KR100535825B1 - Method for establishing homenetworking system with expanding IP address in edge LAN service segment and internet connection system having homegateway for realizing the method - Google Patents

Abstract

GPIP address list, CLPIP address pool list, subnet mask information, and subnet mask information expanded to the remote service management server to the LAN structure edge (ELSS) network, IPs of the devices and default gateways installed in the ELSS. Construct a resource information database such as an address list and an RH list (a list of IP addresses of hosts for which the home gateway should obtain a MAC address), and set up a plurality of IP sharing default gateways including the home gateway default gateway in the subscriber's home. After the external installation, the bridge-structured home gateway receives resource information of each subscriber conforming to the subscriber's terms of use from the remote service management server, and the GPIP address or CLPIP address is applied to the virtual subnet mask information. Matches the host, but the home gateway uses the virtual subnet mask The subnet, which was mistaken for being enlarged, eliminates the side effects of internet communication failure for some remote hosts, and also provides various Internet services by expanding the IP addresses that the hosts in the house configure LAN and assign to the hosts in the house. . Both GPIP and CLPIP belong to one of the IP groups determined by the virtual subnet mask, and the CLPIP address pool is selected from a portion of the IP group.

Description

An Internet access system including a home gateway that implements a method and a home gateway for extending the IP address to be allocated to premises hosts of each subscriber in an edge network of a LAN structure, without routing by premises hosts having different subnets. {Method for establishing homenetworking system with expanding IP address in edge LAN service segment and internet connection system having homegateway for realizing the method}

The present invention relates to an internet access system and an internet access method, and more particularly, to implement a LAN in a subscriber household through an edge network of a LAN structure, to simultaneously extend an IP address to be given to hosts of each subscriber, and to provide an extended IP address. The present invention relates to a method of allowing each subscriber's hosts to independently connect to an internet network, and to an internet access system having a home gateway for implementing the method.

With the widespread use of the Internet, the general public can easily access a variety of information through local and time constraints through the Internet network. In addition, in addition to searching and acquiring information through the Internet, voices provided by broadcasting stations are recently available. In recent years, the convergence service that provides music, still images, moving pictures, etc. to personal computers or mobile phones is beginning to be provided. In addition, the communication service via the Internet is also coupled to the home appliances of each home or office equipment of each office, technology for controlling these devices or equipment remotely through the Internet network has been developed.

Therefore, not only one host communicates with each other in the home of each subscriber, but a plurality of hosts (in addition to a plurality of computers, information appliances, digital TVs, and health care devices) communicate with the Internet. As used, there is a need to configure a LAN within each subscriber. In other words, the need for home networking through the Internet has emerged.

On the other hand, the Internet network is mainly composed of the ISP backbone network, POP (Point Of Presence) network and the edge network connected to the consumer. The backbone network is a backbone network, which has a transmission rate of tens to hundreds of Gbps. The POP network means a regional communication center or a communication base existing in each region. The backbone network is a branch network of the backbone network. Means a network that leads to each family. Currently, the edge network structure of Korea is using the Ethernet LAN structure, especially in the case of cyber apartments, which have recently been constructed, the typical Ethernet structure, and in the case of VDSL, the Ethernet structure inside the MDF communication room. In addition, according to the Ministry of Information and Communication, EtherPON (Ethernet Passive Optical Network), which is one of the fiber to the home (FTTH) method, will be introduced in newly constructed single-family homes and small and medium-sized buildings. Hereinafter, such an edge network structure is called an edge LAN service segment (ELSS). In this case, the segment refers to a network section in which LAN communication can be performed using only the MAC address of the second layer without routing the third layer of the OSI model. One LAN becomes one segment.

However, by using the aforementioned edge network architecture, and in order to realize a home network service to be extended, the IP address for use by the premises subscriber host, these hosts are to be formed in the same LAN segment, in premises, the billing for the IP addresses A system must be established.

Looking at the IP address extension, the current price system that costs about 30,000 won to connect one floating public IP address and more than 10,000 won for each additional one gives a plurality of public IP addresses to multiple hosts. This is not economical and the lack of IP deficiency can not be solved, so the use of public IP addresses is virtually impossible. This requires an expansion of IP addresses that enable Internet communication in an economical way. One of these methods is IP sharing, which uses an IP sharing router (called Network Address Port Tanslation (NAPT)).

The IP sharing method is to assign one public IP address to the IP sharing router and match it 1: N with several private IP addresses. The IP sharing router uses the destination IP address of outbound traffic and the TCP / UDP port of the source. If the memory was a destination IP address, source IP address, the aforementioned out Bount traffic inbound traffic search is confirmed also confirmed that the port of the inbound destination TCP / UDP ports outbound traffic, local causing the outbound traffic It is intended to forward inbound traffic to the host. However, the IP sharing scheme has the following problems.

First, among communication applications, there are applications that negotiate and replace IP addresses or port information to be used in the payload of traffic. In this case, the IP sharing router cannot respond properly and eventually the host is not connected to the Internet network, thereby losing communication. However, many multimedia communication applications work this way.

Second, during a security application, the host creates an Authentication Header with the IP address and port number it is using and includes it in the packet, and the other side tells the other party that the IP address and port number in the envelope There is an IP Security Protocol (IPSec) that establishes communication by seeing if it matches what is in the header. In this case, the authentication header includes the private IP address used by the host and the envelope includes the public IP address of the IP sharing router, so that the other party invalidates the data and no communication is performed.

Third, a host can be streamed using multiple ports from providers with different IP addresses. Internet digital TV is one of these cases. A soap opera is shown on the main screen, but when you click on the T-shirt worn by the main character, a T-shirt propaganda appears in a small sub-screen. This type of service is called hyperstreaming, which means that subscriber hosts communicate with each other very dynamically negotiating the IP address and port of the other host. IP sharing routers are very vulnerable to this kind of service.

The router method is that when IPv6 is realized, the shortage of IP addresses is eliminated, and thus the router method becomes useless. With IPv6, there are dozens of public static IPs in the same home, so if you don't manage their traffic for the purpose and purpose of each host or each host's IP address, there's a lot of traffic going into ELSS, POP and backbone. It can come and go, which entails significant investments in these Internet equipment, which can significantly reduce economics.

On the other hand, another way to expand the IP address is to install a regular router in each subscriber, rather than a router with a sharing function. In this case, two static public IP addresses are required first for the purpose of the router, and hosts in each household must also receive public IP addresses in the same band as the router, which requires a huge number of public IP addresses. It only results in exhaustion of addresses.

In terms of the configuration of the home network, when the NAPT is set up in the house to give some hosts in the house a private IP by IP sharing method and give some other hosts a public IP address, the subnet mask information Since the determined network parts are different from each other, a problem arises in that a LAN cannot be formed between a host using a public IP address and a host using a private IP address in the home.

In terms of billing, as a plurality of hosts in each subscriber access the Internet with a plurality of IP addresses, billing by the amount of traffic generated from each host becomes difficult. In particular, when the convergence convergence service starts in earnest, charging by traffic will become more problematic, and therefore, development of a new charging system is required. In the end, it is preferable that the billing is determined not by the amount of communication traffic but by the purpose of the device, that is, the type of IP address used by the device. For example, the cost of using a communication module to receive Internet service using a public IP address, the cost of using a communication module to receive Internet service using a private IP address of a NAPT method, and a common such as an apartment. There is a need for a billing system that determines the cost of using a communication module that uses a private IP address to receive services in a house.

