JP3592249B2 - Dial-up router and line connection suppression method - Google Patents

Dial-up router and line connection suppression method Download PDF

Info

Publication number
JP3592249B2
JP3592249B2 JP2001074561A JP2001074561A JP3592249B2 JP 3592249 B2 JP3592249 B2 JP 3592249B2 JP 2001074561 A JP2001074561 A JP 2001074561A JP 2001074561 A JP2001074561 A JP 2001074561A JP 3592249 B2 JP3592249 B2 JP 3592249B2
Authority
JP
Japan
Prior art keywords
arp
line
monitoring
dial
up router
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
JP2001074561A
Other languages
Japanese (ja)
Other versions
JP2002281059A (en
Inventor
敏治 奥山
征直 酒井
Original Assignee
Necアクセステクニカ株式会社
日本電気株式会社
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Necアクセステクニカ株式会社, 日本電気株式会社 filed Critical Necアクセステクニカ株式会社
Priority to JP2001074561A priority Critical patent/JP3592249B2/en
Publication of JP2002281059A publication Critical patent/JP2002281059A/en
Application granted granted Critical
Publication of JP3592249B2 publication Critical patent/JP3592249B2/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Description

[0001]
TECHNICAL FIELD OF THE INVENTION
The present invention relates to a dial-up router that relays transmission and reception of IP (Internet Protocol) packets between a LAN (Local Area Network) and a WAN (Wide Area Network), and a line connection suppressing method thereof.
[0002]
[Prior art]
The dial-up router connects an LAN (LAN) to which terminals and server devices are connected by an Ethernet (Ethernet) and a WAN configured via a telephone line or a dedicated line, thereby forming an IP (Internet Protocol) packet between the LAN and the WAN. Is a device that relays the transmission and reception of the data. For example, when an IP packet is received from a terminal or the like in a LAN, the destination information (IP address) of the IP packet is checked, and the IP packet is sent to the WAN via a telephone line. When an IP packet is received from a WAN via a telephone line, a destination of the IP packet is checked and transmitted to a terminal or the like in a corresponding LAN.
[0003]
Conventionally, in such a dial-up router, an unnecessary call may be repeated due to forgetting to disconnect the line after completion of communication with the WAN or a setting error. It was sometimes higher than the fee.
[0004]
Therefore, as a method for surely disconnecting the line after the end of the communication, for example, the presence or absence of an IP packet being transmitted / received to / from the WAN is monitored, and the line is automatically disconnected when the transmission / reception of the IP packet stops (no communication state). There is a way to do it. If the dial-up router is provided with such a function, it is possible to prevent the line connection fee from being increased due to forgetting to disconnect the line.
[0005]
As a method of preventing unnecessary line connection, a method of disabling automatic connection to the WAN by the dial-up router can be considered. In this case, even if the destination of the IP packet received from the LAN is the WAN, the dial-up router does not connect to the telephone line or the like unless the user has permission of the line connection, so that an unintended call can be prevented. .
[0006]
[Problems to be solved by the invention]
Among the methods for preventing the line connection fee from becoming expensive as described above, in the method for disconnecting the line when there is no communication, the communication is actually terminated by a method of determining whether or not there is no communication. In some cases, it took a long time before the line was disconnected.
[0007]
On the other hand, in the method of preventing unnecessary line connection, every time an IP packet is sent to the WAN, the user needs to instruct the dial-up router to connect to the line. There is a problem that the communication system becomes difficult.
[0008]
The present invention has been made in order to solve the problems of the conventional technology as described above, and without prohibiting automatic connection to the line, forgetting to disconnect the line after the end of communication and repeating unnecessary calls. It is an object of the present invention to provide a dial-up router and a line connection suppression method that reliably prevent the occurrence of a connection failure.
[0009]
[Means for Solving the Problems]
To achieve the above object, a dial-up router of the present invention is a dial-up router that relays transmission and reception of IP packets between a LAN and a WAN connected by Ethernet,
An ARP table in which the MAC address and the IP address of the communicating terminal among the terminals constituting the LAN are temporarily registered;
An ARP management unit that registers the MAC address and the IP address in the ARP table, and deletes the registered MAC address and the IP address from the ARP table after a lapse of a predetermined registration time;
A monitoring counter whose value is updated for each monitoring time consisting of a cycle shorter than the registration time,
