JP2002185538A - System for switching connection between closed area networks - Google Patents
System for switching connection between closed area networksInfo
- Publication number
- JP2002185538A JP2002185538A JP2000380838A JP2000380838A JP2002185538A JP 2002185538 A JP2002185538 A JP 2002185538A JP 2000380838 A JP2000380838 A JP 2000380838A JP 2000380838 A JP2000380838 A JP 2000380838A JP 2002185538 A JP2002185538 A JP 2002185538A
- Authority
- JP
- Japan
- Prior art keywords
- closed network
- closed
- connection
- network
- networks
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Abstract
Description
【0001】[0001]
【発明の属する技術分野】本発明は、データをパケット
化して伝送するコンピュータ通信において、複数の閉域
網を構成することが可能な、パケット網に関するもので
あり、このようなパケット網が複数ある場合に、それぞ
れのパケット網に存在する、閉域網同士を接続する閉域
網間接続切り替え方式に関するものである。BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to a packet network capable of forming a plurality of closed networks in computer communication for packetizing and transmitting data. The present invention also relates to a closed network connection switching method for connecting closed networks, which is present in each packet network.
【0002】[0002]
【従来の技術】近年、IP(Internet Pro
tocol)等のパケット通信方式にて、閉域網を構成
し、低コスト化しつつ、通信の秘匿性などのセキュリテ
ィ等の企業内・間通信で必要とされる、通信品質を保証
する仮想閉域網技術が注目されている。複数の通信事業
社間で、それぞれの閉域網(群)を相互接続する場合、
事前に固定的に閉域網同士を相互接続することが行われ
ている。また、ダイアルアップやxDSL等のアクセス
手段を用いた、パケット通信ホストを収容する、アクセ
スサーバ(NAS:Network Access S
erver)で、装置内に複数の閉域網を収容可能なも
のを設置し、バックボーンに存在する閉域網とアクセス
サーバ内に存在する閉域網を相互接続して、複数の閉域
網で共用可能なアクセスサーバでリモートアクセスサー
ビスを提供することがある。2. Description of the Related Art In recent years, IP (Internet Pro
Tocol), a closed network is constructed using a packet communication method, and while reducing the cost, virtual closed area network technology that guarantees the communication quality required for intra-enterprise communication such as security such as communication confidentiality is required. Is attracting attention. When interconnecting each closed network (group) between multiple carriers,
Fixed networks are fixedly interconnected in advance. Also, an access server (NAS: Network Access S) that accommodates a packet communication host using access means such as dial-up or xDSL.
server), a device capable of accommodating a plurality of closed networks is installed in the apparatus, and the closed network existing in the backbone and the closed network existing in the access server are interconnected, so that the access can be shared by the plurality of closed networks. The server may provide remote access services.
【0003】従来技術例として、この閉域網を収容可能
なアクセスサーバを用いた実現例の構成を図4に示す。[0003] As a prior art example, Fig. 4 shows a configuration of an implementation example using an access server capable of accommodating this closed area network.
【0004】図4中、11はアクセスユーザ(PC)、
12はPOTSやISDNやxDSL等のアクセス網
(Access)、13はアクセスサーバ(NAS)、
14はアクセスサーバ内の閉域網(VPN♯1〜4)、
15はアクセスサーバ内の制御部(C)、16は閉域網
群制御サーバ(AAS)、17はバックボーン(BB
N)、18はバックボーン内の閉域網(VPN♯a〜
d)、19はバックボーン内の制御部(C)を示す。In FIG. 4, reference numeral 11 denotes an access user (PC),
12 is an access network (Access) such as POTS, ISDN or xDSL, 13 is an access server (NAS),
14 is a closed network (VPN # 1 to 4) in the access server,
15 is a control unit (C) in the access server, 16 is a closed network group control server (AAS), and 17 is a backbone (BB).
N) and 18 are closed networks in the backbone (VPN @ a to
d) and 19 show a control unit (C) in the backbone.
【0005】図5に沿って、接続・切断のシーケンスを
説明する。[0005] A connection / disconnection sequence will be described with reference to FIG.
【0006】アクセスユーザ11は接続を開始する場
合、バックボーン17内の閉域網18とデータを送受信
する前に、アクセスサーバ13との間で、PPP(Po
int−to−Point Protocol)などに
より、セッションを確立する。この際に、アクセスユー
ザ11は、ユーザ識別子・閉域網識別子・パスワード等
で構成される認証要求をアクセスサーバ13経由で閉域
網群制御サーバ16へ送信する。閉域網群制御サーバ1
6は認証情報をもとに、認証処理を行う。[0006] When the access user 11 initiates a connection, the access user 11 exchanges PPP (Po) with the access server 13 before transmitting / receiving data to / from the closed network 18 in the backbone 17.
