JP2010004344A - Method, device, system, and program for conducting remote accessing - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide a remote access system capable of accessing a home network from remote locations with a simple communication method. <P>SOLUTION: A terminal device comprises: a first UPnP part for conducting communications based on the UPnP specification; and a first message conversion part for converting an UPnP discovery message to a unicast. A gateway comprises: a second UPnP part for conducting the communications based on the UPnP specification; a NAT part alternately converting a private address and a global address; a second message conversion part for converting the unicast discovery message received from the terminal device to the multicast discovery message to transfer it to the private network; and a third message conversion part for rewriting the private address to the global address expressing the device converted by the NAT part. The terminal device communicates with the source device by the global address included in the response message. <P>COPYRIGHT: (C)2010,JPO&INPIT

Description

  The present invention relates to a communication system for remotely accessing a private network such as a home network via the Internet.

  In recent years, the Digital Living Network Alliance (DLNA), a standardization organization for home networks, connects digital home appliances such as digital AV devices and PCs (personal computers) in the home to each other, and digital content such as videos and music Guidelines for use have been established. In the following description, the specification established by DLNA is referred to as “DLNA”. In DLNA, a server that provides content is defined as DMS (Digital Media Server), a client that plays back is defined as DMP (Digital Media Player), and a controller that controls DMS or DMP is defined as DMC (Digital Media Controller). Exchanged data formats and communication procedures are defined. By configuring a home network using a DLNA-compliant device, for example, it is possible to display content stored on a PC (DMS) on a television (DMP) using a cellular phone terminal (DMC). It has become.

  In DLNA, UPnP (Universal Plug and Play) is adopted as a technical specification for automatic recognition and content sharing of devices and content in a home network. UPnP is a specification for detecting and connecting to devices connected to a local network such as a home network. For this reason, UPnP does not assume that a device located outside the local network accesses a device in the home network via the Internet, and has a mechanism that enables such remote access. Absent. However, with the spread of mobile terminals such as mobile phones capable of high-speed access to the Internet, users remotely access devices in the home network not only from home but also from the outside via the Internet. For example, there is a desire to be able to appreciate content stored in a home device using a mobile terminal from outside.

Recently, UPnP remote access technology has been developed to meet the above demand. For example, Patent Document 1 describes an example of such a UPnP remote access system. In UPnP remote access in Patent Literature 1, in order to establish secure communication between a remote device in an external network and a device in a home network, IPSec (IP Security) is established between the remote device and the home gateway of the home network. A tunnel is built. In addition, many functions are provided to the home gateway in order to provide various services owned by devices in the home network to the remote device. Examples of the functions include a maintenance function that maintains a list of information on each device in the home network and information on services owned by each device and updates the information as needed, and a search and notification message from a remote device is sent to the home network. For example, a function for forwarding to a device within the network, and a function for filtering a multicast address of a message transmitted from a remote device.
International Publication No. WO2007 / 110,754

  When accessing a device in the DLNA home network from a remote location using the remote access system described in Patent Document 1, a tunnel is constructed between the remote device and the home gateway, and the home gateway is configured as described above. Many features need to be added.

  However, in order to connect a remote device and a home network through an IPSec tunnel, the device needs to comply with IPSec, such as installing client software of IPSec in advance in the remote device. Also, before constructing the tunnel, it is necessary to perform authentication, exchange of encryption keys, etc. between the remote device and the home gateway, and the processing becomes complicated. Furthermore, when it is desired to simultaneously connect to a home network from a plurality of remote devices, it is necessary to construct a tunnel for each remote access, which increases processing at the home gateway.

  Furthermore, in the remote access system of Patent Document 1, only a remote device and a home gateway are connected by a tunnel. For this reason, it is not possible to directly access a device in the home network from a remote device, and it is necessary to collect and hold information on services provided by the device in the network at the home gateway. Furthermore, each time the information of each device is updated, the corresponding information held by the home gateway must be updated. As a result, the processing performed in the home gateway increases and the load increases. Particularly in a home network to which a large number of devices are connected, there is a problem that not only the processing amount of the home gateway increases but also the necessary storage capacity increases.

  The present invention has been made in view of the above circumstances, and provides a remote access system that enables remote access from a remote location to a home network by a simple communication method without imposing a heavy load on the gateway, and the remote access. An object is to provide a gateway and a terminal device to be realized.