The content of the ARP table is monitored at each monitoring time, and if no MAC address and no IP address are registered in the ARP table, the value of the monitoring counter is counted up, and the MAC address is stored in the ARP table. If the address and the IP address are registered, the value of the monitoring counter is cleared to zero, and if the value of the monitoring counter exceeds a preset threshold, connection to the line connected to the WAN is prohibited. An ARP monitoring unit that outputs a line connection prohibition notification for performing
Upon receiving the line connection prohibition notification from the ARP monitoring unit, stop the connection with the line even if there is a connection request with the line, and disconnect the connection if the line is already connected. A line control unit;
It is a structure which has.
[0010]
At this time, when communication with the terminal is started, a registration timer for measuring the registration time is set, and the expiration of the registration timer is notified to the ARP management unit,
When a dial-up router is started, it sets a monitoring timer for measuring the monitoring time, and may have a timer unit for notifying the ARP monitoring unit each time the monitoring timer expires,
When transmitting an IP packet issued from the inside of the dial-up router to the WAN, an ARP monitoring setting unit for invalidating the line connection prohibition notification output from the ARP monitoring unit may be provided.
[0011]
On the other hand, a line connection suppressing method according to the present invention includes a dial-up router for relaying transmission and reception of IP packets between a LAN and a WAN connected by Ethernet, and a line connection suppressing method for suppressing connection between a line connected to the WAN. And
An ARP table for temporarily registering a MAC address and an IP address of a communicating terminal among the terminals constituting the LAN is provided in advance,
Register the MAC address and IP address of the terminal that has started communication in the ARP table, and delete the MAC address and IP address from the ARP table after a predetermined registration time has elapsed;
The content of the ARP table is monitored at every monitoring time comprising a cycle shorter than the registration time, and if no MAC address and no IP address are registered in the ARP table, the count value is increased, and the ARP If the MAC address and the IP address are registered in the table, the count value is cleared to zero, and if the count value exceeds a preset threshold, connection with the line connected to the WAN is prohibited. Output a line connection prohibition notice to
When the line connection prohibition notification is output, the connection with the line is stopped even if there is a connection request with the line, and the connection is disconnected if the line is already connected.
[0012]
At this time, when communication with the terminal is started, a registration timer for measuring the registration time is set, and when the registration timer expires, a MAC address and an IP address registered in the ARP table are deleted,
When the dial-up router is started, a monitoring timer for measuring the monitoring time is set, and the content of the ARP table may be monitored each time the monitoring timer expires,
When transmitting an IP packet from within the dial-up router to the WAN, the line connection prohibition notification may be invalidated.
[0013]
With the above-described dial-up router and line connection suppression method, when communication between the terminal configuring the LAN and the dial-up router is lost, the MAC address and the IP address of the terminal are deleted from the ARP table after a predetermined registration time has elapsed. Then, after the MAC address and the IP address are deleted, a line connection prohibition notification is output after a predetermined time when the monitoring counter reaches the threshold value, and the line is disconnected.
[0014]
In addition, since the connection to the line is determined based on the presence / absence of the MAC address and the IP address of the terminal registered in the ARP table, even if an unnecessary line connection request is output from the dial-up router not registered in the ARP table, the line No connection to is allowed.
[0015]
BEST MODE FOR CARRYING OUT THE INVENTION
Next, the present invention will be described with reference to the drawings.
[0016]
The dial-up router of the present invention stores an ARP (Address Resolution Protocol) table that holds a MAC (Media Access Control) address of a LAN terminal connected by Ethernet and its IP address in association with each other (hereinafter referred to as address information). Monitoring is performed, and when the unregistered state of the address information of the LAN terminal in the ARP table continues for a predetermined time, the line connection is prohibited, and if the line is already connected, the line is disconnected. The MAC address is an identification number assigned to each device, and a unique MAC address is assigned to each Ethernet device in the world.
[0017]
(First Embodiment)
FIG. 1 is a block diagram showing the configuration of the first embodiment of the dial-up router of the present invention.
[0018]
