WO2012122709A1 - Method for intercommunicating between location-and-identity-separation network and internet, and intercommunication network thereof - Google Patents

Method for intercommunicating between location-and-identity-separation network and internet, and intercommunication network thereof Download PDF

Info

Publication number
WO2012122709A1
WO2012122709A1 PCT/CN2011/071863 CN2011071863W WO2012122709A1 WO 2012122709 A1 WO2012122709 A1 WO 2012122709A1 CN 2011071863 W CN2011071863 W CN 2011071863W WO 2012122709 A1 WO2012122709 A1 WO 2012122709A1
Authority
WO
WIPO (PCT)
Prior art keywords
identity
network
internet
terminal
address
Prior art date
Application number
PCT/CN2011/071863
Other languages
French (fr)
Chinese (zh)
Inventor
黄兵
刘韫晖
Original Assignee
中兴通讯股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中兴通讯股份有限公司 filed Critical 中兴通讯股份有限公司
Priority to PCT/CN2011/071863 priority Critical patent/WO2012122709A1/en
Publication of WO2012122709A1 publication Critical patent/WO2012122709A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/10Mapping addresses of different types
    • H04L61/103Mapping addresses of different types across network layers, e.g. resolution of network layer into physical layer addresses or address resolution protocol [ARP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0407Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the identity of one or more communicating identities is hidden
    • H04L63/0421Anonymous communication, i.e. the party's identifiers are hidden from the other party or parties, e.g. using an anonymizer