  In order to solve the above-mentioned problems, according to the present invention, a remote access system is provided for accessing a private network having a gateway and at least one device from a terminal device via the Internet. The terminal device in the remote access system of the present invention includes a first network interface unit for connecting to a private network via the Internet, a first UPnP unit for performing communication based on the UPnP standard, and a UPnP discovery message as a destination for a gateway. And a first message conversion unit for converting into a unicast discovery message. The gateway in the remote access system of the present invention includes a second network interface unit for connecting to the Internet, a third network interface unit for connecting to a private network, and a second UPnP unit for performing communication based on the UPnP standard. A NAT unit that mutually converts a private address assigned to the device and a global address for Internet connection based on an address conversion table, and a unicast discovery message received from a terminal device is converted into a multicast discovery message. And a response message to the discovery message from the device via the second message conversion unit for transferring to the private network and the third network interface unit. Upon receiving the, and a third message conversion unit for rewriting the local address of the device included in the response message is converted by the address conversion table included in the NAT unit, the global address indicating the device. The terminal device according to the present invention is characterized in that communication is performed with a device that is a transmission source of a response message based on a global address included in the response message.

  According to the remote access system configured as described above, the address of a device managed as a private address in the private network is converted into a global address based on the NAT address conversion table and transmitted to the terminal device. As a result, communication from a terminal device managed by a global address to a device in the private network becomes possible. In addition, since the response message is rewritten by using the information of the address conversion table in the NAT function installed in a general gateway, it is slightly less than the standard UPnP function unit installed in the terminal device and the gateway. The communication between the terminal device and the device is possible only by performing expansion. Further, the remote access system of the present invention does not require complicated communication procedures such as tunneling in the terminal device or gateway, and only relatively light processing such as unicast / multicast change and address rewriting using NAT. Is done. Therefore, a system can be constructed using a terminal device having a relatively low processing capability such as a mobile phone. In addition, since communication from the terminal device to the device becomes possible as described above, the processing load of the gateway is relatively reduced, and even when remote access is simultaneously received from several terminal devices, the processing capacity of the gateway There is no shortage.

  In the remote access system having the above configuration, the third message conversion unit may be configured to convert a URL indicating the location of the UPnP description of the device included in the response message into a global address.

  With this configuration, in the gateway, the description URL described in the private address included in the UPnP discovery response message or the like is converted into a global address and then transferred to the terminal device. Therefore, the terminal device using the global address is used. Thus, description information held by a device in a private network such as a home network can be acquired.

  The private network may be a network constructed according to the DLNA guidelines.

  The present invention also provides a gateway for connecting a terminal device on the Internet and a private network. The gateway of the present invention includes a first network interface unit for connecting to the Internet, a third network interface unit for connecting to the private network, a private address assigned to the device, and a global address for connecting to the Internet. A NAT unit for mutual conversion based on the address conversion table, a second message conversion unit for converting a unicast discovery message received from the terminal device into a multicast discovery message and transferring it to the private network, and a device to the discovery message When the response message is received, the private address of the device included in the response message is changed based on the address conversion table used in NAT. And a third message conversion unit for rewriting the global address indicating a.

  In addition, according to the present invention, there is provided a terminal device that accesses a private network having a gateway and at least one device via the Internet. A terminal device according to the present invention includes a network interface unit for connecting to a private network via the Internet, a first UPnP unit that performs communication based on the UPnP standard, and a unicast discovery message whose destination is a UPnP discovery message. A first message conversion unit for converting to a first message conversion unit. Further, the terminal device is characterized in that it communicates with the device that is the transmission source of the response message by using the global address included in the response message from the device.

  The present invention also provides a method for remote access from a terminal device to a private network having a gateway and at least one device via the Internet. The remote access method of the present invention includes a step of generating a UPnP discovery message executed in a terminal device, and a first message for converting the UPnP discovery message into a unicast discovery message destined for the gateway and transferring it to the gateway. A conversion step, a second message conversion step executed in the gateway, converting a unicast discovery message received from the terminal device into a multicast discovery message and transferring it to the private network, and receiving a response message to the discovery message from the device Then, the private address of the device included in the response message is converted into a group indicating the device based on the address conversion table used in NAT. A third message conversion step of rewriting the over Bal address, and a NAT conversion step of converting the private address and a global address assigned to the device to each other based on the address conversion table. The present invention also provides a program for causing a computer to execute each step of the above method.

  Therefore, according to the present invention, it is possible to provide a remote access system capable of accessing a home network from a remote location by a simple communication method without imposing a large load on the gateway.

