CN1411248A - IPV9/IPV4NAT routing apparatus - Google Patents
IPV9/IPV4NAT routing apparatus Download PDFInfo
- Publication number
- CN1411248A CN1411248A CN 02145133 CN02145133A CN1411248A CN 1411248 A CN1411248 A CN 1411248A CN 02145133 CN02145133 CN 02145133 CN 02145133 A CN02145133 A CN 02145133A CN 1411248 A CN1411248 A CN 1411248A
- Authority
- CN
- China
- Prior art keywords
- address
- ipv9
- ipv4
- protocol
- protocol stack
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 230000003068 static effect Effects 0.000 claims abstract description 13
- 238000013519 translation Methods 0.000 claims abstract description 13
- 238000013507 mapping Methods 0.000 claims description 17
- 238000012546 transfer Methods 0.000 claims description 5
- 230000006854 communication Effects 0.000 abstract description 12
- 238000004891 communication Methods 0.000 abstract description 11
- 230000005540 biological transmission Effects 0.000 abstract 3
- 238000006243 chemical reaction Methods 0.000 description 9
- 230000004044 response Effects 0.000 description 5
- 238000005516 engineering process Methods 0.000 description 4
- 230000007704 transition Effects 0.000 description 4
- 238000010586 diagram Methods 0.000 description 2
- 238000005538 encapsulation Methods 0.000 description 2
- 238000000034 method Methods 0.000 description 2
- 230000008901 benefit Effects 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 230000002950 deficient Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000001914 filtration Methods 0.000 description 1
- 206010022000 influenza Diseases 0.000 description 1
- 230000000977 initiatory effect Effects 0.000 description 1
- 238000012423 maintenance Methods 0.000 description 1
- 238000013508 migration Methods 0.000 description 1
- 230000005012 migration Effects 0.000 description 1
- 230000001737 promoting effect Effects 0.000 description 1
- 230000009897 systematic effect Effects 0.000 description 1
Landscapes
- Small-Scale Networks (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
This invention discloses an IPV9/IPV4 NAT router and domain name gate, file transmission gate and route of which are parallel to the interface of applied and transmission layer to be serial in sequence with transmission layer, protocol, address translation manager to be parallel with IPV9 protocol stack, static/dynamic image, protocol translator and IPV4 protocol stack, and the static/dynamic image, protocol translator are parallel with an addrss pool, IPV9 protocol stack IPV4 protocol stack are parallel with the network interface, the network interface and protocol translator are connected with IPV9 protocol stack, user manage interface is connected with the router and address pool. This invention transparently realizes protocol address translation and ordinary communication with inner network IPV9, IPV4 and Internet.
Description
Technical field
The present invention relates to the computer network communication technology field, relate in particular to a kind of IPV9/IPV4NAT router.
Background technology
The IPV4 agreement is born in the seventies, is an extremely successful Internet agreement, but along with the blast or the growth of www net, and the extensive use of miscellaneous service, and expose limitation and the critical defect thereof of IPV4: 1) the IP address is about to exhausted; Have only 232 to be 4,000,000,000 addresses, the U.S. is unreasonable to the classification on IP ground in addition, and the deficient crisis in the IP address of the country beyond the U.S. is more serious.2), produced address assignment unbalanced of Ipv4 because internet development unbalanced.Continuous Ipv4 address is also discontinuous physically, makes to use the route cascade, has directly caused the routing table of the Internet basic routing line router sharply to expand, and has had a strong impact on the network switching performance.3) the IPV4 agreement lacks fail safe; 4) IPV4 lacks the QOS support, has seriously hindered multimedia and has used in real time; 5) address disposes very trouble automatically, is difficult to plug and play; 6) the non-China of IPV4, IPV6 independent intellectual property right, the agreement U.S. works out, the control of network security system is weighed in his staff.
China is independent in order to build, the controlled IPV9 internet of safety, and the present invention proposes IPV9/IPV4NAT method for routing technology and device, solve visit that the IPV9 net nets to IPV4 and transition period the Internet smooth migration.