A session is established by, for example, an int-to-point protocol. At this time, the access user 11 transmits an authentication request including a user identifier, a closed network identifier, a password, and the like to the closed network group control server 16 via the access server 13. Closed network group control server 1
6 performs an authentication process based on the authentication information.
【0007】接続を許可しない場合は、閉域網群制御サ
ーバ16がアクセスサーバ13経由でアクセスユーザ1
1へ認証拒否応答を返し、このセッションの確立は失敗
(接続失敗)する。[0007] When the connection is not permitted, the closed network group control server 16 sends the access user 1 via the access server 13.
1 returns an authentication rejection response, and the establishment of this session fails (connection failure).
【0008】接続を許可する場合は、閉域網群制御サー
バ16がバックボーン17へ、このセッションに関する
新規経路情報を設定し、さらにバックボーン17から閉
域網群制御サーバ16への設定応答により、閉域網群制
御サーバ16はアクセスサーバ13経由でアクセスユー
ザ11へ認証受理応答を返す。この認証受理応答の中に
は、閉域網識別子とアクセスユーザ11が用いるアドレ
スなどの情報が含まれる。結果として、アクセスユーザ
11からアクセスサーバ13内及びバックボーン17内
閉域網14,18への通信が可能となり、通信を開始す
る。When the connection is permitted, the closed network group control server 16 sets new route information relating to this session in the backbone 17, and further, based on a setting response from the backbone 17 to the closed network group control server 16, the closed network group control server 16 The control server 16 returns an authentication acceptance response to the access user 11 via the access server 13. The authentication acceptance response includes information such as a closed network identifier and an address used by the access user 11. As a result, communication from the access user 11 to the closed networks 14 and 18 in the access server 13 and the backbone 17 becomes possible, and communication is started.
【0009】アクセスユーザ11が切断を開始すると、
アクセスサーバ13経由で閉域網群制御サーバ16へ切
断要求が送信される。閉域網群制御サーバ16は、バッ
クボーン内閉域網18に設定された、このセッション用
の経路情報を削除し、バックボーン17から閉域網群制
御サーバ16への削除応答により、閉域網群制御サーバ
16は切断応答をアクセスサーバ13経由でアクセスユ
ーザ11へ返却する。アクセスサーバ13はアクセスサ
ーバ内閉域網14から、このセッションに関する情報を
削除する。結果として、このセッションの切断が完了す
る。When the access user 11 starts disconnection,
A disconnection request is transmitted to the closed network group control server 16 via the access server 13. The closed network group control server 16 deletes the route information for the session set in the closed network 18 in the backbone, and sends a deletion response from the backbone 17 to the closed network group control server 16. The disconnection response is returned to the access user 11 via the access server 13. The access server 13 deletes information on this session from the closed network 14 within the access server. As a result, the disconnection of this session is completed.
【0010】このシステムでは、アクセスサーバ13と
バックボーン17内部の閉域網14,18を固定的に対
応づけて接続しておくことで、バックボーン17へのダ
イレクトなアクセス手段を持たないアクセスユーザ11
が、アクセスサーバ13経由でバックボーン内閉域網1
8と通信することが可能となる。しかし、この閉域網1
4と18同士の対応関係が固定的なため、バックボーン
17内部と同数の、あるいは、アクセスサーバ13経由
で接続を許可するバックボーン17内閉域網数と同数
の、閉域網をアクセスサーバ13内部に設けておくこと
が必要となる。In this system, the access server 13 and the closed networks 14 and 18 inside the backbone 17 are fixedly associated with each other and connected, so that the access user 11 without direct access means to the backbone 17 is provided.
Is the closed network 1 in the backbone via the access server 13
8 can be communicated with. However, this closed network 1
Since the correspondence between 4 and 18 is fixed, the same number of closed networks as in the backbone 17 or the same number as the number of closed networks in the backbone 17 permitted to connect via the access server 13 are provided in the access server 13. It is necessary to keep it.
