JP5818362B2 - Network system, network management device, network management program, and network management method - Google Patents

Description

  The present invention relates to a network system, a network management device, a network management program, and a network management method.

  2. Description of the Related Art Conventionally, construction of a home network (HNW: Home Network) in which IP (Internet Protocol) devices such as PCs and non-IP (Internet Protocol) devices such as home appliances and sensor devices are connected is popular in user homes. . Such an HNW is a LAN (Local Area Network) in the same segment, so that UPnP (Universal Plug and Play) for discovering a connected device by IP broadcast or IP multicast, DLNA (Digital Living Network Alliance), ECHONET, ECHONET Lite , Bonjour, etc. can be easily applied.

  For example, when a device that complies with the above-mentioned standard is connected to the HNW, it is possible to automatically discover the connected device, the service that the device can provide, and the interconnection between devices on the HNW. Therefore, it is possible to greatly reduce the burden on the user related to connection settings of various devices connected to the HNW.

  Further, in recent years, HGW (Home Gateway) is used to realize a new service in HNW. For example, the HGW incorporates a control program using OSGi (Open Services Gateway initiative) to realize a service for controlling home appliances and sensor devices on the HNW. As a result, the user or service provider can remotely control the device on the HNW.

  However, as described above, as the services provided to the HNW become higher performance and higher functions, and as the number of services provided increases, the hardware / software performance and function requirements required for the HGW are increased. Conditions increase. Here, when the configuration of the HGW is housed in a single housing and installed in the user's home, when the above-described requirement increases, the user needs to replace the HGW with a specification that satisfies the requirement. There is a great burden on the user.

  Therefore, in recent years, processing and control of non-IP devices (for example, home appliances and sensor devices) in the HNW are not performed by the HGW in the user's home, but protocol conversion is performed on the cloud side connected via the Internet. Technology is known. With this configuration, the technology can easily expand resources related to the functions and performance of the HGW provided to the HNW, and can provide various services to the HNW.

Eiichiro Takahashi, Ryuichi Matsukura, Jun Tsunoda “Smart sensing platform to realize cloud-oriented home ICT service”, IEICE Technical Report ICM2011-10 (2011-07)

  However, in the conventional technology described above, there are cases where the user cannot sufficiently use the HNW.

  Therefore, the technology according to the present application has been made in view of the above-described problems of the prior art, and a network system, a network management device, a network management program, and network management that enable a user to fully use the HNW It aims to provide a method.

  In order to solve the above-described problems and achieve the object, a network system according to the present application is included in a first device included in the first network and a second network that is L2 connected to the first network. A network system including a second device, wherein the first device includes an address management unit that manages IP addresses in the first network and the second network, and the second device includes: A communication confirmation unit that confirms communication between the first network and the second network; an address management proxy unit that manages an IP address in the second network instead of the address management unit; When the communication disconnection between the first network and the second network is detected by the communication confirmation unit, When the IP address in the second network is managed by the address management proxy unit, and the communication confirmation unit detects recovery of communication between the first network and the second network, the address management unit And an address management control unit for terminating the management of the IP address by the proxy unit.

  The network system, network management device, network management program, and network management method according to the present application allow the user to fully use the HNW.

FIG. 1 is a diagram illustrating an example of a configuration of a home gateway virtualization system according to the first embodiment. FIG. 2 is a diagram illustrating an example of the configuration of the L2 termination device according to the first embodiment. FIG. 3 is a diagram illustrating an example of the configuration of the reception-side L2 termination device according to the first embodiment. FIG. 4 is a diagram illustrating an example of the configuration of the virtual HGW according to the first embodiment. FIG. 5 is a diagram illustrating an example of a configuration of the home gateway virtualization system according to the second embodiment. FIG. 6 is a diagram for explaining an assumed case of IP address management according to the third embodiment. FIG. 7 is a diagram illustrating an example of the configuration of the L2 termination device according to the third embodiment. FIG. 8 is a diagram illustrating an example of the configuration of the receiving-side L2 termination device according to the third embodiment. FIG. 9 is a diagram illustrating an example of the configuration of the virtual HGW according to the third embodiment. FIG. 10 is a sequence diagram for explaining a basic procedure of address management according to the third embodiment. FIG. 11 is a diagram illustrating an example of a configuration of a home gateway virtualization system according to the fourth embodiment. FIG. 12 is a diagram illustrating an example of the configuration of the HGW / L2 termination device according to the fourth embodiment. FIG. 13 is a diagram illustrating an example of the configuration of the virtual HGW according to the fourth embodiment. FIG. 14 is a diagram illustrating an example of a configuration of a system according to the fifth embodiment. FIG. 15 is a diagram illustrating an example of the configuration of the HGW / L2 termination device according to the fifth embodiment. FIG. 16 is a diagram illustrating an example of a configuration of a receiving-side L2 termination device according to the fifth embodiment. FIG. 17 is a diagram illustrating a computer that executes a network management program according to the sixth embodiment.

  Exemplary embodiments of a network system, a network management apparatus, a network management program, and a network management method according to the present application will be described below in detail with reference to the accompanying drawings. The network system, network management device, network management program, and network management method according to the present application are not limited to the following embodiments. Hereinafter, a home gateway virtualization system in which the network system according to the present application is applied to a home gateway will be described as an example. Of the addresses described below, an address that does not have a predetermined notation means an IP address.

(First embodiment)
First, the home gateway virtualization system according to the first embodiment will be described. The home gateway virtualization system according to the first embodiment enables a user to fully use the HNW by providing a flexible service to the HNW without imposing a burden on the user. . Here, an example in the case where the user cannot sufficiently use the HNW in the prior art will be described. In the above-described prior art, since the HGW in the user's home has an Internet connection function, it is difficult to expand the function without imposing a burden on the user, and there is a certain limit to the service provided to the HNW. In some cases, the user cannot fully use the HNW. In addition, in the above-described conventional technology, because the NW is a segment NW that is different between the HNW and the NW (Network) configured on the cloud side, for example, resources of standards such as UPnP can be easily allocated to resources arranged on the cloud side. The service provided to the HNW has a certain limit, and the user may not be able to fully use the HNW.

  Therefore, the home gateway virtualization system according to the first embodiment can provide a flexible service to the HNW without burdening the user so that the user can fully use the HNW. To. Hereinafter, an example of the configuration of the home gateway virtualization system according to the first embodiment will be described with reference to FIG. FIG. 1 is a diagram illustrating an example of a configuration of a home gateway virtualization system 1 according to the first embodiment. As shown in FIG. 1, the home gateway virtualization system 1 according to the first embodiment includes an L2 termination device 100 arranged in a home network (HNW) 2 built in a user's home, and the Internet connected to the Internet. A data center (iDC: Internet Data Center) 3 is provided, and for example, the HNW 2 and the virtual HGW 201 on the iDC 3 are connected via a network 4 such as a closed network or the Internet.

  Here, in the home gateway virtualization system 1, as shown in FIG. 1, the HNW 2 and the iDC 3 are L2 connected. For example, as shown in FIG. 1, the HNW2 and the virtual HGW 201 on the iDC3 include L2TPv3 (L2 Tunneling Protocol version 3), a wide area Ethernet (registered trademark), an L2 leased line, and other L2- L2 connection is established by VPN (Virtual Private Network) or the like.

  As shown in FIG. 1, the iDC 3 includes virtual HNW 201 to virtual HNW 20 n. Since the virtual HNW 201 to the virtual HNW 20n have the same configuration, the virtual HNW 201 will be described below as an example. As shown in FIG. 1, the virtual HNW 201 includes, for example, an application server (service AP) and a storage server (HDD) as virtualized resources such as the receiving L2 termination device 200 and the virtual HGW (Home Gateway) 300. ) Etc.

  Here, as shown in FIG. 1, the home gateway virtualization system 1 according to the first embodiment is configured such that the L2 terminal device 100 and the receiving-side L2 terminal device 200 are L2 connected, so that the HNW2 and the virtual HNW201 are Can be treated as the same L2 segment NW. That is, a part of the conventional home network is arranged on the iDC 3. The virtual HGW 300 is, for example, a terminal on the HNW 2 or the virtual HNW 201 that is treated as an HNW of the same segment by a dynamic host configuration protocol (DHCP), an RA message (Router Advertisement) of DHCPv6, ICPMv6, static allocation, or the like. An IP address is assigned to or a prefix of an IPv6 address is notified. As described above, the home gateway virtualization system 1 manages the main functions of the HGW in the virtual HNW 201 by arranging the HGW arranged on the HNW 2 in the user's home on the virtual HNW 201 on the iDC 3 conventionally. Can do.