Accordingly, it is an object of the present invention to provide a method for extending an IP address so that a host of each subscriber's home of the ELSS can be sufficiently mixed with a real public IP and a private IP CLPIP.

Another object of the present invention, even though each subscriber host of the ELSS is given a mixture of the real public IP and the private IP CLPIP to form a single LAN segment in the house and at the same time eliminate the side effects associated with the Internet smoothly To provide a way to access

It is still another object of the present invention to provide an internet access system including a home gateway that allows a plurality of hosts belonging to each subscriber of an ELSS to independently communicate with each other while forming a home LAN segment.

It is still another object of the present invention to provide an Internet access system including a home gateway and a default gateway for each service type to efficiently operate a charging system according to independent internet communication of a plurality of hosts belonging to each subscriber of an ELSS.

In order to achieve the object of the present invention, in order to build a system for providing an Internet access service through the Internet to a plurality of hosts installed in each subscriber's premises in the edge network of the LAN structure that the edge router is installed, Internet service provider On the remote service management server provided on the network side, the network information based on the address information of each household in the edge network of the LAN structure, the GPIP address list to be assigned to the edge network of the LAN structure, the CLPIP address pool list, the subnet mask information, and the subnet mask information. A database is constructed of resource information including virtual subnet mask information for configuring an expanded network unit, equipment installed in an edge network of a LAN structure, and an IP address list and an RH list of a default gateway. Where both the GPIP address and the CLPIP address belong to one of the public IP groups determined by the virtual subnet mask set by the Internet service provider, and the CLPIP address pool is part of an IP group that groups the entire IP address into a virtual subnet mask. The RH list refers to a list of IP addresses of hosts whose home gateways, which will be described later, need to secure MAC addresses.

In addition, a plurality of IP sharing default gateways, including a home gateway default gateway having a GPIP address assigned to one network interface and a CLPIP address assigned to the other network interface, are external to the subscriber's home in the edge network of the LAN structure. Install on.

Next, it communicates with the home gateway default gateway and downloads resource information for each subscriber from the remote service management server according to the subscriber's terms of use, and matches the GPIP address or CLPIP address to a plurality of hosts of each subscriber. Install at each subscriber's house. However, the virtual subnet mask information downloaded from the Internet service provider is applied to the home gateway and the plurality of hosts.

The home gateway includes: a filter for determining the type of message generated by the home host; An ARP cache storing MAC addresses of IP addresses included in the RH list; And if the message determined by the filter is an ARP request message, the IP group information, the GPIP address list of the resource information, the CLPIP address pool list, the RH list, and the LAN structure of the edge network device. By referring to the IP address list, the MAC address of the destination IP address or the MAC address of the default gateway to which the host originating the message is informed to the host generating the message, and the ARP request message thrown by the ELSS network device or the default gateway is displayed. Or an ARP handler informing the home gateway's MAC when it is for a home host; The uplink traffic includes a MAC conversion module for converting the source MAC to the home gateway's own MAC, and converting the destination MAC to the MAC address of the home host corresponding to the destination IP address of the traffic.

As a specific example, the subnet mask information may be "/ 21", the virtual subnet mask information may be "/ 4", and the plurality of hosts include a computer, a home appliance, a device for VoIP, and a healthcare device, and the IP The shared default gateway may include a default gateway for NAPT service, a default gateway for home appliances, a default gateway for VoIP, and a healthcare default gateway.

On the other hand, before the home gateway responds to the ARP request generated by the home host and the ARP request generated by the in-house equipment or the default gateway, the home gateway determines the ARP to determine the MAC addresses of the IP addresses included in the RH list. The request is stored in the ARP cache of memory provided in the home gateway.

In addition, the process of the home gateway responding to the ARP request generated by the home host includes: checking whether the target IP address mentioned in the ARP request message is included in the IP group to which the IP address band of only the ELSS to which it belongs belongs; Not including the MAC value of the default gateway to which the ARP request message is generated; If the target IP address is included in the IP group to which the IP address band of only ELSS to which it belongs, then determining whether it is an IP address belonging to the CLPIP address pool list, and as a result, the target IP address is the only ELSS to which it belongs. Notifying the MAC value when there is a MAC value stored in the ARP cache based on the RH list when the IP address band belongs to the IP group to which the IP address band belongs; If the target IP address belongs to an IP group to which the target IP address belongs to only the IP address band of the ELSS to which it belongs, and does not belong to the CLPIP address pool, checking whether the target IP address belongs to the IPIP address list; If the target IP address belongs to the GPIP address list, informing the MAC value if there is a MAC value stored in the ARP cache based on the RH list; And if the target IP address belongs to the IP group to which the target IP address belongs to only the ELSS IP address band to which it belongs, but not to the CLPIP address pool and to the GPIP address list, the host that originated the ARP request message is sent to the host. And providing the MAC value of the DG to which the host belongs.

Hereinafter, an internet access method including a home gate and an internet access system implementing the same will be described with reference to the accompanying drawings.

1 is a schematic diagram of an internet access system according to an embodiment of the present invention. In Fig. 1 and Fig. 2 described later, " 1 " represents only the ELSS which is a LAN, and " 2 "

Internet access system according to an embodiment of the present invention is a remote service management server 11 installed in the service center of the ISP, one or more default gateway (DG; 12, 13, 15) and ELSS installed according to the service type in the ELSS It includes a home gateway (HG) 17 is installed in the home of each of the plurality of subscribers. The type of service is a service that connects to the Internet through an IP sharer (the default gateway of IP sharing method) in the ELSS complex, a service that directly accesses the Internet without passing through the IP sharer, and a DG using an IP sharing method dedicated to controlling home appliances in the complex. The Internet access service, the Internet access service through the DG of the VoIP-only IP sharing scheme in the complex, or the content server connected to the content server in the complex include. One of the ELSSs is an apartment complex or cyber apartment where VDSL service or EtherPON (Ethernet Passive Optical Network) service is provided.In this case, a switch (not shown) is installed on each floor and each building, and the ELSS The edge router 12, which is an L3 switch operating in the third layer of OSI, is already installed at the interface between the and ISP. In the subscriber's home, a plurality of hosts 19a and 19b are connected to the HG 17 to form a LAN segment in the home.

In this embodiment, the host 19a, which is a part of the home host, wants to receive a service (original internet service) from the ISP by connecting to the Internet network without using a public router by using a public IP address (GPIP). Only the case where a host 19b wants to receive an Internet access service through a router using a Common Localized Public IP (CLPIP) address, which will be described later (NAPT Internet Service) will be described.

