JP6898120B2 - Network system, network system address resolution method, and base-side connection device - Google Patents

Description

The present invention relates to a network system, a network system address resolution method, and a base-side connection device.

In recent years, convenience and the like have been improved by reconstructing a telephone network using IP technology. Such a network is called NGN (Next Generation Network).

Patent Document 1 discloses a technique in which a user terminal adds additional information to a message and transmits the message via NGN to connect the selected incoming call terminal and the user terminal.

JP-A-2009-105831

By the way, in NGN, the address given from the network is semi-fixed (for example, the address may change due to maintenance or the like). Therefore, when the address changes, there is a problem that the connection between the devices is interrupted.

Therefore, by using an external DDNS (Dynamic Domain Name Server), even if the address given by the NGN changes, address resolution is executed using this external DNS, and the connection between the devices is interrupted for a long time. Can be prevented. However, such a method has a problem that a new cost for installing or communicating with the external DDNS is incurred.

Further, since the NGN name server is installed in the NGN, there is also a method of executing address resolution by the NGN name server when the address changes. However, since the NGN name server is not guaranteed to follow the change of the address, there is a problem that the connection may be interrupted for a long time.

The present invention provides a network system that can prevent a connection from being interrupted for a long time even if the address changes in a network that communicates with a semi-fixed address, an address resolution method for the network system, and a base-side connection device. I am aiming.

In order to solve the above problems, the present invention connects to a network having a name server and is connected to the network to which a semi-fixed address is assigned, and also connects to the center-side connection device arranged on the center side and the network. There is a base side connection device that is arranged on the base side and communicates with the center side connection device, and an additional connection device that is connected to the network and is arranged on the center side or the base side. Then, the center-side connecting device and the additional connecting device store each other's address and domain by the DDNS (Dynamic Domain Name System) function, and the base-side connecting device changes the address of the center-side connecting device. In this case, the additional connection device is inquired about the address of the center side connection device to acquire the changed address, and the center side connection device is accessed based on the changed address. ..
According to such a configuration, in a network communicating with a semi-fixed address, it is possible to prevent the connection from being interrupted for a long time even if the address changes.

Further, the present invention is characterized in that the network is an NGN (Next Generation Network).
According to such a configuration, even when NGN is used as a network to which a semi-fixed address is assigned, it is possible to prevent the connection from being interrupted for a long time even when the address changes.

Further, in the present invention, when the address of the center-side connection device changes while the base-side connection device has established a session with the center-side connection device, the additional connection device is described as described above. The feature is that the address after the change of the center side connection device is inquired.
According to such a configuration, the session can be re-established even if the address of the center-side connecting device changes in the state where the session is established with the center-side connecting device.

Further, in the present invention, when the base-side connecting device establishes a session with the center-side connecting device, the base-side connecting device accesses the name server, acquires the address of the additional connecting device, and uses the additional connecting device. It is characterized in that it accesses and acquires the address of the base-side connection device, and establishes a session with the center-side connection device based on the acquired address.
According to such a configuration, when the base side connection device tries to establish a new session with the center side connection device, even if the address of the center side connection device has changed, the address resolution of the additional connection device can be performed. A session can be established by requesting.

Further, according to the present invention, when the base-side connection device establishes a session with the center-side connection device and the additional connection device cannot be accessed due to a malfunction of the additional connection device, the name server is contacted. It is characterized in that it accesses and acquires the address of the base-side connection device, and establishes a session with the center-side connection device based on the acquired address.
According to such a configuration, even if a problem occurs in the additional connection device, a session can be established with the center side connection device.

Further, the present invention includes a center-side connection device connected to the network having a name server and to which a semi-fixed address is assigned and arranged on the center side, and a center-side connection device connected to the network and on the base side. In the address resolution method of a network system having a base-side connection device that is arranged and communicates with the center-side connection device, and an additional connection device that is connected to the network and is arranged on the center side or the base side. Therefore, the center-side connection device and the additional connection device store each other's address and domain by the DDNS (Dynamic Domain Name System) function, and the center-side connection device changes the address of the center-side connection device. In this case, the additional connection device is inquired about the address of the center side connection device to acquire the changed address, and the center side connection device is accessed based on the changed address. To do.
According to such a method, in a network communicating with a semi-fixed address, it is possible to prevent the connection from being interrupted for a long time even if the address changes.

Further, the present invention includes a center-side connection device connected to the network having a name server and to which a semi-fixed address is assigned and arranged on the center side, and a center-side connection device connected to the network and on the base side. It has a base-side connection device that is arranged and communicates with the center-side connection device, and an additional connection device that is connected to the network and is arranged on the center side or the base-side, and is connected to the center side. When the address of the center-side connection device changes in the base-side connection device used in the network system in which the device and the additional connection device store each other's address and domain by the DDNS (Dynamic Domain Name System) function. The present invention is characterized in that the changed address is acquired by inquiring the address of the center-side connecting device to the additional connecting device, and the center-side connecting device is accessed based on the changed address.
According to such a method, in a network communicating with a semi-fixed address, it is possible to prevent the connection from being interrupted for a long time even if the address changes.

