JP2004509539A - Method and apparatus for providing mobile and other intermittent connectivity in a computer environment - Google Patents

Abstract

A seamless solution that makes the characteristics of a nomadic system transparent, ensuring that existing network applications work in a mobile environment. The mobility management server (102) combined with the mobile network maintains the state of each of the unlimited number of mobile terminal systems (104) and maintains a continuous connection to the network and to the processing at other peers. Perform any necessary complex session management. If the mobile terminal system goes out of range, suspends, or changes the network address (e.g., roaming from one network interconnect to another), the mobility management server will notify the associated peer Maintains a connection with the task and enables the mobile terminal system to maintain a persistent connection even if the contact between the mobile terminal system and the network medium is temporarily lost. An interface-based listener utilizes network connection point information from a network interface to determine a roaming state and to efficiently establish a connection during roaming. The mobility management server distributes a list for contacting the server on the disconnected network to the mobile terminal system.

Description

[Background of the Invention]
The present invention relates to connectivity between computer devices connected by a network. More particularly, the present invention relates to a method and a system for treating the characteristics of a nomadic system in a state of being transparent, and for ensuring that existing network applications operate in a corresponding mobile environment. More specifically, the present invention relates to a technology and a system that enable continuous data streams to be exchanged between devices such as handheld data units and personal computer devices that are intermittently connected.
[0001]
[Background and Abstract of the Invention]
In recent years, companies have come to recognize that quick access to important information is a way to stay competitive. For this reason, especially with the spread of inexpensive laptops and handheld computer devices, computer devices with intermittent connections, such as mobile devices, are rapidly becoming an important element of corporate networks. However, integrating these nomadic devices into the existing network infrastructure has been a headache for information managers at each company.
[0002]
Many of the problems associated with mobile networking are similar to those associated with building a local area network (LAN) prior to the advent of Ethernet. That is, since there are many types of mobile protocols and interfaces, and standards are still being established, there is no interoperability between different systems. Furthermore, communication using the above network technologies is usually slow and has a limited bandwidth, and the costs associated with updating are high due to the particularity of each system.
[0003]
In addition to these issues, mobile technology also has the following inherent problems. That is, when interconnecting with the main network, there is a case where the connection is made via a public network infrastructure. At this time, there is a risk that confidential information may be intercepted. Furthermore, if interconnected via wireless devices, confidential information would be "broadcast", so to speak, anyone with a similar interface would be able to intercept that information without much obstacles. I can do it.
[0004]
But perhaps even more important than the above, mobile networking has traditionally been limited to message-oriented or stateless applications, and has a client / server, host / terminal approach. It is not suitable for existing or new business applications using Web-based or file-sharing system models. This is because a typical business application requires not only stateless packet exchange but also a stateful session using a continuous data stream to operate effectively and reliably. .
[0005]
For this reason, most major commercial network applications require TCP / IP sessions or dedicated virtual circuits. Such sessions cannot function anymore if the network is interrupted, and roaming between networks (change of network address) is not possible when connected. Further, mobile networking is dynamic in nature and unreliable. Regarding these issues, the following considers some common situations in mobile networks.
[0006]
(Disconnected or out of service users)
When a mobile device is disconnected from a given network or loses contact with the network (ie, goes out of range of the wireless interconnect or enters a "hole" that the network does not cover), A running session-oriented application loses its stateful connection with its peer and stops working. When the device is re-attached or the device and network contact is restored, the user reconnects to the network and performs a re-login for security to identify where in the application the work was interrupted. If necessary, the lost data must be re-entered. Such a reconnection process is time consuming, expensive, and very frustrating for the user.
[0007]
(Move to another network or cross router boundaries (change of network address))
Mobile networks are typically segmented from a manageability standpoint, while mobile devices are roaming enabled for their use. Roaming between interconnected networks means that the network address is changed. If the network address is changed during the operation of the system, it is necessary to change the routing information in order to maintain the connection between the corresponding peers. Furthermore, in order to obtain a new network address, it may be necessary to terminate all sessions of the stateful application established up to that point, and the above-mentioned problem relating to the reconnection process also emerges here.
[0008]
(Security)
As mentioned, companies need to protect sensitive information. Many off-the-shelf applications have controlled access to the physical network (that is, performed using cables built inside secure facilities), and security requires additional authentication and possibly encryption. It is created on the assumption that it is retained through layers. However, in nomadic computing these assumptions are not self-evident. This is because there is a risk that data may be intercepted when passing through public radio waves or wired infrastructure.
[0009]
Therefore, there is a great need for an integrated solution that allows existing network applications to operate reliably in various mobile environments by making the characteristics of the nomadic system transparent. .
[0010]
The present invention solves the above problem by extending the corporate network so that network administrators can easily access mobile device users with the same applications as fixed device users. At the same time, it offers a consistent solution without losing reliability or centralized network management. The solution also supports existing network applications by adding the strengths of the previous wired networking standard to the evolving mobile networking standard.
[0011]
In one aspect of the non-limiting exemplary specific embodiment of the present invention, a mobility management server (MMS) connected to a mobile interconnect comprises a mobile terminal with an unlimited number of mobile terminals. It manages the state of each system (Mobile End Systems; MES) and manages the complex sessions required to maintain a continuous connection to the network and application processing at the peer. If a mobile terminal system goes out of range, suspends, or changes its network address (for example, by roaming from one mobile interconnect to another), the mobility management server will Maintain a connection between the system and a peer that corresponds to the system. In other words, the mobile terminal system keeps maintaining the virtual connection with the peer even though the physical connection is actually interrupted.
[0012]
Further, the non-limiting and specific embodiments of the present invention present the following (but not limited to) new and useful techniques and configurations.
[0013]
A mobility management server that gives session characteristics configurable by the user to the mobile client.
[0014]
-Manage mobile device policies on a per user basis with respect to network resource consumption.
[0015]
A roaming method that uses an industrial standard Dynamic Host Configuration Protocol (DHCP) in cooperation with a mobility management server.
[0016]
-Automatically remove unreliable datagrams from the system based on timeout conditions that can be set by the user.
[0017]
-Automatically remove unreliable datagrams from the system based on retry conditions that can be set by the user.
[0018]
More specifically, in an example of the preferred specific embodiment of the present invention, there is provided a mobility management server connected to the mobile interconnect network. The mobility management server maintains the state of each of the mobile terminal systems in an unlimited number, and provides a continuous connection to the network and other processing (eg, processing performed in other network-based peer systems). Manage complex sessions needed for maintenance. If a mobile terminal system goes out of range, suspends, or changes the network address (for example, by roaming from one mobile interconnect to another), the mobility management server will Recognizing the reception and waiting request of the system, it maintains the connection between the system and the corresponding peer. By operating the mobility management server as a proxy in this way, an application operating on the mobile terminal system can maintain a persistent connection even if the physical connection with a certain network medium is temporarily interrupted. Can be.
[0019]
In another example of the preferred embodiment of the present invention, the mobility management server manages an address for the mobile terminal system. Each mobile terminal system is assigned a proxy address on the primary network. This very versatile address is called the "virtual address" of the mobile terminal system. The mobility management server associates this virtual address with the current "location" address in the nomadic system. The location address of the mobile terminal system changes as the system moves between networks, but the virtual address is the same as the address, no matter which connection is active or the connection time is long. Is constant as long as is statically assigned.
[0020]
In yet another example of the preferred embodiment of the present invention, the mobility management server implements centralized management of the mobile terminal system by means of a console (control) application and comprehensive metrics. Furthermore, in a preferred embodiment, user-configurable session characteristics are implemented for mobile clients running on a proxy server, and policy settings of the mobile device are managed on a per-user basis with respect to consumption of network resources.
[0021]
Further, in one aspect, the remote procedure call (RPC) protocol (Remote Procedure Call protocol) and the Internet Mobility Protocol (Internet Mobility Protocol) are used for communication between the proxy server and each mobile terminal system. Used for establishment.
[0022]
The remote procedure call allows a local system to call a procedure in a remote system. Using the RPC protocol, the mobile terminal system disconnects, goes out of service, or suspends operation. Can be done without interrupting active network sessions. As described above, since session maintenance is not performed by a dedicated application, a commercially available application can be used in a nomadic environment without any change.
[0023]
The RPC protocol creates transactions into messages sent over standard network transport protocols and infrastructure. This RPC message contains the entire network transaction initiated by the application running on the mobile terminal system, thereby providing connection status information between the mobility management server and the mobile terminal system between them. It is possible to always synchronize even when the physical connection is interrupted. In the above embodiment of the present invention with RPC, the proxy server and the mobile terminal system provide sufficient information about the status of each transaction to manage a unified logical database for all shared connections at all times. Sharing.
[0024]
The Internet Mobility Protocol in the preferred embodiment of the present invention compensates for differences between wired local area networks and less reliable networks such as wireless LANs and WANs. By adjusting the frame size and the protocol timing, the performance is greatly improved and the traffic of the network is greatly reduced as compared with the communication not considering the mobile environment. This is especially important when bandwidth is limited or when battery life has to be taken into account. Furthermore, the Internet mobility protocol in the preferred embodiment of the present invention ensures the security of confidential data when transmission is performed between the mobile terminal system and the mobility management server through a public network or wirelessly. The Internet Mobility Protocol also acts as a basic firewall by allowing only authorized devices to access private networks. In addition, all communication between the mobile terminal system and the mobility management server can be authenticated and encrypted by the Internet mobility protocol.
[0025]
In yet another example of the preferred embodiment of the present invention, the mobile interconnect uses standard transport protocols (e.g., TCP / IP, UDP, etc.) to extend the scope of standard network application interfaces. / IP, DHCP, etc.). According to the preferred embodiment of the present invention, data transfer, security, address management, device management, and user management can be effectively integrated, and the nomadic environment can be effectively made transparent. The Internet Mobility Protocol multiplexes multiple data streams, both reliable and unreliable, over a standard network infrastructure over a single virtual channel provided by a standard transport protocol. Provide an effective way to
[0026]
Using the RPC layer, the Internet Mobility Protocol fuses data coming from different sources and destined for different or same destinations into a single data stream that is sent over the mobile link. At the opposite end of the mobile link, the data stream is demultiplexed into a plurality of different data streams, which are transmitted to their respective final destinations. This multiplexing / demultiplexing makes it possible to make maximum use of the available bandwidth (by generating network frames of the maximum size) and to establish multiple channels (thus priority) Ranking can be provided, and if the underlying network provides a data communication service, its quality could be guaranteed).
[0027]
The Internet mobility protocol according to the embodiment of the present invention further realizes the following features and advantages. The present invention is not limited to the following points.
[0028]
Transport protocol independence
The ability to change the point of presence (POP) or network infrastructure on the network without affecting data flow (only if there are no physical boundaries, policies, or bandwidth constraints)
・ Minimum additional costs
Automatic fragment resizing suitable for the transmission medium (when the protocol data units of a frame are larger than the maximum available transmission units of the network medium, the Internet Mobility Protocol fragments the frame; Rebuilding, which ensures that the frame is transmitted over the network, upon retransmission, the frame is checked again, and if the network infrastructure or environment has changed, It is re-fragmented or transmitted as a single frame when the upper limit of the transmission unit is actually raised.)
Keeps unreliable data semantics by causing frames to discard unreliable data during retransmission
Providing new semantics in reliable datagram services (this guarantees the transmission of datagrams to peer terminals by the Internet Mobility Protocol and informs the requesting entity of the transmission)
-Handles uplink and downlink transmission paths separately and automatically adjusts operation parameters to achieve optimal throughput (based on hysteresis, frame size / fragmentation threshold, number of waiting frames (window), Adjust parameters such as transmission time and delayed acknowledgment time to reduce the amount of duplicate data sent over the network).
[0029]
・ Resilience against network failure (Since use in a mobile environment is assumed, even if the connection between network media is temporarily disconnected, the virtual channel is disconnected or the application-based connection is disconnected. No)
Providing peers with in-band signaling to adjust operating parameters (Each connected terminal can alert its peers about changes in network topology or environment)
・ Adopts congestion avoidance algorithm and effectively attenuates throughput when necessary
-Selective acknowledgments and high-speed retransmissions limit the number of unnecessary retransmissions, speeding up handoff recovery in nomadic environments. (This allows the protocol to have optimal throughput even in a lossy network environment.) Maintain)
Adopting sliding window technology, which puts multiple frames in a standby state (this parameter is adjustable in each direction and given to stream frames up to a certain upper limit without the need for acknowledgment from peers)
・ Sequence numbers are non-byte oriented, so a single sequence number can represent up to the maximum payload size
・ Security measures (authentication layer and encryption layer can be added to Internet mobility protocol layer)
Compression ensures efficiency over limited bandwidth connections
・ Balanced design that both peers can move to new positions
-Connection to peer can be established from either side
-Pause timeout can be triggered to quickly destroy dormant connections and recover consumed resources
An arbitrary maximum duration can be set for the connection (for example, the connection can be terminated and / or rejected after a predetermined period of time or after a predetermined date and time).
[0030]
In a preferred specific embodiment of the invention, the consumption of network resources by a system administrator can be managed. For example, the system administrator can control at least one of the mobile terminal system and the mobility management server. The control in this case refers to, for example, management of network bandwidth and distribution of other resources, and security-related matters. Effectively, management is performed for clients that have a large number of resources on the client side. However, it is undesirable to impose additional code and processing for policy management on thin clients that do not have many resources. Therefore, it is considered that the most practical solution is to manage the thin client intensively by the mobility management server or the like, or to share a part thereof. Policy management is centralized by the mobility management server proxying each data stream of the mobile terminal system. Further, since the mobility management server performs proxy for each user, access to network resources can be managed and restricted for each user and each device.
[0031]
As a simple example, a mobility management server may “lock out” access to certain network resources by a particular user. This is very important given that the network of interfaces has been “extended” beyond the boundaries of the facility under the control of the organization by the mobile interconnect (eg, as previously described). (Suppose a former employee attempts to access the network of the workplace where he worked.) Beyond this, policy management by the mobility management server can provide even more benefits. For example, the mobility management server may make certain URLs accessible only to specific users, filter data returned by requests by network services, and compress data to conserve network bandwidth. It is possible. In this way, existing or new application-level services can be enhanced in a seamless and transparent manner.
[0032]
In addition, since the mobile terminal system is also connected to an “untrusted” network (that is, a network outside the control of the organization), a malicious cyber attack may occur during remote connection. Sharing policies and filters with the mobile terminal system enables the mobile terminal system to be protected from malicious connections, ingress filtering at remote nodes, and further security for centralized management of enterprise infrastructure. Become.
[0033]
In another example of an embodiment of the present invention, an interface assisted roaming listener enables a mobile terminal system to perform an interface assisted roaming using an interface that supports general signaling. Becomes possible. In one aspect of the exemplary embodiment of the present invention, the interface-based listener of the mobile terminal system allows the mobile terminal system to perform a mobile event upon a predetermined event (e.g., callback, timer timeout, network activity indicating data loss, etc.). It is determined whether or not the connection state of the medium of the terminal system has changed. This means, for example, that the listener detects that the mobile terminal system has been disconnected and is no longer able to communicate with the network, and indicates this to the interface. At the time of reconnection, the listener refers to the network point in the connection identification information (attachment identification information) recorded in advance, and determines whether the mobile terminal system has been reconnected to the same network point. If the reconnection was to the same network point, the listener alerts the mobile client to proceed with re-establishing communication at the transport level. If the reconnection has been made to another network point, the listener indicates that the mobile terminal system is in a "roaming" state and causes the system to obtain an address available on the current network segment. (This may include, for example, registering the current address to be valid in the new subnet). The listener maintains a map of the network topology (learned through operations) to help determine the suitability of signals generated for that client ("roaming on the same subnet", "roaming", etc.). Is also good.
[0034]
In another example of the non-limiting preferred embodiment of the present invention, the mobility management server (MMS) can be accessed in a "disconnected networking" mode. This new algorithm allows an alternative network to be used to establish / persistent communication with the MMS, even in disconnected network topologies where one network infrastructure does not know the network address in another network infrastructure. Addresses can be found dynamically / statically. With this configuration, a list of alternative addresses available to the MMS is preset and sent to the MES (mobile terminal system) during communication or dynamically learned by the MES. In one embodiment, the MMS may send the MES one or more MMS network addresses or other MMS identities corresponding to other networks by communication over a single network. The list can be sent / updated at the time of circuit construction or any other time during connection establishment.
[0035]
As the MES moves to another network, the MES uses the MMS's "alias" address / identity list to contact the MMS through a new network connection in that network. This allows the MES to re-establish contact with the MMS through a new network connection even if the pre-move and post-move networks do not share addresses, routes, or other information.
[0036]
In yet another example of the embodiment of the present invention, the decision on policy management is made inside a distributed mobile network topology, for example, where a rule-based policy management procedure is used to request based on various metrics. Allow, reject, or restrict performance. Such a management form is used, for example, when making a decision based on cost metrics such as minimum cost routing in a multihome / path environment.
[0037]
In such a policy management technique, matters relating to mobility or location acquisition (that is, roaming) may be taken into account when making a decision. For example, management rules may be determined based on the location of the device (eg, which connection point of the network, eg, which access point / base station, hub, router, GPS coordinates, etc.), so that certain operations may be For example, it may be allowed in one building but not in another. For example, this configuration may be useful for a company that uses a plurality of different wireless networks. In such a company, for example, a loading dock and an office may be connected by a wireless network. The system administrator can prevent employees (e.g., users and devices) at the loading dock from accessing the wireless network in the office environment. In addition, policy management can result in one of three states: allow, deny, or delay (e.g., if the decision is made based on bandwidth or cost, the operation may be more appropriate). Is delayed until the right time comes).
[0038]
In the policy management in the above embodiment, the operation can be changed based on the determination. One example of an action is to reduce bandwidth consumption by all active applications. Also, for example, when there is a specific application that consumes a significant amount of bandwidth, a policy engine can manage the speed of completion of an operation / transaction by the application. This operation may dynamically learn to suppress the operation of the wrong application. Another example of an action is data recovery (e.g., dithering a graphic image based on available / allowed bandwidth and cost, and user restrictions).
[0039]
Furthermore, the rules engine fires other actions based on the rule evaluation. External procedures may be performed, such as logging an event, issuing an alert, or notifying a user that an action has been denied, delayed, or conditioned. Notifications such as these may be interactive, such that an operator may be required to override an existing rule.
[0040]
In the policy management engine in the above embodiment, the decision is made based on any number or combination of metrics associated with a device, a group of devices, a user group, a user, or a network connection point. It may be done.
[0041]
Other local-based information and services may be obtained / provided for policy management, network modeling, and / or asset tracking as part of the policy management function. Such a service includes a function of automatically providing information related to the current position of the mobile terminal system to the user or the mobile terminal system. The information may be provided in a message, file, or other electronic format.
[0042]
Non-limiting examples of use of this function include shopping mall operators, various industry groups, and large-scale retailers, who are installing Bluetooth PAN, IEEE 802.11 LAN, 802.15 PAN, and other wireless network standards on shopping centers. In some cases, wireless access points are strategically provided. In this case, the shop near the current location of the mobile terminal system can present information to the customer as the customer roams around the center. This information includes information on sales, discounts, benefits, and the like. In addition, an electronic coupon for sales promotion may be supplied to the mobile terminal system. Stores will register such services with mall management, industry associations, retailers, or other centralized administrations of service providers.
[0043]
Other non-limiting examples of where the above technology can be used include in the vertical industry, such as on-site services, door-to-door sales, home delivery, etc., to collect information based on location, community services, maps, directions, customers, accidents and other public services. Is sent to the mobile terminal system based on the location.