【0011】[0011]
【発明が解決しようとする課題】前記のように、アクセ
スサーバ13内の閉域網とバックボーン17内の閉域網
が、固定的に接続されていると、それぞれの内部閉域網
数を合わせることが必要となる。あるいは、アクセスサ
ーバ13経由で接続を許可するバックボーン17内閉域
網数と同数の、閉域網をアクセスサーバ13内部に設け
ておくことが必要となる。例えば、アクセスサーバ13
内部に持てる閉域網数がバックボーン17内部に持てる
閉域網数より少ない場合、アクセスサーバ13とバック
ボーン17間で、同時にセッションを確立する閉域網数
が少なく、アクセスサーバを必要以上に設置しなければ
ならないという問題があった。As described above, when the closed network in the access server 13 and the closed network in the backbone 17 are fixedly connected, it is necessary to match the numbers of the respective internal closed networks. Becomes Alternatively, it is necessary to provide the same number of closed networks in the access server 13 as the number of closed networks in the backbone 17 for which connection is permitted via the access server 13. For example, the access server 13
When the number of closed networks that can be held inside is smaller than the number of closed networks that can be held inside the backbone 17, the number of closed networks that simultaneously establish sessions between the access server 13 and the backbone 17 is small, and the access server must be installed more than necessary. There was a problem.
【0012】本発明は上記の事情に鑑みてなされたもの
で、アクセスサーバ内閉域網とバックボーン内閉域網の
対応を動的に切り替える(アクセスサーバ内閉域網とバ
ックボーン内閉域網の対応関係を変えることを可能にす
る)ことにより、閉域網同士の接続を効率良く行うこと
ができる閉域網間接続切り替え方式を提供することを目
的とする。The present invention has been made in view of the above circumstances, and dynamically switches the correspondence between the closed network in the access server and the closed network in the backbone (changes the correspondence between the closed network in the access server and the closed network in the backbone). It is an object of the present invention to provide a connection switching method between closed networks that can efficiently connect closed networks.
【0013】[0013]
【課題を解決するための手段】上記目的を達成するため
に本発明の閉域網間接続切り替え方式は、1つ以上の閉
域網を持つ複数の閉域網群と、一方の閉域網群の閉域網
と他方の閉域網群の閉域網を接続・切断する閉域網接続
装置と、閉域網または閉域網ユーザからの接続要求を基
に、接続可否を判定し、接続可能な場合は、前記閉域網
接続装置を制御して、所定の閉域網に接続し、閉域網ま
たは閉域網ユーザからの切断要求を基に、切断可否を判
定し、切断可能な場合は、前記閉域網接続装置を制御し
て、閉域網間接続を切断する閉域網群制御サーバとを具
備することを特徴とするものである。In order to achieve the above object, a connection switching system between closed networks according to the present invention comprises a plurality of closed networks having at least one closed network, and a closed network of one of the closed networks. And a closed network connection device for connecting and disconnecting the closed network of the other closed network group, and a connection request is determined based on a connection request from the closed network or the closed network user, and if the connection is possible, the closed network connection is performed. By controlling the device, connected to a predetermined closed network, based on a disconnection request from a closed network or a closed network user, determine whether disconnection is possible, if disconnectable, controlling the closed network connection device, And a closed network group control server for disconnecting the connection between the closed networks.
【0014】また本発明は、前記閉域網間接続切り替え
方式において、接続や切断が閉域網または閉域網ユーザ
の要求に応じ、一方の閉域網群の閉域網と他方の閉域網
群の閉域網の対応を動的に切り替えて行えることを特徴
とするものである。The present invention also relates to the closed-network connection switching method, wherein the connection or disconnection is performed by a closed network of one closed network group and a closed network of the other closed network group in response to a request from a closed network or a closed network user. It is characterized in that the correspondence can be dynamically switched and performed.
【0015】また本発明は、前記閉域網間接続切り替え
方式において、複数の閉域網あるいは閉域網群を1つの
装置に収容することを特徴とするものである。Further, the present invention is characterized in that, in the connection switching method between closed networks, a plurality of closed networks or closed networks are accommodated in one device.
【0016】また本発明は、前記閉域網間接続切り替え
方式において、一方の閉域網群がダイアルアップやxD
SL等のセッション接続型アクセスサーバであり、他方
の閉域網群がバックボーンであることを特徴とするもの
である。Further, according to the present invention, in the above-mentioned connection switching system between closed networks, one of the closed networks is dial-up or xD.
It is a session connection type access server such as SL, and the other closed network group is a backbone.
【0017】また本発明は、前記閉域網間接続切り替え
方式において、閉域網群制御サーバに、セッション接続
型アクセスサーバ内の各閉域網の接続中セッション数を
カウントする手段を備えることによって、閉域網間接続
の、接続・切断の契機を閉域網群制御サーバが自動的に
判断することを特徴とするものである。Further, in the present invention, in the closed network connection switching method, the closed network group control server includes means for counting the number of connected sessions of each closed network in the session connection type access server, whereby the closed network is provided. It is characterized in that the closed network group control server automatically determines the connection / disconnection trigger of the inter-connection.
