WO2011115209A1 - Communication system, switching hub, and router - Google Patents

Communication system, switching hub, and router Download PDF

Info

Publication number
WO2011115209A1
WO2011115209A1 PCT/JP2011/056391 JP2011056391W WO2011115209A1 WO 2011115209 A1 WO2011115209 A1 WO 2011115209A1 JP 2011056391 W JP2011056391 W JP 2011056391W WO 2011115209 A1 WO2011115209 A1 WO 2011115209A1
Authority
WO
WIPO (PCT)
Prior art keywords
frame
router
switching hub
tag information
port
Prior art date
Application number
PCT/JP2011/056391
Other languages
French (fr)
Japanese (ja)
Inventor
達也 瀬尾
Original Assignee
ヤマハ株式会社
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by ヤマハ株式会社 filed Critical ヤマハ株式会社
Priority to CN201180014741.XA priority Critical patent/CN102804703B/en
Publication of WO2011115209A1 publication Critical patent/WO2011115209A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • H04L12/4641Virtual LANs, VLANs, e.g. virtual private networks [VPN]
    • H04L12/4645Details on frame tagging
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • H04L12/4604LAN interconnection over a backbone network, e.g. Internet, Frame Relay
    • H04L12/462LAN interconnection over a bridge based backbone
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/10Mapping addresses of different types
    • H04L61/103Mapping addresses of different types across network layers, e.g. resolution of network layer into physical layer addresses or address resolution protocol [ARP]