[0044]
Yet another non-limiting example is a web-based service for monitoring and tracking mobile terminal systems. For example, a customer registers with the tracking service, and a trusted third party logs on to a hosted web service to identify the exact location of the customer's mobile terminal system. In this case, the mobile terminal system may be provided in a vehicle or may be carried by a pedestrian. Such services are becoming more and more realistic as mobile terminal systems become smaller and lighter. By using the service, it is possible to track and confirm the location of high-risk people, for example, the elderly, the disabled, and the sick. The service can also be used to track automobiles and other expensive personal property and luggage. The above service is extremely low by utilizing a characteristic that 3G WAN network, Bluetooth network, 802.11 network and other wireless technologies can be used to maintain seamless connectivity even when switching network media and connection points. It can be implemented at cost.
[0045]
Thus, the present invention extends the corporate network and allows network administrators to provide users of mobile terminals with easy access to applications on fixed terminals without sacrificing reliability or centralized management. It is possible to provide as in the case of the user. The solution combines the strengths of existing wired network standards with the mobility standards that are in the process of being created, creating a solution that can run on existing network applications.
[0046]
Other objects, features and advantages of the present invention will be more fully understood from the following description. Also, the advantages of the present invention will become apparent in the following description with reference to the drawings.
[0047]
[Detailed description of preferred embodiments]
FIG. 1 illustrates a mobile enhanced network computer system 100 of the present invention. The network computer system 100 includes a mobility management server 102 and one or more mobile terminal systems 104. The mobile terminal system 104 can communicate with the mobility management server 102 through a local area network (LAN) 108. The mobility management server 102 functions as a network-level proxy of the mobile terminal system 104. The mobility management server 102 manages the state of each mobile terminal system, and communicates between the mobility management server 102 and the mobile terminal system 104 with any peer system 110 hosting the network application. This is accomplished by performing the complex session management necessary to maintain a constant connection, even if the connection is intermittent and unreliable. In the preferred embodiment, the mobility management server 102 communicates with the mobile terminal system 104 using the remote procedure call protocol and the Internet mobility protocol of the present invention.
[0048]
In this case, the mobile terminal system 104 is actively connected to the mobility management server 102, but the connection is not always active. For example,
-A plurality of mobile terminal systems 104a-104k communicate with the mobility management server 102 via a mobile interconnect (in this case wireless). As an example, a conventional electromagnetic (radio wave) transceiver 106 may be wirelessly (or wired) connected to a local or wide area network 108. The mobile interconnection as described above allows the mobile terminal systems 104a-104k to roam from one cover area 107a to another. Typically, the mobile terminal system 104 roams from one coverage area 107 to another, goes out of reach from the nearest transceiver 106, or temporarily blocks signals (eg, behind a building pillar). , Etc.), the communication is temporarily disconnected.
[0049]
Communicate with the mobility management server 102 via a non-permanent wired interconnect 109 such as a docking port or a network cable connector. The mobile terminal system 104 is temporarily disconnected from the LAN 108 when the connection 109 is disconnected or the power of the mobile terminal system 104 is turned off.
[0050]
-Yet another mobile terminal system (e.g., 104n) is nomadically connected to the mobility management server 102 via a network topography 111 such as a wide area network, a dial-up network, a satellite network, or the Internet. As an example, the services of the network 111 may be intermittent, and as another example, the mobile terminal system 104 may move from one type of connection to another (eg, the mobility management server 102 The state may be changed from a state of connection through the wired interconnect 109 to a state of connection through the network 111, or vice versa, and the connection may be temporarily disconnected at the time of the shift.
[0051]
The mobile terminal system 104 may be a standard mobile device or a commercially available computer, for example, the mobile terminal system 104 may be configured with a laptop computer with a commercially available transceiver and / or network card. The mobile terminal system 104 executes standard network applications and a standard OS (operating system), and communicates at a transport layer using a standard transport level protocol (eg, TCP / IP). May be performed. In the present invention, the mobile terminal system 104 also executes client software to enable communication with the mobility management server 102 using the remote procedure call protocol and the Internet mobility protocol. Both protocols are transmitted using the same transport level protocols.
[0052]
The mobility management server 102 may include software hosted by a standard server, such as a Windows NT server. In the preferred embodiment, the mobility management server 102 is a client / server intelligent server that conforms to the standard, and extends the corporate network 108 to a nomadic environment with transparency. The mobility management server 102 functions as a proxy at the network level of each of the unlimited number of mobile terminal systems 104, and the mobility management server 102 manages the state of each mobile terminal system, and Necessary for any peer system 110 hosting the application to maintain a constant connection, even if the mobile interconnect between mobile terminal system 104 and transceiver 106 is intermittent and unreliable And complex session management.
[0053]
For example, the server 102 can execute any standard (eg, TCP / IP based) network application over a mobile connection without modification. The session of the mobile terminal system 104 whose connection is disconnected, goes out of service, or suspends the operation is maintained by the server 102, and when the system returns, the server 102 resumes the session. If the mobile terminal system 104 goes out of service, shuts down, or changes the location address, the mobility management server 102 acknowledges the reception of the data and makes a request until the mobile terminal system can communicate again. The waiting maintains the connection between the mobile terminal system and the peer system 110.
[0054]
The server 102 also extends management capabilities in a wired network to mobile connections. Since each network software layer operates independently of the others, it is possible to customize the solution to the respective environment in which it is deployed.
[0055]
As an example, the mobility management server 102 is connected to a standard enterprise network 108, such as a local area network or a wide area network, which may be connected to various fixed terminal systems (eg, one or more host computers 110). ) 110 may be connected. The mobility management server 102 enables communication using a continuous session type data stream between the mobile terminal system 104 and the fixed terminal system 110, and the communication is performed by the network to which the mobile terminal system 104 is connected. Losing contact with the interconnect or moving from one network interconnect 106, 109, 111 to another (eg, in the case of a wireless interconnect, from the coverage area 107 of one wireless transceiver 106) Roaming to another coverage area) and still be available.
[0056]
The mobile terminal system 104 establishes a connection with the mobility management server 102 at startup or when the mobile terminal system requests a network service. Once the connection has been established, the mobile terminal system 104 can initiate one or more network application sessions, either sequentially or simultaneously. By establishing the connection between the mobile terminal system 104 and the mobility management server 102, even if the mobile terminal system is disconnected, goes out of service, or is suspended, an application session in the mobile terminal system is maintained, and the mobile terminal system is maintained. At the time of return, the session can be resumed. In the preferred embodiment, the above process is completely automatic and requires no user intervention.
[0057]
In one example of the present invention, mobile terminal system 104 communicates with mobility management server 102 using a standard transport protocol such as UDP / IP. Using a standard transport protocol allows the mobile terminal system 104 to communicate with the mobility management server 102 using the existing infrastructure of the enterprise network 108, such as a standard router 112. In the present invention, a high-level remote procedure call protocol generates a transaction over the mobile enhancement network 108 into a message sent using a standard transport protocol. In the presently preferred embodiment, the mobile RPC message as described above includes all network transactions initiated by the application executed on the mobile terminal system 104, and thus is completed by the mobility management server 102. be able to. Thereby, the mobility management server 102 and the mobile terminal system 104 can always keep the connection state information synchronized with each other even when the connectivity of the network medium is hindered.
[0058]
Each of the mobile terminal systems 104 executes a mobility management software client that intercepts all network activity and provides information to the mobile terminal system itself to relay the network activity to the mobility management server 102 via the mobile RPC protocol. In the preferred embodiment, the mobility management client is an OS (Windows (registered trademark) NT, Windows (registered trademark) 98, Windows (registered trademark) 95, Windows (registered trademark) CE installed in the mobile terminal system 104. Etc.) in a transparent manner to continue to maintain the application session on the client side even if contact with the network is lost.
[0059]
The mobility management server 102 manages the state of each mobile terminal system 104 to maintain a continuous connection with a peer 108 of the communication partner, such as a host computer 110 connected to the other end of the connection. Performs complex session management required for If the communication with the mobile terminal system 104 becomes unavailable, the mobile terminal system 104 suspends, or changes the network address (eg, roams from one network interconnect to another), the mobility management server 102 Maintains the connection between the mobile terminal system 104 and the connection end, such as the host system 110, by acknowledging data reception or awaiting requests. This proxy function prevents the peer application from detecting that the physical connection with the mobile terminal system 104 has been lost. Thus, if the mobile terminal system temporarily loses connection or roams from one network interconnect 106A to another network interconnect 106K within a certain coverage area 107K, the (physical connection is re-established) By simply resuming work when done, a continuous connection between the application of the mobile terminal system 104 and the end performing the combined session can be effectively maintained.
[0060]
The mobility management server 102 can also manage addresses to solve the problem of receiving different network addresses when the mobile terminal system 104 roams various parts of a segmented network. I have. Each mobile terminal system 104 has a virtual address on the primary network. The virtual address is determined by a standard protocol or by static assignment. For each mobile terminal system 104, the mobility management server 102 assigns a virtual address corresponding to the actual (location) address in the current state of the system. As the mobile terminal system 104 moves from one network segment to another, as the current location address of the system 104 changes, the virtual address is the connection time regardless of which connection is active. Is long as long as the address is statically assigned.
[0061]
Thus, a change in the location address of the mobile terminal system 104 is made completely transparent from the end of the session at the associated host system 110 (and other peers) via the mobility management server 102. Has become. What the peer 110 sees is only the (unchanged) virtual address proxied by the server 102.
[0062]
In the presently preferred embodiment, the mobility management server 102 is also capable of centralized system management with console (control) applications and comprehensive metrics. System administrators can use the tools described above to set up and manage remote connections and solve problems with remote connections and systems.
[0063]
The proxy server function of the mobility management server 102 allows different priority levels to be set for network applications, users, and devices. This is useful in view of the fact that the mobility management server 102 has limited processing resources. The ability of the system administrator to change the settings of the mobility management server 102 as described above improves overall system and network performance. As an example, the ability of a system administrator to change the settings of the mobility management server 102 can reduce the resources of the mobility management server 102 for real-time applications such as audio and video streaming, such as mail software that uses less resources. Can be allocated more than a simple application.
[0064]
More specifically, the mobility management server 102 is configured through an application or an application interface such as a standard network management protocol such as SNMP, a web-based configuration interface, or a local user interface. It is also possible to set the priority of the association itself and / or the priority of multiple applications in a certain association. For example, the priority of each connection associated with another connection operating via the mobility management server 102 can be set for each user or device (in the present embodiment, both the user and the device to which the user has logged in) Is set to be prioritized, the setting relating to the user may be set to be given higher priority). Alternatively, for each connection, several levels may be set for the application priority for each network application. In this system, any number of priority levels can be set. As an example, an example in which three priority levels of low, medium, and high are set can be considered.
[0065]
(Example of server / client type software architecture)
FIG. 2 illustrates an example of a software architecture of the mobile terminal system 104 and the mobility management server 102. In one example of the present invention, the mobile terminal system 104 and the mobility management server 102 run standard OS and application software, but are intermittently connected with only a few new components added. Reliable, effective, and persistent sessions can be performed over the mobile network 108. As shown in FIG. 2, the mobile terminal system 104 includes a network interface driver 200, a TCP / UDP transport support 202, a transport driver interface (TDI) 204, and one or more conventional network applications. Executes conventional OS software, including a socket API 206 used as an interface to 208. A conventional network file / print service 210 may be further provided for communication with the conventional TDI 204. The server 102 includes a conventional network interface driver 200 ', TCP / UDP transport support 202', a transport driver interface (TDI) 204 ', and one or more conventional networks, similar to those described above. • It may have a socket API 206 'used as an interface to the application 208'. The mobile terminal system 104 and the mobility management server 102 may each further include a network / security provider 236 (mobile terminal system) and a user / security database 238 (server).
[0066]
In the present invention, a new mobile interceptor component 212 is inserted between the TCP / UDP transport module 202 and the transport driver interface (TDI) 204 in the mobile terminal system 104 software architecture. . The mobile interceptor component 212 intercepts a particular call on the transport driver interface (TDI) 204 and passes the call over the network 108 via RPC and Internet mobility protocols, standard TCP / IP. The data is transferred to the mobility management server 102 through the IP transport protocol. Thus, the mobile interceptor 212 can intercept and forward all network activity to the server 102. Because the interceptor 212 cooperates transparently with the OS, the client-side application session can remain active even if the mobile terminal system 104 loses contact with the network 108.
[0067]
The mobile interceptor 212 may operate at a different level than the transport driver interface 204 (eg, at the socket API 206 level), but the mobile interceptor 212 operates at the TDI level, and more specifically, Operating on such a transport protocol interface provides the following advantages. For the sake of convenience, everything that indicates the transport driver interface is represented by the abbreviation TDI. Many standard operating systems (eg, Microsoft® Windows® 95, Windows® 98, Windows® NT, Windows® CE, etc.) implement the TDI interface 204. Therefore, compatibility is guaranteed without changing the components of the OS. Furthermore, since the transport driver interface 204 is usually a kernel-level interface, there is no need to switch to user mode, which can improve performance.
[0068]
In addition, the mobile interceptor 212, which operates at the level of the TDI interface 204, provides various other network applications 208 (eg, multiple concurrently running applications) as well as files, prints, and other kernel applications in the network. Services 210 such as modes (interceptors operating at the level of the socket API 206, for example, need to be treated separately) can be intercepted.
[0069]
FIG. 2A shows an example of a high-level flowchart showing how the interceptor 212 operates. A call to the TDI interface 204 of the mobile terminal system 104 (block 250) is intercepted by the mobile interceptor 212 (block 252). The RPC call intercepted by the mobile interceptor 212 is packaged into fragments in accordance with the Internet Mobility Protocol, and the fragments are converted into datagrams using standard transport protocols such as UDP and TCP, LAN, WAN, etc. To the mobility management server 102 over the transport 108 (block 252). The mobility management server 102 unpacks the received RPC datagram (block 254) and performs the requested service (e.g., by transferring the data and response to an application server process running on the fixed terminal system 110). , Acting as a proxy for the application 208 of the mobile terminal system).
[0070]
Returning again to FIG. 2, the mobility management server 102 intercepts messages sent to or from the mobile terminal system 104 sent via the conventional network interface driver 222, the address translator. 220. For example, the address conversion unit 220 recognizes a message addressed to the virtual address of the mobile terminal system 104 from the peer (fixed terminal system 110) of the session partner. The message to the mobile terminal system is sent to the proxy server 224. Proxy server 224 assigns the virtual address and the message to the waiting transaction and forwards the response to the mobile terminal system 104's current location address.
[0071]
Further, according to FIG. 2, the mobility management server 102 has a setting manager 228, an operation / user interface 230, and a monitor 232 in addition to the address translation unit (intermediate driver) 220 and the proxy server 224. The configuration manager 228 provides configuration information and parameters to allow the proxy server 224 to manage the connection. Operation / user interface 230 and monitor 232 allow interaction between the user and proxy server 224.
[0072]
(Mobile interceptor)
FIG. 3 shows an example of the software architecture of the mobile interceptor 212 that supports the RPC protocol and the Internet mobility protocol of the present invention. In this example, the mobile interceptor 212 has two functional components: a remote procedure call protocol engine 240 and an internet mobility protocol engine 244. A corresponding engine 240 ', 244' is provided by the proxy server 224 operating in the mobility management server 102.
[0073]
Thus, the mobile interceptor 212 in the preferred embodiment supports the remote procedure call protocol and the Internet mobility protocol for connecting the mobility management server 102 with each mobile terminal system 104. I have. A remote procedure call allows a local system to invoke a procedure on another system that is remote. Generally, the local system is unaware that a procedure call has been executed on the remote system. The use of the RPC protocol allows the mobile terminal system 104 to go out of range and suspend operation without losing an active network session. Since no special application is required to maintain the session, commercial applications will operate without any changes in the network 108 in the mobile environment.
[0074]
Network applications typically utilize application-level interfaces, such as Windows sockets. A single call to an application-level API generates multiple transmitted and received data packets at the transport or media access layer. In a preferred mobile network, if one of the above packets is lost, the session will be aborted due to the unstable state of the entire connection, but a preferred embodiment of the present invention comprises RPC. The mobility management server 102 and the mobile terminal system 104 share information about the connection state in order to always maintain a unified logical link even when the physical connection is broken.
[0075]
The Internet Mobility Protocol of the present invention compensates for differences between wired networks and other less reliable networks such as wireless. Modifying the frame size and protocol timing can significantly improve performance and significantly reduce network traffic as compared to transports that do not consider the mobile environment. This is important when bandwidth is limited or battery life is a concern.
[0076]
The Internet Mobility Protocol of the present invention also guarantees the security of confidential information when communication between the mobility management server 102 and the mobile terminal system 104 is made through a public wired network or wirelessly. The Internet Mobility Protocol acts as a basic firewall by allowing only authorized devices to access the corporate network. The Internet Mobility Protocol of the present invention further allows all communications between the mobility management server 102 and the mobile terminal system 104 to be authenticated and encrypted.
[0077]
The remote procedure call protocol engine 240 in the mobile terminal system 104 of FIG. 3 marshals the TDI call parameters, formats the data, and executes the request, with the TDI remote procedure call protocol engine 240 'executing the call. Sent to Internet Mobility Protocol Engine 244 for transfer to mobility management server 102. The mobile terminal system 104 marshals TDI call parameters based on a remote procedure call protocol. When the TDI remote procedure call protocol engine 240 'of the mobility management server 102 receives the above RPC, the mobility management server 102 executes the call on behalf of the mobile terminal system 104. The TDI remote procedure call protocol engine 240 'of the mobility management server 102 shares the complete network state in each connected mobile terminal system with the RPC engine 240 of the peer mobile terminal system 104. In addition to executing remote procedure calls on behalf of the mobile terminal system 104, the server's RPC engine 240 'supports system flow management, remote procedure call analysis, and virtual address (services performed by the address translation mechanism 220). ) Perform multiplexing, transaction prioritization of remote procedure calls, scheduling, policy enforcement, and coalescing.
[0078]
The Internet Mobility Protocol Engine 244 provides reliable datagram services, ranking, fragmentation, and message reassembly. If set, it can also perform authentication, data encryption, enhanced privacy protection, security, and compression for throughput. The Internet Mobility Protocol Engine 244 is designed to operate using a plurality of different transports in environments where power consumption needs to be taken into account, so that it is power management conscious and , Independent of each transport.
[0079]
FIG. 3A illustrates a process in which the mobile interceptor 212 communicates with the mobility management server 102 to exchange a TDI call. In general, the RPC protocol engine 240 of the mobile interceptor 212 forwards the marshalled TDI call to the internet mobility protocol engine 244 for delivery to the mobility management server 102. The RPC protocol engine 240 accomplishes this task by adding an RPC call to a queue managed by the Internet Mobility Protocol Engine 244 (block 302). To facilitate bandwidth management, Internet Mobility Protocol Engine 244 delays the transfer of received RPC calls for a predetermined period (RPC convergence timeout period) (block 304). Typically, the RPC fusion timeout is set between 5 and 15 milliseconds, but this number can be changed by the user. This delay allows RPC engine 240 to add the TDI call to the queue of Internet Mobility Protocol Engine 244 so that one or more RPC calls are forwarded by the same datagram (fragment).
[0080]
If the fusion timeout expires or the RPC engine 240 decides to reject further RPC calls (decision block 306), the RPC engine 240 flushes the queue to the Internet Mobility Protocol engine 244 ( flush), fusing the RPC call into a single frame and requesting that frame be forwarded to the peer (block 308). This fusion reduces the number of transmissions and increases the performance of the protocol. However, the Internet Mobility Protocol must also flush the queue 244 based on other external criteria for performance optimization, and in the preferred embodiment, a single RPC request occupies the entire frame. If so, the IMP layer automatically attempts to send a request to the peer.