【0018】また本発明は、前記閉域網間接続切り替え
方式において、セッション接続型アクセスサーバ内の各
閉域網の接続中セッション数をカウントする手段とし
て、接続セッションを持つバックボーン内の閉域網と、
セッション接続型アクセスサーバ内の閉域網の対応と、
接続中セッション数を記録する管理表を、閉域網群制御
サーバに備えることを特徴とするものである。The present invention also relates to the closed-area network connection switching method, wherein the closed-area network in the backbone having the connected session is provided as means for counting the number of connected sessions of each closed network in the session connection type access server.
Correspondence of the closed network in the session connection type access server,
A management table for recording the number of connected sessions is provided in the closed network group control server.
【0019】本発明は、閉域網群制御サーバと閉域網接
続装置を設けて、閉域網の相互接続を動的に行うことが
可能となる点と、各閉域網群内の閉域網同士の接続は動
的に行われるため、それぞれの閉域網数は同一となる必
要がない点と、片方の閉域網群がアクセスサーバ内に収
容される場合に、閉域網群制御サーバでセッション数を
カウントしておくことで、自動的に閉域網群制御サーバ
が判断して閉域網間相互接続の確立・切断を行うことが
できるという点が、従来の技術とは異なる。According to the present invention, a closed network group control server and a closed network connection device are provided to enable dynamic connection of the closed networks, and a connection between the closed networks in each closed network group. Is performed dynamically, the number of closed networks does not need to be the same, and if one closed network group is accommodated in the access server, the number of sessions is counted by the closed network group control server. This is different from the prior art in that the closed network group control server can automatically determine and establish / disconnect the interconnected network between the closed networks.
【0020】[0020]
【発明の実施の形態】以下図面を参照して本発明の実施
形態例を詳細に説明する。Embodiments of the present invention will be described below in detail with reference to the drawings.
【0021】(第1の実施形態例)図1は本発明による
実施形態例のシステム構成を示すもので、図中、11は
アクセスユーザ(PC)、12はPOTSやISDNや
xDSL等のアクセス網(Access)、13はアク
セスサーバ(NAS)、14はアクセスサーバ内の閉域
網(VPN♯1〜4)、15はアクセスサーバ内の制御
部(C)、16は閉域網群制御サーバ(AAS)、17
はバックボーン(BBN)、18はバックボーン内の閉
域網(VPN♯a〜d)、19はバックボーン内の制御
部(C)、31は閉域網接続装置(SW)、32は閉域
網接続装置内の制御部(C)を示す。また、図2は、本
発明の実施形態例において、下記に示すように、閉域網
群制御サーバ16がアクセスサーバ13内とバックボー
ン17内の閉域網14,18の相互接続関係と、存在す
る接続セッション数をカウントするために用いる、管理
表を示す。(First Embodiment) FIG. 1 shows a system configuration of an embodiment according to the present invention. In FIG. 1, reference numeral 11 denotes an access user (PC), and 12 denotes an access network such as POTS, ISDN, or xDSL. (Access), 13 is an access server (NAS), 14 is a closed network (VPN # 1 to 4) in the access server, 15 is a control unit (C) in the access server, and 16 is a closed network group control server (AAS) , 17
Is a backbone (BBN), 18 is a closed network (VPN # a-d) in the backbone, 19 is a control unit (C) in the backbone, 31 is a closed network connection device (SW), and 32 is a closed network connection device. The control unit (C) is shown. FIG. 2 shows an example of an embodiment of the present invention, in which the closed network group control server 16 determines the interconnection relationship between the closed networks 14 and 18 in the access server 13 and the backbone 17 and the existing connection as shown below. 9 shows a management table used for counting the number of sessions.
【0022】図3に沿って、接続・切断のシーケンスを
説明する。The connection / disconnection sequence will be described with reference to FIG.
【0023】アクセスユーザ11は接続を開始する場
合、バックボーン17内の閉域網18とデータを送受信
する前に、アクセスサーバ13との間で、PPPなどに
より、セッションを確立する。この際に、アクセスユー
ザ11は、ユーザ識別子・閉域網識別子・パスワード等
で構成される認証要求をアクセスサーバ13経由で閉域
網群制御サーバ16へ送信する。閉域網群制御サーバ1
6は認証情報をもとに、認証処理を行う。When starting access, the access user 11 establishes a session with the access server 13 by PPP or the like before transmitting / receiving data to / from the closed network 18 in the backbone 17. At this time, the access user 11 transmits an authentication request including a user identifier, a closed network identifier, a password, and the like to the closed network group control server 16 via the access server 13. Closed network group control server 1
6 performs an authentication process based on the authentication information.