Definitions

  • the present invention relates to a technology for supporting operation management of a LAN (Local Area Network).
  • LAN Local Area Network
  • a local area LAN includes a switching hub, a communication terminal used by each user (for example, a company employee), and the like as constituent elements.
  • the switching hub is a communication device for connecting a communication terminal to the local LAN, and the number of communication terminals connectable to the switching hub is “the number of ports of the switching hub ⁇ 1”. For this reason, when it is necessary to connect more communication terminals than the number of ports of one switching hub to the local LAN, a plurality of switching hubs can be connected in cascade as shown in FIG. Generally, the number of communication terminals is increased.
  • the present invention has been made in view of the above problems, and the connection relationship of communication devices included in a network under a router such as a LAN can be reduced without overloading the communication devices and at a low cost.
  • the purpose is to provide a technology that enables grasping.
  • an aspect of the present invention provides a communication system including a router and a plurality of switching hubs included in a network under the router, wherein each of the plurality of switching hubs is a router, or It has a plurality of ports to which other switching hubs or communication terminals are connected, and the plurality of ports triggered by the switching hub being connected to the communication network or the switching hub being powered on
  • a first process for identifying an upstream port connected to the router or another switching hub on the router side and a frame containing a packet transmitted from the communication terminal to the router Received via a port different from the side port and included in the frame If the packet is of a predetermined type, the tag information indicating the port that received the frame is added to the predetermined area of the frame and transferred when the frame is transferred upstream.
  • the router When the router receives a frame in which the tag information is written in the predetermined area, the router and the switching hub involved in the transfer of the frame from the tag information and the frame Provided is a communication system configured to execute a third process of generating and storing data indicating a connection relationship of a transmission source communication terminal.
  • this communication system at the time when the router receives a predetermined type of packet, the predetermined area of the frame containing the packet is in the downstream side that received the frame by the switching hub involved in the transfer of the frame.
  • Tag information indicating a port is written. Therefore, by sequentially tracking these tag information, data indicating the connection relationship between the switching hub, the router, and the communication terminal existing on the communication path from the router to the communication terminal that is the transmission source of the packet is generated.
  • this communication system does not require an SNMP manager and does not incur a new cost burden.
  • the processing target packets to which the tag information is additionally recorded are limited to predetermined types, an excessive processing load is not applied to each switching hub.
  • the predetermined type of packet is a type of packet that allows the switching hub to acquire information indicating the connection status of the port, and immediately after the communication terminal is turned on or the communication terminal It is preferable that the packet is highly likely to be transmitted immediately after being connected to the communication network, and a specific example thereof is an ARP (Address Resolution Protocol) packet.
  • ARP Address Resolution Protocol
  • the transmission of the ARP packet for obtaining the MAC address of the router is highly likely to be performed immediately after the communication terminal is turned on or immediately after the communication terminal is connected to the communication network. This is because it is possible to quickly generate data indicating the connection relationship between the communication paths between the power supply and the like without taking any time from power-on or the like.
  • VLAN Virtual LAN
  • the tag information it is preferable to use a VLAN (Virtual LAN) tag as the tag information.
  • VLAN Virtual LAN
  • the tag information based on the original specification, if there is a switching hub that does not comply with the specification in the frame transfer path, there is a possibility that the frame to which the tag information is attached is discarded in the switching hub. It is. In the aspect using the VLAN tag in conformity with the general specification, there is no possibility that such a problem occurs.
  • the data size and the number of VLAN tags that can be written in each MAC frame are defined in the above specifications, so that the tag information is to be added in the second process.
  • tag information written by the most downstream switching hub may be deleted and then tag information for the switching hub added. Alternatively, it may be transferred to the upstream side without adding new tag information.
  • tag information written by the most downstream switching hub may be deleted and then tag information for the switching hub added.
  • it may be transferred to the upstream side without adding new tag information.
  • at least the connection relationship of the switching hubs in the vicinity of the router can be grasped. This is because, in the latter mode, at least the connection relationship of the switching hubs near the communication terminal that is the frame transmission source can be grasped.
  • Details of the VLAN tag are disclosed in Non-Patent Document 2.
  • Patent Document 1 As an example of the prior art using a VLAN tag, there is a technique disclosed in Patent Document 1.
  • Patent Document 1 uses a VLAN tag to identify the destination of a packet, and notifies the router of the connection relationship of each communication device on the communication path from the communication terminal to the router. This is a technique different from that of the present invention that uses the tag information.
  • another aspect of the present invention provides a plurality of ports each connected to another communication device and that the switching hub is powered on, or the switching hub is connected to a communication network.
  • an upstream port specifying means for specifying an upstream port connected to a router or another switching hub on the router side among the plurality of ports, and a port different from the upstream port
  • tag information indicating the port that received the frame is added to the predetermined area of the frame and transferred.
  • another aspect of the present invention provides a plurality of switching hubs that perform transfer control of a frame including a packet transmitted from a communication terminal to the router.
  • a communication network including a plurality of switching hubs, each of which executes a process of adding tag information indicating a port that received the frame to a predetermined area of the frame and transferring it when a frame containing a packet of the specified type is received
  • the switching hub involved in the transfer of the frame and the communication terminal of the transmission source of the frame from the tag information.
  • a router having a storage unit for generating and storing data indicating a connection relationship.
  • FIG. 7 is a flowchart showing a flow of upstream port specifying processing executed by a switching engine unit 520 of the switching hub 50. It is a flowchart which shows the flow of the frame transfer control process which the switching engine part 520 performs. It is a flowchart which shows the flow of the tag information provision / deletion process which the switching engine part 520 performs. It is a block diagram which shows the structural example of the router 60 contained in the same LAN1. It is a figure for demonstrating the table format of the connection relation management table memorize
  • FIG. 7 is a flowchart showing a flow of packet transfer control processing executed by the routing engine unit 620 of the router 60. It is a flowchart which shows the flow of the timer process which the routing engine part 620 performs.
  • FIG. 5 is a diagram for explaining operations of a switching hub 50 and a router 60.
  • FIG. 5 is a diagram for explaining operations of a switching hub 50 and a router 60.
  • FIG. 5 is a diagram for explaining operations of a switching hub 50 and a router 60. It is a figure which shows an example of the cascade connection of the switching hub in the conventional communication system.
  • FIG. 1 is a diagram illustrating a configuration example of a LAN 1 that is a communication system according to an embodiment of the present invention.
  • This LAN 1 is an intra-site LAN laid at a company branch, for example, and is connected to an IP network (not shown) such as the Internet by a router 60.
  • the LAN 1 includes three switching hubs (switching hubs 50A, 50B, and 50C) and three communication terminals (communication terminals 40A, 40B, and 40C) connected to the respective switching hubs. As shown in FIG. 1, each of the switching hubs 50A, 50B, and 50C is cascade-connected.
  • the router 60 is connected to the switching hub 50A, and the switching hub 50A is connected to the communication terminal 40A and the switching hub 50B.
  • a communication terminal 40B and a switching hub 50C are connected to the switching hub 50B, and a communication terminal 40C is connected to the switching hub 50C.
  • Each of the communication terminals 40A, 40B, and 40C is, for example, a personal computer and conforms to IP with other communication devices (for example, other communication terminals included in the LAN 1 or a WWW server connected to the IP network). Packet communication.
  • communication terminal 40 when it is not necessary to distinguish each of the three communication terminals, they are referred to as “communication terminal 40”.
  • Each of the switching hubs 50A, 50B, and 50C is a communication device that relays data in a data link layer that is a protocol layer lower than IP.
  • switching hub 50 since the three switching hubs have the same configuration, they are referred to as “switching hub 50” when it is not necessary to distinguish between them.
  • relaying data in the data link layer refers to performing transfer control of a MAC frame (hereinafter simply referred to as “frame”), which is a data transmission / reception unit in the data link layer.
  • frame MAC frame
  • the transmission destination and transmission source MAC address of the frame are written.
  • a packet transmitted from the transmission source is written in the payload portion of the frame.
  • the MAC address is a communication address for uniquely identifying each communication device in the data link layer.
  • the router 60 in FIG. 1 and the three communication terminals all have unique MAC addresses. Although the details will be described later, the switching hub 50 performs transfer control based on the destination MAC address of the frame.
  • a packet is a data transmission / reception unit in the network layer one layer higher than the data link layer, and has a header portion and a payload portion in the same manner as a frame.
  • the IP address of the transmission source and transmission destination of the packet is written in the header portion of the packet, and higher layer data is written in the payload portion.
  • the IP address is a communication address that uniquely identifies each communication device in the network layer, and a unique IP address is assigned to each of the router 60 in FIG. 1 and the three communication terminals. Further, in each of the communication terminals 40A, 40B and 40C, the IP address of the router 60 is stored in advance as indicating the default gateway.
  • the router 60 is a communication device that relays data communication in the network layer. For example, if the destination IP address of a packet received from the IP network is one of the communication terminals 40A, 40B, and 40C, the router 60 transfers the packet to the subordinate LAN 1 and the destination IP address is If none of the communication terminals 40A, 40B, and 40C, a process of transferring the packet to another router is performed according to the stored contents of the routing table.
  • a packet that is highly likely to be transmitted from the communication terminal 40 immediately after the communication terminal 40 is turned on (in this embodiment, an ARP packet for acquiring the MAC address of the default gateway). ) Is processed, and the switching hub 50 and the router 60 are caused to execute processing that clearly shows the features of this embodiment. As a result, data indicating the connection relationship of each communication device on the communication path between the router 60 and the communication terminal 40 is stored in the router 60.
  • the switching hub 50 and the router 60 that clearly show the features of the present embodiment will be mainly described.
  • FIG. 2 is a block diagram showing the configuration of the switching hub 50.
  • the switching hub 50 includes a communication interface (hereinafter referred to as I / F) unit 510, a switching engine unit 520, and a storage unit 530.
  • I / F communication interface
  • the communication I / F unit 510 is an interface that exchanges frames with other communication devices, and has a plurality of ports to which other communication devices are connected. Each of the plurality of ports is assigned in advance a port identifier (for example, a port number) that uniquely identifies each port.
  • the communication I / F unit 510 provides a frame received via each port to the switching engine unit 520, while executing a process of sending the frame provided from the switching engine unit 520 from the port designated by the switching engine unit 520. To do.
  • the plurality of ports included in the communication I / F unit 510 include an upstream port connected to the router 60 (or another switching hub closer to the router 60 than itself) and other ports (hereinafter referred to as “downstream ports”). ").
  • a port connected to the router 60 is an upstream port
  • a port connected to the communication terminal 40A or the switching hub 50B is a downstream port.
  • a port to which the switching hub 50A is connected is an upstream port
  • a port connected to the communication terminal 40B or the switching hub 50C is a downstream port.
  • the port connected to the switching hub 50B is an upstream port
  • the port connected to the communication terminal 40C is a downstream port.
  • the storage unit 530 includes, for example, a volatile memory such as a RAM (Random Access Memory) and a non-volatile memory such as an EPROM (Erasable Programmable Read Only Memory) (none of which is shown in FIG. 2).
  • firmware program for causing the switching engine unit 520 to execute upstream port specifying processing (see FIG. 3) and frame transfer control processing (see FIGS. 4 and 5) is stored in advance.
  • the volatile memory is used by the switching engine unit 520 as a work area when executing the firmware, and is a buffer for temporarily storing frames received by the communication I / F unit 510. Play a role.
  • the port identifier of the port specified in the upstream port specifying process is written as the “upstream port identifier”.
  • the volatile memory also stores a so-called MAC address table (not shown in FIG. 2).
  • MAC address table a record including the port identifier of the port that received the frame and the transmission source MAC address of the frame is written.
  • writing of a record to the MAC address table is often performed, for example, at the time of transfer control of a frame including an ARP packet or transfer control of a frame including a response packet to the ARP packet. Deletion is often performed after a certain time has elapsed since the writing.
  • writing and deletion of records in the MAC address table are performed by the switching engine unit 520 in the well-known manner.
  • This MAC address table is referred to when frame transfer control based on the destination MAC address is performed.
  • the switching engine unit 520 is, for example, a CPU (Central Processing Unit).
  • the switching engine unit 520 executes firmware stored in the storage unit 530 and functions as a control center of the switching hub 50. As described above, the switching engine unit 520 executes the upstream port specifying process and the frame transfer control process according to the firmware. Details of these processes will be clarified in an operation example, but the outline is as follows.
  • the upstream port specifying process is a process for specifying which of the plurality of ports of the communication I / F unit 510 is the upstream port.
  • the switching engine unit 520 transmits a frame including the router search packet (that is, a frame in which the router search packet is written in the payload portion: hereinafter, a router search frame) of the communication I / F unit 510.
  • the port identifier of the port that has been transmitted (that is, broadcast) from all ports and has received a response to the router search frame is written in the storage unit 530 as the upstream port identifier.
  • This upstream port specifying process is executed when the switching hub 50 is connected to the LAN 1 or when the switching hub 50 is powered on.
  • the frame transfer control process is a process for sending a frame received by any one of the ports of the communication I / F unit 510 from a port corresponding to the destination MAC address, which is a process for realizing the original function of the switching hub. .
  • the switching engine unit 520 displays the port that received the frame.
  • a process (flooding) for sending the frame from all ports other than is executed.
  • the tag information adding / deleting process see FIG.
  • a frame is received by a downstream port (that is, a port other than the port indicated by the upstream port identifier stored in the storage unit 530).
  • a packet included in the received frame is a processing target packet. (In this embodiment, it is an ARP packet)
  • tag information addition / deletion process when a frame that satisfies both of the above conditions (a) and (b) is transferred to the upstream side, tag information indicating a port that has received the frame is sent to a predetermined area ( In the present embodiment, when the frame is transferred after being added to the 4-byte area, the tag information is not added (the tag information is given by another switching hub 50) when the frame is transferred downstream. In this case, the tag information is deleted and transferred.
  • the frame forwarded to the upstream side is a frame in which the port identifier registered in the MAC address table in association with the destination MAC address matches the upstream port identifier, or sent to the upstream side during flooding. It is a frame to do.
  • the switching engine unit 520 executes tag information addition / deletion processing for each port of the transmission destination.
  • a frame including a processing target packet that is, a frame in which the processing target packet is written in the payload portion
  • a processing target frame a frame including a processing target packet
  • a VLAN tag having “VLAN ID” as a port identifier of a port that has received a frame that satisfies both the conditions (a) and (b) is used as the tag information.
  • VLAN ID a 2-byte numerical value
  • a maximum of two pieces of tag information can be written in the predetermined area in the frame.
  • the VLAN tag is originally used to freely control the broadcast range in the switching hub. In this embodiment, the VLAN tag is used to notify the port identifier to the upstream side. There is. Refer to Non-Patent Document 2 for details of VLAN and VLAN tag. The above is the configuration of the switching hub 50.
  • FIG. 6 is a block diagram showing a configuration of the router 60.
  • the router 60 includes a communication I / F unit 610, a routing engine unit 620, and a storage unit 630.
  • the communication I / F unit 610 has a plurality of ports like the communication I / F unit 510 of the switching hub 50, and a unique port identifier is assigned to each port.
  • the plurality of ports of the communication I / F unit 610 are classified into an upstream port connected to an IP network (not shown in FIG. 1) and other downstream ports. For example, in the router 60 of FIG. 1, one of the downstream ports is connected to the switching hub 50A. Similar to the communication I / F unit 510, the communication I / F unit 610 gives the frame received via each port to the routing engine unit 620, and instructs the routing engine unit 620 to specify the frame given from the routing engine unit 620. From the specified port.
  • the storage unit 630 includes a volatile memory such as a RAM and a nonvolatile memory such as an EPROM (not shown).
  • Firmware for causing the routing engine unit 620 to execute router search packet response processing, packet transfer control processing (see FIG. 8), and timer processing (see FIG. 9) is stored in advance in this nonvolatile memory.
  • the volatile memory is used by the routing engine unit 620 as a work area when executing the firmware, and serves as a buffer for temporarily storing received frames (or packets). .
  • the volatile memory stores a routing table (not shown in FIG. 6) and a connection relationship management table. Of these two tables, the routing table is not different from that of a general router, so detailed description thereof will be omitted, and the connection relationship management table will be described.
  • FIG. 7 is a diagram illustrating an example of a table format of the connection relationship management table.
  • the connection relationship management table includes a LAN number, information indicating a port one level below (or information indicating a port one level below and information indicating a port two levels below), and a host.
  • a record including an address and a timer value is stored.
  • Each record stored in the connection relation management table includes information indicating which port of the switching hub 50 the communication terminal 40 having the host address included in the record is connected to, and the switching hub 50 is a router. 60 indicates which port is connected (that is, the connection relationship of each communication device on the communication path from the communication terminal 40 to the router 60).
  • the source MAC address of the processing target frame received by the router 60 is written in the host address, and the downstream port of the communication I / F unit 610 that received the processing target frame is written in the LAN number.
  • a port identifier is written.
  • the “one-stage lower port information” that constitutes the record together with the LAN number and host address includes a switching hub connected to the port indicated by the LAN number (that is, “one stage downstream from the router”).
  • the port identifier of the port that received the frame to be processed in the "switching hub” is written, and "the port information in the second stage" is received in the switching hub that is two stages downstream from the router.
  • the port identifier of the selected port is written.
  • the timer value is data indicating the remaining time from when a record is registered in the connection relationship management table to when the record is deleted.
  • the initial value of the timer value is determined according to the time length until the record registered in the MAC address table is deleted.
  • the routing engine unit 620 is a CPU (Central Processing Unit) like the switching engine unit 520 of the switching hub 50.
  • the routing engine unit 620 executes firmware stored in the storage unit 630 and functions as a control center of the router 60. As described above, the routing engine unit 620 executes router search packet response processing, packet transfer control processing, and timer processing according to the firmware. Details of these processes will be clarified in an operation example, but the outline is as follows.
  • the router search packet response process is a process of returning a frame in which a response packet is written (hereinafter referred to as a router search response frame) when the router I / F unit 610 receives a router search frame.
  • the routing engine unit 620 executes a process according to the content of the packet included in the frame received by the communication I / F unit 610. For example, when the packet is transmitted from the IP network to the communication terminal 40, the routing engine unit 620 executes processing for transferring the packet to the downstream side, and the packet is addressed to the router 60. In the case of an ARP packet transmitted in response, a response packet is returned to the transmission source.
  • the routing engine unit 620 Prior to the execution of the process according to the process, a process of registering a new record in the connection relationship management table is executed based on the tag information written in the predetermined area of the frame.
  • the timer process is a process for deleting a record registered in the connection relation management table in the course of executing the packet transfer control process after a predetermined time has elapsed. The above is the configuration of the router 60.
  • FIG. 10A the operation of the switching hub 50 and the router 60 in the upstream port specifying process will be described by taking as an example the case where the communication terminal 40, the switching hub 50, and the router 60 are connected.
  • the port identifiers of the ports included in each of the switching hub 50 and the router 60 are indicated by circled numbers, and the MAC addresses assigned to the respective communication terminals 40 are indicated by numbers with parentheses. Yes.
  • the switching hub 50A is connected to the port having the port identifier “1” of the router 60.
  • the switching hub 50B, the communication terminal 40A, and the router 60 are connected to the port identifiers “2”, “5”, and “6” of the switching hub 50A, respectively.
  • a communication terminal 40B, a switching hub 50C, and a switching hub 50A are connected to the port identifiers “1”, “3”, and “4” of the switching hub 50B, respectively.
  • the switching hub 50B and the communication terminal 40C are connected to the ports with the port identifiers “1” and “8” of the switching hub 50C, respectively.
  • the MAC addresses of the communication terminals 40A, 40B, and 40C are “101”, “150”, and “200”, respectively.
  • switching engine unit 520A when it is necessary to distinguish the switching engine units 520 of the switching hubs 50A, 50B, and 50C, the “switching engine unit 520A”, the “switching engine unit 520B”, and the “switching engine unit 520C”, respectively. Is written. The same applies to the communication I / F unit 510 and the storage unit 530.
  • FIG. 3 is a flowchart showing the flow of the upstream port specifying process.
  • switching engine unit 520 sends a router search frame from all ports (step SA100), and waits for a response to the router search frame (step SA110).
  • the router search frame is transmitted from all the ports at the time of execution of the upstream port specifying process to any port of the communication I / F unit 510 other than the router 60 (or other side closer to the router 60). This is because it is not known whether the switching hub 50) is connected.
  • each switching hub 50 transmits a router search frame from all ports, and specifies an upstream port based on whether or not there is a response to the router search frame.
  • a frame including a switching hub detection packet (hereinafter referred to as a switching hub detection frame) is intermittently sent to the router 60, and each switching hub 50 is identified by receiving the switching hub detection frame. It can also be made to do. More specifically, each switching hub 50 waits for reception of a switching hub detection frame as upstream port identification processing, stores the port that received the switching hub detection frame as an upstream port, and stores the frame downstream. The processing sent out from each port on the side is executed. Further, in such an aspect, if each switching hub 50 is caused to return a response to the switching hub detection frame, the router 60 can recognize the subordinate switching hub by receiving the response.
  • the routing engine unit 620 of the router 60 receives the router search frame by the communication I / F unit 610, the router search packet response process is executed according to the firmware, and the router search response frame is returned.
  • the switching engine unit 520 of the switching hub 50 waits for a response to the router search frame, and when the response is not returned within a predetermined time after transmitting the frame (step SA110: No), switching is performed.
  • Engine unit 520 executes step SA100 again.
  • the switching engine unit 520 writes the port identifier of the port that received the response in the storage unit 530 as the upstream port identifier (step SA120). Execute.
  • the router 60 is connected to the port with the port identifier “6” of the switching hub 50A. Therefore, the switching engine unit 520A receives the router search response frame returned from the router 60 through the port with the port identifier “6”. Therefore, “6” is written as the upstream port identifier in the storage unit 530A.
  • the router search frame transmitted by the switching engine unit 520B reaches the router 60 via the switching hub 50A, and the router search response frame returned from the router 60 also reaches the switching hub 50B via the switching hub 50A.
  • the switching hub 50A is connected to the port with the port identifier “4” of the switching hub 50B, and the switching engine unit 520B receives the router search response frame via this port. Therefore, “4” is written as the upstream port identifier in the storage unit 530B.
  • the router search frame transmitted by the switching engine unit 520C reaches the router 60 via the switching hub 50B and the switching hub 50A, and the router search response frame returned from the router 60 also passes through the switching hub 50A and the switching hub 50B. Via the switching hub 50C. As shown in FIG. 10A, the switching hub 50B is connected to the port with the port identifier “1” of the switching hub 50C, and the switching engine unit 520C receives the router search response frame via this port. . Therefore, “1” is written as the upstream port identifier in the storage unit 530C. The above is the operation of the switching hub 50 and the router 60 in the upstream port specifying process.
  • step SB100 the determination result in step SB100 is “Yes”, switching engine unit 520A executes the processing after step SB110. On the other hand, if the determination result in step SB100 is “No”, switching engine unit 520A executes the processing after step SB130.
  • the communication terminal 40A is connected to the port with the port identifier “5” of the switching hub 50A. Since the upstream port of the switching hub 50A is the port with the port identifier “6”, the switching engine unit 520A receives the frame transmitted from the communication terminal 40A via the downstream port. For this reason, the determination result in step SB100 is “Yes”, and the switching engine unit 520A executes the processing after step SB110.
  • step SB110 it is determined whether or not the frame received via the downstream port is a processing target frame. If the determination result in step SB110 is “Yes”, switching engine unit 520A executes the processes in and after step SB120. On the other hand, if the determination result in step SB110 is “No”, switching engine unit 520A executes the processing after step SB130.
  • the processing target packet of this embodiment is an ARP packet, and the packet transmitted from the communication terminal 40A is also an ARP. Therefore, the determination result in step SB110 is “Yes”, and the switching engine unit 520A executes the processing after step SB120.
  • the processing in step SB120 is tag information addition / deletion processing for adding or deleting tag information to the processing target frame received by the downstream port.
  • FIG. 5 is a flowchart showing the flow of tag information addition / deletion processing.
  • the switching engine unit 520A first determines whether or not the transmission destination of the processing target frame received via the downstream port is the upstream side ( Step SB200). The criteria for this step SB200 are as described above. If the determination result of step SB200 is “No”, switching engine unit 520A executes the processes of steps SB210 and SB220. Conversely, when the determination result in step SB200 is “Yes”, the switching engine unit 520A executes the processes after step SB230.
  • the processing target frame of the present embodiment is a frame including an ARP packet (more precisely, an ARP packet addressed to the router 60).
  • the IP address of the router 60 is written as the transmission destination IP address in the header portion of the ARP packet
  • the transmission destination MAC address is not written in the header portion of the frame including the ARP packet. This is because the ARP packet is transmitted for the purpose of obtaining the MAC address of the router 60 in the first place. That is, the frame including the ARP packet is a broadcast frame, and the switching engine unit 520A performs the above-described flooding.
  • the switching engine unit 520A performs processing (FIG.
  • Step SB130 of sending the processing target frame received from the communication terminal 40A via the port with the port identifier “5” from all ports other than the port.
  • tag information addition / deletion processing is performed for each of the frames. For this reason, the determination result of step SB200 is “Yes” only for the frame sent to the upstream port by the flooding, and the determination result of step SB200 is “No” for the other frames.
  • step SB210 Since the determination result in step SB200 is “No” for the processing target frame to be sent downstream by flooding, the switching engine unit 520A executes the process in step SB210.
  • the processing in step SB210 is processing for determining whether tag information is written in a predetermined area of the received processing target frame. Then, the switching engine unit 520A executes the process of step SB220 only when the determination result of step SB210 is “Yes”.
  • the process of step SB220 is a process of deleting all tag information attached to the received process target frame (that is, tag information written in a predetermined area of the process target frame). As shown in FIG. 10A, tag information is not attached to a frame received by the switching hub 50A from the communication terminal 40A in this operation example.
  • step SB210 the determination result in step SB210 is “No”, and the switching engine unit 520A ends the tag information addition / deletion process without performing the process in step SB220.
  • the tag information is not added to the frame transferred downstream (or the tag information attached is deleted) is used only for updating the connection relation management table in the router 60. Because it is not used.
  • Step SB230 refers to a predetermined area of the received processing target frame, and determines whether or not a predetermined number (two in the present embodiment) of tag information has been assigned. If the determination result in step SB230 is “Yes”, switching engine unit 520A performs the process in step SB250 after performing the process in step SB240. Conversely, if the determination result in step SB230 is “No”, the switching engine unit 520 executes the process in step SB250 without executing the process in step SB240.
  • step SB230 the determination result of step SB230 is “No”, and the switching engine unit 520A executes only the process of step SB250.
  • Step SB250 is a process of adding tag information indicating a port that has received the frame outside the predetermined area of the received processing target frame.
  • adding the tag information to the outermost part of the predetermined area specifically means performing the following processing. If tag information is not attached to the received processing target frame, the switching engine unit 520A writes the tag information from the top of the predetermined area. On the other hand, when the tag information of less than the predetermined number is written in the predetermined area of the received frame, the switching engine unit 520A sets the tag information to one tag information at the end of the predetermined area. The data is moved by the data size, and then new tag information is written from the top of the predetermined area. That is, the tag information of the upstream switching hub is written into the predetermined area as it is closer to the head (closer to the outside).
  • step SB250 the switching engine unit 520A executes a process of writing the port identifier (that is, “5”) of the port that has received the processing target frame as the tag information to the outermost portion of the predetermined area of the processing target frame.
  • the switching engine unit 520A completes the tag information addition / deletion process
  • the switching engine unit 520A outputs the processing target frame to which the tag information is added by the tag information addition / deletion process from the port corresponding to the transmission destination (FIG. 4: Step SB130).
  • ARP1 transmitted from the communication terminal 40A as described above is transferred to the upstream router 60 and the downstream switching hub 50B by the switching hub 50A.
  • the frame including the ARP1 is also a processing target frame for the switching hub 50B.
  • the switching engine unit 520B receives the processing target frame from the upstream side, in the frame transfer control process (see FIG. 4) executed by the switching engine unit 520B, the determination result in step SB100 is “No”. Only the process of step SB130 (more specifically, flooding) is executed. That is, the switching hub 50B further transfers the frame transferred from the switching hub 50A to the communication terminal 40B and the switching hub 50C.
  • the communication terminal 40B discards the frame without returning a response even when the communication terminal 40B receives the frame.
  • the switching hub 50C executes only the processing (flooding) in step SB130 of FIG. 4 as with the switching hub 50B, and transfers the frame to the communication terminal 40C.
  • the communication terminal 40C discards the frame without returning a response in the same manner as the communication terminal 40B.
  • FIG. 10A illustration of the transfer of ARP1 from the switching hub 50A to the downstream side is omitted.
  • FIG. 8 is a flowchart showing the flow of the packet transfer control process.
  • the routing engine unit 620 first determines whether or not a packet included in a frame received via the communication I / F unit 610 is a processing target packet (step RA100). If the determination result in step RA100 is “Yes”, the routing engine unit 620 executes the processing after step RA110. On the other hand, if the determination result of step RA100 is “No”, the routing engine unit 620 executes the process of step RA130. In this operation example, since ARP1 is included in the frame transferred from the switching hub 50A, the determination result in step RA100 is “Yes”, and the processing after step RA110 is executed.
  • Step RA110 includes tag information written in a predetermined area of the frame received by communication I / F unit 610, the transmission source MAC address of the frame, and the port of the port of communication I / F unit 610 that has received the frame.
  • a new record is generated by associating the identifier with the initial value of the timer value (a value corresponding to the lifetime of the MAC record, for example, 300) and written in the connection relationship management table. More specifically, the routing engine unit 620 generates a new record with the port identifier as a “LAN number” and the source MAC address as a “host address”. And about the tag information currently written in the predetermined area
  • the routing engine unit 620 writes the tag information in the “one-stage port information” of the record, and tags the predetermined area.
  • the outermost tag information is written in “port information one level lower” and the other is written in “port information two steps down”.
  • the routing engine unit 620 deletes the tag information from the received frame (step RA120), and executes processing according to the packet included in the frame (step RA130). For example, if the packet is sent to a communication device connected to the IP network, the transfer destination router is set based on the destination IP address of the packet and the stored contents of the routing table. Identify and forward the packet to that router. If the packet requests the router 60 to execute some processing, the processing corresponding to the request is executed. In this operation example, since ARP1 transmitted from the communication terminal 40A is received, the routing engine unit 620 executes a process of returning a response packet. The above is the transfer operation of ARP1.
  • the connection relation management table of the router 60 includes these The connection relationship of each device (that is, the communication terminal having the MAC address “101” is connected to the port identifier “5” of the switching hub connected to the port identifier “1” of the router 60).
  • a record Rec1 (see FIG. 10B) to be represented is registered. Note that the record Rec1 registered in the connection relationship management table as described above is deleted after a predetermined time by the timer process.
  • FIG. 9 is a flowchart showing the flow of the timer process. As shown in FIG.
  • the routing engine unit 620 decrements the timer value of each record (step RB100), and if there is a record whose timer value is 0 (step RB110: Yes), the corresponding record Is repeatedly executed until all records are deleted (that is, until the determination result in Step RB130 becomes Yes). This is to prevent unnecessary records from remaining in the connection relationship management table when the communication terminal 40 is disconnected from the LAN 1.
  • the storage contents of the connection relationship management table may be updated with a timer value that matches the update (that is, deletion of MAC record) timer of the MAC address table stored in the storage unit 530 of the switching hub 50.
  • the communication terminal 40B is connected to the port having the port identifier “1” of the switching hub 50B, and the upstream port of the switching hub 50B is the port having the port identifier “4”. Therefore, the switching engine unit 520B receives the frame containing the ARP2 (that is, the processing target frame) via the downstream port, and the operation performed by the switching engine unit 520A in the operation example (B-2) described above. Perform the same operation. That is, the switching engine unit 520B performs the above-described flooding and transfers a frame with tag information indicating the port that received the processing target frame to the upstream side switching hub 50A (see FIG. 11A). The frame transferred to the downstream side is transferred without adding the tag information. In FIG. 11A, the illustration of the frame that the switching engine unit 520B transfers to the downstream side by flooding is omitted.
  • the switching hub 50B is connected to the port with the port identifier “2” of the switching hub 50A.
  • the switching engine unit 520A causes the processing target frame (the frame including the ARP2) via the downstream port. ).
  • Switching engine unit 520A performs flooding in the same manner as when receiving the frame containing ARP1 in the operation example (B-2), and executes tag information addition / deletion processing for each frame sent to each port. .
  • it differs from the operation example (B-2) in that one tag information is already written in a predetermined area of the processing target frame received by the switching engine unit 520A in this operation example.
  • step SB210 for the processing target frame to be sent downstream by flooding is performed.
  • the determination result is “Yes”, and tag information deletion (step SB220) is executed. This is because it is not necessary to notify the tag information downstream as described above.
  • step SB230 for the processing target frame sent to the upstream side by flooding is “No” as in the operation example (B-2), and only the processing of step SB250 is executed.
  • the switching engine unit 520A since one tag information has already been assigned to this processing target frame, the switching engine unit 520A newly moves the tag information in step SB250 and then indicates a new port indicating the port that has received the processing target frame. Add additional tag information. As a result, in this operation example, as shown in FIG. 11A, the processing target frame having two pieces of tag information is transferred from the switching hub 50A to the router 60.
  • the routing engine unit 620 of the router 60 updates the connection relationship management table in the same manner as in the operation example (B-2). However, in this operation example, since two pieces of tag information are written in a predetermined area of the processing target frame transferred from the switching hub 50A, the routing engine unit 620 uses the record Rec2 as shown in FIG. Is registered in the connection relationship management table. With this record Rec2, communication is performed between the router 60, the switching hub 50A that is a switching hub one level below, and the switching hub 50B that is a switching hub one level below (that is, two levels below the router 60). The connection relationship of the terminal 40B is represented. The above is the ARP2 transfer operation.
  • FIG. 12A the connection destination port of each communication device and the MAC address assigned to the communication terminal 40 are the same as those in FIG.
  • the communication terminal 40C is connected to the switching hub 50C, and the switching hub 50C is connected to the switching hub 50B.
  • ARP3 (more precisely, a frame including ARP3) transmitted from the communication terminal 40C is first received by the switching hub 50C.
  • the communication terminal 40C is connected to the port with the port identifier “8” of the switching hub 50C, and the upstream port of the switching hub 50C is the port with the port identifier “1”. That is, the switching engine unit 520C receives the processing target frame (that is, the frame containing the ARP3) via the downstream port. Therefore, the switching engine unit 520C executes the same operation as the operation performed by the switching engine unit 520A in the above-described operation example (B-2). As a result, the switching engine unit 520C performs the above-described flooding and transfers the frame with tag information indicating the port that received the processing target frame to the upstream side switching hub 50B (see FIG. 12A). The frame transferred to the downstream side is transferred without adding the tag information. In FIG. 12A, the illustration of the frame that the switching engine unit 520C transfers to the downstream side by flooding is omitted.
  • the switching hub 50C is connected to the port with the port identifier “3” of the switching hub 50B. Since the upstream port of the switching hub 50B is the port with the port identifier “4”, the switching engine unit 520B receives the processing target frame (a frame containing ARP3) via the downstream port. Since tag information is assigned to the processing target frame by the switching hub 50C, the switching engine unit 520B performs the same operation as the switching engine unit 520A in the operation example (B-3). As a result, in this operation example, as shown in FIG. 12A, a processing target frame having two tag information (tag information given by the switching hub 50C and tag information given by the switching hub 50B) is switched. The data is transferred from the hub 50B to the switching hub 50A.
  • the switching engine unit 520A receives the processing target frame (a frame including the ARP3) via the downstream port.
  • Switching engine unit 520A performs flooding in the same manner as when receiving the frame containing ARP1 in the operation example (B-2), and executes tag information addition / deletion processing for each frame sent to each port. .
  • it differs from the operation example (B-2) in that two tag information has already been added to the processing target frame received by the switching engine unit 520A in this operation example.
  • step SB210 For the processing target frame to be transmitted downstream by flooding, the determination result in step SB210 is “Yes” regardless of whether the number of tag information written in the predetermined area is one or two.
  • a process of deleting all tag information (step SB220) is executed.
  • the determination result in step SB230 is “Yes”, and the switching engine unit 520A
  • the process of step SB250 is executed.
  • the processing of step SB240 is performed by adding the tag information written in the predetermined area of the received processing target frame by the switching hub 50 on the most downstream side (that is, in the innermost (end side) of the predetermined area.
  • step SB240 This is a process for deleting a written one).
  • step SB240 the tag information given by the switching hub 50C is deleted.
  • step SB250 tag information is moved and new tag information is additionally written.
  • FIG. 12A the processing target frame having the tag information given by the switching hub 50A and the tag information given by the switching hub 50B is transferred from the switching hub 50A to the router 60.
  • the switching hub 50 is caused to execute a process of adding new tag information to the outermost portion.
  • connection relationship of the switching hubs near the router 60 it is possible to accurately grasp the connection relationship of the switching hubs near the router 60 (more precisely, the switching hubs up to two stages lower than the router 60).
  • a predetermined number of pieces of tag information have been written in a predetermined area of the processing target frame to be sent upstream by flooding, deletion of the innermost tag information and addition of new tag information (ie, step The processing of transferring the processing target frame to the upstream side may be executed by the switching hub 50 without performing the processing of SB240 and SB250.
  • the connection relationship of the switching hub near the communication terminal 40 is grasped by the router 60.
  • the switching hub connecting the communication terminal can be instructed to close the port to which the communication terminal is connected, and the port can be blocked.
  • the influence from the communication terminal infected with the computer virus (or the downstream side of the switching hub) (Effects caused by blocking ports) can be minimized.
  • the routing engine unit 620 of the router 60 When receiving the processing target frame transferred by the switching hub 50A, the routing engine unit 620 of the router 60 connects the record Rec3 as shown in FIG. 12B as in the operation example (B-3). Register in the management table. By this record Rec3, the router 60, the switching hub 50A that is a switching hub one level below, the switching hub 50B that is a switching hub one level below (that is, two levels below the router 60), and The connection relationship of the communication terminal 40C downstream (actually connected via the switching hub 50C) is shown. The above is the transfer operation of ARP3.
  • the record Rec3 representing the connection relationship in which the switching hubs in the third and subsequent stages as viewed from the router 60 are omitted is stored in the connection relationship management table.
  • the operation manager of the LAN 1 refers to the stored contents of the connection relation management table as needed (for example, draws a tree structure according to the stored contents of the connection relation management table and browses the tree structure). Therefore, it is possible to accurately grasp the connection relationship between the switching hub up to two stages when viewed from the router 60 and the communication terminal connected to the switching hub, and to quickly perform operation management and maintenance of these communication devices.
  • the port of the switching hub to which the communication terminal performing unauthorized access is connected is stored in the MAC address of the communication terminal and the connection relation management table. It is possible to take measures such as specifying the contents and closing the port by remote control from the router 60 or blinking the access lamp of the port. In this embodiment, it is impossible to directly grasp the connection relationship of the third and subsequent switching hubs as viewed from the router 60, but the communication terminal connected to the third and subsequent switching hubs, and the router Because it is possible to grasp the connection relationship with the switching hub up to two stages as viewed from 60, it is possible to identify the third-stage switching hub using these as a clue, and to manage and maintain it. However, the damage can be stopped by remotely operating the second switching hub.
  • the ARP packet for acquiring the MAC address of the router 60 is the processing target packet.
  • the processing target packet in the present invention is not limited to the ARP packet, but a packet for requesting IP address assignment by DHCP (Dynamic Host Configuration Protocol) or a packet for file sharing in Windows (registered trademark) or the like. It may be. In short, it is a type of packet that allows the switching hub 50 to acquire information indicating the connection state of the port, and is transmitted immediately after the communication terminal is turned on or immediately after the communication terminal is connected to the communication network.
  • any packet that is highly likely to be transmitted may be used. If this type of packet is defined as a packet to be processed, communication between the communication terminal and the router can be performed quickly without taking any time from power-on of the communication terminal (or connection of the communication terminal to the communication network). This is because it is possible to generate data indicating the connection relationship for the road. Further, in an aspect in which a packet requesting IP address assignment by DHCP or a file sharing packet in Windows (registered trademark) or the like is used as a processing target packet, it is easy for humans to identify as an identifier for identifying each communication device. There is also an advantage that a simple IP address or computer name can be used instead of the MAC address.
  • the VLAN tag written in a predetermined area of the MAC frame is used as tag information for notifying the router 60 of the downstream port from which each switching hub 50 has received the processing target packet.
  • the VLAN tag is used as the tag information because it is a general specification in data communication technology, and it is considered that many communication devices comply with this specification (in other words, it does not cause a particular problem). Because. However, it is not unthinkable to uniquely define new tag information specifications (data size, frame write area, etc.).
  • the maximum number of tag information to be assigned to the processing target frame is set to be larger than 2, an identifier indicating the switching hub 50 together with the port identifier is assigned as tag information, or tag information is written.
  • the switching hub may discard the frame to which the tag information according to the original specification is attached. It is necessary to keep this in mind.
  • tag information of the upstream switching hub 50 is written at the outermost part of the predetermined region of the processing target frame, and tag information of the downstream switching hub 50 is written toward the inner side.
  • the writing order may of course be reverse.
  • the upstream port specifying process and the frame transfer control process (including the tag information adding / deleting process) that clearly show the features of the switching hub of the present invention are implemented by software. May be realized by hardware.
  • the switching engine unit 520 may be configured by an ASIC that executes upstream port specifying processing and frame transfer control processing (including tag information addition / deletion processing).
  • the routing engine unit 620 of the router 60 may be configured by an ASIC that executes router search packet response processing, packet transfer control processing, and timer processing.
  • Step SB100 determining whether or not the condition (a) is satisfied
  • Step SB110 determining whether or not the condition (b) is satisfied
  • the firmware (program) for causing the switching engine unit 520 of the switching hub 50 to execute the upstream port specifying process and the frame transfer control process (including the tag information addition / deletion process) is the same in advance. It was stored in the storage unit 530 of the switching hub 50.
  • the program may be distributed by writing it on a computer-readable recording medium such as a CD-ROM (Compact Disk-Read Memory), or by distributing it via a telecommunication line such as the Internet. May be. This is because, by rewriting the firmware of the existing switching hub by the program distributed in this way, the same function as the switching hub 50 can be given to the existing switching hub.
  • the firmware (program) for causing the routing engine unit 620 of the router 60 to execute the router search packet response process, the packet transfer control process, and the timer process is written and distributed on a computer-readable recording medium. It may be distributed by downloading via a telecommunication line such as the Internet. This is because the same function as the router 60 can be given to the existing router by rewriting the firmware of the existing router by the program distributed in this way.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Small-Scale Networks (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

Provided is a communication system wherein the relations of connections between the communication devices included in a communication network such as a LAN (Local Area Network) controlled by a router can be determined at low cost and without imposing excessive load on these communication devices. When a switching hub has received from a downstream port an ARP (Address Resolution Protocol) packet addressed to a router and requesting that the LAN be connected to an IP network, the switching hub adds tag information indicating the port to the ARP packet and forwards the packet. Further, when the router has received an ARP packet addressed to a device managed by the router, the router generates, from the tag information attached to the ARP packet, information indicating the relations of connections between the communication terminal which has transmitted the ARP packet and switching hubs which have forwarded the packet, and stores the generated information.

