JPH1056473A - Virtual lan control system, method and virtual lan management server - Google Patents

Abstract

PROBLEM TO BE SOLVED: To realize detection of a withdrawn terminal equipment without setting any special system or procedure to the terminal equipment. SOLUTION: In the case that a terminal equipment 101 is moved from a home network 200 to a remote network 501 and managed, based on a timing of a packet sent by the terminal equipment 101 or connection information moved to other remote network 502, a remote access server 301 controlling the access between terminal equipment 101 and the home network 200, a remote access client controlling the communication of the remote network and the Internet 40, and a virtual LAN management server 700 managing the connection position of the terminal equipment 101 and packet transmission are used to detect that the terminal equipment 101 is withdrawn from the remote network. Then the management content change of the system attending the withdrawn terminal equipment is controlled.

Description

DETAILED DESCRIPTION OF THE INVENTION

[0001]

BACKGROUND OF THE INVENTION In order to realize movement of a terminal, which is one of the conveniences of a LAN, even in a wide area LAN environment using the Internet or an intranet, a connection position of the terminal in the network is specified. There is a need. For this purpose, it is necessary to detect connection and disconnection of the terminal. The present invention relates to a technology for realizing terminal disconnection detection.

[0002]

2. Description of the Related Art In order to create an environment (virtual LAN system) in which terminals can move in the Internet or an intranet to which a plurality of sub-networks are connected, a terminal management for managing connection positions of the terminals in a router or the like accommodating the terminals. It is necessary to have a function of providing a table and automatically updating the table as the terminal moves. A device having such a function is called a client.

A virtual L having a client as described above
One example of the AN control system is shown in FIG. In FIG. 1, 1
Reference numerals 0, 20, and 30 denote offices each having a sub-network for constructing a virtual LAN on the Internet;
Is the Internet. The present invention is applicable to a similar global packet network such as an intranet. The office 10 includes a subnetwork (hereinafter, referred to as a home network, abbreviated as "HNW") 200 to which the terminals 101 and 102 of interest are usually connected, and is hereinafter referred to as a home office. HN
A remote access server (hereinafter abbreviated as “RAS”) 301 for configuring a virtual LAN is connected to the W 200, and is connected to the Internet 40 via a router 400.

The offices 20 and 30 are connected to the terminal 1
The network includes sub-networks (hereinafter, referred to as remote networks and abbreviated as “RNW”) 501 and 502 connected when the mobile stations 01 and 102 move, respectively, and hereinafter referred to as remote offices 20 and 30.
Remote access clients (hereinafter abbreviated as “RAC”) 601 and 602 for configuring a virtual LAN are connected to the RNWs 501 and 502, respectively, and are connected to the Internet 40 via a router 400. A virtual LAN for managing the virtual LAN via the router 400 is provided on the Internet 40.
A management server (hereinafter abbreviated as “IMS”) 700 is connected.

[0005] Fig. 9 shows an example of the (address) structure of a packet. In the figure, 1001 is data, 1002
Indicates a layer 2 address, and 1003 indicates a layer 3 address. Each address is composed of two addresses, outgoing and incoming. Specifically, layer 2 of the OSI is called a frame, and layer 3 is called a packet. Here, any of them is called a packet in the sense of a transfer unit. In a packet network, different addresses are assigned at the link level and at the network level. The layer 2 address 1002 is known as a MAC address, is assigned by a vendor when a terminal is manufactured, and is information that can uniquely identify all terminals. On the other hand, layer 3 address 10
03 is known as an IP address, is assigned to identify an individual terminal at a network level, is fixedly assigned to a connection position, and is used for packet routing.

FIG. 10 shows an example of packet transfer between terminals in a packet network. Terminals from 111 to 114 are 4
01 and 402 are routers, and 800 is a communication path. In this example, the terminal 111 is provided with a layer 2 address # 1 and a layer 3 address # 1. Arrows in FIG. 10 indicate a state in which a packet is transferred from the terminal 112 to the terminal 113. When the terminal 112 transmits a packet, the packet is broadcast to the terminals 111 and 112, which are all terminals in the collision (collision) domain, and the router 401. Each receiving destination compares the destination layer 2 address of the packet with its own layer 2 address. If they match, the packet is captured, and if they do not match, the packet is discarded. Here, router 4
01 will receive the packet.