【0024】接続を許可しない場合は、閉域網群制御サ
ーバ16がアクセスサーバ13経由でアクセスユーザ1
1へ認証拒否応答を返し、このセッションの確立は失敗
(接続失敗)する。If the connection is not permitted, the closed network group control server 16 sends the access user 1 via the access server 13.
1 returns an authentication rejection response, and the establishment of this session fails (connection failure).
【0025】接続を許可する場合は、接続を許可するバ
ックボーン内閉域網18が、既に閉域網群制御サーバ1
6の図2に示すような管理表に登録されているかどうか
調べる。もし存在した場合には、管理表中の該当閉域網
への接続セッション数を増加させる。もし存在しなかっ
た場合には閉域網群制御サーバ16は、管理表に該当閉
域網のエントリを追加し、閉域網接続装置31へアクセ
スサーバ内閉域網14とバックボーン内閉域網18を相
互接続する設定を行い、閉域網接続装置31は閉域網群
制御サーバ16へ設定応答を返す。When permitting the connection, the closed network 18 in the backbone for permitting the connection is already connected to the closed network group control server 1.
It is checked whether or not it is registered in the management table as shown in FIG. If it exists, the number of sessions connected to the corresponding closed network in the management table is increased. If it does not exist, the closed network group control server 16 adds the corresponding closed network entry to the management table, and interconnects the closed network 14 in the access server and the closed network 18 in the backbone to the closed network connection device 31. The setting is performed, and the closed network connection device 31 returns a setting response to the closed network group control server 16.
【0026】この後、閉域網群制御サーバ16がバック
ボーン17へ、このセッションに関する新規経路情報を
設定し、バックボーン17から閉域網群制御サーバ16
へ設定応答があると、閉域網群制御サーバ16はアクセ
スサーバ13経由でアクセスユーザ11へ認証受理応答
を返す。この認証受理応答の中には、閉域網識別子とア
クセスユーザ11が用いるアドレスなどの情報が含まれ
る。結果として、アクセスユーザ11からアクセスサー
バ13内及びバックボーン17内閉域網14,18への
通信が可能となり、通信を開始する。After that, the closed network group control server 16 sets new route information on this session in the backbone 17, and from the backbone 17, the closed network group control server 16
When the setting response is received, the closed network group control server 16 returns an authentication acceptance response to the access user 11 via the access server 13. The authentication acceptance response includes information such as a closed network identifier and an address used by the access user 11. As a result, communication from the access user 11 to the closed networks 14 and 18 in the access server 13 and the backbone 17 becomes possible, and communication starts.
【0027】アクセスユーザ11が切断を開始すると、
アクセスサーバ13経由で閉域網群制御サーバ16へ切
断要求が送信される。閉域網群制御サーバ16は、この
セッションが該当バックボーン17の閉域網18へ接続
する最終セッションであるか、すなわち、このセッショ
ンを切断してしまうと、該当閉域網18へ接続するセッ
ションが無くなってしまうかどうかを、図2に示すよう
な管理表を用いて計算し、チェックする。もし、最終セ
ッションである場合には、閉域網群制御サーバ16は管
理表から該当閉域網18のエントリを削除し、閉域網接
続装置31へ設定した、アクセスサーバ内閉域網14と
バックボーン内閉域網18間の相互接続を切断し、閉域
網接続装置31から閉域網群制御サーバ16へ切断応答
が返される。When the access user 11 starts disconnection,
A disconnection request is transmitted to the closed network group control server 16 via the access server 13. The closed network group control server 16 determines whether this session is the last session connected to the closed network 18 of the corresponding backbone 17, that is, if this session is disconnected, there is no session connected to the corresponding closed network 18. Whether it is calculated using a management table as shown in FIG. 2 and checked. If it is the last session, the closed network group control server 16 deletes the entry of the corresponding closed network 18 from the management table and sets the closed network 14 in the access server and the closed network in the backbone set in the closed network connection device 31. Then, the interconnection between the network 18 is disconnected, and a disconnection response is returned from the closed network connection device 31 to the closed network group control server 16.
【0028】この後、閉域網群制御サーバ16はバック
ボーン内閉域網18に設定された、このセッション用の
経路情報を削除し、バックボーン17から閉域網群制御
サーバ16へ削除応答が返される。閉域網群制御サーバ
16は切断応答をアクセスサーバ13経由でアクセスユ
ーザ11へ返却する。アクセスサーバ13はアクセスサ
ーバ内閉域網14から、このセッションに関する情報を
削除する。結果として、このセッションの切断が完了す
る。Thereafter, the closed network group control server 16 deletes the path information for this session set in the closed network 18 in the backbone, and a deletion response is returned from the backbone 17 to the closed network group control server 16. The closed network group control server 16 returns a disconnection response to the access user 11 via the access server 13. The access server 13 deletes information on this session from the closed network 14 within the access server. As a result, the disconnection of this session is completed.
