JP2014053758A - Network control device and network control method - Google Patents

Abstract

PROBLEM TO BE SOLVED: To improve resource usage efficiency and prevent occurrence of a traffic loop in communication between networks connected via a plurality of communication paths, while preventing reconstruction of an unnecessary communication path in an existing network.SOLUTION: When an address solution control section 17 receives device information including an address request frame of a terminal belonging to a different network from a terminal which sets a communication device as a registration device, which has been received by the communication device, the address solution control section 17 makes a notification of a virtual L2 address of the communication device, which is included in allocated virtual L2 addresses of destination terminals registered in a terminal registration information storage section 13. When a frame transfer control section 18 receives device information including a unicast frame including a virtual L2 address of a communication device as a destination L2 address, which has been received by the communication device, the frame transfer control section 18 converts the virtual L2 address into a corresponding terminal L2 address stored in the terminal registration information storage section 13 and transfers the converted terminal L2 address. The operations of the address solution control section 17 and the frame transfer control section 18 are set by the device setting section 19.

Description

  The present invention relates to a technique for connecting a plurality of networks that do not use a network identifier as a transmission / reception address for data communication through a plurality of routes.

  When connecting a plurality of networks that do not use network identifiers (network addresses) as transmission / reception addresses for data communication, such as a layer 2 network, a communication path that connects the networks in order not to generate a traffic loop across the networks. Need to be only one. For example, in the technique described in Patent Document 1, the state of two paths constituting a ring topology is monitored, and the above loop is suppressed by not allowing both paths to communicate simultaneously. Similarly, in the conventional Spanning Tree Protocol (STP), some of the communication paths possessed by the communication device that performs frame transfer are set as backup paths, and a loop is generated by making communication impossible in normal times. Is preventing.

  However, in the above method, there are problems that a part of the physically connected paths is not normally used, so that the use efficiency of communication resources is reduced and the transfer through the shortest path is impossible. That is, when the above method is used, communication traffic between networks passes through a single connection path regardless of the physical distance between terminal devices. For this reason, even communication traffic between terminal devices located far away from the connection path must be detoured to the connection path, resulting in consumption and delay of communication resources in the transfer process. These problems are considered to be particularly noticeable in connections between wide area networks that greatly detour traffic.

  Link aggregation (LAG) and L2 routing have been used and studied as techniques for solving the above problems, but both have problems when applied to connections between networks.

  In other words, LAG is a technology that broadens and makes redundancy by logically integrating a plurality of communication paths spanned between switches into one, and the connection paths are separated, such as redundancy between wide-area networks. If it is at a point, it is difficult to apply. In addition, L2 routing such as TRILL and SPB can realize multipath communication in which a loop does not occur in a connection between networks including a switch corresponding to the protocol, but is not compatible with the protocol (including a switch). If a loop structure is formed by connection with an existing network, a traffic loop cannot be prevented. For this reason, in order to apply L2 routing to redundancy between networks, there is a restriction that a protocol-compatible switch needs to be installed in each network.

  From the above, there is a demand to connect wide-area networks including existing networks through a plurality of communication paths to improve the use efficiency of communication resources and realize frame transfer through the shortest path.

  As one method for realizing the above request, when a certain terminal device communicates with another terminal device belonging to a different network, among the communication devices connecting between the networks, for example, the only one closest to the certain terminal device A method of transferring a frame via a communication device is conceivable. In addition, multicast frames (broadcast frames) that are destined for a large number of terminal devices may be forwarded to only one communication device in each network in order to prevent duplication and loops. It is done. At this time, it is assumed that a frame having a terminal device as a transmission source is transferred to each network by different communication devices in the unicast case and the multicast case. There is a problem that an unnecessary communication path can be reconstructed in an existing network in which the network is constructed. In order to prevent this path from being reconstructed, when a multicast frame is transferred to an existing network, the frame source address is converted from the original address to a virtual address assigned by a predetermined method and then transferred. A way to do this is conceivable.

  However, the reconstruction of the communication path can also occur by the transfer of unicast frames. For example, in the existing network, when different communication devices are assigned as relay sources and relay destinations of a plurality of terminal devices connected to a certain communication device, the terminal devices belonging to different networks are designated as transmission sources in the communication device. It may happen that a frame to be received is received from a different port for each destination. At this time, address re-learning is performed in the communication device, and the communication path in the existing network may not converge.

  In view of the above-mentioned problems, the present invention improves the resource utilization efficiency and prevents the occurrence of traffic loops in communication between networks connected by a plurality of communication paths, and reconstructs unnecessary communication paths in an existing network. It aims to be realized after prevention.