[0081]
As described above, the proxy server of the mobility management server 102 has the RPC protocol engine 240 'and the Internet mobility protocol engine 244'. FIG. 3B illustrates a process executed by the mobility management server 102 when receiving the Internet Mobility Protocol message frame from the mobile terminal system 104. When the mobility management server 102 receives the frame, the Internet Mobility Protocol Engine 244 'reassembles the frame if it is fragmented (subject to the maximum transport of the underlying transport) and reconstructs the message. The content is demultiplexed to determine which mobile terminal system 104 to receive from. This demultiplexing allows the Internet Mobility Protocol Engine 244 'to communicate the proper association-specific context information to the Remote Procedure Call Protocol Engine 240'.
[0082]
Subsequently, the Internet mobility protocol engine 244 'converts the received message into an RPC receive indication system work request 354, and converts the work request and the binding-related context information into a mobility management server. 102 RPC protocol engine 240 '. When the RPC protocol engine 240 ′ receives the work request 352, the engine 240 ′ adds the work request 352 to the binding related work queue 356 and then schedules the binding process by sending the scheduled request to the global queue 358. Is performed. Subsequently, the main work thread of the RPC engine 240 'is notified that the work can be executed. When the main thread starts working, the global queue 358 is polled to confirm the scheduled join process that is waiting. Thereafter, the main thread removes the event from the waiting state, and the connection-related work queue 356 is processed.
[0083]
From the join-related work queue 356, the main thread finds the RPC reception suggestion work request that has been waiting until then. Next, the main thread removes the RPC reception suggestion work request 356 from the queue and analyzes the request. By the fusion process described with reference to FIG. 3A, the mobility management server 102 frequently receives a plurality of RPC transactions included in each datagram. The mobility management server 102 then demultiplexes each of the RPC transactions back into a separate remote procedure call and performs the requested function on behalf of the mobile terminal system 104. To improve performance, the RPC engine 240 'is provided with a look-ahead mechanism during the RPC message parsing process to determine if the RPC engine 240' can execute some of the requested transactions simultaneously (pipelining May be confirmed).
[0084]
(Method of executing RPC combination by RPC engine 240 ')
FIG. 4 is a flowchart illustrating a process of executing the RPC combination added to the combination work queue 356. When the execution of the RPC binding is scheduled, the main thread of the RPC protocol engine 240 ′ (which may be provided as a state machine) removes the work request from the global network queue 358 from the waiting state, and Determine the type.
[0085]
The RPC work requests according to the present embodiment are classified into the following six basic types.
[0086]
-Scheduling request (schedule request)
・ Connection suggestion
・ Disconnect suggestion
-Local terminating association
・ "Resource available" request ("resource available" request)
-Ping inactivity timeout
The RPC protocol engine 240 'handles the various types of requests described above in different ways. RPC protocol engine 240 'tests the type of request (identified by information about the request stored in global queue 358) to determine how to handle the request.
[0087]
If the type of work request is "scheduling request" (decision block 360), the RPC protocol engine 240 'determines which combination is scheduled (block 362). The RPC protocol engine 240 'can make this determination based on information stored in the global queue 358. When the above determination is made, the RPC protocol engine 240 'can specify one of the combined work queues 356 (1) to 356 (n) each storing the corresponding request. . The RPC engine 240 'obtains the corresponding binding control block (block 362) and invokes the process association work task 364 to begin processing the work in the identified work queue 356 described above. .
[0088]
FIG. 5 illustrates the steps performed by the “join work process” task 364 of FIG. When a join is identified, a "join work process" task 364 is invoked to process the work in the corresponding join work queue 356. If the work request removed from the waiting state (block 390) is an RPC receive request (decision block 392), the RPC receive request is sent to an RPC parser (block 394) for processing (block 394). Alternatively, if the work request removed from the waiting state (block 390) is a pending receive request (decision block 396), the RPC engine 240 'sends the data to the TDI 204' instead of the connection by the application. Request to begin receiving (block 398). If the work request removed from the waiting state is a pending connection request (decision block 400), the RPC engine 240 'issues an application-specific TCP (or other transport protocol) connection request to the TDI 204'. Request (block 402) and wait for a response from the TDI layer 204 '. Upon completion of the request by TDI 204 ', the status of the request is determined and a report is returned to the original requesting entity. To improve performance, the RPC engine 240 'may process the connection request multiple times by returning the request to the binding-related work queue (356) before notifying the requesting peer of the error. It may be. This process is also to reduce network bandwidth and resource consumption.
[0089]
The above process is repeated until the "scheduling weight complete" test (block 404) is passed. In this example, the scheduling weights are used to determine how many work requests are taken out of the wait state and how much of the particular combination is processed. The scheduling weight is a parameter set by the configuration manager 228 and is obtained when a coupled connection suggestion is detected (FIG. 4, block 372). This numerical value can be set for each user or for each device in a physical sense.
[0090]
After the RPC engine completes (at least temporarily) work on the combined work queue 356, it may move on to dispatch queue processing (block 406) (details below). After processing the work in the join work queue 356, the RPC engine 240 'issues a new scheduling request to the global work queue 358 to reschedule the later executed join (decision block 366, FIG. 4). Block 368, decision block 408, block 410 of FIG. 5).
[0091]
Referring again to FIG. 4, if the RPC work request is a "connection suggestion" (decision block 370), the RPC engine 240 'will provide a new connection with the mobile peer (typically, but not limited to the mobile terminal system 104). There is a request to create an instance of the connection. As an example, the connection suggestion provides RPC engine 240 'with the following information about the device of the peer that is initiating the connection.
[0092]
.Physical identifier of the device
・ User name logged in to the device
The address of the peer device
Additional connection data from peer RPC engine 240
Upon receiving the connection suggestion (decision block 370), the RPC engine 240 calls the configuration manager 228 with the above parameters. The setting manager 228 determines the setting of the new connection using the parameters. This setting (for example, a combined scheduling weight or a list of all applications requiring non-default scheduling characteristics in addition to the above) is returned to the RPC engine 240 'and stored and executed. The RPC engine 240 'then initiates a new join and forms a new join control block (block 372). As shown in FIG. 5A, the following operation may be performed.
[0093]
Allocate a coupling control block (block 372A)
Initialize the resources of the entire system to the default (block 372B)
Override current settings (block 372C)
Initialize the flag (block 372D)
Initialize the join specific work queue (block 372E)
Initialize the object hash table for the join (block 372F)
Initialize the fusion timer (block 372G)
Insert a join control block into the session table (block 372H)
If the Internet Mobility Protocol Engine 244 'determines that the binding must be terminated, a "disconnect indication" is issued from the Internet Mobility Protocol Engine 244' to the RPC engine 240 '. The RPC engine 240 'tests this disconnect suggestion (block 374), stops binding in response to the suggestion, and discards the bind control block (block 376). As shown in FIG. 5B, the following steps may be performed.
[0094]
Mark the join to be stopped so that pending work is not processed further (block 376A)
Close all joined objects, including processing (block 376B)
Release all elements in the work queue (block 376C)
Stop if the fusion timer is running (block 376D)
Decrement the reference count of the join control block (block 376E)
If the reference count is 0 (tested at block 376F)
-Discard the join-related work queue,
Destroy the object hash table,
-Discard the fusion timer,
・ Remove the join control block from the join table,
-Release the control block (376G)
When the system 102 recognizes the need to terminate the connection, a "session abort" request is issued. This request is issued from a system administrator, an OS, or an application. The RPC engine 240 'treats the session abort request in the same way as the disconnect indication (decision block 378, block 376).
[0095]
In the preferred embodiment, the interface between the RPC engine 240 'and the Internet Mobility Protocol engine 244' specifies a flow control mechanism based on credits. Each time a single thread notifies another thread of a work request, the called thread returns to the number of credits remaining in the work queue. If the queue is full, the credit count will be zero, but by convention, the calling thread will not send any more work notifications if the credit count is zero. Thus, a queue that can be set by the user or a predetermined low-water mark is given to the calling thread to inform that the work that has been waiting has been processed and resources have been made available. Such a configuration is required. This is why a "resource available" work suggestion is provided (tested at decision block 380). As shown in FIG. 5C, when the credit count becomes 0, the following steps may be executed.
[0096]
Set the RPC_LMPQ_SEND_FLAG to mark the join as "low mark pending" (block 379A). When this happens,
Discard all datagrams received (block 379B)
Reject data reception and suppress all received stream events (block 379C) (this will eventually close the TCP and other transport reception windows and cause the fixed terminal system 110 and the mobility management server 102 to Before returning, the preferred embodiment pushes a "pending receive request" in front of the binding-related work queue 356, thus handling pending stream reception events (outstanding). stream receive event processing is continued as soon as resources become available).
[0097]
-All received connection events are rejected due to passive connection (block 379D)
When the "resource available" indication is received by the RPC engine 240 '(FIG. 4, decision block 380), the RPC engine determines whether there is work waiting in the combined work queue 356. If so, the RPC engine notifies the global work queue 358 about the join and marks the join work queue 356 as having priority for operation (block 382). If a pending receive request is signaled during a period when the binding is in the pending receive request state, it will be processed during this period (in the preferred embodiment, the RPC engine 240 'will receive all received Accept connection request).
[0098]
Referring again to FIG. 4, if the RPC engine 240 'determines that the channel used for "ping" the mobility management server 102 has been idle for a predetermined period of time (decision block 384), the channel is closed, The resources are released back to the system and used for other processing (block 386).
[0099]
(RPC parsing and priority queue)
Referring again to FIG. 5, it was mentioned above that the RPC engine parses the RPC receive request upon receiving it (see blocks 392, 394). In the presently preferred embodiment, parsing is required in the following respects. That is, a single received datagram may contain multiple RPC calls, and the RPC call may be spread over multiple fragments in an Internet Mobility Protocol datagram. Because there is. FIG. 6 shows an example of the format of the RPC reception work request 500. Each RPC receive work request has at least a main fragment 502 (1) and may also have any number of additional fragments 502 (2) -502 (N). The main fragment 502 (1) has a work request structure header 503 and a reception overlay 504. The reception overlay 504 is a reception overlay provided at the head of the main fragment 502 (1) by the Internet Mobility Protocol Engine 244. This receive overlay 504 has a structure member called p-user data that points to the first RPC call 506 (1) in the work request 500.
[0100]
In the example of FIG. 6, a work request 500 including a plurality of RPC calls 506 (1), 506 (2)... 506 (8) is illustrated. As shown in the example of FIG. 6, the RPC work request 500 may not be included in an adjacent block of memory or in a single fragment 502. In this example, the second fragment 502 (2) and the third fragment 502 (3) are linked to the main fragment 502 (1) in a linked list.
[0101]
Therefore, the RPC parser 394 in the above example handles the following boundary conditions.
[0102]
-Each RPC receive request 500 may include one or more RPC calls
One or more RPC calls 506 may be present in a single fragment 502
-Each RPC call 506 may be completely included in fragment 502
-Each RPC call 506 may span one or more fragments 502
FIG. 7 illustrates an RPC syntax analysis unit 394 that analyzes the RPC reception work request 500. In this example, the RPC parsing unit 394 acquires the first fragment 502 (1) in the work request, acquires the first RPC call 506 (1) in the fragment, and analyzes the RPC call. The syntax analysis unit 394 proceeds in the RPC reception work request 500 and processes each RPC call 506. When the number of remaining fragment bytes of the fragment 502 (1) of the RPC reception work request 500 is larger than the size of the RPC header 503, the parsing unit 394 determines that the RPC call is completely included in the RPC fragment 502, Determine if processing may be performed (this determination may be made by testing whether the length of the RPC call is greater than the number of remaining fragment bytes). When the type of the RPC call is a chain exception, the RPC call updates the RPC parsing unit 394. In the proxy server 224, the only RPC calls that are chain exceptions are "datagram transmission" and "stream transmission". This chaining exception procedure allows the RPC engine to avoid fragment copying by chaining memory descriptor lists together for RPC send calls.
[0103]
When the syntax analyzer 394 determines the type of RPC call, a pointer to the beginning of the RPC information is transferred to the RPC engine 240 for execution. The RPC engine prioritizes every TDI procedure call for execution. The highest priority call is forwarded to RPC dispatcher 395 for immediate processing. All lower priority calls are dispatched to dispatch queue 510 for later processing. Dispatch queues 510 each represent a discrete priority.
[0104]
In this embodiment, the mobile application calls the "open address" and "open connection" object functions before performing other TDI networking functions. Thus, the system assigns application-level priorities during the invocation of the "open address" and "open connection" objects. In the illustrated embodiment, once an address or connection object has been prioritized, all calls associated with that object are performed during its assigned priority.
[0105]
For example, if the RPC call is a TDI open address object request or a TDI open connection object request, the call is sent to the RPC dispatcher 395 for immediate execution. The open address and open connection object RPC calls allow access to a process ID or process name that is used to correspond to information provided by the configuration manager 228 during a configuration request made during the above connection suggestion. The process ID or process name is used to obtain the address or connection object settings.
[0106]
In the preferred embodiment, all RPC calls have at least an address object or connection object as a parameter. When the call is executed, the priority assigned to the object is made the priority of the RPC call. The settings assigned to the address or connection object determine the priority of all corresponding RPC calls to be made. For example, if the assigned priority is “high”, all RPC calls are executed immediately without being dispatched to dispatch queue 510. If the assigned priority is "1", all RPC calls are added to dispatch queue 510 (1).
[0107]
Referring again to FIG. 5, once the processing of the "process association work" task 364 completes the execution of the scheduled combined workload (decision block 404), the dispatch queue is requesting service. A determination is made (block 406). FIG. 8 is a flowchart illustrating the steps performed by "dispatch queue processing" (block 406, FIG. 6) for processing of dispatch queue 510 shown in FIG.
[0108]
In this example, dispatch queue 510 is serviced from the highest priority queue (510 (1) in this example) (block 408). A weighting factor is set for each of the dispatch queues 510. This weighting factor is a configuration parameter returned by the configuration manager 228 when the connection between the mobile terminal system 104 and the mobility management server 102 has been established. For example, the weighting factor of the dispatch queue 510 having a low priority is 4, and the weighting factor of the dispatch queue 510 having a medium priority is 8. In this example, an RPC call with a high priority is processed immediately after analysis, and thus has no weight coefficient.
[0109]
Starting from the current queue, the RPC engine 240 'dequeues the RPC call from the queue and loops until the queue is empty or the queue weight number of the RPC call has been processed (block 412). 416). For each de-queued RPC call, an RPC dispatcher 395 is invoked for its execution. The RPC dispatcher 395 executes a procedure call on behalf of the mobile terminal system 104 and generates a response from the mobile terminal system to the RPC call requesting a response.
[0110]
After exiting the loop, if there is more work left in the queue (decision block 418), the queue is marked as needing re-execution (block 420). Upon exiting the loop, the system moves the processor to the next lower priority queue (blocks 424, 410). This gives the possibility that any priority level will be executed no matter how much work is allocated to a particular queue. The system moves to the service of the next queue and repeats the process until all queues have been processed. When all queues have been processed, the system determines if any queues have been marked as needing execution, and if so, sends a schedule request to the global work queue to re-run the join. Will be done. The re-execution of the join is scheduled in the "global work process" routine of FIG. With the above approach, the processor also gives other couplings that have work to do the opportunity to execute. By assigning a weighting factor to each queue, the system may be adjusted such that access to the CPU of the mobility management server 102 is permitted according to the priority level. As a result, a queue with a high priority can be accessed not only first, but also more easily.
[0111]
(Mobility management server RPC response)
The above describes how a remote procedure call is sent from the mobile terminal system 104 to the mobility management server 102 for execution. In addition to this type of RPC call, the RPC engine 240 'of the mobility management server 102 supports RPC events and RPC receive responses. RPC messages are generated asynchronously as a result of the activity of the binding associated connection peer (typically the fixed terminal system 110). RPC engine 240 ′ of mobility management server 102 completes the RPC transaction performed by RPC dispatcher 395. Successful completion does not mean that all RPC calls require a response, but some RPC calls that require a response will cause the RPC dispatcher 395 to create an appropriate response and use the Internet Mobility Protocol. -Inform the engine 244 'and the response is returned to the peer's mobile terminal system 104. When an RPC call fails, all RPC calls generate a response (except for the RPC receive response above).
[0112]
The RPC event is emitted as a result of the activity of the network 108 by the associated connection (typically the fixed terminal system 110). In the preferred embodiment, such RPC event messages are proxied by the mobility management server 102 and sent to the mobile terminal system 104. The mobility management server 102 of the preferred embodiment supports the following RPC event calls.
[0113]
A disconnection event (occurs when a binding specific connection peer (usually the fixed terminal system 110) issues a disconnection request at the transport level, the request being received by the proxy server 224 on behalf of the mobile terminal system 104; The proxy server 224 sends a disconnection event to the mobile terminal system.)
A stream reception event (occurs when a combined specific connecting peer (usually the fixed terminal system 110) sends stream data to the mobile terminal system 104. The proxy server 224 receives the data on behalf of the mobile terminal system 104 and receives a response (Send the data to the mobile terminal system as (Receive Response))
A datagram reception event (any of the association-specific portals is sent from a network peer (usually a fixed terminal system 110) and sent to the mobile terminal system 104 via the mobility management server 102) Occurs upon receiving a datagram, which is to be received.The proxy server 224 accepts the datagram on behalf of the mobile terminal system 104 and forwards the datagram to the mobile terminal system 104 in the form of a datagram reception event. Do)
When a connection event (association-specific listening portal) attempts to establish an end-to-end connection between the transport layer and the mobile terminal system 104, the connection-specific listening portal sends a transport layer connection request (usually Occurs from the fixed terminal system 110. The proxy server 224 accepts the connection request on behalf of the mobile terminal system and generates and sends a connection event RPC call to the mobile terminal system.)
FIG. 9 illustrates how the RPC engine 240 'handles RPC calls generated by a proxy server. For higher priority addresses and connection objects, the RPC engine 240 'immediately dispatches transmission requests to the Internet Mobility Protocol Engine 244'. The transmission request causes the RPC message to be forwarded to the mobile terminal system 104 of the peer. For low priority objects, a transmission request from the Internet Mobility Protocol Engine 244 is reported to the appropriate priority queue 510 '. If execution of the join is not scheduled, a schedule request is also notified to the global queue 358 '. The transmission request of the Internet Mobility Protocol is finally executed during the processing of the dispatch queue already described with reference to FIGS.
[0114]
(Example of Internet Mobility Protocol)
The Internet Mobility Protocol of the present invention is a message-oriented, connection-based protocol that can guarantee delivery, (re) order detection, and recover from loss. Further, unlike other traditional connection oriented protocols (ie, TCP), it allows multiple separate data streams to be combined into a single channel, providing guaranteed data, unreliable data, and New message-oriented and reliable data can be simultaneously traversed over the network by a single virtual channel. This new level of message-oriented service will cause the request portion to be notified when the Internet Mobility Protocol peer sees a given program data unit.
[0115]
The Internet Mobility Protocol of the present invention is designed to overlay existing network topologies and technologies. The Internet mobility protocol is versatile because it is independent of the underlying network architecture. As long as the packetized data can move between the two peers, the use of the Internet Mobility Protocol is possible. The point of network (POP) or network infrastructure at each node can be changed without affecting the data flow, unless there are physical boundaries, specific policies, or bandwidth limitations.
[0116]
The Internet Mobility Protocol fuses data from various sources with the help of the upper layer and uses the datagram function of the lower layer to move the data back and forth. As each independent data unit comes from the upper layer, the Internet Mobility Protocol then transmits the data unit as a single stream. The data unit is then sent to the peer over the existing network, and upon reception, the stream is demultiplexed with the help of the upper layers back to the original independent data units. As a result, a maximum number of network frames are generated each time transmission is performed, and the use of the bandwidth can be optimized. Further, according to the above, it is possible to adjust the channel so that the bandwidth can be used to the maximum, and it is possible to provide parameters applicable to all session-level connections.
