KR20150095151A - Method for packet forwarding and apparatus thereof - Google Patents

Abstract

Disclosed is a method for forwarding a packet with respect to a terminal having a duplicate address. According to the method, a network device: receives the packet; extracts an IP address and an identifier of a destination from the received packet; searches the extracted IP address and identifier in a forwarding table of the network device and determines a port to which the packet is transmitted; and can transmit the packet to the determined port. Therefore, the network device can perform communications by distinguishing a terminal in the outside of a private network even when an IP address of a terminal is redundant due to use of the private network.

Description

≪ Desc / Clms Page number 1 > METHOD FOR PACKET FORWARDING AND APPARATUS THEREOF &

BACKGROUND OF THE INVENTION 1. Field of the Invention [0001] The present invention relates to a packet forwarding method and apparatus, and more particularly, to a method and apparatus for a router to forward a packet by dividing a network.

As IT technology develops, most of the business process is done through the computerized system, and the company 's computer system is connected to the network, which can improve the efficiency of business processing. To ensure the convenience of management and security, companies have built their own networks and used them as private networks. In general, private networks are built using private IP addresses due to the lack of IP (Internet Protocol) addresses. Companies lease leased lines to build private networks. At this time, it is necessary to invest a large amount of money in order to construct a leased line. In particular, if a company is physically distributed in multiple locations or in a remote location, building a proprietary network will cost more. Therefore, companies have been trying to construct a private network using a public network as a method for constructing a private network at a lower cost.

The provision of the private network function using the public network is called a virtual private network. Due to the development of the Internet, many network operators have replaced FR (Frame Relay) / ATM (Asynchronous Transfer Mode) network with IP (Internet Protocol) network and have developed many technologies to provide virtual private network .

These virtual private networks only need to connect with the internal private network and the public Internet, so there is no need to purchase and manage expensive equipment or software separately. Therefore, it can be expected to have a significant cost reduction effect compared to the existing private network connection method, and it also has an advantage that the telecommuter, the frequent employee, and the current worker can connect to the enterprise private network through the Internet service provider and the Internet.

In other words, virtual private networks use the public Internet, which makes it easier to share data between headquarters, branch offices, branch offices, and outside employees more flexibly and inexpensively. Virtual Private Network (VPN) is a method of establishing a virtual private network by providing connectivity using a specific protocol such as MPLS, L2VPN, L3VPN, L2TP, or PPTP on a packet-based connectionless network or by adding security functions such as IPSec and SSL .

However, in the conventional MPLS L2VPN, L3VPN, L2TP and PPTP methods, when an IP address is duplicated between terminals, the Internet service provider (or server) can not distinguish between the subscriber terminals having duplicated IP addresses, There is a problem that the reply data can not be transmitted.

SUMMARY OF THE INVENTION An object of the present invention is to provide a packet forwarding apparatus capable of distinguishing terminals having the same IP address from inside and outside of a private network.

It is another object of the present invention to provide a packet forwarding method performed in the packet forwarding apparatus.

According to an aspect of the present invention, there is provided a packet forwarding method including receiving a packet, extracting a destination address from the received packet, extracting a destination identifier from the received packet, ; Determining a port to transmit the packet based on the extracted address and identifier, and transmitting the packet to the determined port.

The determining of the port may include generating a factor including the extracted destination address and the identifier as a pair, searching the generated factor in the forwarding table including the factor and the corresponding port information, .

The determining of the port may include determining a predetermined default port as a port for transmitting the packet if the generated parameter is not found in the forwarding table.

Here, the address of the destination is an IP prefix of the destination.

Here, the identifier is an ID of the destination network.

Here, the identifier is a MAC address of a network device included in the destination network.

Here, the packet forwarding method may further include generating a forwarding table by referring to a routing table including network structure information based on a terminal identifier before receiving a packet.

Here, the routing table is generated by referring to network structure information received from a neighboring network device.

According to another aspect of the present invention, there is provided a packet forwarding method including receiving a packet, extracting a source address and a destination address from the received packet, Extracting a destination identifier, and modifying a header of the received packet to reflect the extracted address and the identifier.

Here, the address of the destination is an IP prefix of the destination.

Here, the identifier is an ID of the destination network.

Here, the identifier is a MAC address of a network device included in the destination network.

According to another aspect of the present invention, there is provided a packet forwarding apparatus including a storage unit for storing a received packet, a destination address extracting unit for extracting a destination address and an identifier from the stored packet, A control unit for determining a port to transmit the packet based on the received packet, and a communication unit for receiving the packet to the terminal or another network device and transmitting the packet through the determined port.