The remote service management server 11 may include address information of each ELSS, a group of public IP addresses to be assigned to each ELSS, a Common Localized Public IP (CLPIP) address pool, subnet mask (SM) information, and a virtual subnet mask (VSM). Virtual SM) information, Bandwiss management guideline information, DG IP address of ELSS, Relevant Host (RH) list by ELSS, etc. are managed, and each subscriber's terms of use are inputted to meet the corresponding service provisions. A public IP address, a CLPIP (Common Localized Public IP) address, SM information, and a virtual subnet mask (Virtual Subnetmask) to network devices such as DGs 13 and 15 and HG 17 including L3 switches 12 of each ELSS; VSM) information and a list of Relevant Hosts (RHs) are also transmitted to the HG 17, and a bandwidth management guide for uplink and downlink traffic of the ELSS is transmitted. The HG 17 transmits the IP address assignment status, traffic status, etc. of the hosts connected thereto to the remote service management server 11. Here, the VSM granted to the hosts 19a and 19b and the HG 17 in the subscriber premises in the ELSS is compared to the SM granted to the DGs 13 and 15 provided between the L3 switch 12 and the HG 17. The mask range is enlarged and will be described later.

The above-mentioned public IP address refers to a public IP address according to the Internet standard, and since the CLPIP address also uses a local IP address as part of the public IP address, in order to distinguish the latter from the latter, in particular, the former public IP address is used. It is called a Genuine Public IP (GPIP) address. CLPIP address refers to the common IP address used by VSM to divide the entire public IP address into several groups, and then remove some public IPs selected by the ISP from each IP group and use them as local IP addresses in each ELSS. It may be selected in the form of consecutive or several separated sub-sections in the intervals except the intervals. Here, the public IP address selected as the CLPIP address cannot be used as a GPIP address, and any one CLPIP address pool can be used in common at multiple complexes belonging to the same IP group. Thus, the IP address that the ISP will assign to the hosts in the subscriber's home of each ELSS consists of a GPIP address and a CLPIP address.

In general, DG refers to a gateway through which traffic of a host passes when one host in a LAN segment communicates with a remote host in another remote segment. In the present invention, the DG is installed for each service in consideration of billing. It is desirable to. Normally, ELSS currently has only one DG, that is, an L3 switch incorporating a routing module, and this DG has only GPIP as a subnet, but in the present invention, in addition to an L3 switch having GPIP-provided premises hosts as a subnet, CLPIP is given to a premises. An IP sharing default gateway (SG) in which hosts can be connected to the Internet through an IP sharing method is preferably used together. That is, by using a known network environment setting method, a specific host requesting a predetermined service is connected only to a specific gateway (DG) related to a predetermined service when setting the network environment of the host, and the ISP connects the DG connection information according to the service type. You can charge a flat fee for each service. Thus, various services can be sold to each customer without operating a billing system that involves astronomical costs such as metering traffic packets on a daily basis or classifying them by service type.

In Figure 1, when a host (19a) receiving the GPIP address to receive an Internet service by the DG to L3 switch 12 and CLPIP address the receiving host (19b) the NAPT in the NAPT method, not through a customer premises router installed in only The case where the Internet connection service is received using the SG 15 as a DG is shown. In addition, in FIG. 1, the HG SG 13 is illustrated as a DG used when the home gateway 17, which is an essential component of the present invention, communicates with the remote service management server 11.

Thus, for the Internet communication using DG or SG, L3 switch 12 is given a public IP address, NAPT SG (15) to the WAN for the public IP address, NAPT SG (15) has a CLPIP address in the home In order to construct a subnet consisting of hosts, the CLPIP address is given to the ELSS side of the NAPT SG (home side). In other words, from the perspective of the ELSS complex, multiple networks with different default gateways are formed.

On the other hand, one CLPIP address pool is formed in one IP group. When the number of services increases, the CLPIP address pool is further divided into a plurality of CLPIP address subpools, and the addresses of each sub-CLPIP address subpool correspond to each service. The SG is assigned to the hosts forming the same LAN together with the SG. For example, in case of accessing the Internet through NAPT service, in case of internet remote control of home appliance, in case of internet connection of VoIP device, in case of remote internet connection of healthcare device, corresponding home appliance SG, VoIP SG And a CLPIP address pool into a plurality of CLPIP address subpools for health care SGs, and the like, and may be assigned to each SG. That is, if the service type is two or more, one CLPIP address pool is divided into two or more CLPIP subaddress pools, and IPs of each CLPIP subaddress pool are all assigned to the same type of host. This will allow you to charge a certain fee for each SG for each use, instead of charging for the amount of traffic.

Next, the home gateway 17 has a bridge structure that connects the LAN segment of the home and the LAN segment of the ELSS, and the ARP processing function is enhanced in comparison with the conventional general bridge. That is, a general conventional bridge responds only to an ARP request whose IP address is referred to as a target IP address, whereas the HG 17 of the bridge structure of the present invention has a CPU equipped with a program module to perform an intelligent ARP function. Includes an ARP handler (55 in FIG. 5) to make an ARP request and response for an IP address included in the RH list. Since the detailed configuration and operation of the HG 17 is in FIGS. 5 to 10, a detailed description thereof will be described later.

When the GPIP address is given to the HG 17, since the GPIP address takes a lot, in the present invention, the CLPIP address is given to the HG 17, so that the HG SG 15 has a subnet composed of the HG 17. A CLPIP address is assigned to the HG 17 and a GPIP address is assigned to the WAN of the HG SG 15 to belong to the subnet of the L3 switch 12.

This study examines the effect of using a CLPIP address, a local IP address used within ELSS, at the expense of some of the public IP addresses.

To do this, we first look at the IP addressing system. IP addresses are represented in 32 bits in IPv4. These IP addresses are divided into network section and host section. However, SM is a number that identifies the network denials from the top to the top of these 32-bit IP addresses. Therefore, when the SM value is set, the IP address is divided into several IP groups.

The CLPIP method according to the present invention is a method of writing a local IP address used in ELSS at the expense of some public IP addresses. With one CLPIP pool per IP group, and expanding the subnet masks of subscriber premises hosts to include the entire IP group to which the GPIP band applied to that ELSS belongs, that is, a virtual subnet mask that is much larger than normal, The CLPIP pool can be applied to ELSSs using the GPIP band, and at the same time, a LAN can be configured between a GPIP-hosted host and a CLPIP-hosted host.

However, as the SM value increases, the number of IP address groups increases, so that the number of CLPIP pools increases. Therefore, when the size of each CLPIP pool is constant, more public IPs are sacrificed for CLPIP use. On the other hand, if the SM value is reduced to reduce the number of IP groups as much as possible, if the size of the CLPIP pools is constant, the number of public IPs sacrificed to make the CLPIP pool becomes small. An example of the IP address group and the CLPIP address pool belonging to each group in the case of SM of "/ 4" is shown in Table 1. In Table 1, the " / 4 " VSM is shown. However, the method of determining the number of IP groups and the method of determining the CLPIP address pool are the same, and thus the description will be made based on the description in Table 1.

Based on Table 1, if an ISP provides services for 1,000 households, it would sacrifice approximately 110,000 public IP addresses, but each household could be given as many as eight CLPIP addresses. That is, 80 million IP addresses will be secured, and the IP address expansion effect will be about 700 times higher than the number of IPs introduced. This is especially significant considering only 4.2 billion public IP addresses in IPv4. It can be seen.

In addition, as described above, the CLPIP address pool is selected from a group of IPs (GPIPs) recognized by the VSM assigned to each host 19a, 19b and the HG 17 from the remote service management server 11 to be the same segment. It only needs to be assigned uniquely within ELSS. Therefore, the same CLPIP address can be allocated in different ELSSs, and further, the same CLPIP pool can be used in all the ELSSs to which the GPIP bands belonging to the same IP group are applied. This content is shown in FIG. 3, which will be described later.

