JP2016178530A - Communication system, communication terminal, communication method, and program - Google Patents

Abstract

PROBLEM TO BE SOLVED: To also allow a communication terminal to use a communication network other than a communication network to which a physical IF provided in the communication terminal is connected.SOLUTION: A communication system includes a communication terminal (10) and a switch (20). The communication terminal (10) includes a controller unit (11), a first physical IF (12-1) connected to the switch (20), and communication applications (#1 to #N). The switch (20) includes a first switch unit (21), a second physical IF (22-1) connected to the communication terminal (10), and third physical IFs (22-2 to 22-3). The controller unit (11) sets a processing content when receiving a packet generated in each communication application (#1 to #N) to the first switch unit (21). The first switch part (21), on receiving the packet generated in each communication application (#1 to #N), processes the packet according to the processing content set by the controller unit (11).SELECTED DRAWING: Figure 1

Description

  The present invention relates to a communication system, a communication terminal, a communication method, and a program, and more particularly, to a communication system, a communication terminal, a communication method, and a program for processing a packet generated in a communication application.

  In recent years, a centralized control type network architecture has been proposed. As an example of a centralized control type network architecture, there is a technology called OpenFlow. OpenFlow is realized by an OpenFlow Controller and an OpenFlow Switch.

  The OpenFlow controller sets the processing content (transmission, discard without sending) of the packet received by the OpenFlow switch in the OpenFlow switch. When the OpenFlow switch receives a packet, if the processing content of the packet is set by the OpenFlow controller, the OpenFlow switch processes the packet according to the processing content.

  Here, as an implementation mode of OpenFlow, there is an embodiment in which an OpenFlow switch is mounted on a communication terminal, and an OpenFlow controller on the network controls the OpenFlow switch on the communication terminal (sets the processing contents of the received packet). . Recently, a method for autonomously controlling a plurality of wireless communications mounted on a communication terminal by mounting both an OpenFlow controller and an OpenFlow switch on a single communication terminal has been proposed ( Non-patent document 1). According to Non-Patent Document 1, for example, for a packet (flow) generated in a communication application of a communication terminal, the open flow controller of the same communication terminal sets the processing content. Thereby, it is possible to improve the scalability of control by the open flow controller. According to Non-Patent Document 1, a flow is identified by a communication application of a communication terminal, and flow control is performed for each communication application. Specifically, for each communication application, a communication network used for transmission of packets generated by the communication application is set.

Takahiro Iiboshi, Yoshikazu Watanabe, Gen Morita, Yoshinori Saita, Shuichi Kano, “Scalability improvement method and implementation of mobile terminal communication control by OpenFlow”, IEICE Technical Report, The Institute of Electronics, Information and Communication Engineers, Vol. 112, no. 463 (NS2012 165-289), pp. 477-482, February 28, 2013

According to Non-Patent Document 1, the OpenFlow controller of the same communication terminal can set the processing content for a packet (flow) generated by the communication application of the communication terminal. At this time, for each communication application, it is possible to set a communication network used for transmission of a packet generated by the communication application.
However, a communication network that can be used by a communication terminal is only a communication network to which a physical IF (Interface) included in the communication terminal is connected. Further, the number of physical IFs provided in the communication terminal is limited.
Therefore, there is a problem that the communication terminal can use only a limited number of communication networks to which the physical IF provided in the communication terminal is connected.

  Therefore, one of the objects of the present invention is to solve the above-described problems, and a communication system, a communication terminal, and a communication terminal that can use a communication network other than a communication network to which a physical IF included in the communication terminal is connected, To provide a communication method and program.

  In one aspect, a communication system includes a communication terminal and a switch. The communication terminal includes a controller unit, a first physical interface connected to the switch, and a communication application. The switch includes a first switch unit, a second physical interface connected to the communication terminal, and a third physical interface other than the second physical interface. The controller unit determines a processing content of the packet when the first switch unit receives a packet generated by the communication application, and sets the determined processing content of the packet in the first switch unit. When the first switch unit receives a packet generated by the communication application, the first switch unit processes the packet according to the processing content set by the controller unit.