In the present invention, in order to achieve the above object, a plurality of networks that do not use a network identifier as a transmission / reception address for data communication are connected, and the frame is transmitted to a communication device that transfers frames from terminal devices belonging to each network. A network control device that performs transfer control, a communication device information holding unit that holds information of each communication device, a terminal registration information holding unit that holds information of each terminal device, and a device of the communication device from each communication device A device information receiving unit that receives device information such as a name and frame information received by the communication device, a terminal registration unit that registers information of each terminal device from the device information in a terminal registration information holding unit, and the device information A frame discriminator for discriminating whether the frame received by the communication device is an address request / response frame or a normal communication frame; If the received frame is an address request / response frame, address request / response frame transfer control instructing the communication device based on the device information and information held by the communication device information holding unit and the terminal registration information holding unit Based on the device information and the information held by the communication device information holding unit and the terminal registration information holding unit when the received frame is a normal communication frame, the address resolution control unit for determining the contents A network control device comprising at least a frame transfer control unit for determining transfer control content of a normal communication frame to be instructed, and a device setting unit for setting a communication device according to the determined transfer control content;
And
A network control method for connecting a plurality of networks that do not use a network identifier as a transmission / reception address for data communication and performing transfer control of the frame to a communication device that transfers a frame from a terminal device belonging to each network, A step in which the device information receiving unit receives device information such as a device name of the communication device or information on a frame received by the communication device from each communication device; and a terminal registration unit receives information on each terminal device from the device information. In the terminal registration information holding unit, a step in which the frame determination unit determines whether the frame received by the communication device is an address request / response frame or a normal communication frame, and a frame received by the address resolution control unit. Is an address request / response frame, the device information, the communication device information holding unit, and the terminal registration information The step of determining the transfer control content of the address request / response frame instructing the communication device based on the information held by the holding unit, and the frame transfer control unit, when the received frame is a normal communication frame, A step of determining transfer control content of a normal communication frame instructing the communication device based on the device information and information held by the communication device information holding unit and the terminal registration information holding unit, and the transfer determined by the device setting unit The present invention proposes a network control method including at least a step of setting a communication device according to control contents.

  According to the present invention, when two terminal devices belonging to different networks communicate, each terminal device communicates via a unique communication device while preventing unnecessary communication paths from being reconstructed in the existing network. Therefore, it is possible to suppress the occurrence of a traffic loop across the network without reducing the utilization efficiency of communication resources.

Configuration diagram showing an example of a network configuration assumed in the present invention The block diagram which shows an example of embodiment of the network control apparatus of this invention Explanatory drawing which shows an example of the information which a communication apparatus information holding part hold | maintains Explanatory drawing which shows an example of the information which a terminal registration information holding part hold | maintains The flowchart which shows an example of the flow of a process in a terminal registration part Explanatory drawing which shows the outline | summary of the communication between networks by this invention A flowchart showing an example of the flow of processing in the address resolution control unit 7 is a flowchart showing an example of the flow of address request processing [input port] in FIG. 7 is a flowchart showing an example of the flow of address response processing [input port] in FIG. A flowchart showing an example of the flow of processing in the frame transfer control unit The flowchart which shows an example of the flow of the unicast transfer process [input port] in FIG. The flowchart which shows an example of the flow of the unicast transfer process [output port] in FIG. 10 is a flowchart showing an example of the flow of the broadcast transfer process [input port] in FIG. Flowchart showing an example of the flow of the broadcast transfer process [output port] in FIG. Explanatory drawing showing an operation example of the address resolution control unit when there is terminal registration information of the request destination terminal Explanatory drawing which shows the operation example of the address resolution control part when there is no terminal registration information of a request destination terminal Explanatory drawing which shows the operation example of the unicast frame transfer by the frame transfer control part and apparatus setting part at the time of using the information of allocation virtual L2 address for address translation Explanatory drawing which shows the operation example of the unicast frame transfer by the frame transfer control part and apparatus setting part at the time of using the information of terminal L3 address for address translation Explanatory drawing showing an operation example of broadcast frame transfer by the frame transfer control unit and the device setting unit

  Hereinafter, embodiments of the present invention will be described in detail with reference to the drawings.

  FIG. 1 shows an example of a network configuration assumed in the present invention. In this example, four communication devices controlled by the network control device of the present invention, here communication device names (device identifiers) are GW [1], GW [2], GW [3], GW [4], respectively. And a plurality of communication apparatuses that do not use a network identifier as a transmission / reception address for data communication. Here, network names (network identifiers) are NW [1], NW [2], and NW [3], respectively. Two networks are connected. Each communication device GW [1] to GW [4] has one input port and one output port, and any communication device is connected to an output port in a network connected to the input port of a certain communication device. Shall not. Further, it is assumed that four terminal apparatuses having addresses A, B, C, and D, which belong to the terminals, belong (exist) to the networks NW [1] and NW [2], respectively. In addition, it is assumed that the network NW [3] to which the output ports of the communication devices GW [1] to GW [4] are connected is a relay network that connects a plurality of networks, and no terminal device is connected. Note that when “device” is simply described (including the drawing), it indicates a communication device, and when “terminal” is described, it indicates a terminal device.

  FIG. 2 shows an example of an embodiment of the network control device of the present invention. In the figure, 11 is a communication device information input unit, 12 is a communication device information holding unit, 13 is a terminal registration information holding unit, and 14 is A device information receiving unit, 15 is a terminal registration unit, 16 is a frame determination unit, 17 is an address resolution control unit, 18 is a frame transfer control unit, and 19 is a device setting unit.

  The communication device information input unit 11 inputs information of each communication device to the communication device information holding unit 12. The communication device information holding unit 12 holds information of each communication device input from the communication device information input unit 11. The terminal registration information holding unit 13 holds information on each terminal device registered by the terminal registration unit 15. The device information receiving unit 14 receives device information such as a device name of the communication device and frame information received by the communication device from each communication device. The terminal registration unit 15 registers information on each terminal device in the terminal registration information holding unit 13 from the device information received by the device information receiving unit 14.