According to the present invention, in a network communicating by a semi-fixed address, a network system capable of preventing the connection from being interrupted for a long time even if the address changes, an address resolution method of the network system, and a base-side connection device are provided. It becomes possible.

It is a figure which shows the configuration example of the network system which concerns on embodiment of this invention. It is a figure which shows the configuration example of the center gateway 20 shown in FIG. FIG. 3A is a diagram showing an example of information set in the base gateway 40, and FIG. 3B is a diagram showing an example of information set in the center gateway 20. It is a figure for demonstrating the operation of the embodiment shown in FIG. It is a figure for demonstrating the operation of the embodiment shown in FIG. It is a figure for demonstrating the operation of the embodiment shown in FIG. It is a flowchart explaining an example of the process executed at the start of operation in the center gateway 20 shown in FIG. FIG. 5 is a flowchart illustrating an example of processing executed at the start of operation at the center gateway 30 shown in FIG. It is a flowchart explaining an example of the process executed after the start of operation in the center gateway 20 shown in FIG. FIG. 5 is a flowchart illustrating an example of processing executed after the start of operation at the center gateway 30 shown in FIG. It is a flowchart explaining an example of the process executed in the base gateway 40 shown in FIG.

Next, an embodiment of the present invention will be described.

(A) Explanation of Configuration of Embodiment FIG. 1 is a diagram showing a configuration example of a network system according to an embodiment of the present invention. The network system according to the embodiment of the present invention has center gateways 20, 30 and base gateways 40, and these center gateways 20, 30 and base gateway 40 are connected to NGN (Next Generation Network) 10. Further, a PC (Personal Computer) 50 and an NGN name server 60 are connected to the NGN 10.

Here, NGN10 is an integrated network of communication carriers based on Internet Protocol (IP) technology. The IPv6 address used in NGN10 is semi-fixed, and for example, the IP address assigned to each device changes depending on the convenience of the network.

The center gateway 20 is a gateway located on the center side (for example, the head office of a company), and can be connected to the base gateway 40 to construct a VPN (Virtual Private Network). The center gateway 20 is assigned "cg-a" as a domain name and "A: A: A :: 1" as an IP address. Hereinafter, the center gateway 20 is appropriately referred to as “cg-a”.

The center gateway 30 is a gateway located on the center side (for example, the head office of a company, etc., as in the above case), and can be connected to the base gateway 40 to construct a VPN. The center gateway 30 is assigned "cg-b" as a domain name and "B: B: B :: 1" as an IP address. Hereinafter, the center gateway 30 is appropriately referred to as “cg-b”.

The base gateway 40 is a gateway arranged on the base side (for example, a branch office of a company), and can be connected to the center gateways 20 and 30 to construct a VPN. The base gateway 40 is assigned "CPE" as a domain name and "X: X: X :: 1" as an IP address. Hereinafter, the base gateway 40 is appropriately referred to as “cpe”.

The PC 50 is a terminal device for accessing the NGN name server 60 via the NGN 10 and changing the setting contents of the NGN name server 60.

The NGN name server 60 is a server that resolves addresses of devices connected to the NGN 10. That is, the NGN name server 60 stores the IP address and the domain name in association with each other, and when the domain name is given by a predetermined device, the NGN name server 60 searches for and supplies the corresponding IP address. The NGN name server 60 is assigned "E: E: E :: 1" as an IP address, and this IP address is a fixed address unlike other devices.

FIG. 2 is a diagram showing a configuration example of the center gateway 20 shown in FIG. Since the center gateway 30 and the base gateway 40 have the same configuration as the center gateway 20, the center gateway 20 will be described as an example. In the example of FIG. 2, the center gateway 20 includes a packet relay processing unit 21, a control unit 22, a storage unit 23, a receiving unit 24-1 to 24-n, and a transmitting unit 25-1 to 25-n. Have.

Here, the packet relay processing unit 21 transmits the packet received by the receiving units 24-1 to 24-n according to the control of the control unit 22 according to the information stored in the header. It is transmitted from units 25-1 to 25-n. The control unit 22 transmits the route information 23a stored in the storage unit 23 via the packet relay processing unit 21. Further, the control unit 22 shares information with the center gateway 30 by DDNS, and executes the address resolution of the center gateway 30 when the base gateway 40 requests the address resolution of the center gateway 30. .. Further, the control unit 22 establishes a session with the base gateway 40 when a request for establishing a session is made from the base gateway 40.

The storage unit 23 is composed of a semiconductor memory, has route information 23a which is information for forwarding packets, and stores programs and data for executing processes related to address resolution and session establishment. The receiving units 24-1 to 24-n receive packets from a device connected to the center side or NGN10. Further, the transmission units 25-1 to 25-n transmit the packet to the device connected to the center side or the NGN10. In the example of FIG. 2, a plurality of receiving units 24-1 to 24-n and transmitting units 25-1 to 25-n are provided, but one may be provided for each (n = 1 may also be provided). Good).

