CN102149086B - Address updating method for mobile IP (internet protocol) node and IP node device - Google Patents
Address updating method for mobile IP (internet protocol) node and IP node device Download PDFInfo
- Publication number
- CN102149086B CN102149086B CN201010113616.1A CN201010113616A CN102149086B CN 102149086 B CN102149086 B CN 102149086B CN 201010113616 A CN201010113616 A CN 201010113616A CN 102149086 B CN102149086 B CN 102149086B
- Authority
- CN
- China
- Prior art keywords
- message
- nodes
- address
- mobile
- described mobile
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Images
Abstract
The invention discloses an address updating method for a mobile IP (internet protocol) node, which comprises the steps as follows: the mobile IP node transmits first information to a peer terminal node through a home proxy of the mobile IP node, wherein the first information carries the care-of address of the mobile IP node; the source address of the first information is the home address of the mobile IP node; second information transmitted by the peer terminal node to the mobile IP node according to the care-of address of the mobile IP node is received, wherein the destination address of the second information is the care-of address of the mobile IP node;. The embodiment improves the communication efficiency between the mobile IP node and the peer terminal node, and enhances the system stability.
Description
Technical field
The present invention relates to communication technical field, relate in particular to a kind of address renewing method and IP node device of mobile IP nodes.
Background technology
Mobile IP v 6 is by IETF (Internet Engineering Task Force, the Internet Engineering task groups) standard agreement of formulating, IPv6 can solve in original IPv4 technology that address is in short supply, mobility, the poor deficiency of fail safe aspect support, the Mobile IPv 6 standard supports mobile IP nodes to realize moving freely under the prerequisite of session contact keeping, and greatly promoted the user and used the IP agreement to communicate the convenience with session.In the basic working modes of Mobile IPv 6, be called the bidirectional tunnel pattern, all business datums all must be through HA (Home Agent, home agent) forwarded, increased so on the one hand the node load of home agent, also because once forwarding, many increases cause the increase of IP data delivery lag, network resources waste, also may be because have increased the reliability decrease that a key node causes session more, once, because the node device of home agent breaks down, whole sessions of mobile node all will be failed.
Summary of the invention
Embodiments of the invention provide a kind of address renewing method and IP node device of mobile IP nodes.
Embodiments of the invention provide a kind of address renewing method of mobile IP nodes on the one hand, comprising:
Mobile IP nodes sends the first message by the home agent of described mobile IP nodes to peer node, and wherein, described the first message carries the Care-of Address of described mobile IP nodes, the home address that the source address of described the first message is described mobile IP nodes;
Receive the second message that described peer node sends to described mobile IP nodes according to the Care-of Address of described mobile IP nodes, wherein, the Care-of Address that the destination address of described the second message is described mobile IP nodes.
Embodiments of the invention provide a kind of address renewing method of mobile IP nodes on the other hand, comprising:
The one IP node receives first message of the home agent of mobile IP nodes by described mobile IP nodes to a described IP node transmission, wherein, described the first message carries the Care-of Address of described mobile IP nodes, the home address that the source address of described the first message is described mobile IP nodes;
Send the second message according to the Care-of Address of described mobile IP nodes to described mobile IP nodes, wherein, the Care-of Address that the destination address of described the second message is described mobile IP nodes.
Embodiments of the invention also provide a kind of mobile IP nodes equipment on the one hand, comprising:
The first message sending unit, send the first message for the home agent by described mobile IP nodes to peer node, wherein, described the first message carries the Care-of Address of described mobile IP nodes, the home address that the source address of described the first message is described mobile IP nodes;
The first message sink unit, the second message sent to described mobile IP nodes according to the Care-of Address of described mobile IP nodes for receiving described peer node, wherein, the Care-of Address that the destination address of described the second message is described mobile IP nodes.
Embodiments of the invention also provide a kind of IP node device on the other hand, comprising:
The second message sink unit, for receiving first message of the home agent of mobile IP nodes by described mobile IP nodes to a described IP node transmission, wherein, described the first message carries the Care-of Address of described mobile IP nodes, the home address that the source address of described the first message is described mobile IP nodes;
The second message sending unit, send the second message for the Care-of Address according to described mobile IP nodes to described mobile IP nodes, wherein, and the Care-of Address that the destination address of described the second message is described mobile IP nodes.
Mobile IP nodes in embodiments of the invention is carried at the Care-of Address of self in the packet of the home address that source address is described mobile IP nodes and sends to peer node, so that peer node sends to described mobile IP nodes the packet that destination address is described Care-of Address, due to the destination address packet that is Care-of Address, can be without the home agent of mobile IP nodes during route, promote the efficiency of communicating by letter between mobile IP nodes and peer node, strengthened the stability of system.
The accompanying drawing explanation
Fig. 1 is the address renewing method schematic flow sheet of a kind of mobile IP nodes of providing of the embodiment of the present invention;
Fig. 2 is the scene schematic diagram that there are fire compartment wall in embodiment of the present invention mobile IP nodes and peer node;
Fig. 3 is the address renewing method schematic flow sheet of the another kind of mobile IP nodes that provides of the embodiment of the present invention;
Fig. 4 is the address renewing method schematic flow sheet of another mobile IP nodes of providing of the embodiment of the present invention;
Fig. 5 is the address renewing method schematic flow sheet of also a kind of mobile IP nodes of providing of the embodiment of the present invention;
Fig. 6 is a kind of mobile IP nodes device structure schematic diagram that the embodiment of the present invention provides;
Fig. 7 is a kind of IP node device structural representation that the embodiment of the present invention provides.
Embodiment
Embodiments of the invention provide a kind of address renewing method and IP node device of mobile IP nodes, have promoted the efficiency of communicating by letter between mobile IP nodes and peer node, have strengthened the stability of system.For making technical scheme of the present invention and advantage clearer, below in conjunction with accompanying drawing, embodiments of the invention are described in further detail.