Summary of the invention
The purpose of this invention is to provide a kind of IPV9/IPV4NAT router.
IPV9/IPV4NAT router domain name gateway, file transfer gateway, route be attempted by use with transport layer interface on after be connected in series with transport layer, agreement, address translation manager successively, the dynamically mapping of IPV9 protocol stack, static state, protocol translator, IPV4 protocol stack are attempted by on the address translation manager, static dynamically mapping, protocol translator are attempted by on the address pool, IPV9 protocol stack, IPV4 protocol stack are attempted by network interface, network interface, protocol translator and IPV9 protocol stack join, and subscriber administration interface and route and address pool are joined.
Advantage of the present invention is:
1) the NAT router is positioned at inner private network and outside worker nternet adjoining position, between the two ends of communication, realizes the protocol address translation pellucidly, has realized the proper communication of in-house network IPv9, IPv4 main frame and exterior I nternet;
2) introducing of NAT router, make IPv9 experimental network and IPv4 private network be that basic Internet backbone network interconnects with the IPv4 agreement at present, solved IPv9, IPV4 private network and Internet communication issue, and the communication issue between the transition stage different agreement.To play a role in promoting to successfully carrying out the transition to next generation network;
3) realize IPV9/IPV4 mixing private network agreement, address, the port bi-directional conversion of (or claiming private network).Realize realization border, limit route;
4) realize that the IPV4 private network connects conversion to the address of public network.Make the IPV4 net obtain safeguard protection.Visit wall with flues as the IP address filtering.
Description of drawings
Fig. 1 is an IPV9NAT-router architecture block diagram;
Fig. 2 is the systematic square frame schematic diagram.
Embodiment
IPV9/IPV4NAT router domain name gateway 1, file transfer gateway 2, route 14 be attempted by use with transport layer interface 3 on after successively with transport layer 4, agreement, address translation manager 5 serial connections, IPV9 protocol stack 6, static dynamically mapping 7, protocol translator 8, IPV4 protocol stack 9 is attempted by on the address translation manager 5, static dynamically mapping 7, protocol translator 8 is attempted by on the address pool 10, IPV9 protocol stack 6, IPV4 protocol stack 9 is attempted by network interface 12, network interface 13, protocol translator 8 is joined with IPV9 protocol stack 6, and subscriber administration interface 11 joins with route 14 and address pool 10.
As shown in Figure 1, among the figure
1) domain name gateway (DNS-ALG): finish inquiry of the domain name, address, protocol conversion etc.
2) file transfer gateway (FTP-ALG): finish address, protocol conversion of file transfer etc.
3) use and transport layer interface (SOCKET layer): the interface of realizing application layer and TCP/UDP layer;
4) transport layer (TCP/UDP layer): finish transport layer association translation function,
5) agreement, address translation manager (Ipv9/IPv4 Translation Manager): the Task Distribution of management 21 and 22 modules etc.;
6) IPV9 protocol stack: realize IP version 9 protocol functions;
7) dynamically mapping:, carry out the dynamic mapping function in address by NA (P) T-PT Ipv9/IPv4 mapping table;
8) protocol translator: realize ICMP4 and ICMP9 between IPv4 and Ipv9 agreement, IP4 and IP9 address and packet header translation function;
9) IPV4 protocol stack; Realize IP version 4 protocol functions;
10) address pool: IPV4, ground, IPV9 address, dynamic, static address conversion is realized in maintenance system IPv4, IPV9 address;
11) subscriber administration interface: static state, dynamic address and port are configured, route is configured.
12), 13) network interface layer (data link and physical layer).
14) route: realize the border routing function.
As shown in Figure 2, the present invention uses realization network is divided into three zones: 1) .15,16 forms the public network zones; 2) .21,22,23,24 forms private network zone private.com; 3) .17,18,19,20 forms outer web area external.com.
Public network 15,16 regions are global I PV4 address space, and 15 is the root dns server, and 16 is the IPV4 public network.