Definitions

  • the present invention relates to the field of communications, and more particularly to a method and an interworking network for interworking between an identity location separation network and the Internet.
  • IP addresses have dual attributes of identity and location and are the root cause of the Internet's inability to support mobility.
  • identity attribute of the terminal the IP address cannot be changed during the terminal movement. If it changes, the upper layer service connection such as TCP and UDP will be interrupted as the address changes.
  • location attribute of the terminal the IP address must be in the process of terminal movement. Change (the address must have the current subnet prefix). If it does not change, the router cannot forward the packet to the terminal correctly.
  • Change the address must have the current subnet prefix
  • the mobile terminal Since the IP address must contain the location attribute of the terminal, the mobile terminal cannot be assigned a fixed IP address, so it is impossible to determine the identity of an attacker such as a hacker based on the IP address on the Internet. This is the root cause of the unresolved security issues such as attacks, fraud, and abuse on the Internet.
  • next-generation network technologies based on identity and location separation, such as LISP, HIP, Six/one, integrated networks and so on.
  • a common feature of these technologies is the introduction of two coding spaces, one representing the identity of the terminal and one representing the location of the terminal.
  • Each terminal has both an identity code and a location code.
  • the upper layer service connection such as TCP and UDP is based on the identity code of the terminal and establishes a communication connection with the peer.
  • TCP and UDP is based on the identity code of the terminal and establishes a communication connection with the peer.
  • TCP and UDP is based on the identity code of the terminal and establishes a communication connection with the peer.
  • TCP and UDP is based on the identity code of the terminal and establishes a communication connection with the peer.
  • the terminal moves, its position code changes, but its identity code remains unchanged. Therefore, the movement of the terminal does not cause interruption of the upper layer service.
  • each terminal can be assigned a fixed identity code as the identity between the
  • identity location separation network next-generation Internet
  • identity location separation network The construction, promotion, and popularization of the next-generation Internet (hereinafter referred to as identity location separation network) based on identity and location separation will take a long time, and the identity location separation network and the traditional Internet will exist simultaneously in a long period of time. Therefore, the two networks need to communicate.
  • the identity separation network and the traditional Internet intercommunication mean that the identity location separation network terminal and the traditional Internet terminal can communicate with each other.
  • the identity location separation network terminal can access the services provided by the traditional Internet, and the traditional Internet terminal can also access the service of the identity location separation network.
  • the interworking problem between networks based on different terminal distinctive identifiers remains to be solved.
  • the present invention provides an interworking method for an identity location separation network and an Internet.
  • the identity location separation network uses an identity code to distinguish a terminal, and the Internet uses an IP address to distinguish a terminal.
  • the method includes: the identity location separation
  • the network sends packets to the Internet in the following ways:
  • the identity location separation network sends an identity location separation network data packet to the interworking gateway, where the source address is an identity code of the identity location separation network terminal, and the destination address is an identity code of the network terminal separating the network at the identity location;
  • the interworking gateway Receiving, by the interworking gateway, the identity location separation network data packet sent by the identity location separation network, and converting the identity location separation network data packet into an internet data packet, including converting the source address into the identity location Separating the IP address of the network terminal from the Internet to convert the destination address to the IP address of the Internet terminal; after the data packet is converted, the interworking gateway sends the Internet data packet to the Internet;
  • the Internet receives an internet data packet sent by the interworking gateway.
  • the method further includes: the Internet separating the network from the identity location by: Send the packet:
  • the Internet sends an Internet data packet to the interworking gateway, where the source address is an IP address of the Internet terminal, and the destination address is an IP address of the Internet where the identity location is separated from the network terminal;
  • the interworking gateway Receiving, by the interworking gateway, the Internet data packet sent by the Internet; and converting the Internet data packet into an identity location separation network data packet, including converting the source address into the network terminal in an identity location separation network Identity code, the destination address is converted into an identity code of the identity location separation network terminal; after the data packet is converted, the interworking gateway sends the identity location separation network data packet to the identity location separation network;
  • the identity location separation network receives the identity location separation network data packet sent by the interworking gateway.
  • the interworking gateway before receiving the identity location to separate the network data packet or the Internet data packet, the interworking gateway further allocates the identity code to the Internet terminal, allocates the IP address to the identity location separation network terminal, and saves the location Determining an IP address of the Internet terminal and the identity location separation network terminal and an identity coding conversion item; when converting the received identity location separation data packet or the Internet data packet, the interworking gateway is converted according to the identifier The item is encoded with an identity code and an IP address.
  • the method further includes: designating a part of the identity code space of the identity location separation network as an interworking identity coding space, and the identity code of the Internet terminal in the identity location separation network is the interworking identity coding space. Interworking identity code; and, designating a part of the IP address space of the Internet as an interworking IP address space, where the IP address of the identity location separation network terminal in the Internet is an interworking IP address of the interworking IP address space;
  • the identity location separation network or the Internet is routed to the interworking gateway by determining that the destination address of the data packet is an interworking identity code or an interworking IP address.
  • the identity coding is a coding in a 32-bit binary format, and an identity coding space of the identity location separation network overlaps with an IP address space of the Internet.
  • the present invention further provides an interworking network, where the interworking network includes an identity location separation network, an Internet, and a mutual connection between the identity location separation network and the Internet. Gateway, where:
  • the identity location separation network distinguishes the terminal by using an identity code, and is configured to: send an identity location separation network data packet to the interworking gateway, where the source address is an identity code of the identity location separation network terminal, and the destination address is an identity of the Internet terminal.
  • the identity code of the location separation network is configured to: send an identity location separation network data packet to the interworking gateway, where the source address is an identity code of the identity location separation network terminal, and the destination address is an identity of the Internet terminal.
  • the interworking gateway includes a transceiver module and a conversion module that are connected to each other, wherein the transceiver module is configured to receive an identity location separation network data packet sent by the identity location separation network, and send the converted Internet data packet to the Internet;
  • the conversion module is configured to convert the identity location separation network data packet into the internet data packet, including converting the source address into an IP address of the identity location separation network terminal on the Internet, and converting the destination address into an internet address The IP address of the terminal;
  • the Internet uses an IP address to distinguish the terminal and is configured to receive the Internet data packet sent by the interworking gateway.
  • the Internet is further configured to: send an Internet data packet to the interworking gateway, where the source address is an IP address of the Internet terminal, and the destination address is an IP address of the Internet where the identity location is separated from the network terminal;
  • the transceiver module of the interworking gateway is further configured to receive the Internet data packet sent by the Internet and send the converted identity location separation network data packet to the identity location separation network; the conversion module is further configured to: Converting the Internet data packet into an identity location separation network data packet, comprising: converting the source address into an identity code of the Internet terminal separating the network in the identity location, and converting the destination address into an identity code of the identity location separation network terminal;
  • the identity location separation network is further configured to receive the identity location separation network data packet sent by the interworking gateway.
  • the interworking gateway further includes an identifier allocation module connected to the conversion module, the identifier assignment module is configured to: assign an identity code of the network to the identity terminal in the identity location, and separate the network for the identity location Assigning, by the terminal, an IP address of the Internet, and storing an identifier of the IP address and the identity code of the Internet terminal and the identity location separation network terminal; the conversion module is configured to separate the network data packet from the identity location or When the Internet data packet is converted, the identity encoding and the IP address are converted according to the identifier conversion item.
  • the identity location separation network is further configured to: specify a part of the identity coding space as an interworking identity coding space, and the identity code of the Internet terminal in the identity location separation network is an interworking identity of the interworking identity coding space.
  • the Internet is further configured to: specify a part of the IP address space as an interworking An IP address space, where the IP address of the network terminal in the Internet is an interworking IP address of the interworking IP address space, and when the Internet data packet is sent to the interworking gateway, the destination address is determined to be interworking.
  • the IP address is routed to the interworking gateway.
  • the identity coding is a coding in a 32-bit binary format, and an identity coding space of the identity location separation network overlaps with an IP address space of the Internet.
  • the present invention further provides another interworking network, where the interworking network includes an identity location separation network, an Internet, and an interworking gateway connecting the identity location separation network and the Internet, where:
  • the identity location separation network uses the identity code as the terminal identity identifier, and is configured to implement communication between the identity location separation network terminals and to communicate with the Internet through the interworking gateway;
  • the Internet uses the IP address as the terminal distinguishing identifier, and is configured to communicate with the identity location separation network through the interworking gateway;
  • the interworking gateway is configured to: assign an identity code to the Internet terminal, assign an IP address to the identity location separation network terminal, save an identity conversion item of the identity code and the IP address, and implement terminal differentiated identity conversion and identity according to the identity conversion item.
  • the location separates the data forwarding between the network and the Internet.
  • the identity location separation network is further configured to: specify a part of the identity coding space as an interworking identity coding space, and the identity code assigned by the interworking gateway to the Internet terminal is the interworking identity code;
  • the method is configured to: designate a part of the IP address space as an interworking IP address space, and the IP address allocated by the interworking gateway for the identity location separation network terminal is the interworking IP address.
  • the identity code is a code in a 32-bit binary format, and the identity location is separated
  • the identity coding space of the network overlaps with the IP address space of the Internet.
  • the present invention further provides another interworking gateway, where the interworking gateway is connected to an identity location separation network and an Internet, to implement communication between the identity location separation network and the Internet, the identity The location separation network uses the identity code as the terminal difference identifier, and the Internet uses the IP address as the terminal difference identifier, and the interworking gateway includes the transceiver module and the conversion module that are connected to each other, where:
  • the transceiver module is configured to: receive an identity location separation network data packet sent by the identity location separation network, and send the converted Internet data packet to the Internet; and receive the Internet data packet sent by the Internet
  • the identity location separation network sends the converted identity location separation network data packet
  • the converting module is configured to: convert the identity location separated network data packet received by the transceiver module into the internet data packet, including converting the identity code into the IP address; and receiving the transceiver module Converting the Internet data packet into an identity location separation network data packet includes converting the IP address to the identity code.
  • the interworking gateway further includes an identifier allocation module that is connected to the conversion module, and the identifier distribution module is configured to: allocate an interworking identity code of the interworking identity coding space to the internet terminal, and separate the network for the identity location
  • the terminal allocates an interworking IP address of the interworking IP address space, and stores an IP address of the Internet terminal and an assigned identity conversion item of the interworking identity code, and an entry; wherein the interworking identity coding space is an identity of the identity location separation network a designated part of the coding space, the interworking IP address space is a designated part of the IP address space of the Internet;
  • the conversion module is configured to perform identity coding and IP address conversion according to the identifier conversion item saved by the identifier allocation module .
  • the identity coding is a coding in a 32-bit binary format, and an identity coding space of the identity location separation network overlaps with an IP address space of the Internet.
  • the present invention further provides a method for interworking between a first network and a second network, where the first network and the second network use terminal identifiers that overlap in the coding space, and are connected through an interworking gateway.
  • Methods include: The interworking gateway allocates the terminal identifier of the second network to the first network terminal, allocates the terminal identifier of the first network to the second network terminal, and establishes an identifier conversion item corresponding to the allocated terminal identifier; the interworking gateway receives the first network Or a data packet sent by the second network, where the source address and the destination address are terminal identifiers of the first network terminal and the second network terminal in the first network or the second network as the source network;
  • Converting, by the interworking gateway, the received data packet comprising: converting the source address and the destination address according to the identifier conversion item into a terminal identifier of the first network terminal and the second network terminal in the second network or the first network as the destination network;
  • the interworking gateway transmits the converted data packet to the second network or the first network as the destination network.
  • the present invention further provides an interworking network, where the interworking network includes a first network, a second network, and an interworking gateway connecting the first network and the second network, where:
  • the first network is configured to send a data packet to the interworking gateway or receive a data packet sent by the interworking gateway, where the source address and the destination address of the sent or received data packet are the first network terminal and the second network terminal in the first network terminal.
  • the second network uses the terminal identifier of the coding space overlapping with the coding space of the first network, and is configured to send a data packet to the interworking gateway or receive a data packet sent by the interworking gateway, and the source address and the destination address of the data packet sent or received.
  • the interworking gateway is configured to: allocate a terminal identifier of the second network to the first network terminal, allocate a terminal identifier of the first network to the second network terminal, and establish an identifier conversion item corresponding to the allocated terminal identifier; receive the first network Or the data packet sent by the second network, and converting the received data packet, including converting the source address and the destination address of the data packet into the first network terminal and the second network terminal according to the identifier conversion item as the second network as the destination network a network or a terminal identifier in the first network; and transmitting the converted data packet to the second network or the first network as the destination network.
  • the method, the interworking network and the interworking gateway of the present invention exchange the data packets that need to be interworked through the interworking gateway, and realize the interworking between the terminals of the two networks identified by different terminals, specifically the source and destination addresses of the received data packets.
  • the source network terminal identifier is converted to the destination network terminal identifier, the pin
  • the identity code of the identity location separation network is encoded in a 32-bit binary format, overlaps with the IP address space, and is compatible with the traditional Internet terminal, and is divided in the identity coding space.
  • the interworking IP code space for interworking is divided into the interworking IP address space for interworking in the IP address space, which facilitates route design and judgment.
  • all destination addresses are interworking IP addresses.
  • the data packets are all routed to the interworking gateway.
  • all the data packets with the destination address being the interworking AID are routed to the interworking gateway through the route design.
  • FIG. 1 is a schematic diagram of an interworking network of the present invention.
  • FIG. 2 is a schematic diagram of a process of transmitting a data packet to the Internet by the identity location separation network of the present invention.
  • 3 is a schematic diagram of a process of transmitting data packets from the Internet to an identity location separation network according to the present invention.
  • 4 is a schematic diagram of an application example in which an identity location separation network terminal of the present invention communicates with an Internet terminal. Preferred embodiment of the invention
  • the main idea of the present invention is to provide an interworking gateway between the identity location separation network and the Internet, and the interworking gateway realizes the communication between the identity location separation network and the Internet, including assigning an identity code in the identity location separation network to the Internet terminal, The IP address of the Internet is allocated to the identity location separation network terminal, and the identity code and the IP address are converted, thereby realizing the identity location separation network and the Internet.
  • the interworking network of the present invention includes an identity location separation network, an Internet, and an interworking gateway connecting the identity location separation network and the Internet, wherein:
  • the identity location separation network uses the identity code as the terminal identity identifier, and is configured to implement communication between the identity location separation network terminals and to communicate with the Internet through the interworking gateway;
  • the identity location separation network is configured to: send an identity location separation network to the interworking gateway a data packet, wherein the source address is an identity code of the identity location separation network terminal, the destination address is an identity code of the network terminal separating the network at the identity location; and receiving the identity location separation network data packet sent by the interworking gateway.
  • the Internet uses the IP address as the terminal distinguishing identifier, and is configured to communicate with the identity location separation network through the interworking gateway; specifically:
  • the Internet is configured to: send an internet data packet to the interworking gateway, where the source address is an IP address of the internet terminal, the destination address is an IP address of the identity location separation network terminal in the Internet; and receiving the internet sent by the interworking gateway data pack.
  • the interworking gateway is configured to: assign an identity code to the Internet terminal, assign an IP address to the identity location separation network terminal, and save an identity conversion item of the identity code and the IP address, and implement terminal difference identification conversion according to the identifier conversion item;
  • the identity location separates the data forwarding between the network and the Internet.
  • the interworking gateway includes a transceiver module connected to each other, a conversion module, and an identifier distribution module connected to the conversion module, where:
  • the transceiver module is configured to: receive an identity location separation network data packet sent by the identity location separation network, and send the converted Internet data packet to the Internet; and receive the Internet data packet sent by the Internet
  • the identity location separation network sends the converted identity location separation network data packet
  • the conversion module is configured to: convert the identity location separated network data packet into the internet data packet, including converting the source address into an IP address of the identity location separation network terminal on the Internet, and converting the destination address into An IP address of the Internet terminal; and converting the Internet data packet into an identity location separation network data packet, including converting the source address into an identity code of the Internet terminal separating the network at the identity location, and converting the destination address into an identity The identity code of the location separation network terminal;
  • the identifier distribution module is configured to: assign an identity code to the Internet terminal, assign an IP address to the identity location separation network terminal, and save an IP address and an identity code of the Internet terminal and the identity location separation network terminal
  • the conversion module is configured to perform identity encoding and IP address conversion according to the identifier conversion item saved by the identifier allocation module.
  • the identity code of the identity location separation network (hereinafter referred to as UID) uses a 32-bit binary format similar to the IPV4 address, so that the identity location separation network can be compatible with the existing IPV4 terminal during the promotion process, that is, the existing terminal IPV4.
  • the protocol stack can access the identity location separation network without modification.
  • the UID space of the identity location separation network overlaps with the IPV4 address space of the Internet.
  • the following processing is performed on the UID space and the IP address space:
  • the identity location separation network designates a part of its UID space as a temporary UID space of the Internet terminal that needs to communicate with each other, which is called an interworking UID space.
  • the identity code of the Internet terminal is an interworking identity code of the interworking identity coding space;
  • the Internet specifies a part of the IPV4 space as a temporary IP address space separating the network terminals from the identity locations that need to be interworked, called the interworking IP address space.
  • the IP address of the identity location separation network terminal is an interworking IP address of the interworking IP address space;
  • One or more interworking gateways are set up between the identity location separation network and the Internet.
  • the interworking gateway is the routing end point of the interworking UID, that is, all the packets in the identity separation network with the interworking UID as the destination address are forwarded to the interworking gateway; on the Internet, the interworking gateway is the routing end point of the interworking IP address, That is, all packets on the Internet with the interworking IP address as the destination address will be forwarded to the interworking gateway.
  • the interworking gateway implements the conversion of the two network packet formats and the conversion between the source/destination IP address and the source/destination UID according to the identification conversion item.
  • the present invention also provides an interworking gateway, as described above.
  • the method for implementing the identity location separation network and the Internet interworking according to the present invention includes an identity location separation network
  • the process of sending data packets to the Internet and the process of sending data packets from the Internet to the identity location separation network are described in detail below.
  • the process for the identity location separation network to send a data packet to the Internet includes: Step 201: Sending, the identity location separation network sends an identity location separation network data packet to the interworking gateway, where the source address is an identity location separation network.
  • the identity code of the terminal, the destination address is an identity code of the network terminal separating the network at the identity location;
  • Step 202 Receive a forwarding step, the interworking gateway receives the identity location separation network, sends the identity location separation network data packet, and converts the identity location separation network data packet into an Internet data packet, including the source address. Converting to the identity location separating the IP address of the network terminal on the Internet, and converting the destination address to an IP address of the Internet terminal; after the data packet is converted, the interworking gateway sends the Internet data packet to the Internet;
  • Step 203 The receiving step, the Internet receiving an internet data packet sent by the interworking gateway.
  • the process for the Internet to send a data packet to the identity location separation network includes: Step 301: Sending, the Internet sending an Internet data packet to the interworking gateway, where the source address is an IP address of the Internet terminal, The destination address is the IP address of the Internet where the identity location separates the network terminal;
  • Step 302 The interworking gateway receives the Internet data packet sent by the Internet.
  • Step 303 Receive and forward, the interworking gateway receives the Internet data packet sent by the Internet; and convert the Internet data packet Separating the network data packet into an identity location, comprising: converting the source address into an identity code of the Internet terminal in the identity location separation network, and converting the destination address into an identity code of the identity location separation network terminal; after the data packet is converted, the interworking Transmitting, by the gateway, the identity location separated network data packet to the identity location separation network;
  • the identity location separation network receives the identity location separation network data packet sent by the interworking gateway.
  • the interworking gateway allocates the identity code to the Internet terminal, allocates the IP address to the identity location separation network terminal, and saves the Internet terminal and the identity location separation network terminal. IP address and identity coded identification conversion item, steps 202 and 203 The interworking gateway performs identity coding and IP address translation according to the identifier conversion item.
  • the designated part of the identity coding space is called an interworking identity coding space
  • the identity code of the Internet terminal is an interworking identity code of the interworking identity coding space
  • the designated part of the IP address space is called an interworking IP address space.
  • the IP address of the identity location separation network terminal is an interworking IP address of the interworking IP address space.
  • the identity location separation network or the Internet is determined by interworking the destination address of the data packet. An identity code or interworking IP address is routed to the interworking gateway.
  • the identity code is a 32 bit binary format code, and the identity code space is overlapped with the IP address space.
  • FIG. 1 A schematic diagram of the identity location separation network terminal interworking with the Internet terminal is shown in FIG.
  • Each terminal on the Internet has a 32-bit binary-encoded IP address that represents both the identity of the terminal and the location of the terminal.
  • Terminal X in Figure 1 has an IP address of 223.20.20.2.
  • the identity location separation network uses the technology of identity and location separation.
  • Each terminal has both an identity identifier and a location identifier.
  • the communication between the two terminals is based on an identity (UID).
  • the identity tag uses a 32-bit binary format such as an IP address.
  • Terminal A in Figure 1 has an identity of 201.1.1.10.
  • all the packets with the destination address being the interworking IP address are routed to the interworking gateway through the route design.
  • all the packets with the destination address being the interworking AID are routed to the interworking through the route design in the identity location separation network. Gateway.
  • the identity location separation network terminal A needs to communicate with the Internet terminal X.
  • the following identification conversion items are established inside the interworking gateway:
  • A uses the interworking UID of X as the destination UID, and the UID itself sends the data packet as the source UID.
  • the destination UID 10.10.10.1/port number 3000
  • source UID 201.1.1.10/port number 2000.
  • the data packet is forwarded to the interworking gateway through the identity location separation network.
  • the interworking gateway converts the data packet into an IP data packet of the Internet, where the destination IP address is the IP address of X, and the source IP address is the interworking IP address of A. The port number is also converted accordingly.
  • the destination IP 223.20.20.2 / port number 9000; source IP: 172.10.10.1 / port number 8000;
  • the packet is forwarded to X over the Internet.
  • X sends the data packet of A's interworking IP address as the destination IP address and its own IP address as the source IP address.
  • the destination IP 172.10.10.1 / port number 8001; source UID: 223.20.20.2 / port number 9001.
  • the data packet is forwarded to the interworking gateway through the Internet;
  • the interworking gateway converts the data packet into a data packet of the identity location separation network, where the destination UID is the UID of the A terminal, and the source UID is the interworking UID of the X terminal;
  • the destination UID 201.1.1.10/port number 2001; source UID: 10.10.10.1/port number 3001
  • the data packet is forwarded to terminal A through the identity location separation network.
  • the identity location separation network terminal and the internet terminal implement interworking.
  • two networks such as a first network and a second network, that code overlapping terminal identifiers are used, and an interworking gateway is set between the two networks, and the interworking gateway allocates the second network to the first network terminal.
  • the interworking terminal identifier, the second network terminal is allocated its interworking terminal identifier in the first network, and the data packet between the first network and the second network is converted by the terminal identifier, so as to implement the first network and the second network Interoperability.
  • the first network and the second network use the terminal identifiers that overlap in the coding space, and are connected by the interworking gateway.
  • the interworking implementation manners of the first network and the second network include:
  • the interworking gateway allocates the terminal identifier of the second network to the first network terminal, allocates the terminal identifier of the second network terminal to the second network terminal, and establishes an identifier conversion item corresponding to the assigned identifier; the interworking gateway receives the first a data packet sent by the network or the second network, where the source and destination addresses are the terminal identifiers of the first network terminal and the second network terminal in the first or second network as the source network;
  • the interworking gateway sends the converted data packet to the second or first network that is the destination network.
  • the interworking network corresponding to the above includes a first network, a second network, and an interworking gateway connecting the first network and the second network, where:
  • the first network is configured to send a data packet to the interworking gateway or receive a data packet sent by the interworking gateway, where the source and destination addresses of the data packet are the terminal identifiers of the first network terminal and the second network terminal in the first network;
  • the second network uses a terminal identifier that overlaps the coding space of the first network, and is configured to send a data packet to the interworking gateway or receive a data packet sent by the interworking gateway, where the source and destination addresses of the data packet are the first network.
  • a terminal identifier of the terminal and the second network terminal in the second network is configured to send a data packet to the interworking gateway or receive a data packet sent by the interworking gateway, where the source and destination addresses of the data packet are the first network.
  • the interworking gateway is configured to: allocate, to the first network terminal, a terminal identifier of the second network, which is a second
  • the network terminal allocates the terminal identifier of the first network, and establishes an identifier conversion item corresponding to the allocated identifier; receiving the data packet sent by the first network or the second network, and converting the received data packet, including converting according to the identifier Converting the source and destination addresses into terminal identifiers of the first network terminal and the second network terminal in the second or first network as the destination network; and transmitting the converted data packet to the second network or the first network as the destination network .
  • the method, the interworking network and the interworking gateway of the present invention exchange the data packets that need to be interworked through the interworking gateway, and realize the interworking between the terminals of the two networks identified by different terminals, specifically the source and destination addresses of the received data packets.
  • the source network terminal identifier is converted into the destination network terminal identifier, and the identity location separation network and the traditional Internet are intercommunicated, and the identity code of the identity location separation network is encoded in a 32-bit binary format, and overlaps with the IP address space, thereby realizing
  • the compatibility of the traditional Internet terminal, the inter-identification identity coding space for interworking is divided in the identity coding space, and the interworking IP address space for interworking is divided in the IP address space, which can facilitate routing design and judgment, that is, pass through the Internet.
  • the routing design routes all the data packets whose destination addresses are the interworking IP addresses to the interworking gateway.
  • all the data packets with the destination address being the interworking AID are routed to the interworking gateway through the route design.
  • the present invention implements the interworking between the two network terminals of different terminal identifiers through the interworking gateway to convert the data packets that need to be interworked, and realizes compatibility with the traditional Internet terminal, in the identity coding space.
  • the interworking identity coding space for interworking is divided, and the interworking IP address space for interworking is divided in the IP address space, which facilitates route design and judgment.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

A method for intercommunicating between location-and-identity-separation network and internet includes: the location-and-identity-separation network sends location-and-identity-separation network data packets to an intercommunication gateway, wherein source address is the identity code of the location-and-identity-separation network terminal, destination address is the identity code of the internet terminal in the location-and-identity-separation network; the intercommunication gateway receives the location-and-identity-separation network data packets sent by the location-and-identity-separation network, and converts the location-and-identity-separation network data packets to internet data packets, which includes converting the source address to the IP address of the location-and-identity-separation network terminal in the internet and converting the destination address to the IP address of the internet terminal; after the data packets converted, the intercommunication gateway sends the internet data packets to the internet; and, the internet receives the internet data packets sent by the intercommunication gateway. The intercommunication method, intercommunication network and intercommunication gateway of the invention, can enable the intercommunication between the networks which adopt different terminal identities.