  The frame discriminating unit 16 discriminates from the device information received by the device information receiving unit 14 whether the frame received by the communication device is an address request / response frame or a normal communication frame, and if it is an address request frame or an address response frame This is notified to the address resolution control unit 17, and to the frame transfer control unit 18 if it is a normal communication frame.

  When the frame received by the communication device is an address request / response frame, the address resolution control unit 17 determines that the device information received by the device information receiving unit 14, the communication device information holding unit 12, and the terminal registration information holding unit 13 Based on the information held, the transfer control content of the address request / response frame instructed to the communication apparatus is determined. The frame transfer control unit 18 holds the device information received by the device information receiving unit 14 and the communication device information holding unit 12 and the terminal registration information holding unit 13 when the frame received by the communication device is a normal communication frame. Based on the information to be transmitted, the transfer control content of a normal communication frame instructed to the communication apparatus is determined. The device setting unit 19 sets the transfer control content determined by the address resolution control unit 17 and the frame transfer control unit 18 in the communication device.

  Although only one communication device is shown in FIG. 2, there are actually a plurality of communication devices as shown in FIG. 1, and the network control device according to the present invention can perform all these communication via a predetermined communication line. It is assumed that it is communicably connected to the device.

  FIG. 3 shows an example of information input from the communication device information input unit 11 and held by the communication device information holding unit 12. For each communication device identified by the device names GW [1] to GW [4], the affiliation network name (NW name), virtual L2 address, BUM transfer setting, and virtual L3 address are input from the communication device information input unit 11. The communication device information holding unit 12 holds such information.

  The network name to which the input port of each communication device is connected is input as the belonging NW name. The virtual L2 address is input with at least one virtual address used for source address conversion when a frame is transferred by the communication apparatus. It is assumed that this virtual L2 address is set so as not to overlap with the virtual L2 address of another communication device or the L2 address (MAC address) of the terminal. In the following, for the sake of simplicity, it is assumed that a sufficient number of virtual L2 addresses have been input for each communication device.

  Whether or not the communication apparatus is in charge of transferring a broadcast frame or multicast frame received from the output port is input to the BUM transfer setting as TRUE (in charge of transfer) or FALSE (not in charge of transfer). In order to prevent the same broadcast frame from being duplicated and transferred to the network, only one communication device is input to each network in which TRUE is input to the BUM transfer setting.

  As the virtual L3 address, an L3 address such as an IP address used when the communication apparatus performs address resolution on behalf of the address resolution control is input. In this example, it is assumed that communication devices whose BUM transfer settings are TRUE perform address resolution, and virtual L3 addresses are input to these communication devices. The virtual L3 address is set so as not to overlap with the L3 address of the terminal.

  Note that the above information is input in advance from the communication device information input unit 11 by an operator operating the network control device, either manually or according to an arbitrary rule.

  FIG. 4 shows an example of information registered by the terminal registration unit 15 and held by the terminal registration information holding unit 13. The network control device receives device information through the device information receiving unit 14 when each communication device receives a frame. This device information includes the device name (GW [1] to GW [4]) of the communication device that received the frame and its reception port information (input port or output port), as well as received frame information (frame transmission source). L2 address, destination L2 address, etc.).

  Based on the device information and the information of the current terminal registration information holding unit 13, the terminal registration unit 15 identifies a specific terminal device identified by a terminal L2 address (for example, a MAC address) that is a transmission source address of the received frame. The communication device is registered in the terminal registration information holding unit 13. In this example, as shown in the upper part of FIG. 4, the terminals A and B belonging to the network NW [1] are registered in the device GW [1] and the device GW [2], respectively, and the terminal C belonging to the network NW [2] And D are registered in the devices GW [3] and GW [4], respectively. An example of the terminal registration information at this time is shown in the lower part of FIG. For each terminal device, the terminal registration unit 15 sets a registered (communication) device name, a belonging NW name, an assigned virtual L2 address, and a terminal L3 address.

  The device name of the specific communication device is set as the registered device name, and the network NW name to which the input port of the communication device with the registered device name is connected is set as the affiliated NW name. Note that only one device name is set for each registered device name. Based on the information held by the communication device information holding unit 12, a virtual L2 address of a communication device belonging to a network different from the belonging NW of the communication device that registered the terminal is assigned to the assigned virtual L2 address. At this time, when information on the allocated virtual L2 address is used in address conversion described later, it is assumed that one virtual address is not allocated to a plurality of terminals. As the terminal L3 address, a frame transmission source L3 address (for example, an IP address) is set.

  FIG. 5 is a flowchart illustrating an example of a process flow in the terminal registration unit 15. In this example, among the communication devices having the network to which the terminal device that transmitted the frame belongs as the belonging NW, the communication device that first received the frame is set as the registration device (specific communication device) of the terminal device. A simple flowchart was described. This is because the first communication device that receives a frame has a shorter route to the transmission source terminal device than other communication devices that belong to the same network as the belonging NW. We expect to be able to do it.

  First, device information is acquired from the device information receiving unit 14 (s1). If the port that received the frame is not an input port (s2; No), the registration process is not performed (s8) because it is not a frame received from a terminal belonging to the affiliation NW of the communication apparatus. In addition, when the transmission source L2 address of the frame is one of the virtual L2 addresses held in the communication device information holding unit 12 (s3; Yes), the registration process is not performed (s8).