As shown in FIG. 1, the dial-up router 1 of the present embodiment includes a LAN interface unit 2 that is an interface unit with the LAN 20, a routing control unit 3 that controls a transfer route of an IP packet received from the LAN 20 or the WAN 30, A WAN interface unit 4 serving as an interface unit with the WAN 30, a line control unit 5 for connecting / disconnecting a line connected to the WAN 30, and an ARP table in which address information of the LAN terminal 21 connected to the LAN 20 is temporarily registered. 9, an ARP management unit 8 that registers and deletes address information in the ARP table 9, and searches for a MAC address corresponding to a specified IP address by referring to the ARP table 9, and sends the searched MAC address to a request source. ARP search unit 7 to notify and specified IP address When the address information including the IP address is not registered in the ARP table 9, the ARP request unit 6 for requesting the LAN 20 to transmit the MAC address of the LAN terminal 21 having the IP address (ARP request); , A timer unit 10 for notifying the requester of the expiration of the timer, an ARP monitoring unit 11 for monitoring the registration of the MAC address and the IP address in the ARP table 9, a dial-up router 1 and a LAN terminal 21. The configuration includes a monitoring counter 12 used to determine whether or not communication is in progress.
[0019]
The LAN interface unit 2 generates an Ethernet frame from the IP packet received from the WAN 30 and transmits the Ethernet frame to the LAN 20. Further, it extracts an IP packet from the Ethernet frame transmitted from the LAN 20 and transmits it to the routing control unit 3. Further, it transmits the address information of the LAN terminal 21 that is the transmission source of the Ethernet frame to the ARP management unit 8 and requests registration in the ARP table 9.
[0020]
The routing control unit 3 converts the IP packet received from the LAN interface unit 2 or the WAN interface unit 4 into an appropriate interface unit (the LAN interface unit 2, the WAN interface unit 4, or the LAN interface unit 2) according to the IP address of the transmission destination. And the WAN interface unit 4).
[0021]
The WAN interface unit 4 generates, for example, an ISDN frame from the IP packet received from the LAN 20 and transmits the ISDN frame to the WAN 30. At this time, if the line is not connected, the line controller 5 requests the line controller 5 to connect the line. Further, it extracts an IP packet from the ISDN frame received from the WAN 30 and sends it to the routing control unit 3.
[0022]
The ARP search unit 7 searches the MAC address corresponding to the specified IP address with reference to the ARP table 9 in response to the inquiry from the LAN interface unit 2, and notifies the LAN interface unit 2 of the searched MAC address. At this time, if the MAC address corresponding to the specified IP address is not found even by referring to the ARP table 9, an inquiry is made to the ARP request unit 6 to obtain the MAC address from the corresponding LAN terminal 21.
[0023]
The ARP request unit 6 sends an ARP request to the LAN 20 to acquire the MAC address of the LAN terminal having the specified IP address in accordance with the inquiry from the ARP search unit 7. Upon receiving the ARP request, the LAN terminal 21 corresponding to the ARP request returns the MAC address of the LAN terminal 21 to the ARP request unit 6 as an ARP response. The ARP request unit 6 that has received the ARP response notifies the ARP search unit 7 of the MAC address obtained in the ARP response. The ARP request unit 6 requests the ARP management unit 8 to register the IP address specified by the inquiry from the ARP search unit 7 and the MAC address obtained by the ARP response.
[0024]
Upon receiving the registration request for the address information (IP address and MAC address) from the LAN interface unit 2 or the ARP request unit 6, the ARP management unit 8 determines whether the requested address information is already registered in the ARP table 9. Is confirmed, and if not registered, it is registered in the ARP table 9. Further, after a predetermined period of time, the registered address information is requested from the timer section 10 to set a registration timer for deleting the registered address information from the ARP table 9, and the monitoring counter 12 is cleared to "0". When the timer unit 10 notifies the expiration of the registration timer, the ARP management unit 8 deletes the address information registered at the time of the timer request from the ARP table 9.
[0025]
The ARP monitoring unit 11 requests the timer unit 10 to set a monitoring timer for monitoring the ARP table 9 when the dial-up router 1 is activated. The expiration of the monitoring timer is periodically notified from the timer unit 10 to the ARP monitoring unit 11. The ARP monitoring unit 11 monitors the contents of the ARP table 9 every time the expiration notification of the monitoring timer is received from the timer unit 10, and checks whether the address information is registered. Then, when no address information is registered in the ARP table 9, the value of the monitoring counter 12 is counted up, and when it is registered, the value of the monitoring counter 12 is cleared to "0". When the value of the monitoring counter 12 exceeds a preset threshold value, it is determined that “communication state between router and LAN = no communication”. At this time, when the line control unit 5 inquires whether or not line connection is possible, a response (line connection prohibition notification) for prohibiting line connection is output. If the line is already connected, the line control unit 5 is disconnected by the line connection prohibition notification.