【0029】これにより、各閉域網への接続セッション
数をカウントし、ある閉域網への最初の接続セッション
を確立するときには、アクセスサーバ13とバックボー
ン17の閉域網を相互接続し、ある閉域網への最後の接
続セッションを切断するときには、アクセスサーバ13
とバックボーン17の閉域網間の接続を開放するという
ように、セッションの接続と切断を契機として、自動的
に接続を切り替えることにより、アクセスサーバ13と
バックボーン17の閉域網を効率的に利用することが可
能となる。Thus, the number of sessions connected to each closed network is counted, and when establishing the first connection session to a certain closed network, the access server 13 and the closed network of the backbone 17 are interconnected, and the connection is established to a certain closed network. Access server 13 when disconnecting the last connection session of
The connection between the access server 13 and the backbone 17 is efficiently used by automatically switching the connection when the session is connected or disconnected, such as opening the connection between the access server 13 and the backbone 17. Becomes possible.
【0030】なお、本発明の実施形態例では、アクセス
サーバ13、閉域網群制御サーバ16、閉域網接続装置
31、バックボーン17が別装置として説明を行った
が、これらの一部が同一装置内で実現してあっても、一
般性を失わずに実施することが可能である。例えば、バ
ックボーンとアクセスサーバがATM等の仮想回線(V
C;virtual connection)を利用で
きる技術を用いている場合には、アクセスサーバまたは
バックボーン(あるいは両方の)、入出力VC番号情報
を設定変更することで、本発明の実施形態例で必要な閉
域網接続装置機能を実現することが可能である。In the embodiment of the present invention, the access server 13, the closed network group control server 16, the closed network connecting device 31, and the backbone 17 are described as separate devices, but some of them are in the same device. Even if this is realized, it is possible to implement without losing generality. For example, the backbone and the access server are connected to a virtual circuit (V
C: When a technology that can use virtual connection is used, the access server and / or backbone (or both) and the input / output VC number information are set and changed to provide a closed network required in the embodiment of the present invention. It is possible to realize the connection device function.
【0031】[0031]
【発明の効果】以上述べたように本発明によれば、閉域
網の相互接続を動的に行う(閉域網の相互接続の対応関
係を変える)ことが可能となる。不必要な装置の増設を
行うことなく、閉域網数の異なる閉域網群を相互接続す
ることが可能となる。特に、アクセスサーバ内閉域網と
バックボーン内閉域網との間の接続に関しては、各閉域
網への接続セッション数をカウントし、ある閉域網への
最初の接続セッションを確立するときには、アクセスサ
ーバとバックボーンの閉域網を相互接続し、ある閉域網
への最後の接続セッションを切断するときには、アクセ
スサーバとバックボーンの閉域網間の接続を開放すると
いうように、セッションの接続と切断を契機として、自
動的に接続を切り替えることにより、アクセスサーバと
バックボーンの閉域網を効率的に利用することが可能と
なる。As described above, according to the present invention, it is possible to dynamically connect a closed network (change the correspondence relationship between the closed networks). It is possible to interconnect closed networks having different numbers of closed networks without adding unnecessary devices. In particular, regarding the connection between the closed network in the access server and the closed network in the backbone, the number of connection sessions to each closed network is counted, and when the first connection session to a certain closed network is established, the access server and the backbone are connected. When a closed network is interconnected and the last connection session to a closed network is disconnected, the connection between the access server and the backbone closed network is automatically opened and the session is disconnected and triggered. By switching the connection, the closed network of the access server and the backbone can be used efficiently.
【図1】本発明の実施形態例を示す構成説明図である。FIG. 1 is a configuration explanatory view showing an embodiment of the present invention.
【図2】本発明の実施形態例における接続・切断動作を
示すシーケンス図である。FIG. 2 is a sequence diagram showing a connection / disconnection operation in the embodiment of the present invention.
【図3】本発明の実施形態例における管理表を示す説明
図である。FIG. 3 is an explanatory diagram showing a management table in the embodiment of the present invention.
【図4】従来の閉域網間接続切り替え方式を示す構成説
明図である。FIG. 4 is a configuration explanatory view showing a conventional connection switching method between closed networks.
