flow and stores them in the packet buffer 817.

  The packet read program 819 determines the read timing of the packet stored in the packet buffer 817 based on the communication control method applied to each communication flow, reads the packet from the packet buffer 817 at the determined timing, and the communication interface 803. The packet read out via is transmitted. A packet received from the service providing apparatus 108 is transmitted to the access network 103, and a packet received from the user terminal 102 is transmitted to the measuring apparatus 106.

  The processing implemented by the packet distribution program 818 and the packet read program 819 is realized by the functions realized by the processor 801 executing the packet distribution program 818 and the packet read program 819.

  FIG. 9 is an explanatory diagram of the communication flow communication control application rule table 813 according to the first embodiment.

  The communication flow communication control application rule table 813 includes a user terminal IP address 901, a port number 902, and a communication control method 903.

  The user terminal IP address 901 includes the IP address of the user terminal 102 that transmits the communication flow that matches the connection order of the service providing apparatus 108 registered in the communication control application rule table 815 because the connection order to the service providing apparatus 108 behaves. be registered. In the port number 902, a port number used in the communication flow is registered. A plurality of port numbers may be registered in the port number 902. In the communication control method 903, identification information of a communication control method applied to the communication flow is registered.

  FIG. 10 is an explanatory diagram of the during-evaluation table 816 according to the first embodiment.

  The under-evaluation table 816 includes a user terminal IP address 1001, a behavior pattern 1002, a server IP address 1003, the number of transmitted packets 1004, the number of received packets 1005, and the last update date / time 1006.

  In the user terminal IP address 1001, the IP address of the user terminal 102 connected to the service providing apparatus 108 is registered in the connection order of the behavior communication control application rule table 815. Of the patterns registered in the behavior communication control application rule table 815, a pattern that matches the connection order of the user terminal 102 is registered in the behavior pattern 1002. In the server IP address 1003, the IP address of the service providing apparatus 108 of the communication destination of the user terminal 102 connected to the service providing apparatus 108 in the connection order of the behavior communication control application rule table 815 is registered.

  In the number of transmitted packets 1004, the number of packets transmitted from the user terminal 102 having the IP address registered in the user terminal IP address 1001 to the service providing apparatus 108 having the IP address registered in the server IP address 1003 is registered. In the received packet count 1005, the number of packets received by the user terminal 102 having the IP address registered in the user terminal IP address 1001 from the service providing apparatus 108 having the IP address registered in the server IP address 1003 is registered. In the last update date / time 1006, date / time information when the record was last updated is registered.

  FIG. 11 is a hardware configuration diagram of the measurement apparatus 106 according to the first embodiment.

  The measuring apparatus 106 employs a general computer hardware configuration, and includes a processor 1101, an input / output device 1102, a communication interface 1103, a memory 1104, and a secondary storage device 1105. The processor 1101, the input / output device 1102, the communication interface 1103, the memory 1104, and the secondary storage device 1105 are connected to each other via a bus 1106.

  The hardware functions of the processor 1101, the input / output device 1102, the communication interface 1103, the memory 1104, and the secondary storage device 1105 are the processor 201, the input / output device 202, the communication interface 203, the memory 204, and the second storage device shown in FIG. Since it is the same as the next storage device 205, description thereof is omitted.

  The memory 1104 stores a communication data measurement program 1111, a communication data measurement table 1112, and a communication flow table 1113. The communication data measurement table 1112 has the same configuration as the communication data measurement table 215 shown in FIG. 6, and the communication flow table 1113 has the same configuration as the communication flow table 216 shown in FIG.

  When the communication data measurement program 1111 receives the communication flow transmitted from the user terminal 102 or the service providing apparatus 108 via the communication interface 1103, the protocol of the received communication flow among the records registered in the communication data measurement table 1112. The communication data amount of the record that matches the attribute of the protocol is updated. In addition, the communication data measurement program 1111 updates the number of packets, the total data amount, and the packet size of the record in the communication flow table 216 that matches the received communication flow.

  Further, when the communication data measurement table 215 with the updated attribute is notified from the communication control method management apparatus 104, the communication data measurement program 1111 stores the communication data measurement table 1112 based on the notified communication data measurement table 215. Update attributes.

  The communication data measurement program 1111 notifies the communication control method management apparatus 104 of the communication data measurement table 1112 and the communication flow table 1113 at a predetermined timing. The predetermined timing may be a predetermined time interval, or may be a timing at which the communication data amount of any attribute exceeds a threshold value.

  Note that the processing realized by the communication data measurement program 1111 is realized by a function realized by the processor 1101 executing the communication data measurement program 1111.

  FIG. 12 is a sequence diagram of communication control application rule update processing according to the first embodiment.

  The communication data measurement program 1111 of the measuring device 106 measures the communication data amount of the communication flow communicated between the user terminal 102 and the service providing device 108 (1201), and based on the measurement result, the communication data measurement table 1112 and the communication flow table 1113 are updated.

  Specifically, the communication data measurement program 1111 measures the communication data amount of the communication flow. Then, the communication data measurement program 1111 updates the communication data amount 604 of the record having the same communication flow attribute that measured the communication data amount or the like among the records of the communication data measurement table 1112 based on the measurement result. The communication data measurement program 1111 includes a communication flow table 1113 in which the IP address of the user terminal 102, the IP address of the service providing apparatus 108, the port number, and the attribute of the communication data are included in the communication flow in which the communication data amount is measured. If there is a record that matches the terminal IP address 701, server IP address 702, port number 705, and protocol detailed attribute 706, the number of packets 707, the total data amount 708, and The packet size 709 is updated. When there is no matching record, the communication data measurement program 1111 adds a new record to the communication flow table 1113 and updates the record based on the measurement result.

  The communication data measurement program 1111 transmits the communication data measurement table 1112 and the communication flow table 1113 to the communication control method management apparatus 104 at a predetermined timing (1202).

  When the communication control application rule update program 211 of the communication control method management apparatus 104 receives the communication data measurement table 1112 and the communication flow table 1113, the communication control measurement rule update program 211 updates the communication data measurement table 215 based on the received communication data measurement table 1112. The communication flow table 216 is updated based on the received communication flow table 1113 (1203).

  Next, the communication control application rule update program 211 updates the protocol communication control application rule table 213 and the behavior communication control application rule table 214 based on the updated communication data measurement table 215 and communication flow table 216. A table update process is executed (1204). The communication control application rule table update process detects a communication flow (that is, a new service) that needs to change the communication control method, determines a new communication control method to be applied to the communication flow, and classifies the communication flow. This is a process of registering the conditions for determining the communication control method and the determined communication control method in the protocol communication control application rule table 213 and the behavior communication control application rule table 214. Details of the communication control application rule table update processing will be described with reference to FIGS.

  Further, the communication control application rule update program 211 transmits the updated protocol communication control application rule table 213 and behavior communication control application rule table 214 to the gateway device 105 (1205). Further, the communication control application rule update program 211 updates the attribute of the communication data measurement table 215 based on the updated protocol communication control application rule table 213 and transmits the updated attribute of the communication data measurement table 215 to the measurement device 106. (1206).

  The gateway device 105 receives the protocol communication control application rule table 213 and the behavior communication control application rule table 214, updates the protocol communication control application rule table 812 based on the received protocol communication control application rule table 213, and receives the received behavior. The behavior communication control application rule table 815 is updated based on the communication control application rule table 214 (1207).

  When receiving the attribute of the communication data measurement table 215, the measuring device 106 updates the attribute of the communication data measurement table 1112 based on the received attribute of the communication data measurement table 215 (1208).

  FIG. 13 is a flowchart of communication control application rule table update processing according to the first embodiment.

  The communication control application rule table update process is executed by the communication control application rule update program 211 at a predetermined timing. The predetermined timing may be, for example, the timing at which the communication data measurement table 1112 and the communication flow table 1113 are received from the measuring device 106, or a predetermined time has elapsed since the previous communication control application rule table update process was executed. It may be timing.

  First, the communication control application rule update program 211 determines whether there is a record in which the communication data amount registered in the communication data amount 604 of the communication data measurement table 215 is equal to or greater than the threshold value registered in the threshold value 605 ( 1301). Specifically, the communication control application rule update program 211 individually records the communication data amount 604 registered in the sum of the communication data amount 604 and the communication data amount 604 in which the communication data amount exceeds the threshold value registered in the sum of the threshold values 605. If there is at least one record whose registered communication data amount is equal to or greater than the individually registered threshold value of the threshold value 605, the communication data amount registered in the communication data amount 604 is equal to or greater than the threshold value registered in the threshold value 605. It is determined that the record exists.

  In consideration of the fact that the amount of communication data varies depending on the day of the week or the time zone, a different threshold may be registered in the threshold 605 for each day of the week or the time zone. Thereby, for example, since a threshold value such as a time zone in which the communication data amount is small can be set small, it is possible to detect that an increase in communication data has started even in a time zone in which the communication data amount is small.

  If it is determined in step 1301 that there is no record in the communication data measurement table 215 where the communication data amount registered in the communication data amount 604 is equal to or greater than the threshold value registered in the threshold value 605, the communication control method is changed. Since there is no necessary communication flow, the communication control application rule table update process is terminated.

  On the other hand, if it is determined in step 1301 that there is a record in which the communication data amount registered in the communication data amount 604 of the communication data measurement table 215 is equal to or greater than the threshold value registered in the threshold value 605, the communication control application rule update is performed. The program 211 executes a protocol communication control application rule table update process (1302). The protocol communication control application rule table update process learns the communication flow protocol in combination with the IP address and port number of the service providing apparatus 108 whose communication data amount is equal to or greater than the threshold, and applies the communication control to the communication flow. This is a process of determining a method and updating the protocol communication control application rule table 213. Details of the protocol communication control application rule table update processing will be described with reference to FIG.

  Next, the communication control application rule update program 211 executes a behavior communication control application rule table update process (1303). In the behavior communication control application rule table update process, the IP address and port number of the service providing apparatus 108 common to the communication flow group immediately before the communication flow whose communication data amount is equal to or greater than the threshold value are learned as a common pattern, and the common pattern The communication control method to be applied to the communication flow is determined, and the behavior communication control application rule table 214 is updated. Details of the behavior communication control application rule table update processing will be described with reference to FIG.

  Next, the communication control application rule update program 211 executes an updated communication control application rule table notification process (1304), and ends the communication control application rule table update process. In the updated communication control application rule notification process, the updated protocol communication control application rule table 213 and the behavior communication control application rule table 214 are transmitted to the gateway device 105, and communication is performed based on the updated protocol communication control application rule table 213. This is a process of updating the attribute of the data measurement table 215 and transmitting the updated attribute of the communication data measurement table 215 to the measurement device 106. Details of the updated communication control application rule table notification process will be described with reference to FIG.