The router 401 has a packet destination layer 3
A correspondence table between addresses and route information, that is, routing data is stored in advance, and the route control of the packet is performed based on this. In this example, the communication destination terminal 11
3 is connected to the path 800, and routes the packet to the path 800. Thus, the packet is finally transferred to the terminal 113.

FIG. 11 is a diagram for explaining an address solution known for a packet network. In the figure, 401 is a router, 111 and 112 are terminals under the connection of the router 401, and 900 is an ARP (Address Resolution Protocol) cache held by the router 401. This ARP cache is a memory for managing the correspondence between the layer 2 address and the layer 3 address of the communication destination. When the layer 3 address of the communication destination is known but the layer 2 address is unknown, a method of acquiring the layer 2 address using the ARP cache is known as ARP.

When the router 401 attempts to acquire the layer 2 address of the terminal 111, the router 401
An ARP request packet in which an address is set is broadcast to all terminals under the connection. The terminal (111) that has received the ARP request packet returns an ARP response packet including its own layer 2 address.
The router 401 determines from the ARP response packet a layer 3
The address is taken out and stored in the ARP cache 900 and used for the subsequent communication. The contents of the ARP cache 900 are deleted after being held for a certain period of time.

FIG. 2 shows a virtual LAN initial information management table 50. This table is initialized in the IMS 700, and thereafter, the virtual LAN is referred to by referring to this table.
Is performed. This table shows the M of all virtual LAN constituent terminals.
6 is a correspondence table between an AC address and an IP address of the RAS 301 of the HNW 200.

FIG. 3 shows a location information management table 60. This table is set in the IMS 700 and the RAS 301. The MAC address of the terminal and the RAS or RA which is the location information of the network to which the terminal is currently connected.
It manages the correspondence between C and the Internet address (IP address). With this table, the IMS 700 and the RAS 301 can manage the position of the terminal in real time.

FIG. 4 shows a home address management table 70, which is composed of RAC 601 and RAC 602.
Is set to and the M of the terminal connected to the remote network
AC address and RAS which is the home address of the terminal
The correspondence relationship with the IP address 301 is managed. With this table, RAC 601 and RAC 602 can transfer the packet transmitted from the terminal to HNW 200.

FIG. 5 shows an automatic authentication sequence in the system of FIG. Hereinafter, taking the configuration of FIG. 1 as an example, the principle of automatic authentication and location management (when moving) in the present system will be described according to this sequence. First,
A case where terminal 101 moves from HNW 200 to RNW 501 will be described.

The terminal 101 of the HNW 200 is connected to the RNW 501
, And the first packet (MAC
Frame (step S1, hereinafter “step” is omitted), the RAC6 connected to the RNW 501
01 acquires the packet, extracts the MAC address of the source terminal 101 in the packet (MAC frame), and checks whether or not the MAC address has been authenticated by using the home address management table 70 (S2).

Here, the home address management table 70
Has no entry (unauthenticated).
The terminal 101 sends the MAC address of the terminal 101 and the IP address of the RAC 601 to issue an authentication request for the terminal 101 (S3). I
In response to the authentication request from the RAC 601, the MS 700 performs authentication and home address resolution by using the above-described initial information management table 50 created at the time of constructing the virtual LAN system, based on the MAC address of the terminal 101 sent thereto.

That is, if the MAC address of the terminal 101 exists in the initial information management table 50 (S4), the RAC6
01 and RAS301 of HNW200
Is returned (S5). And IMS700
Updates the location information management table 60 of the moved terminal 101 (S6), and updates the HNW of the moved terminal 101.
The IP address of the RAC 601 corresponding to the location information of the terminal 101 on the Internet is sent to the RAS 301 of the 200 as a location information notification (S7).

The RAS 301 updates the location information of the terminal managed by itself on the location information management table 60 (S301).
8). The RAC 601 creates the home address management table 70 in response to the authentication response from the IMS 700, and
The IP address of the RAS 301 corresponding to the home address 01 is registered (S9). This ends the authentication and address resolution. On the other hand, if the MAC address of the terminal 101 does not exist in the initial information management table 50, the authentication N
G is returned to the RAC 601 (S10). RAC601 is I
The packet transmitted from the terminal 101 is discarded by the authentication NG from the MS 700 (S11).