FIG. 3 is a diagram showing an example of setting information set in the base gateway 40 and the center gateway 20. In the example of FIG. 3, a 3-digit line number is assigned to simplify the explanation. Here, FIG. 3A shows an example of setting information set in the storage unit 43 (not shown) of the base gateway 40. In the example of FIG. 3A, line 001 defines that the NGN name server 60 whose IP address is "E: E: E :: 1" is used as the name server. Further, in lines 002 to 005, a policy 1 regarding ikev2 (Internet Key Exchange version 2) is defined, and in lines 006 to 009, a similar policy 2 is defined. In policy 1, a center gateway 20 having a domain name of "cg-a.bpj.gmfut-fbtu.jp" is set as an IPsec peer in line 003, and a domain name of "cg-b.bpj" is set as a name server in line 004. The center gateway 30 which is ".gmfut-fbtu.jp" is set as the primary, and the NGN name server 60 whose IP address is "E: E: E :: 1" is set as the secondary. On the other hand, in policy 2, the center gateway 30 whose domain name is "cg-b.bpj.gmfut-fbtu.jp" is set as an IPsec peer in line 006, and the domain name is "cg-a" as a name server in line 007. The center gateway 20 which is ".bpj.gmfut-fbtu.jp" is set as the primary, and the NGN name server 60 whose IP address is "E: E: E :: 1" is set as the secondary.

In the format "ipsec-name-server PRIMARY [SECONDARY]" described in the line 004 and the line 008, the PRIMARY specifies the IPv4 / 6 address or the domain name of the primary DNS server address. In addition, SECONDARY specifies the IPv4 / 6 address or domain name of the secondary DNS server address. Here, when the peer address specified by "set peer" shown in lines 003 and 007 is specified by the domain name, the DNS server specified by "ipname-server" shown in lines 004 and 008 is used. Resolve the address and resolve the domain name of "set peer" on the DNS server at that address. If the establishment of the IPsec session fails after the address is resolved by PRIMARY, the address is resolved again by SECONDARY and the session is established by the obtained address. More specifically, in the case of policy 1 described in lines 002 to 005, line 003 contains "set peer" followed by the domain name "cg-a.bpj.gmfut-fbtu.jp". Therefore, if the address resolution fails or the session establishment fails by the primary DNS server "cg-b.bpj.gmfut-fbtu.jp" described in line 004, it is the secondary DNS ". After performing address resolution by "E: E: E :: 1" (NGN name server 60), a session is established with "cg-a.bpj.gmfut-fbtu.jp" based on the obtained address. To do.

If the above-mentioned setting does not exist, the domain name specified by "set peer" is the DNS server (E: E: E :: 1) specified by "ipname-server" described in line 001. Perform address resolution with.

Further, FIG. 3B shows an example of setting information set in the storage unit 23 of the center gateway 20. In this example, line 001 defines that the NGN name server 60 whose IP address is "E: E: E :: 1" is used as the name server. Further, lines 002 to 004 define a DDNS server, and lines 005 to 012 define a DDNS client. More specifically, it is defined that the DDNS server is enabled in line 003, and that line 004 accepts inquiries to the center gateway 30 whose domain name is "cg-b.bpj.gmfut-fbtu.jp". .. Further, in line 006, the mode shifts to the http-client 1 setting mode, and in line 007, the IPv6 address of i6 = ewan 1 is set to "http://cg-b.bpj.gmfut.fbtu.jp/ddns-v6.cgi". dn = cg-a. bpj. gmfut. fbtu. It is defined to send jp, pw = pass1. Further, it is defined in line 010 that the mode shifts to the EWAN interface setting mode, and in line 011 that the operations after line 006 are executed when the address changes.

(B) Description of the operation of the embodiment of the present invention Next, the operation of the embodiment of the present invention will be described. In the following, (1) at the start of operation, (2) at the time of session establishment, (3) at the time of changing the address of cg-a, and (4) at the time of failure of cg-b will be described.

(1) At the start of operation At the start of operation, the system administrator operates the PC 50 to register the domain names and IP addresses (IPv6) of the center gateways 20 and 30 in the NGN name server 60. As a result, as shown in FIG. 4, the domain name "cg-a" of the center gateway 20 and the IP address "A: A: A :: 1" are associated with each other in the storage unit 63 of the NGN name server 60. At the same time, the domain name "cg-b" of the center gateway 30 and the IP address "B: B: B :: 1" are stored in association with each other.

Next, the center gateways 20 and 30 automatically execute the operations described later. That is, to explain by taking the center gateway 20 as an example, the center gateway 20 accesses the NGN name server 60 whose IP address is "E: E: E :: 1" with reference to the setting of FIG. 3 (B). Then, the address of the center gateway 30 is resolved. As shown in FIG. 4, the domain name "cg-b" of the center gateway 30 and the IP address "B: B: B :: 1" are stored in the storage unit 63 of the NGN name server 60 in association with each other. Therefore, the center gateway 20 obtains "B: B: B :: 1" as the IP address of the center gateway 30. Next, the center gateway 20 stores the domain name of the center gateway 30 and the IP address in association with each other in the storage unit 23 by the DDNS function. As a result, as shown in FIG. 4, the domain name "cg-b" of the center gateway 30 and the IP address "B: B: B :: 1" are stored in association with each other in the storage unit 23 of the center gateway 20. To. Then, the center gateway 20 starts the DNS server so that the address of the center gateway 30 can be resolved.