First, terms used in the description of embodiments of the present invention will be described below.
DHCP (Dynamic Host Configuration Protocol): A protocol that dynamically assigns IP addresses.
DDNS (Dynamic Domain Name System): A system that associates dynamically assigned IP addresses with domain names.
GENA (General Event Notification Architecture): A protocol used for UPnP event notification.
HTTP (Hyper Text Transfer Protocol): A communication protocol used for data transfer between a Web browser and a Web server.
-HTTPPU (HTTP over UDP): A variant of HTTP that transfers data over UDP.
-HTTPMU (HTTP Multicast over UDP): A variant of HTTP that performs multicast data transfer over UDP.
NAT (Network Address Translation): IP address translation technology. Global address and local address are converted to each other.
RPC (Remote Procedure Call): Technology that entrusts execution of a part of a process to another device connected via a network.
SOAP (Simple Object Access Protocol): A protocol for executing RPC using HTTP and XML. Used for UPnP control.
SSDP (Simple Service Discovery Protocol): A protocol for discovering network services. Used for UPnP discovery.
TCP (Transmission Control Protocol): One of the Internet standard protocols. In the transport layer of the OSI reference model, it realizes connection-type reliable communication over IP.
UDP (User Datagram Protocol): One of the Internet standard protocols. In connection with the transport layer of the OSI reference model, connectionless communication such as multicast is realized over IP.
URL (Uniform Resource Locator): A description method that indicates the location of information existing on the Internet.
XML (Extensible Markup Language): One of markup languages. Extensibility that allows users to define their own tags.

  Hereinafter, a remote access system 1 according to the present invention will be described with reference to the drawings.

  FIG. 1 is a schematic diagram showing a configuration of a remote access system 1 according to the present invention. The remote access system 1 of the present invention includes a home network 100, the Internet 200, and a terminal device 300. The home network 100 is connected to the Internet 200 via a home gateway 10 described later. In the present embodiment, the terminal device 300 is a mobile phone terminal, and is connected to the Internet 200 via a mobile phone network (not shown).

  The home network 100 is a local network built in a home, and includes a home gateway 10 and devices 21, 22 and 23 installed in the home. The devices 21, 22, and 23 are home electronic devices such as a PC, a digital camera, an HDD recorder, or a home game machine. The home gateway 10 and the devices 21, 22, and 23 are all products compliant with the DLNA guidelines, and constitute a home network 100 by being connected to each other by wire or wirelessly as will be described later.

  FIG. 2 is a block diagram showing the configuration of the home gateway 10. As shown in FIG. 2, the home gateway 10 includes a CPU 11, a memory 12, a local network interface unit 14, and a global network interface unit 15. These components are connected to each other via a bus 20 and are controlled by the CPU 11.

  The memory 12 stores various data such as an address conversion table used in the NAT unit 160 described later, programs, and the like. The program stored in the memory 12 includes a control program for realizing the functional blocks shown in FIG. The CPU 11 implements each function shown in FIG. 3 by executing a program stored in the memory 12. The local network interface unit 14 is a network interface that connects the home gateway 10 to the home network 100. The global network interface unit 15 is a network interface that connects the home gateway 10 to the Internet 200.

  FIG. 3 is a functional block diagram showing main functional blocks related to the remote access of the present invention implemented in the home gateway 10. The DLNA unit 130 is a functional block for realizing various functions defined by the DLNA guidelines, and performs various processes using the UPnP unit 131. The UPnP unit 131 is a functional block for performing processing based on the UPnP standard, and a remote access processing unit 140 (hereinafter referred to as “RA processing unit 140”) as a function expansion unit for realizing remote access of the present invention. It has. The UPnP unit 131 is configured to execute various processes using the DHCP server unit 132 and the Web server unit 134. In the present embodiment, FIG. 3 shows only the UPnP unit 131 as a functional block used by the DLNA unit 130. However, the DLNA unit 130 is not shown for realizing functions necessary for DLNA such as RTP (Real-time Transport Protocol) which is a transmission protocol for streaming and reproducing audio data and video data in each device. It is configured to perform processing using many functional blocks that are not present. In the present embodiment, the description will be focused on the processing related to UPnP used by DLNA, and thus description of other functions will be omitted.

  The UPnP unit 131 performs various processes such as addressing, discovery, description, control, eventing, and presentation, which will be described later.

