CN1561053A - Communication method of transmitting and moving internet protocol association with network address - Google Patents

Communication method of transmitting and moving internet protocol association with network address Download PDF

Info

Publication number
CN1561053A
CN1561053A CNA2004100464695A CN200410046469A CN1561053A CN 1561053 A CN1561053 A CN 1561053A CN A2004100464695 A CNA2004100464695 A CN A2004100464695A CN 200410046469 A CN200410046469 A CN 200410046469A CN 1561053 A CN1561053 A CN 1561053A
Authority
CN
China
Prior art keywords
mobile node
packet
tunnel
address
virtual interface
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CNA2004100464695A
Other languages
Chinese (zh)
Other versions
CN1286300C (en
Inventor
李一峰
胡英
周衍坚
王伟
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
ZTE Corp
Original Assignee
ZTE Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by ZTE Corp filed Critical ZTE Corp
Priority to CNB2004100464695A priority Critical patent/CN1286300C/en
Publication of CN1561053A publication Critical patent/CN1561053A/en
Application granted granted Critical
Publication of CN1286300C publication Critical patent/CN1286300C/en
Anticipated expiration legal-status Critical
Expired - Fee Related legal-status Critical Current

Links

Images

Landscapes

  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention discloses a communication technique of mobile internet protocol association with network address conversion, comprising: setting a network address coverting module on a hometown agency, establishing a hometown empty interface, and giving an inner mouth property of the network address coverting module to the hometown empty interface; on a foreign place agency, mobile nodes register the retransmission addresses, establish foreign place empty interfaces in the registration process, and establish the tunnel connection between said hometown empty interfaces and foreign place empty interfaces; on a mobile node, judging the registration address is whether a foreign place registration address or a configuration registration address, if it uses the foreign place registration address, the mobile node completes the normal mobile internet protocol function; If it uses the configuration registration address, the data packet that sends from the mobile node is transmited through a reverse tunnel; the data packet is processed by the hometown agency and foreign place agency, and the data packet is transmited between the registration address registed between the hometown agency and the mobile node through the tunnel.

