JP2012209901A - Communication system, network address processing device, route control device, and reception packet processing program for network address processing device - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide a communication system capable of putting an ARP table in a layer-3 switch in an accessible state quickly even when a NAT device of an operation system is switched.SOLUTION: A communication system has: a layer-3 switch having an ARP table in which a plurality of entries each consisting of a floating IP address and a MAC address of an accommodated NAT device are described; and a plurality of NAT devices configuring a redundant system. A virtual MAC address different from any of MAC addresses respectively unique to the NAT devices is described as the MAC address of the NAT device in each entry of the ARP table. At that time, the NAT device being an operation system processes at least the virtual MAC address as an effective MAC address. Even immediately after becoming a new operation system by system switching, the NAT device performs no packet transmission for updating the ARP table.

Description

  The present invention relates to a communication system, a network address processing device, a route control device, and a received packet processing program of the network address processing device, for example, a NAT (Network Address Translator) connected to a network switch such as a layer 2 switch or a layer 3 switch. This is applicable when the apparatus constitutes a redundant system.

  Conventionally, a NAT device connected to a network switch (route control device) such as a layer 2 switch or a layer 3 switch that accommodates a terminal, a communication device, or the like is configured with an active and standby redundant system. . In general, a NAT device is a device that is arranged between networks having different address bands, converts the address of a packet received from a certain network, and transmits the packet to another network. When a NAT device is made redundant, an address given to itself in order for the NAT device to receive a packet is a floating IP address (always an address indicating an active system). Since NAT devices control many address translations, the number of floating IP addresses is very large (eg, 10,000 or more).

  In the above-described redundant system, when a failure occurs in the active NAT device, and the conventional standby NAT device is switched to the new active NAT device, the new active NAT device is connected. The MAC (Media Access Control) address in the ARP (Address Resolution Protocol) table of the network switch is updated to the MAC address of its own (new operational NAT device). The newly-operated NAT device transmits a GARP (Gritituous ARP) packet with a combination of “floating IP address and own MAC address” for all floating IP addresses, and the ARP table of the network switch The MAC address table is updated (for example, the update of the ARP table using GARP is described in Patent Document 1).

  The newly operating NAT device transmits the number of GARPs that can be assigned as floating IP addresses.

JP2002-232448

  However, if a large amount of GARP packets (for example, 10000 packets) are sent / received from the newly-operated NAT device to the network switch all at once, the processing in the network switch cannot catch up and the ARP table and the MAC address table cannot be completely updated. Only a part of the table can be updated. Therefore, the ARP table or MAC address table that could not be updated contains a mixture of entries having the MAC address of the old NAT system and entries having the MAC address of the new NAT system. Access to the entry having the MAC address of the NAT device becomes impossible.

  In order to avoid such an inconvenience, it is considered to transmit a GARP packet in two transmission phases. That is, as shown in FIG. 8, immediately after switching to the new active NAT device (first phase), a predetermined number (the number of floating IP addresses) of GARP packets in a very short time (for example, within one second). After that (second phase), a predetermined number of GARP packets are retransmitted twice at a time interval of several tens of seconds (for example, 15 seconds). By retransmitting such a GARP packet, an entry in the table that could not be updated in the first phase can be updated.

  However, until the end of the second transmission in the second phase (until about 30 seconds have passed), there is a possibility that an inaccessible table entry may occur.

  Therefore, a communication system, a network address processing device, a route control device, and a network that can quickly access the ARP table of the connected device even when the active network address processing device is switched. A received packet processing program for an address processing device is desired.

  According to a first aspect of the present invention, there is provided between the first route control device having an ARP table in which a plurality of entries including floating IP addresses and MAC addresses of network address processing devices are described, and the first route control device. In a communication system having a plurality of network address processing devices constituting a redundant system capable of sending and receiving IP packets, (1) any of the networks as a MAC address of the network address processing device in each entry of the ARP table A virtual MAC address different from the MAC address unique to the address processing device is described, and (2) at that time, the network address processing device that is in operation is at least the virtual MAC address As a valid MAC address Immediately after became, characterized in that it does not perform the packet transmission for updating the ARP table.

  The second aspect of the present invention configures a redundant system that can exchange IP packets with a routing control device having an ARP table in which a plurality of entries including floating IP addresses and MAC addresses of network address processing devices are described. (1) The ARP table describes a virtual MAC address different from the MAC address unique to any of the network address processing devices as the MAC address of the network address processing device in each entry. (2) When the self is an active system, at least the virtual MAC address is processed as a valid MAC address, and immediately after becoming a new active system, the ARP table It does not execute packet transmission for updating That.