Here, the controller generates a factor including the extracted destination address and the identifier as a pair, and determines the port by searching the forwarding table including the factor and the corresponding port information in the generated factor .

Here, the controller may modify the header of the stored packet to reflect the extracted address and the identifier.

Here, the address of the destination is an IP prefix of the destination.

Here, the identifier is an ID of the destination network.

Here, the identifier is a MAC address of a network device included in the destination network.

According to the above-described packet forwarding apparatus and method, even when the IP address of the terminal is duplicated due to the use of the private network, the terminal can be distinguished from outside the private network and can communicate with the terminal.

In addition, one network device can solve the problem of IP address duplication, so it is possible to construct an economical private network.

1 is a conceptual diagram showing the operation of a router on a network.
2 is a conceptual diagram showing an embodiment of the structure of a network.
3 is a conceptual diagram showing another embodiment of the structure of a network.
4 shows a forwarding table of the router.
5 shows a forwarding table of a router according to an embodiment of the present invention.
6 is a flowchart illustrating a packet delivery process according to an embodiment of the present invention.
7 is a flowchart illustrating a forwarding table management process according to an embodiment of the present invention.
8 is a block diagram illustrating a configuration of a network device according to an embodiment of the present invention.

While the invention is susceptible to various modifications and alternative forms, specific embodiments thereof are shown by way of example in the drawings and will herein be described in detail.

It should be understood, however, that the invention is not intended to be limited to the particular embodiments, but includes all modifications, equivalents, and alternatives falling within the spirit and scope of the invention.

The terminology used in this application is used only to describe a specific embodiment and is not intended to limit the invention. The singular expressions include plural expressions unless the context clearly dictates otherwise. In the present application, the terms "comprises" or "having" and the like are used to specify that there is a feature, a number, a step, an operation, an element, a component or a combination thereof described in the specification, But do not preclude the presence or addition of one or more other features, integers, steps, operations, elements, components, or combinations thereof. In the present application, the term "connect" should be understood to include not only physical connections of the elements described in the specification but also timely connections, network connections, and the like.

Unless defined otherwise, all terms used herein, including technical or scientific terms, have the same meaning as commonly understood by one of ordinary skill in the art to which this invention belongs. Terms such as those defined in commonly used dictionaries should be interpreted as having a meaning consistent with the meaning in the context of the relevant art and are to be interpreted in an ideal or overly formal sense unless explicitly defined in the present application Do not.

Hereinafter, preferred embodiments of the present invention will be described in detail with reference to the accompanying drawings. In order to facilitate the understanding of the present invention, the same reference numerals are used for the same constituent elements in the drawings and redundant explanations for the same constituent elements are omitted.

1 is a conceptual diagram showing the operation of a router on a network.

Referring to FIG. 1, there are two routes through which packets are transmitted from the first terminal 100 to the second terminal 110 on the network. The first path is via three routers, and the second path is via four routers. Routers generally transmit packets by setting a route with the least cost (or fastest transmission) among a plurality of routes from a source to a destination on a network. Accordingly, the router A 120 selects the first path through which the packet can be transmitted via only three routers, and transmits the packet to the router C 130.

At this time, information on the entire network structure is needed in order to determine a route (hereinafter, referred to as 'minimum path') in which the router has the least cost from the source to the destination. Since the router can recognize a peripheral router or a user terminal directly connected to the router, it can grasp only the surrounding network structure based on itself. Accordingly, the router exchanges information about the network structure that the router has grasped (hereinafter, referred to as a 'routing table') with another router to grasp the entire network structure. A terminal, a router, or the like may be newly added or existing on the network. Accordingly, the router exchanges routing tables with other routers at a preset periodic interval, determines a minimum path based on the changed network structure, and can forward the packet.

In FIG. 1, an example of a network having only two paths that simplify an actual network is taken as an example, but a route from a source to a destination of a packet is much more complicated. Since the physical distance between the routers on the packet transmission path is different and the transmission speed is different, the minimum path can not be determined based on the number of routers on the packet transmission path. Therefore, the router can determine the minimum path considering not only the number of routers on the route but also various information such as bandwidth, transmission delay, circuit reliability, load, and the like.

Hereinafter, for the sake of convenience of description, the entire network may be referred to as an external network, an ISP network (or Internet), a corporate network, a home network, a private network, a VLAN (Virtual Local Architecture Network ) And an internal network which means a VPN or the like.

2 and 3 show a structure of an existing network. FIG. 2 shows a structure of a network constructed by a plurality of companies using respective routers, and FIG. 3 shows a structure of a network constructed by several companies using the same router. Structure.

