WO2005079008A1 - 無線ネットワークの監視装置、及び監視システム - Google Patents
無線ネットワークの監視装置、及び監視システム Download PDFInfo
- Publication number
- WO2005079008A1 WO2005079008A1 PCT/JP2005/002175 JP2005002175W WO2005079008A1 WO 2005079008 A1 WO2005079008 A1 WO 2005079008A1 JP 2005002175 W JP2005002175 W JP 2005002175W WO 2005079008 A1 WO2005079008 A1 WO 2005079008A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- terminal
- access point
- address
- wireless network
- packet transfer
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W24/00—Supervisory, monitoring or testing arrangements
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/12—Discovery or management of network topologies
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
- H04L43/08—Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters
- H04L43/0805—Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters by checking availability
- H04L43/0811—Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters by checking availability by checking connectivity
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W8/00—Network data management
- H04W8/26—Network addressing or numbering for mobility support
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W88/00—Devices specially adapted for wireless communication networks, e.g. terminals, base stations or access point devices
- H04W88/08—Access point devices
Definitions
- the present invention relates to a monitoring apparatus, a monitoring system, a monitoring method, and a monitoring program for a wireless network, and more particularly to a monitoring apparatus, a monitoring system, a monitoring method, and a monitoring program for a wireless network that manage terminals.
- each AP collects information on the connection status of the terminal, provides the connection information of the terminal to the monitoring device from the AP in a unique format, and transmits the information of the monitoring device (for example, a PC equipped with a web browser) to the monitoring device. It provides a function to display text in a table format on the screen.
- the unique format is, for example, information uniquely defined by the vendor as Management Information Base (MIB) information of the SNMP (3 ⁇ 4imple Network Management Protocol), or information independently defined by the vendor included in HTTP (Hyper Text Transfer Protocol). Alternatively, there are protocols defined independently. These formats may be published, but are only used for the equipment of that vendor.
- MIB Management Information Base
- HTTP Hyper Text Transfer Protocol
- a monitoring device receives a broadcast packet of a wireless LAN, transmits a dummy packet to a source address of the packet, and confirms a response to collect a terminal connection relationship.
- a display technique for example, Patent Document 1.
- a device for monitoring the connection relationship is installed for each network.
- Non-patent document 1 Internet, manufactured by Cisco
- Patent Document 1 Japanese Patent Application Laid-Open No. 7-297852
- Patent Document 1 In the second conventional technology represented by Patent Document 1, it is possible to acquire the connection relationship of terminals without depending on the AP vendor, but a dedicated device for directly transmitting and receiving wireless LAN packets is used. There was a problem that it had to be configured, resulting in high cost. In addition, in order to collect information on a wide area to be monitored, the dedicated transmitting / receiving device must be installed in a large number of locations, which also increases costs. Furthermore, in the case of a wireless LAN, there is a problem that even if devices belonging to different networks may receive packets, the connection relationship cannot be accurately grasped.
- the present invention has been made in view of the above problems, and its purpose is to provide a function of grasping the connection relationship between an AP and a terminal by using information unique to the AP vendor and a large number of monitoring devices. It is an object of the present invention to solve the problem by providing a technology that can be realized without using a computer. Means for solving the problem
- a first invention for solving the above problems is a wireless network monitoring device, which is connected to an access point of a wireless network via a network, receives packet transfer information held by the access point, Means for extracting an address to which the wireless interface is to be forwarded, and a terminal having the extracted address is located under an access point that holds the packet transfer information. And estimating means for estimating.
- a second invention for solving the above-mentioned problems is a monitoring apparatus for a wireless network, which is connected to an access point of a wireless network via a network, receives packet transfer information held by the access point, Means for extracting an address to which the packet transfer information is transferred to a wireless interface, and an operation status of a terminal having the extracted address And determining that the terminal of the address holds the packet transfer information and is connected to an access point when the terminal of the address is operating.
- a third invention for solving the above-mentioned problems is the first invention or the second invention, wherein the managed terminal list in which the addresses of the managed terminals are registered, and the extracted address. And the address described in the managed terminal list, and if the extracted address is not included in the managed terminal list, the access point holding the packet transfer information is used.
- a fourth invention for solving the above-mentioned problems is characterized in that in any one of the first to third inventions described above, the access point is estimated to exist under the access point or is connected to the access point. Is determined for all access points under management, and all access points are connected to estimated terminals existing under each access point or to each access point. A means for displaying a relationship with a terminal determined to be performed.
- an address of the same terminal is described in a plurality of access points holding packet transfer information.
- the terminal If the terminal belongs to the same subnet as the terminal, and there are multiple terminals, the terminal It is estimated that the terminal exists, or it is determined that the terminal is connected to the access point, and all the selected access points do not belong to the same subnet as the terminal and are access points that support virtual LAN. In some cases, there is means for estimating that the terminal exists under any of the virtual LAN-compatible access points or for determining that the terminal is connected to the access point. It is characterized by doing.
- a sixth invention for solving the above-mentioned problems is the invention according to any one of the first to fifth inventions, wherein an address of the same terminal is provided to a plurality of access points holding the packet transfer information.
- a means for acquiring identification information of a wireless network to which the terminal belongs from the terminal a means for comparing identification information of the plurality of access points with identification information acquired from the terminal, Means for estimating that the terminal is present under the access point having the identification information, equal to the identification information obtained from the terminal, or determining that the terminal is connected to the access point. It is characterized by the following.