  FIG. 14 is a flowchart of the protocol communication control application rule table update process according to the first embodiment.

  First, the communication control application rule update program 211 selects a record to be processed from records registered in the communication data measurement table 215 (1401). That is, in the process of step 1401, the communication type to be processed and the attribute of the communication type are selected.

  Next, the communication control application rule update program 211 determines whether or not the communication data amount of the record selected in step 1401 is equal to or greater than a threshold (1402). Specifically, the communication control application rule update program 211 sets the communication data amount registered in the total of the communication data amount 604 of the record selected in the process of step 1401 in the protocol 601 of the communication data measurement table 215 as an individual with the threshold value 605. It is determined whether or not it is greater than or equal to the threshold value registered in.

  If it is determined in step 1402 that the communication data amount of the record selected in step 1401 is smaller than the threshold value, the communication control application rule update program 211 selects all records registered in the communication data measurement table 215. It is determined whether or not it has been done (1408). If it is determined in step 1408 that all the records registered in the communication data measurement table 215 have been selected, the protocol communication control application rule table update process ends.

  On the other hand, if it is determined in step 1408 that there is an unselected record in the communication data measurement table 215, the communication control application rule update program 211 returns to the process in step 1401 and selects another record.

  If it is determined in step 1402 that the communication data amount of the record selected in step 1401 is greater than or equal to the threshold value, the communication control application rule update program 211 refers to the communication flow table 216 and the communication data amount increases. The IP address of the service providing apparatus 108 is identified (1403). Specifically, the communication control application rule update program 211 reads the server IP address of the record whose communication type and attribute of the record selected in step 1401 match the information registered in the server IP address 702 and the protocol detailed attribute 706. The IP address of the service providing apparatus 108 registered in 702 is specified as the IP address of the service providing apparatus 108. Note that there may be a plurality of IP addresses of the service providing apparatus 108 identified in the process of step 1403.

  Next, the communication control application rule update program 211 determines whether or not the IP address of the service providing apparatus 108 has been specified in the process of step 1403 (1404).

  If it is determined in step 1404 that the IP address of the service providing apparatus 108 has not been specified in step 1403, the communication control application rule update program 211 proceeds to step 1408.

  On the other hand, if it is determined in step 1404 that the IP address of the service providing apparatus 108 has been identified in the process of step 1403, the communication control application rule update program 211 determines the service providing apparatus 108 identified in the process of step 1403. A combination of the IP address and the record selected in step 1401 is extracted as a communication flow (new service) that needs to change the communication control method (1405). That is, the IP address, communication type, and attribute of the service providing apparatus 108 specified in the process of step 1403 among the communication types and attributes selected in the process of step 1401 are extracted as new services. In the process of step 1405, the communication type and attribute, which are the IP addresses of the service providing apparatus 108 identified in the process of step 1403, are determined as conditions for classifying the communication flow received by the gateway apparatus 105 as a new service. .

  Next, the communication control application rule update program 211 determines a new communication control method to be applied to the new service extracted in step 1405 (1406). For example, the communication control application rule update program 211 obtains a communication control method that has one lower priority than the communication control method applied to the protocol selected in step 1401 in the protocol communication control application rule table 213 in step 1405. Determine the communication control method for the new service extracted in the process. Note that it is not always necessary to determine the communication control method with one lower priority. For example, in the communication control method list table 212 shown in FIG. 3, communication control with one lower priority than the bandwidth control with the lowest priority. Although the method is compression, since compression is applied to moving images, in this case, the communication control method to be applied to the new service is determined as the best effort “1” with the priority “n”.

  Next, the communication control application rule update program 211 is based on the record selected in step 1401, the IP address of the service providing apparatus 108 specified in step 1403, and the communication control method determined in step 1406. The protocol communication control application rule table 213 is updated (1407), and the process proceeds to step 1408. Specifically, the communication control application rule update program 211 adds a new record to the protocol communication control application rule table 213 and registers the same protocol as the record selected in step 1401 in the protocol 401 of the added record. Then, the IP address of the service providing apparatus 108 identified in the process of step 1403 is registered in the server IP address 402 of the added record, and the protocol detail attribute 403 of the record selected in the process of step 1401 is added to the protocol detail attribute 403 of the added record. The registered information is registered, and the communication control method determined in step 1406 is registered in the communication control method 404 of the added record.

  As described above, in the client-server type service, the communication data amount increases and a communication flow that needs to change the communication control method can be detected as a new service, and an appropriate communication control method can be associated with the detected new service. it can. It is also possible to learn conditions for classifying a communication flow received by the gateway device 105 as a new service in the future.

  FIG. 15 is a flowchart of the behavior communication control application rule table update process according to the first embodiment.

  The communication control application rule update program 211 determines in the communication data measurement table 215 whether there is a protocol whose communication data amount excluding the communication data amount of the new service extracted in step 1405 shown in FIG. Is determined (1501). Specifically, in the communication control application rule update program 211, the IP address of the service providing apparatus 108 of the new service extracted in the process of step 1405 shown in FIG. 14 is registered in the server IP address 702 of the communication flow table 216. The attribute registered in the protocol detail attribute 706 of the record and the data amount registered in the total data amount 708 are extracted. Then, the communication control application rule update program 211 subtracts the extracted data amount from the sum of the communication data amounts 604 of the records whose protocol detailed attribute 603 matches the attribute extracted from the communication data measurement table 215. Then, the communication control application rule update program 211 determines whether there is a protocol in which the total data amount of the subtracted communication data amount 604 is equal to or greater than the threshold value registered in the total of the threshold values 605.

  Further, in the processing of step 1501, the communication control application rule update program 211 subtracts the data amount extracted from the individual communication data amount 604 of the record whose protocol detailed attribute 603 matches the attribute extracted from the communication data measurement table 215. Alternatively, it may be determined whether there is a protocol in which the individual data amount of the subtracted communication data amount 604 is equal to or greater than the individually registered threshold value of the threshold value 605.

  If it is determined in step 1501 that there is no protocol whose communication data amount excluding the communication data amount of the new service in the communication data measurement table 215 exceeds the threshold, the communication control application rule update program 211 performs behavior communication control. The application rule table update process is terminated.

  On the other hand, if it is determined in step 1501 that there is a protocol in which the communication data amount excluding the communication data amount of the new service exists in the communication data measurement table 215, the communication control application rule update program 211 With reference to the flow table 216, a communication flow in which the protocol with the increased communication data amount matches the attribute registered in the protocol detail attribute 706 is extracted, and the extracted communication flows are clustered (1502). It is assumed that the communication flow record extracted as a new service has been deleted from the communication flow table 216. Further, clustering of the extracted communication flows can be realized using a k-means method based on, for example, a change in the data amount of several packets immediately after the start of the communication flow or an average arrival interval of packets, for example, a patent The method of Document 1 may be used.

  Next, the communication control application rule update program 211 selects one cluster A from the clusters in which the communication flows are clustered in the process of step 1502 (1503). Note that clusters whose communication flows belonging to the cluster are less than a predetermined number are excluded from the subsequent processing.

  Next, the communication control application rule update program 211 selects one communication flow B belonging to the cluster A selected in the processing of step 1503, refers to the communication flow table 216, and is the same user terminal 102 as the selected communication flow B. , And a communication flow group transmitted up to a predetermined time (for example, several seconds) before communication flow B is transmitted is extracted as immediately preceding communication flow group C (1504).

  Next, the communication control application rule update program 211 clusters the communication flows belonging to the immediately preceding communication flow group C extracted in the processing of step 1504, and the service providing apparatus 108 to which the communication flows belonging to the immediately preceding communication flow group C are connected. The IP address, the port number used in the communication flow, and the cluster to which the communication flow belongs are arranged in time series as one record (1505). For clustering of communication flows belonging to the immediately preceding communication flow group C, as parameters, port number, number of transmitted packets, number of received packets, amount of transmitted data, amount of received data, and several packets transmitted / received immediately after the communication flow is started Each data amount is used.

  Next, the communication control application rule update program 211 determines whether or not the number of communication flows B for which the processing of steps 1504 and 1505 has been executed is greater than or equal to a predetermined number (1506). In other words, the communication control application rule update program 211 determines whether or not the number of samples of the communication flow B is greater than or equal to a preset number.

  If it is determined in step 1506 that the number of communication flows B for which the processing in steps 1504 and 1505 has been executed is less than the predetermined number, the communication control application rule update program 211 returns to the processing in step 1504 and returns to cluster A. Another communication flow B belonging to is selected.

  On the other hand, if it is determined in step 1506 that the number of communication flows B for which the processing in steps 1504 and 1505 has been executed is greater than or equal to a predetermined number, the communication control application rule update program 211 performs the communication immediately before each communication flow B. The connection order to the service providing apparatus 108 common among the flow groups C is extracted as a common pattern (1507).

  Next, the communication control application rule update program 211 determines whether or not a common pattern has been extracted in the processing of step 1507 (1508).

  If it is determined in step 1508 that the common pattern has not been extracted in step 1507, the communication control application rule update program 211 determines that all clusters in which the communication flows extracted in step 1502 are clustered are clustered. It is determined whether or not it has been selected (1512). If it is determined in step 1512 that all the clusters obtained by clustering the communication flows extracted in step 1502 have not been selected, the communication control application rule update program 211 returns to the processing in step 1503, and others. Select a cluster.

  On the other hand, if it is determined in step 1512 that all clusters obtained by clustering the communication flows extracted in step 1502 are selected, the communication control application rule update program 211 performs behavior communication control application rule table update processing. Exit.

  If it is determined in step 1508 that a common pattern has been extracted in step 1507, the behavior communication control application rule update program 211 extracts each communication flow from which the previous communication flow group C from which the common pattern has been extracted is extracted. It is determined whether or not the port numbers used in B (that is, the communication flow B started after connecting to the service providing apparatus 108 in the connection order of the common pattern) are common (1509). A plurality of common port numbers may be detected.

  If it is determined in step 1509 that the port numbers used in the communication flows B extracted from the immediately preceding communication flow group C from which the common pattern is extracted are not common, the communication control application rule update program 211 Proceed to processing.