  The DHCP server unit 132 is a functional block used for UPnP addressing, and has a function of automatically assigning a local address to a device connected to the home network 100. The DHCP server unit 132 is set with a range of local addresses that can be assigned to each device, and provides the information to devices connected to the home network 100. Then, when the device finishes communication, the address is automatically collected and assigned to another device. The Web server unit 134 communicates with the outside using a protocol such as HTTP.

  The NAT unit 160 is a network address conversion unit having a function of mutually converting a local address assigned to each device 21 to 23 in the home network 100 and a global address used for communication with a terminal on the Internet. . Specifically, when the device 23 accesses the Internet 200, the NAT unit 160 uses the local IP address assigned to the device 23 and the TCP / UDP port number for the local network as the global IP address and the TCP for the Internet. It has a function of converting to / UDP port number. The content converted by the NAT unit 160, that is, the correspondence relationship between the combination of the IP address and the TCP / UDP port number used in each of the home network 100 and the Internet 200 is registered in the address conversion table and stored in the memory 12. Is done. The NAT unit 160 mutually translates the local address used in the home network and the translated global address, so that the device identified by the local address in the home network 100 is on the Internet. Can be identified by a global address.

  First, a UPnP function used for detecting a device in the home network 100 and exchanging contents in the present embodiment will be described with reference to FIGS. 4 and 5. FIG. FIG. 4 shows a DLNA protocol stack. As shown in FIG. 4, the highest layer in the DLNA protocol stack is a DLNA layer that provides services in accordance with DLNA guidelines to various applications. The DLNA layer includes various interfaces such as GUI (Graphical User Interface) and API (Application Programming Interface). Below the DLNA layer, there is a UPnP layer that provides a service according to the UPnP standard to the DLNA layer. UPnP uses various protocols such as SSDP, SOAP, and GENA. The SSDP, SOAP, and GENA protocols are used when performing discovery, control, and eventing processes, respectively. The SSDP used for discovery transmits and receives messages using HTTPMU and HTTPPU operating on UDP / IP. Control and eventing executed using SOAP and GENA are performed by connection-type communication on TCP / IP. The actual processing of UPnP composed of such a protocol stack will be described below with reference to FIG.

  FIG. 5 is a diagram showing a process flow of automatic recognition and content sharing of devices and contents in the home network 100 by UPnP, taking as an example the case where a device 23 is newly connected to the home network 100. The following processing is realized by executing processing based on a normal UPnP standard in a CPU (not shown) included in the devices 21 to 23. Automatic recognition and content sharing by UPnP is realized by a six-stage process of addressing, discovery, description, control, eventing, and presentation.

  First, when the device 23 is connected to the home network 100 by wireless or wired LAN (S1), a local IP address in the home network 100 is automatically assigned to the device 23 by the DHCP server unit 132 of the home gateway 10. (S2). This is called addressing. Here, if the DHCP server function does not exist in the home network, the device 23 uses the Auto IP function provided in its own device, and uses any IP that does not overlap with other devices from the reserved address. Select an address and set its own IP address automatically.

  When an IP address is set for the device 23, discovery is performed next. In discovery, in order to detect servers and other devices connected to the home network 100, a discovery message is transmitted from the device 23 to each device in the home network 100 by multicast (S3). This discovery message includes information about the device 23 such as a device type, a query for making an inquiry to devices existing on the home network 100, and the like.

  In the process of S3, a discovery message is transmitted to the home gateway 10 and the devices 21 and 22. In the following explanation, communication between the device 23 and the device 21 will be described as an example. The device 21 that has received the discovery message in S3 transmits a response message notifying the device 23 that the device is connected to the network (S4). The response message includes basic information such as the device type and service type of the device 21 and the local IP address of the device 21 as well as a URL for referring to a description to be described later.

  In the discovery, SSDP is used for transmission of the discovery message and the response message. SSDP defines a method for detecting a device in a network and a method for notifying availability of a device. In discovery, only a device having a specific function can be detected. In this case, by including a query for only a device having a specific function in the discovery message, only the device having the function responds to the discovery.