[0117]
In the rare case where one channel is inadequate, the Internet Mobility Protocol can establish multiple channels between peers. This allows prioritization of data and guarantees of service quality (if supported by the underlying network).
[0118]
In addition, Internet mobility protocols are being considered for dynamically selectable and guaranteed levels of service, or for unreliable levels of service. For example, each protocol data unit to be transmitted can be made to wait with a limitation on a validity time period and / or the number of retransmission attempts. The Internet Mobility Protocol expires the data unit when either threshold is reached and excludes it from subsequent transmission attempts.
[0119]
The overhead of the Internet Mobility Protocol as an additional protocol has been minimized by the use of variable length headers. The size of the header is determined by the type of the frame and an optional field. The optional field is added in a particular order to facilitate parsing by the receiver, the presence of which is indicated by a bit in the header flag field. All other control and configuration information required for peer communication can pass through the in-band control channel. All control information to be transmitted is added to the previous frame of any application-level protocol data unit. The receiving side processes the control information and then sends the rest of the payload to the upper layer.
[0120]
Because it is expected to operate in unreliable networks with a relatively high probability of error, the Internet Mobility Protocol employs a number of technologies to ensure data integrity and maximize network performance. Is used. To ensure data integrity, a Fletcher checksum algorithm is used for detecting erroneous frames. This algorithm is employed with high efficiency and high detection capability, and can detect not only bit errors but also bit rearrangement. However, another checksum algorithm may be employed instead of the above algorithm.
[0121]
Although sequence numbers are used to ensure delivery of ordered data, sequence numbers in the Internet Mobility Protocol do not represent each byte of data as in TCP. As an example, the sequence number represents a frame of data up to 65535 bytes (including the Internet Mobility Protocol header). The sequence number is of an appropriate length, such as 32 bits, to prevent wraparound on high bandwidth links within a limited time period.
[0122]
When the above capabilities are combined with the data expiration function, the retransmitted (retryed) frame may contain less data than the previous version generated at the sender. Although it is possible to set the frame ID to detect the latest version of the frame, in the preferred embodiment no data is added, and each deleted element is the entire protocol data unit Therefore, the above method is not always necessary for sequence assurance. As an example, the Internet Mobility Protocol processes a particular frame received only the first time, no matter how many different versions of the frame are transmitted. Each generated frame that carries a new user payload is assigned a unique sequence number.
[0123]
The adoption of sliding window technology improves performance and allows multiple frames to be held (transmitted) before requiring the peer to acknowledge data reception. Acknowledgments and timer-based retransmission schemes are employed to ensure timely data delivery. In addition, a selective acknowledgment mechanism has been adopted to optimize channel utilization, resulting in faster retransmission of lost frames and faster recovery during periods of high or low network connectivity. Is done. In one example, this optional acknowledgment mechanism is represented as an additional bit field included in the header.
[0124]
Congestion avoidance algorithms have also been used to back off the protocol from rapid retransmission of frames. For example, the round trip time can be measured for each frame successfully transmitted between peers without retransmission. This time value is averaged to provide a reference for a retransmission timeout value. Each time a frame is sent, a timeout is set for each frame. If a frame is actually transmitted but no acknowledgment is received for the frame, the frame is retransmitted. At this time, the timeout value increases and becomes a reference for the next retransmission time. Since an upper limit value and a lower limit value are set for the retransmission timeout, the values fall within an appropriate range.
[0125]
In the Internet Mobility Protocol, a transmission path and a reception path are treated separately. This approach is particularly useful in channels that are inherently asymmetric. Based on the hysteresis, the Internet Mobility Protocol automatically adjusts parameters such as frame size (fragmentation threshold), number of pending frames, retransmission time, delay acknowledgment time, and replicated data sent over the network. Decrease the amount of
[0126]
The Internet Mobility Protocol allows nodes to move to different points of connection in various networks, which may change the characteristics of the underlying network (eg, frame size) along the way. As a result, frames that were waiting to be transmitted on a certain network may not fit the new medium to which the mobile device is currently connected. Fragmentation is handled at the level of the Internet mobility protocol, taking into account that fragmentation is not supported in all network infrastructures. Before each frame is transmitted, the Internet Mobility Protocol determines whether the frame exceeds the current fragmentation threshold. Incidentally, this value may be smaller than the current maximum transmission unit from the viewpoint of improving performance (because a smaller frame is more likely to reach the final destination than a larger frame). The trade-off between increasing protocol overhead and increasing the number of retransmissions is examined by the Internet Mobility Protocol, and frame sizes may be reduced to reduce overall retransmissions. If a certain frame fits, the frame is transmitted without being divided. If not, the frame is split to the maximum size allowed for the connection. If a frame is retransmitted, it is re-evaluated and re-fragmented if the maximum transmission unit is reduced (or if the maximum transmission unit is increased, the frame is fragmented May be retransmitted as a single frame that is not transmitted).
[0127]
The protocol itself is designed to be orthogonal, so that either side can establish or break a connection with a peer. However, in some cases, there are some minor operational differences in the protocol engine depending on where they are performed, and certain sleep detections and connection lifetime timeouts can only be performed from one side. In order to enable operations necessary for operation, the Internet Mobility Protocol Engine running on the mobility management server 102 keeps track of the state of the suspension period. If a certain period has elapsed without any work from the mobile terminal system 104, the mobility management server 102 can end the session. It may also be necessary for the administrator to limit the total time required to establish a particular connection, or to deny access by date and time. The operation may be performed only from the management server 102 side.
[0128]
As an example, software that provides the Internet Mobility Protocol can be compiled and run in a Windows NT, 9x, CE environment without the need for platform-specific modifications. In order to realize this, the Internet Mobility Protocol employs a service of a network abstraction layer (NAL) for transmitting and receiving Internet Mobility Protocol frames. Other standard utility functions such as memory management, queue and list management, event logging, alarm systems, power management, security, etc. are also used. Some runtime parameters are changed depending on whether the engine is provided in the mobile terminal system 104 or the mobility management server 102. Several examples are shown below.
[0129]
-A specific timeout can be called only from the mobility management server 102
・ The direction of the frame is indicated in each frame header for echo detection
-By setting the mobile terminal system 104, rejection of inbound connection is possible.
An alert is notified only to the mobility management server 102
Power management is enabled in the mobile terminal system 104 but not necessarily required in the mobility management server 102
The interface of the Internet Mobility Protocol has a small number of standard API functions that are C-callable and platform-independent, and is dedicated to a single OS-specific, scheduled work (other than the standard utility functions described above). A configuration that requires a function may be used. Communication with the local client is enabled by using a defined work object (work request). Completion notification for each work element can be effectively accomplished by notifying the requesting entity through an optional completion callback routine identified as part of the work object.
[0130]
The Internet Mobility Protocol Engine itself is queue-based. Work elements from the local client are added to the global work queue according to the FIFO order, which is done by the local client calling a standard Internet Mobility Protocol function such as "ProtocolRequestwork ()". Subsequently, a scheduling function within the Internet Mobility Protocol removes the work and dispatches to the appropriate function. The combination of the standby and scheduling functions makes the difference between OS architectures invisible, so that the protocol engine can be implemented in a thread-based system (eg, Windows NT) or a synchronous system (eg, Microsoft Windows). (Registered trademark) 9x or Windows (registered trademark) CE). Since the priority scheme can be overlaid on the waiting function, quality of service (if supported by lower layers) can be guaranteed.
[0131]
From a network perspective, Internet mobility protocols utilize scatter-gather techniques to reduce data copying and movement. Each transmission is sent to the NAL as a list of fragments and fused by the network layer transport. If the transport protocol itself supports the scatter-gather technique, the fragment list is transferred over the transport and assembled by the media access layer driver or hardware. Further, the above technique can be extended to insert or delete any protocol wrapper at any level of the protocol stack. The reception of the frame is notified by the NAL layer by calling back the Internet mobility protocol at a specific entry point designated at the time of the NAL registration process (NAL registration process).
[0132]
(Example of Internet Mobility Protocol Engine entry point)
The Internet Mobility Protocol in the illustrated embodiment has four common entry points that manage the startup and shutdown behavior of the protocol. Shown below are these procedures.
[0133]
1. Internet Mobility ProtocolCreate ()
2. Internet Mobility ProtocolRun ()
3. Internet Mobility ProtocolHalt ()
4. Internet Mobility ProtocolUnload ()
(Example of Internet Mobility ProtocolCreate ())
The Internet Mobility ProtocolCreate () function is called by the boot subsystem to initialize the Internet Mobility Protocol. During this first phase, all resources necessary to start processing the work must be acquired and initialized. At the end of the phase, the engine should be ready to accept work from other layers of the system. At this time, the Internet Mobility Protocol initializes the global setting table. To this end, the Internet Mobility Protocol uses the service of the setting manager 228 to populate the table.
[0134]
Next, the Internet Mobility Protocol registers the suspend and resume notification functions with the APM handler. In one example, these functions can be invoked only from the mobile terminal system 104 side; however, in another example, it may be desirable to allow the mobility management server 102 to suspend during operation. Subsequently, other work storage areas such as a global work queue and a global NAL portal list are allocated from the memory pool.
[0135]
To limit the maximum amount of runtime memory required and to guarantee the uniqueness of the Internet Mobility Protocol handle, the Internet Mobility Protocol employs a two-tier array scheme for handle generation. are doing. The size of the global connection array table is determined by the maximum number of simultaneous connections set by the system and is allocated at this time. When all global storage has been allocated and initialized, the state of the Global Internet Mobility Protocol will be _STATE_INITIALIZE_.
[0136]
(Example of Internet Mobility ProtocolRun ())
The Internet Mobility ProtocolRun () function is called after all subsystems have been initialized and notifies the Internet Mobility Protocol subsystem that it may begin processing any pending work. This is the normal state of the Internet Mobility Protocol Engine in general operating situations. Before putting the engine into operation, several second pass initialization steps are performed at this point.
[0137]
The Internet Mobility Protocol allows network communications to take place over any of the interfaces. During the initialization step, the storage for the Internet Mobility Protocol-NAL interface is allocated so that the Internet Mobility Protocol starts all listeners of the NAL, traversing the global portal list. Can be. As an example, this operation is as follows, which includes two steps.
[0138]
The Internet Mobility Protocol binds and opens the NAL layer with a portal based on settings provided during initialization;
The Internet Mobility Protocol then registers an Internet Mobility Protocol RCVFROMCB callback to notify the NAL layer that it is ready to begin processing the received frame.
[0139]
Subsequently, a local persistent identifier (PID) is initialized. The state of the Global Internet Mobility Protocol changes to _STATE_RUN_.
[0140]
(Example of Internet Mobility ProtocolHalt ())
The Internet Mobility ProtocolHalt () function is called to alert the engine that the system has shut down. All resources obtained during operation are released before returning from this function. All sessions of the Internet Mobility Protocol terminate abnormally with a reason code set for management. When the engine enters the _STATE_HALTED_ state, thereafter, work from another layer is not accepted, and the other layers are not notified.
[0141]
(Example of Internet Mobility ProtocolUnload ())
The Internet Mobility ProtocolUnload () function is the second phase of the shutdown process. This is the last opportunity for the engine to release the allocated system resources before returning. When the engine returns from this function, the system itself shuts down and no further work is performed.
[0142]
(Example of Internet Mobility Protocol Handle)
In at least some instances, it is not sufficient to simply use the address of the memory (which stores the Internet Mobility Protocol state information) as a token that describes the Internet Mobility Protocol connection. This is mainly due to the possibility that one connection will end and another new connection will be started within a short period of time. It is likely that the memory allocator will redistribute the same address to another connection as the previous one, and this value will indicate both the previous connection and the new connection. If the original peer does not recognize the end of the session (because it has been powered off, suspended, out of range, etc.), it will send the frames of the previous session towards the new session It is possible. This occurs for TCP, and if the peers have the same IP address, a reset is performed to create a new session. To avoid this, the Internet Mobility Protocol employs a manufactured handle. The handle is formed by a two-row index and is one-time only to maintain uniqueness. The table has the following layout.
[0143]
Table 1: Array of pointers to arrays of connection objects
Table 2: Array of connection objects containing real pointers to Internet Mobility Protocol control blocks
This technique minimizes the amount of memory allocated during the initialization period. Table 1 is sized and assigned at startup. As a result, a small amount of memory can be allocated on the mobile terminal system 104 side (the memory requested to be allocated by the table 1 on the mobility management server 102 side is slightly larger because the server has many connections). Things).
[0144]
Table 1 is populated as needed. When a connection request is made, the Internet Mobility Protocol looks for a valid pointer to Table 2 in Table 1. If no entry point is found, the Internet Mobility Protocol allocates 256 connection objects to the new Table 2 and records a pointer to Table 2 in the appropriate slot of Table 1. Next, the protocol engine initializes Table 2, allocates a connection object from the newly created table, and returns to the manufacturing handle. If another session is requested, the Internet Mobility Protocol will again search Table 1 to find a valid pointer to Table 2 and assign the next connection object for the session. This process continues until one of the following two states is reached.
[0145]
When all the connection objects are lost from the table 2, the table 2 is newly allocated and initialized, and the pointer indicating the table 2 is set to the next available slot of the table 1.
[0146]
If all connection objects are released to a particular instance of table 2 and if all elements have not been used for a particular period, the storage in said instance of table 2 is released back to the memory pool and table 1 The associated pointer is zeroed to indicate that the entry is available when the next connection request is initiated (in other instances of Table 2, the available connection objects are If not).
[0147]
Two global counters are maintained to allow the total number of allocated connections to be limited. One global counter counts the number of currently active connections, and the other keeps track of the number of unassigned connection objects. Furthermore, the second counter also manages the total number of connection objects that can be created up to an arbitrarily set limit. When a new table 2 is allocated, the counter is adjusted downward to keep track of the number of objects represented by the new table. On the other side, when the Internet Mobility Protocol releases an instance of Table 2 to the memory pool, the counter is revised upward to match the number of connection objects released.
[0148]
(Example of workflow)
With the Internet Mobility ProtocolRequestWork () function, work is requested from the local client. When the work is validated and added to the global work queue, the Internet Mobility ProtocolQueueEligible () function is called. In a threaded environment, an Internet Mobility Protocol worker thread is signaled (marked conforming) and control immediately returns to the calling entity. In a synchronous environment, the global work queue is immediately executed and any requested work is processed. In either case, the Internet Mobility ProtocolProcessWork () function will be executed. This is the main dispatch function for work processing.
[0149]
In the illustrated embodiment, work from the global queue may only be dispatched by one thread at a time, and a global semaphore may be used to prevent reentry. For private Internet Mobility Protocol work, work can be sent directly to the global work queue without using the Internet Mobility ProtocolRequestWork () function.
[0150]
A special case is assumed for the SEND type work object. To ensure that the semantics of unreliable datagrams are maintained, each SEND-type work object can be queued with an expiration date or retry count. The life of the work is calculated based on the expiration date. If such a predetermined timeout occurs, the work object is removed from the connection specific queue and completes with an error condition. If the SEND object has already been merged into the data path, the protocol allows removal of any SEND object with a retry count set. If the retry count is exceeded, the object is removed from the list of elements that make up the particular frame and returned to the requester, indicating an appropriate error condition.
[0151]
(Example of connection startup)
Internet mobility protocols have a very efficient mechanism for establishing connections between peers. Confirmation of the connection is made by exchanging at least three frames between the peers. The initiator sends an IMP SYNC frame to its peer to warn that connection establishment is required. The acceptor warns the peer that the connection request has been rejected by sending an IMP ESTABLISH frame to confirm connection acceptance or by sending an IMP ABORT frame. The reason and status code are sent in an IMP ABORT frame to help the user understand the reason for the connection refusal. If the connection is granted, an acknowledgment frame (which may contain the protocol data unit and control data) is sent and forwarded to the acceptor to acknowledge receipt of the establishment frame.
[0152]
To minimize network traffic, the protocol may allow user and control data to be included in the initial handshake mechanism at connection startup. This configuration avoids performance degradation due to unsecured environments, double security authentication on the same data path, and encryption processing on the same data path. It is used in environments where security is handled at a lower level, such as where Internet mobility protocols are being coordinated.
[0153]
(Example of data transfer)
The Internet Mobility Protocol detects that a frame has been delivered to the network by notification from the NAL. The Internet Mobility Protocol does not retransmit the same frame until the original request is completed, since the metrics determine whether the network link is constantly being flow controlled. However, some network drivers erroneously suggest transmission of a frame before sending the frame to the network. With the use of semaphores, the Internet Mobility Protocol layer will detect this and will not send another datagram until the NAL replies to the original request.
[0154]
When a frame is received by the Internet Mobility Protocol, it is quickly inspected and added to the appropriate connection queue. If the frame does not have enough information for the Internet Mobility Protocol to identify its final destination, the frame is added to the Internet Mobility Protocol socket queue that received it and the The socket queue is added to the global work queue for subsequent processing. This initial demultiplexing allows the received work to be quickly spread with limited processing overhead.
[0155]
(Example of acquiescing)
To minimize the network bandwidth during retransmissions and the power required by the mobility management server 102, the protocol allows the mobility management server 102 to "accept" the connection. After a period that can be set by the user, the mobility management server 102 stops retransmitting the frame to a specific connection if there is no notification from the corresponding mobile terminal system 104. At this time, the mobility management server 102 assumes that the mobile terminal system 104 cannot communicate (out of service area, suspend, etc.) and suspends the connection. All subsequent work on the connection is stored for later distribution. The connection will remain in the same state unless any of the following situations are met.
[0156]
The mobility management server 102 receives the frame from the mobile terminal system 104 and returns the connection to its original state;
The connection lifetime timeout expires,
The sleep timeout expires, or
Connection is canceled by the system administrator
If the mobility management server 102 receives a frame from the mobile terminal system 104 and the connection is resumed from the point where it was interrupted, all work waiting on the connection is transferred and the state is resynchronized. Otherwise, when reconnection is made, the mobile terminal system 104 is notified of the end of the previous connection, and the work waiting to be sent to the mobile terminal system 104 is discarded.
[0157]
(Example of connection and transmission request)
10A-10C form a flowchart illustrating the connection and transmission request logic generated by the Internet Mobility Engine 244. Upon receiving an instruction from RPC engine 240, Internet Mobility Protocol Engine 244 determines whether the instruction is a "connect" request (decision block 602). If the command is a "connect" request, the engine 244 determines whether connection resources can be allocated (decision block 603). If not enough connection resources are allocated ("No" at decision block 603), engine 244 declares an error (block 603a) and responds. If connection resources can be allocated, the engine 244 performs state setting processing to prepare for processing of a connection request (block 603b).
[0158]
In response to a connection or other request, the engine 244 waits for the connection or transmission request and notifies a global event before responding to the calling application (block 604).
[0159]
To dispatch a connection or transmission request from the Internet Mobility Protocol global request queue, engine 244 first determines if there is any work pending (decision block 605). If there is no work pending (if “No” at decision block 605), the engine 244 moves to block 625 of FIG. 10C and waits for a response from the application to wait for work for connection ( Block 605A). If there is work pending (if "yes" in decision block 605), engine 244 determines whether the current state is established (block 606). If the state is established ("Yes" in decision block 606), engine 244 skips the step for transition to state establishment and moves to decision block 615 of FIG. 10B (block 606a). If a state has not been established, engine 244 may need to perform a series of steps for establishing the state (if "no" at decision block 606).