  When the above two conditions are not satisfied (s3; No), the transmission source L2 address of the received frame is searched from the terminal registration information holding unit 13 (s4). If the address is an unregistered address (s5; No), the registration process described above is performed using the communication apparatus that has received the frame as the registration apparatus (s6). If it is a registered address (s5; Yes), the affiliated NW name of the registration information related to the terminal is compared with the affiliated NW name (in the communication device information holding unit 12) of the communication device that has received the frame (s7). ).

  If the affiliation NW names are the same (s7; Yes), the registration process is not performed (s8) because the affiliation NW name is already registered in the communication apparatus or another communication apparatus belonging to the same network. On the other hand, if the affiliation NW is different (s7; No), it is considered that the terminal has moved through the network, and the previous registration information is updated (s6). In the following, for the sake of simplicity, it is described that there is no automatic update of registration information over time.

  FIG. 6 shows an overview of communication between networks according to the present invention. In the present invention, a unicast frame is transferred to a terminal in a different network via a unique communication device for each terminal. In addition, when transferring a broadcast frame or the like, the communication apparatus appropriately discards the frame so that a traffic loop across the network does not occur.

  When a plurality of networks are connected by a plurality of routes, a frame transmitted from a certain terminal flows into the same network from the plurality of routes. At this time, in an existing network in which a communication route is autonomously constructed by address learning at the time of frame transfer, unnecessary routes may be reconstructed by address relearning.

  In the present invention, as an address of a terminal belonging to a different network, not an original address but a virtual L2 address that does not overlap with another is notified to each terminal as necessary, and the address is appropriately converted and transferred by a communication device. By doing so, unnecessary route reconstruction is prevented. Each operation is realized by the address resolution control unit 17 and the frame transfer control unit 18 and the device setting unit 19 that sets the communication device according to the control contents determined by the two control units.

  7 to 9 are flowcharts showing an example of the processing flow in the address resolution control unit 17.

  When the frame discriminating unit 16 determines that the frame received by the communication device is not a normal communication frame but an address request frame or an address response frame, this is notified to the address resolution control unit 17. The address request frame includes L3 address (for example, IP address) information of the request destination terminal as address request information, and is broadcast from the transmission source terminal to the entire network. The request destination terminal that has received the frame puts its own L2 address (MAC address) information and L3 address information in the address response frame, and returns it by unicast.

  Upon receiving the notification, the address resolution control unit 17 first acquires device information from the device information receiving unit 14 (s11). When the frame transmission source L2 address is a virtual L2 address (s12; Yes), since it is not a frame received from a terminal belonging to the affiliated NW of the communication apparatus, discard control is performed (s13).

  If the transmission source L2 address of the frame is not a virtual L2 address (s12; No), it is determined that the frame is received from a terminal belonging to the NW to which the communication device belongs, and whether the next received frame is an address request frame or an address response frame Is determined (s14).

  If it is an address request frame, it is further determined whether the port that received the frame is an input port or an output port (s15). If it is an input port, address request processing [input port] (s17) is executed. For example, the address request process [output port] (s18) is executed.

  If it is an address response frame, it is similarly determined whether the port that received the frame is an input port output port (s16). If it is an input port, an address response process [input port] (s19) is executed, and the output port If so, an address response process [output port] (s20) is executed.

  In the address request process [input port], as shown in FIG. 8, the address resolution control unit 17 refers to the terminal registration information holding unit 13 for the transmission source terminal (L2 address) of the device information (s171), and the registered device name And the device name of the receiving device are compared (s172). Here, when the registered device name and the device name of the receiving device do not match (s172; No), it is determined that the communication device is not a terminal having the registered device, and frame discard control is performed (s177). On the other hand, when the registered device name matches the device name of the receiving device (s172; Yes), the terminal registration information holding unit 13 is referred to for the L3 address of the request destination terminal included in the address request information (s173). It is determined whether there is registration information to be registered (s174).

  If there is registration information (s174; Yes), the affiliation NW name of the destination terminal is compared with the affiliation NW name of the transmission source terminal (s175). Here, when the affiliation NW name of the destination terminal matches the affiliation NW name of the transmission source terminal (s175; Yes), it is determined that an address of a terminal existing in the same network is requested. Since address resolution is performed by transmitting an address response frame that conveys the L2 address of the terminal from the terminal, the frame is discarded (s177). In addition, if the affiliation NW name of the destination terminal and the affiliation NW name of the transmission source terminal do not match (s175; No), it is determined that a request is made for the address of a terminal that exists in a different network. Control, that is, the allocated virtual L2 address of the request destination terminal is notified to the transmission source terminal (s176). The “assigned virtual L2 address” satisfies the “assigned virtual L2 address of the request destination terminal” in the terminal registration information holding unit 13 and the “virtual L2 address of the received communication device” in the communication device information holding unit 12. To do.

  On the other hand, when there is no registration information of the request destination terminal in the terminal registration information holding unit 13 (s174; No), an address request frame is transmitted to a different network to try address resolution. First, the address request information of the address request frame and the name of the communication apparatus that has received the frame are held as “address search information” for a predetermined time (s178), and then address search control is performed.

  In the address search control, control is performed so that an address request frame is broadcast to each affiliated NW to a communication device having a different affiliated NW from the transmission source terminal and having a BUM transfer setting of TRUE (s179). It is assumed that the transmission source of the address request frame is each communication device, and that the frame includes the address request information held in the address search information. As described above, the address request frame is transmitted to each network different from the network to which the transmission source terminal belongs. When the request destination terminal receives the frame, an address response frame is returned to the transmission source communication device.