Description

The means of communication of a kind of combining network address conversion and Mobile Internet Protocol
Technical field
The present invention relates in the router of the communications field, need carry out the solution that the mobile node in the private network of NAT conversion utilizes mobile ip technology to move to visit during external network in internet.
Background technology
NAT (network address translation) technology is the mode by private net address and public network address mutual mapping, solves a kind of agreement of the problem of shortage of ip address.And Mobile ip (Mobile Internet Protocol) is used to solve mobile host not need to change the agreement that is moving freely on the internet under ip address and the current situation about being connected of interruption.But, the mobile node (hereinafter to be referred as MN) that common hypothesis is based on Mobile ip all needs legal public network address with home agent (hereinafter to be referred as HA) and Foreign Agent (hereinafter to be referred as FA) and just can move, that is for the ip address for today in short supply, be the comparison luxury, thereby its use may be restricted.Simultaneously, because a lot of private network is to use private net address, and by NAT visit internet, so this can make that also the range of application of Mobile ip is restricted.In RFC3024 (the reverse tunnel authority file of Mobile ip), mention can utilize the reverse tunnel technology to realize having private net address or the mobile node of overall routing address is not provided and home link on the method for node communication, but, for how NAT being combined then not explanation with the reverse tunnel technology of Mobile ip, this method is promptly expanded on this basis.
Summary of the invention
Technical problem to be solved by this invention provides the means of communication of the conversion of a kind of combining network address and Mobile Internet Protocol, solves the mobile node that uses private net address need carry out uninterrupted communication when mobile by Mobile ip and NAT on internet problem.
For achieving the above object, the invention provides the means of communication of a kind of combining network address conversion and Mobile Internet Protocol, be applied in the router home agent, Foreign Agent and mobile node are configured, its characteristics are, comprise the steps: on home agent, network address conversion module is set, sets up the local virtual interface, the local virtual interface is given the internal orifice attribute of network address conversion module; On Foreign Agent, mobile node registration Care-of Address is set up nonlocal virtual interface, sets up the tunnel by tunnel virtual interface mode between described local virtual interface and nonlocal virtual interface and connects; On mobile node, judge that the employed Care-of Address of mobile node is foreign agent care-of address or co-located care-of address, if use foreign agent care-of address, then mobile node is finished normal Mobile Internet Protocol function; If mobile node uses co-located care-of address, then the packet that sends of mobile node transmits through reverse tunnel; By home agent and Foreign Agent packet is handled, and packet transmits by the tunnel between the Care-of Address of home agent and mobile node registration.
Above-mentioned method, its characteristics are that described tunnel virtual interface mode is: packet is entered/leaves the tunnel packet header, the tunnel encapsulation/decapsulation function that must carry out be abstracted into virtual interface.
Above-mentioned method, its characteristics are, need be introduced into described virtual interface when packet enters the tunnel, and it is carried out the encapsulation in packet header, tunnel, are sending by the actual physical interface then; When the packet in the tunnel enter be used to leave the physical interface in tunnel after, correctly also to enter virtual interface through verification, carry out the decapsulation operation in tunnel, then the IP bag of internal layer is looked into routing forwarding and handles.
Above-mentioned method, its characteristics are, in the registration process of mobile node, also comprise: the binding relationship of setting up the link layer information of the interface of Foreign Agent of foreign link correspondence at described nonlocal virtual interface, mobile node place and mobile node, be used for substituting common route, as the forwarding foundation of mobile node by Foreign Agent communication.
Above-mentioned method, its characteristics are that described link layer information is a MAC Address, move on the same Foreign Agent in order to the mobile node of avoiding identical private network IP address.
Above-mentioned method, its characteristics are, in the processing of described home agent to packet, include the processing of the packet that the local node is sent, and have following steps:
Step a, home agent receive the packet that the local node sends;
Step b looks into route;
Step c judges whether to carry out network address translation, is execution in step d then, otherwise execution in step e;
Steps d is carried out network address translation, and forwards step h to;
Step e, the outlet of packet is set to the local virtual interface, and destination address is the mobile node in the other places;
Step f carries out the encapsulation of packet header, tunnel;
Step g is looked into the route of outer layer tunnel packet header destination address;
Step h sends packet from the corresponding physical interface.
Above-mentioned method, its characteristics be, in the processing of described Foreign Agent to packet, includes the processing from the packet of mobile node, and have following steps:
Steps A is received packet from mobile node from nonlocal virtual interface;
Whether step B, the destination address of judgment data bag are the main frame on the Internet, are execution in step D then, otherwise execution in step C;
Step C looks into route, and forwards step F to;
Step D carries out network address translation and handles;
Step e is looked into route;
Step F sends packet from corresponding interface.
Technique effect of the present invention is: method provided by the present invention, by each key element of mobile ip being carried out suitable transformation and NAT and Mobile ip being combined, that make to use that mobile node in the private network of NAT can be good utilizes Mobile ip function, and move on the foreign link mobile node when communicating with main frame on local private network or the internet, all as when its home link.