[0026]
The monitoring counter 12 is cleared to “0” by the ARP monitoring unit 11 when the dial-up router 1 is activated, and is updated every time the monitoring timer expires after the dial-up router is activated. Also, it is cleared to “0” when the address information is registered in the ARP table 9 by the ARP management unit 8.
[0027]
When the line control unit 5 receives a line disconnection request while the line is connected, the line control unit 5 disconnects the line. Further, when a call request is received from the WAN interface unit 4 or when a call is received from the WAN, the line connection is performed. However, when a line is connected by an outgoing call request, the ARP monitoring unit 11 is inquired about whether or not the line can be connected. When a line connection prohibition response is received, the line is not connected.
[0028]
Next, the operation of the dial-up router 1 of the present embodiment will be described.
[0029]
First, an operation when address information is registered and deleted in the ARP table 9 will be described.
[0030]
In the following, the time from when the address information is registered in the ARP table 9 until it is deleted (the value of the registration timer) is T1.
[0031]
When transmitting an Ethernet frame to the LAN terminal 21, the LAN interface unit 2 of the dial-up router 1 needs to incorporate the MAC address of the LAN terminal 21 to which the frame is to be transmitted into the Ethernet frame. Therefore, the LAN interface unit 2 inquires the ARP search unit 7 about the MAC address of the destination LAN terminal 21 every time the Ethernet frame is transmitted.
[0032]
As described above, the ARP search unit 7 notifies the LAN interface unit 2 of the MAC address of the LAN terminal 21 obtained by referring to the ARP table 9 or the MAC address of the LAN terminal 21 obtained by the ARP response. . The address information including the MAC address of the LAN terminal 21 obtained at this time is registered in the ARP table 9 by the ARP management unit 8.
[0033]
Therefore, while the dial-up router 1 is relaying the communication between the LAN terminal 21 and the WAN 30, the address information of the LAN terminal 21 is always registered in the ARP table 9.
[0034]
The address information of the LAN terminal 21 registered in the ARP table 9 is deleted by the ARP management unit 8 when the time T1 has elapsed since the registration. Thereafter, when an Ethernet frame is newly transmitted from the dial-up router 1 to the LAN terminal 21, the address information of the LAN terminal 21 is newly registered in the ARP table 9.
[0035]
Therefore, if the address information of the LAN terminal 21 is registered in the ARP table 9, the dial-up router 1 is in a state of communicating with the LAN terminal 21. When no address information of the LAN terminal 21 is registered in the ARP table 9, the dial-up router 1 is in a state of not communicating with all the LAN terminals 21 connected to the LAN 20.
[0036]
The ARP monitoring unit 11 periodically checks the contents of the ARP table 9 at every time T2 (value of the monitoring timer) sufficiently shorter than the time T1, and registers one piece of address information of the LAN terminal 21 in the ARP table 9. If not, it is determined that there is no communication between all the LAN terminals 21 connected to the LAN 20 and the dial-up router 1.
[0037]
Next, the operation until the communication state with the LAN 20 is determined by the ARP table 9 and the line is connected or disconnected will be described with reference to FIG.
[0038]
FIG. 2 is a timing chart showing the operation of the dial-up router shown in FIG. Hereinafter, a case will be described in which the threshold value of the monitoring counter 12 used when the ARP monitoring unit 11 determines the communication state between the dial-up router 1 and the LAN 20 is set to “2”. S11 to S14 illustrated in FIG. 2 indicate periods during which communication is performed between the LAN terminal 21 and the dial-up router 1.
[0039]
In the ARP table 9, the registration and deletion of the address information of the LAN terminal 21 are repeated by the ARP management unit 8 as described above. For example, address information of the LAN terminal 21 is registered in each of the periods S11 to S14 shown in FIG. When the registration timer set in the timer unit 10 expires at the start of the communication in the periods S11 to S14 (after T1 has elapsed), the address information of the LAN terminal 21 registered in the ARP table 9 is deleted. In the period S12 shown in FIG. 2, the registration timer set at the start of the communication in the period S11 has expired during the communication. At this time, the address information of the LAN terminal 21 is temporarily deleted from the ARP table 9, but the address information is registered in the ARP table 9 again, and the registration timer is set in the timer unit 10.
[0040]