Be illustrated in figure 1 the address renewing method of a kind of mobile IP nodes that the embodiment of the present invention provides, comprise:
S101: mobile IP nodes sends the first message by the home agent of described mobile IP nodes to peer node, wherein, described the first message carries the Care-of Address of described mobile IP nodes, the home address that the source address of described the first message is described mobile IP nodes;
S102: receive the second message that described peer node sends to described mobile IP nodes according to the Care-of Address of described mobile IP nodes, wherein, the Care-of Address that the destination address of described the second message is described mobile IP nodes.
Optionally, before step S101, can also comprise: described mobile IP nodes is used the home address of described mobile IP nodes and described peer node to set up the IP session by the home agent of described mobile IP nodes.
Optionally, after step S102, can also comprise:
Described mobile IP nodes sends binding update messages to described peer node, to ask described peer node, in follow-up IP conversation procedure, the Care-of Address of the home address of described mobile IP nodes and described mobile IP nodes is bound mutually.
Wherein, described the first message can also carry the request peer node and send the indication information of described the second message to the Care-of Address of described mobile IP nodes; Now, step S102 is specially:
Receive the second message that described peer node sends to described mobile IP nodes according to the Care-of Address of described mobile IP nodes and described indication information.
In the embodiment of Fig. 1, mobile IP nodes is carried at the Care-of Address of self in the packet of the home address that source address is described mobile IP nodes and sends to peer node, so that peer node sends to described mobile IP nodes the packet that destination address is described Care-of Address, due to the destination address packet that is Care-of Address, can be without the home agent of mobile IP nodes during route, promote the efficiency of communicating by letter between mobile IP nodes and peer node, strengthened the stability of system.
In addition, if peer node is the network that is arranged in protected by firewall, the embodiment scheme shown in Fig. 1 can also make a route to be valid passing fire wall between the Care-of Address of peer node and mobile IP nodes when mobile IP nodes carries out the address renewal.Fire compartment wall is a kind of network equipment that network security protection is provided, and can the data message by fire compartment wall be filtered by certain security strategy, and interception may bring dangerous data message, thereby improves the fail safe of network.Fire compartment wall provides packet filtering function, and the filtration collection of fire compartment wall is comprised of some filtering rules, in filtering rule, comprised to the processing method of packet of there is any discrepancy fire compartment wall, forwarded or refused.Filtering rule can be static packet filtering, or dynamic packet filter.Static packet filtering refers to by the firewall administrator filtering rule is set, the keeper can set the information such as concrete IP address, port numbers, protocol type, the data message that meets enabled condition is forwarded, the data message that does not meet enabled condition is refused to process, the static filtering rule is changeless, except the non-administrator is reconfigured fire compartment wall.Dynamic packet filter refers to that the content of the state table of safeguarding based on fire compartment wall forwards or refuse the process of packet.The dynamic packet filter fire compartment wall is being safeguarded a state table in running always; this table record the state information of the packet that sends from protected network; then fire compartment wall is analyzed judgement according to this table content to the packet that returns to protected network; like this, only have response protected network request or follow-up packet just to be let pass.Because static packet filter firewall needs a large amount of administrator configurations operations, and can not carry out flexibly the packet filtering operation in running, and the dynamic packet filter fire compartment wall can be controlled the packet filtering operation flexibly according to conversation procedure, so dynamic packet filter fire compartment wall or be called the State Inspection Packet Filter fire compartment wall, become the firewall applications pattern of current main flow.
As shown in Figure 2, peer node is in the network of protected by firewall, and fire compartment wall is used State Inspection Packet Filter.If mobile IP nodes has been used its home address and peer node to set up the IP session connection, be to have the state recording of above-mentioned home address and peer node address in fire compartment wall, the packet that the source address that in step S101, mobile IP nodes sends to peer node so is its home address can be by the fire compartment wall of peer node; Dynamic packet filter strategy based on fire compartment wall, the packet that peer node sends to outside by its fire compartment wall can pass through fire compartment wall smoothly, and in step S102, peer node can pass through the fire compartment wall of described peer node to the packet of the Care-of Address transmission of mobile IP nodes; Fire compartment wall can be recorded in the source address of packet and destination address (being the Care-of Address of peer node address and mobile IP nodes) in state table simultaneously; in follow-up data bag process of transmitting; owing to there being the state recording of Care-of Address and peer node in the state table in fire compartment wall; mobile IP nodes sends to peer node take the packet that its home address is source address, and the packet that can be used as the request of response protected network passes through fire compartment wall smoothly.The method provided by embodiment mono-, peer node and firewall box can, according to the first message and the second message, upgrade the IP address information of IP session between mobile IP nodes and peer node.
Be illustrated in figure 3 the address renewing method of the another kind of mobile IP nodes that the embodiment of the present invention provides, comprise:
S201: an IP node receives first message of the home agent of mobile IP nodes by described mobile IP nodes to a described IP node transmission, wherein, described the first message carries the Care-of Address of described mobile IP nodes, the home address that the source address of described the first message is described mobile IP nodes;
S202: send the second message according to the Care-of Address of described mobile IP nodes to described mobile IP nodes, wherein, the Care-of Address that the destination address of described the second message is described mobile IP nodes.
Optionally, before step S201, can also comprise: a described IP node is set up the IP session according to the home address of described mobile IP nodes by home agent and the described mobile IP nodes of described mobile IP nodes.
Optionally, after step S202, can also comprise: receive the binding update messages that described mobile IP nodes sends, the Care-of Address of the home address of described mobile IP nodes and described mobile IP nodes is bound mutually in follow-up IP conversation procedure according to described binding update messages.
Wherein, described the first message can also carry the request peer node and send the indication information of described the second message to the Care-of Address of described mobile IP nodes; Now, step S202 is specifically as follows: according to Care-of Address and the described indication information of described mobile IP nodes, to described mobile IP nodes, send described the second message.