[0160]
To move to state establishment, engine 244 first determines if the address of its peer is known (decision block 607). If not, the engine 244 waits further for work and moves to block 625 of FIG. 10C to wait for the peer address (block 607a). If the address of the peer is known ("yes" in decision block 607), engine 244 next determines whether the required security context has been obtained (decision block 608). If not, the engine 244 needs to wait further for work and move to block 625 of FIG. 10C to wait for a security context to come (block 607a). If a security context has already been obtained ("Yes" at decision block 608), engine 244 declares a "pending state" state (block 608b) and sends an Internet Mobility Protocol synchronization frame (block 608b). Block 609), start a retransmission timer (block 610). Engine 244 determines whether a corresponding establishment frame has been received (block 611). If not ("No" in decision block 611), engine 244 determines whether the retransmission time has expired (decision block 612). If the retransmission time has not expired (“No” in decision block 612), engine 244 may wait and then move to step 625 (block 613). Eventually, if no established frame is received (determined in block 611) and the retransmission time has all expired (decision block 614), the connection may be aborted (block 614a). Eventually, if an established frame is received ("Yes" at decision block 611), engine 244 declares an "established" state (block 611a).
[0161]
Once the status has been established, the engine 244 determines whether the new connection has been authenticated (decision block 615). If not, engine 244 may wait and move to step 625 (block 616). If the connection has been authenticated ("Yes" at decision block 615), engine 244 determines whether the authentication was successful (decision block 617). If unsuccessful ("No" in decision block 617), the connection is aborted (block 614a). If successful, engine 244 determines whether the peer transmission window is full (decision block 618). If full (decision block 618 is "yes"), engine 244 waits for an acknowledgment and proceeds to step 625 (decision block 619). If the window is not full (decision block 618 is "no"), engine 244 generates (block 620) and transmits (block 621) an Internet Mobility Protocol data frame. Next, engine 244 determines whether the retransmission timer has started (decision block 622). If not, the engine 244 starts a retransmission timer (block 623). Engine 244 repeats blocks 618-623 until there is no more data to send (determined at decision block 624). The engine 244 then enters sleep mode, waits for more work, and returns to the global dispatcher (block 625).
[0162]
(Example of cancellation)
FIG. 11 is a flowchart illustrating the steps performed by the Internet Mobility Protocol Engine 244 to terminate a connection. Upon receiving the "stop connection" request (block 626), the engine adds the request to the global work queue and replies to the calling application (block 626a). The abort request is finally dispatched from the Internet Mobility Protocol processing global work queue for execution (block 627). Engine 244 examines the abort request to determine whether the request is urgent or affordable (decision block 628). If it is urgent ("abort" in decision block 628), engine 244 immediately terminates the connection (block 629). If so, the engine 244 declares a "state close" state (block 628a) and the Internet mobility protocol "Mortis". "Transmit the frame (block 630), indicating to the peer that the connection is to be closed. Next, engine 244 declares a "Mortis" state (block 630a) and starts a retransmission timer (block 631). Engine 244 determines whether a "post mortem" frame has been responded to by the peer (decision block 632). If not (decision block 632 is "no"), engine 244 determines whether the retransmission timer has expired (decision block 633). If the time has not expired ("NO" in decision block 633), engine 244 waits and proceeds to step 637 (block 634). If the retransmission timer has expired ("Yes" at decision block 633), engine 244 determines whether the total retransmission time has expired (decision block 635). If not, then return to block 630 and retransmit the Mortise frame. If the total retransmission time has already expired ("Yes" in decision block 635), engine 244 immediately terminates the connection (block 635a).
[0163]
If a "post mortem" response frame is received from the peer ("yes" at decision block 632), engine 244 declares a "post mortem" state (block 632a) and releases the connection resources (block 636). ), Return to the sleep state and wait for further work (block 637).
[0164]
(Example of retransmission)
FIG. 12 shows an example of the “retransmission” event logic executed by the Internet Mobility Protocol Engine 244. When the retransmission timer expires (block 650), engine 244 determines if there are any pending frames (decision block 651). If there are no pending frames ("No" at decision block 651), engine 244 discards the timer (block 652) and returns to the sleep state (block 660). Conversely, if there are any pending frames ("yes" in decision block 651), engine 244 determines whether the entire retransmission period (entire) has ended (decision block 653). If not, the process returns to sleep due to the time difference (block 654). If so, the engine 244 determines whether the total retransmission period has expired (decision block 655). If the event has already been completed ("Yes" in decision block 655) and this event is being executed by the mobility management server engine 244 '(corresponding to the mobile terminal system engine 244), a sleep state is declared (decision). Block 656, block 656a). In the same state, the Internet Mobility Protocol Engine 244 running on the mobile terminal system 104 aborts the connection (block 656b).
[0165]
If all retransmission periods have not expired ("No" at decision block 655), engine 244 reprocesses the frame to remove timed out data (block 657) and retransmits it. Then, the retransmission timer is restarted as it is (block 659). The process then enters a sleep state (block 660) and waits for the next event.
[0166]
(Example of expired PDU of Internet Mobility Protocol)
In block 657 of FIG. 12, the requesting upper layer interface specifies a timeout or retry count for the expiration of the protocol data unit (ie, SEND work request) 506 sent to the binding peer. Will be possible. This feature allows the Internet Mobility Protocol Engine 244 to perform other functions, such as maintaining unreliable data semantics and removing unreliable data from retransmitted data. Each PDU (protocol data unit) from the upper layer specifies a validity timeout and / or retry count for each element that will eventually be coded by the Internet Mobility Protocol Engine 244. can do. The expiration timeout and / or retry count (identifiable by the user in some applications) may be used to determine which PDUs 506 should be removed from the frame without being forwarded before retransmission by engine 244. Be done.
[0167]
The expiration time out associated with the PDU 506 specifies a relative time period that each PDU should consider during transmission. During the execution request, the Internet Mobility Protocol RequestWork function checks the expiration time value. If the value is not 0, the age timer is initialized. The requested data is then added to the same queue as other data sent to the joining peer. If a PDU 506 is in the queue longer than the period specified by the validity period parameter, the expired (all) PDUs are removed during the next event processing the queue, Rather than being retransmitted when the frame is retransmitted, it is completed locally with a status code of "timeout failure". This algorithm prevents unreliable data waiting for transmission to peers from growing stale and / or consuming system resources indefinitely.
[0168]
In the example of FIG. 12A, at least three independent PDUs 506 have been queued at Internet Mobility Protocol Engine 244 for subsequent processing. PDU 506 (1) has no expiration date and no timeout for the request. The PDU 506 (2) has a validity period of 2 seconds, and is arranged in chronological order after the PDU 506 (1). The PDU 506 (n) has a validity period of 2.5 seconds, and is arranged after the PDU 506 (2) in chronological order. Since waiting for PDU 506 (n) is the first event that causes the queue to be processed and the validity period of PDU 506 (2) to elapse, PDU 506 (2) is removed from the work queue and completed locally to complete PDU 506 (2). n) is added to the list. If the validity period is set to PDU 506 (n), a series of events up to this point is repeated. Any event that manipulates the work queue (add to queue, remove from queue, etc.) removes and completes outdated PDUs.
[0169]
As described above, the PDUs 506 are fused by the transport logic of the Internet Mobility Protocol Engine 244 and formatted into a single data stream. Each independent work element is assembled to form an Internet Mobility Protocol data frame unless it has expired due to an expiration timeout. The Internet Mobility Protocol Engine 244 will eventually send these PDUs 506 to the peer and add the relevant frames to the Frames-Outstanding list. If the peer does not recognize the frame within a certain period of time (see the retransmission algorithm in FIG. 12), the frame is retransmitted to recover lost or corrupted packets. Immediately prior to retransmission, the PDU list forming the frame is repeated to determine if a request with a retry count is waiting. If the retry count is not zero and decreases toward zero, the PDU 506 is removed from the list and the frame header is modified to indicate data erasure. In this way, stale data, unreliable data, or applications with their own retransmission policies are not burdened by the retransmission algorithm of engine 244 '.
[0170]
Also in the example of FIG. 12B, at least three independent PDUs 506 have been queued at Internet Mobility Protocol Engine 244 for further processing. PDU 506 (1) is enqueued without a retry count, indicating continuous retransmission attempts and guaranteed delivery level service. The PDU 502 (2) is added to the queue with a retry count of 1, and is arranged after the PDU 506 (1) in time series. The PDU 506 (n) joins after the PDU 502 (2) after a certain period of time has elapsed. At this point, some external event (eg, upper layer fusion timer) causes the engine 244 'to gather enough PDUs 506 from the work queue to generate the Internet Mobility Protocol data frame 500 and create a new frame. To send the logic to do. A frame header 503 is determined, to which 0 is added as a retry ID to indicate the first transmission of the frame. The frame is then sent to the NAL layer for later transmission to the network. At this time, the retransmission timer starts, because the frame includes the payload. For ease of explanation, assuming that an acknowledgment from the peer was not received for various reasons before the retransmission timer expired, the retransmission logic of engine 244 will cause the relevant frame 500 to go to the network. It is determined whether it is appropriate to be retransmitted. Before retransmitting the frame to the NAL layer, the retransmission logic of engine 244 'iterates over the list of associated PDUs 506. The retry count for each PDU 506 (2) is examined and if not zero, the count is decremented. The process of reducing the retry count of PDU 506 (2) causes the count to become zero. With the retry count for PDU 506 (2) reaching zero, PDU 506 (2) is removed from the list and is completed locally with a status of "retry failure". Subsequently, the size of the frame header 503 is adjusted to indicate that there is no data of the PDU 506 (2). This process is repeated for all remaining PDUs. When the entire frame 500 is reprocessed for creation of the "after-edit" frame 500 ', the retry ID in the header is incremented and the generated datagram is NAL ready for subsequent (re) transmission. Sent to the layer.
[0171]
(Example of reception)
13A-13D form a flowchart illustrating the steps performed by the Internet Mobility Protocol Engine 244 upon receipt of a "Receive" event. Such a reception event is generated when an Internet Mobility Protocol Engine frame is sent from the network 108. In response to the received event, engine 244 pre-validates the event (block 670) and determines whether it may be an Internet Mobility Protocol engine frame (decision block). 671). If the engine determines that there is no possibility ("No" in decision block 671), the frame is discarded (block 672). If so, the engine 244 determines if there is a connection associated with the received frame (decision frame 673). If there is a connection associated with the received frame ("yes" in decision block 673), engine 244 adds work to the connection receive queue (block 674) and marks the connection as eligible for reception (block 674). Block 675), adding the connection to the global work queue (block 676). If no connection has yet been associated with the received frame ("No" at decision block 673), the engine 244 adds the received frame to the socket receive queue (block 677) and performs global work on the socket receive queue. Enqueue (block 678). In either case, engine 244 sends a global work event (block 679). When dispatching "Receive Eligible" events from the global work queue (see FIG. 13B), engine 244 removes the frame from the respective receive queue (block 680). Multiple IMP frames can be received and queued before the Internet Mobility Protocol Engine 244 can begin dequeuing messages. The engine 244 repeats the process until all frames are out of the queue (blocks 681, 682). If a frame is dequeued ("yes" at decision block 681), engine 244 examines the received frame (block 683) and determines whether the frame is valid (decision block 684). If the received frame is invalid, engine 244 discards the frame (block 685) and removes the next frame from the receive queue (block 680). If the frame is valid ("yes" in decision block 684), engine 244 determines whether the frame is associated with an existing connection (block 686). If not (decision block 686 is "no"), engine 244 determines if there is a sync frame (decision block 687). If there is no sync frame ("No" in decision block 687), the frame is discarded (block 685). Conversely, if a synchronization frame has been received ("yes" at decision block 687), engine 244 processes the frame with a passive connection request described with reference to FIGS. 14A and 14B (block 688).
[0172]
If the frame is associated with a connection ("Yes" in decision block 686), engine 244 determines whether the connection state is still active and not yet "post mortem" (decision block). 689). If the connection is already "post mortem", the frame is discarded (block 685). Otherwise, engine 244 analyzes the frame (block 690) and determines whether the frame is an aborted frame (decision block 691). If the frame is an abort frame, the engine 244 immediately aborts the connection (block 691a). If the frame is not an aborted frame ("yes" in decision block 691), engine 244 processes the acknowledgment information and releases all pending transmission frames (block 692). The engine 244 then sends it to the security subsystem if it needs to be decrypted (block 693). When the frame returns from the security subsystem, engine 244 processes all control data (block 694). Subsequently, engine 244 determines whether the frame contains application data (decision block 695). If so, the data is queued at the application layer (block 696). The engine 244 also determines whether the connection is dormant (blocks 697 and 697a: this also applies to the mobility management server engine 244 'in the preferred embodiment) and returns to the established state.
[0173]
If the frame may be a "Mortis" frame ("Yes" in decision block 698), engine 244 indicates "disconnect" to the application layer (block 699) and enters the "Mortis" state (block 699). Block 699a). Engine 244 sends a "post mortem" frame to the peer (block 700) and enters a "post mortem" state (block 700a). Subsequently, the engine 244 releases connection resources (block 701) and returns to the sleep state to wait for work (block 702). If the analyzed frame is a "post mortem" frame ("Yes" in decision block 703), blocks 700a, 701, 702 are executed. Otherwise, control returns to block 680 to remove the next frame from the receive queue (block 704).
[0174]
(Example of passive connection)
14A-14B form a flowchart illustrating the steps performed by Internet Mobility Protocol Engine 244 for a "passive connection" request. First, the engine 244 determines whether another connection exists for the device (block 720). If so ("Yes" in decision block 720), the engine determines whether it is the first connection (decision block 721). If the peer recognizes that the new connection is the first connection ("Yes" at decision block 721), engine 244 aborts the previous connection (block 722). If it is not the first connection ("No" in decision block 721), engine 244 determines whether the sequence corresponds to the connection ID (decision block 723). If not ("No" in decision block 723), control returns to decision block 720. If the sequence and the connection ID correspond (if "yes" in decision block 723), engine 244 discards the duplicate frame (block 724) and returns to step 680 of FIG. 13B (block 725).
[0175]
If there is no other connection ("No" in decision block 720), engine 244 determines whether connection resources can be assigned to the connection (decision block 726). If not, an error is declared (if no at decision block 726, block 727) and the connection is aborted (block 728). If connection resources can be allocated ("yes" in decision block 726), engine 244 declares a "set" state (block 726a) and obtains a security context for the connection (block 730). If sufficient security context could not be obtained ("No" in decision block 731), the connection is aborted (block 728). If so, the engine 244 sends an establishment frame (block 732) and declares that the connection has entered an "established" state (block 732a). Subsequently, engine 244 activates the retransmitter (block 733) and waits for authentication processing for completion (block 734). Finally, engine 244 determines whether the device and the user are both authenticated (block 735). If either the device or the user has not been authenticated, the connection is aborted (block 736). Otherwise, engine 244 suggests a connection to a listening application (block 737) and obtains the settings (block 738). If either of these two steps is not successful, the connection is aborted (decision block 739, block 740). If successful, the process returns to sleep and waits for work (block 741).
[0176]
(Example of abnormal termination)
15A and 15B form a flowchart illustrating the steps performed by the Internet Mobility Protocol Engine 244 in response to a connection "stop" request. Upon receiving such a request dispatched via a queue from another process (block 999) (block 1000), engine 244 determines whether a connection is involved with the request (decision block 1001). ). If so ("yes" in decision block 1001), engine 244 saves the original state (block 1002) and declares the "aborted" state (block 1002a). Next, engine 244 determines whether a connection was suggested to the RPC engine (decision block 1003). If so, the engine 244 indicates a disconnect event (block 1004), declares a "post mortem" state (block 1003a), and releases the resources allocated to the connection (block 1005). Is determined to be greater than the pending state (decision block 1006). If the original state is not greater than the pending state ("No" in decision block 1006), processing moves to block 1012 to return to the calling routine (block 1007). If the original state is greater than the pending state, the engine 244 determines whether the request is related to a received frame (decision block 1008). If the abort request is associated with a received frame and the received frame is a aborted frame (decision block 1009), the received frame is discarded (block 1011) before returning to the calling routine (block 1012).
[0177]
(Example of roaming control)
Referring again to FIG. 1, the mobile network 108 may include a plurality of segments, each providing a separate network interconnect (107a-107k, corresponding to a wireless transceiver 106a-106k, respectively). In another aspect of the present invention, the network 108 including the mobility management server 102 handles the "roaming" situation where the mobile terminal system 104 moves from one network interconnect to another. be able to. Generally, the topology of the network 108 is divided into several segments (subnets) for management and other reasons, and generally, in one segment, a separate network (transmission) address is assigned to each of the plurality of mobile terminal systems 104. Have been assigned.
[0178]
Generally, a network device newly started in the above subnet is automatically set by using a dynamic host configuration protocol (DHCP). For example, a DHCP server on a subnet typically "leases" its clients (in addition to providing others) with a valid network address. A DHCP client may not have a permanently assigned, "hard-coded" network address. Instead, at boot time, the DHCP client requests a network address from the DHCP server. The DHCP server pools available network addresses for assignment. When a DHCP client requests a network address, the DHCP server assigns or leases the pooled address to the client. The assigned network address is owned by the client for a specific period (lease period). At the end of the lease period, the network address is returned to the pool and becomes available for assignment to other clients. In addition to the automatic assignment of network addresses, DHCP provides setting information such as a netmask to clients running DHCP client software. More information about the standard DHCP protocol can be found in RFC2131.
[0179]
Thus, when the mobile terminal system 104 using DHCP roams from subnet to subnet, the system will have a new network address. In one aspect of the present invention, the mobility management server recognizes a “new” network address of the mobile terminal system 104 by cooperating with the mobility management server 102 using the DHCP automatic setting function, The connection between the address and the previously established connection that the mobility management server proxies is guaranteed.
[0180]
In one embodiment, along with other standard methods used to determine whether the mobile terminal system 104 has roamed or gone out of range to another subnet, the echo request-response (echo) As a request-response, a sequence of DHCP Discover / Offer messages for standard client / server broadcast is used. According to the standard DHCP protocol, the mobile terminal system 104 requesting a network address periodically broadcasts a client identifier and a hardware address as part of a DHCP Discover message, whereas the DHCP server Broadcast the Offer response (because the requesting mobile terminal system does not yet have a network address, rather than identifying the system and sending the response, the form in which the response is conveyed by broadcast) become). Therefore, all the mobile terminal systems 104 on the subnet receive the response from the DHCP Offer server broadcast to any mobile terminal system on the subnet.
[0181]
In this embodiment, a DHCP listener is provided to monitor DHCP broadcast messages so that the mobile terminal system 104 is roaming from one subnet to another and that a new network address can be obtained by DHCP. Is checked. FIG. 16 shows an example of the data structure of the DHCP listener. For example, the data structure 902 of the listener of the mobile terminal system may have the following elements.
[0182]
A linked list of server data structures,
An integer transaction ID number (xid),
A counter ("ping"), and
・ Timeout value
The server data structure 904 may have a linked list of data blocks, each defining a separate DHCP server. Each of the data blocks may have the following elements.
[0183]
A pointer to the next server,
Server ID (network address of DHCP server),
The address of the BOOTP relay agent recently bound to the DHCP server (giaddr),
A "ping" value (socket-> ping), and
·flag
These data structures are continuously updated based on the DHCP broadcast traffic on the network 108. The functions illustrated below are used to maintain the data structure.
[0184]
-RoomCreate () (initialize variables)
・ RoamDeinitialize () (delete all listeners)
RoamSertIndications () (calls the provided callback routine for registering roaming indications when the mobile terminal system roams or changes interface)
• roomStopIndications () (remove appropriate callbacks from list to stop suggesting registered roaming)
Interface change (callback notification from OS indicating that the interface has changed the network address)
-Listener signal (callback for each interface from the listener, indicating any of the following states: roaming, out of service, return to service)
In addition, a refresh process may be used to update the listener after an interface change.
[0185]
In the preferred embodiment, all mobile terminal systems 104 transmit the same client identifier and hardware address in a DHCP Discover request. Thereby, the data structure of the listener and the processing related thereto can distinguish a Discover request from the mobile terminal system from a Discover request from another network device. Since the DHCP server also broadcasts the response, any mobile terminal system 104 and / or mobility management server 102 can receive the Offer response issued by the DHCP server to any mobile terminal system. Because multiple DHCP servers can respond to a single DHCP Discover request, the listener data structure of FIG. 16 stores each response from the server in a separate data block tied to the main handle via a linked list. .