- a seventh invention for solving the above problems is a wireless network monitoring system, comprising at least one or more wireless network access points, at least one or more wireless network terminals,
- the monitoring device is configured by the access point and a monitoring device connected via a network, the monitoring device receives packet transfer information held by the access point, and sets the packet transfer information to a wireless interface as a transfer destination. It is characterized in that it has means for extracting an address, and estimating means for presuming that the terminal of the extracted address holds the packet transfer information and exists under an access point. .
- An eighth invention for solving the above problems is a wireless network monitoring system, comprising at least one or more wireless network access points, at least one or more wireless network terminals,
- the monitoring device is configured by the access point and a monitoring device connected via a network, the monitoring device receives packet transfer information held by the access point, and sets the packet transfer information to a wireless interface as a transfer destination.
- Means for extracting the address, and the operating status of the terminal of the extracted address is investigated. If the terminal of the address is operating, the terminal of the address communicates with the access point holding the packet transfer information. Determining means for determining connection.
- the monitoring device further comprises: a managed terminal list in which addresses of the managed terminals are registered; Address and the address described in the managed terminal list, When the extracted address is not included in the managed terminal list, the determining unit determines that the access point holding the packet transfer information has been accessed by an unmanaged terminal. It is characterized by having.
- a tenth invention for solving the above-mentioned problems is characterized in that, in any one of the seventh to ninth inventions, the monitoring device is configured to have a relationship between an access point and a terminal which is estimated or determined to be under the access point. Is determined for all access points under management, and it is determined that all access points and the terminals existing under the control of each access point are connected to the estimated terminal or each access point. It is characterized by having means for displaying the relationship with the terminal.
- An eleventh invention for solving the above-mentioned problems is characterized in that, in any one of the above-mentioned seventh to tenth inventions, the monitoring device is provided with a plurality of access points holding packet transfer information. Means for selecting an access point belonging to the same subnet as the terminal or an access point corresponding to a virtual LAN from the plurality of access points if the address of the terminal is described; and If the assigned access point belongs to the same subnet as the terminal and is only one, it is estimated that the terminal exists under the one access point, or the access point is connected to the access point.
- the selected access point belongs to the same subnet as the terminal and there are a plurality of access points, It is estimated that the terminal exists under some of them, or it is determined that the terminal is connected to the access point, and all the selected access points do not belong to the same subnet as the terminal, and the virtual LAN If the terminal is a compatible access point, it is estimated that the terminal exists under the! / Of the access point corresponding to the virtual LAN, or it is determined that the terminal is connected to the access point. Means.
- the monitoring device for solving the above-mentioned problems, wherein the plurality of access points holding the packet transfer information have the same name.
- a thirteenth invention for solving the above-mentioned problems is the invention according to any one of the seventh to twelfth inventions, wherein the terminal has means for transmitting a broadcast packet, and the access point comprises the broadcast point. It is characterized by having means for updating the held packet transfer information based on the packet.
- a fourteenth invention for solving the above-mentioned problems is the invention according to any one of the seventh to thirteenth inventions, wherein the access point is a means for notifying the access information of the terminal to another access point, Means for updating the packet transfer information holding the affiliation information.
- a fifteenth invention for solving the above-mentioned problems is a control program for an information processing device which is connected to an access point of a wireless network via a network and is used as a monitoring device. Means for receiving packet transfer information held by the access point and extracting an address to which the packet transfer information is to be transferred to a wireless interface; and a terminal having the extracted address transmits the packet transfer information. It is characterized by functioning as estimating means for estimating that it exists under the access point holding the information.
- a sixteenth invention for solving the above problems is a control program for an information processing device which is connected to an access point of a wireless network via a network and is used as a monitoring device.
- the processing device receives the packet transfer information held by the access point, extracts the address to which the packet transfer information is transferred to the wireless interface, and investigates the operation status of the terminal having the extracted address.
- the terminal of the address When the terminal of the address is operating, the terminal of the address holds the packet transfer information and functions as a determination unit for determining that the terminal is connected to an access point. .
- the control program stores the information processing device in the extracted address and the terminal to be managed.
- the registered address is compared with the address described in the managed terminal list. If the extracted address is not included in the managed terminal list, the packet transfer information is retained. Then, the access point is made to function as a determination unit for determining that the access power S from a terminal not to be managed has been obtained.
- An eighteenth invention for solving the above-mentioned problems is the invention according to any one of the fifteenth to seventeenth inventions, wherein the control program stores the information processing device in an access point and a subordinate of the access point. Then, the relationship between the terminal that is estimated and that is determined to be connected to the access point is determined for all the managed access points, and the relationship between all the access points and the subordinates of each access point is determined. It is characterized by functioning as means for displaying the estimated terminal or the relationship with the terminal determined to be connected to each access point.
- a nineteenth invention for solving the above-mentioned problems is characterized in that, in any one of the fifteenth to eighteenth inventions, an address of the same terminal is provided to a plurality of access points holding packet transfer information. If it is described, the control program causes the information processing device to select, from the plurality of access points, an access point belonging to the same subnet as the terminal, or a virtual LAN-compatible access point, If the access point belongs to the same subnet as the terminal and is only one, it is estimated that the terminal exists under the one access point, or the access point is connected to the access point.
- the selected access point belongs to the same subnet as the terminal and there are a plurality of the access points, It is estimated that the terminal exists under any of the access points, or it is determined that the terminal is connected to the access point, and all the selected access points do not belong to the same subnet as the terminal, and are virtual. If the access point is a LAN-compatible access point, the virtual LAN-compatible access point The terminal is characterized in that it is assumed that the terminal exists under one of the terminals, or that the terminal functions as means for determining that the terminal is connected to the access point.