Description

通信システム、スイッチングハブ、およびルータCommunication system, switching hub, and router
 本発明は、LAN(Local Area Network)の運用管理を支援する技術に関する。 The present invention relates to a technology for supporting operation management of a LAN (Local Area Network).
 近年、企業等においては、支店などの各拠点に敷設されたLAN(以下、拠点内LAN)をルータによってインターネットなどのIP(Internet Protocol)網に接続して企業内情報システムを構築することが一般に行われている。一般に、拠点内LANには、スイッチングハブや各ユーザ(例えば、企業の従業者)の使用する通信端末などがその構成要素として含まれている。スイッチングハブとは、通信端末を拠点内LANに接続するための通信装置であり、スイッチングハブに接続可能な通信端末の数は「スイッチングハブが有するポート数-1」となる。このため、1台のスイッチングハブのポート数を上回る数の通信端末を拠点内LANに接続する必要がある場合には、図13に示すように、複数のスイッチングハブをカスケード接続し、接続可能な通信端末数を増加させることが一般に行われている。 2. Description of the Related Art In recent years, companies generally construct an in-company information system by connecting a LAN (hereinafter referred to as an intra-site LAN) laid at each base such as a branch office to an IP (Internet Protocol) network such as the Internet using a router. Has been done. In general, a local area LAN includes a switching hub, a communication terminal used by each user (for example, a company employee), and the like as constituent elements. The switching hub is a communication device for connecting a communication terminal to the local LAN, and the number of communication terminals connectable to the switching hub is “the number of ports of the switching hub−1”. For this reason, when it is necessary to connect more communication terminals than the number of ports of one switching hub to the local LAN, a plurality of switching hubs can be connected in cascade as shown in FIG. Generally, the number of communication terminals is increased.
 ところで、企業内情報システム(或いは、その構成要素である各拠点内LAN)の運用管理や保守を行う際には、拠点内LANに含まれる各通信装置が拠点内の何処に設置されているのかを把握しておくことに加え、ルータから各通信端末に到るまでの各通信装置の接続関係(ルータのどのポートにどのスイッチングハブが接続されているのか、また、どのスイッチングハブのどのポートにどの通信端末が接続されているのか等)を把握しておくことが重要になる。各通信装置が拠点内の何処に設置されているのかについては目視により把握することも可能であるが、各通信装置に接続されている通信ケーブルを辿ってその接続関係を把握することは容易ではない。また、通信装置同士を接続する通信ケーブルが壁などに埋設されている場合には、その通信ケーブルを辿って接続関係を把握することはできない。そこで、LANに含まれる各通信装置の接続関係を把握できるようにする技術が従来より種々提案されており、その一例としては非特許文献1に開示されたSNMP(Simple Network Management Protocol)を利用する技術が挙げられる。 By the way, when performing operation management and maintenance of the in-house information system (or each local LAN that is a component thereof), where in the base each communication device included in the local LAN is installed. As well as the connection relationship of each communication device from the router to each communication terminal (which switching hub is connected to which port of the router and which port of which switching hub) It is important to know which communication terminal is connected. It is also possible to visually grasp where each communication device is installed in the base, but it is not easy to trace the connection relationship by tracing the communication cable connected to each communication device. Absent. Further, when a communication cable for connecting communication devices is embedded in a wall or the like, the connection relationship cannot be grasped by tracing the communication cable. Therefore, various techniques for making it possible to grasp the connection relationship of each communication device included in the LAN have been proposed. For example, SNMP (Simple Network Management Protocol) disclosed in Non-Patent Document 1 is used. Technology.
日本国特開2003-318937号公報Japanese Unexamined Patent Publication No. 2003-318937
 しかし、SNMPを利用する場合、SNMPマネージャとして動作するコンピュータが新たに必要になり、その購入や運用管理のために新たなコストの負担を強いられるといった問題がある。また、SNMPでは、各スイッチングハブに記憶されるMAC(Media Access Control)アドレステーブルの全情報を収集する必要があるため、その収集のための通信によって過大な負荷が各スイッチングハブにかかってしまうといった問題や、その収集を完了するまでに長い時間を要する、といった問題がある。
 本発明は上記課題に鑑みて為されたものであり、LANなどルータ配下のネットワークに含まれている各通信装置の接続関係を、それら通信装置に過大な負荷をかけることなく、かつ低コストで把握することができるようにする技術を提供することを目的とする。 However, when SNMP is used, there is a problem that a computer that operates as an SNMP manager is newly required, and a new cost is imposed for the purchase and operation management. In addition, in SNMP, since it is necessary to collect all information in a MAC (Media Access Control) address table stored in each switching hub, an excessive load is applied to each switching hub due to communication for the collection. There are problems, such as taking a long time to complete the collection.
The present invention has been made in view of the above problems, and the connection relationship of communication devices included in a network under a router such as a LAN can be reduced without overloading the communication devices and at a low cost. The purpose is to provide a technology that enables grasping.
 上記課題を解決するために本発明の態様は、ルータと、前記ルータの配下のネットワークに含まれる複数のスイッチングハブとを含む通信システムにおいて、前記複数のスイッチングハブの各々は、各々にルータ、または他のスイッチングハブ、または通信端末が接続される複数のポートを有しており、前記通信ネットワークに当該スイッチングハブが接続されたこと、または当該スイッチングハブの電源が投入されたことを契機として前記複数のポートのうち前記ルータまたは前記ルータ側の他のスイッチングハブに接続されている上流側ポートを特定する第1の処理と、通信端末からルータへ宛てて送信されたパケットを内包したフレームを前記上流側ポートとは異なるポートを介して受信し、かつ、当該フレームに内包されているパケットが予め定められた種類のものである場合には、当該フレームを上流側へ転送する際に当該フレームを受信したポートを示すタグ情報を当該フレームの所定領域に追記して転送する第2の処理と、を実行するよう構成され、前記ルータは、前記所定領域にタグ情報が書き込まれているフレームを受信した場合に、当該タグ情報からそのフレームの転送に関わったスイッチングハブとそのフレームの送信元の通信端末の接続関係を示すデータを生成して記憶する第3の処理を実行するよう構成されることを特徴とする通信システム、を提供する。 In order to solve the above problems, an aspect of the present invention provides a communication system including a router and a plurality of switching hubs included in a network under the router, wherein each of the plurality of switching hubs is a router, or It has a plurality of ports to which other switching hubs or communication terminals are connected, and the plurality of ports triggered by the switching hub being connected to the communication network or the switching hub being powered on A first process for identifying an upstream port connected to the router or another switching hub on the router side and a frame containing a packet transmitted from the communication terminal to the router Received via a port different from the side port and included in the frame If the packet is of a predetermined type, the tag information indicating the port that received the frame is added to the predetermined area of the frame and transferred when the frame is transferred upstream. When the router receives a frame in which the tag information is written in the predetermined area, the router and the switching hub involved in the transfer of the frame from the tag information and the frame Provided is a communication system configured to execute a third process of generating and storing data indicating a connection relationship of a transmission source communication terminal.
 この通信システムにおいて、予め定められた種類のパケットを上記ルータが受信する時点では、そのパケットを内包したフレームの所定領域にはそのフレームの転送に関わったスイッチングハブによって当該フレームを受信した下流側のポートを示すタグ情報が書き込まれている。したがって、これらタグ情報を順次辿ることで上記ルータから上記パケットの送信元の通信端末へ到る通信路上に存在するスイッチングハブと当該ルータおよび通信端末の接続関係を示すデータが生成される。加えて、この通信システムにはSNMPマネージャは不要であり、新たなコスト負担が発生することもない。また、タグ情報を追記する処理対象のパケットも予め定められた種類のものに限定されているため、各スイッチングハブに過大な処理負荷がかかることもない。なお、上記予め定められた種類のパケットとしては、スイッチングハブにポートの接続状態を示す情報を取得させることができる種類のパケットであって、通信端末の電源が投入された直後、または通信端末が通信ネットワークに接続された直後に送信される可能性の高いパケットであることが好ましく、その具体例としてはARP(Address Resolution Protocol)パケットが挙げられる。ルータのMACアドレスを取得するためのARPパケットの送信は通信端末の電源が投入された直後、または通信端末が通信ネットワークに接続された直後に行われる可能性が高く、その通信端末とルータとの間の通信路についての接続関係を示すデータを電源投入等から時間を置くことなく迅速に生成することができるからである。 In this communication system, at the time when the router receives a predetermined type of packet, the predetermined area of the frame containing the packet is in the downstream side that received the frame by the switching hub involved in the transfer of the frame. Tag information indicating a port is written. Therefore, by sequentially tracking these tag information, data indicating the connection relationship between the switching hub, the router, and the communication terminal existing on the communication path from the router to the communication terminal that is the transmission source of the packet is generated. In addition, this communication system does not require an SNMP manager and does not incur a new cost burden. In addition, since the processing target packets to which the tag information is additionally recorded are limited to predetermined types, an excessive processing load is not applied to each switching hub. Note that the predetermined type of packet is a type of packet that allows the switching hub to acquire information indicating the connection status of the port, and immediately after the communication terminal is turned on or the communication terminal It is preferable that the packet is highly likely to be transmitted immediately after being connected to the communication network, and a specific example thereof is an ARP (Address Resolution Protocol) packet. The transmission of the ARP packet for obtaining the MAC address of the router is highly likely to be performed immediately after the communication terminal is turned on or immediately after the communication terminal is connected to the communication network. This is because it is possible to quickly generate data indicating the connection relationship between the communication paths between the power supply and the like without taking any time from power-on or the like.
 より好ましい態様においては、上記タグ情報としてVLAN(Virtual LAN)タグを用いることが好ましい。独自仕様に基づいて上記タグ情報を用いる態様ではフレームの転送経路にその仕様に準拠していないスイッチングハブがあると、当該タグ情報を付与されたフレームがそのスイッチングハブにおいて破棄される虞があるからである。一般仕様に準拠してVLANタグを用いる態様では、このような不具合が発生する虞はない。また、上記タグ情報としてVLANタグを用いる態様においては、各MACフレームに書き込み可能なVLANタグのデータサイズや個数が上記仕様において定められているため、前記第2の処理においてタグ情報を追記しようとするフレームの所定領域に所定数分のタグ情報が既に書き込まれている場合には、最も下流側のスイッチングハブによって書き込まれたタグ情報を削除した後に当該スイッチングハブについてのタグ情報を追記しても良く、また、新たなタグ情報の追記を行わずに上流側へ転送するようにしても良い。前者の態様であれば、少なくとも、ルータ付近のスイッチングハブの接続関係を把握することができる。後者の態様であれば、少なくとも、フレームの送信元の通信端末付近のスイッチングハブの接続関係を把握することができるからである。なお、VLANタグについては非特許文献2にその詳細が開示されている。また、VLANタグを利用した先行技術の一例としては特許文献1に開示された技術が挙げられる。しかし、特許文献1に開示された技術は、パケットの宛先の識別にVLANタグを用いるものであって、通信端末からルータへ到る通信路上の各通信装置の接続関係をそのルータへ通知するために上記タグ情報を用いる本願発明とは異なる技術である。 In a more preferred aspect, it is preferable to use a VLAN (Virtual LAN) tag as the tag information. In the aspect using the tag information based on the original specification, if there is a switching hub that does not comply with the specification in the frame transfer path, there is a possibility that the frame to which the tag information is attached is discarded in the switching hub. It is. In the aspect using the VLAN tag in conformity with the general specification, there is no possibility that such a problem occurs. In addition, in the aspect using the VLAN tag as the tag information, the data size and the number of VLAN tags that can be written in each MAC frame are defined in the above specifications, so that the tag information is to be added in the second process. If a predetermined number of tag information has already been written in a predetermined area of the frame to be deleted, tag information written by the most downstream switching hub may be deleted and then tag information for the switching hub added. Alternatively, it may be transferred to the upstream side without adding new tag information. In the former case, at least the connection relationship of the switching hubs in the vicinity of the router can be grasped. This is because, in the latter mode, at least the connection relationship of the switching hubs near the communication terminal that is the frame transmission source can be grasped. Details of the VLAN tag are disclosed in Non-Patent Document 2. In addition, as an example of the prior art using a VLAN tag, there is a technique disclosed in Patent Document 1. However, the technique disclosed in Patent Document 1 uses a VLAN tag to identify the destination of a packet, and notifies the router of the connection relationship of each communication device on the communication path from the communication terminal to the router. This is a technique different from that of the present invention that uses the tag information.
 また、上記課題を解決するために本発明の別の態様は、各々他の通信装置に接続される複数のポートと、当該スイッチングハブの電源が投入されたこと、または当該スイッチングハブが通信ネットワークに接続されたことを契機として、前記複数のポートのうちルータまたはルータ側の他のスイッチングハブに接続されている上流側ポートを特定する上流側ポート特定手段と、前記上流側ポートとは異なるポートを介して予め定められた種類のパケットを内包したフレームを受信し、当該フレームを上流側へ転送する場合には、当該フレームを受信したポートを示すタグ情報を当該フレームの所定領域に追記して転送するタグ情報付与手段とを有することを特徴とするスイッチングハブを提供する。 In order to solve the above-described problem, another aspect of the present invention provides a plurality of ports each connected to another communication device and that the switching hub is powered on, or the switching hub is connected to a communication network. Triggered by being connected, an upstream port specifying means for specifying an upstream port connected to a router or another switching hub on the router side among the plurality of ports, and a port different from the upstream port When a frame containing a predetermined type of packet is received via the network and the frame is transferred upstream, tag information indicating the port that received the frame is added to the predetermined area of the frame and transferred. There is provided a switching hub characterized by comprising tag information providing means.
 また、上記課題を解決するために本発明のさらに別の態様は、通信端末から当該ルータへ宛てて送信されたパケットを内包したフレームの転送制御を行う複数のスイッチングハブであって、予め定められた種類のパケットを内包したフレームを受信した場合に当該フレームを受信したポートを示すタグ情報を当該フレームの所定領域に追記して転送する処理を各々実行する複数のスイッチングハブ、を含む通信ネットワークに接続されるルータであって、前記タグ情報が前記所定領域に書き込まれたフレームを受信した場合に、当該タグ情報から、そのフレームの転送に関わったスイッチングハブとそのフレームの送信元の通信端末の接続関係を示すデータを生成して記憶するための記憶部を有することを特徴とするルータを提供する。 In order to solve the above-described problem, another aspect of the present invention provides a plurality of switching hubs that perform transfer control of a frame including a packet transmitted from a communication terminal to the router. A communication network including a plurality of switching hubs, each of which executes a process of adding tag information indicating a port that received the frame to a predetermined area of the frame and transferring it when a frame containing a packet of the specified type is received When the received router receives a frame in which the tag information has been written in the predetermined area, the switching hub involved in the transfer of the frame and the communication terminal of the transmission source of the frame from the tag information. Provided is a router having a storage unit for generating and storing data indicating a connection relationship.
本発明の実施形態のLAN1の構成例を示す図である。It is a figure which shows the structural example of LAN1 of embodiment of this invention. 同LAN1に含まれるスイッチングハブ50の構成例を示すブロック図である。It is a block diagram which shows the structural example of the switching hub 50 contained in the same LAN1. 同スイッチングハブ50のスイッチングエンジン部520が実行する上流側ポート特定処理の流れを示すフローチャートである。7 is a flowchart showing a flow of upstream port specifying processing executed by a switching engine unit 520 of the switching hub 50. 同スイッチングエンジン部520が実行するフレーム転送制御処理の流れを示すフローチャートである。It is a flowchart which shows the flow of the frame transfer control process which the switching engine part 520 performs. 同スイッチングエンジン部520が実行するタグ情報付与/削除処理の流れを示すフローチャートである。It is a flowchart which shows the flow of the tag information provision / deletion process which the switching engine part 520 performs. 同LAN1に含まれるルータ60の構成例を示すブロック図である。It is a block diagram which shows the structural example of the router 60 contained in the same LAN1. 同ルータ60の記憶部630に記憶される接続関係管理テーブルのテーブルフォーマットを説明するための図である。It is a figure for demonstrating the table format of the connection relation management table memorize | stored in the memory | storage part 630 of the router 60. FIG. 同ルータ60のルーティングエンジン部620が実行するパケット転送制御処理の流れを示すフローチャートである。7 is a flowchart showing a flow of packet transfer control processing executed by the routing engine unit 620 of the router 60. 同ルーティングエンジン部620が実行するタイマ処理の流れを示すフローチャートである。It is a flowchart which shows the flow of the timer process which the routing engine part 620 performs. スイッチングハブ50およびルータ60の動作を説明するための図である。FIG. 5 is a diagram for explaining operations of a switching hub 50 and a router 60. スイッチングハブ50およびルータ60の動作を説明するための図である。FIG. 5 is a diagram for explaining operations of a switching hub 50 and a router 60. スイッチングハブ50およびルータ60の動作を説明するための図である。FIG. 5 is a diagram for explaining operations of a switching hub 50 and a router 60. 従来の通信システムにおけるスイッチングハブのカスケード接続の一例を示す図である。It is a figure which shows an example of the cascade connection of the switching hub in the conventional communication system.
 以下、図面を参照しつつ本発明の実施形態について説明する。
(A:構成)
 図1は、本発明の一実施形態の通信システムであるLAN1の構成例を示す図である。このLAN1は、例えば企業の支店に敷設される拠点内LANであり、ルータ60によってインターネットなどのIP網(図示省略)に接続される。LAN1は、3台のスイッチングハブ(スイッチングハブ50A、50Bおよび50C)と、これら各スイッチングハブに各々接続される3台の通信端末(通信端末40A、40Bおよび40C)を含んでいる。図1に示すように、スイッチングハブ50A、50Bおよび50Cの各々はカスケード接続されている。より詳細に説明すると、ルータ60にはスイッチングハブ50Aが接続されており、このスイッチングハブ50Aには通信端末40Aとスイッチングハブ50Bが接続されている。そして、スイッチングハブ50Bには通信端末40Bとスイッチングハブ50Cが接続されており、スイッチングハブ50Cには通信端末40Cが接続されている。 Hereinafter, embodiments of the present invention will be described with reference to the drawings.
(A: Configuration)
FIG. 1 is a diagram illustrating a configuration example of a LAN 1 that is a communication system according to an embodiment of the present invention. This LAN 1 is an intra-site LAN laid at a company branch, for example, and is connected to an IP network (not shown) such as the Internet by a router 60. The LAN 1 includes three switching hubs ( switching hubs 50A, 50B, and 50C) and three communication terminals ( communication terminals 40A, 40B, and 40C) connected to the respective switching hubs. As shown in FIG. 1, each of the switching hubs 50A, 50B, and 50C is cascade-connected. More specifically, the router 60 is connected to the switching hub 50A, and the switching hub 50A is connected to the communication terminal 40A and the switching hub 50B. A communication terminal 40B and a switching hub 50C are connected to the switching hub 50B, and a communication terminal 40C is connected to the switching hub 50C.
 通信端末40A、40Bおよび40Cの各々は例えばパーソナルコンピュータであり、他の通信装置(例えば、LAN1に含まれる他の通信端末やIP網に接続されているWWWサーバなど)との間でIPにしたがったパケット通信を行うことができる。以下、上記3台の通信端末の各々を区別する必要がない場合には、「通信端末40」と表記する。 Each of the communication terminals 40A, 40B, and 40C is, for example, a personal computer and conforms to IP with other communication devices (for example, other communication terminals included in the LAN 1 or a WWW server connected to the IP network). Packet communication. Hereinafter, when it is not necessary to distinguish each of the three communication terminals, they are referred to as “communication terminal 40”.
 スイッチングハブ50A、50Bおよび50Cの各々はIPよりも下位のプロトコル階層であるデータリンク層においてデータの中継を行う通信装置である。本実施形態では、上記3台のスイッチングハブは同一の構成を有しているため、各々を区別する必要がない場合には「スイッチングハブ50」と表記する。ここで、データリンク層においてデータの中継を行うとは、データリンク層におけるデータの送受信単位であるMACフレーム(以下、単に「フレーム」と称する)の転送制御を行うことである。フレームのヘッダ部には、そのフレームの送信先および送信元のMACアドレスが書き込まれる。フレームのペイロード部には、当該送信元から送信されたパケットが書き込まれる。なお、MACアドレスとは、データリンク層にて各通信装置を一意に識別するための通信アドレスである。図1のルータ60と上記3台の通信端末は何れも固有のMACアドレスを有している。詳細については後述するがスイッチングハブ50はフレームの送信先MACアドレスに基づいてその転送制御を行う。 Each of the switching hubs 50A, 50B, and 50C is a communication device that relays data in a data link layer that is a protocol layer lower than IP. In the present embodiment, since the three switching hubs have the same configuration, they are referred to as “switching hub 50” when it is not necessary to distinguish between them. Here, relaying data in the data link layer refers to performing transfer control of a MAC frame (hereinafter simply referred to as “frame”), which is a data transmission / reception unit in the data link layer. In the header portion of the frame, the transmission destination and transmission source MAC address of the frame are written. A packet transmitted from the transmission source is written in the payload portion of the frame. The MAC address is a communication address for uniquely identifying each communication device in the data link layer. The router 60 in FIG. 1 and the three communication terminals all have unique MAC addresses. Although the details will be described later, the switching hub 50 performs transfer control based on the destination MAC address of the frame.
 パケットとは、データリンク層よりも1つ上の階層のネットワーク層におけるデータの送受信単位であり、フレームと同様にヘッダ部とペイロード部とを有している。パケットのヘッダ部には、そのパケットの送信元および送信先のIPアドレスが書き込まれており、ペイロード部にはさらに上位層のデータが書き込まれる。ここで、IPアドレスとはネットワーク層において各通信装置を一意に識別する通信アドレスであり、図1のルータ60と上記3台の通信端末には各々固有のIPアドレスが割り当てられている。また、通信端末40A、40Bおよび40Cの各々には、ルータ60のIPアドレスがデフォルトゲートウェイを示すものとして予め記憶されている。 A packet is a data transmission / reception unit in the network layer one layer higher than the data link layer, and has a header portion and a payload portion in the same manner as a frame. The IP address of the transmission source and transmission destination of the packet is written in the header portion of the packet, and higher layer data is written in the payload portion. Here, the IP address is a communication address that uniquely identifies each communication device in the network layer, and a unique IP address is assigned to each of the router 60 in FIG. 1 and the three communication terminals. Further, in each of the communication terminals 40A, 40B and 40C, the IP address of the router 60 is stored in advance as indicating the default gateway.
 ルータ60は、ネットワーク層においてデータ通信を中継する通信装置である。例えば、IP網から受信したパケットの送信先IPアドレスが通信端末40A、40Bおよび40Cの何れかのものであれば、ルータ60はそのパケットを配下のLAN1へと転送し、その送信先IPアドレスが通信端末40A、40Bおよび40Cの何れのものでもない場合にはルーティングテーブルの格納内容にしたがって他のルータへパケットを転送する処理を行う。 The router 60 is a communication device that relays data communication in the network layer. For example, if the destination IP address of a packet received from the IP network is one of the communication terminals 40A, 40B, and 40C, the router 60 transfers the packet to the subordinate LAN 1 and the destination IP address is If none of the communication terminals 40A, 40B, and 40C, a process of transferring the packet to another router is performed according to the stored contents of the routing table.
 さて、図1に示すLAN1においては、通信端末40の電源の投入直後にその通信端末40から送信される可能性が高いパケット(本実施形態では、デフォルトゲートウェイのMACアドレスを取得するためのARPパケット)を処理対象としてスイッチングハブ50およびルータ60に本実施形態の特徴を顕著に示す処理を実行させる。これにより、ルータ60と通信端末40との間の通信路上の各通信装置の接続関係を示すデータがルータ60に記憶されるのである。以下、本実施形態の特徴を顕著に示すスイッチングハブ50およびルータ60を中心に説明する。 In the LAN 1 shown in FIG. 1, a packet that is highly likely to be transmitted from the communication terminal 40 immediately after the communication terminal 40 is turned on (in this embodiment, an ARP packet for acquiring the MAC address of the default gateway). ) Is processed, and the switching hub 50 and the router 60 are caused to execute processing that clearly shows the features of this embodiment. As a result, data indicating the connection relationship of each communication device on the communication path between the router 60 and the communication terminal 40 is stored in the router 60. Hereinafter, the switching hub 50 and the router 60 that clearly show the features of the present embodiment will be mainly described.
(A-1:スイッチングハブ50の構成)
 まず、図2を参照しつつスイッチングハブ50の構成を説明する。図2は、スイッチングハブ50の構成を示すブロック図である。図2に示すように、スイッチングハブ50は、通信インタフェース(以下、I/F)部510、スイッチングエンジン部520、および記憶部530を有している。 (A-1: Configuration of the switching hub 50)
First, the configuration of the switching hub 50 will be described with reference to FIG. FIG. 2 is a block diagram showing the configuration of the switching hub 50. As shown in FIG. 2, the switching hub 50 includes a communication interface (hereinafter referred to as I / F) unit 510, a switching engine unit 520, and a storage unit 530.
 通信I/F部510は、他の通信装置との間でフレームの授受を行うインタフェースであり、各々他の通信装置が接続される複数のポートを有している。これら複数のポートの各々には、各ポートを一意に識別するポート識別子(例えば、ポート番号)が予め割り当てられている。通信I/F部510は、各ポートを介して受信したフレームをスイッチングエンジン部520に与える一方、スイッチングエンジン部520から与えられるフレームを同スイッチングエンジン部520によって指示されたポートから送出する処理を実行する。 The communication I / F unit 510 is an interface that exchanges frames with other communication devices, and has a plurality of ports to which other communication devices are connected. Each of the plurality of ports is assigned in advance a port identifier (for example, a port number) that uniquely identifies each port. The communication I / F unit 510 provides a frame received via each port to the switching engine unit 520, while executing a process of sending the frame provided from the switching engine unit 520 from the port designated by the switching engine unit 520. To do.
 通信I/F部510が有する複数のポートは、ルータ60(或いは、自分よりルータ60に近い側の他のスイッチングハブ)に接続される上流側ポートと、その他のポート(以下、「下流側ポート」という)とに分類される。例えば、スイッチングハブ50Aにおいては、ルータ60に接続されるポートが上流側ポートとなり、通信端末40Aやスイッチングハブ50Bに接続されるポートが下流側ポートとなる。同様に、スイッチングハブ50Bにおいては、スイッチングハブ50Aが接続されるポートが上流側ポートとなり、通信端末40Bやスイッチングハブ50Cに接続されるポートが下流側ポートとなる。そして、スイッチングハブ50Cにおいては、スイッチングハブ50Bに接続されるポートが上流側ポートとなり、通信端末40Cに接続されるポートが下流側ポートとなる。 The plurality of ports included in the communication I / F unit 510 include an upstream port connected to the router 60 (or another switching hub closer to the router 60 than itself) and other ports (hereinafter referred to as “downstream ports”). "). For example, in the switching hub 50A, a port connected to the router 60 is an upstream port, and a port connected to the communication terminal 40A or the switching hub 50B is a downstream port. Similarly, in the switching hub 50B, a port to which the switching hub 50A is connected is an upstream port, and a port connected to the communication terminal 40B or the switching hub 50C is a downstream port. In the switching hub 50C, the port connected to the switching hub 50B is an upstream port, and the port connected to the communication terminal 40C is a downstream port.