  In one aspect, the communication terminal includes a controller unit, a first physical interface connected to an external switch, and a communication application. The controller unit determines a processing content of the packet when the switch generates a packet generated by the communication application, and sets the determined processing content of the packet in the switch.

  In one aspect, the communication method is a communication method by a communication terminal including a controller unit, a first physical interface connected to an external switch, and a communication application. In the communication method, the controller unit determines a processing content of the packet when the switch generates a packet generated by the communication application, and the controller unit determines the processing content of the determined packet. Set to.

  In one aspect, the program is a program for causing a communication terminal including a controller unit, a first physical interface connected to an external switch, and a communication application to execute. The program includes a step of determining, in the communication terminal, a procedure for determining processing contents of the packet when the controller unit receives a packet generated by the communication application by the switch, and the controller unit determines the packet And a procedure for setting the processing content in the switch.

  According to the aspect described above, the communication terminal can use the communication network to which the third physical interface provided in the switch is connected in addition to the communication network to which the first physical interface provided in the communication terminal is connected. Is obtained.

1 is a diagram illustrating a configuration example of a communication system according to a first embodiment. It is a figure which shows the structural example of the communication system of Embodiment 2. FIG. FIG. 10 is a sequence diagram illustrating an example of the overall operation of the communication system according to the second embodiment. FIG. 10 is a flowchart illustrating an operation example of a controller unit according to the second embodiment. FIG. 10 is a diagram illustrating a specific example of the operation of the controller unit of the second embodiment. It is a figure which shows the structural example of the communication system of Embodiment 3. FIG. FIG. 10 is a flowchart illustrating an operation example of a controller unit according to the third embodiment. FIG. 10 is a diagram illustrating a specific example of the operation of the controller unit of the third embodiment. It is a figure which shows the operation example of the controller part of other embodiment.

Hereinafter, embodiments of the present invention will be described with reference to the drawings. In each drawing described below, “application” is abbreviated as “application”.
(1) Embodiment 1
FIG. 1 shows a configuration example of a communication system according to the present embodiment. Referring to FIG. 1, the communication system of this embodiment includes a communication terminal 10 and a switch 20. Further, the communication terminal 10 includes a controller unit 11, a physical IF 12-1, and communication applications # 1 to #N (N is a natural number of 2 or more). The switch 20 includes a switch unit 21 and physical IFs 22-1 to 22-3.

  The physical IF 12-1 is a first physical interface connected to the physical IF 22-1 of the switch 20. The physical IF 22-1 is a second physical interface connected to the physical IF 12-1 of the communication terminal 10. The physical IFs 22-2 to 22-3 are third physical interfaces connected to devices (not shown), servers, and the like. Note that the number of the first physical IF, the second physical IF, and the third physical IF may all be one or more.

  The communication applications # 1 to #N are applications that require packet communication with a device, a server, or the like (not shown) outside the communication terminal 10, such as a web browser, an application for browsing a video, news, An application for browsing a map. Note that the number of communication applications may be one or more. In addition, the communication applications # 1 to #N are executed by an unillustrated CPU (Central Processing Unit) as an execution unit.

  The controller unit 11 has an OpenFlow controller function. The controller unit 11 determines the processing content (for example, sending to a specific communication network, discarding without sending, etc.) when the packet generated by the communication applications # 1 to #N is received by the switch unit 21 The determined processing content is set in the switch unit 21.

  The switch unit 21 is a first switch unit having the function of an open flow switch. When the switch unit 21 receives a packet generated by the communication applications # 1 to #N, if the processing content of the packet is set by the controller unit 11, the switch unit 21 processes the packet according to the processing content.