FIG. 6 shows that after the above-mentioned automatic authentication is completed,
5 is a sequence example (data transmission from the terminal 101 to the terminal 102) when automatically connecting to the home network.
Hereinafter, the principle of the automatic connection and the connection corresponding to the multiprotocol in the present system will be described according to this sequence. The RAC 601 of the remote network to which the terminal 101 has moved receives a packet (MAC frame) (addressed to the terminal 102) from the terminal 101 (S2).
1) The home address management table 70 checks whether the terminal has been authenticated, and confirms that the terminal has been authenticated (S22).

Next, based on the home address management table 70, the packet sent from the terminal 101 is sent to the RAS 301 of the terminal's home network.
The P address (DA) is encapsulated by adding IP header information with RAS301 and the originating IP address (SA) being RAC601 (S24).
01 (S24).

The RAS 301 decapsulates the transmitted packet containing the IP header information (S2
5), and send out to the HNW 200. Accordingly, the moved terminal 101 can transmit a packet (MAC frame) from the RNW 501 to the TE 102 connected to the HNW 200 as if the packet was transmitted within the HNW 200 (S26). Also, by encapsulating the MAC frame, connection independent of the OSI layer 3 or higher protocol (ie, multi-protocol)
Becomes possible.

On the other hand, from the terminal 102 on the HNW 200,
FIG. 7 shows a case of transmitting to the terminal 101 that has moved. In this case, the packet (M
The RAS 301 monitors the AC frame (S3).
1). Next, according to the location information management table 60, the destination M
The location of the AC address is checked (S32), and if it is the MAC address of the terminal 101 that has moved, the destination IP address (DA) is
C601, IP header information with the source IP address (SA) being RAS301 is added and encapsulated (S33),
The data is transmitted from the RAS 301 to the RAC 601 (S34).
The RAC 601 decapsulates the transmitted packet containing the IP header information (S35), and
01, the packet is delivered to the terminal 101 that has moved (S36).

[0022]

SUMMARY OF THE INVENTION Such a virtual LAN
In the control system, in order for the terminal to be able to move to an arbitrary place, it is necessary to specify the connection position of the terminal. For this purpose, it is necessary to detect the detachment of the terminal. Conventionally, this has been realized by a method in which a user of a terminal gives an instruction to leave the terminal when leaving the terminal, and notifies the client of the result. In this method, it is necessary to provide a special function to the terminal, and there is a problem that a commercially available terminal cannot be used as it is. SUMMARY OF THE INVENTION An object of the present invention is to solve the above-described problem, and realize the detection of terminal detachment without providing a special function to the terminal.

[0023]

In order to solve the above problems, the present invention provides a home network to which one or more terminals are normally connected, and at least one remote network to which the terminals are connected when moving. A virtual LAN connected via a global network, comprising: a management table connected to the home network, having an address of the global network, and indicating a connection position of each terminal being connected; A remote access server for controlling access between the terminal and the home network when the terminal moves to one of the remote networks as if the terminal were accessing the home network; Connected to a network, having an address of the global network, A remote access client that includes a management table indicating a correspondence between each terminal connected to a remote network and the home network, and controls communication between the remote network and the global network; Connected, has the address of the global network, has a correspondence table between each terminal and the remote access server, and a management table indicating the connection position of each connected terminal. A virtual LAN management server for managing, and when any terminal is connected to and managed by one of the remote networks, the timing of a packet transmitted by the terminal or the terminal moves to another remote network Of the terminal based on the connection information The detecting detachment from the remote network, there is provided a terminal leaving detection system for controlling the managed content changes of a system with a terminal leaving via the virtual LAN management server.

Also, the present invention provides a virtual L
In the AN system, when any terminal is connected to and managed by one of the at least one remote networks, timing of a packet transmitted by the terminal or connection when the terminal moves to another remote network A terminal detachment detection method for detecting detachment of the terminal from the remote network based on information is provided.

As a preferable method of detecting the terminal detachment,
There are the following methods. (1) Each time a terminal connected to each remote network sends a packet, a monitoring timer that automatically increases the timer value is set for the terminal, and the timer value exceeds a predetermined threshold value. It is sometimes determined that the terminal has left. (2) When the terminal moves from the first remote network under the connection management to the second remote network, the transmission of the packet of the terminal is detected, and the terminal has been connected until then based on the management information of the terminal. It recognizes that the remote network is the first remote network and notifies the remote access client of the first remote network of the departure of the terminal. (3) A monitoring packet is transmitted to each terminal connected to the remote network at predetermined time intervals, and if no response packet is returned from the terminal, it is determined that the terminal has left.