  The device 23 that has received a response from the device 21 in the discovery next acquires a description from the device 21 in order to know detailed information of the device 21. The description is a document described in XML, and includes a device description in which a device type name and a list of services to be provided are described, and information on each service provided by the device (a list of commands, actions, parameters of each action, etc.) There are two types of service descriptions in which are described). The device 23 transmits a description request to the device 21 based on the description URL included in the response message from the device 21 (S5). Then, in response to the description request, the device 21 transmits the description to the device 23 (S6). Transmission and reception of these descriptions is performed by HTTP communication. In order to simplify the description, in FIG. 5 and the description of the specification, the acquisition of the device description and the service description is described as one process, but in detail, the request and response for each description. Are performed in order. That is, when the device 23 first acquires the device description of the device 21, the service description URL describing the type of service provided by the device 23 from the content of the acquired device description and detailed information about each service is described. Know. If the device 23 provides the required service, the device 23 then requests the device 21 for a service description regarding the service. By acquiring the service description in such a procedure, the device 23 can use the service provided by the device 21.

  When the device 23 uses the service provided by the device 21, processing (control) for controlling the device 21 is performed. Specifically, first, a control message including an action request regarding a service provided by the device 21 is transmitted from the device 23 to the device 21 (S7). Then, a result or error for the control message is returned from the device 21 to the device 23 (S8). This control is performed using SOAP.

  Further, when a change occurs in the service provided by the device 21, eventing for notifying this to the device 23 is performed (S9). For example, eventing is performed when a service item provided by the device 21 is added or deleted. Eventing is realized using GENA. By using GENA, it is possible to send an event notification to a device in the network using HTTP when the state of the device changes (an event occurs).

  Further, when the device 21 has a page for presentation (when the URL of the presentation page is included in the device description), the device 23 acquires this page and reads it into the browser, and the device 23 is shown in the figure. Can be displayed on the display screen. Furthermore, depending on the function of the page, it is also possible to acquire and display information related to the device state from the device 21. Such processing is called presentation (S10).

  Through the processing using UPnP as described above, peer-to-peer interconnection between the device 23 and the device 21 newly added to the home network 100 becomes possible. Similarly to the device 21, the device 22 and the home gateway 10 that have received the discovery message multicast-transmitted from the device 23 are also subjected to UPnP processing such as description and control in the same manner as described above. The device 23 and each device in the home network can communicate with each other, and control between the devices and content sharing are possible.

  When automatic device recognition using UPnP is performed as described above, in accordance with DLNA guidelines, for example, the device 21 is a DMS holding content such as a digital camera, the device 22 is a DMP having a content playback function such as a television, and the device 23 is defined as a DMC having a control function such as a PC. Then, image reproduction processing or the like is performed by the cooperation operation of each device based on the procedure specified in the DLNA guidelines. Specifically, by controlling the DMS (device 21) and the DMP (device 22) by the DMC (device 23), an image owned by the DMS (device 21) is transferred to the DMP (device 22), and the DMP screen is displayed. It can be displayed on the screen.

  Next, remote access from the terminal device 300 to the home network 100, which is a feature of the present invention, will be described in detail. This remote access is used when, for example, the user wants to download and play back the content stored in the device 21 of the home network 100 to the terminal device 300 while away from home. FIG. 6 is a block diagram illustrating a configuration of the terminal device 300. In the present embodiment, the terminal device 300 is a mobile phone terminal. However, in another embodiment, for example, a mobile terminal such as a PHS (Personal Handy phone System), a PDA (Personal Digital Assistants), or a mobile game machine, A terminal connected to the home gateway 10 via the Internet 200 such as an installed PC may be used.

  The terminal device 300 includes a CPU 310 that performs overall control of the entire device, a memory 320 that stores programs such as various data and applications, an input unit 330 including numeric keys and direction keys for receiving user input, a liquid crystal display, an organic EL display, and the like And a network interface unit 350 for accessing the Internet 200 via a mobile phone network. These components are connected to other components via a bus 390.

  FIG. 7 is a functional block diagram showing functional elements realized by the CPU 310. The memory 320 stores a control program for the CPU 310 to realize each functional block shown in FIG. 7, and the CPU 310 reads out each program from the memory and executes it, whereby each function shown in FIG. Is realized.

  The DLNA unit 360 in FIG. 7 is a functional block that performs communication based on DLNA guidelines. The DLNA unit 360 uses the UPnP unit 362 to execute various processes. The UPnP unit 362 is a functional block that performs communication processing based on the UPnP standard, and performs each process of discovery, description, control, eventing, and presentation. The UPnP unit 362 includes a remote access processing unit 366 (hereinafter referred to as “RA processing unit 366”) as a function expansion unit for realizing remote access of the present invention. Similarly to the DLNA unit 130 of the home gateway 10, the DLNA unit 360 performs processing using many functional blocks (not shown) used in the DLNA system such as the RTP function in addition to the UPnP unit 362. It has become.