[0186]
Upon receiving a Discover request having a predetermined client hardware address and client identifier, the preferred embodiment recognizes the request as having been sent from the mobile terminal system 104. If the message further has a BOOTP relay address set to 0, it indicates that the message is from the same subnet as the listener. The listener may ignore the DHCP Offer response unless a transaction ID (xid) corresponding to the transaction ID (xid) of the Discover message recently sent from the mobile terminal system 104 is included. The listener determines that the mobile terminal system 104 has roamed if there is a response from a known server with the provided network address, masked with the new BOOTP relay agent ID and / or the provided subnet mask. . Only upon receiving an acknowledgment from the old server does the listener add the new server to the data structure of FIG. If the listener receives a response from the new server but not from the old server, a roaming condition is suggested (this can be changed by configuration). If the listener does not receive a response from either the old or new server, it is determined that the listener is out of range. Can be used to reduce transmission volume).
[0187]
If the listener does not receive a response from any server, it cannot determine whether roaming is occurring because there is no reference point. This situation is relieved by giving an error warning after the timeout and forcing the caller to retry the operation. In the preferred embodiment, if there is a response from a known server with a new BOOTP relay agent ID (or the provided network address masked with the provided subnet mask), the mobile terminal system 104 has roamed. judge. If there is a response from the new server but no response from the old server in the listener's data structure, roaming may have occurred, but there may be a response from the old server after that. Delay notification. If there is no response from either the old or new server, the mobile terminal system 104 may be out of range, and the mobility management server 102 waits for the system to return to range.
[0188]
FIG. 17 is a flowchart illustrating steps of a listener process according to the preferred embodiment. According to the figure, the DHCP listener process is performed by allocating appropriate memory to the handle, releasing the NAL socket to the DHCP client and server UDP ports, and setting a receive callback for both. Next, a timer is set (block 802) and the process enters a "wait" state to wait for a roaming related event (block 804). Events are triggered by the following three types of external inputs.
[0189]
・ Receive DHCP server packet
・ Receive a DHCP client packet from another mobile terminal system ・ Timer expires
If a DHCP server packet is received, the packet is examined to determine whether the client identifier matches a predetermined client ID (decision block 806). If they do not match, the packet is discarded. However, if the packet does include the predetermined client ID, it is determined whether the packet is a DHCP Offer packet (decision block 808). The Offer packet is rejected unless it contains the transaction ID corresponding to the recently sent DHCP Discover sequence.
[0190]
If the packet transaction IDs correspond (block 810), it is determined whether the server that sent the DHCP Offer packet is known (ie, whether the server ID is included in the listener data structure of FIG. 16). A determination is made (block 812). If the server ID is not in the list ("No" in decision block 812), the server ID is added to the list and marked "New" (or "First" if it is the first server in the list). Marked) (block 822). If the server is already on the list ("Yes" at decision block 812), it is further determined whether the packet BOOTP relay address ("GIADDR") corresponds to the server address ("GIADDR") ( Decision block 814). If not, it is determined that a "hard roam" has been performed since the Offer packet is from another subnet (block 816). The calling application is notified that roaming has taken place. If it is determined at decision block 814 that the BOOTP relay addresses correspond, then roaming has not occurred, the server reception time is recorded, and the "new" flag is reset for all other servers on the list. , A listener process is performed to store the current ping number in the server (blocks 818, 820). Subsequently, the process returns to the “standby” period.
[0191]
When an event is received in a client packet, the listener process determines whether the packet has a predetermined client ID, is a DHCP Discover packet, and has a packet BOOTP relay address (GIADDR) of 0. (Blocks 824, 826, 828). Through these steps, it is determined whether the received packet is a DHCP Discover message transmitted from another mobile terminal system on the same subnet as the listener. If so, the listener process sets the transaction ID to the peer's transaction ID, which is used to compare the DHCP Offer packet received later (block 830), and invokes "ping confirmation" (block 834). , The timer is reset (block 836).
[0192]
Upon expiration of the timer, the process calls "ping ping" (block 838). “Ping” in the preferred embodiment is a DHCP Discover packet with a random new xid. This step of ping confirmation 838 is illustrated in FIG. 17A. The purpose of the ping confirmation routine is to provide a "soft roam" condition (i.e., the mobile terminal system has temporarily lost contact with the subnet but has subsequently recovered, but has not yet roamed to another subnet). State) has occurred. Through the processing, it is determined whether the subnet roaming state, the out-of-service state, or the “no server” state has occurred. In other words, these are as follows.
[0193]
• Did the mobile terminal system roam from one subnet to another?
・ Is the mobile terminal system out of range?
・ Is there no DHCP server?
These states are determined by comparing the previous "ping" response and the current "ping" response of the mobile terminal system (decision blocks 846, 850). For example, if the number of current pings minus the previous ping response of the old server is greater than the pings of the servers in the subnet and at least one server is marked as "new," subnet roaming to another server It means that there was. This logic indicates (or does not indicate any) a subnet roaming state, an out-of-service state, or a server-less state for the calling process.
[0194]
FIG. 18 is a flowchart illustrating steps performed by a roaming control center of the mobile terminal system 104. To enable roaming at the mobile terminal system 104, the list of known addresses is initialized to zero (block 850), OS interface change notifications are enabled (block 852), and the OS is then invoked by calling Obtain a list of current addresses using DHCP (block 854). Listeners corresponding to all known addresses missing from the current list are closed (block 856), while listeners on the current list but at unknown interfaces are opened (block 858). Next, it suggests "roaming" to the registrant (block 860).
[0195]
When a signal is sent from the listener process of FIG. 17 (block 862), it is determined whether the signal indicates "roaming", "out of service", or "return to service" (decision blocks 864, 870). 874). A roaming signal ("yes" at decision block 864) closes the corresponding listener 866 and calls the OS to release and renew the DHCP lease for the network address (block 868). If the listener signal is "out of service" (decision block 870), the condition is suggested to the registrar (block 872). If the signal is "return in range" (decision block 874), the condition is indicated to all enrollees (block 876). Upon receiving an invalid roaming command (block 878), all listeners are closed (block 880) and the OS interface change notification is invalidated (block 882).
[0196]
(Example of roaming listener assisted by interface)
In addition, interface-based listeners allow roaming across network connection points of the same network and another network medium. While the interface-based listener operates without the need for beacon technology described above, the system may fall back to a beacon state if the underlying interface (s) do not support the appropriate signals.
[0197]
In this embodiment, the interface-based listener integrates information from the network interface adapter (eg, via a low-level interface roaming driver) with information from the network stack to allow the mobile node to create a new It is determined whether or not it has moved to a network connection point. 19A and 19B illustrate a listener algorithm used to efficiently determine the migration path of a mobile node. The process uses a single network interface connected to a single network medium, but alone or in conjunction with other roaming algorithms (e.g., self-service using redundant paths). It can also traverse various network media and interfaces (to build a recovery infrastructure).
[0198]
Referring to FIG. 19A, at system initialization or when the network adapter driver loads (FIG. 19A, block 2000), the low-level interface roaming driver performs registration with the roaming control center module of FIG. (Block 2010). Such registration (implemented through the crRegisterCardHandler () function in the illustrated embodiment) provides the following entry points:
[0199]
・ Open
・ Closed
・ Acquisition of status
Boolean operation is true if the driver can notify the registered entity of a change in state, and false if the roaming control center module must use timer-based (or the like) polling for state confirmation. To be
The embodiment's crRegisterCardHandler () function provides an interface description string or token that can be used to pre-associate the roaming control center module with the correct roaming driver. Also, a default roaming driver may be installed on the interface that uses the OS / O generic mechanism for changing signaling / querying media connectivity and network attachment points.
[0200]
In this embodiment, when the state of the interface is enabled (ie, when access to the network is enabled) (block 2020), the roaming control center performs an interface assisted roaming (IAR) based on the following steps. (However, the following steps may be replaced or omitted depending on the OS design and / or the hosting device used for a particular application).
[0201]
1. If a generic handler is installed, a call is made to the generic crOpenInstance () handler. The generic handler queries the low-level adapter driver to determine whether the driver comprehensively supports signals regarding the state of media connectivity and changes in network attachment points (block 2030). If the interface driver cannot comprehensively support the function ("No" at decision block 2030), an error condition is returned to the call executor, suggesting that another mechanism be used to obtain signal information. You.
[0202]
2. If the generic handler returns an error ("No" at decision block 2030), a search for active interfaces is performed on the currently registered roaming driver (block 2040). If the interface matches one of the tokens registered during the crRegisterCardHandler () phase (block 2050), the roaming control center calls a specific crOpenInstance () on the instance of the adapter. This function attempts to open the low-level driver, poll the state (media connectivity, network connection point ID) again, and set a periodic polling timer (if possible). If the low-level driver does not support the request for any reason, an error is returned to the roaming control center, suggesting that another mechanism be used to obtain signal information.
[0203]
3. If any of the preceding steps fail to achieve the required function, an error is returned to the roaming control center and the beaconing listener, mobile IP of FIGS. 17 and 17A, without using the IAR function. Alternatively, it is suggested to fall back to another roaming algorithm, such as a currently connected network that is handling roaming (if no at decision block 2050, block 2060). Otherwise, interface assisted roaming is enabled (block 2060) and the roaming control center follows the algorithm below.
[0204]
First, the listener assisted by the interface records the current state of media connectivity and the identity of the network connection point in a local data store (block 2060). Assuming that the interface assisted subsystem has successfully provided roaming feedback, the subsystem waits for a status event (block 2100). The event has, for example, the following:
[0205]
・ Callback from low-level roaming driver,
A polled interval (blocks 2070, 2090), or
• Implications from network-level activities (ie transmission / reception issues)
If the state of the interface indicates that the media connectivity has changed or the network connection point has changed ("Yes" in decision block 2110 or 2120 of FIG. 19B), all clients of the roaming control center will be notified. The state change is notified based on the following rules.
[0206]
1. If the state indicates that the connection has changed from connecting to the underlying network medium to disconnecting ("yes" at block 2120) and there are no other paths to the peer, the listener concludes that the mobile terminal system has lost connection. In turn, the roaming control center suggests to the client the ROAM_SIGNAL_OUT_OF_CONTACT state (block 2140).
[0207]
2. If the above condition indicates that the interface has been reconnected to the medium and the network attachment point has not changed ("no" at block 2120, then "no" at block 2150), and ROAM_SIGNAL_OUT_OF_CONTACT has already been implied. , Suggesting that the mobile terminal system has lost contact with a particular network attachment point but has since regained contact. In this case, the roaming control center reconfirms all network addresses registered or obtained for proper access (block 2170) and issues a ROAM_SIGNAL_ROAM_SAME_SUBNET (block 2180) to reconnect to the roaming control center client. Has been warned to take all necessary steps to re-establish communication at the transport level. For example, if some data is lost during a service interruption, the client may take action to recover the data.
[0208]
3. If the status indicates that the interface is attached to the media but the network connection point has changed ("yes" at block 2150), the roaming control center has entered the roaming state with the client. Suggest that. To more efficiently support handoffs between network attachment points, the roaming control center of the present example uses a learning algorithm in parallel with the local data store. The data store is usually dynamically populated (learned), but static information (already learned information) may be prepared in the data store to improve performance. The data store itself maintains a list of network connection point identifiers along with information such as addresses and network masks for accessing networks and media. This "network topology map" assists the roaming control center in determining the correct signal generation for the client.
[0209]
The determination of the correct signal is made in this embodiment as follows.
[0210]
a) Searching the data store's network topology map to determine if the interface has visited a particular network attachment point (block 2190). If a match is found (“yes” at block 2200), it is further checked whether the network connection point is on the same network segment that the interface was previously attached to. If the network segments are the same, the roaming control center generates ROAM_SIGNAL_ROAM_SAME_SUBNET. This allows the roaming control center client to perform a handoff as much as possible to immediately re-establish communication at the transport level, as some data may have been lost during the handoff. It is suggested that measures must be taken.
[0211]
b) If a correspondence was found during the search, but the new network attachment point is not on the same network segment as before, the listener concludes that the mobile terminal system has roamed to another subnetwork. In this case, the roaming control center
Obtain an address available on the new network segment (block 2220). This action may involve registering the current address as valid for the new segment, (re-) acquiring the address from the local server, or a heuristic method of determining whether a previously assigned address is still valid. May be used. In the last case, the roaming control center ensures that the interface is roaming between given network attachment points and cannot be immediately discarded or deregistered for performance reasons. It is determined whether there is. In this example, obtaining an address on the network (eg, via DHCP) is different from registering an address on the local network (through a mobile IP foreign agent). The roaming entity either (re) acquires the address (eg, establishes / updates a lease from a DHCP server) or registers the current address with a foreign agent (Mobile IP).
[0212]
Generate a ROAM_SIGNAL_Roaming signal for the roaming control center client, indicating roaming to another subnet (block 2230).
[0213]
c) If the search does not find a match ("No" at block 2200), then create a new record populated with the network attachment point identifier, media access address, network mask, and other auxiliary information ( Block 2210). Next, the roaming control center executes blocks 2220 and 2230 to obtain and register a network address and generate a "roaming" signal.
[0214]
The roaming technique assisted by the above interface allows access to the underlying interface information and allows automatic and efficient selection of another valid network path (user and / or Additional policy parameters (defined by the system) can be adopted. If more than one network is available at the same time, the subsystem can choose the least burdensome path (the choice between a wide area network and a local area network). This can be determined by various metrics such as bandwidth, cost (per byte), and / or quality of service. This "least burden routing" technique can provide benefits in terms of network connection quality, efficiency, reduced frame loss, and the like. For example, due to other available heuristics (medium connectivity, signal strength, retransmission rate, etc.), a "make before break" handoff structure can be provided, thus continuing from / to the roaming node. Packet loss can be minimized. See the description of policy management below.
[0215]
FIG. 20 illustrates the data structure of a node in the interface assisted roaming topology. Although this data structure in FIG. 20 is implemented as a linked list, it may be expressed as an array in which the preceding and following fields are omitted. In a wireless network infrastructure, "NPOA" may be, for example, the MAC address of an access point or a base station to which a mobile node is associated. In other networks, "NPOA" may be a unique identifier for an intervening network interconnect (gateway, IWF, etc.). Static information may be given to the data structure in advance, or information may be dynamically learned. Also, each node may be combined with other information (eg, MTU size, waiting time, cost, availability, etc.).
[0216]
(Other embodiments that deal with specific race conditions)
Further experiments have revealed that some network adapters may falsely signal that they are (re) connected to the media before being fully registered to the network segment. . For example, during roaming, the storage area holding the network identifier has not yet been updated, and it is possible that the system will mistakenly think that these network adapters have roamed back to the same subnet. Eventually, when the device has finished registering, the storage area is updated with the new network identifier and another roaming signal is generated. If both signals are gated together and signaled only once when the interface has finished registering with the network, we proceed in this scenario. However, at the time of polling, it is difficult to determine when the network ID becomes valid if a signal indicating "connected to the network" was previously generated.
[0219]
Basically, roaming nodes can communicate with the network at the medium access level, so they are effectively connected to the medium, but since the registration process has not been completed, virtually any application data can be sent over the link. Can not yet. Therefore, it is desirable to compensate for this condition. One way to make such compensation is to determine the peer connection by sending a link confirmation frame, commonly known as an echo request / response packet. These echoes and ping frames are generated by one peer (most likely a roaming node) to determine if a bidirectional peer-to-peer connection is achievable. If the requesting peer receives a response frame for the request, duplex communication is realized and terminated. At this point, the NPOA information is considered valid until the next disconnected state. Also, other information, such as the receipt of a frame from a peer on the interface, allows the roaming node to complete the registration process and assume that two-way communication is achievable.
[0218]
Another race condition between the network interface and the underlying protocol stack situation can cause problems. The device can move to a new network segment and ensure accurate signaling from the following interfaces, but the transport stack itself makes the necessary adjustments to the routing tables of the flowing application data: May not be done. To compensate for this condition, an additional signal, ROAM_SIGNAL_ROUTE_CHANGE, is generated for each change in the underlying transport's routing table. When this signal is signaled, the roaming subsystem client takes whatever action is necessary to determine if a connection with the peer system is achievable. This requires roaming clients to enumerate through the underlying transport's routing table in order to determine if the routing modification has affected the communication path to the peer. Also, other more intrusive algorithms, such as those described above, may be performed to confirm that a bidirectional communication path exists between peers.
[0219]
(Example of roaming through a disconnected network)
Another aspect of the non-limiting preferred embodiment of the present invention is an algorithm and configuration for accessing a MMS (Mobility Management Server) in a so-called "disjoint networking" mode. With the new algorithm, an alternative network address can be dynamically / used to establish / persistently communicate with the MMS even in a disconnected network topology where one network does not know the network address in another network. You will be able to find them statically.
[0220]
In general, the algorithm allows a list of alternate addresses available to the MMS to send to the MES (Mobile Terminal System) during communication. In this way, the MMS sends the MES one or more MMS network addresses or other MMS identities corresponding to other networks by communication over a single network. As an example, the list can be sent at the time of circuit construction. The list can be changed in the middle. In this case, the list can be updated at any time while the connection is being established.
[0221]
As the MES moves to another network, the MES uses the MMS's "alias" address / identity list to contact the MMS from the point of attachment of the new network. This allows the MES to re-establish contact with the MMS through a new network connection, even if the old and new networks do not share addresses or other information.
[0222]
FIG. 21 shows a simplified flowchart of this new technique. It is assumed that MMS 102 is connected to two different disconnected networks, namely network segments N1 and N2. The MES 104 is initially connected to the MMS 102 via the network N1. As soon as a connection is established between the MES 104 and the MMS 102 via the network N1, the MMS 102 informs the MES 104 of a list of network addresses for which the MMS is sought from one or more other networks (eg, network N2). L or other identifier can be sent. The MES 104 receives and stores the list L. Thereafter, when the MES 104 moves to another network (N2), the MES 104 accesses this stored list L and uses it to effectively re-establish communication with the MMS 102 over the new network (N2). It becomes possible.
[0223]
This new algorithm has at least some uses in addition to more efficiently obtaining alternative network addresses or other identifiers for communicating with the MMS 102 over a disconnected network. One example of its use is network operation. For example, using the algorithm shown in FIG. 21, a secure firewall / gateway from many networks (some or all wireless networks) and a secure network where the MMS 102 is used as the corporate backbone can be set up and the mobile node 104 can safely travel to all of the separate networks without disconnecting. For example, suppose the MMS 102 is connected as a hub with a single thick pipe to the corporate network and to a number of small spokes connecting many logically separated networks. Because the networks are logically separated, traffic on one network segment cannot reach another network segment except through the MMS 102 (operable as a router in this example).
[0224]
Normally, for nodes traveling from network segment to network segment, the information / routes provided in each network segment (showing how to return to the "main public address or initial address" used to connect to MMS 102) That is, a default route, etc.) needs to be routed.
As soon as the connection is established, its address is used for the life of the connection. When a frame is sent from the MES 104, the IP network (Layer 3) infrastructure at the client and intermediate nodes (routers) looks at the destination address of the frame and sends the packet exactly to the final destination (MMS 102). This is generally performed by what is called IP transmission (IP forwarding) or IP routing. When this feature is turned on, frames (such as broadcasts) of one network segment flow to another network segment. Without IP transmission, a frame sent to one segment is not sent to another segment, so the communication pipe is cut off or a non-connected network is created.