2, the internal network A 200 and the internal network B 210 are connected to the external network using the router A 220 and the router B 230, respectively, and are connected to the terminal A 240, the terminal B 250, respectively.

FIG. 2 is a diagram illustrating an example in which the address of the router A 220 is 168.0.0.1/16, the address of the terminal A 240 is 10.0.0.0/16 and the address of the router B 230 is 168.0.0.2/16 And the address of the terminal B 250 is 10.0.0.0/16. Routers transmitting packets transmit packets based on a router including a terminal rather than a terminal. Accordingly, the address of the terminal A 240 that is recognized by the external network is 168.0.0.1/16, the address of the terminal B 250 is 168.0.0.2/16, the terminal A 240 and the terminal B 250 receive the address ≪ / RTI > Also, in the internal network, since the router A 220 and the router B 230 recognize only one terminal having the address of 10.00.0/16, the problem of the address conflict between the terminal A 240 and the terminal A 240 does not occur .

3, an internal network A 300 and an internal network B 310 are connected to an external network using the same router A 320 and include a terminal A 330 and a terminal B 340, respectively .

FIG. 3 is a diagram illustrating an example in which the address of router A 320 is 168.0.0.1/16 in the IP address scheme, the address of terminal A 330 is 10.0.0.0/16 and the address of terminal B 340 is 10.0.0.0/16 in the internal network. 0.0 / 16. As described in FIG. 2, the external network recognizes the address of the router A 320 including the two terminals 330 and 340. Therefore, the addresses of the terminal A 330 and the terminal B 340 recognized by the external network are the same at 168.0.0.1/16. The addresses of the terminal A 330 and the terminal B 340 that are recognized by the internal network are all 10.0.0.0/16 and the router A 320 can distinguish between the terminal A 330 and the terminal B 340 none.

In this case, since the existing router transmits the packet based on the destination IP address recorded in the header of the packet, the packet may not be delivered due to the collision of the IP address.

4 shows a forwarding table of the router.

Referring to FIG. 4, the forwarding table may include an IP prefix 400 and a corresponding output port 410 as an item.

A forwarding table is a list of packet destination addresses and corresponding router output ports. The router may include a plurality of ports through which other routers or user terminals can connect and receive packets. Accordingly, when the router receives the packet, it can extract the destination address from the received packet, and can search the forwarding table for the extracted destination address to determine the port to output the packet.

The forwarding table can be created by referring to the routing table. The routing table is a table showing the structure of the network, and may include various items of information that can express the network structure. For example, various items such as a mask, a destination address, a next hop address, flags, a reference count, usage, an interface, and the like. The Internet is so wide that there is a limit to routers storing information about network structures. Therefore, routers use routing tables efficiently in several ways.

The routing method can be roughly divided into next hop routing, host-specific routing, network-specific routing, and default routing. The characteristics of each routing method are as follows.

1. Next hop routing

- Store only the address for the next hop (or router) instead of the full path to the destination.

2. Host-specific routing

- Store the address on the destination host.

- The routing table is too large to be inefficient.

- Use when you need to check the path or use a specific path for security.

3. Network-specific routing

- Store the address of the network containing the user terminal, instead of the user terminal (or host) address for the destination.

4. Default Routing

- Used to forward packets destined for addresses not specified in the routing table.

- Supports other routing methods.

Among the four routing methods, the remaining routing methods except for the host-specified routing method can forward packets based on the network address. Although the present invention can be applied to all four methods, a forwarding method applicable to a routing method based on a network address, which is generally used for convenience of explanation, will be described below.

In the routing method based on the network address, since the router uses the address of the network instead of the address of the user terminal, the forwarding table can be composed of the network address and the corresponding output port. The IP address included in the packet may include a network address and a host address. Therefore, the router needs to extract the network address from the destination IP address of the packet. The IP address scheme is set in the range 0.0.0.0 ~ 255.255.255.255. If 0 to 255 are changed to bits, it can be displayed as 8 bits from 00000000b to 11111111b. The IP address system is represented by four 8 bits, so that it is displayed as 32 bits in total. Here, an upper bit among the 32 bits represents a network address and is referred to as an " IP prefix ". Typically, the upper bits after the '/' indicate the IP prefix. For example, in the IP prefix 10.20.100.200/16, the network address is 10.20, which is the upper 16 bits, and the host address may be 100,200, which is the lower 16 bits.

The router using the forwarding table as shown in FIG. 4 can not transmit a packet to each user terminal when there are a plurality of user terminals having the same IP prefix and a plurality of output ports corresponding to one IP prefix in the forwarding table . For example, if a packet destined for one of two terminals having the same internal network IP address is transmitted to the router, the router extracts the IP prefix from the transmitted packet. The router looks up the extracted IP prefix in the forwarding table. At this time, since there are two output ports corresponding to one IP prefix, the router can not determine to which one of the two output ports the packet is to be forwarded, and thus can not forward the packet.