The ARP monitoring unit 11 requests the timer unit 10 to set a monitoring timer when the dial-up router 1 starts up the device (t0). Thereafter, every time the timer unit 10 notifies the expiration of the monitoring timer (every T2) ), Confirms whether or not the address information is registered in the ARP table 9 and updates the value of the monitoring counter 12 according to the confirmation result.
[0041]
The monitoring counter 12 is counted up when no address information is registered in the ARP table 9, and is cleared to "0" when any address information is registered.
[0042]
In the period S11 shown in FIG. 2, when an IP packet is transmitted from the LAN terminal 21 to the WAN 30, the WAN interface unit 4 requests a line connection to the line control unit 5 to connect to the line.
[0043]
The line control unit 5 inquires of the ARP monitoring unit 11 whether or not line connection is possible. Since the value of the monitoring counter 12 is “0”, the ARP monitoring unit 11 determines that “communication state between router and LAN = communication is present”. To allow line connection. When receiving the line connection permission response from the ARP monitoring unit 11, the line control unit 5 connects the line.
[0044]
On the other hand, when the IP packet is transmitted from the LAN terminal 21 to the WAN 30 in the period S14 shown in FIG. 2, the WAN interface unit 4 requests the line control unit 5 to connect the line, as in the process in the period S11. I do. When requested to connect the line, the line control unit 5 inquires of the ARP monitoring unit 11 whether the line can be connected.
[0045]
Here, at time t15 of the period S14, the value of the monitoring counter 12 is “5”, and the ARP monitoring unit 11 is in a state of prohibiting line connection. However, when the LAN interface unit 2 receives the Ethernet frame from the LAN terminal 21, the LAN terminal unit 2 sends the LAN terminal 2 to the ARP management unit 8 before the line control unit 5 inquires of the ARP monitoring unit 11 whether or not the line connection is possible. Registration of address information of the MAC address and the IP address of the MAC address 21 is required. Therefore, the value of the monitoring counter 12 is cleared to “0” by the ARP management unit 8. Since the value of the monitoring counter 12 is "0" when the line control unit 5 inquires of the ARP monitoring unit 11 whether or not the line can be connected, the ARP monitoring unit 11 determines that "communication state between the router and the LAN = communication". And allow the line connection. Therefore, when the line control unit 5 receives the line connection permission response from the ARP monitoring unit 11, it connects the line.
[0046]
At time t12 after the end of the period S13 shown in FIG. 2, when the value of the monitoring counter 12 becomes “2”, the ARP monitoring unit 11 determines that “communication state between router and LAN = no communication”. Furthermore, the ARP monitoring unit 11 checks the connection state of the line, and requests the line control unit 5 to disconnect the line if the line is connected. The line control unit 5 that has received the line disconnection request disconnects the line.
[0047]
At time t13 shown in FIG. 2, when communication from the dial-up router 1 to the WAN 30 occurs, the WAN interface unit 4 requests the line control unit 5 to connect the line because the line is not connected.
[0048]
The line control unit 5 inquires of the ARP monitoring unit 11 whether or not line connection is possible. Since the value of the monitoring counter 12 is “3”, the ARP monitoring unit 11 states “communication state between router and LAN = no communication”. Judge and prohibit line connection. Therefore, the line control unit 5 that has received a response from the ARP monitoring unit 11 prohibiting the line connection does not connect the line.
[0049]
As described above, if all the LAN terminals 21 connected to the LAN end the communication with the WAN 30 and lose the communication with the dial-up router 1, the registration of the LAN terminal 21 from the ARP table 9 after the registration time has elapsed. After the address information is deleted and the address information is deleted, a line connection prohibition notification is output after a lapse of a predetermined time when the monitoring counter reaches the threshold value, and the line is disconnected by the line control unit 5. The line disconnection is executed reliably, and forgetting to disconnect the line is prevented.
[0050]
Further, since the connection to the line is determined based on the presence or absence of the address information of the LAN terminal registered in the ARP table 9, even if an unnecessary line connection request is output from the dial-up router 1 not registered in the ARP table 9, No connection to the line is permitted. Therefore, it is possible to prevent unintended line connection due to transmission of an illegal packet from the dial-up router 1.
[0051]
(Second embodiment)
FIG. 3 is a block diagram showing the configuration of the second embodiment of the dial-up router of the present invention.
[0052]
The first embodiment is different from the dial-up router according to the first embodiment in that the dial-up router according to the first embodiment includes an ARP monitoring setting unit 40 that can invalidate a line connection prohibition notification that instructs connection prohibition and disconnection output from the ARP monitoring unit 41. Different from a dial-up router. Further, it has a function of switching whether or not to output a line connection prohibition notification to the ARP monitoring unit 41 in accordance with an instruction from the ARP monitoring setting unit 40. The other configuration is the same as that of the first embodiment, and the description is omitted.