The address space of private network (21,22,23,24) adopts Ipv9, and so the privately owned address of IPV4 is the still not directly visit concerning public network (outer net) of the address of this private network.22,23 is the IPV9 main frame.Main frame 22 addresses are to use IPV9 address 1015[6] 100/32, domain name is 22.private.com, 24 is the dns server in private.com territory, can explain the IPV9 or the IPV4 domain host address in this territory.
17,18,19,20 is external.com. domain addresses space, is made as the IPV4 main frame and constitutes, and 18,19 is the IPV4 main frame.The public network address that use main frame 18 addresses is 171.68.10.1, and domain name is 18.external.com..20 is the dns server in external.com. territory, can explain the IPV4 domain host address in this territory.
17,21 is the IPV9NAT router, integrated encapsulation/deblocking, two-way NAT and DNS_ALG, FTP_ALOG function.IPV9, IPV4 address pool are provided.20, the 24th, the dns server in privately owned territory is realized the static address mapping by IPV9 NAT_ router and IPV4 public network zone 15,16.
Communication operation principle procedure declaration:
Next coming in order illustrate between each territory main frame how to realize communication, relate to technology such as encapsulation/deblocking, NAT, DNS_ALG therebetween.
A.IPV9 main frame 22 is initiated the course of work of communication to IPV4 main frame 18: IPV9 host's machine 22 visit outer net IPV4 main frames 18
1) main frame 22 sends the inquiry of the domain name message based on UDP, to the IP address of 24 nslookup 18.External.com correspondences.
2) local domain name server 24 is inquired about to root name server 15 by 21, and the source address of query message is 171.68.2.1 (this address is the IP of local domain name server 24), and destination address is 11.1.1.1.21NAT changes the address of IP and UDP heading.Source address becomes 131.108.1.8, and destination address is constant.DNS_ALG does not revise message load.
3) 15 indications 24 of root dns server are to 20 inquiries.Provided 20 public network address 171.68.1.1 in the response message.When this message passed through 21,21NAT changed the destination address in IP and the UDP header: become 171.68.2.1 by 131.108.1.8, address 11.1.1.1 is constant in the source.
In addition, the NDS_ALG on 21 will replace 20 the IP public network address 171.68.1.1 that provides in the response message.It is that 171.68.1.1 distributes a privately owned address that DNS_ALG at first requires NAT, is assumed to be 10.10.1.1.DNS_ALG replaces with 10.10.1.1 to the 171.68.1.1 in the DNS message load then.
4) sample, 24 20 the addresses of knowing are 10.10.1.1.24 IP addresses to 20 inquiry 18.External.com.The worker P source address of request message is 171.68.2.1, destination address 10.10.1.1.After message was through 21 NAT conversion, source address became 131.108.1.8, and destination address becomes 171.68.1.1.
DNS_ALG does not revise the DNS message load.
5) 0 pair of inquiry is made and being replied, and provides the IP address 171.68.10.1 of 18.External.com.When replying through 21 the time, NAT makes corresponding conversion to IP and UDP header: source address becomes 10.10.1.1 by 171.68.1.1, and destination address becomes 171.68.2.1 by 131.108.1.8.
It is home address of 171.68.10.1 mapping that DNS_ALG then asks NAT, is assumed to be 10.11.1.2.DNS_ALG replaces with 10.11.1.2 with the address of 18.External.com in the response message.
6) 24 pairs of main frames 22 are made and being replied.The address that provides 18.External.com is 10.11.1.2.
7) session of main frame 22 initiations and main frame 18.The source address of message is 1015[6] 100/32, destination address 10.11.1.2.When through 21 the time, NAT is home address 1015[6] public network address of 100/32 mapping, be assumed to be 131.108.1.17.
And the address of conversion header: source address becomes 131.108.1.17, and destination address becomes 171.68.10.1.At this moment, NAT is that main frame 22 and main frame 18 have been set up map addresses respectively.22,18 in main frame is set up communication.