Description

身份位置分离网络与互联网的互通方法及互通网络  Identity location separation network and internet interworking method and interworking network
技术领域 Technical field
本发明涉及通信领域, 尤其是一种身份位置分离网络与互联网的互通的 方法和互通网络。  The present invention relates to the field of communications, and more particularly to a method and an interworking network for interworking between an identity location separation network and the Internet.
背景技术 Background technique
随着信息技术的发展, 以互联网为代表的信息网络在经济和社会发展中 起到了越来越重要的作用。但互联网也在使用过程中暴露了越来越多的问题。 互联网设计之初, 只考虑了固定的可信任的终端, 不支持终端移动性, 也没 有内在的安全保障机制。 随着 3G、 后 3G、 4G等无线技术的发展, 互联网对 移动终端的支持成为越来越紧迫的课题。 同时, 随着互联网应用范围的扩大, 安全问题也更加突出, 这些问题在现有的互联网技术框架下已经很难解决。  With the development of information technology, the information network represented by the Internet has played an increasingly important role in economic and social development. But the Internet has also exposed more and more problems during its use. At the beginning of the Internet design, only fixed and trusted terminals were considered, terminal mobility was not supported, and there was no inherent security mechanism. With the development of wireless technologies such as 3G, 3G, and 4G, the Internet's support for mobile terminals has become an increasingly urgent issue. At the same time, with the expansion of the scope of Internet applications, security issues are more prominent, and these problems have been difficult to solve under the existing Internet technology framework.
TCP/IP协议是互联网的基础。 IP地址具有身份、 位置的双重属性, 是互 联网无法支持移动性的根源。 作为终端的身份属性, IP地址在终端移动过程 中不能改变, 若改变, 则 TCP、 UDP等上层业务连接会随着地址的改变而中 断; 作为终端的位置属性, IP地址在终端移动过程中必须改变 (地址必须具 有当前所在的子网前缀) , 若不改变则路由器无法把数据包正确地转发到终 端。 同时, IP地址的双重属性也是互联网的安全性得不到根本解决的原因所 在。 由于 IP地址必须包含终端的位置属性, 所以移动终端无法分配到固定的 IP地址, 因此在互联网上无法根据 IP地址确定黑客等攻击者的身份。 这是当 前互联网上攻击、 诈骗、 滥用等安全问题得不到解决的根本原因。  The TCP/IP protocol is the foundation of the Internet. IP addresses have dual attributes of identity and location and are the root cause of the Internet's inability to support mobility. As the identity attribute of the terminal, the IP address cannot be changed during the terminal movement. If it changes, the upper layer service connection such as TCP and UDP will be interrupted as the address changes. As the location attribute of the terminal, the IP address must be in the process of terminal movement. Change (the address must have the current subnet prefix). If it does not change, the router cannot forward the packet to the terminal correctly. At the same time, the dual nature of IP addresses is also the reason why the security of the Internet cannot be fundamentally resolved. Since the IP address must contain the location attribute of the terminal, the mobile terminal cannot be assigned a fixed IP address, so it is impossible to determine the identity of an attacker such as a hacker based on the IP address on the Internet. This is the root cause of the unresolved security issues such as attacks, fraud, and abuse on the Internet.
针对 IP协议具有双重属性的缺陷, 业界在研究多种基于身份、 位置分离 的下一代网络技术, 如 LISP、 HIP, Six/one, 一体化网络等等。 这些技术的 共同特点是引入了两个编码空间, 一个代表终端的身份, 一个代表终端的位 置。 每个终端都既有一个身份编码, 也有一个位置编码。 TCP、 UDP等上层 业务连接是基于终端的身份编码与对端建立通信连接的。 终端移动时, 其位 置编码随之改变, 但其身份编码保持不变。 因此终端的移动不会引起上层业 务的中断。 终端的身份编码和位置编码分离之后, 就能够给每一个终端分配一个固 定的身份编码, 作为终端间通信时身份标识。 这样就实现了终端的真实身份 上网。 In view of the dual nature of the IP protocol, the industry is researching a variety of next-generation network technologies based on identity and location separation, such as LISP, HIP, Six/one, integrated networks and so on. A common feature of these technologies is the introduction of two coding spaces, one representing the identity of the terminal and one representing the location of the terminal. Each terminal has both an identity code and a location code. The upper layer service connection such as TCP and UDP is based on the identity code of the terminal and establishes a communication connection with the peer. When the terminal moves, its position code changes, but its identity code remains unchanged. Therefore, the movement of the terminal does not cause interruption of the upper layer service. After the identity coding and location coding of the terminal are separated, each terminal can be assigned a fixed identity code as the identity between the terminals. This realizes the real identity of the terminal.
基于身份、 位置分离的下一代互联网 (以下称为身份位置分离网络) 的 建设、 推广、 普及需要一段较长的时间, 身份位置分离网络与传统互联网在 较长的时期内将同时存在。 所以两个网络需要进行互通。  The construction, promotion, and popularization of the next-generation Internet (hereinafter referred to as identity location separation network) based on identity and location separation will take a long time, and the identity location separation network and the traditional Internet will exist simultaneously in a long period of time. Therefore, the two networks need to communicate.
身份位置分离网络与传统互联网的互通, 意指身份位置分离网络终端与 传统互联网的终端可以相互通信。 身份位置分离网络终端可以访问传统互联 网提供的服务, 传统互联网的终端也可以访问身份位置分离网络的服务。 但 这种基于不同终端区别标识的网络之间的互通问题还有待解决。  The identity separation network and the traditional Internet intercommunication mean that the identity location separation network terminal and the traditional Internet terminal can communicate with each other. The identity location separation network terminal can access the services provided by the traditional Internet, and the traditional Internet terminal can also access the service of the identity location separation network. However, the interworking problem between networks based on different terminal distinctive identifiers remains to be solved.
发明内容 Summary of the invention
本发明的目的是提供一种两个网络之间的互通方法以及互通网络和互通 网关, 以实现两个网络之间的互通。  It is an object of the present invention to provide an interworking method between two networks and an interworking network and an interworking gateway to implement interworking between the two networks.
为解决以上技术问题, 本发明提供了一种身份位置分离网络与互联网的 互通方法, 身份位置分离网络釆用身份编码区别终端, 互联网釆用 IP地址区 别终端, 该方法包括: 所述身份位置分离网络通过如下方式向互联网发送数 据包:  In order to solve the above technical problem, the present invention provides an interworking method for an identity location separation network and an Internet. The identity location separation network uses an identity code to distinguish a terminal, and the Internet uses an IP address to distinguish a terminal. The method includes: the identity location separation The network sends packets to the Internet in the following ways:
所述身份位置分离网络向互通网关发送身份位置分离网络数据包, 其中 源地址是身份位置分离网络终端的身份编码, 目的地址是互联网终端在身份 位置分离网络的身份编码;  The identity location separation network sends an identity location separation network data packet to the interworking gateway, where the source address is an identity code of the identity location separation network terminal, and the destination address is an identity code of the network terminal separating the network at the identity location;
所述互通网关接收所述身份位置分离网络发送的所述身份位置分离网络 数据包, 并将所述身份位置分离网络数据包转换成互联网数据包, 包括将所 述源地址转换为所述身份位置分离网络终端在互联网的 IP地址,将目的地址 转换为互联网终端的 IP地址; 数据包转换后, 所述互通网关将所述互联网数 据包发送至所述互联网; 以及  Receiving, by the interworking gateway, the identity location separation network data packet sent by the identity location separation network, and converting the identity location separation network data packet into an internet data packet, including converting the source address into the identity location Separating the IP address of the network terminal from the Internet to convert the destination address to the IP address of the Internet terminal; after the data packet is converted, the interworking gateway sends the Internet data packet to the Internet;
所述互联网接收所述互通网关发送的互联网数据包。  The Internet receives an internet data packet sent by the interworking gateway.
优选地, 上述方法还包括: 互联网通过如下方式向所述身份位置分离网 络发送数据包: Preferably, the method further includes: the Internet separating the network from the identity location by: Send the packet:
所述互联网向所述互通网关发送互联网数据包, 其中源地址是互联网终 端的 IP地址, 目的地址是身份位置分离网络终端在互联网的 IP地址;  The Internet sends an Internet data packet to the interworking gateway, where the source address is an IP address of the Internet terminal, and the destination address is an IP address of the Internet where the identity location is separated from the network terminal;
所述互通网关接收所述互联网发送的所述互联网数据包; 并将所述互联 网数据包转换成身份位置分离网络数据包, 包括将所述源地址转换为所述互 联网终端在身份位置分离网络的身份编码, 目的地址转换为身份位置分离网 终端的身份编码; 数据包转换后, 所述互通网关将所述身份位置分离网络数 据包发送至所述身份位置分离网络; 以及  Receiving, by the interworking gateway, the Internet data packet sent by the Internet; and converting the Internet data packet into an identity location separation network data packet, including converting the source address into the network terminal in an identity location separation network Identity code, the destination address is converted into an identity code of the identity location separation network terminal; after the data packet is converted, the interworking gateway sends the identity location separation network data packet to the identity location separation network;
所述身份位置分离网络接收所述互通网关发送的身份位置分离网络数据 包。  The identity location separation network receives the identity location separation network data packet sent by the interworking gateway.
优选地, 在接收身份位置分离网络数据包或互联网数据包之前, 所述互 通网关还为所述互联网终端分配所述身份编码, 为所述身份位置分离网络终 端分配所述 IP地址, 并保存所述互联网终端及所述身份位置分离网络终端的 IP地址与身份编码的标识转换项; 在对接收到的身份位置分离数据包或互联 网数据包进行转换时, 所述互通网关是根据所述标识转换项进行身份编码和 IP地址的转换。  Preferably, before receiving the identity location to separate the network data packet or the Internet data packet, the interworking gateway further allocates the identity code to the Internet terminal, allocates the IP address to the identity location separation network terminal, and saves the location Determining an IP address of the Internet terminal and the identity location separation network terminal and an identity coding conversion item; when converting the received identity location separation data packet or the Internet data packet, the interworking gateway is converted according to the identifier The item is encoded with an identity code and an IP address.
优选地, 该方法还包括: 在所述身份位置分离网络的身份编码空间中指 定一部分作为互通身份编码空间, 所述互联网终端在身份位置分离网络的所 述身份编码是所述互通身份编码空间的互通身份编码; 以及, 在所述互联网 的 IP地址空间中指定一部分作为互通 IP地址空间, 所述身份位置分离网络 终端在所述互联网的 IP地址是所述互通 IP地址空间的互通 IP地址; 在发送 身份位置分离网络数据包或互联网数据包时, 所述身份位置分离网络或所述 互联网是通过判断数据包的目的地址为互通身份编码或互通 IP地址路由到所 述互通网关的。  Preferably, the method further includes: designating a part of the identity code space of the identity location separation network as an interworking identity coding space, and the identity code of the Internet terminal in the identity location separation network is the interworking identity coding space. Interworking identity code; and, designating a part of the IP address space of the Internet as an interworking IP address space, where the IP address of the identity location separation network terminal in the Internet is an interworking IP address of the interworking IP address space; When the identity location is separated from the network data packet or the Internet data packet, the identity location separation network or the Internet is routed to the interworking gateway by determining that the destination address of the data packet is an interworking identity code or an interworking IP address.
优选地, 所述身份编码是 32比特二进制格式的编码, 身份位置分离网络 的身份编码空间与所述互联网的 IP地址空间是重叠的。  Preferably, the identity coding is a coding in a 32-bit binary format, and an identity coding space of the identity location separation network overlaps with an IP address space of the Internet.
为解决以上技术问题, 本发明还提供一种互通网络, 所述互通网络包括 身份位置分离网络、 互联网及连接所述身份位置分离网络与所述互联网的互 通网关, 其中: In order to solve the above technical problem, the present invention further provides an interworking network, where the interworking network includes an identity location separation network, an Internet, and a mutual connection between the identity location separation network and the Internet. Gateway, where:
所述身份位置分离网络釆用身份编码区别终端, 并设置成: 向所述互通 网关发送身份位置分离网络数据包, 其中源地址是身份位置分离网络终端的 身份编码, 目的地址是互联网终端在身份位置分离网络的身份编码;  The identity location separation network distinguishes the terminal by using an identity code, and is configured to: send an identity location separation network data packet to the interworking gateway, where the source address is an identity code of the identity location separation network terminal, and the destination address is an identity of the Internet terminal. The identity code of the location separation network;
所述互通网关包括相互连接的收发模块及转换模块, 其中, 所述收发模 块设置成接收所述身份位置分离网络发送的身份位置分离网络数据包以及向 所述互联网发送转换后的互联网数据包; 所述转换模块设置成将所述身份位 置分离网络数据包转换成所述互联网数据包, 包括将所述源地址转换为所述 身份位置分离网络终端在互联网的 IP地址,将目的地址转换为互联网终端的 IP地址;  The interworking gateway includes a transceiver module and a conversion module that are connected to each other, wherein the transceiver module is configured to receive an identity location separation network data packet sent by the identity location separation network, and send the converted Internet data packet to the Internet; The conversion module is configured to convert the identity location separation network data packet into the internet data packet, including converting the source address into an IP address of the identity location separation network terminal on the Internet, and converting the destination address into an internet address The IP address of the terminal;
所述互联网釆用 IP地址区别终端, 并设置成接收所述互通网关发送的所 述互联网数据包。  The Internet uses an IP address to distinguish the terminal and is configured to receive the Internet data packet sent by the interworking gateway.
优选地, 所述互联网还设置成: 向所述互通网关发送互联网数据包, 其 中源地址是互联网终端的 IP地址, 目的地址是身份位置分离网络终端在互联 网的 IP地址;  Preferably, the Internet is further configured to: send an Internet data packet to the interworking gateway, where the source address is an IP address of the Internet terminal, and the destination address is an IP address of the Internet where the identity location is separated from the network terminal;
所述互通网关的收发模块还设置成接收所述互联网发送的所述互联网数 据包以及向所述身份位置分离网络发送转换后的身份位置分离网络数据包; 所述转换模块还设置成将所述互联网数据包转换成身份位置分离网络数据 包, 包括将所述源地址转换为所述互联网终端在身份位置分离网络的身份编 码, 将目的地址转换为身份位置分离网终端的身份编码;  The transceiver module of the interworking gateway is further configured to receive the Internet data packet sent by the Internet and send the converted identity location separation network data packet to the identity location separation network; the conversion module is further configured to: Converting the Internet data packet into an identity location separation network data packet, comprising: converting the source address into an identity code of the Internet terminal separating the network in the identity location, and converting the destination address into an identity code of the identity location separation network terminal;