- the control program causes the information processing device to execute a plurality of programs each storing the packet transfer information. If the same terminal address is listed on the access point, Means for acquiring identification information of a wireless network to which the terminal belongs from the terminal, means for comparing identification information of the plurality of access points with identification information acquired from the terminal, and identification information acquired from the terminal. For example, it is characterized by functioning as a means for estimating that the terminal exists under the access point having the identification information or determining that the terminal is connected to the access point.
- a twenty-first invention for solving the above-mentioned problem is a method for monitoring a wireless network for managing a terminal, the address being a transfer destination of a packet transfer information wireless interface held by an access point of the wireless network. And a step of presuming that the terminal of the extracted address holds the packet transfer information and exists under the access point.
- a twenty-second invention for solving the above-mentioned problem is a method of monitoring a wireless network for managing a terminal, the packet transfer information being held by an access point of the wireless network. And examining the operating status of the terminal of the extracted address. If the terminal of the address is operating, the terminal of the address holds the packet transfer information and Judging to be connected to the point.
- the extracted address and the address of the terminal to be managed are registered!
- the extracted address is compared with the address described, and if the extracted address is included in the managed terminal list and the packet transfer information is used, the packet transfer information is retained, and the access point that is not managed is stored in the access point. It is characterized by having a step of determining that an access from a terminal has been made.
- a twenty-fourth invention for solving the above-mentioned problems is characterized in that, in any one of the above-mentioned twenty-first to twenty-third inventions, an access point is estimated to exist under the access point or connected to the access point. Is determined for all access points under management, and all access points and the estimated terminals existing under each access point or each access point And displaying a relationship with a terminal determined to be connected to the terminal.
- a twenty-fifth invention for solving the above-mentioned problems is the invention according to any one of the twenty-first to twenty-fourth inventions, wherein an address of the same terminal is assigned to a plurality of access points holding packet transfer information.
- the method further comprises the step of: estimating that the terminal exists under any of the virtual LAN-compatible access points, or determining that the terminal is connected to the access point.
- the plurality of access points holding the packet transfer information have the same terminal address.
- the identification information of the wireless network to which the terminal belongs is acquired from the terminal, and the identification information of the plurality of access points is compared with the identification information acquired from the terminal. Estimating that the terminal exists under an access point having identification information equal to the identification information obtained from the terminal, or determining that the terminal is connected to the access point. And features.
- an address of a terminal connected via the wireless interface is extracted based on wireless interface information included in packet transfer information held by the access point, and the address of the terminal connected to the address is stored under the access point. It is estimated that there is.
- the terminal under the access point is estimated using the packet transfer information possessed by the general access point, it is possible to estimate the presence of the terminal under the access point in a vendor-independent manner.
- the connection relationship between the access point and the terminal can be determined by confirming the operating status of the terminal whose presence has been estimated.
- the packet transfer information held by the access point for transfer in the monitoring device is extracted, and an address having the wireless interface as a transfer destination is extracted, and a terminal of the extracted address transmits the packet transfer information to the terminal. Since it is estimated that it is located under the access point that is held, the connection relationship between the wireless LAN AP and the terminal can be grasped independently of vendors and without the need for a large number of monitoring devices Has an excellent effect of being able to
- the present invention does not require installing a plurality of devices.
- FIG. 1 is a configuration diagram showing a configuration of Embodiments 1 and 2 of the present invention.
- FIG. 2 is a processing flowchart in Embodiments 1 and 2 of the present invention.
- FIG. 3 is a diagram showing an example of information recorded in a recording unit 1013 used in Embodiments 1 and 2 of the present invention.
- FIG. 4 is a processing flow diagram for performing sorting by a subnet to which the terminal belongs in the case where records of a terminal overlap in Embodiment 3 of the present invention.
- FIG. 5 is a diagram showing an example of information recorded in a recording unit 1013 used in Embodiment 3 of the present invention.
- FIG. 6 is a processing flow diagram for performing selection by an AP group identifier obtained from a terminal when records of the terminal are duplicated in Embodiment 3 of the present invention.
- FIG. 7 is a diagram showing an example of information recorded in a recording unit 1013 used in Embodiment 3 of the present invention.
- FIG. 8 is a diagram showing an example of a display format in an embodiment of the present invention.
- FIG. 9 is a diagram showing an example of a display format in an embodiment of the present invention.
- FIG. 10 is a block diagram of Embodiment 4 of the present invention.
- a monitoring device (corresponding to 101 in FIG. 1) connected to an access point of a wireless network via the network includes a wireless device included in the bucket transfer information (corresponding to 120 in FIG. 1) of the access point. Based on the interface information, the address of the terminal connected via the wireless interface is extracted, and it is presumed that the terminal exists under the access point of this address.
- information related to packet transfer of an access point is information that is generally held irrespective of the device vendor, and therefore, according to the present invention, it is possible to perform processing independent of the vendor.
- the monitoring device is provided with a management target terminal list (corresponding to 1015 in FIG. 1) in which addresses of the management target terminals are registered in advance, and the extracted addresses and the management target terminal list are described. If the extracted address is not included in the managed terminal list by comparing the extracted address with the managed address, access from the unmanaged terminal to the access point holding the packet transfer information, That is, it is configured to monitor unauthorized access.
- a relationship between a terminal presumed to exist under each access point or a terminal determined to be connected to each access point is set in all managed access points. Judgment is made on the basis of these relationships, and these relationships are displayed.
- the plurality of access points do not belong to the same subnet as the terminal. If the access point is excluded and the result of the exclusion is that there is only one access point that is on the same subnet as the terminal, it is estimated that the terminal exists under one access point, or It is configured to determine that it is connected.