  As described above, in the present embodiment, the communication terminal 10 includes the controller unit 11 and communication applications # 1 to #N, and is configured to externally connect the switch unit 21 included in the switch 20. And the controller part 11 of the communication terminal 10 sets the processing content of the packet which generate | occur | produced by communication application # 1- # N with respect to the external switch part 21. FIG. Therefore, the communication terminal 10 can use a communication network to which the physical IFs 22-2 to 22-3 included in the switch 20 are connected in addition to the communication network to which the physical IF 12-1 included in the communication terminal 10 is connected. .

  In the present embodiment, the switch unit 21 having the function of the open flow switch is provided in the switch 20 outside the communication terminal 10, but a switch unit having the same function may be additionally provided in the communication terminal 10. good.

(2) Embodiment 2
The present embodiment is an example in which the configuration and operation of the first embodiment are more specific. FIG. 2 shows a configuration example of the communication system of the present embodiment. Referring to FIG. 2, in the communication system of the present embodiment, the communication terminal 10 is assumed to be a terminal equipped with only Linux (registered trademark) as an OS (Operating System), and TCP / IP (Transmission Control Protocol / Internet Protocol). An additional stack 13 is provided. The TCP / IP stack 13 is a protocol stack that performs TCP / IP protocol processing. As a result, the communication applications # 1 to #N can transfer packets by TCP / IP between servers as communication destinations via the physical IF 12-1. Since the TCP / IP stack 13 is a well-known technique described in Non-Patent Document 1, detailed description thereof is omitted.

  In the present embodiment, the physical IF 12-1 and the physical IFs 22-1 to 22-3 are more specific. The physical IF 12-1 and the physical IFs 222-1 to 22-2 are connected to the Ethernet (registered trademark), and the physical IF 22-3 is connected to the cellular network. The IP addresses of the physical IF 12-1 and the physical IFs 22-1 to 22-3 are “A”, “E”, “F”, and “G”, respectively.

  Further, in this embodiment, flow control is performed for each communication application # 1 to #N, and a communication network used for transmission of packets generated by the communication application is set for each communication application # 1 to #N. Keep it. When a packet (flow) is generated, the communication application in which the packet is generated is specified, and the packet is transmitted using a communication network set for the specified communication application.

Hereinafter, the operation of the communication system of this embodiment will be described.
First, the overall operation of the communication system will be described with reference to FIG.

  First, a control policy for each communication application # 1 to #N is set in the controller unit 11 (step A1). Here, for example, it is assumed that “send to cellular network” is set as the control policy of communication application # 1.

  Here, it is assumed that a packet (flow) is generated in the communication application # 1 (step A2). Then, the packet is transmitted from the communication application # 1 to the switch unit 21.

  When the switch unit 21 receives a packet from the communication application # 1, the switch unit 21 determines whether the processing content of the packet is set by the controller unit 11. Here, it is assumed that it is not set. Therefore, the switch unit 21 displays flow information (representing a transmission source IP address, a transmission destination IP address, a transmission source port number, a transmission destination port number, and the like of the packet) related to a flow formed by the packet received from the communication application # 1. The packet is sent to the controller unit 11 using a Packet_in message (step A3). The flow information is described in the header field of the packet and can be the packet itself.

  When the controller unit 11 receives flow information from the switch unit 21 using a Packet_in message, the controller unit 11 stores the flow information in a temporary file (/ proc / net / tcp (6) of socket information related to the socket used by the Linux (registered trademark) OS. ), / proc / net / udp (6)). The temporary file includes an inode number (identification number) of a socket, flow information about a flow that uses the socket (a source IP address, a destination IP address, a source port number, and a destination port number of a packet constituting the flow). , Etc.), user ID (uid), etc. When the flow information received by the Packet_in message is searched from the temporary file, the controller unit 11 specifies the inode number of the socket used for the flow corresponding to the searched flow information. Next, the controller unit 11 uses the Linux (registered trademark) lsof command or the like to search for the process number of the process using the socket of the inode number by searching using the specified inode number as a key. To do. Next, the controller unit 11 acquires a list representing a list of processes currently being executed from the OS, using a Linux (registered trademark) ps command or the like. This list is a list indicating the process number of the process, the application name of the communication application that executes the process, and the like for each process currently being executed. And the controller part 11 specifies the communication application which is performing the process of the process number specified above with reference to this list (step A3). Here, it is specified as communication application # 1. In step A1, “send to cellular network” is set as the control policy of communication application # 1. Therefore, based on the control policy of the communication application # 1, the controller unit 11 sets the processing content of the packet constituting the flow corresponding to the flow information received by the Packet_in message received from the switch unit 21 to “send to cellular network”. decide. Then, the controller unit 11 transmits the packet processing content “transmit to cellular network” to the switch unit 21 using the Flow_mod message (step A5).