  On the other hand, if it is determined in step 1509 that the port numbers used in the communication flows B extracted from the immediately preceding communication flow group C from which the common pattern is extracted are the same, the communication control application rule update program 211 reads the common pattern. Is detected as a new service, and the common pattern and the port number are determined as conditions for classifying the communication flow received by the gateway device 105 as a new service. Then, the communication control application rule update program 211 determines a new communication control method to be applied to the new service (1510). Specifically, the communication control application rule update program 211 refers to the communication flow table 216 and acquires the protocol detailed attribute 603 of the communication flow B. Then, the communication control application rule update program 211 uses the communication control method 404 of the record that matches the protocol detailed attribute 603 acquired by the protocol detailed attribute 403 of the protocol communication control application rule table 213 to the communication flow B. Acquired as a control method. Then, the communication control application rule update program 211 determines a communication control method having a lower priority than the acquired communication control method as a new communication control method applied to the communication flow B. When there are a plurality of communication flows B, a plurality of communication control methods applied to the communication flow B may be acquired. In this case, for example, a communication control method having one lower priority than the communication control method having the lowest priority among the acquired communication control methods is determined as a new communication control method applied to the communication flow B.

  Next, the communication control application rule update program 211 is applied to the common pattern of the immediately preceding communication flow group C extracted in the process of step 1507, the port number of the communication flow B, and the communication flow B determined in the process of step 1510. The new communication control method is registered in the communication control application rule table 214 (1511), and the process proceeds to step 1512.

  In the processing of step 1511, the communication control application rule update program 211 registers the IP address of the user terminal 102 of the communication flow B in the terminal IP address 701 of the communication flow table 216 and the common pattern in the server IP address 702. The packet number 707 and the packet size 709 of the record in which the IP address of each service providing apparatus 108 is registered are acquired. Then, the communication control application rule update program 211 registers the value registered in the transmission of the acquired packet number 707 of each communication flow in the transmission packet number 512 and the value registered in the reception of the packet number 707 as the received packet. It registers in number 513. Further, the communication control application rule update program 211 registers the value registered in the “1” column of transmission of the acquired packet size 709 of each communication flow in the first transmission packet data amount 514, and sets the packet size 709. The value registered in the reception “1” column is registered in the first received packet data amount 515. When values are registered after “2” of transmission or reception of the packet size 709, these values are registered in the second transmission packet data amount or the second reception packet data amount.

  Note that the processing in step 1804 may be omitted. In the case where the process of step 1804 is omitted, if YES is determined in the process of step 1803, the communication control application rule update program 211 proceeds to the process of step 1805. Further, for example, “any” is registered in the port number 504 of the behavior communication control application rule table 214 to indicate that there is no restriction by the port number.

  Next, the ordered immediately preceding communication flow group C in the processing of step 1505 will be described with reference to FIG. FIG. 16 is an explanatory diagram of the arranged immediately preceding communication flow group C according to the first embodiment.

  In FIG. 16, it is assumed that the communication flow group C1601 immediately before the communication flow B1, the communication flow group C1602 immediately before the communication flow B2, and the communication flow group C1603 immediately before the communication flow B3 are extracted.

  In this case, the communication control application rule update program 211 extracts the connection order (“addr11” and “addr12”) of the IP address of the service providing apparatus 108 as a common pattern, and the communication control application rule update program 214 behaves in the connection order. sign up.

  According to the behavior communication control application rule table update process, in a P2P (peer to peer) type service in which the user terminal 102 does not receive actual data from the service providing apparatus 108, the user terminal 102 starts transmission / reception of actual data. The connection order of the service providing apparatuses 108 with which 102 communicates for authentication or the like can be learned as classification conditions for new services.

  FIG. 17 is a flowchart of the updated communication control application rule table notification process according to the first embodiment.

  First, the communication control application rule update program 211 determines whether or not a new service has been extracted by at least one of the protocol communication control application rule table update process and the behavior communication control application rule table update process (1701). That is, the communication control application rule update program 211 determines whether at least one of the protocol communication control application rule table 213 and the behavior communication control application rule table 214 has been updated.

  If it is determined in step 1701 that no new service has been extracted in either the protocol communication control application rule table update process or the behavior communication control application rule table update process, the protocol communication control application rule table 213 and the behavior communication Since none of the control application rule tables 214 has been updated, the communication control application rule update program 211 ends the updated communication control application rule table notification process.

  On the other hand, if it is determined in step 1701 that a new service has been extracted by at least one of the protocol communication control application rule update process and the behavior communication control application rule table update process, the communication control application rule update program 211 is updated. The communication control application rule table is transmitted to the gateway device 105 (1702).

  Next, when the updated communication control application rule table includes the protocol communication control application rule table 213, the communication control application rule update program 211 performs communication data measurement based on the updated protocol communication control application rule table 213. The attribute of the table 215 is updated (1703). Then, the communication control application rule update program 211 transmits the updated attribute of the communication data measurement table 215 to the measurement device 106 (1704), and ends the updated communication control application rule table notification process.

  If the updated communication control application rule table does not include the protocol communication control application rule table 213, that is, if only the behavior communication control application rule table 214 is updated, the processing of steps 1703 and 1704 is executed. The communication control application rule update program 211 transmits the communication control application rule table updated in the process of Step 1702 and ends the updated communication control application rule table notification process without necessity.

  According to the communication control application rule table update process described with reference to FIGS. 13 to 17, the communication control method management apparatus 104 needs to change the communication control method applied when the communication data amount increases. A flow can be detected as a new service. Then, the communication control method management apparatus 104 learns the classification condition for the detected new service, and updates the communication control application rule table in association with the learned classification condition and the new communication control method applied to the detected new service. Then, the updated communication control application rule table is notified to the gateway device 105. As a result, the gateway device 105 can implement an appropriate communication control method following the new service, so that it is possible to prevent the quality of the service from being degraded throughout the network.

  Next, packet reception processing executed when the gateway device 105 receives a packet will be described with reference to FIGS.

  FIG. 18 is a flowchart of packet reception processing of the gateway device 105 according to the first embodiment.

  First, the communication control application rule management program 811 calls the behavior detection program 814, and the behavior detection program 814 executes the under-evaluation table update process (1801). The under-evaluation table update process is a process for updating the under-evaluation table 816 based on information regarding the user terminal 102 connected to the service providing apparatus 108 in the connection order registered in the behavior communication control application rule table 815. Details of the during-evaluation table update processing will be described with reference to FIG.

  Next, the communication control application rule management program 811 determines whether or not the communication control method for the communication flow of the received packet has been determined (1802). For example, the communication control application rule management program 811 holds the identification information of the communication flow for which the communication control method has been determined as the communication control method determined information, and has received the communication control method determined information with reference to the communication control method determined information. It may be determined whether or not the communication control method of the packet communication flow has been determined. For example, the IP address of the user terminal 102 of the communication flow, the IP address of the service providing apparatus 108, and the port number are used as the communication flow identification information.

  If it is determined in step 1802 that the communication control method for the communication flow of the received packet has been determined, the communication control application rule management program 811 ends the packet reception process.

  On the other hand, if it is determined in step 1802 that the communication control method of the communication flow of the received packet has not been determined, the user terminal IP address 901 of the communication flow communication control application rule table 813 includes the received packet in the received packet. It is determined whether there is a record in which the IP address of the user terminal 102 to be registered exists (1803).

  If it is determined in step 1803 that there is a record in which the IP address of the user terminal 102 included in the received packet is registered in the user terminal IP address 901 of the communication flow communication control application rule table 813, communication control application The rule management program 811 determines whether or not the port number included in the received packet matches the port number registered in the port number 902 of the record (1804).

  If it is determined in step 1804 that both port numbers match, the communication control application rule management program 811 determines the communication control method for the communication flow of the received packet based on the communication flow communication control application rule table 813. It decides (1805) and ends the packet reception process. Specifically, the communication control application rule management program 811 matches the IP address of the user terminal 102 included in the packet received by the user terminal IP address 901 of the communication flow communication control application rule table 813, and the port number 902 is The communication control method registered in the communication control method 903 of the record that matches the port number included in the received packet is acquired, and the communication control method of the communication flow of the received packet is determined as the acquired communication control method.

  If it is determined in step 1803 that there is no record in which the IP address of the user terminal 102 included in the received packet is registered in the user terminal IP address 901 of the communication flow communication control application rule table 813; If it is determined in step 1804 that the port number included in the received packet does not match the port number registered in the port number 902 of the record, the communication control application rule management program 811 determines that the protocol of the received packet is It is determined whether it is SIP, HTTP, or FTP (1806). Note that in the processing of step 1806 shown in FIG. 18, the processing branches to three of SIP, HTTP, and FTP, but actually, the protocol of the received packet is all registered in the protocol communication control application rule table 812. Branches as many as the number of types of protocols.

  If it is determined in step 1806 that the protocol of the received packet is SIP, the communication control application rule management program 811 executes SIP communication control method determination processing (1807), and ends the packet reception processing. . In the SIP communication control method determination process, the communication control application rule management program 811 includes the service providing apparatus included in the packet received by the server IP address 402 of the record in which the SIP is registered in the protocol 401 of the protocol communication control application rule table 812. The communication control method of the received packet is determined as the communication control method registered in the communication control method 404 of the record that matches the IP address of 108 and the protocol detail attribute 403 of the record matches the attribute of the received packet. To do.

  If it is determined in step 1806 that the protocol of the received packet is HTTP, the communication control application rule management program 811 executes HTTP communication control method determination processing (1808), and performs packet reception processing. finish. In the HTTP communication control method determination process, the communication control application rule management program 811 includes the service providing apparatus included in the packet received by the server IP address 402 of the record in which HTTP is registered in the protocol 401 of the protocol communication control application rule table 812. The communication control method of the received packet is determined as the communication control method registered in the communication control method 404 of the record that matches the IP address of 108 and the protocol detail attribute 403 of the record matches the attribute of the received packet. To do. Details of the HTTP communication control method determination process will be described with reference to FIG.

  If it is determined in step 1806 that the protocol of the received packet is FTP, the communication control application rule management program 811 executes FTP communication control method determination processing (1809), and performs packet reception processing. finish. In the FTP communication control method determination process, the communication control application rule management program 811 includes the service providing apparatus included in the packet received by the server IP address 402 of the record in which FTP is registered in the protocol 401 of the protocol communication control application rule table 812. The communication control method of the received packet is determined as the communication control method registered in the communication control method 404 of the record that matches the IP address of 108 and the protocol detail attribute 403 of the record matches the attribute of the received packet. To do.

  After the packet reception process shown in FIG. 18 is executed, the packet reading program 819 performs communication control based on the communication control method determined by the communication control application rule management program 811. Specifically, the packet read program 819 determines the read timing of the packet of each communication flow from the packet buffer 817 based on the communication control method determined by the communication control application rule management program 811. Then, the packet reading program 819 reads the packet from the packet buffer 817 at the determined timing, and transmits the read packet to the access network 103 or the measuring device 106. This communication control can be realized by, for example, IntServ (Integrated Services).