- the identification information of the wireless network to which the terminal belongs is obtained. By comparing this identification information with the identification information of a plurality of access points, it is presumed that the terminal exists under an access point having identification information equal to the acquired identification information, or that the terminal exists. It is configured to determine that it is connected to the access point.
- Example 1 of the present invention will be described in detail with reference to the drawings.
- FIG. 1 shows an example of a wireless LAN monitoring system using the monitoring device of the present invention.
- the wireless LAN monitoring system includes one or more wireless LAN access points (APs) 110 to 112 holding packet transfer information and zero or more wireless LAN terminals 103 to 107 And the monitoring device 101 connected to the AP via the network .
- the monitoring device 101 may be an independent device, or may be mounted in an access point (AP) or a terminal, or in a layer 2 or 3 switch connected to the access point (AP).
- the packet transfer information held by the access point is, for example, like the packet transfer information 120 in FIG.
- This figure shows the packet transfer information possessed by the AP3, and holds an interface-port correspondence table, a transfer destination address table and a transfer destination port table.
- This information is the information held by ordinary bridges and routers, and is generally also held by APs. Packet transfer information can be obtained using SNMP.
- the monitoring device 101 includes a transmitting / receiving unit 1011 for communicating with the AP, an analyzing unit 1012 for analyzing information that also receives the AP power, and a managed terminal list 1015 for holding a list of terminals to be managed. It comprises a recording unit 1013 for holding the derived connection relationship between the AP and the terminal, and a display unit 1014 for displaying the connection relationship between the AP and the terminal. Note that the display unit 1014 may be installed on a network without being integrated in the monitoring device 101 and displayed by a network connection.
- FIG. 1 and FIG. 2 showing a processing flow.
- the monitoring apparatus 101 grasps the connection relationship with the terminal for each managed AP and displays the result on the display unit 1014. Therefore, the monitoring apparatus 101 performs a process for grasping the connection relationship with the terminal for each AP (step S1—Sll).
- step S1—Sll a process for grasping the connection relationship with the terminal for each AP
- step S2 the analysis unit 1012 and the transmission / reception unit 1011 of the monitoring device 101 grasp the interface number (for example, the ifindex value in the SNMP MIB information) assigned to the wireless LAN interface of the AP.
- the interface number for example, the ifindex value in the SNMP MIB information
- ifindex value of MIB information is generally a fixed value, it may be defined in advance according to the type of AP, or information on all the interface numbers that are provided may be obtained using SNMP or the like. You may decide to get it.
- step S 3 the transmission / reception unit 1011 of the monitoring apparatus 101 acquires interface / port correspondence information from information on packet transfer from the AP, and provides the information to the analysis unit 1012.
- the relationship between interface numbers and port numbers is one-to-one or one-to-many. With this information, it is possible to determine which port number corresponds to the wireless LAN interface. In the example of AP3, it can be seen from the correspondence table between the interface and the port that the wireless LAN interface 1 is assigned to the port 2.
- step S 4 the transmission / reception unit 1011 of the monitoring apparatus 101 receives the transfer destination port table and the transfer destination address table of the AP from the information on packet transfer from the AP, and provides the analysis unit 1012 with the information. .
- the analysis unit 1012 extracts an entry whose transfer destination port is a port of the wireless LAN interface, and records the transfer destination address of the same entry in the recording unit 1013 as a terminal address.
- FIG. 3 is an example of information recorded in the recording unit 1013.
- the wireless LAN interface 1 is port 2
- entries B and C are applicable, and the transfer destination addresses of these entries are the transfer destination address table and the address E and the address. It turns out that it is Y.
- the recording unit 1013 as shown in FIG.
- an address E is written as an entry B of AP3, and an address Y is written as an entry C of AP3.
- the packet transfer information held by the AP it is possible to connect to the wireless LAN interface and recognize the terminal address of the terminal without depending on the vendor, and the access point It is possible to recognize the address of the terminal that is assumed to be under the control of the terminal (in this example, the terminal at the address E, the terminal at the address Y, and the terminal under the power AP3). ). Also, since the packet transfer information of the AP contains a record of the packet passing regardless of the success or failure of the terminal's wireless LAN connection authentication, information can be obtained even for terminals that have not been successfully authenticated.
- the terminal power estimated to exist under the access point by the method described in the first embodiment is determined up to the power strength connected to the access point.
- the process is the same as that of the first embodiment up to estimating the terminals under the access point in steps S1 to S4 of FIG.
- steps S5 to S10 in FIG. 2 are performed for each of the recorded transfer destination addresses.
- the address of the terminal to be managed is registered in advance as a terminal list 1015 to be managed. Examples of addresses included in the managed terminal list 1015 include a MAC address and an IP address.
- step S6 the analysis unit 1012 confirms the power described in the terminal address list registered in the terminal address power recorded in the recording unit 1013. If there is no entry in the list, it is determined that an unmanaged terminal has accessed the AP (step S7). In accordance with this determination, a warning may be given assuming that the terminal at the address concerned is performing unauthorized access. In the example of AP3, since the address Y, which is one of the addresses acquired in step S4, is not described in the managed terminal list, it is regarded as an unmanaged terminal.
- step S8 the process proceeds to step S8, and the operation status of the device having the address is checked. This is because even if there is a description in the AP table, it is actually already in operation and there is a possibility that there is a terminal.