  When the switch unit 21 receives the processing content “send to cellular network” from the controller unit 11 as a Flow_mod message, the switch unit 21 sets the processing content in a flow table (not shown) in the switch unit 21. Therefore, the packet received from the communication application # 1 is transmitted to the switch unit 21 from the physical IF 22-3 to the cellular network according to the processing content “transmit to cellular network” of the packet received from the communication application # 1 (step A6). ). In addition, when the switch unit 21 subsequently receives a packet from the communication application # 1, the switch unit 21 transmits the packet received from the communication application # 1 to the cellular network from the physical IF 22-3 without transmitting the Packet_in message to the controller unit 11. Send to.

Next, an operation when the controller unit 11 receives a Packet_in message from the switch unit 21 will be described with reference to FIGS. 4 and 5.
Referring to FIG. 4, when the controller unit 11 receives flow information from the switch unit 21 using a Packet_in message (step B1), the controller unit 11 receives a temporary file (/ proc of socket information related to the socket used by the Linux OS). (/ net / tcp (6), / proc / net / udp (6)) is referenced (step B2). And the controller part 11 searches the flow information received with the Packet_in message from the temporary file of socket information (step B3).

  When the flow information is searched in step B3 (Yes in step B3), the controller unit 11 specifies the inode number of the socket used for the flow corresponding to the searched flow information (step B4).

  The processing so far will be specifically described with reference to FIG. Referring to FIG. 5, the flow information received by the Packet_in message represents the transmission source IP address, transmission destination IP address, transmission source port number, and transmission destination port number of the packets constituting the flow. The temporary file of socket information represents the same flow information as the flow information received by the Packet_in message and the inode number of the socket used for the flow corresponding to the flow information. Here, in FIG. 5, the flow information received by the Packet_in message matches the flow information of the third entry from the top of the temporary file of socket information. Therefore, the controller unit 11 searches for the entry in step B3, and specifies the inode number “300” of the entry in step B4. Note that the destination IP address of the flow information in FIG. 5 is the IP of a server, a device, etc. (not shown) to which the physical IFs 22-3 and 22-3 of the switch 20 are respectively connected via Ethernet (registered trademark) or a cellular network. Address.

  Referring to FIG. 4 again, next, the controller unit 11 uses the Linux (registered trademark) lsof command or the like to search for the inode number identified in step B4 by searching using the identified inode number as a key. The process number of the process using the socket is specified (step B5).

  Next, the controller unit 11 uses the Linux (registered trademark) ps command or the like to acquire a list representing a list of processes currently being executed from the OS, and specifies the list in step B5 with reference to this list. The application name of the communication application that is executing the process of the process number is specified (step B6).

  Next, the controller unit 11 determines whether or not the control policy for the communication application with the application name specified in step B6 is set (step B7).

  In step B7, when the control policy is set (Yes in step B7), the controller unit 11 transmits the processing content according to the set control policy to the switch unit 21 using the Flow_mod message ( Step B8).

  If the flow information is not searched in Step B3 (No in Step B3), or if no control policy is set in Step B7 (No in Step B7), the controller unit 11 sets the processing contents to Drop ( The processing content “Drop” is transmitted to the switch unit 21 using the Flow_mod message (step B9).