所述身份位置分离网络还设置成接收所述互通网关发送的所述身份位置 分离网络数据包。  The identity location separation network is further configured to receive the identity location separation network data packet sent by the interworking gateway.
优选地, 所述互通网关还包括与所述转换模块连接的标识分配模块, 所 述标识分配模块设置成: 为所述互联网终端分配在身份位置分离网络的身份 编码, 为所述身份位置分离网络终端分配在互联网的 IP地址, 以及, 保存所 述互联网终端及所述身份位置分离网络终端的 IP地址与身份编码的标识转换 项; 所述转换模块是设置成在对身份位置分离网络数据包或互联网数据包进 行转换时, 根据所述标识转换项进行身份编码和 IP地址的转换。 优选地, 所述身份位置分离网络还设置成: 在身份编码空间中指定一部 分作为互通身份编码空间, 所述互联网终端在身份位置分离网络的所述身份 编码是所述互通身份编码空间的互通身份编码, 以及, 在向互通网关发送身 份位置分离网络数据包时, 通过判断所述目的地址为互通身份编码路由到所 述互通网关; 所述互联网还设置成: 在 IP地址空间中指定一部分作为互通 IP 地址空间, 所述身份位置分离网络终端在互联网的 IP地址是所述互通 IP地 址空间的互通 IP地址, 以及, 在向所述互通网关发送互联网数据包时, 通过 判断所述目的地址为互通 IP地址路由到所述互通网关。 Preferably, the interworking gateway further includes an identifier allocation module connected to the conversion module, the identifier assignment module is configured to: assign an identity code of the network to the identity terminal in the identity location, and separate the network for the identity location Assigning, by the terminal, an IP address of the Internet, and storing an identifier of the IP address and the identity code of the Internet terminal and the identity location separation network terminal; the conversion module is configured to separate the network data packet from the identity location or When the Internet data packet is converted, the identity encoding and the IP address are converted according to the identifier conversion item. Preferably, the identity location separation network is further configured to: specify a part of the identity coding space as an interworking identity coding space, and the identity code of the Internet terminal in the identity location separation network is an interworking identity of the interworking identity coding space. Encoding, and, when transmitting the identity location separation network data packet to the interworking gateway, determining that the destination address is an interworking identity code to be routed to the interworking gateway; the Internet is further configured to: specify a part of the IP address space as an interworking An IP address space, where the IP address of the network terminal in the Internet is an interworking IP address of the interworking IP address space, and when the Internet data packet is sent to the interworking gateway, the destination address is determined to be interworking. The IP address is routed to the interworking gateway.
优选地, 所述身份编码是 32比特二进制格式的编码, 所述身份位置分离 网络的身份编码空间与所述互联网的 IP地址空间是重叠的。  Preferably, the identity coding is a coding in a 32-bit binary format, and an identity coding space of the identity location separation network overlaps with an IP address space of the Internet.
为解决以上技术问题, 本发明还提供了另一种互通网络, 所述互通网络 包括身份位置分离网络、 互联网及连接所述身份位置分离网络与所述互联网 的互通网关, 其中:  In order to solve the above technical problem, the present invention further provides another interworking network, where the interworking network includes an identity location separation network, an Internet, and an interworking gateway connecting the identity location separation network and the Internet, where:
所述身份位置分离网络釆用身份编码作为终端区别标识, 并设置成实现 身份位置分离网络终端之间的通信以及通过所述互通网关与所述互联网进行 通信;  The identity location separation network uses the identity code as the terminal identity identifier, and is configured to implement communication between the identity location separation network terminals and to communicate with the Internet through the interworking gateway;
所述互联网釆用 IP地址作为终端区别标识, 并设置成通过所述互通网关 与所述身份位置分离网络进行通信;  The Internet uses the IP address as the terminal distinguishing identifier, and is configured to communicate with the identity location separation network through the interworking gateway;
所述互通网关设置成: 为互联网终端分配身份编码, 为身份位置分离网 络终端分配 IP地址, 保存身份编码与 IP地址的标识转换项, 以及, 根据所 述标识转换项实现终端区别标识转换及身份位置分离网络与互联网之间的数 据转发。  The interworking gateway is configured to: assign an identity code to the Internet terminal, assign an IP address to the identity location separation network terminal, save an identity conversion item of the identity code and the IP address, and implement terminal differentiated identity conversion and identity according to the identity conversion item. The location separates the data forwarding between the network and the Internet.
优选地, 所述身份位置分离网络还设置成: 在身份编码空间中指定一部 分作为互通身份编码空间, 所述互通网关为所述互联网终端分配的身份编码 是所述互通身份编码; 所述互联网还设置成: 在 IP地址空间中指定一部分作 为互通 IP地址空间, 所述互通网关为所述身份位置分离网络终端分配的 IP 地址是所述互通 IP地址。  Preferably, the identity location separation network is further configured to: specify a part of the identity coding space as an interworking identity coding space, and the identity code assigned by the interworking gateway to the Internet terminal is the interworking identity code; The method is configured to: designate a part of the IP address space as an interworking IP address space, and the IP address allocated by the interworking gateway for the identity location separation network terminal is the interworking IP address.
优选地, 所述身份编码是 32比特二进制格式的编码, 所述身份位置分离 网络的身份编码空间与所述互联网的 IP地址空间是重叠的。 Preferably, the identity code is a code in a 32-bit binary format, and the identity location is separated The identity coding space of the network overlaps with the IP address space of the Internet.
为解决上述技术问题, 本发明还提供了又一种互通网关, 所述互通网关 与身份位置分离网络及互联网连接, 以实现所述身份位置分离网络与所述互 联网之间的通信, 所述身份位置分离网络釆用身份编码作为终端区别标识, 所述互联网釆用 IP地址作为终端区别标识, 所述互通网关包括相互连接的收 发模块及转换模块, 其中:  In order to solve the above technical problem, the present invention further provides another interworking gateway, where the interworking gateway is connected to an identity location separation network and an Internet, to implement communication between the identity location separation network and the Internet, the identity The location separation network uses the identity code as the terminal difference identifier, and the Internet uses the IP address as the terminal difference identifier, and the interworking gateway includes the transceiver module and the conversion module that are connected to each other, where:
所述收发模块设置成: 接收所述身份位置分离网络发送的身份位置分离 网络数据包并向所述互联网发送转换后的互联网数据包; 以及, 接收所述互 联网发送的所述互联网数据包并向所述身份位置分离网络发送转换后的身份 位置分离网络数据包;  The transceiver module is configured to: receive an identity location separation network data packet sent by the identity location separation network, and send the converted Internet data packet to the Internet; and receive the Internet data packet sent by the Internet The identity location separation network sends the converted identity location separation network data packet;
所述转换模块设置成: 将所述收发模块接收的身份位置分离网络数据包 转换成所述互联网数据包, 包括将所述身份编码转换为所述 IP地址; 以及, 将所述收发模块接收的互联网数据包转换成身份位置分离网络数据包, 包括 将所述 IP地址转换为所述身份编码。  The converting module is configured to: convert the identity location separated network data packet received by the transceiver module into the internet data packet, including converting the identity code into the IP address; and receiving the transceiver module Converting the Internet data packet into an identity location separation network data packet includes converting the IP address to the identity code.
优选地, 所述互通网关还包括与所述转换模块连接的标识分配模块, 所 述标识分配模块设置成: 为所述互联网终端分配互通身份编码空间的互通身 份编码, 为所述身份位置分离网络终端分配互通 IP地址空间的互通 IP地址 , 保存所述互联网终端的 IP地址与分配的互通身份编码的标识转换项, 以及, 项; 其中所述互通身份编码空间为所述身份位置分离网络的身份编码空间的 指定部分, 所述互通 IP地址空间为所述互联网的 IP地址空间的指定部分; 所述转换模块是设置成根据所述标识分配模块保存的标识转换项进行身份编 码与 IP地址的转换。  Preferably, the interworking gateway further includes an identifier allocation module that is connected to the conversion module, and the identifier distribution module is configured to: allocate an interworking identity code of the interworking identity coding space to the internet terminal, and separate the network for the identity location The terminal allocates an interworking IP address of the interworking IP address space, and stores an IP address of the Internet terminal and an assigned identity conversion item of the interworking identity code, and an entry; wherein the interworking identity coding space is an identity of the identity location separation network a designated part of the coding space, the interworking IP address space is a designated part of the IP address space of the Internet; the conversion module is configured to perform identity coding and IP address conversion according to the identifier conversion item saved by the identifier allocation module .
优选地, 所述身份编码是 32比特二进制格式的编码, 所述身份位置分离 网络的身份编码空间与所述互联网的 IP地址空间是重叠的。  Preferably, the identity coding is a coding in a 32-bit binary format, and an identity coding space of the identity location separation network overlaps with an IP address space of the Internet.
为解决以上技术问题, 本发明还提供了一种第一网络和第二网络的互通 方法, 所述第一网络和第二网络釆用编码空间重叠的终端标识, 且通过互通 网关相连接, 该方法包括: 互通网关为第一网络终端分配在第二网络的终端标识, 为第二网络终端 分配在第一网络的终端标识,并建立与所分配的终端标识对应的标识转换项; 互通网关接收第一网络或第二网络发送的数据包, 其中源地址和目的地 址为第一网络终端及第二网络终端在作为源网络的所述第一网络或第二网络 中的终端标识; In order to solve the above technical problem, the present invention further provides a method for interworking between a first network and a second network, where the first network and the second network use terminal identifiers that overlap in the coding space, and are connected through an interworking gateway. Methods include: The interworking gateway allocates the terminal identifier of the second network to the first network terminal, allocates the terminal identifier of the first network to the second network terminal, and establishes an identifier conversion item corresponding to the allocated terminal identifier; the interworking gateway receives the first network Or a data packet sent by the second network, where the source address and the destination address are terminal identifiers of the first network terminal and the second network terminal in the first network or the second network as the source network;
互通网关对接收的数据包进行转换, 包括根据标识转换项将源地址和目 的地址转换为第一网络终端和第二网络终端在作为目的网络的第二网络或第 一网络中的终端标识; 以及  Converting, by the interworking gateway, the received data packet, comprising: converting the source address and the destination address according to the identifier conversion item into a terminal identifier of the first network terminal and the second network terminal in the second network or the first network as the destination network;
互通网关将转换后的数据包发送给作为目的网络的第二网络或第一网 络。  The interworking gateway transmits the converted data packet to the second network or the first network as the destination network.
为解决以上技术问题, 本发明还提供了一种互通网络, 所述互通网络包 括第一网络、 第二网络及连接第一网络和第二网络的互通网关, 其中:  To solve the above technical problem, the present invention further provides an interworking network, where the interworking network includes a first network, a second network, and an interworking gateway connecting the first network and the second network, where:
第一网络设置成向互通网关发送数据包或接收互通网关发送的数据包, 所发送或接收的数据包的源地址和目的地址为第一网络终端和第二网络终端 在第一网络中的终端标识;  The first network is configured to send a data packet to the interworking gateway or receive a data packet sent by the interworking gateway, where the source address and the destination address of the sent or received data packet are the first network terminal and the second network terminal in the first network terminal. Identification
第二网络釆用编码空间与第一网络的编码空间重叠的终端标识, 并设置 成向互通网关发送数据包或接收互通网关发送的数据包, 所发送或接收的数 据包的源地址和目的地址为第一网络终端和第二网络终端在第二网络中的终 端标识;  The second network uses the terminal identifier of the coding space overlapping with the coding space of the first network, and is configured to send a data packet to the interworking gateway or receive a data packet sent by the interworking gateway, and the source address and the destination address of the data packet sent or received. a terminal identifier in the second network of the first network terminal and the second network terminal;
互通网关设置成: 为第一网络终端分配在第二网络的终端标识, 为第二 网络终端分配在第一网络的终端标识, 建立与所分配的终端标识对应的标识 转换项; 接收第一网络或第二网络发送的数据包, 并对接收的数据包进行转 换, 包括根据标识转换项将数据包的源地址和目的地址转换为第一网络终端 和第二网络终端在作为目的网络的第二网络或第一网络中的终端标识; 以及 向作为目的网络的第二网络或第一网络发送转换后的数据包。  The interworking gateway is configured to: allocate a terminal identifier of the second network to the first network terminal, allocate a terminal identifier of the first network to the second network terminal, and establish an identifier conversion item corresponding to the allocated terminal identifier; receive the first network Or the data packet sent by the second network, and converting the received data packet, including converting the source address and the destination address of the data packet into the first network terminal and the second network terminal according to the identifier conversion item as the second network as the destination network a network or a terminal identifier in the first network; and transmitting the converted data packet to the second network or the first network as the destination network.
本发明方法、 互通网络及互通网关, 通过互通网关对需要互通的数据包 的转换处理, 实现不同终端标识的两个网络的终端之间的互通, 具体地将接 收的数据包中源、 目的地址的源网络终端标识转换为目的网络终端标识, 针 对身份位置分离网络与传统互联网的互通, 身份位置分离网络的身份编码釆 用 32比特二进制格式的编码, 与所述 IP地址空间重叠, 实现了与传统互联 网终端的兼容, 在身份编码空间划分出用于实现互通的互通身份编码空间, 在 IP地址空间划分出用于实现互通的互通 IP地址空间, 可以方便路由设计 和判断, 即在互联网中通过路由设计, 把所有目的地址为互通 IP地址的数据 包都路由到互通网关; 同样, 在身份位置分离网络中通过路由设计, 把所有 目的地址为互通 AID的数据包都路由到互通网关。 附图概述 The method, the interworking network and the interworking gateway of the present invention exchange the data packets that need to be interworked through the interworking gateway, and realize the interworking between the terminals of the two networks identified by different terminals, specifically the source and destination addresses of the received data packets. The source network terminal identifier is converted to the destination network terminal identifier, the pin For the interworking of the identity location separation network and the traditional Internet, the identity code of the identity location separation network is encoded in a 32-bit binary format, overlaps with the IP address space, and is compatible with the traditional Internet terminal, and is divided in the identity coding space. The interworking IP code space for interworking is divided into the interworking IP address space for interworking in the IP address space, which facilitates route design and judgment. That is, through the route design in the Internet, all destination addresses are interworking IP addresses. The data packets are all routed to the interworking gateway. Similarly, in the identity location separation network, all the data packets with the destination address being the interworking AID are routed to the interworking gateway through the route design. BRIEF abstract