In the method (1), if a predetermined time has elapsed after the terminal has left, the terminal can always be detected as leaving. In the method (2), the leaving can be detected immediately after the terminal moves from the first remote network to the second remote network and sends out the packet. The method (3) can be realized by using the transmission of the monitoring packet by the normal ARP method. Further, these methods may be combined.

The present invention also provides a virtual LAN management server having a corresponding function in the virtual LAN control system, that is, a virtual LAN management server connected to the global network and having an address of the global network. The present invention provides a virtual LAN management server that manages the connection state of terminals and packet transmission by providing a management table indicating a correspondence relationship between remote access servers of a remote network and connection positions of connected terminals. In the case where any terminal is connected to and managed by one of the remote networks, the terminal may leave the remote network based on the connection information when the terminal further moves to another remote network. To detect and control changes to the management of the system when the terminal leaves. And butterflies.

Further, the present invention provides a remote access client having a corresponding function in the virtual LAN control system, that is, connected to each of the remote networks, having an address of the global network, and connected to the remote network. A management table indicating the correspondence between each terminal in the home network and the home network,
The present invention provides a remote access client for controlling communication with a network, wherein, when any terminal is connected to and managed by one of the remote networks, timing information of a packet transmitted by the terminal is provided. Detecting that the terminal has left the remote network on the basis of the terminal.

The present invention also provides a method corresponding to the server and the client, and a computer-readable storage medium storing a program for executing the method.

[0030]

Embodiments of the present invention will be described below with reference to the drawings. In the following description, the basic configuration of the virtual LAN control system is the same as the configuration of FIG. 1 described above.

FIG. 8 shows an example of a terminal leaving sequence according to the present invention, in which the terminal 101 that has moved to the RNW 501 moves to the HNW 200 again. RAC601
Each time the terminal 101 sends out a packet (MAC frame) (S41), the terminal leaving monitoring timer whose timer value automatically increases with the passage of time is reset (S4).
2) When the timer value exceeds a certain threshold value (S43), it is considered that the timer has left the RNW 501 (S4).
4). By using this timer, it is possible to withdraw from the multi-protocol support independent of the terminal-side protocol.
When the RAC 601 detects a time-out, the IMS 7
In response to 00, a terminal leaving request packet indicating that the terminal has left is transmitted. The contents of the packet include the MAC address of the TE 101 and the IP address of the RAC 601 (S45).

When the IMS 700 receives the packet, the contents related to the terminal 101 in the location information management table 60 are converted from the IP address of the RAC 601 of the remote network to which the terminal 101 has moved to the RAS 301 of the HNW 200 which is the default position of the terminal 101. Update to the IP address (S46). Also, a terminal leaving response packet is sent to the RAC 601 (S47), and the RAS 30
1 is the MAC address of the terminal 101 and the I
A terminal leaving notification is transmitted with the P address attached (S4
8).

In the RAC 601, the terminal departure response is sent to the IMS
By receiving the information from the terminal 700, the terminal entry processing is deleted by deleting the entry of the terminal in the home address management table 70 of the terminal (S49). RAS30
1 receives the terminal disconnection notification from the IMS 700 and updates the location information management table 60 to register the current connection location of the terminal 101 (S50).

According to this method, terminal departure can always be detected after a certain period of time has passed after terminal departure. And
Since the management table for managing the position of the terminal is automatically updated as the terminal moves, it is not necessary to reset the environment even if the terminal moves between networks. However, since the threshold value is determined so as to apply to any terminal in consideration of the characteristics of the frequency of communication of the terminal and the characteristics of the communication time, there is a possibility that the detection of terminal disconnection may be delayed.

FIG. 12 shows a second example of the terminal leaving sequence according to the present invention. In the present embodiment, the terminal 101
This is an example of a case where the user moves from the 501 to the RNW 502. When the terminal 101 transmits a packet after moving to the RNW 502 (step S61), the RAC 602 detects this and sends a terminal connection notification packet for notifying that the terminal 101 has been connected to the IMS 700 (step S62). IM
In S700, when this packet is received, the location information management table 60 is searched and the terminal 101 moves.
Then, it recognizes that the RNW connected before the movement is 501 (step S63). And the terminal 101
The terminal leaving notification packet indicating that the terminal has moved
01 (step S64).