  FIG. 8 is a diagram illustrating remote access processing for performing remote access from the terminal device 300 to the home network 100. First, when the user operates the input unit 330 to start an application (for example, HDD recorder remote playback application) compliant with DLNA installed in the memory 320 in advance, the terminal device 300 is connected to the Internet via the mobile phone network. Is established (S101).

  As described above, in the UPnP process in the devices 21 to 23 in the home network 100, a local IP address is assigned by the DHCP server unit 132 provided in the home gateway 10 at the time of addressing. If the DHCP server is not detected in the network, the local IP address is set by the AUTO IP function. However, since the terminal device 300 according to the present embodiment is connected to the Internet 200 instead of the home network 100 as described above, it performs addressing of a local IP address performed in a normal UPnP device such as the devices 21 to 23. I can't. Further, the terminal device 300 does not normally have an Auto IP function. Therefore, the addressing of the terminal device 300 is performed by assigning a global address from a DHCP server provided in an access point on a mobile phone network (not shown) when establishing a connection with the Internet 200. This global address is used for identification and management of the terminal device 300.

  When the connection to the Internet is completed, the home network 100 is next designated (S102). The home network 100 is designated by designating the domain name of the home network 100 or the like via the display unit 340 by the user of the terminal device 300. Here, in the home network 100 of the present embodiment, in order to make the home gateway 10 public on the network as a public server of the home network 100, services called DNS and DDNS are used. Specifically, a global address used on the Internet is assigned to the home gateway 10 by a network provider that provides an Internet connection service to the home network 100. The assigned global address is associated with an arbitrarily set domain name indicating the home network 100 and registered in a DNS server owned by the Internet service provider. At this time, when DDNS is used, the contents registered in the DNS server are updated as the global address assigned to the home gateway changes. As a result, a unique domain name is always assigned even when a new global address is assigned each time the home gateway 10 connects to the network.

  Therefore, the terminal device 300 can be connected to the home network 100 by specifying the domain name of the home network 100. When the connection to the home network 100 is established, discovery by the UPnP unit 362 is executed. The UPnP unit 362 creates a discovery message using SSDP (S103). At this time, the message created by the UPnP unit 362 conforms to the UPnP standard, and multicast transmission by UDP is designated. Next, the RA processing unit 366 rewrites the discovery message created by the UPnP unit 362 into a message in a format suitable for remote access (hereinafter referred to as “RA message”) (S104). Specifically, all messages for which multicast transmission is designated are changed to unicast transmission, and the destination address is changed to the global address of the home gateway 10.

  The RA message rewritten by the RA processing unit 366 is unicasted from the network interface unit 350 to the home gateway 10 via the mobile phone network and the Internet 200 (S105).

  The RA message unicast transmitted from the terminal device 300 is received by the global network interface unit 15 of the home gateway 10. The CPU 11 recognizes that the message is an RA message from the header information of the message received by the global network interface unit 15 from the terminal device 300, and executes the RA processing unit 140.

  When the RA processing unit 140 reads the received RA message and recognizes that it is a discovery message transmitted from the terminal device 300, the RA processing unit 140 converts the message into a multicast message having the destination address as the network address of the home network 100 (S106). . That is, this discovery message is generated so as to be transmitted by multicast using the global address of the terminal device 300 as a source address and the home network 100 as a destination address. Next, the RA message is multicast from the local network interface unit 14 into the home network 100 (S107).

  The discovery message transmitted by multicast from the home gateway 10 is received by the devices 21, 22, and 23, and the subsequent processing will be described by taking communication between the device 23 and the home gateway 10 as an example. When the device 23 that has received the discovery message from the home gateway 10 confirms that it is the target of the discovery message, it creates a response message with the global address of the terminal device 300 described in the discovery message as the destination, It transmits to the home gateway 10 (S108). The home gateway 10 that has received the response message rewrites the next received response message (S109).

  Specifically, in S109, the following processing is performed. First, when the local network interface unit 14 receives a response message from the device 23, the CPU 11 executes RA processing. The RA processing unit 140 first extracts the global address of the device 23 with reference to the address conversion table used in the NAT unit 160. If the device 23 is not registered in the address conversion table, a new global address is assigned to the device 23, and the assigned global address is registered in the address conversion table. Extract.