  As described above, in the present embodiment, as in the first embodiment, the communication terminal 10 includes the controller unit 11 and communication applications # 1 to #N and is configured to externally connect the switch unit 21 included in the switch 20. . And the controller part 11 of the communication terminal 10 sets the processing content of the packet which generate | occur | produced by communication application # 1- # N with respect to the external switch part 21. FIG. Therefore, the communication terminal 10 may use, for example, a cellular network to which the physical IF 22-3 included in the switch 20 is connected, in addition to the Ethernet (registered trademark) to which the physical IF 12-1 included in the communication terminal 10 is connected. it can.

(3) Embodiment 3
In the present embodiment, similarly to the second embodiment, the communication terminal 10 externally connects a switch unit included in the switch 20. However, this embodiment differs from the second embodiment in that the communication terminal 10 also includes a switch unit and uses both the switch unit of the communication terminal 10 and the switch unit of the switch 20.

  FIG. 6 shows a configuration example of the communication system of the present embodiment. Referring to FIG. 6, the communication system according to the present embodiment is different from the second embodiment in the configuration of the communication terminal 10. That is, the communication terminal 10 adds a switch unit 14 and a physical IF 12-2 as compared with the second embodiment. The switch unit 14 is a second switch unit having an OpenFlow switch function, and is arranged between the controller unit 11 and the physical IFs 12-1 to 12-2. The controller unit 11 transmits the packet generated by the communication applications # 1 to #N to the switch unit 14 when the switch unit 14 receives the processing contents of the packet (for example, transmission to the Ethernet (registered trademark)) (Discard without setting). When receiving the packet generated by the communication applications # 1 to #N, the switch unit 14 processes the packet according to the processing content if the processing content of the packet is set by the controller unit 11. The physical IF 12-1 is connected to the Ethernet (registered trademark) communication network, and the physical IF 12-2 is connected to the WiFi (Wireless Fidelity) (registered trademark) network. The IP addresses of the switch unit 14 and the physical IFs 12-1 to 12-2 are “A”, “B”, and “C”, respectively. Note that the configuration of the switch 20 is the same as that of the second embodiment, and a description thereof will be omitted.

  In the present embodiment, both the switch unit 14 of the communication terminal 10 and the switch unit 21 of the switch 20 can be used. However, the switch unit 21 of the switch 20 has a problem that the flow control cannot be performed for each of the communication applications # 1 to #N. The reason will be described below.

  In the case of the configuration of this embodiment, the IP address of the switch unit 14 is set as the source IP address of the temporary file of the socket information in the communication terminal 10. On the other hand, when a packet is transmitted from the communication terminal 10 to the switch 20, the IP address of the physical IF 12-1 is set as the transmission source IP address of the packet. For this reason, the IP address of the physical IF 12-1 is set as the transmission source IP address of the flow information received by the controller unit 11 from the switch unit 21 using the Packet_in message. Therefore, even if the controller unit 11 retrieves the flow information received from the switch unit 21 from the temporary file of socket information in the communication terminal 10, it cannot retrieve the corresponding flow information.

  Therefore, in the present embodiment, when the controller unit 11 searches the flow information received from the switch unit 21 from the socket information temporary file in the communication terminal 10, it internally sends the source IP address of the socket information temporary file. Is replaced with the IP address of the physical IF 12-1 set in the packet transmitted to the switch 20 by the physical IF 12-1.

Hereinafter, the operation of the communication system of this embodiment will be described.
However, the overall operation of the communication system is the same as that in FIG. 3 except that the communication between the controller unit 11 and the switch unit 21 passes through the switch unit 14, and thus the description thereof is omitted.
Therefore, hereinafter, an operation when the controller unit 11 receives a Packet_in message from the switch unit 21 will be described with reference to FIGS. 7 and 8.