When the RAC 601 receives this packet, it knows that the terminal 101 has left, deletes the information on the terminal 101 in its home address management table 70, and performs a leave process (step S65). At the same time, IM
In step S700, the RAS 301 is notified of a terminal connection position notification packet indicating that the terminal 101 has moved (step S66). This method has an advantage that the disconnection cannot be detected until the terminal attempts to perform communication after the terminal moves (withdraws), but the disconnection can be immediately detected when the communication starts.
Detachment may be detected by only one of the methods shown in the first and second examples, or both methods may be used together. By using the two methods together, the terminal detachment can be detected more accurately.

FIG. 1 shows a sequence example in which the two methods are used together.
3 is shown. This example is also a case where the terminal 101 that has been connected to and communicates with the RNW 501 until then moves to the RNW 502 and starts communication. That is, when the terminal 101 previously connected to the RNW 501 transmits a packet to perform communication after moving to the RNW 502 (step S7).
1) The RAC 602 detects this and searches its own home address management table 70, but here the terminal 10
Since there is no record for No. 1, the RAC 602 knows that the terminal 101 has been newly connected (step S7).
2).

The RAC 602 transmits a terminal connection notification packet including the MAC address of the terminal 101 and its own identification information (IP address) to the IMS 700 (step S7).
3). Upon receiving this packet, the IMS 700 searches its own initial information management table 50 based on the information included in the packet (step S74). The terminal 101 has already registered this table,
00 notifies the RAC 602 that the terminal 101 has been authenticated (step S75), and the RAC 602 adds a record of the terminal 101 to its own management table 70 (step S76). At the same time, the IMS 700
A terminal connection position notification packet indicating a new connection position of the terminal 101 is transmitted to 301 (step S77).

When the RAS 301 receives this packet, it updates the data relating to the connection position of the terminal 101 in its own position information management table 60 (step S78).
On the other hand, the IMS 700 searches the management table 60 and finds that the terminal 101 has been connected to the RAC 601 up to that point, and therefore transmits a terminal leaving notification packet to the RAC 601 (step S79). Upon receiving this packet, the RAC 601 deletes the record related to the terminal 101 from its own management table 70 and performs a terminal leaving process (step S80).

On the other hand, the terminal 101 held by the RAC 601
Regarding the terminal departure monitoring timer, the timer value increases as time elapses from the time when the last packet is received from the terminal 101. Therefore, after a certain period of time, the timer times out, and the terminal is detected to have left (step S81). As a result, the RAC 601 deletes the record related to the terminal 101 from its own management table 70 and performs the terminal leaving process (step S80).

Therefore, the RAC 601 can detect the leaving of the terminal 101 based on the earlier information of the reception of the terminal leaving notification packet or the timeout of the terminal leaving monitoring timer. In other words, the first method uses a terminal departure monitoring timer after a certain period of time has elapsed without the terminal resuming communication after the departure. On the other hand, if the terminal resumes communication with a new RNW early after the departure, Terminal detachment can be detected by the second method. When the two methods are used in this way, the terminal detachment can be detected more accurately, and in this case, of course, it is not necessary to provide a special function to the terminal.

FIG. 14 shows a third example of the terminal leaving sequence according to the present invention. In the present example, the detection of the detachment of the terminal is intended to be realized by applying the above-described ARP method. In this example, the terminal 101 is connected to the HNW 200 to the RNW 5
This is an example of a case where communication is attempted by moving to 01. When the terminal 101 transmits a new first packet after moving (step S91), the RAC 6 that detects the packet transmission
01 searches its own management table 70. Here, since no registration information on terminal 101 is found, RAC
601 transmits a terminal authentication request packet to the IMS 700 (step S92). This packet is the M
It includes an AC (Layer 2) address and identification information (IP address) of the requesting RAC.

The IMS 700 searches the initial information management table 50 from the MAC address included in the packet and authenticates that the terminal 101 is a registered terminal (step S93). Also, the position information management table 60
And the connection position of the terminal 101 is changed from HNW200 to R
Upon knowing that the terminal 101 has moved to the NW 501, the corresponding record in the table 60 is updated in order to manage a new connection destination of the terminal 101 (step S94). Then, the authentication result packet is returned to the RAC 601 (step S95).

Since the terminal 101 has been authenticated by this packet as being registered, the RAC 601 adds the MAC address information of the terminal 101 to its own management table 70 based on the contents of the packet (step S).
96). Next, when the terminal 101 transfers the second and subsequent packets (step S97), the RAC 601 authenticates this using the information in the table 70, and relays the packet (step S98).