In the embodiment of Fig. 3, mobile IP nodes is carried at the Care-of Address of self in the packet of the home address that source address is described mobile IP nodes and sends to peer node, so that peer node sends to described mobile IP nodes the packet that destination address is described Care-of Address, due to the destination address packet that is Care-of Address, can be without the home agent of mobile IP nodes during route, promote the efficiency of communicating by letter between mobile IP nodes and peer node, strengthened the stability of system.Embodiment scheme shown in while Fig. 3 is all right effectively passing fire wall when mobile IP nodes carries out the address renewal, and the corresponding description of concrete principle and Fig. 2 is similar, repeats no more herein.
As shown in Figure 4, the embodiment of the address renewing method of a kind of mobile IP nodes provided for the embodiment of the present invention comprises:
Step S301: at mobile IP nodes (Mobile Node, MN) use its home address and peer node (Correspondent Node, CN) after setting up the IP session between, this MN sends the local test to CN and initiates (HoTI, Home Test Init) message, the source IP address of HoTI message is the home address of MN, and purpose IP address is the IP address of CN.MN can increase the Care-of Address of MN in HoTI message, and at first HoTI message sent to the home agent of MN.Can also carry test cookie in local in HoTI message, for the safety verification of local test process.
Before step S301, described MN specifically can be used by the home agent of described MN the home address of described MN and described CN to set up the IP session.
The home agent of step S302:MN forwards this HoTI message to CN; Because now MN has been used the home address of described MN and described CN to set up the IP session, now on the fire compartment wall of CN, preserved the session status between MN home address and CN address, the CN fire compartment wall can allow this HoTI message to pass through.
Optionally, step S303:MN when to CN, sending Home Test Initiation message or afterwards, can also send and deliver test initiation (CoTI to CN, Care-of Test Init) message, the source IP address of CoTI message is the Care-of Address of MN, purpose IP address is the IP address of CN, can comprise in CoTI and deliver test Cookie for delivering the safety verification of test.If CN does not have firewall protection; CN is after receiving this CoTI message; can send and deliver test (CoT, Care-of Test) message to the Care-of Address of MN, carry delivering in CoTI message in described CoT message and test cookie; MN is after receiving described CoT message; in more described CoTI message delivering test cookie with in CoT message whether delivering test cookie consistent, if unanimously, continue follow-up flow process; as inconsistent, termination process.If CN has firewall protection, do not record so the IP session between MN Care-of Address and CN address on fire compartment wall, so fire compartment wall can refuse CoTI message by fire compartment wall, CoTI message is abandoned by fire compartment wall, and CN also just can't receive this CoTI message.
It should be noted that, this step MN sends CoTI message to CN, may be cancelled execution due to some specific reasons, and for example MN detects in advance between MN and CN and has fire compartment wall.
Optionally, step S304, after CN receives the HoTI message of MN transmission, send local test Home Test message to MN, can carry the local test cookie carried in HoTI message in described Home Test message, the source IP address of local test post is the IP address of CN, and purpose IP address is the home address of MN, and at first the local test post is sent to the home agent of MN.
Optionally, step S305, the home agent of MN is forwarded to MN by the local test post.MN is after receiving described Home Test message, whether the local test cookie that can compare in Home Test message is consistent with the local test cookie carried in the previous HoTI message sent, as unanimously, continue follow-up flow process, as inconsistent, termination process, prevent that with this hacker from forging the network attack that message is carried out
Step S306, CN is after the message of the HoTI with this MN Care-of Address that receives the MN transmission, deliver test to the Care-of Address transmission of MN and allow (CoTA, Care-of Test Allow) message, the source IP address of this CoTA message is the IP address of CN, and purpose IP address is the Care-of Address of MN;
The fire compartment wall of CN is when forwarding CoTA message, because be the message sent to external network by shielded internal network, fire compartment wall allows this message to pass through, and preserves the session between the address of the Care-of Address of MN and CN on fire compartment wall.
Wherein, can also include the indication of request CoTA message in the HoTI message in step S301, the follow-up type of message returned of indication CN of take is CoTA message;
Step S307, MN sends CoTI message to CN after receiving CoTA message, carries in described CoTI message and delivers test cookie, and the source address of described CoTI message is the Care-of Address of MN, the address that destination address is CN; Because the fire compartment wall of CN is according to the Care-of Address of MN under the CoTA Message Record and the session between the CN address, now CoTI message can be passed through fire compartment wall.
Step S308, CN delivers test post to the Care-of Address transmission CoT of MN, carries delivering in CoTI message in described CoT message and tests cookie, the Care-of Address that the destination address of described CoT message is described mobile IP nodes.
Pass through said method, MN has upgraded the Care-of Address of MN to the firewall box on CN and path, MN can be used its Care-of Address to carry out session in the session of follow-up and CN, for example MN can be used its Care-of Address to carry out routing optimality to CN, it is the home agent that packet can not need to be routed to MN again, the efficiency of communicating by letter between lifting mobile IP node and peer node, strengthened the stability of system.And, in the renewal process of above-mentioned IP address, message packet can successfully pass through the fire compartment wall of CN.In addition, above-described embodiment is tested the renewal of IP address, local and deliver testing process and is combined closely, and has effectively prevented when MN switches its session address the network attack of the forgery message that may be subjected to.
Optionally, after step S308, the step that following routing optimality is relevant can also be arranged:
Step S309, MN sends Binding Update Binding Update message to CN, the source IP address of message is the Care-of Address of MN, purpose IP address is the IP address of CN, because the session of above-mentioned two addresses has record at fire compartment wall, so this Binding Update message can be by the fire compartment wall of CN.
Before execution step S309, MN is after receiving CoT message, can judge in the CoT message received, comprise deliver the test relevant information whether with in CoTI message, comprise to deliver the test relevant information consistent, in two message whether deliver test cookie consistent, if unanimously continue follow-up flow process, as inconsistent termination process, with this, prevent from forging the network attack that message is carried out.