  Hereinafter, the L2 termination device 100, the receiving L2 termination device 200, and the virtual HGW 300 will be described with reference to FIGS. FIG. 2 is a diagram for explaining an example of the configuration of the L2 termination device 100 according to the first embodiment. For example, as shown in FIG. 2, the L2 termination device 100 includes a LAN (Local Area Network) side IF (Interface) 110a, a WAN (Wide Area Network) side IF 110b, IP communication units 120a and 120b, and an L2 connection process. Part 130.

  The LAN-side IF 110a exchanges various types of information between the HNW2 side device such as a terminal and the L2 termination device 100 side, and examples include an Ethernet (registered trademark) termination and a wireless LAN access point. The WAN-side IF 110b exchanges various information between the iDC 3 side and the L2 terminator 100 side. The IP communication units 120a and 120b execute various processes related to IP communication. The L2 connection processing unit 130 executes L2 connection with the receiving L2 termination device 200. For example, the L2 connection processing unit 130 realizes VPN connection at the L2 level between bases by L2TPv3 (RFC3931), EtherIP (RFC3378), wide area Ethernet (registered trademark), L2 dedicated line, and other L2-VPN. It has the function of.

  FIG. 3 is a diagram for explaining an example of a configuration of the receiving-side L2 termination device 200 according to the first embodiment. For example, the receiving-side L2 termination device 200 includes a LAN-side IF 210a, a WAN-side IF 210b, and an L2 connection processing unit 230, as shown in FIG.

  The LAN side IF 210a exchanges various types of information between the virtual HNW side device and the receiving side L2 terminator 200 side. The WAN IF 210b exchanges various types of information between the L2 terminator 100 side and the iDC3 side. The L2 connection processing unit 230 executes L2 connection with the L2 termination device 100 that is a device on the opposite side of the L2 tunnel connection. For example, the L2 connection processing unit 130 has a function for realizing VPN connection at the L2 level between bases by L2TPv3, EtherIP, wide area Ethernet (registered trademark), L2 dedicated line, and other L2-VPN.

  FIG. 4 is a diagram illustrating an example of the configuration of the virtual HGW 300 according to the first embodiment. For example, the virtual HGW 300 includes a LAN side IF 310a, a WAN side IF 310b, IP communication units 320a and 320b, an address management control unit 360, and an address management unit 370, as shown in FIG.

  The LAN-side IF 310a exchanges various types of information between the virtual HGW 300 and devices on the virtual HNW side and the HNW side such as terminals. The WAN-side IF 310b exchanges various information between the iDC 3 and devices on the Internet. The IP communication units 320a and 320b execute various processes related to IP communication.

  The address management control unit 360 controls an address management unit 370 to be described later. The address management unit 370 has at least one address management function such as IPv4 (DHCP (hereinafter referred to as DHCPv4), static address setting, etc.) and IPv6 (DHCPv6, ICPMv6 (RA message), static address setting, etc.). As described above, IP addresses are assigned to devices in the same L2 segment NW (HNW side and virtual HNW side).

  The virtual HGW 300 has a function of a general HGW and a function of a broadband router that connects to the Internet as a default gateway.

[Effect of the first embodiment]
As described above, according to the first embodiment, the home gateway virtualization system 1 includes the virtual HNW in which the iDC 3 is a virtual home network, the virtual HGW 300 that connects the virtual HNW and the Internet, A receiving L2 termination device 200 for connecting the L2 tunnel to the virtual HNW. Then, the L2 termination device 100 is arranged in the HNW, and an L2 tunnel is constructed between the receiving side L2 termination device 200 and the L2 termination device 100. Therefore, the home gateway virtualization system 1 according to the first embodiment can handle the HNW and the virtual HNW as HNWs in the same segment, and provides a flexible service to the HNW without burdening the user. Makes it possible to provide. As a result, the home gateway virtualization system 1 according to the first embodiment enables the user to fully use the HNW.

(Second Embodiment)
In the above-described first embodiment, the case where the Internet connection of a single base HNW has been described. In the second embodiment, a case will be described in which Internet connection of HNWs at a plurality of sites is performed by the same virtual HGW.

  FIG. 5 is a diagram illustrating an example of a configuration of the home gateway virtualization system according to the second embodiment. As shown in FIG. 5, in the home gateway virtualization system 1 according to the second embodiment, the receiving-side L2 termination device 200 in the virtual HNW 201 and the L2 termination devices 100 of the HNW 21 and the HNW 22 are connected by L2 tunnel connection. Connected. Furthermore, in the home gateway virtualization system 1 according to the second embodiment, the remote terminal having the L2 tunnel connection function or the L2 tunnel connection function is not limited to the L2 termination device 100 in the HNW, as shown in FIG. By carrying the mobile router, it is possible to access the receiving side L2 terminator 200 from a remote location.

[Effects of Second Embodiment]
As described above, according to the second embodiment, the receiving-side L2 termination device 200 performs L2 connection with L2 termination devices at a plurality of locations. Then, the virtual HGW executes Internet connection of each HNW or remote terminal. Therefore, the home gateway virtualization system 1 according to the second embodiment uses the same virtual HNW to execute Internet connection at a plurality of locations, so that each HNW, remote terminal, and remotely connected NW are the same. It is possible to reduce the load related to policy management and setting in the HGW.

(Third embodiment)
In the first and second embodiments described above, a case has been described in which each HNW and the virtual HNW 201 in the iDC 3 are connected by the L2 tunnel and are connected to the Internet by the virtual HGW in the virtual HNW. In this case, as described above, the IP address on the HNW side is managed on the virtual HNW side. Here, if the L2 connection between the HNW and the virtual HNW is disconnected, for example, if IP communication does not pass between the bases connected to the L2 tunnel, the communication in the HNW may not function. In some cases, the user cannot fully use the HNW. Therefore, in the third embodiment, even when the L2 connection between the HNW and the virtual HNW is disconnected, an error occurs when the communication within the HNW is functioned and the L2 connection is restored. By managing the IP address so that the address used by the HNW and the virtual HNW does not collide so that the same L2 segment NW can be used again, the user can fully use the HNW. The case will be described.

  First, a case where IP address management is assumed after the L2 connection between the HNW and the virtual HNW is disconnected will be described. FIG. 6 is a diagram for explaining an assumed case of IP address management according to the third embodiment. For example, as shown in FIG. 6, there are cases where the use of a new address after communication interruption due to a line failure or an L2 tunnel failure is in the HNW and the virtual HNW, as shown in FIG. A case may be considered. Therefore, in the following, a case where a new address is not used in both the virtual HNW and the HNW is referred to as Case A, and a case where a new address is not used in the virtual HNW and a new address is used in the HNW. Case C is when a new address is used in the virtual HNW after communication is cut off and no new address is used in the HNW. Case D is when the new address is used both in the virtual HNW and in the HNW. Will be described.

  Whether the new address is used or not may be determined by operation, or may be realized by controlling the device so that the new address cannot be used. In addition, address management to be described below is at least a private address issue by DHCPv4 in the case of IPv4, generation of a link local address in the case of IPv6, generation of a global unicast address based on prefix distribution by RA message, and DHCPv6 A global unicast address is assigned.

  Here, the configuration of the L2 termination device 100 according to the third embodiment for executing the above-described four-case address management will be described. FIG. 7 is a diagram illustrating an example of the configuration of the L2 termination device 100 according to the third embodiment. In FIG. 7, components having the same functions as those described in the first embodiment are denoted by the same reference numerals, and detailed description thereof is omitted.

  As illustrated in FIG. 7, the L2 termination device 100 according to the third embodiment newly includes an L2 communication control unit 140, a communication confirmation unit 150, a proxy function control unit 160, an address management proxy unit 170, and a storage. Unit 180 and address information acquisition unit 190. The L2 communication control unit 140 controls permission / blocking of communication between the WAN side (virtual HNW side) and the LAN side (HNW side). The communication confirmation unit 150 confirms communication by periodically executing an echo request and a response with the opposite side. Specifically, the communication confirmation unit 150 transmits an ICMP (Internet Control Message Protocol) v4 / ICMPv6 echo request message or the like between the virtual HNW 300 or the receiving side L2 termination device 200, and whether there is a response within a predetermined period. Thus, the communication confirmation of the L2 connection is executed. Here, the communication confirming unit 150 determines that the communication is interrupted when a response is not returned for a predetermined period after the echo request is transmitted or when an error message indicating that communication is not possible is received. And the communication confirmation part 150 determines with having recovered from the communication disconnection of L2 connection, when an echo request | requirement is transmitted even after determining with a communication disconnection and a response is returned.