  In the address response process [input port], as shown in FIG. 9, the address resolution control unit 17 checks the destination L2 address of the received frame, and if it does not match the virtual L2 address of the received communication device (s191; No) Discard the frame (s195). If they match (s191; Yes), the address search information is further referenced (s192) to determine whether there is address request information that matches the L3 address information included in the address response frame (s193). . If there is no corresponding address request information (s193; No), the frame is discarded (s195). If there is address request information (s193; Yes), the proxy response control similar to s176 is performed on the communication device (registration device of the transmission source terminal) that has received the original address request frame by referring to the address search information. That is, control is performed so as to notify the transmission source terminal of the allocated virtual L2 address of the request destination terminal, and thereafter, the referenced address search information is deleted (s194). As described above, the address resolution when the registration information of the requested terminal is not stored in the terminal registration information holding unit 13 is completed.

  Since the address request frame and the address response frame are not distributed to the relay network NW [3], the address request processing [output port] and the address response processing [output port] in the address resolution control unit 17 are simply performed here. It is assumed that the received frame is discarded.

  10 to 14 are flowcharts showing an example of the flow of processing in the frame transfer control unit 18.

  When the frame determination unit 16 determines that the frame received by the communication device is a normal communication frame, the frame transfer control unit 18 is notified of this.

  Upon receiving the notification, the frame transfer control unit 18 first acquires device information from the device information receiving unit 14 (s21), and determines whether the received frame is a unicast frame or a broadcast frame (s22).

  If it is a unicast frame, it is further determined whether the port that received the frame is an input port or an output port (s23). If it is an input port, unicast transfer processing [input port] (s25) is executed. If there is, the unicast transfer process [output port] (s26) is executed.

  If it is a broadcast frame, it is similarly determined whether the port that received the frame is an input port or an output port (s24). If it is an input port, broadcast transfer processing [input port] (s27) is executed, and the output port If so, broadcast transfer processing [output port] (s28) is executed.

  In the unicast transfer process [input port], as shown in FIG. 11, the frame transfer control unit 18 first checks the destination L2 address of the received frame and determines whether the receiving apparatus should transfer the frame. When the address resolution control unit 17 transmits a frame to a terminal existing in a different network, the transmission source terminal sets a specific virtual L2 address as the destination L2 address. Therefore, if the destination address of the frame received by the communication device does not match the virtual L2 address of the communication device (s251; No), the frame to be transferred by another communication device or the communication device needs to transfer It is assumed that there is no frame (a frame addressed to a terminal existing in the same network as the transmission source terminal), and the frame is discarded (s259). If they match, the receiving apparatus regards it as a frame to be transferred, and obtains the original destination L2 address from the virtual L2 address. For this purpose, the terminal registration information holding unit 13 is referred to (s252), and the destination L2 address (virtual L2 address) or destination L3 address of the received frame is searched for (S253).

  If the terminal L2 address is found (s254; Yes), frame transfer control (converts the destination L2 address of the received frame into the searched terminal L2 address and sends it to the output port side) (s255). If the terminal L2 address cannot be found (s254; No), address resolution is performed with the destination terminal as the request destination terminal. At this time, as in the address search control of s179 in the address resolution control unit 17, the address request frame is transmitted to each affiliated NW with respect to a communication device whose affiliated NW is different from the transmission source terminal and whose BUM transfer setting is TRUE. Is controlled to broadcast (s256). Note that the transmission source of the address request frame is each communication device, and the address L3 address included in the received frame is used as the address request information of the frame. When the destination terminal receives the frame, an address response frame is returned to the transmission source communication apparatus, and the destination terminal registration processing is performed by the terminal registration unit 15 at that time.

  Thereafter, if terminal registration processing of the destination terminal is not performed (s257; No), the frame is discarded (s259). If it is performed (s257; Yes), the terminal L2 address is set as the terminal L2 address of the registered destination terminal. (S258), the same frame transfer control as described above is performed (s255).

  In the unicast transfer process [output port], as shown in FIG. 12, the frame transfer control unit 18 first checks the destination L2 address of the received frame and determines whether the receiving apparatus should transfer the frame. To do. The terminal registration information holding unit 13 is referred to for the destination L2 address of the frame (s261), and if there is no registration information (s262; No), the frame is discarded as the destination is unknown (s266). However, since the frame distributed in the network on the output port side is received at the input port of a certain communication device, the destination terminal is registered by the operation of the unicast transfer process [input port] (s25). The situation where no information exists is unlikely to occur. If there is registration information (s262; Yes), the affiliation NW name of the destination terminal and the affiliation NW name of the transmission source terminal are compared (s263), and if they match (s263; Yes), traffic is prevented from looping. The frame is discarded for control (s266).