Step S310, after CN receives the Binding Update message of MN transmission, send binding acknowledgement Binding Acknowledgement message to MN, CN can mutually bind the Care-of Address of the home address of described mobile IP nodes and described mobile IP nodes in follow-up IP conversation procedure, for example, CN is in sending to the packet of MN, can use the Care-of Address of MN as destination address, and carry the home address of MN in packet, to guarantee normally carrying out of network application that MN is relevant to its home address; Simultaneously, follow-up MN, in sending to the packet of CN, also can be used the Care-of Address of MN as source address, and carries the home address of MN in packet, to guarantee normally carrying out of network application relevant to the MN home address on CN.
As shown in Figure 5, the embodiment of the address renewing method of a kind of mobile IP nodes provided for the embodiment of the present invention comprises:
Step S401: at mobile IP nodes (Mobile Node, MN) use its home address and peer node (Correspondent Node, CN) after setting up the IP session between, this MN sends the local test to CN and initiates (HoTI, Home Test Init) message, the source IP address of HoTI message is the home address of MN, and purpose IP address is the IP address of CN.MN can increase the Care-of Address of following information: MN and, for delivering the Cookie of test, wherein, deliver test cookie and be mainly used in delivering the safety verification in test process in HoTI message, and at first HoTI message sent to the home agent of MN.Can also carry test cookie in local in HoTI message, for the safety verification of local test process.
Before step S401, described MN specifically can be used by the home agent of described MN the home address of described MN and described CN to set up the IP session.
The home agent of step S402:MN forwards this HoTI message to CN; Because now MN has been used the home address of described MN and described CN to set up the IP session, now on the fire compartment wall of CN, preserved the session status between MN home address and CN address, the CN fire compartment wall can allow this HoTI message to pass through.
Optionally, step S403:MN when to CN, sending Home Test Initiation message or afterwards, can also send and deliver test initiation (CoTI to CN, Care-of Test Init) message, the source IP address of CoTI message is the Care-of Address of MN, purpose IP address is the IP address of CN, can comprise in CoTI and deliver test Cookie for delivering the safety verification of test.If CN does not have firewall protection; CN is after receiving this CoTI message; can send and deliver test (CoT, Care-of Test) message to the Care-of Address of MN, carry delivering in CoTI message in described CoT message and test cookie; MN is after receiving described CoT message; in more described CoTI message delivering test cookie with in CoT message whether delivering test cookie consistent, if unanimously, continue follow-up flow process; as inconsistent, termination process.If CN has firewall protection, do not record so the IP session between MN Care-of Address and CN address on fire compartment wall, so fire compartment wall can refuse CoTI message by fire compartment wall, CoTI message is abandoned by fire compartment wall, and CN also just can't receive this CoTI message.
It should be noted that, this step MN sends CoTI message to CN, may be cancelled execution due to some specific reasons, and for example MN detects in advance between MN and CN and has fire compartment wall.In addition, MN can be when sending HoTI message for the first time, without the Care-of Address of MN and for delivering the information such as Cookie of test, but MN detect between MN and CN have fire compartment wall after or the CoTI message sent overtime after, then send with the Care-of Address of MN and for the HoTI message of the Cookie that delivers test.
Optionally, step S404, after CN receives the HoTI message of MN transmission, send local test Home Test message to MN, can carry the local test cookie carried in HoTI message in described Home Test message, the source IP address of local test post is the IP address of CN, and purpose IP address is the home address of MN, and at first the local test post is sent to the home agent of MN.
Optionally, step S405, the home agent of MN is forwarded to MN by the local test post.MN is after receiving described Home Test message, whether the local test cookie that can compare in Home Test message is consistent with the local test cookie carried in the previous HoTI message sent, as unanimously, continue follow-up flow process, as inconsistent, termination process, prevent that with this hacker from forging the network attack that message is carried out
Step S406, CN sends CoT to the Care-of Address of MN and delivers test post, and the source IP address of CoT message is the IP address of CN, and purpose IP address is the Care-of Address of MN, and what can include in this CoT message that MN provides delivers test Cookie;
The fire compartment wall of CN is when forwarding CoT message, because be the message sent to external network by shielded internal network, fire compartment wall allows this message to pass through, and preserves the session between the address of the Care-of Address of MN and CN on fire compartment wall.
Wherein, can also include the indication of request CoT message in the HoTI message in step S401, the follow-up type of message returned of indication CN of take is CoT message.
Pass through said method, MN has upgraded the Care-of Address of MN to the firewall box on CN and path, MN can be used its Care-of Address to carry out session in the session of follow-up and CN, for example MN can be used its Care-of Address to carry out routing optimality to CN, it is the home agent that packet can not need to be routed to MN again, the efficiency of communicating by letter between lifting mobile IP node and peer node, strengthened the stability of system.And, in the renewal process of above-mentioned IP address, message packet can successfully pass through the fire compartment wall of CN.In addition, above-described embodiment is tested the renewal of IP address, local and deliver testing process and is combined closely, and has effectively prevented when MN switches its session address the network attack of the forgery message that may be subjected to.
Optionally, after step S406, following steps can also be arranged:
Step S407, MN sends Binding Update Binding Update message to CN, the source IP address of message is the Care-of Address of MN, purpose IP address is the IP address of CN, because the session of above-mentioned two addresses has record at fire compartment wall, so this Binding Update message can be by the fire compartment wall of CN.
Before execution step S407, MN is after receiving CoT message, can judge in the CoT message received, comprise deliver the test relevant information whether with in HoTI message, comprise to deliver the test relevant information consistent, in two message whether deliver test cookie consistent, if unanimously continue follow-up flow process, as inconsistent termination process, with this, prevent from forging the network attack that message is carried out.