- a method of checking the operation status a method in which the analysis unit 1012 of the monitoring device 101 transmits an ICMP packet (generally a ping command) via the transmission / reception unit 1011, and confirms the response. is there. If it is determined that the device of the transfer destination address is not operating, the device records the fact that the device of the transfer destination address is not operating in the recording unit 1013. If it is determined that it is operating, it records that it is operating in the recording unit 1013. As a result, the terminal force whose operation recorded in the recording unit 1013 is confirmed can be determined to be connected to the AP described in the record.
- ICMP packet generally a ping command
- the recording unit 1013 may record that the same terminal belongs to a different AP. That is, the same terminal may be recorded in both the AP to which the user previously belongs and the AP to which the user belongs. Even in this case, when the terminal transmits a broadcast packet via the new assigned AP and the previously assigned AP receives the packet of the terminal from the wired port, the packet transfer information is updated and the duplicate record is eliminated.
- broadcast packet One example is an ARP (Address Resolution Protocol, a protocol used to associate physical addresses with IP addresses) packets that are transmitted prior to communication.
- ARP Address Resolution Protocol
- a function of notifying the information of a terminal newly connected to the AP to another AP for example, a function of notifying the movement of the terminal using the Inter Access Point Protocol in the IEEE802.il standard. It is also possible to update the packet transfer information by using the selected AP.
- the recording unit 1013 records the connection relationship between the terminal whose operation has been confirmed and the specific AP.
- the display unit 1014 displays the relationship between the terminal that is operating in the recording unit 1013 and the AP described in that row, as shown in the screen display 102 of FIG. Is displayed as a tree.
- the wireless LAN administrator can easily recognize the connection relationship between the APs and the terminals.
- As the display format for displaying the connection relationship between the AP and the terminal not only the example shown in the screen display 102 of FIG. 1 but also the tree format shown in FIG. 8 and the table format shown in FIG. 9 are adopted. May be.
- the packet transfer information of all APs under management is collected from one monitoring device using a general-purpose protocol such as SNMP, and the terminal connected to each AP is derived. can do.
- the apparatus since the apparatus can be constituted by one general-purpose network device, it can be realized at low cost.
- Example 3
- terminal addresses recorded in the recording unit 1013 may be duplicated.
- a subnet is a unit of network management.
- the upper bits of the IP address specified by the subnet mask indicate the subnet address (network address).
- This process can be executed when the IP addresses of the AP and the terminal are known, and there are a plurality of records because the terminal has connected to an AP on a different subnet. Also, it is assumed that the AP and the terminal each have a subnet to which the AP belongs, and the subnet of each AP and the subnet of each terminal are registered in the monitoring device 101 in advance. In the present embodiment, the terminal is configured to respond to an AP on the same subnet as itself or an AP corresponding to a virtual LAN (also referred to as a virtual LAN, also referred to as VLAN) and having a function of virtually connecting to the terminal's own subnet. Only, it is assumed that connection authentication is successful and communication becomes possible. For a VLAN-compatible AP, it is assumed that the AP can make a virtual connection to which subnet the virtual connection can be executed.
- a virtual LAN also referred to as a virtual LAN, also referred to as VLAN
- step S21 a terminal that is recorded as connected to a plurality of APs and belongs to a subnet other than the terminal's subnet, and a VLAN connectable to the terminal's subnet, in step S21. Delete the record of the connection with the non-compliant AP.
- the terminal 2 at address B belonging to subnet 2 is recorded as connected to three APs.
- the subnet of AP2 is subnet 1
- the subnet 2 of terminal 2 is Because they are different, delete the line for AP2—Terminal 2.
- the API is not deleted because it is compatible with the VLAN 1 subnet.
- step S22 If duplicate records are eliminated by deleting records related to APs belonging to different subnets, it can be determined that the AP with the remaining record is the connected AP of the terminal, and the process ends (step S22). ).
- step S23 If the duplicated record still exists, it is checked whether an AP that is the same subnet as the terminal exists in the recorded APs (step S23). If there is no same subnet, that is, if all APs with multiple records are VLAN compatible, it is difficult to specify more than that, so terminate the process or connect to any AP with multiple records Then, the other records are deleted, and the process ends (step S25).
- step S23 If there is an AP on the same subnet as the terminal in step S23, the process proceeds to step S24 and the terminal Confirm that there are multiple APs on the same subnet as the end.
- the terminal determines that the terminal is connected to the AP, and records that the terminal is connected, and records the line of the other AP. Is deleted (step S27). If there are multiple APs belonging to the same subnet as the terminal's subnet in step S24, it is difficult to specify any more, so either terminate the process or select any of the APs on the same subnet with multiple records. The other records are deleted assuming that they are connected to this AP, and the process ends (step S26).
- the AP 3 is the same subnet 2 as the terminal 2 and the API is a VLAN-compatible AP, it is determined that the terminal 2 belongs to the AP 3.
- the same terminal address is connected to a plurality of access points! /, If it is recorded, the access point belonging to the same subnet as the terminal's subnet is preferentially determined as the connection destination, and contradiction that the same terminal belongs to multiple access points Results can be eliminated.
- the terminal can successfully connect and communicate with an AP on the same subnet as the terminal or an AP that supports VLANs and has a function to virtually connect to the same subnet as the terminal. This is because it can be assumed that connection records in different subnets were recorded when connection authentication of the terminal failed. If the terminal fails to authenticate the connection, the terminal may be connected to the AP because the terminal may have failed in the authentication that may remain in the packet transfer record.
- This process can be executed when information on the wireless LAN currently connected to the terminal can be obtained.
- a unique identifier is used for each group including one AP and a terminal connected to the AP (hereinafter, referred to as an AP group identifier).