【図5】図4における接続・切断動作を示すシーケンス
図である。FIG. 5 is a sequence diagram showing a connection / disconnection operation in FIG. 4;
【符号の説明】 11 アクセスユーザ(PC) 12 POTSやISDNやxDSL等のアクセス網
(Access) 13 アクセスサーバ(NAS) 14 アクセスサーバ内の閉域網(VPN♯1〜4) 15 アクセスサーバ内の制御部(C) 16 閉域網群制御サーバ(AAS) 17 バックボーン(BBN) 18 バックボーン内の閉域網(VPN♯a〜d) 19 バックボーン内の制御部(C) 31 閉域網接続装置(SW) 32 閉域網接続装置内の制御部(C)[Description of Signs] 11 Access User (PC) 12 Access Network (Access) such as POTS, ISDN, xDSL 13 Access Server (NAS) 14 Closed Network (VPN # 1 to 4) in Access Server 15 Control in Access Server Unit (C) 16 Closed network group control server (AAS) 17 Backbone (BBN) 18 Closed network in backbone (VPN #a to d) 19 Control unit in backbone (C) 31 Closed network connection device (SW) 32 Closed Control unit (C) in network connection device
Claims (6)
と、 一方の閉域網群の閉域網と他方の閉域網群の閉域網を接
続・切断する閉域網接続装置と、 閉域網または閉域網ユーザからの接続要求を基に、接続
可否を判定し、接続可能な場合は、前記閉域網接続装置
を制御して、所定の閉域網に接続し、閉域網または閉域
網ユーザからの切断要求を基に、切断可否を判定し、切
断可能な場合は、前記閉域網接続装置を制御して、閉域
網間接続を切断する閉域網群制御サーバとを具備するこ
とを特徴とする閉域網間接続切り替え方式。1. A closed network connection device for connecting / disconnecting a plurality of closed networks having one or more closed networks, a closed network of one closed network and a closed network of the other closed network, and a closed network. Or, based on a connection request from a closed network user, determine whether connection is possible, if the connection is possible, control the closed network connection device, connect to a predetermined closed network, from the closed network or from a closed network user A closed network group control server that determines whether or not disconnection is possible based on the disconnection request and, when disconnection is possible, controls the closed network connection device to disconnect the connection between the closed networks; Network connection switching method.
式において、接続や切断が閉域網または閉域網ユーザの
要求に応じ、一方の閉域網群の閉域網と他方の閉域網群
の閉域網の対応を動的に切り替えて行えることを特徴と
する閉域網間接続切り替え方式。2. The closed network connection switching method according to claim 1, wherein the connection or disconnection is performed by a closed network or a closed network user in response to a request from a closed network or a closed network user, and the closed network of another closed network group. A method of switching connections between closed networks, characterized in that the correspondence can be dynamically switched.
り替え方式において、複数の閉域網あるいは閉域網群と
閉域網接続装置を1つの装置に収容することを特徴とす
る閉域網間接続切り替え方式。3. The connection switching method between closed networks according to claim 1 or 2, wherein a plurality of closed networks or a group of closed networks and a closed network connection device are accommodated in one device. method.
続切り替え方式において、一方の閉域網群がセッション
接続型アクセスサーバであり、他方の閉域網群がバック
ボーンであることを特徴とする閉域網間接続切り替え方
式。4. The closed network connection switching system according to claim 1, wherein one closed network group is a session connection type access server and the other closed network group is a backbone. Connection switching method between closed networks.
式において、閉域網群制御サーバに、セッション接続型
アクセスサーバ内の各閉域網の接続中セッション数をカ
ウントする手段を備えることによって、閉域網間接続
の、接続・切断の契機を閉域網群制御サーバが自動的に
判断することを特徴とする閉域網間接続切り替え方式。5. The closed network connection switching method according to claim 4, wherein the closed network group control server is provided with means for counting the number of connected sessions of each closed network in the session connection type access server. A closed network connection switching method, characterized in that the closed network group control server automatically determines the connection / disconnection timing of the network connection.