[0225]
The alternative address list shown in FIG. 21 has the effect of sending or distributing some of the routing information to the MES 104. Therefore, each segment is discrete without any information on other segments connected to the MMS 102. Since the MES 104 can be authenticated by the MMS 102, the MMS sends the list L only to the authenticated MES unit 104. As the MES 104 moves to another network segment, the MES 104 can automatically select the correct address and use it to start / continue communicating with the MMS on the way. Thus, the problem of disconnected networks is solved and no changes to the routing infrastructure are required. As a result, it is possible to provide a more secure computer environment by validating access to the network only to valid users.
[0226]
For example, using MMS 102 in this manner in combination with user-level security / encryption allows traffic from and to the corporate backbone to be routed to nodes on that segment using the roaming techniques described above. It is possible to limit only to the frame set as above. The frames can be selectively encrypted, preventing any eavesdropping that could be performed by a spoke network infrastructure enabled device.
[0227]
An example is shown in FIG. In FIG. 22, the MMS 102 is connected to a communication network and four separate networks (Ia, Ib, Ic, Id) that do not share route information. From any point of view, each network I is an island. Assume an MES 104 docked with one of the networks (eg, Ic) using wired communication over a corporate backbone. For example, MES104 is 192.168. x. It is assumed that an address on the x network is obtained and communication with the MMS 102 is performed.
[0228]
For some reason MES is 10.1. x. Suppose we need to cross or move to the x (Ia) network. 10.1. x. x (Ia) network is 192.168. x. Because the x (Ib) network is ignorant (ie, there is no route to the (Ib) network), when the MES 104 moves into that area, the communication pipe is disconnected even if the MMS is connected to the communication pipe. You. 10. The other 10. mobile node 104 is shown. The same happens when connecting to any of the x networks.
[0229]
Using the algorithm shown in FIG. 21, the MMS 102 at the connection start time (or otherwise) shares its interface addresses for the various non-connected networks Ia, Ib, Ic, Id with the MES 104, which the MES records. Once recorded, if the MES 104 detects that it has moved to one of the above networks and has moved to a new network segment, the MES selects the appropriate network address and communicates with the MMS on that network segment. it can. If more than one address is used, MES 104 selects the appropriate address to use based on many metrics, such as speed, cost, availability, hops, and so on. An MES 104 that does not receive a list similar to that of FIG. 21 cannot connect to the MMS through a network other than its “home” network, effectively preventing movement between various networks.
[0230]
Alternatively, the technique of FIG. 21 is used for a distributed network interface. In today's networks, what are known as Network Address Translators (NATs) have been developed. Using this conventional technique, many network devices can access information on the Internet by using only one public network address. This technology enables the above functionality by sending all information and queries directed to the Internet via a single or few devices. The device records the request at the network layer and then reassociates the packet's address and port information with the device's address / port tuple and sends it to its destination. Upon receiving a frame from the Internet, or other such network, the device reverse-looks, replaces its address / port tuple information with that of the initiating device, and sends the frame back. These associations are also statically defined in the NAT.
[0231]
Suppose that someone uses the MMS 102 inside a LAN / WLAN to put it at the NAT. Currently, unless the MMS 102 is a NAT, or by communicating entirely with the MMS using a different proxy, when someone moves out of the bounds of the intranet, the address to communicate with the MMS is no longer accessible, Is not accessible. Using the algorithm of FIG. 21, another interface address that is not directly connected to the MMS can be defined statically / dynamically. Thus, using the above algorithm, the MES 104 can automatically select an appropriate unconnected address and use that address when connecting to a network outside of the intranet.
[0232]
The outline is shown in FIG. Suppose a node passes from interface "d" to interface "g". Access is not possible simply by providing a local interface to the MMS 102. The MES 104 needs to know the priority of the distributed interface. MES 104 then selects the required address to use on interface "g". Thereafter, NAT 2000 appropriately translates the network address / port information for each packet into an internal interface "c" address. The reverse process is performed on the frame sent from the MMS 102 to the MES 104.
[0233]
(Examples of policy management and location-based services)
Another non-limiting embodiment of the present invention provides a unique approach to providing additional security, cost savings and services based on many metrics. Since the above MMS is deeply involved in each application session that the MES establishes, both sides (ie, MMS and / or MES) apply policy-based rules between the MES and its final peer. Communication can be adapted and controlled. In addition, the MMS and / or MES may adjust or modify application requirements based on device locale, or proximity, and network connectivity. For example, the MMS and / or MES may include a learned and statically defined and applied rules engine, or other rules based on each application session to establish, or policy on attempted requests. The MMS may further allocate some, none, or some, and / or processing of such rules to the MES to provide metering or security against eavesdropping on mobile devices. I will provide a. Unlike certain other policy management techniques available in a distributed topology, MMS is central to managing rules and policy decisions and distributing them to remote devices at any time during communication.
[0234]
The rules themselves can be configured based on users, user groups, devices, device groups, process application identities, and / or network connection points. Once defined (learned), the rules are combined to manage and control a variety of different events, activities, and / or services, including, for example, the following:
[0235]
Deny, allow, or adjust intrusion access to remote devices
Deny, allow, or adjust access to specific network resources based on identity
Denying, granting, or adjusting access to available or permitted bandwidth
Denying, granting, or adjusting access to other network resources
・ Modification, adjustment, or change of content or information
Such a determination may be made based on various different factors, including, for example, the following:
[0236]
The proximity, location, altitude, and / or other characteristics of the mobile device
・ Date
・ Application or process identity, address, etc.
Application operation (eg, bandwidth conditions)
・ Current network status
.Other static or dynamic elements
Further, by utilizing a distributed architecture, the MMS can apply or share the same set of decisions. The policy management process and / or decision making performed by the MMS may be performed, for example, when the mobile device has limited processing power to run the engine, bandwidth limitations apply, or for security purposes. Desirable.
[0237]
FIG. 24 shows an example of a table showing some of the metrics (rules) that may be used for controlling the sample MES. This table may occupy either static or dynamic content and may be updated before, during, or after communication, as the case may be. For example, a user may use a rule editor (eg, a wizard) or other mechanism to define table entries. In other implementations, the metrics are automatically defined by a learning-based system or dynamically changed based on a change in state. Each rule is also assigned a priority, which is implied or explicitly specified at the table location. This priority allows the engine to accurately determine the expected operation. Additional user interface features allow system administrators and device users to query the rules engine to try a given set of rules.
[0238]
FIG. 24 shows a table example showing a number of metrics examples including the following metrics, which are the basis of the policy management decision.
[0239]
-MES communication function (transmission only, reception only, transmission and reception)
Whether the MES request is proxied
・ MES source port
・ MES source address
・ MES destination port
-MES destination address
・ MES protocol
・ Available bandwidth
• process name, identity or other characteristics
Network name, identity or other characteristics
Location (eg, GPS coordinates or other location information)
・ Network connection points
The identity, identity or other characteristics of the user
・ Other metrics
The above example table is not a complete list, and the present invention is not limited to the range of metric items in the above example table. The item can be specific, as in this example, or a generic mechanism (eg, wildcard) to indicate the desired behavior of the mobile node with respect to network access and entitlement.
[0240]
The table example of FIG. 24 further includes a “denial request” item indicating the result of the policy management decision based on the metrics. As an example, the specific item example shown in the table of FIG. 24 shows that if the available bandwidth is reduced to 100,000 bytes or less per second, the connection with destination ports 20, 21 is denied and decelerated. To indicate that Further, in the particular example shown, rules (columns) 3, 4 allow only network traffic to flow to or from the MMS (all other network traffic not proxied is implicitly discarded) ).
[0241]
In one example, before each RPC request or frame is processed, a rules engine is required to determine the status of the operation. Based on the outcome of this process, the request is granted, denied, or delayed. FIG. 25 shows a flowchart example of a process performed by the MMS and / or the MES to make a policy management decision.
[0242]
By combining the roaming techniques outlined above with other available location or navigation information, the MMS detects when the mobile terminal system has moved from one connection point to another. By combining this information in conjunction with the capabilities of the mobile terminal system to detect changes in the environment of the network topology, depending on the locale, the present invention can provide additional levels of location-based interception and service. it can.
[0243]
In order to fully realize the potential of this information, we outline the improvements in both the Internet Mobility Protocol and the PRC engine. New RPC protocol and configuration improvements have been added to enable this feature. These are listed below.
[0244]
(Example of Location Change RPC)
When the mobile terminal system determines that it has moved to a new point of attachment using another method, such as detecting a change from an interface assisted roaming or global positioning system, the mobile terminal system performs a formatted "location change". Send a "Location Change RPC Request" message to the peer, in this case the mobility management server. The "change location RPC" formats one or more connection point identities in the form of type, length, value. The type indicates the type of the identification information, and the corresponding type includes, but is not limited to, a 48-bit IEEE MAC address of ASCII, an IPV4 address, an IPV6 address, a longitude, a latitude, an altitude, and a connection mechanism name. The length indicates the byte length of the identification data, which contains the actual connection point identifier. Upon receiving the “location change RPC request”, the mobility management server generates a “location change alert” including the connection point identifier and other relevant information such as the identifier of the mobility terminal system, the user name, and the PID. I do. This alert is formatted with the same type, length and data format used in the "change location RPC request". The alert subsystem then sends this information along with the location change alert to all applications registered for the alert. Applications registered for alerts may include monitoring current activity, long-term activity logs, policy management engines, monitoring applications such as third party applications, and network management tools. A single such third party application combines this location information with a web-based map to provide detailed information about the location of the mobile terminal system or MMS. In addition to such applications, other actions can be associated with location change alerts. This includes sending an e-mail, printing a message, launching a program, and / or changing policies.
[0245]
The location change RPC includes in its header a field indicating whether it was triggered by a location change, a distance change, or a speed change.
[0246]
In one example, the MES may not know that it has moved. Depending on the medium and network adapter to which the MES connects, the MMS may be the only entity that signals that the MES has reached a new point of attachment. Consider the case of a mobile router. The address after the router remains the same, only the router address changes. In this case, the MMS recognizes that the address of the MES is newly managed. Therefore, in order to complete the detection of the operation, it is necessary to detect the operation of the combination of both MES and MMS for detecting the action. In the present embodiment, when the source address is changed and a new IMP message is received, the MMS detects the behavior of the client at the IMP layer. When this is done, the MMS generates a location change alert locally. The MMS also sends a message to the MES that the connection point has changed.
[0247]
(Example of topology RPC)
The “Topology RPC Request” is sent from the mobility management server to the mobile terminal system. Upon receipt of this RPC, the mobile terminal system reads the topology information stored in its local data storage device and creates a Topology RPC Response. The topology RPC response is composed of data of the type of connection before and after, a total length field followed by length information, a connection point identifier followed by type and length information, and data indicating values of subnet and network information. Formatted. This information may be used on the server to create a complete topological map of the mobile network provided by the server.
[0248]
(Example of location information UI)
The user interface on the server provides a method for associating and displaying location information. This location information is available to each active mobile terminal system, and the long-term operation log keeps a history of location changes for all active mobile terminal systems and previously active mobile terminal systems. The user interface allows the system administrator to configure the connection point information into a human readable format. For example, given connection point information in the form of a 48-bit IEEE MAC address, this MAC address is displayed along with information provided via a user interface on the server. When the connection point indicates the access point of the “HallMark Cards” shop, the setting is made so as to present the following information “Hallmark, address, city, state, zip code”. Displaying this information to the user provides "hole mark, address, city, state, postal code" information.
[0249]
(Example of location RPC timer)
A configurable timer is provided in the mobile terminal system to limit the rate at which the location change RPC is transmitted from the mobile terminal system to the mobility management server. If the timer interval is greater than the rate at which the connection point change occurs, the mobile terminal system waits until the timer interval expires before generating another location change RPC.
[0250]
(Example of distance change notification)
Distance metrics are provided to trigger the generation of a location change RPC. This setting configures the system to send updates as the user moves three-dimensionally from the previous point in n feet, n kilometers, or any other suitable unit of measure. This setting is disabled by default. By enabling this setting, a change notification is issued when the distance exceeds the set distance interval.
[0251]
(Example of speed threshold notification)
Speed change metrics are provided to trigger the generation of a location change RPC. This parameter consists of distance per second, such as miles per hour. This parameter specifies the upper and lower limits, as well as the time interval over which the reached speed needs to be sustained (ie, 0 MPH for 10 minutes, or 70 MPH for 1 minute). When this speed is reached, a location change notification is generated.
[0252]
[Application example]
The present invention has applications in various real world situations. An example is shown below.
[0253]
(Portable computer connected intermittently)
Many companies have employees who work from home or work from home. Such employees often work using laptop computers. During work, employees typically connect their laptop computers to a local area network, such as Ethernet, using a docking port or other connector. A LAN connection allows access to network services (eg, printers, network drives) and network applications (eg, database access, electronic data services).
[0254]
An employee working on a project needs to return home in the evening and wants to continue working from home. The employee can "suspend" the operating system and applications running on the laptop computer, clean up the laptop computer, and take the laptop computer home.
[0255]
Upon returning home, the employee "resumes" the operating system and applications running on the laptop computer and reconnects to the office LAN via a dial-up connection and / or via the Internet. The mobility management server (which continued to proxy the laptop computer and its applications to the network while the laptop computer was temporarily interrupted) re-authenticates the laptop computer and resumes communication with the laptop computer.
[0256]
From the perspective of an employee working from home, network drive mapping, printing services, e-mail sessions, database queries, and other network services and applications are all finished with the company. Further, since the mobility management server continued to proxy the laptop computer session, none of the network applications terminated the laptop computer session on the way home from the employee's office. In this manner, the present invention effectively enables a session to be sustained through the same or multiple high-performance and useful network media in the above situation and other situations.
[0257]
(Application to mobile inventory management and warehouse)
Assume a large warehouse or retail chain. In this premises, an employee who performs inventory management manages inventory of goods using a personal laptop computer and a vehicle (that is, a truck or a forklift) equipped with a handheld data collection unit, a terminal device, and the like.
[0258]
Warehouse and retail employees are often inexperienced computer users who do not know the network subnet and need supervision. According to the present invention, a warehouse user can construct a system that can be used immediately without feeling the complexity of the mobile network. Warehouse users can move in and out of range of access points, suspend and resume their mobile terminal systems 104, and change locations without concern for host sessions, network addresses, or transport connections. Can be. Further, the management software of the mobility management server 102 provides metrics such as the number of processes used to measure the production capacity of the employee to management personnel. Management can also use the network subnet and access point to determine the physical location where the employee was last located.
[0259]
(Application to mobile medicine)
A large hospital that performs network communication between several buildings using wireless LAN technology is assumed. Each building is on its own subnet. According to the present invention, it becomes possible for a nurse or a doctor to move from a hospital room to a patient room with a handheld personal computer or terminal and read and write patient information from a hospital database. Immediate access to the latest articles on drug treatments and medical procedures is provided through local databases and the World Wide Web. The present invention allows for continuous connection to the mobile terminal system 104 so that a pager (one-way or two-way) is no longer needed while in the hospital. The message is sent directly to the medical personnel via the mobile terminal system 104. As with warehouse employees, healthcare professionals do not need to know what mobile networks they are using. Further, the mobile terminal system 104 prevents medical personnel from performing wireless transmission in an area where wireless transmission is undesirable (for example, a place where radio wave radiation may interfere with medical equipment). It can be easily restarted from the place where it was made, and re-connected.
[0260]
(Truck transportation and freight transportation)
The shipping company uses the present invention to understand the status of the cargo. While in the warehouse, the mobile terminal system 104 uses LAN technology to update the number of shipments in the warehouse. While away from the local service, the mobile terminal system 104 can maintain cargo status and location in real time using a Wide Area WAN service such as CDPD or ARDIS. The mobile terminal system 104 automatically switches between network infrastructures, so that the transporter does not feel the complexity of the network topology.
Mobile companies
The employees of the company are 802.11. The system according to the present invention is used to access e-mail, web content, and message services while on a corporate premises with such infrastructure. The cost of maintaining pager services and other mobile device services is reduced as they are no longer needed. In contrast to the costly “pay-per-use” model offered by many of the existing mobile device services, mobile infrastructure can be purchased with a single funding.
[0261]
(IP multiplication)
If an organization has a LAN that needs to connect to the Internet, the LAN administrator has two options. The first option is to obtain a global address to be assigned to all computers on the LAN, and the second option is to obtain some global addresses and use them as address multipliers. The use of the mobility management server 102 according to the invention. Obtaining a large number of IP addresses is often expensive or impossible. Small businesses that use the Internet Service Provider (ISP) to access the Internet will only use IP addresses assigned by the ISP. The number of IP addresses limits the number of computers that can connect to the Internet at the same time. Also, the ISP charges for each connection, so the more computers that require an Internet connection, the more expensive this method is.
[0262]
Using the mobility management server 102 according to the present invention as an address multiplier can solve many of these problems. The enterprise can use the mobility management server 102 as hardware for connecting to the Internet via the ISP. Thereby, the mobile terminal system 104 can be easily connected. Since all connections to the Internet are made through the mobility management server 102, only one address needs to be obtained from the ISP. Thus, by using the present invention as an address multiplier, companies need only obtain a small number (often one) of addresses and accounts from the ISP, and have simultaneous access to the Internet over the entire LAN. (Provided that sufficient bandwidth is provided).
[0263]
Although the present invention has been described above with examples that are presently the most practical and preferred embodiments, the present invention is not limited to the disclosed embodiments, and can be variously modified and equivalently configured within the scope of the appended claims. I do.
[Brief description of the drawings]
FIG.
1 is an overall view of a mobile computing network of the present invention.
FIG. 2
2 illustrates a software architecture of a mobile terminal system and a mobility management server.
FIG. 2A
Fig. 4 illustrates steps for performing information transmission between a mobile terminal system and a mobility management server.
FIG. 3
1 illustrates a mobile interceptor architecture.
FIG. 3A
5 is a flowchart illustrating steps performed by a mobile interceptor.
FIG. 3B
5 is a flowchart illustrating steps performed by an RPC engine that handles an RPC work request.
FIG. 4
5 is a flowchart illustrating steps for processing an RPC work request.
FIG. 5
5 is a flowchart illustrating steps for processing an RPC work request.
FIG. 5A
5 is a flowchart illustrating steps for processing an RPC work request.
FIG. 5B
5 is a flowchart illustrating steps for processing an RPC work request.
FIG. 5C
5 is a flowchart illustrating steps for processing an RPC work request.
FIG. 6
7 illustrates a received work request.
FIG. 7
It shows how received work requests are dispatched to different priority queues.
FIG. 8
The processing of contents in the queues having different priorities is shown.
FIG. 9
The processing of contents in the queues having different priorities is shown.
FIG. 10A
2 illustrates steps performed to provide an Internet Mobility Protocol.
FIG. 10B
2 illustrates steps performed to provide an Internet Mobility Protocol.
FIG. 10C
2 illustrates steps performed to provide an Internet Mobility Protocol.
FIG. 11
2 illustrates steps performed to provide an Internet Mobility Protocol.
FIG.
2 illustrates steps performed to provide an Internet Mobility Protocol.
FIG. 12A
2 illustrates steps performed to provide an Internet Mobility Protocol.
FIG. 12B
2 illustrates steps performed to provide an Internet Mobility Protocol.
FIG. 12C
2 illustrates steps performed to provide an Internet Mobility Protocol.
FIG. 13A
2 illustrates steps performed to provide an Internet Mobility Protocol.
FIG. 13B
2 illustrates steps performed to provide an Internet Mobility Protocol.
FIG. 13C
2 illustrates steps performed to provide an Internet Mobility Protocol.
FIG. 14A
2 illustrates steps performed to provide an Internet Mobility Protocol.
FIG. 14B
2 illustrates steps performed to provide an Internet Mobility Protocol.
FIG. 15A
2 illustrates steps performed to provide an Internet Mobility Protocol.
FIG. 15B
2 illustrates steps performed to provide an Internet Mobility Protocol.