 Furthermore, the registered device name and the device name of the receiving device are compared (s264). If they do not match (s264; No), it is regarded as a frame to be transferred by another communication device, and the frame is discarded (s266). If they match (s264; Yes), it is regarded as a frame to be transferred by the receiving device, and the frame is subjected to transfer control (the transmission source L2 address of the reception frame is converted to the assigned virtual L2 address of the transmission source terminal, (S265). The virtual L2 address set as the transmission source L2 address matches the virtual L2 address of the communication device in the communication device information holding unit 12 among the allocated virtual L2 addresses of the transmission source terminal in the terminal registration information holding unit 13. And

  In the broadcast transfer process [input port], only the registration device of the transmission source terminal transfers the broadcast frame, thereby overwriting the route in the network (NW [3]) on the output port side and the frame from a plurality of communication devices. To prevent duplicates from being transferred. That is, as shown in FIG. 13, the frame transfer control unit 18 refers to the terminal registration information holding unit 13 for the source L2 address of the received frame (s271), and compares the registered device name with the device name of the receiving device. (S272). If the registered device name and the device name of the receiving device do not match (s272; No), the frame is discarded (s274). On the other hand, if the registered device name matches the device name of the receiving device (s272; Yes), frame transfer control (sends the received frame to the output port as it is) is performed (s273).

  Furthermore, in the broadcast transfer process [output port], only a communication device whose BUM transfer setting is TRUE transfers a broadcast frame, thereby preventing a frame from being duplicately transferred from a plurality of communication devices. That is, as shown in FIG. 14, the frame transfer control unit 18 refers to the communication device information holding unit 12 for the communication device that has received the frame (s281), determines whether the BUM transfer setting is TRUE or FALSE (s282), If FALSE, the frame is discarded (s286). If the BUM transfer setting is TRUE, the terminal registration information holding unit 13 refers to the affiliation NW of the transmission source terminal of the frame (s283) and compares it with the affiliation NW of the communication apparatus that has received the frame (s284). Here, when the belonging NW name of the transmission source terminal and the belonging NW name of the receiving apparatus match (s284; Yes), discard control of the frame is performed to prevent a traffic loop (s286). On the other hand, when the affiliation NW name of the transmission source terminal and the affiliation NW name of the receiving device do not match (s284; No), frame transfer control (sends the received frame to the input port as it is) (s285).

  Hereinafter, the contents of control in the address resolution control unit 17, the frame transfer control unit 18, and the device setting unit 19 will be described according to a specific operation example.

  FIG. 15 shows an operation example of the address resolution control unit 17 when there is terminal registration information of the request destination terminal.

  In this example, consider a situation in which the terminal A requests the L2 address (MAC address) of the destination terminal by ARP before transmitting a frame to another terminal, and the terminal registration information holding unit 13 It is assumed that registration information is held as shown in FIG.

  First, as shown in the upper part of FIG. 15, consider a case where terminal A requests the address of terminal B belonging to the same network. This address request frame is transferred to the entire network NW [1] by broadcast and received by the devices GW [1] and GW [2]. The address resolution control unit 17 of the network control device that has received the device information from each communication device via the device information receiving unit 14 follows the processing shown in FIGS. 7 and 8 in the address request information ( From the L3 address information of the request destination terminal), it can be determined that the source terminal A requests the L2 address of the terminal B existing in the same network (s171 to s175 in FIG. 8). In this case, address resolution is performed in the network by transmitting an address response frame that conveys the L2 address of the terminal from the terminal B, so that the address resolution control unit 17 sends each communication device via the device setting unit 19. On the other hand, discard control of the received frame is performed (s177 in FIG. 8).

  Next, consider the case where terminal A requests the address of terminal C belonging to a different network, as shown in the lower part of FIG. This address request frame is transferred to the entire network NW [1] by broadcast and received by the devices GW [1] and GW [2]. The address resolution control unit 17 of the network control device that has received the device information from each communication device via the device information receiving unit 14 follows the processing shown in FIGS. 7 and 8 in the address request information ( From the L3 address information of the request destination terminal), it can be determined that the source terminal A is requesting the address of the terminal C existing in a different network (s171 to s175 in FIG. 8).

  In this case, the address resolution control unit 17 uses the device setting unit 19 as the L2 address of the terminal C, and among the allocated virtual L2 addresses (here, “W, X”) of the terminal C, the registration device of the transmission source terminal A Is notified to the source terminal (s176 in FIG. 8) of the virtual L2 address (“W” in this case) of the device GW [1]. Thereby, the frame transmitted from the terminal A to the terminal C is once transmitted to the communication device GW [1]. At this time, the terminal A can communicate without being aware that the terminal C exists in a different network.

  FIG. 16 shows an operation example of the address resolution control unit 17 when there is no terminal registration information of the request destination terminal.

  In this example, consider a case where terminal A requests the L2 address of terminal D belonging to a different network. However, at this time, it is assumed that the registration information of the terminal D is not held in the terminal registration information holding unit 12. For this reason, the address resolution control unit 17 of the network control device that has received the device information via the device information receiving unit 14 performs the address request information (request destination) included in the address request frame according to the processing shown in FIGS. Referring to (L3 address information of terminal), it cannot be determined which network the source terminal is requesting the L2 address of the terminal in (s171 to s174 in FIG. 8).

  Therefore, the address resolution control unit 17 holds the address request information and the receiving device information for a predetermined time (s178 in FIG. 8), and further, via the device setting unit 19 to the communication devices belonging to different networks, By performing control to send an address request to the affiliated NW (s179 in FIG. 8), it is checked in which network the destination terminal exists.

  When it is found that the destination terminal exists in a different network as a result of the address resolution according to the processing shown in FIGS. 7 to 9, the address resolution control unit 17 uses the device setting unit 19 to newly register the terminal. Of the allocated virtual L2 addresses of terminal D (here, “W ′, X ′”) as the L2 address of D, the virtual L2 address of device GW [1] that is the registration device of source terminal A (here “W” '") To the source terminal (s201 to s204 in FIG. 11).