  Referring to FIG. 7, when the controller unit 11 receives flow information from the switch unit 21 using a Packet_in message (step C1), a temporary file (/ proc of socket information related to sockets used by the Linux (registered trademark) OS is received. Reference is made to / net / tcp (6), / proc / net / udp (6)) (step C2). Next, the controller unit 11 internally replaces the source (src) IP address of the temporary file of socket information for search. Specifically, the controller unit 11 replaces the source IP address of the temporary file of the socket information with the IP address of the physical IF 12-1 set in the packet that the physical IF 12-1 transmits to the switch 20 (step C3). . In this state, the controller unit 11 searches for the flow information received by the Packet_in message from the temporary file of socket information (step C4).

  When the flow information is searched in Step C4 (Yes in Step C4), the controller unit 11 specifies the inode number of the socket used for the flow corresponding to the searched flow information (Step C5).

  The processing so far will be specifically described with reference to FIG. Referring to FIG. 8, the source IP address of the flow information received by the Packet_in message from the switch unit 21 is the IP address of the physical IF 12-1. On the other hand, the source IP address of the temporary file of socket information is the IP address of the switch unit 14 of the communication terminal 10. Therefore, in this state, the flow information received by the Packet_in message is not searched from the temporary file of socket information. Therefore, in step C3, the controller unit 11 replaces the transmission source IP address of the temporary file of the socket information with the IP address of the physical IF 12-1 set in the packet that the physical IF 12-1 transmits to the switch 20. In this state, the flow information received by the Packet_in message matches the flow information of the third entry from the top of the temporary file of socket information. Therefore, the controller unit 11 searches for the entry in step C4, and specifies the inode number “300” of the entry in step C5.

8 and subsequent steps C6 to C10 are the same as the operations of steps B5 to B9 in FIG.
The operation when the controller unit 11 receives the Packet_in message from the switch unit 14 is the same as that shown in FIG.

  As described above, in the present embodiment, as in the second embodiment, the communication terminal 10 includes the controller unit 11 and communication applications # 1 to #N and is configured to externally connect the switch unit 21 included in the switch 20. . And the controller part 11 of the communication terminal 10 sets the processing content of the packet which generate | occur | produced by communication application # 1- # N with respect to the external switch part 21. FIG. Therefore, the communication terminal 10 is connected to, for example, the physical IF 22-3 included in the switch 20 in addition to the Ethernet (registered trademark) and the WiFi network to which the physical IFs 12-1 and 12-2 included in the communication terminal 10 are respectively connected. A cellular network can be used.

  In the present embodiment, the communication terminal 10 also includes the switch unit 14, and both the switch unit 14 of the communication terminal 10 and the switch unit 21 of the switch 20 can be used. In addition, when the controller unit 11 of the communication terminal 10 receives the Packet_in message from the switch unit 21 of the switch 20, the transmission source IP address of the temporary file of the socket information and the packet are transmitted from the communication terminal 10 to the switch 20. At this time, the flow information received by the Packet_in message is searched from the temporary file in a form in which the packet is replaced with the IP address of the physical IF 12-1 set by the physical IF 12-1. As a result, the flow information can be retrieved from the temporary file of the socket information, so that the flow control for each of the communication applications # 1 to #N can be performed on the switch unit 21 of the switch 20 as well.

  In addition, this invention is not limited to the said embodiment, It is possible to change suitably in the range which does not deviate from the meaning.

  For example, as shown in FIG. 9, let us consider a case where the communication terminal 10 is not only externally connected to the switch 20 but also externally connected to another device (hereinafter referred to as an external connection device) 30. Here, the IP address of the physical IF 22-1 on the communication terminal 10 side of the switch 20 is assumed to be “E”. Further, the IP address of the physical IF 12-1 on the switch 20 side of the communication terminal 10 is “B”, and the IP address of the physical IF 12-2 on the external connection device 30 side is “C”. Further, the IP address of the physical IF on the communication terminal 10 side of the external connection device 30 is set to “H”. The communication network between the switch 20 and the communication terminal 10 and the communication network between the communication terminal 10 and the external connection device 30 are the same communication network (for example, Ethernet (registered trademark)). In this case, the IP address (= B) of the physical IF 12-1 on the switch 20 side of the communication terminal 10 is set as the transmission source (scr) IP address of the packet that the switch 20 receives from the communication terminal 10. However, the IP address (= H) of the physical IF on the communication terminal 10 side of the external connection device 30 is set as the transmission source IP address of the packet that the switch 20 receives from the external connection device 30 via the communication terminal 10. The