The RAC 601 has its own management table 70
The IP (layer 3) address of the terminal is set for each terminal recorded at a predetermined time interval, and its MAC
(Layer 2) A monitoring packet for inquiring about an address is transmitted (step S99). That is, the monitoring packet is also transmitted to the terminal 101. Since the incoming IP address of the monitoring packet is set to the terminal 101, when the terminal 101 leaves the RNW 501 (step S1).
00), the expected response packet is not returned.

If no response packet is returned to the RAC 601 after a certain period of time, the RAC 601 determines that the terminal 101 has left (step S101). In this case, the corresponding record in its own management table 70 is deleted (step S102), and a terminal leaving notification packet is transmitted to the IMS 700 (step S103). IM
In step S700, when the terminal leaving notification packet is received, the current connection position of the record relating to the terminal 101 in its own position information management table 60 is set to the default position HNW2.
00 is changed to the IP address of the RAS 301 (step S104). Further, the IMS 700 checks the H of the terminal 101.
A terminal leaving notification packet is transmitted to the RAS 301 of the NW (step S105). The RAS 301 also updates the contents of its own position information management table 60 in accordance with the movement of the terminal 101 (step S106).

That is, in the case of this example, the departure can be detected by a monitoring packet (and a response packet) using the ARP method after a lapse of a predetermined time after the departure of the terminal 101. That is,
By providing a function for automatically detecting the movement of the terminal on the RAC, RAS, and IMS sides, terminal departure can be detected without providing a special function to the terminal.

[0048]

In other words, according to the present invention, the detection of terminal departure necessary for enabling a terminal to move to an arbitrary place in a virtual LAN control system is performed by setting a special system or procedure in the terminal. It can be realized without.

[Brief description of the drawings]

FIG. 1 is a configuration example of a virtual LAN control system according to the present invention.

FIG. 2 is a diagram illustrating an example of an initial information management table.

FIG. 3 is a diagram illustrating an example of a position information management table.

FIG. 4 is a diagram illustrating an example of a home address management table.

FIG. 5 is a diagram showing an automatic authentication sequence in the virtual LAN control system.

FIG. 6 is a diagram showing an example of an automatic connection sequence in the present system.

FIG. 7 is a diagram showing an example of an automatic connection sequence in the present system.

FIG. 8 is a diagram showing an example of an automatic withdrawal sequence according to the present invention.

FIG. 9 is a diagram illustrating an example of a packet address configuration.

FIG. 10 is a diagram illustrating a packet transfer example.

FIG. 11 is a diagram illustrating an example of an address solution method.

FIG. 12 is a diagram showing an example of an automatic withdrawal sequence according to the present invention.

FIG. 13 is a diagram showing an example of an automatic withdrawal sequence according to the present invention.

FIG. 14 is a diagram showing an example of an automatic withdrawal sequence according to the present invention.

[Explanation of symbols]

10 home office, 20, 30 remote office, 40 internet, 50 initial information management table, 60 location information management table, 70 home address management table, 200 HNW (home network), 501, 502 RNW (Remote network), 301 ... RAS (remote access server), 6
01, 602: RAC (remote access client), 101, 102: terminal, 700: IMS (virtual L
AN management server), 400 ... router.

 ──────────────────────────────────────────────────続 き Continuing on the front page (72) Takashi Masui, inventor, Nippon Telegraph and Telephone Corporation 3-9-1, Nishishinjuku, Shinjuku-ku, Tokyo (72) Inventor Koichi Nagai 3-192, Nishishinjuku, Shinjuku-ku, Tokyo No. Japan Telegraph and Telephone Corporation

Claims (32)