  The proxy function control unit 160 activates the address management proxy unit 170 to execute address management proxy processing when it is determined that the communication is disconnected as a result of the communication confirmation by the communication confirmation unit 150. Then, the proxy function control unit 160 waits for completion of predetermined processing, if necessary, if it is determined that the communication from the L2 connection has been recovered as a result of the communication confirmation by the communication confirmation unit 150, and performs address management proxy. The unit 170 is terminated. Thereafter, in the case of stateful address management, the proxy function control unit 160 causes the virtual HGW 300 to transmit the address information managed by the address management proxy unit 170.

  The address management proxy unit 170 performs management such as generation and delivery of addresses in the HNW by using functions such as DHCPv4, DHCPv6, and ICMPv6 (for example, RA message). More specifically, when the address management proxy unit 170 is activated by the proxy function control unit 160 and becomes active, the address management proxy unit 170 performs address management according to the above four assumed cases. Here, the assumed case executed by the address management proxy unit 170 may be determined in advance at the operation stage. Details of address management according to the four assumed cases by the address management proxy unit 170 will be described later.

  The storage unit 180 stores address information. Specifically, the storage unit 180 stores address information used in the virtual HNW, address information used in the HNW, address information reserved for use in each NW, and the like. The address information acquisition unit 190 acquires an address used for duplicate address detection (DAD: Duplication Address Detection, RFC4862, etc.) by packet capture or the like before L2 communication disconnection after the L2 connection is disconnected. Alternatively, the address information acquisition unit 190 acquires the address issued by DHCPv4 / v6 and information on the address range assigned to each NW by receiving notification from the virtual HGW 300 or the like.

  Next, configurations of the receiving-side L2 termination device 200 and the virtual HGW 300 according to the third embodiment will be described with reference to FIGS. 8 and 9. FIG. 8 is a diagram illustrating an example of a configuration of the receiving-side L2 termination device 200 according to the third embodiment. FIG. 9 is a diagram illustrating an example of the configuration of the virtual HGW 300 according to the third embodiment. 8 and 9, the same reference numerals are given to components having the same functions as those described in the first embodiment, and detailed description thereof is omitted.

  As illustrated in FIG. 8, for example, the receiving-side L2 termination device 200 according to the third embodiment newly includes an L2 communication control unit 240 and a communication confirmation unit 250. The L2 communication control unit 240 controls permission / cutoff of communication between the WAN side (virtual HNW side) and the LAN side (HNW side). The communication confirmation unit 250 confirms the communication by periodically executing an echo request and a response with the opposite side. Specifically, the communication confirmation unit 250 transmits an ICMPv4 / ICMPv6 echo request message or the like to the L2 terminal device 100, and executes communication confirmation of L2 connection based on the presence or absence of a response within a predetermined period. The result is notified to the virtual HGW 300.

  As illustrated in FIG. 9, for example, the virtual HNW 300 according to the third embodiment newly includes a communication confirmation unit 350, a storage unit 380, and an address information acquisition unit 390. The communication confirmation unit 350 confirms communication by periodically executing an echo request and a response with the opposite side. Specifically, the communication confirmation unit 350 transmits an ICMPv4 / ICMPv6 echo request message or the like to the L2 termination device 100, and executes communication confirmation of L2 connection based on the presence or absence of a response within a predetermined period. Here, it is not essential that both the communication confirmation unit 250 and the communication confirmation unit 350 are provided, and any one of them may be provided. For example, if the communication confirmation unit 350 operates, the communication confirmation unit 250 is not essential.

  The storage unit 380 stores address information. For example, the storage unit 380 stores information on the IP address assigned by the address management unit 370 and the like. In addition, for example, the storage unit 380 is an address for performing address duplication detection so that addresses that are paid out or generated after L2 communication disconnection are unique in the same L2 segment NW. An address used in each NW or scheduled to be used in each NW and virtual HNW is stored. The address information acquisition unit 390 acquires an address notified in the DAD process by packet capture or the like while the L2 connection is established. Alternatively, the address information acquisition unit 390 acquires DHCPv4 / v6 address management information and the like.

  The configurations of the L2 termination device 100, the receiving-side L2 termination device 200, and the virtual HGW 300 according to the third embodiment have been described above. Under such a configuration, the L2 termination device 100 and the virtual HGW 300 execute address management according to the above four assumed cases. In the following, first, the basic procedure of address management will be described, and then address management in four assumed cases will be described. FIG. 10 is a sequence diagram for explaining a basic procedure of address management according to the third embodiment. In addition, although FIG. 10 demonstrates the case where the L2 termination | terminus apparatus 100 performs communication confirmation between virtual HGW300, the case where communication confirmation is performed between the receiving L2 termination | terminus apparatuses 200 may be sufficient.

  As shown in FIG. 10, the L2 termination device 100 and the virtual HGW 300 share address information in advance (step S101). Specifically, in the case of stateful address management, an address space handled by each HNW (including a virtual HNW) is determined by default at the start of operation. Alternatively, the address information acquisition unit 190 and the address information acquisition unit 390 periodically exchange address information used in each HNW until the L2 connection is disconnected. That is, on the HNW side (/ virtual HNW side), the address used or scheduled to be used on the virtual HNW side (/ HNW side) is grasped. Here, the address information may not be shared at the time of initial setting. In the case of stateless address management, the address information acquisition unit 190 acquires the address used in the opposite NW by, for example, capturing it.

  Then, communication confirmation is executed between the L2 termination device 100 and the virtual HGW 300 (step S102). Specifically, the L2 termination device 100 and the virtual HGW 300 execute communication confirmation by executing transmission / reception of an echo request message between the communication confirmation unit 150 and the communication confirmation unit 350. In step S102, the echo request message may be transmitted from both sides of the L2 termination device 100 and the virtual HGW 300, or the echo request message is transmitted only from the L2 termination device 100 side. However, at least communication from the NW side that needs to proxy the address management function is confirmed.

  Subsequently, in the L2 termination device 100, it is determined whether or not the communication confirmation unit 150 is disconnected (step S103). If the communication is not interrupted (No at Step S103), the communication confirming unit 150 returns to Step S102 (or Step S101) and continues to execute the communication confirmation. On the other hand, when the communication is disconnected (Yes at Step S103), the proxy function control unit 160 activates the address management proxy unit 170 (Step S104), and the address management proxy unit 170 manages the address on the HNW side. . Specifically, the address management proxy unit 150 manages addresses on the HNW side by proxying the address management function (address generation, update, disappearance, address duplication check, etc.) of the virtual HGW. Details will be described later. Further, during the communication disconnection, the virtual HGW 300 manages the addresses that have already been issued before the communication disconnection and the virtual HNW addresses after the communication disconnection.

  Thereafter, the communication confirmation unit 150 continues the communication confirmation (step S106) and determines whether or not the communication has been restored (step S107). Here, if not recovered (No at Step S107), the address management proxy unit 170 returns to Step S105 and continues to manage the address on the HNW side. On the other hand, when the recovery is made (Yes at Step S107), the proxy function control unit 160 causes the virtual HGW 300 to transmit the address management information executed during the communication interruption (Step S108).

  When the virtual HGW 300 receives the address management information, the address management unit 370 integrates the address management information with the address information managed by the virtual HGW 300 (step S109) and ends the process. That is, the virtual HGW 300 returns to the state where the address information of the same segment L2NW is managed. The address management information transmission process in step S108 and the integration process of the address management information and the address information in step S109 are executed only in the case of stateful address management.

  Hereinafter, the above four assumed cases (Case A to Case D) will be described. First, address management in case A (when the virtual HNW and the HNW do not use a new address after communication disconnection) will be described.

  In such a case, in the L2 termination device 100, the same correspondence can be obtained regardless of whether the address is issued by any method of stateful address management by DHCPv4 / DHCPv6 and stateless address management by link local address generation or RA message prefix notification. Can be executed. That is, in case A, the L2 termination device 100 manages addresses as follows.