  According to a third aspect of the present invention, there is provided a routing control apparatus including an ARP table in which a plurality of entries including a floating IP address and a MAC address related to a network address processing apparatus constituting a redundant system are described. As the MAC address related to the network address processing device in the entry, a virtual MAC address different from the MAC address unique to any of the network address processing devices is described.

  The fourth aspect of the present invention configures a redundant system that can exchange IP packets with a route control device having an ARP table in which a plurality of entries including floating IP addresses and MAC addresses of network address processing devices are described. (1) means for discriminating the destination MAC address of the incoming IP packet, and (2) all the above-mentioned computers in which the determined MAC address constitutes a redundant system. Means for determining whether the network address processing apparatus on which the computer is mounted is an active system or a standby system in the case of a virtual MAC address different from the MAC address unique to the network address processing apparatus; Function as a means to receive and process incoming IP packets. And wherein the Rukoto.

  According to the present invention, a communication system, a network address processing device, a network switch, which can quickly access an ARP table in a connected device even when an active network address processing device is switched, In addition, a received packet processing program of the network address processing device can be provided.

1 is a block diagram showing a configuration of a communication system according to a first embodiment. It is a block diagram which shows the internal structural example of the NAT apparatus in 1st Embodiment. It is explanatory drawing which shows the structural example of the ARP table and MAC address table in 1st Embodiment. It is a flowchart which shows the outline | summary of the process at the time of the active system switching in 1st Embodiment. 4 is a flowchart showing a characteristic part of processing when an active NAT device receives an IP packet in the first embodiment. It is explanatory drawing which shows the structure of the MAC address table in 2nd Embodiment. It is explanatory drawing which shows the transmission method of the GARP packet from the new operation type | system | group NAT apparatus in 2nd Embodiment. It is explanatory drawing which shows the transmission method of the GARP packet from the conventional NAT apparatus of the new operation system.

(A) First Embodiment Hereinafter, a first embodiment of a communication system, a network address processing device, a network switch, and a received packet processing program of the network address processing device according to the present invention will be described with reference to the drawings. .

(A-1) Configuration of First Embodiment FIG. 1 is a block diagram showing a configuration of a communication system according to the first embodiment.

  In FIG. 1, the communication system 1 according to the first embodiment includes two NAT devices 2A and 2B constituting a redundant system. For example, each NAT device 2A, 2B is arranged between the A network and the B network having different address bands, converts the address of the packet received from the A network, transmits it to the B network, and receives it from the B network. The packet address is converted and transmitted to the A network.

  In FIG. 1, a network A communication device (for example, a SIP (Session Initiation Protocol) server) 3 is connected to NAT devices 2A and 2B via a layer 3 switch 4 and a layer 2 switch 5 in sequence, and a network B communication device ( For example, the SIP server 6 is connected to the NAT devices 2A and 2B via the layer 3 switch 7 and the layer 2 switch 8 in this order. Unlike FIG. 1, the communication device may be connected to the NAT device only through the layer 3 switch, and the communication device is connected to the NAT device through a plurality of layer 2 switches and layer 3 switches. The path between the communication device and the NAT device may be arbitrary.

  The NAT devices 2A and 2B have the same configuration and constitute a redundant system, and when one is an active system, the other is a standby system.

  The network interface cards (NICs) of the NAT devices 2A and 2B have unique MAC addresses MACa, MACj, MACb, and MACk, respectively. Each of the NAT devices 2A and 2B includes, for example, a network interface card, and is connected to the layer 2 switches 5 and 8 via the network interface card. The unique MAC addresses of the NAT devices 2A and 2B illustrated in FIG. 1 are, for example, unique MAC addresses of network interface cards.

  In the case of the first embodiment, a virtual MAC address MACc related to an active NAT device is introduced regardless of which one is active. In the case of the first embodiment, the B network is a network to which a virtual MAC address MACc is applied, and the A network is a network to which a virtual MAC address is not applied. For example, when the NAT device 2A is an active system, the NAT device 2A handles the unique MAC address MACa and the virtual MAC address MACc as its own MAC address for the B network to which the virtual MAC is applied. For the A network to which the virtual MAC is not applied, the unique MAC address MACj is handled as its own MAC address. Further, for example, when the NAT device 2B is an active system, the NAT device 2B handles the unique MAC address MACb and the virtual MAC address MACc as its own MAC address for the B network to which the virtual MAC is applied. Thus, the unique MAC address MACk is handled as its own MAC address for the A network to which the virtual MAC is not applied.