式において、セッション接続型アクセスサーバ内の各閉
域網の接続中セッション数をカウントする手段として、
接続セッションを持つバックボーン内の閉域網と、セッ
ション接続型アクセスサーバ内の閉域網の対応と、接続
中セッション数を記録する管理表を、閉域網群制御サー
バに備えることを特徴とする閉域網間接続切り替え方
式。6. The connection switching method between closed networks according to claim 5, wherein, as means for counting the number of connected sessions of each closed network in the session connection type access server,
A closed network in the backbone having a connected session, a closed network corresponding to the closed network in the session connection type access server, and a management table for recording the number of connected sessions in the closed network group control server. Connection switching method.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| JP2000380838A JP3454788B2 (en) | 2000-12-14 | 2000-12-14 | Connection switching method between closed networks |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| JP2000380838A JP3454788B2 (en) | 2000-12-14 | 2000-12-14 | Connection switching method between closed networks |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| JP2002185538A true JP2002185538A (en) | 2002-06-28 |
| JP3454788B2 JP3454788B2 (en) | 2003-10-06 |
Family
ID=18848955
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| JP2000380838A Expired - Lifetime JP3454788B2 (en) | 2000-12-14 | 2000-12-14 | Connection switching method between closed networks |
Country Status (1)
| Country | Link |
|---|---|
| JP (1) | JP3454788B2 (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP3912609B2 (en) * | 2003-07-04 | 2007-05-09 | 日本電信電話株式会社 | Remote access VPN mediation method and mediation device |
-
2000
- 2000-12-14 JP JP2000380838A patent/JP3454788B2/en not_active Expired - Lifetime
Also Published As
| Publication number | Publication date |
|---|---|
| JP3454788B2 (en) | 2003-10-06 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US4823338A (en) | Virtual local area network | |
| JP4023240B2 (en) | User authentication system | |
| WO1998045785A2 (en) | Supporting authentication across multiple network access servers | |
| Allen | Novell IPX Over Various WAN Media (IPXWAN) | |
| US7830869B2 (en) | Establishing connection across a connection-oriented first telecommunications network in response to a connection request from a second telecommunications network | |
| JP2007049503A (en) | Packet communication service system, packet communication service method, edge side gateway device, and center side gateway device | |
| JP3454788B2 (en) | Connection switching method between closed networks | |
| Cisco | IBM Network Media Translation Commands | |
| JPH11328117A (en) | User managing method of authentication system | |
| Cisco | Configuring Interfaces | |
| Cisco | Configuring Interfaces | |
| Cisco | WAN Link Protocols | |
| Cisco | Configuring Interfaces | |
| Cisco | Configuring Interfaces | |
| Cisco | Configuring Interfaces | |
| Cisco | Configuring Interfaces | |
| Cisco | Configuring Interfaces | |
| Cisco | Configuring Interfaces | |
| Cisco | Configuring Interfaces | |
| Cisco | Configuring Interfaces | |
| Cisco | Configuring Interfaces | |
| Cisco | Configuring Interfaces | |
| Cisco | Configuring Interfaces | |
| JPH10173708A (en) | Simple routing system | |
| KR100236945B1 (en) | Address resolution method in the b-isdn connectionless data service network |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| TRDD | Decision of grant or rejection written | ||
| R151 | Written notification of patent or utility model registration |
Ref document number: 3454788 Country of ref document: JP Free format text: JAPANESE INTERMEDIATE CODE: R151 |
|
| FPAY | Renewal fee payment (event date is renewal date of database) |
Free format text: PAYMENT UNTIL: 20080725 Year of fee payment: 5 |
|
| FPAY | Renewal fee payment (event date is renewal date of database) |
Free format text: PAYMENT UNTIL: 20080725 Year of fee payment: 5 |
|
| FPAY | Renewal fee payment (event date is renewal date of database) |
Free format text: PAYMENT UNTIL: 20090725 Year of fee payment: 6 |
|
| FPAY | Renewal fee payment (event date is renewal date of database) |
Free format text: PAYMENT UNTIL: 20090725 Year of fee payment: 6 |
|
| FPAY | Renewal fee payment (event date is renewal date of database) |
Free format text: PAYMENT UNTIL: 20100725 Year of fee payment: 7 |
|
| FPAY | Renewal fee payment (event date is renewal date of database) |
Free format text: PAYMENT UNTIL: 20100725 Year of fee payment: 7 |
|
| FPAY | Renewal fee payment (event date is renewal date of database) |
Free format text: PAYMENT UNTIL: 20110725 Year of fee payment: 8 |
|
| FPAY | Renewal fee payment (event date is renewal date of database) |
Free format text: PAYMENT UNTIL: 20120725 Year of fee payment: 9 |
|
| FPAY | Renewal fee payment (event date is renewal date of database) |
Free format text: PAYMENT UNTIL: 20130725 Year of fee payment: 10 |
|
| S531 | Written request for registration of change of domicile |
Free format text: JAPANESE INTERMEDIATE CODE: R313531 |
|
| R350 | Written notification of registration of transfer |
Free format text: JAPANESE INTERMEDIATE CODE: R350 |
|
| EXPY | Cancellation because of completion of term |