Further describe specific embodiments of the invention below in conjunction with accompanying drawing.
Description of drawings
Fig. 1 is the schematic diagram of the data flow that communicates when mobile node is positioned on the home link among the present invention;
Fig. 2 is the schematic diagram of the data flow of node communication when mobile node moves to foreign link among the present invention and on the home link;
Fig. 3 is the schematic diagram of the data flow of the main-machine communication when mobile node moves to foreign link and on the internet among the present invention;
Fig. 4 is the process chart of the bag that the local node sends on HA among the present invention;
Fig. 5 is that HA handles the flow chart from the packet of mobile node that enters from the tunnel virtual interface among the present invention.
Embodiment
Seeing also Fig. 1, is the schematic diagram of the data flow that communicates when being positioned on the home link of mobile node.When mobile node during in this locality, can direct communication during its visit local node, then need to carry out address transition during the visit external host through the NAT module on the router, its data flow 101 is as shown in the figure.
Seeing also Fig. 2, is the schematic diagram of mobile node data flow of node communication when moving to foreign link and on the home link.When MN moves on the foreign link, when the node on itself and the home link communicates, data flow 201 is the data flow that local node and HA go up the tunnel virtual interface, when the packet that local node sends arrives virtual interface, just will send to MN by the tunnel, and mail to the data flow of local node from MN, then leave virtual interface after, can directly be transmitted to local node.202 of data flow are packet after the virtual interface encapsulation is sent to MN by the tunnel data flow among the figure.The forwarding of data flow 202 on Foreign Agent is to rely on the binding relationship of said tunnel, front virtual interface, link layer information and MN place link port to carry out.
See also Fig. 3, the schematic diagram of the data flow when being the main-machine communication when mobile node moves to foreign link and on the internet.Wherein data flow 301 is illustrated in needs to carry out NAT data converted stream part on the HA, this moment, packet was mobile between the internal orifice (tunnel virtual interface) of NAT and collar extension (interface that links to each other with Internet), need carry out NAT and change.Data flow 302 then is the data flow between virtual interface and mobile node.
Describe with regard to the processing that relates on FA and the HA respectively more below:
On FA, do not need to relate to NAT, but will be with the source IP address shielding of MN.In the registration process of MN, with the link layer information of mobile node (as mac address etc., do not use the ip address, prevent the private net address conflict), the port of the Foreign Agent that is connected is bound with the tunnel between home agent mutually with the Foreign Agent that is used for this node, like this, the bag that all MN send from the place foreign link, at the enterprising line link layer of FA information check, check to mate and then all give HA via reverse tunnel, and HA gives the bag of MN, earlier deliver to FA by the tunnel, then FA by with the foreign link port that mobile node connected of this tunnel binding and the link layer information of MN, give MN with this packet.
For HA, thereon the tunnel is combined with NAT, employing virtual interface mechanism, be about to going into, export of tunnel also as a kind of interface, be called virtual interface, when packet process of passing through tunnel virtual interface sends, carry out tunnel encapsulation raw data packets, if from the bag that virtual interface enters, then to carry out the tunnel decapsulation to obtain raw data packets.Here the tunnel virtual interface is made as the NAT internal orifice.Concrete data flow can be seen in two kinds of situation, for MN and private network main-machine communication, the packet that sends as MN then enters from virtual interface to private network, because virtual interface is an internal orifice, at this moment this bag will go to private network, and then outlet also is an internal orifice, does not need to do the NAT conversion, if the main frame of private network will be visited MN, for internal orifice arrives internal orifice, it does not need to carry out the NAT conversion, can directly send to MN by the tunnel yet; If MN will go to public network, for the bag that MN sends, be internal orifice at the HA upper inlet, outlet is a collar extension, need do the NAT conversion, and for the bag of returning from public network, inlet is a collar extension, and outlet is a virtual interface, is internal orifice, thereby also will do the NAT conversion.
Referring to accompanying drawing 4, be the process chart of the bag that the local node sends on HA, shown the processing on the HA when local node needs are communicated by letter with mobile node or directly visited outer net, need carry out the NAT conversion during to the visit outer net, this will carry out tunnel encapsulation during for visit MN, and concrete steps comprise:
Step 401, home agent are received the packet that the local node sends;
Step 402 is looked into route;
Step 403 judges whether to carry out network address translation, is execution in step 404 then, otherwise execution in step 405;
Step 404 is carried out network address translation, and forwards step 408 to;
Step 405, the outlet of packet is set to the local virtual interface, and destination address is the mobile node in the other places;
Step 406 is carried out the encapsulation of packet header, tunnel;
Step 407 is looked into the route of outer layer tunnel packet header destination address;
Step 408 sends packet from the corresponding physical interface.
Fig. 5 shows the processing of receiving the bag of sending here from MN as HA, also in two kinds of situation, does not need to carry out the NAT conversion when promptly visiting the node on the home link, then needs to carry out the NAT conversion during visit external host, and concrete steps comprise:
Step 501 is received packet from mobile node from nonlocal virtual interface;
Whether step 502, the destination address of judgment data bag are the main frame on the Internet, are execution in step 504 then, otherwise execution in step 503;
Step 503 is looked into route, and forwards step 506 to;
Step 504 is carried out network address translation and is handled;
Step 505 is looked into route;
Step 506 sends packet from corresponding interface.