  Next, the RA processing unit 140 rewrites the IP address indicating the transmission source device included in the response message from the device 23 to the global address notified from the NAT unit 160 from the local address of the device 23. Here, in the UPnP process in the home network 100 shown in FIG. 5, the detected devices are identified and managed by the local IP addresses assigned to them. However, in the case of remote access, since the address space to be used differs between the terminal device 300 that uses the global address and the home network 100 that uses the local address, the terminal device 300 and each device in the home network 100 remain as they are. Cannot communicate directly. Therefore, by rewriting the local address of the device 23 included in the response message in the home gateway 10 to the global address assigned by the NAT unit 160, the terminal device 300 can directly communicate with the device 23 using the global address. It is possible.

  Further, as described above, the response message includes a URL for referring to the description. This URL is also a local address in the home network 100. Therefore, in the process of S109, the description URL is also converted into a global address based on the NAT address conversion table. As a result, the terminal device 300 can make a description request based on the global address. Then, the response message rewritten as described above is transmitted from the home gateway 10 to the terminal device 300 (S110).

  The subsequent processing is the same as the UPnP processing in FIG. 4 except that the NAT unit 160 of the home gateway 10 performs address conversion. Specifically, the terminal device 300 transmits a request message based on the URL (global address) included in the response message for the device description detected by the discovery (S111). Next, the home gateway 10 converts the destination address of the received request message from the global address to the local address in the NAT unit 160, and transfers the description request from the terminal device 300 to the device 23. In response to the request, the device 23 returns a description (S112).

  Subsequently, in the same manner as the description process, transmission of a control message (S113), reception of a result / error (S114), event notification by GENA (S115), and presentation (S116) are performed by the NAT unit of the home gateway 10. This is performed with address conversion by 160. With these processes, direct communication between the terminal device 300 and the device 23 becomes possible. Further, UPnP processing between the terminal device 300 and the other devices 21 and 22 is performed in the same manner, so that the terminal device 300 and each device in the home network can communicate with each other, and control and content sharing between the devices can be performed. It becomes possible.

  Thereafter, the DLNA unit 360 of the terminal device 300 defines, for example, that the device 21 is a DMS that owns content such as a digital camera, and the terminal device 300 is a DMP that has a content playback function. Then, content such as an image can be downloaded from the device 21 (DMS) by the terminal device (DMP) and displayed on the display unit 340. Accordingly, for example, even when the user is away from home, the digital content stored in the device in the home network can be shared by the terminal device 300. In the above embodiment, the DLNA and remote access processing are executed by the CPU (11, 310) by calling a program stored in the memory (12, 320) of the terminal device 300 and the home gateway 10. However, a configuration may be adopted in which all or a part of each functional unit is mounted on each device as an ASIC (Application Specific Integrated Circuit) and realized by hardware by the ASIC.

  In the terminal device 300 of the remote access system described above, processing is executed according to normal UPnP except that the RA processing unit 366 transmits a discovery message to the home gateway 10 by unicast. Further, the home gateway 10 also performs processing for rewriting the response message, thereby using the address translation by NAT provided in the normal home gateway to connect the terminal device 300 to each device in the home network. Can be realized.

  Further, in the remote access system according to the present embodiment, it is not necessary to provide a tunnel between the terminal device 300 located outside the home network 100 and the home network 100, and communication can be performed by Internet access that is normally used. Is possible. Furthermore, in the remote access system according to the present embodiment, since the terminal device 300 and each device in the home network can directly communicate, the home gateway 10 has information on each device in the network and each device has. There is no need to maintain a list of information about services to be performed. Therefore, it is possible to access the home network from a remote location by a simple communication method without imposing a heavy load on the gateway.

  Although the embodiments of the present invention have been described above, the present invention is not limited to these embodiments and can be modified in various ranges. For example, this embodiment relates to remote access to a home network compliant with DLNA, but is not limited to this, and can be applied to a home network compliant with other standards using UPnP.

It is a figure which shows the remote access system which concerns on this invention. It is a block diagram which shows the structure of a home gateway. It is a functional block diagram which shows the main functions regarding the remote access system of this invention implement | achieved in a home gateway. It is a figure which shows the protocol stack of DLNA. It is a figure explaining the flow of the UPnP process in a home network. It is a block diagram which shows the structure of a terminal device. It is a functional block diagram which shows the main functions regarding the remote access system of this invention implement | achieved in a terminal device. It is a figure explaining the flow of the remote access process of this invention.