 記憶部530は、例えばRAM(Random Access Memory)などの揮発性メモリとEPROM(Erasable Programmable Read Only Memory)などの不揮発性メモリとを含んでいる(図2では、何れも図示略)。この不揮発性メモリには、上流側ポート特定処理(図3参照)およびフレーム転送制御処理(図4および図5参照)をスイッチングエンジン部520に実行させるためのファームウェア(プログラム)が予め記憶されている。一方、揮発性メモリは、上記ファームウェアを実行する際のワークエリアとしてスイッチングエンジン部520によって利用されるとともに、通信I/F部510によって受信されたフレームを一時的に記憶しておくためのバッファの役割を果たす。また、この揮発性メモリには、上流側ポート特定処理にて特定されたポートのポート識別子が「上流側ポート識別子」として書き込まれる。 The storage unit 530 includes, for example, a volatile memory such as a RAM (Random Access Memory) and a non-volatile memory such as an EPROM (Erasable Programmable Read Only Memory) (none of which is shown in FIG. 2). In this nonvolatile memory, firmware (program) for causing the switching engine unit 520 to execute upstream port specifying processing (see FIG. 3) and frame transfer control processing (see FIGS. 4 and 5) is stored in advance. . On the other hand, the volatile memory is used by the switching engine unit 520 as a work area when executing the firmware, and is a buffer for temporarily storing frames received by the communication I / F unit 510. Play a role. In this volatile memory, the port identifier of the port specified in the upstream port specifying process is written as the “upstream port identifier”.
 また、この揮発性メモリには、所謂MACアドレステーブルも格納される(図2では、図示略)。このMACアドレステーブルには、フレームを受信したポートのポート識別子とそのフレームの送信元MACアドレスとを含むレコードが書き込まれる。周知のように、MACアドレステーブルへのレコードの書き込みは、例えばARPパケットを内包したフレームの転送制御やARPパケットに対する応答パケットを内包したフレームの転送制御の際に行われることが多く、当該レコードの削除はその書き込みが行われてから一定時間経過後に行われることが多い。本実施形態においても、MACアドレステーブルへのレコードの書き込み及び削除は上記周知の態様でスイッチングエンジン部520によって行われる。このMACアドレステーブルは、送信先MACアドレスに基づくフレームの転送制御を行う際に参照される。 The volatile memory also stores a so-called MAC address table (not shown in FIG. 2). In this MAC address table, a record including the port identifier of the port that received the frame and the transmission source MAC address of the frame is written. As is well known, writing of a record to the MAC address table is often performed, for example, at the time of transfer control of a frame including an ARP packet or transfer control of a frame including a response packet to the ARP packet. Deletion is often performed after a certain time has elapsed since the writing. Also in this embodiment, writing and deletion of records in the MAC address table are performed by the switching engine unit 520 in the well-known manner. This MAC address table is referred to when frame transfer control based on the destination MAC address is performed.
 スイッチングエンジン部520は、例えばCPU(Central Processing Unit)である。スイッチングエンジン部520は、記憶部530に記憶されているファームウェアを実行し、スイッチングハブ50の制御中枢として機能する。前述したように、スイッチングエンジン部520は上記ファームウェアにしたがって上流側ポート特定処理およびフレーム転送制御処理を実行する。これら各処理の詳細については動作例において明らかにするが、概略は以下の通りである。 The switching engine unit 520 is, for example, a CPU (Central Processing Unit). The switching engine unit 520 executes firmware stored in the storage unit 530 and functions as a control center of the switching hub 50. As described above, the switching engine unit 520 executes the upstream port specifying process and the frame transfer control process according to the firmware. Details of these processes will be clarified in an operation example, but the outline is as follows.
 上流側ポート特定処理は、通信I/F部510の複数のポートのうちの何れが上流側ポートであるかを特定する処理である。この上流側ポート特定処理では、スイッチングエンジン部520は、ルータ検索パケットを内包したフレーム(すなわち、ペイロード部にルータ検索パケットが書き込まれたフレーム:以下、ルータ検索フレーム)を通信I/F部510の全てのポートから送出(すなわち、ブロードキャスト)し、そのルータ検索フレームに対する応答を受信したポートのポート識別子を上流側ポート識別子として記憶部530に書き込む。この上流側ポート特定処理は、LAN1にスイッチングハブ50が接続されたこと、或いはスイッチングハブ50の電源が投入されたことを契機として実行される。 The upstream port specifying process is a process for specifying which of the plurality of ports of the communication I / F unit 510 is the upstream port. In this upstream side port specifying process, the switching engine unit 520 transmits a frame including the router search packet (that is, a frame in which the router search packet is written in the payload portion: hereinafter, a router search frame) of the communication I / F unit 510. The port identifier of the port that has been transmitted (that is, broadcast) from all ports and has received a response to the router search frame is written in the storage unit 530 as the upstream port identifier. This upstream port specifying process is executed when the switching hub 50 is connected to the LAN 1 or when the switching hub 50 is powered on.
 フレーム転送制御処理は、通信I/F部510の何れかのポートにより受信したフレームをその送信先MACアドレスに応じたポートから送出する処理であり、いわばスイッチングハブ本来の機能を実現する処理である。なお、受信したフレームが所謂ブロードキャストフレームである場合、または当該フレームの送信先MACアドレスに対応するレコードがMACアドレステーブルに登録されていない場合には、スイッチングエンジン部520は、当該フレームを受信したポート以外の全てのポートから当該フレームを送出する処理(フラッディング)を実行する。加えて、本実施形態のフレーム転送制御処理では、一定の条件を満たすフレームを受信した場合に、スイッチングエンジン部520にそのフレームの転送に先立ってタグ情報付与/削除処理(図4参照)を実行させる点に特徴がある。
 ここで、一定の条件とは、以下の(a)および(b)である。
(a)下流側ポート(すなわち、記憶部530に記憶されている上流側ポート識別子の示すポート以外のポート)によりフレームを受信したこと
(b)受信したフレームに内包されているパケットが処理対象パケット(本実施形態では、ARPパケット)であること The frame transfer control process is a process for sending a frame received by any one of the ports of the communication I / F unit 510 from a port corresponding to the destination MAC address, which is a process for realizing the original function of the switching hub. . When the received frame is a so-called broadcast frame, or when a record corresponding to the transmission destination MAC address of the frame is not registered in the MAC address table, the switching engine unit 520 displays the port that received the frame. A process (flooding) for sending the frame from all ports other than is executed. In addition, in the frame transfer control process of the present embodiment, when a frame satisfying a certain condition is received, the tag information adding / deleting process (see FIG. 4) is executed in the switching engine unit 520 prior to the transfer of the frame. There is a feature in making it.
Here, the certain conditions are the following (a) and (b).
(A) A frame is received by a downstream port (that is, a port other than the port indicated by the upstream port identifier stored in the storage unit 530). (B) A packet included in the received frame is a processing target packet. (In this embodiment, it is an ARP packet)
 このタグ情報付与/削除処理は、上記条件(a)および(b)の両方を満たすフレームを上流側へ転送する場合には、当該フレームを受信したポートを示すタグ情報を当該フレームの所定領域(本実施形態では、4バイトの領域)に追記して転送する一方、当該フレームを下流側に転送する場合には、タグ情報を追記せずに(他のスイッチングハブ50によってタグ情報が付与されていた場合には、タグ情報を全て削除して)転送する処理である。ここで、上流側へ転送するフレームとは、その送信先MACアドレスに対応付けてMACアドレステーブルに登録されているポート識別子が上流側ポート識別子と一致するフレーム、またはフラッディングの際に上流側へ送出するフレームのことである。つまり、下流側から受信した処理対象フレームについてフラッディングを行う場合には、スイッチングエンジン部520は、その送出先のポート毎にタグ情報付与/削除処理を実行するのである。なお、以下では、処理対象パケットを内包したフレーム(すなわち、ペイロード部に処理対象パケットが書き込まれているフレーム)のことを「処理対象フレーム」と呼ぶ。 In the tag information addition / deletion process, when a frame that satisfies both of the above conditions (a) and (b) is transferred to the upstream side, tag information indicating a port that has received the frame is sent to a predetermined area ( In the present embodiment, when the frame is transferred after being added to the 4-byte area, the tag information is not added (the tag information is given by another switching hub 50) when the frame is transferred downstream. In this case, the tag information is deleted and transferred. Here, the frame forwarded to the upstream side is a frame in which the port identifier registered in the MAC address table in association with the destination MAC address matches the upstream port identifier, or sent to the upstream side during flooding. It is a frame to do. That is, when performing flooding on a processing target frame received from the downstream side, the switching engine unit 520 executes tag information addition / deletion processing for each port of the transmission destination. Hereinafter, a frame including a processing target packet (that is, a frame in which the processing target packet is written in the payload portion) is referred to as a “processing target frame”.
 本実施形態では、上記タグ情報として、条件(a)および(b)の両方を満たすフレームを受信したポートのポート識別子を「VLAN ID」とするVLANタグが用いられている。通常、ポート識別子としては2バイトの数値が用いられるため、本実施形態では、最大で2個のタグ情報をフレーム内の上記所定領域に書き込むことができる。VLANタグは、本来、スイッチングハブにおいてブロードキャストの範囲を自在に制御するために用いられるのであるが、本実施形態では、VLANタグを用いて上記ポート識別子を上流側に通知するようにした点に特徴がある。なお、VLANおよびVLANタグの詳細については非特許文献2を参照されたい。
 以上がスイッチングハブ50の構成である。 In the present embodiment, a VLAN tag having “VLAN ID” as a port identifier of a port that has received a frame that satisfies both the conditions (a) and (b) is used as the tag information. Usually, since a 2-byte numerical value is used as the port identifier, in this embodiment, a maximum of two pieces of tag information can be written in the predetermined area in the frame. The VLAN tag is originally used to freely control the broadcast range in the switching hub. In this embodiment, the VLAN tag is used to notify the port identifier to the upstream side. There is. Refer to Non-Patent Document 2 for details of VLAN and VLAN tag.
The above is the configuration of the switching hub 50.
(A-2:ルータ60の構成)
 次いで、図6を参照しつつルータ60の構成を説明する。図6は、ルータ60の構成を示すブロック図である。図6に示すように、ルータ60は、通信I/F部610、ルーティングエンジン部620および記憶部630を有している。通信I/F部610は、スイッチングハブ50の通信I/F部510と同様に複数のポートを有しており、各ポートには固有のポート識別子が割り当てられている。通信I/F部610の複数のポートはIP網(図1では図示略)に接続されている上流側ポートとその他の下流側ポートとに分類される。例えば、図1のルータ60においては、下流側のポートの1つがスイッチングハブ50Aに接続されているのである。通信I/F部610は、通信I/F部510と同様、各ポートを介して受信したフレームをルーティングエンジン部620に与える一方、ルーティングエンジン部620から与えられるフレームを同ルーティングエンジン部620によって指示されたポートから送出する。 (A-2: Configuration of router 60)
Next, the configuration of the router 60 will be described with reference to FIG. FIG. 6 is a block diagram showing a configuration of the router 60. As illustrated in FIG. 6, the router 60 includes a communication I / F unit 610, a routing engine unit 620, and a storage unit 630. The communication I / F unit 610 has a plurality of ports like the communication I / F unit 510 of the switching hub 50, and a unique port identifier is assigned to each port. The plurality of ports of the communication I / F unit 610 are classified into an upstream port connected to an IP network (not shown in FIG. 1) and other downstream ports. For example, in the router 60 of FIG. 1, one of the downstream ports is connected to the switching hub 50A. Similar to the communication I / F unit 510, the communication I / F unit 610 gives the frame received via each port to the routing engine unit 620, and instructs the routing engine unit 620 to specify the frame given from the routing engine unit 620. From the specified port.
 記憶部630も、スイッチングハブ50の記憶部530と同様に、RAMなどの揮発性メモリとEPROMなどの不揮発性メモリを含んでいる(図示略)。この不揮発性メモリには、ルータ検索パケット応答処理、パケット転送制御処理(図8参照)およびタイマ処理(図9参照)をルーティングエンジン部620に実行させるためのファームウェアが予め記憶されている。一方、揮発性メモリは、上記ファームウェアを実行する際のワークエリアとしてルーティングエンジン部620によって利用されるとともに、受信したフレーム(或いは、パケット)を一時的に蓄積しておくためのバッファの役割を果たす。また、この揮発性メモリには、ルーティングテーブル(図6では図示略)と接続関係管理テーブルとが格納される。これら2つのテーブルのうち、ルーティングテーブルについては一般的なルータが有するものと何ら変るところはないため詳細な説明を省略し、接続関係管理テーブルについて説明する。 Similarly to the storage unit 530 of the switching hub 50, the storage unit 630 includes a volatile memory such as a RAM and a nonvolatile memory such as an EPROM (not shown). Firmware for causing the routing engine unit 620 to execute router search packet response processing, packet transfer control processing (see FIG. 8), and timer processing (see FIG. 9) is stored in advance in this nonvolatile memory. On the other hand, the volatile memory is used by the routing engine unit 620 as a work area when executing the firmware, and serves as a buffer for temporarily storing received frames (or packets). . The volatile memory stores a routing table (not shown in FIG. 6) and a connection relationship management table. Of these two tables, the routing table is not different from that of a general router, so detailed description thereof will be omitted, and the connection relationship management table will be described.
 図7は、接続関係管理テーブルのテーブルフォーマットの一例を示す図である。図7に示すように、接続関係管理テーブルには、LAN番号と、1段下のポートを示す情報(或いは、1段下のポートを示す情報と2段下のポートを示す情報)と、ホストアドレスと、タイマ値とを含むレコードが格納される。この接続関係管理テーブルに格納される各レコードは、そのレコードに含まれているホストアドレスを有する通信端末40がスイッチングハブ50の何れのポートに接続されているのか、さらに、そのスイッチングハブ50はルータ60の何れのポートに接続されているのか(すなわち、通信端末40からルータ60に到る通信路上の各通信装置の接続関係)を表す。 FIG. 7 is a diagram illustrating an example of a table format of the connection relationship management table. As shown in FIG. 7, the connection relationship management table includes a LAN number, information indicating a port one level below (or information indicating a port one level below and information indicating a port two levels below), and a host. A record including an address and a timer value is stored. Each record stored in the connection relation management table includes information indicating which port of the switching hub 50 the communication terminal 40 having the host address included in the record is connected to, and the switching hub 50 is a router. 60 indicates which port is connected (that is, the connection relationship of each communication device on the communication path from the communication terminal 40 to the router 60).
 具体的には、ホストアドレスには、ルータ60が受信した処理対象フレームの送信元MACアドレスが書き込まれ、上記LAN番号にはその処理対象フレームを受信した通信I/F部610の下流側ポートのポート識別子が書き込まれる。そして、これらLAN番号やホストアドレスとともに上記レコードを構成する「1段下のポート情報」には、当該LAN番号の示すポートに接続されているスイッチングハブ(すなわち、「ルータから見て1段下流側のスイッチングハブ」)において上記処理対象フレームを受信したポートのポート識別子が書き込まれ、「2段下のポート情報」には、ルータから見て2段下流側のスイッチングハブにおいて上記処理対象フレームを受信したポートのポート識別子が書き込まれる。詳細については後述するが、これら「1段下のポート情報」および「2段下のポート情報」は処理対象フレームに付与されているタグ情報から生成される。そして、タイマ値は、接続関係管理テーブルにレコードの登録が行われてからその削除が行われるまでの残り時間を示すデータである。このタイマ値の初期値は前述したMACアドレステーブルに登録したレコードを削除するまでの時間長に応じて定められる。 Specifically, the source MAC address of the processing target frame received by the router 60 is written in the host address, and the downstream port of the communication I / F unit 610 that received the processing target frame is written in the LAN number. A port identifier is written. The “one-stage lower port information” that constitutes the record together with the LAN number and host address includes a switching hub connected to the port indicated by the LAN number (that is, “one stage downstream from the router”). The port identifier of the port that received the frame to be processed in the "switching hub") is written, and "the port information in the second stage" is received in the switching hub that is two stages downstream from the router. The port identifier of the selected port is written. Although the details will be described later, these “one-stage lower port information” and “two-stage lower port information” are generated from the tag information given to the processing target frame. The timer value is data indicating the remaining time from when a record is registered in the connection relationship management table to when the record is deleted. The initial value of the timer value is determined according to the time length until the record registered in the MAC address table is deleted.
 ルーティングエンジン部620は、スイッチングハブ50のスイッチングエンジン部520と同様、CPU(Central Processing Unit)である。ルーティングエンジン部620は、記憶部630に記憶されているファームウェアを実行し、ルータ60の制御中枢として機能する。前述したように、ルーティングエンジン部620は上記ファームウェアにしたがって、ルータ検索パケット応答処理、パケット転送制御処理およびタイマ処理を実行する。これら各処理の詳細については動作例において明らかにするが、概略は以下の通りである。 The routing engine unit 620 is a CPU (Central Processing Unit) like the switching engine unit 520 of the switching hub 50. The routing engine unit 620 executes firmware stored in the storage unit 630 and functions as a control center of the router 60. As described above, the routing engine unit 620 executes router search packet response processing, packet transfer control processing, and timer processing according to the firmware. Details of these processes will be clarified in an operation example, but the outline is as follows.
 ルータ検索パケット応答処理は、通信I/F部610によってルータ検索フレームを受信した場合に、応答パケットを書き込んだフレーム(以下、ルータ検索応答フレーム)を返信する処理である。パケット転送制御処理では、ルーティングエンジン部620は、通信I/F部610によって受信したフレームに内包されているパケットの内容に応じた処理を実行する。例えば、当該パケットがIP網から通信端末40へ宛てて送信されてきたものである場合には、ルーティングエンジン部620はそのパケットを下流側へ転送する処理を実行し、当該パケットがルータ60に宛てて送信されたARPパケットである場合には、応答パケットをその送信元へ返信する、といった具合である。また、ルーティングエンジン部620は、通信I/F部610によって受信したフレームが処理対象フレーム(すなわち、処理対象パケットを内包したフレーム)である場合には、図8に示すように、そのパケットの内容に応じた処理の実行に先立って、そのフレームの所定領域に書き込まれているタグ情報に基づいて新たなレコードを接続関係管理テーブルに登録する処理を実行する。そして、タイマ処理は、パケット転送制御処理の実行過程で接続関係管理テーブルに登録したレコードを一定時間経過後に削除する処理である。
 以上がルータ60の構成である。 The router search packet response process is a process of returning a frame in which a response packet is written (hereinafter referred to as a router search response frame) when the router I / F unit 610 receives a router search frame. In the packet transfer control process, the routing engine unit 620 executes a process according to the content of the packet included in the frame received by the communication I / F unit 610. For example, when the packet is transmitted from the IP network to the communication terminal 40, the routing engine unit 620 executes processing for transferring the packet to the downstream side, and the packet is addressed to the router 60. In the case of an ARP packet transmitted in response, a response packet is returned to the transmission source. In addition, when the frame received by the communication I / F unit 610 is a processing target frame (that is, a frame including the processing target packet), the routing engine unit 620, as shown in FIG. Prior to the execution of the process according to the process, a process of registering a new record in the connection relationship management table is executed based on the tag information written in the predetermined area of the frame. The timer process is a process for deleting a record registered in the connection relation management table in the course of executing the packet transfer control process after a predetermined time has elapsed.
The above is the configuration of the router 60.
(B:動作)
 以下、図10(A)に示すように、通信端末40、スイッチングハブ50およびルータ60が接続されている場合を例にとって、上流側ポート特定処理におけるスイッチングハブ50およびルータ60の動作を説明する。図10(A)では、スイッチングハブ50およびルータ60の各々が有するポートのポート識別子が丸付き数字で示されており、各通信端末40に割り当てられているMACアドレスが括弧つき数字で表されている。図10(A)を参照すれば明らかなように、ルータ60のポート識別子“1”のポートにはスイッチングハブ50Aが接続されている。スイッチングハブ50Aのポート識別子“2”、“5”、“6”の各ポートには、夫々、スイッチングハブ50B、通信端末40A、ルータ60が接続されている。スイッチングハブ50Bのポート識別子“1”、“3”、“4”の各ポートには、夫々、通信端末40B、スイッチングハブ50C、スイッチングハブ50Aが接続されている。そして、スイッチングハブ50Cのポート識別子“1”、“8”の各ポートには、夫々、スイッチングハブ50B、通信端末40Cが接続されている。また、通信端末40A、40Bおよび40Cの各々のMACアドレスは、それぞれ、“101”、“150”および“200”である。なお、以下では、スイッチングハブ50A,50Bおよび50Cの各々スイッチングエンジン部520を区別する必要がある場合には、夫々、「スイッチングエンジン部520A」、「スイッチングエンジン部520B」および「スイッチングエンジン部520C」と表記する。通信I/F部510および記憶部530についても同様である。 (B: Operation)
Hereinafter, as illustrated in FIG. 10A, the operation of the switching hub 50 and the router 60 in the upstream port specifying process will be described by taking as an example the case where the communication terminal 40, the switching hub 50, and the router 60 are connected. In FIG. 10A, the port identifiers of the ports included in each of the switching hub 50 and the router 60 are indicated by circled numbers, and the MAC addresses assigned to the respective communication terminals 40 are indicated by numbers with parentheses. Yes. As is clear from FIG. 10A, the switching hub 50A is connected to the port having the port identifier “1” of the router 60. The switching hub 50B, the communication terminal 40A, and the router 60 are connected to the port identifiers “2”, “5”, and “6” of the switching hub 50A, respectively. A communication terminal 40B, a switching hub 50C, and a switching hub 50A are connected to the port identifiers “1”, “3”, and “4” of the switching hub 50B, respectively. The switching hub 50B and the communication terminal 40C are connected to the ports with the port identifiers “1” and “8” of the switching hub 50C, respectively. The MAC addresses of the communication terminals 40A, 40B, and 40C are “101”, “150”, and “200”, respectively. In the following, when it is necessary to distinguish the switching engine units 520 of the switching hubs 50A, 50B, and 50C, the “switching engine unit 520A”, the “switching engine unit 520B”, and the “switching engine unit 520C”, respectively. Is written. The same applies to the communication I / F unit 510 and the storage unit 530.
(B-1:上流側ポート特定処理における動作)
 スイッチングハブ50A、50Bおよび50Cの各々のスイッチングエンジン部520は、その電源が投入されたことを契機としてファームウェアの実行を開始し、まず、上流側ポート特定処理を実行する。図3は、上流側ポート特定処理の流れを示すフローチャートである。図3に示すように、スイッチングエンジン部520は、ルータ検索フレームを全てのポートから送出し(ステップSA100)、そのルータ検索フレームに対する応答が返信されてくることを待ち受ける(ステップSA110)。ここで、全てのポートからルータ検索フレームを送出するのは、当該上流側ポート特定処理の実行時点では通信I/F部510の何れのポートにルータ60(或いは、よりルータ60に近い側の他のスイッチングハブ50)が接続されているのか判らないからである。詳細については後述するが、本実施形態では、各スイッチングハブ50は、全てのポートからルータ検索フレームを送出し、このルータ検索フレームに対する応答の有無により上流側ポートを特定する。代替として、スイッチングハブ検出用のパケットを内包したフレーム(以下、スイッチングハブ検出フレーム)をルータ60に間欠的に送出させ、各スイッチングハブ50には当該スイッチングハブ検出フレームの受信により上流側ポートを特定させるようにすることもできる。より詳細に説明すると、各スイッチングハブ50には、上流側ポート特定処理として、スイッチングハブ検出フレームの受信を待ち受け、当該スイッチングハブ検出フレームを受信したポートを上流側ポートとして記憶するとともに当該フレームを下流側の各ポートから送出する処理を実行させるのである。また、このような態様においては、各スイッチングハブ50にスイッチングハブ検出フレームに対する応答を返信させるようにすれば、当該応答の受信によりルータ60に配下のスイッチングハブを認識させることができる。 (B-1: Operation in upstream port identification processing)
The switching engine unit 520 of each of the switching hubs 50A, 50B, and 50C starts executing the firmware when the power is turned on, and first executes upstream port specifying processing. FIG. 3 is a flowchart showing the flow of the upstream port specifying process. As shown in FIG. 3, switching engine unit 520 sends a router search frame from all ports (step SA100), and waits for a response to the router search frame (step SA110). Here, the router search frame is transmitted from all the ports at the time of execution of the upstream port specifying process to any port of the communication I / F unit 510 other than the router 60 (or other side closer to the router 60). This is because it is not known whether the switching hub 50) is connected. Although details will be described later, in this embodiment, each switching hub 50 transmits a router search frame from all ports, and specifies an upstream port based on whether or not there is a response to the router search frame. As an alternative, a frame including a switching hub detection packet (hereinafter referred to as a switching hub detection frame) is intermittently sent to the router 60, and each switching hub 50 is identified by receiving the switching hub detection frame. It can also be made to do. More specifically, each switching hub 50 waits for reception of a switching hub detection frame as upstream port identification processing, stores the port that received the switching hub detection frame as an upstream port, and stores the frame downstream. The processing sent out from each port on the side is executed. Further, in such an aspect, if each switching hub 50 is caused to return a response to the switching hub detection frame, the router 60 can recognize the subordinate switching hub by receiving the response.
 ルータ60のルーティングエンジン部620は、通信I/F部610によって上記ルータ検索フレームを受信すると、ルータ検索パケット応答処理をファームウェアにしたがって実行し、ルータ検索応答フレームを返信する。一方、スイッチングハブ50のスイッチングエンジン部520は、ルータ検索フレームに対する応答を待ち受けており、当該フレームを送信してから所定時間内に応答が返信されてこない場合(ステップSA110:No)には、スイッチングエンジン部520は、再度、ステップSA100の処理を実行する。逆に、上記所定時間内に応答が返信されて来た場合には、スイッチングエンジン部520は、その応答を受信したポートのポート識別子を上流側ポート識別子として記憶部530に書き込む処理(ステップSA120)を実行する。 When the routing engine unit 620 of the router 60 receives the router search frame by the communication I / F unit 610, the router search packet response process is executed according to the firmware, and the router search response frame is returned. On the other hand, the switching engine unit 520 of the switching hub 50 waits for a response to the router search frame, and when the response is not returned within a predetermined time after transmitting the frame (step SA110: No), switching is performed. Engine unit 520 executes step SA100 again. Conversely, when a response is returned within the predetermined time, the switching engine unit 520 writes the port identifier of the port that received the response in the storage unit 530 as the upstream port identifier (step SA120). Execute.
 図10(A)に示すように、ルータ60は、スイッチングハブ50Aのポート識別子“6”のポートに接続されている。このため、スイッチングエンジン部520Aは、ポート識別子“6”のポートを介してルータ60から返信されてくるルータ検索応答フレームを受信する。したがって、記憶部530Aには上流側ポート識別子として“6”が書き込まれる。 As shown in FIG. 10A, the router 60 is connected to the port with the port identifier “6” of the switching hub 50A. Therefore, the switching engine unit 520A receives the router search response frame returned from the router 60 through the port with the port identifier “6”. Therefore, “6” is written as the upstream port identifier in the storage unit 530A.
 スイッチングエンジン部520Bが送信したルータ検索フレームは、スイッチングハブ50Aを経由してルータ60に到達し、ルータ60から返信されるルータ検索応答フレームもスイッチングハブ50Aを経由してスイッチングハブ50Bに到達する。図10(A)に示すように、スイッチングハブ50Aはスイッチングハブ50Bのポート識別子“4”のポートに接続されており、このポートを介してスイッチングエンジン部520Bは上記ルータ検索応答フレームを受信する。したがって、記憶部530Bには上流側ポート識別子として“4”が書き込まれる。 The router search frame transmitted by the switching engine unit 520B reaches the router 60 via the switching hub 50A, and the router search response frame returned from the router 60 also reaches the switching hub 50B via the switching hub 50A. As shown in FIG. 10A, the switching hub 50A is connected to the port with the port identifier “4” of the switching hub 50B, and the switching engine unit 520B receives the router search response frame via this port. Therefore, “4” is written as the upstream port identifier in the storage unit 530B.
 そして、スイッチングエンジン部520Cが送信したルータ検索フレームは、スイッチングハブ50Bおよびスイッチングハブ50Aを経由してルータ60に到達し、ルータ60から返信されるルータ検索応答フレームもスイッチングハブ50Aおよびスイッチングハブ50Bを経由してスイッチングハブ50Cに到達する。図10(A)に示すように、スイッチングハブ50Bは、スイッチングハブ50Cのポート識別子“1”のポートに接続されており、このポートを介してスイッチングエンジン部520Cは上記ルータ検索応答フレームを受信する。このため、記憶部530Cには上流側ポート識別子として“1”が書き込まれる。