图 1 是本发明互通网络的示意图。  1 is a schematic diagram of an interworking network of the present invention.
图 2是本发明身份位置分离网络向互联网发送数据包的过程示意图。 图 3是本发明互联网向身份位置分离网络发送数据包的过程 示意图。 图 4是本发明身份位置分离网络终端与互联网终端进行互通的应用实例 的示意图。 本发明的较佳实施方式  2 is a schematic diagram of a process of transmitting a data packet to the Internet by the identity location separation network of the present invention. 3 is a schematic diagram of a process of transmitting data packets from the Internet to an identity location separation network according to the present invention. 4 is a schematic diagram of an application example in which an identity location separation network terminal of the present invention communicates with an Internet terminal. Preferred embodiment of the invention
本发明的主要思想是在身份位置分离网络与互联网之间设置互通网关, 由互通网关来实现身份位置分离网络与互联网之间的通信, 包括为互联网终 端分配在身份位置分离网络中的身份编码, 为身份位置分离网络终端分配在 互联网中的 IP地址, 以及进行身份编码与 IP地址的转换, 从而实现身份位 置分离网络与互联网的互通。  The main idea of the present invention is to provide an interworking gateway between the identity location separation network and the Internet, and the interworking gateway realizes the communication between the identity location separation network and the Internet, including assigning an identity code in the identity location separation network to the Internet terminal, The IP address of the Internet is allocated to the identity location separation network terminal, and the identity code and the IP address are converted, thereby realizing the identity location separation network and the Internet.
如图 1所示, 本发明互通网络包括身份位置分离网络、 互联网及连接所 述身份位置分离网络与所述互联网的互通网关, 其中:  As shown in FIG. 1, the interworking network of the present invention includes an identity location separation network, an Internet, and an interworking gateway connecting the identity location separation network and the Internet, wherein:
所述身份位置分离网络釆用身份编码作为终端区别标识, 并设置成实现 身份位置分离网络终端之间的通信以及通过所述互通网关与所述互联网进行 通信;  The identity location separation network uses the identity code as the terminal identity identifier, and is configured to implement communication between the identity location separation network terminals and to communicate with the Internet through the interworking gateway;
具体地:  specifically:
所述身份位置分离网络设置成: 向所述互通网关发送身份位置分离网络 数据包, 其中源地址是身份位置分离网络终端的身份编码, 目的地址是互联 网终端在身份位置分离网络的身份编码; 以及, 接收所述互通网关发送的身 份位置分离网络数据包。 The identity location separation network is configured to: send an identity location separation network to the interworking gateway a data packet, wherein the source address is an identity code of the identity location separation network terminal, the destination address is an identity code of the network terminal separating the network at the identity location; and receiving the identity location separation network data packet sent by the interworking gateway.
所述互联网釆用 IP地址作为终端区别标识, 并设置成通过所述互通网关 与所述身份位置分离网络进行通信; 具体地:  The Internet uses the IP address as the terminal distinguishing identifier, and is configured to communicate with the identity location separation network through the interworking gateway; specifically:
所述互联网设置成: 向所述互通网关发送互联网数据包, 其中源地址是 互联网终端的 IP地址, 目的地址是身份位置分离网络终端在互联网的 IP地 址; 以及, 接收所述互通网关发送的互联网数据包。  The Internet is configured to: send an internet data packet to the interworking gateway, where the source address is an IP address of the internet terminal, the destination address is an IP address of the identity location separation network terminal in the Internet; and receiving the internet sent by the interworking gateway data pack.
所述互通网关设置成: 为互联网终端分配身份编码, 为身份位置分离网 络终端分配 IP地址, 以及保存身份编码与 IP地址的标识转换项, 以及, 根 据所述标识转换项实现终端区别标识转换及身份位置分离网络与互联网之间 的数据转发。 具体地, 所述互通网关包括相互连接的收发模块、 转换模块以及与所述 转换模块连接的标识分配模块, 其中:  The interworking gateway is configured to: assign an identity code to the Internet terminal, assign an IP address to the identity location separation network terminal, and save an identity conversion item of the identity code and the IP address, and implement terminal difference identification conversion according to the identifier conversion item; The identity location separates the data forwarding between the network and the Internet. Specifically, the interworking gateway includes a transceiver module connected to each other, a conversion module, and an identifier distribution module connected to the conversion module, where:
所述收发模块设置成: 接收所述身份位置分离网络发送的身份位置分离 网络数据包并向所述互联网发送转换后的互联网数据包; 以及, 接收所述互 联网发送的所述互联网数据包并向所述身份位置分离网络发送转换后的身份 位置分离网络数据包;  The transceiver module is configured to: receive an identity location separation network data packet sent by the identity location separation network, and send the converted Internet data packet to the Internet; and receive the Internet data packet sent by the Internet The identity location separation network sends the converted identity location separation network data packet;
所述转换模块设置成: 将所述身份位置分离网络数据包转换成所述互联 网数据包, 包括将所述源地址转换为所述身份位置分离网络终端在互联网的 IP地址, 将目的地址转换为互联网终端的 IP地址; 以及, 将所述互联网数据 包转换成身份位置分离网络数据包, 包括将所述源地址转换为所述互联网终 端在身份位置分离网络的身份编码, 将目的地址转换为身份位置分离网终端 的身份编码;  The conversion module is configured to: convert the identity location separated network data packet into the internet data packet, including converting the source address into an IP address of the identity location separation network terminal on the Internet, and converting the destination address into An IP address of the Internet terminal; and converting the Internet data packet into an identity location separation network data packet, including converting the source address into an identity code of the Internet terminal separating the network at the identity location, and converting the destination address into an identity The identity code of the location separation network terminal;
所述标识分配模块设置成: 为所述互联网终端分配身份编码, 为所述身 份位置分离网络终端分配 IP地址, 以及, 保存所述互联网终端及所述身份位 置分离网络终端的 IP地址与身份编码的标识转换项; 所述转换模块是根据所 述标识分配模块保存的标识转换项进行身份编码与 IP地址的转换。 优选地, 身份位置分离网络的身份编码(以下简称 UID )釆用类似 IPV4 地址的 32位二进制格式, 这样身份位置分离网络在推广过程中, 可以与现有 的 IPV4终端兼容, 即现有终端 IPV4协议栈不用修改就能够接入身份位置分 离网络。 The identifier distribution module is configured to: assign an identity code to the Internet terminal, assign an IP address to the identity location separation network terminal, and save an IP address and an identity code of the Internet terminal and the identity location separation network terminal The conversion module is configured to perform identity encoding and IP address conversion according to the identifier conversion item saved by the identifier allocation module. Preferably, the identity code of the identity location separation network (hereinafter referred to as UID) uses a 32-bit binary format similar to the IPV4 address, so that the identity location separation network can be compatible with the existing IPV4 terminal during the promotion process, that is, the existing terminal IPV4. The protocol stack can access the identity location separation network without modification.
由于互联网的 IPV4地址几乎已经使用完毕,无法划出足够大的一块独立 地址空间给身份位置分离网络使用, 故本发明中身份位置分离网络的 UID空 间与互联网的 IPV4地址空间互相重叠。 为了通过身份编码或 IP地址区分网 内通信及网间互通, 对 UID空间及 IP地址空间做以下处理:  Since the IPV4 address of the Internet is almost used, it is impossible to draw a sufficiently large independent address space for the identity location separation network. Therefore, in the present invention, the UID space of the identity location separation network overlaps with the IPV4 address space of the Internet. In order to distinguish between intra-network communication and inter-network communication through identity coding or IP address, the following processing is performed on the UID space and the IP address space:
身份位置分离网络从其 UID空间中指定一部分作为需要互通的互联网终 端的临时 UID空间, 称为互通 UID空间。 所述互联网终端的所述身份编码是 所述互通身份编码空间的互通身份编码;  The identity location separation network designates a part of its UID space as a temporary UID space of the Internet terminal that needs to communicate with each other, which is called an interworking UID space. The identity code of the Internet terminal is an interworking identity code of the interworking identity coding space;
互联网从 IPV4 空间中指定一部分作为需要互通的身份位置分离网络终 端的临时 IP地址空间, 称为互通 IP地址空间。 所述身份位置分离网络终端 的 IP地址是所述互通 IP地址空间的互通 IP地址;  The Internet specifies a part of the IPV4 space as a temporary IP address space separating the network terminals from the identity locations that need to be interworked, called the interworking IP address space. The IP address of the identity location separation network terminal is an interworking IP address of the interworking IP address space;
在身份位置分离网络和互联网之间, 设定一个或者多个互通网关。 在身 份位置分离网络, 互通网关是互通 UID的路由终点即身份位置分离网络中所 有以互通 UID作为目的地址的数据包都会被转发到互通网关; 在互联网, 互 通网关是互通 IP地址的路由终点, 即互联网中所有以互通 IP地址作为目的 地址的数据包都会被转发到互通网关。  One or more interworking gateways are set up between the identity location separation network and the Internet. In the identity location separation network, the interworking gateway is the routing end point of the interworking UID, that is, all the packets in the identity separation network with the interworking UID as the destination address are forwarded to the interworking gateway; on the Internet, the interworking gateway is the routing end point of the interworking IP address, That is, all packets on the Internet with the interworking IP address as the destination address will be forwarded to the interworking gateway.
对于需要与互联网终端通信的身份位置分离网络终端, 在互通网关中给 它分配一个临时或者永久的互通 IP地址及端口号,建立终端 UID/端口号到这 个互通 IP地址 /端口号的标识转换项; 同样,对于需要与身份位置分离网络终 端通信的互联网终端, 在互通网关中给它分配一个临时或者永久的互通 UID 及端口号, 建立终端 IP地址 /端口号到这个互通 UID/端口号的标识转换项。 互通网关根据标识转换项, 实现两个网络数据包格式的转换, 以及源 /目 的 IP地址与源 /目的 UID之间的转换。  For the identity location separation network terminal that needs to communicate with the Internet terminal, assign it a temporary or permanent interworking IP address and port number in the interworking gateway, and establish an identifier conversion item of the terminal UID/port number to the interworking IP address/port number. Similarly, for an Internet terminal that needs to communicate with the identity location separate network terminal, assign it a temporary or permanent interworking UID and port number in the interworking gateway, and establish the terminal IP address/port number to the identity of the interworking UID/port number. Conversion item. The interworking gateway implements the conversion of the two network packet formats and the conversion between the source/destination IP address and the source/destination UID according to the identification conversion item.
本发明还提供了一种互通网关, 具体如上所述。  The present invention also provides an interworking gateway, as described above.
本发明身份位置分离网络与互联网互通的实现方法包括身份位置分离网 络向互联网发送数据包的过程以及互联网向身份位置分离网络发送数据包的 过程, 以下对这两个过程进行具体描述。 The method for implementing the identity location separation network and the Internet interworking according to the present invention includes an identity location separation network The process of sending data packets to the Internet and the process of sending data packets from the Internet to the identity location separation network are described in detail below.
如图 2所示, 身份位置分离网络向互联网发送数据包的过程包括: 步骤 201 : 发送步骤, 所述身份位置分离网络向互通网关发送身份位置 分离网络数据包, 其中源地址是身份位置分离网络终端的身份编码, 目的地 址是互联网终端在身份位置分离网络的身份编码;  As shown in FIG. 2, the process for the identity location separation network to send a data packet to the Internet includes: Step 201: Sending, the identity location separation network sends an identity location separation network data packet to the interworking gateway, where the source address is an identity location separation network. The identity code of the terminal, the destination address is an identity code of the network terminal separating the network at the identity location;
步骤 202: 接收转发步骤, 所述互通网关接收所述身份位置分离网络发 送所述身份位置分离网络数据包, 并将所述身份位置分离网络数据包转换成 互联网数据包, 包括将所述源地址转换为所述身份位置分离网络终端在互联 网的 IP地址, 目的地址转换为互联网终端的 IP地址; 数据包转换后, 所述 互通网关将所述互联网数据包发送至所述互联网;  Step 202: Receive a forwarding step, the interworking gateway receives the identity location separation network, sends the identity location separation network data packet, and converts the identity location separation network data packet into an Internet data packet, including the source address. Converting to the identity location separating the IP address of the network terminal on the Internet, and converting the destination address to an IP address of the Internet terminal; after the data packet is converted, the interworking gateway sends the Internet data packet to the Internet;
步骤 203: 接收步骤, 所述互联网接收所述互通网关发送的互联网数据 包。  Step 203: The receiving step, the Internet receiving an internet data packet sent by the interworking gateway.
如图 3所示, 互联网向所述身份位置分离网络发送数据包的过程包括: 步骤 301 : 发送步骤, 所述互联网向所述互通网关发送互联网数据包, 其中源地址是互联网终端的 IP地址, 目的地址是身份位置分离网络终端在互 联网的 IP地址;  As shown in FIG. 3, the process for the Internet to send a data packet to the identity location separation network includes: Step 301: Sending, the Internet sending an Internet data packet to the interworking gateway, where the source address is an IP address of the Internet terminal, The destination address is the IP address of the Internet where the identity location separates the network terminal;
步骤 302: 所述互通网关接收所述互联网发送的所述互联网数据包; 步骤 303: 接收转发步骤, 所述互通网关接收所述互联网发送的所述互 联网数据包; 并将所述互联网数据包转换成身份位置分离网络数据包, 包括 将所述源地址转换为所述互联网终端在身份位置分离网络的身份编码, 目的 地址转换为身份位置分离网终端的身份编码; 数据包转换后, 所述互通网关 将所述身份位置分离网络数据包发送至所述身份位置分离网络;  Step 302: The interworking gateway receives the Internet data packet sent by the Internet. Step 303: Receive and forward, the interworking gateway receives the Internet data packet sent by the Internet; and convert the Internet data packet Separating the network data packet into an identity location, comprising: converting the source address into an identity code of the Internet terminal in the identity location separation network, and converting the destination address into an identity code of the identity location separation network terminal; after the data packet is converted, the interworking Transmitting, by the gateway, the identity location separated network data packet to the identity location separation network;