[Claims] A virtual LAN in which a home network to which one or more terminals are normally connected and at least one remote network to which the terminals are connected when moving are connected via a global network, Connected to the home network, the global network
A management table having a network address and indicating a connection position of each connected terminal, wherein when the terminal moves to one of the remote networks, access between the terminal and the home network is performed by the terminal; A remote access server for controlling as if accessing in the home network, each terminal connected to each remote network, having an address of the global network, and connecting to each terminal connected to the remote network and the home A remote access client for controlling communication between the remote network and the global network, comprising: a management table indicating a correspondence relationship with a network; and a remote access client connected to the global network and having an address of the global network. , Each terminal and said A virtual LAN management server that manages the connection positions of the terminals and the packet transmission with a management table that indicates the correspondence between the remote access servers and the connection positions of the connected terminals; When connected to and managed by one of the remote networks, the terminal leaves the remote network based on the timing of the packet sent by the terminal or connection information when the terminal moves to another remote network. A virtual LAN control system for detecting a change in the management content of the system accompanying the disconnection of the terminal via the virtual LAN management server. 2. In the detection of the terminal departure, each remote access client sets a monitoring timer for which the timer value is automatically increased for the terminal each time the terminal being connected transmits a packet, and 2. The terminal detachment detection system according to claim 1, wherein when the timer value exceeds a predetermined threshold value, it is determined that the terminal has detached and the virtual LAN management server is notified of the terminal detachment. 3. Two or more remote networks are provided as the remote network, and in the detection of the terminal detachment, a terminal is connected to a first network under connection management.
When the terminal sends a packet from the remote network to the second remote network, the remote access client of the second remote network detects the packet and notifies the virtual LAN management server that the terminal has been connected. The virtual LAN management server, having received the notification, searches its own management table, recognizes that the remote network to which the terminal has been connected so far is the first remote network, and 2. The terminal detachment detection system according to claim 1, wherein the detachment of the terminal is notified to a remote access client of one remote network. 4. The method according to claim 1, wherein in detecting the terminal disconnection, the remote access client transmits a monitoring message to each connected terminal recorded in its own management table at predetermined time intervals, and a response message is sent from a certain terminal. If not returned, it is determined that the terminal has left,
The terminal detachment detection system according to claim 1, wherein the virtual LAN management server is notified of the terminal detachment. 5. The monitoring message is a layer 3 of OSI.
The system according to claim 4, wherein the response message includes an OSI layer 2 address. 6. The terminal withdrawal according to claim 1, wherein when the terminal withdrawal is detected, the remote access client of the remote network from which the terminal has withdrawn deletes information on the terminal in its own management table. Detection system. 7. When the disconnection of the terminal is detected, the virtual LAN management server updates the contents of its own management table, notifies the remote access server of the disconnection of the terminal, and notifies the remote access server of the notification. 2. The access server updates the contents of its own management table.
Terminal detachment detection system as described in the above. 8. The terminal disconnection detection system according to claim 1, wherein said global network is the Internet. 9. The terminal detachment detection system according to claim 1, wherein said global network is an intranet. 10. A home network to which one or more terminals are normally connected and at least one remote network to which said terminals are connected when moving are globally connected.
A method for detecting terminal departure in a virtual LAN system connected via a network, wherein when any terminal is connected to and managed by one of the remote networks, a timing of a packet transmitted by the terminal or A terminal for detecting the departure of the terminal from the remote network based on connection information when the terminal moves to another remote network, and performing control of a change in management of the system accompanying the departure of the terminal. Detachment detection method. 11. A detection timer for automatically increasing a timer value for each terminal connected to each terminal transmitting a packet in the detection of the terminal disconnection is set for the terminal, and the timer value is set to a predetermined threshold. The terminal detachment detection method according to claim 10, wherein it is determined that the terminal has detached when the hold value is exceeded. 12. Two or more remote networks are provided as the remote network, and in the detection of the terminal detachment, a terminal is connected to a first network under connection management.
When the terminal moves from the remote network to the second remote network, the transmission of the packet of the terminal is detected, and from the management information of the terminal, the remote network to which the terminal has been connected is determined by the first remote network. 11. The terminal detachment detection method according to claim 10, recognizing that there is, and notifying a remote access client of the first remote network of the detachment of the terminal. 13. In the detection of the terminal detachment, a monitoring message is transmitted to each terminal connected to the remote network at predetermined time intervals, and when the terminal does not return a response message, the terminal detaches. The method according to claim 10, wherein the determination is performed. 14. The method according to claim 13, wherein the monitoring message includes an OSI layer 3 address, and the response message includes an OSI layer 2 address. 15. The terminal disconnection detection method according to claim 10, wherein the global network is the Internet. 16. The method according to claim 10, wherein the global network is an intranet. 17. A home network to which one or more terminals are normally connected and at least one remote network to which said terminals are connected when moving are globally connected.