  The communication control application rule management program 811 may store the communication flow for which the communication control method is determined based on the communication flow communication control application rule table 813 and notify the measurement device 106 and the communication control method management device 104.

  FIG. 19 is a flowchart of HTTP communication control method determination processing according to the first embodiment.

  First, the communication control application rule management program 811 determines whether or not the IP address of the service providing apparatus 108 included in the received packet is in the range of aaa to eeee (1901).

  When it is determined in step 1901 that the IP address of the service providing apparatus 108 included in the received packet is in the range of aaa to eeee, the communication control application rule management program 811 determines that the MIME Type of the received packet is video. It is determined whether or not (1902).

  If it is determined in step 1902 that the MIME Type of the received packet is video, the communication control application rule management program 811 determines the communication control method of the received packet as “compression” (1903), and HTTP The communication control method determination process is terminated.

  On the other hand, if it is determined in step 1902 that the MIME Type of the received packet is not video, the communication control application rule management program 811 determines the communication control method for the received packet as “bandwidth control 2” (1904). ), And ends the HTTP communication control method determination process.

  When it is determined in step 1901 that the IP address of the service providing apparatus 108 included in the received packet does not exist in the range of aaa to eeee, the communication control application rule management program 811 determines that the MIME Type of the received packet is It is determined whether or not it is video (1905).

  If it is determined in step 1905 that the MIME Type of the received packet is video, the communication control application rule management program 811 determines the communication control method for the received packet as “bandwidth control 1” (1906). Then, the HTTP communication control method determination process is terminated.

  On the other hand, if it is determined in step 1905 that the MIME type of the received packet is not video, the communication control application rule management program 811 proceeds to the process of step 1904 and sets the communication control method of the received packet to “bandwidth control”. 2 ”and the HTTP communication control method determination process is terminated.

  FIG. 20 is a flowchart of the under-evaluation table update process according to the first embodiment.

  First, the behavior detection program 814 determines whether the IP address of the service providing apparatus 108 included in the received packet is registered in the server IP address 511 of the behavior communication control application rule table 815 (2001).

  If it is determined in step 2001 that the IP address of the service providing apparatus 108 included in the received packet is not registered in the server IP address 511 of the behavior communication control application rule table 815, the behavior detection program 814 End the middle table update process.

  On the other hand, if it is determined in step 2001 that the IP address of the service providing apparatus 108 included in the received packet is registered in the server IP address 511 of the behavior communication control application rule table 815, the behavior detection program 814 Then, it is determined whether or not the IP address of the user terminal 102 included in the received packet is registered in the user terminal IP address 1001 of the evaluation table 816 (2002).

  If it is determined in step 2002 that the IP address of the user terminal 102 included in the received packet is not registered, the behavior detection program 814 executes the server IP address of the connection server 502A in the behavior communication control application rule table 815. It is determined whether the IP address of the service providing apparatus 108 included in the packet received in 511 is registered (2003).

  If it is determined in step 2003 that the IP address of the service providing apparatus 108 included in the received packet is registered in the server IP address 511 of the connection server 502A of the behavior communication control application rule table 815, the behavior detection program In step 814, it is determined whether the data amount of the received packet is within the range registered in the first transmission packet data amount 514 of the connection server 502A (2004). Note that the IP address of the user terminal 102 included in the received packet at the user terminal IP address 1001 in the under-evaluation table 816 is not registered, and is included in the packet received by the connection server 502A in the behavior communication control application rule table 815. When the IP address of the service providing apparatus 108 to be registered is registered, the received packet is a packet first transmitted from the user terminal 102 to the service providing apparatus 108. For this reason, in the process of step 2004, it is determined whether or not the data amount of the received packet is within the range registered in the first transmission packet data amount 514 of the connection server 502A.

  When it is determined in step 2004 that the amount of received packet data is within the range registered in the first transmission packet data amount 514 of the connection server 502A, the behavior detection program 814 executes the identification information of the corresponding pattern, The IP address of the service providing apparatus 108 and the number of packets included in the received packet are registered in the under evaluation table 816 (2005), and the under evaluation table update process is terminated. The corresponding pattern is a pattern in which the IP address of the user terminal 102 included in the received packet and the IP address of the service providing apparatus 108 included in the received packet match the server IP address 511 of the connection server 502A.

  Specifically, the behavior detection program 814 adds a record to the under-evaluation table 816. Then, the behavior detection program 814 registers the IP address of the user terminal 102 included in the received packet in the user terminal IP address 1001 of the added record, and registers the identification information of the corresponding pattern in the behavior pattern 1002 of the added record. Then, the IP address of the service providing apparatus 108 included in the received packet is registered in the server IP address 1003 of the added record. Further, the behavior detection program 814 registers 1 in the number of transmitted packets 1004 of the added record, registers 0 in the number of received packets 1005 of the added record, and adds the record to the added last update date 1006. And register the time.

  If it is determined in step 2003 that the IP address of the service providing apparatus 108 included in the received packet is not registered in the server IP address 511 of the connection server 502A in the behavior communication control application rule table 815, and step 2004 When it is determined that the received packet data amount is outside the range registered in the first transmission packet data amount 514 of the connection server 502A, the behavior detection program 814 terminates the under-evaluation table update process.

  If it is determined in step 2002 that the IP address of the user terminal 102 included in the received packet is registered in the user terminal IP address 1001 of the under-evaluation table 816, the behavior detection program 814 It is determined whether the IP address of the service providing apparatus 108 included in the received packet is registered in the server IP address 1003 of the record in which the IP address of the user terminal 102 included in the packet received at the IP address 1001 is registered ( 2006).

  If it is determined in step 2006 that the IP address of the service providing apparatus 108 included in the received packet is registered in the server IP address 1003 of the record, the behavior detection program 814 receives the data amount of the received packet. It is determined whether or not the value is within the range of the data amount registered in the communication control application rule table 815 (2007).

  Specifically, the behavior detection program 814 specifies whether the received packet has been transmitted from the user terminal 102 or the service providing apparatus 108, and how many times the received packet has been transmitted from the transmission source apparatus to the transmission destination apparatus. Determine if it was sent. Further, the behavior detection program 814 acquires a pattern registered in the behavior pattern 1002 of the record corresponding to the received packet in the under-evaluation table 816, and each of the patterns corresponding to the acquired pattern in the behavior communication control application rule table 815. Among the server connections, the server connection in which the IP address of the service providing apparatus 108 included in the packet received at the server IP address 511 is registered as the server connection corresponding to the received packet. Note that the record corresponding to the received packet in the evaluation table 816 includes the IP address of the user terminal 102 included in the received packet at the user terminal IP address 1001 and is included in the packet received at the server IP address 1003. A record in which the IP address of the service providing apparatus 108 to be registered is registered.

  When the received packet is transmitted from the user terminal 102, the behavior detection program 814 acquires the range registered in the transmission packet data amount corresponding to the specified number of server connections corresponding to the received packet, and receives the received packet. It is determined whether the data amount of the received packet is within the range registered in the acquired transmission packet data amount. On the other hand, when the received packet is transmitted from the service providing apparatus 108, the behavior detection program 814 acquires the range registered in the received packet data amount corresponding to the specified number of times of server connection corresponding to the received packet, It is determined whether the data amount of the received packet is within the range registered in the acquired received packet data amount.

  If it is determined in step 2007 that the data amount of the received packet is within the range of the data amount registered in the behavior communication control application rule table 815, the behavior detection program 814 updates the table under evaluation 816. (2008). Specifically, when the received packet is transmitted from the user terminal 102, the behavior detection program 814 uses the value registered in the transmitted packet number 1004 of the record corresponding to the received packet in the evaluation table 816 as the value. When the received packet is transmitted from the service providing apparatus 108, the value registered in the received packet number 1005 of the record corresponding to the received packet in the under-evaluation table 816 is updated as follows. The value is updated to the value obtained by adding “1”. Then, the behavior detection program 814 registers the date and time when the record is updated in the last update date and time 1006 of the record corresponding to the received packet in the under-evaluation table 816.

  In addition, the behavior detection program 814 indicates that the values registered in the updated number of transmitted packets 1004 and the number of received packets 1005 correspond to the number of transmitted packets 512 of the server connection corresponding to the received packets in the behavior communication control application rule table 815 and the reception. When the value matches the value registered in the packet number 513, the IP address of the service providing apparatus 108 registered in the server IP address 511 of the server connection next to the server connection is acquired. Then, the behavior detection program 814 registers the acquired IP address of the service providing apparatus 108 in the server IP address 1003 of the record corresponding to the received packet in the under-evaluation table 816, the number of transmitted packets 1004 of the record, and the received packet “0” is registered in the number 1005.

  Next, the behavior detection program 814 determines whether transmission / reception of all transmission / reception packets in the pattern of the behavior communication control application rule table 815 has been completed (2009).

  Specifically, if there is no server connection next to the server connection corresponding to the received packet in the behavior communication control application rule table 815, the behavior detection program 814 performs the behavior communication control application rule table 815 in the process of step 2009. It is determined that transmission / reception of all transmission / reception packets in the pattern is completed.

  When it is determined in step 2009 that transmission / reception of all transmission / reception packets in the pattern of the behavior communication control application rule table 815 has been completed, the behavior detection program 814 adds a new record to the communication flow communication control application rule table 813. , Register the IP address of the user terminal 102 included in the received packet in the user terminal IP address 901 of the added record, register the port number included in the received packet in the port number 902 of the record, The communication control method registered in the communication control method 503 corresponding to the corresponding pattern in the communication control application rule table 815 behaves in the record communication control method 903 (2010), and the evaluation table update process is terminated.

  In the process of step 2006, the server IP address 1003 of the record in which the IP address of the user terminal 102 included in the packet received at the user terminal IP address 1001 is registered is the IP address of the service providing apparatus 108 included in the received packet. If it is determined that it is not registered, if it is determined in step 2007 that the data amount of the received packet is outside the range of the data amount registered in the communication control application rule table 815, and If it is determined in the process of 2009 that transmission / reception of all the transmission / reception packets in the pattern of the behavior communication control application rule table 815 has not been completed, the behavior detection program 814 ends the table evaluation process.

  Note that the TCP connection sequence packet and the ack packet are excluded from the packets to be processed in the under-evaluation table update process shown in FIG.

  According to the under-evaluation table update process, the gateway device 105 determines the IP address and port number of the user terminal 102 of the communication flow that matches the connection order to the service providing device 108 registered in the behavior communication control application rule table 815, and The communication control method to be applied to the communication flow is registered in the communication flow communication control application rule table 813. Therefore, when the gateway apparatus 105 receives a communication flow using the port number from the user terminal 102 after registering the communication flow communication control application rule table 813, the gateway apparatus 105 determines an appropriate communication control method for the received communication flow. It is possible to determine an appropriate communication control method before actual data is transmitted and received.