On the other hand, the home hosts (19a, 19b) of each subscriber of the ELSS are mixed with the GPIP address, which is the public IP address, and the CLPIP address, which is the local IP address. When the SM information (about 21) applied to the IP address is applied, the network segment indicated by the SM between these premises hosts 19a and 19b is not identical, and thus a LAN segment cannot be formed. If a LAN segment is not configured between the home hosts 19a and 19b, since true home networking is not performed, the information exchange process between the home hosts is complicated and inconvenient.

Accordingly, the remote service management server 11 applies the above-described expanded virtual SM (VSM) to the HG 17 and the premises hosts 19a and 19b, and other equipment in the ELSS complex (L3 switch, HG). For SG and NAPT SG), an honest SM having a smaller value than VSM is applied. As an example of this, a normal SM (/ 21) may be applied.

Referring back to Table 1, the maximum number of hosts that the operating system of the HG 17 installed for each subscriber in the "/ 4 VSM" can recognize as the same LAN is 2 ²⁸ , and the hosts 19a and 19b. If the IP address of the 32 bits is the same value up to the top four bits, they are recognized as being located in the same segment. That is, in the subscriber's home, the host 19a given the GPIP address and the host 19b given the CLPIP address are mixed, but these hosts are HG by the VSM of the HG 17 and the host 19a, 19b. It is recognized as located in the same segment with (17), LAN communication is possible without a router.

On the other hand, determining the value of "VSM" is determined by the scale of the network allowed by the computer operating system adopted by the HG 17. Currently operating systems such as Microsoft, Linux, Unix, BSD, Macintosh, etc. SM's current extension limit for Microsoft operating systems is "/ 3". Table 2 shows various examples of the number of IP groups and the number of CLPIP pools according to the VSM.

In addition, ELSS is to determine the two will consist of several CLPIP in there up to some of the furniture, CLPIP address pool will be paid according to several CLPIP addresses per household.

The process of building the above-described system of FIG. 1 will be described. First, in the ELSS, a conventional L3 switch 12 combining edge routers and a main switch, each floor and the same switch are installed, and a remote service management server 11 is installed in a remote ISP service center. 13) Install. On the other hand, the remote service management server 11 receives and manages the terms and conditions of the subscriber. And the HG 17 is installed in the home of the customer who applied for use. When installing the HG 17, the CLPIP address to be used by the HG 17, the CLPIP address to be assigned to the internal network interface of the HG SG 13 of the ELSS, the subnet mask (VSM) of the HG 17, and the HG 17 The physical location code value to be installed is entered. Here, the HG SG 13 and the HG 17 may have a NAPT (IP sharing) relationship or a RSAP-IP (Realm Specific Address and Port-Internet Protocol: IETF RFC 3102, 3103) relationship. The latter relationship is preferred. Hereinafter, in the case of the RSAP-IP relationship, the service according to the present invention will be described in terms of an IP address with reference to Table 1 and FIG. 2.

When the SM information (VSM) of the HG 17 and the hosts 19a and 19b is determined to be "/ 4", the number of IP groups to provide the GPIP address is 14 as shown in Table 1, and the upper four digits are shown. Suppose that a CLPIP address is selected from a CLPIP address pool ("218.0.0.1-218.0.31.254) selected from an IP group (208.0.0.0-223.255.255.255) which becomes" 1101 ".

21.1.4.1.2 contained in the IP group whose WAN network interface GPIP address of HG SG 13 is "1101" and the CLPIP pool of the IP group whose internal network interface towards HG 17 is also "1101" 218.0.0.1 belonging to and belonging to the CLPIP pool of the IP group, which is "1101" as the CLPIP to be used by the HG 17, when the HG 17 is installed, receives 218.0.0.2 as the DG to be used by the HG 17. If the 21G network input is 218.0.0.1, which is the internal network interface CLPIP of the HG SG 13, and 240.0.0.0 (/ 4) is input as the subnet mask (VSM) of the HG 17, the HG immediately after installation of the home gateway 17. 17 and the HG SG 13 start communicating to perform RSAP-IP.

HG 17 receives RSAP-IP assignment from HG SG 13, "Use TCP / UDP port 50001, 50002 of GPIP address 211.1.1.2 of HG SG". When communicating with the remote service management server 11, the HG 17 generates a packet using the IP address 211.1.1.2 and the TCP / UDP port number 50001,50002, and then returns the packet to its CLPIP address. Encapsulate (IPIP) the packet again using the 218.0.0.2 address and send it to the HG SG (13). The HG SG 13 removes the mouth encapsulation, and the HG S17 uses the GPIP address of the HG SG 13 and its TCP / UDP ports 50001 and 50002 as if it were a packet of its own. This is sent to the remote service management server 11. Conversely, when the remote service management server 11 sends a packet to the HG 17, the remote service management server 11 sends the packet to the TCP / UDP port 50001, 50002 of the public IP 211.1.1.2, which is received by the HG SG 13, and the HG 17 receives the packet. Send to CLPIP 218.0.0.2.

After the HG 17 establishes communication with the remote service management server 11 through the HG SG 13, the remote service management server 11 is in accordance with the customer's terms and conditions, and the physical address (where the HG 17 is installed) After looking at the city, town, apartment complex, and lake), the resource information is sent to the home gateway. This resource information includes the IP address of the complex that will be paid to the customer in accordance with the Terms of Use, Bandwiss Administration Guidelines, the list of Revelant Hosts (RHs) in the complex (IP address information such as DG), and CLPIP addresses. List, GPIP list in the complex, and so on. The HG 17 according to the present invention secures their MAC addresses instead of responding to ARP request messages thrown from home hosts or external ELSS network equipment, and the RH list is a criterion for securing MAC addresses for which IPs. Say

After the HG 17 downloads the resource information, the customer can go through a user setting process. The user setting is an operation in which the HG 17 matches the CLPIP address and the GPIP address provided from the ISP with a specific host in the home. That is, the host 19a is assigned with the GPIP 211.1.1.100 and the VSM 240.0.0.0, and the host 19b is assigned the CLPIP 218.0.16.100 and the VSM 240.0.0.0. Then, the ISP assigns the GP3 address 211.1.1.1 and the SM 255.255.248.0 (/ 21) to the L3 switch serving as the DG of the host 19a, and the HG SG 13 serving as the DG of the HG 17. Allocates 211.1.1.2 and GP "/ 21" for GPIP in the WAN direction, and assigns SM "/ 21" and one of CLPIP 218.0.0.1 to 218.0.4.254 for the HG 17, Allocates 211.1.1.3 (GPIP) and SM "/ 21" in the WAN direction to the NAPT SG (15), assigns 218.0.16.1 (CLPIP) to the internal network interface, and allocates SM "/ 19" in the ELSS service. Receive one of 218.0.16.2 to 218.0.31.254. The subnet with NAPT SG is set larger than the subnet with HG SG because only one HG is installed in each house, but the PCs that receive NAPT service can have several.

After the user setup, the HG 17 knows which host in the home belongs to which DG or SG, so the customer can now communicate with the original Internet with a GPIP address on the host 19a and CLPIP on the host 19b. With the address, NAPT Internet service can be provided through NAPT SG 15.