接收步骤: 所述身份位置分离网络接收所述互通网关发送的身份位置分 离网络数据包。  Receiving step: The identity location separation network receives the identity location separation network data packet sent by the interworking gateway.
步骤 202及 203前,所述互通网关为所述互联网终端分配所述身份编码, 为所述身份位置分离网络终端分配所述 IP地址, 并保存所述互联网终端及所 述身份位置分离网络终端的 IP地址与身份编码的标识转换项,步骤 202及 203 中, 所述互通网关根据所述标识转换项进行身份编码和 IP地址转换。 Before the steps 202 and 203, the interworking gateway allocates the identity code to the Internet terminal, allocates the IP address to the identity location separation network terminal, and saves the Internet terminal and the identity location separation network terminal. IP address and identity coded identification conversion item, steps 202 and 203 The interworking gateway performs identity coding and IP address translation according to the identifier conversion item.
所述身份编码空间的指定部分称为互通身份编码空间, 所述互联网终端 的所述身份编码是所述互通身份编码空间的互通身份编码; 所述 IP地址空间 的指定部分称为互通 IP地址空间, 所述身份位置分离网络终端的 IP地址是 所述互通 IP地址空间的互通 IP地址; 步骤 203及步骤 303中,所述身份位置 分离网络或所述互联网是通过判断数据包的目的地址为互通身份编码或互通 IP地址路由到所述互通网关的。  The designated part of the identity coding space is called an interworking identity coding space, and the identity code of the Internet terminal is an interworking identity code of the interworking identity coding space; the designated part of the IP address space is called an interworking IP address space. The IP address of the identity location separation network terminal is an interworking IP address of the interworking IP address space. In step 203 and step 303, the identity location separation network or the Internet is determined by interworking the destination address of the data packet. An identity code or interworking IP address is routed to the interworking gateway.
所述身份编码是 32比特二进制格式的编码,所述身份编码空间与所述 IP 地址空间是重叠的。  The identity code is a 32 bit binary format code, and the identity code space is overlapped with the IP address space.
下面结合附图和实施例对本发明作进一步说明。 应用实例:  The invention will now be further described with reference to the accompanying drawings and embodiments. Applications:
身份位置分离网络终端与互联网终端互通的示意图如图 4所示。  A schematic diagram of the identity location separation network terminal interworking with the Internet terminal is shown in FIG.
互联网的每个终端均有一个 32比特二进制编码的 IP地址, 这个地址既 代表终端的身份, 也代表终端的位置。 如图 1 中的终端 X, 具有 IP地址 223.20.20.2。  Each terminal on the Internet has a 32-bit binary-encoded IP address that represents both the identity of the terminal and the location of the terminal. Terminal X in Figure 1 has an IP address of 223.20.20.2.
身份位置分离网络釆用身份、 位置分离的技术, 每个终端既有一个身份 标识, 也有一个位置标识。 两个终端之间的通信是基于身份标识(UID ) 。 为了与现有的终端兼容, 并且具备足够容量的身份编码空间, 身份标识釆用 如 IP地址一样的 32 比特二进制格式。 如图 1 中的终端 A具有身份标识 201.1.1.10。  The identity location separation network uses the technology of identity and location separation. Each terminal has both an identity identifier and a location identifier. The communication between the two terminals is based on an identity (UID). In order to be compatible with existing terminals and have a sufficient capacity for the identity coding space, the identity tag uses a 32-bit binary format such as an IP address. Terminal A in Figure 1 has an identity of 201.1.1.10.
在互联网中通过路由设计,把所有目的地址为互通 IP地址的数据包都路 由到互通网关; 同样, 在身份位置分离网络中通过路由设计, 把所有目的地 址为互通 AID的数据包都路由到互通网关。  In the Internet, all the packets with the destination address being the interworking IP address are routed to the interworking gateway through the route design. Similarly, all the packets with the destination address being the interworking AID are routed to the interworking through the route design in the identity location separation network. Gateway.
在图 4所示的实例中, 身份位置分离网络终端 A需要与互联网终端 X通 信。 需要给 A分配一个互通 IP地址及端口号 (这里的端口号即指 TCP/UDP 端口号, 用以标识终端间的每个通信连接, 以下简称端口号) , 给 X分配一 个互通 UID及端口号。 在互通网关内部建立如下标识转换项:  In the example shown in Fig. 4, the identity location separation network terminal A needs to communicate with the Internet terminal X. You need to assign an interworking IP address and port number to A (the port number here refers to the TCP/UDP port number, which is used to identify each communication connection between terminals, hereinafter referred to as the port number), and assign an interworking UID and port number to X. . The following identification conversion items are established inside the interworking gateway:
A的 UID/端口号 ( 201.1.1.10/端口号 2000 ) < - > A的互通 IP地址 / 端口号 ( 172.10.10.1/端口号 8000 ) A's UID/port number (201.1.1.10/port number 2000) <->A's interworking IP address/ Port number (172.10.10.1 / port number 8000)
X的互通 UID/端口号 ( 10.10.10.1/端口号 3000 ) < - > X的 IP地址 / 端口号 ( 223.20.20.2/端口号 9000 )  Interworking of X UID/port number ( 10.10.10.1 / port number 3000 ) < - > X IP address / port number ( 223.20.20.2 / port number 9000 )
A发数据包给 X时: When A sends a packet to X:
1、 A把 X的互通 UID作为目的 UID, 自身 UID作为源 UID发出数据包。 在图 1的示例中, 目的 UID: 10.10.10.1/端口号 3000; 源 UID: 201.1.1.10/ 端口号 2000。  1. A uses the interworking UID of X as the destination UID, and the UID itself sends the data packet as the source UID. In the example of Figure 1, the destination UID: 10.10.10.1/port number 3000; source UID: 201.1.1.10/port number 2000.
2、 该数据包通过身份位置分离网络转发到了互通网关。  2. The data packet is forwarded to the interworking gateway through the identity location separation network.
3、 互通网关把该数据包转换成互联网的 IP数据包, 其中, 目的 IP地址 是 X的 IP地址, 源 IP地址是 A的互通 IP地址。 端口号也做相应的转换。  3. The interworking gateway converts the data packet into an IP data packet of the Internet, where the destination IP address is the IP address of X, and the source IP address is the interworking IP address of A. The port number is also converted accordingly.
在图 1的示例中, 目的 IP: 223.20.20.2/端口号 9000; 源 IP: 172.10.10.1/ 端口号 8000;  In the example of Figure 1, the destination IP: 223.20.20.2 / port number 9000; source IP: 172.10.10.1 / port number 8000;
4、 该数据包通过互联网转发到了 X。  4. The packet is forwarded to X over the Internet.
X发数据包给 A时: When X sends a packet to A:
1、 X把 A的互通 IP地址作为目的 IP地址 , 自身 IP地址作为源 IP地址 发出数据包;  1. X sends the data packet of A's interworking IP address as the destination IP address and its own IP address as the source IP address.
在图 1的示例中, 目的 IP: 172.10.10.1/端口号 8001 ;源 UID: 223.20.20.2/ 端口号 9001。  In the example of Figure 1, the destination IP: 172.10.10.1 / port number 8001; source UID: 223.20.20.2 / port number 9001.
2、 该数据包通过互联网转发到了互通网关;  2. The data packet is forwarded to the interworking gateway through the Internet;
3、 互通网关把该数据包转换成身份位置分离网络的数据包, 其中, 目的 UID是 A终端的 UID , 源 UID是 X终端的互通 UID;  3. The interworking gateway converts the data packet into a data packet of the identity location separation network, where the destination UID is the UID of the A terminal, and the source UID is the interworking UID of the X terminal;
在图 1的示例中,目的 UID: 201.1.1.10/端口号 2001 ; 源 UID: 10.10.10.1/ 端口号 3001  In the example of Figure 1, the destination UID: 201.1.1.10/port number 2001; source UID: 10.10.10.1/port number 3001
4、 该数据包通过身份位置分离网络转发到了终端 A。 按照这种方法, 身份位置分离网络终端和互联网终端实现了互通。 4. The data packet is forwarded to terminal A through the identity location separation network. According to this method, the identity location separation network terminal and the internet terminal implement interworking.
基于本发明思想, 釆用编码空间重叠的终端标识的两个网络, 如第一网 络和第二网络, 在两个网络之间设置互通网关, 互通网关为第一网络终端分 配其在第二网络的互通终端标识, 为第二网络终端分配其在第一网络的互通 终端标识, 以及将第一网络与第二网络之间的数据包进行终端标识转换, 实 现第一网络与第二网络之间的互通。 Based on the idea of the present invention, two networks, such as a first network and a second network, that code overlapping terminal identifiers are used, and an interworking gateway is set between the two networks, and the interworking gateway allocates the second network to the first network terminal. The interworking terminal identifier, the second network terminal is allocated its interworking terminal identifier in the first network, and the data packet between the first network and the second network is converted by the terminal identifier, so as to implement the first network and the second network Interoperability.
具体地, 所述第一网络和第二网络釆用编码空间重叠的终端标识, 且通 过互通网关相连接, 第一网络和第二网络的互通实现方法包括:  Specifically, the first network and the second network use the terminal identifiers that overlap in the coding space, and are connected by the interworking gateway. The interworking implementation manners of the first network and the second network include:
互通网关为第一网络终端分配其在第二网络的终端标识, 为第二网络终 端分配其在第一网络的终端标识,并建立与所分配的标识对应的标识转换项; 互通网关接收第一网络或第二网络发送的数据包, 其中源、 目的地址为 第一网络终端及第二网络终端在作为源网络的所述第一或第二网络中的终端 标识;  The interworking gateway allocates the terminal identifier of the second network to the first network terminal, allocates the terminal identifier of the second network terminal to the second network terminal, and establishes an identifier conversion item corresponding to the assigned identifier; the interworking gateway receives the first a data packet sent by the network or the second network, where the source and destination addresses are the terminal identifiers of the first network terminal and the second network terminal in the first or second network as the source network;
互通网关对接收的数据包进行转换, 包括根据标识转换项将源、 目的地 址转换为第一网络终端和第二网络终端在作为目的网络的第二或第一网络中 的终端标识; 以及  Transmitting, by the interworking gateway, the received data packet, comprising: converting the source and the destination address according to the identifier conversion item into a terminal identifier of the first network terminal and the second network terminal in the second or first network as the destination network;
互通网关将转换后的数据包发送给作为目的网络的第二或第一网络。  The interworking gateway sends the converted data packet to the second or first network that is the destination network.
与以上对应的互通网络包括第一网络、 第二网络及连接第一网络和第二 网络的互通网关, 其中: The interworking network corresponding to the above includes a first network, a second network, and an interworking gateway connecting the first network and the second network, where:
第一网络设置成向互通网关发送数据包或接收互通网关发送的数据包, 所述数据包的源、 目的地址为第一网络终端和第二网络终端在第一网络中的 终端标识;  The first network is configured to send a data packet to the interworking gateway or receive a data packet sent by the interworking gateway, where the source and destination addresses of the data packet are the terminal identifiers of the first network terminal and the second network terminal in the first network;
第二网络釆用编码空间与第一网络的编码空间重叠的终端标识, 并设置 成向互通网关发送数据包或接收互通网关发送的数据包, 所述数据包的源、 目的地址为第一网络终端和第二网络终端在第二网络中的终端标识;  The second network uses a terminal identifier that overlaps the coding space of the first network, and is configured to send a data packet to the interworking gateway or receive a data packet sent by the interworking gateway, where the source and destination addresses of the data packet are the first network. a terminal identifier of the terminal and the second network terminal in the second network;
互通网关设置成: 为第一网络终端分配在第二网络的终端标识, 为第二 网络终端分配在第一网络的终端标识, 建立与所分配的标识对应的标识转换 项; 接收第一网络或第二网络发送的数据包, 对接收的数据包进行转换, 包 括根据标识转换项将源、 目的地址转换为第一网络终端和第二网络终端在作 为目的网络的第二或第一网络中的终端标识; 以及向作为目的网络的第二网 络或第一网络发送转换后的数据包。 The interworking gateway is configured to: allocate, to the first network terminal, a terminal identifier of the second network, which is a second The network terminal allocates the terminal identifier of the first network, and establishes an identifier conversion item corresponding to the allocated identifier; receiving the data packet sent by the first network or the second network, and converting the received data packet, including converting according to the identifier Converting the source and destination addresses into terminal identifiers of the first network terminal and the second network terminal in the second or first network as the destination network; and transmitting the converted data packet to the second network or the first network as the destination network .
本发明方法、 互通网络及互通网关, 通过互通网关对需要互通的数据包 的转换处理, 实现不同终端标识的两个网络的终端之间的互通, 具体地将接 收的数据包中源、 目的地址的源网络终端标识转换为目的网络终端标识, 针 对身份位置分离网络与传统互联网的互通, 身份位置分离网络的身份编码釆 用 32比特二进制格式的编码, 与所述 IP地址空间重叠, 实现了与传统互联 网终端的兼容, 在身份编码空间划分出用于实现互通的互通身份编码空间, 在 IP地址空间划分出用于实现互通的互通 IP地址空间, 可以方便路由设计 和判断, 即在互联网中通过路由设计, 把所有目的地址为互通 IP地址的数据 包都路由到互通网关; 同样, 在身份位置分离网络中通过路由设计, 把所有 目的地址为互通 AID的数据包都路由到互通网关。 The method, the interworking network and the interworking gateway of the present invention exchange the data packets that need to be interworked through the interworking gateway, and realize the interworking between the terminals of the two networks identified by different terminals, specifically the source and destination addresses of the received data packets. The source network terminal identifier is converted into the destination network terminal identifier, and the identity location separation network and the traditional Internet are intercommunicated, and the identity code of the identity location separation network is encoded in a 32-bit binary format, and overlaps with the IP address space, thereby realizing The compatibility of the traditional Internet terminal, the inter-identification identity coding space for interworking is divided in the identity coding space, and the interworking IP address space for interworking is divided in the IP address space, which can facilitate routing design and judgment, that is, pass through the Internet. The routing design routes all the data packets whose destination addresses are the interworking IP addresses to the interworking gateway. Similarly, in the identity location separation network, all the data packets with the destination address being the interworking AID are routed to the interworking gateway through the route design.
工业实用性 Industrial applicability
与现有技术相比,本发明通过互通网关对需要互通的数据包的转换处理, 实现不同终端标识的两个网络的终端之间的互通, 实现了与传统互联网终端 的兼容, 在身份编码空间划分出用于实现互通的互通身份编码空间, 在 IP地 址空间划分出用于实现互通的互通 IP地址空间, 可以方便路由设计和判断。  Compared with the prior art, the present invention implements the interworking between the two network terminals of different terminal identifiers through the interworking gateway to convert the data packets that need to be interworked, and realizes compatibility with the traditional Internet terminal, in the identity coding space. The interworking identity coding space for interworking is divided, and the interworking IP address space for interworking is divided in the IP address space, which facilitates route design and judgment.