  FIG. 2 is a block diagram illustrating an internal configuration example of the NAT device 2 (2A or 2B).

  In FIG. 2, the NAT device 2 includes a communication port 10, a reception processing unit 11, a transmission processing unit 12, an address conversion control unit 13, a parameter storage unit 14, an active system monitoring unit 15, and an active system switching unit 16.

  The communication port 10 connects an external device (such as a network switch or another NAT device).

  For example, the reception processing unit 11 performs reception processing of an IP packet arriving from an external device, and gives information obtained by disassembling the received IP packet to the address translation control unit 13.

  For example, the transmission processing unit 12 assembles a transmission IP packet including information given under the control of the address translation control unit 13 and transmits the packet to an external device.

  The address translation control unit 13 receives, for example, a packet for the NAT device 2 from the network A communication device by software processing, converts the address, and transmits the packet to the network communication device. The address translation control unit 13 performs address translation in the same manner for communication from the B network to the A network.

  The address translation control unit 13 executes a processing program (received packet processing program) 13a at the time of packet reception as shown in FIG.

  The parameter storage unit 14 records various parameters (including processing stage information) that the address translation control unit 13 registers and uses. The parameter storage unit 14 stores, for example, all floating IP addresses related to the A network side and all floating IP addresses related to the B network side. The parameter storage unit 14 stores, for example, whether each network is a network that can support a virtual MAC address.

  The parameter storage unit 14 stores data when the own system is the active system, and is empty when the own system is the standby system. When the system is switched to the active system, the parameter storage unit 14 takes in the parameters from the previous active system and stores them. good. Further, the parameter storage unit 14 may store the latest parameters as much as possible by periodically taking parameters from the active system even when the own system is a standby system.

  The active system monitoring unit 15 functions as a standby system, and periodically monitors whether an event that requires system switching, such as a failure, has occurred in the active NAT device at that time. Is. The active system monitoring unit 15 transmits, for example, a ping to the active NAT device, and determines whether or not system switching is necessary based on the presence or absence of a response within the predetermined time.

  When the active system monitoring unit 15 determines that the system needs to be switched, the active system switching unit 16 switches the local system to the active system and the other system to the standby system, and subordinates a predetermined packet associated with the system switch. This is sent to a switch or the like.

  Each of the layer 2 switches 5 and 8 and the layer 3 switches 4 and 7 executes exchange of IP packets. In FIG. 1, one network is shown for each of the A network and the B network, but it goes without saying that there may be a plurality of switches for each network. The layer 2 switches 5 and 8 and the layer 3 switches 4 and 7 may also constitute a redundant system. Each network having various switches represents, for example, a difference in communication carriers. Depending on the network, the virtual MAC address MAC related to the active NAT device may be applicable or may not be applicable. As described above, it is assumed that the network A is not applicable to the virtual MAC address related to the active NAT device, and the network B is applicable to the virtual MAC address related to the active NAT device. .

  The communication ports (Port A, Port B) of the layer 2 switches 5 and 8 are used to connect external devices (NAT devices 2A, 2B, terminals, etc.) and have a plurality of input / output ports. Port number is assigned. Naturally, the NAT devices 2A and 2B are connected to different input / output ports. In the following description, the port numbers of the input / output ports to which the NAT device 2A is connected are PortA and the input / output to which the NAT device 2B is connected. Description will be made assuming that the port number of the port is PortB.

  The layer 2 switches 5 and 8 perform switching by determining the destination of the packet based on the data of layer 2 (data link layer). The layer 2 switches 5 and 8 have built-in MAC address tables 5a and 8a in which a plurality of sets (entries) of MAC addresses and input / output ports are described. In the case of the first embodiment, for the two NAT devices 2A and 2B, not two sets of information are described in the MAC address table 8a, but only one set of information is described. The MAC address in the set of described information is the above-described virtual MAC address MACc, and the port number in the set of described information is the NAT device 2A that is currently in operation or The port number that connects 2B is portA or portB. FIG. 3A shows the MAC address table 8a in the case where the NAT device that is currently in operation is the NAT device 2B.