 以上が上流側ポート特定処理におけるスイッチングハブ50およびルータ60の動作である。 The router search frame transmitted by the switching engine unit 520C reaches the router 60 via the switching hub 50B and the switching hub 50A, and the router search response frame returned from the router 60 also passes through the switching hub 50A and the switching hub 50B. Via the switching hub 50C. As shown in FIG. 10A, the switching hub 50B is connected to the port with the port identifier “1” of the switching hub 50C, and the switching engine unit 520C receives the router search response frame via this port. . Therefore, “1” is written as the upstream port identifier in the storage unit 530C.
The above is the operation of the switching hub 50 and the router 60 in the upstream port specifying process.
 上記のようにして上流側ポートの特定が行われた状況下で、ルータ60のMACアドレスを取得するためのARPパケットが通信端末40A、40Bおよび40Cの各々から送信された場合に、スイッチングハブ50およびルータ60が実行する動作について説明する。なお、以下に説明する動作例では、各通信端末が送信するARPパケットの各々を区別するため、通信端末40Aが送信するものを「ARP1」と、通信端末40Bが送信するものを「ARP2」と、通信端末40Cが送信するものを「ARP3」と表記する。 When the ARP packet for acquiring the MAC address of the router 60 is transmitted from each of the communication terminals 40A, 40B, and 40C under the situation where the upstream port is specified as described above, the switching hub 50 An operation performed by the router 60 will be described. In the operation example described below, in order to distinguish each ARP packet transmitted by each communication terminal, what is transmitted by the communication terminal 40A is “ARP1”, and what is transmitted by the communication terminal 40B is “ARP2”. What is transmitted by the communication terminal 40C is denoted as “ARP3”.
(B-2:ARP1の転送動作)
 まず、通信端末40Aから送信されるARP1の転送動作について説明する。図10(A)に示すように、通信端末40Aはスイッチングハブ50Aに接続されている。スイッチングエンジン部520Aは、通信I/F部510Aにより上記ARP1を内包したフレームを受信すると、図4に示すフレーム転送制御処理を実行する。図4に示すように、スイッチングエンジ
ン部520Aは、まず、下流側ポートによりフレームを受信したのか否かを判定する(ステップSB100)。このステップSB100の判定結果が“Yes”であれば、スイッチングエンジン部520Aは、ステップSB110以降の処理を実行する。逆に、ステップSB100の判定結果が“No”であれば、スイッチングエンジン部520Aは、ステップSB130以降の処理を実行する。 (B-2: ARP1 transfer operation)
First, the transfer operation of ARP1 transmitted from the communication terminal 40A will be described. As shown in FIG. 10A, the communication terminal 40A is connected to the switching hub 50A. When switching engine unit 520A receives the frame including ARP1 by communication I / F unit 510A, switching engine unit 520A executes the frame transfer control process shown in FIG. As shown in FIG. 4, the switching engine unit 520A first determines whether or not a frame has been received by the downstream port (step SB100). If the determination result in step SB100 is “Yes”, switching engine unit 520A executes the processing after step SB110. On the other hand, if the determination result in step SB100 is “No”, switching engine unit 520A executes the processing after step SB130.
 図10(A)に示すように、通信端末40Aは、スイッチングハブ50Aのポート識別子“5”のポートに接続されている。スイッチングハブ50Aの上流側ポートはポート識別子“6”のポートであるから、スイッチングエンジン部520Aは、通信端末40Aから送信されたフレームを下流側ポートを介して受信する。このため、ステップSB100の判定結果は“Yes”になり、スイッチングエンジン部520AはステップSB110以降の処理を実行する。 As shown in FIG. 10A, the communication terminal 40A is connected to the port with the port identifier “5” of the switching hub 50A. Since the upstream port of the switching hub 50A is the port with the port identifier “6”, the switching engine unit 520A receives the frame transmitted from the communication terminal 40A via the downstream port. For this reason, the determination result in step SB100 is “Yes”, and the switching engine unit 520A executes the processing after step SB110.
 ステップSB110では、下流側ポートを介して受信したフレームが処理対象フレームであるか否かの判定が行われる。このステップSB110の判定結果が“Yes”であれば、スイッチングエンジン部520Aは、ステップSB120以降の処理を実行する。逆に、ステップSB110の判定結果が“No”であれば、スイッチングエンジン部520Aは、ステップSB130以降の処理を実行する。前述したように本実施形態の処理対象パケットはARPパケットであり、通信端末40Aから送信されたパケットもARPである。したがって、ステップSB110の判定結果は“Yes”になり、スイッチングエンジン部520Aは、ステップSB120以降の処理を実行する。 In step SB110, it is determined whether or not the frame received via the downstream port is a processing target frame. If the determination result in step SB110 is “Yes”, switching engine unit 520A executes the processes in and after step SB120. On the other hand, if the determination result in step SB110 is “No”, switching engine unit 520A executes the processing after step SB130. As described above, the processing target packet of this embodiment is an ARP packet, and the packet transmitted from the communication terminal 40A is also an ARP. Therefore, the determination result in step SB110 is “Yes”, and the switching engine unit 520A executes the processing after step SB120.
 ステップSB120の処理は、下流側ポートにより受信した処理対象フレームに対して、タグ情報の追記または削除を行うタグ情報付与/削除処理である。図5は、タグ情報付与/削除処理の流れを示すフローチャートである。図5に示すように、このタグ情報付与/削除処理では、スイッチングエンジン部520Aは、まず、下流側ポートを介して受信した処理対象フレームの送信先が上流側であるか否かを判定する(ステップSB200)。このステップSB200の判定基準については前述した通りである。ステップSB200の判定結果が“No”であれば、スイッチングエンジン部520Aは、ステップSB210およびステップSB220の処理を実行する。逆に、ステップSB200の判定結果が“Yes”である場合には、スイッチングエンジン部520Aは、ステップSB230以降の処理を実行する。 The processing in step SB120 is tag information addition / deletion processing for adding or deleting tag information to the processing target frame received by the downstream port. FIG. 5 is a flowchart showing the flow of tag information addition / deletion processing. As shown in FIG. 5, in this tag information addition / deletion process, the switching engine unit 520A first determines whether or not the transmission destination of the processing target frame received via the downstream port is the upstream side ( Step SB200). The criteria for this step SB200 are as described above. If the determination result of step SB200 is “No”, switching engine unit 520A executes the processes of steps SB210 and SB220. Conversely, when the determination result in step SB200 is “Yes”, the switching engine unit 520A executes the processes after step SB230.
 本実施形態の処理対象フレームは、ARPパケット(より正確には、ルータ60宛てのARPパケット)を内包したフレームである。このARPパケットのヘッダ部には送信先IPアドレスとしてルータ60のIPアドレスが書き込まれているが、当該ARPパケットを内包したフレームのヘッダ部には送信先MACアドレスは書き込まれていない。これは、そもそも、ルータ60のMACアドレスの取得を目的として上記ARPパケットの送信が行われたからである。つまり、ARPパケットを内包したフレームはブロードキャストフレームであり、スイッチングエンジン部520Aは前述したフラッディングを行う。スイッチングエンジン部520Aは、ポート識別子“5”のポートを介して通信端末40Aから受信した処理対象フレームを、そのポート以外の全てのポートから送出する処理(図4:ステップSB130)を行うのであるが、その実行に先立ってそれらフレームの各々についてタグ情報付与/削除処理を行う。このため、上記フラッディングにより上流側ポートへ送出するフレームについてのみステップSB200の判定結果は“Yes”になり、他のものについてはステップSB200の判定結果は“No”になる。 The processing target frame of the present embodiment is a frame including an ARP packet (more precisely, an ARP packet addressed to the router 60). Although the IP address of the router 60 is written as the transmission destination IP address in the header portion of the ARP packet, the transmission destination MAC address is not written in the header portion of the frame including the ARP packet. This is because the ARP packet is transmitted for the purpose of obtaining the MAC address of the router 60 in the first place. That is, the frame including the ARP packet is a broadcast frame, and the switching engine unit 520A performs the above-described flooding. The switching engine unit 520A performs processing (FIG. 4: Step SB130) of sending the processing target frame received from the communication terminal 40A via the port with the port identifier “5” from all ports other than the port. Prior to the execution, tag information addition / deletion processing is performed for each of the frames. For this reason, the determination result of step SB200 is “Yes” only for the frame sent to the upstream port by the flooding, and the determination result of step SB200 is “No” for the other frames.
 フラッディングにより下流側へ送出する処理対象フレームについては、ステップSB200の判定結果は“No”になるため、スイッチングエンジン部520Aは、ステップSB210の処理を実行する。このステップSB210の処理は、受信した処理対象フレームの所定領域にタグ情報が書き込まれているか否かを判定する処理である。そして、スイッチングエンジン部520Aは、ステップSB210の判定結果が“Yes”である場合にのみ、ステップSB220の処理を実行する。このステップSB220の処理は、受信した処理対象フレームに付与されているタグ情報(すなわち、処理対象フレームの所定領域に書き込まれているタグ情報)を全て削除する処理である。図10(A)に示すように、本動作例においてスイッチングハブ50Aが通信端末40Aから受信するフレームにはタグ情報は付与されていない。このため、ステップSB210の判定結果は“No”になり、スイッチングエンジン部520Aは、ステップSB220の処理を行うことなく、本タグ情報付与/削除処理を終了する。なお、下流側に転送するフレームにタグ情報を付与しない(或いは、付与されているタグ情報を削除する)のは、当該タグ情報はルータ60における接続関係管理テーブルの更新にのみ利用され、下流側では利用されることはないからである。 Since the determination result in step SB200 is “No” for the processing target frame to be sent downstream by flooding, the switching engine unit 520A executes the process in step SB210. The processing in step SB210 is processing for determining whether tag information is written in a predetermined area of the received processing target frame. Then, the switching engine unit 520A executes the process of step SB220 only when the determination result of step SB210 is “Yes”. The process of step SB220 is a process of deleting all tag information attached to the received process target frame (that is, tag information written in a predetermined area of the process target frame). As shown in FIG. 10A, tag information is not attached to a frame received by the switching hub 50A from the communication terminal 40A in this operation example. For this reason, the determination result in step SB210 is “No”, and the switching engine unit 520A ends the tag information addition / deletion process without performing the process in step SB220. The tag information is not added to the frame transferred downstream (or the tag information attached is deleted) is used only for updating the connection relation management table in the router 60. Because it is not used.
 これに対して、フラッディングにより上流側へ送出する処理対象フレームについては、ステップSB200の判定結果は“Yes”になるため、スイッチングエンジン部520AはステップSB230以降の処理を実行する。ステップSB230は、受信した処理対象フレームの所定領域を参照し、所定数分(本実施形態では、2個)のタグ情報が付与されているか否かを判定する処理である。このステップSB230の判定結果が“Yes”であれば、スイッチングエンジン部520Aは、ステップSB240の処理を行った後に、ステップSB250の処理を行う。逆に、ステップSB230の判定結果が“No”であれば、スイッチングエンジン部520は、ステップSB240の処理を実行することなく、ステップSB250の処理を実行する。 On the other hand, since the determination result in step SB200 is “Yes” for the processing target frame to be sent to the upstream side by flooding, the switching engine unit 520A executes the processing after step SB230. Step SB230 refers to a predetermined area of the received processing target frame, and determines whether or not a predetermined number (two in the present embodiment) of tag information has been assigned. If the determination result in step SB230 is “Yes”, switching engine unit 520A performs the process in step SB250 after performing the process in step SB240. Conversely, if the determination result in step SB230 is “No”, the switching engine unit 520 executes the process in step SB250 without executing the process in step SB240.
 前述したように、本動作例にて通信端末40Aからスイッチングハブ50Aに送信されてくる処理対象フレームにはタグ情報は付与されていない。したがって、ステップSB230の判定結果は“No”になり、スイッチングエンジン部520AはステップSB250の処理のみを実行する。 As described above, tag information is not attached to the processing target frame transmitted from the communication terminal 40A to the switching hub 50A in this operation example. Therefore, the determination result of step SB230 is “No”, and the switching engine unit 520A executes only the process of step SB250.
 ステップSB250は、受信した処理対象フレームの所定領域の最外に、当該フレームを受信したポートを示すタグ情報を追記する処理である。ここで、所定領域の最外にタグ情報を追記するとは、具体的には、以下のような処理を行うことを言う。受信した処理対象フレームにタグ情報が付与されていないのであれば、スイッチングエンジン部520Aは当該所定領域の先頭から上記タグ情報を書き込む。一方、受信したフレームの所定領域に上記所定数未満の個数のタグ情報が書き込まれていた場合には、スイッチングエンジン部520Aは、それらタグ情報を上記所定領域の末尾側にタグ情報1個分のデータサイズ分ずつ移動させ、その後、当該所定領域の先頭から新たなタグ情報を書き込む。つまり、上記所定領域には、その先頭に近いほど(外側に近いほど)上流側のスイッチングハブのタグ情報が書き込まれるのである。 Step SB250 is a process of adding tag information indicating a port that has received the frame outside the predetermined area of the received processing target frame. Here, adding the tag information to the outermost part of the predetermined area specifically means performing the following processing. If tag information is not attached to the received processing target frame, the switching engine unit 520A writes the tag information from the top of the predetermined area. On the other hand, when the tag information of less than the predetermined number is written in the predetermined area of the received frame, the switching engine unit 520A sets the tag information to one tag information at the end of the predetermined area. The data is moved by the data size, and then new tag information is written from the top of the predetermined area. That is, the tag information of the upstream switching hub is written into the predetermined area as it is closer to the head (closer to the outside).
 前述したように、スイッチングハブ50Aが通信端末40Aから受信する処理対象フレームにはタグ情報は付与されていない。したがって、ステップSB250においてスイッチングエンジン部520Aは、当該処理対象フレームを受信したポートのポート識別子(すなわち、“5”)をタグ情報として当該処理対象フレームの所定領域の最外に書き込む処理を実行する。そして、スイッチングエンジン部520Aは、タグ情報付与/削除処理を完了すると、このタグ情報付与/削除処理によりタグ情報が付与された処理対象フレームをその送信先に応じたポートから出力する(図4:ステップSB130)。 As described above, tag information is not attached to the processing target frame received by the switching hub 50A from the communication terminal 40A. Accordingly, in step SB250, the switching engine unit 520A executes a process of writing the port identifier (that is, “5”) of the port that has received the processing target frame as the tag information to the outermost portion of the predetermined area of the processing target frame. When the switching engine unit 520A completes the tag information addition / deletion process, the switching engine unit 520A outputs the processing target frame to which the tag information is added by the tag information addition / deletion process from the port corresponding to the transmission destination (FIG. 4: Step SB130).
 以上のように通信端末40Aから送信されたARP1は、スイッチングハブ50Aによって上流側のルータ60と下流側のスイッチングハブ50Bへ転送される。このARP1を内包したフレームはスイッチングハブ50Bにとっても処理対象フレームである。しかし、スイッチングエンジン部520Bは当該処理対象フレームを上流側から受信するため、このスイッチングエンジン部520Bが実行するフレーム転送制御処理(図4参照)においては、ステップSB100の判定結果は“No”になり、ステップSB130の処理(より詳細にはフラッディング)のみが実行される。つまり、スイッチングハブ50Bはスイッチングハブ50Aから転送されたフレームをさらに通信端末40Bおよびスイッチングハブ50Cに転送する。このフレームに内包されているARP1はルータ60に宛てて送信されたものであるから、通信端末40Bは、このフレームを受信しても、応答を返信することなく当該フレームを破棄する。一方、スイッチングハブ50Cは、スイッチングハブ50Bと同様に図4のステップSB130の処理(フラッディング)のみを実行し、当該フレームを通信端末40Cへと転送する。通信端末40Cは、当該フレームを受信すると、通信端末40Bと同様に応答を返信することなくそのフレームを破棄する。なお、図10(A)においては、スイッチングハブ50Aから下流側へのARP1の転送については図示を省略した。 ARP1 transmitted from the communication terminal 40A as described above is transferred to the upstream router 60 and the downstream switching hub 50B by the switching hub 50A. The frame including the ARP1 is also a processing target frame for the switching hub 50B. However, since the switching engine unit 520B receives the processing target frame from the upstream side, in the frame transfer control process (see FIG. 4) executed by the switching engine unit 520B, the determination result in step SB100 is “No”. Only the process of step SB130 (more specifically, flooding) is executed. That is, the switching hub 50B further transfers the frame transferred from the switching hub 50A to the communication terminal 40B and the switching hub 50C. Since ARP1 included in the frame is transmitted to the router 60, the communication terminal 40B discards the frame without returning a response even when the communication terminal 40B receives the frame. On the other hand, the switching hub 50C executes only the processing (flooding) in step SB130 of FIG. 4 as with the switching hub 50B, and transfers the frame to the communication terminal 40C. When receiving the frame, the communication terminal 40C discards the frame without returning a response in the same manner as the communication terminal 40B. In FIG. 10A, illustration of the transfer of ARP1 from the switching hub 50A to the downstream side is omitted.
 一方、ルータ60のルーティングエンジン部620は、通信I/F部610を介してフレームを受信すると、記憶部630に記憶されているファームウェアにしたがってパケット転送制御処理を実行する。図8は、パケット転送制御処理の流れを示すフローチャートである。図8に示すように、ルーティングエンジン部620は、まず、通信I/F部610を介して受信したフレームに内包されているパケットが処理対象パケットであるか否かを判定する(ステップRA100)。このステップRA100の判定結果が“Yes”であれば、ルーティングエンジン部620はステップRA110以降の処理を実行する。逆に、ステップRA100の判定結果が“No”であれば、ルーティングエンジン部620は、ステップRA130の処理を実行する。本動作例においてスイッチングハブ50Aから転送されてくるフレームにはARP1が内包されているから、ステップRA100の判定結果は“Yes”になり、ステップRA110以降の処理が実行される。 On the other hand, when receiving the frame via the communication I / F unit 610, the routing engine unit 620 of the router 60 executes a packet transfer control process according to the firmware stored in the storage unit 630. FIG. 8 is a flowchart showing the flow of the packet transfer control process. As shown in FIG. 8, the routing engine unit 620 first determines whether or not a packet included in a frame received via the communication I / F unit 610 is a processing target packet (step RA100). If the determination result in step RA100 is “Yes”, the routing engine unit 620 executes the processing after step RA110. On the other hand, if the determination result of step RA100 is “No”, the routing engine unit 620 executes the process of step RA130. In this operation example, since ARP1 is included in the frame transferred from the switching hub 50A, the determination result in step RA100 is “Yes”, and the processing after step RA110 is executed.
 ステップRA110は、通信I/F部610により受信したフレームの所定領域に書き込まれているタグ情報と、そのフレームの送信元MACアドレスと、そのフレームを受信した通信I/F部610のポートのポート識別子と、タイマ値の初期値(MACレコードの寿命に応じた値、例えば、300)とを対応付けて新たなレコードを生成し、接続関係管理テーブルに書き込む処理である。より詳細に説明すると、ルーティングエンジン部620は、上記ポート識別子を「LAN番号」として、上記送信元MACアドレスを「ホストアドレス」として新たなレコードを生成する。そして、上記受信したフレームの所定領域に書き込まれているタグ情報については、ルーティングエンジン部620は以下の要領で当該レコードに書き込む。すなわち、上記所定領域に書き込まれているタグ情報が1つだけの場合には、ルーティングエンジン部620は、そのタグ情報を当該レコードの「1段下のポート情報」に書き込み、上記所定領域にタグ情報が2つ書き込まれていた場合には、最外のタグ情報を「1段下のポート情報」に、他方を「2段下のポート情報」に各々書き込む。 Step RA110 includes tag information written in a predetermined area of the frame received by communication I / F unit 610, the transmission source MAC address of the frame, and the port of the port of communication I / F unit 610 that has received the frame. In this process, a new record is generated by associating the identifier with the initial value of the timer value (a value corresponding to the lifetime of the MAC record, for example, 300) and written in the connection relationship management table. More specifically, the routing engine unit 620 generates a new record with the port identifier as a “LAN number” and the source MAC address as a “host address”. And about the tag information currently written in the predetermined area | region of the said received frame, the routing engine part 620 writes in the said record in the following ways. That is, when only one tag information is written in the predetermined area, the routing engine unit 620 writes the tag information in the “one-stage port information” of the record, and tags the predetermined area. When two pieces of information are written, the outermost tag information is written in “port information one level lower” and the other is written in “port information two steps down”.
 次いで、ルーティングエンジン部620は、上記受信したフレームからタグ情報を削除し(ステップRA120)、そのフレームに内包されているパケットに応じた処理を実行する(ステップRA130)。例えば、上記パケットが、IP網に接続されている通信装置へ宛てて送信されたものである場合には、そのパケットの送信先IPアドレスとルーティングテーブルの格納内容とに基づいて転送先のルータを特定しそのルータへ当該パケットを転送する。また、上記パケットがルータ60に対して何らかの処理の実行を要求するものであれば、その要求に応じた処理を実行する、といった具合である。本動作例においては、通信端末40Aから送信されたARP1を受信するのであるから、ルーティングエンジン部620は応答パケットを返信する処理を実行する。
 以上がARP1の転送動作である。 Next, the routing engine unit 620 deletes the tag information from the received frame (step RA120), and executes processing according to the packet included in the frame (step RA130). For example, if the packet is sent to a communication device connected to the IP network, the transfer destination router is set based on the destination IP address of the packet and the stored contents of the routing table. Identify and forward the packet to that router. If the packet requests the router 60 to execute some processing, the processing corresponding to the request is executed. In this operation example, since ARP1 transmitted from the communication terminal 40A is received, the routing engine unit 620 executes a process of returning a response packet.
The above is the transfer operation of ARP1.
 以上説明したように、通信端末40Aから送信されたARP1がスイッチングハブ50Aを経てルータ60に到達し、そのARP1に対する応答パケットの返信が行われる過程において、ルータ60の接続関係管理テーブルには、これら各装置の接続関係(すなわち、ルータ60のポート識別子“1”のポートに接続されているスイッチングハブのポート識別子“5”のポートにMACアドレス“101”の通信端末が接続されていること)を表すレコードRec1(図10(B)参照)が登録される。なお、上記のようにして接続関係管理テーブルに登録されたレコードRec1は、タイマ処理によって一定時間経過後に削除される。図9はタイマ処理の流れを示すフローチャートである。図9に示すように、ルーティングエンジン部620は、各レコードのタイマ値をデクリメントし(ステップRB100)、そのタイマ値が0になったレコードがある場合(ステップRB110:Yes)には、該当するレコードを削除する処理(ステップRB120)を、全てのレコードが削除されるまで(すなわち、ステップRB130の判定結果がYesになるまで)繰り返し実行する。これは、通信端末40がLAN1から切り離された場合に、不要となるレコードが接続関係管理テーブルに残り続けることを防止するためである。なお、スイッチングハブ50の記憶部530に記憶されているMACアドレステーブルの更新(すなわち、MACレコードの削除)タイマに合わせたタイマ値で接続関係管理テーブルの格納内容を更新するようにしても良い。 As described above, in the process in which the ARP1 transmitted from the communication terminal 40A reaches the router 60 via the switching hub 50A and a response packet is returned to the ARP1, the connection relation management table of the router 60 includes these The connection relationship of each device (that is, the communication terminal having the MAC address “101” is connected to the port identifier “5” of the switching hub connected to the port identifier “1” of the router 60). A record Rec1 (see FIG. 10B) to be represented is registered. Note that the record Rec1 registered in the connection relationship management table as described above is deleted after a predetermined time by the timer process. FIG. 9 is a flowchart showing the flow of the timer process. As shown in FIG. 9, the routing engine unit 620 decrements the timer value of each record (step RB100), and if there is a record whose timer value is 0 (step RB110: Yes), the corresponding record Is repeatedly executed until all records are deleted (that is, until the determination result in Step RB130 becomes Yes). This is to prevent unnecessary records from remaining in the connection relationship management table when the communication terminal 40 is disconnected from the LAN 1. Note that the storage contents of the connection relationship management table may be updated with a timer value that matches the update (that is, deletion of MAC record) timer of the MAC address table stored in the storage unit 530 of the switching hub 50.
(B-3:ARP2の転送動作)
 次いで、通信端末40Bから送信されるARP2の転送動作について図11を参照しつつ説明する。なお、図11(A)においても、各通信装置の接続先のポートおよび通信端末40に割り当てられているMACアドレスは、図10(A)におけるものと同一である。図11(A)に示すように、通信端末40Bはスイッチングハブ50Bに接続されている。このため、通信端末40Bから送信されたARP2(より正確には、ARP2を内包したフレーム)は、まず、スイッチングハブ50Bによって受信される。 (B-3: ARP2 transfer operation)
Next, the transfer operation of ARP2 transmitted from the communication terminal 40B will be described with reference to FIG. Also in FIG. 11A, the connection destination port of each communication device and the MAC address assigned to the communication terminal 40 are the same as those in FIG. As shown in FIG. 11A, the communication terminal 40B is connected to the switching hub 50B. For this reason, ARP2 (more precisely, a frame including ARP2) transmitted from the communication terminal 40B is first received by the switching hub 50B.
 前述したように、通信端末40Bはスイッチングハブ50Bのポート識別子“1”のポートに接続されており、このスイッチングハブ50Bの上流側ポートはポート識別子“4”のポートである。したがって、スイッチングエンジン部520Bは、ARP2を内包したフレーム(すなわち、処理対象フレーム)を下流側ポートを介して受信し、前述した動作例(B-2)にてスイッチングエンジン部520Aが実行した動作と同一の動作を実行する。すなわち、スイッチングエンジン部520Bは、前述したフラッディングを行い、上記処理対象フレームを受信したポートを示すタグ情報を付与したフレームを上流側のスイッチングハブ50Aに転送するとともに(図11(A)参照)、下流側へ転送するフレームには当該タグ情報を付与せずにその転送を行う。なお、図11(A)では、フラッディングによりスイッチングエンジン部520Bが下流側へ転送するフレームの図示を省略した。 As described above, the communication terminal 40B is connected to the port having the port identifier “1” of the switching hub 50B, and the upstream port of the switching hub 50B is the port having the port identifier “4”. Therefore, the switching engine unit 520B receives the frame containing the ARP2 (that is, the processing target frame) via the downstream port, and the operation performed by the switching engine unit 520A in the operation example (B-2) described above. Perform the same operation. That is, the switching engine unit 520B performs the above-described flooding and transfers a frame with tag information indicating the port that received the processing target frame to the upstream side switching hub 50A (see FIG. 11A). The frame transferred to the downstream side is transferred without adding the tag information. In FIG. 11A, the illustration of the frame that the switching engine unit 520B transfers to the downstream side by flooding is omitted.
 スイッチングハブ50Bはスイッチングハブ50Aのポート識別子“2”のポートに接続されている。前述したようにスイッチングハブ50Aの上流側ポートはポート識別子“6”のポートであるから、本動作例においても、スイッチングエンジン部520Aは、下流側ポートを介して処理対象フレーム(ARP2を内包したフレーム)を受信する。スイッチングエンジン部520Aは動作例(B-2)にてARP1を内包したフレームを受信した場合と同様にフラッディングを行い、各ポートへ送出するフレームの各々に対してタグ情報付与/削除処理を実行する。ただし、本動作例においてスイッチングエンジン部520Aが受信する処理対象フレームの所定領域には、既にタグ情報が1つ書き込まれている点が動作例(B-2)の場合と異なる。 The switching hub 50B is connected to the port with the port identifier “2” of the switching hub 50A. As described above, since the upstream port of the switching hub 50A is the port with the port identifier “6”, also in this operation example, the switching engine unit 520A causes the processing target frame (the frame including the ARP2) via the downstream port. ). Switching engine unit 520A performs flooding in the same manner as when receiving the frame containing ARP1 in the operation example (B-2), and executes tag information addition / deletion processing for each frame sent to each port. . However, it differs from the operation example (B-2) in that one tag information is already written in a predetermined area of the processing target frame received by the switching engine unit 520A in this operation example.