  Note that the communication control application rule management program 811 communicates with the user terminal IP address 1001 of the under-evaluation table 816 when communication of the communication flow whose communication control method is determined based on the communication flow communication control application rule table 813 is completed. The IP address of the user terminal 102 included in the communication flow for which the communication has been completed is registered, and the record in which the IP address of the service providing apparatus 108 included in the communication flow for which the communication has been completed is registered in the server IP address 1003 is deleted.

  In addition, the behavior detection program 814 deletes records that have passed a predetermined time or more from the time registered in the last update date and time 1006 of the table under evaluation 816.

  18 to 20, the gateway device 105 determines the communication flow communication control method based on the communication flow attributes (that is, the protocol, the IP address of the service providing device 108, etc.), and Referring to the communication flow communication control application rule table 813, the communication flow communication control method is determined based on the IP address and port number of the user terminal 102 of the communication flow.

  For this reason, an appropriate communication control method can be determined for a communication flow before actual data transmission / reception is started. When actual data transmission / reception is started, the communication flow is communicated with an appropriate communication control method. Control is implemented.

  The gateway device 105 can adjust the amount of communication data flowing into the access network 103 by performing communication control for download communication (that is, a packet transmitted from the service providing device 108 to the user terminal 102). For this reason, especially when there is a problem of the communication band of the access network 103, the gateway device 105 can directly adjust the inflow amount to the access network 103 in accordance with the attribute of the service.

  The gateway device 105 can adjust the amount of communication data flowing into the core network 101 and the Internet 107 by performing communication control on upload communication (that is, a packet transmitted from the user terminal 102 to the service providing device 108). When the core network 101 and the Internet 107 are congested, packet delay and discard may occur. In the case of communication using TCP, in a communication flow in which many packets are discarded, the bandwidth is suppressed by TCP retransmission control. Even in communication using UDP, it is expected that the higher level protocol calculates the available bandwidth based on the packet discard rate and the like, and adapts the communication speed to the available bandwidth.

  As described above, in this embodiment, the communication control system includes the gateway device 105 and the communication control method management device 104, and the gateway device provides the user terminal 102 and the service providing device 108 that provides a service to the user terminal. And the communication control between the user terminal 102 and the service providing apparatus 108 is performed, and the communication flow is transferred between the user terminal 102 and the service providing apparatus 108. The communication control method management apparatus 104 manages a communication control method by the gateway apparatus 105, and the communication control method management apparatus 104 includes a condition for the gateway apparatus 105 to classify the communication flow, and classified communication. Communication control application rule information in which the communication control method corresponding to the flow is registered ( In other words, the protocol communication control application rule table 213 and the behavior communication control application rule table 214 are stored), and the communication control method is performed based on the amount of communication between the user terminal 102 and the service providing apparatus 108. A communication flow that needs to be changed is detected, a condition for classifying the communication flow received by the gateway device 105 into the detected communication flow is determined, and a communication control method corresponding to the detected communication flow is determined. Updating the communication control application rule information so as to register the determined condition and the determined communication control method, and notifying the gateway device 105 of the updated communication control application rule information. On the basis of the notified communication control application rule information. 105 classifies communication flow received determines a communication control method corresponding to the communication flow, in the determined communication control method, which comprises carrying out the communication control of the communication flow that the received.

  Thereby, the communication control method management apparatus 104 registers the condition for classifying the detected new service and the communication control method applied to the new service in the communication control application rule information, and the communication control application rule information is registered in the gateway. In order to notify the device 105, the communication control system can perform appropriate communication control following the new service, and can prevent the quality of the service from being deteriorated in the entire network.

  Further, according to the present embodiment, the connection order to the service providing apparatus 108 is registered as a condition for classifying the communication flows in the behavior communication control application rule table 214 included in the communication control application rule information. The communication control method management apparatus 104 selects a communication flow in which the communication amount satisfies a predetermined condition as a communication control method change communication flow candidate that is a communication flow that may change the communication control method, and Immediately before the selected communication control method change communication flow candidate is transmitted from the same user terminal 102 as the selected communication control method change communication flow candidate, a predetermined time before the selected communication control method change communication flow candidate is transmitted. Select the communication flow group transmitted during the previous communication flow as the previous communication flow, and based on the selected previous communication flow When the connection order to the service providing apparatus 108 is specified, and the connection order to the specified service providing apparatus 108 is common with the communication flow immediately before another communication control method change communication flow candidate, the selected communication control method change A communication flow candidate is detected as a communication flow that needs to change the communication control method, and the order of connection to the specified service providing apparatus 108 is classified into the detected communication flows that the gateway apparatus 105 receives. It is characterized in that it is determined as a condition for

  Thereby, for example, in the P2P type service, the communication control method management apparatus 104 can learn the classification condition for the gateway apparatus 105 to determine the communication control method of the communication flow before the start of actual data transmission / reception.

  Further, the gateway device 105 provides the service provision from the same user terminal 102 in the connection order to the service providing device 108 described in the behavior communication control application rule table 815 included in the notified communication control application rule information. A communication flow group connected to the device 108 is detected, the behavior communication control application rule table 815 is referenced, a communication control method corresponding to the detected communication flow group and a target port number are determined, and the detected communication The identification information of the user terminal 102 included in the flow group, the determined port number, and the determined communication control method are registered in the communication flow communication control application rule information (that is, the communication flow communication control application rule table 813). When a new communication flow is received, the communication flow communication control application rule The communication control method corresponding to the identification information of the user terminal 102 included in the received communication flow and the port number of the received communication flow is determined, and the received communication control method is used to determine the received communication flow. The communication control of the communication flow is performed.

  Thereby, for example, in the P2P type service, the gateway apparatus 105 can determine the communication control method of the communication flow before the start of actual data transmission / reception.

  In addition, the gateway device 105 matches all the connections depending on the communication flow in which the received communication flow is in the middle of the connection order of the notified communication control application rule information to the service providing device 108 and will be received in the future. If there is a possibility of satisfying the order, the identification information of the conditions that match the connection order of the service providing apparatus 108 (that is, the identification information of the behavior pattern 1002), the identification information of the user terminal 102 included in the received communication flow, Information on the packet to be transmitted or received next (that is, the address of the service providing apparatus 108) is registered in the information under evaluation (that is, the table under evaluation 816).

  As a result, the gateway device 105 matches the connection order of the behavior communication control application rule table 815 to the service providing device 108 halfway and may satisfy all connection orders depending on the communication flow to be received in the future. The identification information of the user terminal 102, the identification information of the behavior pattern 1002 being evaluated, and the information of the packet to be transmitted / received next (that is, the address of the service providing apparatus 108) can be managed.

  The communication control method includes a plurality of methods having different priorities for the gateway device 105 to transfer the communication flow, and the communication control method management device 104 prioritizes a communication control method corresponding to the detected communication flow. A communication control method having a priority lower than the order is determined as a new communication control method corresponding to the detected communication flow.

  As a result, since the communication flow in which communication control is performed by the communication control method corresponding to the communication flow of the new service is transferred with priority over the new service, even if the communication data amount of the new service increases, It is possible to prevent an influence on a communication flow in which communication control is performed by a communication control method having a higher priority than a new service.

  Further, in the protocol communication control application rule table 213 included in the communication control application rule information, the communication type of the communication flow and the attribute for each communication type are registered as conditions for classifying the communication flow, and the communication The control method management device 104 detects a communication flow in which the communication amount satisfies a predetermined condition, and the communication type and attribute of the detected communication flow are the same as the detected communication flow received by the gateway device. It is determined as a condition for classifying as a communication flow to which the control method is applied.

  Accordingly, for example, in a client-server type service, a communication flow that needs to change the communication control method can be detected as a new service, and an appropriate communication control method can be associated with the detected new service. It is also possible to learn conditions for classifying the communication flow received by 105 as a new service. Further, since the communication flow is classified based on the communication type of the communication flow and the service providing apparatus, the gateway apparatus 105 can determine the communication control method of the communication flow before starting the actual data transmission / reception.

  In this embodiment, the communication data amount 604 measured by the communication data measurement program 111 in the measuring device 106 is the number of bytes transmitted / received, the number of communication flows, the number of user terminals, the number of service providing devices, or the like. Or may be used in combination.

  In the first embodiment, the gateway device 105 has described the example in which the packet is logically separated for each communication flow, stored in the packet buffer 817, and communication control is performed for each communication flow. In the present embodiment, an example will be described in which communication flows to which the same communication control method is applied are combined into one QoS (Quality of Service) class, and communication control is performed for each QoS class.

  FIG. 21 is an explanatory diagram of the protocol communication control application rule tables 213 and 812 according to the second embodiment.

  The protocol communication control application rule table 213 includes a protocol 401, a server IP address 402, a protocol detailed attribute 403, a communication control method 404, and a QoS class 2101. A protocol communication control application rule table 213 shown in FIG. 21 is obtained by adding a QoS class 2101 to the protocol communication control application rule table 213 shown in FIG. The other configurations have the same functions as the configurations denoted by the same reference numerals shown in FIG. 4 and have not been described.

  In the QoS class 2101, QoS class identification information corresponding to a communication control method applied to a communication flow classified based on a communication type and an attribute for each communication type is registered.

  Note that the protocol communication control application rule table 213 illustrated in FIG. 21 may not include the communication control method 404 as long as the QoS class 2101 is included.

  The behavior communication control application rule tables 214 and 815 also include a QoS class corresponding to the communication control method. The communication flow communication control application rule table 813 also includes a QoS class corresponding to the communication control method.

  In the processes shown in FIGS. 18 and 19, the communication control application rule management program 811 determines a QoS class instead of determining a communication control method.

  14 and 15, the communication control application rule update program 211 determines the QoS class of the new service instead of determining the communication control method of the new service. For example, the communication control application rule update program 211 determines the QoS class corresponding to the communication control method having a lower priority than the communication control method corresponding to the original QoS class as the QoS class of the new service.

  The gateway device 105 logically separates the packet buffer 817 for each QoS class, and the packet distribution program 818 stores the received packet in the packet buffer 817 according to the QoS class. The packet read program 819 determines the read timing of the packet from the packet buffer 817 based on the communication control method corresponding to the QoS class. Then, the packet reading program 819 reads the packet from the packet buffer 817 at the determined timing, and transmits the read packet to the access network 103 or the measuring device 106. This communication control for each QoS class can be realized by using, for example, Diffserv (Differentiated Services).