The VSM of the HG 17 and the hosts 19a and 19b is "/ 4", the CLPIP address of the HG 17, the GPIP address of the host 19a, and the CLPIP address of the host 19b are " HG 17 and hosts 19a, 19b form the same LAN segment since it is selected from the IP group having " 1101 " and its CLPIP address pool. Therefore, the LAN is configured smoothly in the home.

3 shows a state in which a GPIP address, a CLPIP address, an SM, and a VSM are applied to a plurality of ELSSs.

SM of "/ 21" is assigned to ELSS network equipment of ASS, Yongsan, Seoul, and the GPIP address band is 211.1.1.1 ~ 211.1.4.255 (IP group "1101") and is assigned to the home gateway and the connected hosts. When the VSM says "/ 4", the CLPIP address can be selected from 218.0.0.1 to 218.0.31.254. On the other hand, SMs of "/ 21" are assigned to the network equipment of the ELSS, and the GPIP address bands are 211.2.1.1 to 211.2.4.255 belonging to the same group 1101 as that of the Yongsan A complex described above. Even in the case of EL complex of Gwangju mine where VSM is assigned to "/ 4", CLPIP address can be selected from 218.0.0.1 ~ 218.0.31.254 and the same as that of A complex of Yongsan, Seoul.

And SM of "/ 21" is assigned to ELSS network equipment of BSS in Mapo, Seoul, and the GPIP address band is 166.2.1.1 ~ 116.2.4.255 (IP group "0111"), and is assigned to the home gateway and the hosts connected to it. If the VSM is set to "/ 4", the CLPIP address can be selected from 122.0.0.1 to 122.0.31.254. The home gateway and the hosts connected to it are given an SM of " / 21 " to the network equipment of the ELSS and the GPIP address bands belong to the same group as that of the Mapo B complex described above, 166.2.1.1 to 116.2.4.255. CLPIP address can be selected from 122.0.0.1 ~ 122.0.31.254 in case of CSM EL Complex in Busan, where VSM is assigned to "/ 4", and the same as that of C Complex in Seoul Mapo may be used. That is, since GPIP is uniquely determined for all ELSSs, while CLPIP addresses must be uniquely determined within each ELSS, the same CLPIP address can be used for all ELSSs that use GPIP bands belonging to the same IP group. The expansion effect of is enormous.

However, as described above, when the VSM is applied to the plurality of premises hosts 19a and 19b connected to the HG 17 and the HG 17, serious side effects may occur. As the home host's SM expands, the number of hosts recognized as constituting the same LAN segment increases. For example, if the HG 17 and the hosts 19a and 19b have a VSM of "/ 4", each host determines that about 2 ²⁸ (268, 435, 456) hosts form the same LAN segment as theirs. . That is, 2 ²⁸ IPs can form the same LAN. However, the number of GPIP addresses assigned to each ELSS (by 14 IP groups) is approximately 1 to 2,000, as shown in Table 1, and the number of CLPIP addresses in the CLPIP pool selected from each IP group is approximately 60,000. Can be dogs. Hosts with the rest of the IP addresses become Host Misunderstood as The Segment (HMAS) which is mistaken for being in the same LAN even though they do not form the same LAN segment. HMAS are hosts that may or may not exist on the remote Internet at any time. This is illustrated by the band diagram in FIG. 4.

On the other hand, the host has its own IP (GPIP or CLPIP) address and VSM and the target IP address to be connected, and determines whether the host having the target IP address is located in the same LAN, as shown in FIG. It is determined that the HMAS are located in the same LAN. As a result, the home host continues to request ARP for HMAS, resulting in a loss of communication.

This problem is solved by adding the ARP intelligent processing function to the HG 17 of the bridge structure.

The APR intelligent processing function means that HG determines whether the target IP in the ARP request belongs to the HMAS, and if it is determined to belong to the HMAS, finds the MAC address of the default gateway to which the host making the ARP request belongs to the home host that made the ARP request. It means to inform.

In addition to the ARP intelligent processing function, the home gateway 17 includes a traffic screening function that allows the home host to communicate only with a designated gateway such as an ELSS gateway, and the source MAC of upstream traffic, in addition to the ARP intelligent processing function. It converts the MAC of the home gateway and recovers the destination MAC of the downstream traffic to the MAC of the original host, and manages the band whistle by receiving the band whistle management instructions of the up / down traffic from the remote management server. General-purpose NetBIOS and NetBEUI blocking is provided.

The traffic screening function and the MAC conversion function are disclosed in Patent 2002-29872 filed by the applicant of the present invention, and the band whistle management function is disclosed in Patent 2002-29873 filed by the applicant of the present invention. Explain.

Now, the ARP processing function of the home gateway, which is one of the features of the present invention, will be described in detail with reference to FIGS. 5 to 10.

In summary, the home gateway according to the present invention is a bridge structure connecting the ELSS and the LAN formed in the home, and unlike the conventional bridge structure, the home gateway is provided with a function to handle an ARP request.

Specifically, as shown in FIG. 5, the home gateway according to an embodiment of the present invention only connects to a plurality of local ports 50a, 50b, 50c, and 50d connected to the hosts constituting the local area network only toward the ELSS LAN. A switch fabric 51 provided with an uplink port 50e, and a CPU including an ARP processing program module for upstream traffic or downstream traffic passing through the uplink port. The CPU includes an embedded operating system (52), Ethernet bridge / filter / masking (53) that provides traffic auditing and MAC translation of the on-premises host, HG (17) and on-premises hosts (19a, 19b), and HG ( 17). TCP / IP module 54, which provides the basis for Ethernet communication between HG SG 13 and HG SG 13, for ARP cache update operations and RH lists based on RH lists, ARP handler 55 to perform ARP request or ARP response instead, Quality of Service (QoS) agent 56 which manages the bandwidth of traffic concentrated in home gateway, RASP-IP communication between home gateway and home gateway default gateway IPIP encapsulation module (57a) and RSIP client (57b) for the service, SMCP (Service Management Control Protocol) module 58, which is a message protocol of the OSI seventh layer for exchanging information between the remote management server and the home gateway, home crab DHCP server 59 dynamically assigns IP addresses to each host among downloaded CLPIP and GPIP addresses, and UPnP (Univeral) of OSI 7th layer of Microsoft's OSI layer, which is an automatic identification and control protocol of peripheral information devices. Plug and Play) SDK (60) is mounted. The home gateway is provided in the internal memory 61, and the memory 61 stores resource information downloaded from the management server and ARP cache information updated by the ARP handler 55 at predetermined time intervals.

The following will focus on the ARP intelligence processing function of the HG 17 related to the present invention.

The memory 61 of the HG 17 stores resource information provided from the remote service management server 11, which includes an RH list together with a CLPIP pool of ELSS and a GPIP list of ELSS. The RH list is the IP addresses of hosts in ELSS to which home hosts are entitled to access, such as various default gateways, or just high speed content servers. The IP address of the home subscriber of the neighboring subscriber or the IP address of the home appliance of the neighboring subscriber is irrelevant from the point of view of the home host.

The ARP handler 55 of the home gateway searches / verifies a database in the memory 61, makes an ARP request to determine MAC addresses of IP addresses included in the RH list, and outputs the result of the memory 61. It is stored in the ARP cache (not shown), and this work is continuously updated at regular intervals according to the ISP's policy. Once the APR handler 55, based on the resource information received from the remote service management server 11, sends an ARP request out of the home to the IP address included in the HR list to find out the corresponding MAC address and memory ( Under the premise that the cache is stored in 61), ARP cache update is performed.