 このように、本動作例においてスイッチングエンジン部520Aが受信する処理対象フレームの所定領域には既にタグ情報が1つ書き込まれているため、フラッディングにより下流側へ送出する処理対象フレームについてのステップSB210の判定結果は“Yes”になり、タグ情報の削除(ステップSB220)が実行される。これは、前述したように、下流側にタグ情報を通知する必要はないからである。一方、フラッディングにより上流側へ送出する処理対象フレームについてのステップSB230の判定結果は動作例(B-2)における場合と同様に“No”になり、ステップSB250の処理のみが実行される。ただし、この処理対象フレームには既にタグ情報が1つ付与されているため、スイッチングエンジン部520Aは、ステップSB250において当該タグ情報の移動を行った後に、当該処理対象フレームを受信したポートを示す新たなタグ情報を追記する。その結果、本動作例では、図11(A)に示すように、2つのタグ情報を有する処理対象フレームがスイッチングハブ50Aからルータ60に転送される。 As described above, since one tag information has already been written in the predetermined area of the processing target frame received by the switching engine unit 520A in this operation example, the processing of step SB210 for the processing target frame to be sent downstream by flooding is performed. The determination result is “Yes”, and tag information deletion (step SB220) is executed. This is because it is not necessary to notify the tag information downstream as described above. On the other hand, the determination result of step SB230 for the processing target frame sent to the upstream side by flooding is “No” as in the operation example (B-2), and only the processing of step SB250 is executed. However, since one tag information has already been assigned to this processing target frame, the switching engine unit 520A newly moves the tag information in step SB250 and then indicates a new port indicating the port that has received the processing target frame. Add additional tag information. As a result, in this operation example, as shown in FIG. 11A, the processing target frame having two pieces of tag information is transferred from the switching hub 50A to the router 60.
 ルータ60のルーティングエンジン部620は、スイッチングハブ50Aによって転送された処理対象フレームを受信すると、動作例(B-2)における場合と同様に接続関係管理テーブルの更新を行う。ただし、本動作例においてスイッチングハブ50Aから転送されてくる処理対象フレームの所定領域には2つのタグ情報が書き込まれているため、ルーティングエンジン部620は、図11(B)に示すようなレコードRec2を接続関係管理テーブルに登録する。このレコードRec2によって、ルータ60と、その1段下のスイッチングハブであるスイッチングハブ50Aと、さらに1段下(すなわち、ルータ60から見て2段下)のスイッチングハブであるスイッチングハブ50Bと、通信端末40Bの接続関係が表されるのである。
 以上がARP2の転送動作である。 When receiving the processing target frame transferred by the switching hub 50A, the routing engine unit 620 of the router 60 updates the connection relationship management table in the same manner as in the operation example (B-2). However, in this operation example, since two pieces of tag information are written in a predetermined area of the processing target frame transferred from the switching hub 50A, the routing engine unit 620 uses the record Rec2 as shown in FIG. Is registered in the connection relationship management table. With this record Rec2, communication is performed between the router 60, the switching hub 50A that is a switching hub one level below, and the switching hub 50B that is a switching hub one level below (that is, two levels below the router 60). The connection relationship of the terminal 40B is represented.
The above is the ARP2 transfer operation.
(B-4:ARP3の転送動作)
 次いで、通信端末40Cから送信されるARP3の転送動作について図12を参照しつつ説明する。なお、図12(A)においても、各通信装置の接続先のポートおよび通信端末40に割り当てられているMACアドレスは、図10(A)におけるものと同一である。図12(A)に示すように、通信端末40Cはスイッチングハブ50Cに接続されており、スイッチングハブ50Cはスイッチングハブ50Bに接続されている。このため、通信端末40Cから送信されたARP3(より正確には、ARP3を内包したフレーム)は、まず、スイッチングハブ50Cによって受信される。 (B-4: ARP3 transfer operation)
Next, the transfer operation of ARP3 transmitted from the communication terminal 40C will be described with reference to FIG. In FIG. 12A, the connection destination port of each communication device and the MAC address assigned to the communication terminal 40 are the same as those in FIG. As shown in FIG. 12A, the communication terminal 40C is connected to the switching hub 50C, and the switching hub 50C is connected to the switching hub 50B. For this reason, ARP3 (more precisely, a frame including ARP3) transmitted from the communication terminal 40C is first received by the switching hub 50C.
 前述したように、通信端末40Cはスイッチングハブ50Cのポート識別子“8”のポートに接続されており、このスイッチングハブ50Cの上流側ポートはポート識別子“1”のポートである。つまり、スイッチングエンジン部520Cは、下流側ポートを介して処理対象フレーム(すなわち、ARP3を内包したフレーム)を受信する。このため、スイッチングエンジン部520Cは、前述した動作例(B-2)にてスイッチングエンジン部520Aが実行した動作と同一の動作を実行する。その結果、スイッチングエンジン部520Cは、前述したフラッディングを行い、上記処理対象フレームを受信したポートを示すタグ情報を付与したフレームを上流側のスイッチングハブ50Bに転送するとともに(図12(A)参照)、下流側へ転送するフレームには当該タグ情報を付与せずにその転送を行う。なお、図12(A)では、フラッディングによりスイッチングエンジン部520Cが下流側へ転送するフレームの図示を省略した。 As described above, the communication terminal 40C is connected to the port with the port identifier “8” of the switching hub 50C, and the upstream port of the switching hub 50C is the port with the port identifier “1”. That is, the switching engine unit 520C receives the processing target frame (that is, the frame containing the ARP3) via the downstream port. Therefore, the switching engine unit 520C executes the same operation as the operation performed by the switching engine unit 520A in the above-described operation example (B-2). As a result, the switching engine unit 520C performs the above-described flooding and transfers the frame with tag information indicating the port that received the processing target frame to the upstream side switching hub 50B (see FIG. 12A). The frame transferred to the downstream side is transferred without adding the tag information. In FIG. 12A, the illustration of the frame that the switching engine unit 520C transfers to the downstream side by flooding is omitted.
 スイッチングハブ50Cはスイッチングハブ50Bのポート識別子“3”のポートに接続されている。スイッチングハブ50Bの上流側ポートはポート識別子“4”のポートであるから、スイッチングエンジン部520Bは下流側ポートを介して処理対象フレーム(ARP3を内包したフレーム)を受信する。この処理対象フレームにはスイッチングハブ50Cによってタグ情報が付与されているのであるから、スイッチングエンジン部520Bは動作例(B-3)におけるスイッチングエンジン部520Aと同一の動作を行う。その結果、本動作例では、図12(A)に示すように、2つのタグ情報(スイッチングハブ50Cによって付与されたタグ情報とスイッチングハブ50Bによって付与されたタグ情報)を有する処理対象フレームがスイッチングハブ50Bからスイッチングハブ50Aに転送される。 The switching hub 50C is connected to the port with the port identifier “3” of the switching hub 50B. Since the upstream port of the switching hub 50B is the port with the port identifier “4”, the switching engine unit 520B receives the processing target frame (a frame containing ARP3) via the downstream port. Since tag information is assigned to the processing target frame by the switching hub 50C, the switching engine unit 520B performs the same operation as the switching engine unit 520A in the operation example (B-3). As a result, in this operation example, as shown in FIG. 12A, a processing target frame having two tag information (tag information given by the switching hub 50C and tag information given by the switching hub 50B) is switched. The data is transferred from the hub 50B to the switching hub 50A.
 本動作例においても、スイッチングエンジン部520Aは、下流側ポートを介して処理対象フレーム(ARP3を内包したフレーム)を受信する。スイッチングエンジン部520Aは動作例(B-2)にてARP1を内包したフレームを受信した場合と同様にフラッディングを行い、各ポートへ送出するフレームの各々に対してタグ情報付与/削除処理を実行する。ただし、本動作例においてスイッチングエンジン部520Aが受信する処理対象フレームには、既に2つのタグ情報が付与されている点が動作例(B-2)の場合と異なる。 Also in this operation example, the switching engine unit 520A receives the processing target frame (a frame including the ARP3) via the downstream port. Switching engine unit 520A performs flooding in the same manner as when receiving the frame containing ARP1 in the operation example (B-2), and executes tag information addition / deletion processing for each frame sent to each port. . However, it differs from the operation example (B-2) in that two tag information has already been added to the processing target frame received by the switching engine unit 520A in this operation example.
 フラッディングにより下流側へ送出する処理対象フレームについては、所定領域に書き込まれているタグ情報の数が1つであるか2つであるかに関わらず、ステップSB210の判定結果は“Yes”になり、全てのタグ情報を削除する処理(ステップSB220)が実行される。一方、フラッディングにより上流側へ送出する処理対象フレームについては、既に所定数分のタグ情報が所定領域に書き込まれているため、ステップSB230の判定結果は“Yes”になり、スイッチングエンジン部520Aは、ステップSB240の処理を実行した後にステップSB250の処理を実行する。このステップSB240の処理は、受信した処理対象フレームの所定領域に書き込まれているタグ情報のうち、最も下流側のスイッチングハブ50によって付与されたもの(すなわち、所定領域の最内(末尾側)に書き込まれているもの)を削除する処理である。このステップSB240の処理が実行される結果、スイッチングハブ50Cによって付与されたタグ情報は削除される。その後、上記ステップSB250においてタグ情報の移動および新たなタグ情報の追記が行われる。結果、図12(A)に示すように、スイッチングハブ50Aによって付与されたタグ情報とスイッチングハブ50Bによって付与されたタグ情報とを有する処理対象フレームがスイッチングハブ50Aからルータ60に転送される。なお、本実施形態では、フラッディングにより上流側へ送出する処理対象フレームの所定領域に所定数分のタグ情報が既に書き込まれていた場合には、それらタグ情報のうち最内のものを削除した後に新たなタグ情報を最外に追記する処理をスイッチングハブ50に実行させた。このような態様によれば、ルータ60付近のスイッチングハブ(より正確には、ルータ60から見て2段下までのスイッチングハブ)の接続関係を正確に把握することができる。代替として、フラッディングにより上流側へ送出する処理対象フレームの所定領域に所定数分のタグ情報が書き込まれていた場合には、最内のタグ情報の削除および新たなタグ情報の追記(すなわち、ステップSB240およびSB250の処理)を行うことなく、その処理対象フレームを上流側へ転送する処理をスイッチングハブ50に実行させるようにしても良い。このような態様によれば、通信端末40付近のスイッチングハブの接続関係がルータ60において把握されることになる。このような態様においては、何れかの通信端末がコンピュータウィルスに感染し、異常なパケットが当該通信端末から送出されていることが検出された場合には、当該通信端末を接続しているスイッチングハブに対して当該通信端末が接続されているポートを閉塞する旨の指示をルータ60から与えて当該ポートを閉塞させることができ、コンピュータウィルスに感染した通信端末からの影響(或いはスイッチングハブの下流側ポートを閉塞することに起因した影響)を最小限に抑えることができる。 For the processing target frame to be transmitted downstream by flooding, the determination result in step SB210 is “Yes” regardless of whether the number of tag information written in the predetermined area is one or two. A process of deleting all tag information (step SB220) is executed. On the other hand, for the processing target frame to be sent to the upstream side by flooding, a predetermined number of pieces of tag information have already been written in the predetermined area, so the determination result in step SB230 is “Yes”, and the switching engine unit 520A After executing the process of step SB240, the process of step SB250 is executed. The processing of step SB240 is performed by adding the tag information written in the predetermined area of the received processing target frame by the switching hub 50 on the most downstream side (that is, in the innermost (end side) of the predetermined area. This is a process for deleting a written one). As a result of the processing of step SB240, the tag information given by the switching hub 50C is deleted. Thereafter, in step SB250, tag information is moved and new tag information is additionally written. As a result, as shown in FIG. 12A, the processing target frame having the tag information given by the switching hub 50A and the tag information given by the switching hub 50B is transferred from the switching hub 50A to the router 60. In this embodiment, when a predetermined number of pieces of tag information have already been written in a predetermined area of the processing target frame to be sent upstream by flooding, after deleting the innermost of the tag information The switching hub 50 is caused to execute a process of adding new tag information to the outermost portion. According to such an aspect, it is possible to accurately grasp the connection relationship of the switching hubs near the router 60 (more precisely, the switching hubs up to two stages lower than the router 60). Alternatively, when a predetermined number of pieces of tag information have been written in a predetermined area of the processing target frame to be sent upstream by flooding, deletion of the innermost tag information and addition of new tag information (ie, step The processing of transferring the processing target frame to the upstream side may be executed by the switching hub 50 without performing the processing of SB240 and SB250. According to such an aspect, the connection relationship of the switching hub near the communication terminal 40 is grasped by the router 60. In such an aspect, if any communication terminal is infected with a computer virus and it is detected that an abnormal packet is transmitted from the communication terminal, the switching hub connecting the communication terminal The router 60 can be instructed to close the port to which the communication terminal is connected, and the port can be blocked. The influence from the communication terminal infected with the computer virus (or the downstream side of the switching hub) (Effects caused by blocking ports) can be minimized.
 ルータ60のルーティングエンジン部620は、スイッチングハブ50Aによって転送された処理対象フレームを受信すると、動作例(B-3)における場合と同様に、図12(B)に示すようなレコードRec3を接続関係管理テーブルに登録する。このレコードRec3によって、ルータ60と、その1段下のスイッチングハブであるスイッチングハブ50Aと、さらに1段下(すなわち、ルータ60から見て2段下)のスイッチングハブであるスイッチングハブ50Bと、さらにその下流の(実際には、スイッチングハブ50Cを介して接続されている)通信端末40Cの接続関係が表されるのである。
 以上がARP3の転送動作である。 When receiving the processing target frame transferred by the switching hub 50A, the routing engine unit 620 of the router 60 connects the record Rec3 as shown in FIG. 12B as in the operation example (B-3). Register in the management table. By this record Rec3, the router 60, the switching hub 50A that is a switching hub one level below, the switching hub 50B that is a switching hub one level below (that is, two levels below the router 60), and The connection relationship of the communication terminal 40C downstream (actually connected via the switching hub 50C) is shown.
The above is the transfer operation of ARP3.
 以上説明したように、本実施形態によれば、ルータ60から見て2段下までのスイッチングハブとそのスイッチングハブに接続されている通信端末の接続関係を正確に表現するレコードRec1およびRec2データと、ルータ60から見て3段目以降のスイッチングハブを省略した接続関係を表すレコードRec3が接続関係管理テーブルに格納される。このため、LAN1の運用管理者は、接続関係管理テーブルの格納内容を適宜参照(例えば、接続関係管理テーブルの格納内容にしたがったツリー構造を描画させ、そのツリー構造を閲覧する等)することで、ルータ60から見て2段下までのスイッチングハブとそのスイッチングハブに接続されている通信端末の接続関係を正確に把握し、それら通信装置の運用管理や保守を迅速に行うことができる。 As described above, according to the present embodiment, the records Rec1 and Rec2 data that accurately represent the connection relationship between the switching hub up to two levels when viewed from the router 60 and the communication terminals connected to the switching hub, The record Rec3 representing the connection relationship in which the switching hubs in the third and subsequent stages as viewed from the router 60 are omitted is stored in the connection relationship management table. For this reason, the operation manager of the LAN 1 refers to the stored contents of the connection relation management table as needed (for example, draws a tree structure according to the stored contents of the connection relation management table and browses the tree structure). Therefore, it is possible to accurately grasp the connection relationship between the switching hub up to two stages when viewed from the router 60 and the communication terminal connected to the switching hub, and to quickly perform operation management and maintenance of these communication devices.
 また、ルータ60からスイッチングハブ50の遠隔制御を行う場合には、不正なアクセスを行っている通信端末が接続されているスイッチングハブのポートをその通信端末のMACアドレスと上記接続関係管理テーブルの格納内容から特定し、そのポートをルータ60からの遠隔操作で閉塞したり、そのポートのアクセスランプを明滅させたりするなどの対処を行うことが可能になる。なお、本実施形態では、ルータ60から見て3段目以降のスイッチングハブについての接続関係を直接把握することはできないが、当該3段目以降のスイッチングハブに接続されている通信端末と、ルータ60から見て2段下までのスイッチングハブとの接続関係を把握することができるため、これらを手掛かりに3段目のスイッチングハブを特定しその運用管理および保守を行ってもよく、また不正アクセスに対しては2段目のスイッチングハブの遠隔操作を行うことで被害を食い止めることができる。 When remote control of the switching hub 50 is performed from the router 60, the port of the switching hub to which the communication terminal performing unauthorized access is connected is stored in the MAC address of the communication terminal and the connection relation management table. It is possible to take measures such as specifying the contents and closing the port by remote control from the router 60 or blinking the access lamp of the port. In this embodiment, it is impossible to directly grasp the connection relationship of the third and subsequent switching hubs as viewed from the router 60, but the communication terminal connected to the third and subsequent switching hubs, and the router Because it is possible to grasp the connection relationship with the switching hub up to two stages as viewed from 60, it is possible to identify the third-stage switching hub using these as a clue, and to manage and maintain it. However, the damage can be stopped by remotely operating the second switching hub.
 加えて、本実施形態では、SNMPマネージャのような新たなコンピュータ装置を導入する必要はないため大幅なコストの増加を招くことはない。また、本実施形態では、予め定められた種類のパケット(ARPパケット)のみを処理対象とするため、SNMPを利用して接続関係の把握を行う従来技術に比較してスイッチングハブ50に過大な処理負荷がかかることもない。つまり、本実施形態によれば、ルータ60の配下の通信ネットワークに含まれている各通信装置の接続関係を、それら通信装置に過大な負荷をかけることなく、かつ低コストで把握することが可能になるのである。 In addition, in this embodiment, since it is not necessary to introduce a new computer device such as an SNMP manager, there is no significant increase in cost. In the present embodiment, since only predetermined types of packets (ARP packets) are processed, excessive processing is performed in the switching hub 50 as compared with the conventional technique in which the connection relation is grasped using SNMP. There is no load. That is, according to the present embodiment, it is possible to grasp the connection relationship of each communication device included in the communication network under the router 60 without applying an excessive load on the communication device and at low cost. It becomes.
(C:変形)
 以上、本発明の実施形態について説明したが、この実施形態を以下のように変形しても良い。
(1)上述した実施形態では、ルータ60のMACアドレスを取得するためのARPパケットを処理対象パケットとした。しかし、本発明における処理対象パケットは、ARPパケットに限定されるものではなく、DHCP(Dynamic Host Configuration Protocol)によるIPアドレスの割り当てを要求するパケットやWindows(登録商標)等におけるファイル共有のためのパケットであっても良い。要は、スイッチングハブ50にポートの接続状態を示す情報を取得させることができる種類のパケットであって、通信端末の電源が投入された直後、または通信端末が通信ネットワークに接続された直後に送信される可能性の高いパケットであれば良い。このような種類のパケットを処理対象パケットとして定めておけば、通信端末の電源投入(または通信端末の通信ネットワークへの接続)から時間を置くことなく迅速にその通信端末とルータとの間の通信路についての接続関係を示すデータを生成することができるからである。また、処理対象パケットとしてDHCPによるIPアドレスの割り当てを要求するパケットやWindows(登録商標)等におけるファイル共有のためのパケットを用いる態様においては各通信装置を識別するための識別子として人間にとって識別が容易なIPアドレスやコンピュータ名をMACアドレスの代わりに用いることができる、といった利点もある。 (C: deformation)
As mentioned above, although embodiment of this invention was described, you may deform | transform this embodiment as follows.
(1) In the above-described embodiment, the ARP packet for acquiring the MAC address of the router 60 is the processing target packet. However, the processing target packet in the present invention is not limited to the ARP packet, but a packet for requesting IP address assignment by DHCP (Dynamic Host Configuration Protocol) or a packet for file sharing in Windows (registered trademark) or the like. It may be. In short, it is a type of packet that allows the switching hub 50 to acquire information indicating the connection state of the port, and is transmitted immediately after the communication terminal is turned on or immediately after the communication terminal is connected to the communication network. Any packet that is highly likely to be transmitted may be used. If this type of packet is defined as a packet to be processed, communication between the communication terminal and the router can be performed quickly without taking any time from power-on of the communication terminal (or connection of the communication terminal to the communication network). This is because it is possible to generate data indicating the connection relationship for the road. Further, in an aspect in which a packet requesting IP address assignment by DHCP or a file sharing packet in Windows (registered trademark) or the like is used as a processing target packet, it is easy for humans to identify as an identifier for identifying each communication device. There is also an advantage that a simple IP address or computer name can be used instead of the MAC address.
(2)上述した実施形態では、各スイッチングハブ50が処理対象パケットを受信した下流側のポートをルータ60に通知するためのタグ情報として、MACフレームの所定領域に書き込むVLANタグを用いた。ここで上記タグ情報としてVLANタグを用いたのは、データ通信技術における一般仕様であり、多くの通信装置がこの仕様に準拠している(換言すれば、特段の問題を引き起こさない)と考えられるからである。しかし、新たなタグ情報の仕様(データサイズやフレームへの書き込み領域等)を独自に定めることも考えられない訳ではない。このような態様によれば、処理対象フレームに付与するタグ情報の最大数を2よりも大きくすることや、ポート識別子とともにスイッチングハブ50を示す識別子をタグ情報として付与すること、或いはタグ情報の書き込み先となる領域の大きさを可変とし、処理対象フレームに付与可能なタグ情報の数についての制限を撤廃することが可能になるといった利点があるからである。しかし、その一方、当該独自仕様に対応していないスイッチングハブがLANに含まれていた場合に、その独自仕様にしたがったタグ情報を付与したフレームがそのスイッチングハブにて破棄される虞があるといった点に留意する必要がある。また、上述した実施形態では、処理対象フレームの所定領域の最外に最も上流側のスイッチングハブ50のタグ情報が書き込まれ、内側に向うほど下流側のスイッチングハブ50のタグ情報が書き込まれるようにしたが、その書込み順は逆順であっても勿論良い。 (2) In the above-described embodiment, the VLAN tag written in a predetermined area of the MAC frame is used as tag information for notifying the router 60 of the downstream port from which each switching hub 50 has received the processing target packet. Here, the VLAN tag is used as the tag information because it is a general specification in data communication technology, and it is considered that many communication devices comply with this specification (in other words, it does not cause a particular problem). Because. However, it is not unthinkable to uniquely define new tag information specifications (data size, frame write area, etc.). According to such an aspect, the maximum number of tag information to be assigned to the processing target frame is set to be larger than 2, an identifier indicating the switching hub 50 together with the port identifier is assigned as tag information, or tag information is written. This is because there is an advantage that the size of the previous area can be made variable and the restriction on the number of tag information that can be given to the processing target frame can be eliminated. However, on the other hand, if the LAN includes a switching hub that does not support the original specification, the switching hub may discard the frame to which the tag information according to the original specification is attached. It is necessary to keep this in mind. In the above-described embodiment, tag information of the upstream switching hub 50 is written at the outermost part of the predetermined region of the processing target frame, and tag information of the downstream switching hub 50 is written toward the inner side. However, the writing order may of course be reverse.
(3)上述した実施形態では、本発明のスイッチングハブの特徴を顕著に示す上流側ポート特定処理およびフレーム転送制御処理(タグ情報付与/削除処理を含む)をソフトウェアで実現したが、これら各処理をハードウェアで実現しても良い。例えば、上流側ポート特定処理およびフレーム転送制御処理(タグ情報付与/削除処理を含む)を実行するASICでスイッチングエンジン部520を構成すれば良い。同様に、ルータ60のルーティングエンジン部620を、ルータ検索パケット応答処理、パケット転送制御処理およびタイマ処理を実行するASICで構成しても良い。 (3) In the above-described embodiment, the upstream port specifying process and the frame transfer control process (including the tag information adding / deleting process) that clearly show the features of the switching hub of the present invention are implemented by software. May be realized by hardware. For example, the switching engine unit 520 may be configured by an ASIC that executes upstream port specifying processing and frame transfer control processing (including tag information addition / deletion processing). Similarly, the routing engine unit 620 of the router 60 may be configured by an ASIC that executes router search packet response processing, packet transfer control processing, and timer processing.
(4)上述した実施形態のフレーム転送制御処理では、条件(a)を満たすか否かの判定(図4:ステップSB100)を行った後に条件(b)を満たすか否かの判定(図4:ステップSB110)を行ったが、これら判定処理の順序を入れ替えても良く、また、条件(a)と条件(b)とを同時に満たすか否かの判定を上記2つの判定に換えて行うようにしても良い。 (4) In the frame transfer control process according to the above-described embodiment, after determining whether or not the condition (a) is satisfied (FIG. 4: Step SB100), determining whether or not the condition (b) is satisfied (FIG. 4). : Step SB110) is performed, however, the order of these determination processes may be changed, and the determination as to whether or not the conditions (a) and (b) are satisfied simultaneously is performed instead of the above two determinations. Anyway.
(5)上述した実施形態では、上流側ポート特定処理およびフレーム転送制御処理(タグ情報付与/削除処理を含む)をスイッチングハブ50のスイッチングエンジン部520に実行させるためのファームウェア(プログラム)が予め同スイッチングハブ50の記憶部530に記憶されていた。しかし、CD-ROM(Compact Disk-Read Only Memory)などのコンピュータ読み取り可能な記録媒体に当該プログラムを書き込んで配布しても良く、また、インターネットなどの電気通信回線経由のダウンロードにより当該プログラムを配布しても良い。このようにして配布されるプログラムよって既存のスイッチングハブのファームウェアを書き換えることで、スイッチングハブ50と同一の機能を既存のスイッチングハブに付与することが可能になるからである。同様に、ルータ検索パケット応答処理、パケット転送制御処理およびタイマ処理の各処理をルータ60のルーティングエンジン部620に実行させるためのファームウェア(プログラム)についても、コンピュータ読み取り可能な記録媒体に書き込んで配布しても良く、インターネットなどの電気通信回線経由のダウンロードにより配布しても良い。このようにして配布されるプログラムによって既存のルータのファームウェアを書き換えることで、ルータ60と同一の機能を既存のルータに付与することが可能になるからである。 (5) In the above-described embodiment, the firmware (program) for causing the switching engine unit 520 of the switching hub 50 to execute the upstream port specifying process and the frame transfer control process (including the tag information addition / deletion process) is the same in advance. It was stored in the storage unit 530 of the switching hub 50. However, the program may be distributed by writing it on a computer-readable recording medium such as a CD-ROM (Compact Disk-Read Memory), or by distributing it via a telecommunication line such as the Internet. May be. This is because, by rewriting the firmware of the existing switching hub by the program distributed in this way, the same function as the switching hub 50 can be given to the existing switching hub. Similarly, the firmware (program) for causing the routing engine unit 620 of the router 60 to execute the router search packet response process, the packet transfer control process, and the timer process is written and distributed on a computer-readable recording medium. It may be distributed by downloading via a telecommunication line such as the Internet. This is because the same function as the router 60 can be given to the existing router by rewriting the firmware of the existing router by the program distributed in this way.
 1…LAN、40A,40B,40C…通信端末、50A,50B,50C…スイッチングハブ、60…ルータ、510,610…通信I/F部、520…スイッチングエンジン部、620…ルーティングエンジン部、530,630…記憶部。 DESCRIPTION OF SYMBOLS 1 ... LAN, 40A, 40B, 40C ... Communication terminal, 50A, 50B, 50C ... Switching hub, 60 ... Router, 510, 610 ... Communication I / F part, 520 ... Switching engine part, 620 ... Routing engine part, 530, 630 ... Storage unit.