  In the memory 204 of the communication control method management apparatus 104 according to the present embodiment, a QoS class, a communication control method corresponding to the QoS class, and a communication flow condition for being classified into the QoS class are registered in association with each other. A QoS class mapping table 2200 is stored.

  FIG. 22 is an explanatory diagram of the QoS class mapping table 2200 according to the second embodiment.

  The QoS class mapping table 2200 includes a QoS class 2201, a communication control method 2202, a protocol 2203, a MIME Type 2204, and a server IP address 2205.

  In the QoS class 2201, QoS class identification information is registered. In the communication control method 2202, a communication control method corresponding to the QoS class is registered. In the protocol 2203, a protocol that is a condition classified into the QoS class is registered. In MIME Type 2204, the type of content that is a condition classified as a QoS class is registered. In the server IP address 2205, the IP address of the service providing apparatus 108 which is a condition for classification into the QoS class is registered. Note that the protocol detail attribute 403 of the protocol communication control application rule table 213 shown in FIG. 4 may be registered according to each protocol.

  When the QoS class mapping table 2200 is displayed, when the data amount of a communication flow of a certain communication type increases, the administrator can easily grasp the range of the communication flow that is affected.

  In this embodiment, the gateway device 105 has a buffer (that is, a packet buffer 817) for temporarily storing the received communication flow, and the communication flow in which the communication control is performed by the same communication control method is the same QoS class. Are stored together in the buffer, based on the QoS class communication control method, the communication flow stored in the buffer is read, and the communication control is performed on the read communication flow. To do.

  As a result, the communication flow is collectively handled for each QoS class, so that the management of the communication control method can be prevented from becoming complicated, and the expandability of the communication control in the gateway device 105 is ensured.

  In the first embodiment and the second embodiment, the communication control method or QoS class newly applied to the new service is one lower in priority than the communication control method or QoS class applied to the new service. Described as a class. In this embodiment, the communication control method management device 104 clusters the communication flow received by the gateway device 105, and the cluster mapping shown in FIG. 23 shows the relationship between each cluster and the communication control method or QoS class applied to each cluster. The communication control method or the QoS class applied to the cluster to which the new service belongs is determined as the communication control method or the QoS class newly applied to the new service with reference to the cluster mapping table 2300. . In this embodiment, a QoS class will be described as an example.

  In the present embodiment, the communication control application rule update program 211 executes cluster mapping processing at a predetermined timing. The cluster mapping process may be executed before the process of step 1301 as a part of the communication control application rule table update process, or may be executed separately from the communication control application rule table update process.

  First, the communication control application rule update program 211 clusters the communication flows registered in the communication flow table 216. As the clustering method in this process, the same method as the clustering method in the process of step 1502 shown in FIG. 15 is used.

  Next, the communication control application rule update program 211 specifies a QoS class corresponding to each communication flow belonging to each cluster. Then, the communication control application rule update program 211 identifies all QoS classes corresponding to the communication flow for each cluster, registers the relationship between each cluster and the identified QoS class in the cluster mapping table 2300, and performs cluster mapping processing. finish.

  Further, the communication control application rule update program 211 registers values corresponding to the communication flow content type of each cluster and parameters (packet size, generation interval, etc.) used for clustering in the cluster mapping table 2300.

  FIG. 23 is an explanatory diagram of the cluster mapping table 2300 according to the third embodiment.

  The cluster mapping table 2300 includes a cluster 2301, a type 2302, a packet size 2303, an occurrence interval 2304, and a QoS class 2305.

  In the cluster 2301, identification information of each cluster is registered. In the type 2302, the content type of the communication flow of each cluster is registered. In the packet size 2303, an average value of each time packet received by the user terminal 102 is registered. In the generation interval 2304, an average value of packet generation intervals of each cluster is registered. In the QoS class 2305, all QoS classes applied to the communication flow of each cluster are registered.

  In the cluster mapping table 2300, items other than the packet size 2303 and the generation interval 2304 may be registered as parameters used for clustering.

  In the cluster mapping table 2300, the communication control application rule management program 811 performs a new QoS class of a new service in the process of step 1406 shown in FIG. 14 and the process of step 1510 in the behavior communication control application rule table update process shown in FIG. It is referred to when determining.

  First, the process of step 1406 will be described. The communication control application rule update program 211 identifies the cluster to which the communication flow that becomes the new service extracted in the processing of step 1405 belongs. Then, the communication control application rule update program 211 refers to the cluster mapping table 2300 and changes the QoS class registered in the QoS class 2305 of the record in which the identification information of the identified cluster is registered in the cluster 2301 to a new QoS class. decide. When a plurality of QoS classes are registered in the QoS class 2305, the communication control application rule update program 211 determines the QoS class with the lowest priority as a new QoS class.

  In step 1510, the communication control application rule update program 211 identifies a cluster to which the communication flow B detected as a new service belongs. Since the subsequent processing is the same as the processing in step 1406, description thereof will be omitted.

  When determining the QoS class of the new service, the priority is lower than the QoS class corresponding to the cluster to which the new service belongs in consideration of the influence on other services of the new service whose communication data amount is equal to or greater than a predetermined value. The priority QoS class may be determined as a new QoS class, and the QoS class to be applied according to the service operation may be flexibly set. As a result, it is possible to prevent a service with a large amount of communication data from squeezing communication of other services.

  The communication control application rule update program 211 may receive user contract information from the subscriber information management server and refer to the received user contract information to determine the QoS class of the new service.

  The cluster mapping table 2300 is referred to when determining a QoS class of a new service when a new service is detected, and is not referred to when determining a communication control method for a communication flow received by the gateway device 105. .

  In the present embodiment, the case of determining the QoS class corresponding to the new service of the second embodiment has been described. However, the present embodiment is also applicable to the case of determining the communication control method corresponding to the new service of the first embodiment.

  In this embodiment, the communication control method includes a priority order in which the gateway device 105 transfers the communication flow, the communication control method management device 104 acquires the communication flow received by the gateway device 105, and When the acquired communication flow is clustered by a predetermined method, the communication control method implemented in the communication flow belonging to the clustered cluster is retained, and the communication flow that needs to change the communication control method is detected, Cluster detected communication flows by the predetermined method, and determine a new communication control method corresponding to the detected communication flow based on a communication control method belonging to a communication flow belonging to the same cluster as the detected communication flow It is characterized by that.

  As a result, the communication control method applied to the communication flow similar to the new service is determined as the new communication control method for the new service, so that a more appropriate communication control method can be applied to the new service.

  In this embodiment, when a new service is detected, when a communication control method or QoS class for a new service is determined, and when a communication control application rule table is updated, a screen to that effect is displayed to the administrator. The administrator's judgment is reflected in the update of the rule table. In this embodiment, a QoS class will be described as an example.

  When the communication control application rule table is updated after the administrator confirms the update of the communication control application rule table, the communication control application rule update program 211 executes the protocol communication control application rule table in step 1407 shown in FIG. The behavior control processing 213 and the communication control application rule table 214 in FIG. 15 are not updated, and the identification information of the new service and the QoS class applied to the new service are stored. Further, the communication control application rule update program 211 does not execute the updated communication control application rule table notification process shown in FIG. 17 until the administrator confirms the update of the communication control application rule table.

  The communication control method management apparatus 104 of this embodiment has an input / output device 202 including a display, or is connected to an administrator terminal having a display.

  FIG. 24 is an explanatory diagram of a screen displayed when a new service is detected according to the fourth embodiment.

  The screen shown in FIG. 24 may be displayed by the communication control application rule update program 211 generating display data, or an application operating on the administrator terminal accesses the communication control method management device 104 to display the display data. May be generated and displayed. In the present embodiment, an example in which the communication control application rule update program 211 generates display data of the screen illustrated in FIG. 24 will be described.

  The communication control application rule update program 211 displays a communication data amount fluctuation screen 2401 when a new service is detected in the process of step 1405 shown in FIG. 14 and the process of step 1510 shown in FIG. The communication data amount fluctuation screen 2401 is a screen that displays a time-series change of the communication data amount for each QoS class.

  The communication control application rule update program 211 refers to the protocol communication control application rule table 213 and collects the attributes of protocols that have the same QoS class. Then, the communication control application rule update program 211 refers to the communication flow table 216 and acquires the total data amount 708 of the communication flow in which the protocol detail attribute 706 matches the protocol attribute of each QoS class. Then, the communication control application rule update program 211 adds up the total data amount 708 acquired in order of the date and time registered in the flow start date and time 703 for each QoS class, calculates the time change of the communication data amount for each QoS class, Display data of the data amount fluctuation screen 2401 is generated.

  When a certain QoS class is selected by the administrator on the communication data amount fluctuation screen 2401, the communication control application rule update program 211 drills down and displays a designated QoS class detail screen 2402 which is a detail screen of the selected QoS class. . In the designated QoS class detail screen 2402, the IP address of the service providing apparatus 108 is displayed on the horizontal axis, and the port number is displayed on the vertical axis. Then, the communication data amount of the QoS class communication flow selected on the communication data amount fluctuation screen 2401 is displayed in a circle at a position where the IP address and port number of the service providing apparatus 108 of the communication flow match. The larger the communication data amount, the larger the circle radius is displayed.

  When the pointer operated by the administrator reaches the position of each circle, detailed information (QoS class, protocol, IP address of the service providing apparatus 108, domain name, etc.) of the communication flow indicated by the circle is displayed.

  When any one of the circles is selected by the administrator, the communication control application rule update program 211 displays a designated communication flow detail screen 2403 that is a detail screen of the selected communication flow. The designated communication flow detail screen 2403 displays the communication data amount for each MIME type of the selected communication flow. Below the designated communication flow details screen 2403, a QoS class change confirmation screen move button 2404 is displayed. When the administrator operates the QoS class change confirmation screen move button 2404, the communication control application rule update program 211 displays a QoS class change confirmation screen 2500 shown in FIG.

  The transition of the screen until the QoS class change confirmation screen 2500 is displayed is not limited to FIG. For example, the screen may change from a screen indicating that the amount of communication data of a specific communication flow has increased to a QoS class change confirmation screen 2500. The display format of each screen is not limited to FIG.

  FIG. 25 is an explanatory diagram of the QoS class change confirmation screen 2500 according to the fourth embodiment. In this example, an example when the protocol is HTTP will be described.

  The QoS class change confirmation screen 2500 includes a protocol display area 2501, a MIME Type display area 2502, an IP address display area 2503, a QoS class display area 2504, an update button 2505, and a cancel button 2506. The MIME Type display area 2502 is an example when the protocol is HTTP, and in other protocols, the value shown in the protocol detailed attribute 403 of the protocol communication control application rule table 213 may be displayed.