  Therefore, in the third embodiment, the controller unit 11 of the communication terminal 10 determines that the source IP address of the flow information received by the Packet_in message is “B” (that is, the IP address set by the physical IF 12-1 of the communication terminal 10 in the packet). ), The subsequent processing of the third embodiment may be performed. Specifically, in FIG. 7, the controller unit 11 of the communication terminal 10 proceeds to step C2 if the source IP address of the flow information received by the Packet_in message is “B” in step C1. On the other hand, if it is not “B”, the controller unit 11 does not proceed to step C2, but determines the processing contents of the packet constituting the flow corresponding to the flow information, and returns a Flow_mod message.

  In the third embodiment, the controller unit 11 replaces the source IP address of the temporary file of the socket information with the IP address of the physical IF 12-1 set in the packet that the physical IF 12-1 transmits to the switch 20, In this state, the controller unit 11 retrieves the flow information received by the Packet_in message from the socket information temporary file. However, as another method, when the controller unit 11 receives the flow information from the switch unit 21 using the Packet_in message, the controller unit 11 rewrites the source IP address, which is the flow information included in the Packet_in message, to “A”. A similar search can be performed by comparing with a temporary file of information.

  In the third embodiment, it is assumed that the physical IF 12-1 of the communication terminal 10 updates the header field of the IP address of the packet and transmits the packet to the switch 20, and only the difference of the transmission source IP address. It was described with reference to. However, there may be a case where the physical IF 12-1 of the communication terminal 10 updates other header fields such as the port number of the packet and transmits the packet to the switch 20. Even in such a case, the controller 11 of the communication terminal 10 searches for a temporary file of socket information in accordance with the updated contents of the header field, so that the communication application can be specified. For example, when the physical IF 12-1 of the communication terminal 10 updates the header field of the port number of the packet, the source port number of the temporary file of the socket information is set to the port number set in the packet by the physical IF 12-1. Search after replacing.

  In the third embodiment, for the purpose of specifying the communication application in which the flow has occurred, the search is performed after replacing the contents of the temporary file of the socket information with the contents before the update. It is also applicable for the purpose of. Other purposes include, for example, the purpose of identifying the user (uid) that sent the packet.

  In the second and third embodiments, when the flow information received by the Packet_in message is searched from the temporary file of the socket information, it is determined whether all the contents of the flow information match, but the transmission source (scr) port You may judge only by whether the numbers match. This is because the source (scr) port numbers do not overlap when a plurality of communication application flows occur simultaneously.

  The processing in the communication terminal 10 may be realized by causing a CPU (Central Processing Unit) to execute a computer program. The program may be stored using various types of non-transitory computer readable media and supplied to a computer. Non-transitory computer readable media include various types of tangible storage media. Examples of non-transitory computer-readable media are magnetic recording media (for example, flexible disks, magnetic tapes, hard disk drives), magneto-optical recording media (for example, magneto-optical disks), CD-ROMs (Compact Disk-Read Only Memory). CD-R (CD-Recordable), CD-R / W (CD-ReWritable), semiconductor memory (for example, mask ROM, PROM (Programmable ROM), EPROM (Erasable PROM), flash ROM, RAM (random access memory) )including. Further, the program may be supplied to the computer by various types of temporary computer readable media. Examples of transitory computer readable media include electrical signals, optical signals, and electromagnetic waves. The temporary computer-readable medium can supply the program to the computer via a wired communication path such as an electric wire and an optical fiber, or a wireless communication path.