Claims

权 利 要 求 书 Claim
1、 一种身份位置分离网络与互联网的互通方法, 其特征在于: 所述身份 位置分离网络釆用身份编码区别终端, 所述互联网釆用 IP地址区别终端; 所 述方法包括: 所述身份位置分离网络通过如下方式向互联网发送数据包: 所述身份位置分离网络向互通网关发送身份位置分离网络数据包, 其中 源地址是身份位置分离网络终端的身份编码, 目的地址是互联网终端在身份 位置分离网络的身份编码; An interworking method for an identity location separation network and an Internet, characterized in that: the identity location separation network uses an identity code to distinguish a terminal, and the Internet uses an IP address to distinguish a terminal; the method includes: the identity location The separation network sends a data packet to the Internet by: the identity location separation network sends an identity location separation network data packet to the interworking gateway, where the source address is an identity code of the identity location separation network terminal, and the destination address is an Internet terminal separated at the identity location Identity code of the network;
所述互通网关接收所述身份位置分离网络发送的所述身份位置分离网络 数据包, 并将所述身份位置分离网络数据包转换成互联网数据包, 包括将所 述源地址转换为所述身份位置分离网络终端在互联网的 IP地址,将目的地址 转换为互联网终端的 IP地址; 数据包转换后, 所述互通网关将所述互联网数 据包发送至所述互联网; 以及  Receiving, by the interworking gateway, the identity location separation network data packet sent by the identity location separation network, and converting the identity location separation network data packet into an internet data packet, including converting the source address into the identity location Separating the IP address of the network terminal from the Internet to convert the destination address to the IP address of the Internet terminal; after the data packet is converted, the interworking gateway sends the Internet data packet to the Internet;
所述互联网接收所述互通网关发送的互联网数据包。  The Internet receives an internet data packet sent by the interworking gateway.
2、 如权利要 1求所述的方法, 还包括: 所述互联网通过如下方式向所述 身份位置分离网络发送数据包: 2. The method of claim 1, further comprising: said internet transmitting a data packet to said identity location separation network by:
所述互联网向所述互通网关发送互联网数据包, 其中源地址是互联网终 端的 IP地址, 目的地址是身份位置分离网络终端在互联网的 IP地址;  The Internet sends an Internet data packet to the interworking gateway, where the source address is an IP address of the Internet terminal, and the destination address is an IP address of the Internet where the identity location is separated from the network terminal;
所述互通网关接收所述互联网发送的所述互联网数据包; 并将所述互联 网数据包转换成身份位置分离网络数据包, 包括将所述源地址转换为所述互 联网终端在身份位置分离网络的身份编码, 目的地址转换为身份位置分离网 终端的身份编码; 数据包转换后, 所述互通网关将所述身份位置分离网络数 据包发送至所述身份位置分离网络; 以及  Receiving, by the interworking gateway, the Internet data packet sent by the Internet; and converting the Internet data packet into an identity location separation network data packet, including converting the source address into the network terminal in an identity location separation network Identity code, the destination address is converted into an identity code of the identity location separation network terminal; after the data packet is converted, the interworking gateway sends the identity location separation network data packet to the identity location separation network;
所述身份位置分离网络接收所述互通网关发送的身份位置分离网络数据 包。  The identity location separation network receives the identity location separation network data packet sent by the interworking gateway.
3、 如权利要求 2所述的方法, 还包括: 所述互通网关在接收身份位置分 离网络数据包或互联网数据包之前, 为所述互联网终端分配身份编码, 为所 述身份位置分离网络终端分配 IP地址, 并保存所述互联网终端及所述身份位 置分离网络终端的 IP地址与身份编码的标识转换项; 将所述身份位置分离网络数据包转换成互联网数据包的步骤中, 所述互 通网关是根据所保存的标识转换项将所述源地址转换为所述身份位置分离网 络终端在互联网的 IP地址, 将所述目的地址转换为互联网终端的 IP地址; 将所述互联网数据包转换成身份位置分离网络数据包的步骤中, 所述互 通网关是根据所保存的标识转换项将所述源地址转换为所述互联网终端在身 份位置分离网络的身份编码, 将所述目的地址转换为身份位置分离网终端的 身份编码。 3. The method of claim 2, further comprising: the interworking gateway assigning an identity code to the Internet terminal and assigning the identity location to the network terminal before receiving the identity location to separate the network data packet or the Internet data packet IP address, and save the internet terminal and the identity bit Separating an IP address of the network terminal from the identity coded conversion item; in the step of converting the identity location separated network data packet into an Internet data packet, the interworking gateway is configured to convert the source address according to the saved identity conversion item Converting to the IP address of the identity location separation network terminal on the Internet, converting the destination address to an IP address of the Internet terminal; in the step of converting the Internet data packet into an identity location separation network data packet, the interworking gateway And converting the source address into an identity code of the Internet terminal in the identity location separation network according to the saved identity conversion item, and converting the destination address into an identity code of the identity location separation network terminal.
4、 如权利要求 2所述的方法, 还包括: 在所述身份位置分离网络的身份编码空间中指定一部分作为互通身份编 码空间, 其中, 所述互联网终端在所述身份位置分离网络的身份编码是所述 互通身份编码空间的互通身份编码; 以及 在所述互联网的 IP地址空间中指定一部分作为互通 IP地址空间, 其中, 所述身份位置分离网络终端在互联网的 IP地址是所述互通 IP地址空间的互 通 IP地址; 所述身份位置分离网络向互通网关发送身份位置分离网络数据包的步骤 中, 所述身份位置分离网络通过判断所述目的地址为互通身份编码路由到所 述互通网关; 4. The method of claim 2, further comprising: designating a portion of the identity coding space of the identity location separation network as an interworking identity coding space, wherein the Internet terminal separates an identity code of the network at the identity location Is an interworking identity code of the interworking identity coding space; and designating a part of the IP address space of the Internet as an interworking IP address space, where the IP address of the identity location separation network terminal on the Internet is the interworking IP address The interworking IP address of the space; the step of the identity location separation network transmitting the identity location separation network data packet to the interworking gateway, the identity location separation network routing to the interworking gateway by determining that the destination address is an interworking identity code;
过判断所述目的地址为互通 IP地址路由到所述互通网关。 The determining that the destination address is an interworking IP address is routed to the interworking gateway.
5、 如权利要求 1或 2所述的方法, 其中, 所述身份编码是 32比特二进 制格式的编码, 所述身份位置分离网络的身份编码空间与所述互联网的 IP地 址空间是重叠的。 The method according to claim 1 or 2, wherein the identity code is a code of a 32-bit binary format, and an identity code space of the identity location separation network overlaps with an IP address space of the Internet.
6、 一种互通网络, 包括身份位置分离网络、 互联网及连接所述身份位置 分离网络与所述互联网的互通网关, 其中: 所述身份位置分离网络釆用身份编码区别终端, 并设置成: 向所述互通 网关发送身份位置分离网络数据包, 其中源地址是身份位置分离网络终端的 身份编码, 目的地址是互联网终端在身份位置分离网络的身份编码; 6. An interworking network, comprising an identity location separation network, an Internet, and an interworking gateway connecting the identity location separation network and the Internet, wherein: The identity location separation network distinguishes the terminal by using an identity code, and is configured to: send an identity location separation network data packet to the interworking gateway, where the source address is an identity code of the identity location separation network terminal, and the destination address is an identity of the Internet terminal. The identity code of the location separation network;
所述互通网关包括相互连接的收发模块及转换模块, 其中, 所述收发模 块设置成接收所述身份位置分离网络发送的身份位置分离网络数据包以及向 所述互联网发送转换后的互联网数据包; 所述转换模块设置成将所述收发模 块接收的身份位置分离网络数据包转换成互联网数据包, 包括将所述源地址 转换为所述身份位置分离网络终端在互联网的 IP地址,将目的地址转换为互 联网终端的 IP地址;  The interworking gateway includes a transceiver module and a conversion module that are connected to each other, wherein the transceiver module is configured to receive an identity location separation network data packet sent by the identity location separation network, and send the converted Internet data packet to the Internet; The conversion module is configured to convert the identity location separated network data packet received by the transceiver module into an Internet data packet, including converting the source address into the IP address of the identity location separation network terminal in the Internet, and converting the destination address The IP address of the Internet terminal;
所述互联网釆用 IP地址区别终端, 并设置成接收所述互通网关发送的互 联网数据包。  The Internet uses an IP address to distinguish the terminal and is configured to receive an Internet data packet sent by the interworking gateway.
7、 如权利要求 6所述的互通网络, 其中, 7. The interworking network according to claim 6, wherein
所述互联网还设置成: 向所述互通网关发送互联网数据包, 其中源地址 是互联网终端的 IP地址, 目的地址是身份位置分离网络终端在互联网的 IP 地址;  The Internet is further configured to: send an Internet data packet to the interworking gateway, where the source address is an IP address of the Internet terminal, and the destination address is an IP address of the Internet where the identity location separates the network terminal;
所述互通网关的收发模块还设置成接收所述互联网发送的互联网数据包 以及向所述身份位置分离网络发送转换后的身份位置分离网络数据包; 所述 转换模块还设置成将所述收发模块接收的互联网数据包转换成身份位置分离 网络数据包, 包括将所述源地址转换为所述互联网终端在身份位置分离网络 的身份编码, 将目的地址转换为身份位置分离网终端的身份编码;  The transceiver module of the interworking gateway is further configured to receive the Internet data packet sent by the Internet and send the converted identity location separation network data packet to the identity location separation network; the conversion module is further configured to: the transceiver module Converting the received Internet data packet into an identity location separation network data packet, including converting the source address into an identity code of the Internet terminal separating the network in the identity location, and converting the destination address into an identity code of the identity location separation network terminal;
所述身份位置分离网络还设置成接收所述互通网关发送的身份位置分离 网络数据包。  The identity location separation network is further configured to receive an identity location separation network packet sent by the interworking gateway.
8、 如权利要求 7所述的互通网络, 其中, 所述互通网关还包括与所述转 换模块连接的标识分配模块, 所述标识分配模块设置成: 为所述互联网终端 分配在所述身份位置分离网络的身份编码, 为所述身份位置分离网络终端分 配在所述互联网的 IP地址, 以及, 保存所述互联网终端及所述身份位置分离 网络终端的 IP地址与身份编码的标识转换项; 所述转换模块是设置成: 在将身份位置分离网络数据包转换成互联网数据包时, 根据所述标识转 换项将所述源地址转换为所述身份位置分离网络终端在互联网的 IP地址,将 所述目的地址转换为互联网终端的 IP地址; 以及 在将互联网数据包转换成身份位置分离网络数据包时, 根据所述标识转 换项将所述源地址转换为所述互联网终端在身份位置分离网络的身份编码, 将目的地址转换为身份位置分离网终端的身份编码。 8. The interworking network of claim 7, wherein the interworking gateway further comprises an identity assignment module coupled to the conversion module, the identity assignment module configured to: assign the internet terminal to the identity location Separating an identity code of the network, assigning an IP address of the Internet to the identity location separation network terminal, and storing an identifier conversion item of the IP address and the identity code of the network terminal and the identity location separation network terminal; The conversion module is configured to: when converting the identity location separated network data packet into an internet data packet, converting the source address to the IP address of the identity location separation network terminal in the Internet according to the identity conversion item, Converting the destination address to an IP address of the Internet terminal; and converting the source address to the Internet terminal in the identity location separation network according to the identifier conversion item when converting the Internet data packet into the identity location separation network data packet; The identity code, which translates the destination address into the identity code of the identity location separation network terminal.
9、 如权利要求 7所述的互通网络, 其中, 所述身份位置分离网络还设置成: 在身份编码空间中指定一部分作为互 通身份编码空间, 所述互联网终端在所述身份位置分离网络的身份编码是所 述互通身份编码空间的互通身份编码, 以及, 在向互通网关发送身份位置分 离网络数据包时, 通过判断所述目的地址为互通身份编码路由到所述互通网 关; 所述互联网还设置成: 在 IP地址空间中指定一部分作为互通 IP地址空 间, 所述身份位置分离网络终端在所述互联网的 IP地址是所述互通 IP地址 空间的互通 IP地址, 以及, 在向所述互通网关发送互联网数据包时, 通过判 断所述目的地址为互通 IP地址路由到所述互通网关。 9. The interworking network according to claim 7, wherein the identity location separation network is further configured to: designate a part of the identity coding space as an interworking identity coding space, and the Internet terminal separates the identity of the network at the identity location. Encoding is an interworking identity code of the interworking identity coding space, and, when transmitting an identity location separation network data packet to the interworking gateway, determining that the destination address is an interworking identity code route to the interworking gateway; Forming: a part of the IP address space as an interworking IP address space, the IP address of the identity location separation network terminal in the Internet is an interworking IP address of the interworking IP address space, and sending to the interworking gateway The Internet data packet is routed to the interworking gateway by determining that the destination address is an interworking IP address.
10、 如权利要求 6或 7所述的互通网络, 其中, 所述身份编码是 32比特 二进制格式的编码, 所述身份位置分离网络的身份编码空间与所述互联网的 IP地址空间是重叠的。 10. The interworking network according to claim 6 or 7, wherein the identity coding is a coding in a 32-bit binary format, and an identity coding space of the identity location separation network overlaps with an IP address space of the Internet.
11、 一种互通网络, 包括身份位置分离网络、 互联网及连接所述身份位 置分离网络与所述互联网的互通网关, 其中: 11. An interworking network, comprising an identity location separation network, an Internet, and an interworking gateway connecting the identity separation network to the Internet, wherein:
所述身份位置分离网络釆用身份编码作为终端区别标识, 并设置成实现 身份位置分离网络终端之间的通信以及通过所述互通网关与所述互联网进行 通信;  The identity location separation network uses the identity code as the terminal identity identifier, and is configured to implement communication between the identity location separation network terminals and to communicate with the Internet through the interworking gateway;
所述互联网釆用 IP地址作为终端区别标识, 并设置成通过所述互通网关 与所述身份位置分离网络进行通信; The Internet uses the IP address as the terminal distinguishing identifier, and is set to pass through the interworking gateway Communicating with the identity location separation network;
所述互通网关设置成: 为互联网终端分配身份编码, 为身份位置分离网 络终端分配 IP地址, 保存身份编码与 IP地址的标识转换项, 以及, 根据所 述标识转换项实现终端区别标识转换及身份位置分离网络与互联网之间的数 据转发。  The interworking gateway is configured to: assign an identity code to the Internet terminal, assign an IP address to the identity location separation network terminal, save an identity conversion item of the identity code and the IP address, and implement terminal differentiated identity conversion and identity according to the identity conversion item. The location separates the data forwarding between the network and the Internet.
12、 如权利要求 11所述的互通网络, 其中, 所述身份位置分离网络还设置成: 在身份编码空间中指定一部分作为互 通身份编码空间, 所述互通网关为所述互联网终端分配的身份编码是互通身 份编码; 所述互联网还设置成: 在 IP地址空间中指定一部分作为互通 IP地址空 间, 所述互通网关为所述身份位置分离网络终端分配的 IP地址是互通 IP地 址。 The interworking network according to claim 11, wherein the identity location separation network is further configured to: designate a part of the identity coding space as an interworking identity coding space, and the interworking gateway allocates an identity code to the internet terminal. The Internet is also configured to: specify a part of the IP address space as an interworking IP address space, and the IP address assigned by the interworking gateway to the identity location separation network terminal is an interworking IP address.
13、 如权利要求 11所述的互通网络, 其中, 所述身份编码是 32比特二 进制格式的编码, 所述身份位置分离网络的身份编码空间与所述互联网的 IP 地址空间是重叠的。 13. The interworking network according to claim 11, wherein the identity code is a code in a 32-bit binary format, and an identity code space of the identity location separation network overlaps with an IP address space of the Internet.
14、 一种互通网关, 其特征在于: 所述互通网关与身份位置分离网络及 互联网连接, 以实现所述身份位置分离网络与所述互联网之间的通信, 所述 身份位置分离网络釆用身份编码作为终端区别标识, 所述互联网釆用 IP地址 作为终端区别标识, 所述互通网关包括相互连接的收发模块及转换模块, 其 中: An interworking gateway, characterized in that: the interworking gateway is connected to an identity location separation network and an Internet, to implement communication between the identity location separation network and the Internet, and the identity location separation network uses identity The code is used as the terminal difference identifier, and the Internet uses the IP address as the terminal difference identifier, and the interworking gateway includes the transceiver module and the conversion module that are connected to each other, where:
所述收发模块设置成: 接收所述身份位置分离网络发送的身份位置分离 网络数据包并向所述互联网发送转换后的互联网数据包; 以及, 接收所述互 联网发送的互联网数据包并向所述身份位置分离网络发送转换后的身份位置 分离网络数据包;  The transceiver module is configured to: receive an identity location separation network data packet sent by the identity location separation network, and send the converted Internet data packet to the Internet; and receive the Internet data packet sent by the Internet and send the The identity location separation network sends the converted identity location to separate the network data packet;
所述转换模块设置成: 将所述收发模块接收的身份位置分离网络数据包 转换成互联网数据包, 包括将所述身份编码转换为所述 IP地址; 以及, 将所 述收发模块接收的互联网数据包转换成身份位置分离网络数据包, 包括将所 述 IP地址转换为所述身份编码。 The conversion module is configured to: convert the identity location separated network data packet received by the transceiver module into an Internet data packet, including converting the identity code into the IP address; and: receiving Internet data received by the transceiver module Packets are converted into identity locations to separate network packets, including The IP address is translated into the identity code.
15、如权利要求 14所述的互通网关, 还包括与所述转换模块连接的标识 分配模块, 所述标识分配模块设置成: 为所述互联网终端分配互通身份编码 空间的互通身份编码, 为所述身份位置分离网络终端分配互通 IP地址空间的 互通 IP地址, 保存所述互联网终端的 IP地址与分配的互通身份编码的标识 转换项, 以及保存所述身份位置分离网络终端的身份编码与分配的互通 IP地 址的标识转换项; 其中所述互通身份编码空间为所述身份位置分离网络的身 份编码空间的指定部分, 所述互通 IP地址空间为所述互联网的 IP地址空间 的指定部分; 所述转换模块是设置成根据所述标识分配模块保存的标识转换项进行身 份编码与 IP地址的转换。 The interworking gateway of claim 14, further comprising an identity assignment module coupled to the conversion module, the identifier assignment module configured to: assign an interworking identity code for the interworking identity coding space to the internet terminal, The identity location separation network terminal allocates an interworking IP address of the interworking IP address space, saves the IP address of the Internet terminal and the assigned identity conversion item of the interworking identity code, and saves the identity coding and allocation of the identity location separation network terminal An identifier conversion item of the interworking IP address; wherein the interworking identity coding space is a designated part of an identity coding space of the identity location separation network, and the interworking IP address space is a designated part of an IP address space of the Internet; The conversion module is configured to perform identity encoding and IP address conversion according to the identifier conversion item saved by the identifier allocation module.
16、 如权利要求 14所述的互通网关, 其中, 所述身份编码是 32比特二 进制格式的编码, 所述身份位置分离网络的身份编码空间与所述互联网的 IP 地址空间是重叠的。 The interworking gateway according to claim 14, wherein the identity code is a code in a 32-bit binary format, and an identity code space of the identity location separation network overlaps with an IP address space of the Internet.
17、 一种第一网络和第二网络的互通方法, 其特征在于, 所述第一网络 和第二网络釆用编码空间重叠的终端标识, 且通过互通网关相连接, 该方法 包括: An interworking method of the first network and the second network, wherein the first network and the second network use terminal identifiers that overlap in the coding space, and are connected by the interworking gateway, the method includes:
所述互通网关为第一网络终端分配在第二网络的终端标识, 为第二网络 终端分配在第一网络的终端标识, 并建立与所分配的终端标识对应的标识转 换项;  The interworking gateway allocates a terminal identifier of the second network to the first network terminal, allocates a terminal identifier of the first network to the second network terminal, and establishes an identifier conversion item corresponding to the allocated terminal identifier;
所述互通网关接收第一网络或第二网络发送的数据包, 其中源地址和目 的地址为第一网络终端及第二网络终端在作为源网络的所述第一网络或第二 网络中的终端标识;  The interworking gateway receives a data packet sent by the first network or the second network, where the source address and the destination address are the first network terminal and the second network terminal are in the first network or the second network as the source network. Identification
所述互通网关对接收的数据包进行转换, 包括根据标识转换项将源地址 和目的地址转换为第一网络终端和第二网络终端在作为目的网络的第二网络 或第一网络中的终端标识; 以及  Converting, by the interworking gateway, the received data packet, including converting the source address and the destination address into the second network or the terminal identifier in the first network as the destination network of the first network terminal and the second network terminal according to the identifier conversion item ; as well as
所述互通网关将转换后的数据包发送给作为目的网络的第二网络或第一 网络。 Transmitting the converted data packet to the second network or the first network as the destination network The internet.
18、 一种互通网络, 包括第一网络、 第二网络及连接第一网络和第二网 络的互通网关, 其中: 18. An interworking network, comprising: a first network, a second network, and an interworking gateway connecting the first network and the second network, wherein:
所述第一网络设置成向所述互通网关发送数据包或接收互通网关发送的 数据包, 其中, 所发送或接收的数据包的源地址和目的地址为第一网络终端 和第二网络终端在第一网络中的终端标识;  The first network is configured to send a data packet to the interworking gateway or receive a data packet sent by the interworking gateway, where the source address and the destination address of the sent or received data packet are the first network terminal and the second network terminal. a terminal identifier in the first network;
所述第二网络釆用编码空间与所述第一网络的编码空间重叠的终端标 识, 并设置成向互通网关发送数据包或接收互通网关发送的数据包, 所发送 或接收的数据包的源地址和目的地址为第一网络终端和第二网络终端在第二 网络中的终端标识;  The second network uses a terminal identifier that overlaps with an encoding space of the first network, and is configured to send a data packet to the interworking gateway or receive a data packet sent by the interworking gateway, and the source of the data packet sent or received. The address and the destination address are terminal identifiers of the first network terminal and the second network terminal in the second network;
所述互通网关设置成:为第一网络终端分配在所述第二网络的终端标识 , 为第二网络终端分配在所述第一网络的终端标识, 建立与所分配的终端标识 对应的标识转换项; 接收所述第一网络或所述第二网络发送的数据包, 并对 接收的数据包进行转换, 包括根据所述标识转换项将所接收的数据包的源地 址和目的地址转换为第一网络终端和第二网络终端在作为目的网络的第二网 络或第一网络中的终端标识; 以及, 向作为目的网络的第二网络或第一网络 发送转换后的数据包。  The interworking gateway is configured to: assign a terminal identifier of the second network to the first network terminal, allocate a terminal identifier of the first network to the second network terminal, and establish an identifier conversion corresponding to the allocated terminal identifier. Receiving a data packet sent by the first network or the second network, and converting the received data packet, including converting the source address and the destination address of the received data packet into the first according to the identifier conversion item; a network terminal and a second network terminal in the second network or the first network as the destination network; and transmitting the converted data packet to the second network or the first network as the destination network.
PCT/CN2011/071863 2011-03-16 2011-03-16 Method for intercommunicating between location-and-identity-separation network and internet, and intercommunication network thereof WO2012122709A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/CN2011/071863 WO2012122709A1 (en) 2011-03-16 2011-03-16 Method for intercommunicating between location-and-identity-separation network and internet, and intercommunication network thereof