FIG. 5 is a forwarding table of a router according to an embodiment of the present invention, and is composed of a list of IP prefixes and corresponding output ports.

Referring to FIG. 5, the forwarding table may include a combination of the IP prefix 500 and the identifier 510 and the corresponding output port 520 as an item.

Routers can exchange routing tables using routing protocols with other routers, so one router can propagate the routing table with the identifier information added to other routers on the network.

Here, the identifier 510 may be information capable of distinguishing the destination network from other networks. For example, the identifier 510 may be various information such as a network ID, a medium access control (MAC) address of the network device managing the network, and a MAC address of the user terminal.

Accordingly, each router on the network can create or update the forwarding table to which the identifier 510 information is added by referring to the received routing table. By using the forwarding table to which the identifier 510 information is added, the router can transmit and receive a packet separately from a terminal or a network device having the same IP prefix, even in a network area using a public IP address as well as a private IP address .

FIG. 6 is a flowchart illustrating a process of transmitting a packet according to an embodiment of the present invention. FIG. 6 illustrates a process in which a router extracts identifier information and IP address information from a packet and delivers the packet.

Referring to FIG. 6, when a router receives a packet (S600), it may first extract an identifier of a packet destination and an IP prefix in a packet (S610). Because there may be multiple routers in the process of forwarding a packet from its origin to its destination, the router may either receive the packet directly from the source, or it may receive the packet from another router.

At this time, the router can modify the header of the packet to reflect the extracted IP prefix and the identifier. Therefore, the other routers may not repeat the extraction process in the process of transmitting the packets to the destination. Since the IP prefix is already included in the header of the packet, the router can further include the identifier information in the header of the packet.

Next, the router can retrieve the forwarding table generated in advance, using the extracted IP prefix and the identifier as a single factor (S620). The forwarding table may comprise a list of output ports corresponding to a combination of the identifier and the IP prefix. Therefore, even though a plurality of output ports corresponding to the same IP prefix exist, the router can search for an output port through which to transmit a packet by using the identifier.

Next, the router can transmit the packet to the searched output port (S630). As described earlier, there may be multiple routers in the process of forwarding a packet from its origin to its destination, so the router can either forward the packet directly to its destination or send it to another router.

FIG. 7 is a flowchart illustrating a process of managing a forwarding table according to an embodiment of the present invention. Referring to FIG. 7, a forwarding table is created and updated by exchanging a routing table from a user terminal or a neighboring router connected to the router.

Referring to FIG. 7, a router may exchange a routing table with a directly connected router (S700). Here, exchanging the routing table means that the router transmits its routing table to another router and receives the routing table of another router, which does not mean that the routing table of its own router is replaced with the routing table of another router.

Because routers can only recognize directly connected routers, each router on the network can exchange routing tables with each other to determine the overall network structure and verify the normal operation of the directly connected routers.

Since the structure of the external network may be changed by adding a new router to the network or removing the existing router, the router can repeat the exchange of the routing table at predetermined predetermined intervals to grasp the changed network structure. It is possible for the network administrator to identify the network structure by manually entering the items in the routing table, but it is not used in a wide range of network structures such as the current Internet, and is a limited method in an experimental network.

Next, the router can identify the neighboring user terminal using the IP address of the user terminal connected to the router and the identifier of the network including the user terminal (S710). The structure of the internal network may vary depending on whether the user terminal is added or removed from the network or the network device such as a hub or switch that manages the user terminal is added or removed. Accordingly, the router can grasp the changed structure by grasping the internal network structure at a preset periodicity.

When steps S700 and S710 are performed in a router including an internal network, step S700 is a step of grasping an external network structure, and step S710 is a step of grasping an internal network structure. Since the external network and the internal network are independent, steps S700 and S710 can be performed independently of each other. For example, step S700 may be performed first and step S700 may be performed. In addition, a router not including an internal network (or a router connected to another router without being connected to a user terminal) may not perform step S710.

Next, the router can create and update the forwarding table (S720). In the case of a router including an internal network, a forwarding table can be created and updated using both the exchanged routing table and the generated network information. In the case of a router not including an internal network, forwarding using only the exchanged routing table You can create and update tables.

Through the steps S700 to S720, the router can prepare for efficiently delivering the packet.

FIG. 8 is a block diagram illustrating a configuration of a network device according to an exemplary embodiment of the present invention. Referring to FIG. 8, there is shown a configuration of a network device for forwarding a packet using identifier information capable of identifying a terminal in addition to an IP address.