FIG.
4 illustrates a data structure of a listener.
FIG.
FIG. 2 illustrates steps for providing mobile interconnect roaming. FIG.
FIG. 17A
FIG. 2 illustrates steps for providing mobile interconnect roaming. FIG.
FIG.
FIG. 2 illustrates steps for providing mobile interconnect roaming. FIG.
FIG. 19A
FIG. 4 forms one flowchart illustrating a roaming process assisted by the interface.
FIG. 19B
FIG. 4 forms one flowchart illustrating a roaming process assisted by the interface.
FIG.
FIG. 5 illustrates a topology node data structure for roaming assisted by an interface.
FIG. 21
1 illustrates a technique for distributing a network address of a mobility management system to a mobile terminal system in a disconnected network topology.
FIG.
FIG. 22 shows an example in which the technique of FIG. 21 is used to realize secure communication.
FIG. 23
23 illustrates an example in which the technique of FIG. 21 is used for network address translation in a distributed network interface scenario.
FIG. 24
9 illustrates a policy management table.
FIG. 25
9 is a flowchart illustrating steps of a policy management process.

Claims (125)

A mobile computing network including at least one mobile computing device connected to a network via a network connection point, wherein a policy management method applies policy management rules based on various metrics including a location of the mobile computing device. A mobile computing network characterized by: The network according to claim 1, wherein the processing regarding the attribute of the rule is distributed and applied to either or both of the mobile computer device and the mobility management server. 3. A network as claimed in claim 1 or 2, wherein the priority of the rules is implied by their position in such a table entry or the order to ensure expected behavior is explicitly stated. . 4. The network according to claim 1, wherein data storage of the attribute of the rule is locally or centrally managed through a central management service. The network of any of the preceding claims, wherein the behavior of a particular application is modified based on a number of metrics including service costs, network connection points, trust relationships, and the like. The network according to any one of claims 1 to 5, wherein as a result of the operation modification, a request is permitted, denied, or delayed based on an attribute of the rule. 7. The network according to claim 1, wherein a rule or a series of rules is invoked to modify the application process even if the application has already been started. The network according to any of the preceding claims, wherein the current location information (location) is also used for managing application operation or for providing relevant information of the mobile computing device. . The network according to any one of claims 1 to 8, wherein an operation speed associated with the distance measurement is used to change an operation of an application or a communication path. The network according to any one of claims 1 to 9, wherein topology information is extracted and displayed as a result of the location information. In a mobile computing network including at least one mobile computer device connected to a network via a network connection point, the mobile computer device has moved to a different network segment based at least in part on an identifier of the network connection point. A mobile computing network comprising an interface-assisted roaming listener for detecting whether the mobile computing network is a mobile computing network. The network of claim 11, wherein the mobile computing device includes a network interface adapter, and the interface assisted roaming listener obtains an identifier of the network connection point from the network interface adapter. The network of claim 11, wherein the interface assisted roaming listener maintains a network topology map that stores information correlating an identifier of the network connection point with detailed information about a network connection. The network of claim 11, wherein the interface assisted roaming listener detects when communication with the network is interrupted or re-established. The interface assisted roaming listener generates a roaming signal in response to (a) interruption and re-establishment of network communication and (b) detection of a change in an identifier of the network connection point. Network. An interface-based listener for use in a mobile computing device, wherein the interface-based listener integrates information from at least one network interface adapter with information available from at least one network stack, and An interface-based listener for determining whether a computing device has moved to a new network connection point. The interface-based listener of claim 16, including a network topology map providing network connection information including network connection point information. The listener according to claim 17, wherein the listener dynamically configures the network topology map based on learning information. 17. The interface-based listener of claim 16, including a status checker for checking status based on an event occurrence. The interface-based listener of claim 16, wherein the event comprises one of a timer timeout, a low-level roaming driver callback, and a network-level activity hint. The interface-based listener of claim 16, further comprising a connection information searcher that queries the interface if the mobile computing device has already visited the current network connection point. The interface-based listener of claim 16, including a connection configuration for registering or reacquiring a current address that becomes valid in a new network segment. 17. A roaming signal generator for generating a roaming signal upon detecting that the mobile computing device has moved to a different network segment based at least in part on information provided from an interface. The described interface-based listener. The interface-based listener of claim 23, further comprising a heuristic analyzer that determines whether the pre-assigned address is still valid. A method for determining whether a mobile node has moved to a new network attachment point,
(A) receiving identification information of a network connection point from a network interface;
(B) using the identity of the network attachment point to determine whether the mobile node has moved to a new network attachment point;
(C) generating a signal in response to step (b). 26. The method of claim 25, wherein
Maintaining the network topology map, and using the network topology map to perform step (c). 26. The method of claim 25, wherein
The method of claim 1, wherein step (c) comprises generating a roaming signal. 26. The method of claim 25, wherein
The method of claim 2, wherein step (b) comprises obtaining identification information of the network connection point from a network adapter. 26. The method of claim 25, wherein
A method, further comprising the step of falling back to a selective roaming detection mechanism if a network interface supporting general signaling is unavailable. 26. The method of claim 25, wherein
The method further comprising selecting from alternative network connection paths in response to at least a portion of the network connection point information. A method for facilitating communication with a mobile system over a disconnected network,
Establishing communication between a node and the mobile system via a first network;
Transmitting data identifying the node on at least a second network not connected to the first network to the mobile system via the first network;
Using the data to establish communication between the mobile system and the node over the second network. 32. The method of claim 31, wherein
Authenticating the mobile system to grant permission to communicate with the node via the second network before transmitting the data to the node via the first network. 32. The method of claim 31, wherein the method comprises: 22. The method of claim 21, wherein
The method of transmitting, wherein the transmitting comprises transmitting distributed interface data to the mobile system via the first network. The network of claim 12, wherein a network interface adapter of the mobile computing device is physically connected to the network. The network of claim 12, wherein the mobile computing device communicates wirelessly with a network connection point. A method for maintaining communication between a mobile computer system and a network node as the mobile computer system moves between a plurality of separate networks, the method comprising:
Establishing communication between the mobile system and the node via the first network segment;
Sending information to the mobile computer system via the first network segment for use in re-establishing communication with the node via a plurality of further network segments, each separate from the first network segment; ,
Using said information to re-establish communication between a mobile computer system and a node via any of said separate plurality of additional network segments. 37. The method of claim 36, wherein
The method wherein the information comprises interface data to be distributed. In a method for providing least cost routing in a network having multiple distinct segments,
(A) establishing communication between the network and the temporarily connected mobile computing device;
(B) using a roaming mechanism that allows a temporarily connected mobile computing device to move between the plurality of distinct segments;
(C) at least one such that in response to roaming of mobile computing, a selective and effective network path for re-establishing communication between the network and the mobile computing device can be efficiently and automatically selected. Causing two policy parameters to execute. 39. The method of claim 38, wherein
The method of claim 1, wherein the policy parameters include an element selected from the group consisting of bandwidth, cost per data unit, and quality of service. In a mobile computing network including at least one peer computer system and at least one mobile computing device connected to the network via a physical link,
A server connected to the network, the server providing a continuous virtual data stream connection between the mobile computing device and a peer computer system while the physical link to the mobile computing device is temporarily interrupted A mobile computing network, which proxies communication between mobile computing devices and peer computing systems to maintain communication. The mobile computing device has a location address on the network, the peer computer system communicates with the server using a virtual address, and the server associates the virtual address with the location address. 41. The network of claim 40. 42. The network of claim 41, wherein the server detects when the mobile computing device has changed its location address and reassociates the virtual address with the changed location address. The server queues and responds to requests from the peer computing system on behalf of the mobile computing device when the mobile computing device is temporarily out of range or roaming. 41. The network of claim 40, wherein: 41. The network of claim 40, wherein the server communicates with the mobile computing device using a conventional transport protocol. The network of claim 44, wherein the server communicates with the mobile computing device using a remote procedure call. The network of claim 44, wherein the server communicates with the mobile computing device using an Internet Mobility Protocol. 47. The network of claim 46, wherein the Internet Mobility Protocol performs automatic datagram removal based on a user-configurable timeout. 47. The network of claim 46, wherein the Internet Mobility Protocol performs automatic datagram removal based on user-configurable retries. The network of claim 40, wherein the server performs per-user policy management of network resource consumption by the mobile computing device. 41. The network of claim 40, wherein the server assigns user configurable session priorities to the sessions of the mobile computing device. The mobile network includes a plurality of sub-networks, wherein the mobile computing device enables the mobile computing device to roam from one of the plurality of sub-networks to another of the plurality of sub-networks. 41. The network of claim 40, wherein a dynamic host configuration protocol is used with other procedures. The network of claim 40, wherein the server comprises a mobility management server. The network of claim 40, further comprising at least one mobile interconnect connecting the mobile computing device and the server. A method for maintaining a persistent connection with at least one mobile computing device in a mobile computing environment, comprising:
Managing at least one session between the mobile computing device and at least one additional computing device;
Maintaining the session when the mobile computing device goes out of range, suspends, or changes the network address. The method according to claim 54, wherein
Assigning at least one user-configurable session priority for the session. The method according to claim 54, wherein
The method of claim 1, wherein the managing step includes managing network resource consumption by the mobile computing device. The method according to claim 54, wherein
The method, wherein the mobile computing environment includes a plurality of sub-networks, and wherein the maintaining comprises maintaining a session as the mobile computing device moves between the sub-networks using a dynamic host configuration protocol. The method according to claim 54, wherein
The managing step includes exchanging datagrams with the mobile computing device and automatically removing unreliable datagrams among the datagrams based on at least one user-configurable parameter. . 59. The method of claim 58, wherein
The method wherein the user-configurable parameter comprises a timeout. 59. The method of claim 58, wherein
The method of claim 11, wherein the user-configurable parameter comprises a user-configurable retry number. The method according to claim 54, wherein
The method further comprising assigning a variable location address to the mobile computing device, wherein the managing step comprises associating the location address with a virtual address associated with a session. The method according to claim 54, wherein
The method of claim 1, wherein the managing step comprises communicating with the mobile computing device using a remote procedure call protocol. The method according to claim 54, wherein
The method of claim 1, wherein the maintaining step maintains a connection state of the session when a physical link connecting the mobile computing device to the mobile computing environment is interrupted. The method according to claim 54, wherein
The method of claim 1, wherein the managing step comprises communicating with the mobile computing device using at least one standard transport protocol. The method according to claim 54, wherein
The method wherein the mobile computing device includes a plurality of application sources, and wherein the managing step includes the steps of fusing data from the plurality of application sources into a stream and transmitting the stream. 66. The method of claim 65, wherein
The method further comprising demultiplexing the fused data from the stream and transmitting the demultiplexed data to a plurality of associated destinations. 66. The method of claim 65, wherein
The method of claim 1, wherein the stream includes frames, and wherein the coalescing includes dynamically resizing the frames to fit a maximum transmission unit of a mobile computing environment. 66. The method of claim 65, wherein
The method according to claim 1, wherein the fusion process includes a process of maintaining semantics of unreliable data, and a process of selectively discarding the unreliable data based on the semantics. The method according to claim 54, wherein
The method wherein the managing step comprises a process of providing guaranteed delivery of messages to the mobile computing device and / or providing guaranteed delivery of messages from the mobile computing device. The method according to claim 54, wherein
The method of claim 1, wherein the managing step comprises controlling which network resources the mobile computing device can access. A server for maintaining a persistent connection with at least one mobile computing device in a mobile computing environment including at least one additional computing device,
A session manager that maintains a session when the mobile computing device goes out of service, suspends, or changes a network address, and manages at least one session between the mobile computing device and at least one additional computing device. server. The server of claim 71, wherein the session manager includes a session priority queue that assigns at least one user-configurable session priority for the session. The server of claim 71, wherein the session manager includes means for managing network resource consumption by the mobile computing device. The mobile computing environment includes a plurality of sub-networks, and the session manager maintains a session as the mobile computing device moves between the sub-networks using a dynamic host configuration protocol. 72. The server according to claim 71. The session manager exchanges datagrams with the mobile computing device and automatically removes unreliable datagrams among the datagrams based on at least one user-configurable parameter. 72. The server according to claim 71. The server of claim 75, wherein the user configurable parameters include a timeout. The server of claim 75, wherein the user configurable parameter comprises a user configurable retry number. 72. The server of claim 71, wherein the mobile computing environment assigns a variable location address to the mobile computing device, and the session manager associates the location address with a virtual address associated with a session. . The server of claim 71, wherein the session manager communicates with the mobile computing device using a remote procedure call protocol. The mobile computing environment includes at least one physical link connecting the mobile computing device to the mobile computing environment, and the session manager maintains a connection state for the session upon interruption of the physical link. 73. The server according to claim 71, wherein the server comprises: The server of claim 71, wherein the session manager communicates with the mobile computing device using at least one standard transport protocol. The server of claim 71, wherein the mobile computing device includes a plurality of application sources, and wherein the session manager fuses data associated with the plurality of application sources into a stream and sends the stream. . The mobile computing device includes a plurality of application sources, and the session manager demultiplexes the merged data from the plurality of application sources to transfer the demultiplexed data to a plurality of associated destinations. 72. The server according to claim 71, wherein the server transmits. The method of claim 11, wherein the session manager communicates with the mobile computing device using frames and dynamically resizes the frames to conform to a maximum transmission unit of a mobile computing environment. 71. The server according to 71. The server of claim 71, wherein the session manager maintains semantics of unreliable data and selectively discards the unreliable data based on the semantics. 72. The server of claim 71, wherein the session manager performs guaranteed delivery of messages to the mobile computing device and / or guaranteed delivery of messages from the mobile computing device. The server of claim 71, wherein the session manager controls network resources accessible to the mobile computing device. In a mobile computing environment that includes a proxy server, a mobile computing device that maintains a persistent virtual connection with at least one additional computing device when the mobile computing device goes out of range, suspends, or changes its network address. So,
A transport driver interface,
A mobile interceptor connected to the transport driver interface,
The mobile interceptor intercepts a network service request at the transport driver interface, generates a remote procedure call in response to the network service request, and sends the remote procedure call to the proxy server. A mobile computer device, comprising: 89. The mobile computing device of claim 88, wherein the mobile interceptor includes a session priority queue that assigns at least one user-configurable session priority. The mobile computing device of claim 88, wherein the mobile interceptor includes means for managing network resource consumption by the mobile computing device. The mobile computing environment includes a plurality of sub-networks, the mobile computing device further comprising means for using a dynamic host configuration protocol to obtain a location address as the mobile computing device moves between the sub-networks. 89. The mobile computing device of claim 88, comprising: The mobile interceptor exchanges datagrams with the proxy server and automatically removes unreliable datagrams among the datagrams based on at least one user-configurable parameter. 90. The mobile computing device of claim 88. The mobile computing device of claim 92, wherein the user configurable parameter comprises a timeout. The mobile computing device of claim 92, wherein the user-configurable parameter comprises a user-configurable retry number. 90. The mobile computing device of claim 88, wherein the mobile computing device has an associated variable location address that associates the mobility management server with a virtual address. The mobile computing device of claim 88, wherein the mobile interceptor communicates with the mobility management server using a remote procedure call protocol. The mobile computing environment includes at least one physical link connecting the mobile computing device to the mobile computing environment, and the mobile interceptor includes at least one session from the mobility management server after an interruption on the physical link. 89. The mobile computing device of claim 88, receiving updated connection state information. 89. The mobile computing device includes a standard transport protocol handler, and the mobile interceptor communicates with the mobility management server via the standard transport protocol handler. A mobile computing device as described. The mobile computing device includes a plurality of application sources, wherein the mobile interceptor fuses data associated with the plurality of application sources into a stream and sends the stream to the mobility management server. 89. The mobile computing device of claim 88. The mobile computing device includes a plurality of application destinations, and the mobile interceptor demultiplexes the merged data from the plurality of application sources and transfers the demultiplexed data to a plurality of application destinations. 89. The mobile computing device of claim 88, wherein transmitting. The mobile interceptor communicates with the proxy server using a frame and dynamically resizes the frame to conform to a maximum transmission unit of a mobile computing environment. 89. The mobile computing device of claim 88. The mobile computing device of claim 88, wherein the mobile interceptor maintains unreliable data semantics and selectively discards the unreliable data based on the semantics. 89. The mobile computing device of claim 88, wherein the mobile interceptor performs guaranteed delivery of messages to the proxy server and / or guaranteed delivery of messages from the proxy server. The mobile computing device of claim 88, wherein the mobile interceptor controls resources of a mobile computing environment accessible to the mobile computing device. A transport driver interface,
A mobile computing environment including at least one mobile computing device including a mobile interceptor connected with the transport driver interface,
The mobile interceptor intercepts a network service request at the transport driver interface, generates a remote procedure call in response to the network service request, and directs the remote procedure call to at least one proxy server. Send to
The proxy server includes at least one work dispatcher that receives and processes the remote procedure call sent by the mobile interceptor, wherein the proxy server establishes a connection between the mobile computing device and the mobile computing environment. A mobile computing environment comprising a proxy queue for proxying a virtual session on behalf of the mobile computing device when disconnected. In a mobile computing network including at least one mobile computer device connected to a network via a network connection point, the mobile computer device has moved to a different network segment based at least in part on an identifier of the network connection point. A mobile computing network, comprising: an interface assisted roaming listener for detecting whether the mobile computing network is a roaming listener. 107. The network of claim 106, wherein said mobile computing device includes a network interface adapter, and wherein said listener obtains an identifier of said network connection point from said network interface adapter. 107. The network of claim 106, wherein the listener maintains a network topology map that stores information correlating an identifier of the network connection point with detailed information about a network connection. 107. The network of claim 106, wherein the listener detects when communication with the network is interrupted or re-established. 110. The interface-assisted roaming listener generates a roaming signal in response to (a) interruption and re-establishment of network communication and (b) detection of a change in an identifier of the network connection point. Network. An interface-based listener for use in the mobile computing device, wherein the interface-based listener integrates information from at least one network interface adapter with information available from at least one network stack, An interface-based listener for determining whether a mobile computing device has moved to a new network connection point. 112. The interface-based listener of claim 111, comprising a network topology map that provides network connection information including network connection point information. The listener of claim 112, wherein the listener dynamically configures the network topology map based on learning information. 112. The interface-based listener of claim 111, including a status checker for checking status based on an event occurrence. 112. The interface-based listener of claim 111, wherein the event comprises one of a timer timeout, a low level roaming driver callback, and a network level activity hint. 112. The interface-based listener of claim 111, comprising a connection information searcher that queries the interface if the mobile computing device has already visited the current network connection point. 112. The interface-based listener of claim 111, comprising a connection configuration that registers or reacquires a current address that becomes valid in the new network segment. 111. A roaming signal generator for generating a roaming signal upon detecting that the mobile computing device has moved to a different network segment based at least in part on information provided from an interface. The described interface-based listener. 119. The interface-based listener of claim 118, further comprising a heuristic analyzer that determines whether a pre-assigned address is still valid. A method for determining whether a mobile node has moved to a new network attachment point,
(A) receiving identification information of a network connection point from a network interface;
(B) using the identity of the network attachment point to determine whether the mobile node has moved to a new network attachment point;
(C) generating a signal in response to step (b). 121. The method of claim 120,
Maintaining the network topology map, and using the network topology map to perform step (c). 121. The method of claim 120,
The method of claim 1, wherein step (c) comprises generating a roaming signal. 121. The method of claim 120,
The method of claim 2, wherein step (b) comprises obtaining identification information of the network connection point from a network adapter. 121. The method of claim 120,
The method, further comprising the step of falling back to a selective roaming detection mechanism if a network interface supporting general signaling is unavailable. 121. The method of claim 120,
Receiving at least a portion of the network connection point information and selecting from an alternative network connection path.

Images