The ARP cache update operation will be described in detail with reference to FIG. 6 as follows. The home gateway according to the present invention has a function to prevent ARP requests from going out of the home by answering ARP requests that home hosts ask about hosts outside the home. This function is necessary especially when the number of hosts in ELSS increases. This means that the home gateway knows the MAC addresses of the hosts in the ELSS in advance. However, the IP addresses included in the resource information received by the home gateway are all the IP addresses included in the CLPIP pool applied to the ELSS and the GPIP list assigned to the ELSS. Therefore, the home gateway must know in advance which of these many addresses is the IP address that really needs to know its MAC address. This is called an RH list. For example, the next door home gateway or next door internet refrigerator is excluded from the RH list because there is no reason to access it. For hosts that are in the ELSS complex, and the host is excluded from the RH list, the home gateway's ARP handler does not respond to ARP requests issued by the home host, and therefore the home host may access hosts not on the RH list. Can't. When the cache update operation of the ARP handler is started (S63), the CLPIP list of the ELSS and the GPIP list of the ELSS are retrieved from the resource information stored in the internal memory 61, and the target IP address is included in the IP bands of these lists. Look for the presence (S64). If it is determined that the target IP address is not included in the IP bands of the CLPIP list of the ELSS and the GPIP list of the ELSS, the ARP request operation for the target IP address is not performed (S65). For example, if the target IP address is just an outside IP address, no ARP cache update is performed.

Otherwise, if the target IP address is included in the IP bands of the CLPIP list of the ELSS and the GPIP list of the ELSS, the process proceeds to the next step and checks whether the target IP address is included in the RH list (S66). If the target IP address is included in the RH list, it sends an ARP request by itself to secure the correct MAC (S68), and if not included, deletes it from the cache (S67).

An internal process of the HG 17 when upstream traffic occurs to the HG 17 having the ARP cache will be described with reference to FIGS. 7 and 8.

When the message generated by the premises host reaches the CPU of the HG 17, whether the message generated by the premises host in the bridge filter of the Ethernet bridge / filter / masking 53 of the CPU is a MAC broadcast message or a unicast message. Will be identified. As a result, in the case of the ARP request broadcast message (S81), the ARP request message is sent to the ARP handler 55 to perform the ARP processing function by the logic shown in FIG.

Referring to FIG. 8, first, the ARP handler 55 of the HG checks whether the target IP mentioned in the ARP request message is included in the IP group to which only the IP band of the ELSS to which it belongs belongs (S82). If not included, it informs the host that generated the ARP request message the MAC value of the default gateway to which it belongs (S83). If the target IP is included in the IP group, it then checks whether the IP belongs to the CLPIP pool list (S84). If it belongs, if there is no MAC value stored in the ARP cache on the basis of the RH list, it is silent (S85).

If the target IP belongs to an IP group and does not belong to a CLPIP pool, the target IP is checked to see if it belongs to a GPIP list (S86). If it belongs to the GPIP list, as in step S85, if there is no MAC value stored in the ARP cache based on the RH list, it is silent (S87).

On the other hand, if it belongs to the IP group but does not belong to the CLPIP pool and also to the GPIP list, this means that the target IP is HMAS (S88). In this case, the ARP handler 55 of the home gateway informs the host generating the ARP request message the MAC value of the DG to which the host belongs (S88).

The indoor host makes an Ethernet frame as a destination using the MAC value obtained by the above-described process, and transmits a packet made with the target IP as a destination therein. The transmitted frame reaches the target in the LAN segment in the LAN segment if the host is in the ELSS, and reaches its DG or SG outside the LAN segment. DGs or SGs typically have the task of stripping their Ethernet frames from the LAN and sending the IP packets in them to the Internet. Therefore, smooth communication is achieved.

That is, in steps S83 and S88, an IP packet destined for the target IP address is put in the Ethernet frame destined for the MAC of the default gateway to which the host that has generated the ARP request message is sent to the DG, and then again sent to the belonging DG. It is forwarded to the host with the destination IP address. Steps S85 and S87 are cases where a host having a target IP exists only in ELSS. In this case, a target IP is set as a destination IP in an Ethernet frame destined for a MAC of the host having a target IP. Will be sent to the host.

Therefore, this ARP processing intelligence of the ARP handler 55 of the home gateway according to the present invention naturally entails the effect of blocking the ARP request thrown by the home hosts to the equipment outside the ELSS network only to go out to the ELSS LAN, and the home host is Since the ARP request message is generated instead of just my network equipment, it has the effect of strengthening the network security of ELSS LAN and enhancing the quality of communication.

On the other hand, if the message generated by the home host is a NetBIOS / NetBEUI broadcast message, the bridge filter 53a is blocked. If the message is a unicast message, the bridge filter 53a of the home gateway is destined to the MAC address of the source host. Check if the host is eligible to communicate with the MAC address. For example, a CLPIP host receiving NAPT service cannot send traffic directly to the L3 switch 12, but only to NAPT SG 15 first. If the communication is eligible, the message is passed to the source IP filter, where the match between the source MAC and the source IP is examined. That is, the use of IP different from the user setting contents is blocked.

When the source IP filter confirms the consistency between the source MAC and the source IP, it is sent to the masking (53 in Fig. 5) to change the source MAC value to the home gateway's own MAC value.

Traffic with the converted representative MAC reaches the QoS agent 56. The QoS agent 56 throws a ping or ARP request periodically (e.g. every 3 seconds) to the usual Internet-induced premises hosts (e.g., public IP or CLPIP PCs with NAPT service) to boot the premises host. Is monitored and reported to the remote service management server 11 whenever there is a change. The remote service management server 11 aggregates the situation for each complex, calculates an optimal bandwidth management amount for each household in the complex, and informs the home gateway of each household. The classifier 56a of the QoS agent 56 determines whether to put the frame into the management target queue 56b or the neglect queue 56c based on the destination MAC value on the Ethernet frame. ISPs have the flexibility to decide which destinations are headed for management or neglect. Since the LAN transmission speed in ELSS is extremely fast compared to the Internet section, it is better to allow traffic in the complex and to manage Internet traffic. The management queue 56b reads the bandwidth management amount value (for example, 5Mbps) from the internal memory and sends out the traffic of the HG 17 in a FIFO manner according to this value.

Next, the internal process of the HG 17 including the ARP processing for the downstream traffic of the HG 17 will be described with reference to FIGS. 9 and 10.

When the mesh generated by the ELSS network device or the default gateway reaches the CPU of the HG 17 (S101), a message generated by the premises host in the bridge filter 53a of the Ethernet bridge / filter / masking threading 53 of the CPU Distinguishes whether is a MAC broadcast message or a unicast message. As a result, in the case of the ARP request broadcast message (S101 in FIG. 10), the ARP request message is sent to the ARP handler 55 to perform the ARP processing function for the downlink traffic by the logic shown in FIG.