Claims (5)

  1.  ルータと、前記ルータの配下のネットワークに含まれる複数のスイッチングハブとを含む通信システムにおいて、
     前記複数のスイッチングハブの各々は、
     各々にルータ、または他のスイッチングハブ、または通信端末が接続される複数のポートを有しており、
     前記通信ネットワークに当該スイッチングハブが接続されたこと、または当該スイッチングハブの電源が投入されたことを契機として前記複数のポートのうち前記ルータまたは前記ルータ側の他のスイッチングハブに接続されている上流側ポートを特定する第1の処理と、
     通信端末からルータへ宛てて送信されたパケットを内包したフレームを前記上流側ポートとは異なるポートを介して受信し、かつ、当該フレームに内包されているパケットが予め定められた種類のものである場合には、当該フレームを上流側へ転送する際に当該フレームを受信したポートを示すタグ情報を当該フレームの所定領域に追記して転送する第2の処理と、を実行するよう構成され、
     前記ルータは、
     前記所定領域にタグ情報が書き込まれているフレームを受信した場合に、当該タグ情報からそのフレームの転送に関わったスイッチングハブとそのフレームの送信元の通信端末の接続関係を示すデータを生成して記憶する第3の処理を実行するよう構成される
     ことを特徴とする通信システム。     In a communication system including a router and a plurality of switching hubs included in a network under the router,
    Each of the plurality of switching hubs is
    Each has a plurality of ports to which a router, other switching hub, or communication terminal is connected,
    Upstream connected to the router or another switching hub on the router side among the plurality of ports when the switching hub is connected to the communication network or the switching hub is powered on A first process for identifying a side port;
    A frame including a packet transmitted from a communication terminal to a router is received via a port different from the upstream port, and the packet included in the frame is of a predetermined type. In this case, when transferring the frame to the upstream side, it is configured to execute a second process of adding tag information indicating a port that has received the frame to a predetermined area of the frame and transferring the tag information.
    The router
    When a frame in which tag information is written in the predetermined area is received, data indicating the connection relationship between the switching hub involved in the transfer of the frame and the communication terminal that is the transmission source of the frame is generated from the tag information. A communication system configured to execute a third process to be stored.
  2.  前記複数のスイッチングハブの各々は、前記第2の処理において当該スイッチングハブについてのタグ情報を追記しようとするフレームの所定領域に所定数分のタグ情報が既に書き込まれていた場合には、最も下流側のスイッチングハブによって書き込まれたタグ情報を削除した後に当該スイッチングハブについてのタグ情報を追記することを特徴とする請求項1に記載の通信システム。 Each of the plurality of switching hubs is most downstream when a predetermined number of tag information has already been written in a predetermined area of a frame to which tag information about the switching hub is to be added in the second processing. The communication system according to claim 1, wherein the tag information about the switching hub is added after the tag information written by the switching hub on the side is deleted.
  3.  前記複数のスイッチングハブの各々は、前記第2の処理において当該スイッチングハブについてのタグ情報を追記しようとするフレームの所定領域に所定数分のタグ情報が既に書き込まれていた場合には、当該スイッチングハブについてのタグ情報を追記することなく上流側へフレームを転送すること特徴とする請求項1に記載の通信システム。 If each of the plurality of switching hubs has already written a predetermined number of tag information in a predetermined area of a frame to which tag information about the switching hub is to be added in the second processing, the switching hub The communication system according to claim 1, wherein the frame is transferred upstream without adding tag information about the hub.
  4.  各々他の通信装置に接続される複数のポートと、
     当該スイッチングハブの電源が投入されたこと、または当該スイッチングハブが通信ネットワークに接続されたことを契機として、前記複数のポートのうちルータまたはルータ側の他のスイッチングハブに接続されている上流側ポートを特定する上流側ポート特定手段と、
     前記上流側ポートとは異なるポートを介して予め定められた種類のパケットを内包したフレームを受信し、当該フレームを上流側へ転送する場合には、当該フレームを受信したポートを示すタグ情報を当該フレームの所定領域に追記して転送するタグ情報付与手段と、
     を有することを特徴とするスイッチングハブ。     A plurality of ports each connected to another communication device;
    Upstream port connected to a router or another switching hub on the router side among the plurality of ports when the switching hub is powered on or connected to a communication network Upstream port identification means for identifying
    When receiving a frame containing a predetermined type of packet via a port different from the upstream port and transferring the frame to the upstream side, tag information indicating the port that received the frame is Tag information giving means for additionally writing in a predetermined area of the frame and transferring,
    A switching hub comprising:
  5.  通信端末から当該ルータへ宛てて送信されたパケットを内包したフレームの転送制御を行う複数のスイッチングハブであって、予め定められた種類のパケットを内包したフレームを受信した場合に当該フレームを受信したポートを示すタグ情報を当該フレームの所定領域に追記して転送する処理を各々実行する複数のスイッチングハブを含む通信ネットワークに接続されるルータであって、
     前記タグ情報が前記所定領域に書き込まれたフレームを受信した場合に、当該タグ情報からそのフレームの転送に関わったスイッチングハブとそのフレームの送信元の通信端末の接続関係を示すデータを生成して記憶するための記憶部を有する
     ことを特徴とするルータ。     A plurality of switching hubs that control transfer of frames containing packets sent from the communication terminal to the router, and received the frames when receiving frames containing packets of a predetermined type. A router connected to a communication network including a plurality of switching hubs each for executing a process of adding and transferring tag information indicating a port to a predetermined area of the frame;
    When the frame in which the tag information is written in the predetermined area is received, data indicating the connection relationship between the switching hub involved in the transfer of the frame and the communication terminal that is the transmission source of the frame is generated from the tag information. A router having a storage unit for storing.
PCT/JP2011/056391 2010-03-19 2011-03-17 Communication system, switching hub, and router WO2011115209A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201180014741.XA CN102804703B (en) 2010-03-19 2011-03-17 Communication system, switch hub and router