On the other hand, the center gateway 30 accesses the NGN name server 60 whose IP address is "E: E: E :: 1" by the same operation, and solves the address of the center gateway 20. As shown in FIG. 4, the domain name “cg-a” of the center gateway 20 and the IP address “A: A: A :: 1” are stored in the storage unit 63 of the NGN name server 60 in association with each other. Therefore, the center gateway 30 obtains "A: A: A :: 1" as the IP address of the center gateway 20. Next, the center gateway 30 stores the domain name of the center gateway 20 and the IP address in association with each other in the storage unit 33 by the DDNS function. As a result, as shown in FIG. 4, the domain name "cg-a" of the center gateway 20 and the IP address "A: A: A :: 1" are stored in association with each other in the storage unit 33 of the center gateway 30. To. Then, the center gateway 30 starts the DNS server so that the address of the center gateway 20 can be resolved.

Further, the base gateway 40 sets the center gateway of the connection destination. That is, the center gateway 20 to which the IKEv2 is connected is set with the domain name "cg-a" as shown in FIG. 3 (A). Similarly, the center gateway 30 to which the IKEv2 is connected is set with the domain name "cg-b" as shown in FIG. 3 (A). The NGN name server 60 is specified by the IP address "E: E: E :: 1" as shown in FIG. 3 (A), but the center gateways 20 and 30 are specified by the domain name "cg-a" and Specify with the domain name "cg-b". Further, the address resolution at the time of establishing IPsec is executed by the center gateways 20 and 30 as the primary, and is executed by the NGN name server 60 as the secondary when the address resolution by the primary fails. The NGN name server 60 may first execute the address resolution, and if the address resolution fails, the center gateways 20 and 30 may execute the address resolution.

(2) Session establishment Next, the operation when the base gateway 40 establishes a session with the center gateways 20 and 30 will be described. In the following, the operation when the base gateway 40 establishes a session with the center gateway 20 will be described as an example.

When the base gateway 40 establishes a session with the center gateway 20, the name server of the center gateway 20 is the center gateway 30 as defined in line 004 of policy 1 shown in FIG. 3 (A). Therefore, the base gateway 40 accesses the NGN name server 60 defined in line 001 in order to resolve the address of the domain name “cg-b” of the center gateway 30, and the domain name “cg-b”. Get the IP address corresponding to. In this example, as shown in FIG. 4, "B: B: B :: 1" is stored as the IP address corresponding to the domain name "cg-b" in the storage unit 63 of the NGN name server 60. Therefore, the IP address "B: B: B :: 1" is obtained. The base gateway 40 accesses the center gateway 30 based on the acquired IP address "B: B: B :: 1" and executes the address resolution of the center gateway 20. More specifically, as shown in FIG. 4, the storage unit 33 of the center gateway 30 stores the IP address "A: A: A :: 1" corresponding to the domain name "cg-a" of the center gateway 20. Therefore, the base gateway 40 obtains the IP address "A: A: A :: 1". Next, the base gateway 40 accesses the center gateway 20 based on the IP address "A: A: A :: 1" acquired from the center gateway 30, and establishes a session with the center gateway 20.

When the base gateway 40 establishes a session with the center gateway 30, the name server of the center gateway 30 is the center gateway 20, as defined in line 008 of policy 2 shown in FIG. In order to resolve the address of the domain name "cg-a" of 20, the NGN name server 60 defined in line 001 is accessed, and the IP address corresponding to the domain name "cg-a" is obtained. In this example, as shown in FIG. 4, "A: A: A :: 1" is stored as the IP address corresponding to the domain name "cg-a" in the storage unit 63 of the NGN name server 60. Therefore, the IP address "A: A: A :: 1" is obtained. The base gateway 40 accesses the center gateway 20 based on the acquired IP address "A: A: A :: 1" and executes the address resolution of the center gateway 20. More specifically, as shown in FIG. 4, the storage unit 23 of the center gateway 20 stores the IP address "B: B: B :: 1" corresponding to the domain name "cg-b" of the center gateway 30. Therefore, the base gateway 40 obtains the IP address "B: B: B :: 1". Next, the base gateway 40 accesses the center gateway 30 based on the IP address “B: B: B :: 1” acquired from the center gateway 20, and establishes an IPsec session with the center gateway 30.

(3) When changing the address of cg-a For example, while the base gateway 40 is establishing a session with the center gateway 20, the IP address of the center gateway 20 is "A: A: A :: 1" as shown in FIG. Is changed to "C: C: C :: 1". In such a case, the center gateway 20 detects that its own IP address has changed, and registers the changed IP address in the center gateway 30 by DDNS. As a result, the IP address corresponding to the domain name "cg-a" stored in the storage unit 33 of the center gateway 30 is changed from "A: A: A :: 1" to "C: C :" as shown in FIG. It is changed to "C :: 1".