- the group is called BSS (Basic Service Set),
- monitoring apparatus 101 uses transmitting / receiving section 1011 to acquire the AP group identifier from a terminal recorded as being connected to a plurality of APs.
- AP group of each AP The identifier is grasped by the monitoring apparatus 101 in advance, or is acquired from each AP using the transmission / reception unit 1011 and recorded.
- FIG. 7 is an example in which an AP group identifier for each AP is recorded. Then, the obtained AP group identifier of the terminal is compared with the AP group identifiers of a plurality of APs recorded when the terminal is connected to! / ⁇ . All records of APs whose AP group identifier is different from that of the terminal are deleted.
- an AP having the same AP group identifier is determined as an AP to which the terminal is connected. For example, if the AP group identifier acquired from the terminal 2 is the identifier C in the situation where the recording as shown in Fig. 7 is made, the entry other than the AP3 having the same identifier C among the APs recording the terminal is identified. Is erased. As a result, when the terminal 2 is connected to the AP 3, the terminal 2 can be cut in half.
- the same terminal address is connected to a plurality of access points! /, If it is recorded, obtain the identification information (AP group identifier) of the wireless LAN from the terminal, and compare it with the identification information of the access point to obtain the same information for multiple access points. It is possible to eliminate inconsistent results that terminals belong to, and to grasp more accurate connection relationships. This is because the AP group identifier is information unique to each AP, so even if the same terminal is recorded as being connected to multiple APs, the AP group identifier acquired from the terminal must be This is to indicate the AP group identifier of one AP.
- the monitoring device according to the present invention can also be realized by a computer program that can be configured by hardware.
- FIG. 10 is a general block configuration diagram of an information processing device implementing the monitoring device according to the present invention.
- the information processing apparatus shown in FIG. 10 includes a processor 300, a program memory 301, and a storage medium 302.
- a control program for substituting for the analysis unit 1012 and a part of the display unit 1014 is stored. Based on the control program, the processor 300 Perform the operation described above.
- the storage medium 302 stores the content recorded in the recording unit 1013 and the management target terminal list 1015. Note that a magnetic storage medium such as a hard disk can be used as the storage medium 302.
- the present invention can be applied to a wireless LAN operation / management system and a management server.
- the present invention clarifies the connection relationship based on packet transfer information, and is not limited to a wireless LAN, but is applied to a general wireless network in which it is difficult to grasp the connection status of a terminal. It can grasp the connection status between the station (AP in wireless LAN) and the terminal.
- the present invention can also be applied to a network load distribution control device or an unauthorized access detection device that is a part of the operation system. This is because, according to the present invention, the number of terminals connected to each AP can be grasped, and the network load on each AP can be estimated with high accuracy. This is because information transmitted and received from each AP can be obtained from each AP, and a record of the connection remains.
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Environmental & Geological Engineering (AREA)
- Mobile Radio Communication Systems (AREA)
- Small-Scale Networks (AREA)
Abstract
Description
Claims
Priority Applications (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
EP05710177.6A EP1717993B1 (en) | 2004-02-18 | 2005-02-14 | Radio network monitor device and monitor system |
US10/588,456 US8639217B2 (en) | 2004-02-18 | 2005-02-14 | Radio network monitor device and monitor system |
JP2005518002A JP4650634B2 (ja) | 2004-02-18 | 2005-02-14 | 無線ネットワークの監視装置、及び監視システム |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
JP2004-040898 | 2004-02-18 | ||
JP2004040898 | 2004-02-18 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2005079008A1 true WO2005079008A1 (ja) | 2005-08-25 |
Family
ID=34857906
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/JP2005/002175 WO2005079008A1 (ja) | 2004-02-18 | 2005-02-14 | 無線ネットワークの監視装置、及び監視システム |
Country Status (5)
Country | Link |
---|---|
US (1) | US8639217B2 (ja) |
EP (1) | EP1717993B1 (ja) |
JP (1) | JP4650634B2 (ja) |
CN (1) | CN100563187C (ja) |
WO (1) | WO2005079008A1 (ja) |
Cited By (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2007081531A (ja) * | 2005-09-12 | 2007-03-29 | Nakayo Telecommun Inc | アクセスポイント |
JP2007096770A (ja) * | 2005-09-29 | 2007-04-12 | Aiphone Co Ltd | インターホンシステム |
JP2009542165A (ja) * | 2007-07-31 | 2009-11-26 | 杭州▲華▼三通信技▲術▼有限公司 | アクセスポイントの配置および管理方法、並びにアクセスコントローラ |