  The layer 3 switches 4 and 7 perform switching by determining the destination of the packet based on the data of the layer 3 (network layer). The layer 3 switches 4 and 7 have built-in ARP tables 4a and 7a that describe sets of floating IP addresses and MAC addresses as many as the number of floating IP addresses. In the case of the first embodiment, in the ARP table 7a, the MAC addresses corresponding to the floating IP addresses related to the NAT devices 2A and 2B are all virtual MAC addresses MACc. FIG. 3B shows the ARP table 7a in the case where the NAT device that is currently in operation is the NAT device 2B.

  Since the network A is a network that cannot support a virtual MAC address, the MAC address in the information described in the MAC address table 5a for only one set of the two NAT devices 2A and 2B is the active system at that time. Is the MAC address MACj or MACk of the NAT device 2A or 2B, and the port number is the port number portA connected to the network interface card held by the NAT device 2A or 2B that is currently operating portB. Further, in the ARP table 4a related to the A network, all the MAC addresses corresponding to the floating IP addresses related to the NAT devices 2A and 2B are the MAC addresses MACj or MACk of the NAT device 2A or 2B which is currently in operation. It is.

(A-2) Operation of First Embodiment The operation of the communication system 1 according to the first embodiment will be described with reference to the drawings. In the following, a case will be described in which the NAT device 2A is switched from the active state and the NAT device 2B is switched from the standby state.

  When a failure occurs in the active NAT device 2A, this is detected by the active system monitoring unit 15 in the standby NAT device 2B, and the active system switching unit 16 changes the NAT device 2B to the active system and to the other system. A process of switching the NAT device 2A to the standby system is executed.

  At this time, for example, as shown in the flowchart of FIG. 4, the active system switching unit 16 takes in a predetermined parameter from the other NAT device 2A and takes over (step 100), and stops the processing of the other NAT device 2A. (Step 101), and necessary processing is executed immediately after system switching (step 102). As processing necessary immediately after system switching, processing for updating the MAC address table and the ARP table is included.

  For the layer 2 switch 4 and the layer 3 switch 5 in the network that cannot support the virtual MAC address, the active system switching unit 16 transmits the GARP packet similar to the conventional one (see FIG. 8) to the MAC address table 5a. Or the ARP table 4a is updated (step 102a).

  On the other hand, for the layer 2 switch 8 of the network that can handle the virtual MAC address MACc, the active system switching unit 16 transmits the GARP packet only once and updates only the MAC address table 8a ( Step 102b). In the ARP table 7a of the layer 3 switch 7, since the MAC addresses corresponding to the floating IP addresses associated with the NAT device are all virtual MAC addresses MACc, the active system is switched from the NAT device 2A to the NAT device 2B. Even if it does, it is not necessary to change the description. The MAC address table 8a is a correspondence between a MAC address and a port number. The MAC address is a virtual MAC address MACc even if the active NAT device is switched, and does not need to be changed. Since the NAT device 2A is different from the NAT device 2B, it must be rewritten to the port number portB of the new active NAT device 2B. Therefore, the active system switching unit 16 transmits the GARP packet only once, causes the layer 2 switch 8 to know that the port number corresponding to the MAC address MACc is portB, and updates the MAC address table 8a. Any floating IP address may be applied to the source floating IP address in the GARP packet at this time. The packet transmitted in this way is not limited to a GARP packet, and may be an ARP packet.

  In order to update the MAC address table 8a, without intentionally transmitting a GARP packet, the MAC address table is used for transmission of an IP packet to the first B network after the system is switched, which is necessary in the process. You may make it entrust the update of 8a.

  Unlike the above, if the network A can cope with a virtual MAC address (for example, MACc), the operation system switching unit 16 of the new operation system NAT device 2B may also be connected to the network A side. The GARP packet is transmitted only once.

  As described above, the B network communication device 6 or the like that can support the virtual MAC address MACc inserts the virtual MAC address MACc as the destination MAC address in the IP packet to the new active NAT device 2B. become. Even when the NAT device 2A is an active system, the network B communication device 6 and the like insert the virtual MAC address MACc as the destination MAC address in the IP packet to the NAT device 2A. On the other hand, the communication device 3 of the A network that cannot support the virtual MAC address MACc inserts the MAC address MACk unique to the NAT device 2B as the destination MAC address in the IP packet to the new active NAT device 2B. become.

  FIG. 5 is a flowchart showing a characteristic part of processing when the active NAT device 2B (the address translation control unit 13 or the reception processing unit 11) receives an IP packet.