Claims (7)

1, the means of communication of a kind of combining network address conversion and Mobile Internet Protocol are applied in the router home agent, Foreign Agent and mobile node are configured, and it is characterized in that, comprise the steps:
On home agent, network address conversion module is set, set up the local virtual interface, the local virtual interface is given the internal orifice attribute of network address conversion module;
On Foreign Agent, mobile node registration Care-of Address is set up nonlocal virtual interface, sets up the tunnel by tunnel virtual interface mode between described local virtual interface and nonlocal virtual interface and connects;
On mobile node, judge that the employed Care-of Address of mobile node is foreign agent care-of address or co-located care-of address, if use foreign agent care-of address, then mobile node is finished normal Mobile Internet Protocol function; If mobile node uses co-located care-of address, then the packet that sends of mobile node transmits through reverse tunnel;
By home agent and Foreign Agent packet is handled, and packet transmits by the tunnel between the Care-of Address of home agent and mobile node registration.
2, method according to claim 1 is characterized in that, described tunnel virtual interface mode is: packet is entered/leaves the tunnel packet header, the tunnel encapsulation/decapsulation function that must carry out be abstracted into virtual interface.
3, method according to claim 2 is characterized in that, need be introduced into described virtual interface when packet enters the tunnel, and it is carried out the encapsulation in packet header, tunnel, is sending by the actual physical interface then; When the packet in the tunnel enter be used to leave the physical interface in tunnel after, correctly also to enter virtual interface through verification, carry out the decapsulation operation in tunnel, then the IP bag of internal layer is looked into routing forwarding and handles.
4, according to claim 1,2 or 3 described methods, it is characterized in that, in the registration process of mobile node, also comprise: the binding relationship of setting up the link layer information of the interface of Foreign Agent of foreign link correspondence at described nonlocal virtual interface, mobile node place and mobile node, be used for substituting common route, as the forwarding foundation of mobile node by Foreign Agent communication.
5, method according to claim 4 is characterized in that, described link layer information is a MAC Address, moves on the same Foreign Agent in order to the mobile node of avoiding identical private network IP address.
6, according to claim 1,2,3 or 5 described methods, it is characterized in that, in of the processing of described home agent, include the processing of the packet that the local node is sent, and have following steps packet:
Step a, home agent receive the packet that the local node sends;
Step b looks into route;
Step c judges whether to carry out network address translation, is execution in step d then, otherwise execution in step e;
Steps d is carried out network address translation, and forwards step h to;
Step e, the outlet of packet is set to the local virtual interface, and destination address is the mobile node in the other places;
Step f carries out the encapsulation of packet header, tunnel;
Step g is looked into the route of outer layer tunnel packet header destination address;
Step h sends packet from the corresponding physical interface.
7, according to claim 1,2,3 or 5 described methods, it is characterized in that, in of the processing of described Foreign Agent, include processing, and have following steps from the packet of mobile node to packet:
Steps A is received packet from mobile node from nonlocal virtual interface;
Whether step B, the destination address of judgment data bag are the main frame on the Internet, are execution in step D then, otherwise execution in step C;
Step C looks into route, and forwards step F to;
Step D carries out network address translation and handles;
Step e is looked into route;
Step F sends packet from corresponding interface.
CNB2004100464695A 2004-02-24 2004-06-09 Communication method of transmitting and moving Internet protocol association with network address Expired - Fee Related CN1286300C (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CNB2004100464695A CN1286300C (en) 2004-02-24 2004-06-09 Communication method of transmitting and moving Internet protocol association with network address