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
JP2010-064448 2010-03-19
JP2010064448 2010-03-19
JP2010222120A JP5720162B2 (en) 2010-03-19 2010-09-30 Communication system, switching hub, and router
JP2010-222120 2010-09-30

Publications (1)

Publication Number Publication Date
WO2011115209A1 true WO2011115209A1 (en) 2011-09-22

Family

ID=44649292

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2011/056391 WO2011115209A1 (en) 2010-03-19 2011-03-17 Communication system, switching hub, and router

Country Status (3)

Country Link
JP (1) JP5720162B2 (en)
CN (1) CN102804703B (en)
WO (1) WO2011115209A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103312617A (en) * 2012-03-06 2013-09-18 索尼公司 Router and method of supplying power to memory unit in the same

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2015073233A (en) * 2013-10-04 2015-04-16 アズビル株式会社 Switching hub
JP6771855B2 (en) 2014-06-02 2020-10-21 ヤマハ株式会社 Relay device and program
JP2019017123A (en) * 2018-11-06 2019-01-31 ヤマハ株式会社 Repeating installation and program
JP6889196B2 (en) * 2019-03-15 2021-06-18 矢崎総業株式会社 Vehicle communication system

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH10262072A (en) * 1997-01-14 1998-09-29 Yazaki Corp Transmitting device, receiving device, and communication device, communication method, and communication system
JPH10511835A (en) * 1995-12-04 1998-11-10 エアロネット ワイヤレス コミュニケーションズ,インコーポレイテッド Cellular communication system in which data transmission parameters are dynamically changed
JPH11150553A (en) * 1997-11-17 1999-06-02 Nec Corp Switching hub with virtual lan function
JP2000049827A (en) * 1994-08-31 2000-02-18 Toshiba Corp Network node device, packet transfer method, network connection device and network system

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH0865333A (en) * 1994-08-26 1996-03-08 Matsushita Electric Works Ltd Recognition method of hub constitution
JP3224963B2 (en) * 1994-08-31 2001-11-05 株式会社東芝 Network connection device and packet transfer method
CN1238991C (en) * 2002-03-28 2006-01-25 华为技术有限公司 Network topology information acquisition method
JP4587446B2 (en) * 2003-08-07 2010-11-24 キヤノン株式会社 NETWORK SYSTEM, SWITCH DEVICE, ROUTE MANAGEMENT SERVER, ITS CONTROL METHOD, COMPUTER PROGRAM, AND COMPUTER-READABLE STORAGE MEDIUM
WO2007076621A1 (en) * 2005-12-30 2007-07-12 Zte Corporation A method for automatic exchanger topology discovery in ethernet network
WO2009144834A1 (en) * 2008-05-30 2009-12-03 株式会社アドバンテスト Testing equipment and transmitter

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2000049827A (en) * 1994-08-31 2000-02-18 Toshiba Corp Network node device, packet transfer method, network connection device and network system
JPH10511835A (en) * 1995-12-04 1998-11-10 エアロネット ワイヤレス コミュニケーションズ,インコーポレイテッド Cellular communication system in which data transmission parameters are dynamically changed
JPH10262072A (en) * 1997-01-14 1998-09-29 Yazaki Corp Transmitting device, receiving device, and communication device, communication method, and communication system
JPH11150553A (en) * 1997-11-17 1999-06-02 Nec Corp Switching hub with virtual lan function

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103312617A (en) * 2012-03-06 2013-09-18 索尼公司 Router and method of supplying power to memory unit in the same

Also Published As

Publication number Publication date
JP5720162B2 (en) 2015-05-20
JP2011217342A (en) 2011-10-27
CN102804703B (en) 2015-10-14
CN102804703A (en) 2012-11-28

Similar Documents

Publication Publication Date Title
RU2523917C2 (en) Communication control system and communication control method
JP5621778B2 (en) Content-based switch system and content-based switch method
JP5304947B2 (en) COMMUNICATION SYSTEM, CONTROL DEVICE, NODE CONTROL METHOD, AND PROGRAM
WO2012053540A1 (en) Communication system, control apparatus, configuration method for processing rules, and program
WO2011087085A1 (en) Calculator, network connection switching method, and program
EP2493128A1 (en) Communication system, flow control apparatus, flow table updating method and program
WO2011118566A1 (en) Packet transfer system, control apparatus, transfer apparatus, method of creating processing rules, and program
JP5720162B2 (en) Communication system, switching hub, and router
JP2014533001A (en) Transfer device control device, transfer device control method, communication system, and program
WO2021088433A1 (en) Message processing method, device and system
JPWO2012081631A1 (en) Switching device, host device, network, and packet transfer method
US10412047B2 (en) Method and system for network traffic steering towards a service device
WO2018142935A1 (en) Communication system, communication control method, and communication program
JP6079348B2 (en) Switch device, switch device control method, and network system
JP4925130B2 (en) Communication control method and system
JP5747997B2 (en) Control device, communication system, virtual network management method and program
WO2014126094A1 (en) Communication system, communication method, control device, and control device control method and program
JP5962786B2 (en) Communication system, switching hub, and router
JP5750933B2 (en) Communication system, switching hub, router and program
JP6330814B2 (en) COMMUNICATION SYSTEM, CONTROL INSTRUCTION DEVICE, COMMUNICATION CONTROL METHOD, AND PROGRAM
JP4485875B2 (en) Storage connection changing method, storage management system and program
WO2014172869A1 (en) Method, device and system for communication in virtual local area network
US20150334016A1 (en) Relay device
US20120233431A1 (en) Relay device
WO2015146215A1 (en) Network address translation device, network address translation system, network address translation method, and computer-readable recording medium

Legal Events

Date Code Title Description
WWE Wipo information: entry into national phase

Ref document number: 201180014741.X

Country of ref document: CN

121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 11756393

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 11756393

Country of ref document: EP

Kind code of ref document: A1