  When receiving the IP packet, the NAT device 2B starts the processing shown in FIG. 5 and first determines the destination MAC address (step 150).

  When the destination MAC address is the MAC address MACb unique to the NAT device 2B, the NAT device 2B executes a specific reception process (step 151).

  If the destination MAC address is the virtual MAC address MACc, the NAT device 2B determines whether the own system is the active system or the standby system (step 152). If the own system is the active system, the NAT device 2B performs a specific reception process on the IP packet whose destination MAC address is the virtual MAC address MACc (step 151). On the other hand, if the own system is a standby system, the NAT device 2B discards the IP packet whose destination MAC address is a virtual MAC address MACc (step 153). Thus, the virtual MAC address MACc is a MAC address that functions only when the NAT device 2B is the active system.

  If the destination MAC address of the received IP address is neither the MAC address MACb unique to the NAT device 2B nor the virtual MAC address MACc, the NAT device 2B discards the received IP packet (step 153). ).

  Although illustration of the flowchart is omitted, the NAT device 2B inserts a virtual MAC address MACc into the field of the source MAC address of the IP packet in the communication using the floating IP transmitted to the B network side, and the A network side The MAC address MACb unique to itself is inserted in the field of the source MAC address of the IP packet in the communication using the floating IP to be transmitted to.

(A-3) Effect of First Embodiment According to the first embodiment, it is not necessary to update the ARP table 7a of the layer 3 switch 7 even when the active system is switched. Only one intentional or unintentional transmission of an IP packet is required for updating the MAC address table 8a of the switch 8, so that the time required for switching the operation system can be shortened and the terminal or the like can be quickly accessed. can do.

(B) Second Embodiment Next, a communication system, a network address processing device, a network switch, and a received packet processing program for the network address processing device according to a second embodiment of the present invention will be described with reference to the drawings. To do.

  The overall configuration of the communication system (1) of the second embodiment can also be represented by FIG. 1 used in the description of the first embodiment.

  In the case of the second embodiment, the B network that can support the virtual MAC address MACc employs a VLAN (Virtual Local Area Network) configuration. Therefore, as shown in FIG. 6, one entry of the MAC address table 8a-2 in the layer 2 switch 8 of the B network that can correspond to the virtual MAC address MACc includes the VLAN identification number (ID), the MAC address, and the input / output. The number of entries in the MAC address table for the virtual MAC address MACc is equal to the number of VLANs (for example, about 1000).

  Even if the B network adopts the VLAN configuration, the point that the ARP table 7a describes the combination of the floating IP address and the MAC address is the same as in the first embodiment.

  Therefore, also in the case of the second embodiment, the newly operating NAT device (hereinafter referred to as 2B) transmits a GARP packet for updating the MAC address table 8a-2 of the layer 2 switch 8. become. In order to update all entries for each VLAN in the MAC address table 8a-2, the VLAN identification number is included in the GARP packet, and it is necessary to transmit at least the number of GARP packets for the number of VLANs.

  FIG. 7 is an explanatory diagram showing a GARP packet transmission method by the new active NAT device 2B.

  The new active NAT device 2B transmits a predetermined number (number of VLANs) of GARP packets in a very short time (for example, within 1 second) immediately after switching to the new active NAT device (first phase). This is repeated three times, for example (second phase), and then a predetermined number (number of VLANs) of GARP packets are transmitted at intervals of about one minute, for a total of two times. The retransmission in the second phase is a precautionary transmission, the second half of the first phase is also a repetitive transmission, and the MAC address is the first transmission in the first phase. It can be expected that all entries in the table 8a-2 are updated.

  The floating IP address inserted into the GARP packet for updating the MAC address table 8a-2 as described above may be any address. Further, a packet transmitted for this purpose may not be a GARP packet.

  Also in the second embodiment, the virtual MAC address MACc that is applied regardless of which NAT device 2A, 2B is the active system is applied, and the ARP table 7a is not updated and unnecessary when the active system is switched. Since the GARP packet is transmitted in order to execute only the update of the MAC address table 8a-2, the number of GARP packets that need to be transmitted can be suppressed, and the MAC address table can be updated promptly. The terminal or the like can be quickly accessed.

(C) Other Embodiments In each of the above embodiments, the NAT device shows a double redundant system, but the redundant system is not limited to this. For example, a triple redundant system of one active system and two standby systems may be used. In addition, for example, a redundant system in which one standby NAT device common to N active NAT devices is prepared may be used.