Explanation of symbols

10 Home gateway 11 CPU
DESCRIPTION OF SYMBOLS 12 Memory 14 Local network interface part 15 Global network interface part 21,22,23 Device 130 DLNA part 131 UPnP part 132 DHCP server part 134 Web server part 140 RA process part 160 NAT part 100 Home network 200 Internet 300 Terminal apparatus 310 CPU
320 Memory 330 Input unit 340 Display unit 350 Network interface unit 360 DLNA unit 362 UPnP unit 366 RA processing unit

Claims (9)

A remote access system for accessing a private network having a gateway and at least one device from a terminal device via the Internet,
The terminal device
A first network interface unit for connecting to the private network via the Internet;
A first UPnP unit that performs communication based on the UPnP standard; and a first message conversion unit that converts a UPnP discovery message into a unicast discovery message destined for the gateway.
A second network interface unit for connecting to the Internet;
A third network interface unit for connecting to the private network;
A second UPnP unit that performs communication based on the UPnP standard;
A NAT unit for mutually converting a private address assigned to the device and a global address for connecting to the Internet based on an address conversion table;
A second message conversion unit that converts a unicast discovery message received from the terminal device into a multicast discovery message and forwards the message to a private network;
When a response message to the discovery message is received from a device via the third network interface unit, the device converted from the device private address included in the response message by the address conversion table of the NAT unit A third message conversion unit that rewrites the global address shown,
The terminal device performs communication with the device that is a transmission source of the response message based on a global address included in the response message rewritten by the third message conversion unit.   The remote access system according to claim 1, wherein the third message conversion unit further converts a URL indicating the location of the UPnP description of the device included in the response message into a global address.   The remote access system according to claim 1 or 2, wherein the private network is a network constructed in accordance with DLNA guidelines. A gateway connecting a private network having at least one device and a terminal device on the Internet,
A second network interface unit for connecting to the Internet;
A third network interface unit for connecting to the private network;
A second UPnP unit that performs communication based on the UPnP standard, a NAT unit that mutually converts a private address assigned to the device and a global address for Internet connection based on an address conversion table;
A second message conversion unit that converts a unicast UPnP discovery message received from the terminal device into a multicast discovery message and transfers the message to a private network;
When a response message to the discovery message is received from the device via the third network interface unit, the device obtained by converting the private address of the device included in the response message by the address conversion table of the NAT unit A third message conversion unit for rewriting to a global address indicating
A gateway comprising: A terminal device for accessing a private network having a gateway and at least one device via the Internet,
A first network interface unit for connecting to the private network via the Internet;
A first UPnP unit that performs communication based on the UPnP standard, and a first message conversion unit that converts a UPnP discovery message into a unicast discovery message destined for the gateway,
The terminal apparatus performs communication with the device that is a transmission source of the response message based on a global address included in the response message from the device. A method for accessing a private network having a gateway and at least one device from a terminal device via the Internet,
Executed in the terminal device;
Generating a UPnP discovery message;
A first message conversion step of converting the UPnP discovery message into a unicast discovery message destined for the gateway and transferring it to the gateway;
Executed in the gateway,
A second message conversion step of converting a unicast discovery message received from the terminal device into a multicast discovery message and transferring it to a private network;
When a response message to the discovery message is received from the device, a third message conversion step of rewriting the private address of the device included in the response message to a global address indicating the device based on an address conversion table used in NAT When,
A NAT translation step for translating the private address assigned to the device and the global address to each other based on the address translation table;
A remote access method comprising: A method for accessing a private network having a gateway and at least one device from a terminal device via the Internet,
Executed in the terminal device;
Generating a UPnP discovery message;
A remote access method comprising: a first message conversion step of converting the UPnP discovery message into a unicast discovery message destined for the gateway and transferring it to the gateway. A method for accessing a private network having a gateway and at least one device from a terminal device via the Internet,
Executed in the gateway,
A second message conversion step of converting a unicast discovery message received from the terminal device into a multicast discovery message and transferring it to a private network;
When a response message to the discovery message is received from the device, a third message conversion step of rewriting the private address of the device included in the response message to a global address indicating the device based on an address conversion table used in NAT When,
A NAT translation step for translating the private address assigned to the device and the global address to each other based on the address translation table;
A remote access method comprising:   The program for making a computer perform the remote access method in any one of Claims 6-8.

Images