US9380014B2 (en) | 2006-08-23 | 2016-06-28 | Nikon Corporation | Electronic camera and server device |
JP2017041810A (ja) * | 2015-08-20 | 2017-02-23 | 富士通コンポーネント株式会社 | 無線基地局、無線通信端末、表示装置、及び無線通信システム |
JP2018029219A (ja) * | 2016-08-15 | 2018-02-22 | 富士通株式会社 | パケット解析プログラム、パケット解析方法およびパケット解析装置 |
US10880414B2 (en) | 2018-06-06 | 2020-12-29 | Fujitsu Limited | Packet analysis method and information processing apparatus |
Families Citing this family (11)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8248916B2 (en) * | 2005-12-30 | 2012-08-21 | Telefonaktiebolaget Lm Ericsson (Publ) | Recovery methods for restoring service in a distributed radio access network |
US8315172B2 (en) * | 2005-12-30 | 2012-11-20 | Telefonaktiebolaget Lm Ericsson (Publ) | Monitoring access nodes in a distributed radio access network |
US8248915B2 (en) * | 2005-12-30 | 2012-08-21 | Telefonaktiebolaget Lm Ericsson (Publ) | Redundant session information for a distributed network |
US20090137228A1 (en) * | 2007-11-16 | 2009-05-28 | Qualcomm Incorporated | Utilizing restriction codes in wireless access point connection attempts |
US8848656B2 (en) | 2007-11-16 | 2014-09-30 | Qualcomm Incorporated | Utilizing broadcast signals to convey restricted association information |
US8737295B2 (en) | 2007-11-16 | 2014-05-27 | Qualcomm Incorporated | Sector identification using sector parameters signatures |
US9603062B2 (en) | 2007-11-16 | 2017-03-21 | Qualcomm Incorporated | Classifying access points using pilot identifiers |
US8902867B2 (en) | 2007-11-16 | 2014-12-02 | Qualcomm Incorporated | Favoring access points in wireless communications |
US8588773B2 (en) | 2008-08-04 | 2013-11-19 | Qualcomm Incorporated | System and method for cell search and selection in a wireless communication system |
JP5383415B2 (ja) * | 2009-10-02 | 2014-01-08 | キヤノン株式会社 | 通信装置及び通信装置の通信方法並びにプログラム |
US8477621B2 (en) | 2011-05-24 | 2013-07-02 | Tektronic, Inc. | Multiple protocol correlation and topology detection in eHRPD networks |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JPH08154093A (ja) * | 1994-11-29 | 1996-06-11 | Matsushita Electric Works Ltd | 無線通信システム |
JPH08274782A (ja) * | 1995-03-31 | 1996-10-18 | Toshiba Corp | 無線lanシステム |
JP2002271392A (ja) * | 2001-03-06 | 2002-09-20 | Nippon Telegr & Teleph Corp <Ntt> | Ip網における呼毎の音声品質管理方法 |
Family Cites Families (16)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2708976B2 (ja) * | 1991-06-06 | 1998-02-04 | 株式会社日立製作所 | 学習テーブル管理方式 |
JPH07297852A (ja) | 1994-04-25 | 1995-11-10 | Matsushita Electric Ind Co Ltd | ネットワーク装置 |
JPH0832607A (ja) | 1994-07-13 | 1996-02-02 | Hitachi Cable Ltd | ネットワーク構成管理方法 |
JPH08274804A (ja) | 1995-03-30 | 1996-10-18 | Fujitsu Denso Ltd | Lan間中継装置 |
US6393484B1 (en) * | 1999-04-12 | 2002-05-21 | International Business Machines Corp. | System and method for controlled access to shared-medium public and semi-public internet protocol (IP) networks |
JP3788143B2 (ja) | 1999-11-01 | 2006-06-21 | セイコーエプソン株式会社 | 通信ネットワークシステムにおける通信制御方法及び通信ネットワークシステム並びに通信制御処理プログラムを記録した記録媒体 |
US7698396B2 (en) * | 2000-01-31 | 2010-04-13 | Hitachi Software Engineering Co., Ltd. | Method of automatically recognizing network configuration including intelligent packet relay equipment, method of displaying network configuration chart, and system thereof |
US20040230671A1 (en) * | 2000-08-02 | 2004-11-18 | Rollins Douglas L. | Modular access point for wireless networking |
JP2002051066A (ja) | 2000-08-04 | 2002-02-15 | Nec Commun Syst Ltd | Lan間接続装置、lan間接続方法及び記録媒体 |
WO2002082851A1 (fr) | 2001-03-30 | 2002-10-17 | Mitsubishi Denki Kabushiki Kaisha | Assistant numerique personnel, systeme de communication sans fil et procede d'etablissement des liaisons |
JP2003032287A (ja) * | 2001-07-16 | 2003-01-31 | Furukawa Electric Co Ltd:The | ネットワーク間接続方法、その装置およびその装置を用いたシステム |
US7349380B2 (en) * | 2001-08-15 | 2008-03-25 | Meshnetworks, Inc. | System and method for providing an addressing and proxy scheme for facilitating mobility of wireless nodes between wired access points on a core network of a communications network |
US7286513B2 (en) * | 2002-06-05 | 2007-10-23 | Sigma Designs, Inc. | Wireless switch for use in wireless communications |
AU2003279950A1 (en) * | 2002-10-10 | 2004-05-04 | Rocksteady Networks, Inc. | System and method for providing access control |
US7362742B1 (en) * | 2003-01-28 | 2008-04-22 | Cisco Technology, Inc. | Methods and apparatus for synchronizing subnet mapping tables |
US20050060576A1 (en) * | 2003-09-15 | 2005-03-17 | Kime Gregory C. | Method, apparatus and system for detection of and reaction to rogue access points |
-
2005
- 2005-02-14 WO PCT/JP2005/002175 patent/WO2005079008A1/ja not_active Application Discontinuation
- 2005-02-14 US US10/588,456 patent/US8639217B2/en not_active Expired - Fee Related
- 2005-02-14 JP JP2005518002A patent/JP4650634B2/ja not_active Expired - Fee Related
- 2005-02-14 CN CNB2005800051110A patent/CN100563187C/zh not_active Expired - Fee Related
- 2005-02-14 EP EP05710177.6A patent/EP1717993B1/en not_active Not-in-force
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JPH08154093A (ja) * | 1994-11-29 | 1996-06-11 | Matsushita Electric Works Ltd | 無線通信システム |