  In each of the above embodiments, the case where the NAT apparatuses 2A and 2B can process two networks has been described. However, the number of networks that can be processed is not limited to two, but one or three or more. It may be. Here, it is sufficient that at least one network that can correspond to the virtual MAC address MACc is included, and of course, all the networks may be networks that can correspond to the virtual MAC address MACc.

  Furthermore, in each of the above embodiments, the layer 2 switch and the layer 3 switch are described as forming a pair. However, even if the layer 2 switch is not provided and only the layer 3 switch is under the NAT device, The present invention can be applied.

  In each of the embodiments described above, the new operating NAT device has shown that both the unique MAC address and the virtual MAC address are processed as valid MAC addresses. However, all the external switches have virtual MAC addresses. In the case of the active system, only the virtual MAC address may be treated as valid, and the unique MAC address may be treated as valid only in the standby system.

  In each of the above embodiments, the case where the route control device and the network address processing device are the layer 3 switch and the NAT device has been described. However, the route control device and the network address processing device of the present invention are not limited to this. is there. In short, the routing control device has an ARP table in which a plurality of entries (for example, the number of floating IP addresses) including floating IP addresses and network address processing device MAC addresses are described, and the network address processing device adopts a redundant configuration. If so, the technical idea of the present invention can be applied.

  DESCRIPTION OF SYMBOLS 1 ... Communication system, 2A, 2B ... NAT apparatus, 3, 6 ... Communication apparatus, 4, 7 ... Layer 3 switch, 4a, 7a ... ARP table, 5, 8 ... Layer 2 switch, 5a, 8a ... MAC address table, DESCRIPTION OF SYMBOLS 11 ... Reception processing part, 12 ... Transmission processing part, 13 ... Address conversion control part, 14 ... Parameter storage part, 15 ... Active system monitoring part, 16 ... Active system switching part

Claims (6)

IP packets can be exchanged between the first route control device having an ARP table in which a plurality of entries including floating IP addresses and MAC addresses of network address processing devices are described, and the first route control device. In a communication system having a plurality of network address processing devices constituting a redundant system,
As a MAC address of the network address processing device in each entry of the ARP table, a virtual MAC address different from the MAC address unique to any of the network address processing devices is described,
At that time, the network address processing device that is the active system processes at least the virtual MAC address as a valid MAC address, and immediately after becoming the new active system, for updating the ARP table. A communication system characterized by not performing packet transmission. The network including the first path control device has a MAC address table having an entry in which the MAC address of the network address processing device is associated with an input / output port that exchanges information with the network address processing device. 2 route control devices,
The communication system according to claim 1, wherein the communication apparatus accommodation server that has become a new operational system executes packet transmission for updating the MAC address table.   The MAC address table entry associates VLAN identification information, a MAC address of a network address processing device, and an input / output port that exchanges information with the communication device accommodating server. The communication system according to claim 2, wherein the number of entries corresponds to the number of VLANs. In a network address processing apparatus constituting a redundant system capable of sending and receiving IP packets to and from a route control apparatus having an ARP table in which a plurality of entries including floating IP addresses and MAC addresses of network address processing apparatuses are described. ,
The ARP table describes a virtual MAC address different from the MAC address unique to any of the network address processing devices as the MAC address of the network address processing device in each entry,
When the device itself is active, at least the virtual MAC address is processed as a valid MAC address, and packet transmission for updating the ARP table is not performed immediately after becoming a new active device. A network address processing device. In a routing control device provided with an ARP table in which a plurality of entries including floating IP addresses and MAC addresses related to network address processing devices constituting a redundant system are described,
A path control device in which a virtual MAC address different from a MAC address unique to any of the network address processing devices is described as a MAC address related to the network address processing device in each entry of the ARP table . To a network address processing apparatus constituting a redundant system capable of transferring IP packets to and from a path control apparatus having an ARP table in which a plurality of entries including a floating IP address and a MAC address of the network address processing apparatus are described. Install the computer
Means for determining the destination MAC address of the incoming IP packet;
When the determined MAC address is a virtual MAC address different from the MAC addresses unique to all the network address processing devices constituting the redundant system, the network address processing device on which the computer is mounted is A means for discriminating between an active system and a standby system;
A received packet processing program for a network address processing device, which functions as a means for receiving processing for an incoming IP packet when it is determined to be an active system.

Images