The base gateway 40 detects that the communication with the center gateway 20 has been interrupted by a function called DPD (Dead Peer Detection) that detects the communication interruption of IPsec in real time. When the base gateway 40 detects that the communication has been interrupted, the base gateway 40 accesses the center gateway 30 designated as the name server and executes the address resolution of the center gateway 20. At this time, the IP address corresponding to the domain name "cg-a" stored in the storage unit 33 of the center gateway 30 is changed to "C: C: C :: 1" as shown in FIG. Therefore, the base gateway 40 obtains the changed "C: C: C :: 1" as the IP address corresponding to the domain name "cg-a". As a result, the base gateway 40 can access the center gateway 20 based on the IP address “C: C: C :: 1” and reestablish a session with the center gateway 20.

On the other hand, when the IP address of the center gateway 30 is changed, the center gateway 30 changes the IP address stored in the center gateway 20 by the DDNS function, so that the base gateway 40 changes the IP address based on the changed IP address. A session can be reestablished with the center gateway 30.

The information registered in the NGN name server 60 is manually changed to a new IP address, for example.

(4) When cg-b fails In the above-mentioned "(2) When session is established", the base gateway 40 tries to access the center gateway 30 after executing the address resolution of the center gateway 30 by the NGN name server 60. As a result, it is assumed that the center gateway 30 cannot respond to the access from the base gateway 40 due to a failure or the like. In that case, since the primary center gateway 30 defined in line 004 of FIG. 3A could not respond, the secondary NGN name server 60 was accessed, and the center gateway 20 was contacted with respect to this NGN name server 60. Request address resolution. As a result, the NGN name server 60 supplies the IP address “A: A: A :: 1” corresponding to the domain name “cg-a” of the center gateway 20. The base gateway 40 can access the center gateway 20 with reference to the supplied IP address “A: A: A :: 1” and establish a session with the center gateway 20.

When the base gateway 40 tries to establish a session with the center gateway 30 and the center gateway 20 as a name server fails, the base gateway 40 also has an NGN name set as a secondary. Access the server 60. Then, the base gateway 40 requests the NGN name server 60 to resolve the address of the center gateway 30. As a result, the base gateway 40 can obtain the IP address of the center gateway 30, so that a session can be established with the center gateway 30.

Next, the details of the processes executed in the center gateways 20 and 30 and the base gateway 40 will be described with reference to FIGS. 7 to 11.

FIG. 7 is a flowchart illustrating an example of processing executed by the center gateway 20 at the start of operation. When the processing of this flowchart is started, the following steps are executed.

In step S10, the control unit 22 refers to the IP address “E: E: E :: 1” of the NGN name server 60 stored in the storage unit 23, and accesses the NGN name server 60.

In step S11, the control unit 22 requests the NGN name server 60 to resolve the address of the domain name “cg-b” of the center gateway 30. As a result, the NGN name server 60 supplies the IP address "B: B: B :: 1" corresponding to the domain name "cg-b" to the center gateway 20.

In step S12, the control unit 22 registers the address of the center gateway 30 by the DDNS function. More specifically, the control unit 22 stores the domain name “cg−b” of the center gateway 30 and the IP address “B: B: B ::” in the storage unit 23 in association with each other.

In step S13, the address of the center gateway 30 can be resolved by the above processing. That is, when the domain name "cg-b" of the center gateway 30 is supplied from the base gateway 40, the corresponding IP address "B: B: B ::" can be returned.

FIG. 8 is a flowchart illustrating an example of processing executed by the center gateway 30 at the start of operation. When the processing of this flowchart is started, the following steps are executed.

In step S30, the control unit 32 (not shown) refers to the IP address “E: E: E :: 1” of the NGN name server 60 stored in the storage unit 33 (not shown), and refers to the NGN name server 60. To access.

In step S31, the control unit 32 requests the NGN name server 60 to resolve the address of the domain name “cg-a” of the center gateway 20. As a result, the NGN name server 60 supplies the IP address “A: A: A :: 1” corresponding to the domain name “cg-a” to the center gateway 30.

In step S32, the control unit 32 registers the address of the center gateway 20 by the DDNS function. More specifically, the control unit 32 stores the domain name “cg-a” of the center gateway 20 and the IP address “A: A: A ::” in association with each other in the storage unit 33 (not shown).

In step S33, the address of the center gateway 20 can be resolved by the above processing. That is, when the domain name "cg-a" of the center gateway 20 is supplied from the base gateway 40, the corresponding IP address "A: A: A ::" can be returned.

Next, with reference to FIG. 9, an example of the process executed in the center gateway 20 after the process shown in FIG. 7 is completed will be described. When the flowchart shown in FIG. 9 is started, the following steps are executed.

In step S50, the control unit 22 determines whether or not the IP address assigned to itself (center gateway 20) has changed, and if it determines that the IP address has changed (step S50: Y), proceeds to step S51. In other cases (step S50: N), the process proceeds to step S52. For example, if the IP address assigned to itself changes from "A: A: A :: 1" to "C: C: C :: 1" due to the circumstances of NGN10, etc., it is determined as Y. The process proceeds to step S51.

In step S51, the control unit 22 requests the center gateway 30 to register a new IP address assigned to itself by the DDNS function. As a result, the domain name "cg-a" of the center gateway 20 and the new IP address "C: C: C :: 1" are stored in the storage unit 33 of the center gateway 30 in association with each other.