Address mapping table during table 1. once connects
| Main frame | Home address | Public network address |
| 22 | ?1015[6]100/32 | (131.108.1.17 pooled NAT) |
| 18 | (10.11.1.2 pooled NAT) | 171.68.10.1 |
| 24 | ?171.68.2.1 | (131.108.1.8 static NAT) |
| 20 | (10.10.1.1 pooled NAT) | 171.68.1.1 |
B. main frame 18 is initiated the step of communication process to main frame 22: outer net 18 host access intranet hosts 22
1) 18 IP addresses to name server 20 inquiry 22.Private.com correspondences.
2) 20 turn to root name server 15 inquiries.15 reply, and indication 20 is to 24 inquiries.Provide 24 public network address 131.108.1.8 in the response message.
3) 0 IP address to 24 inquiry 22.Private.com.Destination address in the IP head of request message is 24 public network address 131.108.1.8, and the address, source is 20 public network address 171.68.10.1.During through NAT router two 1, NAT is according to being 24 static mappings that are provided with, and destination address replaces with 171.68.2.1; Simultaneously NAT is the home address of a mapping of public network address 171.68.1.1 application of 20, is assumed to be 10.10.1.1, and the address, source of replacing heading then is 10.10.1.1.
4) 4 pairs of inquiries are made and being replied, and provide 22 IP address 1015[6] 100/32.When replying through 21 the time, NAT does conversion to IP header address: source address becomes 131.108.1.8 by .171.68.2.1, and destination address becomes 171.68.1.1 by 10.10.1.1.DNS_ALG request NAT is inner IPV9 address 1015[6] public network address of 100/32 mapping, be assumed to be 131.108.1.17, DNS_ALG is with the address 1015[6 of 22 in the response message] 100/32 replace with 131.108.1.17.
5) 20 pairs of main frames 18 are made and being replied.Providing 22 IP reference address is 131.108.1.17.
6) main frame 18 is initiated communication to main frame 22.The source address of IP message is 171.68.10.1, and destination address is 131.108.1.17.When message through 21 the time, NAT is assumed to be 10.10.1.1 for external address 171.68.10.1 applies for inner mapping address.Address transition then: the address, source becomes 10.10.1.1, and destination address becomes 1015[6] 100/32.
So far, set up map addresses respectively for main frame 22 and 18 on 21.
Claims (1)
1. IPV9/IPV4NAT router, it is characterized in that domain name gateway (1), file transfer gateway (2), route (14) be attempted by use go up with transport layer interface (3) after successively with transport layer (4), agreement, address translation manager (5) serial connection, IPV9 protocol stack (6), static dynamically mapping (7), protocol translator (8), IPV4 protocol stack (9) is attempted by on the address translation manager (5), static dynamically mapping (7), protocol translator (8) is attempted by on the address pool (10), IPV9 protocol stack (6), IPV4 protocol stack (9) is attempted by network interface (12), network interface (13), protocol translator (8) is joined with IPV9 protocol stack (6), and subscriber administration interface (11) joins with route (14) and address pool (10).