(1) First, it is not essential to periodically share address information between the L2 termination device 100 and the virtual HGW 300.
(2) Next, in the L2 termination device 100, the communication confirmation unit 150 transmits an ICMPv4 / ICMPv6 echo request message or the like to the virtual HGW 300, and performs communication confirmation. The communication confirmation may be executed with the receiving side L2 termination device 200. Further, the L2 termination device 100 and the virtual HGW 300 may mutually confirm, or only the L2 termination device 100 may transmit an echo request for confirmation. Here, while the L2 connection is established, the virtual HGW 300 performs address management of the same L2 segment NW. The communication confirming unit 150 determines that the communication is disconnected when a response is not returned for a predetermined period after the echo request is transmitted or when an error message response indicating that communication is not possible is received.

  (3) In the L2 terminating device 100, the proxy function control unit 160 activates the address management proxy unit 170 to act as a proxy for the address management function of the virtual HGW 300 when the communication confirmation unit 150 determines that the communication is disconnected. To do. Here, (i) In order for the terminal on the HNW side to recognize the L2 termination device 100 as the default GW, the L2 termination device 100 is assigned the address of the virtual HGW (default GW) to the address of the NW interface on the HNW side. It may be. On the other hand, in the case of an NW that is not recognized as described above and is an IPv6 communicable NW, in order to prevent the source address of the RA message received by the terminal from being regarded as the default GW address, The router expiration parameter in the RA message generated and transmitted by is set to “0”. (Ii) In the case of stateful address management by DHCPv4 / DHCPv6, in the L2 termination device 100, the address management proxy unit 170 receives a virtual from a terminal that has been connected (IP address assigned from the virtual HGW 300) before communication in the HNW is interrupted. Respond to the address lease period update request addressed to the HGW 300 on behalf, update the lease period of the already assigned terminal address, and update contents (terminal identification information, update period, updated address, if released) (Used address information) is stored. (Iii) In the case of stateless address management by the RA message, in the L2 termination device 100, the address management proxy unit 170 periodically transmits the RA message in the HNW to update the address lease period. The link local address update need not depend on the RA message from the L2 terminating device 100 or the like.

  (4) After that, in the L2 termination device 100, when the communication confirmation unit 150 performs communication confirmation after communication is interrupted and returns a response indicating that communication is possible, the following processing is performed. Execute. (I) In the case of stateful address management by DHCPv4 / DHCPv6, in the L2 termination device 100, the address management proxy unit 170 changes the assigned default GW address to the state before granting (if it has been given ), The proxy function control unit 160 transmits the address information (lease table information) stored in the storage unit 180 to the virtual HGW 300. (Ii) In the case of stateless address management using RA messages, the L2 termination device 100 does nothing in particular. Then, in the L2 termination device 100, the proxy function control unit 160 stops (disables) the activated address management proxy unit 170. Even if the L2 communication is restored, communication to the opposite side of the L2 connection (that is, communication from the LAN side to the WAN side of the L2 termination device 100) is allowed while the address management proxy unit 170 is activated. You may control so that it may not exist. Specifically, the L2 communication control unit 140 cuts off communication from the LAN side to the WAN side, and the L2 communication control unit 240 does not communicate from the virtual HGW 300 or from all LAN sides to the WAN side. May be released when the address management proxy unit 170 is stopped or a notification of the stop is received.

  (5) In the virtual HGW 300, the address information acquisition unit 390 reflects the received information in the address lease table stored in the storage unit 380, thereby ensuring consistency in the address state of the same L2 segment NW. maintain. (I) In the case of DHCPv4 / DHCPv6 stateful address management, the virtual HGW (and L2 terminator) controls the virtual HGW (and HNW) so as not to allocate a new address after detecting a communication interruption, and recovery is performed. You may make it cancel | release this control after detecting. Even if the L2 communication is restored, communication to the opposite side of the L2 connection (that is, communication from the WAN side of the virtual HGW 300 to the LAN side) is performed while the address management proxy unit 170 is activated in the L2 termination device. You may control not to let it pass.

  Next, address management in case B (after communication is interrupted, a new address is not used in the virtual HNW and a new address is used in the HNW) will be described. In such a case, the L2 terminal device 100 uses the IPv6 RA message or the link local when the address is issued by stateful address management by DHCPv4 (case B-1), by stateful address management by DHCPv6 (case B-2). Different handling is executed in the case of stateless address management by address (case B-3). First, the case (B-1) will be described. In such a case, the L2 termination device 100 manages addresses as follows.

  (1) The L2 termination device 100 and the virtual HGW share address information by either (i) or (ii) below. (I) During the L2 connection, the address information acquisition unit 390 of the virtual HGW 300 periodically establishes information on the free address space that can be allocated to the HNW or the L2 connection is established between the virtual HGW 300 and the L2 termination device 100. In the meantime, the L2 termination device 100 is notified. Then, in the L2 terminal device 100, when the communication confirmation unit 150 detects a communication disconnection, the address management proxy unit 170 receives a notification from the free address space stored in the storage unit 180 and creates a new one in the HNW. Allocation is performed in response to an address allocation request. (Ii) An address space to be allocated is set in advance. In any case, for example, in the virtual HGW 300, the address management unit 370 assigns addresses to the same L2 segment NW by incrementing from the minimum value (192.168.1.1, 192.168.1.2,...). Then, after detecting the communication disconnection, in the HNW, the address management proxy unit 170 of the L2 termination device 100 decrements and allocates the address from the maximum value in response to a new address allocation request (192.168.1.255). , 192.168.1.254,…). The above example is an example in the case of 192.168.1.0/24. As another example, an odd-numbered value is assigned to the virtual HGW 300 as an address of the payout address space (192.168.1.1, 192.168.1.3,...), And the address of the payout address space is assigned to the L2 termination device 100. By assigning even-numbered addresses (192.168.1.2, 192.168.1.4,...), During normal times, odd-numbered addresses are assigned to the same L2 segment NW. On the other hand, odd-numbered addresses are issued from the virtual HGW 300, and even-numbered addresses are issued from the L2 terminating device 100 to the HNW. Or it is good also as assigning the address space of the serial number which does not respectively overlap with each HNW simply. Alternatively, this address space may be an address space excluding the addresses already issued by the virtual HGW 300. In this case, since the address space changes dynamically, it is desirable to notify each HNW periodically.

(2) In the L2 terminal device 100, the communication confirmation unit 150 transmits an ICMPv4 / ICMPv6 echo request message or the like to the virtual HGW to execute the communication confirmation (same as in the case A).
(3) In the L2 terminal device 100, when the communication confirmation unit 150 determines that the communication is interrupted, the proxy function control unit 160 activates the address management proxy unit 170 to proxy the address management function of the virtual HGW 300 (Same as Case A). Further, (i) the address management proxy unit 170 of the L2 terminating device 100 assigns an IP address to the terminal participating in the HNW side based on DHCPv4, and performs proxy processing (paid-out address, in-use address information) ) Is memorized. (Ii) In each NW, when an address other than the assigned address space is to be used in a certain terminal by manual setting, the address management proxy unit 170 of the L2 termination device 100 checks whether this address is used. Since the ARP request is notified, an ARP response indicating that it is already in use may be generated and notified when the notification is received. The virtual HGW 300 may be implemented within the virtual HNW, and the L2 termination device 100 may be implemented within the HNW.

  (4) In the L2 termination device 100, when the communication confirmation unit 150 detects recovery from the communication disconnection, the proxy function control unit 160 transmits the stored contents to the virtual HGW 300, and further stops the address management proxy unit 170. Then, the address information acquisition unit 390 of the virtual HGW 300 reflects the received content in the lease table of its own address.

  Next, the case (B-2) will be described. In such a case, as in the case (B-1), a procedure of allocating an address space that can be used in each NW in advance may be taken. Here, however, the L2 termination device 100 uses the address as follows: Manage.

  (1) While the L2 connection is established, the address information acquisition unit 390 of the virtual HGW 300 periodically performs address information managed by the virtual HGW 300 (address lease table: paid-out address, paid-out terminal DUID, (Expiration date, etc.) is transmitted to the L2 termination device 100 on the HNW side, and the address information acquisition unit 190 of the L2 termination device 100 stores the received address information in the storage unit 180.

(2) The communication confirmation unit 150 of the L2 termination device 100 executes communication confirmation of L2 connection.
(3) In the L2 terminal device 100, when the communication confirmation unit 150 detects a communication disconnection of the L2 connection, the following (i) to (iv) address management proxy unit 170 is activated to perform the proxy of the virtual HGW 300 , Manage addresses. (I) The address management proxy unit 170 of the L2 termination device 100 sets the address of the default GW in the NW interface on the HNW side of the L2 termination device 100. (Ii) When an RA message is transmitted without setting a default GW address, the address management proxy unit 170 of the L2 termination device 100 is not recognized by each terminal as the own device is the default GW (default router). Therefore, the router validity period “0” is set in the RA message to be transmitted. (Iii) RA message function (notifies the terminal that an address or the like is to be paid out by DHCPv6). (Iv) DHCPv6 server function (address delivery, address expiration date update, DNS server address notification, etc.).