A virtual LAN management server used in a virtual LAN system connected via a network, the server being connected to the global network, having an address of the global network, and remotely accessing each terminal and the remote network. Server correspondence and
A management table indicating the connection position of each connected terminal is provided to manage the connection state and packet transmission of the terminal. When any terminal is connected to and managed by one of the remote networks Detecting the terminal's departure from the remote network based on the connection information when the terminal has moved to another remote network,
A virtual LAN management server for controlling a change in management content of a system accompanying a terminal disconnection. 18. The virtual LAN system, wherein two or more remote networks are provided as the remote network, and in the detection of the terminal detachment, a terminal is controlled by a first under connection management.
Moves from the remote network to the second remote network, and when the connection of the terminal is notified to the management server via the second remote network, the management table is searched, and the terminal has not been connected until then. 18. The virtual LAN according to claim 17, wherein the remote network recognizes that the remote network is the first remote network, and notifies a remote access client of the first remote network of the departure of the terminal.
Management server. 19. The method according to claim 17, wherein when the disconnection of the terminal is detected, the contents of the management table are updated.
The virtual LAN management server as described in the above. 20. A home network to which one or more terminals are normally connected and at least one remote network to which the terminals are connected when moving are globally connected.
A virtual LAN management method used in a virtual LAN system connected via a network, wherein when any terminal is connected to and managed by one of the remote networks, the terminal is further connected to another remote network. Based on the connection information when moving to the network, detecting that the terminal has left the remote network,
A virtual LAN management method, characterized in that control of change of management contents of a system due to disconnection of a terminal is performed. 21. The virtual LAN system is provided with two or more remote networks as the remote network. In the detection of the terminal detachment, a terminal is controlled by a first network under connection management.
Move from the remote network to the second remote network, and when the connection of the terminal is notified via the second remote network, the remote network to which the terminal has been connected until now is determined from the management information of the terminal. 21. The virtual LAN management method according to claim 20, further comprising recognizing that the terminal is a first remote network, and notifying a client of the first remote network of the departure of the terminal. 22. The computer according to claim 20 or 21.
A computer-readable recording medium on which a program for executing the method is recorded. 23. A home network to which one or more terminals are normally connected and at least one remote network to which the terminals are connected when moving are globally connected.
A remote access client used in a virtual LAN system connected via a network, comprising: a terminal connected to each of the remote networks, having an address of the global network, and being connected to the remote network. A management table indicating a correspondence relationship with the home network, wherein communication between the remote network and the global network is controlled, and any terminal is connected to and managed by one of the remote networks; A remote access client that detects the departure of the terminal from the remote network based on timing information of a packet transmitted by the terminal. 24. A detection timer for automatically increasing a timer value for each terminal connected to the terminal when detecting the disconnection of the terminal each time a terminal transmits a packet, for the terminal,
When the timer value exceeds a predetermined threshold value,
The remote access client according to claim 23, wherein it is determined that the terminal has left. 25. In the detection of the terminal detachment, a monitoring message is transmitted to each connected terminal recorded in the management table at predetermined time intervals, and when a response message is not returned from the terminal, the terminal 24. The remote access client according to claim 23, wherein it is determined that the client has left. 26. The remote access client according to claim 25, wherein the monitoring message includes an OSI layer 3 address, and the response message includes an OSI layer 2 address. 27. The remote access client according to claim 23, wherein when the terminal disconnection is detected, information on the terminal in the management table is deleted. 28. A home network to which one or more terminals are normally connected and at least one remote network to which said terminals are connected when moving are globally connected.
A remote access method used in a virtual LAN system connected via a network, wherein when any terminal is connected to and managed by one of the remote networks, timing of a packet transmitted by the terminal A remote access method, comprising detecting a disconnection of the terminal from the remote network based on the information. 29. In the detection of the terminal detachment, a monitoring timer for automatically increasing a timer value is set for each connected terminal each time a packet is transmitted, for the terminal,
When the timer value exceeds a predetermined threshold value,
29. The remote access method according to claim 28, wherein it is determined that the terminal has left. 30. In the detection of the terminal departure, a monitoring message is transmitted to each terminal connected to the remote network at predetermined time intervals, and when the terminal does not return a response message, the terminal departs. The remote access method according to claim 28, wherein the determination is performed. 31. The remote access method according to claim 30, wherein the monitoring message includes an OSI layer 3 address, and the response message includes an OSI layer 2 address. 32. A computer-readable recording medium on which a program for causing a computer to execute the method according to claim 28 is recorded.