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 02145133 CN1411248A (en) | 2002-11-05 | 2002-11-05 | IPV9/IPV4NAT routing apparatus |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 02145133 CN1411248A (en) | 2002-11-05 | 2002-11-05 | IPV9/IPV4NAT routing apparatus |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN1411248A true CN1411248A (en) | 2003-04-16 |
Family
ID=4750783
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN 02145133 Pending CN1411248A (en) | 2002-11-05 | 2002-11-05 | IPV9/IPV4NAT routing apparatus |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN1411248A (en) |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101248603B (en) * | 2003-12-23 | 2012-06-20 | 摩托罗拉移动公司 | Method for transmitting service from source to node group |
| CN103888554A (en) * | 2014-03-24 | 2014-06-25 | 广州杰赛科技股份有限公司 | IPv4 and IPv6 compatible domain name resolution method and system |
| CN108632402A (en) * | 2018-03-15 | 2018-10-09 | 楼培德 | A kind of wisdom movie theatre network-building method and system based on IPV9 |
| CN110381299A (en) * | 2019-08-22 | 2019-10-25 | 湖州米欧康电子科技有限公司 | A kind of web camera |
| CN117118746A (en) * | 2023-10-20 | 2023-11-24 | 明阳时创(北京)科技有限公司 | DNS attack defense method, system, medium and device based on dynamic DNAT |
-
2002
- 2002-11-05 CN CN 02145133 patent/CN1411248A/en active Pending
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101248603B (en) * | 2003-12-23 | 2012-06-20 | 摩托罗拉移动公司 | Method for transmitting service from source to node group |
| US8953595B2 (en) | 2003-12-23 | 2015-02-10 | Google Technology Holdings LLC | Route-optimised mulitcast traffic for a mobile network node |
| CN103888554A (en) * | 2014-03-24 | 2014-06-25 | 广州杰赛科技股份有限公司 | IPv4 and IPv6 compatible domain name resolution method and system |
| CN108632402A (en) * | 2018-03-15 | 2018-10-09 | 楼培德 | A kind of wisdom movie theatre network-building method and system based on IPV9 |
| CN108632402B (en) * | 2018-03-15 | 2021-04-23 | 楼培德 | Intelligent cinema networking method and system based on IPV9 |
| CN110381299A (en) * | 2019-08-22 | 2019-10-25 | 湖州米欧康电子科技有限公司 | A kind of web camera |
| CN117118746A (en) * | 2023-10-20 | 2023-11-24 | 明阳时创(北京)科技有限公司 | DNS attack defense method, system, medium and device based on dynamic DNAT |
| CN117118746B (en) * | 2023-10-20 | 2024-01-09 | 明阳时创(北京)科技有限公司 | DNS attack defense method, system, medium and device based on dynamic DNAT |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN1118167C (en) | System and method for using domain names to route data sent to a destination on a network | |
| CN102347993B (en) | Network communication method and equipment | |
| CN1170401C (en) | Apparatus and method for distributing interconnected network protocol address to network interface card | |
| CN1585376A (en) | Addressing converting method and mixed addressing converting router for realizing it | |
| CN1848802A (en) | Method for realizing IPv6 high performance interconnection based on P2P on IPv4 | |
| CN1968226A (en) | Method for crossing network address conversion in point-to-point communication | |
| CN1711739A (en) | Method and device for supporting a 6to4 tunneling protocol across a network address translation mechanism | |
| CN1216657A (en) | Internet protocol filter | |
| CN1414746A (en) | Method of providing internal service apparatus in network for saving IP address | |
| CN1380773A (en) | Enhanced NAT-PT protocol scheme | |
| CN102938736A (en) | Method and device for realizing IPv6 (Internet Protocol Version 6) network traversing of IPv4 message | |
| CN101030934A (en) | Method for spanning heterogeneous network mobile telecommunication based on two-way tunnel | |
| CN101068189A (en) | Method for supporting IPv4 applied program utilizing intermain machine tunnel in IPV6 | |
| CN1199405C (en) | Enterprise external virtual special network system and method using virtual router structure | |
| CN1852253A (en) | ARP message processing method | |
| CN1297105C (en) | Method for implementing multirole main machine based on virtual local network | |
| CN1758654A (en) | Method for set-up direct link tunnel for user terminal and its communication method and server | |
| CN1744565A (en) | System and method for solving VPN sub-net address collision | |
| CN1741502A (en) | IPv6 and IPv4 internetwork mutual communicating method based on 4over6 | |
| CN1411248A (en) | IPV9/IPV4NAT routing apparatus | |
| CN1863152A (en) | Method for transmitting various messages between internal network users | |
| CN1578296A (en) | Method for realizing double-stack transition | |
| CN2579098Y (en) | IPV9/IPV4NAT routing devices | |
| CN1249572C (en) | Plug-and-play ether net access system and method | |
| CN1235368C (en) | Address conversion method for simultaneously supporting one-to-one and many-to-many under the PAT mode |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C12 | Rejection of a patent application after its publication | ||
| RJ01 | Rejection of invention patent application after publication |