[0053]
Normally, a dial-up router connects to a line only when communication is performed between a LAN terminal and a WAN. Therefore, it is desirable to disconnect the line when communication with the LAN is interrupted as in the first embodiment. However, there is a case where a line connection with the WAN is required even when there is no connection request from the LAN, for example, when log information or the like is transmitted from the dial-up router to the WAN only once a day.
[0054]
In the configuration of the first embodiment described above, the line is automatically disconnected when the communication between the dial-up router and the LAN is lost, but the line cannot be connected by a request from the dial-up router.
[0055]
In the present embodiment, the ARP monitoring setting unit 40 performs processing for inhibiting line connection if the dial-up router and the LAN are in a non-communication state when the line is not connected, and dial-up router when the line is connected. It is possible to select whether to enable or disable the process of the ARP monitoring unit 41 for disconnecting the line when communication between the ARP and the LAN is lost.
[0056]
By having such an ARP monitoring setting unit 40, if the processing of “prohibiting line connection when the dial-up router and the LAN are in a non-communication state when the line is not connected” is set to “do not execute”, the ARP The monitoring unit outputs a response for permitting the line connection irrespective of the value of the monitoring counter in response to the inquiry about the possibility of the line connection from the line control unit.
[0057]
In addition, if the processing of “disconnect the line when communication between the dial-up router and the LAN is lost when the line is connected” is set to “do not execute”, the ARP monitoring unit causes the value of the monitoring counter to exceed the threshold value. However, it does not request the line controller to disconnect the line.
[0058]
Therefore, it is possible to disconnect the line if communication between the dial-up router and the LAN is lost while enabling the line connection according to the request from the dial-up router.
[0059]
In the first and second embodiments described above, examples have been described in which the dial-up router has a component for each function. However, the dial-up router is not limited to such a configuration. For example, the dial-up router includes a LAN interface unit, a WAN interface unit, a storage device, a recording medium, and a processing device including a CPU. The same processing as in the first embodiment and the second embodiment can be realized by an information processing device connected by a bus. In that case, the ARP table is formed in the storage device, and the above-described processing of the above-described routing control unit, ARP request unit, ARP search unit, ARP management unit, timer unit, ARP monitoring unit, monitoring counter, and ARP monitoring setting unit Is executed by the CPU according to the program recorded on the recording medium.
[0060]
【The invention's effect】
Since the present invention is configured as described above, the following effects can be obtained.
[0061]
When the communication between the terminal constituting the LAN and the dial-up router is lost, the MAC address and the IP address of the terminal are deleted from the ARP table after a predetermined registration time has elapsed, and the monitoring is performed after the MAC address and the IP address are deleted. Since a line connection prohibition notification is output after a predetermined time when the counter reaches the threshold value and the line is disconnected, the line disconnection after the end of the communication is securely executed, and forgetting to disconnect the line is prevented.
[0062]
In addition, since the connection to the line is determined based on the presence / absence of the MAC address and the IP address of the terminal registered in the ARP table, even if an unnecessary line connection request is output from the dial-up router not registered in the ARP table, the line No connection to is allowed. Therefore, it is possible to prevent unintended line connection due to transmission of an illegal packet from the dial-up router.
[Brief description of the drawings]
FIG. 1 is a block diagram showing a configuration of a dial-up router according to a first embodiment of the present invention.
FIG. 2 is a timing chart showing an operation of the dial-up router shown in FIG.
FIG. 3 is a block diagram showing a configuration of a dial-up router according to a second embodiment of the present invention.
[Explanation of symbols]
1 dial-up router
2 LAN interface
3 Routing control unit
4 WAN interface unit
5 Line control unit
6 ARP request section
7 ARP search section
8 ARP Management Department
9 ARP table
10 Timer section
11, 41 ARP monitoring unit
12 Monitoring counter
20 LAN
21 LAN terminal
30 WAN
40 ARP monitoring setting unit