  A protocol display area 2501 displays a protocol of a communication flow that becomes a new service. The MIME Type display area 2502 displays a MIME Type of a communication flow that becomes a new service. In the IP address display area 2503, the IP address of the service providing apparatus 108 included in the communication flow as a new service is displayed. In the QoS class display area 2504, a new QoS class applied to the new service and a QoS class currently applied to the new service are displayed.

  When the update button 2505 is operated, the communication control application rule update program 211 updates the protocol communication control application rule table 213 with the content displayed on the QoS class change confirmation screen 2500.

  On the other hand, when the cancel button 2506 is operated, the communication control application rule update program 211 interrupts the update of the protocol communication control application rule table 213.

  The values displayed in the protocol display area 2501, MIME Type display area 2502, IP address display area 2503, and QoS class display area 2504 may be changeable by the administrator. When the values displayed in the protocol display area 2501, MIME Type display area 2502, IP address display area 2503, and QoS class display area 2504 are changed by the administrator and the update button 2505 is operated, the communication control application rule update program 211 may update the protocol communication control application rule table 213 based on the contents changed by the administrator.

  According to the QoS class change confirmation screen 2500 shown in FIG. 25, the administrator can confirm the update contents before the protocol communication control application rule table 213 is updated.

  Next, a modified QoS class confirmation screen 2600 that allows the administrator to confirm the updated contents after the protocol communication control application rule table 213 is updated will be described with reference to FIG.

  FIG. 26 is an explanatory diagram of the changed QoS class confirmation screen 2600 according to the fourth embodiment.

  The changed QoS class confirmation screen 2600 includes a protocol display area 2601, a MIME Type display area 2602, an IP address display area 2603, a QoS class display area 2604, an approval button 2605, and an undo button 2606.

  The protocol display area 2601, MIME Type display area 2602, and IP address display area 2603 are the same as the protocol display area 2501, MIME Type display area 2502, and IP address display area 2503 of the QoS class change confirmation screen 2500 shown in FIG. Since there is, description is abbreviate | omitted.

  In the QoS class display area 2604, a new QoS class applied to the new service and a QoS class before the new QoS class is applied to the new service are displayed.

  When the approval button 2605 is operated, the communication control application rule update program 211 ends the update of the protocol communication control application rule table 213.

  On the other hand, when the return button 2606 is operated, the communication control application rule update program 211 switches the protocol communication control application rule table 213 back to the state before being updated, and the protocol communication control application rule table 213 that has been switched back. Is transmitted to the gateway device 105, and the attribute of the switched protocol communication control application rule table 213 is transmitted to the measuring device 106.

  FIG. 27 is an explanatory diagram of the QoS class change history list screen 2700 according to the fourth embodiment. The QoS class change history list screen 2700 is displayed by the communication control application rule update program 211 when the communication control method management apparatus 104 accepts a predetermined operation by the administrator, for example.

  The QoS class change history list screen 2700 includes a protocol 2701, an IP address 2702, other attributes 2703, an old QoS class 2704, a new QoS class 2705, a change date and time 2706, a switch back date and time 2707, and a switch back 2708.

  Protocol 2701 displays the protocol of the communication flow whose QoS class has been changed. The IP address 2702 displays the IP address of the service providing apparatus 108 included in the communication flow whose QoS class has been changed. In the other attribute 2703, an attribute (for example, MIME Type) other than the protocol of the communication flow whose QoS class is changed and the IP address of the service providing apparatus 108 is displayed.

  In the old QoS class 2704, the QoS class before the change of the communication flow in which the QoS class is changed is displayed. In the new QoS class 2705, the QoS class after the change of the communication flow in which the QoS class is changed is displayed.

  The change date / time 2706 displays the change date / time of the communication flow in which the QoS class is changed. The switch-back date and time 2707 displays the date and time when the communication flow whose QoS class has been changed is restored. In the switch back 2708, an operation button that is operated when returning the communication flow in which the QoS class is changed is displayed.

  The QoS class change history list screen 2700 includes a behavior pattern 2711, an old QoS class 2704, a new QoS class 2705, a change date / time 2706, a switch back date / time 2707, and a switch back 2708. In the behavior pattern 2711, identification information of a behavior pattern whose QoS class has been changed is registered.

  In FIG. 24 to FIG. 26, the case where the administrator's judgment is reflected on the change of the QoS class of the communication flow to which the QoS class is applied based on the protocol type has been described. When reflecting the administrator's judgment regarding the change of the QoS class of the communication flow based on the connection order of the communication flow, the communication control application rule update program 211 displays the behavior communication control application rule table 214 shown in FIG. An administrator's judgment such as updating, canceling, or restoring the QoS class may be accepted. In this case, the communication control application rule update program 211 may change the behavior communication control application rule table 214 based on an instruction from the administrator.

  In addition, although the present Example demonstrated the QoS class of Example 2 as an example, it is applicable also to the communication control method of Example 1. FIG.

  In the present embodiment, the communication control method management apparatus 104 determines a condition for classifying the communication flow to be received in the future into the detected communication flow, and uses a communication control method corresponding to the detected communication flow. After the determination, the administrator is notified of the determined condition and the determined communication control method, and when the approval of the administrator is input, the determined condition and the determined communication control method are controlled by the communication control. It is characterized in that it is registered in the application rule information.

  As a result, the rule can be updated after the manager approves, and the network operation policy of the manager can be reflected in the rule.

  In the present embodiment, the communication control method management apparatus 104 updates the communication control application rule information so as to register the determined condition and the determined communication control method, and then determines the determined condition and the The administrator is notified of the determined communication control method.

  As a result, the updated rule can be notified to the administrator, and the network operation policy of the administrator can be reflected in the rule.

  In the present embodiment, an example will be described in which when a new service is detected, a new QoS class is generated and the generated QoS class is applied to the detected new service.

  As shown in FIG. 22, the QoS class “k + n” and the QoS class “m” are applied to a communication flow for distributing a moving image using HTTP, and the QoS class “k + n” is a moving image communication flow. In the QoS class “m”, the compression control is performed on the communication flow of the moving image distributed from the service providing apparatus 108 whose IP addresses are “aaa” to “eeee”.

  The QoS class determination process when the communication data amount of the communication flow of the QoS class “k + n” increases and the communication control application rule update program 211 detects a communication flow that becomes a new service from the QoS class “k + n” is shown in FIG. 28 will be described.

  FIG. 28 is a flowchart of the QoS class determination process when a new service is detected from the QoS class “k + n” according to the fifth embodiment. In this embodiment, the service provider to be the video compression target is registered in advance in the memory 204 of the communication control method management apparatus 104 with the second level or third level domain name that can identify the service provider. Keep it.

  First, the communication control application rule update program 211 detects a new service from the QoS class “k + n” (2801).

  Next, the communication control application rule update program 211 obtains the domain name of the service provider from the detected IP address of the service providing apparatus 108 for the new service, and the obtained domain name has the priority of the QoS class “k + n”. It is determined whether it is registered as the domain name of the service provider to be controlled by the communication control method “compression” corresponding to the lower QoS class “m” (2802).

  In the process of step 2802, the domain name of the detected service provider of the new service becomes the control target of the communication control method “compression” corresponding to the QoS class “m” having one lower priority of the QoS class “k + n”. If it is determined that it is registered as the domain name of the service provider, the communication control application rule update program 211 determines the QoS class of the new service as the QoS class “m” (2803), and the service of the detected new service The IP address of the providing apparatus 108 is added to the server IP address 2205 corresponding to the QoS class 2201 “m” (that is, the communication control method 2202 is compressed) in the QoS class mapping table 2200, and the QoS class determination process is terminated.

  On the other hand, the communication control method “compression” corresponding to the QoS class “m” whose priority level of the QoS class “k + n” is one lower in the domain name of the detected service provider of the new service in the process of step 2802 is the control target. The communication control application rule update program 211 newly generates a QoS class “k + n ′” and a QoS class that has generated a QoS class for a new service when it is determined that the domain name of the service provider is not registered. “K + n ′” is determined (2804), and the QoS class determination processing is terminated. The priority of the communication control method corresponding to the generated QoS class “k + n ′” includes the priority of the communication control method corresponding to the QoS class “k + n” and the priority of the communication control method corresponding to the QoS class “m”. Between. The communication control method of the QoS class “k + n ′” is the same type of communication control method as the communication control method “band control” corresponding to the QoS class “k + n”.

  The determination result of the communication control method is notified to the administrator, and the administrator may return the QoS class of the new service to “k + n”, or determine the QoS class “m” or the QoS class “k + n ′”. May be.

  FIG. 28 illustrates the case where the communication control method corresponding to the QoS class in which a new service is detected differs from the communication control method of which the communication control method has one lower priority, but these communication control methods are the same. Even in the case of the type, a QoS class corresponding to a communication control method whose priority is between the priorities of these communication control methods may be generated.

  In addition, although the present embodiment has been described by taking the QoS class of the second embodiment as an example, it can also be applied to the communication control method of the first embodiment.

  In the present embodiment, the communication control method includes a first method and a second method having different priorities, and the first method has a higher priority than the second method, and the communication control method management apparatus 104 When the communication control method corresponding to the detected communication flow is the first method, a third method that is a priority between the priority of the first method and the priority of the second method is newly generated. Then, a new communication control method corresponding to the detected communication flow is determined as the third method.

  As a result, it is possible to quickly prevent the influence of the QoS class in which the new service has been detected from affecting other communication data, and to prevent the quality of the QoS class service from being deteriorated. In addition, it is possible to prevent communication control having a lower priority than necessary for the new service from being performed, and to prevent deterioration of the quality of the new service.

  In the first embodiment, the under-evaluation table update process illustrated in FIG. 20 is executed every time the gateway apparatus 105 receives a packet. However, in an actual network, the gateway device 105 may receive the same packet repeatedly, and the order of receiving the packet may be switched.

  In this embodiment, the behavior detection program 814 picks up a packet transmitted / received between the user terminal 102 and the service providing apparatus 108, and applies behavior communication control between the specific user terminal 102A and the service providing apparatus 108. When all packets registered in any of the patterns registered in the rule table 813 are observed, it is determined that the behavior communication control application table 815 matches, and the corresponding communication control method is determined as the communication flow communication control application rule table. 813 is registered.