In step S52, the control unit 22 determines whether or not there is a registration request from the center gateway 30, and if it is determined that there is a registration request (step S52: Y), the process proceeds to step S53, and in other cases. In (step S52: N), the process proceeds to step S54. For example, when the IP address assigned to the center gateway 30 changes due to the convenience of the NGN 10, the center gateway 30 requests the center gateway 20 to register a new IP address by the DDNS function (described later). In that case, it is determined as Y and the process proceeds to step S53.

In step S53, the control unit 22 registers the new IP address of the center gateway 30 in the storage unit 23. For example, when the IP address of the center gateway 30 changes from "B: B: B :: 1" to "D: D: D :: 1", the domain name of the center gateway 30 is changed to "cg-b". IP address "D: D: D :: 1" is associated with the IP address "D: D: D :: 1" and stored in the storage unit 23.

In step S54, the control unit 22 determines whether or not there is an address resolution request for the center gateway 30 from the base gateway 40, and if it is determined that there is an address resolution request (step S54: Y), the process proceeds to step S55. In other cases (step S54: N), the process proceeds to step S56. For example, when the base gateway 40 requests the address resolution of the center gateway 30 in order to establish a session with the center gateway 30, it is determined as Y and the process proceeds to step S55.

In step S55, the control unit 22 executes the address resolution of the center gateway 30. That is, the control unit 22 acquires the IP address “B: B: B :: 1” corresponding to the domain name “cg−b” of the center gateway 30 from the storage unit 23 and supplies it to the base gateway 40. As a result, the base gateway 40 can access the center gateway 30 and establish a session.

In step S56, the control unit 22 determines whether or not there is a session establishment request from the base gateway 40, and if it is determined that there is a session establishment request (step S56: Y), the process proceeds to step S57, and other than that. In the case of (step S56: N), the process proceeds to step S58. For example, when a session establishment request is received from the base gateway 40, it is determined as Y and the process proceeds to step S57.

In step S57, the control unit 22 establishes an IPsec session with the base gateway 40. As a result, encrypted communication becomes possible between the center gateway 20 and the base gateway 40.

In step S58, the control unit 22 determines whether or not to repeat the process, and if it is determined to repeat the process (step S58: Y), the control unit 22 returns to step S50 and repeats the same process, and in other cases (step S58: Y). Step S58: N) ends the process.

Next, with reference to FIG. 10, an example of the process executed in the center gateway 30 after the process shown in FIG. 8 is completed will be described. When the flowchart shown in FIG. 10 is started, the following steps are executed.

In step S70, the control unit 32 (not shown) determines whether or not the IP address assigned to itself (center gateway 30) has changed, and if it determines that the IP address has changed (step S70: Y), step S70. The process proceeds to S71, and in other cases (step S70: N), the process proceeds to step S72. For example, if the IP address assigned to itself changes from "B: B: B :: 1" to "D: D: D :: 1" due to the circumstances of NGN10, etc., it is determined as Y. The process proceeds to step S71.

In step S71, the control unit 32 requests the center gateway 20 to register a new IP address assigned to itself by the DDNS function. As a result, the domain name "cg-b" of the center gateway 30 and the new IP address "D: D: D :: 1" are stored in the storage unit 23 of the center gateway 20 in association with each other.

In step S72, the control unit 32 determines whether or not there is a registration request from the center gateway 20, and if it is determined that there is a registration request (step S72: Y), the process proceeds to step S73, and in other cases. In (step S72: N), the process proceeds to step S74. For example, when the IP address assigned to the center gateway 20 changes due to the convenience of the NGN 10, the center gateway 20 requests the center gateway 30 to register a new IP address by the DDNS function (described above). Since the request is made in step S51 of FIG. 9), in that case, it is determined as Y and the process proceeds to step S73.

In step S73, the control unit 32 registers a new IP address of the center gateway 20 in the storage unit 33 (not shown). For example, when the IP address of the center gateway 20 changes from "A: A: A :: 1" to "C: C: C :: 1", the domain name of the center gateway 20 is changed to "cg-a". IP address "C: C: C :: 1" is associated with the IP address "C: C: C :: 1" and stored in the storage unit 33.

In step S74, the control unit 32 determines whether or not there is an address resolution request for the center gateway 20 from the base gateway 40, and if it is determined that there is an address resolution request (step S74: Y), the process proceeds to step S75. , In other cases (step S74: N), the process proceeds to step S76. For example, when the base gateway 40 requests the address resolution of the center gateway 20 in order to establish a session with the center gateway 20, it is determined as Y and the process proceeds to step S75.

In step S75, the control unit 32 executes the address resolution of the center gateway 20. That is, the control unit 32 acquires the IP address “A: A: A :: 1” corresponding to the domain name “cg-a” of the center gateway 20 from the storage unit 33 and supplies it to the base gateway 40. As a result, the base gateway 40 can access the center gateway 20 and establish a session.

In step S76, the control unit 32 determines whether or not there is a session establishment request from the base gateway 40, and if it is determined that there is a session establishment request (step S76: Y), the process proceeds to step S77, and other than that. In the case of (step S76: N), the process proceeds to step S78. For example, when a session establishment request is received from the base gateway 40, it is determined as Y and the process proceeds to step S77.