  (4) In the L2 terminal device 100, when the communication confirmation unit 150 detects the restoration of the L2 connection, the proxy function control unit 160 stores and manages the address information (at least from disconnection to restoration) in the storage unit 180. Information may be sent to the virtual HGW 300), and the activated address management proxy unit 170 is stopped. Note that after the communication is interrupted, the L2 communication control unit 140 may control to stop communication from the LAN side to the virtual HNW side until the function of the address management proxy unit 170 is stopped. In such a case, the address information acquisition unit 390 of the virtual HGW 300 notifies the L2 termination device 100 that the address information has been correctly reflected from the terminal under the L2 termination device 100 to the opposite side of the L2 connection. You may control by the L2 communication control part 140 so that communication may be passed.

  (5) The address information acquisition unit 390 of the virtual HGW 300 reflects (adds, updates, deletes) the received address information in the address information managed by the storage unit 380 itself. Note that during the period from disconnection to recovery, the virtual HNW side performs address management (such as lease renewal) as usual using the virtual HGW 300.

  Next, the case (B-3) will be described. In such a case, the L2 termination device 100 manages addresses by one of the following three methods. Hereinafter, the three methods are referred to as case (B-31), case (B-32), and case (B33), respectively. Note that these methods are applied to generation and setting of at least a link local address as well as a global unicast address of each terminal, and may be used in combination with the case (B-2). First, the case (B-31) will be described. Case (B-31) shows a case where the address of the HNW is reset once after the L2 connection is restored.

(1) Periodic address information is not shared in advance between the L2 termination device 100 and the virtual HGW.
(2) The communication confirmation unit 150 of the L2 termination device 100 transmits an ICMPv4 / ICMPv6 echo request message or the like to the virtual HGW 300, and performs communication confirmation.
(3) After detecting the communication interruption, the proxy function control unit 160 of the L2 termination device 100 activates the address management proxy function of the address management proxy unit 170. That is, in the case of global unicast address generation, the address management proxy unit 170 of the L2 termination device 100 transmits an RA message to notify the prefix. In the case of link local address generation, the L2 termination device 100 does not need to notify the prefix.
(4) In the L2 terminal device 100, when the communication confirmation unit 150 detects L2 connection recovery, the proxy function control unit 160 sends an RA message for setting the expiration date of the address of the terminal in the HNW to “0”. (Address is sent only to the LAN side interface side) and the address management proxy function activated after disconnection is stopped.

  Thereafter, since the set address is refreshed, the terminal in the HNW obtains a prefix by transmitting an RS (Router Solicitation) message, etc., and performs address generation and setting. It is the virtual HGW 300 that transmits. Thus, since the DAD is performed on the same L2 segment NW, the address generated by the terminal is unique within the same L2 segment NW. Here, the target whose address is revoked may be not the HNW but the virtual HNW side. In such a case, after the communication confirmation unit 350 of the virtual HGW 300 detects recovery, an RA message for setting the address expiration date to “0” is transmitted. The receiving side L2 termination device 200 controls the L2 communication control unit 240 not to communicate with the opposite NW until the transmission of the RA message is completed, for example, from the virtual HNW side after the L2 connection is restored. For example, the first RA message is filtered, and control is performed so as to allow communication to the opposite NW after transmission of the RA message is completed. Alternatively, the virtual HGW 300 may notify the control message for permitting the receiving side L2 terminating device 200 to pass communication with the opposite side of the L2 tunnel after notifying the RA message.

  Next, the case (B-32) will be described. Case (B-32) shows a case where address duplication does not occur. This is a case where an IPv6 space is given as an interface ID in IPv6, so that the possibility of address duplication is very small. That is, the difference from the case (B-31) is that the address is not refreshed.

(1) Periodic address information is not shared in advance between the L2 termination device 100 and the virtual HGW.
(2) The communication confirmation unit 150 of the L2 termination device 100 transmits an ICMPv4 / ICMPv6 echo request message or the like to the virtual HGW 300, and performs communication confirmation.
(3) After detecting the communication interruption, the proxy function control unit 160 of the L2 termination device 100 activates the address management proxy function of the address management proxy unit 170.
(4) In the L2 termination device 100, when the communication confirmation unit 150 detects L2 connection recovery, the proxy function control unit 160 stops the address management proxy function that has been activated after the disconnection.

  Next, the case (B-33) will be described. Case (B-33) shows the following case. First, as a premise, when no new address is allocated in an NW (virtual HNW or other HNW) other than the corresponding HNW between the time of communication disconnection and recovery, the address information acquisition unit 190 of the L2 end device 100 performs L2 During the establishment of the connection, the address used in the other NW (hereinafter, only the virtual HNW is exemplified) is stored in the storage unit 180. Then, the address management proxy unit 170 of the L2 terminating device 100, when an address is generated in the HNW after communication disconnection and DAD is executed, the generated address is stored in the address stored (used in the virtual HNW). It is determined whether or not the same address). Here, if there is a duplication, the address management proxy unit 170 transmits a response indicating the duplication of addresses instead of the virtual HNW side terminal using the address.

  Here, the relationship between the IP addresses used in each NW is described as follows. “{X}” indicates “a set of IP addresses used in the same segment”. “{Y}” indicates “a set of IP addresses used in the virtual HNW”. “{Z (i)}” indicates “a set of IP addresses used in HNW (i) (i ≧ 1)”. That is, “{X} = {Y} + Σ {Z (i)}” is established. Hereinafter, in order to simplify the description, the case of Z (i) = Z (i = 1) will be described.

  When the address used in the virtual HNW is regularly notified to the L2 terminator 100 on the HNW side while the L2 connection is established, the following two methods (i) and (ii) are executed. First, the method (i) will be described. Method (i) specifies the address {X} in the same L2 segment NW and the address ({Z}) in the HNW, and specifies the address ({Y} = {X}-{Z}) in the virtual HNW Indicates when to do.

  (1) The address information acquisition unit 390 of the virtual HGW 300 monitors the ICMPv6 NS (Neighbor Solicitation for DAD flowing through the same L2 segment NW, for example, an NS message whose source address is set to: :). Then, the target address in the NS message is specified and stored in the storage unit 380 as an address ({X}). Then, the address management unit 370 of the virtual HGW 300 notifies the specified address to the L2 termination device 100 each time the address ({X}) is stored or periodically.

  (2) The address information acquisition unit 190 of the L2 termination device 100 monitors the NS message for DAD received from the inside of the HNW, and specifies the target address in the NS message. However, when an ICMPv6 NA (Neighbor Advertisement) message indicating that the target address for this NS message is an address duplication is received, it is excluded from a specific target ({Z}). The same applies to the specific case of {X}. Thereby, since the L2 termination device 100 obtains {X} and {Z}, it is possible to obtain the address ({Y}). The address information acquisition unit 190 stores this address in the storage unit 180. Here, DAD will be briefly described. The terminal multicasts in the NW by including in the NS message the address that the terminal wants to use as the target address. At this point, this terminal cannot communicate using the address it wants to use as the source. Next, when there is a terminal already using the same address in the NW, an NA message indicating that the terminal is already in use is transmitted in response to the NS message received by this terminal. When the terminal that has transmitted the NS message receives the corresponding NA message, the terminal determines that the target address is already in use and does not use it. If this NA message is not received within a predetermined period, the target address can be used as the address of the own terminal.

Next, the method (ii) will be described. Method (ii) shows a case where {Y} is directly specified.
(1) The address information acquisition unit 190 of the L2 termination device 100 monitors a message received from the opposite side of the L2 tunnel, detects an NS message for DAD (from the virtual HNW side), Specify the target address of. If the NA message indicating that the target address for this NS message is an address overlap is received, the address information acquisition unit 190 excludes it from a specific target. Thereby, the L2 termination | terminus device 100 can obtain | require {Y} directly.

  The L2 termination device 100 specifies the address {Y} in the virtual HNW and stores it in the storage unit 180 by the method (i) or (ii) described above. In the L2 termination device 100, the proxy function control unit 160 activates the address management proxy function after the communication is disconnected. When an NS message for DAD corresponding to the generated address is received from a terminal in the HNW, the address management proxy unit 170 of the L2 termination device 100 stores the address {Y }, If it is duplicated, that is, if it is used in a virtual HNW, the address is sent instead of the terminal resource on the virtual HNW using that address. The NA message indicating address duplication is generated and transmitted. After the communication confirmation unit 150 detects the recovery, the proxy function control unit 160 ends the address management proxy function. The above describes the management of the IPv6 global unicast address by the RA message, but the same applies to the management of the link local address. The difference is that generation of a link local address does not require notification of a prefix by an RA message.