Referring to FIG. 10, the ARP handler 55 determines whether the target IP of the downlink traffic of the ARP request message generated by the network equipment or the default gateway based on the information of the ARP cache is the IP of the HG 17 itself or the home host. Determine (S102). If it is determined that the target IP is itself or a home host, the HG 17 notifies its MAC value to the network equipment or the DG generating the ARP request message (S103). Then, the network equipment or DG generating the ARP request message transmits the packet to the HG 17 by inserting a packet having the target IP address as the destination IP address in an Ethernet frame having the MAC address of the HG as the destination MA address. When the target IP is the home host, the MAC of the HG 17 is reduced to the home host's MAC in the masquerading 53 of the HG 17, and the message is finally delivered to the home host having the target IP.

When the target IP of the downlink traffic of the ARP request message generated by the network equipment or the default gateway is not the home gateway itself or the indoor host, the ARP handler 55 is silent (S104).

On the other hand, if the downstream message is a NetBIOS / NetBEUI broadcast message, it is blocked by the bridge filter 53a. If the message is a unicast message, the bridge filter 53a determines the IP address of the downstream traffic according to the terms and conditions. Traffic is passed when it is included in the home IP list of the provided resource information. Otherwise, block the traffic. Traffic passing through the bridge filter 53a is classified into a management queue and a negation queue according to whether the traffic reaches the QoS agent 56 and is managed or neglected based on the source MAC. The traffic to be managed is determined by the ISP, and the HG 17 receives management instructions including the bandwidth management target and the management amount from the ISP's remote service management server 11, and receives FIFO (First in, First out). Export in the same way.

For downlink traffic, the homegate's ARP handler 55 only allows the network equipment to respond on behalf of the in-house hosts for the ARP request message thrown by the in-house host, thereby minimizing the ARP traffic in the complex.

According to the above description, the Internet access system according to the present invention includes a remote service management server 11, one or more DGs (for example, 12, 13, and 15) installed according to a service type in an ELSS, and a plurality of subscribers of an ELSS. An HG 17 is installed in each house, and the remote service management server 11 determines the IP address to be provided by the HG 17 and the in-house hosts 19a and 19b by the SM that determines the network size. By assigning GPIP, which is a public IP address, and CLPIP, which is a local IP address, IP addresses can be extended by multiple hosts in ELSS 'home.

 Also, it is possible to provide services (for example, remote control of devices such as information appliances, VoIP, etc.) via ISP's SG among Internet services, so that billing for various Internet services can be reasonably and efficiently differentiated. .

In addition, the ISP's remote service management server 11 assigns the GPIP address and the CLPIP address to the home hosts, and applies the currently applied SM to the network equipment or the DG of the ELSS, and the home hosts 19a and 19b. By applying SM (enlarged in this specification as VSM) to the network equipment of ELSS or DG to the HG 17, the premises hosts having different types of IP addresses (GPIP, CLPIP) LAN configuration is now possible.

In addition, the HMAS problem generated by applying VSM to the premises hosts 19a and 19b and the HG 17 enables identification of the ARP request for the HMAS, in which case the host that generated the ARP request message belongs to the host. It was solved by configuring the ARP handler 55 to inform the MAC of the DG. Therefore, in the home of ELSS, GPIP and CLPIP-hosted hosts exist at the same time to facilitate internet communication, while at home, LAN can be configured to realize true home networking.

On the other hand, when comparing the Internet access method according to the present invention to the home hosts of the ELSS and NAPT, in the present invention, some of the home hosts can be assigned a public IP address, which is a GPIP address can provide the original Internet service On the other hand, in the NAPT access method, none of the home hosts can be provided with the public IP address, so the original Internet service cannot be provided. From the perspective of the content server in the ELSS complex, the hosts granted GPIP, CLPIP in NAPT, etc. according to the access method of the present invention are all recognized as being in the same LAN segment. All hosts in your home are only recognized as TCP / UDP ports that have been assigned private IP addresses.

Therefore, instead of using the conventional NAPT access method, based on the above-described expansion of IP address, diversification / complexing of services, and home LAN configuration of the home, various types of home high-speed content servers are introduced in the home. The terminal, for example, computers, digital TV, PVR can enjoy a convergence service including Paper View 1: 1 VoD.

In addition, even if the user freely sets the IP address in the home by the traffic screening function of the HG 17 or attempts traffic that violates the terms of use, the network is blocked by the HG 17 to go out of the home. Safety and network security have been strengthened.

Also, due to the bandwiss management function, when the booting time of the Internet-induced host is small, it communicates with a high bandwiss. And by separating the Internet traffic and the traffic in the complex, it is possible to enjoy the services of the contents server in the high speed complex using the strong edge LAN transmission speed unique to the ELSS network.

In addition, by the representative MAC conversion function of the HG 17, the outgoing traffic uses the source MAC as the home gateway's MAC, and the incoming traffic returns the destination MAC as the original, so that the customer may interfere with the ISP. It is possible to change Ethernet stations without the need for Internet access, and ISPs can reinforce network safety. And HG (17) is the ARP Req. By blocking the NetBEUI / NetBIOS LAN broadcast message source, the traffic of the ELSS network is purified, and thus it is possible to greatly expand the ELSS network.

1 shows a schematic diagram of an internet access system according to the invention.

FIG. 2 is a diagram illustrating an example of an IP address and a subnet mask assigned to default gateways, home gateways, and subscriber premises hosts of the system of FIG. 1.

FIG. 3 is a diagram illustrating allocation of Common Localized Public IP (CLPIP) addresses for a plurality of Edge LAN Service Segments (ELSSs).

Figure 4 shows a Host Misunderstood As in the Segment (HMAS) Venn Diagram.

5 schematically illustrates an internal structure of a home gateway according to an embodiment of the present invention.

6 is a flowchart illustrating an ARP cache update process of a home gateway.

7 shows an upstream traffic processing process of a home gateway.

8 is a flowchart illustrating an ARP function in an uplink traffic processing process of a home gateway.

9 shows a downlink traffic processing process of a home gateway.

10 is a flowchart illustrating an ARP function in a downlink traffic processing process of a home gateway.

Claims (15)