In step S77, the control unit 32 establishes an IPsec session with the base gateway 40. As a result, encrypted communication becomes possible between the center gateway 30 and the base gateway 40.

In step S78, the control unit 32 determines whether or not to repeat the process, and if it is determined to repeat the process (step S78: Y), the control unit 32 returns to step S70 and repeats the same process, and in other cases (step S78: Y). Step S78: N) ends the process.

Next, an example of the process executed in the base gateway 40 will be described with reference to FIG. In the process shown in FIG. 11, after accessing the NGN name server 60 and executing the address resolution of the center gateway 30, the center gateway 30 is accessed to execute the address resolution of the center gateway 20 and the center gateway 20 is accessed. This is the process for establishing a session. When the flowchart shown in FIG. 11 is started, the following steps are executed.

In step S90, the control unit 42 (not shown) refers to the IP address “E: E: E :: 1” of the NGN name server 60 stored in the storage unit 43 (not shown), and refers to the NGN name server 60. To access. More specifically, the control unit 42 describes the IP described in line 001 in order to solve "cg-a.bpj.gmfut-fbtu.jp" described in line 004 of FIG. 3 (A). Access the address "E: E: E :: 1".

In step S91, the control unit 42 requests the NGN name server 60 to resolve the address of the center gateway 30. More specifically, the control unit 42 refers to the NGN name server 60 with the domain name “cg-b” (more accurately, “cg-b”) of the center gateway 30 described in line 004 of FIG. 3 (A). .Bpj.gmfut-fbtu.jp ") and request to supply the corresponding IP address. As a result, the control unit 42 obtains the IP address “B: B: B :: 1” of the center gateway 30.

In step S92, the control unit 42 refers to the IP address obtained in step S91 and accesses the center gateway 30. More specifically, the center gateway 30 is accessed with reference to the IP address "B: B: B :: 1".

In step S93, the control unit 42 determines whether or not the access to the center gateway 30 is successful, and if it is determined that the access is successful (step S93: Y), the process proceeds to step S94, and in other cases (step). In S93: N), the process proceeds to step S95. For example, if the access to the center gateway 30 is successful, the process proceeds to step S94, and if the access fails due to a failure of the center gateway 30, the process proceeds to step S95.

In step S94, the control unit 42 requests the center gateway 30 to resolve the address of the center gateway 20. More specifically, the control unit 42 has the domain name "cg-a" of the center gateway 20 described in line 003 of FIG. 3 (A) (to be exact, "cg-a.bpj.gmfut-fbtu.jp". ”) Is supplied to the center gateway 30 and requested to supply the corresponding IP address. As a result, the control unit 42 obtains "A: A: A :: 1" which is the IP address of the center gateway 20.

In step S95, the control unit 42 accesses the NGN name server 60. That is, when N is determined in step S93, it means that the center gateway 30 is not operating normally. In that case, as described in line 004 of FIG. 3A, the secondary is used. Access the set NGN name server 60.

In step S96, the control unit 42 requests the NGN name server 60 to resolve the address of the center gateway 20. More specifically, the control unit 42 has the domain name "cg-a" of the center gateway 20 described in line 003 of FIG. 3 (A) (to be exact, "cg-a.bpj.gmfut-fbtu.jp". ”) Is supplied to the NGN name server 60, and the corresponding IP address is requested to be supplied. As a result, the control unit 42 obtains "A: A: A :: 1" which is the IP address of the center gateway 20.

In step S97, the control unit 42 refers to the IP address obtained in step S94 or step S96 and accesses the center gateway 20. More specifically, the control unit 42 accesses the center gateway 20 with reference to the IP address “A: A: A :: 1” obtained in step S94 or step S96.

In step S98, the control unit 42 establishes an IPsec session with the center gateway 20. As a result, the base gateway 40 enables encrypted communication with the center gateway 20.

In step S99, the control unit 42 determines whether or not the session with the center gateway 20 has been disconnected, and if it is determined that the session has been disconnected (step S99: Y), the control unit 42 returns to step S92 and is the same as in the above case. When the process is repeated and it is determined that the disconnection is not performed (step S99: N), the process proceeds to step S100. For example, the session is disconnected because the IP address of the center gateway 20 is changed from "A: A: A :: 1" to "C: C: C :: 1" due to the convenience of NGN10 or the like. If so, it is determined as Y and the process returns to step S92. Then, by the processing after step S92, a new IP address of the center gateway 20 is acquired, and a session with the center gateway 20 can be reestablished.

In step S100, the control unit 42 determines whether or not to repeat the process, and if it is determined to repeat (step S100: Y), returns to step S99 and repeats the same process as described above, and other than that. In the case (step S100: N), the process ends.

According to the above flowchart, the above-described operation can be realized with reference to FIG.

(D) Description of Modified Embodiment The above embodiment is an example, and it goes without saying that the present invention is not limited to the cases described above. For example, in the above embodiment, when the respective addresses are registered with each other between the two center gateways 20 and 30, and the session between one center gateway and the base gateway 40 is disconnected due to a change in the IP address, Address resolution was attempted by the other center gateway, but one center gateway and two base gateways were provided, and each address was registered with each other between one of these base gateways and the center gateway. If the session between the center gateway and one base gateway is disconnected due to a change in the IP address, the address may be resolved by the other base gateway.