  Next, address management in case C (when a new address is used in the virtual HNW and no new address is used in the HNW after communication disconnection) will be described. In such a case, in the L2 termination device 100, when the address delivery is stateful address management by DHCPv4 / DHCPv6, either case A or cases (B-1) and (B-2) may be executed. Since the IP address assigned in the same L2 segment NW is managed in the virtual HGW 300, if a new address is not used on the HNW side, there is no collision even if it is newly issued on the virtual HNW side. Because. On the HNW side, it is only necessary to renew the lease period of the paid-out or generated address.

  On the other hand, in the case of stateless address management by the RA message, the L2 termination device 100 has the operation functions on the HNW side and the virtual HNW side that are symmetric with the cases (B-31) to (B-33). Is taken into account, and addresses are managed in the same manner as in cases (B-31) to (B-33). Here, in cases (B-31) and (B-32), the address management proxy unit 150 on the HNW side is controlled so as not to issue a new address after the L2 connection is disconnected. Similarly, in case (B-33), the address management proxy unit 150 does not advertise the prefix by the RA message and notifies the virtual HNW side of the address used on the HNW side before the L2 connection is disconnected. . Then, the virtual HGW 300 also takes on a necessary function of the address management proxy function of the case (B-33). That is, the virtual HGW 300 specifies the address {Z} in the HNW, and after the L2 connection is disconnected, if an NS message for DAD for generating a new address flows in the virtual HNW, holds {Z} It will take the behavior of substituting the host terminal to do. If the target address of the NS message is an address overlapping with {Z}, an NA message indicating address duplication is generated and transmitted instead of the host terminal.

  Next, address management in case D (when a new address is used for both virtual HNW and HNW after communication disconnection) will be described. In such a case, when the address delivery is DHCPv4, the L2 termination device 100 executes address management similar to that in the case (B-1). Further, when the address delivery is DHCPv6, the same procedure as in the cases (B-1) and (B-2) may be used. However, the L2 termination device 100 is connected to each NW (virtual HNW, HNW1, HNW2,. )), An address space that can be allocated is set in advance.

  On the other hand, when the address is generated by an RA message or link local address is generated, the L2 termination device 100 manages the address in the same manner as in the case (B-31) or (B-32). Alternatively, the L2 termination device 100 can execute address management similar to the case (B-33). The method will be described below.

(1) Periodic pre-sharing of address information between the L2 termination device 100 and the virtual HGW 300 is not indispensable, but it is necessary to grasp the addresses used in the opposite NW before L2 disconnection. .
(2) The communication confirmation unit 150 of the L2 termination device 100 transmits an ICMPv4 / ICMPv6 echo request message or the like to the virtual HGW 300, and performs communication confirmation.
(3) After detecting the communication interruption, the proxy function control unit 160 of the L2 termination device 100 activates the address management proxy function of the address management proxy unit 170. Furthermore, during the period from communication disconnection (detection) to recovery (detection), the L2 termination device 100 and the virtual HGW 300 are used by the local NW during this period, including the identification of addresses newly used by the local NW. Each address information is acquired and stored in each storage unit. For example, for newly generated addresses, NS messages and NA messages that flow for DAD are captured, and for addresses that have been issued, the source address (and destination address if necessary) is captured from the communication message. Or the like, and may be stored in the storage unit 180 as a list. This is the same for both global unicast addresses and link local addresses. Note that the above-described list of address information only needs to list the address information used at the time of recovery detection.

  (4) After recovery is detected, the L2 termination device and the virtual HGW 300 confirm that the addresses used in each NW are not duplicated in the same L2 segment NW connecting these NWs, or if there is a duplicate In order to eliminate duplication, an address matching process is executed. Here, the L2 termination device 100 and the virtual HGW 300 execute the address matching process by any of the following three methods (i) to (iii). First, the method (i) will be described.

  In the L2 termination device and the virtual HGW 300, the address information acquisition unit 190 and the address information acquisition unit 390 acquire a list of addresses used in the opposing NW, respectively, and the acquired list of addresses of the opposing NW and the own NW Against a list of addresses. It should be noted that the list may be exchanged with each other or only one of them may be obtained.

  If no overlapping address is found as a result of the list comparison, the proxy function control unit 160 ends the address management proxy unit 170 in the L2 termination device 100. On the other hand, when a duplicate address is found, the L2 termination device 100 and the virtual HGW 300 refresh the address of one NW determined in advance by the same method as in the case (B-31), and the L2 termination device In 100, the proxy function control unit 160 ends the address management proxy unit 170.

  Next, the method (ii) will be described. In the case of the method (ii), the address management proxy unit 170 of the HNW L2 terminal device 100 selects a terminal that uses the address listed (at least an address newly used during communication disconnection to recovery). As a proxy, DAD of this address is performed only for the opposite NW (virtual HNW) (DAD is not performed within the own NW). Note that DAD may be performed from the virtual NW to the HNW. In the case of the method (ii), it is sufficient that the address information can be listed only at the side where at least DAD is performed.

  Thereafter, when the NA message indicating the address duplication is not returned, the proxy function control unit 160 of the L2 termination device 100 ends the address management proxy unit 170. On the other hand, when there is a response to the NA message indicating that there is a duplicate address, the L2 termination device and the virtual HGW 300 use the same method as in the case (B-31) for the address of one NW that has been determined in advance. As a result, the L2 termination apparatus 100 terminates the address management proxy unit 170.

  Next, the method (iii) will be described. Method (iii) shows a different method when duplicate addresses are found in methods (i) and (ii). In such a case, the virtual HGW 300 or the L2 terminating device 100 sends a message for setting the address expiration date to “0” only to the terminal using this address of one NW that uses the discovered address. Send. Since the existing RA message is multicast, a new message for unicast is defined to correspond to processing of this message on the transmission side and the reception side. As a result, the address of one of the NW terminals with overlapping addresses is refreshed, and the L2 terminating device 100 terminates the address management proxy unit 170. In these methods, even after recovery from communication disconnection, the address matching process is completed and the address management proxy unit 170 is terminated, that is, until the address consistency of the same L2 segment NW is taken. In the meantime, it is desirable for the device that terminates L2 of each NW to block communication from within the NW to the opposing NW. For example, when the control from the HNW side to the virtual HNW side and the communication from the virtual HNW side to the HNW side is controlled by the L2 communication control unit 140 and the L2 communication control unit 240 and the matching process is completed, the virtual HGW 300 This control is canceled by notifying each device including the L2 communication control unit 140 and the L2 communication control unit 240 of the notification to that effect. Communication such as communication confirmation between the L2 termination device 100 and the virtual HGW 300 may be controlled to pass.

  The address management according to the four assumed cases has been described above. Here, “Yes” and “No” for paying out a new address for classifying the four assumed cases may be determined by operation. In addition, when the L2 connection is disconnected, the new address by the DHCPv4 / v6 is not issued / RA message until the L2 connection is restored (and until the consistency of the address in the same L2 segment NW is completed). May be controlled by the virtual HGW 300 or the L2 terminating device 100 so as not to advertise the prefix.

  Further, in the case of stateful address management in all the cases described above, the virtual HGW 300 (including the DHCP server function that is not a proxy) further increases the lease period of the address that has already been issued upon detection of disconnection of the L2 connection. It is good also as extending for a predetermined period.

  For example, if the virtual HGW 300 (having a DHCP server function) ends the lease period and becomes reusable before the L2 connection is restored for the address issued to the HNW side, the virtual HGW 300 There is a possibility of paying out. In such a case, when the L2 connection is restored while the address is continuously used on the HNW side, an address collision occurs. Therefore, the predetermined period to be extended can be arbitrarily determined, but may be until the L2 connection is restored. It should be noted that an address that has become available for reuse after the lease period has ended may be paid out as before without detecting disconnection of the L2 connection.