Step S408, after CN receives the Binding Update message of MN transmission, send binding acknowledgement Binding Acknowledgement message to MN, CN can mutually bind the Care-of Address of the home address of described mobile IP nodes and described mobile IP nodes in follow-up IP conversation procedure, for example, CN is in sending to the packet of MN, can use the Care-of Address of MN as destination address, and carry the home address of MN in packet, to guarantee normally carrying out of network application that MN is relevant to its home address; Simultaneously, follow-up MN, in sending to the packet of CN, can be used the Care-of Address of MN as source address, and carries the home address of MN in packet, to guarantee normally carrying out of network application relevant to the MN home address on CN.
Be illustrated in figure 6 a kind of mobile IP nodes equipment that the embodiment of the present invention provides, comprise:
The first message sending unit 501, send the first message for the home agent by described mobile IP nodes to peer node, wherein, described the first message carries the Care-of Address of described mobile IP nodes, the home address that the source address of described the first message is described mobile IP nodes;
The first message sink unit 502, the second message sent to described mobile IP nodes according to the Care-of Address of described mobile IP nodes for receiving described peer node, wherein, the Care-of Address that the destination address of described the second message is described mobile IP nodes.
Described mobile IP nodes equipment can also comprise:
The one IP session establishment unit, before in described the first message sending unit 501, the home agent by described mobile IP nodes sends the first message to peer node, the home agent by described mobile IP nodes is used the home address of described mobile IP nodes and described peer node to set up the IP session.
Described mobile IP nodes equipment can also comprise:
The first binding update messages transmitting element, for receive the second message that described peer node sends to described mobile IP nodes according to the Care-of Address of described mobile IP nodes in described the first message sink unit 502 after, send binding update messages to described peer node, the Care-of Address of the home address of described mobile IP nodes and described mobile IP nodes is bound mutually in follow-up IP conversation procedure to ask described peer node.
Optionally, described the first message can be initiated HoTI message for the local test, and described the second message can allow CoTA message for delivering test.
Now, described mobile IP nodes equipment can also comprise:
The CoTI message sending unit, deliver test initiation CoTI message for sending to described peer node, carries in described CoTI message and deliver test cookie, the Care-of Address that the source address of described CoTI message is described mobile IP nodes;
CoT message sink unit, test CoT message for receiving delivering of described peer node transmission, carries described test cookie, the Care-of Address that the destination address of described CoT message is described mobile IP nodes delivered in described CoT message; And
The first binding message transmitting element, for when entrained deliver entrained with described CoTI message of test cookie of delivering of described CoT message, testing cookie when consistent, send binding update messages to described peer node, the Care-of Address of the home address of described mobile IP nodes and described mobile IP nodes is bound mutually in follow-up IP conversation procedure to ask described peer node.
Optionally, described the first message is that HoTI message is initiated in the local test, and described HoTI also carries and delivers test cookie; Described the second message is for delivering test CoT message, and described CoT message also carries the described test cookie that delivers.
Now, described mobile IP nodes equipment can also comprise:
The second binding message transmitting element, for when entrained deliver entrained with described HoTI message of test cookie of delivering of described CoT message, testing cookie when consistent, send binding update messages to described peer node, the Care-of Address of the home address of described mobile IP nodes and described mobile IP nodes is bound mutually in follow-up IP conversation procedure to ask described peer node.
Under above-mentioned two kinds of optional scenes, described mobile IP nodes equipment can also comprise: local test post receiving element, pass through the local test post of the HA of described mobile IP nodes to described mobile IP nodes transmission for receiving described peer node.
The mobile IP nodes equipment MN that above-described embodiment provides can upgrade its address to the firewall box on peer node CN and path, MN can be used its Care-of Address to carry out session in the session of follow-up and CN, for example mobile IP nodes equipment can be used its Care-of Address to carry out routing optimality to CN, it is the home agent that packet can not need to be routed to mobile IP nodes equipment again, the efficiency of communicating by letter between lifting mobile IP node and peer node, strengthened the stability of system.And, in the renewal process of above-mentioned IP address, message packet can successfully pass through the fire compartment wall of CN.In addition, above-described embodiment is tested the renewal of IP address, local and deliver testing process and is combined closely, and has effectively prevented when MN switches its session address the network attack of the forgery message that may be subjected to.
Be illustrated in figure 7 a kind of IP node device that the embodiment of the present invention provides, comprise:
The second message sink unit 601, for receiving first message of the home agent of mobile IP nodes by described mobile IP nodes to a described IP node transmission, wherein, described the first message carries the Care-of Address of described mobile IP nodes, the home address that the source address of described the first message is described mobile IP nodes;
The second message sending unit 602, send the second message for the Care-of Address according to described mobile IP nodes to described mobile IP nodes, wherein, and the Care-of Address that the destination address of described the second message is described mobile IP nodes.
A described IP node device can also comprise:
The 2nd IP session establishment unit, for receiving the home agent of mobile IP nodes by described mobile IP nodes in described the second message sink unit 601 to before the first message of a described IP node transmission, according to the home address of described mobile IP nodes, by home agent and the described mobile IP nodes of described mobile IP nodes, set up the IP session.
A described IP node device can also comprise:
The first binding update messages receiving element, for the second message sending unit 602 according to the Care-of Address of described mobile IP nodes after described mobile IP nodes sends the second message, receive the binding update messages that described mobile IP nodes sends, and the Care-of Address of the home address of described mobile IP nodes and described mobile IP nodes is bound mutually in follow-up IP conversation procedure according to described binding update messages.
Optionally, described the first message is that HoTI message is initiated in the local test, and described the second message allows CoTA message for delivering test.
Now, a described IP node device can also comprise:
CoTI message sink unit, initiate CoTI message for receiving the test of delivering that described mobile IP nodes sends after receiving described CoTA message, wherein, carry in described CoTI message and deliver test cookie, the Care-of Address that the source address of described CoTI message is described mobile IP nodes;
The CoT message sending unit, for according to described CoTI message, to described mobile IP nodes, sending and deliver test CoT message, wherein, carry all described test cookie, Care-of Address that the destination address of described CoT message is described mobile IP nodes delivered in described CoT message;
And
The first binding update messages receiving element, test the consistent rear binding update messages sent of cookie for receiving deliver entrained with described CoTI message of test cookie of delivering entrained in the described CoT message of judgement of described mobile IP nodes, and the Care-of Address of the home address of described mobile IP nodes and described mobile IP nodes is bound mutually in follow-up IP conversation procedure according to described binding update messages.