Further, in the embodiment shown in FIG. 1, the number of base gateways 40 is one, but for example, two or three or more may be used. Further, in the embodiment shown in FIG. 1, two center gateways 20 and 30 are arranged, but one or three or more may be arranged.

Further, in the embodiment shown in FIG. 1, as the network to which the semi-fixed address is assigned, NGN10 has been described as an example, but other networks may be used.

Further, in the flowchart shown in FIG. 11, when it is determined in step S99 that the session with the center gateway 20 has been disconnected, the process returns to step S92, but the process may return to step S90. As an example, if the elapsed time since the last access to the center gateway 30 is a predetermined time or longer (for example, 10 minutes or longer), the address of the center gateway 30 may also be changed. May return to step S90.

Further, in the above embodiment, the case where the IP address of the center gateway 20 changes in the state where the center gateway 20 and the base gateway 40 have established a session has been described as an example, but the base gateway 40 is the center gateway 20. According to the present embodiment, a session can be established with the center gateway 20 even if the IP address of the center gateway 20 changes when the session is established with the center gateway 20. That is, if the IP address of the center gateway 20 changes while the base gateway 40 establishes a session with the center gateway 20, the information registered in the center gateway 30 is immediately changed by DDNS. Therefore, the base gateway 40 can access the center gateway 20 and establish a session.

Further, the present invention is not limited to IPsec, and other protocols (for example, L2TP) can be used for establishing a session.

Further, it goes without saying that the setting information shown in FIGS. 3A and 3B is an example, and the present invention is not limited to such setting information.

Further, in the example shown in FIG. 11, the case where the base gateway 40 establishes a session with the center gateway 20 has been described as an example, but "cg-a" is replaced with "cg-b" and "cg-b" is replaced with "cg-b". By replacing "cg-b" with "cg-a", it can be a process when the base gateway 40 establishes a session with the center gateway 30.

10 NGN
20, 30 Center gateway (center side connection device, additional connection device)
21 Packet relay processing unit 22 Control unit 23 Storage unit 24-1 to 24-n Reception unit 25-1 to 25-n Transmission unit 40 Base gateway (base side connection device)
50 PC
60 NGN name server

Claims (7)

A network that has a name server and is connected to the network to which a semi-fixed address is assigned, and a center-side connection device that is placed on the center side.
A base-side connection device that is connected to the network and is located on the base side and communicates with the center-side connection device.
It has an additional connection device connected to the network and arranged on the center side or the base side.
The center-side connection device and the additional connection device store their respective addresses and domains by the DDNS (Dynamic Domain Name System) function, respectively.
When the address of the center-side connecting device changes, the base-side connecting device acquires the changed address by inquiring the address of the center-side connecting device to the additional connecting device, and obtains the changed address, and the changed address. To access the center side connection device based on
A network system characterized by that. The network system according to claim 1, wherein the network is an NGN (Next Generation Network). When the address of the center-side connection device changes while the base-side connection device has established a session with the center-side connection device, the change of the center-side connection device with respect to the additional connection device. The network system according to claim 1 or 2, wherein a later address is queried. When the base-side connection device establishes a session with the center-side connection device, the base-side connection device accesses the name server to acquire the address of the additional connection device, and accesses the additional connection device to access the center- side connection device. The network system according to any one of claims 1 to 3, wherein an address of a connecting device is acquired, and a session is established with the center-side connecting device based on the acquired address. When the base side connection device establishes a session with the center side connection device and cannot access the additional connection device due to a malfunction of the additional connection device, the base side connection device accesses the name server and the center side. The network system according to claim 4, wherein an address of a connecting device is acquired, and a session is established with the center-side connecting device based on the acquired address. A network that has a name server and is connected to the network to which a semi-fixed address is assigned, and a center-side connection device that is placed on the center side.
A base-side connection device that is connected to the network and is located on the base side and communicates with the center-side connection device.
It is an address resolution method of a network system having an additional connection device connected to the network and arranged on the center side or the base side.
The center-side connection device and the additional connection device store their respective addresses and domains by the DDNS (Dynamic Domain Name System) function, respectively.
When the address of the center-side connecting device changes, the base-side connecting device acquires the changed address by inquiring the address of the center-side connecting device to the additional connecting device, and obtains the changed address, and the changed address. To access the center side connection device based on
A network system address resolution method characterized by that. A network having a name server and connected to the network to which a semi-fixed address is assigned and arranged on the center side, and a center side connecting device connected to the network and arranged on the base side and located on the center side. It has a base-side connection device that communicates with the connection device, and an additional connection device that is connected to the network and is arranged on the center side or the base-side, and the center-side connection device and the additional connection device. Is used in the base-side connection device used in a network system that stores each other's addresses and domains by the DDNS (Dynamic Domain Name System) function.
When the address of the center-side connecting device changes, the changed address is acquired by inquiring the address of the center-side connecting device to the additional connecting device, and the center-side connection is made based on the changed address. Access the device,
A base-side connection device characterized by this.

Images