[Effect of the third embodiment]
As described above, according to the third embodiment, the address management unit 370 in the virtual HGW 300 allows the virtual HNW and the virtual HNW when the L2 tunnel is established between the receiving L2 termination unit 200 and the L2 termination unit 100. Manages IP addresses in HNW. Then, the address management proxy unit 170 in the L2 terminating device 100 manages the IP address used in the HNW so that it does not overlap with the IP address used in the virtual HNW when communication in the L2 tunnel is disconnected. Therefore, the home gateway virtualization system 1 according to the third embodiment allows the HNW to function even when communication in the L2 tunnel is disconnected, and suppresses IP address collision when the L2 connection communication is restored. to enable. As a result, the home gateway virtualization system 1 according to the third embodiment enables the user to fully use the HNW.

  In addition, according to the third embodiment, the address management unit 370 executes the integration process of the IP address in the virtual HNW and the IP address in the HNW when the communication disconnection in the L2 tunnel is recovered. Therefore, the home gateway virtualization system 1 according to the third embodiment makes it possible to more reliably suppress IP address collision when the communication of the L2 connection is restored.

(Fourth embodiment)
In the first, second, and third embodiments described above, the case has been described in which the virtual HNW side is provided with a gateway function serving as an exit to another network such as the Internet of IPv4 and IPv6. In the fourth embodiment, a case will be described in which an IPv4 or IPv6 default GW function (broadband router function) is provided on the HNW side. FIG. 11 is a diagram illustrating an example of the configuration of the home gateway virtualization system 1 according to the fourth embodiment.

  For example, as shown in FIG. 11, the home gateway virtualization system 1 according to the fourth embodiment includes an HGW / L2 termination device 400 in the HNW. The HGW / L2 terminator 400 has an IPv6 broadband router function, and executes address assignment such as DHCPv6, RA message, and static assignment. On the other hand, the virtual HGW 300 has an IPv4 broadband router function, and executes address assignment such as DHCPv4 and static assignment. The iDC may be configured to include a NAT device that performs address conversion processing between a private address and a global address. In addition, this NAT apparatus can consider Large Scale NAT, Carrier Grade NAT, etc., such as NAT444.

  Next, the configuration of the HGW / L2 termination device 400 will be described. FIG. 12 is a diagram illustrating an example of the configuration of the HGW / L2 termination apparatus 400 according to the fourth embodiment. For example, as shown in FIG. 12, the HGW / L2 termination device 400 has a configuration in which an address management unit 470b and an address management control unit 460b are added to the L2 termination device 100 according to the third embodiment.

  The address management control unit 460b controls an address management unit 470b described later. The address management unit 470b has an address management function such as IPv6 (DHCPv6, ICPMv6 (RA message: Router Advertisement), static address setting), etc., and sends IP addresses to devices in the same L2 segment NW (HNW side and virtual HNW side). Assign an address or IPv6 address prefix. That is, the HGW / L2 termination device 400 according to the fourth embodiment includes the IPv6 management system 400b of the home gateway virtualization system.

  Here, when the communication confirmation unit 450 determines that the L2 connection is disconnected, the IPv6 management system 400b manages the IP address related to IPv6 in the HNW. When the communication confirmation unit 450 determines that the L2 connection is disconnected, the IPv4 proxy management system 400a including the address management proxy unit 470a and the proxy function control unit 460a has the address management proxy function active. Acts as a proxy for IP address management related to IPv4 in the HNW. Other configurations shown in FIG. 12 are the same as those of the L2 termination device 100 according to the third embodiment, and thus the description thereof is omitted.

  Next, the configuration of the virtual HGW 300 according to the fourth embodiment will be described. FIG. 13 is a diagram illustrating an example of the configuration of the virtual HGW 300 according to the fourth embodiment. For example, as shown in FIG. 13, the HGW 300 has a configuration in which an IPv6 proxy management system 300b including an address management proxy unit 370b and a proxy function control unit 360b is added to the virtual HGW 300 according to the third embodiment.

  When the communication confirmation unit 350 determines that the L2 connection is disconnected, the proxy function control unit 360b activates and activates the address management proxy unit 370b. If the communication confirmation unit 350 determines that the L2 connection has been disconnected, the address management proxy unit 370b performs the management of the IPv6 IP address in the virtual HNW. Further, the IPv4 management system 300a including the address management unit 370a and the address management control unit 360a manages an IP address related to IPv4 in the virtual HNW. The other configuration illustrated in FIG. 13 is the same as that of the virtual HGW 300 according to the third embodiment, and thus description thereof is omitted. In the above-described embodiment, the case where the HGW / L2 termination apparatus 400 includes an IPv6 management system has been described. However, the embodiment is not limited to this, and for example, the HGW / L2 termination apparatus 400 manages IPv4. It may be a case where a system is provided.

[Effect of the fourth embodiment]
As described above, according to the fourth embodiment, the IPv6 GW is arranged on the HNW side, and the IPv4 GW is arranged on the virtual HNW side. Therefore, the home gateway virtualization system 1 according to the fourth embodiment makes it possible to distribute the load related to the HGW.

(Fifth embodiment)
In the first to third embodiments described above, the case has been described in which the IPv4 and IPv6 broadband router functions are provided on the virtual HNW side. In the fifth embodiment, a case will be described in which a broadband router function of IPv4 and IPv6 is provided on the HNW side. In other words, the configuration is symmetrical to the third embodiment, and the configuration related to the address management on the HNW side of the third embodiment is the configuration related to the address management on the virtual HNW side of the fifth embodiment. The configuration related to address management on the virtual HNW side of the embodiment is the configuration related to address management on the HNW side of the fifth embodiment. FIG. 14 is a diagram illustrating an example of a configuration of a system according to the fifth embodiment.

  For example, as shown in FIG. 14, the system according to the fifth embodiment includes an HGW / L2 termination device 400 in the HNW. The HGW / L2 terminator 400 has an IPv4 / IPv6 broadband router function, and executes address assignment such as DHCPv4, DHCPv6, RA message, and static assignment.

  Next, the configuration of the HGW / L2 termination device according to the fifth embodiment will be described. FIG. 15 is a diagram illustrating an example of the configuration of the HGW / L2 termination apparatus 400 according to the fifth embodiment. The HGW / L2 termination device 400 according to the fifth embodiment differs from the HGW / L2 termination device according to the fourth embodiment in the processing contents of the address management unit 470. Hereinafter, this will be mainly described.

  The address management unit 470 has an address management function such as IPv4 (DHCPv4, static address setting, etc.), IPv6 (DHCPv6, ICPMv6 (RA message), static address setting, etc.), and the same L2 segment NW (HNW side and An IP address is assigned to a device in the virtual HNW side).

  Next, the configuration of the receiving L2 termination device 200 according to the fifth embodiment will be described. FIG. 16 is a diagram illustrating an example of the configuration of the receiving-side L2 termination device 200 according to the fifth embodiment. As illustrated in FIG. 16, the receiving L2 termination device 200 according to the fifth embodiment is newly configured with an IP communication unit 220a and an IP communication compared to the receiving L2 termination device 200 according to the third embodiment. The difference is that it includes a unit 220b, a proxy function control unit 260, an address management proxy unit 270, a storage unit 280, and an address information acquisition unit 290. Hereinafter, these will be described.

  The IP communication unit 220a and the IP communication unit 220b execute various processes related to IP communication. The proxy function control unit 260, the address management proxy unit 270, the storage unit 280, and the address information acquisition unit 290 are respectively a proxy function control unit 160, an address management proxy unit 170 in the L2 termination device 100 according to the third embodiment described above. The storage unit 180 and the address information acquisition unit 190 have the same functions. That is, the receiving-side L2 termination device 200 according to the fifth embodiment acts as a proxy for the address management function in the virtual HNW when the communication confirmation unit 250 detects a disconnection of the L2 connection.

[Effect of Fifth Embodiment]
As described above, according to the fifth embodiment, the HNW HGW / L2 termination device includes the IPv4 and IPv6 broadband router functions. Therefore, the system according to the fifth embodiment makes it possible to place the HGW at an arbitrary position on the system.

(Sixth embodiment)
Although the first to fifth embodiments have been described so far, the embodiment according to the present application is not limited to the first to fifth embodiments. That is, these embodiments can be executed in various other forms, and various omissions, replacements, and changes can be made.

  The resources on the virtual HNW side in the above-described embodiment may be hardware or virtualized by software. When virtualized by software, it is possible to more easily realize resource expansion by a known cloud technology.

  In the above-described embodiment, the case where the HNW is used as the base has been described. However, the embodiment is not limited to this, and may be a company NW. For example, when a plurality of remote bases (terminals and networks) are converted to the same L2 segment NW by L2 tunnel connection or the like. There may be.