JPH08274782A (ja) * | 1995-03-31 | 1996-10-18 | Toshiba Corp | 無線lanシステム |
JP2002271392A (ja) * | 2001-03-06 | 2002-09-20 | Nippon Telegr & Teleph Corp <Ntt> | Ip網における呼毎の音声品質管理方法 |
Non-Patent Citations (1)
Title |
---|
See also references of EP1717993A4 * |
Cited By (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2007081531A (ja) * | 2005-09-12 | 2007-03-29 | Nakayo Telecommun Inc | アクセスポイント |
JP4690152B2 (ja) * | 2005-09-12 | 2011-06-01 | 株式会社ナカヨ通信機 | アクセスポイント |
JP2007096770A (ja) * | 2005-09-29 | 2007-04-12 | Aiphone Co Ltd | インターホンシステム |
US9380014B2 (en) | 2006-08-23 | 2016-06-28 | Nikon Corporation | Electronic camera and server device |
JP2009542165A (ja) * | 2007-07-31 | 2009-11-26 | 杭州▲華▼三通信技▲術▼有限公司 | アクセスポイントの配置および管理方法、並びにアクセスコントローラ |
US8396045B2 (en) | 2007-07-31 | 2013-03-12 | Hangzhou H3C Technologies Co., Ltd. | Method for configuring and managing access point and access controller |
JP2017041810A (ja) * | 2015-08-20 | 2017-02-23 | 富士通コンポーネント株式会社 | 無線基地局、無線通信端末、表示装置、及び無線通信システム |
JP2018029219A (ja) * | 2016-08-15 | 2018-02-22 | 富士通株式会社 | パケット解析プログラム、パケット解析方法およびパケット解析装置 |
US10880414B2 (en) | 2018-06-06 | 2020-12-29 | Fujitsu Limited | Packet analysis method and information processing apparatus |
Also Published As
Publication number | Publication date |
---|---|
US20070165580A1 (en) | 2007-07-19 |
CN1922823A (zh) | 2007-02-28 |
JPWO2005079008A1 (ja) | 2007-10-25 |
EP1717993B1 (en) | 2013-11-06 |
CN100563187C (zh) | 2009-11-25 |
EP1717993A4 (en) | 2012-02-08 |
EP1717993A1 (en) | 2006-11-02 |
US8639217B2 (en) | 2014-01-28 |
JP4650634B2 (ja) | 2011-03-16 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
JP4650634B2 (ja) | 無線ネットワークの監視装置、及び監視システム | |
CN101448277B (zh) | 处理无线接入网络故障的方法、系统及设备 | |
US20120023552A1 (en) | Method for detection of a rogue wireless access point | |
US8369227B2 (en) | Management system and information processing system | |
US8108496B2 (en) | Method and apparatus for selecting forwarding modes | |
US20170264502A1 (en) | Network test instrument | |
JP5093598B2 (ja) | 制御中継プログラム、制御中継装置および制御中継方法 | |
US20060193300A1 (en) | Method and apparatus for monitoring multiple network segments in local area networks for compliance with wireless security policy | |
US8830850B2 (en) | Network monitoring device, network monitoring method, and network monitoring program | |
US8432833B2 (en) | Auto MEP ID assignment within CFM maintenance association | |
WO2015150743A1 (en) | Network monitor | |
JP2003204348A (ja) | VLAN(VirtualLAN)をサポートしたストレージデバイス | |
US20090129290A1 (en) | Method for acquiring information of network resources connected to ports of network switches | |
CN107078946A (zh) | 业务流处理策略的处理方法、装置和系统 | |
US20090207756A1 (en) | Network configuration management method | |
US7369513B1 (en) | Method and apparatus for determining a network topology based on Spanning-tree-Algorithm-designated ports | |
US7430198B2 (en) | RF utilization calculation and reporting method for 802.11 wireless local area networks | |
CN111314168B (zh) | 用于无管理功能交换机的流量及端口数据测试方法及系统 | |
US9015280B2 (en) | Communication terminal, address resolution server, and computer program | |
KR102318686B1 (ko) | 개선된 네트워크 보안 방법 | |
WO2006069478A1 (fr) | Methode pour diagnostiquer un routeur prenant en charge une trajectoire de selection de strategie | |
TWI774215B (zh) | 終端設備管控系統與方法 | |
JP4106074B2 (ja) | ネットワーク機器管理システム及びその方法並びにネットワーク機器設定制御装置、ネットワーク機器 | |
JP5874470B2 (ja) | 送信元アドレス詐称判定システム | |
JP2005223726A (ja) | 無線アクセスシステム及び方法 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AK | Designated states |
Kind code of ref document: A1 Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BW BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE EG ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NA NI NO NZ OM PG PH PL PT RO RU SC SD SE SG SK SL SY TJ TM TN TR TT TZ UA UG US UZ VC VN YU ZA ZM ZW |
|
AL | Designated countries for regional patents |
Kind code of ref document: A1 Designated state(s): BW GH GM KE LS MW MZ NA SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IS IT LT LU MC NL PL PT RO SE SI SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG |
|
121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
DPEN | Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed from 20040101) | ||
WWE | Wipo information: entry into national phase |
Ref document number: 2007165580 Country of ref document: US Ref document number: 10588456 Country of ref document: US |
|
WWE | Wipo information: entry into national phase |
Ref document number: 2005518002 Country of ref document: JP |
|
WWE | Wipo information: entry into national phase |
Ref document number: 2005710177 Country of ref document: EP |
|
WWE | Wipo information: entry into national phase |
Ref document number: 200580005111.0 Country of ref document: CN |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
WWW | Wipo information: withdrawn in national office |
Country of ref document: DE |
|
WWP | Wipo information: published in national office |
Ref document number: 2005710177 Country of ref document: EP |
|
WWP | Wipo information: published in national office |
Ref document number: 10588456 Country of ref document: US |