  Specifically, for example, when the behavior communication control application rule table 214 shown in FIG. 5 is used, a transmission packet in which the IP address of the service providing apparatus 108 is addr11 and the data amount is in the range of d1 to d2, and the data amount Is a range of d3 to d4, and although not shown in FIG. 5, the amount of data is the range of the amount of data described in the second amount of transmission packet data, and the amount of data is the second amount of reception. A received packet that is in the range of the data amount described in the packet data amount, a transmission packet in which the IP address of the service providing apparatus 108 is addr12, a data amount in the range of d5 to d6, and a data amount of d7 to d8. When a received packet that is a range is observed within a predetermined time, it is determined that the received packet matches the pattern 1. At this time, there may be overlapping packets, and the order may be changed. Then, the behavior detection program 814 registers the communication control method corresponding to the IP address, port number, and behavior pattern 1 of the user terminal 102A in the communication flow communication control application rule table 813.

  In addition, the behavior detection program 814 does not follow the communication flow with the service providing apparatus 108 at the packet level, and uses the same method as the processing of step 1505 shown in FIG. 15 for the communication flow with the service providing apparatus 108. Clustering is performed for each of 108 IP addresses. For example, the cluster C1 is a communication flow group with the first service providing apparatus 108, and the cluster C2 is a communication flow group with the second service providing apparatus 108. The behavior detection program 814 may execute the under-evaluation table update process at the timing when the communication flow of each cluster ends.

  According to the present embodiment, the communication flow communication control application rule table indicates the communication control method of the communication flow that matches the behavior communication control application rule table 815 even when packet duplication and packet order change occur. 813 can be registered.

  In addition, this invention is not limited to an above-described Example, Various modifications are included. For example, the above-described embodiments have been described in detail for easy understanding of the present invention, and are not necessarily limited to those having all the configurations described. Also, a part of the configuration of a certain embodiment can be replaced with the configuration of another embodiment, and the configuration of another embodiment can be added to the configuration of a certain embodiment.

  In addition, it is possible to add, delete, and replace other components alone or in combination with respect to a part of the configuration of each embodiment. Each of the above-described configurations, functions, processing units, processing means, and the like may be realized by hardware by designing a part or all of them with, for example, an integrated circuit.

  In addition, each of the above-described configurations, functions, and the like may be realized by software by the processor interpreting and executing a program that realizes each function.

  Information such as programs, tables, and files for realizing each function is stored in a memory, a hard disk, a recording device such as an SSD (Solid State Drive), an IC (Integrated Circuit) card, an SD card, or a DVD (Digital Versatile). Disc).

  Further, the control lines and information lines indicate what is considered necessary for the explanation, and not all the control lines and information lines on the product are necessarily shown. Actually, it may be considered that almost all the components are connected to each other.

101 Communication control system (core network)
DESCRIPTION OF SYMBOLS 102 User terminal 103 Access network 104 Communication control method management apparatus 105 Gateway apparatus 106 Measuring apparatus 107 Internet 108 Service provision apparatus 211 Communication control application rule update program 212 Communication control method list table 213 Protocol communication control application rule table 214 Behavior communication control application rule Table 215 Communication data measurement table 216 Communication flow table 811 Communication control application rule management program 812 Protocol communication control application rule table 813 Communication flow communication control application rule table 814 Behavior detection program 815 Behavior communication control application rule table 816 Under evaluation table

Claims (14)

A communication control system comprising a gateway device and a communication control method management device,
The gateway device is
Connected to a user terminal and a service providing apparatus that provides a service to the user terminal;
Implement communication control on the communication flow between the user terminal and the service providing apparatus, and transfer the communication flow between the user terminal and the service providing apparatus,
The communication control method management device manages a communication control method by the gateway device,
The communication control method management device includes:
The gateway device holds communication control application rule information in which a condition for classifying the communication flow and a communication control method corresponding to the classified communication flow are registered,
Detecting a communication flow that needs to change the communication control method based on a communication amount between the user terminal and the service providing device;
Determining a condition for classifying the communication flow received by the gateway device into the detected communication flow;
Determining a communication control method corresponding to the detected communication flow;
Updating the communication control application rule information to register the determined condition and the determined communication control method;
Notifying the updated communication control application rule information to the gateway device,
The gateway device is
Based on the notified communication control application rule information, classify the communication flow received by the gateway device, determine a communication control method corresponding to the communication flow,
A communication control system that performs communication control of the received communication flow by the determined communication control method. The communication control system according to claim 1,
In the communication control application rule information, the order of connection to the service providing device is registered as a condition for classifying the communication flow,
The communication control method management device includes:
Select a communication flow that satisfies the predetermined amount of communication as a communication control method change communication flow candidate that is a communication flow that may change the communication control method,
The time when the selected communication control method change communication flow candidate is transmitted from the same user terminal as the selected communication control method change communication flow candidate before the predetermined time before the selected communication control method change communication flow candidate is transmitted Select the communication flow sent until the previous communication flow,
Identify the connection order to the service providing device based on the selected immediately preceding communication flow,
When the connection order to the specified service providing apparatus is common to other immediately preceding communication flows, the selected communication control method change communication flow candidate is detected as a communication flow that needs to change the communication control method,
The communication control system, wherein the connection order to the specified service providing device is determined as a condition for classifying the communication flow received by the gateway device into the detected communication flow. The communication control system according to claim 2,
The gateway device is
Detecting a communication flow connected to the service providing apparatus in the order of connection to the service providing apparatus of the notified communication control application rule information;
Refer to the communicated communication control application rule information, determine a communication control method corresponding to the detected communication flow,
Register the identification information of the user terminal included in the detected communication flow and the determined communication control method in the communication flow communication control application rule information,
A communication control method corresponding to the identification information of the user terminal included in the received communication flow and the port number of the received communication flow, with reference to the communication flow communication control application rule information when the communication flow is received; Decide
A communication control system that performs communication control of the received communication flow by the determined communication control method. The communication control system according to claim 3,
The gateway device may match the order of connection of the received communication flow to the service providing device in the notified communication control application rule information and satisfy all connection orders depending on the communication flow to be received in the future. If there is a possibility, the identification information of the condition in which the connection order of the service providing device matches, the identification information of the user terminal included in the received communication flow, and the information of the packet to be transmitted / received next to the information under evaluation A communication control system characterized by registration. The communication control system according to claim 1,
The communication control method includes a plurality of methods with different priorities in which the gateway device transfers the communication flow.
The communication control method management apparatus determines a communication control method having a priority lower than the priority of the communication control method corresponding to the detected communication flow as a new communication control method corresponding to the detected communication flow. A communication control system. The communication control system according to claim 5,
The communication control method includes a first method and a second method having different priorities,
The first method has a higher priority than the second method,
The communication control method management device includes:
When the communication control method corresponding to the detected communication flow is the first method, a third method that is a priority between the priority of the first method and the priority of the second method is newly generated. ,
A communication control system, wherein a new communication control method corresponding to the detected communication flow is determined as the third method. The communication control system according to claim 1,
In the communication control application rule information, the communication type of the communication flow and the attribute for each communication type are registered as conditions for classifying the communication flow,
The communication control method management device includes:
Detecting a communication flow in which the communication amount satisfies a predetermined condition;
The communication control system, wherein the communication type of the detected communication flow and the attribute of the detected communication flow are determined as conditions for classifying the communication flow received by the gateway device into the detected communication flow . The communication control system according to claim 1,
The gateway device is
Has a buffer to temporarily store the received communication flow,
A communication flow in which communication control is performed by the same communication control method is collectively stored in the buffer as the same QoS class,
Based on a communication control method corresponding to the QoS class, a communication flow stored in the buffer is read, and the communication control is performed on the read communication flow. The communication control system according to claim 1,
The communication control method includes a priority order in which the gateway device transfers the communication flow,
The communication control method management device includes:
Acquire the communication flow received by the gateway device,
Clustering the acquired communication flow by a predetermined method,
Holding a communication control method implemented in a communication flow belonging to the clustered cluster;
When detecting a communication flow that needs to change the communication control method, clustering the detected communication flow by the predetermined method,
A communication control system for determining a new communication control method corresponding to the detected communication flow based on a communication control method belonging to a communication flow belonging to the same cluster as the detected communication flow. The communication control system according to claim 1,
The communication control method management device includes:
After determining a condition for classifying the communication flow received by the gateway device into the detected communication flow and determining a communication control method corresponding to the detected communication flow, the determined condition and the determined Notify the administrator of the communication control method,
When the approval of the manager is input, the communication control system, wherein the determined condition and the determined communication control method are registered in the communication control application rule information. The communication control system according to claim 1,
The communication control method management apparatus updates the communication control application rule information to register the determined condition and the determined communication control method, and then determines the determined condition and the determined communication control method as an administrator. The communication control system characterized by notifying to. A communication method in a communication control system having a gateway device and a communication control method management device,
The gateway device is
Connected to a user terminal and a service providing apparatus that provides a service to the user terminal;
Implement communication control on the communication flow between the user terminal and the service providing device, transfer the communication flow,
The communication control method management device manages a communication control method by the gateway device,
The communication control method management device holds communication control application rule information in which a condition for the gateway device to classify the communication flow and a communication control method corresponding to the classified communication flow are registered,
The communication control method includes:
The communication control method management device detects a communication flow that needs to change the communication control method based on a communication amount between the user terminal and the service providing device,
The communication control method management device determines a condition for classifying the communication flow received by the gateway device into the detected communication flow;
The communication control method management device determines a communication control method corresponding to the detected communication flow;
The communication control method management apparatus updates the communication control application rule information so as to register the determined condition and the determined communication control method. The communication method according to claim 12, comprising:
The communication control method management device notifies the updated communication control application rule information to the gateway device,
The gateway device classifies the communication flow received by the gateway device based on the notified communication control application rule information, and determines a communication control method corresponding to the communication flow,
The communication method, wherein the gateway device performs communication control of the received communication flow by the determined communication control method. A gateway device that transfers a communication flow between a user terminal and a service providing device that provides a service to the user terminal,
The gateway device is
Implement communication control of the communication flow,
Connected to a communication control method management device for managing the communication control method,
The communication control method management device includes:
The gateway device holds communication control application rule information in which a condition for classifying the communication flow and a communication control method corresponding to the classified communication flow are registered,
Detecting a communication flow that needs to change the communication control method based on a communication amount between the user terminal and the service providing device;
Determining a condition for classifying the communication flow received by the gateway device into the detected communication flow;
Determining a communication control method corresponding to the detected communication flow;
Updating the communication control application rule information to register the determined condition and the determined communication control method;
Notifying the updated communication control application rule information to the gateway device,
The gateway device is
Based on the notified communication control application rule information, classify the communication flow received by the gateway device, determine a communication control method corresponding to the communication flow,
A gateway apparatus, wherein communication control of the received communication flow is performed by the determined communication control method.

Images