  In the above-described embodiment, the case where both IPv4 and IPv6 are used has been described. However, the embodiment is not limited to this. For example, only one of the embodiments may be handled.

  The specific form of distribution / integration of each device (for example, the form shown in FIG. 7) is not limited to the one shown in the figure, and all or a part thereof can be functional in arbitrary units depending on various loads and usage conditions. Or it can be physically distributed and integrated. For example, the address management proxy unit 170 and the proxy function control unit 160 may be integrated as one processing unit, while the communication check unit 150 transmits a echo request message, You may distribute to the determination part which determines whether L2 connection was cut | disconnected.

  Alternatively, the address management proxy unit 170 may be connected as an external device of the L2 termination device 100 via a network, or another device may include the address management proxy unit 170 and the proxy function control unit 160, respectively. By connecting to and cooperating with each other, the above-described function of the L2 termination device may be realized.

  In addition, the L2 termination device 100 and the receiving L2 termination device are cooperated by connecting a device having a function of forming an L2 tunnel as an external device of the L2 termination device 100 or the receiving L2 termination device 200 via a network. An L2 tunnel may be formed between the two.

  The L2 termination device 100 and the virtual HGW 300 described in the above-described embodiment can also be realized by executing a program prepared in advance by a computer. Therefore, in the following, an example of a computer that executes a program that realizes the same function as the L2 termination device 100 illustrated in FIG. 7 or the virtual HGW 300 illustrated in FIG. 9 will be described.

  FIG. 17 is a diagram illustrating a computer 1000 that executes a network management program according to the sixth embodiment. As shown in FIG. 17, a computer 1000 includes, for example, a memory 1010, a CPU (Central Processing Unit) 1020, a hard disk drive interface 1030, a disk drive interface 1040, a serial port interface 1050, a video adapter 1060, and a network. Interface 1070. These units are connected by a bus 1080.

  The memory 1010 includes a ROM (Read Only Memory) 1011 and a RAM (Random Access Memory) 1012. The ROM 1011 stores a boot program such as BIOS (Basic Input Output System). The hard disk drive interface 1030 is connected to the hard disk drive 1090. The disk drive interface 1040 is connected to the disk drive 1100. A removable storage medium such as a magnetic disk or an optical disk is inserted into the disk drive 1100, for example. For example, a mouse 1110 and a keyboard 1120 are connected to the serial port interface 1050. For example, a display 1130 is connected to the video adapter 1060.

  Here, as shown in FIG. 17, the hard disk drive 1090 stores, for example, an OS (Operating System) 1091, an application program 1092, a program module 1093, and program data 1094. The network management program according to the sixth embodiment is stored in, for example, the hard disk drive 1090 as a program module in which a command executed by the computer 1000 is described. Specifically, when realizing a function similar to that of the L2 termination device 100, a confirmation step for executing the same information processing as the communication confirmation unit 150 described in the above embodiment, and an information processing similar to the proxy function control unit 160 are performed. A program module in which a proxy function control step for executing, a proxy step for executing information processing similar to that of the address management proxy unit 170, and an acquisition step for executing information processing similar to that of the address information acquisition unit 190 are described. It is stored in the hard disk drive 1090. On the other hand, when realizing the same function as the virtual HGW, a confirmation step for executing the same information processing as the communication confirmation unit 350 described in the above embodiment, and a management control for executing the same information processing as the address management control unit 360 The hard disk drive 1090 stores a program module in which a step, a management step for executing information processing similar to the address management unit 370, and an acquisition step for executing information processing similar to the address information acquisition unit 390 are described. .

  Further, like the data stored in the database described in the above embodiment, data used for information processing by the program is stored as program data, for example, in the hard disk drive 1090. Then, the CPU 1020 reads the program module and program data stored in the hard disk drive 1090 to the RAM 1012 as necessary, and executes a confirmation step, a proxy function control unit step, a proxy step, and an acquisition step, or A confirmation step, a management control step, a management step, and an acquisition step are executed.

  Note that the program module and program data relating to the program are not limited to being stored in the hard disk drive 1090, but may be stored in a removable storage medium and read out by the CPU 1020 via the disk drive 1100 or the like. Good. Alternatively, a program module and program data related to the program are stored in another computer connected via a network such as a LAN (Local Area Network) or a WAN (Wide Area Network) and read by the CPU 1020 via the network interface 1070. May be issued.

  These embodiments and modifications thereof are included in the invention disclosed in the claims and equivalents thereof as well as included in the technology disclosed in the present application.

1 Home gateway virtualization system 2 HNW
3 iDC
100 L2 Termination Device 150, 250, 350 Communication Confirmation Unit 160 Proxy Function Control Unit 170 Address Management Proxy Unit 200 Receiving L2 Termination Device 300 Virtual HGW
370 Address Management Department

Claims (11)

A network system comprising a first device included in a first network and a second device included in a second network connected to the first network,
The first device includes:
An address management unit for managing IP addresses in the first network and the second network;
The second device includes:
A communication confirmation unit for confirming communication between the first network and the second network;
An address information acquisition unit configured to acquire information related to IP addresses used in the first network or the first network and the second network;
An address that manages an IP address in the second network on behalf of the address management unit and controls an IP address overlapping with the IP address acquired by the address information acquisition unit not to be used in the second network. An administrative agency,
An address management control unit that causes the address management proxy unit to manage an IP address in the second network when communication disconnection between the first network and the second network is detected by the communication confirmation unit When,
A network system characterized by comprising:   The address management control unit terminates the management of the IP address by the address management proxy unit when the communication confirmation unit detects recovery of communication between the first network and the second network. The network system according to claim 1. When the IP address overlapping with the IP address acquired by the address information acquisition unit is generated by a predetermined device included in the second network, the address management proxy unit 2. The network system according to claim 1 , wherein notification is made that the generated IP address has been used. When the communication is restored , the address management control unit notifies the address management unit of information on an IP address used in the second network at least during the communication disconnection,
The network system according to claim 2, wherein the address management unit integrates the IP address information notified by the address management control unit and the IP address information managed by the address management unit . An address management device included in the first network,
An address management unit for managing IP addresses in the first network and a second network connected to the first network;
The address management unit is used in the second network at least during the communication disconnection when the communication between the first network and the second network is disconnected and the communication is restored. IP address information is notified, and based on the notified IP address information, IP addresses are managed so that duplicate IP addresses are not used in the first network and the second network.
A network management device. When the communication between the first network and the second network is disconnected, the address management unit is configured to include a predetermined IP address included in the second network. When the communication is restored by the device so that the IP address overlapping with the IP address used in the first network is not used in the second network on behalf of the device itself, at least the communication During the disconnection, information on the IP address used in the second network is notified, the information on the notified IP address is integrated with the information on the IP address managed by itself, and the integrated IP Based on the address, duplicate IP addresses are used in the first network and the second network. A network management device according to claim 5, characterized in that managing the IP address so that it is not. A device included in a second network connected to the first network, the device comprising:
A communication confirmation unit for confirming communication between the first network and the second network;
An address information acquisition unit configured to acquire information related to IP addresses used in the first network or the first network and the second network;
Instead of a predetermined device that is included in the first network and manages IP addresses in the first network and the second network, the IP address in the second network is managed, and the address information acquisition unit An address management proxy unit that controls an IP address that overlaps with the IP address acquired by the second network not to be used ;
An address management control unit that causes the address management proxy unit to manage an IP address in the second network when communication disconnection between the first network and the second network is detected by the communication confirmation unit When,
A network management device comprising: The address management control unit terminates the management of the IP address by the address management proxy unit when the communication confirmation unit detects recovery of communication between the first network and the second network. The network management device according to claim 7 , wherein: A network management program for causing a computer to function as the network management device according to any one of claims 5 to 8 . A network management method executed by a network system including a first device included in a first network and a second device included in a second network connected to the first network,
Executed by the first device;
An address management step of managing IP addresses in the first network and the second network;
Executed by the second device;
A communication confirmation step of confirming communication of communication between the first network and the second network;
An address information acquisition step of acquiring information relating to an IP address used in the first network or the first network and the second network;
Instead of the address management step, an IP address in the second network is managed , and an IP address that overlaps with the IP address acquired in the address information acquisition step is controlled not to be used in the second network. Management agency process,
An address management control step for causing the address management proxy step to manage an IP address in the second network when a communication disconnection between the first network and the second network is detected by the communication confirmation step; When,
A network management method comprising: The address management control step ends management of the IP address by the address management proxy step when recovery of communication between the first network and the second network is detected by the communication confirmation step. The network management method according to claim 10 .

Images