A method of providing an Internet access service through an internet network to a plurality of hosts installed in each subscriber's home in an edge network of an LAN structure in which an edge router is installed, In addition to the edge router, which is the default gateway with GPIP hosts in the subnet, the Internet Service Provider will also assign CLPIPs to the subscriber host and install the default gateway (s) in IP sharing, with these CLPIP hosts in the subnet.     The subnet mask of the premises hosts is expanded by the virtual subnet mask to be larger than the subnet mask assigned to the edge router and the default gateways so that a desired LAN is established between the premises GPIP host and the CLPIP host.     Due to the extended virtual subnet mask, the premises host has the side effect of not being able to communicate by mistaken the hosts (HMAS) which are actually remote or can exist at any time in the ELSS LAN segment because of the extended virtual subnet mask. For the ARP request, by determining whether the request is a request using HMAS as the target IP, and if so, by installing and resolving a bridge-structured home gateway that informs the MAC address of the default gateway to which the host belongs,    You can have a GPIP host and a CLPIP host in your home at the same time, but you can have a home LAN between them. Here, in determining the virtual subnet mask, the Internet service provider divides the entire IP address determined by the virtual subnet mask into a plurality of IP groups, and then selects a predetermined range of IPs from the respective IP groups for each IP group. Selecting and preparing a CLPIP pool, and using the CLPIP matching the IP group to which the GPIP band applied to any arbitrary ELSS belongs as a local IP provided by the ELSS. The method of claim 1 wherein the value of the virtual subnet mask, the network part re-program online representation standard, / 3 or / 4, an Internet service provider using a.      The remote service management server of the Internet service provider according to claim 1, wherein the home gateway further determines whether the target IP in the ARP request generated from the home host is HMAS. It provides the CLPIP pool and GPIP list applied to the data, and the home gateway operates the HMAS to interpret the rest of the IP group except for the IP addresses appearing in the CLPIP pool and the IP addresses appearing in the GPIP list. How to Provide. 4. The home gateway according to claim 1 or 3, wherein the home gateway implements the function of collectively responding to the ARP request generated by the home hosts related to the IP address in the ELSS outside the home. Secure the MAC address value to answer in advance, but do not secure the MAC address value corresponding to all the IP addresses appearing in the ELSS CLPIP pool and GPIP list, but the network equipment or In order to ensure that only the MAC address value corresponding to the IP address of the server, the Internet service provider is to inform the home gateway with the data of the corresponding IP to secure the MAC value in advance. The method of claim 1, wherein the plurality of default gateways are installed in the ELSS for each billing and service type, so that the flat fee can be charged for each default gateway access right of the premises host without a separate pay-as-you-go traffic calculation or a separate traffic type classification. How to provide Internet service. 6. The home gateway according to claim 1 or 5, wherein the home gateway is entitled to the OSI second-layer source shown in the traffic to the OSI second-layer destination indicated in the traffic for the upstream traffic from the home. And the home gateway can determine whether there is an internet service. 7. The method of claim 6, wherein for upstream traffic from home to home, the home gateway checks whether the source IP indicated in the traffic is an IP permitted by the subscriber's terms of use, and the IP is determined by user settings. A method of providing an Internet service that is checked to see if it is enabled on the host's MAC. In a system for providing an Internet access service through an internet network to a plurality of hosts installed in each subscriber's premises in an edge network of an edge structure of a LAN structure in which an edge router is installed, Edge router, which is the default gateway with GPIP hosts in the ELSS subnet, installed by the Internet service provider, IP gateway-based default gateway (s) with the CLPIP-subscribed subscriber's CLPIP hosts, and the home GPIP host. The subnet mask of the premises hosts is extended by the virtual subnet mask to be larger than the subnet mask assigned to the edge router and the default gateways so that a smooth LAN is established between CLPIP hosts,     Due to the extended virtual subnet mask, the premises host has the side effect of not being able to communicate by mistaken the hosts (HMAS) which are actually remote or can exist at any time in the ELSS LAN segment because of the extended virtual subnet mask. For ARP requests, the GPIP host and CLPIP in the home, including a bridge-structured home gateway that determines whether the request is a request with HMAS as the target IP and informs the MAC address of the default gateway to which the host belongs. You can run a host at the same time, but you can establish a local LAN between all these hosts, Here, in determining the virtual subnet mask, the Internet service provider divides the entire IP address determined by the virtual subnet mask into a plurality of IP groups, and then selects a predetermined range of IPs from the respective IP groups for each IP group. Selecting and preparing a CLPIP pool, and using the CLPIP matching the IP group to which the GPIP band applied to any arbitrary ELSS belongs as a local IP provided by the ELSS. The CLPIP of claim 8, wherein the remote service management server of the Internet service provider applies the home gateways to the corresponding ELSS in order for the home gateway to more efficiently determine whether the target IP in the ARP request generated from the home host is HMAS. Internet with a logical process that provides pool and GPIP lists as data, allowing the home gateway to interpret the rest of the IP group as HMAS except for those appearing in the CLPIP pool and those appearing in the GPIP list. Service delivery system. 10. The method according to claim 8 or 9, wherein the home gateway responds to the ARP request in order to implement the function of collectively responding to the ARP request generated by the home hosts related to the IP address in the ELSS outside the home. Secure the MAC address value in advance, but do not secure the MAC address value corresponding to all the IP addresses appearing in the ELSS CLPIP pool and GPIP list, but the network equipment or server in the ELSS required for the service content provided by the individual subscriber And a logic process of informing the home gateway to the home gateway of data of the corresponding IP to secure the MAC value in advance so as to secure only the MAC address value corresponding to the IP address. The Internet service providing system of claim 8, wherein the plurality of default gateways are installed according to billing and service types in the ELSS. 9. The home gateway of claim 8, wherein the home gateway determines whether, for upstream traffic from the home, outgoing home, the OSI second-layer source indicated in the traffic is eligible to go to the OSI second-layer destination indicated in the traffic. And a second layer filter is further implemented in the home gateway. 13. The method according to claim 12, wherein in the upstream traffic from the home to the home, the home gateway checks whether the source IP indicated in the traffic is an IP permitted by the subscriber's terms of use, and the IP is determined by user setting. An Internet service provisioning system configured to check that a host's MAC is enabled. In the system for providing Internet access service through a Internet network to a plurality of hosts installed in each subscriber's house in the edge network of the LAN structure in which the L3 switch is installed, A virtual network unit configured to expand the network unit based on the address information of the edge network of the LAN structure, a GPIP address group list to be allocated to the edge network of the LAN structure, a CLPIP address pool list, subnet mask information, and a network unit based on the subnet mask information. A remote service management server provided on an Internet service provider side in which a database of resource information including subnet mask information, equipment installed in an edge network of the LAN structure, and an IP address list and an RH list of a default gateway is constructed; Both the GPIP address and the CLPIP address of the resource information belong to any one group of public IP groups determined by the virtual subnet mask set by the Internet service provider, and the CLPIP address pool is selected from a part of the IP address group. The RH list refers to a list of IP addresses of hosts for which the home gateway, which will be described later, should secure a MAC address. It is installed outside the subscriber's home in the edge network of the LAN structure, the network interface of one side is given a GPIP address, the network interface of the other side is assigned a CLPIP address, and includes a home gateway default gateway to which the subnet mask information is applied. A default gateway of a plurality of IP sharing schemes; And Installed in each subscriber's house, and communicates with the home gateway default gateway to download the resource information for each subscriber in accordance with the subscriber's terms and conditions from the remote service management server, a plurality of GPIP address or CLPIP address of each subscriber A home gateway with a bridge structure that matches a host of Virtual subnet mask information downloaded from an internet service provider is applied to the home gateway and the plurality of hosts. The home gateway may include a filter for determining a type of a message generated by an indoor host; An ARP cache storing MAC addresses of IP addresses included in the RH list; And When the filter determination result message is an ARP request message, the IP address group list, the CLPIP address pool list, the RH list of the resource information, and the IP of the edge network equipment of the LAN structure for the ARP request message generated by the home host. The MAC address of the destination IP address or the MAC address of the default gateway to which the host originating the message belongs to the host generating the message, and the ARP request message thrown by the ELSS network device or the default gateway is referred to. And an ARP handler for informing the home gateway's MAC when the gateway is for a gateway or a home host. 15. The method of claim 14, wherein the home gateway, for upstream traffic sent from the home host, converts the source MAC to the home gateway's own MAC value, and looks at the destination IP for downlink traffic coming from outside the home. The Internet access service system further comprises a MAC conversion module for converting the MAC of the indoor host.