Optionally, described the first message is that HoTI message is initiated in the local test, and described HoTI carries and delivers test cookie; Described the second message is for delivering test CoT message, and described CoT message carries the described test cookie that delivers.
Now, a described IP node device can also comprise:
The second binding update messages receiving element, test the consistent rear binding update messages sent of cookie for receiving deliver entrained with described HoTI message of test cookie of delivering entrained in the described CoT message of judgement of described mobile IP nodes, the Care-of Address of the home address of described mobile IP nodes and described mobile IP nodes is bound mutually in follow-up IP conversation procedure according to described binding update messages.
Under above-mentioned two kinds of optional scenes, a described IP node device can also comprise: local test post transmitting element sends the local test post for the HA by described mobile IP nodes to described mobile IP nodes.
The IP node device that mobile IP nodes equipment MN can provide to above-described embodiment and the firewall box on path have upgraded its address, MN can be used its Care-of Address to carry out session in the session of follow-up and an IP node device, for example mobile IP nodes equipment can be used its Care-of Address to carry out routing optimality to an IP node device, it is the home agent that packet can not need to be routed to mobile IP nodes equipment again, lifting mobile IP node and efficiency to communicating by letter between an IP node device, strengthened the stability of system.And, in the renewal process of above-mentioned IP address, message packet can successfully pass through the fire compartment wall of an IP node device.In addition, above-described embodiment is tested the renewal of IP address, local and deliver testing process and is combined closely, and has effectively prevented when MN switches its session address the network attack of the forgery message that may be subjected to.
Embodiments of the invention also provide a kind of embodiment of IP communication system, comprising:
Mobile IP nodes equipment as described as Fig. 6 embodiment, and the one IP node device as described as Fig. 7 embodiment.Wherein an IP node device is as the peer node CN of mobile IP nodes equipment.
Above-mentioned IP communication system embodiment can also comprise the home agent of described mobile IP nodes equipment, the fire compartment wall of an IP node device.
Said system embodiment provides in the IP communication system, mobile IP nodes equipment MN can upgrade its address to the firewall box on an IP node device and path, MN can be used its Care-of Address to carry out session in the session of follow-up and an IP node device, for example mobile IP nodes equipment can be used its Care-of Address to carry out routing optimality to an IP node device, it is the home agent that packet can not need to be routed to mobile IP nodes equipment again, lifting mobile IP node and efficiency to communicating by letter between an IP node device, strengthened the stability of system.And, in the renewal process of above-mentioned IP address, message packet can successfully pass through the fire compartment wall of an IP node device.In addition, above-described embodiment is tested the renewal of IP address, local and deliver testing process and is combined closely, and has effectively prevented when MN switches its session address the network attack of the forgery message that may be subjected to.
All or part of content in the technical scheme that above embodiment provides can realize by software programming, and its software program is stored in the storage medium can read, storage medium for example: the hard disk in computer, CD or floppy disk.
Above disclosed be only several specific embodiment of the present invention, still, the present invention is not limited thereto, the changes that any person skilled in the art can think of all should fall into protection scope of the present invention.
Claims (10)
1. the address renewing method of a mobile IP nodes, is characterized in that, comprising:
Mobile IP nodes sends the first message by the home agent of described mobile IP nodes to peer node, and wherein, described the first message carries the Care-of Address of described mobile IP nodes, the home address that the source address of described the first message is described mobile IP nodes;
Receive the second message that described peer node sends to described mobile IP nodes according to the Care-of Address of described mobile IP nodes, wherein, the Care-of Address that the destination address of described the second message is described mobile IP nodes;
Wherein, described the first message is that HoTI message is initiated in the local test; Described the second message allows CoTA message for delivering test; After receiving described CoTA message, described mobile IP nodes also comprises:
Send and deliver test initiation CoTI message to described peer node, carry in described CoTI message and deliver test cookie, the Care-of Address that the source address of described CoTI message is described mobile IP nodes;
Receive delivering of described peer node transmission and test CoT message, carry described test cookie, the Care-of Address that the destination address of described CoT message is described mobile IP nodes delivered in described CoT message;
Entrainedly in described CoT message deliver deliver entrained with described CoTI message of test cookie and test cookie when consistent, send binding update messages to described peer node, the Care-of Address of the home address of described mobile IP nodes and described mobile IP nodes is bound mutually in follow-up IP conversation procedure to ask described peer node;
Perhaps, described the first message is that HoTI message is initiated in the local test, and described HoTI carries and delivers test cookie; Described the second message is for delivering test CoT message, and described CoT message carries the described test cookie that delivers; After receiving described CoT message, described mobile IP nodes also comprises:
Entrainedly in described CoT message deliver deliver entrained with described HoTI message of test cookie and test cookie when consistent, send binding update messages to described peer node, the Care-of Address of the home address of described mobile IP nodes and described mobile IP nodes is bound mutually in follow-up IP conversation procedure to ask described peer node.
2. method according to claim 1 is characterized in that:
Before home agent at described mobile IP nodes by described mobile IP nodes sends the first message to peer node, also comprise: described mobile IP nodes is used the home address of described mobile IP nodes and described peer node to set up the IP session by the home agent of described mobile IP nodes.
3. method according to claim 1 is characterized in that:
After the second message sent to described mobile IP nodes according to the Care-of Address of described mobile IP nodes at the described peer node of described reception, also comprise:
Described mobile IP nodes sends binding update messages to described peer node, to ask described peer node, in follow-up IP conversation procedure, the Care-of Address of the home address of described mobile IP nodes and described mobile IP nodes is bound mutually.