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
CN200410003414.6 2004-02-24
CN200410003414 2004-02-24
CNB2004100464695A CN1286300C (en) 2004-02-24 2004-06-09 Communication method of transmitting and moving Internet protocol association with network address

Publications (2)

Publication Number Publication Date
CN1561053A true CN1561053A (en) 2005-01-05
CN1286300C CN1286300C (en) 2006-11-22

Family

ID=34465867

Family Applications (1)

Application Number Title Priority Date Filing Date
CNB2004100464695A Expired - Fee Related CN1286300C (en) 2004-02-24 2004-06-09 Communication method of transmitting and moving Internet protocol association with network address

Country Status (1)

Country Link
CN (1) CN1286300C (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2009097720A1 (en) * 2008-02-02 2009-08-13 Zte Corporation A method and an apparatus for discovering home link in mip
CN101494849B (en) * 2009-03-11 2010-08-11 杭州华三通信技术有限公司 Communication equipment, method and system thereof

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2009097720A1 (en) * 2008-02-02 2009-08-13 Zte Corporation A method and an apparatus for discovering home link in mip
CN101448237B (en) * 2008-02-02 2011-08-10 中兴通讯股份有限公司 Discovery method of home link in mobile IP
US8908637B2 (en) 2008-02-02 2014-12-09 Zte Corporation Method and apparatus for discovering a home link in mobile IP
CN101494849B (en) * 2009-03-11 2010-08-11 杭州华三通信技术有限公司 Communication equipment, method and system thereof

Also Published As

Publication number Publication date
CN1286300C (en) 2006-11-22

Similar Documents

Publication Publication Date Title
CN1758630A (en) Layer 2 switch
WO2011032473A1 (en) Implementation method and system of virtual private network
CN1777142A (en) Method for realizing data communication utilizing virtual network adapting card in network environment simulating
CN1585376A (en) Addressing converting method and mixed addressing converting router for realizing it
CN102546407B (en) File transmitting method and device
CN1848802A (en) Method for realizing IPv6 high performance interconnection based on P2P on IPv4
CN1949776A (en) 4 over 6 tunnel packing and depacking method for extending boundary gateway protocol
CN109547452A (en) The method and system of TCP Transparent Proxy are realized on Linux bridge equipment
CN1835500A (en) Melthod of moving IPv6 data to cross status fireproof wall
CN1180581C (en) Tunnel encapsulation method for wireless VPN
CN1758654A (en) Method for set-up direct link tunnel for user terminal and its communication method and server
CN1835474A (en) Text transmission method in protocal network of mobile internet
CN1925469A (en) Blue Tooth ZigBee gateway
CN101030934A (en) Method for spanning heterogeneous network mobile telecommunication based on two-way tunnel
CN1863150A (en) Method and system for processing data based on between GGSN and external data network
CN1741502A (en) IPv6 and IPv4 internetwork mutual communicating method based on 4over6
CN1960311A (en) System and method of interconnection between network of universal mobile communication system and evolution network
CN1960316A (en) Network address conversion method for segmented messages
CN1947455A (en) Supporting a network behind a wireless station
CN106059885A (en) Method and system for processing CAPWAP message by wireless controller
CN1286300C (en) Communication method of transmitting and moving Internet protocol association with network address
CN1292554C (en) User accessing method for realing CDMA system and wireless LAN joint
CN1311674C (en) Method for realizing moving node directly interview each other in same extending network domain
WO2008080275A1 (en) Integrated network construction method and integrated network generalized exchange route device
CN1863171A (en) Method for implementing signalling across network address translation apparatus in mobile IP network

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20061122

Termination date: 20190609

CF01 Termination of patent right due to non-payment of annual fee