Claims (6)

  1. A dial-up router that relays transmission and reception of IP packets between a LAN and a WAN connected by Ethernet,
    An ARP table in which the MAC address and the IP address of the communicating terminal among the terminals constituting the LAN are temporarily registered;
    An ARP management unit that registers the MAC address and the IP address in the ARP table, and deletes the registered MAC address and the IP address from the ARP table after a lapse of a predetermined registration time;
    A monitoring counter whose value is updated for each monitoring time consisting of a cycle shorter than the registration time,
    The content of the ARP table is monitored at each monitoring time, and if no MAC address and no IP address are registered in the ARP table, the value of the monitoring counter is counted up, and the MAC address is stored in the ARP table. If the address and the IP address are registered, the value of the monitoring counter is cleared to zero, and if the value of the monitoring counter exceeds a preset threshold, connection to the line connected to the WAN is prohibited. An ARP monitoring unit that outputs a line connection prohibition notification for performing
    Upon receiving the line connection prohibition notification from the ARP monitoring unit, stop the connection with the line even if there is a connection request with the line, and disconnect the connection if the line is already connected. A line control unit;
    Dial-up router with a.
  2. When a communication with the terminal is started, a registration timer for measuring the registration time is set, and the expiration of the registration timer is notified to the ARP management unit,
    2. The dial-up router according to claim 1, further comprising a timer unit for setting a monitoring timer for measuring the monitoring time when the dial-up router is activated, and notifying the ARP monitoring unit each time the monitoring timer expires.
  3. 3. An ARP monitoring setting unit for invalidating the line connection prohibition notification output from the ARP monitoring unit when transmitting an IP packet issued from inside a dial-up router to the WAN. Dial-up router.
  4. A dial-up router that relays the transmission and reception of IP packets between a LAN and a WAN connected by Ethernet, and a line connection suppression method for suppressing connection between a line connected to the WAN,
    An ARP table for temporarily registering a MAC address and an IP address of a communicating terminal among the terminals constituting the LAN is provided in advance,
    Register the MAC address and IP address of the terminal that has started communication in the ARP table, and delete the MAC address and IP address from the ARP table after a predetermined registration time has elapsed;
    The content of the ARP table is monitored at every monitoring time comprising a cycle shorter than the registration time, and if no MAC address and no IP address are registered in the ARP table, the count value is increased, and the ARP If the MAC address and the IP address are registered in the table, the count value is cleared to zero, and if the count value exceeds a preset threshold, connection with the line connected to the WAN is prohibited. Output a line connection prohibition notice to
    When the line connection prohibition notification is output, the line connection is stopped even if there is a connection request with the line, and the line connection is suppressed if the line is already connected. .
  5. When the communication with the terminal is started, a registration timer for measuring the registration time is set, and when the registration timer expires, the MAC address and the IP address registered in the ARP table are deleted,
    5. The line connection suppressing method according to claim 4, wherein when the dial-up router is started, a monitoring timer for measuring the monitoring time is set, and the contents of the ARP table are monitored each time the monitoring timer expires.
  6. 6. The line connection suppression method according to claim 4, wherein said line connection prohibition notification is invalidated when an IP packet issued from inside a dial-up router is transmitted to said WAN.
JP2001074561A 2001-03-15 2001-03-15 Dial-up router and line connection suppression method Active JP3592249B2 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
JP2001074561A JP3592249B2 (en) 2001-03-15 2001-03-15 Dial-up router and line connection suppression method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
JP2001074561A JP3592249B2 (en) 2001-03-15 2001-03-15 Dial-up router and line connection suppression method