  FIG. 17 shows an operation example of unicast frame transfer by the frame transfer control unit 18 and the device setting unit 19 when the information of the assigned virtual L2 address is used for address conversion. In the figure, description of the network control device is omitted.

  In this example, it is assumed that the information shown in FIG. 4 is held in the terminal registration information holding unit 13. As shown in Example 1, when transmitting a unicast frame from terminal A to terminal C, terminal A transmits a frame with the destination address “W” notified by device GW [1]. The device GW [1] receives the frame from the input port.

  The frame transfer control unit 18 of the network control apparatus that has received the apparatus information from the apparatus GW [1] via the apparatus information receiving unit 14 first follows that the apparatus is the transmission source terminal according to the processing shown in FIGS. It is determined whether or not it is a registered device, that is, whether or not the destination L2 address of the received frame is the virtual L2 address of the received communication device (s251 in FIG. 11). If it is not a registered device, the communication device is controlled via the device setting unit 19 so as to discard the frame (s259 in FIG. 11). On the other hand, in the case of a registration device, the device setting is made such that the terminal registration information of the transmission source terminal is referred to, the frame destination address “W” is converted to the original address “C”, and then sent to the output port. The communication device is controlled via the unit 19 (s252 to s255 in FIG. 11).

  Next, it is assumed that the device GW [3] receives the frame from the output port. The frame transfer control unit 18 of the network control device that has received the device information from the device GW [3] via the device information receiving unit 14 first follows the processing shown in FIGS. 10 and 12, and first receives the destination L2 address of the received frame. The terminal registration information holding unit 13 is referred to (s261 in FIG. 12), and it is determined whether or not the device is a destination terminal registration device (s262 to s264 in FIG. 12). If it is not a registered device, the communication device is controlled via the device setting unit 19 so as to discard the frame (s266 in FIG. 12).

  On the other hand, if it is a registered device, the device setting unit 19 is configured to convert the frame transmission source L2 address “A” from the original address to the corresponding virtual L2 address “Y” and send it to the input port. The communication device is controlled via the network (s265 in FIG. 12). Finally, terminal C receives the frame.

  As shown in Example 2, when a unicast frame is transmitted from terminal A to terminal D, the destination L2 address “W ′” of the frame from terminal A is converted to “D” by device GW [1]. , Except that the source L2 address “A” is converted to “Z” by the device GW [4].

  FIG. 18 shows an operation example of unicast frame transfer by the frame transfer control unit 18 and the device setting unit 19 when the information of the terminal L3 address is used for address conversion.

  In the example of FIG. 17, each communication apparatus performs address conversion by assigning a virtual L2 address to a terminal of a different network in a 1: 1 relationship. In this case, the required virtual L2 address increases as the number of terminals and communication devices increase. Therefore, as another method, address conversion is performed using information on the L3 address.

  The basic frame transfer flow is the same, but by using the L3 address at the time of address conversion, each communication device can convert the address without assigning a virtual L2 address for each terminal. On the other hand, if the IP address is changed for some reason, a problem may occur in address conversion.

  FIG. 19 shows an operation example of broadcast frame transfer by the frame transfer control unit 18 and the device setting unit 19. The reception status at each communication device and the determination of whether or not to transfer a frame are described below.

  (1) Device GW [1] receives from the input port. Since the registration device of the transmission source L2 address is the device, the communication device is set to transfer the frame to the output port (s271 to s273 in FIG. 13).

  (2) Device GW [2] receives from the input port. Since the registration device of the transmission source L2 address is not the device, the communication device is set to discard the frame (s271, s272, and s274 in FIG. 13).

  (3) Device GW [2] receives from the output port. Although the BUM transfer setting of the device is “TRUE”, it is understood that the frame loops by comparing the belonging NW of the transmission source terminal and the belonging NW of the device, so the communication device is set to discard the frame. (S281, s282, s283, s284, s286 in FIG. 14).

  (4) Device GW [3] receives from the output port. Since the BUM transfer setting of the device is “FALSE”, the communication device is set to discard the frame (s281, s282, and s286 in FIG. 14).

  (5) Device GW [4] receives from the output port. The BUM transfer setting of the device is “TRUE”, and it can be seen that the frame does not loop by comparing the affiliation NW of the transmission source terminal with the affiliation NW of the device, so communication is performed so that the frame is transferred to the output port. Control the device. Further, at the time of transfer, the frame transmission source L2 address is converted into a virtual L2 address by the same method as the transfer of the unicast frame (s281 to s285 in FIG. 14).

  (6) GW [3] received from the input port. Since the transmission source L2 address of the frame is a virtual address and, naturally, the registration device of the transmission source L2 address is not the device, the communication device is controlled to discard the frame (s271, s272, and s274 in FIG. 13).

  11: Communication device information input unit, 12: Communication device information holding unit, 13: Terminal registration information holding unit, 14: Device information receiving unit, 15: Terminal registration unit, 16: Frame discrimination unit, 17: Address resolution control unit, 18: Frame transfer control unit, 19: Device setting unit, A to D: Terminal device, GW [1] to GW [4]: Communication device, NW [1] to NW [3]: Network.