DESCRIPTION OF SYMBOLS 10 Communication terminal 11 Controller part 12-1 to 12-2 Physical IF
13 TCP / IP stack 14 Switch unit 20 Switch 21 Switch unit 22-1 to 22-3 Physical IF
# 1 to #N Communication application

Claims (9)

A communication terminal;
A switch,
The communication terminal is
A controller section;
A first physical interface connected to the switch;
A communication application,
The switch is
A first switch part;
A second physical interface connected to the communication terminal;
A third physical interface other than the second physical interface,
The controller unit is
Determining the processing content of the packet when the first switch unit receives a packet generated in the communication application, and setting the determined processing content of the packet in the first switch unit;
The first switch unit includes:
A communication system that, when receiving a packet generated by the communication application, processes the packet according to the processing content set by the controller unit. The communication terminal is
A second switch unit disposed between the controller unit and the first physical interface;
The controller unit is
Determining the processing content of the packet when the second switch unit receives a packet generated in the communication application, and setting the determined processing content of the packet in the second switch unit;
The second switch unit is
The communication system according to claim 1, wherein when a packet generated by the communication application is received, the packet is processed according to a processing content set by the controller unit. The controller unit is
When the flow information indicating the source IP address, destination IP address, source port number, destination port number of the packet received by the first switch unit is received from the first switch unit, Refer to the socket information indicating the identification number of the socket and the flow information regarding the packets constituting the flow using the socket,
After replacing the source IP address or source port number of the flow information in the socket information with the source IP address or source port number set in the packet transmitted by the first physical interface to the first switch unit Then, the flow information received from the first switch unit is retrieved from the socket information,
Identify the socket identification number used in the flow corresponding to the flow information retrieved from the socket information,
Using the identification number of the specified socket as a key, specify the process number of the process using the socket,
Communication for executing the specified process with reference to a list representing the process number of the process and the application name of the communication application executing the process for each process currently executed in the communication terminal Identify the application,
Determine the processing content of the packet according to the identified communication application,
The communication system according to claim 2, wherein the processing content of the determined packet is set in the first switch unit. The controller unit is
When the source IP address of the flow information received from the first switch unit is an IP address set in the packet transmitted from the first physical interface to the first switch unit, the communication application in which the packet has occurred is specified. 4. The communication system according to claim 3, wherein the processing content of the packet is determined according to the specified communication application, and the determined processing content of the packet is set in the first switch unit. The controller unit is
When the flow information indicating the source IP address, destination IP address, source port number, destination port number of the packet received by the first switch unit is received from the first switch unit, Refer to the socket information indicating the identification number of the socket and the flow information regarding the packets constituting the flow using the socket,
Search the flow information received from the first switch unit from the socket information,
Identify the socket identification number used in the flow corresponding to the flow information retrieved from the socket information,
Using the identification number of the specified socket as a key, specify the process number of the process using the socket,
Communication for executing the specified process with reference to a list representing the process number of the process and the application name of the communication application executing the process for each process currently executed in the communication terminal Identify the application,
Determine the processing content of the packet according to the identified communication application,
The communication system according to claim 1, wherein the determined processing content of the packet is set in the first switch unit. The controller unit is
The flow information received from the first switch unit is searched for flow information that matches the source port number when searching the flow information received from the first switch unit from the socket information. The communication system according to any one of the above. A controller section;
A first physical interface connected to an external switch;
A communication application,
The controller unit is
A communication terminal that determines a processing content of the packet when the switch generates a packet generated by the communication application, and sets the processing content of the determined packet in the switch. A communication method comprising a controller unit, a first physical interface connected to an external switch, and a communication application.
The controller unit determines the processing contents of the packet when the switch receives a packet generated by the communication application,
The communication method, wherein the controller unit sets the processing content of the determined packet in the switch. In a communication terminal comprising a controller unit, a first physical interface connected to an external switch, and a communication application,
A procedure for determining processing contents of the packet when the controller unit receives a packet generated by the communication application at the switch;
A program for causing the controller unit to execute a procedure for setting the processing content of the determined packet in the switch.

Images