Publications (2)

Publication Number Publication Date
JP2002281059A JP2002281059A (en) 2002-09-27
JP3592249B2 true JP3592249B2 (en) 2004-11-24

Family

ID=18931804

Family Applications (1)

Application Number Title Priority Date Filing Date
JP2001074561A Active JP3592249B2 (en) 2001-03-15 2001-03-15 Dial-up router and line connection suppression method

Country Status (1)

Country Link
JP (1) JP3592249B2 (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8578016B2 (en) 2004-01-08 2013-11-05 International Business Machines Corporation Non-invasive discovery of relationships between nodes in a network
US8738804B2 (en) * 2004-01-08 2014-05-27 International Business Machines Corporation Supporting transactions in a data network using router information
JP4557839B2 (en) * 2005-08-18 2010-10-06 日立電子サービス株式会社 Connection system and connection method

Also Published As

Publication number Publication date
JP2002281059A (en) 2002-09-27

Similar Documents

Publication Publication Date Title
US20150030003A1 (en) Enhanced Techniques For Using Core Based Nodes For State Transfer
Vida et al. Multicast listener discovery version 2 (MLDv2) for IPv6
CA2130409C (en) Method and system for routing path determination for mobile workstations in a multisegment local area network
El Malki et al. Low latency handoffs in mobile IPv4
US8619648B2 (en) Mobile communication method, mobile communication system and access entity
US8341725B2 (en) Secure DHCP processing for layer two access networks
US5546540A (en) Automatic topology monitor for multi-segment local area network
JP4216255B2 (en) Processing method for service connection between wireless local area network and user terminal device
US6934263B1 (en) Spanning tree with protocol for bypassing port state transition timers
JP4081472B2 (en) Cluster management method and apparatus for network device
US7095857B2 (en) Key distribution system for protection of route-update notification in micromobility networks
WO2015046960A1 (en) Method for delivering notification message in m2m system and devices for same
US6272129B1 (en) Dynamic allocation of wireless mobile nodes over an internet protocol (IP) network
DE60131914T2 (en) Mobility support for a corresponding node in a mobile IP network
US7552478B2 (en) Network unauthorized access preventing system and network unauthorized access preventing apparatus
US6226523B1 (en) Internet protocol traffic filter for a mobile radio network
RU2154358C2 (en) Mobile telephone system and method of transmission of messages between mobile stations and servicing center for transmission of messages
JP3996288B2 (en) Communication network system management method and information relay apparatus
JP5364671B2 (en) Terminal connection status management in network authentication
JP4503934B2 (en) Server computer protection device, server computer protection method, server computer protection program, and server computer
JP3488347B2 (en) Automatic address distribution system and address distribution server
CN1722661B (en) Authentication system, network line concentrator, authentication method
US7072354B1 (en) Token registration of managed devices
US6493767B1 (en) Network address supply system for transmitting an address supply request to only a server
US20130254891A1 (en) Computer system, controller and network monitoring method

Legal Events

Date Code Title Description
A977 Report on retrieval

Free format text: JAPANESE INTERMEDIATE CODE: A971007

Effective date: 20040123

A131 Notification of reasons for refusal

Free format text: JAPANESE INTERMEDIATE CODE: A131

Effective date: 20040128

RD03 Notification of appointment of power of attorney

Free format text: JAPANESE INTERMEDIATE CODE: A7423

Effective date: 20040329

TRDD Decision of grant or rejection written
A01 Written decision to grant a patent or to grant a registration (utility model)

Free format text: JAPANESE INTERMEDIATE CODE: A01

Effective date: 20040804

A61 First payment of annual fees (during grant procedure)

Free format text: JAPANESE INTERMEDIATE CODE: A61

Effective date: 20040824

R150 Certificate of patent or registration of utility model

Ref document number: 3592249

Country of ref document: JP

Free format text: JAPANESE INTERMEDIATE CODE: R150

Free format text: JAPANESE INTERMEDIATE CODE: R150

S111 Request for change of ownership or part of ownership

Free format text: JAPANESE INTERMEDIATE CODE: R313115

R350 Written notification of registration of transfer

Free format text: JAPANESE INTERMEDIATE CODE: R350

FPAY Renewal fee payment (event date is renewal date of database)

Free format text: PAYMENT UNTIL: 20080903

Year of fee payment: 4

FPAY Renewal fee payment (event date is renewal date of database)

Free format text: PAYMENT UNTIL: 20080903

Year of fee payment: 4

FPAY Renewal fee payment (event date is renewal date of database)

Free format text: PAYMENT UNTIL: 20090903

Year of fee payment: 5

FPAY Renewal fee payment (event date is renewal date of database)

Free format text: PAYMENT UNTIL: 20090903

Year of fee payment: 5

FPAY Renewal fee payment (event date is renewal date of database)

Free format text: PAYMENT UNTIL: 20100903

Year of fee payment: 6

FPAY Renewal fee payment (event date is renewal date of database)

Free format text: PAYMENT UNTIL: 20110903

Year of fee payment: 7

FPAY Renewal fee payment (event date is renewal date of database)

Free format text: PAYMENT UNTIL: 20120903

Year of fee payment: 8

FPAY Renewal fee payment (event date is renewal date of database)

Free format text: PAYMENT UNTIL: 20130903

Year of fee payment: 9

S111 Request for change of ownership or part of ownership

Free format text: JAPANESE INTERMEDIATE CODE: R313117

R350 Written notification of registration of transfer

Free format text: JAPANESE INTERMEDIATE CODE: R350

S533 Written request for registration of change of name

Free format text: JAPANESE INTERMEDIATE CODE: R313533

R350 Written notification of registration of transfer

Free format text: JAPANESE INTERMEDIATE CODE: R350