Referring to FIG. 8, the network device may include a control unit 800, a storage unit 810, and a communication unit 820.

The control unit 800 may be configured with at least one processing device (e.g., a central processing unit, an input / output processing device, a graphic processing device, etc.), and controls each component of the network device, Information can be processed.

Specifically, the control unit 800 can operate as follows.

The control unit 800 can control the communication unit 820 and the storage unit 810.

The control unit 800 can extract the addresses and identifiers of the source and destination in the stored packets. At this time, the controller 800 may modify the header of the stored packet and include the extracted address and identifier information in the header.

The control unit 800 can determine a port to transmit the packet based on the extracted address and the identifier. Here, the control unit may generate a single argument in pairs of the extracted address and the identifier, and may search the stored forwarding table for the generated argument to determine a port for transmitting the packet. Here, the forwarding table may include information about the argument and the corresponding port.

The control unit can generate the forwarding table by referring to the routing table of (800).

The storage unit 810 may be constituted by volatile or non-volatile storage means, and may be operated under the control of the control unit 800, and specifically, may operate as follows.

The storage may store (810) the forwarding table and the routing table.

The storage unit may store the (810) packet. Here, the packet may be a packet received from the terminal or another network device by the communication unit 820, or may be a packet whose header information is modified by the control unit 800. [

The communication unit 820 may include at least one port 825, and may operate under the control of a network device, and each port may be connected to a terminal or another network device by wire or wirelessly. After the connection, the communication unit 820 can transmit and receive the routing table and the packet.

It will be understood by those skilled in the art that various changes in form and details may be made therein without departing from the spirit and scope of the invention as defined in the appended claims. It will be possible.

100: first terminal 110: second terminal
120: Router A 130: Router C
200, 300: internal network A 210, 310: internal network B
220, 320: Router A 230: Router B
240, 330: terminal A 250, 340: terminal B
400, 500: IP prefix 410, 520: Output port
510: identifier 800:
810: Storage unit 820: Communication unit

Claims (18)

As a method performed in a network device,
Receiving a packet;
Extracting a destination address from the received packet;
Extracting a destination identifier from the received packet;
Determining a port for transmitting the packet based on the extracted address and the identifier; And
And sending the packet to the determined port. The method according to claim 1,
Wherein determining the port comprises:
Generating a factor including the extracted destination address and the identifier as a pair, and determining a port by searching the generated parameter in a forwarding table including the factor and the port information corresponding thereto, Forwarding method. The method of claim 2,
Wherein determining the port comprises:
And if the generated parameter is not found in the forwarding table, a predetermined default port is determined as a port for transmitting the packet. The method according to claim 1,
Wherein the address of the destination is an Internet Protocol (IP) prefix of the destination. The method according to claim 1,
Wherein the identifier is an identification of the destination network. The method according to claim 1,
Wherein the identifier is a Medium Access Control (MAC) address of a network device included in the destination network. The method according to claim 1,
The packet forwarding method includes:
Before receiving the packet,
And generating a forwarding table by referring to a routing table including network structure information based on the terminal identifier. The method of claim 7,
Wherein the routing table is generated by referring to network structure information received from a neighboring network device. As a method performed in a network device,
Receiving a packet;
Extracting a source address and a destination address from the received packet;
Extracting a source and a destination identifier from the received packet; And
And modifying a header of the received packet to reflect the extracted address and the identifier. The method of claim 9,
Wherein the address of the destination is an Internet Protocol (IP) prefix of the destination. The method of claim 9,
Wherein the identifier is an identification of the destination network. The method of claim 9,
Wherein the identifier is a medium access control (MAC) address of a network device included in the destination network. A storage unit for storing received packets;
A controller for extracting a destination address and an identifier from the stored packet, and determining a port to transmit the packet based on the extracted address and the identifier; And
And a communication unit for receiving a packet for the terminal or another network device and transmitting the packet through the determined port. 14. The method of claim 13,
Wherein,
Generating a factor including the extracted destination address and the identifier as a pair, and determining a port by searching the generated parameter in a forwarding table including the factor and the port information corresponding thereto, Forwarding device. 14. The method of claim 13,
Wherein,
And modify the header of the stored packet to reflect the extracted address and the identifier. 14. The method of claim 13,
Wherein the address of the destination is an Internet Protocol (IP) prefix of the destination. 14. The method of claim 13,
Wherein the identifier is an identification (ID) of the destination network. 14. The method of claim 13,
Wherein the identifier is a Medium Access Control (MAC) address of a network device included in the destination network.

Images