Japanese Patent Laying-Open No. 2007-19698 ("Ring-type redundant channel control method")

Claims (4)

A network control device that connects a plurality of networks that do not use a network identifier as a transmission / reception address for data communication, and performs transfer control of the frame to a communication device that transfers a frame from a terminal device belonging to each network,
A communication device information holding unit for holding information of each communication device;
A terminal registration information holding unit for holding information of each terminal device;
A device information receiving unit for receiving device information such as a device name of the communication device and information of a frame received by the communication device from each communication device;
A terminal registration unit for registering information of each terminal device in the terminal registration information holding unit from the device information;
A frame discriminating unit that discriminates whether the frame received by the communication device is an address request / response frame or a normal communication frame from the device information;
When the received frame is an address request / response frame, transfer of an address request / response frame instructing the communication device based on the device information and information held by the communication device information holding unit and the terminal registration information holding unit An address resolution control unit for determining control contents;
When the received frame is a normal communication frame, transfer control contents of a normal communication frame instructing the communication device based on the device information and information held by the communication device information holding unit and the terminal registration information holding unit A frame transfer control unit for determining
A network control device comprising at least a device setting unit configured to set a communication device according to the determined transfer control content. A network control device that connects a plurality of networks that do not use a network identifier as a transmission / reception address for data communication, and performs transfer control of the frame to a communication device that transfers a frame from a terminal device belonging to each network,
For each communication device, the belonging network name indicating the name of the network to which the input port is connected, the virtual L2 address used for source address conversion when the frame is transferred, and whether or not to transfer the broadcast frame received from the output port A communication device information holding unit for holding communication device information including at least a BUM transfer setting indicating
For each terminal device, the terminal L2 address, the registered device name indicating the communication device that registered the terminal device, the belonging network name of the registered communication device, and a network different from the belonging network of the communication device that registered the terminal device An assigned virtual L2 address consisting of a virtual L2 address of a communication device to which the terminal belongs, a terminal registration information holding unit for holding terminal registration information including at least the terminal L3 address;
A device information receiving unit for receiving device information such as a device name of the communication device and information of a frame received by the communication device from each communication device;
From the device information, the source L2 address of the frame received by each communication device from its input port is the unregistered terminal L2 address, or the registered network name of the communication device that has been registered but has received the frame. When different from the affiliated network, the source L2 address is the terminal L2 address, the registered device name is the name of the communication device that received the frame, the affiliated network name is the affiliated network name of the registered device, and the assigned virtual L2 address is the virtual L2 address A terminal registration unit that registers terminal registration information with the source L3 address as a terminal L3 address in the terminal registration information holding unit;
A frame discriminating unit that discriminates whether the frame received by the communication device is an address request / response frame or a normal communication frame from the device information;
When an address request frame is received from a terminal device that registers itself from the input port side as address request / response control in each communication device when the frame received by the communication device is an address request / response frame, If the terminal is registered in the terminal registration information holding unit and the terminal device is a terminal device belonging to a different network, the registered device's assigned virtual L2 address of the destination terminal device registered in the terminal registration information holding unit The virtual L2 address is notified to the source terminal of the address request frame, and when the request destination terminal is not registered in the terminal registration information holding unit and the network to which the terminal device belongs is unknown, the address request is sent from each communication device to a different network. Broadcast the frame and input its own virtual L2 address from the input port side. When the address response frame is received with the destination L2 address as the destination L2 address, the virtual L2 address of the registered device is assigned to the destination terminal device registered virtual L2 address registered in the terminal registration information holding unit in the address request frame transmission source terminal. When the address request frame or the address response frame is received from the output port side, the address resolution control unit that determines to discard these frames, and
As a frame transfer control in each communication device when the frame received by the communication device is a normal communication frame, if a unicast frame including its own virtual L2 address as the destination L2 address is received from the input port side, The L2 address is converted to the corresponding terminal L2 address in the terminal registration information holding unit and transferred, and the destination L2 address and the source L2 address are different from the network to which the destination L2 address belongs from the output port side. When the unicast frame to be received is received, the transmission source L2 address is converted into the corresponding assigned virtual L2 address in the terminal registration information holding unit and transferred. When the broadcast frame is received from the input port side, the transmission source L2 If the address is for a registered device, it is the output port as it is If the broadcast frame is received from the output port side, it is a device that forwards the received broadcast frame, and the destination L2 address and the source L2 address belong to the same network If so, send it to the input port as it is, and if not, discard the frame transfer control unit,
A network control device comprising at least a device setting unit configured to set a communication device according to the determined transfer control content. The network control device according to claim 1, wherein frame transfer control is performed for a communication device that connects a plurality of virtual networks configured on one physical network. A network control method for connecting a plurality of networks that do not use a network identifier as a transmission / reception address for data communication and performing transfer control of the frame to a communication device that transfers a frame from a terminal device belonging to each network,
A device information receiving unit receiving device information such as a device name of the communication device or information of a frame received by the communication device from each communication device;
A step of registering information of each terminal device in the terminal registration information holding unit from the device information;
A step of determining whether the frame received by the communication device is an address request / response frame or a normal communication frame;
The address that the address resolution control unit instructs to the communication device based on the device information and the information held by the communication device information holding unit and the terminal registration information holding unit when the received frame is an address request / response frame A step of determining transfer control contents of the request / response frame;
When the received frame is a normal communication frame, the frame transfer control unit instructs the communication device based on the device information and the information held by the communication device information holding unit and the terminal registration information holding unit. Determining transfer control content of a communication frame;
A network control method comprising: a device setting unit including at least a step of setting a communication device according to the determined transfer control content.

Images