4. method according to claim 1, is characterized in that, described the first message carries the request peer node and sends the indication information of described the second message to the Care-of Address of described mobile IP nodes; The second message that the described peer node of described reception sends to described mobile IP nodes according to the Care-of Address of described mobile IP nodes comprises:
Receive the second message that described peer node sends to described mobile IP nodes according to the Care-of Address of described mobile IP nodes and described indication information.
5. the address renewing method of a mobile IP nodes, is characterized in that, comprising:
The one IP node receives first message of the home agent of mobile IP nodes by described mobile IP nodes to a described IP node transmission, wherein, described the first message carries the Care-of Address of described mobile IP nodes, the home address that the source address of described the first message is described mobile IP nodes;
Send the second message according to the Care-of Address of described mobile IP nodes to described mobile IP nodes, wherein, the Care-of Address that the destination address of described the second message is described mobile IP nodes;
Wherein, described the first message is that HoTI message is initiated in the local test; Described the second message allows CoTA message for delivering test; After sending described CoTA message to described mobile IP nodes, a described IP node also comprises:
Receive the test of delivering that described mobile IP nodes sends after receiving described CoTA message and initiate CoTI message, wherein, carry in described CoTI message and deliver test cookie, the Care-of Address that the source address of described CoTI message is described mobile IP nodes;
Send and deliver test CoT message to described mobile IP nodes according to described CoTI message, wherein, carry described test cookie, the Care-of Address that the destination address of described CoT message is described mobile IP nodes delivered in described CoT message;
Receive entrained deliver entrained with described CoTI message of test cookie of delivering in the described CoT message of judgement of described mobile IP nodes and test the consistent rear binding update messages sent of cookie;
According to described binding update messages, in follow-up IP conversation procedure, the Care-of Address of the home address of described mobile IP nodes and described mobile IP nodes is bound mutually;
Perhaps, described the first message is that HoTI message is initiated in the local test, and described HoTI carries and delivers test cookie; Described the second message is for delivering test CoT message, and described CoT message carries the described test cookie that delivers; After sending described CoT message to described mobile IP nodes, a described IP node also comprises:
Receive entrained deliver entrained with described HoTI message of test cookie of delivering in the described CoT message of judgement of described mobile IP nodes and test the consistent rear binding update messages sent of cookie, the Care-of Address of the home address of described mobile IP nodes and described mobile IP nodes is bound mutually in follow-up IP conversation procedure according to described binding update messages.
6. method according to claim 5 is characterized in that:
Receive the home agent of mobile IP nodes by described mobile IP nodes to before the first message of a described IP node transmission at a described IP node, also comprise: a described IP node is set up the IP session according to the home address of described mobile IP nodes by home agent and the described mobile IP nodes of described mobile IP nodes.
7. method according to claim 5 is characterized in that:
At the described Care-of Address according to described mobile IP nodes, after described mobile IP nodes sends the second message, also comprise:
Receive the binding update messages that described mobile IP nodes sends, the Care-of Address of the home address of described mobile IP nodes and described mobile IP nodes is bound mutually in follow-up IP conversation procedure according to described binding update messages.
8. method according to claim 5, is characterized in that, described the first message carries the request peer node and sends the indication information of described the second message to the Care-of Address of described mobile IP nodes; The described Care-of Address according to described mobile IP nodes sends the second message to described mobile IP nodes, comprising:
Send described the second message according to Care-of Address and the described indication information of described mobile IP nodes to described mobile IP nodes.
9. a mobile IP nodes, is characterized in that, comprising:
The first message sending unit, send the first message for the home agent by described mobile IP nodes to peer node, wherein, described the first message carries the Care-of Address of described mobile IP nodes, the home address that the source address of described the first message is described mobile IP nodes;
The first message sink unit, the second message sent to described mobile IP nodes according to the Care-of Address of described mobile IP nodes for receiving described peer node, wherein, the Care-of Address that the destination address of described the second message is described mobile IP nodes;
Wherein, the first message that described the first message sending unit sends is that HoTI message is initiated in the local test; Described the second message that described the first message sink unit receives allows CoTA message for delivering test; Described mobile IP nodes also comprises:
The CoTI message sending unit, deliver test initiation CoTI message for sending to described peer node, carries in described CoTI message and deliver test cookie, the Care-of Address that the source address of described CoTI message is described mobile IP nodes;
CoT message sink unit, test CoT message for receiving delivering of described peer node transmission, carries described test cookie, the Care-of Address that the destination address of described CoT message is described mobile IP nodes delivered in described CoT message; And
The first binding message transmitting element, for when entrained deliver entrained with described CoTI message of test cookie of delivering of described CoT message, testing cookie when consistent, send binding update messages to described peer node, the Care-of Address of the home address of described mobile IP nodes and described mobile IP nodes is bound mutually in follow-up IP conversation procedure to ask described peer node;
Perhaps, the first message that described the first message sending unit sends is that HoTI message is initiated in the local test, and described HoTI carries and delivers test cookie; Described the second message that described the first message sink unit receives is for delivering test CoT message, and described CoT message carries the described test cookie that delivers; Described mobile IP nodes also comprises:
The second binding message transmitting element, for when entrained deliver entrained with described HoTI message of test cookie of delivering of described CoT message, testing cookie when consistent, send binding update messages to described peer node, the Care-of Address of the home address of described mobile IP nodes and described mobile IP nodes is bound mutually in follow-up IP conversation procedure to ask described peer node.