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2011/071863 WO2012122709A1 (en) 2011-03-16 2011-03-16 Method for intercommunicating between location-and-identity-separation network and internet, and intercommunication network thereof

Publications (1)

Publication Number Publication Date
WO2012122709A1 true WO2012122709A1 (en) 2012-09-20

Family

ID=46830033

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2011/071863 WO2012122709A1 (en) 2011-03-16 2011-03-16 Method for intercommunicating between location-and-identity-separation network and internet, and intercommunication network thereof

Country Status (1)

Country Link
WO (1) WO2012122709A1 (en)

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1870583A (en) * 2005-08-24 2006-11-29 华为技术有限公司 Method for implementing communication of mobile IPv6 node and IPv4 communication buddy
US20070274312A1 (en) * 2004-02-13 2007-11-29 Patrik Salmela Addressing Method and Method and Apparatus for Establishing Host Identity Protocol (Hip) Connections Between Legacy and Hip Nodes
CN101237422A (en) * 2007-01-30 2008-08-06 张雪云 Organization instant messaging system and method
CN101656765A (en) * 2009-09-14 2010-02-24 中兴通讯股份有限公司 Address mapping system and data transmission method of identifier/locator separation network
CN101938413A (en) * 2010-08-26 2011-01-05 北京交通大学 Method for transition from traditional internet to universal identifier network
CN102025588A (en) * 2009-09-15 2011-04-20 中兴通讯股份有限公司 Intercommunication method and intercommunication network of identification and position separating network and Internet

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070274312A1 (en) * 2004-02-13 2007-11-29 Patrik Salmela Addressing Method and Method and Apparatus for Establishing Host Identity Protocol (Hip) Connections Between Legacy and Hip Nodes
CN1870583A (en) * 2005-08-24 2006-11-29 华为技术有限公司 Method for implementing communication of mobile IPv6 node and IPv4 communication buddy
CN101237422A (en) * 2007-01-30 2008-08-06 张雪云 Organization instant messaging system and method
CN101656765A (en) * 2009-09-14 2010-02-24 中兴通讯股份有限公司 Address mapping system and data transmission method of identifier/locator separation network
CN102025588A (en) * 2009-09-15 2011-04-20 中兴通讯股份有限公司 Intercommunication method and intercommunication network of identification and position separating network and Internet
CN101938413A (en) * 2010-08-26 2011-01-05 北京交通大学 Method for transition from traditional internet to universal identifier network

Similar Documents

Publication Publication Date Title
CN103428220B (en) A kind of method building the virtual reconstruction ubiquitous network architectural framework that identity-based position is separated
EP1650916B1 (en) The system and method for realize multimedia call crossover the private network
JP4715521B2 (en) Communication system and call control server
WO2011032481A1 (en) Communication method, method for forwarding data message during the communication process and communication node thereof
KR101320538B1 (en) Method and system for implementing network intercommunication
WO2011032479A1 (en) Network based on identity identifier and location separation architecture, backbone network, and network element thereof
CN104919766A (en) Path switching procedure for device-to-device communication
KR20180125465A (en) Improved Routing, Diagnostics, and Content-Overloading of Address Space for Relay Networks
WO2016020726A1 (en) Data transfer in a system of connected things
CN102025600B (en) Method, system and router for transmitting and receiving data
CN102025658B (en) Method and system for realizing intercommunication between identity network and internet
WO2011032447A1 (en) Method, system and communication terminal for implementing inter-communication between new network and internet
WO2011032492A1 (en) Identity identification, across-network communication and service migration method, and information intercommunication network architecture
CN102025588B (en) Intercommunication method and intercommunication network of identification and position separating network and Internet
WO2011050676A1 (en) Anonymous communication method, registration and cancellation method, and access node
KR101901341B1 (en) Method and apparatus for supporting mobility of user equipment
WO2011044807A1 (en) Method for registration and communication of anonymous communication and transceiver system for data message
WO2012122709A1 (en) Method for intercommunicating between location-and-identity-separation network and internet, and intercommunication network thereof
WO2007036140A1 (en) A method for signaling to traverse nat in mobile ip network
TW201110646A (en) Cross-layer address mapping method for proxy mobile internet protocal
CN102546356A (en) Method and system capable of ensuring service quality of mobile nodes in logo network
JP4835604B2 (en) Address translation apparatus and method
JP5135257B2 (en) Method and system for establishing a plurality of sessions of different routes by home gateway and session control server
JP5155899B2 (en) Route control method and system via non-IP network in mobile IP network
Jonvik et al. Ad-hoc formation of Bluetooth piconet and IP allocation in PAN

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 11861136

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 11861136

Country of ref document: EP

Kind code of ref document: A1