10. an IP node device, is characterized in that, comprising:
The second message sink unit, for receiving mobile IP nodes by the first message of the home agent transmission of described mobile IP nodes, wherein, described the first message carries the Care-of Address of described mobile IP nodes, the home address that the source address of described the first message is described mobile IP nodes;
The second message sending unit, send the second message for the Care-of Address according to described mobile IP nodes to described mobile IP nodes, wherein, and the Care-of Address that the destination address of described the second message is described mobile IP nodes:
Wherein, the first message that described the second message sink unit receives is that HoTI message is initiated in the local test; The second message that described the second message sending unit sends allows CoTA message for delivering test; Described IP node device also comprises:
CoTI message sink unit, initiate CoTI message for receiving the test of delivering that described mobile IP nodes sends after receiving described CoTA message, wherein, carry in described CoTI message and deliver test cookie, the Care-of Address that the source address of described CoTI message is described mobile IP nodes;
The CoT message sending unit, for according to described CoTI message, to described mobile IP nodes, sending and deliver test CoT message, wherein, carry described test cookie, the Care-of Address that the destination address of described oT message is described mobile IP nodes delivered in described CoT message;
The first binding update messages receiving element, test the consistent rear binding update messages sent of cookie for receiving deliver entrained with described CoTI message of test cookie of delivering entrained in the described CoT message of judgement of described mobile IP nodes, and the Care-of Address of the home address of described mobile IP nodes and described mobile IP nodes is bound mutually in follow-up IP conversation procedure according to described binding update messages;
Perhaps, the first message that described the second message sink unit receives is that HoTI message is initiated in the local test, and described HoTI carries and delivers test cookie; The second message that described the second message sending unit sends is for delivering test CoT message, and described CoT message carries the described test cookie that delivers; Described IP node device also comprises:
The second binding update messages receiving element, test the consistent rear binding update messages sent of cookie for receiving deliver entrained with described HoTI message of test cookie of delivering entrained in the described CoT message of judgement of described mobile IP nodes, the Care-of Address of the home address of described mobile IP nodes and described mobile IP nodes is bound mutually in follow-up IP conversation procedure according to described binding update messages.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201010113616.1A CN102149086B (en) | 2010-02-10 | 2010-02-10 | Address updating method for mobile IP (internet protocol) node and IP node device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201010113616.1A CN102149086B (en) | 2010-02-10 | 2010-02-10 | Address updating method for mobile IP (internet protocol) node and IP node device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN102149086A CN102149086A (en) | 2011-08-10 |
| CN102149086B true CN102149086B (en) | 2014-01-08 |
Family
ID=44423022
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201010113616.1A Expired - Fee Related CN102149086B (en) | 2010-02-10 | 2010-02-10 | Address updating method for mobile IP (internet protocol) node and IP node device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102149086B (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114520958B (en) * | 2020-11-19 | 2023-03-24 | 合肥炬芯智能科技有限公司 | Bluetooth communication method and system |
Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101009941A (en) * | 2007-01-15 | 2007-08-01 | 中山大学 | A method for realizing the communication between the mobile IPv4 node and IPv6 communication node |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN100414929C (en) * | 2005-03-15 | 2008-08-27 | 华为技术有限公司 | Text transmission method in protocal network of mobile internet |
-
2010
- 2010-02-10 CN CN201010113616.1A patent/CN102149086B/en not_active Expired - Fee Related
Patent Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101009941A (en) * | 2007-01-15 | 2007-08-01 | 中山大学 | A method for realizing the communication between the mobile IPv4 node and IPv6 communication node |
Non-Patent Citations (1)
| Title |
|---|
| 说明书第1页第5行-第6页第15行、第6页倒数第5行-第10页第10行. |
Also Published As
| Publication number | Publication date |
|---|---|
| CN102149086A (en) | 2011-08-10 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN100581099C (en) | Prevention of spoofing in telecommunications systems | |
| CN102377629B (en) | Method and device for communicating with server in IMS (IP multimedia subsystem) core network by using terminal to pass through private network as well as network system | |
| CN102215154B (en) | The access control method of Network and terminal | |
| JP3662080B2 (en) | Firewall dynamic control method | |
| CN101383734B (en) | State detecting method, system and apparatus | |
| US8369346B2 (en) | Method and system for restricting a node from communicating with other nodes in a broadcast domain of an IP (internet protocol) network | |
| CN104796396A (en) | Network proxy layer for policy-based application proxies | |
| JP2006013827A (en) | Packet transfer apparatus | |
| CN103763754B (en) | A kind of method of data processing, apparatus and system | |
| CN104168173A (en) | Method and device for terminal to achieve private network traversal to be in communication with server in IMS core network and network system | |
| CN101820432A (en) | Safety control method and device of stateless address configuration | |
| CN102118398B (en) | Access control method, device and system | |
| CN101815106A (en) | Method and equipment for establishing dynamic GRE (Generic Routing Encapsulation) tunnel | |
| CN102752756A (en) | Method and device for preventing surfing the Internet by privately connecting wireless access point (AP) | |
| CN101925038B (en) | Data transmission method, communication device and network system | |
| CN103516573B (en) | Data transmission method among client terminals in restricted network and client terminals | |
| CN102149086B (en) | Address updating method for mobile IP (internet protocol) node and IP node device | |
| CN101505478B (en) | Method, apparatus and system for filtering packets | |
| CN101707535B (en) | Method and device for detecting counterfeit network equipment | |
| CN101123575B (en) | A multi-host access method, system and device supporting mixed IP | |
| JP2009246614A (en) | Communication system, terminal, relay device, communication mode determination method, and program | |
| CN101312407B (en) | Method and apparatus for measuring quality of network service | |
| CN102594938A (en) | Portal secondary address authentication method and device | |
| CN102860116A (en) | Method, device and system of connection re-establishment | |
| CN101237615B (en) | Dynamic control activation system and realization method for media network element |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20171226 Address after: 300000 Tianjin City Economic Development Zone Jizhou District Jun Road No. 12 Patentee after: CECEP Guohuan New Material Co., Ltd. Address before: 518129 Bantian HUAWEI headquarters office building, Longgang District, Guangdong, Shenzhen Patentee before: Huawei Technologies Co., Ltd. |
|
| CF01 | Termination of patent right due to non-payment of annual fee | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20140108 Termination date: 20200210 |